diff options
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 53 |
1 files changed, 29 insertions, 24 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index 06a32d314..dc010ccbd 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.322 2020/02/07 03:54:44 dtucker Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.325 2020/04/11 20:20:09 jmc Exp $ |
37 | .Dd $Mdocdate: February 7 2020 $ | 37 | .Dd $Mdocdate: April 11 2020 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -1125,12 +1125,15 @@ has been enabled. | |||
1125 | .It Cm LocalForward | 1125 | .It Cm LocalForward |
1126 | Specifies that a TCP port on the local machine be forwarded over | 1126 | Specifies that a TCP port on the local machine be forwarded over |
1127 | the secure channel to the specified host and port from the remote machine. | 1127 | the secure channel to the specified host and port from the remote machine. |
1128 | The first argument must be | 1128 | The first argument specifies the listener and may be |
1129 | .Sm off | 1129 | .Sm off |
1130 | .Oo Ar bind_address : Oc Ar port | 1130 | .Oo Ar bind_address : Oc Ar port |
1131 | .Sm on | 1131 | .Sm on |
1132 | and the second argument must be | 1132 | or a Unix domain socket path. |
1133 | .Ar host : Ns Ar hostport . | 1133 | The second argument is the destination and may be |
1134 | .Ar host : Ns Ar hostport | ||
1135 | or a Unix domain socket path if the remote host supports it. | ||
1136 | .Pp | ||
1134 | IPv6 addresses can be specified by enclosing addresses in square brackets. | 1137 | IPv6 addresses can be specified by enclosing addresses in square brackets. |
1135 | Multiple forwardings may be specified, and additional forwardings can be | 1138 | Multiple forwardings may be specified, and additional forwardings can be |
1136 | given on the command line. | 1139 | given on the command line. |
@@ -1149,6 +1152,9 @@ indicates that the listening port be bound for local use only, while an | |||
1149 | empty address or | 1152 | empty address or |
1150 | .Sq * | 1153 | .Sq * |
1151 | indicates that the port should be available from all interfaces. | 1154 | indicates that the port should be available from all interfaces. |
1155 | Unix domain socket paths accept the tokens described in the | ||
1156 | .Sx TOKENS | ||
1157 | section. | ||
1152 | .It Cm LogLevel | 1158 | .It Cm LogLevel |
1153 | Gives the verbosity level that is used when logging messages from | 1159 | Gives the verbosity level that is used when logging messages from |
1154 | .Xr ssh 1 . | 1160 | .Xr ssh 1 . |
@@ -1401,12 +1407,14 @@ the secure channel. | |||
1401 | The remote port may either be forwarded to a specified host and port | 1407 | The remote port may either be forwarded to a specified host and port |
1402 | from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote | 1408 | from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote |
1403 | client to connect to arbitrary destinations from the local machine. | 1409 | client to connect to arbitrary destinations from the local machine. |
1404 | The first argument must be | 1410 | The first argument is the listening specification and may be |
1405 | .Sm off | 1411 | .Sm off |
1406 | .Oo Ar bind_address : Oc Ar port | 1412 | .Oo Ar bind_address : Oc Ar port |
1407 | .Sm on | 1413 | .Sm on |
1414 | or, if the remote host supports it, a Unix domain socket path. | ||
1408 | If forwarding to a specific destination then the second argument must be | 1415 | If forwarding to a specific destination then the second argument must be |
1409 | .Ar host : Ns Ar hostport , | 1416 | .Ar host : Ns Ar hostport |
1417 | or a Unix domain socket path, | ||
1410 | otherwise if no destination argument is specified then the remote forwarding | 1418 | otherwise if no destination argument is specified then the remote forwarding |
1411 | will be established as a SOCKS proxy. | 1419 | will be established as a SOCKS proxy. |
1412 | .Pp | 1420 | .Pp |
@@ -1415,6 +1423,9 @@ Multiple forwardings may be specified, and additional | |||
1415 | forwardings can be given on the command line. | 1423 | forwardings can be given on the command line. |
1416 | Privileged ports can be forwarded only when | 1424 | Privileged ports can be forwarded only when |
1417 | logging in as root on the remote machine. | 1425 | logging in as root on the remote machine. |
1426 | Unix domain socket paths accept the tokens described in the | ||
1427 | .Sx TOKENS | ||
1428 | section. | ||
1418 | .Pp | 1429 | .Pp |
1419 | If the | 1430 | If the |
1420 | .Ar port | 1431 | .Ar port |
@@ -1845,31 +1856,25 @@ otherwise. | |||
1845 | The local username. | 1856 | The local username. |
1846 | .El | 1857 | .El |
1847 | .Pp | 1858 | .Pp |
1848 | .Cm Match exec | 1859 | .Cm CertificateFile , |
1849 | accepts the tokens %%, %h, %i, %L, %l, %n, %p, %r, and %u. | 1860 | .Cm ControlPath , |
1850 | .Pp | 1861 | .Cm IdentityAgent , |
1851 | .Cm CertificateFile | 1862 | .Cm IdentityFile , |
1852 | accepts the tokens %%, %d, %h, %i, %l, %r, and %u. | 1863 | .Cm LocalForward , |
1853 | .Pp | 1864 | .Cm Match exec , |
1854 | .Cm ControlPath | 1865 | .Cm RemoteCommand , |
1855 | accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and %u. | 1866 | and |
1867 | .Cm RemoteForward | ||
1868 | accept the tokens %%, %C, %d, %h, %i, %L, %l, %n, %p, %r, and %u. | ||
1856 | .Pp | 1869 | .Pp |
1857 | .Cm Hostname | 1870 | .Cm Hostname |
1858 | accepts the tokens %% and %h. | 1871 | accepts the tokens %% and %h. |
1859 | .Pp | 1872 | .Pp |
1860 | .Cm IdentityAgent | ||
1861 | and | ||
1862 | .Cm IdentityFile | ||
1863 | accept the tokens %%, %d, %h, %i, %l, %r, and %u. | ||
1864 | .Pp | ||
1865 | .Cm LocalCommand | 1873 | .Cm LocalCommand |
1866 | accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, %T, and %u. | 1874 | accepts all tokens. |
1867 | .Pp | 1875 | .Pp |
1868 | .Cm ProxyCommand | 1876 | .Cm ProxyCommand |
1869 | accepts the tokens %%, %h, %n, %p, and %r. | 1877 | accepts the tokens %%, %h, %n, %p, and %r. |
1870 | .Pp | ||
1871 | .Cm RemoteCommand | ||
1872 | accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, and %u. | ||
1873 | .Sh FILES | 1878 | .Sh FILES |
1874 | .Bl -tag -width Ds | 1879 | .Bl -tag -width Ds |
1875 | .It Pa ~/.ssh/config | 1880 | .It Pa ~/.ssh/config |