From 34132e54cbd221d17d373fc54f4e3f7b85727f7f Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Fri, 14 Jan 2000 15:45:46 +1100 Subject: - Merged OpenBSD IPv6 patch: - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1] [scp.c packet.h packet.c login.c log.c canohost.c channels.c] [hostfile.c sshd_config] ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features: sshd allows multiple ListenAddress and Port options. note that libwrap is not IPv6-ready. (based on patches from fujiwara@rcac.tdi.co.jp) - [ssh.c canohost.c] more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo, from itojun@ - [channels.c] listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE) - [packet.h] allow auth-kerberos for IPv4 only - [scp.1 sshd.8 servconf.h scp.c] document -4, -6, and 'ssh -L 2022/::1/22' - [ssh.c] 'ssh @host' is illegal (null user name), from karsten@gedankenpolizei.de - [sshconnect.c] better error message - [sshd.c] allow auth-kerberos for IPv4 only - Big IPv6 merge: - Cleanup overrun in sockaddr copying on RHL 6.1 - Replacements for getaddrinfo, getnameinfo, etc based on versions from patch from KIKUCHI Takahiro - Replacement for missing structures on systems that lack IPv6 - record_login needed to know about AF_INET6 addresses - Borrowed more code from OpenBSD: rresvport_af and requisites --- ssh.1.in | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) (limited to 'ssh.1.in') diff --git a/ssh.1.in b/ssh.1.in index e19f87e13..d2ac0f2c2 100644 --- a/ssh.1.in +++ b/ssh.1.in @@ -9,7 +9,7 @@ .\" .\" Created: Sat Apr 22 21:55:14 1995 ylo .\" -.\" $Id: ssh.1.in,v 1.1 1999/12/26 22:23:58 damien Exp $ +.\" $Id: ssh.1.in,v 1.2 2000/01/14 04:45:51 damien Exp $ .\" .Dd September 25, 1999 .Dt SSH 1 @@ -24,7 +24,7 @@ .Op Ar command .Pp .Nm ssh -.Op Fl afgknqtvxCPX +.Op Fl afgknqtvxCPX46 .Op Fl c Ar blowfish | 3des .Op Fl e Ar escape_char .Op Fl i Ar identity_file @@ -396,9 +396,13 @@ by allocating a socket to listen to on the local side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made to -.Ar host:hostport +.Ar host +port +.Ar hostport from the remote machine. Port forwardings can also be specified in the configuration file. Only root can forward privileged ports. +IPv6 addresses can be specified with an alternative syntax: +.Ar port/host/hostport .It Fl R Ar port:host:hostport Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side. This works @@ -407,10 +411,20 @@ by allocating a socket to listen to on the remote side, and whenever a connection is made to this port, the connection is forwarded over the secure channel, and a connection is made to -.Ar host:hostport +.Ar host +port +.Ar hostport from the local machine. Port forwardings can also be specified in the configuration file. Privileged ports can be forwarded only when logging in as root on the remote machine. +.It Fl 4 +Forces +.Nm +to use IPv4 addresses only. +.It Fl 6 +Forces +.Nm +to use IPv6 addresses only. .El .Sh CONFIGURATION FILES .Nm -- cgit v1.2.3