diff options
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 38 |
1 files changed, 19 insertions, 19 deletions
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo | 10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $Id: sshd.8,v 1.3 1999/10/28 23:15:50 damien Exp $ | 12 | .\" $Id: sshd.8,v 1.4 1999/10/28 23:17:36 damien Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SSHD 8 | 15 | .Dt SSHD 8 |
@@ -118,7 +118,7 @@ not fork and will only process one connection. This option is only | |||
118 | intended for debugging for the server. | 118 | intended for debugging for the server. |
119 | .It Fl f Ar configuration_file | 119 | .It Fl f Ar configuration_file |
120 | Specifies the name of the configuration file. The default is | 120 | Specifies the name of the configuration file. The default is |
121 | .Pa /etc/sshd_config . | 121 | .Pa /etc/ssh/sshd_config . |
122 | .Nm | 122 | .Nm |
123 | refuses to start if there is no configuration file. | 123 | refuses to start if there is no configuration file. |
124 | .It Fl g Ar login_grace_time | 124 | .It Fl g Ar login_grace_time |
@@ -128,7 +128,7 @@ this many seconds, the server disconnects and exits. A value of zero | |||
128 | indicates no limit. | 128 | indicates no limit. |
129 | .It Fl h Ar host_key_file | 129 | .It Fl h Ar host_key_file |
130 | Specifies the file from which the host key is read (default | 130 | Specifies the file from which the host key is read (default |
131 | .Pa /etc/ssh_host_key ) . | 131 | .Pa /etc/ssh/ssh_host_key ) . |
132 | This option must be given if | 132 | This option must be given if |
133 | .Nm | 133 | .Nm |
134 | is not run as root (as the normal | 134 | is not run as root (as the normal |
@@ -165,7 +165,7 @@ Do not print an error message if RSA support is missing. | |||
165 | .Sh CONFIGURATION FILE | 165 | .Sh CONFIGURATION FILE |
166 | .Nm | 166 | .Nm |
167 | reads configuration data from | 167 | reads configuration data from |
168 | .Pa /etc/sshd_config | 168 | .Pa /etc/ssh/sshd_config |
169 | (or the file specified with | 169 | (or the file specified with |
170 | .Fl f | 170 | .Fl f |
171 | on the command line). The file | 171 | on the command line). The file |
@@ -242,7 +242,7 @@ The default is | |||
242 | .Dq no . | 242 | .Dq no . |
243 | .It Cm HostKey | 243 | .It Cm HostKey |
244 | Specifies the file containing the private host key (default | 244 | Specifies the file containing the private host key (default |
245 | .Pa /etc/ssh_host_key ) . | 245 | .Pa /etc/ssh/ssh_host_key ) . |
246 | Note that | 246 | Note that |
247 | .Nm | 247 | .Nm |
248 | does not start if this file is group/world-accessible. | 248 | does not start if this file is group/world-accessible. |
@@ -251,7 +251,7 @@ Specifies that rhosts and shosts files will not be used in | |||
251 | authentication. | 251 | authentication. |
252 | .Pa /etc/hosts.equiv | 252 | .Pa /etc/hosts.equiv |
253 | and | 253 | and |
254 | .Pa /etc/shosts.equiv | 254 | .Pa /etc/ssh/shosts.equiv |
255 | are still used. The default is | 255 | are still used. The default is |
256 | .Dq no . | 256 | .Dq no . |
257 | .It Cm KeepAlive | 257 | .It Cm KeepAlive |
@@ -455,7 +455,7 @@ Changes to user's home directory. | |||
455 | If | 455 | If |
456 | .Pa $HOME/.ssh/rc | 456 | .Pa $HOME/.ssh/rc |
457 | exists, runs it; else if | 457 | exists, runs it; else if |
458 | .Pa /etc/sshrc | 458 | .Pa /etc/ssh/sshrc |
459 | exists, runs | 459 | exists, runs |
460 | it; otherwise runs xauth. The | 460 | it; otherwise runs xauth. The |
461 | .Dq rc | 461 | .Dq rc |
@@ -541,7 +541,7 @@ from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula | |||
541 | command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi | 541 | command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi |
542 | .Sh SSH_KNOWN_HOSTS FILE FORMAT | 542 | .Sh SSH_KNOWN_HOSTS FILE FORMAT |
543 | The | 543 | The |
544 | .Pa /etc/ssh_known_hosts | 544 | .Pa /etc/ssh/ssh_known_hosts |
545 | and | 545 | and |
546 | .Pa $HOME/.ssh/known_hosts | 546 | .Pa $HOME/.ssh/known_hosts |
547 | files contain host public keys for all known hosts. The global file should | 547 | files contain host public keys for all known hosts. The global file should |
@@ -564,7 +564,7 @@ pattern on the line. | |||
564 | .Pp | 564 | .Pp |
565 | Bits, exponent, and modulus are taken directly from the host key; they | 565 | Bits, exponent, and modulus are taken directly from the host key; they |
566 | can be obtained, e.g., from | 566 | can be obtained, e.g., from |
567 | .Pa /etc/ssh_host_key.pub . | 567 | .Pa /etc/ssh/ssh_host_key.pub . |
568 | The optional comment field continues to the end of the line, and is not used. | 568 | The optional comment field continues to the end of the line, and is not used. |
569 | .Pp | 569 | .Pp |
570 | Lines starting with | 570 | Lines starting with |
@@ -583,25 +583,25 @@ Note that the lines in these files are typically hundreds of characters | |||
583 | long, and you definitely don't want to type in the host keys by hand. | 583 | long, and you definitely don't want to type in the host keys by hand. |
584 | Rather, generate them by a script | 584 | Rather, generate them by a script |
585 | or by taking | 585 | or by taking |
586 | .Pa /etc/ssh_host_key.pub | 586 | .Pa /etc/ssh/ssh_host_key.pub |
587 | and adding the host names at the front. | 587 | and adding the host names at the front. |
588 | .Ss Examples | 588 | .Ss Examples |
589 | closenet,closenet.hut.fi,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi | 589 | closenet,closenet.hut.fi,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi |
590 | .Sh FILES | 590 | .Sh FILES |
591 | .Bl -tag -width Ds | 591 | .Bl -tag -width Ds |
592 | .It Pa /etc/sshd_config | 592 | .It Pa /etc/ssh/sshd_config |
593 | Contains configuration data for | 593 | Contains configuration data for |
594 | .Nm sshd . | 594 | .Nm sshd . |
595 | This file should be writable by root only, but it is recommended | 595 | This file should be writable by root only, but it is recommended |
596 | (though not necessary) that it be world-readable. | 596 | (though not necessary) that it be world-readable. |
597 | .It Pa /etc/ssh_host_key | 597 | .It Pa /etc/ssh/ssh_host_key |
598 | Contains the private part of the host key. | 598 | Contains the private part of the host key. |
599 | This file should only be owned by root, readable only by root, and not | 599 | This file should only be owned by root, readable only by root, and not |
600 | accessible to others. | 600 | accessible to others. |
601 | Note that | 601 | Note that |
602 | .Nm | 602 | .Nm |
603 | does not start if this file is group/world-accessible. | 603 | does not start if this file is group/world-accessible. |
604 | .It Pa /etc/ssh_host_key.pub | 604 | .It Pa /etc/ssh/ssh_host_key.pub |
605 | Contains the public part of the host key. | 605 | Contains the public part of the host key. |
606 | This file should be world-readable but writable only by | 606 | This file should be world-readable but writable only by |
607 | root. Its contents should match the private part. This file is not | 607 | root. Its contents should match the private part. This file is not |
@@ -622,17 +622,17 @@ This file must be readable by root (which may on some machines imply | |||
622 | it being world-readable if the user's home directory resides on an NFS | 622 | it being world-readable if the user's home directory resides on an NFS |
623 | volume). It is recommended that it not be accessible by others. The | 623 | volume). It is recommended that it not be accessible by others. The |
624 | format of this file is described above. | 624 | format of this file is described above. |
625 | .It Pa /etc/ssh_known_hosts | 625 | .It Pa /etc/ssh/ssh_known_hosts |
626 | This file is consulted when using rhosts with RSA host | 626 | This file is consulted when using rhosts with RSA host |
627 | authentication to check the public key of the host. The key must be | 627 | authentication to check the public key of the host. The key must be |
628 | listed in this file to be accepted. | 628 | listed in this file to be accepted. |
629 | .It Pa $HOME/.ssh/known_hosts | 629 | .It Pa $HOME/.ssh/known_hosts |
630 | The client uses this file | 630 | The client uses this file |
631 | and | 631 | and |
632 | .Pa /etc/ssh_known_hosts | 632 | .Pa /etc/ssh/ssh_known_hosts |
633 | to verify that the remote host is the one we intended to | 633 | to verify that the remote host is the one we intended to |
634 | connect. These files should be writable only by root/the owner. | 634 | connect. These files should be writable only by root/the owner. |
635 | .Pa /etc/ssh_known_hosts | 635 | .Pa /etc/ssh/ssh_known_hosts |
636 | should be world-readable, and | 636 | should be world-readable, and |
637 | .Pa $HOME/.ssh/known_hosts | 637 | .Pa $HOME/.ssh/known_hosts |
638 | can but need not be world-readable. | 638 | can but need not be world-readable. |
@@ -694,7 +694,7 @@ user root access. The only valid use for user names that I can think | |||
694 | of is in negative entries. | 694 | of is in negative entries. |
695 | .Pp | 695 | .Pp |
696 | Note that this warning also applies to rsh/rlogin. | 696 | Note that this warning also applies to rsh/rlogin. |
697 | .It Pa /etc/shosts.equiv | 697 | .It Pa /etc/ssh/shosts.equiv |
698 | This is processed exactly as | 698 | This is processed exactly as |
699 | .Pa /etc/hosts.equiv . | 699 | .Pa /etc/hosts.equiv . |
700 | However, this file may be useful in environments that want to run both | 700 | However, this file may be useful in environments that want to run both |
@@ -724,13 +724,13 @@ something similar to: "if read proto cookie; then echo add $DISPLAY | |||
724 | $proto $cookie | xauth -q -; fi". | 724 | $proto $cookie | xauth -q -; fi". |
725 | .Pp | 725 | .Pp |
726 | If this file does not exist, | 726 | If this file does not exist, |
727 | .Pa /etc/sshrc | 727 | .Pa /etc/ssh/sshrc |
728 | is run, and if that | 728 | is run, and if that |
729 | does not exist either, xauth is used to store the cookie. | 729 | does not exist either, xauth is used to store the cookie. |
730 | .Pp | 730 | .Pp |
731 | This file should be writable only by the user, and need not be | 731 | This file should be writable only by the user, and need not be |
732 | readable by anyone else. | 732 | readable by anyone else. |
733 | .It Pa /etc/sshrc | 733 | .It Pa /etc/ssh/sshrc |
734 | Like | 734 | Like |
735 | .Pa $HOME/.ssh/rc . | 735 | .Pa $HOME/.ssh/rc . |
736 | This can be used to specify | 736 | This can be used to specify |