diff options
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 77 |
1 files changed, 4 insertions, 73 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index c9dca08d8..a565f330d 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.244 2017/04/28 06:15:03 jmc Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.245 2017/04/30 23:18:22 djm Exp $ |
37 | .Dd $Mdocdate: April 28 2017 $ | 37 | .Dd $Mdocdate: April 30 2017 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -391,25 +391,8 @@ in the process, regardless of the setting of | |||
391 | If the option is set to | 391 | If the option is set to |
392 | .Cm no , | 392 | .Cm no , |
393 | the check will not be executed. | 393 | the check will not be executed. |
394 | .It Cm Cipher | ||
395 | Specifies the cipher to use for encrypting the session | ||
396 | in protocol version 1. | ||
397 | Currently, | ||
398 | .Cm blowfish , | ||
399 | .Cm 3des | ||
400 | (the default), | ||
401 | and | ||
402 | .Cm des | ||
403 | are supported, | ||
404 | though | ||
405 | .Cm des | ||
406 | is only supported in the | ||
407 | .Xr ssh 1 | ||
408 | client for interoperability with legacy protocol 1 implementations; | ||
409 | its use is strongly discouraged due to cryptographic weaknesses. | ||
410 | .It Cm Ciphers | 394 | .It Cm Ciphers |
411 | Specifies the ciphers allowed for protocol version 2 | 395 | Specifies the ciphers allowed and their order of preference. |
412 | in order of preference. | ||
413 | Multiple ciphers must be comma-separated. | 396 | Multiple ciphers must be comma-separated. |
414 | If the specified value begins with a | 397 | If the specified value begins with a |
415 | .Sq + | 398 | .Sq + |
@@ -472,18 +455,6 @@ The argument must be | |||
472 | or | 455 | or |
473 | .Cm no | 456 | .Cm no |
474 | (the default). | 457 | (the default). |
475 | .It Cm CompressionLevel | ||
476 | Specifies the compression level to use if compression is enabled. | ||
477 | The argument must be an integer from 1 (fast) to 9 (slow, best). | ||
478 | The default level is 6, which is good for most applications. | ||
479 | The meaning of the values is the same as in | ||
480 | .Xr gzip 1 . | ||
481 | Note that this option applies to protocol version 1 only. | ||
482 | .It Cm ConnectionAttempts | ||
483 | Specifies the number of tries (one per second) to make before exiting. | ||
484 | The argument must be an integer. | ||
485 | This may be useful in scripts if the connection sometimes fails. | ||
486 | The default is 1. | ||
487 | .It Cm ConnectTimeout | 458 | .It Cm ConnectTimeout |
488 | Specifies the timeout (in seconds) used when connecting to the | 459 | Specifies the timeout (in seconds) used when connecting to the |
489 | SSH server, instead of using the default system TCP timeout. | 460 | SSH server, instead of using the default system TCP timeout. |
@@ -902,14 +873,11 @@ section. | |||
902 | Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication | 873 | Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication |
903 | identity is read. | 874 | identity is read. |
904 | The default is | 875 | The default is |
905 | .Pa ~/.ssh/identity | ||
906 | for protocol version 1, and | ||
907 | .Pa ~/.ssh/id_dsa , | 876 | .Pa ~/.ssh/id_dsa , |
908 | .Pa ~/.ssh/id_ecdsa , | 877 | .Pa ~/.ssh/id_ecdsa , |
909 | .Pa ~/.ssh/id_ed25519 | 878 | .Pa ~/.ssh/id_ed25519 |
910 | and | 879 | and |
911 | .Pa ~/.ssh/id_rsa | 880 | .Pa ~/.ssh/id_rsa . |
912 | for protocol version 2. | ||
913 | Additionally, any identities represented by the authentication agent | 881 | Additionally, any identities represented by the authentication agent |
914 | will be used for authentication unless | 882 | will be used for authentication unless |
915 | .Cm IdentitiesOnly | 883 | .Cm IdentitiesOnly |
@@ -1192,21 +1160,6 @@ The default is: | |||
1192 | gssapi-with-mic,hostbased,publickey, | 1160 | gssapi-with-mic,hostbased,publickey, |
1193 | keyboard-interactive,password | 1161 | keyboard-interactive,password |
1194 | .Ed | 1162 | .Ed |
1195 | .It Cm Protocol | ||
1196 | Specifies the protocol versions | ||
1197 | .Xr ssh 1 | ||
1198 | should support in order of preference. | ||
1199 | The possible values are 1 and 2. | ||
1200 | Multiple versions must be comma-separated. | ||
1201 | When this option is set to | ||
1202 | .Cm 2,1 | ||
1203 | .Nm ssh | ||
1204 | will try version 2 and fall back to version 1 | ||
1205 | if version 2 is not available. | ||
1206 | The default is version 2. | ||
1207 | Protocol 1 suffers from a number of cryptographic weaknesses and should | ||
1208 | not be used. | ||
1209 | It is only offered to support legacy devices. | ||
1210 | .It Cm ProxyCommand | 1163 | .It Cm ProxyCommand |
1211 | Specifies the command to use to connect to the server. | 1164 | Specifies the command to use to connect to the server. |
1212 | The command | 1165 | The command |
@@ -1397,28 +1350,6 @@ an OpenSSH Key Revocation List (KRL) as generated by | |||
1397 | .Xr ssh-keygen 1 . | 1350 | .Xr ssh-keygen 1 . |
1398 | For more information on KRLs, see the KEY REVOCATION LISTS section in | 1351 | For more information on KRLs, see the KEY REVOCATION LISTS section in |
1399 | .Xr ssh-keygen 1 . | 1352 | .Xr ssh-keygen 1 . |
1400 | .It Cm RhostsRSAAuthentication | ||
1401 | Specifies whether to try rhosts based authentication with RSA host | ||
1402 | authentication. | ||
1403 | The argument must be | ||
1404 | .Cm yes | ||
1405 | or | ||
1406 | .Cm no | ||
1407 | (the default). | ||
1408 | This option applies to protocol version 1 only and requires | ||
1409 | .Xr ssh 1 | ||
1410 | to be setuid root. | ||
1411 | .It Cm RSAAuthentication | ||
1412 | Specifies whether to try RSA authentication. | ||
1413 | The argument to this keyword must be | ||
1414 | .Cm yes | ||
1415 | (the default) | ||
1416 | or | ||
1417 | .Cm no . | ||
1418 | RSA authentication will only be | ||
1419 | attempted if the identity file exists, or an authentication agent is | ||
1420 | running. | ||
1421 | Note that this option applies to protocol version 1 only. | ||
1422 | .It Cm SendEnv | 1353 | .It Cm SendEnv |
1423 | Specifies what variables from the local | 1354 | Specifies what variables from the local |
1424 | .Xr environ 7 | 1355 | .Xr environ 7 |