diff options
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 85 |
1 files changed, 69 insertions, 16 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index 2574b1004..080d289a7 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.325 2020/04/11 20:20:09 jmc Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.332 2020/08/11 09:49:57 djm Exp $ |
37 | .Dd $Mdocdate: April 11 2020 $ | 37 | .Dd $Mdocdate: August 11 2020 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -268,13 +268,22 @@ option was specified to | |||
268 | If this option is set to | 268 | If this option is set to |
269 | .Cm no , | 269 | .Cm no , |
270 | no keys are added to the agent. | 270 | no keys are added to the agent. |
271 | Alternately, this option may be specified as a time interval | ||
272 | using the format described in the | ||
273 | .Sx TIME FORMATS | ||
274 | section of | ||
275 | .Xr sshd_config 5 | ||
276 | to specify the key's lifetime in | ||
277 | .Xr ssh-agent 1 , | ||
278 | after which it will automatically be removed. | ||
271 | The argument must be | 279 | The argument must be |
272 | .Cm yes , | ||
273 | .Cm confirm , | ||
274 | .Cm ask , | ||
275 | or | ||
276 | .Cm no | 280 | .Cm no |
277 | (the default). | 281 | (the default), |
282 | .Cm yes , | ||
283 | .Cm confirm | ||
284 | (optionally followed by a time interval), | ||
285 | .Cm ask | ||
286 | or a time interval. | ||
278 | .It Cm AddressFamily | 287 | .It Cm AddressFamily |
279 | Specifies which address family to use when connecting. | 288 | Specifies which address family to use when connecting. |
280 | Valid arguments are | 289 | Valid arguments are |
@@ -416,9 +425,11 @@ or | |||
416 | .Pp | 425 | .Pp |
417 | Arguments to | 426 | Arguments to |
418 | .Cm CertificateFile | 427 | .Cm CertificateFile |
419 | may use the tilde syntax to refer to a user's home directory | 428 | may use the tilde syntax to refer to a user's home directory, |
420 | or the tokens described in the | 429 | the tokens described in the |
421 | .Sx TOKENS | 430 | .Sx TOKENS |
431 | section and environment variables as described in the | ||
432 | .Sx ENVIRONMENT VARIABLES | ||
422 | section. | 433 | section. |
423 | .Pp | 434 | .Pp |
424 | It is possible to have multiple certificate files specified in | 435 | It is possible to have multiple certificate files specified in |
@@ -578,9 +589,11 @@ section above or the string | |||
578 | to disable connection sharing. | 589 | to disable connection sharing. |
579 | Arguments to | 590 | Arguments to |
580 | .Cm ControlPath | 591 | .Cm ControlPath |
581 | may use the tilde syntax to refer to a user's home directory | 592 | may use the tilde syntax to refer to a user's home directory, |
582 | or the tokens described in the | 593 | the tokens described in the |
583 | .Sx TOKENS | 594 | .Sx TOKENS |
595 | section and environment variables as described in the | ||
596 | .Sx ENVIRONMENT VARIABLES | ||
584 | section. | 597 | section. |
585 | It is recommended that any | 598 | It is recommended that any |
586 | .Cm ControlPath | 599 | .Cm ControlPath |
@@ -1022,9 +1035,11 @@ the location of the socket. | |||
1022 | .Pp | 1035 | .Pp |
1023 | Arguments to | 1036 | Arguments to |
1024 | .Cm IdentityAgent | 1037 | .Cm IdentityAgent |
1025 | may use the tilde syntax to refer to a user's home directory | 1038 | may use the tilde syntax to refer to a user's home directory, |
1026 | or the tokens described in the | 1039 | the tokens described in the |
1027 | .Sx TOKENS | 1040 | .Sx TOKENS |
1041 | section and environment variables as described in the | ||
1042 | .Sx ENVIRONMENT VARIABLES | ||
1028 | section. | 1043 | section. |
1029 | .It Cm IdentityFile | 1044 | .It Cm IdentityFile |
1030 | Specifies a file from which the user's DSA, ECDSA, authenticator-hosted ECDSA, | 1045 | Specifies a file from which the user's DSA, ECDSA, authenticator-hosted ECDSA, |
@@ -1092,6 +1107,7 @@ Multiple pathnames may be specified and each pathname may contain | |||
1092 | wildcards and, for user configurations, shell-like | 1107 | wildcards and, for user configurations, shell-like |
1093 | .Sq ~ | 1108 | .Sq ~ |
1094 | references to user home directories. | 1109 | references to user home directories. |
1110 | Wildcards will be expanded and processed in lexical order. | ||
1095 | Files without absolute paths are assumed to be in | 1111 | Files without absolute paths are assumed to be in |
1096 | .Pa ~/.ssh | 1112 | .Pa ~/.ssh |
1097 | if included in a user configuration file or | 1113 | if included in a user configuration file or |
@@ -1238,8 +1254,10 @@ indicates that the listening port be bound for local use only, while an | |||
1238 | empty address or | 1254 | empty address or |
1239 | .Sq * | 1255 | .Sq * |
1240 | indicates that the port should be available from all interfaces. | 1256 | indicates that the port should be available from all interfaces. |
1241 | Unix domain socket paths accept the tokens described in the | 1257 | Unix domain socket paths may use the tokens described in the |
1242 | .Sx TOKENS | 1258 | .Sx TOKENS |
1259 | section and environment variables as described in the | ||
1260 | .Sx ENVIRONMENT VARIABLES | ||
1243 | section. | 1261 | section. |
1244 | .It Cm LogLevel | 1262 | .It Cm LogLevel |
1245 | Gives the verbosity level that is used when logging messages from | 1263 | Gives the verbosity level that is used when logging messages from |
@@ -1509,8 +1527,10 @@ Multiple forwardings may be specified, and additional | |||
1509 | forwardings can be given on the command line. | 1527 | forwardings can be given on the command line. |
1510 | Privileged ports can be forwarded only when | 1528 | Privileged ports can be forwarded only when |
1511 | logging in as root on the remote machine. | 1529 | logging in as root on the remote machine. |
1512 | Unix domain socket paths accept the tokens described in the | 1530 | Unix domain socket paths may use the tokens described in the |
1513 | .Sx TOKENS | 1531 | .Sx TOKENS |
1532 | section and environment variables as described in the | ||
1533 | .Sx ENVIRONMENT VARIABLES | ||
1514 | section. | 1534 | section. |
1515 | .Pp | 1535 | .Pp |
1516 | If the | 1536 | If the |
@@ -1826,6 +1846,12 @@ having to remember to give the user name on the command line. | |||
1826 | .It Cm UserKnownHostsFile | 1846 | .It Cm UserKnownHostsFile |
1827 | Specifies one or more files to use for the user | 1847 | Specifies one or more files to use for the user |
1828 | host key database, separated by whitespace. | 1848 | host key database, separated by whitespace. |
1849 | Each filename may use tilde notation to refer to the user's home directory, | ||
1850 | the tokens described in the | ||
1851 | .Sx TOKENS | ||
1852 | section and environment variables as described in the | ||
1853 | .Sx ENVIRONMENT VARIABLES | ||
1854 | section. | ||
1829 | The default is | 1855 | The default is |
1830 | .Pa ~/.ssh/known_hosts , | 1856 | .Pa ~/.ssh/known_hosts , |
1831 | .Pa ~/.ssh/known_hosts2 . | 1857 | .Pa ~/.ssh/known_hosts2 . |
@@ -1932,6 +1958,9 @@ Local user's home directory. | |||
1932 | The remote hostname. | 1958 | The remote hostname. |
1933 | .It %i | 1959 | .It %i |
1934 | The local user ID. | 1960 | The local user ID. |
1961 | .It %k | ||
1962 | The host key alias if specified, otherwise the orignal remote hostname given | ||
1963 | on the command line. | ||
1935 | .It %L | 1964 | .It %L |
1936 | The local hostname. | 1965 | The local hostname. |
1937 | .It %l | 1966 | .It %l |
@@ -1962,8 +1991,9 @@ The local username. | |||
1962 | .Cm LocalForward , | 1991 | .Cm LocalForward , |
1963 | .Cm Match exec , | 1992 | .Cm Match exec , |
1964 | .Cm RemoteCommand , | 1993 | .Cm RemoteCommand , |
1994 | .Cm RemoteForward , | ||
1965 | and | 1995 | and |
1966 | .Cm RemoteForward | 1996 | .Cm UserKnownHostsFile |
1967 | accept the tokens %%, %C, %d, %h, %i, %L, %l, %n, %p, %r, and %u. | 1997 | accept the tokens %%, %C, %d, %h, %i, %L, %l, %n, %p, %r, and %u. |
1968 | .Pp | 1998 | .Pp |
1969 | .Cm Hostname | 1999 | .Cm Hostname |
@@ -1974,6 +2004,29 @@ accepts all tokens. | |||
1974 | .Pp | 2004 | .Pp |
1975 | .Cm ProxyCommand | 2005 | .Cm ProxyCommand |
1976 | accepts the tokens %%, %h, %n, %p, and %r. | 2006 | accepts the tokens %%, %h, %n, %p, and %r. |
2007 | .Sh ENVIRONMENT VARIABLES | ||
2008 | Arguments to some keywords can be expanded at runtime from environment | ||
2009 | variables on the client by enclosing them in | ||
2010 | .Ic ${} , | ||
2011 | for example | ||
2012 | .Ic ${HOME}/.ssh | ||
2013 | would refer to the user's .ssh directory. | ||
2014 | If a specified environment variable does not exist then an error will be | ||
2015 | returned and the setting for that keyword will be ignored. | ||
2016 | .Pp | ||
2017 | The keywords | ||
2018 | .Cm CertificateFile , | ||
2019 | .Cm ControlPath , | ||
2020 | .Cm IdentityAgent , | ||
2021 | .Cm IdentityFile | ||
2022 | and | ||
2023 | .Cm UserKnownHostsFile | ||
2024 | support environment variables. | ||
2025 | The keywords | ||
2026 | .Cm LocalForward | ||
2027 | and | ||
2028 | .Cm RemoteForward | ||
2029 | support environment variables only for Unix domain socket paths. | ||
1977 | .Sh FILES | 2030 | .Sh FILES |
1978 | .Bl -tag -width Ds | 2031 | .Bl -tag -width Ds |
1979 | .It Pa ~/.ssh/config | 2032 | .It Pa ~/.ssh/config |