summaryrefslogtreecommitdiff
path: root/ssh.1.in
diff options
context:
space:
mode:
Diffstat (limited to 'ssh.1.in')
-rw-r--r--ssh.1.in61
1 files changed, 32 insertions, 29 deletions
diff --git a/ssh.1.in b/ssh.1.in
index d2ac0f2c2..b93e1c8b4 100644
--- a/ssh.1.in
+++ b/ssh.1.in
@@ -9,7 +9,7 @@
9.\" 9.\"
10.\" Created: Sat Apr 22 21:55:14 1995 ylo 10.\" Created: Sat Apr 22 21:55:14 1995 ylo
11.\" 11.\"
12.\" $Id: ssh.1.in,v 1.2 2000/01/14 04:45:51 damien Exp $ 12.\" $Id: ssh.1.in,v 1.3 2000/01/20 11:44:09 damien Exp $
13.\" 13.\"
14.Dd September 25, 1999 14.Dd September 25, 1999
15.Dt SSH 1 15.Dt SSH 1
@@ -33,16 +33,16 @@
33.Op Fl p Ar port 33.Op Fl p Ar port
34.Oo Fl L Xo 34.Oo Fl L Xo
35.Sm off 35.Sm off
36.Ar host :
37.Ar port : 36.Ar port :
37.Ar host :
38.Ar hostport 38.Ar hostport
39.Sm on 39.Sm on
40.Xc 40.Xc
41.Oc 41.Oc
42.Oo Fl R Xo 42.Oo Fl R Xo
43.Sm off 43.Sm off
44.Ar host :
45.Ar port : 44.Ar port :
45.Ar host :
46.Ar hostport 46.Ar hostport
47.Sm on 47.Sm on
48.Xc 48.Xc
@@ -302,6 +302,8 @@ wants it in the background. This implies
302The recommended way to start X11 programs at a remote site is with 302The recommended way to start X11 programs at a remote site is with
303something like 303something like
304.Ic ssh -f host xterm . 304.Ic ssh -f host xterm .
305.It Fl g
306Allows remote hosts to connect to local forwarded ports.
305.It Fl i Ar identity_file 307.It Fl i Ar identity_file
306Selects the file from which the identity (private key) for 308Selects the file from which the identity (private key) for
307RSA authentication is read. Default is 309RSA authentication is read. Default is
@@ -312,8 +314,6 @@ multiple
312.Fl i 314.Fl i
313options (and multiple identities specified in 315options (and multiple identities specified in
314configuration files). 316configuration files).
315.It Fl g
316Allows remote hosts to connect to local forwarded ports.
317.It Fl k 317.It Fl k
318Disables forwarding of Kerberos tickets and AFS tokens. This may 318Disables forwarding of Kerberos tickets and AFS tokens. This may
319also be specified on a per-host basis in the configuration file. 319also be specified on a per-host basis in the configuration file.
@@ -378,7 +378,9 @@ Enables X11 forwarding.
378.It Fl C 378.It Fl C
379Requests compression of all data (including stdin, stdout, stderr, and 379Requests compression of all data (including stdin, stdout, stderr, and
380data for forwarded X11 and TCP/IP connections). The compression 380data for forwarded X11 and TCP/IP connections). The compression
381algorithm is the same used by gzip, and the 381algorithm is the same used by
382.Xr gzip 1 ,
383and the
382.Dq level 384.Dq level
383can be controlled by the 385can be controlled by the
384.Cm CompressionLevel 386.Cm CompressionLevel
@@ -486,6 +488,15 @@ user to supply the password. The argument must be
486.Dq yes 488.Dq yes
487or 489or
488.Dq no . 490.Dq no .
491.It Cm CheckHostIP
492If this flag is set to
493.Dq yes ,
494ssh will additionally check the host ip address in the
495.Pa known_hosts
496file. This allows ssh to detect if a host key changed due to DNS spoofing.
497If the option is set to
498.Dq no ,
499the check will not be executed.
489.It Cm Cipher 500.It Cm Cipher
490Specifies the cipher to use for encrypting the session. Currently, 501Specifies the cipher to use for encrypting the session. Currently,
491.Dq blowfish , 502.Dq blowfish ,
@@ -502,7 +513,8 @@ or
502Specifies the compression level to use if compression is enable. The 513Specifies the compression level to use if compression is enable. The
503argument must be an integer from 1 (fast) to 9 (slow, best). The 514argument must be an integer from 1 (fast) to 9 (slow, best). The
504default level is 6, which is good for most applications. The meaning 515default level is 6, which is good for most applications. The meaning
505of the values is the same as in GNU GZIP. 516of the values is the same as in
517.Xr gzip 1 .
506.It Cm ConnectionAttempts 518.It Cm ConnectionAttempts
507Specifies the number of tries (one per second) to make before falling 519Specifies the number of tries (one per second) to make before falling
508back to rsh or exiting. The argument must be an integer. This may be 520back to rsh or exiting. The argument must be an integer. This may be
@@ -610,12 +622,6 @@ first argument must be a port number, and the second must be
610host:port. Multiple forwardings may be specified, and additional 622host:port. Multiple forwardings may be specified, and additional
611forwardings can be given on the command line. Only the root can 623forwardings can be given on the command line. Only the root can
612forward privileged ports. 624forward privileged ports.
613.It Cm PasswordAuthentication
614Specifies whether to use password authentication. The argument to
615this keyword must be
616.Dq yes
617or
618.Dq no .
619.It Cm LogLevel 625.It Cm LogLevel
620Gives the verbosity level that is used when logging messages from 626Gives the verbosity level that is used when logging messages from
621.Nm ssh . 627.Nm ssh .
@@ -625,6 +631,12 @@ The default is INFO.
625.It Cm NumberOfPasswordPrompts 631.It Cm NumberOfPasswordPrompts
626Specifies the number of password prompts before giving up. The 632Specifies the number of password prompts before giving up. The
627argument to this keyword must be an integer. Default is 3. 633argument to this keyword must be an integer. Default is 3.
634.It Cm PasswordAuthentication
635Specifies whether to use password authentication. The argument to
636this keyword must be
637.Dq yes
638or
639.Dq no .
628.It Cm Port 640.It Cm Port
629Specifies the port number to connect on the remote host. Default is 641Specifies the port number to connect on the remote host. Default is
63022. 64222.
@@ -689,15 +701,6 @@ or
689.Dq no . 701.Dq no .
690The default is 702The default is
691.Dq no . 703.Dq no .
692.It Cm CheckHostIP
693If this flag is set to
694.Dq yes ,
695ssh will additionally check the host ip address in the
696.Pa known_hosts
697file. This allows ssh to detect if a host key changed due to DNS spoofing.
698If the option is set to
699.Dq no ,
700the check will not be executed.
701.It Cm StrictHostKeyChecking 704.It Cm StrictHostKeyChecking
702If this flag is set to 705If this flag is set to
703.Dq yes , 706.Dq yes ,
@@ -717,13 +720,6 @@ argument must be
717.Dq yes 720.Dq yes
718or 721or
719.Dq no . 722.Dq no .
720.It Cm User
721Specifies the user to log in as. This can be useful if you have a
722different user name in different machines. This saves the trouble of
723having to remember to give the user name on the command line.
724.It Cm UserKnownHostsFile
725Specifies a file to use instead of
726.Pa $HOME/.ssh/known_hosts .
727.It Cm UsePrivilegedPort 723.It Cm UsePrivilegedPort
728Specifies whether to use a privileged port for outgoing connections. 724Specifies whether to use a privileged port for outgoing connections.
729The argument must be 725The argument must be
@@ -738,6 +734,13 @@ turns off
738.Cm RhostsAuthentication 734.Cm RhostsAuthentication
739and 735and
740.Cm RhostsRSAAuthentication . 736.Cm RhostsRSAAuthentication .
737.It Cm User
738Specifies the user to log in as. This can be useful if you have a
739different user name in different machines. This saves the trouble of
740having to remember to give the user name on the command line.
741.It Cm UserKnownHostsFile
742Specifies a file to use instead of
743.Pa $HOME/.ssh/known_hosts .
741.It Cm UseRsh 744.It Cm UseRsh
742Specifies that rlogin/rsh should be used for this host. It is 745Specifies that rlogin/rsh should be used for this host. It is
743possible that the host does not at all support the 746possible that the host does not at all support the