summaryrefslogtreecommitdiff
path: root/ssh.0
diff options
context:
space:
mode:
Diffstat (limited to 'ssh.0')
-rw-r--r--ssh.0958
1 files changed, 958 insertions, 0 deletions
diff --git a/ssh.0 b/ssh.0
new file mode 100644
index 000000000..9aaf4367d
--- /dev/null
+++ b/ssh.0
@@ -0,0 +1,958 @@
1SSH(1) General Commands Manual SSH(1)
2
3NAME
4 ssh M-bM-^@M-^S OpenSSH SSH client (remote login program)
5
6SYNOPSIS
7 ssh [-1246AaCfGgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
8 [-D [bind_address:]port] [-E log_file] [-e escape_char]
9 [-F configfile] [-I pkcs11] [-i identity_file] [-L address]
10 [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
11 [-Q query_option] [-R address] [-S ctl_path] [-W host:port]
12 [-w local_tun[:remote_tun]] [user@]hostname [command]
13
14DESCRIPTION
15 ssh (SSH client) is a program for logging into a remote machine and for
16 executing commands on a remote machine. It is intended to provide secure
17 encrypted communications between two untrusted hosts over an insecure
18 network. X11 connections, arbitrary TCP ports and UNIX-domain sockets
19 can also be forwarded over the secure channel.
20
21 ssh connects and logs into the specified hostname (with optional user
22 name). The user must prove his/her identity to the remote machine using
23 one of several methods (see below).
24
25 If command is specified, it is executed on the remote host instead of a
26 login shell.
27
28 The options are as follows:
29
30 -1 Forces ssh to try protocol version 1 only.
31
32 -2 Forces ssh to try protocol version 2 only.
33
34 -4 Forces ssh to use IPv4 addresses only.
35
36 -6 Forces ssh to use IPv6 addresses only.
37
38 -A Enables forwarding of the authentication agent connection. This
39 can also be specified on a per-host basis in a configuration
40 file.
41
42 Agent forwarding should be enabled with caution. Users with the
43 ability to bypass file permissions on the remote host (for the
44 agent's UNIX-domain socket) can access the local agent through
45 the forwarded connection. An attacker cannot obtain key material
46 from the agent, however they can perform operations on the keys
47 that enable them to authenticate using the identities loaded into
48 the agent.
49
50 -a Disables forwarding of the authentication agent connection.
51
52 -b bind_address
53 Use bind_address on the local machine as the source address of
54 the connection. Only useful on systems with more than one
55 address.
56
57 -C Requests compression of all data (including stdin, stdout,
58 stderr, and data for forwarded X11, TCP and UNIX-domain
59 connections). The compression algorithm is the same used by
60 gzip(1), and the M-bM-^@M-^\levelM-bM-^@M-^] can be controlled by the
61 CompressionLevel option for protocol version 1. Compression is
62 desirable on modem lines and other slow connections, but will
63 only slow down things on fast networks. The default value can be
64 set on a host-by-host basis in the configuration files; see the
65 Compression option.
66
67 -c cipher_spec
68 Selects the cipher specification for encrypting the session.
69
70 Protocol version 1 allows specification of a single cipher. The
71 supported values are M-bM-^@M-^\3desM-bM-^@M-^], M-bM-^@M-^\blowfishM-bM-^@M-^], and M-bM-^@M-^\desM-bM-^@M-^]. For protocol
72 version 2, cipher_spec is a comma-separated list of ciphers
73 listed in order of preference. See the Ciphers keyword in
74 ssh_config(5) for more information.
75
76 -D [bind_address:]port
77 Specifies a local M-bM-^@M-^\dynamicM-bM-^@M-^] application-level port forwarding.
78 This works by allocating a socket to listen to port on the local
79 side, optionally bound to the specified bind_address. Whenever a
80 connection is made to this port, the connection is forwarded over
81 the secure channel, and the application protocol is then used to
82 determine where to connect to from the remote machine. Currently
83 the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
84 as a SOCKS server. Only root can forward privileged ports.
85 Dynamic port forwardings can also be specified in the
86 configuration file.
87
88 IPv6 addresses can be specified by enclosing the address in
89 square brackets. Only the superuser can forward privileged
90 ports. By default, the local port is bound in accordance with
91 the GatewayPorts setting. However, an explicit bind_address may
92 be used to bind the connection to a specific address. The
93 bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be
94 bound for local use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates
95 that the port should be available from all interfaces.
96
97 -E log_file
98 Append debug logs to log_file instead of standard error.
99
100 -e escape_char
101 Sets the escape character for sessions with a pty (default: M-bM-^@M-^X~M-bM-^@M-^Y).
102 The escape character is only recognized at the beginning of a
103 line. The escape character followed by a dot (M-bM-^@M-^X.M-bM-^@M-^Y) closes the
104 connection; followed by control-Z suspends the connection; and
105 followed by itself sends the escape character once. Setting the
106 character to M-bM-^@M-^\noneM-bM-^@M-^] disables any escapes and makes the session
107 fully transparent.
108
109 -F configfile
110 Specifies an alternative per-user configuration file. If a
111 configuration file is given on the command line, the system-wide
112 configuration file (/etc/ssh/ssh_config) will be ignored. The
113 default for the per-user configuration file is ~/.ssh/config.
114
115 -f Requests ssh to go to background just before command execution.
116 This is useful if ssh is going to ask for passwords or
117 passphrases, but the user wants it in the background. This
118 implies -n. The recommended way to start X11 programs at a
119 remote site is with something like ssh -f host xterm.
120
121 If the ExitOnForwardFailure configuration option is set to M-bM-^@M-^\yesM-bM-^@M-^],
122 then a client started with -f will wait for all remote port
123 forwards to be successfully established before placing itself in
124 the background.
125
126 -G Causes ssh to print its configuration after evaluating Host and
127 Match blocks and exit.
128
129 -g Allows remote hosts to connect to local forwarded ports. If used
130 on a multiplexed connection, then this option must be specified
131 on the master process.
132
133 -I pkcs11
134 Specify the PKCS#11 shared library ssh should use to communicate
135 with a PKCS#11 token providing the user's private RSA key.
136
137 -i identity_file
138 Selects a file from which the identity (private key) for public
139 key authentication is read. The default is ~/.ssh/identity for
140 protocol version 1, and ~/.ssh/id_dsa, ~/.ssh/id_ecdsa,
141 ~/.ssh/id_ed25519 and ~/.ssh/id_rsa for protocol version 2.
142 Identity files may also be specified on a per-host basis in the
143 configuration file. It is possible to have multiple -i options
144 (and multiple identities specified in configuration files). If
145 no certificates have been explicitly specified by the
146 CertificateFile directive, ssh will also try to load certificate
147 information from the filename obtained by appending -cert.pub to
148 identity filenames.
149
150 -K Enables GSSAPI-based authentication and forwarding (delegation)
151 of GSSAPI credentials to the server.
152
153 -k Disables forwarding (delegation) of GSSAPI credentials to the
154 server.
155
156 -L [bind_address:]port:host:hostport
157 -L [bind_address:]port:remote_socket
158 -L local_socket:host:hostport
159 -L local_socket:remote_socket
160 Specifies that connections to the given TCP port or Unix socket
161 on the local (client) host are to be forwarded to the given host
162 and port, or Unix socket, on the remote side. This works by
163 allocating a socket to listen to either a TCP port on the local
164 side, optionally bound to the specified bind_address, or to a
165 Unix socket. Whenever a connection is made to the local port or
166 socket, the connection is forwarded over the secure channel, and
167 a connection is made to either host port hostport, or the Unix
168 socket remote_socket, from the remote machine.
169
170 Port forwardings can also be specified in the configuration file.
171 Only the superuser can forward privileged ports. IPv6 addresses
172 can be specified by enclosing the address in square brackets.
173
174 By default, the local port is bound in accordance with the
175 GatewayPorts setting. However, an explicit bind_address may be
176 used to bind the connection to a specific address. The
177 bind_address of M-bM-^@M-^\localhostM-bM-^@M-^] indicates that the listening port be
178 bound for local use only, while an empty address or M-bM-^@M-^X*M-bM-^@M-^Y indicates
179 that the port should be available from all interfaces.
180
181 -l login_name
182 Specifies the user to log in as on the remote machine. This also
183 may be specified on a per-host basis in the configuration file.
184
185 -M Places the ssh client into M-bM-^@M-^\masterM-bM-^@M-^] mode for connection sharing.
186 Multiple -M options places ssh into M-bM-^@M-^\masterM-bM-^@M-^] mode with
187 confirmation required before slave connections are accepted.
188 Refer to the description of ControlMaster in ssh_config(5) for
189 details.
190
191 -m mac_spec
192 A comma-separated list of MAC (message authentication code)
193 algorithms, specified in order of preference. See the MACs
194 keyword for more information.
195
196 -N Do not execute a remote command. This is useful for just
197 forwarding ports.
198
199 -n Redirects stdin from /dev/null (actually, prevents reading from
200 stdin). This must be used when ssh is run in the background. A
201 common trick is to use this to run X11 programs on a remote
202 machine. For example, ssh -n shadows.cs.hut.fi emacs & will
203 start an emacs on shadows.cs.hut.fi, and the X11 connection will
204 be automatically forwarded over an encrypted channel. The ssh
205 program will be put in the background. (This does not work if
206 ssh needs to ask for a password or passphrase; see also the -f
207 option.)
208
209 -O ctl_cmd
210 Control an active connection multiplexing master process. When
211 the -O option is specified, the ctl_cmd argument is interpreted
212 and passed to the master process. Valid commands are: M-bM-^@M-^\checkM-bM-^@M-^]
213 (check that the master process is running), M-bM-^@M-^\forwardM-bM-^@M-^] (request
214 forwardings without command execution), M-bM-^@M-^\cancelM-bM-^@M-^] (cancel
215 forwardings), M-bM-^@M-^\exitM-bM-^@M-^] (request the master to exit), and M-bM-^@M-^\stopM-bM-^@M-^]
216 (request the master to stop accepting further multiplexing
217 requests).
218
219 -o option
220 Can be used to give options in the format used in the
221 configuration file. This is useful for specifying options for
222 which there is no separate command-line flag. For full details
223 of the options listed below, and their possible values, see
224 ssh_config(5).
225
226 AddKeysToAgent
227 AddressFamily
228 BatchMode
229 BindAddress
230 CanonicalDomains
231 CanonicalizeFallbackLocal
232 CanonicalizeHostname
233 CanonicalizeMaxDots
234 CanonicalizePermittedCNAMEs
235 CertificateFile
236 ChallengeResponseAuthentication
237 CheckHostIP
238 Cipher
239 Ciphers
240 ClearAllForwardings
241 Compression
242 CompressionLevel
243 ConnectionAttempts
244 ConnectTimeout
245 ControlMaster
246 ControlPath
247 ControlPersist
248 DynamicForward
249 EscapeChar
250 ExitOnForwardFailure
251 FingerprintHash
252 ForwardAgent
253 ForwardX11
254 ForwardX11Timeout
255 ForwardX11Trusted
256 GatewayPorts
257 GlobalKnownHostsFile
258 GSSAPIAuthentication
259 GSSAPIDelegateCredentials
260 HashKnownHosts
261 Host
262 HostbasedAuthentication
263 HostbasedKeyTypes
264 HostKeyAlgorithms
265 HostKeyAlias
266 HostName
267 IdentityFile
268 IdentitiesOnly
269 IPQoS
270 KbdInteractiveAuthentication
271 KbdInteractiveDevices
272 KexAlgorithms
273 LocalCommand
274 LocalForward
275 LogLevel
276 MACs
277 Match
278 NoHostAuthenticationForLocalhost
279 NumberOfPasswordPrompts
280 PasswordAuthentication
281 PermitLocalCommand
282 PKCS11Provider
283 Port
284 PreferredAuthentications
285 Protocol
286 ProxyCommand
287 ProxyUseFdpass
288 PubkeyAcceptedKeyTypes
289 PubkeyAuthentication
290 RekeyLimit
291 RemoteForward
292 RequestTTY
293 RhostsRSAAuthentication
294 RSAAuthentication
295 SendEnv
296 ServerAliveInterval
297 ServerAliveCountMax
298 StreamLocalBindMask
299 StreamLocalBindUnlink
300 StrictHostKeyChecking
301 TCPKeepAlive
302 Tunnel
303 TunnelDevice
304 UpdateHostKeys
305 UsePrivilegedPort
306 User
307 UserKnownHostsFile
308 VerifyHostKeyDNS
309 VisualHostKey
310 XAuthLocation
311
312 -p port
313 Port to connect to on the remote host. This can be specified on
314 a per-host basis in the configuration file.
315
316 -Q query_option
317 Queries ssh for the algorithms supported for the specified
318 version 2. The available features are: cipher (supported
319 symmetric ciphers), cipher-auth (supported symmetric ciphers that
320 support authenticated encryption), mac (supported message
321 integrity codes), kex (key exchange algorithms), key (key types),
322 key-cert (certificate key types), key-plain (non-certificate key
323 types), and protocol-version (supported SSH protocol versions).
324
325 -q Quiet mode. Causes most warning and diagnostic messages to be
326 suppressed.
327
328 -R [bind_address:]port:host:hostport
329 -R [bind_address:]port:local_socket
330 -R remote_socket:host:hostport
331 -R remote_socket:local_socket
332 Specifies that connections to the given TCP port or Unix socket
333 on the remote (server) host are to be forwarded to the given host
334 and port, or Unix socket, on the local side. This works by
335 allocating a socket to listen to either a TCP port or to a Unix
336 socket on the remote side. Whenever a connection is made to this
337 port or Unix socket, the connection is forwarded over the secure
338 channel, and a connection is made to either host port hostport,
339 or local_socket, from the local machine.
340
341 Port forwardings can also be specified in the configuration file.
342 Privileged ports can be forwarded only when logging in as root on
343 the remote machine. IPv6 addresses can be specified by enclosing
344 the address in square brackets.
345
346 By default, TCP listening sockets on the server will be bound to
347 the loopback interface only. This may be overridden by
348 specifying a bind_address. An empty bind_address, or the address
349 M-bM-^@M-^X*M-bM-^@M-^Y, indicates that the remote socket should listen on all
350 interfaces. Specifying a remote bind_address will only succeed
351 if the server's GatewayPorts option is enabled (see
352 sshd_config(5)).
353
354 If the port argument is M-bM-^@M-^X0M-bM-^@M-^Y, the listen port will be dynamically
355 allocated on the server and reported to the client at run time.
356 When used together with -O forward the allocated port will be
357 printed to the standard output.
358
359 -S ctl_path
360 Specifies the location of a control socket for connection
361 sharing, or the string M-bM-^@M-^\noneM-bM-^@M-^] to disable connection sharing.
362 Refer to the description of ControlPath and ControlMaster in
363 ssh_config(5) for details.
364
365 -s May be used to request invocation of a subsystem on the remote
366 system. Subsystems facilitate the use of SSH as a secure
367 transport for other applications (e.g. sftp(1)). The subsystem
368 is specified as the remote command.
369
370 -T Disable pseudo-terminal allocation.
371
372 -t Force pseudo-terminal allocation. This can be used to execute
373 arbitrary screen-based programs on a remote machine, which can be
374 very useful, e.g. when implementing menu services. Multiple -t
375 options force tty allocation, even if ssh has no local tty.
376
377 -V Display the version number and exit.
378
379 -v Verbose mode. Causes ssh to print debugging messages about its
380 progress. This is helpful in debugging connection,
381 authentication, and configuration problems. Multiple -v options
382 increase the verbosity. The maximum is 3.
383
384 -W host:port
385 Requests that standard input and output on the client be
386 forwarded to host on port over the secure channel. Implies -N,
387 -T, ExitOnForwardFailure and ClearAllForwardings.
388
389 -w local_tun[:remote_tun]
390 Requests tunnel device forwarding with the specified tun(4)
391 devices between the client (local_tun) and the server
392 (remote_tun).
393
394 The devices may be specified by numerical ID or the keyword
395 M-bM-^@M-^\anyM-bM-^@M-^], which uses the next available tunnel device. If
396 remote_tun is not specified, it defaults to M-bM-^@M-^\anyM-bM-^@M-^]. See also the
397 Tunnel and TunnelDevice directives in ssh_config(5). If the
398 Tunnel directive is unset, it is set to the default tunnel mode,
399 which is M-bM-^@M-^\point-to-pointM-bM-^@M-^].
400
401 -X Enables X11 forwarding. This can also be specified on a per-host
402 basis in a configuration file.
403
404 X11 forwarding should be enabled with caution. Users with the
405 ability to bypass file permissions on the remote host (for the
406 user's X authorization database) can access the local X11 display
407 through the forwarded connection. An attacker may then be able
408 to perform activities such as keystroke monitoring.
409
410 For this reason, X11 forwarding is subjected to X11 SECURITY
411 extension restrictions by default. Please refer to the ssh -Y
412 option and the ForwardX11Trusted directive in ssh_config(5) for
413 more information.
414
415 -x Disables X11 forwarding.
416
417 -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not
418 subjected to the X11 SECURITY extension controls.
419
420 -y Send log information using the syslog(3) system module. By
421 default this information is sent to stderr.
422
423 ssh may additionally obtain configuration data from a per-user
424 configuration file and a system-wide configuration file. The file format
425 and configuration options are described in ssh_config(5).
426
427AUTHENTICATION
428 The OpenSSH SSH client supports SSH protocols 1 and 2. The default is to
429 use protocol 2 only, though this can be changed via the Protocol option
430 in ssh_config(5) or the -1 and -2 options (see above). Protocol 1 should
431 not be used and is only offered to support legacy devices. It suffers
432 from a number of cryptographic weaknesses and doesn't support many of the
433 advanced features available for protocol 2.
434
435 The methods available for authentication are: GSSAPI-based
436 authentication, host-based authentication, public key authentication,
437 challenge-response authentication, and password authentication.
438 Authentication methods are tried in the order specified above, though
439 PreferredAuthentications can be used to change the default order.
440
441 Host-based authentication works as follows: If the machine the user logs
442 in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote
443 machine, and the user names are the same on both sides, or if the files
444 ~/.rhosts or ~/.shosts exist in the user's home directory on the remote
445 machine and contain a line containing the name of the client machine and
446 the name of the user on that machine, the user is considered for login.
447 Additionally, the server must be able to verify the client's host key
448 (see the description of /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts,
449 below) for login to be permitted. This authentication method closes
450 security holes due to IP spoofing, DNS spoofing, and routing spoofing.
451 [Note to the administrator: /etc/hosts.equiv, ~/.rhosts, and the
452 rlogin/rsh protocol in general, are inherently insecure and should be
453 disabled if security is desired.]
454
455 Public key authentication works as follows: The scheme is based on
456 public-key cryptography, using cryptosystems where encryption and
457 decryption are done using separate keys, and it is unfeasible to derive
458 the decryption key from the encryption key. The idea is that each user
459 creates a public/private key pair for authentication purposes. The
460 server knows the public key, and only the user knows the private key.
461 ssh implements public key authentication protocol automatically, using
462 one of the DSA, ECDSA, Ed25519 or RSA algorithms. The HISTORY section of
463 ssl(8) contains a brief discussion of the DSA and RSA algorithms.
464
465 The file ~/.ssh/authorized_keys lists the public keys that are permitted
466 for logging in. When the user logs in, the ssh program tells the server
467 which key pair it would like to use for authentication. The client
468 proves that it has access to the private key and the server checks that
469 the corresponding public key is authorized to accept the account.
470
471 The user creates his/her key pair by running ssh-keygen(1). This stores
472 the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (DSA),
473 ~/.ssh/id_ecdsa (ECDSA), ~/.ssh/id_ed25519 (Ed25519), or ~/.ssh/id_rsa
474 (RSA) and stores the public key in ~/.ssh/identity.pub (protocol 1),
475 ~/.ssh/id_dsa.pub (DSA), ~/.ssh/id_ecdsa.pub (ECDSA),
476 ~/.ssh/id_ed25519.pub (Ed25519), or ~/.ssh/id_rsa.pub (RSA) in the user's
477 home directory. The user should then copy the public key to
478 ~/.ssh/authorized_keys in his/her home directory on the remote machine.
479 The authorized_keys file corresponds to the conventional ~/.rhosts file,
480 and has one key per line, though the lines can be very long. After this,
481 the user can log in without giving the password.
482
483 A variation on public key authentication is available in the form of
484 certificate authentication: instead of a set of public/private keys,
485 signed certificates are used. This has the advantage that a single
486 trusted certification authority can be used in place of many
487 public/private keys. See the CERTIFICATES section of ssh-keygen(1) for
488 more information.
489
490 The most convenient way to use public key or certificate authentication
491 may be with an authentication agent. See ssh-agent(1) and (optionally)
492 the AddKeysToAgent directive in ssh_config(5) for more information.
493
494 Challenge-response authentication works as follows: The server sends an
495 arbitrary "challenge" text, and prompts for a response. Examples of
496 challenge-response authentication include BSD Authentication (see
497 login.conf(5)) and PAM (some non-OpenBSD systems).
498
499 Finally, if other authentication methods fail, ssh prompts the user for a
500 password. The password is sent to the remote host for checking; however,
501 since all communications are encrypted, the password cannot be seen by
502 someone listening on the network.
503
504 ssh automatically maintains and checks a database containing
505 identification for all hosts it has ever been used with. Host keys are
506 stored in ~/.ssh/known_hosts in the user's home directory. Additionally,
507 the file /etc/ssh/ssh_known_hosts is automatically checked for known
508 hosts. Any new hosts are automatically added to the user's file. If a
509 host's identification ever changes, ssh warns about this and disables
510 password authentication to prevent server spoofing or man-in-the-middle
511 attacks, which could otherwise be used to circumvent the encryption. The
512 StrictHostKeyChecking option can be used to control logins to machines
513 whose host key is not known or has changed.
514
515 When the user's identity has been accepted by the server, the server
516 either executes the given command in a non-interactive session or, if no
517 command has been specified, logs into the machine and gives the user a
518 normal shell as an interactive session. All communication with the
519 remote command or shell will be automatically encrypted.
520
521 If an interactive session is requested ssh by default will only request a
522 pseudo-terminal (pty) for interactive sessions when the client has one.
523 The flags -T and -t can be used to override this behaviour.
524
525 If a pseudo-terminal has been allocated the user may use the escape
526 characters noted below.
527
528 If no pseudo-terminal has been allocated, the session is transparent and
529 can be used to reliably transfer binary data. On most systems, setting
530 the escape character to M-bM-^@M-^\noneM-bM-^@M-^] will also make the session transparent
531 even if a tty is used.
532
533 The session terminates when the command or shell on the remote machine
534 exits and all X11 and TCP connections have been closed.
535
536ESCAPE CHARACTERS
537 When a pseudo-terminal has been requested, ssh supports a number of
538 functions through the use of an escape character.
539
540 A single tilde character can be sent as ~~ or by following the tilde by a
541 character other than those described below. The escape character must
542 always follow a newline to be interpreted as special. The escape
543 character can be changed in configuration files using the EscapeChar
544 configuration directive or on the command line by the -e option.
545
546 The supported escapes (assuming the default M-bM-^@M-^X~M-bM-^@M-^Y) are:
547
548 ~. Disconnect.
549
550 ~^Z Background ssh.
551
552 ~# List forwarded connections.
553
554 ~& Background ssh at logout when waiting for forwarded connection /
555 X11 sessions to terminate.
556
557 ~? Display a list of escape characters.
558
559 ~B Send a BREAK to the remote system (only useful if the peer
560 supports it).
561
562 ~C Open command line. Currently this allows the addition of port
563 forwardings using the -L, -R and -D options (see above). It also
564 allows the cancellation of existing port-forwardings with
565 -KL[bind_address:]port for local, -KR[bind_address:]port for
566 remote and -KD[bind_address:]port for dynamic port-forwardings.
567 !command allows the user to execute a local command if the
568 PermitLocalCommand option is enabled in ssh_config(5). Basic
569 help is available, using the -h option.
570
571 ~R Request rekeying of the connection (only useful if the peer
572 supports it).
573
574 ~V Decrease the verbosity (LogLevel) when errors are being written
575 to stderr.
576
577 ~v Increase the verbosity (LogLevel) when errors are being written
578 to stderr.
579
580TCP FORWARDING
581 Forwarding of arbitrary TCP connections over the secure channel can be
582 specified either on the command line or in a configuration file. One
583 possible application of TCP forwarding is a secure connection to a mail
584 server; another is going through firewalls.
585
586 In the example below, we look at encrypting communication between an IRC
587 client and server, even though the IRC server does not directly support
588 encrypted communications. This works as follows: the user connects to
589 the remote host using ssh, specifying a port to be used to forward
590 connections to the remote server. After that it is possible to start the
591 service which is to be encrypted on the client machine, connecting to the
592 same local port, and ssh will encrypt and forward the connection.
593
594 The following example tunnels an IRC session from client machine
595 M-bM-^@M-^\127.0.0.1M-bM-^@M-^] (localhost) to remote server M-bM-^@M-^\server.example.comM-bM-^@M-^]:
596
597 $ ssh -f -L 1234:localhost:6667 server.example.com sleep 10
598 $ irc -c '#users' -p 1234 pinky 127.0.0.1
599
600 This tunnels a connection to IRC server M-bM-^@M-^\server.example.comM-bM-^@M-^], joining
601 channel M-bM-^@M-^\#usersM-bM-^@M-^], nickname M-bM-^@M-^\pinkyM-bM-^@M-^], using port 1234. It doesn't matter
602 which port is used, as long as it's greater than 1023 (remember, only
603 root can open sockets on privileged ports) and doesn't conflict with any
604 ports already in use. The connection is forwarded to port 6667 on the
605 remote server, since that's the standard port for IRC services.
606
607 The -f option backgrounds ssh and the remote command M-bM-^@M-^\sleep 10M-bM-^@M-^] is
608 specified to allow an amount of time (10 seconds, in the example) to
609 start the service which is to be tunnelled. If no connections are made
610 within the time specified, ssh will exit.
611
612X11 FORWARDING
613 If the ForwardX11 variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of the
614 -X, -x, and -Y options above) and the user is using X11 (the DISPLAY
615 environment variable is set), the connection to the X11 display is
616 automatically forwarded to the remote side in such a way that any X11
617 programs started from the shell (or command) will go through the
618 encrypted channel, and the connection to the real X server will be made
619 from the local machine. The user should not manually set DISPLAY.
620 Forwarding of X11 connections can be configured on the command line or in
621 configuration files.
622
623 The DISPLAY value set by ssh will point to the server machine, but with a
624 display number greater than zero. This is normal, and happens because
625 ssh creates a M-bM-^@M-^\proxyM-bM-^@M-^] X server on the server machine for forwarding the
626 connections over the encrypted channel.
627
628 ssh will also automatically set up Xauthority data on the server machine.
629 For this purpose, it will generate a random authorization cookie, store
630 it in Xauthority on the server, and verify that any forwarded connections
631 carry this cookie and replace it by the real cookie when the connection
632 is opened. The real authentication cookie is never sent to the server
633 machine (and no cookies are sent in the plain).
634
635 If the ForwardAgent variable is set to M-bM-^@M-^\yesM-bM-^@M-^] (or see the description of
636 the -A and -a options above) and the user is using an authentication
637 agent, the connection to the agent is automatically forwarded to the
638 remote side.
639
640VERIFYING HOST KEYS
641 When connecting to a server for the first time, a fingerprint of the
642 server's public key is presented to the user (unless the option
643 StrictHostKeyChecking has been disabled). Fingerprints can be determined
644 using ssh-keygen(1):
645
646 $ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
647
648 If the fingerprint is already known, it can be matched and the key can be
649 accepted or rejected. If only legacy (MD5) fingerprints for the server
650 are available, the ssh-keygen(1) -E option may be used to downgrade the
651 fingerprint algorithm to match.
652
653 Because of the difficulty of comparing host keys just by looking at
654 fingerprint strings, there is also support to compare host keys visually,
655 using random art. By setting the VisualHostKey option to M-bM-^@M-^\yesM-bM-^@M-^], a small
656 ASCII graphic gets displayed on every login to a server, no matter if the
657 session itself is interactive or not. By learning the pattern a known
658 server produces, a user can easily find out that the host key has changed
659 when a completely different pattern is displayed. Because these patterns
660 are not unambiguous however, a pattern that looks similar to the pattern
661 remembered only gives a good probability that the host key is the same,
662 not guaranteed proof.
663
664 To get a listing of the fingerprints along with their random art for all
665 known hosts, the following command line can be used:
666
667 $ ssh-keygen -lv -f ~/.ssh/known_hosts
668
669 If the fingerprint is unknown, an alternative method of verification is
670 available: SSH fingerprints verified by DNS. An additional resource
671 record (RR), SSHFP, is added to a zonefile and the connecting client is
672 able to match the fingerprint with that of the key presented.
673
674 In this example, we are connecting a client to a server,
675 M-bM-^@M-^\host.example.comM-bM-^@M-^]. The SSHFP resource records should first be added to
676 the zonefile for host.example.com:
677
678 $ ssh-keygen -r host.example.com.
679
680 The output lines will have to be added to the zonefile. To check that
681 the zone is answering fingerprint queries:
682
683 $ dig -t SSHFP host.example.com
684
685 Finally the client connects:
686
687 $ ssh -o "VerifyHostKeyDNS ask" host.example.com
688 [...]
689 Matching host key fingerprint found in DNS.
690 Are you sure you want to continue connecting (yes/no)?
691
692 See the VerifyHostKeyDNS option in ssh_config(5) for more information.
693
694SSH-BASED VIRTUAL PRIVATE NETWORKS
695 ssh contains support for Virtual Private Network (VPN) tunnelling using
696 the tun(4) network pseudo-device, allowing two networks to be joined
697 securely. The sshd_config(5) configuration option PermitTunnel controls
698 whether the server supports this, and at what level (layer 2 or 3
699 traffic).
700
701 The following example would connect client network 10.0.50.0/24 with
702 remote network 10.0.99.0/24 using a point-to-point connection from
703 10.1.1.1 to 10.1.1.2, provided that the SSH server running on the gateway
704 to the remote network, at 192.168.1.15, allows it.
705
706 On the client:
707
708 # ssh -f -w 0:1 192.168.1.15 true
709 # ifconfig tun0 10.1.1.1 10.1.1.2 netmask 255.255.255.252
710 # route add 10.0.99.0/24 10.1.1.2
711
712 On the server:
713
714 # ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.252
715 # route add 10.0.50.0/24 10.1.1.1
716
717 Client access may be more finely tuned via the /root/.ssh/authorized_keys
718 file (see below) and the PermitRootLogin server option. The following
719 entry would permit connections on tun(4) device 1 from user M-bM-^@M-^\janeM-bM-^@M-^] and on
720 tun device 2 from user M-bM-^@M-^\johnM-bM-^@M-^], if PermitRootLogin is set to
721 M-bM-^@M-^\forced-commands-onlyM-bM-^@M-^]:
722
723 tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane
724 tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john
725
726 Since an SSH-based setup entails a fair amount of overhead, it may be
727 more suited to temporary setups, such as for wireless VPNs. More
728 permanent VPNs are better provided by tools such as ipsecctl(8) and
729 isakmpd(8).
730
731ENVIRONMENT
732 ssh will normally set the following environment variables:
733
734 DISPLAY The DISPLAY variable indicates the location of the
735 X11 server. It is automatically set by ssh to
736 point to a value of the form M-bM-^@M-^\hostname:nM-bM-^@M-^], where
737 M-bM-^@M-^\hostnameM-bM-^@M-^] indicates the host where the shell runs,
738 and M-bM-^@M-^XnM-bM-^@M-^Y is an integer M-bM-^IM-% 1. ssh uses this special
739 value to forward X11 connections over the secure
740 channel. The user should normally not set DISPLAY
741 explicitly, as that will render the X11 connection
742 insecure (and will require the user to manually
743 copy any required authorization cookies).
744
745 HOME Set to the path of the user's home directory.
746
747 LOGNAME Synonym for USER; set for compatibility with
748 systems that use this variable.
749
750 MAIL Set to the path of the user's mailbox.
751
752 PATH Set to the default PATH, as specified when
753 compiling ssh.
754
755 SSH_ASKPASS If ssh needs a passphrase, it will read the
756 passphrase from the current terminal if it was run
757 from a terminal. If ssh does not have a terminal
758 associated with it but DISPLAY and SSH_ASKPASS are
759 set, it will execute the program specified by
760 SSH_ASKPASS and open an X11 window to read the
761 passphrase. This is particularly useful when
762 calling ssh from a .xsession or related script.
763 (Note that on some machines it may be necessary to
764 redirect the input from /dev/null to make this
765 work.)
766
767 SSH_AUTH_SOCK Identifies the path of a UNIX-domain socket used to
768 communicate with the agent.
769
770 SSH_CONNECTION Identifies the client and server ends of the
771 connection. The variable contains four space-
772 separated values: client IP address, client port
773 number, server IP address, and server port number.
774
775 SSH_ORIGINAL_COMMAND This variable contains the original command line if
776 a forced command is executed. It can be used to
777 extract the original arguments.
778
779 SSH_TTY This is set to the name of the tty (path to the
780 device) associated with the current shell or
781 command. If the current session has no tty, this
782 variable is not set.
783
784 TZ This variable is set to indicate the present time
785 zone if it was set when the daemon was started
786 (i.e. the daemon passes the value on to new
787 connections).
788
789 USER Set to the name of the user logging in.
790
791 Additionally, ssh reads ~/.ssh/environment, and adds lines of the format
792 M-bM-^@M-^\VARNAME=valueM-bM-^@M-^] to the environment if the file exists and users are
793 allowed to change their environment. For more information, see the
794 PermitUserEnvironment option in sshd_config(5).
795
796FILES
797 ~/.rhosts
798 This file is used for host-based authentication (see above). On
799 some machines this file may need to be world-readable if the
800 user's home directory is on an NFS partition, because sshd(8)
801 reads it as root. Additionally, this file must be owned by the
802 user, and must not have write permissions for anyone else. The
803 recommended permission for most machines is read/write for the
804 user, and not accessible by others.
805
806 ~/.shosts
807 This file is used in exactly the same way as .rhosts, but allows
808 host-based authentication without permitting login with
809 rlogin/rsh.
810
811 ~/.ssh/
812 This directory is the default location for all user-specific
813 configuration and authentication information. There is no
814 general requirement to keep the entire contents of this directory
815 secret, but the recommended permissions are read/write/execute
816 for the user, and not accessible by others.
817
818 ~/.ssh/authorized_keys
819 Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used
820 for logging in as this user. The format of this file is
821 described in the sshd(8) manual page. This file is not highly
822 sensitive, but the recommended permissions are read/write for the
823 user, and not accessible by others.
824
825 ~/.ssh/config
826 This is the per-user configuration file. The file format and
827 configuration options are described in ssh_config(5). Because of
828 the potential for abuse, this file must have strict permissions:
829 read/write for the user, and not writable by others.
830
831 ~/.ssh/environment
832 Contains additional definitions for environment variables; see
833 ENVIRONMENT, above.
834
835 ~/.ssh/identity
836 ~/.ssh/id_dsa
837 ~/.ssh/id_ecdsa
838 ~/.ssh/id_ed25519
839 ~/.ssh/id_rsa
840 Contains the private key for authentication. These files contain
841 sensitive data and should be readable by the user but not
842 accessible by others (read/write/execute). ssh will simply
843 ignore a private key file if it is accessible by others. It is
844 possible to specify a passphrase when generating the key which
845 will be used to encrypt the sensitive part of this file using
846 3DES.
847
848 ~/.ssh/identity.pub
849 ~/.ssh/id_dsa.pub
850 ~/.ssh/id_ecdsa.pub
851 ~/.ssh/id_ed25519.pub
852 ~/.ssh/id_rsa.pub
853 Contains the public key for authentication. These files are not
854 sensitive and can (but need not) be readable by anyone.
855
856 ~/.ssh/known_hosts
857 Contains a list of host keys for all hosts the user has logged
858 into that are not already in the systemwide list of known host
859 keys. See sshd(8) for further details of the format of this
860 file.
861
862 ~/.ssh/rc
863 Commands in this file are executed by ssh when the user logs in,
864 just before the user's shell (or command) is started. See the
865 sshd(8) manual page for more information.
866
867 /etc/hosts.equiv
868 This file is for host-based authentication (see above). It
869 should only be writable by root.
870
871 /etc/shosts.equiv
872 This file is used in exactly the same way as hosts.equiv, but
873 allows host-based authentication without permitting login with
874 rlogin/rsh.
875
876 /etc/ssh/ssh_config
877 Systemwide configuration file. The file format and configuration
878 options are described in ssh_config(5).
879
880 /etc/ssh/ssh_host_key
881 /etc/ssh/ssh_host_dsa_key
882 /etc/ssh/ssh_host_ecdsa_key
883 /etc/ssh/ssh_host_ed25519_key
884 /etc/ssh/ssh_host_rsa_key
885 These files contain the private parts of the host keys and are
886 used for host-based authentication.
887
888 /etc/ssh/ssh_known_hosts
889 Systemwide list of known host keys. This file should be prepared
890 by the system administrator to contain the public host keys of
891 all machines in the organization. It should be world-readable.
892 See sshd(8) for further details of the format of this file.
893
894 /etc/ssh/sshrc
895 Commands in this file are executed by ssh when the user logs in,
896 just before the user's shell (or command) is started. See the
897 sshd(8) manual page for more information.
898
899EXIT STATUS
900 ssh exits with the exit status of the remote command or with 255 if an
901 error occurred.
902
903SEE ALSO
904 scp(1), sftp(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), ssh-keyscan(1),
905 tun(4), ssh_config(5), ssh-keysign(8), sshd(8)
906
907STANDARDS
908 S. Lehtinen and C. Lonvick, The Secure Shell (SSH) Protocol Assigned
909 Numbers, RFC 4250, January 2006.
910
911 T. Ylonen and C. Lonvick, The Secure Shell (SSH) Protocol Architecture,
912 RFC 4251, January 2006.
913
914 T. Ylonen and C. Lonvick, The Secure Shell (SSH) Authentication Protocol,
915 RFC 4252, January 2006.
916
917 T. Ylonen and C. Lonvick, The Secure Shell (SSH) Transport Layer
918 Protocol, RFC 4253, January 2006.
919
920 T. Ylonen and C. Lonvick, The Secure Shell (SSH) Connection Protocol, RFC
921 4254, January 2006.
922
923 J. Schlyter and W. Griffin, Using DNS to Securely Publish Secure Shell
924 (SSH) Key Fingerprints, RFC 4255, January 2006.
925
926 F. Cusack and M. Forssen, Generic Message Exchange Authentication for the
927 Secure Shell Protocol (SSH), RFC 4256, January 2006.
928
929 J. Galbraith and P. Remaker, The Secure Shell (SSH) Session Channel Break
930 Extension, RFC 4335, January 2006.
931
932 M. Bellare, T. Kohno, and C. Namprempre, The Secure Shell (SSH) Transport
933 Layer Encryption Modes, RFC 4344, January 2006.
934
935 B. Harris, Improved Arcfour Modes for the Secure Shell (SSH) Transport
936 Layer Protocol, RFC 4345, January 2006.
937
938 M. Friedl, N. Provos, and W. Simpson, Diffie-Hellman Group Exchange for
939 the Secure Shell (SSH) Transport Layer Protocol, RFC 4419, March 2006.
940
941 J. Galbraith and R. Thayer, The Secure Shell (SSH) Public Key File
942 Format, RFC 4716, November 2006.
943
944 D. Stebila and J. Green, Elliptic Curve Algorithm Integration in the
945 Secure Shell Transport Layer, RFC 5656, December 2009.
946
947 A. Perrig and D. Song, Hash Visualization: a New Technique to improve
948 Real-World Security, 1999, International Workshop on Cryptographic
949 Techniques and E-Commerce (CrypTEC '99).
950
951AUTHORS
952 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
953 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
954 de Raadt and Dug Song removed many bugs, re-added newer features and
955 created OpenSSH. Markus Friedl contributed the support for SSH protocol
956 versions 1.5 and 2.0.
957
958OpenBSD 5.9 February 17, 2016 OpenBSD 5.9
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-29 08:44:42 +0000