diff options
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 85 |
1 files changed, 69 insertions, 16 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index dc010ccbd..6be1f1aa2 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.325 2020/04/11 20:20:09 jmc Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.332 2020/08/11 09:49:57 djm Exp $ |
37 | .Dd $Mdocdate: April 11 2020 $ | 37 | .Dd $Mdocdate: August 11 2020 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -245,13 +245,22 @@ option was specified to | |||
245 | If this option is set to | 245 | If this option is set to |
246 | .Cm no , | 246 | .Cm no , |
247 | no keys are added to the agent. | 247 | no keys are added to the agent. |
248 | Alternately, this option may be specified as a time interval | ||
249 | using the format described in the | ||
250 | .Sx TIME FORMATS | ||
251 | section of | ||
252 | .Xr sshd_config 5 | ||
253 | to specify the key's lifetime in | ||
254 | .Xr ssh-agent 1 , | ||
255 | after which it will automatically be removed. | ||
248 | The argument must be | 256 | The argument must be |
249 | .Cm yes , | ||
250 | .Cm confirm , | ||
251 | .Cm ask , | ||
252 | or | ||
253 | .Cm no | 257 | .Cm no |
254 | (the default). | 258 | (the default), |
259 | .Cm yes , | ||
260 | .Cm confirm | ||
261 | (optionally followed by a time interval), | ||
262 | .Cm ask | ||
263 | or a time interval. | ||
255 | .It Cm AddressFamily | 264 | .It Cm AddressFamily |
256 | Specifies which address family to use when connecting. | 265 | Specifies which address family to use when connecting. |
257 | Valid arguments are | 266 | Valid arguments are |
@@ -389,9 +398,11 @@ or | |||
389 | .Pp | 398 | .Pp |
390 | Arguments to | 399 | Arguments to |
391 | .Cm CertificateFile | 400 | .Cm CertificateFile |
392 | may use the tilde syntax to refer to a user's home directory | 401 | may use the tilde syntax to refer to a user's home directory, |
393 | or the tokens described in the | 402 | the tokens described in the |
394 | .Sx TOKENS | 403 | .Sx TOKENS |
404 | section and environment variables as described in the | ||
405 | .Sx ENVIRONMENT VARIABLES | ||
395 | section. | 406 | section. |
396 | .Pp | 407 | .Pp |
397 | It is possible to have multiple certificate files specified in | 408 | It is possible to have multiple certificate files specified in |
@@ -551,9 +562,11 @@ section above or the string | |||
551 | to disable connection sharing. | 562 | to disable connection sharing. |
552 | Arguments to | 563 | Arguments to |
553 | .Cm ControlPath | 564 | .Cm ControlPath |
554 | may use the tilde syntax to refer to a user's home directory | 565 | may use the tilde syntax to refer to a user's home directory, |
555 | or the tokens described in the | 566 | the tokens described in the |
556 | .Sx TOKENS | 567 | .Sx TOKENS |
568 | section and environment variables as described in the | ||
569 | .Sx ENVIRONMENT VARIABLES | ||
557 | section. | 570 | section. |
558 | It is recommended that any | 571 | It is recommended that any |
559 | .Cm ControlPath | 572 | .Cm ControlPath |
@@ -934,9 +947,11 @@ the location of the socket. | |||
934 | .Pp | 947 | .Pp |
935 | Arguments to | 948 | Arguments to |
936 | .Cm IdentityAgent | 949 | .Cm IdentityAgent |
937 | may use the tilde syntax to refer to a user's home directory | 950 | may use the tilde syntax to refer to a user's home directory, |
938 | or the tokens described in the | 951 | the tokens described in the |
939 | .Sx TOKENS | 952 | .Sx TOKENS |
953 | section and environment variables as described in the | ||
954 | .Sx ENVIRONMENT VARIABLES | ||
940 | section. | 955 | section. |
941 | .It Cm IdentityFile | 956 | .It Cm IdentityFile |
942 | Specifies a file from which the user's DSA, ECDSA, authenticator-hosted ECDSA, | 957 | Specifies a file from which the user's DSA, ECDSA, authenticator-hosted ECDSA, |
@@ -1004,6 +1019,7 @@ Multiple pathnames may be specified and each pathname may contain | |||
1004 | wildcards and, for user configurations, shell-like | 1019 | wildcards and, for user configurations, shell-like |
1005 | .Sq ~ | 1020 | .Sq ~ |
1006 | references to user home directories. | 1021 | references to user home directories. |
1022 | Wildcards will be expanded and processed in lexical order. | ||
1007 | Files without absolute paths are assumed to be in | 1023 | Files without absolute paths are assumed to be in |
1008 | .Pa ~/.ssh | 1024 | .Pa ~/.ssh |
1009 | if included in a user configuration file or | 1025 | if included in a user configuration file or |
@@ -1152,8 +1168,10 @@ indicates that the listening port be bound for local use only, while an | |||
1152 | empty address or | 1168 | empty address or |
1153 | .Sq * | 1169 | .Sq * |
1154 | indicates that the port should be available from all interfaces. | 1170 | indicates that the port should be available from all interfaces. |
1155 | Unix domain socket paths accept the tokens described in the | 1171 | Unix domain socket paths may use the tokens described in the |
1156 | .Sx TOKENS | 1172 | .Sx TOKENS |
1173 | section and environment variables as described in the | ||
1174 | .Sx ENVIRONMENT VARIABLES | ||
1157 | section. | 1175 | section. |
1158 | .It Cm LogLevel | 1176 | .It Cm LogLevel |
1159 | Gives the verbosity level that is used when logging messages from | 1177 | Gives the verbosity level that is used when logging messages from |
@@ -1423,8 +1441,10 @@ Multiple forwardings may be specified, and additional | |||
1423 | forwardings can be given on the command line. | 1441 | forwardings can be given on the command line. |
1424 | Privileged ports can be forwarded only when | 1442 | Privileged ports can be forwarded only when |
1425 | logging in as root on the remote machine. | 1443 | logging in as root on the remote machine. |
1426 | Unix domain socket paths accept the tokens described in the | 1444 | Unix domain socket paths may use the tokens described in the |
1427 | .Sx TOKENS | 1445 | .Sx TOKENS |
1446 | section and environment variables as described in the | ||
1447 | .Sx ENVIRONMENT VARIABLES | ||
1428 | section. | 1448 | section. |
1429 | .Pp | 1449 | .Pp |
1430 | If the | 1450 | If the |
@@ -1727,6 +1747,12 @@ having to remember to give the user name on the command line. | |||
1727 | .It Cm UserKnownHostsFile | 1747 | .It Cm UserKnownHostsFile |
1728 | Specifies one or more files to use for the user | 1748 | Specifies one or more files to use for the user |
1729 | host key database, separated by whitespace. | 1749 | host key database, separated by whitespace. |
1750 | Each filename may use tilde notation to refer to the user's home directory, | ||
1751 | the tokens described in the | ||
1752 | .Sx TOKENS | ||
1753 | section and environment variables as described in the | ||
1754 | .Sx ENVIRONMENT VARIABLES | ||
1755 | section. | ||
1730 | The default is | 1756 | The default is |
1731 | .Pa ~/.ssh/known_hosts , | 1757 | .Pa ~/.ssh/known_hosts , |
1732 | .Pa ~/.ssh/known_hosts2 . | 1758 | .Pa ~/.ssh/known_hosts2 . |
@@ -1833,6 +1859,9 @@ Local user's home directory. | |||
1833 | The remote hostname. | 1859 | The remote hostname. |
1834 | .It %i | 1860 | .It %i |
1835 | The local user ID. | 1861 | The local user ID. |
1862 | .It %k | ||
1863 | The host key alias if specified, otherwise the orignal remote hostname given | ||
1864 | on the command line. | ||
1836 | .It %L | 1865 | .It %L |
1837 | The local hostname. | 1866 | The local hostname. |
1838 | .It %l | 1867 | .It %l |
@@ -1863,8 +1892,9 @@ The local username. | |||
1863 | .Cm LocalForward , | 1892 | .Cm LocalForward , |
1864 | .Cm Match exec , | 1893 | .Cm Match exec , |
1865 | .Cm RemoteCommand , | 1894 | .Cm RemoteCommand , |
1895 | .Cm RemoteForward , | ||
1866 | and | 1896 | and |
1867 | .Cm RemoteForward | 1897 | .Cm UserKnownHostsFile |
1868 | accept the tokens %%, %C, %d, %h, %i, %L, %l, %n, %p, %r, and %u. | 1898 | accept the tokens %%, %C, %d, %h, %i, %L, %l, %n, %p, %r, and %u. |
1869 | .Pp | 1899 | .Pp |
1870 | .Cm Hostname | 1900 | .Cm Hostname |
@@ -1875,6 +1905,29 @@ accepts all tokens. | |||
1875 | .Pp | 1905 | .Pp |
1876 | .Cm ProxyCommand | 1906 | .Cm ProxyCommand |
1877 | accepts the tokens %%, %h, %n, %p, and %r. | 1907 | accepts the tokens %%, %h, %n, %p, and %r. |
1908 | .Sh ENVIRONMENT VARIABLES | ||
1909 | Arguments to some keywords can be expanded at runtime from environment | ||
1910 | variables on the client by enclosing them in | ||
1911 | .Ic ${} , | ||
1912 | for example | ||
1913 | .Ic ${HOME}/.ssh | ||
1914 | would refer to the user's .ssh directory. | ||
1915 | If a specified environment variable does not exist then an error will be | ||
1916 | returned and the setting for that keyword will be ignored. | ||
1917 | .Pp | ||
1918 | The keywords | ||
1919 | .Cm CertificateFile , | ||
1920 | .Cm ControlPath , | ||
1921 | .Cm IdentityAgent , | ||
1922 | .Cm IdentityFile | ||
1923 | and | ||
1924 | .Cm UserKnownHostsFile | ||
1925 | support environment variables. | ||
1926 | The keywords | ||
1927 | .Cm LocalForward | ||
1928 | and | ||
1929 | .Cm RemoteForward | ||
1930 | support environment variables only for Unix domain socket paths. | ||
1878 | .Sh FILES | 1931 | .Sh FILES |
1879 | .Bl -tag -width Ds | 1932 | .Bl -tag -width Ds |
1880 | .It Pa ~/.ssh/config | 1933 | .It Pa ~/.ssh/config |