diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-23 13:02:16 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-23 13:02:16 +0000 |
commit | c65e6a0fec9d96722d268003c2b89c2a8906aee9 (patch) | |
tree | 6fe9ae19926c5300895e21212aa5a40a37eae7ff /sshd.8 | |
parent | 2857d9cf771ffa561e6e6e535632bd7ef74c0f7d (diff) |
- markus@cvs.openbsd.org 2001/04/22 23:58:36
[ssh-keygen.1 ssh.1 sshd.8]
document hostbased and other cleanup
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 121 |
1 files changed, 80 insertions, 41 deletions
@@ -34,13 +34,13 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.119 2001/04/22 13:32:27 markus Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.120 2001/04/22 23:58:36 markus Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
42 | .Nm sshd | 42 | .Nm sshd |
43 | .Nd OpenSSH ssh daemon | 43 | .Nd OpenSSH SSH daemon |
44 | .Sh SYNOPSIS | 44 | .Sh SYNOPSIS |
45 | .Nm sshd | 45 | .Nm sshd |
46 | .Op Fl deiqD46 | 46 | .Op Fl deiqD46 |
@@ -134,8 +134,9 @@ Each host has a host-specific DSA key used to identify the host. | |||
134 | However, when the daemon starts, it does not generate a server key. | 134 | However, when the daemon starts, it does not generate a server key. |
135 | Forward security is provided through a Diffie-Hellman key agreement. | 135 | Forward security is provided through a Diffie-Hellman key agreement. |
136 | This key agreement results in a shared session key. | 136 | This key agreement results in a shared session key. |
137 | .Pp | ||
137 | The rest of the session is encrypted using a symmetric cipher, currently | 138 | The rest of the session is encrypted using a symmetric cipher, currently |
138 | Blowfish, 3DES, CAST128, Arcfour, 128 bit AES, or 256 bit AES. | 139 | 128 bit AES, Blowfish, 3DES, CAST128, Arcfour, 192 bit AES, or 256 bit AES. |
139 | The client selects the encryption algorithm | 140 | The client selects the encryption algorithm |
140 | to use from those offered by the server. | 141 | to use from those offered by the server. |
141 | Additionally, session integrity is provided | 142 | Additionally, session integrity is provided |
@@ -143,8 +144,9 @@ through a cryptographic message authentication code | |||
143 | (hmac-sha1 or hmac-md5). | 144 | (hmac-sha1 or hmac-md5). |
144 | .Pp | 145 | .Pp |
145 | Protocol version 2 provides a public key based | 146 | Protocol version 2 provides a public key based |
146 | user authentication method (PubkeyAuthentication) | 147 | user (PubkeyAuthentication) or |
147 | and conventional password authentication. | 148 | client host (HostbasedAuthentication) authentication method, |
149 | conventional password authentication and challenge response based methods. | ||
148 | .Pp | 150 | .Pp |
149 | .Ss Command execution and data forwarding | 151 | .Ss Command execution and data forwarding |
150 | .Pp | 152 | .Pp |
@@ -180,7 +182,8 @@ by executing itself with the name it was started as, ie. | |||
180 | The options are as follows: | 182 | The options are as follows: |
181 | .Bl -tag -width Ds | 183 | .Bl -tag -width Ds |
182 | .It Fl b Ar bits | 184 | .It Fl b Ar bits |
183 | Specifies the number of bits in the server key (default 768). | 185 | Specifies the number of bits in the ephemeral protocol version 1 |
186 | server key (default 768). | ||
184 | .Pp | 187 | .Pp |
185 | .It Fl d | 188 | .It Fl d |
186 | Debug mode. | 189 | Debug mode. |
@@ -188,8 +191,12 @@ The server sends verbose debug output to the system | |||
188 | log, and does not put itself in the background. | 191 | log, and does not put itself in the background. |
189 | The server also will not fork and will only process one connection. | 192 | The server also will not fork and will only process one connection. |
190 | This option is only intended for debugging for the server. | 193 | This option is only intended for debugging for the server. |
191 | Multiple -d options increases the debugging level. | 194 | Multiple -d options increase the debugging level. |
192 | Maximum is 3. | 195 | Maximum is 3. |
196 | .It Fl e | ||
197 | When this option is specified, | ||
198 | .Nm | ||
199 | will send the output to the standard error instead of the system log. | ||
193 | .It Fl f Ar configuration_file | 200 | .It Fl f Ar configuration_file |
194 | Specifies the name of the configuration file. | 201 | Specifies the name of the configuration file. |
195 | The default is | 202 | The default is |
@@ -210,7 +217,7 @@ This option must be given if | |||
210 | is not run as root (as the normal | 217 | is not run as root (as the normal |
211 | host file is normally not readable by anyone but root). | 218 | host file is normally not readable by anyone but root). |
212 | It is possible to have multiple host key files for | 219 | It is possible to have multiple host key files for |
213 | the different protocol versions. | 220 | the different protocol versions and host key algorithms. |
214 | .It Fl i | 221 | .It Fl i |
215 | Specifies that | 222 | Specifies that |
216 | .Nm | 223 | .Nm |
@@ -225,8 +232,8 @@ However, with small key sizes (e.g., 512) using | |||
225 | from inetd may | 232 | from inetd may |
226 | be feasible. | 233 | be feasible. |
227 | .It Fl k Ar key_gen_time | 234 | .It Fl k Ar key_gen_time |
228 | Specifies how often the server key is regenerated (default 3600 | 235 | Specifies how often the ephemeral protocol version 1 server key is |
229 | seconds, or one hour). | 236 | regenerated (default 3600 seconds, or one hour). |
230 | The motivation for regenerating the key fairly | 237 | The motivation for regenerating the key fairly |
231 | often is that the key is not stored anywhere, and after about an hour, | 238 | often is that the key is not stored anywhere, and after about an hour, |
232 | it becomes impossible to recover the key for decrypting intercepted | 239 | it becomes impossible to recover the key for decrypting intercepted |
@@ -263,18 +270,6 @@ When this option is specified | |||
263 | will not detach and does not become a daemon. | 270 | will not detach and does not become a daemon. |
264 | This allows easy monitoring of | 271 | This allows easy monitoring of |
265 | .Nm sshd . | 272 | .Nm sshd . |
266 | .It Fl e | ||
267 | When this option is specified, | ||
268 | .Nm | ||
269 | will send the output to the standard error instead of the system log. | ||
270 | .It Fl V Ar client_protocol_id | ||
271 | SSH-2 compatibility mode. | ||
272 | When this option is specified | ||
273 | .Nm | ||
274 | assumes the client has sent the supplied version string | ||
275 | and skips the | ||
276 | Protocol Version Identification Exchange. | ||
277 | This option is not intended to be called directly. | ||
278 | .It Fl 4 | 273 | .It Fl 4 |
279 | Forces | 274 | Forces |
280 | .Nm | 275 | .Nm |
@@ -426,6 +421,15 @@ or | |||
426 | .Dq no . | 421 | .Dq no . |
427 | The default is | 422 | The default is |
428 | .Dq no . | 423 | .Dq no . |
424 | .It Cm HostbasedAuthentication | ||
425 | Specifies whether rhosts or /etc/hosts.equiv authentication together | ||
426 | with successful public key client host authentication is allowed | ||
427 | (hostbased authentication). | ||
428 | This option is similar to | ||
429 | .Cm RhostsRSAAuthentication | ||
430 | and applies to protocol version 2 only. | ||
431 | The default is | ||
432 | .Dq no . | ||
429 | .It Cm HostKey | 433 | .It Cm HostKey |
430 | Specifies the file containing the private host keys (default | 434 | Specifies the file containing the private host keys (default |
431 | .Pa /etc/ssh_host_key ) | 435 | .Pa /etc/ssh_host_key ) |
@@ -445,7 +449,12 @@ Specifies that | |||
445 | .Pa .rhosts | 449 | .Pa .rhosts |
446 | and | 450 | and |
447 | .Pa .shosts | 451 | .Pa .shosts |
448 | files will not be used in authentication. | 452 | files will not be used in |
453 | .Cm RhostsAuthentication , | ||
454 | .Cm RhostsRSAAuthentication | ||
455 | or | ||
456 | .Cm HostbasedAuthentication . | ||
457 | .Pp | ||
449 | .Pa /etc/hosts.equiv | 458 | .Pa /etc/hosts.equiv |
450 | and | 459 | and |
451 | .Pa /etc/shosts.equiv | 460 | .Pa /etc/shosts.equiv |
@@ -458,7 +467,9 @@ Specifies whether | |||
458 | should ignore the user's | 467 | should ignore the user's |
459 | .Pa $HOME/.ssh/known_hosts | 468 | .Pa $HOME/.ssh/known_hosts |
460 | during | 469 | during |
461 | .Cm RhostsRSAAuthentication . | 470 | .Cm RhostsRSAAuthentication |
471 | or | ||
472 | .Cm HostbasedAuthentication . | ||
462 | The default is | 473 | The default is |
463 | .Dq no . | 474 | .Dq no . |
464 | .It Cm KeepAlive | 475 | .It Cm KeepAlive |
@@ -511,8 +522,8 @@ file on logout. | |||
511 | Default is | 522 | Default is |
512 | .Dq yes . | 523 | .Dq yes . |
513 | .It Cm KeyRegenerationInterval | 524 | .It Cm KeyRegenerationInterval |
514 | The server key is automatically regenerated after this many seconds | 525 | In protocol version 1, the ephemeral server key is automatically regenerated |
515 | (if it has been used). | 526 | after this many seconds (if it has been used). |
516 | The purpose of regeneration is to prevent | 527 | The purpose of regeneration is to prevent |
517 | decrypting captured sessions by later breaking into the machine and | 528 | decrypting captured sessions by later breaking into the machine and |
518 | stealing the keys. | 529 | stealing the keys. |
@@ -521,7 +532,7 @@ If the value is 0, the key is never regenerated. | |||
521 | The default is 3600 (seconds). | 532 | The default is 3600 (seconds). |
522 | .It Cm ListenAddress | 533 | .It Cm ListenAddress |
523 | Specifies the local addresses | 534 | Specifies the local addresses |
524 | .Xr sshd 8 | 535 | .Nm |
525 | should listen on. | 536 | should listen on. |
526 | The following forms may be used: | 537 | The following forms may be used: |
527 | .Pp | 538 | .Pp |
@@ -547,7 +558,7 @@ The following forms may be used: | |||
547 | If | 558 | If |
548 | .Ar port | 559 | .Ar port |
549 | is not specified, | 560 | is not specified, |
550 | .Xr sshd 8 | 561 | .Nm |
551 | will listen on the address and all prior | 562 | will listen on the address and all prior |
552 | .Cm Port | 563 | .Cm Port |
553 | options specified. The default is to listen on all local | 564 | options specified. The default is to listen on all local |
@@ -609,7 +620,6 @@ are refused if the number of unauthenticated connections reaches | |||
609 | Specifies whether password authentication is allowed. | 620 | Specifies whether password authentication is allowed. |
610 | The default is | 621 | The default is |
611 | .Dq yes . | 622 | .Dq yes . |
612 | Note that this option applies to both protocol versions 1 and 2. | ||
613 | .It Cm PermitEmptyPasswords | 623 | .It Cm PermitEmptyPasswords |
614 | When password authentication is allowed, it specifies whether the | 624 | When password authentication is allowed, it specifies whether the |
615 | server allows login to accounts with empty password strings. | 625 | server allows login to accounts with empty password strings. |
@@ -656,6 +666,8 @@ Specifies the port number that | |||
656 | listens on. | 666 | listens on. |
657 | The default is 22. | 667 | The default is 22. |
658 | Multiple options of this type are permitted. | 668 | Multiple options of this type are permitted. |
669 | See also | ||
670 | .Cm ListenAddress . | ||
659 | .It Cm PrintLastLog | 671 | .It Cm PrintLastLog |
660 | Specifies whether | 672 | Specifies whether |
661 | .Nm | 673 | .Nm |
@@ -707,18 +719,20 @@ instead, because it performs RSA-based host authentication in addition | |||
707 | to normal rhosts or /etc/hosts.equiv authentication. | 719 | to normal rhosts or /etc/hosts.equiv authentication. |
708 | The default is | 720 | The default is |
709 | .Dq no . | 721 | .Dq no . |
722 | This option applies to protocol version 1 only. | ||
710 | .It Cm RhostsRSAAuthentication | 723 | .It Cm RhostsRSAAuthentication |
711 | Specifies whether rhosts or /etc/hosts.equiv authentication together | 724 | Specifies whether rhosts or /etc/hosts.equiv authentication together |
712 | with successful RSA host authentication is allowed. | 725 | with successful RSA host authentication is allowed. |
713 | The default is | 726 | The default is |
714 | .Dq no . | 727 | .Dq no . |
728 | This option applies to protocol version 1 only. | ||
715 | .It Cm RSAAuthentication | 729 | .It Cm RSAAuthentication |
716 | Specifies whether pure RSA authentication is allowed. | 730 | Specifies whether pure RSA authentication is allowed. |
717 | The default is | 731 | The default is |
718 | .Dq yes . | 732 | .Dq yes . |
719 | Note that this option applies to protocol version 1 only. | 733 | This option applies to protocol version 1 only. |
720 | .It Cm ServerKeyBits | 734 | .It Cm ServerKeyBits |
721 | Defines the number of bits in the server key. | 735 | Defines the number of bits in the ephemeral protocol version 1 server key. |
722 | The minimum value is 512, and the default is 768. | 736 | The minimum value is 512, and the default is 768. |
723 | .It Cm StrictModes | 737 | .It Cm StrictModes |
724 | Specifies whether | 738 | Specifies whether |
@@ -825,12 +839,12 @@ Runs user's shell or command. | |||
825 | The | 839 | The |
826 | .Pa $HOME/.ssh/authorized_keys | 840 | .Pa $HOME/.ssh/authorized_keys |
827 | file lists the RSA keys that are | 841 | file lists the RSA keys that are |
828 | permitted for RSA authentication in SSH protocols 1.3 and 1.5 | 842 | permitted for RSA authentication in protocol version 1 |
829 | Similarly, the | 843 | Similarly, the |
830 | .Pa $HOME/.ssh/authorized_keys2 | 844 | .Pa $HOME/.ssh/authorized_keys2 |
831 | file lists the DSA and RSA keys that are | 845 | file lists the DSA and RSA keys that are |
832 | permitted for public key authentication (PubkeyAuthentication) | 846 | permitted for public key authentication (PubkeyAuthentication) |
833 | in SSH protocol 2.0. | 847 | in protocol version 2. |
834 | .Pp | 848 | .Pp |
835 | Each line of the file contains one | 849 | Each line of the file contains one |
836 | key (empty lines and lines starting with a | 850 | key (empty lines and lines starting with a |
@@ -994,7 +1008,10 @@ or by taking | |||
994 | .Pa /etc/ssh_host_key.pub | 1008 | .Pa /etc/ssh_host_key.pub |
995 | and adding the host names at the front. | 1009 | and adding the host names at the front. |
996 | .Ss Examples | 1010 | .Ss Examples |
997 | closenet,closenet.hut.fi,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi | 1011 | .Bd -literal |
1012 | closenet,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi | ||
1013 | cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....= | ||
1014 | .Ed | ||
998 | .Sh FILES | 1015 | .Sh FILES |
999 | .Bl -tag -width Ds | 1016 | .Bl -tag -width Ds |
1000 | .It Pa /etc/sshd_config | 1017 | .It Pa /etc/sshd_config |
@@ -1003,16 +1020,14 @@ Contains configuration data for | |||
1003 | This file should be writable by root only, but it is recommended | 1020 | This file should be writable by root only, but it is recommended |
1004 | (though not necessary) that it be world-readable. | 1021 | (though not necessary) that it be world-readable. |
1005 | .It Pa /etc/ssh_host_key, /etc/ssh_host_dsa_key, /etc/ssh_host_rsa_key | 1022 | .It Pa /etc/ssh_host_key, /etc/ssh_host_dsa_key, /etc/ssh_host_rsa_key |
1006 | These three files contain the private parts of the | 1023 | These three files contain the private parts of the host keys. |
1007 | (SSH1, SSH2 DSA, and SSH2 RSA) host keys. | ||
1008 | These files should only be owned by root, readable only by root, and not | 1024 | These files should only be owned by root, readable only by root, and not |
1009 | accessible to others. | 1025 | accessible to others. |
1010 | Note that | 1026 | Note that |
1011 | .Nm | 1027 | .Nm |
1012 | does not start if this file is group/world-accessible. | 1028 | does not start if this file is group/world-accessible. |
1013 | .It Pa /etc/ssh_host_key.pub, /etc/ssh_host_dsa_key.pub, /etc/ssh_host_rsa_key.pub | 1029 | .It Pa /etc/ssh_host_key.pub, /etc/ssh_host_dsa_key.pub, /etc/ssh_host_rsa_key.pub |
1014 | These three files contain the public parts of the | 1030 | These three files contain the public parts of the host keys. |
1015 | (SSH1, SSH2 DSA, and SSH2 RSA) host keys. | ||
1016 | These files should be world-readable but writable only by | 1031 | These files should be world-readable but writable only by |
1017 | root. | 1032 | root. |
1018 | Their contents should match the respective private parts. | 1033 | Their contents should match the respective private parts. |
@@ -1042,7 +1057,7 @@ Users will place the contents of their | |||
1042 | files into this file, as described in | 1057 | files into this file, as described in |
1043 | .Xr ssh-keygen 1 . | 1058 | .Xr ssh-keygen 1 . |
1044 | .It Pa $HOME/.ssh/authorized_keys2 | 1059 | .It Pa $HOME/.ssh/authorized_keys2 |
1045 | Lists the DSA keys that can be used to log into the user's account. | 1060 | Lists the public keys (RSA or DSA) that can be used to log into the user's account. |
1046 | This file must be readable by root (which may on some machines imply | 1061 | This file must be readable by root (which may on some machines imply |
1047 | it being world-readable if the user's home directory resides on an NFS | 1062 | it being world-readable if the user's home directory resides on an NFS |
1048 | volume). | 1063 | volume). |
@@ -1065,6 +1080,17 @@ These files should be writable only by root/the owner. | |||
1065 | should be world-readable, and | 1080 | should be world-readable, and |
1066 | .Pa $HOME/.ssh/known_hosts | 1081 | .Pa $HOME/.ssh/known_hosts |
1067 | can but need not be world-readable. | 1082 | can but need not be world-readable. |
1083 | .It Pa "/etc/ssh_known_hosts2" and "$HOME/.ssh/known_hosts2" | ||
1084 | These files are consulted when using protocol version 2 hostbased | ||
1085 | authentication to check the public key of the host. | ||
1086 | The key must be listed in one of these files to be accepted. | ||
1087 | The client uses the same files | ||
1088 | to verify that it is connecting to the correct remote host. | ||
1089 | These files should be writable only by root/the owner. | ||
1090 | .Pa /etc/ssh_known_hosts2 | ||
1091 | should be world-readable, and | ||
1092 | .Pa $HOME/.ssh/known_hosts2 | ||
1093 | can but need not be world-readable. | ||
1068 | .It Pa /etc/nologin | 1094 | .It Pa /etc/nologin |
1069 | If this file exists, | 1095 | If this file exists, |
1070 | .Nm | 1096 | .Nm |
@@ -1162,8 +1188,12 @@ which may be needed before the user's home directory becomes | |||
1162 | accessible; AFS is a particular example of such an environment. | 1188 | accessible; AFS is a particular example of such an environment. |
1163 | .Pp | 1189 | .Pp |
1164 | This file will probably contain some initialization code followed by | 1190 | This file will probably contain some initialization code followed by |
1165 | something similar to: "if read proto cookie; then echo add $DISPLAY | 1191 | something similar to: |
1166 | $proto $cookie | xauth -q -; fi". | 1192 | .Bd -literal |
1193 | if read proto cookie; then | ||
1194 | echo add $DISPLAY $proto $cookie | xauth -q - | ||
1195 | fi | ||
1196 | .Ed | ||
1167 | .Pp | 1197 | .Pp |
1168 | If this file does not exist, | 1198 | If this file does not exist, |
1169 | .Pa /etc/sshrc | 1199 | .Pa /etc/sshrc |
@@ -1209,3 +1239,12 @@ protocol versions 1.5 and 2.0. | |||
1209 | .%D January 2001 | 1239 | .%D January 2001 |
1210 | .%O work in progress material | 1240 | .%O work in progress material |
1211 | .Re | 1241 | .Re |
1242 | .Rs | ||
1243 | .%A M. Friedl | ||
1244 | .%A N. Provos | ||
1245 | .%A W. A. Simpson | ||
1246 | .%T "Diffie-Hellman Group Exchange for the SSH Transport Layer Protocol" | ||
1247 | .%N draft-ietf-secsh-dh-group-exchange-00.txt | ||
1248 | .%D January 2001 | ||
1249 | .%O work in progress material | ||
1250 | .Re | ||