diff options
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 81 |
1 files changed, 35 insertions, 46 deletions
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.213 2006/01/25 09:07:22 jmc Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.214 2006/02/01 09:06:50 jmc Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -227,20 +227,26 @@ USER@HOST pattern in | |||
227 | or | 227 | or |
228 | .Cm DenyUsers . | 228 | .Cm DenyUsers . |
229 | .El | 229 | .El |
230 | .Pp | 230 | .Sh AUTHENTICATION |
231 | This implementation of | 231 | The OpenSSH SSH daemon supports SSH protocols 1 and 2. |
232 | .Nm | 232 | Both protocols are supported by default, |
233 | supports both SSH protocol version 1 and 2 simultaneously. | 233 | though this can be changed via the |
234 | .Nm | 234 | .Cm Protocol |
235 | works as follows: | 235 | option in |
236 | .Sh SSH PROTOCOL VERSION 1 | 236 | .Xr sshd_config 5 . |
237 | Each host has a host-specific RSA key | 237 | Protocol 2 supports both RSA and DSA keys; |
238 | (normally 2048 bits) used to identify the host. | 238 | protocol 1 only supports RSA keys. |
239 | Additionally, when | 239 | For both protocols, |
240 | the daemon starts, it generates a server RSA key (normally 768 bits). | 240 | each host has a host-specific key, |
241 | normally 2048 bits, | ||
242 | used to identify the host. | ||
243 | .Pp | ||
244 | Forward security for protocol 1 is provided through | ||
245 | an additional server key, | ||
246 | normally 768 bits, | ||
247 | generated when the server starts. | ||
241 | This key is normally regenerated every hour if it has been used, and | 248 | This key is normally regenerated every hour if it has been used, and |
242 | is never stored on disk. | 249 | is never stored on disk. |
243 | .Pp | ||
244 | Whenever a client connects, the daemon responds with its public | 250 | Whenever a client connects, the daemon responds with its public |
245 | host and server keys. | 251 | host and server keys. |
246 | The client compares the | 252 | The client compares the |
@@ -258,12 +264,23 @@ being used by default. | |||
258 | The client selects the encryption algorithm | 264 | The client selects the encryption algorithm |
259 | to use from those offered by the server. | 265 | to use from those offered by the server. |
260 | .Pp | 266 | .Pp |
261 | Next, the server and the client enter an authentication dialog. | 267 | For protocol 2, |
268 | forward security is provided through a Diffie-Hellman key agreement. | ||
269 | This key agreement results in a shared session key. | ||
270 | The rest of the session is encrypted using a symmetric cipher, currently | ||
271 | 128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. | ||
272 | The client selects the encryption algorithm | ||
273 | to use from those offered by the server. | ||
274 | Additionally, session integrity is provided | ||
275 | through a cryptographic message authentication code | ||
276 | (hmac-sha1 or hmac-md5). | ||
277 | .Pp | ||
278 | Finally, the server and the client enter an authentication dialog. | ||
262 | The client tries to authenticate itself using | 279 | The client tries to authenticate itself using |
263 | .Em rhosts | 280 | host-based authentication, |
264 | authentication combined with RSA host | 281 | public key authentication, |
265 | authentication, RSA challenge-response authentication, or password | 282 | challenge-response authentication, |
266 | based authentication. | 283 | or password authentication. |
267 | .Pp | 284 | .Pp |
268 | Regardless of the authentication type, the account is checked to | 285 | Regardless of the authentication type, the account is checked to |
269 | ensure that it is accessible. An account is not accessible if it is | 286 | ensure that it is accessible. An account is not accessible if it is |
@@ -301,25 +318,6 @@ are disabled (thus completely disabling | |||
301 | and | 318 | and |
302 | .Xr rsh | 319 | .Xr rsh |
303 | into the machine). | 320 | into the machine). |
304 | .Sh SSH PROTOCOL VERSION 2 | ||
305 | Version 2 works similarly: | ||
306 | Each host has a host-specific key (RSA or DSA) used to identify the host. | ||
307 | However, when the daemon starts, it does not generate a server key. | ||
308 | Forward security is provided through a Diffie-Hellman key agreement. | ||
309 | This key agreement results in a shared session key. | ||
310 | .Pp | ||
311 | The rest of the session is encrypted using a symmetric cipher, currently | ||
312 | 128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. | ||
313 | The client selects the encryption algorithm | ||
314 | to use from those offered by the server. | ||
315 | Additionally, session integrity is provided | ||
316 | through a cryptographic message authentication code | ||
317 | (hmac-sha1 or hmac-md5). | ||
318 | .Pp | ||
319 | Protocol version 2 provides a public key based | ||
320 | user (PubkeyAuthentication) or | ||
321 | client host (HostbasedAuthentication) authentication method, | ||
322 | conventional password authentication and challenge response based methods. | ||
323 | .Sh COMMAND EXECUTION AND DATA FORWARDING | 321 | .Sh COMMAND EXECUTION AND DATA FORWARDING |
324 | If the client successfully authenticates itself, a dialog for | 322 | If the client successfully authenticates itself, a dialog for |
325 | preparing the session is entered. | 323 | preparing the session is entered. |
@@ -337,15 +335,6 @@ command on the server side, and the user terminal in the client side. | |||
337 | When the user program terminates and all forwarded X11 and other | 335 | When the user program terminates and all forwarded X11 and other |
338 | connections have been closed, the server sends command exit status to | 336 | connections have been closed, the server sends command exit status to |
339 | the client, and both sides exit. | 337 | the client, and both sides exit. |
340 | .Sh CONFIGURATION FILE | ||
341 | .Nm | ||
342 | reads configuration data from | ||
343 | .Pa /etc/ssh/sshd_config | ||
344 | (or the file specified with | ||
345 | .Fl f | ||
346 | on the command line). | ||
347 | The file format and configuration options are described in | ||
348 | .Xr sshd_config 5 . | ||
349 | .Sh LOGIN PROCESS | 338 | .Sh LOGIN PROCESS |
350 | When a user successfully logs in, | 339 | When a user successfully logs in, |
351 | .Nm | 340 | .Nm |