summaryrefslogtreecommitdiff
path: root/sshd.8
diff options
context:
space:
mode:
Diffstat (limited to 'sshd.8')
-rw-r--r--sshd.818
1 files changed, 9 insertions, 9 deletions
diff --git a/sshd.8 b/sshd.8
index cd7f9002f..9d8764a9c 100644
--- a/sshd.8
+++ b/sshd.8
@@ -9,7 +9,7 @@
9.\" 9.\"
10.\" Created: Sat Apr 22 21:55:14 1995 ylo 10.\" Created: Sat Apr 22 21:55:14 1995 ylo
11.\" 11.\"
12.\" $Id: sshd.8,v 1.18 2000/04/20 13:27:27 damien Exp $ 12.\" $Id: sshd.8,v 1.19 2000/05/01 11:10:34 damien Exp $
13.\" 13.\"
14.Dd September 25, 1999 14.Dd September 25, 1999
15.Dt SSHD 8 15.Dt SSHD 8
@@ -31,7 +31,7 @@
31.Nm 31.Nm
32(Secure Shell Daemon) is the daemon program for 32(Secure Shell Daemon) is the daemon program for
33.Xr ssh 1 . 33.Xr ssh 1 .
34Together these programs replace rlogin and rsh programs, and 34Together these programs replace rlogin and rsh, and
35provide secure encrypted communications between two untrusted hosts 35provide secure encrypted communications between two untrusted hosts
36over an insecure network. 36over an insecure network.
37The programs are intended to be as easy to 37The programs are intended to be as easy to
@@ -56,19 +56,19 @@ the daemon starts, it generates a server RSA key (normally 768 bits).
56This key is normally regenerated every hour if it has been used, and 56This key is normally regenerated every hour if it has been used, and
57is never stored on disk. 57is never stored on disk.
58.Pp 58.Pp
59Whenever a client connects the daemon, the daemon sends its host 59Whenever a client connects the daemon responds with its public
60and server public keys to the client. 60host and server keys.
61The client compares the 61The client compares the
62host key against its own database to verify that it has not changed. 62host key against its own database to verify that it has not changed.
63The client then generates a 256 bit random number. 63The client then generates a 256 bit random number.
64It encrypts this 64It encrypts this
65random number using both the host key and the server key, and sends 65random number using both the host key and the server key, and sends
66the encrypted number to the server. 66the encrypted number to the server.
67Both sides then start to use this 67Both sides then use this
68random number as a session key which is used to encrypt all further 68random number as a session key which is used to encrypt all further
69communications in the session. 69communications in the session.
70The rest of the session is encrypted 70The rest of the session is encrypted
71using a conventional cipher, currently Blowfish and 3DES, with 3DES 71using a conventional cipher, currently Blowfish or 3DES, with 3DES
72being used by default. 72being used by default.
73The client selects the encryption algorithm 73The client selects the encryption algorithm
74to use from those offered by the server. 74to use from those offered by the server.
@@ -95,7 +95,7 @@ are disabled (thus completely disabling
95.Xr rlogin 1 95.Xr rlogin 1
96and 96and
97.Xr rsh 1 97.Xr rsh 1
98into that machine). 98into the machine).
99.Pp 99.Pp
100If the client successfully authenticates itself, a dialog for 100If the client successfully authenticates itself, a dialog for
101preparing the session is entered. 101preparing the session is entered.
@@ -188,9 +188,9 @@ authentication, and termination of each connection is logged.
188Do not print an error message if RSA support is missing. 188Do not print an error message if RSA support is missing.
189.It Fl V Ar client_protocol_id 189.It Fl V Ar client_protocol_id
190SSH2 compatibility mode. 190SSH2 compatibility mode.
191When this options is specified 191When this option is specified
192.Nm 192.Nm
193assumes the client has sent the given version string 193assumes the client has sent the supplied version string
194and skips the 194and skips the
195Protocol Version Identification Exchange. 195Protocol Version Identification Exchange.
196.It Fl 4 196.It Fl 4