summaryrefslogtreecommitdiff
path: root/ssh.1
diff options
context:
space:
mode:
Diffstat (limited to 'ssh.1')
-rw-r--r--ssh.128
1 files changed, 14 insertions, 14 deletions
diff --git a/ssh.1 b/ssh.1
index 36703e205..10054445c 100644
--- a/ssh.1
+++ b/ssh.1
@@ -9,7 +9,7 @@
9.\" 9.\"
10.\" Created: Sat Apr 22 21:55:14 1995 ylo 10.\" Created: Sat Apr 22 21:55:14 1995 ylo
11.\" 11.\"
12.\" $Id: ssh.1,v 1.3 1999/10/28 23:15:50 damien Exp $ 12.\" $Id: ssh.1,v 1.4 1999/10/28 23:17:36 damien Exp $
13.\" 13.\"
14.Dd September 25, 1999 14.Dd September 25, 1999
15.Dt SSH 1 15.Dt SSH 1
@@ -66,7 +66,7 @@ his/her identity to the remote machine using one of several methods.
66First, if the machine the user logs in from is listed in 66First, if the machine the user logs in from is listed in
67.Pa /etc/hosts.equiv 67.Pa /etc/hosts.equiv
68or 68or
69.Pa /etc/shosts.equiv 69.Pa /etc/ssh/shosts.equiv
70on the remote machine, and the user names are 70on the remote machine, and the user names are
71the same on both sides, the user is immediately permitted to log in. 71the same on both sides, the user is immediately permitted to log in.
72Second, if 72Second, if
@@ -89,10 +89,10 @@ means that if the login would be permitted by
89.Pa \&.shosts , 89.Pa \&.shosts ,
90.Pa /etc/hosts.equiv , 90.Pa /etc/hosts.equiv ,
91or 91or
92.Pa /etc/shosts.equiv , 92.Pa /etc/ssh/shosts.equiv ,
93and if additionally the server can verify the client's 93and if additionally the server can verify the client's
94host key (see 94host key (see
95.Pa /etc/ssh_known_hosts 95.Pa /etc/ssh/ssh_known_hosts
96in the 96in the
97.Sx FILES 97.Sx FILES
98section), only then login is 98section), only then login is
@@ -248,7 +248,7 @@ identifications for all hosts it has ever been used with. The
248database is stored in 248database is stored in
249.Pa \&.ssh/known_hosts 249.Pa \&.ssh/known_hosts
250in the user's home directory. Additionally, the file 250in the user's home directory. Additionally, the file
251.Pa /etc/ssh_known_hosts 251.Pa /etc/ssh/ssh_known_hosts
252is automatically checked for known hosts. Any new hosts are 252is automatically checked for known hosts. Any new hosts are
253automatically added to the user's file. If a host's identification 253automatically added to the user's file. If a host's identification
254ever changes, 254ever changes,
@@ -416,7 +416,7 @@ obtains configuration data from the following sources (in this order):
416command line options, user's configuration file 416command line options, user's configuration file
417.Pq Pa $HOME/.ssh/config , 417.Pq Pa $HOME/.ssh/config ,
418and system-wide configuration file 418and system-wide configuration file
419.Pq Pa /etc/ssh_config . 419.Pq Pa /etc/ssh/ssh_config .
420For each parameter, the first obtained value 420For each parameter, the first obtained value
421will be used. The configuration files contain sections bracketed by 421will be used. The configuration files contain sections bracketed by
422"Host" specifications, and that section is only applied for hosts that 422"Host" specifications, and that section is only applied for hosts that
@@ -540,7 +540,7 @@ The default is
540.Dq no . 540.Dq no .
541.It Cm GlobalKnownHostsFile 541.It Cm GlobalKnownHostsFile
542Specifies a file to use instead of 542Specifies a file to use instead of
543.Pa /etc/ssh_known_hosts . 543.Pa /etc/ssh/ssh_known_hosts .
544.It Cm HostName 544.It Cm HostName
545Specifies the real host name to log into. This can be used to specify 545Specifies the real host name to log into. This can be used to specify
546nicnames or abbreviations for hosts. Default is the name given on the 546nicnames or abbreviations for hosts. Default is the name given on the
@@ -672,7 +672,7 @@ ssh will never automatically add host keys to the
672file, and refuses to connect hosts whose host key has changed. This 672file, and refuses to connect hosts whose host key has changed. This
673provides maximum protection against trojan horse attacks. However, it 673provides maximum protection against trojan horse attacks. However, it
674can be somewhat annoying if you don't have good 674can be somewhat annoying if you don't have good
675.Pa /etc/ssh_known_hosts 675.Pa /etc/ssh/ssh_known_hosts
676files installed and frequently 676files installed and frequently
677connect new hosts. Basically this option forces the user to manually 677connect new hosts. Basically this option forces the user to manually
678add any new hosts. Normally this option is disabled, and new hosts 678add any new hosts. Normally this option is disabled, and new hosts
@@ -779,7 +779,7 @@ to the environment.
779.It Pa $HOME/.ssh/known_hosts 779.It Pa $HOME/.ssh/known_hosts
780Records host keys for all hosts the user has logged into (that are not 780Records host keys for all hosts the user has logged into (that are not
781in 781in
782.Pa /etc/ssh_known_hosts ) . 782.Pa /etc/ssh/ssh_known_hosts ) .
783See 783See
784.Xr sshd 8 . 784.Xr sshd 8 .
785.It Pa $HOME/.ssh/random_seed 785.It Pa $HOME/.ssh/random_seed
@@ -824,7 +824,7 @@ identity files (that is, each line contains the number of bits in
824modulus, public exponent, modulus, and comment fields, separated by 824modulus, public exponent, modulus, and comment fields, separated by
825spaces). This file is not highly sensitive, but the recommended 825spaces). This file is not highly sensitive, but the recommended
826permissions are read/write for the user, and not accessible by others. 826permissions are read/write for the user, and not accessible by others.
827.It Pa /etc/ssh_known_hosts 827.It Pa /etc/ssh/ssh_known_hosts
828Systemwide list of known host keys. This file should be prepared by the 828Systemwide list of known host keys. This file should be prepared by the
829system administrator to contain the public host keys of all machines in the 829system administrator to contain the public host keys of all machines in the
830organization. This file should be world-readable. This file contains 830organization. This file should be world-readable. This file contains
@@ -843,7 +843,7 @@ to verify the client host when logging in; other names are needed because
843does not convert the user-supplied name to a canonical name before 843does not convert the user-supplied name to a canonical name before
844checking the key, because someone with access to the name servers 844checking the key, because someone with access to the name servers
845would then be able to fool host authentication. 845would then be able to fool host authentication.
846.It Pa /etc/ssh_config 846.It Pa /etc/ssh/ssh_config
847Systemwide configuration file. This file provides defaults for those 847Systemwide configuration file. This file provides defaults for those
848values that are not specified in the user's configuration file, and 848values that are not specified in the user's configuration file, and
849for those users who do not have a configuration file. This file must 849for those users who do not have a configuration file. This file must
@@ -870,7 +870,7 @@ Note that by default
870will be installed so that it requires successful RSA host 870will be installed so that it requires successful RSA host
871authentication before permitting \s+2.\s0rhosts authentication. If your 871authentication before permitting \s+2.\s0rhosts authentication. If your
872server machine does not have the client's host key in 872server machine does not have the client's host key in
873.Pa /etc/ssh_known_hosts , 873.Pa /etc/ssh/ssh_known_hosts ,
874you can store it in 874you can store it in
875.Pa $HOME/.ssh/known_hosts . 875.Pa $HOME/.ssh/known_hosts .
876The easiest way to do this is to 876The easiest way to do this is to
@@ -897,13 +897,13 @@ manual page). If the client host is found in this file, login is
897automatically permitted provided client and server user names are the 897automatically permitted provided client and server user names are the
898same. Additionally, successful RSA host authentication is normally 898same. Additionally, successful RSA host authentication is normally
899required. This file should only be writable by root. 899required. This file should only be writable by root.
900.It Pa /etc/shosts.equiv 900.It Pa /etc/ssh/shosts.equiv
901This file is processed exactly as 901This file is processed exactly as
902.Pa /etc/hosts.equiv . 902.Pa /etc/hosts.equiv .
903This file may be useful to permit logins using 903This file may be useful to permit logins using
904.Nm 904.Nm
905but not using rsh/rlogin. 905but not using rsh/rlogin.
906.It Pa /etc/sshrc 906.It Pa /etc/ssh/sshrc
907Commands in this file are executed by 907Commands in this file are executed by
908.Nm 908.Nm
909when the user logs in just before the user's shell (or command) is started. 909when the user logs in just before the user's shell (or command) is started.