diff options
Diffstat (limited to 'ssh.1')
-rw-r--r-- | ssh.1 | 32 |
1 files changed, 24 insertions, 8 deletions
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh.1,v 1.356 2015/03/03 06:48:58 djm Exp $ | 36 | .\" $OpenBSD: ssh.1,v 1.358 2015/05/22 05:28:45 djm Exp $ |
37 | .Dd $Mdocdate: March 3 2015 $ | 37 | .Dd $Mdocdate: May 22 2015 $ |
38 | .Dt SSH 1 | 38 | .Dt SSH 1 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -584,9 +584,9 @@ of SSH as a secure transport for other applications (eg.\& | |||
584 | .Xr sftp 1 ) . | 584 | .Xr sftp 1 ) . |
585 | The subsystem is specified as the remote command. | 585 | The subsystem is specified as the remote command. |
586 | .It Fl T | 586 | .It Fl T |
587 | Disable pseudo-tty allocation. | 587 | Disable pseudo-terminal allocation. |
588 | .It Fl t | 588 | .It Fl t |
589 | Force pseudo-tty allocation. | 589 | Force pseudo-terminal allocation. |
590 | This can be used to execute arbitrary | 590 | This can be used to execute arbitrary |
591 | screen-based programs on a remote machine, which can be very useful, | 591 | screen-based programs on a remote machine, which can be very useful, |
592 | e.g. when implementing menu services. | 592 | e.g. when implementing menu services. |
@@ -880,15 +880,26 @@ option can be used to control logins to machines whose | |||
880 | host key is not known or has changed. | 880 | host key is not known or has changed. |
881 | .Pp | 881 | .Pp |
882 | When the user's identity has been accepted by the server, the server | 882 | When the user's identity has been accepted by the server, the server |
883 | either executes the given command, or logs into the machine and gives | 883 | either executes the given command in a non-interactive session or, |
884 | the user a normal shell on the remote machine. | 884 | if no command has been specified, logs into the machine and gives |
885 | the user a normal shell as an interactive session. | ||
885 | All communication with | 886 | All communication with |
886 | the remote command or shell will be automatically encrypted. | 887 | the remote command or shell will be automatically encrypted. |
887 | .Pp | 888 | .Pp |
888 | If a pseudo-terminal has been allocated (normal login session), the | 889 | If an interactive session is requested |
890 | .Nm | ||
891 | by default will only request a pseudo-terminal (pty) for interactive | ||
892 | sessions when the client has one. | ||
893 | The flags | ||
894 | .Fl T | ||
895 | and | ||
896 | .Fl t | ||
897 | can be used to override this behaviour. | ||
898 | .Pp | ||
899 | If a pseudo-terminal has been allocated the | ||
889 | user may use the escape characters noted below. | 900 | user may use the escape characters noted below. |
890 | .Pp | 901 | .Pp |
891 | If no pseudo-tty has been allocated, | 902 | If no pseudo-terminal has been allocated, |
892 | the session is transparent and can be used to reliably transfer binary data. | 903 | the session is transparent and can be used to reliably transfer binary data. |
893 | On most systems, setting the escape character to | 904 | On most systems, setting the escape character to |
894 | .Dq none | 905 | .Dq none |
@@ -1099,6 +1110,11 @@ Fingerprints can be determined using | |||
1099 | .Pp | 1110 | .Pp |
1100 | If the fingerprint is already known, it can be matched | 1111 | If the fingerprint is already known, it can be matched |
1101 | and the key can be accepted or rejected. | 1112 | and the key can be accepted or rejected. |
1113 | If only legacy (MD5) fingerprints for the server are available, the | ||
1114 | .Xr ssh-keygen 1 | ||
1115 | .Fl E | ||
1116 | option may be used to downgrade the fingerprint algorithm to match. | ||
1117 | .Pp | ||
1102 | Because of the difficulty of comparing host keys | 1118 | Because of the difficulty of comparing host keys |
1103 | just by looking at fingerprint strings, | 1119 | just by looking at fingerprint strings, |
1104 | there is also support to compare host keys visually, | 1120 | there is also support to compare host keys visually, |