diff options
Diffstat (limited to 'sshd.0')
-rw-r--r-- | sshd.0 | 636 |
1 files changed, 636 insertions, 0 deletions
@@ -0,0 +1,636 @@ | |||
1 | SSHD(8) System Manager's Manual SSHD(8) | ||
2 | |||
3 | NAME | ||
4 | sshd M-bM-^@M-^S OpenSSH SSH daemon | ||
5 | |||
6 | SYNOPSIS | ||
7 | sshd [-46DdeiqTt] [-b bits] [-C connection_spec] | ||
8 | [-c host_certificate_file] [-E log_file] [-f config_file] | ||
9 | [-g login_grace_time] [-h host_key_file] [-k key_gen_time] | ||
10 | [-o option] [-p port] [-u len] | ||
11 | |||
12 | DESCRIPTION | ||
13 | sshd (OpenSSH Daemon) is the daemon program for ssh(1). Together these | ||
14 | programs replace rlogin and rsh, and provide secure encrypted | ||
15 | communications between two untrusted hosts over an insecure network. | ||
16 | |||
17 | sshd listens for connections from clients. It is normally started at | ||
18 | boot from /etc/rc. It forks a new daemon for each incoming connection. | ||
19 | The forked daemons handle key exchange, encryption, authentication, | ||
20 | command execution, and data exchange. | ||
21 | |||
22 | sshd can be configured using command-line options or a configuration file | ||
23 | (by default sshd_config(5)); command-line options override values | ||
24 | specified in the configuration file. sshd rereads its configuration file | ||
25 | when it receives a hangup signal, SIGHUP, by executing itself with the | ||
26 | name and options it was started with, e.g. /usr/sbin/sshd. | ||
27 | |||
28 | The options are as follows: | ||
29 | |||
30 | -4 Forces sshd to use IPv4 addresses only. | ||
31 | |||
32 | -6 Forces sshd to use IPv6 addresses only. | ||
33 | |||
34 | -b bits | ||
35 | Specifies the number of bits in the ephemeral protocol version 1 | ||
36 | server key (default 1024). | ||
37 | |||
38 | -C connection_spec | ||
39 | Specify the connection parameters to use for the -T extended test | ||
40 | mode. If provided, any Match directives in the configuration | ||
41 | file that would apply to the specified user, host, and address | ||
42 | will be set before the configuration is written to standard | ||
43 | output. The connection parameters are supplied as keyword=value | ||
44 | pairs. The keywords are M-bM-^@M-^\userM-bM-^@M-^], M-bM-^@M-^\hostM-bM-^@M-^], M-bM-^@M-^\laddrM-bM-^@M-^], M-bM-^@M-^\lportM-bM-^@M-^], and | ||
45 | M-bM-^@M-^\addrM-bM-^@M-^]. All are required and may be supplied in any order, | ||
46 | either with multiple -C options or as a comma-separated list. | ||
47 | |||
48 | -c host_certificate_file | ||
49 | Specifies a path to a certificate file to identify sshd during | ||
50 | key exchange. The certificate file must match a host key file | ||
51 | specified using the -h option or the HostKey configuration | ||
52 | directive. | ||
53 | |||
54 | -D When this option is specified, sshd will not detach and does not | ||
55 | become a daemon. This allows easy monitoring of sshd. | ||
56 | |||
57 | -d Debug mode. The server sends verbose debug output to standard | ||
58 | error, and does not put itself in the background. The server | ||
59 | also will not fork and will only process one connection. This | ||
60 | option is only intended for debugging for the server. Multiple | ||
61 | -d options increase the debugging level. Maximum is 3. | ||
62 | |||
63 | -E log_file | ||
64 | Append debug logs to log_file instead of the system log. | ||
65 | |||
66 | -e Write debug logs to standard error instead of the system log. | ||
67 | |||
68 | -f config_file | ||
69 | Specifies the name of the configuration file. The default is | ||
70 | /etc/ssh/sshd_config. sshd refuses to start if there is no | ||
71 | configuration file. | ||
72 | |||
73 | -g login_grace_time | ||
74 | Gives the grace time for clients to authenticate themselves | ||
75 | (default 120 seconds). If the client fails to authenticate the | ||
76 | user within this many seconds, the server disconnects and exits. | ||
77 | A value of zero indicates no limit. | ||
78 | |||
79 | -h host_key_file | ||
80 | Specifies a file from which a host key is read. This option must | ||
81 | be given if sshd is not run as root (as the normal host key files | ||
82 | are normally not readable by anyone but root). The default is | ||
83 | /etc/ssh/ssh_host_key for protocol version 1, and | ||
84 | /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key. | ||
85 | /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for | ||
86 | protocol version 2. It is possible to have multiple host key | ||
87 | files for the different protocol versions and host key | ||
88 | algorithms. | ||
89 | |||
90 | -i Specifies that sshd is being run from inetd(8). sshd is normally | ||
91 | not run from inetd because it needs to generate the server key | ||
92 | before it can respond to the client, and this may take tens of | ||
93 | seconds. Clients would have to wait too long if the key was | ||
94 | regenerated every time. However, with small key sizes (e.g. 512) | ||
95 | using sshd from inetd may be feasible. | ||
96 | |||
97 | -k key_gen_time | ||
98 | Specifies how often the ephemeral protocol version 1 server key | ||
99 | is regenerated (default 3600 seconds, or one hour). The | ||
100 | motivation for regenerating the key fairly often is that the key | ||
101 | is not stored anywhere, and after about an hour it becomes | ||
102 | impossible to recover the key for decrypting intercepted | ||
103 | communications even if the machine is cracked into or physically | ||
104 | seized. A value of zero indicates that the key will never be | ||
105 | regenerated. | ||
106 | |||
107 | -o option | ||
108 | Can be used to give options in the format used in the | ||
109 | configuration file. This is useful for specifying options for | ||
110 | which there is no separate command-line flag. For full details | ||
111 | of the options, and their values, see sshd_config(5). | ||
112 | |||
113 | -p port | ||
114 | Specifies the port on which the server listens for connections | ||
115 | (default 22). Multiple port options are permitted. Ports | ||
116 | specified in the configuration file with the Port option are | ||
117 | ignored when a command-line port is specified. Ports specified | ||
118 | using the ListenAddress option override command-line ports. | ||
119 | |||
120 | -q Quiet mode. Nothing is sent to the system log. Normally the | ||
121 | beginning, authentication, and termination of each connection is | ||
122 | logged. | ||
123 | |||
124 | -T Extended test mode. Check the validity of the configuration | ||
125 | file, output the effective configuration to stdout and then exit. | ||
126 | Optionally, Match rules may be applied by specifying the | ||
127 | connection parameters using one or more -C options. | ||
128 | |||
129 | -t Test mode. Only check the validity of the configuration file and | ||
130 | sanity of the keys. This is useful for updating sshd reliably as | ||
131 | configuration options may change. | ||
132 | |||
133 | -u len This option is used to specify the size of the field in the utmp | ||
134 | structure that holds the remote host name. If the resolved host | ||
135 | name is longer than len, the dotted decimal value will be used | ||
136 | instead. This allows hosts with very long host names that | ||
137 | overflow this field to still be uniquely identified. Specifying | ||
138 | -u0 indicates that only dotted decimal addresses should be put | ||
139 | into the utmp file. -u0 may also be used to prevent sshd from | ||
140 | making DNS requests unless the authentication mechanism or | ||
141 | configuration requires it. Authentication mechanisms that may | ||
142 | require DNS include RhostsRSAAuthentication, | ||
143 | HostbasedAuthentication, and using a from="pattern-list" option | ||
144 | in a key file. Configuration options that require DNS include | ||
145 | using a USER@HOST pattern in AllowUsers or DenyUsers. | ||
146 | |||
147 | AUTHENTICATION | ||
148 | The OpenSSH SSH daemon supports SSH protocols 1 and 2. The default is to | ||
149 | use protocol 2 only, though this can be changed via the Protocol option | ||
150 | in sshd_config(5). Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; | ||
151 | protocol 1 only supports RSA keys. For both protocols, each host has a | ||
152 | host-specific key, normally 2048 bits, used to identify the host. | ||
153 | |||
154 | Forward security for protocol 1 is provided through an additional server | ||
155 | key, normally 768 bits, generated when the server starts. This key is | ||
156 | normally regenerated every hour if it has been used, and is never stored | ||
157 | on disk. Whenever a client connects, the daemon responds with its public | ||
158 | host and server keys. The client compares the RSA host key against its | ||
159 | own database to verify that it has not changed. The client then | ||
160 | generates a 256-bit random number. It encrypts this random number using | ||
161 | both the host key and the server key, and sends the encrypted number to | ||
162 | the server. Both sides then use this random number as a session key | ||
163 | which is used to encrypt all further communications in the session. The | ||
164 | rest of the session is encrypted using a conventional cipher, currently | ||
165 | Blowfish or 3DES, with 3DES being used by default. The client selects | ||
166 | the encryption algorithm to use from those offered by the server. | ||
167 | |||
168 | For protocol 2, forward security is provided through a Diffie-Hellman key | ||
169 | agreement. This key agreement results in a shared session key. The rest | ||
170 | of the session is encrypted using a symmetric cipher, currently 128-bit | ||
171 | AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. The | ||
172 | client selects the encryption algorithm to use from those offered by the | ||
173 | server. Additionally, session integrity is provided through a | ||
174 | cryptographic message authentication code (hmac-md5, hmac-sha1, umac-64, | ||
175 | umac-128, hmac-ripemd160, hmac-sha2-256 or hmac-sha2-512). | ||
176 | |||
177 | Finally, the server and the client enter an authentication dialog. The | ||
178 | client tries to authenticate itself using host-based authentication, | ||
179 | public key authentication, challenge-response authentication, or password | ||
180 | authentication. | ||
181 | |||
182 | Regardless of the authentication type, the account is checked to ensure | ||
183 | that it is accessible. An account is not accessible if it is locked, | ||
184 | listed in DenyUsers or its group is listed in DenyGroups . The | ||
185 | definition of a locked account is system dependant. Some platforms have | ||
186 | their own account database (eg AIX) and some modify the passwd field ( | ||
187 | M-bM-^@M-^X*LK*M-bM-^@M-^Y on Solaris and UnixWare, M-bM-^@M-^X*M-bM-^@M-^Y on HP-UX, containing M-bM-^@M-^XNologinM-bM-^@M-^Y on | ||
188 | Tru64, a leading M-bM-^@M-^X*LOCKED*M-bM-^@M-^Y on FreeBSD and a leading M-bM-^@M-^X!M-bM-^@M-^Y on most | ||
189 | Linuxes). If there is a requirement to disable password authentication | ||
190 | for the account while allowing still public-key, then the passwd field | ||
191 | should be set to something other than these values (eg M-bM-^@M-^XNPM-bM-^@M-^Y or M-bM-^@M-^X*NP*M-bM-^@M-^Y ). | ||
192 | |||
193 | If the client successfully authenticates itself, a dialog for preparing | ||
194 | the session is entered. At this time the client may request things like | ||
195 | allocating a pseudo-tty, forwarding X11 connections, forwarding TCP | ||
196 | connections, or forwarding the authentication agent connection over the | ||
197 | secure channel. | ||
198 | |||
199 | After this, the client either requests a shell or execution of a command. | ||
200 | The sides then enter session mode. In this mode, either side may send | ||
201 | data at any time, and such data is forwarded to/from the shell or command | ||
202 | on the server side, and the user terminal in the client side. | ||
203 | |||
204 | When the user program terminates and all forwarded X11 and other | ||
205 | connections have been closed, the server sends command exit status to the | ||
206 | client, and both sides exit. | ||
207 | |||
208 | LOGIN PROCESS | ||
209 | When a user successfully logs in, sshd does the following: | ||
210 | |||
211 | 1. If the login is on a tty, and no command has been specified, | ||
212 | prints last login time and /etc/motd (unless prevented in the | ||
213 | configuration file or by ~/.hushlogin; see the FILES section). | ||
214 | |||
215 | 2. If the login is on a tty, records login time. | ||
216 | |||
217 | 3. Checks /etc/nologin; if it exists, prints contents and quits | ||
218 | (unless root). | ||
219 | |||
220 | 4. Changes to run with normal user privileges. | ||
221 | |||
222 | 5. Sets up basic environment. | ||
223 | |||
224 | 6. Reads the file ~/.ssh/environment, if it exists, and users are | ||
225 | allowed to change their environment. See the | ||
226 | PermitUserEnvironment option in sshd_config(5). | ||
227 | |||
228 | 7. Changes to user's home directory. | ||
229 | |||
230 | 8. If ~/.ssh/rc exists and the sshd_config(5) PermitUserRC option | ||
231 | is set, runs it; else if /etc/ssh/sshrc exists, runs it; | ||
232 | otherwise runs xauth. The M-bM-^@M-^\rcM-bM-^@M-^] files are given the X11 | ||
233 | authentication protocol and cookie in standard input. See | ||
234 | SSHRC, below. | ||
235 | |||
236 | 9. Runs user's shell or command. All commands are run under the | ||
237 | user's login shell as specified in the system password | ||
238 | database. | ||
239 | |||
240 | SSHRC | ||
241 | If the file ~/.ssh/rc exists, sh(1) runs it after reading the environment | ||
242 | files but before starting the user's shell or command. It must not | ||
243 | produce any output on stdout; stderr must be used instead. If X11 | ||
244 | forwarding is in use, it will receive the "proto cookie" pair in its | ||
245 | standard input (and DISPLAY in its environment). The script must call | ||
246 | xauth(1) because sshd will not run xauth automatically to add X11 | ||
247 | cookies. | ||
248 | |||
249 | The primary purpose of this file is to run any initialization routines | ||
250 | which may be needed before the user's home directory becomes accessible; | ||
251 | AFS is a particular example of such an environment. | ||
252 | |||
253 | This file will probably contain some initialization code followed by | ||
254 | something similar to: | ||
255 | |||
256 | if read proto cookie && [ -n "$DISPLAY" ]; then | ||
257 | if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then | ||
258 | # X11UseLocalhost=yes | ||
259 | echo add unix:`echo $DISPLAY | | ||
260 | cut -c11-` $proto $cookie | ||
261 | else | ||
262 | # X11UseLocalhost=no | ||
263 | echo add $DISPLAY $proto $cookie | ||
264 | fi | xauth -q - | ||
265 | fi | ||
266 | |||
267 | If this file does not exist, /etc/ssh/sshrc is run, and if that does not | ||
268 | exist either, xauth is used to add the cookie. | ||
269 | |||
270 | AUTHORIZED_KEYS FILE FORMAT | ||
271 | AuthorizedKeysFile specifies the files containing public keys for public | ||
272 | key authentication; if none is specified, the default is | ||
273 | ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Each line of the | ||
274 | file contains one key (empty lines and lines starting with a M-bM-^@M-^X#M-bM-^@M-^Y are | ||
275 | ignored as comments). Protocol 1 public keys consist of the following | ||
276 | space-separated fields: options, bits, exponent, modulus, comment. | ||
277 | Protocol 2 public key consist of: options, keytype, base64-encoded key, | ||
278 | comment. The options field is optional; its presence is determined by | ||
279 | whether the line starts with a number or not (the options field never | ||
280 | starts with a number). The bits, exponent, modulus, and comment fields | ||
281 | give the RSA key for protocol version 1; the comment field is not used | ||
282 | for anything (but may be convenient for the user to identify the key). | ||
283 | For protocol version 2 the keytype is M-bM-^@M-^\ecdsa-sha2-nistp256M-bM-^@M-^], | ||
284 | M-bM-^@M-^\ecdsa-sha2-nistp384M-bM-^@M-^], M-bM-^@M-^\ecdsa-sha2-nistp521M-bM-^@M-^], M-bM-^@M-^\ssh-ed25519M-bM-^@M-^], M-bM-^@M-^\ssh-dssM-bM-^@M-^] or | ||
285 | M-bM-^@M-^\ssh-rsaM-bM-^@M-^]. | ||
286 | |||
287 | Note that lines in this file are usually several hundred bytes long | ||
288 | (because of the size of the public key encoding) up to a limit of 8 | ||
289 | kilobytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16 | ||
290 | kilobits. You don't want to type them in; instead, copy the | ||
291 | identity.pub, id_dsa.pub, id_ecdsa.pub, id_ed25519.pub, or the id_rsa.pub | ||
292 | file and edit it. | ||
293 | |||
294 | sshd enforces a minimum RSA key modulus size for protocol 1 and protocol | ||
295 | 2 keys of 768 bits. | ||
296 | |||
297 | The options (if present) consist of comma-separated option | ||
298 | specifications. No spaces are permitted, except within double quotes. | ||
299 | The following option specifications are supported (note that option | ||
300 | keywords are case-insensitive): | ||
301 | |||
302 | cert-authority | ||
303 | Specifies that the listed key is a certification authority (CA) | ||
304 | that is trusted to validate signed certificates for user | ||
305 | authentication. | ||
306 | |||
307 | Certificates may encode access restrictions similar to these key | ||
308 | options. If both certificate restrictions and key options are | ||
309 | present, the most restrictive union of the two is applied. | ||
310 | |||
311 | command="command" | ||
312 | Specifies that the command is executed whenever this key is used | ||
313 | for authentication. The command supplied by the user (if any) is | ||
314 | ignored. The command is run on a pty if the client requests a | ||
315 | pty; otherwise it is run without a tty. If an 8-bit clean | ||
316 | channel is required, one must not request a pty or should specify | ||
317 | no-pty. A quote may be included in the command by quoting it | ||
318 | with a backslash. This option might be useful to restrict | ||
319 | certain public keys to perform just a specific operation. An | ||
320 | example might be a key that permits remote backups but nothing | ||
321 | else. Note that the client may specify TCP and/or X11 forwarding | ||
322 | unless they are explicitly prohibited. The command originally | ||
323 | supplied by the client is available in the SSH_ORIGINAL_COMMAND | ||
324 | environment variable. Note that this option applies to shell, | ||
325 | command or subsystem execution. Also note that this command may | ||
326 | be superseded by either a sshd_config(5) ForceCommand directive | ||
327 | or a command embedded in a certificate. | ||
328 | |||
329 | environment="NAME=value" | ||
330 | Specifies that the string is to be added to the environment when | ||
331 | logging in using this key. Environment variables set this way | ||
332 | override other default environment values. Multiple options of | ||
333 | this type are permitted. Environment processing is disabled by | ||
334 | default and is controlled via the PermitUserEnvironment option. | ||
335 | This option is automatically disabled if UseLogin is enabled. | ||
336 | |||
337 | from="pattern-list" | ||
338 | Specifies that in addition to public key authentication, either | ||
339 | the canonical name of the remote host or its IP address must be | ||
340 | present in the comma-separated list of patterns. See PATTERNS in | ||
341 | ssh_config(5) for more information on patterns. | ||
342 | |||
343 | In addition to the wildcard matching that may be applied to | ||
344 | hostnames or addresses, a from stanza may match IP addresses | ||
345 | using CIDR address/masklen notation. | ||
346 | |||
347 | The purpose of this option is to optionally increase security: | ||
348 | public key authentication by itself does not trust the network or | ||
349 | name servers or anything (but the key); however, if somebody | ||
350 | somehow steals the key, the key permits an intruder to log in | ||
351 | from anywhere in the world. This additional option makes using a | ||
352 | stolen key more difficult (name servers and/or routers would have | ||
353 | to be compromised in addition to just the key). | ||
354 | |||
355 | no-agent-forwarding | ||
356 | Forbids authentication agent forwarding when this key is used for | ||
357 | authentication. | ||
358 | |||
359 | no-port-forwarding | ||
360 | Forbids TCP forwarding when this key is used for authentication. | ||
361 | Any port forward requests by the client will return an error. | ||
362 | This might be used, e.g. in connection with the command option. | ||
363 | |||
364 | no-pty Prevents tty allocation (a request to allocate a pty will fail). | ||
365 | |||
366 | no-user-rc | ||
367 | Disables execution of ~/.ssh/rc. | ||
368 | |||
369 | no-X11-forwarding | ||
370 | Forbids X11 forwarding when this key is used for authentication. | ||
371 | Any X11 forward requests by the client will return an error. | ||
372 | |||
373 | permitopen="host:port" | ||
374 | Limit local port forwarding with ssh(1) -L such that it may only | ||
375 | connect to the specified host and port. IPv6 addresses can be | ||
376 | specified by enclosing the address in square brackets. Multiple | ||
377 | permitopen options may be applied separated by commas. No | ||
378 | pattern matching is performed on the specified hostnames, they | ||
379 | must be literal domains or addresses. A port specification of * | ||
380 | matches any port. | ||
381 | |||
382 | principals="principals" | ||
383 | On a cert-authority line, specifies allowed principals for | ||
384 | certificate authentication as a comma-separated list. At least | ||
385 | one name from the list must appear in the certificate's list of | ||
386 | principals for the certificate to be accepted. This option is | ||
387 | ignored for keys that are not marked as trusted certificate | ||
388 | signers using the cert-authority option. | ||
389 | |||
390 | tunnel="n" | ||
391 | Force a tun(4) device on the server. Without this option, the | ||
392 | next available device will be used if the client requests a | ||
393 | tunnel. | ||
394 | |||
395 | An example authorized_keys file: | ||
396 | |||
397 | # Comments allowed at start of line | ||
398 | ssh-rsa AAAAB3Nza...LiPk== user@example.net | ||
399 | from="*.sales.example.net,!pc.sales.example.net" ssh-rsa | ||
400 | AAAAB2...19Q== john@example.net | ||
401 | command="dump /home",no-pty,no-port-forwarding ssh-dss | ||
402 | AAAAC3...51R== example.net | ||
403 | permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss | ||
404 | AAAAB5...21S== | ||
405 | tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== | ||
406 | jane@example.net | ||
407 | |||
408 | SSH_KNOWN_HOSTS FILE FORMAT | ||
409 | The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host | ||
410 | public keys for all known hosts. The global file should be prepared by | ||
411 | the administrator (optional), and the per-user file is maintained | ||
412 | automatically: whenever the user connects from an unknown host, its key | ||
413 | is added to the per-user file. | ||
414 | |||
415 | Each line in these files contains the following fields: markers | ||
416 | (optional), hostnames, bits, exponent, modulus, comment. The fields are | ||
417 | separated by spaces. | ||
418 | |||
419 | The marker is optional, but if it is present then it must be one of | ||
420 | M-bM-^@M-^\@cert-authorityM-bM-^@M-^], to indicate that the line contains a certification | ||
421 | authority (CA) key, or M-bM-^@M-^\@revokedM-bM-^@M-^], to indicate that the key contained on | ||
422 | the line is revoked and must not ever be accepted. Only one marker | ||
423 | should be used on a key line. | ||
424 | |||
425 | Hostnames is a comma-separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y act as | ||
426 | wildcards); each pattern in turn is matched against the canonical host | ||
427 | name (when authenticating a client) or against the user-supplied name | ||
428 | (when authenticating a server). A pattern may also be preceded by M-bM-^@M-^X!M-bM-^@M-^Y to | ||
429 | indicate negation: if the host name matches a negated pattern, it is not | ||
430 | accepted (by that line) even if it matched another pattern on the line. | ||
431 | A hostname or address may optionally be enclosed within M-bM-^@M-^X[M-bM-^@M-^Y and M-bM-^@M-^X]M-bM-^@M-^Y | ||
432 | brackets then followed by M-bM-^@M-^X:M-bM-^@M-^Y and a non-standard port number. | ||
433 | |||
434 | Alternately, hostnames may be stored in a hashed form which hides host | ||
435 | names and addresses should the file's contents be disclosed. Hashed | ||
436 | hostnames start with a M-bM-^@M-^X|M-bM-^@M-^Y character. Only one hashed hostname may | ||
437 | appear on a single line and none of the above negation or wildcard | ||
438 | operators may be applied. | ||
439 | |||
440 | Bits, exponent, and modulus are taken directly from the RSA host key; | ||
441 | they can be obtained, for example, from /etc/ssh/ssh_host_key.pub. The | ||
442 | optional comment field continues to the end of the line, and is not used. | ||
443 | |||
444 | Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are ignored as comments. | ||
445 | |||
446 | When performing host authentication, authentication is accepted if any | ||
447 | matching line has the proper key; either one that matches exactly or, if | ||
448 | the server has presented a certificate for authentication, the key of the | ||
449 | certification authority that signed the certificate. For a key to be | ||
450 | trusted as a certification authority, it must use the M-bM-^@M-^\@cert-authorityM-bM-^@M-^] | ||
451 | marker described above. | ||
452 | |||
453 | The known hosts file also provides a facility to mark keys as revoked, | ||
454 | for example when it is known that the associated private key has been | ||
455 | stolen. Revoked keys are specified by including the M-bM-^@M-^\@revokedM-bM-^@M-^] marker at | ||
456 | the beginning of the key line, and are never accepted for authentication | ||
457 | or as certification authorities, but instead will produce a warning from | ||
458 | ssh(1) when they are encountered. | ||
459 | |||
460 | It is permissible (but not recommended) to have several lines or | ||
461 | different host keys for the same names. This will inevitably happen when | ||
462 | short forms of host names from different domains are put in the file. It | ||
463 | is possible that the files contain conflicting information; | ||
464 | authentication is accepted if valid information can be found from either | ||
465 | file. | ||
466 | |||
467 | Note that the lines in these files are typically hundreds of characters | ||
468 | long, and you definitely don't want to type in the host keys by hand. | ||
469 | Rather, generate them by a script, ssh-keyscan(1) or by taking | ||
470 | /etc/ssh/ssh_host_key.pub and adding the host names at the front. | ||
471 | ssh-keygen(1) also offers some basic automated editing for | ||
472 | ~/.ssh/known_hosts including removing hosts matching a host name and | ||
473 | converting all host names to their hashed representations. | ||
474 | |||
475 | An example ssh_known_hosts file: | ||
476 | |||
477 | # Comments allowed at start of line | ||
478 | closenet,...,192.0.2.53 1024 37 159...93 closenet.example.net | ||
479 | cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....= | ||
480 | # A hashed hostname | ||
481 | |1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa | ||
482 | AAAA1234.....= | ||
483 | # A revoked key | ||
484 | @revoked * ssh-rsa AAAAB5W... | ||
485 | # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org | ||
486 | @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... | ||
487 | |||
488 | FILES | ||
489 | ~/.hushlogin | ||
490 | This file is used to suppress printing the last login time and | ||
491 | /etc/motd, if PrintLastLog and PrintMotd, respectively, are | ||
492 | enabled. It does not suppress printing of the banner specified | ||
493 | by Banner. | ||
494 | |||
495 | ~/.rhosts | ||
496 | This file is used for host-based authentication (see ssh(1) for | ||
497 | more information). On some machines this file may need to be | ||
498 | world-readable if the user's home directory is on an NFS | ||
499 | partition, because sshd reads it as root. Additionally, this | ||
500 | file must be owned by the user, and must not have write | ||
501 | permissions for anyone else. The recommended permission for most | ||
502 | machines is read/write for the user, and not accessible by | ||
503 | others. | ||
504 | |||
505 | ~/.shosts | ||
506 | This file is used in exactly the same way as .rhosts, but allows | ||
507 | host-based authentication without permitting login with | ||
508 | rlogin/rsh. | ||
509 | |||
510 | ~/.ssh/ | ||
511 | This directory is the default location for all user-specific | ||
512 | configuration and authentication information. There is no | ||
513 | general requirement to keep the entire contents of this directory | ||
514 | secret, but the recommended permissions are read/write/execute | ||
515 | for the user, and not accessible by others. | ||
516 | |||
517 | ~/.ssh/authorized_keys | ||
518 | Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used | ||
519 | for logging in as this user. The format of this file is | ||
520 | described above. The content of the file is not highly | ||
521 | sensitive, but the recommended permissions are read/write for the | ||
522 | user, and not accessible by others. | ||
523 | |||
524 | If this file, the ~/.ssh directory, or the user's home directory | ||
525 | are writable by other users, then the file could be modified or | ||
526 | replaced by unauthorized users. In this case, sshd will not | ||
527 | allow it to be used unless the StrictModes option has been set to | ||
528 | M-bM-^@M-^\noM-bM-^@M-^]. | ||
529 | |||
530 | ~/.ssh/environment | ||
531 | This file is read into the environment at login (if it exists). | ||
532 | It can only contain empty lines, comment lines (that start with | ||
533 | M-bM-^@M-^X#M-bM-^@M-^Y), and assignment lines of the form name=value. The file | ||
534 | should be writable only by the user; it need not be readable by | ||
535 | anyone else. Environment processing is disabled by default and | ||
536 | is controlled via the PermitUserEnvironment option. | ||
537 | |||
538 | ~/.ssh/known_hosts | ||
539 | Contains a list of host keys for all hosts the user has logged | ||
540 | into that are not already in the systemwide list of known host | ||
541 | keys. The format of this file is described above. This file | ||
542 | should be writable only by root/the owner and can, but need not | ||
543 | be, world-readable. | ||
544 | |||
545 | ~/.ssh/rc | ||
546 | Contains initialization routines to be run before the user's home | ||
547 | directory becomes accessible. This file should be writable only | ||
548 | by the user, and need not be readable by anyone else. | ||
549 | |||
550 | /etc/hosts.equiv | ||
551 | This file is for host-based authentication (see ssh(1)). It | ||
552 | should only be writable by root. | ||
553 | |||
554 | /etc/moduli | ||
555 | Contains Diffie-Hellman groups used for the "Diffie-Hellman Group | ||
556 | Exchange". The file format is described in moduli(5). | ||
557 | |||
558 | /etc/motd | ||
559 | See motd(5). | ||
560 | |||
561 | /etc/nologin | ||
562 | If this file exists, sshd refuses to let anyone except root log | ||
563 | in. The contents of the file are displayed to anyone trying to | ||
564 | log in, and non-root connections are refused. The file should be | ||
565 | world-readable. | ||
566 | |||
567 | /etc/shosts.equiv | ||
568 | This file is used in exactly the same way as hosts.equiv, but | ||
569 | allows host-based authentication without permitting login with | ||
570 | rlogin/rsh. | ||
571 | |||
572 | /etc/ssh/ssh_host_key | ||
573 | /etc/ssh/ssh_host_dsa_key | ||
574 | /etc/ssh/ssh_host_ecdsa_key | ||
575 | /etc/ssh/ssh_host_ed25519_key | ||
576 | /etc/ssh/ssh_host_rsa_key | ||
577 | These files contain the private parts of the host keys. These | ||
578 | files should only be owned by root, readable only by root, and | ||
579 | not accessible to others. Note that sshd does not start if these | ||
580 | files are group/world-accessible. | ||
581 | |||
582 | /etc/ssh/ssh_host_key.pub | ||
583 | /etc/ssh/ssh_host_dsa_key.pub | ||
584 | /etc/ssh/ssh_host_ecdsa_key.pub | ||
585 | /etc/ssh/ssh_host_ed25519_key.pub | ||
586 | /etc/ssh/ssh_host_rsa_key.pub | ||
587 | These files contain the public parts of the host keys. These | ||
588 | files should be world-readable but writable only by root. Their | ||
589 | contents should match the respective private parts. These files | ||
590 | are not really used for anything; they are provided for the | ||
591 | convenience of the user so their contents can be copied to known | ||
592 | hosts files. These files are created using ssh-keygen(1). | ||
593 | |||
594 | /etc/ssh/ssh_known_hosts | ||
595 | Systemwide list of known host keys. This file should be prepared | ||
596 | by the system administrator to contain the public host keys of | ||
597 | all machines in the organization. The format of this file is | ||
598 | described above. This file should be writable only by root/the | ||
599 | owner and should be world-readable. | ||
600 | |||
601 | /etc/ssh/sshd_config | ||
602 | Contains configuration data for sshd. The file format and | ||
603 | configuration options are described in sshd_config(5). | ||
604 | |||
605 | /etc/ssh/sshrc | ||
606 | Similar to ~/.ssh/rc, it can be used to specify machine-specific | ||
607 | login-time initializations globally. This file should be | ||
608 | writable only by root, and should be world-readable. | ||
609 | |||
610 | /var/empty | ||
611 | chroot(2) directory used by sshd during privilege separation in | ||
612 | the pre-authentication phase. The directory should not contain | ||
613 | any files and must be owned by root and not group or world- | ||
614 | writable. | ||
615 | |||
616 | /var/run/sshd.pid | ||
617 | Contains the process ID of the sshd listening for connections (if | ||
618 | there are several daemons running concurrently for different | ||
619 | ports, this contains the process ID of the one started last). | ||
620 | The content of this file is not sensitive; it can be world- | ||
621 | readable. | ||
622 | |||
623 | SEE ALSO | ||
624 | scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), | ||
625 | ssh-keyscan(1), chroot(2), login.conf(5), moduli(5), sshd_config(5), | ||
626 | inetd(8), sftp-server(8) | ||
627 | |||
628 | AUTHORS | ||
629 | OpenSSH is a derivative of the original and free ssh 1.2.12 release by | ||
630 | Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo | ||
631 | de Raadt and Dug Song removed many bugs, re-added newer features and | ||
632 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | ||
633 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | ||
634 | for privilege separation. | ||
635 | |||
636 | OpenBSD 5.7 May 1, 2015 OpenBSD 5.7 | ||