diff options
| author | Colin Watson <cjwatson@debian.org> | 2017-10-04 11:23:58 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2017-10-04 11:23:58 +0100 |
| commit | 62f54f20bf351468e0124f63cc2902ee40d9b0e9 (patch) | |
| tree | 3e090f2711b94ca5029d3fa3e8047b1ed1448b1f /sshd_config.0 | |
| parent | 6fabaf6fd9b07cc8bc6a17c9c4a5b76849cfc874 (diff) | |
| parent | 66bf74a92131b7effe49fb0eefe5225151869dc5 (diff) | |
Import openssh_7.6p1.orig.tar.gz
Diffstat (limited to 'sshd_config.0')
| -rw-r--r-- | sshd_config.0 | 42 |
1 files changed, 22 insertions, 20 deletions
diff --git a/sshd_config.0 b/sshd_config.0 index b0160aa87..678ee14b4 100644 --- a/sshd_config.0 +++ b/sshd_config.0 | |||
| @@ -3,9 +3,6 @@ SSHD_CONFIG(5) File Formats Manual SSHD_CONFIG(5) | |||
| 3 | NAME | 3 | NAME |
| 4 | sshd_config M-bM-^@M-^S OpenSSH SSH daemon configuration file | 4 | sshd_config M-bM-^@M-^S OpenSSH SSH daemon configuration file |
| 5 | 5 | ||
| 6 | SYNOPSIS | ||
| 7 | /etc/ssh/sshd_config | ||
| 8 | |||
| 9 | DESCRIPTION | 6 | DESCRIPTION |
| 10 | sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file | 7 | sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file |
| 11 | specified with -f on the command line). The file contains keyword- | 8 | specified with -f on the command line). The file contains keyword- |
| @@ -120,6 +117,11 @@ DESCRIPTION | |||
| 120 | Note that each authentication method listed should also be | 117 | Note that each authentication method listed should also be |
| 121 | explicitly enabled in the configuration. | 118 | explicitly enabled in the configuration. |
| 122 | 119 | ||
| 120 | The available authentication methods are: "gssapi-with-mic", | ||
| 121 | "hostbased", "keyboard-interactive", "none" (used for access to | ||
| 122 | password-less accounts when PermitEmptyPassword is enabled), | ||
| 123 | "password" and "publickey". | ||
| 124 | |||
| 123 | AuthorizedKeysCommand | 125 | AuthorizedKeysCommand |
| 124 | Specifies a program to be used to look up the user's public keys. | 126 | Specifies a program to be used to look up the user's public keys. |
| 125 | The program must be owned by root, not writable by group or | 127 | The program must be owned by root, not writable by group or |
| @@ -253,11 +255,6 @@ DESCRIPTION | |||
| 253 | aes256-ctr | 255 | aes256-ctr |
| 254 | aes128-gcm@openssh.com | 256 | aes128-gcm@openssh.com |
| 255 | aes256-gcm@openssh.com | 257 | aes256-gcm@openssh.com |
| 256 | arcfour | ||
| 257 | arcfour128 | ||
| 258 | arcfour256 | ||
| 259 | blowfish-cbc | ||
| 260 | cast128-cbc | ||
| 261 | chacha20-poly1305@openssh.com | 258 | chacha20-poly1305@openssh.com |
| 262 | 259 | ||
| 263 | The default is: | 260 | The default is: |
| @@ -329,6 +326,13 @@ DESCRIPTION | |||
| 329 | TCP and StreamLocal. This option overrides all other forwarding- | 326 | TCP and StreamLocal. This option overrides all other forwarding- |
| 330 | related options and may simplify restricted configurations. | 327 | related options and may simplify restricted configurations. |
| 331 | 328 | ||
| 329 | ExposeAuthInfo | ||
| 330 | Writes a temporary file containing a list of authentication | ||
| 331 | methods and public credentials (e.g. keys) used to authenticate | ||
| 332 | the user. The location of the file is exposed to the user | ||
| 333 | session through the SSH_USER_AUTH environment variable. The | ||
| 334 | default is no. | ||
| 335 | |||
| 332 | FingerprintHash | 336 | FingerprintHash |
| 333 | Specifies the hash algorithm used when logging key fingerprints. | 337 | Specifies the hash algorithm used when logging key fingerprints. |
| 334 | Valid options are: md5 and sha256. The default is sha256. | 338 | Valid options are: md5 and sha256. The default is sha256. |
| @@ -467,14 +471,14 @@ DESCRIPTION | |||
| 467 | IPQoS Specifies the IPv4 type-of-service or DSCP class for the | 471 | IPQoS Specifies the IPv4 type-of-service or DSCP class for the |
| 468 | connection. Accepted values are af11, af12, af13, af21, af22, | 472 | connection. Accepted values are af11, af12, af13, af21, af22, |
| 469 | af23, af31, af32, af33, af41, af42, af43, cs0, cs1, cs2, cs3, | 473 | af23, af31, af32, af33, af41, af42, af43, cs0, cs1, cs2, cs3, |
| 470 | cs4, cs5, cs6, cs7, ef, lowdelay, throughput, reliability, or a | 474 | cs4, cs5, cs6, cs7, ef, lowdelay, throughput, reliability, a |
| 471 | numeric value. This option may take one or two arguments, | 475 | numeric value, or none to use the operating system default. This |
| 472 | separated by whitespace. If one argument is specified, it is | 476 | option may take one or two arguments, separated by whitespace. |
| 473 | used as the packet class unconditionally. If two values are | 477 | If one argument is specified, it is used as the packet class |
| 474 | specified, the first is automatically selected for interactive | 478 | unconditionally. If two values are specified, the first is |
| 475 | sessions and the second for non-interactive sessions. The | 479 | automatically selected for interactive sessions and the second |
| 476 | default is lowdelay for interactive sessions and throughput for | 480 | for non-interactive sessions. The default is lowdelay for |
| 477 | non-interactive sessions. | 481 | interactive sessions and throughput for non-interactive sessions. |
| 478 | 482 | ||
| 479 | KbdInteractiveAuthentication | 483 | KbdInteractiveAuthentication |
| 480 | Specifies whether to allow keyboard-interactive authentication. | 484 | Specifies whether to allow keyboard-interactive authentication. |
| @@ -573,7 +577,6 @@ DESCRIPTION | |||
| 573 | 577 | ||
| 574 | hmac-md5 | 578 | hmac-md5 |
| 575 | hmac-md5-96 | 579 | hmac-md5-96 |
| 576 | hmac-ripemd160 | ||
| 577 | hmac-sha1 | 580 | hmac-sha1 |
| 578 | hmac-sha1-96 | 581 | hmac-sha1-96 |
| 579 | hmac-sha2-256 | 582 | hmac-sha2-256 |
| @@ -582,7 +585,6 @@ DESCRIPTION | |||
| 582 | umac-128@openssh.com | 585 | umac-128@openssh.com |
| 583 | hmac-md5-etm@openssh.com | 586 | hmac-md5-etm@openssh.com |
| 584 | hmac-md5-96-etm@openssh.com | 587 | hmac-md5-96-etm@openssh.com |
| 585 | hmac-ripemd160-etm@openssh.com | ||
| 586 | hmac-sha1-etm@openssh.com | 588 | hmac-sha1-etm@openssh.com |
| 587 | hmac-sha1-96-etm@openssh.com | 589 | hmac-sha1-96-etm@openssh.com |
| 588 | hmac-sha2-256-etm@openssh.com | 590 | hmac-sha2-256-etm@openssh.com |
| @@ -634,7 +636,7 @@ DESCRIPTION | |||
| 634 | ClientAliveInterval, DenyGroups, DenyUsers, ForceCommand, | 636 | ClientAliveInterval, DenyGroups, DenyUsers, ForceCommand, |
| 635 | GatewayPorts, GSSAPIAuthentication, HostbasedAcceptedKeyTypes, | 637 | GatewayPorts, GSSAPIAuthentication, HostbasedAcceptedKeyTypes, |
| 636 | HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, IPQoS, | 638 | HostbasedAuthentication, HostbasedUsesNameFromPacketOnly, IPQoS, |
| 637 | KbdInteractiveAuthentication, KerberosAuthentication, | 639 | KbdInteractiveAuthentication, KerberosAuthentication, LogLevel, |
| 638 | MaxAuthTries, MaxSessions, PasswordAuthentication, | 640 | MaxAuthTries, MaxSessions, PasswordAuthentication, |
| 639 | PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTTY, | 641 | PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTTY, |
| 640 | PermitTunnel, PermitUserRC, PubkeyAcceptedKeyTypes, | 642 | PermitTunnel, PermitUserRC, PubkeyAcceptedKeyTypes, |
| @@ -1017,4 +1019,4 @@ AUTHORS | |||
| 1017 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | 1019 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
| 1018 | for privilege separation. | 1020 | for privilege separation. |
| 1019 | 1021 | ||
| 1020 | OpenBSD 6.0 March 14, 2017 OpenBSD 6.0 | 1022 | OpenBSD 6.2 September 27, 2017 OpenBSD 6.2 |