From 886c63a2c533e8ce8818580920232e4903a27da7 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 20 Jan 2000 23:13:36 +1100 Subject: - Big manpage and config file cleanup from Andre Lucas - Re-added latest (unmodified) OpenBSD manpages --- ssh.1.in | 1005 -------------------------------------------------------------- 1 file changed, 1005 deletions(-) delete mode 100644 ssh.1.in (limited to 'ssh.1.in') diff --git a/ssh.1.in b/ssh.1.in deleted file mode 100644 index b93e1c8b4..000000000 --- a/ssh.1.in +++ /dev/null @@ -1,1005 +0,0 @@ -.\" -*- nroff -*- -.\" -.\" ssh.1.in -.\" -.\" Author: Tatu Ylonen -.\" -.\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland -.\" All rights reserved -.\" -.\" Created: Sat Apr 22 21:55:14 1995 ylo -.\" -.\" $Id: ssh.1.in,v 1.3 2000/01/20 11:44:09 damien Exp $ -.\" -.Dd September 25, 1999 -.Dt SSH 1 -.Os -.Sh NAME -.Nm ssh -.Nd OpenSSH secure shell client (remote login program) -.Sh SYNOPSIS -.Nm ssh -.Op Fl l Ar login_name -.Op Ar hostname | user@hostname -.Op Ar command -.Pp -.Nm ssh -.Op Fl afgknqtvxCPX46 -.Op Fl c Ar blowfish | 3des -.Op Fl e Ar escape_char -.Op Fl i Ar identity_file -.Op Fl l Ar login_name -.Op Fl o Ar option -.Op Fl p Ar port -.Oo Fl L Xo -.Sm off -.Ar port : -.Ar host : -.Ar hostport -.Sm on -.Xc -.Oc -.Oo Fl R Xo -.Sm off -.Ar port : -.Ar host : -.Ar hostport -.Sm on -.Xc -.Oc -.Op Ar hostname | user@hostname -.Op Ar command -.Sh DESCRIPTION -.Nm -(Secure Shell) is a program for logging into a remote machine and for -executing commands on a remote machine. It is intended to replace -rlogin and rsh, and provide secure encrypted communications between -two untrusted hosts over an insecure network. X11 connections and -arbitrary TCP/IP ports can also be forwarded over the secure channel. -.Pp -.Nm -connects and logs into the specified -.Ar hostname . -The user must prove -his/her identity to the remote machine using one of several methods. -.Pp -First, if the machine the user logs in from is listed in -.Pa /etc/hosts.equiv -or -.Pa @sysconfdir@/shosts.equiv -on the remote machine, and the user names are -the same on both sides, the user is immediately permitted to log in. -Second, if -.Pa \&.rhosts -or -.Pa \&.shosts -exists in the user's home directory on the -remote machine and contains a line containing the name of the client -machine and the name of the user on that machine, the user is -permitted to log in. This form of authentication alone is normally not -allowed by the server because it is not secure. -.Pp -The second (and primary) authentication method is the -.Pa rhosts -or -.Pa hosts.equiv -method combined with RSA-based host authentication. It -means that if the login would be permitted by -.Pa \&.rhosts , -.Pa \&.shosts , -.Pa /etc/hosts.equiv , -or -.Pa @sysconfdir@/shosts.equiv , -and if additionally the server can verify the client's -host key (see -.Pa @sysconfdir@/ssh_known_hosts -and -.Pa $HOME/.ssh/known_hosts -in the -.Sx FILES -section), only then login is -permitted. This authentication method closes security holes due to IP -spoofing, DNS spoofing and routing spoofing. [Note to the -administrator: -.Pa /etc/hosts.equiv , -.Pa \&.rhosts , -and the rlogin/rsh protocol in general, are inherently insecure and should be -disabled if security is desired.] -.Pp -As a third authentication method, -.Nm -supports RSA based authentication. -The scheme is based on public-key cryptography: there are cryptosystems -where encryption and decryption are done using separate keys, and it -is not possible to derive the decryption key from the encryption key. -RSA is one such system. The idea is that each user creates a public/private -key pair for authentication purposes. The -server knows the public key, and only the user knows the private key. -The file -.Pa $HOME/.ssh/authorized_keys -lists the public keys that are permitted for logging -in. When the user logs in, the -.Nm -program tells the server which key pair it would like to use for -authentication. The server checks if this key is permitted, and if -so, sends the user (actually the -.Nm -program running on behalf of the user) a challenge, a random number, -encrypted by the user's public key. The challenge can only be -decrypted using the proper private key. The user's client then decrypts the -challenge using the private key, proving that he/she knows the private -key but without disclosing it to the server. -.Pp -.Nm -implements the RSA authentication protocol automatically. The user -creates his/her RSA key pair by running -.Xr ssh-keygen 1 . -This stores the private key in -.Pa \&.ssh/identity -and the public key in -.Pa \&.ssh/identity.pub -in the user's home directory. The user should then -copy the -.Pa identity.pub -to -.Pa \&.ssh/authorized_keys -in his/her home directory on the remote machine (the -.Pa authorized_keys -file corresponds to the conventional -.Pa \&.rhosts -file, and has one key -per line, though the lines can be very long). After this, the user -can log in without giving the password. RSA authentication is much -more secure than rhosts authentication. -.Pp -The most convenient way to use RSA authentication may be with an -authentication agent. See -.Xr ssh-agent 1 -for more information. -.Pp -If other authentication methods fail, -.Nm -prompts the user for a password. The password is sent to the remote -host for checking; however, since all communications are encrypted, -the password cannot be seen by someone listening on the network. -.Pp -When the user's identity has been accepted by the server, the server -either executes the given command, or logs into the machine and gives -the user a normal shell on the remote machine. All communication with -the remote command or shell will be automatically encrypted. -.Pp -If a pseudo-terminal has been allocated (normal login session), the -user can disconnect with -.Ic ~. , -and suspend -.Nm -with -.Ic ~^Z . -All forwarded connections can be listed with -.Ic ~# -and if -the session blocks waiting for forwarded X11 or TCP/IP -connections to terminate, it can be backgrounded with -.Ic ~& -(this should not be used while the user shell is active, as it can cause the -shell to hang). All available escapes can be listed with -.Ic ~? . -.Pp -A single tilde character can be sent as -.Ic ~~ -(or by following the tilde by a character other than those described above). -The escape character must always follow a newline to be interpreted as -special. The escape character can be changed in configuration files -or on the command line. -.Pp -If no pseudo tty has been allocated, the -session is transparent and can be used to reliably transfer binary -data. On most systems, setting the escape character to -.Dq none -will also make the session transparent even if a tty is used. -.Pp -The session terminates when the command or shell in on the remote -machine exists and all X11 and TCP/IP connections have been closed. -The exit status of the remote program is returned as the exit status -of -.Nm ssh . -.Pp -If the user is using X11 (the -.Ev DISPLAY -environment variable is set), the connection to the X11 display is -automatically forwarded to the remote side in such a way that any X11 -programs started from the shell (or command) will go through the -encrypted channel, and the connection to the real X server will be made -from the local machine. The user should not manually set -.Ev DISPLAY . -Forwarding of X11 connections can be -configured on the command line or in configuration files. -.Pp -The -.Ev DISPLAY -value set by -.Nm -will point to the server machine, but with a display number greater -than zero. This is normal, and happens because -.Nm -creates a -.Dq proxy -X server on the server machine for forwarding the -connections over the encrypted channel. -.Pp -.Nm -will also automatically set up Xauthority data on the server machine. -For this purpose, it will generate a random authorization cookie, -store it in Xauthority on the server, and verify that any forwarded -connections carry this cookie and replace it by the real cookie when -the connection is opened. The real authentication cookie is never -sent to the server machine (and no cookies are sent in the plain). -.Pp -If the user is using an authentication agent, the connection to the agent -is automatically forwarded to the remote side unless disabled on -command line or in a configuration file. -.Pp -Forwarding of arbitrary TCP/IP connections over the secure channel can -be specified either on command line or in a configuration file. One -possible application of TCP/IP forwarding is a secure connection to an -electronic purse; another is going trough firewalls. -.Pp -.Nm -automatically maintains and checks a database containing RSA-based -identifications for all hosts it has ever been used with. The -database is stored in -.Pa \&.ssh/known_hosts -in the user's home directory. Additionally, the file -.Pa @sysconfdir@/ssh_known_hosts -is automatically checked for known hosts. Any new hosts are -automatically added to the user's file. If a host's identification -ever changes, -.Nm -warns about this and disables password authentication to prevent a -trojan horse from getting the user's password. Another purpose of -this mechanism is to prevent man-in-the-middle attacks which could -otherwise be used to circumvent the encryption. The -.Cm StrictHostKeyChecking -option (see below) can be used to prevent logins to machines whose -host key is not known or has changed. -.Sh OPTIONS -.Bl -tag -width Ds -.It Fl a -Disables forwarding of the authentication agent connection. This may -also be specified on a per-host basis in the configuration file. -.It Fl c Ar blowfish|3des -Selects the cipher to use for encrypting the session. -.Ar 3des -is used by default. It is believed to be secure. -.Ar 3des -(triple-des) is an encrypt-decrypt-encrypt triple with three different keys. -It is presumably more secure than the -.Ar des -cipher which is no longer supported in ssh. -.Ar blowfish -is a fast block cipher, it appears very secure and is much faster than -.Ar 3des . -.It Fl e Ar ch|^ch|none -Sets the escape character for sessions with a pty (default: -.Ql ~ ) . -The escape character is only recognized at the beginning of a line. The -escape character followed by a dot -.Pq Ql \&. -closes the connection, followed -by control-Z suspends the connection, and followed by itself sends the -escape character once. Setting the character to -.Dq none -disables any escapes and makes the session fully transparent. -.It Fl f -Requests -.Nm -to go to background just before command execution. This is useful -if -.Nm -is going to ask for passwords or passphrases, but the user -wants it in the background. This implies -.Fl n . -The recommended way to start X11 programs at a remote site is with -something like -.Ic ssh -f host xterm . -.It Fl g -Allows remote hosts to connect to local forwarded ports. -.It Fl i Ar identity_file -Selects the file from which the identity (private key) for -RSA authentication is read. Default is -.Pa \&.ssh/identity -in the user's home directory. Identity files may also be specified on -a per-host basis in the configuration file. It is possible to have -multiple -.Fl i -options (and multiple identities specified in -configuration files). -.It Fl k -Disables forwarding of Kerberos tickets and AFS tokens. This may -also be specified on a per-host basis in the configuration file. -.It Fl l Ar login_name -Specifies the user to log in as on the remote machine. This may also -be specified on a per-host basis in the configuration file. -.It Fl n -Redirects stdin from -.Pa /dev/null -(actually, prevents reading from stdin). -This must be used when -.Nm -is run in the background. A common trick is to use this to run X11 -programs in a remote machine. For example, -.Ic ssh -n shadows.cs.hut.fi emacs & -will start an emacs on shadows.cs.hut.fi, and the X11 -connection will be automatically forwarded over an encrypted channel. -The -.Nm -program will be put in the background. -(This does not work if -.Nm -needs to ask for a password or passphrase; see also the -.Fl f -option.) -.It Fl o Ar option -Can be used to give options in the format used in the config file. -This is useful for specifying options for which there is no separate -command-line flag. The option has the same format as a line in the -configuration file. -.It Fl p Ar port -Port to connect to on the remote host. This can be specified on a -per-host basis in the configuration file. -.It Fl P -Use a non-privileged port for outgoing connections. -This can be used if your firewall does -not permit connections from privileged ports. -Note that this option turns off -.Cm RhostsAuthentication -and -.Cm RhostsRSAAuthentication . -.It Fl q -Quiet mode. Causes all warning and diagnostic messages to be -suppressed. Only fatal errors are displayed. -.It Fl t -Force pseudo-tty allocation. This can be used to execute arbitary -screen-based programs on a remote machine, which can be very useful -e.g. when implementing menu services. -.It Fl v -Verbose mode. Causes -.Nm -to print debugging messages about its progress. This is helpful in -debugging connection, authentication, and configuration problems. -The verbose mode is also used to display -.Xr skey 1 -challenges, if the user entered "s/key" as password. -.It Fl x -Disables X11 forwarding. This can also be specified on a per-host -basis in a configuration file. -.It Fl X -Enables X11 forwarding. -.It Fl C -Requests compression of all data (including stdin, stdout, stderr, and -data for forwarded X11 and TCP/IP connections). The compression -algorithm is the same used by -.Xr gzip 1 , -and the -.Dq level -can be controlled by the -.Cm CompressionLevel -option (see below). Compression is desirable on modem lines and other -slow connections, but will only slow down things on fast networks. -The default value can be set on a host-by-host basis in the -configuration files; see the -.Cm Compress -option below. -.It Fl L Ar port:host:hostport -Specifies that the given port on the local (client) host is to be -forwarded to the given host and port on the remote side. This works -by allocating a socket to listen to -.Ar port -on the local side, and whenever a connection is made to this port, the -connection is forwarded over the secure channel, and a connection is -made to -.Ar host -port -.Ar hostport -from the remote machine. Port forwardings can also be specified in the -configuration file. Only root can forward privileged ports. -IPv6 addresses can be specified with an alternative syntax: -.Ar port/host/hostport -.It Fl R Ar port:host:hostport -Specifies that the given port on the remote (server) host is to be -forwarded to the given host and port on the local side. This works -by allocating a socket to listen to -.Ar port -on the remote side, and whenever a connection is made to this port, the -connection is forwarded over the secure channel, and a connection is -made to -.Ar host -port -.Ar hostport -from the local machine. Port forwardings can also be specified in the -configuration file. Privileged ports can be forwarded only when -logging in as root on the remote machine. -.It Fl 4 -Forces -.Nm -to use IPv4 addresses only. -.It Fl 6 -Forces -.Nm -to use IPv6 addresses only. -.El -.Sh CONFIGURATION FILES -.Nm -obtains configuration data from the following sources (in this order): -command line options, user's configuration file -.Pq Pa $HOME/.ssh/config , -and system-wide configuration file -.Pq Pa @sysconfdir@/ssh_config . -For each parameter, the first obtained value -will be used. The configuration files contain sections bracketed by -"Host" specifications, and that section is only applied for hosts that -match one of the patterns given in the specification. The matched -host name is the one given on the command line. -.Pp -Since the first obtained value for each parameter is used, more -host-specific declarations should be given near the beginning of the -file, and general defaults at the end. -.Pp -The configuration file has the following format: -.Pp -Empty lines and lines starting with -.Ql # -are comments. -.Pp -Otherwise a line is of the format -.Dq keyword arguments . -The possible -keywords and their meanings are as follows (note that the -configuration files are case-sensitive): -.Bl -tag -width Ds -.It Cm Host -Restricts the following declarations (up to the next -.Cm Host -keyword) to be only for those hosts that match one of the patterns -given after the keyword. -.Ql \&* -and -.Ql ? -can be used as wildcards in the -patterns. A single -.Ql \&* -as a pattern can be used to provide global -defaults for all hosts. The host is the -.Ar hostname -argument given on the command line (i.e., the name is not converted to -a canonicalized host name before matching). -.It Cm AFSTokenPassing -Specifies whether to pass AFS tokens to remote host. The argument to -this keyword must be -.Dq yes -or -.Dq no . -.It Cm BatchMode -If set to -.Dq yes , -passphrase/password querying will be disabled. This -option is useful in scripts and other batch jobs where you have no -user to supply the password. The argument must be -.Dq yes -or -.Dq no . -.It Cm CheckHostIP -If this flag is set to -.Dq yes , -ssh will additionally check the host ip address in the -.Pa known_hosts -file. This allows ssh to detect if a host key changed due to DNS spoofing. -If the option is set to -.Dq no , -the check will not be executed. -.It Cm Cipher -Specifies the cipher to use for encrypting the session. Currently, -.Dq blowfish , -and -.Dq 3des -are supported. The default is -.Dq 3des . -.It Cm Compression -Specifies whether to use compression. The argument must be -.Dq yes -or -.Dq no . -.It Cm CompressionLevel -Specifies the compression level to use if compression is enable. The -argument must be an integer from 1 (fast) to 9 (slow, best). The -default level is 6, which is good for most applications. The meaning -of the values is the same as in -.Xr gzip 1 . -.It Cm ConnectionAttempts -Specifies the number of tries (one per second) to make before falling -back to rsh or exiting. The argument must be an integer. This may be -useful in scripts if the connection sometimes fails. -.It Cm EscapeChar -Sets the escape character (default: -.Ql ~ ) . -The escape character can also -be set on the command line. The argument should be a single -character, -.Ql ^ -followed by a letter, or -.Dq none -to disable the escape -character entirely (making the connection transparent for binary -data). -.It Cm FallBackToRsh -Specifies that if connecting via -.Nm -fails due to a connection refused error (there is no -.Xr sshd 8 -listening on the remote host), -.Xr rsh 1 -should automatically be used instead (after a suitable warning about -the session being unencrypted). The argument must be -.Dq yes -or -.Dq no . -.It Cm ForwardAgent -Specifies whether the connection to the authentication agent (if any) -will be forwarded to the remote machine. The argument must be -.Dq yes -or -.Dq no . -.It Cm ForwardX11 -Specifies whether X11 connections will be automatically redirected -over the secure channel and -.Ev DISPLAY -set. The argument must be -.Dq yes -or -.Dq no . -.It Cm GatewayPorts -Specifies whether remote hosts are allowed to connect to local -forwarded ports. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.It Cm GlobalKnownHostsFile -Specifies a file to use instead of -.Pa @sysconfdir@/ssh_known_hosts . -.It Cm HostName -Specifies the real host name to log into. This can be used to specify -nicnames or abbreviations for hosts. Default is the name given on the -command line. Numeric IP addresses are also permitted (both on the -command line and in -.Cm HostName -specifications). -.It Cm IdentityFile -Specifies the file from which the user's RSA authentication identity -is read (default -.Pa .ssh/identity -in the user's home directory). -Additionally, any identities represented by the authentication agent -will be used for authentication. The file name may use the tilde -syntax to refer to a user's home directory. It is possible to have -multiple identity files specified in configuration files; all these -identities will be tried in sequence. -.It Cm KeepAlive -Specifies whether the system should send keepalive messages to the -other side. If they are sent, death of the connection or crash of one -of the machines will be properly noticed. However, this means that -connections will die if the route is down temporarily, and some people -find it annoying. -.Pp -The default is -.Dq yes -(to send keepalives), and the client will notice -if the network goes down or the remote host dies. This is important -in scripts, and many users want it too. -.Pp -To disable keepalives, the value should be set to -.Dq no -in both the server and the client configuration files. -.It Cm KerberosAuthentication -Specifies whether Kerberos authentication will be used. The argument to -this keyword must be -.Dq yes -or -.Dq no . -.It Cm KerberosTgtPassing -Specifies whether a Kerberos TGT will be forwarded to the server. This -will only work if the Kerberos server is actually an AFS kaserver. The -argument to this keyword must be -.Dq yes -or -.Dq no . -.It Cm LocalForward -Specifies that a TCP/IP port on the local machine be forwarded over -the secure channel to given host:port from the remote machine. The -first argument must be a port number, and the second must be -host:port. Multiple forwardings may be specified, and additional -forwardings can be given on the command line. Only the root can -forward privileged ports. -.It Cm LogLevel -Gives the verbosity level that is used when logging messages from -.Nm ssh . -The possible values are: -QUIET, FATAL, ERROR, INFO, CHAT and DEBUG. -The default is INFO. -.It Cm NumberOfPasswordPrompts -Specifies the number of password prompts before giving up. The -argument to this keyword must be an integer. Default is 3. -.It Cm PasswordAuthentication -Specifies whether to use password authentication. The argument to -this keyword must be -.Dq yes -or -.Dq no . -.It Cm Port -Specifies the port number to connect on the remote host. Default is -22. -.It Cm ProxyCommand -Specifies the command to use to connect to the server. The command -string extends to the end of the line, and is executed with /bin/sh. -In the command string, %h will be substituted by the host name to -connect and %p by the port. The command can be basically anything, -and should read from its stdin and write to its stdout. It should -eventually connect an -.Xr sshd 8 -server running on some machine, or execute -.Ic sshd -i -somewhere. Host key management will be done using the -HostName of the host being connected (defaulting to the name typed by -the user). -Note that -.Cm CheckHostIP -is not available for connects with a proxy command. -.Pp -.It Cm RemoteForward -Specifies that a TCP/IP port on the remote machine be forwarded over -the secure channel to given host:port from the local machine. The -first argument must be a port number, and the second must be -host:port. Multiple forwardings may be specified, and additional -forwardings can be given on the command line. Only the root can -forward privileged ports. -.It Cm RhostsAuthentication -Specifies whether to try rhosts based authentication. Note that this -declaration only affects the client side and has no effect whatsoever -on security. Disabling rhosts authentication may reduce -authentication time on slow connections when rhosts authentication is -not used. Most servers do not permit RhostsAuthentication because it -is not secure (see RhostsRSAAuthentication). The argument to this -keyword must be -.Dq yes -or -.Dq no . -.It Cm RhostsRSAAuthentication -Specifies whether to try rhosts based authentication with RSA host -authentication. This is the primary authentication method for most -sites. The argument must be -.Dq yes -or -.Dq no . -.It Cm RSAAuthentication -Specifies whether to try RSA authentication. The argument to this -keyword must be -.Dq yes -or -.Dq no . -RSA authentication will only be -attempted if the identity file exists, or an authentication agent is -running. -.It Cm SkeyAuthentication -Specifies whether to use -.Xr skey 1 -authentication. The argument to -this keyword must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -.It Cm StrictHostKeyChecking -If this flag is set to -.Dq yes , -.Nm -ssh will never automatically add host keys to the -.Pa $HOME/.ssh/known_hosts -file, and refuses to connect hosts whose host key has changed. This -provides maximum protection against trojan horse attacks. However, it -can be somewhat annoying if you don't have good -.Pa @sysconfdir@/ssh_known_hosts -files installed and frequently -connect new hosts. Basically this option forces the user to manually -add any new hosts. Normally this option is disabled, and new hosts -will automatically be added to the known host files. The host keys of -known hosts will be verified automatically in either case. The -argument must be -.Dq yes -or -.Dq no . -.It Cm UsePrivilegedPort -Specifies whether to use a privileged port for outgoing connections. -The argument must be -.Dq yes -or -.Dq no . -The default is -.Dq yes . -Note that setting this option to -.Dq no -turns off -.Cm RhostsAuthentication -and -.Cm RhostsRSAAuthentication . -.It Cm User -Specifies the user to log in as. This can be useful if you have a -different user name in different machines. This saves the trouble of -having to remember to give the user name on the command line. -.It Cm UserKnownHostsFile -Specifies a file to use instead of -.Pa $HOME/.ssh/known_hosts . -.It Cm UseRsh -Specifies that rlogin/rsh should be used for this host. It is -possible that the host does not at all support the -.Nm -protocol. This causes -.Nm -to immediately exec -.Xr rsh 1 . -All other options (except -.Cm HostName ) -are ignored if this has been specified. The argument must be -.Dq yes -or -.Dq no . -.Sh ENVIRONMENT -.Nm -will normally set the following environment variables: -.Bl -tag -width Ds -.It Ev DISPLAY -The -.Ev DISPLAY -variable indicates the location of the X11 server. It is -automatically set by -.Nm -to point to a value of the form -.Dq hostname:n -where hostname indicates -the host where the shell runs, and n is an integer >= 1. Ssh uses -this special value to forward X11 connections over the secure -channel. The user should normally not set DISPLAY explicitly, as that -will render the X11 connection insecure (and will require the user to -manually copy any required authorization cookies). -.It Ev HOME -Set to the path of the user's home directory. -.It Ev LOGNAME -Synonym for -.Ev USER ; -set for compatibility with systems that use this variable. -.It Ev MAIL -Set to point the user's mailbox. -.It Ev PATH -Set to the default -.Ev PATH , -as specified when compiling -.Nm ssh . -.It Ev SSH_AUTH_SOCK -indicates the path of a unix-domain socket used to communicate with the -agent. -.It Ev SSH_CLIENT -Identifies the client end of the connection. The variable contains -three space-separated values: client ip-address, client port number, -and server port number. -.It Ev SSH_TTY -This is set to the name of the tty (path to the device) associated -with the current shell or command. If the current session has no tty, -this variable is not set. -.It Ev TZ -The timezone variable is set to indicate the present timezone if it -was set when the daemon was started (e.i., the daemon passes the value -on to new connections). -.It Ev USER -Set to the name of the user logging in. -.El -.Pp -Additionally, -.Nm -reads -.Pa $HOME/.ssh/environment , -and adds lines of the format -.Dq VARNAME=value -to the environment. -.Sh FILES -.Bl -tag -width $HOME/.ssh/known_hosts -.It Pa $HOME/.ssh/known_hosts -Records host keys for all hosts the user has logged into (that are not -in -.Pa @sysconfdir@/ssh_known_hosts ) . -See -.Xr sshd 8 . -.It Pa $HOME/.ssh/identity -Contains the RSA authentication identity of the user. This file -contains sensitive data and should be readable by the user but not -accessible by others (read/write/execute). -Note that -.Nm -ignores this file if it is accessible by others. -It is possible to specify a passphrase when -generating the key; the passphrase will be used to encrypt the -sensitive part of this file using 3DES. -.It Pa $HOME/.ssh/identity.pub -Contains the public key for authentication (public part of the -identity file in human-readable form). The contents of this file -should be added to -.Pa $HOME/.ssh/authorized_keys -on all machines -where you wish to log in using RSA authentication. This file is not -sensitive and can (but need not) be readable by anyone. This file is -never used automatically and is not necessary; it is only provided for -the convenience of the user. -.It Pa $HOME/.ssh/config -This is the per-user configuration file. The format of this file is -described above. This file is used by the -.Nm -client. This file does not usually contain any sensitive information, -but the recommended permissions are read/write for the user, and not -accessible by others. -.It Pa $HOME/.ssh/authorized_keys -Lists the RSA keys that can be used for logging in as this user. The -format of this file is described in the -.Xr sshd 8 -manual page. In the simplest form the format is the same as the .pub -identity files (that is, each line contains the number of bits in -modulus, public exponent, modulus, and comment fields, separated by -spaces). This file is not highly sensitive, but the recommended -permissions are read/write for the user, and not accessible by others. -.It Pa @sysconfdir@/ssh_known_hosts -Systemwide list of known host keys. This file should be prepared by the -system administrator to contain the public host keys of all machines in the -organization. This file should be world-readable. This file contains -public keys, one per line, in the following format (fields separated -by spaces): system name, number of bits in modulus, public exponent, -modulus, and optional comment field. When different names are used -for the same machine, all such names should be listed, separated by -commas. The format is described on the -.Xr sshd 8 -manual page. -.Pp -The canonical system name (as returned by name servers) is used by -.Xr sshd 8 -to verify the client host when logging in; other names are needed because -.Nm -does not convert the user-supplied name to a canonical name before -checking the key, because someone with access to the name servers -would then be able to fool host authentication. -.It Pa @sysconfdir@/ssh_config -Systemwide configuration file. This file provides defaults for those -values that are not specified in the user's configuration file, and -for those users who do not have a configuration file. This file must -be world-readable. -.It Pa $HOME/.rhosts -This file is used in -.Pa \&.rhosts -authentication to list the -host/user pairs that are permitted to log in. (Note that this file is -also used by rlogin and rsh, which makes using this file insecure.) -Each line of the file contains a host name (in the canonical form -returned by name servers), and then a user name on that host, -separated by a space. One some machines this file may need to be -world-readable if the user's home directory is on a NFS partition, -because -.Xr sshd 8 -reads it as root. Additionally, this file must be owned by the user, -and must not have write permissions for anyone else. The recommended -permission for most machines is read/write for the user, and not -accessible by others. -.Pp -Note that by default -.Xr sshd 8 -will be installed so that it requires successful RSA host -authentication before permitting \s+2.\s0rhosts authentication. If your -server machine does not have the client's host key in -.Pa @sysconfdir@/ssh_known_hosts , -you can store it in -.Pa $HOME/.ssh/known_hosts . -The easiest way to do this is to -connect back to the client from the server machine using ssh; this -will automatically add the host key inxi -.Pa $HOME/.ssh/known_hosts . -.It Pa $HOME/.shosts -This file is used exactly the same way as -.Pa \&.rhosts . -The purpose for -having this file is to be able to use rhosts authentication with -.Nm -without permitting login with -.Xr rlogin 1 -or -.Xr rsh 1 . -.It Pa /etc/hosts.equiv -This file is used during -.Pa \&.rhosts authentication. It contains -canonical hosts names, one per line (the full format is described on -the -.Xr sshd 8 -manual page). If the client host is found in this file, login is -automatically permitted provided client and server user names are the -same. Additionally, successful RSA host authentication is normally -required. This file should only be writable by root. -.It Pa @sysconfdir@/shosts.equiv -This file is processed exactly as -.Pa /etc/hosts.equiv . -This file may be useful to permit logins using -.Nm -but not using rsh/rlogin. -.It Pa @sysconfdir@/sshrc -Commands in this file are executed by -.Nm -when the user logs in just before the user's shell (or command) is started. -See the -.Xr sshd 8 -manual page for more information. -.It Pa $HOME/.ssh/rc -Commands in this file are executed by -.Nm -when the user logs in just before the user's shell (or command) is -started. -See the -.Xr sshd 8 -manual page for more information. -.It Pa $HOME/.ssh/environment -Contains additional definitions for environment variables, see section -.Sx ENVIRONMENT -above. -.It Pa libcrypto.so.X.1 -A version of this library which includes support for the RSA algorithm -is required for proper operation. -.Sh AUTHOR -Tatu Ylonen -.Pp -Issues can be found from the SSH WWW home page: -.Pp -.Dl http://www.cs.hut.fi/ssh -.Pp -OpenSSH -is a derivative of the original (free) ssh 1.2.12 release, but with bugs -removed and newer features re-added. Rapidly after the 1.2.12 release, -newer versions bore successively more restrictive licenses. This version -of OpenSSH -.Bl -bullet -.It -has all components of a restrictive nature (ie. patents, see -.Xr ssl 8 ) -directly removed from the source code; any licensed or patented components -are chosen from -external libraries. -.It -has been updated to support ssh protocol 1.5. -.It -contains added support for -.Xr kerberos 8 -authentication and ticket passing. -.It -supports one-time password authentication with -.Xr skey 1 . -.El -.Pp -The libraries described in -.Xr ssl 8 -are required for proper operation. -.Pp -OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl, -Niels Provos, Theo de Raadt, and Dug Song. -.Sh SEE ALSO -.Xr rlogin 1 , -.Xr rsh 1 , -.Xr scp 1 , -.Xr ssh-add 1 , -.Xr ssh-agent 1 , -.Xr ssh-keygen 1 , -.Xr telnet 1 , -.Xr sshd 8 , -.Xr ssl 8 -- cgit v1.2.3