Print this page
First stab at the full Joyent wad (still needs work!!!)
| Split |
Close |
| Expand all |
| Collapse all |
--- old/build/openssh/patches/0004-Reorganise-man-pages-into-Illumos-numbering-adjust-t.patch
+++ new/build/openssh/patches/0006-Reorganise-man-pages-into-Illumos-numbering-adjust-t.patch
1 -From 0b784f8f36fc30f8722e784777fe012062beb0d3 Mon Sep 17 00:00:00 2001
1 +From 310f67442b9faf22eb3a30a614202cdd04f99119 Mon Sep 17 00:00:00 2001
2 2 From: oracle <solaris@oracle.com>
3 3 Date: Mon, 3 Aug 2015 14:34:55 -0700
4 -Subject: [PATCH 04/30] Reorganise man pages into Illumos numbering, adjust
4 +Subject: [PATCH 06/36] Reorganise man pages into Illumos numbering, adjust
5 5 text
6 6
7 7 ---
8 8 Makefile.in | 22 +-
9 9 moduli.4 | 127 ++++
10 10 moduli.5 | 127 ----
11 11 sftp-server.1m | 170 +++++
12 12 sftp-server.8 | 170 -----
13 + ssh-keygen.1 | 6 +-
13 14 ssh-keysign.1m | 93 +++
14 15 ssh-keysign.8 | 93 ---
15 16 ssh-pkcs11-helper.1m | 43 ++
16 17 ssh-pkcs11-helper.8 | 43 --
17 18 ssh_config.4 | 1726 +++++++++++++++++++++++++++++++++++++++++++++++++
18 19 ssh_config.5 | 1726 -------------------------------------------------
19 20 sshd.1m | 971 ++++++++++++++++++++++++++++
20 21 sshd.8 | 971 ----------------------------
21 22 sshd_config.4 | 1736 ++++++++++++++++++++++++++++++++++++++++++++++++++
22 23 sshd_config.5 | 1736 --------------------------------------------------
23 - 15 files changed, 4877 insertions(+), 4877 deletions(-)
24 + 16 files changed, 4879 insertions(+), 4881 deletions(-)
24 25 create mode 100644 moduli.4
25 26 delete mode 100644 moduli.5
26 27 create mode 100644 sftp-server.1m
27 28 delete mode 100644 sftp-server.8
28 29 create mode 100644 ssh-keysign.1m
29 30 delete mode 100644 ssh-keysign.8
30 31 create mode 100644 ssh-pkcs11-helper.1m
31 32 delete mode 100644 ssh-pkcs11-helper.8
32 33 create mode 100644 ssh_config.4
33 34 delete mode 100644 ssh_config.5
34 35 create mode 100644 sshd.1m
35 36 delete mode 100644 sshd.8
36 37 create mode 100644 sshd_config.4
37 38 delete mode 100644 sshd_config.5
38 39
39 40 diff --git a/Makefile.in b/Makefile.in
40 -index 8e52bca..0dd46b1 100644
41 +index bc4660f..9f953e1 100644
41 42 --- a/Makefile.in
42 43 +++ b/Makefile.in
43 -@@ -112,8 +112,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
44 +@@ -113,8 +113,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
44 45 sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \
45 - sandbox-seccomp-filter.o sandbox-capsicum.o
46 + sandbox-seccomp-filter.o sandbox-capsicum.o sandbox-solaris.o
46 47
47 48 -MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out
48 49 -MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5
49 50 +MANPAGES = moduli.4.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.1m.out sftp-server.1m.out sftp.1.out ssh-keysign.1m.out ssh-pkcs11-helper.1m.out sshd_config.4.out ssh_config.4.out
50 51 +MANPAGES_IN = moduli.4 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.1m sftp-server.1m sftp.1 ssh-keysign.1m ssh-pkcs11-helper.1m sshd_config.4 ssh_config.4
51 52 MANTYPE = @MANTYPE@
52 53
53 54 CONFIGFILES=sshd_config.out ssh_config.out moduli.out
54 -@@ -307,8 +307,8 @@ install-files:
55 +@@ -308,8 +308,8 @@ install-files:
55 56 $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir)
56 57 $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)
57 58 $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
58 59 - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5
59 60 - $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
60 61 + $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)4
61 62 + $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1m
62 63 $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir)
63 64 (umask 022 ; $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH))
64 65 $(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT)
65 -@@ -328,14 +328,14 @@ install-files:
66 +@@ -329,14 +329,14 @@ install-files:
66 67 $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
67 68 $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
68 69 $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
69 70 - $(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
70 71 - $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
71 72 - $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
72 73 - $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
73 74 + $(INSTALL) -m 644 moduli.4.out $(DESTDIR)$(mandir)/$(mansubdir)4/moduli.4
74 75 + $(INSTALL) -m 644 sshd_config.4.out $(DESTDIR)$(mandir)/$(mansubdir)4/sshd_config.4
75 76 + $(INSTALL) -m 644 ssh_config.4.out $(DESTDIR)$(mandir)/$(mansubdir)4/ssh_config.4
76 77 + $(INSTALL) -m 644 sshd.1m.out $(DESTDIR)$(mandir)/$(mansubdir)1m/sshd.1m
77 78 $(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
78 79 - $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
79 80 - $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
80 81 - $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
81 82 + $(INSTALL) -m 644 sftp-server.1m.out $(DESTDIR)$(mandir)/$(mansubdir)1m/sftp-server.1m
82 83 + $(INSTALL) -m 644 ssh-keysign.1m.out $(DESTDIR)$(mandir)/$(mansubdir)1m/ssh-keysign.1m
83 84 + $(INSTALL) -m 644 ssh-pkcs11-helper.1m.out $(DESTDIR)$(mandir)/$(mansubdir)1m/ssh-pkcs11-helper.1m
84 85 -rm -f $(DESTDIR)$(bindir)/slogin
85 86 ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
86 87 -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
87 88 diff --git a/moduli.4 b/moduli.4
88 89 new file mode 100644
89 90 index 0000000..f87556b
90 91 --- /dev/null
91 92 +++ b/moduli.4
92 93 @@ -0,0 +1,127 @@
93 94 +.\" $OpenBSD: moduli.5,v 1.17 2012/09/26 17:34:38 jmc Exp $
94 95 +.\"
95 96 +.\" Copyright (c) 2008 Damien Miller <djm@mindrot.org>
96 97 +.\"
97 98 +.\" Permission to use, copy, modify, and distribute this software for any
98 99 +.\" purpose with or without fee is hereby granted, provided that the above
99 100 +.\" copyright notice and this permission notice appear in all copies.
100 101 +.\"
101 102 +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
102 103 +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
103 104 +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
104 105 +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
105 106 +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
106 107 +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
107 108 +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
108 109 +.Dd $Mdocdate: September 26 2012 $
109 110 +.Dt MODULI 4
110 111 +.Os
111 112 +.Sh NAME
112 113 +.Nm moduli
113 114 +.Nd Diffie-Hellman moduli
114 115 +.Sh DESCRIPTION
115 116 +The
116 117 +.Pa /etc/moduli
117 118 +file contains prime numbers and generators for use by
118 119 +.Xr sshd 1M
119 120 +in the Diffie-Hellman Group Exchange key exchange method.
120 121 +.Pp
121 122 +New moduli may be generated with
122 123 +.Xr ssh-keygen 1
123 124 +using a two-step process.
124 125 +An initial
125 126 +.Em candidate generation
126 127 +pass, using
127 128 +.Ic ssh-keygen -G ,
128 129 +calculates numbers that are likely to be useful.
129 130 +A second
130 131 +.Em primality testing
131 132 +pass, using
132 133 +.Ic ssh-keygen -T ,
133 134 +provides a high degree of assurance that the numbers are prime and are
134 135 +safe for use in Diffie-Hellman operations by
135 136 +.Xr sshd 1M .
136 137 +This
137 138 +.Nm
138 139 +format is used as the output from each pass.
139 140 +.Pp
140 141 +The file consists of newline-separated records, one per modulus,
141 142 +containing seven space-separated fields.
142 143 +These fields are as follows:
143 144 +.Bl -tag -width Description -offset indent
144 145 +.It timestamp
145 146 +The time that the modulus was last processed as YYYYMMDDHHMMSS.
146 147 +.It type
147 148 +Decimal number specifying the internal structure of the prime modulus.
148 149 +Supported types are:
149 150 +.Pp
150 151 +.Bl -tag -width 0x00 -compact
151 152 +.It 0
152 153 +Unknown, not tested.
153 154 +.It 2
154 155 +"Safe" prime; (p-1)/2 is also prime.
155 156 +.It 4
156 157 +Sophie Germain; 2p+1 is also prime.
157 158 +.El
158 159 +.Pp
159 160 +Moduli candidates initially produced by
160 161 +.Xr ssh-keygen 1
161 162 +are Sophie Germain primes (type 4).
162 163 +Further primality testing with
163 164 +.Xr ssh-keygen 1
164 165 +produces safe prime moduli (type 2) that are ready for use in
165 166 +.Xr sshd 1M .
166 167 +Other types are not used by OpenSSH.
167 168 +.It tests
168 169 +Decimal number indicating the type of primality tests that the number
169 170 +has been subjected to represented as a bitmask of the following values:
170 171 +.Pp
171 172 +.Bl -tag -width 0x00 -compact
172 173 +.It 0x00
173 174 +Not tested.
174 175 +.It 0x01
175 176 +Composite number \(en not prime.
176 177 +.It 0x02
177 178 +Sieve of Eratosthenes.
178 179 +.It 0x04
179 180 +Probabilistic Miller-Rabin primality tests.
180 181 +.El
181 182 +.Pp
182 183 +The
183 184 +.Xr ssh-keygen 1
184 185 +moduli candidate generation uses the Sieve of Eratosthenes (flag 0x02).
185 186 +Subsequent
186 187 +.Xr ssh-keygen 1
187 188 +primality tests are Miller-Rabin tests (flag 0x04).
188 189 +.It trials
189 190 +Decimal number indicating the number of primality trials
190 191 +that have been performed on the modulus.
191 192 +.It size
192 193 +Decimal number indicating the size of the prime in bits.
193 194 +.It generator
194 195 +The recommended generator for use with this modulus (hexadecimal).
195 196 +.It modulus
196 197 +The modulus itself in hexadecimal.
197 198 +.El
198 199 +.Pp
199 200 +When performing Diffie-Hellman Group Exchange,
200 201 +.Xr sshd 1M
201 202 +first estimates the size of the modulus required to produce enough
202 203 +Diffie-Hellman output to sufficiently key the selected symmetric cipher.
203 204 +.Xr sshd 1M
204 205 +then randomly selects a modulus from
205 206 +.Fa /etc/moduli
206 207 +that best meets the size requirement.
207 208 +.Sh SEE ALSO
208 209 +.Xr ssh-keygen 1 ,
209 210 +.Xr sshd 1M
210 211 +.Sh STANDARDS
211 212 +.Rs
212 213 +.%A M. Friedl
213 214 +.%A N. Provos
214 215 +.%A W. Simpson
215 216 +.%D March 2006
216 217 +.%R RFC 4419
217 218 +.%T Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol
218 219 +.%D 2006
219 220 +.Re
220 221 diff --git a/moduli.5 b/moduli.5
221 222 deleted file mode 100644
222 223 index ef0de08..0000000
223 224 --- a/moduli.5
224 225 +++ /dev/null
225 226 @@ -1,127 +0,0 @@
226 227 -.\" $OpenBSD: moduli.5,v 1.17 2012/09/26 17:34:38 jmc Exp $
227 228 -.\"
228 229 -.\" Copyright (c) 2008 Damien Miller <djm@mindrot.org>
229 230 -.\"
230 231 -.\" Permission to use, copy, modify, and distribute this software for any
231 232 -.\" purpose with or without fee is hereby granted, provided that the above
232 233 -.\" copyright notice and this permission notice appear in all copies.
233 234 -.\"
234 235 -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
235 236 -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
236 237 -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
237 238 -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
238 239 -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
239 240 -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
240 241 -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
241 242 -.Dd $Mdocdate: September 26 2012 $
242 243 -.Dt MODULI 5
243 244 -.Os
244 245 -.Sh NAME
245 246 -.Nm moduli
246 247 -.Nd Diffie-Hellman moduli
247 248 -.Sh DESCRIPTION
248 249 -The
249 250 -.Pa /etc/moduli
250 251 -file contains prime numbers and generators for use by
251 252 -.Xr sshd 8
252 253 -in the Diffie-Hellman Group Exchange key exchange method.
253 254 -.Pp
254 255 -New moduli may be generated with
255 256 -.Xr ssh-keygen 1
256 257 -using a two-step process.
257 258 -An initial
258 259 -.Em candidate generation
259 260 -pass, using
260 261 -.Ic ssh-keygen -G ,
261 262 -calculates numbers that are likely to be useful.
262 263 -A second
263 264 -.Em primality testing
264 265 -pass, using
265 266 -.Ic ssh-keygen -T ,
266 267 -provides a high degree of assurance that the numbers are prime and are
267 268 -safe for use in Diffie-Hellman operations by
268 269 -.Xr sshd 8 .
269 270 -This
270 271 -.Nm
271 272 -format is used as the output from each pass.
272 273 -.Pp
273 274 -The file consists of newline-separated records, one per modulus,
274 275 -containing seven space-separated fields.
275 276 -These fields are as follows:
276 277 -.Bl -tag -width Description -offset indent
277 278 -.It timestamp
278 279 -The time that the modulus was last processed as YYYYMMDDHHMMSS.
279 280 -.It type
280 281 -Decimal number specifying the internal structure of the prime modulus.
281 282 -Supported types are:
282 283 -.Pp
283 284 -.Bl -tag -width 0x00 -compact
284 285 -.It 0
285 286 -Unknown, not tested.
286 287 -.It 2
287 288 -"Safe" prime; (p-1)/2 is also prime.
288 289 -.It 4
289 290 -Sophie Germain; 2p+1 is also prime.
290 291 -.El
291 292 -.Pp
292 293 -Moduli candidates initially produced by
293 294 -.Xr ssh-keygen 1
294 295 -are Sophie Germain primes (type 4).
295 296 -Further primality testing with
296 297 -.Xr ssh-keygen 1
297 298 -produces safe prime moduli (type 2) that are ready for use in
298 299 -.Xr sshd 8 .
299 300 -Other types are not used by OpenSSH.
300 301 -.It tests
301 302 -Decimal number indicating the type of primality tests that the number
302 303 -has been subjected to represented as a bitmask of the following values:
303 304 -.Pp
304 305 -.Bl -tag -width 0x00 -compact
305 306 -.It 0x00
306 307 -Not tested.
307 308 -.It 0x01
308 309 -Composite number \(en not prime.
309 310 -.It 0x02
310 311 -Sieve of Eratosthenes.
311 312 -.It 0x04
312 313 -Probabilistic Miller-Rabin primality tests.
313 314 -.El
314 315 -.Pp
315 316 -The
316 317 -.Xr ssh-keygen 1
317 318 -moduli candidate generation uses the Sieve of Eratosthenes (flag 0x02).
318 319 -Subsequent
319 320 -.Xr ssh-keygen 1
320 321 -primality tests are Miller-Rabin tests (flag 0x04).
321 322 -.It trials
322 323 -Decimal number indicating the number of primality trials
323 324 -that have been performed on the modulus.
324 325 -.It size
325 326 -Decimal number indicating the size of the prime in bits.
326 327 -.It generator
327 328 -The recommended generator for use with this modulus (hexadecimal).
328 329 -.It modulus
329 330 -The modulus itself in hexadecimal.
330 331 -.El
331 332 -.Pp
332 333 -When performing Diffie-Hellman Group Exchange,
333 334 -.Xr sshd 8
334 335 -first estimates the size of the modulus required to produce enough
335 336 -Diffie-Hellman output to sufficiently key the selected symmetric cipher.
336 337 -.Xr sshd 8
337 338 -then randomly selects a modulus from
338 339 -.Fa /etc/moduli
339 340 -that best meets the size requirement.
340 341 -.Sh SEE ALSO
341 342 -.Xr ssh-keygen 1 ,
342 343 -.Xr sshd 8
343 344 -.Sh STANDARDS
344 345 -.Rs
345 346 -.%A M. Friedl
346 347 -.%A N. Provos
347 348 -.%A W. Simpson
348 349 -.%D March 2006
349 350 -.%R RFC 4419
350 351 -.%T Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol
351 352 -.%D 2006
352 353 -.Re
353 354 diff --git a/sftp-server.1m b/sftp-server.1m
354 355 new file mode 100644
355 356 index 0000000..42354c2
356 357 --- /dev/null
357 358 +++ b/sftp-server.1m
358 359 @@ -0,0 +1,170 @@
359 360 +.\" $OpenBSD: sftp-server.8,v 1.27 2014/12/11 04:16:14 djm Exp $
360 361 +.\"
361 362 +.\" Copyright (c) 2000 Markus Friedl. All rights reserved.
362 363 +.\"
363 364 +.\" Redistribution and use in source and binary forms, with or without
364 365 +.\" modification, are permitted provided that the following conditions
365 366 +.\" are met:
366 367 +.\" 1. Redistributions of source code must retain the above copyright
367 368 +.\" notice, this list of conditions and the following disclaimer.
368 369 +.\" 2. Redistributions in binary form must reproduce the above copyright
369 370 +.\" notice, this list of conditions and the following disclaimer in the
370 371 +.\" documentation and/or other materials provided with the distribution.
371 372 +.\"
372 373 +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
373 374 +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
374 375 +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
375 376 +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
376 377 +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
377 378 +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
378 379 +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
379 380 +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
380 381 +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
381 382 +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
382 383 +.\"
383 384 +.Dd $Mdocdate: December 11 2014 $
384 385 +.Dt SFTP-SERVER 1M
385 386 +.Os
386 387 +.Sh NAME
387 388 +.Nm sftp-server
388 389 +.Nd SFTP server subsystem
389 390 +.Sh SYNOPSIS
390 391 +.Nm sftp-server
391 392 +.Bk -words
392 393 +.Op Fl ehR
393 394 +.Op Fl d Ar start_directory
394 395 +.Op Fl f Ar log_facility
395 396 +.Op Fl l Ar log_level
396 397 +.Op Fl P Ar blacklisted_requests
397 398 +.Op Fl p Ar whitelisted_requests
398 399 +.Op Fl u Ar umask
399 400 +.Ek
400 401 +.Nm
401 402 +.Fl Q Ar protocol_feature
402 403 +.Sh DESCRIPTION
403 404 +.Nm
404 405 +is a program that speaks the server side of SFTP protocol
405 406 +to stdout and expects client requests from stdin.
406 407 +.Nm
407 408 +is not intended to be called directly, but from
408 409 +.Xr sshd 1M
409 410 +using the
410 411 +.Cm Subsystem
411 412 +option.
412 413 +.Pp
413 414 +Command-line flags to
414 415 +.Nm
415 416 +should be specified in the
416 417 +.Cm Subsystem
417 418 +declaration.
418 419 +See
419 420 +.Xr sshd_config 4
420 421 +for more information.
421 422 +.Pp
422 423 +Valid options are:
423 424 +.Bl -tag -width Ds
424 425 +.It Fl d Ar start_directory
425 426 +specifies an alternate starting directory for users.
426 427 +The pathname may contain the following tokens that are expanded at runtime:
427 428 +%% is replaced by a literal '%',
428 429 +%d is replaced by the home directory of the user being authenticated,
429 430 +and %u is replaced by the username of that user.
430 431 +The default is to use the user's home directory.
431 432 +This option is useful in conjunction with the
432 433 +.Xr sshd_config 4
433 434 +.Cm ChrootDirectory
434 435 +option.
435 436 +.It Fl e
436 437 +Causes
437 438 +.Nm
438 439 +to print logging information to stderr instead of syslog for debugging.
439 440 +.It Fl f Ar log_facility
440 441 +Specifies the facility code that is used when logging messages from
441 442 +.Nm .
442 443 +The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
443 444 +LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
444 445 +The default is AUTH.
445 446 +.It Fl h
446 447 +Displays
447 448 +.Nm
448 449 +usage information.
449 450 +.It Fl l Ar log_level
450 451 +Specifies which messages will be logged by
451 452 +.Nm .
452 453 +The possible values are:
453 454 +QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
454 455 +INFO and VERBOSE log transactions that
455 456 +.Nm
456 457 +performs on behalf of the client.
457 458 +DEBUG and DEBUG1 are equivalent.
458 459 +DEBUG2 and DEBUG3 each specify higher levels of debugging output.
459 460 +The default is ERROR.
460 461 +.It Fl P Ar blacklisted_requests
461 462 +Specify a comma-separated list of SFTP protocol requests that are banned by
462 463 +the server.
463 464 +.Nm
464 465 +will reply to any blacklisted request with a failure.
465 466 +The
466 467 +.Fl Q
467 468 +flag can be used to determine the supported request types.
468 469 +If both a blacklist and a whitelist are specified, then the blacklist is
469 470 +applied before the whitelist.
470 471 +.It Fl p Ar whitelisted_requests
471 472 +Specify a comma-separated list of SFTP protocol requests that are permitted
472 473 +by the server.
473 474 +All request types that are not on the whitelist will be logged and replied
474 475 +to with a failure message.
475 476 +.Pp
476 477 +Care must be taken when using this feature to ensure that requests made
477 478 +implicitly by SFTP clients are permitted.
478 479 +.It Fl Q Ar protocol_feature
479 480 +Query protocol features supported by
480 481 +.Nm .
481 482 +At present the only feature that may be queried is
482 483 +.Dq requests ,
483 484 +which may be used for black or whitelisting (flags
484 485 +.Fl P
485 486 +and
486 487 +.Fl p
487 488 +respectively).
488 489 +.It Fl R
489 490 +Places this instance of
490 491 +.Nm
491 492 +into a read-only mode.
492 493 +Attempts to open files for writing, as well as other operations that change
493 494 +the state of the filesystem, will be denied.
494 495 +.It Fl u Ar umask
495 496 +Sets an explicit
496 497 +.Xr umask 2
497 498 +to be applied to newly-created files and directories, instead of the
498 499 +user's default mask.
499 500 +.El
500 501 +.Pp
501 502 +On some systems,
502 503 +.Nm
503 504 +must be able to access
504 505 +.Pa /dev/log
505 506 +for logging to work, and use of
506 507 +.Nm
507 508 +in a chroot configuration therefore requires that
508 509 +.Xr syslogd 8
509 510 +establish a logging socket inside the chroot directory.
510 511 +.Sh SEE ALSO
511 512 +.Xr sftp 1 ,
512 513 +.Xr ssh 1 ,
513 514 +.Xr sshd_config 4 ,
514 515 +.Xr sshd 1M
515 516 +.Rs
516 517 +.%A T. Ylonen
517 518 +.%A S. Lehtinen
518 519 +.%T "SSH File Transfer Protocol"
519 520 +.%N draft-ietf-secsh-filexfer-02.txt
520 521 +.%D October 2001
521 522 +.%O work in progress material
522 523 +.Re
523 524 +.Sh HISTORY
524 525 +.Nm
525 526 +first appeared in
526 527 +.Ox 2.8 .
527 528 +.Sh AUTHORS
528 529 +.An Markus Friedl Aq Mt markus@openbsd.org
529 530 diff --git a/sftp-server.8 b/sftp-server.8
530 531 deleted file mode 100644
531 532 index c117398..0000000
532 533 --- a/sftp-server.8
533 534 +++ /dev/null
534 535 @@ -1,170 +0,0 @@
535 536 -.\" $OpenBSD: sftp-server.8,v 1.27 2014/12/11 04:16:14 djm Exp $
536 537 -.\"
537 538 -.\" Copyright (c) 2000 Markus Friedl. All rights reserved.
538 539 -.\"
539 540 -.\" Redistribution and use in source and binary forms, with or without
540 541 -.\" modification, are permitted provided that the following conditions
541 542 -.\" are met:
542 543 -.\" 1. Redistributions of source code must retain the above copyright
543 544 -.\" notice, this list of conditions and the following disclaimer.
544 545 -.\" 2. Redistributions in binary form must reproduce the above copyright
545 546 -.\" notice, this list of conditions and the following disclaimer in the
546 547 -.\" documentation and/or other materials provided with the distribution.
547 548 -.\"
548 549 -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
549 550 -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
550 551 -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
551 552 -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
552 553 -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
553 554 -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
554 555 -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
555 556 -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
556 557 -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
557 558 -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
558 559 -.\"
559 560 -.Dd $Mdocdate: December 11 2014 $
560 561 -.Dt SFTP-SERVER 8
561 562 -.Os
562 563 -.Sh NAME
563 564 -.Nm sftp-server
564 565 -.Nd SFTP server subsystem
565 566 -.Sh SYNOPSIS
566 567 -.Nm sftp-server
567 568 -.Bk -words
568 569 -.Op Fl ehR
569 570 -.Op Fl d Ar start_directory
570 571 -.Op Fl f Ar log_facility
571 572 -.Op Fl l Ar log_level
572 573 -.Op Fl P Ar blacklisted_requests
573 574 -.Op Fl p Ar whitelisted_requests
574 575 -.Op Fl u Ar umask
575 576 -.Ek
576 577 -.Nm
577 578 -.Fl Q Ar protocol_feature
578 579 -.Sh DESCRIPTION
579 580 -.Nm
580 581 -is a program that speaks the server side of SFTP protocol
581 582 -to stdout and expects client requests from stdin.
582 583 -.Nm
583 584 -is not intended to be called directly, but from
584 585 -.Xr sshd 8
585 586 -using the
586 587 -.Cm Subsystem
587 588 -option.
588 589 -.Pp
589 590 -Command-line flags to
590 591 -.Nm
591 592 -should be specified in the
592 593 -.Cm Subsystem
593 594 -declaration.
594 595 -See
595 596 -.Xr sshd_config 5
596 597 -for more information.
597 598 -.Pp
598 599 -Valid options are:
599 600 -.Bl -tag -width Ds
600 601 -.It Fl d Ar start_directory
601 602 -specifies an alternate starting directory for users.
602 603 -The pathname may contain the following tokens that are expanded at runtime:
603 604 -%% is replaced by a literal '%',
604 605 -%d is replaced by the home directory of the user being authenticated,
605 606 -and %u is replaced by the username of that user.
606 607 -The default is to use the user's home directory.
607 608 -This option is useful in conjunction with the
608 609 -.Xr sshd_config 5
609 610 -.Cm ChrootDirectory
610 611 -option.
611 612 -.It Fl e
612 613 -Causes
613 614 -.Nm
614 615 -to print logging information to stderr instead of syslog for debugging.
615 616 -.It Fl f Ar log_facility
616 617 -Specifies the facility code that is used when logging messages from
617 618 -.Nm .
618 619 -The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
619 620 -LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
620 621 -The default is AUTH.
621 622 -.It Fl h
622 623 -Displays
623 624 -.Nm
624 625 -usage information.
625 626 -.It Fl l Ar log_level
626 627 -Specifies which messages will be logged by
627 628 -.Nm .
628 629 -The possible values are:
629 630 -QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
630 631 -INFO and VERBOSE log transactions that
631 632 -.Nm
632 633 -performs on behalf of the client.
633 634 -DEBUG and DEBUG1 are equivalent.
634 635 -DEBUG2 and DEBUG3 each specify higher levels of debugging output.
635 636 -The default is ERROR.
636 637 -.It Fl P Ar blacklisted_requests
637 638 -Specify a comma-separated list of SFTP protocol requests that are banned by
638 639 -the server.
639 640 -.Nm
640 641 -will reply to any blacklisted request with a failure.
641 642 -The
642 643 -.Fl Q
643 644 -flag can be used to determine the supported request types.
644 645 -If both a blacklist and a whitelist are specified, then the blacklist is
645 646 -applied before the whitelist.
646 647 -.It Fl p Ar whitelisted_requests
647 648 -Specify a comma-separated list of SFTP protocol requests that are permitted
648 649 -by the server.
649 650 -All request types that are not on the whitelist will be logged and replied
650 651 -to with a failure message.
651 652 -.Pp
652 653 -Care must be taken when using this feature to ensure that requests made
653 654 -implicitly by SFTP clients are permitted.
654 655 -.It Fl Q Ar protocol_feature
655 656 -Query protocol features supported by
656 657 -.Nm .
657 658 -At present the only feature that may be queried is
658 659 -.Dq requests ,
659 660 -which may be used for black or whitelisting (flags
660 661 -.Fl P
661 662 -and
662 663 -.Fl p
663 664 -respectively).
664 665 -.It Fl R
665 666 -Places this instance of
666 667 -.Nm
667 668 -into a read-only mode.
668 669 -Attempts to open files for writing, as well as other operations that change
669 670 -the state of the filesystem, will be denied.
670 671 -.It Fl u Ar umask
671 672 -Sets an explicit
672 673 -.Xr umask 2
673 674 -to be applied to newly-created files and directories, instead of the
674 675 -user's default mask.
675 676 -.El
676 677 -.Pp
677 678 -On some systems,
678 679 -.Nm
679 680 -must be able to access
680 681 -.Pa /dev/log
681 682 -for logging to work, and use of
682 683 -.Nm
683 684 -in a chroot configuration therefore requires that
684 685 -.Xr syslogd 8
685 686 -establish a logging socket inside the chroot directory.
686 687 -.Sh SEE ALSO
687 688 -.Xr sftp 1 ,
688 689 -.Xr ssh 1 ,
689 690 -.Xr sshd_config 5 ,
690 691 -.Xr sshd 8
691 692 -.Rs
692 693 -.%A T. Ylonen
693 694 -.%A S. Lehtinen
694 695 -.%T "SSH File Transfer Protocol"
|
↓ open down ↓ |
619 lines elided |
↑ open up ↑ |
695 696 -.%N draft-ietf-secsh-filexfer-02.txt
696 697 -.%D October 2001
697 698 -.%O work in progress material
698 699 -.Re
699 700 -.Sh HISTORY
700 701 -.Nm
701 702 -first appeared in
702 703 -.Ox 2.8 .
703 704 -.Sh AUTHORS
704 705 -.An Markus Friedl Aq Mt markus@openbsd.org
706 +diff --git a/ssh-keygen.1 b/ssh-keygen.1
707 +index ed17a08..9616030 100644
708 +--- a/ssh-keygen.1
709 ++++ b/ssh-keygen.1
710 +@@ -174,9 +174,7 @@ key in
711 + .Pa ~/.ssh/id_ed25519
712 + or
713 + .Pa ~/.ssh/id_rsa .
714 +-Additionally, the system administrator may use this to generate host keys,
715 +-as seen in
716 +-.Pa /etc/rc .
717 ++Additionally, the system administrator may use this to generate host keys.
718 + .Pp
719 + Normally this program generates the key and asks for a file in which
720 + to store the private key.
721 +@@ -224,7 +222,7 @@ for which host keys
722 + do not exist, generate the host keys with the default key file path,
723 + an empty passphrase, default bits for the key type, and default comment.
724 + This is used by
725 +-.Pa /etc/rc
726 ++.Pa /lib/svc/method/sshd
727 + to generate new host keys.
728 + .It Fl a Ar rounds
729 + When saving a new-format private key (i.e. an ed25519 key or any SSH protocol
705 730 diff --git a/ssh-keysign.1m b/ssh-keysign.1m
706 731 new file mode 100644
707 732 index 0000000..60c96ad
708 733 --- /dev/null
709 734 +++ b/ssh-keysign.1m
710 735 @@ -0,0 +1,93 @@
711 736 +.\" $OpenBSD: ssh-keysign.8,v 1.14 2013/12/07 11:58:46 naddy Exp $
712 737 +.\"
713 738 +.\" Copyright (c) 2002 Markus Friedl. All rights reserved.
714 739 +.\"
715 740 +.\" Redistribution and use in source and binary forms, with or without
716 741 +.\" modification, are permitted provided that the following conditions
717 742 +.\" are met:
718 743 +.\" 1. Redistributions of source code must retain the above copyright
719 744 +.\" notice, this list of conditions and the following disclaimer.
720 745 +.\" 2. Redistributions in binary form must reproduce the above copyright
721 746 +.\" notice, this list of conditions and the following disclaimer in the
722 747 +.\" documentation and/or other materials provided with the distribution.
723 748 +.\"
724 749 +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
725 750 +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
726 751 +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
727 752 +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
728 753 +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
729 754 +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
730 755 +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
731 756 +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
732 757 +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
733 758 +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
734 759 +.\"
735 760 +.Dd $Mdocdate: December 7 2013 $
736 761 +.Dt SSH-KEYSIGN 1M
737 762 +.Os
738 763 +.Sh NAME
739 764 +.Nm ssh-keysign
740 765 +.Nd ssh helper program for host-based authentication
741 766 +.Sh SYNOPSIS
742 767 +.Nm
743 768 +.Sh DESCRIPTION
744 769 +.Nm
745 770 +is used by
746 771 +.Xr ssh 1
747 772 +to access the local host keys and generate the digital signature
748 773 +required during host-based authentication with SSH protocol version 2.
749 774 +.Pp
750 775 +.Nm
751 776 +is disabled by default and can only be enabled in the
752 777 +global client configuration file
753 778 +.Pa /etc/ssh/ssh_config
754 779 +by setting
755 780 +.Cm EnableSSHKeysign
756 781 +to
757 782 +.Dq yes .
758 783 +.Pp
759 784 +.Nm
760 785 +is not intended to be invoked by the user, but from
761 786 +.Xr ssh 1 .
762 787 +See
763 788 +.Xr ssh 1
764 789 +and
765 790 +.Xr sshd 1M
766 791 +for more information about host-based authentication.
767 792 +.Sh FILES
768 793 +.Bl -tag -width Ds -compact
769 794 +.It Pa /etc/ssh/ssh_config
770 795 +Controls whether
771 796 +.Nm
772 797 +is enabled.
773 798 +.Pp
774 799 +.It Pa /etc/ssh/ssh_host_dsa_key
775 800 +.It Pa /etc/ssh/ssh_host_ecdsa_key
776 801 +.It Pa /etc/ssh/ssh_host_ed25519_key
777 802 +.It Pa /etc/ssh/ssh_host_rsa_key
778 803 +These files contain the private parts of the host keys used to
779 804 +generate the digital signature.
780 805 +They should be owned by root, readable only by root, and not
781 806 +accessible to others.
782 807 +Since they are readable only by root,
783 808 +.Nm
784 809 +must be set-uid root if host-based authentication is used.
785 810 +.Pp
786 811 +.It Pa /etc/ssh/ssh_host_dsa_key-cert.pub
787 812 +.It Pa /etc/ssh/ssh_host_ecdsa_key-cert.pub
788 813 +.It Pa /etc/ssh/ssh_host_ed25519_key-cert.pub
789 814 +.It Pa /etc/ssh/ssh_host_rsa_key-cert.pub
790 815 +If these files exist they are assumed to contain public certificate
791 816 +information corresponding with the private keys above.
792 817 +.El
793 818 +.Sh SEE ALSO
794 819 +.Xr ssh 1 ,
795 820 +.Xr ssh-keygen 1 ,
796 821 +.Xr ssh_config 4 ,
797 822 +.Xr sshd 1M
798 823 +.Sh HISTORY
799 824 +.Nm
800 825 +first appeared in
801 826 +.Ox 3.2 .
802 827 +.Sh AUTHORS
803 828 +.An Markus Friedl Aq Mt markus@openbsd.org
804 829 diff --git a/ssh-keysign.8 b/ssh-keysign.8
805 830 deleted file mode 100644
806 831 index 69d0829..0000000
807 832 --- a/ssh-keysign.8
808 833 +++ /dev/null
809 834 @@ -1,93 +0,0 @@
810 835 -.\" $OpenBSD: ssh-keysign.8,v 1.14 2013/12/07 11:58:46 naddy Exp $
811 836 -.\"
812 837 -.\" Copyright (c) 2002 Markus Friedl. All rights reserved.
813 838 -.\"
814 839 -.\" Redistribution and use in source and binary forms, with or without
815 840 -.\" modification, are permitted provided that the following conditions
816 841 -.\" are met:
817 842 -.\" 1. Redistributions of source code must retain the above copyright
818 843 -.\" notice, this list of conditions and the following disclaimer.
819 844 -.\" 2. Redistributions in binary form must reproduce the above copyright
820 845 -.\" notice, this list of conditions and the following disclaimer in the
821 846 -.\" documentation and/or other materials provided with the distribution.
822 847 -.\"
823 848 -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
824 849 -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
825 850 -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
826 851 -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
827 852 -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
828 853 -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
829 854 -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
830 855 -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
831 856 -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
832 857 -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
833 858 -.\"
834 859 -.Dd $Mdocdate: December 7 2013 $
835 860 -.Dt SSH-KEYSIGN 8
836 861 -.Os
837 862 -.Sh NAME
838 863 -.Nm ssh-keysign
839 864 -.Nd ssh helper program for host-based authentication
840 865 -.Sh SYNOPSIS
841 866 -.Nm
842 867 -.Sh DESCRIPTION
843 868 -.Nm
844 869 -is used by
845 870 -.Xr ssh 1
846 871 -to access the local host keys and generate the digital signature
847 872 -required during host-based authentication with SSH protocol version 2.
848 873 -.Pp
849 874 -.Nm
850 875 -is disabled by default and can only be enabled in the
851 876 -global client configuration file
852 877 -.Pa /etc/ssh/ssh_config
853 878 -by setting
854 879 -.Cm EnableSSHKeysign
855 880 -to
856 881 -.Dq yes .
857 882 -.Pp
858 883 -.Nm
859 884 -is not intended to be invoked by the user, but from
860 885 -.Xr ssh 1 .
861 886 -See
862 887 -.Xr ssh 1
863 888 -and
864 889 -.Xr sshd 8
865 890 -for more information about host-based authentication.
866 891 -.Sh FILES
867 892 -.Bl -tag -width Ds -compact
868 893 -.It Pa /etc/ssh/ssh_config
869 894 -Controls whether
870 895 -.Nm
871 896 -is enabled.
872 897 -.Pp
873 898 -.It Pa /etc/ssh/ssh_host_dsa_key
874 899 -.It Pa /etc/ssh/ssh_host_ecdsa_key
875 900 -.It Pa /etc/ssh/ssh_host_ed25519_key
876 901 -.It Pa /etc/ssh/ssh_host_rsa_key
877 902 -These files contain the private parts of the host keys used to
878 903 -generate the digital signature.
879 904 -They should be owned by root, readable only by root, and not
880 905 -accessible to others.
881 906 -Since they are readable only by root,
882 907 -.Nm
883 908 -must be set-uid root if host-based authentication is used.
884 909 -.Pp
885 910 -.It Pa /etc/ssh/ssh_host_dsa_key-cert.pub
886 911 -.It Pa /etc/ssh/ssh_host_ecdsa_key-cert.pub
887 912 -.It Pa /etc/ssh/ssh_host_ed25519_key-cert.pub
888 913 -.It Pa /etc/ssh/ssh_host_rsa_key-cert.pub
889 914 -If these files exist they are assumed to contain public certificate
890 915 -information corresponding with the private keys above.
891 916 -.El
892 917 -.Sh SEE ALSO
893 918 -.Xr ssh 1 ,
894 919 -.Xr ssh-keygen 1 ,
895 920 -.Xr ssh_config 5 ,
896 921 -.Xr sshd 8
897 922 -.Sh HISTORY
898 923 -.Nm
899 924 -first appeared in
900 925 -.Ox 3.2 .
901 926 -.Sh AUTHORS
902 927 -.An Markus Friedl Aq Mt markus@openbsd.org
903 928 diff --git a/ssh-pkcs11-helper.1m b/ssh-pkcs11-helper.1m
904 929 new file mode 100644
905 930 index 0000000..646b1fa
906 931 --- /dev/null
907 932 +++ b/ssh-pkcs11-helper.1m
908 933 @@ -0,0 +1,43 @@
909 934 +.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.4 2013/07/16 00:07:52 schwarze Exp $
910 935 +.\"
911 936 +.\" Copyright (c) 2010 Markus Friedl. All rights reserved.
912 937 +.\"
913 938 +.\" Permission to use, copy, modify, and distribute this software for any
914 939 +.\" purpose with or without fee is hereby granted, provided that the above
915 940 +.\" copyright notice and this permission notice appear in all copies.
916 941 +.\"
917 942 +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
918 943 +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
919 944 +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
920 945 +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
921 946 +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
922 947 +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
923 948 +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
924 949 +.\"
925 950 +.Dd $Mdocdate: July 16 2013 $
926 951 +.Dt SSH-PKCS11-HELPER 1M
927 952 +.Os
928 953 +.Sh NAME
929 954 +.Nm ssh-pkcs11-helper
930 955 +.Nd ssh-agent helper program for PKCS#11 support
931 956 +.Sh SYNOPSIS
932 957 +.Nm
933 958 +.Sh DESCRIPTION
934 959 +.Nm
935 960 +is used by
936 961 +.Xr ssh-agent 1
937 962 +to access keys provided by a PKCS#11 token.
938 963 +.Pp
939 964 +.Nm
940 965 +is not intended to be invoked by the user, but from
941 966 +.Xr ssh-agent 1 .
942 967 +.Sh SEE ALSO
943 968 +.Xr ssh 1 ,
944 969 +.Xr ssh-add 1 ,
945 970 +.Xr ssh-agent 1
946 971 +.Sh HISTORY
947 972 +.Nm
948 973 +first appeared in
949 974 +.Ox 4.7 .
950 975 +.Sh AUTHORS
951 976 +.An Markus Friedl Aq Mt markus@openbsd.org
952 977 diff --git a/ssh-pkcs11-helper.8 b/ssh-pkcs11-helper.8
953 978 deleted file mode 100644
954 979 index 3728c4e..0000000
955 980 --- a/ssh-pkcs11-helper.8
956 981 +++ /dev/null
957 982 @@ -1,43 +0,0 @@
958 983 -.\" $OpenBSD: ssh-pkcs11-helper.8,v 1.4 2013/07/16 00:07:52 schwarze Exp $
959 984 -.\"
960 985 -.\" Copyright (c) 2010 Markus Friedl. All rights reserved.
961 986 -.\"
962 987 -.\" Permission to use, copy, modify, and distribute this software for any
963 988 -.\" purpose with or without fee is hereby granted, provided that the above
964 989 -.\" copyright notice and this permission notice appear in all copies.
965 990 -.\"
966 991 -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
967 992 -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
968 993 -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
969 994 -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
970 995 -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
971 996 -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
972 997 -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
973 998 -.\"
974 999 -.Dd $Mdocdate: July 16 2013 $
975 1000 -.Dt SSH-PKCS11-HELPER 8
976 1001 -.Os
977 1002 -.Sh NAME
978 1003 -.Nm ssh-pkcs11-helper
979 1004 -.Nd ssh-agent helper program for PKCS#11 support
980 1005 -.Sh SYNOPSIS
981 1006 -.Nm
982 1007 -.Sh DESCRIPTION
983 1008 -.Nm
984 1009 -is used by
985 1010 -.Xr ssh-agent 1
986 1011 -to access keys provided by a PKCS#11 token.
987 1012 -.Pp
988 1013 -.Nm
989 1014 -is not intended to be invoked by the user, but from
990 1015 -.Xr ssh-agent 1 .
991 1016 -.Sh SEE ALSO
992 1017 -.Xr ssh 1 ,
993 1018 -.Xr ssh-add 1 ,
994 1019 -.Xr ssh-agent 1
995 1020 -.Sh HISTORY
996 1021 -.Nm
997 1022 -first appeared in
998 1023 -.Ox 4.7 .
999 1024 -.Sh AUTHORS
1000 1025 -.An Markus Friedl Aq Mt markus@openbsd.org
1001 1026 diff --git a/ssh_config.4 b/ssh_config.4
1002 1027 new file mode 100644
1003 1028 index 0000000..8c099eb
1004 1029 --- /dev/null
1005 1030 +++ b/ssh_config.4
1006 1031 @@ -0,0 +1,1726 @@
1007 1032 +.\"
1008 1033 +.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
1009 1034 +.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
1010 1035 +.\" All rights reserved
1011 1036 +.\"
1012 1037 +.\" As far as I am concerned, the code I have written for this software
1013 1038 +.\" can be used freely for any purpose. Any derived versions of this
1014 1039 +.\" software must be clearly marked as such, and if the derived work is
1015 1040 +.\" incompatible with the protocol description in the RFC file, it must be
1016 1041 +.\" called by a name other than "ssh" or "Secure Shell".
1017 1042 +.\"
1018 1043 +.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
1019 1044 +.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
1020 1045 +.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
1021 1046 +.\"
1022 1047 +.\" Redistribution and use in source and binary forms, with or without
1023 1048 +.\" modification, are permitted provided that the following conditions
1024 1049 +.\" are met:
1025 1050 +.\" 1. Redistributions of source code must retain the above copyright
1026 1051 +.\" notice, this list of conditions and the following disclaimer.
1027 1052 +.\" 2. Redistributions in binary form must reproduce the above copyright
1028 1053 +.\" notice, this list of conditions and the following disclaimer in the
1029 1054 +.\" documentation and/or other materials provided with the distribution.
1030 1055 +.\"
1031 1056 +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
1032 1057 +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
1033 1058 +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
1034 1059 +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
1035 1060 +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
1036 1061 +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
1037 1062 +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
1038 1063 +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
1039 1064 +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
1040 1065 +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
1041 1066 +.\"
1042 1067 +.\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $
1043 1068 +.Dd $Mdocdate: August 14 2015 $
1044 1069 +.Dt SSH_CONFIG 4
1045 1070 +.Os
1046 1071 +.Sh NAME
1047 1072 +.Nm ssh_config
1048 1073 +.Nd OpenSSH SSH client configuration files
1049 1074 +.Sh SYNOPSIS
1050 1075 +.Nm ~/.ssh/config
1051 1076 +.Nm /etc/ssh/ssh_config
1052 1077 +.Sh DESCRIPTION
1053 1078 +.Xr ssh 1
1054 1079 +obtains configuration data from the following sources in
1055 1080 +the following order:
1056 1081 +.Pp
1057 1082 +.Bl -enum -offset indent -compact
1058 1083 +.It
1059 1084 +command-line options
1060 1085 +.It
1061 1086 +user's configuration file
1062 1087 +.Pq Pa ~/.ssh/config
1063 1088 +.It
1064 1089 +system-wide configuration file
1065 1090 +.Pq Pa /etc/ssh/ssh_config
1066 1091 +.El
1067 1092 +.Pp
1068 1093 +For each parameter, the first obtained value
1069 1094 +will be used.
1070 1095 +The configuration files contain sections separated by
1071 1096 +.Dq Host
1072 1097 +specifications, and that section is only applied for hosts that
1073 1098 +match one of the patterns given in the specification.
1074 1099 +The matched host name is usually the one given on the command line
1075 1100 +(see the
1076 1101 +.Cm CanonicalizeHostname
1077 1102 +option for exceptions.)
1078 1103 +.Pp
1079 1104 +Since the first obtained value for each parameter is used, more
1080 1105 +host-specific declarations should be given near the beginning of the
1081 1106 +file, and general defaults at the end.
1082 1107 +.Pp
1083 1108 +The configuration file has the following format:
1084 1109 +.Pp
1085 1110 +Empty lines and lines starting with
1086 1111 +.Ql #
1087 1112 +are comments.
1088 1113 +Otherwise a line is of the format
1089 1114 +.Dq keyword arguments .
1090 1115 +Configuration options may be separated by whitespace or
1091 1116 +optional whitespace and exactly one
1092 1117 +.Ql = ;
1093 1118 +the latter format is useful to avoid the need to quote whitespace
1094 1119 +when specifying configuration options using the
1095 1120 +.Nm ssh ,
1096 1121 +.Nm scp ,
1097 1122 +and
1098 1123 +.Nm sftp
1099 1124 +.Fl o
1100 1125 +option.
1101 1126 +Arguments may optionally be enclosed in double quotes
1102 1127 +.Pq \&"
1103 1128 +in order to represent arguments containing spaces.
1104 1129 +.Pp
1105 1130 +The possible
1106 1131 +keywords and their meanings are as follows (note that
1107 1132 +keywords are case-insensitive and arguments are case-sensitive):
1108 1133 +.Bl -tag -width Ds
1109 1134 +.It Cm Host
1110 1135 +Restricts the following declarations (up to the next
1111 1136 +.Cm Host
1112 1137 +or
1113 1138 +.Cm Match
1114 1139 +keyword) to be only for those hosts that match one of the patterns
1115 1140 +given after the keyword.
1116 1141 +If more than one pattern is provided, they should be separated by whitespace.
1117 1142 +A single
1118 1143 +.Ql *
1119 1144 +as a pattern can be used to provide global
1120 1145 +defaults for all hosts.
1121 1146 +The host is usually the
1122 1147 +.Ar hostname
1123 1148 +argument given on the command line
1124 1149 +(see the
1125 1150 +.Cm CanonicalizeHostname
1126 1151 +option for exceptions.)
1127 1152 +.Pp
1128 1153 +A pattern entry may be negated by prefixing it with an exclamation mark
1129 1154 +.Pq Sq !\& .
1130 1155 +If a negated entry is matched, then the
1131 1156 +.Cm Host
1132 1157 +entry is ignored, regardless of whether any other patterns on the line
1133 1158 +match.
1134 1159 +Negated matches are therefore useful to provide exceptions for wildcard
1135 1160 +matches.
1136 1161 +.Pp
1137 1162 +See
1138 1163 +.Sx PATTERNS
1139 1164 +for more information on patterns.
1140 1165 +.It Cm Match
1141 1166 +Restricts the following declarations (up to the next
1142 1167 +.Cm Host
1143 1168 +or
1144 1169 +.Cm Match
1145 1170 +keyword) to be used only when the conditions following the
1146 1171 +.Cm Match
1147 1172 +keyword are satisfied.
1148 1173 +Match conditions are specified using one or more critera
1149 1174 +or the single token
1150 1175 +.Cm all
1151 1176 +which always matches.
1152 1177 +The available criteria keywords are:
1153 1178 +.Cm canonical ,
1154 1179 +.Cm exec ,
1155 1180 +.Cm host ,
1156 1181 +.Cm originalhost ,
1157 1182 +.Cm user ,
1158 1183 +and
1159 1184 +.Cm localuser .
1160 1185 +The
1161 1186 +.Cm all
1162 1187 +criteria must appear alone or immediately after
1163 1188 +.Cm canonical .
1164 1189 +Other criteria may be combined arbitrarily.
1165 1190 +All criteria but
1166 1191 +.Cm all
1167 1192 +and
1168 1193 +.Cm canonical
1169 1194 +require an argument.
1170 1195 +Criteria may be negated by prepending an exclamation mark
1171 1196 +.Pq Sq !\& .
1172 1197 +.Pp
1173 1198 +The
1174 1199 +.Cm canonical
1175 1200 +keyword matches only when the configuration file is being re-parsed
1176 1201 +after hostname canonicalization (see the
1177 1202 +.Cm CanonicalizeHostname
1178 1203 +option.)
1179 1204 +This may be useful to specify conditions that work with canonical host
1180 1205 +names only.
1181 1206 +The
1182 1207 +.Cm exec
1183 1208 +keyword executes the specified command under the user's shell.
1184 1209 +If the command returns a zero exit status then the condition is considered true.
1185 1210 +Commands containing whitespace characters must be quoted.
1186 1211 +The following character sequences in the command will be expanded prior to
1187 1212 +execution:
1188 1213 +.Ql %L
1189 1214 +will be substituted by the first component of the local host name,
1190 1215 +.Ql %l
1191 1216 +will be substituted by the local host name (including any domain name),
1192 1217 +.Ql %h
1193 1218 +will be substituted by the target host name,
1194 1219 +.Ql %n
1195 1220 +will be substituted by the original target host name
1196 1221 +specified on the command-line,
1197 1222 +.Ql %p
1198 1223 +the destination port,
1199 1224 +.Ql %r
1200 1225 +by the remote login username, and
1201 1226 +.Ql %u
1202 1227 +by the username of the user running
1203 1228 +.Xr ssh 1 .
1204 1229 +.Pp
1205 1230 +The other keywords' criteria must be single entries or comma-separated
1206 1231 +lists and may use the wildcard and negation operators described in the
1207 1232 +.Sx PATTERNS
1208 1233 +section.
1209 1234 +The criteria for the
1210 1235 +.Cm host
1211 1236 +keyword are matched against the target hostname, after any substitution
1212 1237 +by the
1213 1238 +.Cm Hostname
1214 1239 +or
1215 1240 +.Cm CanonicalizeHostname
1216 1241 +options.
1217 1242 +The
1218 1243 +.Cm originalhost
1219 1244 +keyword matches against the hostname as it was specified on the command-line.
1220 1245 +The
1221 1246 +.Cm user
1222 1247 +keyword matches against the target username on the remote host.
1223 1248 +The
1224 1249 +.Cm localuser
1225 1250 +keyword matches against the name of the local user running
1226 1251 +.Xr ssh 1
1227 1252 +(this keyword may be useful in system-wide
1228 1253 +.Nm
1229 1254 +files).
1230 1255 +.It Cm AddressFamily
1231 1256 +Specifies which address family to use when connecting.
1232 1257 +Valid arguments are
1233 1258 +.Dq any ,
1234 1259 +.Dq inet
1235 1260 +(use IPv4 only), or
1236 1261 +.Dq inet6
1237 1262 +(use IPv6 only).
1238 1263 +.It Cm BatchMode
1239 1264 +If set to
1240 1265 +.Dq yes ,
1241 1266 +passphrase/password querying will be disabled.
1242 1267 +This option is useful in scripts and other batch jobs where no user
1243 1268 +is present to supply the password.
1244 1269 +The argument must be
1245 1270 +.Dq yes
1246 1271 +or
1247 1272 +.Dq no .
1248 1273 +The default is
1249 1274 +.Dq no .
1250 1275 +.It Cm BindAddress
1251 1276 +Use the specified address on the local machine as the source address of
1252 1277 +the connection.
1253 1278 +Only useful on systems with more than one address.
1254 1279 +Note that this option does not work if
1255 1280 +.Cm UsePrivilegedPort
1256 1281 +is set to
1257 1282 +.Dq yes .
1258 1283 +.It Cm CanonicalDomains
1259 1284 +When
1260 1285 +.Cm CanonicalizeHostname
1261 1286 +is enabled, this option specifies the list of domain suffixes in which to
1262 1287 +search for the specified destination host.
1263 1288 +.It Cm CanonicalizeFallbackLocal
1264 1289 +Specifies whether to fail with an error when hostname canonicalization fails.
1265 1290 +The default,
1266 1291 +.Dq yes ,
1267 1292 +will attempt to look up the unqualified hostname using the system resolver's
1268 1293 +search rules.
1269 1294 +A value of
1270 1295 +.Dq no
1271 1296 +will cause
1272 1297 +.Xr ssh 1
1273 1298 +to fail instantly if
1274 1299 +.Cm CanonicalizeHostname
1275 1300 +is enabled and the target hostname cannot be found in any of the domains
1276 1301 +specified by
1277 1302 +.Cm CanonicalDomains .
1278 1303 +.It Cm CanonicalizeHostname
1279 1304 +Controls whether explicit hostname canonicalization is performed.
1280 1305 +The default,
1281 1306 +.Dq no ,
1282 1307 +is not to perform any name rewriting and let the system resolver handle all
1283 1308 +hostname lookups.
1284 1309 +If set to
1285 1310 +.Dq yes
1286 1311 +then, for connections that do not use a
1287 1312 +.Cm ProxyCommand ,
1288 1313 +.Xr ssh 1
1289 1314 +will attempt to canonicalize the hostname specified on the command line
1290 1315 +using the
1291 1316 +.Cm CanonicalDomains
1292 1317 +suffixes and
1293 1318 +.Cm CanonicalizePermittedCNAMEs
1294 1319 +rules.
1295 1320 +If
1296 1321 +.Cm CanonicalizeHostname
1297 1322 +is set to
1298 1323 +.Dq always ,
1299 1324 +then canonicalization is applied to proxied connections too.
1300 1325 +.Pp
1301 1326 +If this option is enabled, then the configuration files are processed
1302 1327 +again using the new target name to pick up any new configuration in matching
1303 1328 +.Cm Host
1304 1329 +and
1305 1330 +.Cm Match
1306 1331 +stanzas.
1307 1332 +.It Cm CanonicalizeMaxDots
1308 1333 +Specifies the maximum number of dot characters in a hostname before
1309 1334 +canonicalization is disabled.
1310 1335 +The default,
1311 1336 +.Dq 1 ,
1312 1337 +allows a single dot (i.e. hostname.subdomain).
1313 1338 +.It Cm CanonicalizePermittedCNAMEs
1314 1339 +Specifies rules to determine whether CNAMEs should be followed when
1315 1340 +canonicalizing hostnames.
1316 1341 +The rules consist of one or more arguments of
1317 1342 +.Ar source_domain_list : Ns Ar target_domain_list ,
1318 1343 +where
1319 1344 +.Ar source_domain_list
1320 1345 +is a pattern-list of domains that may follow CNAMEs in canonicalization,
1321 1346 +and
1322 1347 +.Ar target_domain_list
1323 1348 +is a pattern-list of domains that they may resolve to.
1324 1349 +.Pp
1325 1350 +For example,
1326 1351 +.Dq *.a.example.com:*.b.example.com,*.c.example.com
1327 1352 +will allow hostnames matching
1328 1353 +.Dq *.a.example.com
1329 1354 +to be canonicalized to names in the
1330 1355 +.Dq *.b.example.com
1331 1356 +or
1332 1357 +.Dq *.c.example.com
1333 1358 +domains.
1334 1359 +.It Cm ChallengeResponseAuthentication
1335 1360 +Specifies whether to use challenge-response authentication.
1336 1361 +The argument to this keyword must be
1337 1362 +.Dq yes
1338 1363 +or
1339 1364 +.Dq no .
1340 1365 +The default is
1341 1366 +.Dq yes .
1342 1367 +.It Cm CheckHostIP
1343 1368 +If this flag is set to
1344 1369 +.Dq yes ,
1345 1370 +.Xr ssh 1
1346 1371 +will additionally check the host IP address in the
1347 1372 +.Pa known_hosts
1348 1373 +file.
1349 1374 +This allows ssh to detect if a host key changed due to DNS spoofing
1350 1375 +and will add addresses of destination hosts to
1351 1376 +.Pa ~/.ssh/known_hosts
1352 1377 +in the process, regardless of the setting of
1353 1378 +.Cm StrictHostKeyChecking .
1354 1379 +If the option is set to
1355 1380 +.Dq no ,
1356 1381 +the check will not be executed.
1357 1382 +The default is
1358 1383 +.Dq yes .
1359 1384 +.It Cm Cipher
1360 1385 +Specifies the cipher to use for encrypting the session
1361 1386 +in protocol version 1.
1362 1387 +Currently,
1363 1388 +.Dq blowfish ,
1364 1389 +.Dq 3des ,
1365 1390 +and
1366 1391 +.Dq des
1367 1392 +are supported.
1368 1393 +.Ar des
1369 1394 +is only supported in the
1370 1395 +.Xr ssh 1
1371 1396 +client for interoperability with legacy protocol 1 implementations
1372 1397 +that do not support the
1373 1398 +.Ar 3des
1374 1399 +cipher.
1375 1400 +Its use is strongly discouraged due to cryptographic weaknesses.
1376 1401 +The default is
1377 1402 +.Dq 3des .
1378 1403 +.It Cm Ciphers
1379 1404 +Specifies the ciphers allowed for protocol version 2
1380 1405 +in order of preference.
1381 1406 +Multiple ciphers must be comma-separated.
1382 1407 +If the specified value begins with a
1383 1408 +.Sq +
1384 1409 +character, then the specified ciphers will be appended to the default set
1385 1410 +instead of replacing them.
1386 1411 +.Pp
1387 1412 +The supported ciphers are:
1388 1413 +.Pp
1389 1414 +.Bl -item -compact -offset indent
1390 1415 +.It
1391 1416 +3des-cbc
1392 1417 +.It
1393 1418 +aes128-cbc
1394 1419 +.It
1395 1420 +aes192-cbc
1396 1421 +.It
1397 1422 +aes256-cbc
1398 1423 +.It
1399 1424 +aes128-ctr
1400 1425 +.It
1401 1426 +aes192-ctr
1402 1427 +.It
1403 1428 +aes256-ctr
1404 1429 +.It
1405 1430 +aes128-gcm@openssh.com
1406 1431 +.It
1407 1432 +aes256-gcm@openssh.com
1408 1433 +.It
1409 1434 +arcfour
1410 1435 +.It
1411 1436 +arcfour128
1412 1437 +.It
1413 1438 +arcfour256
1414 1439 +.It
1415 1440 +blowfish-cbc
1416 1441 +.It
1417 1442 +cast128-cbc
1418 1443 +.It
1419 1444 +chacha20-poly1305@openssh.com
1420 1445 +.El
1421 1446 +.Pp
1422 1447 +The default is:
1423 1448 +.Bd -literal -offset indent
1424 1449 +chacha20-poly1305@openssh.com,
1425 1450 +aes128-ctr,aes192-ctr,aes256-ctr,
1426 1451 +aes128-gcm@openssh.com,aes256-gcm@openssh.com,
1427 1452 +arcfour256,arcfour128,
1428 1453 +aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
1429 1454 +aes192-cbc,aes256-cbc,arcfour
1430 1455 +.Ed
1431 1456 +.Pp
1432 1457 +The list of available ciphers may also be obtained using the
1433 1458 +.Fl Q
1434 1459 +option of
1435 1460 +.Xr ssh 1
1436 1461 +with an argument of
1437 1462 +.Dq cipher .
1438 1463 +.It Cm ClearAllForwardings
1439 1464 +Specifies that all local, remote, and dynamic port forwardings
1440 1465 +specified in the configuration files or on the command line be
1441 1466 +cleared.
1442 1467 +This option is primarily useful when used from the
1443 1468 +.Xr ssh 1
1444 1469 +command line to clear port forwardings set in
1445 1470 +configuration files, and is automatically set by
1446 1471 +.Xr scp 1
1447 1472 +and
1448 1473 +.Xr sftp 1 .
1449 1474 +The argument must be
1450 1475 +.Dq yes
1451 1476 +or
1452 1477 +.Dq no .
1453 1478 +The default is
1454 1479 +.Dq no .
1455 1480 +.It Cm Compression
1456 1481 +Specifies whether to use compression.
1457 1482 +The argument must be
1458 1483 +.Dq yes
1459 1484 +or
1460 1485 +.Dq no .
1461 1486 +The default is
1462 1487 +.Dq no .
1463 1488 +.It Cm CompressionLevel
1464 1489 +Specifies the compression level to use if compression is enabled.
1465 1490 +The argument must be an integer from 1 (fast) to 9 (slow, best).
1466 1491 +The default level is 6, which is good for most applications.
1467 1492 +The meaning of the values is the same as in
1468 1493 +.Xr gzip 1 .
1469 1494 +Note that this option applies to protocol version 1 only.
1470 1495 +.It Cm ConnectionAttempts
1471 1496 +Specifies the number of tries (one per second) to make before exiting.
1472 1497 +The argument must be an integer.
1473 1498 +This may be useful in scripts if the connection sometimes fails.
1474 1499 +The default is 1.
1475 1500 +.It Cm ConnectTimeout
1476 1501 +Specifies the timeout (in seconds) used when connecting to the
1477 1502 +SSH server, instead of using the default system TCP timeout.
1478 1503 +This value is used only when the target is down or really unreachable,
1479 1504 +not when it refuses the connection.
1480 1505 +.It Cm ControlMaster
1481 1506 +Enables the sharing of multiple sessions over a single network connection.
1482 1507 +When set to
1483 1508 +.Dq yes ,
1484 1509 +.Xr ssh 1
1485 1510 +will listen for connections on a control socket specified using the
1486 1511 +.Cm ControlPath
1487 1512 +argument.
1488 1513 +Additional sessions can connect to this socket using the same
1489 1514 +.Cm ControlPath
1490 1515 +with
1491 1516 +.Cm ControlMaster
1492 1517 +set to
1493 1518 +.Dq no
1494 1519 +(the default).
1495 1520 +These sessions will try to reuse the master instance's network connection
1496 1521 +rather than initiating new ones, but will fall back to connecting normally
1497 1522 +if the control socket does not exist, or is not listening.
1498 1523 +.Pp
1499 1524 +Setting this to
1500 1525 +.Dq ask
1501 1526 +will cause ssh
1502 1527 +to listen for control connections, but require confirmation using
1503 1528 +.Xr ssh-askpass 1 .
1504 1529 +If the
1505 1530 +.Cm ControlPath
1506 1531 +cannot be opened,
1507 1532 +ssh will continue without connecting to a master instance.
1508 1533 +.Pp
1509 1534 +X11 and
1510 1535 +.Xr ssh-agent 1
1511 1536 +forwarding is supported over these multiplexed connections, however the
1512 1537 +display and agent forwarded will be the one belonging to the master
1513 1538 +connection i.e. it is not possible to forward multiple displays or agents.
1514 1539 +.Pp
1515 1540 +Two additional options allow for opportunistic multiplexing: try to use a
1516 1541 +master connection but fall back to creating a new one if one does not already
1517 1542 +exist.
1518 1543 +These options are:
1519 1544 +.Dq auto
1520 1545 +and
1521 1546 +.Dq autoask .
1522 1547 +The latter requires confirmation like the
1523 1548 +.Dq ask
1524 1549 +option.
1525 1550 +.It Cm ControlPath
1526 1551 +Specify the path to the control socket used for connection sharing as described
1527 1552 +in the
1528 1553 +.Cm ControlMaster
1529 1554 +section above or the string
1530 1555 +.Dq none
1531 1556 +to disable connection sharing.
1532 1557 +In the path,
1533 1558 +.Ql %L
1534 1559 +will be substituted by the first component of the local host name,
1535 1560 +.Ql %l
1536 1561 +will be substituted by the local host name (including any domain name),
1537 1562 +.Ql %h
1538 1563 +will be substituted by the target host name,
1539 1564 +.Ql %n
1540 1565 +will be substituted by the original target host name
1541 1566 +specified on the command line,
1542 1567 +.Ql %p
1543 1568 +the destination port,
1544 1569 +.Ql %r
1545 1570 +by the remote login username,
1546 1571 +.Ql %u
1547 1572 +by the username of the user running
1548 1573 +.Xr ssh 1 , and
1549 1574 +.Ql \&%C
1550 1575 +by a hash of the concatenation: %l%h%p%r.
1551 1576 +It is recommended that any
1552 1577 +.Cm ControlPath
1553 1578 +used for opportunistic connection sharing include
1554 1579 +at least %h, %p, and %r (or alternatively %C) and be placed in a directory
1555 1580 +that is not writable by other users.
1556 1581 +This ensures that shared connections are uniquely identified.
1557 1582 +.It Cm ControlPersist
1558 1583 +When used in conjunction with
1559 1584 +.Cm ControlMaster ,
1560 1585 +specifies that the master connection should remain open
1561 1586 +in the background (waiting for future client connections)
1562 1587 +after the initial client connection has been closed.
1563 1588 +If set to
1564 1589 +.Dq no ,
1565 1590 +then the master connection will not be placed into the background,
1566 1591 +and will close as soon as the initial client connection is closed.
1567 1592 +If set to
1568 1593 +.Dq yes
1569 1594 +or
1570 1595 +.Dq 0 ,
1571 1596 +then the master connection will remain in the background indefinitely
1572 1597 +(until killed or closed via a mechanism such as the
1573 1598 +.Xr ssh 1
1574 1599 +.Dq Fl O No exit
1575 1600 +option).
1576 1601 +If set to a time in seconds, or a time in any of the formats documented in
1577 1602 +.Xr sshd_config 4 ,
1578 1603 +then the backgrounded master connection will automatically terminate
1579 1604 +after it has remained idle (with no client connections) for the
1580 1605 +specified time.
1581 1606 +.It Cm DynamicForward
1582 1607 +Specifies that a TCP port on the local machine be forwarded
1583 1608 +over the secure channel, and the application
1584 1609 +protocol is then used to determine where to connect to from the
1585 1610 +remote machine.
1586 1611 +.Pp
1587 1612 +The argument must be
1588 1613 +.Sm off
1589 1614 +.Oo Ar bind_address : Oc Ar port .
1590 1615 +.Sm on
1591 1616 +IPv6 addresses can be specified by enclosing addresses in square brackets.
1592 1617 +By default, the local port is bound in accordance with the
1593 1618 +.Cm GatewayPorts
1594 1619 +setting.
1595 1620 +However, an explicit
1596 1621 +.Ar bind_address
1597 1622 +may be used to bind the connection to a specific address.
1598 1623 +The
1599 1624 +.Ar bind_address
1600 1625 +of
1601 1626 +.Dq localhost
1602 1627 +indicates that the listening port be bound for local use only, while an
1603 1628 +empty address or
1604 1629 +.Sq *
1605 1630 +indicates that the port should be available from all interfaces.
1606 1631 +.Pp
1607 1632 +Currently the SOCKS4 and SOCKS5 protocols are supported, and
1608 1633 +.Xr ssh 1
1609 1634 +will act as a SOCKS server.
1610 1635 +Multiple forwardings may be specified, and
1611 1636 +additional forwardings can be given on the command line.
1612 1637 +Only the superuser can forward privileged ports.
1613 1638 +.It Cm EnableSSHKeysign
1614 1639 +Setting this option to
1615 1640 +.Dq yes
1616 1641 +in the global client configuration file
1617 1642 +.Pa /etc/ssh/ssh_config
1618 1643 +enables the use of the helper program
1619 1644 +.Xr ssh-keysign 8
1620 1645 +during
1621 1646 +.Cm HostbasedAuthentication .
1622 1647 +The argument must be
1623 1648 +.Dq yes
1624 1649 +or
1625 1650 +.Dq no .
1626 1651 +The default is
1627 1652 +.Dq no .
1628 1653 +This option should be placed in the non-hostspecific section.
1629 1654 +See
1630 1655 +.Xr ssh-keysign 8
1631 1656 +for more information.
1632 1657 +.It Cm EscapeChar
1633 1658 +Sets the escape character (default:
1634 1659 +.Ql ~ ) .
1635 1660 +The escape character can also
1636 1661 +be set on the command line.
1637 1662 +The argument should be a single character,
1638 1663 +.Ql ^
1639 1664 +followed by a letter, or
1640 1665 +.Dq none
1641 1666 +to disable the escape
1642 1667 +character entirely (making the connection transparent for binary
1643 1668 +data).
1644 1669 +.It Cm ExitOnForwardFailure
1645 1670 +Specifies whether
1646 1671 +.Xr ssh 1
1647 1672 +should terminate the connection if it cannot set up all requested
1648 1673 +dynamic, tunnel, local, and remote port forwardings.
1649 1674 +The argument must be
1650 1675 +.Dq yes
1651 1676 +or
1652 1677 +.Dq no .
1653 1678 +The default is
1654 1679 +.Dq no .
1655 1680 +.It Cm FingerprintHash
1656 1681 +Specifies the hash algorithm used when displaying key fingerprints.
1657 1682 +Valid options are:
1658 1683 +.Dq md5
1659 1684 +and
1660 1685 +.Dq sha256 .
1661 1686 +The default is
1662 1687 +.Dq sha256 .
1663 1688 +.It Cm ForwardAgent
1664 1689 +Specifies whether the connection to the authentication agent (if any)
1665 1690 +will be forwarded to the remote machine.
1666 1691 +The argument must be
1667 1692 +.Dq yes
1668 1693 +or
1669 1694 +.Dq no .
1670 1695 +The default is
1671 1696 +.Dq no .
1672 1697 +.Pp
1673 1698 +Agent forwarding should be enabled with caution.
1674 1699 +Users with the ability to bypass file permissions on the remote host
1675 1700 +(for the agent's Unix-domain socket)
1676 1701 +can access the local agent through the forwarded connection.
1677 1702 +An attacker cannot obtain key material from the agent,
1678 1703 +however they can perform operations on the keys that enable them to
1679 1704 +authenticate using the identities loaded into the agent.
1680 1705 +.It Cm ForwardX11
1681 1706 +Specifies whether X11 connections will be automatically redirected
1682 1707 +over the secure channel and
1683 1708 +.Ev DISPLAY
1684 1709 +set.
1685 1710 +The argument must be
1686 1711 +.Dq yes
1687 1712 +or
1688 1713 +.Dq no .
1689 1714 +The default is
1690 1715 +.Dq no .
1691 1716 +.Pp
1692 1717 +X11 forwarding should be enabled with caution.
1693 1718 +Users with the ability to bypass file permissions on the remote host
1694 1719 +(for the user's X11 authorization database)
1695 1720 +can access the local X11 display through the forwarded connection.
1696 1721 +An attacker may then be able to perform activities such as keystroke monitoring
1697 1722 +if the
1698 1723 +.Cm ForwardX11Trusted
1699 1724 +option is also enabled.
1700 1725 +.It Cm ForwardX11Timeout
1701 1726 +Specify a timeout for untrusted X11 forwarding
1702 1727 +using the format described in the
1703 1728 +TIME FORMATS section of
1704 1729 +.Xr sshd_config 4 .
1705 1730 +X11 connections received by
1706 1731 +.Xr ssh 1
1707 1732 +after this time will be refused.
1708 1733 +The default is to disable untrusted X11 forwarding after twenty minutes has
1709 1734 +elapsed.
1710 1735 +.It Cm ForwardX11Trusted
1711 1736 +If this option is set to
1712 1737 +.Dq yes ,
1713 1738 +remote X11 clients will have full access to the original X11 display.
1714 1739 +.Pp
1715 1740 +If this option is set to
1716 1741 +.Dq no ,
1717 1742 +remote X11 clients will be considered untrusted and prevented
1718 1743 +from stealing or tampering with data belonging to trusted X11
1719 1744 +clients.
1720 1745 +Furthermore, the
1721 1746 +.Xr xauth 1
1722 1747 +token used for the session will be set to expire after 20 minutes.
1723 1748 +Remote clients will be refused access after this time.
1724 1749 +.Pp
1725 1750 +The default is
1726 1751 +.Dq no .
1727 1752 +.Pp
1728 1753 +See the X11 SECURITY extension specification for full details on
1729 1754 +the restrictions imposed on untrusted clients.
1730 1755 +.It Cm GatewayPorts
1731 1756 +Specifies whether remote hosts are allowed to connect to local
1732 1757 +forwarded ports.
1733 1758 +By default,
1734 1759 +.Xr ssh 1
1735 1760 +binds local port forwardings to the loopback address.
1736 1761 +This prevents other remote hosts from connecting to forwarded ports.
1737 1762 +.Cm GatewayPorts
1738 1763 +can be used to specify that ssh
1739 1764 +should bind local port forwardings to the wildcard address,
1740 1765 +thus allowing remote hosts to connect to forwarded ports.
1741 1766 +The argument must be
1742 1767 +.Dq yes
1743 1768 +or
1744 1769 +.Dq no .
1745 1770 +The default is
1746 1771 +.Dq no .
1747 1772 +.It Cm GlobalKnownHostsFile
1748 1773 +Specifies one or more files to use for the global
1749 1774 +host key database, separated by whitespace.
1750 1775 +The default is
1751 1776 +.Pa /etc/ssh/ssh_known_hosts ,
1752 1777 +.Pa /etc/ssh/ssh_known_hosts2 .
1753 1778 +.It Cm GSSAPIAuthentication
1754 1779 +Specifies whether user authentication based on GSSAPI is allowed.
1755 1780 +The default is
1756 1781 +.Dq no .
1757 1782 +Note that this option applies to protocol version 2 only.
1758 1783 +.It Cm GSSAPIDelegateCredentials
1759 1784 +Forward (delegate) credentials to the server.
1760 1785 +The default is
1761 1786 +.Dq no .
1762 1787 +Note that this option applies to protocol version 2 only.
1763 1788 +.It Cm HashKnownHosts
1764 1789 +Indicates that
1765 1790 +.Xr ssh 1
1766 1791 +should hash host names and addresses when they are added to
1767 1792 +.Pa ~/.ssh/known_hosts .
1768 1793 +These hashed names may be used normally by
1769 1794 +.Xr ssh 1
1770 1795 +and
1771 1796 +.Xr sshd 1M ,
1772 1797 +but they do not reveal identifying information should the file's contents
1773 1798 +be disclosed.
1774 1799 +The default is
1775 1800 +.Dq no .
1776 1801 +Note that existing names and addresses in known hosts files
1777 1802 +will not be converted automatically,
1778 1803 +but may be manually hashed using
1779 1804 +.Xr ssh-keygen 1 .
1780 1805 +.It Cm HostbasedAuthentication
1781 1806 +Specifies whether to try rhosts based authentication with public key
1782 1807 +authentication.
1783 1808 +The argument must be
1784 1809 +.Dq yes
1785 1810 +or
1786 1811 +.Dq no .
1787 1812 +The default is
1788 1813 +.Dq no .
1789 1814 +This option applies to protocol version 2 only and
1790 1815 +is similar to
1791 1816 +.Cm RhostsRSAAuthentication .
1792 1817 +.It Cm HostbasedKeyTypes
1793 1818 +Specifies the key types that will be used for hostbased authentication
1794 1819 +as a comma-separated pattern list.
1795 1820 +Alternately if the specified value begins with a
1796 1821 +.Sq +
1797 1822 +character, then the specified key types will be appended to the default set
1798 1823 +instead of replacing them.
1799 1824 +The default for this option is:
1800 1825 +.Bd -literal -offset 3n
1801 1826 +ecdsa-sha2-nistp256-cert-v01@openssh.com,
1802 1827 +ecdsa-sha2-nistp384-cert-v01@openssh.com,
1803 1828 +ecdsa-sha2-nistp521-cert-v01@openssh.com,
1804 1829 +ssh-ed25519-cert-v01@openssh.com,
1805 1830 +ssh-rsa-cert-v01@openssh.com,
1806 1831 +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
1807 1832 +ssh-ed25519,ssh-rsa
1808 1833 +.Ed
1809 1834 +.Pp
1810 1835 +The
1811 1836 +.Fl Q
1812 1837 +option of
1813 1838 +.Xr ssh 1
1814 1839 +may be used to list supported key types.
1815 1840 +.It Cm HostKeyAlgorithms
1816 1841 +Specifies the protocol version 2 host key algorithms
1817 1842 +that the client wants to use in order of preference.
1818 1843 +Alternately if the specified value begins with a
1819 1844 +.Sq +
1820 1845 +character, then the specified key types will be appended to the default set
1821 1846 +instead of replacing them.
1822 1847 +The default for this option is:
1823 1848 +.Bd -literal -offset 3n
1824 1849 +ecdsa-sha2-nistp256-cert-v01@openssh.com,
1825 1850 +ecdsa-sha2-nistp384-cert-v01@openssh.com,
1826 1851 +ecdsa-sha2-nistp521-cert-v01@openssh.com,
1827 1852 +ssh-ed25519-cert-v01@openssh.com,
1828 1853 +ssh-rsa-cert-v01@openssh.com,
1829 1854 +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
1830 1855 +ssh-ed25519,ssh-rsa
1831 1856 +.Ed
1832 1857 +.Pp
1833 1858 +If hostkeys are known for the destination host then this default is modified
1834 1859 +to prefer their algorithms.
1835 1860 +.Pp
1836 1861 +The list of available key types may also be obtained using the
1837 1862 +.Fl Q
1838 1863 +option of
1839 1864 +.Xr ssh 1
1840 1865 +with an argument of
1841 1866 +.Dq key .
1842 1867 +.It Cm HostKeyAlias
1843 1868 +Specifies an alias that should be used instead of the
1844 1869 +real host name when looking up or saving the host key
1845 1870 +in the host key database files.
1846 1871 +This option is useful for tunneling SSH connections
1847 1872 +or for multiple servers running on a single host.
1848 1873 +.It Cm HostName
1849 1874 +Specifies the real host name to log into.
1850 1875 +This can be used to specify nicknames or abbreviations for hosts.
1851 1876 +If the hostname contains the character sequence
1852 1877 +.Ql %h ,
1853 1878 +then this will be replaced with the host name specified on the command line
1854 1879 +(this is useful for manipulating unqualified names).
1855 1880 +The character sequence
1856 1881 +.Ql %%
1857 1882 +will be replaced by a single
1858 1883 +.Ql %
1859 1884 +character, which may be used when specifying IPv6 link-local addresses.
1860 1885 +.Pp
1861 1886 +The default is the name given on the command line.
1862 1887 +Numeric IP addresses are also permitted (both on the command line and in
1863 1888 +.Cm HostName
1864 1889 +specifications).
1865 1890 +.It Cm IdentitiesOnly
1866 1891 +Specifies that
1867 1892 +.Xr ssh 1
1868 1893 +should only use the authentication identity files configured in the
1869 1894 +.Nm
1870 1895 +files,
1871 1896 +even if
1872 1897 +.Xr ssh-agent 1
1873 1898 +or a
1874 1899 +.Cm PKCS11Provider
1875 1900 +offers more identities.
1876 1901 +The argument to this keyword must be
1877 1902 +.Dq yes
1878 1903 +or
1879 1904 +.Dq no .
1880 1905 +This option is intended for situations where ssh-agent
1881 1906 +offers many different identities.
1882 1907 +The default is
1883 1908 +.Dq no .
1884 1909 +.It Cm IdentityFile
1885 1910 +Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication
1886 1911 +identity is read.
1887 1912 +The default is
1888 1913 +.Pa ~/.ssh/identity
1889 1914 +for protocol version 1, and
1890 1915 +.Pa ~/.ssh/id_dsa ,
1891 1916 +.Pa ~/.ssh/id_ecdsa ,
1892 1917 +.Pa ~/.ssh/id_ed25519
1893 1918 +and
1894 1919 +.Pa ~/.ssh/id_rsa
1895 1920 +for protocol version 2.
1896 1921 +Additionally, any identities represented by the authentication agent
1897 1922 +will be used for authentication unless
1898 1923 +.Cm IdentitiesOnly
1899 1924 +is set.
1900 1925 +.Xr ssh 1
1901 1926 +will try to load certificate information from the filename obtained by
1902 1927 +appending
1903 1928 +.Pa -cert.pub
1904 1929 +to the path of a specified
1905 1930 +.Cm IdentityFile .
1906 1931 +.Pp
1907 1932 +The file name may use the tilde
1908 1933 +syntax to refer to a user's home directory or one of the following
1909 1934 +escape characters:
1910 1935 +.Ql %d
1911 1936 +(local user's home directory),
1912 1937 +.Ql %u
1913 1938 +(local user name),
1914 1939 +.Ql %l
1915 1940 +(local host name),
1916 1941 +.Ql %h
1917 1942 +(remote host name) or
1918 1943 +.Ql %r
1919 1944 +(remote user name).
1920 1945 +.Pp
1921 1946 +It is possible to have
1922 1947 +multiple identity files specified in configuration files; all these
1923 1948 +identities will be tried in sequence.
1924 1949 +Multiple
1925 1950 +.Cm IdentityFile
1926 1951 +directives will add to the list of identities tried (this behaviour
1927 1952 +differs from that of other configuration directives).
1928 1953 +.Pp
1929 1954 +.Cm IdentityFile
1930 1955 +may be used in conjunction with
1931 1956 +.Cm IdentitiesOnly
1932 1957 +to select which identities in an agent are offered during authentication.
1933 1958 +.It Cm IgnoreUnknown
1934 1959 +Specifies a pattern-list of unknown options to be ignored if they are
1935 1960 +encountered in configuration parsing.
1936 1961 +This may be used to suppress errors if
1937 1962 +.Nm
1938 1963 +contains options that are unrecognised by
1939 1964 +.Xr ssh 1 .
1940 1965 +It is recommended that
1941 1966 +.Cm IgnoreUnknown
1942 1967 +be listed early in the configuration file as it will not be applied
1943 1968 +to unknown options that appear before it.
1944 1969 +.It Cm IPQoS
1945 1970 +Specifies the IPv4 type-of-service or DSCP class for connections.
1946 1971 +Accepted values are
1947 1972 +.Dq af11 ,
1948 1973 +.Dq af12 ,
1949 1974 +.Dq af13 ,
1950 1975 +.Dq af21 ,
1951 1976 +.Dq af22 ,
1952 1977 +.Dq af23 ,
1953 1978 +.Dq af31 ,
1954 1979 +.Dq af32 ,
1955 1980 +.Dq af33 ,
1956 1981 +.Dq af41 ,
1957 1982 +.Dq af42 ,
1958 1983 +.Dq af43 ,
1959 1984 +.Dq cs0 ,
1960 1985 +.Dq cs1 ,
1961 1986 +.Dq cs2 ,
1962 1987 +.Dq cs3 ,
1963 1988 +.Dq cs4 ,
1964 1989 +.Dq cs5 ,
1965 1990 +.Dq cs6 ,
1966 1991 +.Dq cs7 ,
1967 1992 +.Dq ef ,
1968 1993 +.Dq lowdelay ,
1969 1994 +.Dq throughput ,
1970 1995 +.Dq reliability ,
1971 1996 +or a numeric value.
1972 1997 +This option may take one or two arguments, separated by whitespace.
1973 1998 +If one argument is specified, it is used as the packet class unconditionally.
1974 1999 +If two values are specified, the first is automatically selected for
1975 2000 +interactive sessions and the second for non-interactive sessions.
1976 2001 +The default is
1977 2002 +.Dq lowdelay
1978 2003 +for interactive sessions and
1979 2004 +.Dq throughput
1980 2005 +for non-interactive sessions.
1981 2006 +.It Cm KbdInteractiveAuthentication
1982 2007 +Specifies whether to use keyboard-interactive authentication.
1983 2008 +The argument to this keyword must be
1984 2009 +.Dq yes
1985 2010 +or
1986 2011 +.Dq no .
1987 2012 +The default is
1988 2013 +.Dq yes .
1989 2014 +.It Cm KbdInteractiveDevices
1990 2015 +Specifies the list of methods to use in keyboard-interactive authentication.
1991 2016 +Multiple method names must be comma-separated.
1992 2017 +The default is to use the server specified list.
1993 2018 +The methods available vary depending on what the server supports.
1994 2019 +For an OpenSSH server,
1995 2020 +it may be zero or more of:
1996 2021 +.Dq bsdauth ,
1997 2022 +.Dq pam ,
1998 2023 +and
1999 2024 +.Dq skey .
2000 2025 +.It Cm KexAlgorithms
2001 2026 +Specifies the available KEX (Key Exchange) algorithms.
2002 2027 +Multiple algorithms must be comma-separated.
2003 2028 +Alternately if the specified value begins with a
2004 2029 +.Sq +
2005 2030 +character, then the specified methods will be appended to the default set
2006 2031 +instead of replacing them.
2007 2032 +The default is:
2008 2033 +.Bd -literal -offset indent
2009 2034 +curve25519-sha256@libssh.org,
2010 2035 +ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
2011 2036 +diffie-hellman-group-exchange-sha256,
2012 2037 +diffie-hellman-group-exchange-sha1,
2013 2038 +diffie-hellman-group14-sha1
2014 2039 +.Ed
2015 2040 +.Pp
2016 2041 +The list of available key exchange algorithms may also be obtained using the
2017 2042 +.Fl Q
2018 2043 +option of
2019 2044 +.Xr ssh 1
2020 2045 +with an argument of
2021 2046 +.Dq kex .
2022 2047 +.It Cm LocalCommand
2023 2048 +Specifies a command to execute on the local machine after successfully
2024 2049 +connecting to the server.
2025 2050 +The command string extends to the end of the line, and is executed with
2026 2051 +the user's shell.
2027 2052 +The following escape character substitutions will be performed:
2028 2053 +.Ql %d
2029 2054 +(local user's home directory),
2030 2055 +.Ql %h
2031 2056 +(remote host name),
2032 2057 +.Ql %l
2033 2058 +(local host name),
2034 2059 +.Ql %n
2035 2060 +(host name as provided on the command line),
2036 2061 +.Ql %p
2037 2062 +(remote port),
2038 2063 +.Ql %r
2039 2064 +(remote user name) or
2040 2065 +.Ql %u
2041 2066 +(local user name) or
2042 2067 +.Ql \&%C
2043 2068 +by a hash of the concatenation: %l%h%p%r.
2044 2069 +.Pp
2045 2070 +The command is run synchronously and does not have access to the
2046 2071 +session of the
2047 2072 +.Xr ssh 1
2048 2073 +that spawned it.
2049 2074 +It should not be used for interactive commands.
2050 2075 +.Pp
2051 2076 +This directive is ignored unless
2052 2077 +.Cm PermitLocalCommand
2053 2078 +has been enabled.
2054 2079 +.It Cm LocalForward
2055 2080 +Specifies that a TCP port on the local machine be forwarded over
2056 2081 +the secure channel to the specified host and port from the remote machine.
2057 2082 +The first argument must be
2058 2083 +.Sm off
2059 2084 +.Oo Ar bind_address : Oc Ar port
2060 2085 +.Sm on
2061 2086 +and the second argument must be
2062 2087 +.Ar host : Ns Ar hostport .
2063 2088 +IPv6 addresses can be specified by enclosing addresses in square brackets.
2064 2089 +Multiple forwardings may be specified, and additional forwardings can be
2065 2090 +given on the command line.
2066 2091 +Only the superuser can forward privileged ports.
2067 2092 +By default, the local port is bound in accordance with the
2068 2093 +.Cm GatewayPorts
2069 2094 +setting.
2070 2095 +However, an explicit
2071 2096 +.Ar bind_address
2072 2097 +may be used to bind the connection to a specific address.
2073 2098 +The
2074 2099 +.Ar bind_address
2075 2100 +of
2076 2101 +.Dq localhost
2077 2102 +indicates that the listening port be bound for local use only, while an
2078 2103 +empty address or
2079 2104 +.Sq *
2080 2105 +indicates that the port should be available from all interfaces.
2081 2106 +.It Cm LogLevel
2082 2107 +Gives the verbosity level that is used when logging messages from
2083 2108 +.Xr ssh 1 .
2084 2109 +The possible values are:
2085 2110 +QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
2086 2111 +The default is INFO.
2087 2112 +DEBUG and DEBUG1 are equivalent.
2088 2113 +DEBUG2 and DEBUG3 each specify higher levels of verbose output.
2089 2114 +.It Cm MACs
2090 2115 +Specifies the MAC (message authentication code) algorithms
2091 2116 +in order of preference.
2092 2117 +The MAC algorithm is used in protocol version 2
2093 2118 +for data integrity protection.
2094 2119 +Multiple algorithms must be comma-separated.
2095 2120 +If the specified value begins with a
2096 2121 +.Sq +
2097 2122 +character, then the specified algorithms will be appended to the default set
2098 2123 +instead of replacing them.
2099 2124 +.Pp
2100 2125 +The algorithms that contain
2101 2126 +.Dq -etm
2102 2127 +calculate the MAC after encryption (encrypt-then-mac).
2103 2128 +These are considered safer and their use recommended.
2104 2129 +.Pp
2105 2130 +The default is:
2106 2131 +.Bd -literal -offset indent
2107 2132 +umac-64-etm@openssh.com,umac-128-etm@openssh.com,
2108 2133 +hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
2109 2134 +umac-64@openssh.com,umac-128@openssh.com,
2110 2135 +hmac-sha2-256,hmac-sha2-512,
2111 2136 +hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,
2112 2137 +hmac-ripemd160-etm@openssh.com,
2113 2138 +hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,
2114 2139 +hmac-md5,hmac-sha1,hmac-ripemd160,
2115 2140 +hmac-sha1-96,hmac-md5-96
2116 2141 +.Ed
2117 2142 +.Pp
2118 2143 +The list of available MAC algorithms may also be obtained using the
2119 2144 +.Fl Q
2120 2145 +option of
2121 2146 +.Xr ssh 1
2122 2147 +with an argument of
2123 2148 +.Dq mac .
2124 2149 +.It Cm NoHostAuthenticationForLocalhost
2125 2150 +This option can be used if the home directory is shared across machines.
2126 2151 +In this case localhost will refer to a different machine on each of
2127 2152 +the machines and the user will get many warnings about changed host keys.
2128 2153 +However, this option disables host authentication for localhost.
2129 2154 +The argument to this keyword must be
2130 2155 +.Dq yes
2131 2156 +or
2132 2157 +.Dq no .
2133 2158 +The default is to check the host key for localhost.
2134 2159 +.It Cm NumberOfPasswordPrompts
2135 2160 +Specifies the number of password prompts before giving up.
2136 2161 +The argument to this keyword must be an integer.
2137 2162 +The default is 3.
2138 2163 +.It Cm PasswordAuthentication
2139 2164 +Specifies whether to use password authentication.
2140 2165 +The argument to this keyword must be
2141 2166 +.Dq yes
2142 2167 +or
2143 2168 +.Dq no .
2144 2169 +The default is
2145 2170 +.Dq yes .
2146 2171 +.It Cm PermitLocalCommand
2147 2172 +Allow local command execution via the
2148 2173 +.Ic LocalCommand
2149 2174 +option or using the
2150 2175 +.Ic !\& Ns Ar command
2151 2176 +escape sequence in
2152 2177 +.Xr ssh 1 .
2153 2178 +The argument must be
2154 2179 +.Dq yes
2155 2180 +or
2156 2181 +.Dq no .
2157 2182 +The default is
2158 2183 +.Dq no .
2159 2184 +.It Cm PKCS11Provider
2160 2185 +Specifies which PKCS#11 provider to use.
2161 2186 +The argument to this keyword is the PKCS#11 shared library
2162 2187 +.Xr ssh 1
2163 2188 +should use to communicate with a PKCS#11 token providing the user's
2164 2189 +private RSA key.
2165 2190 +.It Cm Port
2166 2191 +Specifies the port number to connect on the remote host.
2167 2192 +The default is 22.
2168 2193 +.It Cm PreferredAuthentications
2169 2194 +Specifies the order in which the client should try protocol 2
2170 2195 +authentication methods.
2171 2196 +This allows a client to prefer one method (e.g.\&
2172 2197 +.Cm keyboard-interactive )
2173 2198 +over another method (e.g.\&
2174 2199 +.Cm password ) .
2175 2200 +The default is:
2176 2201 +.Bd -literal -offset indent
2177 2202 +gssapi-with-mic,hostbased,publickey,
2178 2203 +keyboard-interactive,password
2179 2204 +.Ed
2180 2205 +.It Cm Protocol
2181 2206 +Specifies the protocol versions
2182 2207 +.Xr ssh 1
2183 2208 +should support in order of preference.
2184 2209 +The possible values are
2185 2210 +.Sq 1
2186 2211 +and
2187 2212 +.Sq 2 .
2188 2213 +Multiple versions must be comma-separated.
2189 2214 +When this option is set to
2190 2215 +.Dq 2,1
2191 2216 +.Nm ssh
2192 2217 +will try version 2 and fall back to version 1
2193 2218 +if version 2 is not available.
2194 2219 +The default is
2195 2220 +.Sq 2 .
2196 2221 +.It Cm ProxyCommand
2197 2222 +Specifies the command to use to connect to the server.
2198 2223 +The command
2199 2224 +string extends to the end of the line, and is executed
2200 2225 +using the user's shell
2201 2226 +.Ql exec
2202 2227 +directive to avoid a lingering shell process.
2203 2228 +.Pp
2204 2229 +In the command string, any occurrence of
2205 2230 +.Ql %h
2206 2231 +will be substituted by the host name to
2207 2232 +connect,
2208 2233 +.Ql %p
2209 2234 +by the port, and
2210 2235 +.Ql %r
2211 2236 +by the remote user name.
2212 2237 +The command can be basically anything,
2213 2238 +and should read from its standard input and write to its standard output.
2214 2239 +It should eventually connect an
2215 2240 +.Xr sshd 8
2216 2241 +server running on some machine, or execute
2217 2242 +.Ic sshd -i
2218 2243 +somewhere.
2219 2244 +Host key management will be done using the
2220 2245 +HostName of the host being connected (defaulting to the name typed by
2221 2246 +the user).
2222 2247 +Setting the command to
2223 2248 +.Dq none
2224 2249 +disables this option entirely.
2225 2250 +Note that
2226 2251 +.Cm CheckHostIP
2227 2252 +is not available for connects with a proxy command.
2228 2253 +.Pp
2229 2254 +This directive is useful in conjunction with
2230 2255 +.Xr nc 1
2231 2256 +and its proxy support.
2232 2257 +For example, the following directive would connect via an HTTP proxy at
2233 2258 +192.0.2.0:
2234 2259 +.Bd -literal -offset 3n
2235 2260 +ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
2236 2261 +.Ed
2237 2262 +.It Cm ProxyUseFdpass
2238 2263 +Specifies that
2239 2264 +.Cm ProxyCommand
2240 2265 +will pass a connected file descriptor back to
2241 2266 +.Xr ssh 1
2242 2267 +instead of continuing to execute and pass data.
2243 2268 +The default is
2244 2269 +.Dq no .
2245 2270 +.It Cm PubkeyAcceptedKeyTypes
2246 2271 +Specifies the key types that will be used for public key authentication
2247 2272 +as a comma-separated pattern list.
2248 2273 +Alternately if the specified value begins with a
2249 2274 +.Sq +
2250 2275 +character, then the key types after it will be appended to the default
2251 2276 +instead of replacing it.
2252 2277 +The default for this option is:
2253 2278 +.Bd -literal -offset 3n
2254 2279 +ecdsa-sha2-nistp256-cert-v01@openssh.com,
2255 2280 +ecdsa-sha2-nistp384-cert-v01@openssh.com,
2256 2281 +ecdsa-sha2-nistp521-cert-v01@openssh.com,
2257 2282 +ssh-ed25519-cert-v01@openssh.com,
2258 2283 +ssh-rsa-cert-v01@openssh.com,
2259 2284 +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
2260 2285 +ssh-ed25519,ssh-rsa
2261 2286 +.Ed
2262 2287 +.Pp
2263 2288 +The
2264 2289 +.Fl Q
2265 2290 +option of
2266 2291 +.Xr ssh 1
2267 2292 +may be used to list supported key types.
2268 2293 +.It Cm PubkeyAuthentication
2269 2294 +Specifies whether to try public key authentication.
2270 2295 +The argument to this keyword must be
2271 2296 +.Dq yes
2272 2297 +or
2273 2298 +.Dq no .
2274 2299 +The default is
2275 2300 +.Dq yes .
2276 2301 +This option applies to protocol version 2 only.
2277 2302 +.It Cm RekeyLimit
2278 2303 +Specifies the maximum amount of data that may be transmitted before the
2279 2304 +session key is renegotiated, optionally followed a maximum amount of
2280 2305 +time that may pass before the session key is renegotiated.
2281 2306 +The first argument is specified in bytes and may have a suffix of
2282 2307 +.Sq K ,
2283 2308 +.Sq M ,
2284 2309 +or
2285 2310 +.Sq G
2286 2311 +to indicate Kilobytes, Megabytes, or Gigabytes, respectively.
2287 2312 +The default is between
2288 2313 +.Sq 1G
2289 2314 +and
2290 2315 +.Sq 4G ,
2291 2316 +depending on the cipher.
2292 2317 +The optional second value is specified in seconds and may use any of the
2293 2318 +units documented in the
2294 2319 +TIME FORMATS section of
2295 2320 +.Xr sshd_config 4 .
2296 2321 +The default value for
2297 2322 +.Cm RekeyLimit
2298 2323 +is
2299 2324 +.Dq default none ,
2300 2325 +which means that rekeying is performed after the cipher's default amount
2301 2326 +of data has been sent or received and no time based rekeying is done.
2302 2327 +This option applies to protocol version 2 only.
2303 2328 +.It Cm RemoteForward
2304 2329 +Specifies that a TCP port on the remote machine be forwarded over
2305 2330 +the secure channel to the specified host and port from the local machine.
2306 2331 +The first argument must be
2307 2332 +.Sm off
2308 2333 +.Oo Ar bind_address : Oc Ar port
2309 2334 +.Sm on
2310 2335 +and the second argument must be
2311 2336 +.Ar host : Ns Ar hostport .
2312 2337 +IPv6 addresses can be specified by enclosing addresses in square brackets.
2313 2338 +Multiple forwardings may be specified, and additional
2314 2339 +forwardings can be given on the command line.
2315 2340 +Privileged ports can be forwarded only when
2316 2341 +logging in as root on the remote machine.
2317 2342 +.Pp
2318 2343 +If the
2319 2344 +.Ar port
2320 2345 +argument is
2321 2346 +.Ql 0 ,
2322 2347 +the listen port will be dynamically allocated on the server and reported
2323 2348 +to the client at run time.
2324 2349 +.Pp
2325 2350 +If the
2326 2351 +.Ar bind_address
2327 2352 +is not specified, the default is to only bind to loopback addresses.
2328 2353 +If the
2329 2354 +.Ar bind_address
2330 2355 +is
2331 2356 +.Ql *
2332 2357 +or an empty string, then the forwarding is requested to listen on all
2333 2358 +interfaces.
2334 2359 +Specifying a remote
2335 2360 +.Ar bind_address
2336 2361 +will only succeed if the server's
2337 2362 +.Cm GatewayPorts
2338 2363 +option is enabled (see
2339 2364 +.Xr sshd_config 4 ) .
2340 2365 +.It Cm RequestTTY
2341 2366 +Specifies whether to request a pseudo-tty for the session.
2342 2367 +The argument may be one of:
2343 2368 +.Dq no
2344 2369 +(never request a TTY),
2345 2370 +.Dq yes
2346 2371 +(always request a TTY when standard input is a TTY),
2347 2372 +.Dq force
2348 2373 +(always request a TTY) or
2349 2374 +.Dq auto
2350 2375 +(request a TTY when opening a login session).
2351 2376 +This option mirrors the
2352 2377 +.Fl t
2353 2378 +and
2354 2379 +.Fl T
2355 2380 +flags for
2356 2381 +.Xr ssh 1 .
2357 2382 +.It Cm RevokedHostKeys
2358 2383 +Specifies revoked host public keys.
2359 2384 +Keys listed in this file will be refused for host authentication.
2360 2385 +Note that if this file does not exist or is not readable,
2361 2386 +then host authentication will be refused for all hosts.
2362 2387 +Keys may be specified as a text file, listing one public key per line, or as
2363 2388 +an OpenSSH Key Revocation List (KRL) as generated by
2364 2389 +.Xr ssh-keygen 1 .
2365 2390 +For more information on KRLs, see the KEY REVOCATION LISTS section in
2366 2391 +.Xr ssh-keygen 1 .
2367 2392 +.It Cm RhostsRSAAuthentication
2368 2393 +Specifies whether to try rhosts based authentication with RSA host
2369 2394 +authentication.
2370 2395 +The argument must be
2371 2396 +.Dq yes
2372 2397 +or
2373 2398 +.Dq no .
2374 2399 +The default is
2375 2400 +.Dq no .
2376 2401 +This option applies to protocol version 1 only and requires
2377 2402 +.Xr ssh 1
2378 2403 +to be setuid root.
2379 2404 +.It Cm RSAAuthentication
2380 2405 +Specifies whether to try RSA authentication.
2381 2406 +The argument to this keyword must be
2382 2407 +.Dq yes
2383 2408 +or
2384 2409 +.Dq no .
2385 2410 +RSA authentication will only be
2386 2411 +attempted if the identity file exists, or an authentication agent is
2387 2412 +running.
2388 2413 +The default is
2389 2414 +.Dq yes .
2390 2415 +Note that this option applies to protocol version 1 only.
2391 2416 +.It Cm SendEnv
2392 2417 +Specifies what variables from the local
2393 2418 +.Xr environ 7
2394 2419 +should be sent to the server.
2395 2420 +Note that environment passing is only supported for protocol 2.
2396 2421 +The server must also support it, and the server must be configured to
2397 2422 +accept these environment variables.
2398 2423 +Note that the
2399 2424 +.Ev TERM
2400 2425 +environment variable is always sent whenever a
2401 2426 +pseudo-terminal is requested as it is required by the protocol.
2402 2427 +Refer to
2403 2428 +.Cm AcceptEnv
2404 2429 +in
2405 2430 +.Xr sshd_config 4
2406 2431 +for how to configure the server.
2407 2432 +Variables are specified by name, which may contain wildcard characters.
2408 2433 +Multiple environment variables may be separated by whitespace or spread
2409 2434 +across multiple
2410 2435 +.Cm SendEnv
2411 2436 +directives.
2412 2437 +The default is not to send any environment variables.
2413 2438 +.Pp
2414 2439 +See
2415 2440 +.Sx PATTERNS
2416 2441 +for more information on patterns.
2417 2442 +.It Cm ServerAliveCountMax
2418 2443 +Sets the number of server alive messages (see below) which may be
2419 2444 +sent without
2420 2445 +.Xr ssh 1
2421 2446 +receiving any messages back from the server.
2422 2447 +If this threshold is reached while server alive messages are being sent,
2423 2448 +ssh will disconnect from the server, terminating the session.
2424 2449 +It is important to note that the use of server alive messages is very
2425 2450 +different from
2426 2451 +.Cm TCPKeepAlive
2427 2452 +(below).
2428 2453 +The server alive messages are sent through the encrypted channel
2429 2454 +and therefore will not be spoofable.
2430 2455 +The TCP keepalive option enabled by
2431 2456 +.Cm TCPKeepAlive
2432 2457 +is spoofable.
2433 2458 +The server alive mechanism is valuable when the client or
2434 2459 +server depend on knowing when a connection has become inactive.
2435 2460 +.Pp
2436 2461 +The default value is 3.
2437 2462 +If, for example,
2438 2463 +.Cm ServerAliveInterval
2439 2464 +(see below) is set to 15 and
2440 2465 +.Cm ServerAliveCountMax
2441 2466 +is left at the default, if the server becomes unresponsive,
2442 2467 +ssh will disconnect after approximately 45 seconds.
2443 2468 +This option applies to protocol version 2 only.
2444 2469 +.It Cm ServerAliveInterval
2445 2470 +Sets a timeout interval in seconds after which if no data has been received
2446 2471 +from the server,
2447 2472 +.Xr ssh 1
2448 2473 +will send a message through the encrypted
2449 2474 +channel to request a response from the server.
2450 2475 +The default
2451 2476 +is 0, indicating that these messages will not be sent to the server.
2452 2477 +This option applies to protocol version 2 only.
2453 2478 +.It Cm StreamLocalBindMask
2454 2479 +Sets the octal file creation mode mask
2455 2480 +.Pq umask
2456 2481 +used when creating a Unix-domain socket file for local or remote
2457 2482 +port forwarding.
2458 2483 +This option is only used for port forwarding to a Unix-domain socket file.
2459 2484 +.Pp
2460 2485 +The default value is 0177, which creates a Unix-domain socket file that is
2461 2486 +readable and writable only by the owner.
2462 2487 +Note that not all operating systems honor the file mode on Unix-domain
2463 2488 +socket files.
2464 2489 +.It Cm StreamLocalBindUnlink
2465 2490 +Specifies whether to remove an existing Unix-domain socket file for local
2466 2491 +or remote port forwarding before creating a new one.
2467 2492 +If the socket file already exists and
2468 2493 +.Cm StreamLocalBindUnlink
2469 2494 +is not enabled,
2470 2495 +.Nm ssh
2471 2496 +will be unable to forward the port to the Unix-domain socket file.
2472 2497 +This option is only used for port forwarding to a Unix-domain socket file.
2473 2498 +.Pp
2474 2499 +The argument must be
2475 2500 +.Dq yes
2476 2501 +or
2477 2502 +.Dq no .
2478 2503 +The default is
2479 2504 +.Dq no .
2480 2505 +.It Cm StrictHostKeyChecking
2481 2506 +If this flag is set to
2482 2507 +.Dq yes ,
2483 2508 +.Xr ssh 1
2484 2509 +will never automatically add host keys to the
2485 2510 +.Pa ~/.ssh/known_hosts
2486 2511 +file, and refuses to connect to hosts whose host key has changed.
2487 2512 +This provides maximum protection against trojan horse attacks,
2488 2513 +though it can be annoying when the
2489 2514 +.Pa /etc/ssh/ssh_known_hosts
2490 2515 +file is poorly maintained or when connections to new hosts are
2491 2516 +frequently made.
2492 2517 +This option forces the user to manually
2493 2518 +add all new hosts.
2494 2519 +If this flag is set to
2495 2520 +.Dq no ,
2496 2521 +ssh will automatically add new host keys to the
2497 2522 +user known hosts files.
2498 2523 +If this flag is set to
2499 2524 +.Dq ask ,
2500 2525 +new host keys
2501 2526 +will be added to the user known host files only after the user
2502 2527 +has confirmed that is what they really want to do, and
2503 2528 +ssh will refuse to connect to hosts whose host key has changed.
2504 2529 +The host keys of
2505 2530 +known hosts will be verified automatically in all cases.
2506 2531 +The argument must be
2507 2532 +.Dq yes ,
2508 2533 +.Dq no ,
2509 2534 +or
2510 2535 +.Dq ask .
2511 2536 +The default is
2512 2537 +.Dq ask .
2513 2538 +.It Cm TCPKeepAlive
2514 2539 +Specifies whether the system should send TCP keepalive messages to the
2515 2540 +other side.
2516 2541 +If they are sent, death of the connection or crash of one
2517 2542 +of the machines will be properly noticed.
2518 2543 +However, this means that
2519 2544 +connections will die if the route is down temporarily, and some people
2520 2545 +find it annoying.
2521 2546 +.Pp
2522 2547 +The default is
2523 2548 +.Dq yes
2524 2549 +(to send TCP keepalive messages), and the client will notice
2525 2550 +if the network goes down or the remote host dies.
2526 2551 +This is important in scripts, and many users want it too.
2527 2552 +.Pp
2528 2553 +To disable TCP keepalive messages, the value should be set to
2529 2554 +.Dq no .
2530 2555 +.It Cm Tunnel
2531 2556 +Request
2532 2557 +.Xr tun 4
2533 2558 +device forwarding between the client and the server.
2534 2559 +The argument must be
2535 2560 +.Dq yes ,
2536 2561 +.Dq point-to-point
2537 2562 +(layer 3),
2538 2563 +.Dq ethernet
2539 2564 +(layer 2),
2540 2565 +or
2541 2566 +.Dq no .
2542 2567 +Specifying
2543 2568 +.Dq yes
2544 2569 +requests the default tunnel mode, which is
2545 2570 +.Dq point-to-point .
2546 2571 +The default is
2547 2572 +.Dq no .
2548 2573 +.It Cm TunnelDevice
2549 2574 +Specifies the
2550 2575 +.Xr tun 4
2551 2576 +devices to open on the client
2552 2577 +.Pq Ar local_tun
2553 2578 +and the server
2554 2579 +.Pq Ar remote_tun .
2555 2580 +.Pp
2556 2581 +The argument must be
2557 2582 +.Sm off
2558 2583 +.Ar local_tun Op : Ar remote_tun .
2559 2584 +.Sm on
2560 2585 +The devices may be specified by numerical ID or the keyword
2561 2586 +.Dq any ,
2562 2587 +which uses the next available tunnel device.
2563 2588 +If
2564 2589 +.Ar remote_tun
2565 2590 +is not specified, it defaults to
2566 2591 +.Dq any .
2567 2592 +The default is
2568 2593 +.Dq any:any .
2569 2594 +.It Cm UpdateHostKeys
2570 2595 +Specifies whether
2571 2596 +.Xr ssh 1
2572 2597 +should accept notifications of additional hostkeys from the server sent
2573 2598 +after authentication has completed and add them to
2574 2599 +.Cm UserKnownHostsFile .
2575 2600 +The argument must be
2576 2601 +.Dq yes ,
2577 2602 +.Dq no
2578 2603 +(the default) or
2579 2604 +.Dq ask .
2580 2605 +Enabling this option allows learning alternate hostkeys for a server
2581 2606 +and supports graceful key rotation by allowing a server to send replacement
2582 2607 +public keys before old ones are removed.
2583 2608 +Additional hostkeys are only accepted if the key used to authenticate the
2584 2609 +host was already trusted or explicity accepted by the user.
2585 2610 +If
2586 2611 +.Cm UpdateHostKeys
2587 2612 +is set to
2588 2613 +.Dq ask ,
2589 2614 +then the user is asked to confirm the modifications to the known_hosts file.
2590 2615 +Confirmation is currently incompatible with
2591 2616 +.Cm ControlPersist ,
2592 2617 +and will be disabled if it is enabled.
2593 2618 +.Pp
2594 2619 +Presently, only
2595 2620 +.Xr sshd 8
2596 2621 +from OpenSSH 6.8 and greater support the
2597 2622 +.Dq hostkeys@openssh.com
2598 2623 +protocol extension used to inform the client of all the server's hostkeys.
2599 2624 +.It Cm UsePrivilegedPort
2600 2625 +Specifies whether to use a privileged port for outgoing connections.
2601 2626 +The argument must be
2602 2627 +.Dq yes
2603 2628 +or
2604 2629 +.Dq no .
2605 2630 +The default is
2606 2631 +.Dq no .
2607 2632 +If set to
2608 2633 +.Dq yes ,
2609 2634 +.Xr ssh 1
2610 2635 +must be setuid root.
2611 2636 +Note that this option must be set to
2612 2637 +.Dq yes
2613 2638 +for
2614 2639 +.Cm RhostsRSAAuthentication
2615 2640 +with older servers.
2616 2641 +.It Cm User
2617 2642 +Specifies the user to log in as.
2618 2643 +This can be useful when a different user name is used on different machines.
2619 2644 +This saves the trouble of
2620 2645 +having to remember to give the user name on the command line.
2621 2646 +.It Cm UserKnownHostsFile
2622 2647 +Specifies one or more files to use for the user
2623 2648 +host key database, separated by whitespace.
2624 2649 +The default is
2625 2650 +.Pa ~/.ssh/known_hosts ,
2626 2651 +.Pa ~/.ssh/known_hosts2 .
2627 2652 +.It Cm VerifyHostKeyDNS
2628 2653 +Specifies whether to verify the remote key using DNS and SSHFP resource
2629 2654 +records.
2630 2655 +If this option is set to
2631 2656 +.Dq yes ,
2632 2657 +the client will implicitly trust keys that match a secure fingerprint
2633 2658 +from DNS.
2634 2659 +Insecure fingerprints will be handled as if this option was set to
2635 2660 +.Dq ask .
2636 2661 +If this option is set to
2637 2662 +.Dq ask ,
2638 2663 +information on fingerprint match will be displayed, but the user will still
2639 2664 +need to confirm new host keys according to the
2640 2665 +.Cm StrictHostKeyChecking
2641 2666 +option.
2642 2667 +The argument must be
2643 2668 +.Dq yes ,
2644 2669 +.Dq no ,
2645 2670 +or
2646 2671 +.Dq ask .
2647 2672 +The default is
2648 2673 +.Dq no .
2649 2674 +Note that this option applies to protocol version 2 only.
2650 2675 +.Pp
2651 2676 +See also VERIFYING HOST KEYS in
2652 2677 +.Xr ssh 1 .
2653 2678 +.It Cm VisualHostKey
2654 2679 +If this flag is set to
2655 2680 +.Dq yes ,
2656 2681 +an ASCII art representation of the remote host key fingerprint is
2657 2682 +printed in addition to the fingerprint string at login and
2658 2683 +for unknown host keys.
2659 2684 +If this flag is set to
2660 2685 +.Dq no ,
2661 2686 +no fingerprint strings are printed at login and
2662 2687 +only the fingerprint string will be printed for unknown host keys.
2663 2688 +The default is
2664 2689 +.Dq no .
2665 2690 +.It Cm XAuthLocation
2666 2691 +Specifies the full pathname of the
2667 2692 +.Xr xauth 1
2668 2693 +program.
2669 2694 +The default is
2670 2695 +.Pa /usr/X11R6/bin/xauth .
2671 2696 +.El
2672 2697 +.Sh PATTERNS
2673 2698 +A
2674 2699 +.Em pattern
2675 2700 +consists of zero or more non-whitespace characters,
2676 2701 +.Sq *
2677 2702 +(a wildcard that matches zero or more characters),
2678 2703 +or
2679 2704 +.Sq ?\&
2680 2705 +(a wildcard that matches exactly one character).
2681 2706 +For example, to specify a set of declarations for any host in the
2682 2707 +.Dq .co.uk
2683 2708 +set of domains,
2684 2709 +the following pattern could be used:
2685 2710 +.Pp
2686 2711 +.Dl Host *.co.uk
2687 2712 +.Pp
2688 2713 +The following pattern
2689 2714 +would match any host in the 192.168.0.[0-9] network range:
2690 2715 +.Pp
2691 2716 +.Dl Host 192.168.0.?
2692 2717 +.Pp
2693 2718 +A
2694 2719 +.Em pattern-list
2695 2720 +is a comma-separated list of patterns.
2696 2721 +Patterns within pattern-lists may be negated
2697 2722 +by preceding them with an exclamation mark
2698 2723 +.Pq Sq !\& .
2699 2724 +For example,
2700 2725 +to allow a key to be used from anywhere within an organization
2701 2726 +except from the
2702 2727 +.Dq dialup
2703 2728 +pool,
2704 2729 +the following entry (in authorized_keys) could be used:
2705 2730 +.Pp
2706 2731 +.Dl from=\&"!*.dialup.example.com,*.example.com\&"
2707 2732 +.Sh FILES
2708 2733 +.Bl -tag -width Ds
2709 2734 +.It Pa ~/.ssh/config
2710 2735 +This is the per-user configuration file.
2711 2736 +The format of this file is described above.
2712 2737 +This file is used by the SSH client.
2713 2738 +Because of the potential for abuse, this file must have strict permissions:
2714 2739 +read/write for the user, and not accessible by others.
2715 2740 +.It Pa /etc/ssh/ssh_config
2716 2741 +Systemwide configuration file.
2717 2742 +This file provides defaults for those
2718 2743 +values that are not specified in the user's configuration file, and
2719 2744 +for those users who do not have a configuration file.
2720 2745 +This file must be world-readable.
2721 2746 +.El
2722 2747 +.Sh SEE ALSO
2723 2748 +.Xr ssh 1
2724 2749 +.Sh AUTHORS
2725 2750 +OpenSSH is a derivative of the original and free
2726 2751 +ssh 1.2.12 release by Tatu Ylonen.
2727 2752 +Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
2728 2753 +Theo de Raadt and Dug Song
2729 2754 +removed many bugs, re-added newer features and
2730 2755 +created OpenSSH.
2731 2756 +Markus Friedl contributed the support for SSH
2732 2757 +protocol versions 1.5 and 2.0.
2733 2758 diff --git a/ssh_config.5 b/ssh_config.5
2734 2759 deleted file mode 100644
2735 2760 index a47f3ca..0000000
2736 2761 --- a/ssh_config.5
2737 2762 +++ /dev/null
2738 2763 @@ -1,1726 +0,0 @@
2739 2764 -.\"
2740 2765 -.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
2741 2766 -.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
2742 2767 -.\" All rights reserved
2743 2768 -.\"
2744 2769 -.\" As far as I am concerned, the code I have written for this software
2745 2770 -.\" can be used freely for any purpose. Any derived versions of this
2746 2771 -.\" software must be clearly marked as such, and if the derived work is
2747 2772 -.\" incompatible with the protocol description in the RFC file, it must be
2748 2773 -.\" called by a name other than "ssh" or "Secure Shell".
2749 2774 -.\"
2750 2775 -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
2751 2776 -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
2752 2777 -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
2753 2778 -.\"
2754 2779 -.\" Redistribution and use in source and binary forms, with or without
2755 2780 -.\" modification, are permitted provided that the following conditions
2756 2781 -.\" are met:
2757 2782 -.\" 1. Redistributions of source code must retain the above copyright
2758 2783 -.\" notice, this list of conditions and the following disclaimer.
2759 2784 -.\" 2. Redistributions in binary form must reproduce the above copyright
2760 2785 -.\" notice, this list of conditions and the following disclaimer in the
2761 2786 -.\" documentation and/or other materials provided with the distribution.
2762 2787 -.\"
2763 2788 -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
2764 2789 -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
2765 2790 -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
2766 2791 -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
2767 2792 -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
2768 2793 -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
2769 2794 -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
2770 2795 -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
2771 2796 -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
2772 2797 -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
2773 2798 -.\"
2774 2799 -.\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $
2775 2800 -.Dd $Mdocdate: August 14 2015 $
2776 2801 -.Dt SSH_CONFIG 5
2777 2802 -.Os
2778 2803 -.Sh NAME
2779 2804 -.Nm ssh_config
2780 2805 -.Nd OpenSSH SSH client configuration files
2781 2806 -.Sh SYNOPSIS
2782 2807 -.Nm ~/.ssh/config
2783 2808 -.Nm /etc/ssh/ssh_config
2784 2809 -.Sh DESCRIPTION
2785 2810 -.Xr ssh 1
2786 2811 -obtains configuration data from the following sources in
2787 2812 -the following order:
2788 2813 -.Pp
2789 2814 -.Bl -enum -offset indent -compact
2790 2815 -.It
2791 2816 -command-line options
2792 2817 -.It
2793 2818 -user's configuration file
2794 2819 -.Pq Pa ~/.ssh/config
2795 2820 -.It
2796 2821 -system-wide configuration file
2797 2822 -.Pq Pa /etc/ssh/ssh_config
2798 2823 -.El
2799 2824 -.Pp
2800 2825 -For each parameter, the first obtained value
2801 2826 -will be used.
2802 2827 -The configuration files contain sections separated by
2803 2828 -.Dq Host
2804 2829 -specifications, and that section is only applied for hosts that
2805 2830 -match one of the patterns given in the specification.
2806 2831 -The matched host name is usually the one given on the command line
2807 2832 -(see the
2808 2833 -.Cm CanonicalizeHostname
2809 2834 -option for exceptions.)
2810 2835 -.Pp
2811 2836 -Since the first obtained value for each parameter is used, more
2812 2837 -host-specific declarations should be given near the beginning of the
2813 2838 -file, and general defaults at the end.
2814 2839 -.Pp
2815 2840 -The configuration file has the following format:
2816 2841 -.Pp
2817 2842 -Empty lines and lines starting with
2818 2843 -.Ql #
2819 2844 -are comments.
2820 2845 -Otherwise a line is of the format
2821 2846 -.Dq keyword arguments .
2822 2847 -Configuration options may be separated by whitespace or
2823 2848 -optional whitespace and exactly one
2824 2849 -.Ql = ;
2825 2850 -the latter format is useful to avoid the need to quote whitespace
2826 2851 -when specifying configuration options using the
2827 2852 -.Nm ssh ,
2828 2853 -.Nm scp ,
2829 2854 -and
2830 2855 -.Nm sftp
2831 2856 -.Fl o
2832 2857 -option.
2833 2858 -Arguments may optionally be enclosed in double quotes
2834 2859 -.Pq \&"
2835 2860 -in order to represent arguments containing spaces.
2836 2861 -.Pp
2837 2862 -The possible
2838 2863 -keywords and their meanings are as follows (note that
2839 2864 -keywords are case-insensitive and arguments are case-sensitive):
2840 2865 -.Bl -tag -width Ds
2841 2866 -.It Cm Host
2842 2867 -Restricts the following declarations (up to the next
2843 2868 -.Cm Host
2844 2869 -or
2845 2870 -.Cm Match
2846 2871 -keyword) to be only for those hosts that match one of the patterns
2847 2872 -given after the keyword.
2848 2873 -If more than one pattern is provided, they should be separated by whitespace.
2849 2874 -A single
2850 2875 -.Ql *
2851 2876 -as a pattern can be used to provide global
2852 2877 -defaults for all hosts.
2853 2878 -The host is usually the
2854 2879 -.Ar hostname
2855 2880 -argument given on the command line
2856 2881 -(see the
2857 2882 -.Cm CanonicalizeHostname
2858 2883 -option for exceptions.)
2859 2884 -.Pp
2860 2885 -A pattern entry may be negated by prefixing it with an exclamation mark
2861 2886 -.Pq Sq !\& .
2862 2887 -If a negated entry is matched, then the
2863 2888 -.Cm Host
2864 2889 -entry is ignored, regardless of whether any other patterns on the line
2865 2890 -match.
2866 2891 -Negated matches are therefore useful to provide exceptions for wildcard
2867 2892 -matches.
2868 2893 -.Pp
2869 2894 -See
2870 2895 -.Sx PATTERNS
2871 2896 -for more information on patterns.
2872 2897 -.It Cm Match
2873 2898 -Restricts the following declarations (up to the next
2874 2899 -.Cm Host
2875 2900 -or
2876 2901 -.Cm Match
2877 2902 -keyword) to be used only when the conditions following the
2878 2903 -.Cm Match
2879 2904 -keyword are satisfied.
2880 2905 -Match conditions are specified using one or more critera
2881 2906 -or the single token
2882 2907 -.Cm all
2883 2908 -which always matches.
2884 2909 -The available criteria keywords are:
2885 2910 -.Cm canonical ,
2886 2911 -.Cm exec ,
2887 2912 -.Cm host ,
2888 2913 -.Cm originalhost ,
2889 2914 -.Cm user ,
2890 2915 -and
2891 2916 -.Cm localuser .
2892 2917 -The
2893 2918 -.Cm all
2894 2919 -criteria must appear alone or immediately after
2895 2920 -.Cm canonical .
2896 2921 -Other criteria may be combined arbitrarily.
2897 2922 -All criteria but
2898 2923 -.Cm all
2899 2924 -and
2900 2925 -.Cm canonical
2901 2926 -require an argument.
2902 2927 -Criteria may be negated by prepending an exclamation mark
2903 2928 -.Pq Sq !\& .
2904 2929 -.Pp
2905 2930 -The
2906 2931 -.Cm canonical
2907 2932 -keyword matches only when the configuration file is being re-parsed
2908 2933 -after hostname canonicalization (see the
2909 2934 -.Cm CanonicalizeHostname
2910 2935 -option.)
2911 2936 -This may be useful to specify conditions that work with canonical host
2912 2937 -names only.
2913 2938 -The
2914 2939 -.Cm exec
2915 2940 -keyword executes the specified command under the user's shell.
2916 2941 -If the command returns a zero exit status then the condition is considered true.
2917 2942 -Commands containing whitespace characters must be quoted.
2918 2943 -The following character sequences in the command will be expanded prior to
2919 2944 -execution:
2920 2945 -.Ql %L
2921 2946 -will be substituted by the first component of the local host name,
2922 2947 -.Ql %l
2923 2948 -will be substituted by the local host name (including any domain name),
2924 2949 -.Ql %h
2925 2950 -will be substituted by the target host name,
2926 2951 -.Ql %n
2927 2952 -will be substituted by the original target host name
2928 2953 -specified on the command-line,
2929 2954 -.Ql %p
2930 2955 -the destination port,
2931 2956 -.Ql %r
2932 2957 -by the remote login username, and
2933 2958 -.Ql %u
2934 2959 -by the username of the user running
2935 2960 -.Xr ssh 1 .
2936 2961 -.Pp
2937 2962 -The other keywords' criteria must be single entries or comma-separated
2938 2963 -lists and may use the wildcard and negation operators described in the
2939 2964 -.Sx PATTERNS
2940 2965 -section.
2941 2966 -The criteria for the
2942 2967 -.Cm host
2943 2968 -keyword are matched against the target hostname, after any substitution
2944 2969 -by the
2945 2970 -.Cm Hostname
2946 2971 -or
2947 2972 -.Cm CanonicalizeHostname
2948 2973 -options.
2949 2974 -The
2950 2975 -.Cm originalhost
2951 2976 -keyword matches against the hostname as it was specified on the command-line.
2952 2977 -The
2953 2978 -.Cm user
2954 2979 -keyword matches against the target username on the remote host.
2955 2980 -The
2956 2981 -.Cm localuser
2957 2982 -keyword matches against the name of the local user running
2958 2983 -.Xr ssh 1
2959 2984 -(this keyword may be useful in system-wide
2960 2985 -.Nm
2961 2986 -files).
2962 2987 -.It Cm AddressFamily
2963 2988 -Specifies which address family to use when connecting.
2964 2989 -Valid arguments are
2965 2990 -.Dq any ,
2966 2991 -.Dq inet
2967 2992 -(use IPv4 only), or
2968 2993 -.Dq inet6
2969 2994 -(use IPv6 only).
2970 2995 -.It Cm BatchMode
2971 2996 -If set to
2972 2997 -.Dq yes ,
2973 2998 -passphrase/password querying will be disabled.
2974 2999 -This option is useful in scripts and other batch jobs where no user
2975 3000 -is present to supply the password.
2976 3001 -The argument must be
2977 3002 -.Dq yes
2978 3003 -or
2979 3004 -.Dq no .
2980 3005 -The default is
2981 3006 -.Dq no .
2982 3007 -.It Cm BindAddress
2983 3008 -Use the specified address on the local machine as the source address of
2984 3009 -the connection.
2985 3010 -Only useful on systems with more than one address.
2986 3011 -Note that this option does not work if
2987 3012 -.Cm UsePrivilegedPort
2988 3013 -is set to
2989 3014 -.Dq yes .
2990 3015 -.It Cm CanonicalDomains
2991 3016 -When
2992 3017 -.Cm CanonicalizeHostname
2993 3018 -is enabled, this option specifies the list of domain suffixes in which to
2994 3019 -search for the specified destination host.
2995 3020 -.It Cm CanonicalizeFallbackLocal
2996 3021 -Specifies whether to fail with an error when hostname canonicalization fails.
2997 3022 -The default,
2998 3023 -.Dq yes ,
2999 3024 -will attempt to look up the unqualified hostname using the system resolver's
3000 3025 -search rules.
3001 3026 -A value of
3002 3027 -.Dq no
3003 3028 -will cause
3004 3029 -.Xr ssh 1
3005 3030 -to fail instantly if
3006 3031 -.Cm CanonicalizeHostname
3007 3032 -is enabled and the target hostname cannot be found in any of the domains
3008 3033 -specified by
3009 3034 -.Cm CanonicalDomains .
3010 3035 -.It Cm CanonicalizeHostname
3011 3036 -Controls whether explicit hostname canonicalization is performed.
3012 3037 -The default,
3013 3038 -.Dq no ,
3014 3039 -is not to perform any name rewriting and let the system resolver handle all
3015 3040 -hostname lookups.
3016 3041 -If set to
3017 3042 -.Dq yes
3018 3043 -then, for connections that do not use a
3019 3044 -.Cm ProxyCommand ,
3020 3045 -.Xr ssh 1
3021 3046 -will attempt to canonicalize the hostname specified on the command line
3022 3047 -using the
3023 3048 -.Cm CanonicalDomains
3024 3049 -suffixes and
3025 3050 -.Cm CanonicalizePermittedCNAMEs
3026 3051 -rules.
3027 3052 -If
3028 3053 -.Cm CanonicalizeHostname
3029 3054 -is set to
3030 3055 -.Dq always ,
3031 3056 -then canonicalization is applied to proxied connections too.
3032 3057 -.Pp
3033 3058 -If this option is enabled, then the configuration files are processed
3034 3059 -again using the new target name to pick up any new configuration in matching
3035 3060 -.Cm Host
3036 3061 -and
3037 3062 -.Cm Match
3038 3063 -stanzas.
3039 3064 -.It Cm CanonicalizeMaxDots
3040 3065 -Specifies the maximum number of dot characters in a hostname before
3041 3066 -canonicalization is disabled.
3042 3067 -The default,
3043 3068 -.Dq 1 ,
3044 3069 -allows a single dot (i.e. hostname.subdomain).
3045 3070 -.It Cm CanonicalizePermittedCNAMEs
3046 3071 -Specifies rules to determine whether CNAMEs should be followed when
3047 3072 -canonicalizing hostnames.
3048 3073 -The rules consist of one or more arguments of
3049 3074 -.Ar source_domain_list : Ns Ar target_domain_list ,
3050 3075 -where
3051 3076 -.Ar source_domain_list
3052 3077 -is a pattern-list of domains that may follow CNAMEs in canonicalization,
3053 3078 -and
3054 3079 -.Ar target_domain_list
3055 3080 -is a pattern-list of domains that they may resolve to.
3056 3081 -.Pp
3057 3082 -For example,
3058 3083 -.Dq *.a.example.com:*.b.example.com,*.c.example.com
3059 3084 -will allow hostnames matching
3060 3085 -.Dq *.a.example.com
3061 3086 -to be canonicalized to names in the
3062 3087 -.Dq *.b.example.com
3063 3088 -or
3064 3089 -.Dq *.c.example.com
3065 3090 -domains.
3066 3091 -.It Cm ChallengeResponseAuthentication
3067 3092 -Specifies whether to use challenge-response authentication.
3068 3093 -The argument to this keyword must be
3069 3094 -.Dq yes
3070 3095 -or
3071 3096 -.Dq no .
3072 3097 -The default is
3073 3098 -.Dq yes .
3074 3099 -.It Cm CheckHostIP
3075 3100 -If this flag is set to
3076 3101 -.Dq yes ,
3077 3102 -.Xr ssh 1
3078 3103 -will additionally check the host IP address in the
3079 3104 -.Pa known_hosts
3080 3105 -file.
3081 3106 -This allows ssh to detect if a host key changed due to DNS spoofing
3082 3107 -and will add addresses of destination hosts to
3083 3108 -.Pa ~/.ssh/known_hosts
3084 3109 -in the process, regardless of the setting of
3085 3110 -.Cm StrictHostKeyChecking .
3086 3111 -If the option is set to
3087 3112 -.Dq no ,
3088 3113 -the check will not be executed.
3089 3114 -The default is
3090 3115 -.Dq yes .
3091 3116 -.It Cm Cipher
3092 3117 -Specifies the cipher to use for encrypting the session
3093 3118 -in protocol version 1.
3094 3119 -Currently,
3095 3120 -.Dq blowfish ,
3096 3121 -.Dq 3des ,
3097 3122 -and
3098 3123 -.Dq des
3099 3124 -are supported.
3100 3125 -.Ar des
3101 3126 -is only supported in the
3102 3127 -.Xr ssh 1
3103 3128 -client for interoperability with legacy protocol 1 implementations
3104 3129 -that do not support the
3105 3130 -.Ar 3des
3106 3131 -cipher.
3107 3132 -Its use is strongly discouraged due to cryptographic weaknesses.
3108 3133 -The default is
3109 3134 -.Dq 3des .
3110 3135 -.It Cm Ciphers
3111 3136 -Specifies the ciphers allowed for protocol version 2
3112 3137 -in order of preference.
3113 3138 -Multiple ciphers must be comma-separated.
3114 3139 -If the specified value begins with a
3115 3140 -.Sq +
3116 3141 -character, then the specified ciphers will be appended to the default set
3117 3142 -instead of replacing them.
3118 3143 -.Pp
3119 3144 -The supported ciphers are:
3120 3145 -.Pp
3121 3146 -.Bl -item -compact -offset indent
3122 3147 -.It
3123 3148 -3des-cbc
3124 3149 -.It
3125 3150 -aes128-cbc
3126 3151 -.It
3127 3152 -aes192-cbc
3128 3153 -.It
3129 3154 -aes256-cbc
3130 3155 -.It
3131 3156 -aes128-ctr
3132 3157 -.It
3133 3158 -aes192-ctr
3134 3159 -.It
3135 3160 -aes256-ctr
3136 3161 -.It
3137 3162 -aes128-gcm@openssh.com
3138 3163 -.It
3139 3164 -aes256-gcm@openssh.com
3140 3165 -.It
3141 3166 -arcfour
3142 3167 -.It
3143 3168 -arcfour128
3144 3169 -.It
3145 3170 -arcfour256
3146 3171 -.It
3147 3172 -blowfish-cbc
3148 3173 -.It
3149 3174 -cast128-cbc
3150 3175 -.It
3151 3176 -chacha20-poly1305@openssh.com
3152 3177 -.El
3153 3178 -.Pp
3154 3179 -The default is:
3155 3180 -.Bd -literal -offset indent
3156 3181 -chacha20-poly1305@openssh.com,
3157 3182 -aes128-ctr,aes192-ctr,aes256-ctr,
3158 3183 -aes128-gcm@openssh.com,aes256-gcm@openssh.com,
3159 3184 -arcfour256,arcfour128,
3160 3185 -aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,
3161 3186 -aes192-cbc,aes256-cbc,arcfour
3162 3187 -.Ed
3163 3188 -.Pp
3164 3189 -The list of available ciphers may also be obtained using the
3165 3190 -.Fl Q
3166 3191 -option of
3167 3192 -.Xr ssh 1
3168 3193 -with an argument of
3169 3194 -.Dq cipher .
3170 3195 -.It Cm ClearAllForwardings
3171 3196 -Specifies that all local, remote, and dynamic port forwardings
3172 3197 -specified in the configuration files or on the command line be
3173 3198 -cleared.
3174 3199 -This option is primarily useful when used from the
3175 3200 -.Xr ssh 1
3176 3201 -command line to clear port forwardings set in
3177 3202 -configuration files, and is automatically set by
3178 3203 -.Xr scp 1
3179 3204 -and
3180 3205 -.Xr sftp 1 .
3181 3206 -The argument must be
3182 3207 -.Dq yes
3183 3208 -or
3184 3209 -.Dq no .
3185 3210 -The default is
3186 3211 -.Dq no .
3187 3212 -.It Cm Compression
3188 3213 -Specifies whether to use compression.
3189 3214 -The argument must be
3190 3215 -.Dq yes
3191 3216 -or
3192 3217 -.Dq no .
3193 3218 -The default is
3194 3219 -.Dq no .
3195 3220 -.It Cm CompressionLevel
3196 3221 -Specifies the compression level to use if compression is enabled.
3197 3222 -The argument must be an integer from 1 (fast) to 9 (slow, best).
3198 3223 -The default level is 6, which is good for most applications.
3199 3224 -The meaning of the values is the same as in
3200 3225 -.Xr gzip 1 .
3201 3226 -Note that this option applies to protocol version 1 only.
3202 3227 -.It Cm ConnectionAttempts
3203 3228 -Specifies the number of tries (one per second) to make before exiting.
3204 3229 -The argument must be an integer.
3205 3230 -This may be useful in scripts if the connection sometimes fails.
3206 3231 -The default is 1.
3207 3232 -.It Cm ConnectTimeout
3208 3233 -Specifies the timeout (in seconds) used when connecting to the
3209 3234 -SSH server, instead of using the default system TCP timeout.
3210 3235 -This value is used only when the target is down or really unreachable,
3211 3236 -not when it refuses the connection.
3212 3237 -.It Cm ControlMaster
3213 3238 -Enables the sharing of multiple sessions over a single network connection.
3214 3239 -When set to
3215 3240 -.Dq yes ,
3216 3241 -.Xr ssh 1
3217 3242 -will listen for connections on a control socket specified using the
3218 3243 -.Cm ControlPath
3219 3244 -argument.
3220 3245 -Additional sessions can connect to this socket using the same
3221 3246 -.Cm ControlPath
3222 3247 -with
3223 3248 -.Cm ControlMaster
3224 3249 -set to
3225 3250 -.Dq no
3226 3251 -(the default).
3227 3252 -These sessions will try to reuse the master instance's network connection
3228 3253 -rather than initiating new ones, but will fall back to connecting normally
3229 3254 -if the control socket does not exist, or is not listening.
3230 3255 -.Pp
3231 3256 -Setting this to
3232 3257 -.Dq ask
3233 3258 -will cause ssh
3234 3259 -to listen for control connections, but require confirmation using
3235 3260 -.Xr ssh-askpass 1 .
3236 3261 -If the
3237 3262 -.Cm ControlPath
3238 3263 -cannot be opened,
3239 3264 -ssh will continue without connecting to a master instance.
3240 3265 -.Pp
3241 3266 -X11 and
3242 3267 -.Xr ssh-agent 1
3243 3268 -forwarding is supported over these multiplexed connections, however the
3244 3269 -display and agent forwarded will be the one belonging to the master
3245 3270 -connection i.e. it is not possible to forward multiple displays or agents.
3246 3271 -.Pp
3247 3272 -Two additional options allow for opportunistic multiplexing: try to use a
3248 3273 -master connection but fall back to creating a new one if one does not already
3249 3274 -exist.
3250 3275 -These options are:
3251 3276 -.Dq auto
3252 3277 -and
3253 3278 -.Dq autoask .
3254 3279 -The latter requires confirmation like the
3255 3280 -.Dq ask
3256 3281 -option.
3257 3282 -.It Cm ControlPath
3258 3283 -Specify the path to the control socket used for connection sharing as described
3259 3284 -in the
3260 3285 -.Cm ControlMaster
3261 3286 -section above or the string
3262 3287 -.Dq none
3263 3288 -to disable connection sharing.
3264 3289 -In the path,
3265 3290 -.Ql %L
3266 3291 -will be substituted by the first component of the local host name,
3267 3292 -.Ql %l
3268 3293 -will be substituted by the local host name (including any domain name),
3269 3294 -.Ql %h
3270 3295 -will be substituted by the target host name,
3271 3296 -.Ql %n
3272 3297 -will be substituted by the original target host name
3273 3298 -specified on the command line,
3274 3299 -.Ql %p
3275 3300 -the destination port,
3276 3301 -.Ql %r
3277 3302 -by the remote login username,
3278 3303 -.Ql %u
3279 3304 -by the username of the user running
3280 3305 -.Xr ssh 1 , and
3281 3306 -.Ql \&%C
3282 3307 -by a hash of the concatenation: %l%h%p%r.
3283 3308 -It is recommended that any
3284 3309 -.Cm ControlPath
3285 3310 -used for opportunistic connection sharing include
3286 3311 -at least %h, %p, and %r (or alternatively %C) and be placed in a directory
3287 3312 -that is not writable by other users.
3288 3313 -This ensures that shared connections are uniquely identified.
3289 3314 -.It Cm ControlPersist
3290 3315 -When used in conjunction with
3291 3316 -.Cm ControlMaster ,
3292 3317 -specifies that the master connection should remain open
3293 3318 -in the background (waiting for future client connections)
3294 3319 -after the initial client connection has been closed.
3295 3320 -If set to
3296 3321 -.Dq no ,
3297 3322 -then the master connection will not be placed into the background,
3298 3323 -and will close as soon as the initial client connection is closed.
3299 3324 -If set to
3300 3325 -.Dq yes
3301 3326 -or
3302 3327 -.Dq 0 ,
3303 3328 -then the master connection will remain in the background indefinitely
3304 3329 -(until killed or closed via a mechanism such as the
3305 3330 -.Xr ssh 1
3306 3331 -.Dq Fl O No exit
3307 3332 -option).
3308 3333 -If set to a time in seconds, or a time in any of the formats documented in
3309 3334 -.Xr sshd_config 5 ,
3310 3335 -then the backgrounded master connection will automatically terminate
3311 3336 -after it has remained idle (with no client connections) for the
3312 3337 -specified time.
3313 3338 -.It Cm DynamicForward
3314 3339 -Specifies that a TCP port on the local machine be forwarded
3315 3340 -over the secure channel, and the application
3316 3341 -protocol is then used to determine where to connect to from the
3317 3342 -remote machine.
3318 3343 -.Pp
3319 3344 -The argument must be
3320 3345 -.Sm off
3321 3346 -.Oo Ar bind_address : Oc Ar port .
3322 3347 -.Sm on
3323 3348 -IPv6 addresses can be specified by enclosing addresses in square brackets.
3324 3349 -By default, the local port is bound in accordance with the
3325 3350 -.Cm GatewayPorts
3326 3351 -setting.
3327 3352 -However, an explicit
3328 3353 -.Ar bind_address
3329 3354 -may be used to bind the connection to a specific address.
3330 3355 -The
3331 3356 -.Ar bind_address
3332 3357 -of
3333 3358 -.Dq localhost
3334 3359 -indicates that the listening port be bound for local use only, while an
3335 3360 -empty address or
3336 3361 -.Sq *
3337 3362 -indicates that the port should be available from all interfaces.
3338 3363 -.Pp
3339 3364 -Currently the SOCKS4 and SOCKS5 protocols are supported, and
3340 3365 -.Xr ssh 1
3341 3366 -will act as a SOCKS server.
3342 3367 -Multiple forwardings may be specified, and
3343 3368 -additional forwardings can be given on the command line.
3344 3369 -Only the superuser can forward privileged ports.
3345 3370 -.It Cm EnableSSHKeysign
3346 3371 -Setting this option to
3347 3372 -.Dq yes
3348 3373 -in the global client configuration file
3349 3374 -.Pa /etc/ssh/ssh_config
3350 3375 -enables the use of the helper program
3351 3376 -.Xr ssh-keysign 8
3352 3377 -during
3353 3378 -.Cm HostbasedAuthentication .
3354 3379 -The argument must be
3355 3380 -.Dq yes
3356 3381 -or
3357 3382 -.Dq no .
3358 3383 -The default is
3359 3384 -.Dq no .
3360 3385 -This option should be placed in the non-hostspecific section.
3361 3386 -See
3362 3387 -.Xr ssh-keysign 8
3363 3388 -for more information.
3364 3389 -.It Cm EscapeChar
3365 3390 -Sets the escape character (default:
3366 3391 -.Ql ~ ) .
3367 3392 -The escape character can also
3368 3393 -be set on the command line.
3369 3394 -The argument should be a single character,
3370 3395 -.Ql ^
3371 3396 -followed by a letter, or
3372 3397 -.Dq none
3373 3398 -to disable the escape
3374 3399 -character entirely (making the connection transparent for binary
3375 3400 -data).
3376 3401 -.It Cm ExitOnForwardFailure
3377 3402 -Specifies whether
3378 3403 -.Xr ssh 1
3379 3404 -should terminate the connection if it cannot set up all requested
3380 3405 -dynamic, tunnel, local, and remote port forwardings.
3381 3406 -The argument must be
3382 3407 -.Dq yes
3383 3408 -or
3384 3409 -.Dq no .
3385 3410 -The default is
3386 3411 -.Dq no .
3387 3412 -.It Cm FingerprintHash
3388 3413 -Specifies the hash algorithm used when displaying key fingerprints.
3389 3414 -Valid options are:
3390 3415 -.Dq md5
3391 3416 -and
3392 3417 -.Dq sha256 .
3393 3418 -The default is
3394 3419 -.Dq sha256 .
3395 3420 -.It Cm ForwardAgent
3396 3421 -Specifies whether the connection to the authentication agent (if any)
3397 3422 -will be forwarded to the remote machine.
3398 3423 -The argument must be
3399 3424 -.Dq yes
3400 3425 -or
3401 3426 -.Dq no .
3402 3427 -The default is
3403 3428 -.Dq no .
3404 3429 -.Pp
3405 3430 -Agent forwarding should be enabled with caution.
3406 3431 -Users with the ability to bypass file permissions on the remote host
3407 3432 -(for the agent's Unix-domain socket)
3408 3433 -can access the local agent through the forwarded connection.
3409 3434 -An attacker cannot obtain key material from the agent,
3410 3435 -however they can perform operations on the keys that enable them to
3411 3436 -authenticate using the identities loaded into the agent.
3412 3437 -.It Cm ForwardX11
3413 3438 -Specifies whether X11 connections will be automatically redirected
3414 3439 -over the secure channel and
3415 3440 -.Ev DISPLAY
3416 3441 -set.
3417 3442 -The argument must be
3418 3443 -.Dq yes
3419 3444 -or
3420 3445 -.Dq no .
3421 3446 -The default is
3422 3447 -.Dq no .
3423 3448 -.Pp
3424 3449 -X11 forwarding should be enabled with caution.
3425 3450 -Users with the ability to bypass file permissions on the remote host
3426 3451 -(for the user's X11 authorization database)
3427 3452 -can access the local X11 display through the forwarded connection.
3428 3453 -An attacker may then be able to perform activities such as keystroke monitoring
3429 3454 -if the
3430 3455 -.Cm ForwardX11Trusted
3431 3456 -option is also enabled.
3432 3457 -.It Cm ForwardX11Timeout
3433 3458 -Specify a timeout for untrusted X11 forwarding
3434 3459 -using the format described in the
3435 3460 -TIME FORMATS section of
3436 3461 -.Xr sshd_config 5 .
3437 3462 -X11 connections received by
3438 3463 -.Xr ssh 1
3439 3464 -after this time will be refused.
3440 3465 -The default is to disable untrusted X11 forwarding after twenty minutes has
3441 3466 -elapsed.
3442 3467 -.It Cm ForwardX11Trusted
3443 3468 -If this option is set to
3444 3469 -.Dq yes ,
3445 3470 -remote X11 clients will have full access to the original X11 display.
3446 3471 -.Pp
3447 3472 -If this option is set to
3448 3473 -.Dq no ,
3449 3474 -remote X11 clients will be considered untrusted and prevented
3450 3475 -from stealing or tampering with data belonging to trusted X11
3451 3476 -clients.
3452 3477 -Furthermore, the
3453 3478 -.Xr xauth 1
3454 3479 -token used for the session will be set to expire after 20 minutes.
3455 3480 -Remote clients will be refused access after this time.
3456 3481 -.Pp
3457 3482 -The default is
3458 3483 -.Dq no .
3459 3484 -.Pp
3460 3485 -See the X11 SECURITY extension specification for full details on
3461 3486 -the restrictions imposed on untrusted clients.
3462 3487 -.It Cm GatewayPorts
3463 3488 -Specifies whether remote hosts are allowed to connect to local
3464 3489 -forwarded ports.
3465 3490 -By default,
3466 3491 -.Xr ssh 1
3467 3492 -binds local port forwardings to the loopback address.
3468 3493 -This prevents other remote hosts from connecting to forwarded ports.
3469 3494 -.Cm GatewayPorts
3470 3495 -can be used to specify that ssh
3471 3496 -should bind local port forwardings to the wildcard address,
3472 3497 -thus allowing remote hosts to connect to forwarded ports.
3473 3498 -The argument must be
3474 3499 -.Dq yes
3475 3500 -or
3476 3501 -.Dq no .
3477 3502 -The default is
3478 3503 -.Dq no .
3479 3504 -.It Cm GlobalKnownHostsFile
3480 3505 -Specifies one or more files to use for the global
3481 3506 -host key database, separated by whitespace.
3482 3507 -The default is
3483 3508 -.Pa /etc/ssh/ssh_known_hosts ,
3484 3509 -.Pa /etc/ssh/ssh_known_hosts2 .
3485 3510 -.It Cm GSSAPIAuthentication
3486 3511 -Specifies whether user authentication based on GSSAPI is allowed.
3487 3512 -The default is
3488 3513 -.Dq no .
3489 3514 -Note that this option applies to protocol version 2 only.
3490 3515 -.It Cm GSSAPIDelegateCredentials
3491 3516 -Forward (delegate) credentials to the server.
3492 3517 -The default is
3493 3518 -.Dq no .
3494 3519 -Note that this option applies to protocol version 2 only.
3495 3520 -.It Cm HashKnownHosts
3496 3521 -Indicates that
3497 3522 -.Xr ssh 1
3498 3523 -should hash host names and addresses when they are added to
3499 3524 -.Pa ~/.ssh/known_hosts .
3500 3525 -These hashed names may be used normally by
3501 3526 -.Xr ssh 1
3502 3527 -and
3503 3528 -.Xr sshd 8 ,
3504 3529 -but they do not reveal identifying information should the file's contents
3505 3530 -be disclosed.
3506 3531 -The default is
3507 3532 -.Dq no .
3508 3533 -Note that existing names and addresses in known hosts files
3509 3534 -will not be converted automatically,
3510 3535 -but may be manually hashed using
3511 3536 -.Xr ssh-keygen 1 .
3512 3537 -.It Cm HostbasedAuthentication
3513 3538 -Specifies whether to try rhosts based authentication with public key
3514 3539 -authentication.
3515 3540 -The argument must be
3516 3541 -.Dq yes
3517 3542 -or
3518 3543 -.Dq no .
3519 3544 -The default is
3520 3545 -.Dq no .
3521 3546 -This option applies to protocol version 2 only and
3522 3547 -is similar to
3523 3548 -.Cm RhostsRSAAuthentication .
3524 3549 -.It Cm HostbasedKeyTypes
3525 3550 -Specifies the key types that will be used for hostbased authentication
3526 3551 -as a comma-separated pattern list.
3527 3552 -Alternately if the specified value begins with a
3528 3553 -.Sq +
3529 3554 -character, then the specified key types will be appended to the default set
3530 3555 -instead of replacing them.
3531 3556 -The default for this option is:
3532 3557 -.Bd -literal -offset 3n
3533 3558 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
3534 3559 -ecdsa-sha2-nistp384-cert-v01@openssh.com,
3535 3560 -ecdsa-sha2-nistp521-cert-v01@openssh.com,
3536 3561 -ssh-ed25519-cert-v01@openssh.com,
3537 3562 -ssh-rsa-cert-v01@openssh.com,
3538 3563 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
3539 3564 -ssh-ed25519,ssh-rsa
3540 3565 -.Ed
3541 3566 -.Pp
3542 3567 -The
3543 3568 -.Fl Q
3544 3569 -option of
3545 3570 -.Xr ssh 1
3546 3571 -may be used to list supported key types.
3547 3572 -.It Cm HostKeyAlgorithms
3548 3573 -Specifies the protocol version 2 host key algorithms
3549 3574 -that the client wants to use in order of preference.
3550 3575 -Alternately if the specified value begins with a
3551 3576 -.Sq +
3552 3577 -character, then the specified key types will be appended to the default set
3553 3578 -instead of replacing them.
3554 3579 -The default for this option is:
3555 3580 -.Bd -literal -offset 3n
3556 3581 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
3557 3582 -ecdsa-sha2-nistp384-cert-v01@openssh.com,
3558 3583 -ecdsa-sha2-nistp521-cert-v01@openssh.com,
3559 3584 -ssh-ed25519-cert-v01@openssh.com,
3560 3585 -ssh-rsa-cert-v01@openssh.com,
3561 3586 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
3562 3587 -ssh-ed25519,ssh-rsa
3563 3588 -.Ed
3564 3589 -.Pp
3565 3590 -If hostkeys are known for the destination host then this default is modified
3566 3591 -to prefer their algorithms.
3567 3592 -.Pp
3568 3593 -The list of available key types may also be obtained using the
3569 3594 -.Fl Q
3570 3595 -option of
3571 3596 -.Xr ssh 1
3572 3597 -with an argument of
3573 3598 -.Dq key .
3574 3599 -.It Cm HostKeyAlias
3575 3600 -Specifies an alias that should be used instead of the
3576 3601 -real host name when looking up or saving the host key
3577 3602 -in the host key database files.
3578 3603 -This option is useful for tunneling SSH connections
3579 3604 -or for multiple servers running on a single host.
3580 3605 -.It Cm HostName
3581 3606 -Specifies the real host name to log into.
3582 3607 -This can be used to specify nicknames or abbreviations for hosts.
3583 3608 -If the hostname contains the character sequence
3584 3609 -.Ql %h ,
3585 3610 -then this will be replaced with the host name specified on the command line
3586 3611 -(this is useful for manipulating unqualified names).
3587 3612 -The character sequence
3588 3613 -.Ql %%
3589 3614 -will be replaced by a single
3590 3615 -.Ql %
3591 3616 -character, which may be used when specifying IPv6 link-local addresses.
3592 3617 -.Pp
3593 3618 -The default is the name given on the command line.
3594 3619 -Numeric IP addresses are also permitted (both on the command line and in
3595 3620 -.Cm HostName
3596 3621 -specifications).
3597 3622 -.It Cm IdentitiesOnly
3598 3623 -Specifies that
3599 3624 -.Xr ssh 1
3600 3625 -should only use the authentication identity files configured in the
3601 3626 -.Nm
3602 3627 -files,
3603 3628 -even if
3604 3629 -.Xr ssh-agent 1
3605 3630 -or a
3606 3631 -.Cm PKCS11Provider
3607 3632 -offers more identities.
3608 3633 -The argument to this keyword must be
3609 3634 -.Dq yes
3610 3635 -or
3611 3636 -.Dq no .
3612 3637 -This option is intended for situations where ssh-agent
3613 3638 -offers many different identities.
3614 3639 -The default is
3615 3640 -.Dq no .
3616 3641 -.It Cm IdentityFile
3617 3642 -Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication
3618 3643 -identity is read.
3619 3644 -The default is
3620 3645 -.Pa ~/.ssh/identity
3621 3646 -for protocol version 1, and
3622 3647 -.Pa ~/.ssh/id_dsa ,
3623 3648 -.Pa ~/.ssh/id_ecdsa ,
3624 3649 -.Pa ~/.ssh/id_ed25519
3625 3650 -and
3626 3651 -.Pa ~/.ssh/id_rsa
3627 3652 -for protocol version 2.
3628 3653 -Additionally, any identities represented by the authentication agent
3629 3654 -will be used for authentication unless
3630 3655 -.Cm IdentitiesOnly
3631 3656 -is set.
3632 3657 -.Xr ssh 1
3633 3658 -will try to load certificate information from the filename obtained by
3634 3659 -appending
3635 3660 -.Pa -cert.pub
3636 3661 -to the path of a specified
3637 3662 -.Cm IdentityFile .
3638 3663 -.Pp
3639 3664 -The file name may use the tilde
3640 3665 -syntax to refer to a user's home directory or one of the following
3641 3666 -escape characters:
3642 3667 -.Ql %d
3643 3668 -(local user's home directory),
3644 3669 -.Ql %u
3645 3670 -(local user name),
3646 3671 -.Ql %l
3647 3672 -(local host name),
3648 3673 -.Ql %h
3649 3674 -(remote host name) or
3650 3675 -.Ql %r
3651 3676 -(remote user name).
3652 3677 -.Pp
3653 3678 -It is possible to have
3654 3679 -multiple identity files specified in configuration files; all these
3655 3680 -identities will be tried in sequence.
3656 3681 -Multiple
3657 3682 -.Cm IdentityFile
3658 3683 -directives will add to the list of identities tried (this behaviour
3659 3684 -differs from that of other configuration directives).
3660 3685 -.Pp
3661 3686 -.Cm IdentityFile
3662 3687 -may be used in conjunction with
3663 3688 -.Cm IdentitiesOnly
3664 3689 -to select which identities in an agent are offered during authentication.
3665 3690 -.It Cm IgnoreUnknown
3666 3691 -Specifies a pattern-list of unknown options to be ignored if they are
3667 3692 -encountered in configuration parsing.
3668 3693 -This may be used to suppress errors if
3669 3694 -.Nm
3670 3695 -contains options that are unrecognised by
3671 3696 -.Xr ssh 1 .
3672 3697 -It is recommended that
3673 3698 -.Cm IgnoreUnknown
3674 3699 -be listed early in the configuration file as it will not be applied
3675 3700 -to unknown options that appear before it.
3676 3701 -.It Cm IPQoS
3677 3702 -Specifies the IPv4 type-of-service or DSCP class for connections.
3678 3703 -Accepted values are
3679 3704 -.Dq af11 ,
3680 3705 -.Dq af12 ,
3681 3706 -.Dq af13 ,
3682 3707 -.Dq af21 ,
3683 3708 -.Dq af22 ,
3684 3709 -.Dq af23 ,
3685 3710 -.Dq af31 ,
3686 3711 -.Dq af32 ,
3687 3712 -.Dq af33 ,
3688 3713 -.Dq af41 ,
3689 3714 -.Dq af42 ,
3690 3715 -.Dq af43 ,
3691 3716 -.Dq cs0 ,
3692 3717 -.Dq cs1 ,
3693 3718 -.Dq cs2 ,
3694 3719 -.Dq cs3 ,
3695 3720 -.Dq cs4 ,
3696 3721 -.Dq cs5 ,
3697 3722 -.Dq cs6 ,
3698 3723 -.Dq cs7 ,
3699 3724 -.Dq ef ,
3700 3725 -.Dq lowdelay ,
3701 3726 -.Dq throughput ,
3702 3727 -.Dq reliability ,
3703 3728 -or a numeric value.
3704 3729 -This option may take one or two arguments, separated by whitespace.
3705 3730 -If one argument is specified, it is used as the packet class unconditionally.
3706 3731 -If two values are specified, the first is automatically selected for
3707 3732 -interactive sessions and the second for non-interactive sessions.
3708 3733 -The default is
3709 3734 -.Dq lowdelay
3710 3735 -for interactive sessions and
3711 3736 -.Dq throughput
3712 3737 -for non-interactive sessions.
3713 3738 -.It Cm KbdInteractiveAuthentication
3714 3739 -Specifies whether to use keyboard-interactive authentication.
3715 3740 -The argument to this keyword must be
3716 3741 -.Dq yes
3717 3742 -or
3718 3743 -.Dq no .
3719 3744 -The default is
3720 3745 -.Dq yes .
3721 3746 -.It Cm KbdInteractiveDevices
3722 3747 -Specifies the list of methods to use in keyboard-interactive authentication.
3723 3748 -Multiple method names must be comma-separated.
3724 3749 -The default is to use the server specified list.
3725 3750 -The methods available vary depending on what the server supports.
3726 3751 -For an OpenSSH server,
3727 3752 -it may be zero or more of:
3728 3753 -.Dq bsdauth ,
3729 3754 -.Dq pam ,
3730 3755 -and
3731 3756 -.Dq skey .
3732 3757 -.It Cm KexAlgorithms
3733 3758 -Specifies the available KEX (Key Exchange) algorithms.
3734 3759 -Multiple algorithms must be comma-separated.
3735 3760 -Alternately if the specified value begins with a
3736 3761 -.Sq +
3737 3762 -character, then the specified methods will be appended to the default set
3738 3763 -instead of replacing them.
3739 3764 -The default is:
3740 3765 -.Bd -literal -offset indent
3741 3766 -curve25519-sha256@libssh.org,
3742 3767 -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
3743 3768 -diffie-hellman-group-exchange-sha256,
3744 3769 -diffie-hellman-group-exchange-sha1,
3745 3770 -diffie-hellman-group14-sha1
3746 3771 -.Ed
3747 3772 -.Pp
3748 3773 -The list of available key exchange algorithms may also be obtained using the
3749 3774 -.Fl Q
3750 3775 -option of
3751 3776 -.Xr ssh 1
3752 3777 -with an argument of
3753 3778 -.Dq kex .
3754 3779 -.It Cm LocalCommand
3755 3780 -Specifies a command to execute on the local machine after successfully
3756 3781 -connecting to the server.
3757 3782 -The command string extends to the end of the line, and is executed with
3758 3783 -the user's shell.
3759 3784 -The following escape character substitutions will be performed:
3760 3785 -.Ql %d
3761 3786 -(local user's home directory),
3762 3787 -.Ql %h
3763 3788 -(remote host name),
3764 3789 -.Ql %l
3765 3790 -(local host name),
3766 3791 -.Ql %n
3767 3792 -(host name as provided on the command line),
3768 3793 -.Ql %p
3769 3794 -(remote port),
3770 3795 -.Ql %r
3771 3796 -(remote user name) or
3772 3797 -.Ql %u
3773 3798 -(local user name) or
3774 3799 -.Ql \&%C
3775 3800 -by a hash of the concatenation: %l%h%p%r.
3776 3801 -.Pp
3777 3802 -The command is run synchronously and does not have access to the
3778 3803 -session of the
3779 3804 -.Xr ssh 1
3780 3805 -that spawned it.
3781 3806 -It should not be used for interactive commands.
3782 3807 -.Pp
3783 3808 -This directive is ignored unless
3784 3809 -.Cm PermitLocalCommand
3785 3810 -has been enabled.
3786 3811 -.It Cm LocalForward
3787 3812 -Specifies that a TCP port on the local machine be forwarded over
3788 3813 -the secure channel to the specified host and port from the remote machine.
3789 3814 -The first argument must be
3790 3815 -.Sm off
3791 3816 -.Oo Ar bind_address : Oc Ar port
3792 3817 -.Sm on
3793 3818 -and the second argument must be
3794 3819 -.Ar host : Ns Ar hostport .
3795 3820 -IPv6 addresses can be specified by enclosing addresses in square brackets.
3796 3821 -Multiple forwardings may be specified, and additional forwardings can be
3797 3822 -given on the command line.
3798 3823 -Only the superuser can forward privileged ports.
3799 3824 -By default, the local port is bound in accordance with the
3800 3825 -.Cm GatewayPorts
3801 3826 -setting.
3802 3827 -However, an explicit
3803 3828 -.Ar bind_address
3804 3829 -may be used to bind the connection to a specific address.
3805 3830 -The
3806 3831 -.Ar bind_address
3807 3832 -of
3808 3833 -.Dq localhost
3809 3834 -indicates that the listening port be bound for local use only, while an
3810 3835 -empty address or
3811 3836 -.Sq *
3812 3837 -indicates that the port should be available from all interfaces.
3813 3838 -.It Cm LogLevel
3814 3839 -Gives the verbosity level that is used when logging messages from
3815 3840 -.Xr ssh 1 .
3816 3841 -The possible values are:
3817 3842 -QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
3818 3843 -The default is INFO.
3819 3844 -DEBUG and DEBUG1 are equivalent.
3820 3845 -DEBUG2 and DEBUG3 each specify higher levels of verbose output.
3821 3846 -.It Cm MACs
3822 3847 -Specifies the MAC (message authentication code) algorithms
3823 3848 -in order of preference.
3824 3849 -The MAC algorithm is used in protocol version 2
3825 3850 -for data integrity protection.
3826 3851 -Multiple algorithms must be comma-separated.
3827 3852 -If the specified value begins with a
3828 3853 -.Sq +
3829 3854 -character, then the specified algorithms will be appended to the default set
3830 3855 -instead of replacing them.
3831 3856 -.Pp
3832 3857 -The algorithms that contain
3833 3858 -.Dq -etm
3834 3859 -calculate the MAC after encryption (encrypt-then-mac).
3835 3860 -These are considered safer and their use recommended.
3836 3861 -.Pp
3837 3862 -The default is:
3838 3863 -.Bd -literal -offset indent
3839 3864 -umac-64-etm@openssh.com,umac-128-etm@openssh.com,
3840 3865 -hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
3841 3866 -umac-64@openssh.com,umac-128@openssh.com,
3842 3867 -hmac-sha2-256,hmac-sha2-512,
3843 3868 -hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,
3844 3869 -hmac-ripemd160-etm@openssh.com,
3845 3870 -hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,
3846 3871 -hmac-md5,hmac-sha1,hmac-ripemd160,
3847 3872 -hmac-sha1-96,hmac-md5-96
3848 3873 -.Ed
3849 3874 -.Pp
3850 3875 -The list of available MAC algorithms may also be obtained using the
3851 3876 -.Fl Q
3852 3877 -option of
3853 3878 -.Xr ssh 1
3854 3879 -with an argument of
3855 3880 -.Dq mac .
3856 3881 -.It Cm NoHostAuthenticationForLocalhost
3857 3882 -This option can be used if the home directory is shared across machines.
3858 3883 -In this case localhost will refer to a different machine on each of
3859 3884 -the machines and the user will get many warnings about changed host keys.
3860 3885 -However, this option disables host authentication for localhost.
3861 3886 -The argument to this keyword must be
3862 3887 -.Dq yes
3863 3888 -or
3864 3889 -.Dq no .
3865 3890 -The default is to check the host key for localhost.
3866 3891 -.It Cm NumberOfPasswordPrompts
3867 3892 -Specifies the number of password prompts before giving up.
3868 3893 -The argument to this keyword must be an integer.
3869 3894 -The default is 3.
3870 3895 -.It Cm PasswordAuthentication
3871 3896 -Specifies whether to use password authentication.
3872 3897 -The argument to this keyword must be
3873 3898 -.Dq yes
3874 3899 -or
3875 3900 -.Dq no .
3876 3901 -The default is
3877 3902 -.Dq yes .
3878 3903 -.It Cm PermitLocalCommand
3879 3904 -Allow local command execution via the
3880 3905 -.Ic LocalCommand
3881 3906 -option or using the
3882 3907 -.Ic !\& Ns Ar command
3883 3908 -escape sequence in
3884 3909 -.Xr ssh 1 .
3885 3910 -The argument must be
3886 3911 -.Dq yes
3887 3912 -or
3888 3913 -.Dq no .
3889 3914 -The default is
3890 3915 -.Dq no .
3891 3916 -.It Cm PKCS11Provider
3892 3917 -Specifies which PKCS#11 provider to use.
3893 3918 -The argument to this keyword is the PKCS#11 shared library
3894 3919 -.Xr ssh 1
3895 3920 -should use to communicate with a PKCS#11 token providing the user's
3896 3921 -private RSA key.
3897 3922 -.It Cm Port
3898 3923 -Specifies the port number to connect on the remote host.
3899 3924 -The default is 22.
3900 3925 -.It Cm PreferredAuthentications
3901 3926 -Specifies the order in which the client should try protocol 2
3902 3927 -authentication methods.
3903 3928 -This allows a client to prefer one method (e.g.\&
3904 3929 -.Cm keyboard-interactive )
3905 3930 -over another method (e.g.\&
3906 3931 -.Cm password ) .
3907 3932 -The default is:
3908 3933 -.Bd -literal -offset indent
3909 3934 -gssapi-with-mic,hostbased,publickey,
3910 3935 -keyboard-interactive,password
3911 3936 -.Ed
3912 3937 -.It Cm Protocol
3913 3938 -Specifies the protocol versions
3914 3939 -.Xr ssh 1
3915 3940 -should support in order of preference.
3916 3941 -The possible values are
3917 3942 -.Sq 1
3918 3943 -and
3919 3944 -.Sq 2 .
3920 3945 -Multiple versions must be comma-separated.
3921 3946 -When this option is set to
3922 3947 -.Dq 2,1
3923 3948 -.Nm ssh
3924 3949 -will try version 2 and fall back to version 1
3925 3950 -if version 2 is not available.
3926 3951 -The default is
3927 3952 -.Sq 2 .
3928 3953 -.It Cm ProxyCommand
3929 3954 -Specifies the command to use to connect to the server.
3930 3955 -The command
3931 3956 -string extends to the end of the line, and is executed
3932 3957 -using the user's shell
3933 3958 -.Ql exec
3934 3959 -directive to avoid a lingering shell process.
3935 3960 -.Pp
3936 3961 -In the command string, any occurrence of
3937 3962 -.Ql %h
3938 3963 -will be substituted by the host name to
3939 3964 -connect,
3940 3965 -.Ql %p
3941 3966 -by the port, and
3942 3967 -.Ql %r
3943 3968 -by the remote user name.
3944 3969 -The command can be basically anything,
3945 3970 -and should read from its standard input and write to its standard output.
3946 3971 -It should eventually connect an
3947 3972 -.Xr sshd 8
3948 3973 -server running on some machine, or execute
3949 3974 -.Ic sshd -i
3950 3975 -somewhere.
3951 3976 -Host key management will be done using the
3952 3977 -HostName of the host being connected (defaulting to the name typed by
3953 3978 -the user).
3954 3979 -Setting the command to
3955 3980 -.Dq none
3956 3981 -disables this option entirely.
3957 3982 -Note that
3958 3983 -.Cm CheckHostIP
3959 3984 -is not available for connects with a proxy command.
3960 3985 -.Pp
3961 3986 -This directive is useful in conjunction with
3962 3987 -.Xr nc 1
3963 3988 -and its proxy support.
3964 3989 -For example, the following directive would connect via an HTTP proxy at
3965 3990 -192.0.2.0:
3966 3991 -.Bd -literal -offset 3n
3967 3992 -ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
3968 3993 -.Ed
3969 3994 -.It Cm ProxyUseFdpass
3970 3995 -Specifies that
3971 3996 -.Cm ProxyCommand
3972 3997 -will pass a connected file descriptor back to
3973 3998 -.Xr ssh 1
3974 3999 -instead of continuing to execute and pass data.
3975 4000 -The default is
3976 4001 -.Dq no .
3977 4002 -.It Cm PubkeyAcceptedKeyTypes
3978 4003 -Specifies the key types that will be used for public key authentication
3979 4004 -as a comma-separated pattern list.
3980 4005 -Alternately if the specified value begins with a
3981 4006 -.Sq +
3982 4007 -character, then the key types after it will be appended to the default
3983 4008 -instead of replacing it.
3984 4009 -The default for this option is:
3985 4010 -.Bd -literal -offset 3n
3986 4011 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
3987 4012 -ecdsa-sha2-nistp384-cert-v01@openssh.com,
3988 4013 -ecdsa-sha2-nistp521-cert-v01@openssh.com,
3989 4014 -ssh-ed25519-cert-v01@openssh.com,
3990 4015 -ssh-rsa-cert-v01@openssh.com,
3991 4016 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
3992 4017 -ssh-ed25519,ssh-rsa
3993 4018 -.Ed
3994 4019 -.Pp
3995 4020 -The
3996 4021 -.Fl Q
3997 4022 -option of
3998 4023 -.Xr ssh 1
3999 4024 -may be used to list supported key types.
4000 4025 -.It Cm PubkeyAuthentication
4001 4026 -Specifies whether to try public key authentication.
4002 4027 -The argument to this keyword must be
4003 4028 -.Dq yes
4004 4029 -or
4005 4030 -.Dq no .
4006 4031 -The default is
4007 4032 -.Dq yes .
4008 4033 -This option applies to protocol version 2 only.
4009 4034 -.It Cm RekeyLimit
4010 4035 -Specifies the maximum amount of data that may be transmitted before the
4011 4036 -session key is renegotiated, optionally followed a maximum amount of
4012 4037 -time that may pass before the session key is renegotiated.
4013 4038 -The first argument is specified in bytes and may have a suffix of
4014 4039 -.Sq K ,
4015 4040 -.Sq M ,
4016 4041 -or
4017 4042 -.Sq G
4018 4043 -to indicate Kilobytes, Megabytes, or Gigabytes, respectively.
4019 4044 -The default is between
4020 4045 -.Sq 1G
4021 4046 -and
4022 4047 -.Sq 4G ,
4023 4048 -depending on the cipher.
4024 4049 -The optional second value is specified in seconds and may use any of the
4025 4050 -units documented in the
4026 4051 -TIME FORMATS section of
4027 4052 -.Xr sshd_config 5 .
4028 4053 -The default value for
4029 4054 -.Cm RekeyLimit
4030 4055 -is
4031 4056 -.Dq default none ,
4032 4057 -which means that rekeying is performed after the cipher's default amount
4033 4058 -of data has been sent or received and no time based rekeying is done.
4034 4059 -This option applies to protocol version 2 only.
4035 4060 -.It Cm RemoteForward
4036 4061 -Specifies that a TCP port on the remote machine be forwarded over
4037 4062 -the secure channel to the specified host and port from the local machine.
4038 4063 -The first argument must be
4039 4064 -.Sm off
4040 4065 -.Oo Ar bind_address : Oc Ar port
4041 4066 -.Sm on
4042 4067 -and the second argument must be
4043 4068 -.Ar host : Ns Ar hostport .
4044 4069 -IPv6 addresses can be specified by enclosing addresses in square brackets.
4045 4070 -Multiple forwardings may be specified, and additional
4046 4071 -forwardings can be given on the command line.
4047 4072 -Privileged ports can be forwarded only when
4048 4073 -logging in as root on the remote machine.
4049 4074 -.Pp
4050 4075 -If the
4051 4076 -.Ar port
4052 4077 -argument is
4053 4078 -.Ql 0 ,
4054 4079 -the listen port will be dynamically allocated on the server and reported
4055 4080 -to the client at run time.
4056 4081 -.Pp
4057 4082 -If the
4058 4083 -.Ar bind_address
4059 4084 -is not specified, the default is to only bind to loopback addresses.
4060 4085 -If the
4061 4086 -.Ar bind_address
4062 4087 -is
4063 4088 -.Ql *
4064 4089 -or an empty string, then the forwarding is requested to listen on all
4065 4090 -interfaces.
4066 4091 -Specifying a remote
4067 4092 -.Ar bind_address
4068 4093 -will only succeed if the server's
4069 4094 -.Cm GatewayPorts
4070 4095 -option is enabled (see
4071 4096 -.Xr sshd_config 5 ) .
4072 4097 -.It Cm RequestTTY
4073 4098 -Specifies whether to request a pseudo-tty for the session.
4074 4099 -The argument may be one of:
4075 4100 -.Dq no
4076 4101 -(never request a TTY),
4077 4102 -.Dq yes
4078 4103 -(always request a TTY when standard input is a TTY),
4079 4104 -.Dq force
4080 4105 -(always request a TTY) or
4081 4106 -.Dq auto
4082 4107 -(request a TTY when opening a login session).
4083 4108 -This option mirrors the
4084 4109 -.Fl t
4085 4110 -and
4086 4111 -.Fl T
4087 4112 -flags for
4088 4113 -.Xr ssh 1 .
4089 4114 -.It Cm RevokedHostKeys
4090 4115 -Specifies revoked host public keys.
4091 4116 -Keys listed in this file will be refused for host authentication.
4092 4117 -Note that if this file does not exist or is not readable,
4093 4118 -then host authentication will be refused for all hosts.
4094 4119 -Keys may be specified as a text file, listing one public key per line, or as
4095 4120 -an OpenSSH Key Revocation List (KRL) as generated by
4096 4121 -.Xr ssh-keygen 1 .
4097 4122 -For more information on KRLs, see the KEY REVOCATION LISTS section in
4098 4123 -.Xr ssh-keygen 1 .
4099 4124 -.It Cm RhostsRSAAuthentication
4100 4125 -Specifies whether to try rhosts based authentication with RSA host
4101 4126 -authentication.
4102 4127 -The argument must be
4103 4128 -.Dq yes
4104 4129 -or
4105 4130 -.Dq no .
4106 4131 -The default is
4107 4132 -.Dq no .
4108 4133 -This option applies to protocol version 1 only and requires
4109 4134 -.Xr ssh 1
4110 4135 -to be setuid root.
4111 4136 -.It Cm RSAAuthentication
4112 4137 -Specifies whether to try RSA authentication.
4113 4138 -The argument to this keyword must be
4114 4139 -.Dq yes
4115 4140 -or
4116 4141 -.Dq no .
4117 4142 -RSA authentication will only be
4118 4143 -attempted if the identity file exists, or an authentication agent is
4119 4144 -running.
4120 4145 -The default is
4121 4146 -.Dq yes .
4122 4147 -Note that this option applies to protocol version 1 only.
4123 4148 -.It Cm SendEnv
4124 4149 -Specifies what variables from the local
4125 4150 -.Xr environ 7
4126 4151 -should be sent to the server.
4127 4152 -Note that environment passing is only supported for protocol 2.
4128 4153 -The server must also support it, and the server must be configured to
4129 4154 -accept these environment variables.
4130 4155 -Note that the
4131 4156 -.Ev TERM
4132 4157 -environment variable is always sent whenever a
4133 4158 -pseudo-terminal is requested as it is required by the protocol.
4134 4159 -Refer to
4135 4160 -.Cm AcceptEnv
4136 4161 -in
4137 4162 -.Xr sshd_config 5
4138 4163 -for how to configure the server.
4139 4164 -Variables are specified by name, which may contain wildcard characters.
4140 4165 -Multiple environment variables may be separated by whitespace or spread
4141 4166 -across multiple
4142 4167 -.Cm SendEnv
4143 4168 -directives.
4144 4169 -The default is not to send any environment variables.
4145 4170 -.Pp
4146 4171 -See
4147 4172 -.Sx PATTERNS
4148 4173 -for more information on patterns.
4149 4174 -.It Cm ServerAliveCountMax
4150 4175 -Sets the number of server alive messages (see below) which may be
4151 4176 -sent without
4152 4177 -.Xr ssh 1
4153 4178 -receiving any messages back from the server.
4154 4179 -If this threshold is reached while server alive messages are being sent,
4155 4180 -ssh will disconnect from the server, terminating the session.
4156 4181 -It is important to note that the use of server alive messages is very
4157 4182 -different from
4158 4183 -.Cm TCPKeepAlive
4159 4184 -(below).
4160 4185 -The server alive messages are sent through the encrypted channel
4161 4186 -and therefore will not be spoofable.
4162 4187 -The TCP keepalive option enabled by
4163 4188 -.Cm TCPKeepAlive
4164 4189 -is spoofable.
4165 4190 -The server alive mechanism is valuable when the client or
4166 4191 -server depend on knowing when a connection has become inactive.
4167 4192 -.Pp
4168 4193 -The default value is 3.
4169 4194 -If, for example,
4170 4195 -.Cm ServerAliveInterval
4171 4196 -(see below) is set to 15 and
4172 4197 -.Cm ServerAliveCountMax
4173 4198 -is left at the default, if the server becomes unresponsive,
4174 4199 -ssh will disconnect after approximately 45 seconds.
4175 4200 -This option applies to protocol version 2 only.
4176 4201 -.It Cm ServerAliveInterval
4177 4202 -Sets a timeout interval in seconds after which if no data has been received
4178 4203 -from the server,
4179 4204 -.Xr ssh 1
4180 4205 -will send a message through the encrypted
4181 4206 -channel to request a response from the server.
4182 4207 -The default
4183 4208 -is 0, indicating that these messages will not be sent to the server.
4184 4209 -This option applies to protocol version 2 only.
4185 4210 -.It Cm StreamLocalBindMask
4186 4211 -Sets the octal file creation mode mask
4187 4212 -.Pq umask
4188 4213 -used when creating a Unix-domain socket file for local or remote
4189 4214 -port forwarding.
4190 4215 -This option is only used for port forwarding to a Unix-domain socket file.
4191 4216 -.Pp
4192 4217 -The default value is 0177, which creates a Unix-domain socket file that is
4193 4218 -readable and writable only by the owner.
4194 4219 -Note that not all operating systems honor the file mode on Unix-domain
4195 4220 -socket files.
4196 4221 -.It Cm StreamLocalBindUnlink
4197 4222 -Specifies whether to remove an existing Unix-domain socket file for local
4198 4223 -or remote port forwarding before creating a new one.
4199 4224 -If the socket file already exists and
4200 4225 -.Cm StreamLocalBindUnlink
4201 4226 -is not enabled,
4202 4227 -.Nm ssh
4203 4228 -will be unable to forward the port to the Unix-domain socket file.
4204 4229 -This option is only used for port forwarding to a Unix-domain socket file.
4205 4230 -.Pp
4206 4231 -The argument must be
4207 4232 -.Dq yes
4208 4233 -or
4209 4234 -.Dq no .
4210 4235 -The default is
4211 4236 -.Dq no .
4212 4237 -.It Cm StrictHostKeyChecking
4213 4238 -If this flag is set to
4214 4239 -.Dq yes ,
4215 4240 -.Xr ssh 1
4216 4241 -will never automatically add host keys to the
4217 4242 -.Pa ~/.ssh/known_hosts
4218 4243 -file, and refuses to connect to hosts whose host key has changed.
4219 4244 -This provides maximum protection against trojan horse attacks,
4220 4245 -though it can be annoying when the
4221 4246 -.Pa /etc/ssh/ssh_known_hosts
4222 4247 -file is poorly maintained or when connections to new hosts are
4223 4248 -frequently made.
4224 4249 -This option forces the user to manually
4225 4250 -add all new hosts.
4226 4251 -If this flag is set to
4227 4252 -.Dq no ,
4228 4253 -ssh will automatically add new host keys to the
4229 4254 -user known hosts files.
4230 4255 -If this flag is set to
4231 4256 -.Dq ask ,
4232 4257 -new host keys
4233 4258 -will be added to the user known host files only after the user
4234 4259 -has confirmed that is what they really want to do, and
4235 4260 -ssh will refuse to connect to hosts whose host key has changed.
4236 4261 -The host keys of
4237 4262 -known hosts will be verified automatically in all cases.
4238 4263 -The argument must be
4239 4264 -.Dq yes ,
4240 4265 -.Dq no ,
4241 4266 -or
4242 4267 -.Dq ask .
4243 4268 -The default is
4244 4269 -.Dq ask .
4245 4270 -.It Cm TCPKeepAlive
4246 4271 -Specifies whether the system should send TCP keepalive messages to the
4247 4272 -other side.
4248 4273 -If they are sent, death of the connection or crash of one
4249 4274 -of the machines will be properly noticed.
4250 4275 -However, this means that
4251 4276 -connections will die if the route is down temporarily, and some people
4252 4277 -find it annoying.
4253 4278 -.Pp
4254 4279 -The default is
4255 4280 -.Dq yes
4256 4281 -(to send TCP keepalive messages), and the client will notice
4257 4282 -if the network goes down or the remote host dies.
4258 4283 -This is important in scripts, and many users want it too.
4259 4284 -.Pp
4260 4285 -To disable TCP keepalive messages, the value should be set to
4261 4286 -.Dq no .
4262 4287 -.It Cm Tunnel
4263 4288 -Request
4264 4289 -.Xr tun 4
4265 4290 -device forwarding between the client and the server.
4266 4291 -The argument must be
4267 4292 -.Dq yes ,
4268 4293 -.Dq point-to-point
4269 4294 -(layer 3),
4270 4295 -.Dq ethernet
4271 4296 -(layer 2),
4272 4297 -or
4273 4298 -.Dq no .
4274 4299 -Specifying
4275 4300 -.Dq yes
4276 4301 -requests the default tunnel mode, which is
4277 4302 -.Dq point-to-point .
4278 4303 -The default is
4279 4304 -.Dq no .
4280 4305 -.It Cm TunnelDevice
4281 4306 -Specifies the
4282 4307 -.Xr tun 4
4283 4308 -devices to open on the client
4284 4309 -.Pq Ar local_tun
4285 4310 -and the server
4286 4311 -.Pq Ar remote_tun .
4287 4312 -.Pp
4288 4313 -The argument must be
4289 4314 -.Sm off
4290 4315 -.Ar local_tun Op : Ar remote_tun .
4291 4316 -.Sm on
4292 4317 -The devices may be specified by numerical ID or the keyword
4293 4318 -.Dq any ,
4294 4319 -which uses the next available tunnel device.
4295 4320 -If
4296 4321 -.Ar remote_tun
4297 4322 -is not specified, it defaults to
4298 4323 -.Dq any .
4299 4324 -The default is
4300 4325 -.Dq any:any .
4301 4326 -.It Cm UpdateHostKeys
4302 4327 -Specifies whether
4303 4328 -.Xr ssh 1
4304 4329 -should accept notifications of additional hostkeys from the server sent
4305 4330 -after authentication has completed and add them to
4306 4331 -.Cm UserKnownHostsFile .
4307 4332 -The argument must be
4308 4333 -.Dq yes ,
4309 4334 -.Dq no
4310 4335 -(the default) or
4311 4336 -.Dq ask .
4312 4337 -Enabling this option allows learning alternate hostkeys for a server
4313 4338 -and supports graceful key rotation by allowing a server to send replacement
4314 4339 -public keys before old ones are removed.
4315 4340 -Additional hostkeys are only accepted if the key used to authenticate the
4316 4341 -host was already trusted or explicity accepted by the user.
4317 4342 -If
4318 4343 -.Cm UpdateHostKeys
4319 4344 -is set to
4320 4345 -.Dq ask ,
4321 4346 -then the user is asked to confirm the modifications to the known_hosts file.
4322 4347 -Confirmation is currently incompatible with
4323 4348 -.Cm ControlPersist ,
4324 4349 -and will be disabled if it is enabled.
4325 4350 -.Pp
4326 4351 -Presently, only
4327 4352 -.Xr sshd 8
4328 4353 -from OpenSSH 6.8 and greater support the
4329 4354 -.Dq hostkeys@openssh.com
4330 4355 -protocol extension used to inform the client of all the server's hostkeys.
4331 4356 -.It Cm UsePrivilegedPort
4332 4357 -Specifies whether to use a privileged port for outgoing connections.
4333 4358 -The argument must be
4334 4359 -.Dq yes
4335 4360 -or
4336 4361 -.Dq no .
4337 4362 -The default is
4338 4363 -.Dq no .
4339 4364 -If set to
4340 4365 -.Dq yes ,
4341 4366 -.Xr ssh 1
4342 4367 -must be setuid root.
4343 4368 -Note that this option must be set to
4344 4369 -.Dq yes
4345 4370 -for
4346 4371 -.Cm RhostsRSAAuthentication
4347 4372 -with older servers.
4348 4373 -.It Cm User
4349 4374 -Specifies the user to log in as.
4350 4375 -This can be useful when a different user name is used on different machines.
4351 4376 -This saves the trouble of
4352 4377 -having to remember to give the user name on the command line.
4353 4378 -.It Cm UserKnownHostsFile
4354 4379 -Specifies one or more files to use for the user
4355 4380 -host key database, separated by whitespace.
4356 4381 -The default is
4357 4382 -.Pa ~/.ssh/known_hosts ,
4358 4383 -.Pa ~/.ssh/known_hosts2 .
4359 4384 -.It Cm VerifyHostKeyDNS
4360 4385 -Specifies whether to verify the remote key using DNS and SSHFP resource
4361 4386 -records.
4362 4387 -If this option is set to
4363 4388 -.Dq yes ,
4364 4389 -the client will implicitly trust keys that match a secure fingerprint
4365 4390 -from DNS.
4366 4391 -Insecure fingerprints will be handled as if this option was set to
4367 4392 -.Dq ask .
4368 4393 -If this option is set to
4369 4394 -.Dq ask ,
4370 4395 -information on fingerprint match will be displayed, but the user will still
4371 4396 -need to confirm new host keys according to the
4372 4397 -.Cm StrictHostKeyChecking
4373 4398 -option.
4374 4399 -The argument must be
4375 4400 -.Dq yes ,
4376 4401 -.Dq no ,
4377 4402 -or
4378 4403 -.Dq ask .
4379 4404 -The default is
4380 4405 -.Dq no .
4381 4406 -Note that this option applies to protocol version 2 only.
4382 4407 -.Pp
4383 4408 -See also VERIFYING HOST KEYS in
4384 4409 -.Xr ssh 1 .
4385 4410 -.It Cm VisualHostKey
4386 4411 -If this flag is set to
4387 4412 -.Dq yes ,
4388 4413 -an ASCII art representation of the remote host key fingerprint is
4389 4414 -printed in addition to the fingerprint string at login and
4390 4415 -for unknown host keys.
4391 4416 -If this flag is set to
4392 4417 -.Dq no ,
4393 4418 -no fingerprint strings are printed at login and
4394 4419 -only the fingerprint string will be printed for unknown host keys.
4395 4420 -The default is
4396 4421 -.Dq no .
4397 4422 -.It Cm XAuthLocation
4398 4423 -Specifies the full pathname of the
4399 4424 -.Xr xauth 1
4400 4425 -program.
4401 4426 -The default is
4402 4427 -.Pa /usr/X11R6/bin/xauth .
4403 4428 -.El
4404 4429 -.Sh PATTERNS
4405 4430 -A
4406 4431 -.Em pattern
4407 4432 -consists of zero or more non-whitespace characters,
4408 4433 -.Sq *
4409 4434 -(a wildcard that matches zero or more characters),
4410 4435 -or
4411 4436 -.Sq ?\&
4412 4437 -(a wildcard that matches exactly one character).
4413 4438 -For example, to specify a set of declarations for any host in the
4414 4439 -.Dq .co.uk
4415 4440 -set of domains,
4416 4441 -the following pattern could be used:
4417 4442 -.Pp
4418 4443 -.Dl Host *.co.uk
4419 4444 -.Pp
4420 4445 -The following pattern
4421 4446 -would match any host in the 192.168.0.[0-9] network range:
4422 4447 -.Pp
4423 4448 -.Dl Host 192.168.0.?
4424 4449 -.Pp
4425 4450 -A
4426 4451 -.Em pattern-list
4427 4452 -is a comma-separated list of patterns.
4428 4453 -Patterns within pattern-lists may be negated
4429 4454 -by preceding them with an exclamation mark
4430 4455 -.Pq Sq !\& .
4431 4456 -For example,
4432 4457 -to allow a key to be used from anywhere within an organization
4433 4458 -except from the
4434 4459 -.Dq dialup
4435 4460 -pool,
4436 4461 -the following entry (in authorized_keys) could be used:
4437 4462 -.Pp
4438 4463 -.Dl from=\&"!*.dialup.example.com,*.example.com\&"
4439 4464 -.Sh FILES
4440 4465 -.Bl -tag -width Ds
4441 4466 -.It Pa ~/.ssh/config
4442 4467 -This is the per-user configuration file.
4443 4468 -The format of this file is described above.
4444 4469 -This file is used by the SSH client.
4445 4470 -Because of the potential for abuse, this file must have strict permissions:
4446 4471 -read/write for the user, and not accessible by others.
4447 4472 -.It Pa /etc/ssh/ssh_config
4448 4473 -Systemwide configuration file.
4449 4474 -This file provides defaults for those
4450 4475 -values that are not specified in the user's configuration file, and
4451 4476 -for those users who do not have a configuration file.
4452 4477 -This file must be world-readable.
4453 4478 -.El
4454 4479 -.Sh SEE ALSO
4455 4480 -.Xr ssh 1
4456 4481 -.Sh AUTHORS
|
↓ open down ↓ |
3742 lines elided |
↑ open up ↑ |
4457 4482 -OpenSSH is a derivative of the original and free
4458 4483 -ssh 1.2.12 release by Tatu Ylonen.
4459 4484 -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
4460 4485 -Theo de Raadt and Dug Song
4461 4486 -removed many bugs, re-added newer features and
4462 4487 -created OpenSSH.
4463 4488 -Markus Friedl contributed the support for SSH
4464 4489 -protocol versions 1.5 and 2.0.
4465 4490 diff --git a/sshd.1m b/sshd.1m
4466 4491 new file mode 100644
4467 -index 0000000..967a753
4492 +index 0000000..ada4f25
4468 4493 --- /dev/null
4469 4494 +++ b/sshd.1m
4470 4495 @@ -0,0 +1,971 @@
4471 4496 +.\"
4472 4497 +.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4473 4498 +.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4474 4499 +.\" All rights reserved
4475 4500 +.\"
4476 4501 +.\" As far as I am concerned, the code I have written for this software
4477 4502 +.\" can be used freely for any purpose. Any derived versions of this
4478 4503 +.\" software must be clearly marked as such, and if the derived work is
4479 4504 +.\" incompatible with the protocol description in the RFC file, it must be
4480 4505 +.\" called by a name other than "ssh" or "Secure Shell".
4481 4506 +.\"
4482 4507 +.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
4483 4508 +.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
4484 4509 +.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
4485 4510 +.\"
4486 4511 +.\" Redistribution and use in source and binary forms, with or without
4487 4512 +.\" modification, are permitted provided that the following conditions
4488 4513 +.\" are met:
4489 4514 +.\" 1. Redistributions of source code must retain the above copyright
4490 4515 +.\" notice, this list of conditions and the following disclaimer.
4491 4516 +.\" 2. Redistributions in binary form must reproduce the above copyright
4492 4517 +.\" notice, this list of conditions and the following disclaimer in the
4493 4518 +.\" documentation and/or other materials provided with the distribution.
4494 4519 +.\"
4495 4520 +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
4496 4521 +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
4497 4522 +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
4498 4523 +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
4499 4524 +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
4500 4525 +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
4501 4526 +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
4502 4527 +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
4503 4528 +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
4504 4529 +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
4505 4530 +.\"
4506 4531 +.\" $OpenBSD: sshd.8,v 1.280 2015/07/03 03:49:45 djm Exp $
4507 4532 +.Dd $Mdocdate: July 3 2015 $
4508 4533 +.Dt SSHD 1M
4509 4534 +.Os
4510 4535 +.Sh NAME
4511 4536 +.Nm sshd
4512 4537 +.Nd OpenSSH SSH daemon
4513 4538 +.Sh SYNOPSIS
4514 4539 +.Nm sshd
4515 4540 +.Bk -words
4516 4541 +.Op Fl 46DdeiqTt
4517 4542 +.Op Fl b Ar bits
4518 4543 +.Op Fl C Ar connection_spec
4519 4544 +.Op Fl c Ar host_certificate_file
4520 4545 +.Op Fl E Ar log_file
4521 4546 +.Op Fl f Ar config_file
4522 4547 +.Op Fl g Ar login_grace_time
4523 4548 +.Op Fl h Ar host_key_file
4524 4549 +.Op Fl k Ar key_gen_time
4525 4550 +.Op Fl o Ar option
4526 4551 +.Op Fl p Ar port
4527 4552 +.Op Fl u Ar len
4528 4553 +.Ek
|
↓ open down ↓ |
51 lines elided |
↑ open up ↑ |
4529 4554 +.Sh DESCRIPTION
4530 4555 +.Nm
4531 4556 +(OpenSSH Daemon) is the daemon program for
4532 4557 +.Xr ssh 1 .
4533 4558 +Together these programs replace rlogin and rsh,
4534 4559 +and provide secure encrypted communications between two untrusted hosts
4535 4560 +over an insecure network.
4536 4561 +.Pp
4537 4562 +.Nm
4538 4563 +listens for connections from clients.
4539 -+It is normally started at boot from
4540 -+.Pa /etc/rc .
4564 ++It is normally started at boot by
4565 ++.Xr smf 5 .
4541 4566 +It forks a new
4542 4567 +daemon for each incoming connection.
4543 4568 +The forked daemons handle
4544 4569 +key exchange, encryption, authentication, command execution,
4545 4570 +and data exchange.
4546 4571 +.Pp
4547 4572 +.Nm
4548 4573 +can be configured using command-line options or a configuration file
4549 4574 +(by default
4550 4575 +.Xr sshd_config 4 ) ;
4551 4576 +command-line options override values specified in the
4552 4577 +configuration file.
4553 4578 +.Nm
4554 4579 +rereads its configuration file when it receives a hangup signal,
4555 4580 +.Dv SIGHUP ,
4556 4581 +by executing itself with the name and options it was started with, e.g.\&
4557 4582 +.Pa /usr/sbin/sshd .
4558 4583 +.Pp
4559 4584 +The options are as follows:
4560 4585 +.Bl -tag -width Ds
4561 4586 +.It Fl 4
4562 4587 +Forces
4563 4588 +.Nm
4564 4589 +to use IPv4 addresses only.
4565 4590 +.It Fl 6
4566 4591 +Forces
4567 4592 +.Nm
4568 4593 +to use IPv6 addresses only.
4569 4594 +.It Fl b Ar bits
4570 4595 +Specifies the number of bits in the ephemeral protocol version 1
4571 4596 +server key (default 1024).
4572 4597 +.It Fl C Ar connection_spec
4573 4598 +Specify the connection parameters to use for the
4574 4599 +.Fl T
4575 4600 +extended test mode.
4576 4601 +If provided, any
4577 4602 +.Cm Match
4578 4603 +directives in the configuration file
4579 4604 +that would apply to the specified user, host, and address will be set before
4580 4605 +the configuration is written to standard output.
4581 4606 +The connection parameters are supplied as keyword=value pairs.
4582 4607 +The keywords are
4583 4608 +.Dq user ,
4584 4609 +.Dq host ,
4585 4610 +.Dq laddr ,
4586 4611 +.Dq lport ,
4587 4612 +and
4588 4613 +.Dq addr .
4589 4614 +All are required and may be supplied in any order, either with multiple
4590 4615 +.Fl C
4591 4616 +options or as a comma-separated list.
4592 4617 +.It Fl c Ar host_certificate_file
4593 4618 +Specifies a path to a certificate file to identify
4594 4619 +.Nm
4595 4620 +during key exchange.
4596 4621 +The certificate file must match a host key file specified using the
4597 4622 +.Fl h
4598 4623 +option or the
4599 4624 +.Cm HostKey
4600 4625 +configuration directive.
4601 4626 +.It Fl D
4602 4627 +When this option is specified,
4603 4628 +.Nm
4604 4629 +will not detach and does not become a daemon.
4605 4630 +This allows easy monitoring of
4606 4631 +.Nm sshd .
4607 4632 +.It Fl d
4608 4633 +Debug mode.
4609 4634 +The server sends verbose debug output to standard error,
4610 4635 +and does not put itself in the background.
4611 4636 +The server also will not fork and will only process one connection.
4612 4637 +This option is only intended for debugging for the server.
4613 4638 +Multiple
4614 4639 +.Fl d
4615 4640 +options increase the debugging level.
4616 4641 +Maximum is 3.
4617 4642 +.It Fl E Ar log_file
4618 4643 +Append debug logs to
4619 4644 +.Ar log_file
4620 4645 +instead of the system log.
4621 4646 +.It Fl e
4622 4647 +Write debug logs to standard error instead of the system log.
4623 4648 +.It Fl f Ar config_file
4624 4649 +Specifies the name of the configuration file.
4625 4650 +The default is
4626 4651 +.Pa /etc/ssh/sshd_config .
4627 4652 +.Nm
4628 4653 +refuses to start if there is no configuration file.
4629 4654 +.It Fl g Ar login_grace_time
4630 4655 +Gives the grace time for clients to authenticate themselves (default
4631 4656 +120 seconds).
4632 4657 +If the client fails to authenticate the user within
4633 4658 +this many seconds, the server disconnects and exits.
4634 4659 +A value of zero indicates no limit.
4635 4660 +.It Fl h Ar host_key_file
4636 4661 +Specifies a file from which a host key is read.
4637 4662 +This option must be given if
4638 4663 +.Nm
4639 4664 +is not run as root (as the normal
4640 4665 +host key files are normally not readable by anyone but root).
4641 4666 +The default is
4642 4667 +.Pa /etc/ssh/ssh_host_key
4643 4668 +for protocol version 1, and
4644 4669 +.Pa /etc/ssh/ssh_host_dsa_key ,
4645 4670 +.Pa /etc/ssh/ssh_host_ecdsa_key .
4646 4671 +.Pa /etc/ssh/ssh_host_ed25519_key
4647 4672 +and
4648 4673 +.Pa /etc/ssh/ssh_host_rsa_key
4649 4674 +for protocol version 2.
4650 4675 +It is possible to have multiple host key files for
4651 4676 +the different protocol versions and host key algorithms.
4652 4677 +.It Fl i
4653 4678 +Specifies that
4654 4679 +.Nm
4655 4680 +is being run from
4656 4681 +.Xr inetd 8 .
4657 4682 +If SSH protocol 1 is enabled,
4658 4683 +.Nm
4659 4684 +should not normally be run
4660 4685 +from inetd because it needs to generate the server key before it can
4661 4686 +respond to the client, and this may take some time.
4662 4687 +Clients may have to wait too long if the key was regenerated every time.
4663 4688 +.It Fl k Ar key_gen_time
4664 4689 +Specifies how often the ephemeral protocol version 1 server key is
4665 4690 +regenerated (default 3600 seconds, or one hour).
4666 4691 +The motivation for regenerating the key fairly
4667 4692 +often is that the key is not stored anywhere, and after about an hour
4668 4693 +it becomes impossible to recover the key for decrypting intercepted
4669 4694 +communications even if the machine is cracked into or physically
4670 4695 +seized.
4671 4696 +A value of zero indicates that the key will never be regenerated.
4672 4697 +.It Fl o Ar option
4673 4698 +Can be used to give options in the format used in the configuration file.
4674 4699 +This is useful for specifying options for which there is no separate
4675 4700 +command-line flag.
4676 4701 +For full details of the options, and their values, see
4677 4702 +.Xr sshd_config 4 .
4678 4703 +.It Fl p Ar port
4679 4704 +Specifies the port on which the server listens for connections
4680 4705 +(default 22).
4681 4706 +Multiple port options are permitted.
4682 4707 +Ports specified in the configuration file with the
4683 4708 +.Cm Port
4684 4709 +option are ignored when a command-line port is specified.
4685 4710 +Ports specified using the
4686 4711 +.Cm ListenAddress
4687 4712 +option override command-line ports.
4688 4713 +.It Fl q
4689 4714 +Quiet mode.
4690 4715 +Nothing is sent to the system log.
4691 4716 +Normally the beginning,
4692 4717 +authentication, and termination of each connection is logged.
4693 4718 +.It Fl T
4694 4719 +Extended test mode.
4695 4720 +Check the validity of the configuration file, output the effective configuration
4696 4721 +to stdout and then exit.
4697 4722 +Optionally,
4698 4723 +.Cm Match
4699 4724 +rules may be applied by specifying the connection parameters using one or more
4700 4725 +.Fl C
4701 4726 +options.
4702 4727 +.It Fl t
4703 4728 +Test mode.
4704 4729 +Only check the validity of the configuration file and sanity of the keys.
4705 4730 +This is useful for updating
4706 4731 +.Nm
4707 4732 +reliably as configuration options may change.
4708 4733 +.It Fl u Ar len
4709 4734 +This option is used to specify the size of the field
4710 4735 +in the
4711 4736 +.Li utmp
4712 4737 +structure that holds the remote host name.
4713 4738 +If the resolved host name is longer than
4714 4739 +.Ar len ,
4715 4740 +the dotted decimal value will be used instead.
4716 4741 +This allows hosts with very long host names that
4717 4742 +overflow this field to still be uniquely identified.
4718 4743 +Specifying
4719 4744 +.Fl u0
4720 4745 +indicates that only dotted decimal addresses
4721 4746 +should be put into the
4722 4747 +.Pa utmp
4723 4748 +file.
4724 4749 +.Fl u0
4725 4750 +may also be used to prevent
4726 4751 +.Nm
4727 4752 +from making DNS requests unless the authentication
4728 4753 +mechanism or configuration requires it.
4729 4754 +Authentication mechanisms that may require DNS include
4730 4755 +.Cm RhostsRSAAuthentication ,
4731 4756 +.Cm HostbasedAuthentication ,
4732 4757 +and using a
4733 4758 +.Cm from="pattern-list"
4734 4759 +option in a key file.
4735 4760 +Configuration options that require DNS include using a
4736 4761 +USER@HOST pattern in
4737 4762 +.Cm AllowUsers
4738 4763 +or
4739 4764 +.Cm DenyUsers .
4740 4765 +.El
4741 4766 +.Sh AUTHENTICATION
4742 4767 +The OpenSSH SSH daemon supports SSH protocols 1 and 2.
4743 4768 +The default is to use protocol 2 only,
4744 4769 +though this can be changed via the
4745 4770 +.Cm Protocol
4746 4771 +option in
4747 4772 +.Xr sshd_config 4 .
4748 4773 +Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys;
4749 4774 +protocol 1 only supports RSA keys.
4750 4775 +For both protocols,
4751 4776 +each host has a host-specific key,
4752 4777 +normally 2048 bits,
4753 4778 +used to identify the host.
4754 4779 +.Pp
4755 4780 +Forward security for protocol 1 is provided through
4756 4781 +an additional server key,
4757 4782 +normally 1024 bits,
4758 4783 +generated when the server starts.
4759 4784 +This key is normally regenerated every hour if it has been used, and
4760 4785 +is never stored on disk.
4761 4786 +Whenever a client connects, the daemon responds with its public
4762 4787 +host and server keys.
4763 4788 +The client compares the
4764 4789 +RSA host key against its own database to verify that it has not changed.
4765 4790 +The client then generates a 256-bit random number.
4766 4791 +It encrypts this
4767 4792 +random number using both the host key and the server key, and sends
4768 4793 +the encrypted number to the server.
4769 4794 +Both sides then use this
4770 4795 +random number as a session key which is used to encrypt all further
4771 4796 +communications in the session.
4772 4797 +The rest of the session is encrypted
4773 4798 +using a conventional cipher, currently Blowfish or 3DES, with 3DES
4774 4799 +being used by default.
4775 4800 +The client selects the encryption algorithm
4776 4801 +to use from those offered by the server.
4777 4802 +.Pp
4778 4803 +For protocol 2,
4779 4804 +forward security is provided through a Diffie-Hellman key agreement.
4780 4805 +This key agreement results in a shared session key.
4781 4806 +The rest of the session is encrypted using a symmetric cipher, currently
4782 4807 +128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
4783 4808 +The client selects the encryption algorithm
4784 4809 +to use from those offered by the server.
4785 4810 +Additionally, session integrity is provided
4786 4811 +through a cryptographic message authentication code
4787 4812 +(hmac-md5, hmac-sha1, umac-64, umac-128, hmac-ripemd160,
4788 4813 +hmac-sha2-256 or hmac-sha2-512).
4789 4814 +.Pp
4790 4815 +Finally, the server and the client enter an authentication dialog.
4791 4816 +The client tries to authenticate itself using
4792 4817 +host-based authentication,
4793 4818 +public key authentication,
4794 4819 +challenge-response authentication,
4795 4820 +or password authentication.
4796 4821 +.Pp
4797 4822 +Regardless of the authentication type, the account is checked to
4798 4823 +ensure that it is accessible. An account is not accessible if it is
4799 4824 +locked, listed in
4800 4825 +.Cm DenyUsers
4801 4826 +or its group is listed in
4802 4827 +.Cm DenyGroups
4803 4828 +\&. The definition of a locked account is system dependant. Some platforms
4804 4829 +have their own account database (eg AIX) and some modify the passwd field (
4805 4830 +.Ql \&*LK\&*
4806 4831 +on Solaris and UnixWare,
4807 4832 +.Ql \&*
4808 4833 +on HP-UX, containing
4809 4834 +.Ql Nologin
4810 4835 +on Tru64,
4811 4836 +a leading
4812 4837 +.Ql \&*LOCKED\&*
4813 4838 +on FreeBSD and a leading
4814 4839 +.Ql \&!
4815 4840 +on most Linuxes).
4816 4841 +If there is a requirement to disable password authentication
4817 4842 +for the account while allowing still public-key, then the passwd field
4818 4843 +should be set to something other than these values (eg
4819 4844 +.Ql NP
4820 4845 +or
4821 4846 +.Ql \&*NP\&*
4822 4847 +).
4823 4848 +.Pp
4824 4849 +If the client successfully authenticates itself, a dialog for
4825 4850 +preparing the session is entered.
4826 4851 +At this time the client may request
4827 4852 +things like allocating a pseudo-tty, forwarding X11 connections,
4828 4853 +forwarding TCP connections, or forwarding the authentication agent
4829 4854 +connection over the secure channel.
4830 4855 +.Pp
4831 4856 +After this, the client either requests a shell or execution of a command.
4832 4857 +The sides then enter session mode.
4833 4858 +In this mode, either side may send
4834 4859 +data at any time, and such data is forwarded to/from the shell or
4835 4860 +command on the server side, and the user terminal in the client side.
4836 4861 +.Pp
4837 4862 +When the user program terminates and all forwarded X11 and other
4838 4863 +connections have been closed, the server sends command exit status to
4839 4864 +the client, and both sides exit.
4840 4865 +.Sh LOGIN PROCESS
4841 4866 +When a user successfully logs in,
4842 4867 +.Nm
4843 4868 +does the following:
4844 4869 +.Bl -enum -offset indent
4845 4870 +.It
4846 4871 +If the login is on a tty, and no command has been specified,
4847 4872 +prints last login time and
4848 4873 +.Pa /etc/motd
4849 4874 +(unless prevented in the configuration file or by
4850 4875 +.Pa ~/.hushlogin ;
4851 4876 +see the
4852 4877 +.Sx FILES
4853 4878 +section).
4854 4879 +.It
4855 4880 +If the login is on a tty, records login time.
4856 4881 +.It
4857 4882 +Checks
4858 4883 +.Pa /etc/nologin ;
4859 4884 +if it exists, prints contents and quits
4860 4885 +(unless root).
4861 4886 +.It
4862 4887 +Changes to run with normal user privileges.
4863 4888 +.It
4864 4889 +Sets up basic environment.
4865 4890 +.It
4866 4891 +Reads the file
4867 4892 +.Pa ~/.ssh/environment ,
4868 4893 +if it exists, and users are allowed to change their environment.
4869 4894 +See the
4870 4895 +.Cm PermitUserEnvironment
4871 4896 +option in
4872 4897 +.Xr sshd_config 4 .
4873 4898 +.It
4874 4899 +Changes to user's home directory.
4875 4900 +.It
4876 4901 +If
4877 4902 +.Pa ~/.ssh/rc
4878 4903 +exists and the
4879 4904 +.Xr sshd_config 5
4880 4905 +.Cm PermitUserRC
4881 4906 +option is set, runs it; else if
4882 4907 +.Pa /etc/ssh/sshrc
4883 4908 +exists, runs
4884 4909 +it; otherwise runs xauth.
4885 4910 +The
4886 4911 +.Dq rc
4887 4912 +files are given the X11
4888 4913 +authentication protocol and cookie in standard input.
4889 4914 +See
4890 4915 +.Sx SSHRC ,
4891 4916 +below.
4892 4917 +.It
4893 4918 +Runs user's shell or command.
4894 4919 +All commands are run under the user's login shell as specified in the
4895 4920 +system password database.
4896 4921 +.El
4897 4922 +.Sh SSHRC
4898 4923 +If the file
4899 4924 +.Pa ~/.ssh/rc
4900 4925 +exists,
4901 4926 +.Xr sh 1
4902 4927 +runs it after reading the
4903 4928 +environment files but before starting the user's shell or command.
4904 4929 +It must not produce any output on stdout; stderr must be used
4905 4930 +instead.
4906 4931 +If X11 forwarding is in use, it will receive the "proto cookie" pair in
4907 4932 +its standard input (and
4908 4933 +.Ev DISPLAY
4909 4934 +in its environment).
4910 4935 +The script must call
4911 4936 +.Xr xauth 1
4912 4937 +because
4913 4938 +.Nm
4914 4939 +will not run xauth automatically to add X11 cookies.
4915 4940 +.Pp
4916 4941 +The primary purpose of this file is to run any initialization routines
4917 4942 +which may be needed before the user's home directory becomes
4918 4943 +accessible; AFS is a particular example of such an environment.
4919 4944 +.Pp
4920 4945 +This file will probably contain some initialization code followed by
4921 4946 +something similar to:
4922 4947 +.Bd -literal -offset 3n
4923 4948 +if read proto cookie && [ -n "$DISPLAY" ]; then
4924 4949 + if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
4925 4950 + # X11UseLocalhost=yes
4926 4951 + echo add unix:`echo $DISPLAY |
4927 4952 + cut -c11-` $proto $cookie
4928 4953 + else
4929 4954 + # X11UseLocalhost=no
4930 4955 + echo add $DISPLAY $proto $cookie
4931 4956 + fi | xauth -q -
4932 4957 +fi
4933 4958 +.Ed
4934 4959 +.Pp
4935 4960 +If this file does not exist,
4936 4961 +.Pa /etc/ssh/sshrc
4937 4962 +is run, and if that
4938 4963 +does not exist either, xauth is used to add the cookie.
4939 4964 +.Sh AUTHORIZED_KEYS FILE FORMAT
4940 4965 +.Cm AuthorizedKeysFile
4941 4966 +specifies the files containing public keys for
4942 4967 +public key authentication;
4943 4968 +if none is specified, the default is
4944 4969 +.Pa ~/.ssh/authorized_keys
4945 4970 +and
4946 4971 +.Pa ~/.ssh/authorized_keys2 .
4947 4972 +Each line of the file contains one
4948 4973 +key (empty lines and lines starting with a
4949 4974 +.Ql #
4950 4975 +are ignored as
4951 4976 +comments).
4952 4977 +Protocol 1 public keys consist of the following space-separated fields:
4953 4978 +options, bits, exponent, modulus, comment.
4954 4979 +Protocol 2 public key consist of:
4955 4980 +options, keytype, base64-encoded key, comment.
4956 4981 +The options field is optional;
4957 4982 +its presence is determined by whether the line starts
4958 4983 +with a number or not (the options field never starts with a number).
4959 4984 +The bits, exponent, modulus, and comment fields give the RSA key for
4960 4985 +protocol version 1; the
4961 4986 +comment field is not used for anything (but may be convenient for the
4962 4987 +user to identify the key).
4963 4988 +For protocol version 2 the keytype is
4964 4989 +.Dq ecdsa-sha2-nistp256 ,
4965 4990 +.Dq ecdsa-sha2-nistp384 ,
4966 4991 +.Dq ecdsa-sha2-nistp521 ,
4967 4992 +.Dq ssh-ed25519 ,
4968 4993 +.Dq ssh-dss
4969 4994 +or
4970 4995 +.Dq ssh-rsa .
4971 4996 +.Pp
4972 4997 +Note that lines in this file are usually several hundred bytes long
4973 4998 +(because of the size of the public key encoding) up to a limit of
4974 4999 +8 kilobytes, which permits DSA keys up to 8 kilobits and RSA
4975 5000 +keys up to 16 kilobits.
4976 5001 +You don't want to type them in; instead, copy the
4977 5002 +.Pa identity.pub ,
4978 5003 +.Pa id_dsa.pub ,
4979 5004 +.Pa id_ecdsa.pub ,
4980 5005 +.Pa id_ed25519.pub ,
4981 5006 +or the
4982 5007 +.Pa id_rsa.pub
4983 5008 +file and edit it.
4984 5009 +.Pp
4985 5010 +.Nm
4986 5011 +enforces a minimum RSA key modulus size for protocol 1
4987 5012 +and protocol 2 keys of 768 bits.
4988 5013 +.Pp
4989 5014 +The options (if present) consist of comma-separated option
4990 5015 +specifications.
4991 5016 +No spaces are permitted, except within double quotes.
4992 5017 +The following option specifications are supported (note
4993 5018 +that option keywords are case-insensitive):
4994 5019 +.Bl -tag -width Ds
4995 5020 +.It Cm cert-authority
4996 5021 +Specifies that the listed key is a certification authority (CA) that is
4997 5022 +trusted to validate signed certificates for user authentication.
4998 5023 +.Pp
4999 5024 +Certificates may encode access restrictions similar to these key options.
5000 5025 +If both certificate restrictions and key options are present, the most
5001 5026 +restrictive union of the two is applied.
5002 5027 +.It Cm command="command"
5003 5028 +Specifies that the command is executed whenever this key is used for
5004 5029 +authentication.
5005 5030 +The command supplied by the user (if any) is ignored.
5006 5031 +The command is run on a pty if the client requests a pty;
5007 5032 +otherwise it is run without a tty.
5008 5033 +If an 8-bit clean channel is required,
5009 5034 +one must not request a pty or should specify
5010 5035 +.Cm no-pty .
5011 5036 +A quote may be included in the command by quoting it with a backslash.
5012 5037 +This option might be useful
5013 5038 +to restrict certain public keys to perform just a specific operation.
5014 5039 +An example might be a key that permits remote backups but nothing else.
5015 5040 +Note that the client may specify TCP and/or X11
5016 5041 +forwarding unless they are explicitly prohibited.
5017 5042 +The command originally supplied by the client is available in the
5018 5043 +.Ev SSH_ORIGINAL_COMMAND
5019 5044 +environment variable.
5020 5045 +Note that this option applies to shell, command or subsystem execution.
5021 5046 +Also note that this command may be superseded by either a
5022 5047 +.Xr sshd_config 4
5023 5048 +.Cm ForceCommand
5024 5049 +directive or a command embedded in a certificate.
5025 5050 +.It Cm environment="NAME=value"
5026 5051 +Specifies that the string is to be added to the environment when
5027 5052 +logging in using this key.
5028 5053 +Environment variables set this way
5029 5054 +override other default environment values.
5030 5055 +Multiple options of this type are permitted.
5031 5056 +Environment processing is disabled by default and is
5032 5057 +controlled via the
5033 5058 +.Cm PermitUserEnvironment
5034 5059 +option.
5035 5060 +This option is automatically disabled if
5036 5061 +.Cm UseLogin
5037 5062 +is enabled.
5038 5063 +.It Cm from="pattern-list"
5039 5064 +Specifies that in addition to public key authentication, either the canonical
5040 5065 +name of the remote host or its IP address must be present in the
5041 5066 +comma-separated list of patterns.
5042 5067 +See PATTERNS in
5043 5068 +.Xr ssh_config 4
5044 5069 +for more information on patterns.
5045 5070 +.Pp
5046 5071 +In addition to the wildcard matching that may be applied to hostnames or
5047 5072 +addresses, a
5048 5073 +.Cm from
5049 5074 +stanza may match IP addresses using CIDR address/masklen notation.
5050 5075 +.Pp
5051 5076 +The purpose of this option is to optionally increase security: public key
5052 5077 +authentication by itself does not trust the network or name servers or
5053 5078 +anything (but the key); however, if somebody somehow steals the key, the key
5054 5079 +permits an intruder to log in from anywhere in the world.
5055 5080 +This additional option makes using a stolen key more difficult (name
5056 5081 +servers and/or routers would have to be compromised in addition to
5057 5082 +just the key).
5058 5083 +.It Cm no-agent-forwarding
5059 5084 +Forbids authentication agent forwarding when this key is used for
5060 5085 +authentication.
5061 5086 +.It Cm no-port-forwarding
5062 5087 +Forbids TCP forwarding when this key is used for authentication.
5063 5088 +Any port forward requests by the client will return an error.
5064 5089 +This might be used, e.g. in connection with the
5065 5090 +.Cm command
5066 5091 +option.
5067 5092 +.It Cm no-pty
5068 5093 +Prevents tty allocation (a request to allocate a pty will fail).
5069 5094 +.It Cm no-user-rc
5070 5095 +Disables execution of
5071 5096 +.Pa ~/.ssh/rc .
5072 5097 +.It Cm no-X11-forwarding
5073 5098 +Forbids X11 forwarding when this key is used for authentication.
5074 5099 +Any X11 forward requests by the client will return an error.
5075 5100 +.It Cm permitopen="host:port"
5076 5101 +Limit local port forwarding with
5077 5102 +.Xr ssh 1
5078 5103 +.Fl L
5079 5104 +such that it may only connect to the specified host and port.
5080 5105 +IPv6 addresses can be specified by enclosing the address in square brackets.
5081 5106 +Multiple
5082 5107 +.Cm permitopen
5083 5108 +options may be applied separated by commas.
5084 5109 +No pattern matching is performed on the specified hostnames,
5085 5110 +they must be literal domains or addresses.
5086 5111 +A port specification of
5087 5112 +.Cm *
5088 5113 +matches any port.
5089 5114 +.It Cm principals="principals"
5090 5115 +On a
5091 5116 +.Cm cert-authority
5092 5117 +line, specifies allowed principals for certificate authentication as a
5093 5118 +comma-separated list.
5094 5119 +At least one name from the list must appear in the certificate's
5095 5120 +list of principals for the certificate to be accepted.
5096 5121 +This option is ignored for keys that are not marked as trusted certificate
5097 5122 +signers using the
5098 5123 +.Cm cert-authority
5099 5124 +option.
5100 5125 +.It Cm tunnel="n"
5101 5126 +Force a
5102 5127 +.Xr tun 4
5103 5128 +device on the server.
5104 5129 +Without this option, the next available device will be used if
5105 5130 +the client requests a tunnel.
5106 5131 +.El
5107 5132 +.Pp
5108 5133 +An example authorized_keys file:
5109 5134 +.Bd -literal -offset 3n
5110 5135 +# Comments allowed at start of line
5111 5136 +ssh-rsa AAAAB3Nza...LiPk== user@example.net
5112 5137 +from="*.sales.example.net,!pc.sales.example.net" ssh-rsa
5113 5138 +AAAAB2...19Q== john@example.net
5114 5139 +command="dump /home",no-pty,no-port-forwarding ssh-dss
5115 5140 +AAAAC3...51R== example.net
5116 5141 +permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss
5117 5142 +AAAAB5...21S==
5118 5143 +tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...==
5119 5144 +jane@example.net
5120 5145 +.Ed
5121 5146 +.Sh SSH_KNOWN_HOSTS FILE FORMAT
5122 5147 +The
5123 5148 +.Pa /etc/ssh/ssh_known_hosts
5124 5149 +and
5125 5150 +.Pa ~/.ssh/known_hosts
5126 5151 +files contain host public keys for all known hosts.
5127 5152 +The global file should
5128 5153 +be prepared by the administrator (optional), and the per-user file is
5129 5154 +maintained automatically: whenever the user connects from an unknown host,
5130 5155 +its key is added to the per-user file.
5131 5156 +.Pp
5132 5157 +Each line in these files contains the following fields: markers (optional),
5133 5158 +hostnames, bits, exponent, modulus, comment.
5134 5159 +The fields are separated by spaces.
5135 5160 +.Pp
5136 5161 +The marker is optional, but if it is present then it must be one of
5137 5162 +.Dq @cert-authority ,
5138 5163 +to indicate that the line contains a certification authority (CA) key,
5139 5164 +or
5140 5165 +.Dq @revoked ,
5141 5166 +to indicate that the key contained on the line is revoked and must not ever
5142 5167 +be accepted.
5143 5168 +Only one marker should be used on a key line.
5144 5169 +.Pp
5145 5170 +Hostnames is a comma-separated list of patterns
5146 5171 +.Pf ( Ql *
5147 5172 +and
5148 5173 +.Ql \&?
5149 5174 +act as
5150 5175 +wildcards); each pattern in turn is matched against the canonical host
5151 5176 +name (when authenticating a client) or against the user-supplied
5152 5177 +name (when authenticating a server).
5153 5178 +A pattern may also be preceded by
5154 5179 +.Ql \&!
5155 5180 +to indicate negation: if the host name matches a negated
5156 5181 +pattern, it is not accepted (by that line) even if it matched another
5157 5182 +pattern on the line.
5158 5183 +A hostname or address may optionally be enclosed within
5159 5184 +.Ql \&[
5160 5185 +and
5161 5186 +.Ql \&]
5162 5187 +brackets then followed by
5163 5188 +.Ql \&:
5164 5189 +and a non-standard port number.
5165 5190 +.Pp
5166 5191 +Alternately, hostnames may be stored in a hashed form which hides host names
5167 5192 +and addresses should the file's contents be disclosed.
5168 5193 +Hashed hostnames start with a
5169 5194 +.Ql |
5170 5195 +character.
5171 5196 +Only one hashed hostname may appear on a single line and none of the above
5172 5197 +negation or wildcard operators may be applied.
5173 5198 +.Pp
5174 5199 +Bits, exponent, and modulus are taken directly from the RSA host key; they
5175 5200 +can be obtained, for example, from
5176 5201 +.Pa /etc/ssh/ssh_host_key.pub .
5177 5202 +The optional comment field continues to the end of the line, and is not used.
5178 5203 +.Pp
5179 5204 +Lines starting with
5180 5205 +.Ql #
5181 5206 +and empty lines are ignored as comments.
5182 5207 +.Pp
5183 5208 +When performing host authentication, authentication is accepted if any
5184 5209 +matching line has the proper key; either one that matches exactly or,
5185 5210 +if the server has presented a certificate for authentication, the key
5186 5211 +of the certification authority that signed the certificate.
5187 5212 +For a key to be trusted as a certification authority, it must use the
5188 5213 +.Dq @cert-authority
5189 5214 +marker described above.
5190 5215 +.Pp
5191 5216 +The known hosts file also provides a facility to mark keys as revoked,
5192 5217 +for example when it is known that the associated private key has been
5193 5218 +stolen.
5194 5219 +Revoked keys are specified by including the
5195 5220 +.Dq @revoked
5196 5221 +marker at the beginning of the key line, and are never accepted for
5197 5222 +authentication or as certification authorities, but instead will
5198 5223 +produce a warning from
5199 5224 +.Xr ssh 1
5200 5225 +when they are encountered.
5201 5226 +.Pp
5202 5227 +It is permissible (but not
5203 5228 +recommended) to have several lines or different host keys for the same
5204 5229 +names.
5205 5230 +This will inevitably happen when short forms of host names
5206 5231 +from different domains are put in the file.
5207 5232 +It is possible
5208 5233 +that the files contain conflicting information; authentication is
5209 5234 +accepted if valid information can be found from either file.
5210 5235 +.Pp
5211 5236 +Note that the lines in these files are typically hundreds of characters
5212 5237 +long, and you definitely don't want to type in the host keys by hand.
5213 5238 +Rather, generate them by a script,
5214 5239 +.Xr ssh-keyscan 1
5215 5240 +or by taking
5216 5241 +.Pa /etc/ssh/ssh_host_key.pub
5217 5242 +and adding the host names at the front.
5218 5243 +.Xr ssh-keygen 1
5219 5244 +also offers some basic automated editing for
5220 5245 +.Pa ~/.ssh/known_hosts
5221 5246 +including removing hosts matching a host name and converting all host
5222 5247 +names to their hashed representations.
5223 5248 +.Pp
5224 5249 +An example ssh_known_hosts file:
5225 5250 +.Bd -literal -offset 3n
5226 5251 +# Comments allowed at start of line
5227 5252 +closenet,...,192.0.2.53 1024 37 159...93 closenet.example.net
5228 5253 +cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....=
5229 5254 +# A hashed hostname
5230 5255 +|1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa
5231 5256 +AAAA1234.....=
5232 5257 +# A revoked key
5233 5258 +@revoked * ssh-rsa AAAAB5W...
5234 5259 +# A CA key, accepted for any host in *.mydomain.com or *.mydomain.org
5235 5260 +@cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W...
5236 5261 +.Ed
5237 5262 +.Sh FILES
5238 5263 +.Bl -tag -width Ds -compact
5239 5264 +.It Pa ~/.hushlogin
5240 5265 +This file is used to suppress printing the last login time and
5241 5266 +.Pa /etc/motd ,
5242 5267 +if
5243 5268 +.Cm PrintLastLog
5244 5269 +and
5245 5270 +.Cm PrintMotd ,
5246 5271 +respectively,
5247 5272 +are enabled.
5248 5273 +It does not suppress printing of the banner specified by
5249 5274 +.Cm Banner .
5250 5275 +.Pp
5251 5276 +.It Pa ~/.rhosts
5252 5277 +This file is used for host-based authentication (see
5253 5278 +.Xr ssh 1
5254 5279 +for more information).
5255 5280 +On some machines this file may need to be
5256 5281 +world-readable if the user's home directory is on an NFS partition,
5257 5282 +because
5258 5283 +.Nm
5259 5284 +reads it as root.
5260 5285 +Additionally, this file must be owned by the user,
5261 5286 +and must not have write permissions for anyone else.
5262 5287 +The recommended
5263 5288 +permission for most machines is read/write for the user, and not
5264 5289 +accessible by others.
5265 5290 +.Pp
5266 5291 +.It Pa ~/.shosts
5267 5292 +This file is used in exactly the same way as
5268 5293 +.Pa .rhosts ,
5269 5294 +but allows host-based authentication without permitting login with
5270 5295 +rlogin/rsh.
5271 5296 +.Pp
5272 5297 +.It Pa ~/.ssh/
5273 5298 +This directory is the default location for all user-specific configuration
5274 5299 +and authentication information.
5275 5300 +There is no general requirement to keep the entire contents of this directory
5276 5301 +secret, but the recommended permissions are read/write/execute for the user,
5277 5302 +and not accessible by others.
5278 5303 +.Pp
5279 5304 +.It Pa ~/.ssh/authorized_keys
5280 5305 +Lists the public keys (DSA, ECDSA, Ed25519, RSA)
5281 5306 +that can be used for logging in as this user.
5282 5307 +The format of this file is described above.
5283 5308 +The content of the file is not highly sensitive, but the recommended
5284 5309 +permissions are read/write for the user, and not accessible by others.
5285 5310 +.Pp
5286 5311 +If this file, the
5287 5312 +.Pa ~/.ssh
5288 5313 +directory, or the user's home directory are writable
5289 5314 +by other users, then the file could be modified or replaced by unauthorized
5290 5315 +users.
5291 5316 +In this case,
5292 5317 +.Nm
5293 5318 +will not allow it to be used unless the
5294 5319 +.Cm StrictModes
5295 5320 +option has been set to
5296 5321 +.Dq no .
5297 5322 +.Pp
5298 5323 +.It Pa ~/.ssh/environment
5299 5324 +This file is read into the environment at login (if it exists).
5300 5325 +It can only contain empty lines, comment lines (that start with
5301 5326 +.Ql # ) ,
5302 5327 +and assignment lines of the form name=value.
5303 5328 +The file should be writable
5304 5329 +only by the user; it need not be readable by anyone else.
5305 5330 +Environment processing is disabled by default and is
5306 5331 +controlled via the
5307 5332 +.Cm PermitUserEnvironment
5308 5333 +option.
5309 5334 +.Pp
5310 5335 +.It Pa ~/.ssh/known_hosts
5311 5336 +Contains a list of host keys for all hosts the user has logged into
5312 5337 +that are not already in the systemwide list of known host keys.
5313 5338 +The format of this file is described above.
5314 5339 +This file should be writable only by root/the owner and
5315 5340 +can, but need not be, world-readable.
5316 5341 +.Pp
5317 5342 +.It Pa ~/.ssh/rc
5318 5343 +Contains initialization routines to be run before
5319 5344 +the user's home directory becomes accessible.
5320 5345 +This file should be writable only by the user, and need not be
5321 5346 +readable by anyone else.
5322 5347 +.Pp
5323 5348 +.It Pa /etc/hosts.equiv
5324 5349 +This file is for host-based authentication (see
5325 5350 +.Xr ssh 1 ) .
5326 5351 +It should only be writable by root.
5327 5352 +.Pp
5328 5353 +.It Pa /etc/moduli
5329 5354 +Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
5330 5355 +The file format is described in
5331 5356 +.Xr moduli 4 .
5332 5357 +.Pp
5333 5358 +.It Pa /etc/motd
5334 5359 +See
5335 5360 +.Xr motd 5 .
5336 5361 +.Pp
5337 5362 +.It Pa /etc/nologin
5338 5363 +If this file exists,
5339 5364 +.Nm
5340 5365 +refuses to let anyone except root log in.
5341 5366 +The contents of the file
5342 5367 +are displayed to anyone trying to log in, and non-root connections are
5343 5368 +refused.
5344 5369 +The file should be world-readable.
5345 5370 +.Pp
5346 5371 +.It Pa /etc/shosts.equiv
5347 5372 +This file is used in exactly the same way as
5348 5373 +.Pa hosts.equiv ,
5349 5374 +but allows host-based authentication without permitting login with
5350 5375 +rlogin/rsh.
5351 5376 +.Pp
5352 5377 +.It Pa /etc/ssh/ssh_host_key
5353 5378 +.It Pa /etc/ssh/ssh_host_dsa_key
5354 5379 +.It Pa /etc/ssh/ssh_host_ecdsa_key
5355 5380 +.It Pa /etc/ssh/ssh_host_ed25519_key
5356 5381 +.It Pa /etc/ssh/ssh_host_rsa_key
5357 5382 +These files contain the private parts of the host keys.
5358 5383 +These files should only be owned by root, readable only by root, and not
5359 5384 +accessible to others.
5360 5385 +Note that
5361 5386 +.Nm
5362 5387 +does not start if these files are group/world-accessible.
5363 5388 +.Pp
5364 5389 +.It Pa /etc/ssh/ssh_host_key.pub
5365 5390 +.It Pa /etc/ssh/ssh_host_dsa_key.pub
5366 5391 +.It Pa /etc/ssh/ssh_host_ecdsa_key.pub
5367 5392 +.It Pa /etc/ssh/ssh_host_ed25519_key.pub
5368 5393 +.It Pa /etc/ssh/ssh_host_rsa_key.pub
5369 5394 +These files contain the public parts of the host keys.
5370 5395 +These files should be world-readable but writable only by
5371 5396 +root.
5372 5397 +Their contents should match the respective private parts.
5373 5398 +These files are not
5374 5399 +really used for anything; they are provided for the convenience of
5375 5400 +the user so their contents can be copied to known hosts files.
5376 5401 +These files are created using
5377 5402 +.Xr ssh-keygen 1 .
5378 5403 +.Pp
5379 5404 +.It Pa /etc/ssh/ssh_known_hosts
5380 5405 +Systemwide list of known host keys.
5381 5406 +This file should be prepared by the
5382 5407 +system administrator to contain the public host keys of all machines in the
5383 5408 +organization.
5384 5409 +The format of this file is described above.
5385 5410 +This file should be writable only by root/the owner and
5386 5411 +should be world-readable.
5387 5412 +.Pp
5388 5413 +.It Pa /etc/ssh/sshd_config
5389 5414 +Contains configuration data for
5390 5415 +.Nm sshd .
5391 5416 +The file format and configuration options are described in
5392 5417 +.Xr sshd_config 4 .
5393 5418 +.Pp
5394 5419 +.It Pa /etc/ssh/sshrc
5395 5420 +Similar to
5396 5421 +.Pa ~/.ssh/rc ,
5397 5422 +it can be used to specify
5398 5423 +machine-specific login-time initializations globally.
5399 5424 +This file should be writable only by root, and should be world-readable.
5400 5425 +.Pp
5401 5426 +.It Pa /var/empty
5402 5427 +.Xr chroot 2
5403 5428 +directory used by
5404 5429 +.Nm
5405 5430 +during privilege separation in the pre-authentication phase.
5406 5431 +The directory should not contain any files and must be owned by root
5407 5432 +and not group or world-writable.
5408 5433 +.Pp
5409 5434 +.It Pa /var/run/sshd.pid
5410 5435 +Contains the process ID of the
5411 5436 +.Nm
5412 5437 +listening for connections (if there are several daemons running
5413 5438 +concurrently for different ports, this contains the process ID of the one
5414 5439 +started last).
5415 5440 +The content of this file is not sensitive; it can be world-readable.
5416 5441 +.El
5417 5442 +.Sh SEE ALSO
5418 5443 +.Xr scp 1 ,
5419 5444 +.Xr sftp 1 ,
5420 5445 +.Xr ssh 1 ,
5421 5446 +.Xr ssh-add 1 ,
5422 5447 +.Xr ssh-agent 1 ,
5423 5448 +.Xr ssh-keygen 1 ,
5424 5449 +.Xr ssh-keyscan 1 ,
5425 5450 +.Xr chroot 2 ,
5426 5451 +.Xr login.conf 5 ,
5427 5452 +.Xr moduli 4 ,
5428 5453 +.Xr sshd_config 4 ,
5429 5454 +.Xr inetd 1M ,
5430 5455 +.Xr sftp-server 1M
5431 5456 +.Sh AUTHORS
5432 5457 +OpenSSH is a derivative of the original and free
5433 5458 +ssh 1.2.12 release by Tatu Ylonen.
5434 5459 +Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
5435 5460 +Theo de Raadt and Dug Song
5436 5461 +removed many bugs, re-added newer features and
5437 5462 +created OpenSSH.
5438 5463 +Markus Friedl contributed the support for SSH
5439 5464 +protocol versions 1.5 and 2.0.
5440 5465 +Niels Provos and Markus Friedl contributed support
5441 5466 +for privilege separation.
5442 5467 diff --git a/sshd.8 b/sshd.8
5443 5468 deleted file mode 100644
5444 5469 index 213b5fc..0000000
5445 5470 --- a/sshd.8
5446 5471 +++ /dev/null
5447 5472 @@ -1,971 +0,0 @@
5448 5473 -.\"
5449 5474 -.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
5450 5475 -.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5451 5476 -.\" All rights reserved
5452 5477 -.\"
5453 5478 -.\" As far as I am concerned, the code I have written for this software
5454 5479 -.\" can be used freely for any purpose. Any derived versions of this
5455 5480 -.\" software must be clearly marked as such, and if the derived work is
5456 5481 -.\" incompatible with the protocol description in the RFC file, it must be
5457 5482 -.\" called by a name other than "ssh" or "Secure Shell".
5458 5483 -.\"
5459 5484 -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
5460 5485 -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
5461 5486 -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
5462 5487 -.\"
5463 5488 -.\" Redistribution and use in source and binary forms, with or without
5464 5489 -.\" modification, are permitted provided that the following conditions
5465 5490 -.\" are met:
5466 5491 -.\" 1. Redistributions of source code must retain the above copyright
5467 5492 -.\" notice, this list of conditions and the following disclaimer.
5468 5493 -.\" 2. Redistributions in binary form must reproduce the above copyright
5469 5494 -.\" notice, this list of conditions and the following disclaimer in the
5470 5495 -.\" documentation and/or other materials provided with the distribution.
5471 5496 -.\"
5472 5497 -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
5473 5498 -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
5474 5499 -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
5475 5500 -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
5476 5501 -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
5477 5502 -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
5478 5503 -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
5479 5504 -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
5480 5505 -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
5481 5506 -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
5482 5507 -.\"
5483 5508 -.\" $OpenBSD: sshd.8,v 1.280 2015/07/03 03:49:45 djm Exp $
5484 5509 -.Dd $Mdocdate: July 3 2015 $
5485 5510 -.Dt SSHD 8
5486 5511 -.Os
5487 5512 -.Sh NAME
5488 5513 -.Nm sshd
5489 5514 -.Nd OpenSSH SSH daemon
5490 5515 -.Sh SYNOPSIS
5491 5516 -.Nm sshd
5492 5517 -.Bk -words
5493 5518 -.Op Fl 46DdeiqTt
5494 5519 -.Op Fl b Ar bits
5495 5520 -.Op Fl C Ar connection_spec
5496 5521 -.Op Fl c Ar host_certificate_file
5497 5522 -.Op Fl E Ar log_file
5498 5523 -.Op Fl f Ar config_file
5499 5524 -.Op Fl g Ar login_grace_time
5500 5525 -.Op Fl h Ar host_key_file
5501 5526 -.Op Fl k Ar key_gen_time
5502 5527 -.Op Fl o Ar option
5503 5528 -.Op Fl p Ar port
5504 5529 -.Op Fl u Ar len
5505 5530 -.Ek
5506 5531 -.Sh DESCRIPTION
5507 5532 -.Nm
5508 5533 -(OpenSSH Daemon) is the daemon program for
5509 5534 -.Xr ssh 1 .
5510 5535 -Together these programs replace rlogin and rsh,
5511 5536 -and provide secure encrypted communications between two untrusted hosts
5512 5537 -over an insecure network.
5513 5538 -.Pp
5514 5539 -.Nm
5515 5540 -listens for connections from clients.
5516 5541 -It is normally started at boot from
5517 5542 -.Pa /etc/rc .
5518 5543 -It forks a new
5519 5544 -daemon for each incoming connection.
5520 5545 -The forked daemons handle
5521 5546 -key exchange, encryption, authentication, command execution,
5522 5547 -and data exchange.
5523 5548 -.Pp
5524 5549 -.Nm
5525 5550 -can be configured using command-line options or a configuration file
5526 5551 -(by default
5527 5552 -.Xr sshd_config 5 ) ;
5528 5553 -command-line options override values specified in the
5529 5554 -configuration file.
5530 5555 -.Nm
5531 5556 -rereads its configuration file when it receives a hangup signal,
5532 5557 -.Dv SIGHUP ,
5533 5558 -by executing itself with the name and options it was started with, e.g.\&
5534 5559 -.Pa /usr/sbin/sshd .
5535 5560 -.Pp
5536 5561 -The options are as follows:
5537 5562 -.Bl -tag -width Ds
5538 5563 -.It Fl 4
5539 5564 -Forces
5540 5565 -.Nm
5541 5566 -to use IPv4 addresses only.
5542 5567 -.It Fl 6
5543 5568 -Forces
5544 5569 -.Nm
5545 5570 -to use IPv6 addresses only.
5546 5571 -.It Fl b Ar bits
5547 5572 -Specifies the number of bits in the ephemeral protocol version 1
5548 5573 -server key (default 1024).
5549 5574 -.It Fl C Ar connection_spec
5550 5575 -Specify the connection parameters to use for the
5551 5576 -.Fl T
5552 5577 -extended test mode.
5553 5578 -If provided, any
5554 5579 -.Cm Match
5555 5580 -directives in the configuration file
5556 5581 -that would apply to the specified user, host, and address will be set before
5557 5582 -the configuration is written to standard output.
5558 5583 -The connection parameters are supplied as keyword=value pairs.
5559 5584 -The keywords are
5560 5585 -.Dq user ,
5561 5586 -.Dq host ,
5562 5587 -.Dq laddr ,
5563 5588 -.Dq lport ,
5564 5589 -and
5565 5590 -.Dq addr .
5566 5591 -All are required and may be supplied in any order, either with multiple
5567 5592 -.Fl C
5568 5593 -options or as a comma-separated list.
5569 5594 -.It Fl c Ar host_certificate_file
5570 5595 -Specifies a path to a certificate file to identify
5571 5596 -.Nm
5572 5597 -during key exchange.
5573 5598 -The certificate file must match a host key file specified using the
5574 5599 -.Fl h
5575 5600 -option or the
5576 5601 -.Cm HostKey
5577 5602 -configuration directive.
5578 5603 -.It Fl D
5579 5604 -When this option is specified,
5580 5605 -.Nm
5581 5606 -will not detach and does not become a daemon.
5582 5607 -This allows easy monitoring of
5583 5608 -.Nm sshd .
5584 5609 -.It Fl d
5585 5610 -Debug mode.
5586 5611 -The server sends verbose debug output to standard error,
5587 5612 -and does not put itself in the background.
5588 5613 -The server also will not fork and will only process one connection.
5589 5614 -This option is only intended for debugging for the server.
5590 5615 -Multiple
5591 5616 -.Fl d
5592 5617 -options increase the debugging level.
5593 5618 -Maximum is 3.
5594 5619 -.It Fl E Ar log_file
5595 5620 -Append debug logs to
5596 5621 -.Ar log_file
5597 5622 -instead of the system log.
5598 5623 -.It Fl e
5599 5624 -Write debug logs to standard error instead of the system log.
5600 5625 -.It Fl f Ar config_file
5601 5626 -Specifies the name of the configuration file.
5602 5627 -The default is
5603 5628 -.Pa /etc/ssh/sshd_config .
5604 5629 -.Nm
5605 5630 -refuses to start if there is no configuration file.
5606 5631 -.It Fl g Ar login_grace_time
5607 5632 -Gives the grace time for clients to authenticate themselves (default
5608 5633 -120 seconds).
5609 5634 -If the client fails to authenticate the user within
5610 5635 -this many seconds, the server disconnects and exits.
5611 5636 -A value of zero indicates no limit.
5612 5637 -.It Fl h Ar host_key_file
5613 5638 -Specifies a file from which a host key is read.
5614 5639 -This option must be given if
5615 5640 -.Nm
5616 5641 -is not run as root (as the normal
5617 5642 -host key files are normally not readable by anyone but root).
5618 5643 -The default is
5619 5644 -.Pa /etc/ssh/ssh_host_key
5620 5645 -for protocol version 1, and
5621 5646 -.Pa /etc/ssh/ssh_host_dsa_key ,
5622 5647 -.Pa /etc/ssh/ssh_host_ecdsa_key .
5623 5648 -.Pa /etc/ssh/ssh_host_ed25519_key
5624 5649 -and
5625 5650 -.Pa /etc/ssh/ssh_host_rsa_key
5626 5651 -for protocol version 2.
5627 5652 -It is possible to have multiple host key files for
5628 5653 -the different protocol versions and host key algorithms.
5629 5654 -.It Fl i
5630 5655 -Specifies that
5631 5656 -.Nm
5632 5657 -is being run from
5633 5658 -.Xr inetd 8 .
5634 5659 -If SSH protocol 1 is enabled,
5635 5660 -.Nm
5636 5661 -should not normally be run
5637 5662 -from inetd because it needs to generate the server key before it can
5638 5663 -respond to the client, and this may take some time.
5639 5664 -Clients may have to wait too long if the key was regenerated every time.
5640 5665 -.It Fl k Ar key_gen_time
5641 5666 -Specifies how often the ephemeral protocol version 1 server key is
5642 5667 -regenerated (default 3600 seconds, or one hour).
5643 5668 -The motivation for regenerating the key fairly
5644 5669 -often is that the key is not stored anywhere, and after about an hour
5645 5670 -it becomes impossible to recover the key for decrypting intercepted
5646 5671 -communications even if the machine is cracked into or physically
5647 5672 -seized.
5648 5673 -A value of zero indicates that the key will never be regenerated.
5649 5674 -.It Fl o Ar option
5650 5675 -Can be used to give options in the format used in the configuration file.
5651 5676 -This is useful for specifying options for which there is no separate
5652 5677 -command-line flag.
5653 5678 -For full details of the options, and their values, see
5654 5679 -.Xr sshd_config 5 .
5655 5680 -.It Fl p Ar port
5656 5681 -Specifies the port on which the server listens for connections
5657 5682 -(default 22).
5658 5683 -Multiple port options are permitted.
5659 5684 -Ports specified in the configuration file with the
5660 5685 -.Cm Port
5661 5686 -option are ignored when a command-line port is specified.
5662 5687 -Ports specified using the
5663 5688 -.Cm ListenAddress
5664 5689 -option override command-line ports.
5665 5690 -.It Fl q
5666 5691 -Quiet mode.
5667 5692 -Nothing is sent to the system log.
5668 5693 -Normally the beginning,
5669 5694 -authentication, and termination of each connection is logged.
5670 5695 -.It Fl T
5671 5696 -Extended test mode.
5672 5697 -Check the validity of the configuration file, output the effective configuration
5673 5698 -to stdout and then exit.
5674 5699 -Optionally,
5675 5700 -.Cm Match
5676 5701 -rules may be applied by specifying the connection parameters using one or more
5677 5702 -.Fl C
5678 5703 -options.
5679 5704 -.It Fl t
5680 5705 -Test mode.
5681 5706 -Only check the validity of the configuration file and sanity of the keys.
5682 5707 -This is useful for updating
5683 5708 -.Nm
5684 5709 -reliably as configuration options may change.
5685 5710 -.It Fl u Ar len
5686 5711 -This option is used to specify the size of the field
5687 5712 -in the
5688 5713 -.Li utmp
5689 5714 -structure that holds the remote host name.
5690 5715 -If the resolved host name is longer than
5691 5716 -.Ar len ,
5692 5717 -the dotted decimal value will be used instead.
5693 5718 -This allows hosts with very long host names that
5694 5719 -overflow this field to still be uniquely identified.
5695 5720 -Specifying
5696 5721 -.Fl u0
5697 5722 -indicates that only dotted decimal addresses
5698 5723 -should be put into the
5699 5724 -.Pa utmp
5700 5725 -file.
5701 5726 -.Fl u0
5702 5727 -may also be used to prevent
5703 5728 -.Nm
5704 5729 -from making DNS requests unless the authentication
5705 5730 -mechanism or configuration requires it.
5706 5731 -Authentication mechanisms that may require DNS include
5707 5732 -.Cm RhostsRSAAuthentication ,
5708 5733 -.Cm HostbasedAuthentication ,
5709 5734 -and using a
5710 5735 -.Cm from="pattern-list"
5711 5736 -option in a key file.
5712 5737 -Configuration options that require DNS include using a
5713 5738 -USER@HOST pattern in
5714 5739 -.Cm AllowUsers
5715 5740 -or
5716 5741 -.Cm DenyUsers .
5717 5742 -.El
5718 5743 -.Sh AUTHENTICATION
5719 5744 -The OpenSSH SSH daemon supports SSH protocols 1 and 2.
5720 5745 -The default is to use protocol 2 only,
5721 5746 -though this can be changed via the
5722 5747 -.Cm Protocol
5723 5748 -option in
5724 5749 -.Xr sshd_config 5 .
5725 5750 -Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys;
5726 5751 -protocol 1 only supports RSA keys.
5727 5752 -For both protocols,
5728 5753 -each host has a host-specific key,
5729 5754 -normally 2048 bits,
5730 5755 -used to identify the host.
5731 5756 -.Pp
5732 5757 -Forward security for protocol 1 is provided through
5733 5758 -an additional server key,
5734 5759 -normally 1024 bits,
5735 5760 -generated when the server starts.
5736 5761 -This key is normally regenerated every hour if it has been used, and
5737 5762 -is never stored on disk.
5738 5763 -Whenever a client connects, the daemon responds with its public
5739 5764 -host and server keys.
5740 5765 -The client compares the
5741 5766 -RSA host key against its own database to verify that it has not changed.
5742 5767 -The client then generates a 256-bit random number.
5743 5768 -It encrypts this
5744 5769 -random number using both the host key and the server key, and sends
5745 5770 -the encrypted number to the server.
5746 5771 -Both sides then use this
5747 5772 -random number as a session key which is used to encrypt all further
5748 5773 -communications in the session.
5749 5774 -The rest of the session is encrypted
5750 5775 -using a conventional cipher, currently Blowfish or 3DES, with 3DES
5751 5776 -being used by default.
5752 5777 -The client selects the encryption algorithm
5753 5778 -to use from those offered by the server.
5754 5779 -.Pp
5755 5780 -For protocol 2,
5756 5781 -forward security is provided through a Diffie-Hellman key agreement.
5757 5782 -This key agreement results in a shared session key.
5758 5783 -The rest of the session is encrypted using a symmetric cipher, currently
5759 5784 -128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
5760 5785 -The client selects the encryption algorithm
5761 5786 -to use from those offered by the server.
5762 5787 -Additionally, session integrity is provided
5763 5788 -through a cryptographic message authentication code
5764 5789 -(hmac-md5, hmac-sha1, umac-64, umac-128, hmac-ripemd160,
5765 5790 -hmac-sha2-256 or hmac-sha2-512).
5766 5791 -.Pp
5767 5792 -Finally, the server and the client enter an authentication dialog.
5768 5793 -The client tries to authenticate itself using
5769 5794 -host-based authentication,
5770 5795 -public key authentication,
5771 5796 -challenge-response authentication,
5772 5797 -or password authentication.
5773 5798 -.Pp
5774 5799 -Regardless of the authentication type, the account is checked to
5775 5800 -ensure that it is accessible. An account is not accessible if it is
5776 5801 -locked, listed in
5777 5802 -.Cm DenyUsers
5778 5803 -or its group is listed in
5779 5804 -.Cm DenyGroups
5780 5805 -\&. The definition of a locked account is system dependant. Some platforms
5781 5806 -have their own account database (eg AIX) and some modify the passwd field (
5782 5807 -.Ql \&*LK\&*
5783 5808 -on Solaris and UnixWare,
5784 5809 -.Ql \&*
5785 5810 -on HP-UX, containing
5786 5811 -.Ql Nologin
5787 5812 -on Tru64,
5788 5813 -a leading
5789 5814 -.Ql \&*LOCKED\&*
5790 5815 -on FreeBSD and a leading
5791 5816 -.Ql \&!
5792 5817 -on most Linuxes).
5793 5818 -If there is a requirement to disable password authentication
5794 5819 -for the account while allowing still public-key, then the passwd field
5795 5820 -should be set to something other than these values (eg
5796 5821 -.Ql NP
5797 5822 -or
5798 5823 -.Ql \&*NP\&*
5799 5824 -).
5800 5825 -.Pp
5801 5826 -If the client successfully authenticates itself, a dialog for
5802 5827 -preparing the session is entered.
5803 5828 -At this time the client may request
5804 5829 -things like allocating a pseudo-tty, forwarding X11 connections,
5805 5830 -forwarding TCP connections, or forwarding the authentication agent
5806 5831 -connection over the secure channel.
5807 5832 -.Pp
5808 5833 -After this, the client either requests a shell or execution of a command.
5809 5834 -The sides then enter session mode.
5810 5835 -In this mode, either side may send
5811 5836 -data at any time, and such data is forwarded to/from the shell or
5812 5837 -command on the server side, and the user terminal in the client side.
5813 5838 -.Pp
5814 5839 -When the user program terminates and all forwarded X11 and other
5815 5840 -connections have been closed, the server sends command exit status to
5816 5841 -the client, and both sides exit.
5817 5842 -.Sh LOGIN PROCESS
5818 5843 -When a user successfully logs in,
5819 5844 -.Nm
5820 5845 -does the following:
5821 5846 -.Bl -enum -offset indent
5822 5847 -.It
5823 5848 -If the login is on a tty, and no command has been specified,
5824 5849 -prints last login time and
5825 5850 -.Pa /etc/motd
5826 5851 -(unless prevented in the configuration file or by
5827 5852 -.Pa ~/.hushlogin ;
5828 5853 -see the
5829 5854 -.Sx FILES
5830 5855 -section).
5831 5856 -.It
5832 5857 -If the login is on a tty, records login time.
5833 5858 -.It
5834 5859 -Checks
5835 5860 -.Pa /etc/nologin ;
5836 5861 -if it exists, prints contents and quits
5837 5862 -(unless root).
5838 5863 -.It
5839 5864 -Changes to run with normal user privileges.
5840 5865 -.It
5841 5866 -Sets up basic environment.
5842 5867 -.It
5843 5868 -Reads the file
5844 5869 -.Pa ~/.ssh/environment ,
5845 5870 -if it exists, and users are allowed to change their environment.
5846 5871 -See the
5847 5872 -.Cm PermitUserEnvironment
5848 5873 -option in
5849 5874 -.Xr sshd_config 5 .
5850 5875 -.It
5851 5876 -Changes to user's home directory.
5852 5877 -.It
5853 5878 -If
5854 5879 -.Pa ~/.ssh/rc
5855 5880 -exists and the
5856 5881 -.Xr sshd_config 5
5857 5882 -.Cm PermitUserRC
5858 5883 -option is set, runs it; else if
5859 5884 -.Pa /etc/ssh/sshrc
5860 5885 -exists, runs
5861 5886 -it; otherwise runs xauth.
5862 5887 -The
5863 5888 -.Dq rc
5864 5889 -files are given the X11
5865 5890 -authentication protocol and cookie in standard input.
5866 5891 -See
5867 5892 -.Sx SSHRC ,
5868 5893 -below.
5869 5894 -.It
5870 5895 -Runs user's shell or command.
5871 5896 -All commands are run under the user's login shell as specified in the
5872 5897 -system password database.
5873 5898 -.El
5874 5899 -.Sh SSHRC
5875 5900 -If the file
5876 5901 -.Pa ~/.ssh/rc
5877 5902 -exists,
5878 5903 -.Xr sh 1
5879 5904 -runs it after reading the
5880 5905 -environment files but before starting the user's shell or command.
5881 5906 -It must not produce any output on stdout; stderr must be used
5882 5907 -instead.
5883 5908 -If X11 forwarding is in use, it will receive the "proto cookie" pair in
5884 5909 -its standard input (and
5885 5910 -.Ev DISPLAY
5886 5911 -in its environment).
5887 5912 -The script must call
5888 5913 -.Xr xauth 1
5889 5914 -because
5890 5915 -.Nm
5891 5916 -will not run xauth automatically to add X11 cookies.
5892 5917 -.Pp
5893 5918 -The primary purpose of this file is to run any initialization routines
5894 5919 -which may be needed before the user's home directory becomes
5895 5920 -accessible; AFS is a particular example of such an environment.
5896 5921 -.Pp
5897 5922 -This file will probably contain some initialization code followed by
5898 5923 -something similar to:
5899 5924 -.Bd -literal -offset 3n
5900 5925 -if read proto cookie && [ -n "$DISPLAY" ]; then
5901 5926 - if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
5902 5927 - # X11UseLocalhost=yes
5903 5928 - echo add unix:`echo $DISPLAY |
5904 5929 - cut -c11-` $proto $cookie
5905 5930 - else
5906 5931 - # X11UseLocalhost=no
5907 5932 - echo add $DISPLAY $proto $cookie
5908 5933 - fi | xauth -q -
5909 5934 -fi
5910 5935 -.Ed
5911 5936 -.Pp
5912 5937 -If this file does not exist,
5913 5938 -.Pa /etc/ssh/sshrc
5914 5939 -is run, and if that
5915 5940 -does not exist either, xauth is used to add the cookie.
5916 5941 -.Sh AUTHORIZED_KEYS FILE FORMAT
5917 5942 -.Cm AuthorizedKeysFile
5918 5943 -specifies the files containing public keys for
5919 5944 -public key authentication;
5920 5945 -if none is specified, the default is
5921 5946 -.Pa ~/.ssh/authorized_keys
5922 5947 -and
5923 5948 -.Pa ~/.ssh/authorized_keys2 .
5924 5949 -Each line of the file contains one
5925 5950 -key (empty lines and lines starting with a
5926 5951 -.Ql #
5927 5952 -are ignored as
5928 5953 -comments).
5929 5954 -Protocol 1 public keys consist of the following space-separated fields:
5930 5955 -options, bits, exponent, modulus, comment.
5931 5956 -Protocol 2 public key consist of:
5932 5957 -options, keytype, base64-encoded key, comment.
5933 5958 -The options field is optional;
5934 5959 -its presence is determined by whether the line starts
5935 5960 -with a number or not (the options field never starts with a number).
5936 5961 -The bits, exponent, modulus, and comment fields give the RSA key for
5937 5962 -protocol version 1; the
5938 5963 -comment field is not used for anything (but may be convenient for the
5939 5964 -user to identify the key).
5940 5965 -For protocol version 2 the keytype is
5941 5966 -.Dq ecdsa-sha2-nistp256 ,
5942 5967 -.Dq ecdsa-sha2-nistp384 ,
5943 5968 -.Dq ecdsa-sha2-nistp521 ,
5944 5969 -.Dq ssh-ed25519 ,
5945 5970 -.Dq ssh-dss
5946 5971 -or
5947 5972 -.Dq ssh-rsa .
5948 5973 -.Pp
5949 5974 -Note that lines in this file are usually several hundred bytes long
5950 5975 -(because of the size of the public key encoding) up to a limit of
5951 5976 -8 kilobytes, which permits DSA keys up to 8 kilobits and RSA
5952 5977 -keys up to 16 kilobits.
5953 5978 -You don't want to type them in; instead, copy the
5954 5979 -.Pa identity.pub ,
5955 5980 -.Pa id_dsa.pub ,
5956 5981 -.Pa id_ecdsa.pub ,
5957 5982 -.Pa id_ed25519.pub ,
5958 5983 -or the
5959 5984 -.Pa id_rsa.pub
5960 5985 -file and edit it.
5961 5986 -.Pp
5962 5987 -.Nm
5963 5988 -enforces a minimum RSA key modulus size for protocol 1
5964 5989 -and protocol 2 keys of 768 bits.
5965 5990 -.Pp
5966 5991 -The options (if present) consist of comma-separated option
5967 5992 -specifications.
5968 5993 -No spaces are permitted, except within double quotes.
5969 5994 -The following option specifications are supported (note
5970 5995 -that option keywords are case-insensitive):
5971 5996 -.Bl -tag -width Ds
5972 5997 -.It Cm cert-authority
5973 5998 -Specifies that the listed key is a certification authority (CA) that is
5974 5999 -trusted to validate signed certificates for user authentication.
5975 6000 -.Pp
5976 6001 -Certificates may encode access restrictions similar to these key options.
5977 6002 -If both certificate restrictions and key options are present, the most
5978 6003 -restrictive union of the two is applied.
5979 6004 -.It Cm command="command"
5980 6005 -Specifies that the command is executed whenever this key is used for
5981 6006 -authentication.
5982 6007 -The command supplied by the user (if any) is ignored.
5983 6008 -The command is run on a pty if the client requests a pty;
5984 6009 -otherwise it is run without a tty.
5985 6010 -If an 8-bit clean channel is required,
5986 6011 -one must not request a pty or should specify
5987 6012 -.Cm no-pty .
5988 6013 -A quote may be included in the command by quoting it with a backslash.
5989 6014 -This option might be useful
5990 6015 -to restrict certain public keys to perform just a specific operation.
5991 6016 -An example might be a key that permits remote backups but nothing else.
5992 6017 -Note that the client may specify TCP and/or X11
5993 6018 -forwarding unless they are explicitly prohibited.
5994 6019 -The command originally supplied by the client is available in the
5995 6020 -.Ev SSH_ORIGINAL_COMMAND
5996 6021 -environment variable.
5997 6022 -Note that this option applies to shell, command or subsystem execution.
5998 6023 -Also note that this command may be superseded by either a
5999 6024 -.Xr sshd_config 5
6000 6025 -.Cm ForceCommand
6001 6026 -directive or a command embedded in a certificate.
6002 6027 -.It Cm environment="NAME=value"
6003 6028 -Specifies that the string is to be added to the environment when
6004 6029 -logging in using this key.
6005 6030 -Environment variables set this way
6006 6031 -override other default environment values.
6007 6032 -Multiple options of this type are permitted.
6008 6033 -Environment processing is disabled by default and is
6009 6034 -controlled via the
6010 6035 -.Cm PermitUserEnvironment
6011 6036 -option.
6012 6037 -This option is automatically disabled if
6013 6038 -.Cm UseLogin
6014 6039 -is enabled.
6015 6040 -.It Cm from="pattern-list"
6016 6041 -Specifies that in addition to public key authentication, either the canonical
6017 6042 -name of the remote host or its IP address must be present in the
6018 6043 -comma-separated list of patterns.
6019 6044 -See PATTERNS in
6020 6045 -.Xr ssh_config 5
6021 6046 -for more information on patterns.
6022 6047 -.Pp
6023 6048 -In addition to the wildcard matching that may be applied to hostnames or
6024 6049 -addresses, a
6025 6050 -.Cm from
6026 6051 -stanza may match IP addresses using CIDR address/masklen notation.
6027 6052 -.Pp
6028 6053 -The purpose of this option is to optionally increase security: public key
6029 6054 -authentication by itself does not trust the network or name servers or
6030 6055 -anything (but the key); however, if somebody somehow steals the key, the key
6031 6056 -permits an intruder to log in from anywhere in the world.
6032 6057 -This additional option makes using a stolen key more difficult (name
6033 6058 -servers and/or routers would have to be compromised in addition to
6034 6059 -just the key).
6035 6060 -.It Cm no-agent-forwarding
6036 6061 -Forbids authentication agent forwarding when this key is used for
6037 6062 -authentication.
6038 6063 -.It Cm no-port-forwarding
6039 6064 -Forbids TCP forwarding when this key is used for authentication.
6040 6065 -Any port forward requests by the client will return an error.
6041 6066 -This might be used, e.g. in connection with the
6042 6067 -.Cm command
6043 6068 -option.
6044 6069 -.It Cm no-pty
6045 6070 -Prevents tty allocation (a request to allocate a pty will fail).
6046 6071 -.It Cm no-user-rc
6047 6072 -Disables execution of
6048 6073 -.Pa ~/.ssh/rc .
6049 6074 -.It Cm no-X11-forwarding
6050 6075 -Forbids X11 forwarding when this key is used for authentication.
6051 6076 -Any X11 forward requests by the client will return an error.
6052 6077 -.It Cm permitopen="host:port"
6053 6078 -Limit local port forwarding with
6054 6079 -.Xr ssh 1
6055 6080 -.Fl L
6056 6081 -such that it may only connect to the specified host and port.
6057 6082 -IPv6 addresses can be specified by enclosing the address in square brackets.
6058 6083 -Multiple
6059 6084 -.Cm permitopen
6060 6085 -options may be applied separated by commas.
6061 6086 -No pattern matching is performed on the specified hostnames,
6062 6087 -they must be literal domains or addresses.
6063 6088 -A port specification of
6064 6089 -.Cm *
6065 6090 -matches any port.
6066 6091 -.It Cm principals="principals"
6067 6092 -On a
6068 6093 -.Cm cert-authority
6069 6094 -line, specifies allowed principals for certificate authentication as a
6070 6095 -comma-separated list.
6071 6096 -At least one name from the list must appear in the certificate's
6072 6097 -list of principals for the certificate to be accepted.
6073 6098 -This option is ignored for keys that are not marked as trusted certificate
6074 6099 -signers using the
6075 6100 -.Cm cert-authority
6076 6101 -option.
6077 6102 -.It Cm tunnel="n"
6078 6103 -Force a
6079 6104 -.Xr tun 4
6080 6105 -device on the server.
6081 6106 -Without this option, the next available device will be used if
6082 6107 -the client requests a tunnel.
6083 6108 -.El
6084 6109 -.Pp
6085 6110 -An example authorized_keys file:
6086 6111 -.Bd -literal -offset 3n
6087 6112 -# Comments allowed at start of line
6088 6113 -ssh-rsa AAAAB3Nza...LiPk== user@example.net
6089 6114 -from="*.sales.example.net,!pc.sales.example.net" ssh-rsa
6090 6115 -AAAAB2...19Q== john@example.net
6091 6116 -command="dump /home",no-pty,no-port-forwarding ssh-dss
6092 6117 -AAAAC3...51R== example.net
6093 6118 -permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss
6094 6119 -AAAAB5...21S==
6095 6120 -tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...==
6096 6121 -jane@example.net
6097 6122 -.Ed
6098 6123 -.Sh SSH_KNOWN_HOSTS FILE FORMAT
6099 6124 -The
6100 6125 -.Pa /etc/ssh/ssh_known_hosts
6101 6126 -and
6102 6127 -.Pa ~/.ssh/known_hosts
6103 6128 -files contain host public keys for all known hosts.
6104 6129 -The global file should
6105 6130 -be prepared by the administrator (optional), and the per-user file is
6106 6131 -maintained automatically: whenever the user connects from an unknown host,
6107 6132 -its key is added to the per-user file.
6108 6133 -.Pp
6109 6134 -Each line in these files contains the following fields: markers (optional),
6110 6135 -hostnames, bits, exponent, modulus, comment.
6111 6136 -The fields are separated by spaces.
6112 6137 -.Pp
6113 6138 -The marker is optional, but if it is present then it must be one of
6114 6139 -.Dq @cert-authority ,
6115 6140 -to indicate that the line contains a certification authority (CA) key,
6116 6141 -or
6117 6142 -.Dq @revoked ,
6118 6143 -to indicate that the key contained on the line is revoked and must not ever
6119 6144 -be accepted.
6120 6145 -Only one marker should be used on a key line.
6121 6146 -.Pp
6122 6147 -Hostnames is a comma-separated list of patterns
6123 6148 -.Pf ( Ql *
6124 6149 -and
6125 6150 -.Ql \&?
6126 6151 -act as
6127 6152 -wildcards); each pattern in turn is matched against the canonical host
6128 6153 -name (when authenticating a client) or against the user-supplied
6129 6154 -name (when authenticating a server).
6130 6155 -A pattern may also be preceded by
6131 6156 -.Ql \&!
6132 6157 -to indicate negation: if the host name matches a negated
6133 6158 -pattern, it is not accepted (by that line) even if it matched another
6134 6159 -pattern on the line.
6135 6160 -A hostname or address may optionally be enclosed within
6136 6161 -.Ql \&[
6137 6162 -and
6138 6163 -.Ql \&]
6139 6164 -brackets then followed by
6140 6165 -.Ql \&:
6141 6166 -and a non-standard port number.
6142 6167 -.Pp
6143 6168 -Alternately, hostnames may be stored in a hashed form which hides host names
6144 6169 -and addresses should the file's contents be disclosed.
6145 6170 -Hashed hostnames start with a
6146 6171 -.Ql |
6147 6172 -character.
6148 6173 -Only one hashed hostname may appear on a single line and none of the above
6149 6174 -negation or wildcard operators may be applied.
6150 6175 -.Pp
6151 6176 -Bits, exponent, and modulus are taken directly from the RSA host key; they
6152 6177 -can be obtained, for example, from
6153 6178 -.Pa /etc/ssh/ssh_host_key.pub .
6154 6179 -The optional comment field continues to the end of the line, and is not used.
6155 6180 -.Pp
6156 6181 -Lines starting with
6157 6182 -.Ql #
6158 6183 -and empty lines are ignored as comments.
6159 6184 -.Pp
6160 6185 -When performing host authentication, authentication is accepted if any
6161 6186 -matching line has the proper key; either one that matches exactly or,
6162 6187 -if the server has presented a certificate for authentication, the key
6163 6188 -of the certification authority that signed the certificate.
6164 6189 -For a key to be trusted as a certification authority, it must use the
6165 6190 -.Dq @cert-authority
6166 6191 -marker described above.
6167 6192 -.Pp
6168 6193 -The known hosts file also provides a facility to mark keys as revoked,
6169 6194 -for example when it is known that the associated private key has been
6170 6195 -stolen.
6171 6196 -Revoked keys are specified by including the
6172 6197 -.Dq @revoked
6173 6198 -marker at the beginning of the key line, and are never accepted for
6174 6199 -authentication or as certification authorities, but instead will
6175 6200 -produce a warning from
6176 6201 -.Xr ssh 1
6177 6202 -when they are encountered.
6178 6203 -.Pp
6179 6204 -It is permissible (but not
6180 6205 -recommended) to have several lines or different host keys for the same
6181 6206 -names.
6182 6207 -This will inevitably happen when short forms of host names
6183 6208 -from different domains are put in the file.
6184 6209 -It is possible
6185 6210 -that the files contain conflicting information; authentication is
6186 6211 -accepted if valid information can be found from either file.
6187 6212 -.Pp
6188 6213 -Note that the lines in these files are typically hundreds of characters
6189 6214 -long, and you definitely don't want to type in the host keys by hand.
6190 6215 -Rather, generate them by a script,
6191 6216 -.Xr ssh-keyscan 1
6192 6217 -or by taking
6193 6218 -.Pa /etc/ssh/ssh_host_key.pub
6194 6219 -and adding the host names at the front.
6195 6220 -.Xr ssh-keygen 1
6196 6221 -also offers some basic automated editing for
6197 6222 -.Pa ~/.ssh/known_hosts
6198 6223 -including removing hosts matching a host name and converting all host
6199 6224 -names to their hashed representations.
6200 6225 -.Pp
6201 6226 -An example ssh_known_hosts file:
6202 6227 -.Bd -literal -offset 3n
6203 6228 -# Comments allowed at start of line
6204 6229 -closenet,...,192.0.2.53 1024 37 159...93 closenet.example.net
6205 6230 -cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....=
6206 6231 -# A hashed hostname
6207 6232 -|1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa
6208 6233 -AAAA1234.....=
6209 6234 -# A revoked key
6210 6235 -@revoked * ssh-rsa AAAAB5W...
6211 6236 -# A CA key, accepted for any host in *.mydomain.com or *.mydomain.org
6212 6237 -@cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W...
6213 6238 -.Ed
6214 6239 -.Sh FILES
6215 6240 -.Bl -tag -width Ds -compact
6216 6241 -.It Pa ~/.hushlogin
6217 6242 -This file is used to suppress printing the last login time and
6218 6243 -.Pa /etc/motd ,
6219 6244 -if
6220 6245 -.Cm PrintLastLog
6221 6246 -and
6222 6247 -.Cm PrintMotd ,
6223 6248 -respectively,
6224 6249 -are enabled.
6225 6250 -It does not suppress printing of the banner specified by
6226 6251 -.Cm Banner .
6227 6252 -.Pp
6228 6253 -.It Pa ~/.rhosts
6229 6254 -This file is used for host-based authentication (see
6230 6255 -.Xr ssh 1
6231 6256 -for more information).
6232 6257 -On some machines this file may need to be
6233 6258 -world-readable if the user's home directory is on an NFS partition,
6234 6259 -because
6235 6260 -.Nm
6236 6261 -reads it as root.
6237 6262 -Additionally, this file must be owned by the user,
6238 6263 -and must not have write permissions for anyone else.
6239 6264 -The recommended
6240 6265 -permission for most machines is read/write for the user, and not
6241 6266 -accessible by others.
6242 6267 -.Pp
6243 6268 -.It Pa ~/.shosts
6244 6269 -This file is used in exactly the same way as
6245 6270 -.Pa .rhosts ,
6246 6271 -but allows host-based authentication without permitting login with
6247 6272 -rlogin/rsh.
6248 6273 -.Pp
6249 6274 -.It Pa ~/.ssh/
6250 6275 -This directory is the default location for all user-specific configuration
6251 6276 -and authentication information.
6252 6277 -There is no general requirement to keep the entire contents of this directory
6253 6278 -secret, but the recommended permissions are read/write/execute for the user,
6254 6279 -and not accessible by others.
6255 6280 -.Pp
6256 6281 -.It Pa ~/.ssh/authorized_keys
6257 6282 -Lists the public keys (DSA, ECDSA, Ed25519, RSA)
6258 6283 -that can be used for logging in as this user.
6259 6284 -The format of this file is described above.
6260 6285 -The content of the file is not highly sensitive, but the recommended
6261 6286 -permissions are read/write for the user, and not accessible by others.
6262 6287 -.Pp
6263 6288 -If this file, the
6264 6289 -.Pa ~/.ssh
6265 6290 -directory, or the user's home directory are writable
6266 6291 -by other users, then the file could be modified or replaced by unauthorized
6267 6292 -users.
6268 6293 -In this case,
6269 6294 -.Nm
6270 6295 -will not allow it to be used unless the
6271 6296 -.Cm StrictModes
6272 6297 -option has been set to
6273 6298 -.Dq no .
6274 6299 -.Pp
6275 6300 -.It Pa ~/.ssh/environment
6276 6301 -This file is read into the environment at login (if it exists).
6277 6302 -It can only contain empty lines, comment lines (that start with
6278 6303 -.Ql # ) ,
6279 6304 -and assignment lines of the form name=value.
6280 6305 -The file should be writable
6281 6306 -only by the user; it need not be readable by anyone else.
6282 6307 -Environment processing is disabled by default and is
6283 6308 -controlled via the
6284 6309 -.Cm PermitUserEnvironment
6285 6310 -option.
6286 6311 -.Pp
6287 6312 -.It Pa ~/.ssh/known_hosts
6288 6313 -Contains a list of host keys for all hosts the user has logged into
6289 6314 -that are not already in the systemwide list of known host keys.
6290 6315 -The format of this file is described above.
6291 6316 -This file should be writable only by root/the owner and
6292 6317 -can, but need not be, world-readable.
6293 6318 -.Pp
6294 6319 -.It Pa ~/.ssh/rc
6295 6320 -Contains initialization routines to be run before
6296 6321 -the user's home directory becomes accessible.
6297 6322 -This file should be writable only by the user, and need not be
6298 6323 -readable by anyone else.
6299 6324 -.Pp
6300 6325 -.It Pa /etc/hosts.equiv
6301 6326 -This file is for host-based authentication (see
6302 6327 -.Xr ssh 1 ) .
6303 6328 -It should only be writable by root.
6304 6329 -.Pp
6305 6330 -.It Pa /etc/moduli
6306 6331 -Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
6307 6332 -The file format is described in
6308 6333 -.Xr moduli 5 .
6309 6334 -.Pp
6310 6335 -.It Pa /etc/motd
6311 6336 -See
6312 6337 -.Xr motd 5 .
6313 6338 -.Pp
6314 6339 -.It Pa /etc/nologin
6315 6340 -If this file exists,
6316 6341 -.Nm
6317 6342 -refuses to let anyone except root log in.
6318 6343 -The contents of the file
6319 6344 -are displayed to anyone trying to log in, and non-root connections are
6320 6345 -refused.
6321 6346 -The file should be world-readable.
6322 6347 -.Pp
6323 6348 -.It Pa /etc/shosts.equiv
6324 6349 -This file is used in exactly the same way as
6325 6350 -.Pa hosts.equiv ,
6326 6351 -but allows host-based authentication without permitting login with
6327 6352 -rlogin/rsh.
6328 6353 -.Pp
6329 6354 -.It Pa /etc/ssh/ssh_host_key
6330 6355 -.It Pa /etc/ssh/ssh_host_dsa_key
6331 6356 -.It Pa /etc/ssh/ssh_host_ecdsa_key
6332 6357 -.It Pa /etc/ssh/ssh_host_ed25519_key
6333 6358 -.It Pa /etc/ssh/ssh_host_rsa_key
6334 6359 -These files contain the private parts of the host keys.
6335 6360 -These files should only be owned by root, readable only by root, and not
6336 6361 -accessible to others.
6337 6362 -Note that
6338 6363 -.Nm
6339 6364 -does not start if these files are group/world-accessible.
6340 6365 -.Pp
6341 6366 -.It Pa /etc/ssh/ssh_host_key.pub
6342 6367 -.It Pa /etc/ssh/ssh_host_dsa_key.pub
6343 6368 -.It Pa /etc/ssh/ssh_host_ecdsa_key.pub
6344 6369 -.It Pa /etc/ssh/ssh_host_ed25519_key.pub
6345 6370 -.It Pa /etc/ssh/ssh_host_rsa_key.pub
6346 6371 -These files contain the public parts of the host keys.
6347 6372 -These files should be world-readable but writable only by
6348 6373 -root.
6349 6374 -Their contents should match the respective private parts.
6350 6375 -These files are not
6351 6376 -really used for anything; they are provided for the convenience of
6352 6377 -the user so their contents can be copied to known hosts files.
6353 6378 -These files are created using
6354 6379 -.Xr ssh-keygen 1 .
6355 6380 -.Pp
6356 6381 -.It Pa /etc/ssh/ssh_known_hosts
6357 6382 -Systemwide list of known host keys.
6358 6383 -This file should be prepared by the
6359 6384 -system administrator to contain the public host keys of all machines in the
6360 6385 -organization.
6361 6386 -The format of this file is described above.
6362 6387 -This file should be writable only by root/the owner and
6363 6388 -should be world-readable.
6364 6389 -.Pp
6365 6390 -.It Pa /etc/ssh/sshd_config
6366 6391 -Contains configuration data for
6367 6392 -.Nm sshd .
6368 6393 -The file format and configuration options are described in
6369 6394 -.Xr sshd_config 5 .
6370 6395 -.Pp
6371 6396 -.It Pa /etc/ssh/sshrc
6372 6397 -Similar to
6373 6398 -.Pa ~/.ssh/rc ,
6374 6399 -it can be used to specify
6375 6400 -machine-specific login-time initializations globally.
6376 6401 -This file should be writable only by root, and should be world-readable.
6377 6402 -.Pp
6378 6403 -.It Pa /var/empty
6379 6404 -.Xr chroot 2
6380 6405 -directory used by
6381 6406 -.Nm
6382 6407 -during privilege separation in the pre-authentication phase.
6383 6408 -The directory should not contain any files and must be owned by root
6384 6409 -and not group or world-writable.
6385 6410 -.Pp
6386 6411 -.It Pa /var/run/sshd.pid
6387 6412 -Contains the process ID of the
6388 6413 -.Nm
6389 6414 -listening for connections (if there are several daemons running
6390 6415 -concurrently for different ports, this contains the process ID of the one
6391 6416 -started last).
6392 6417 -The content of this file is not sensitive; it can be world-readable.
6393 6418 -.El
6394 6419 -.Sh SEE ALSO
6395 6420 -.Xr scp 1 ,
6396 6421 -.Xr sftp 1 ,
6397 6422 -.Xr ssh 1 ,
6398 6423 -.Xr ssh-add 1 ,
6399 6424 -.Xr ssh-agent 1 ,
6400 6425 -.Xr ssh-keygen 1 ,
6401 6426 -.Xr ssh-keyscan 1 ,
6402 6427 -.Xr chroot 2 ,
6403 6428 -.Xr login.conf 5 ,
6404 6429 -.Xr moduli 5 ,
6405 6430 -.Xr sshd_config 5 ,
6406 6431 -.Xr inetd 8 ,
6407 6432 -.Xr sftp-server 8
6408 6433 -.Sh AUTHORS
6409 6434 -OpenSSH is a derivative of the original and free
6410 6435 -ssh 1.2.12 release by Tatu Ylonen.
6411 6436 -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
6412 6437 -Theo de Raadt and Dug Song
6413 6438 -removed many bugs, re-added newer features and
6414 6439 -created OpenSSH.
6415 6440 -Markus Friedl contributed the support for SSH
6416 6441 -protocol versions 1.5 and 2.0.
6417 6442 -Niels Provos and Markus Friedl contributed support
6418 6443 -for privilege separation.
6419 6444 diff --git a/sshd_config.4 b/sshd_config.4
6420 6445 new file mode 100644
6421 6446 index 0000000..ba4d79a
6422 6447 --- /dev/null
6423 6448 +++ b/sshd_config.4
6424 6449 @@ -0,0 +1,1736 @@
6425 6450 +.\"
6426 6451 +.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6427 6452 +.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6428 6453 +.\" All rights reserved
6429 6454 +.\"
6430 6455 +.\" As far as I am concerned, the code I have written for this software
6431 6456 +.\" can be used freely for any purpose. Any derived versions of this
6432 6457 +.\" software must be clearly marked as such, and if the derived work is
6433 6458 +.\" incompatible with the protocol description in the RFC file, it must be
6434 6459 +.\" called by a name other than "ssh" or "Secure Shell".
6435 6460 +.\"
6436 6461 +.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
6437 6462 +.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
6438 6463 +.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
6439 6464 +.\"
6440 6465 +.\" Redistribution and use in source and binary forms, with or without
6441 6466 +.\" modification, are permitted provided that the following conditions
6442 6467 +.\" are met:
6443 6468 +.\" 1. Redistributions of source code must retain the above copyright
6444 6469 +.\" notice, this list of conditions and the following disclaimer.
6445 6470 +.\" 2. Redistributions in binary form must reproduce the above copyright
6446 6471 +.\" notice, this list of conditions and the following disclaimer in the
6447 6472 +.\" documentation and/or other materials provided with the distribution.
6448 6473 +.\"
6449 6474 +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
6450 6475 +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
6451 6476 +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
6452 6477 +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
6453 6478 +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
6454 6479 +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
6455 6480 +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
6456 6481 +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
6457 6482 +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
6458 6483 +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
6459 6484 +.\"
6460 6485 +.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $
6461 6486 +.Dd $Mdocdate: August 14 2015 $
6462 6487 +.Dt SSHD_CONFIG 4
6463 6488 +.Os
6464 6489 +.Sh NAME
6465 6490 +.Nm sshd_config
6466 6491 +.Nd OpenSSH SSH daemon configuration file
6467 6492 +.Sh SYNOPSIS
6468 6493 +.Nm /etc/ssh/sshd_config
6469 6494 +.Sh DESCRIPTION
6470 6495 +.Xr sshd 1M
6471 6496 +reads configuration data from
6472 6497 +.Pa /etc/ssh/sshd_config
6473 6498 +(or the file specified with
6474 6499 +.Fl f
6475 6500 +on the command line).
6476 6501 +The file contains keyword-argument pairs, one per line.
6477 6502 +Lines starting with
6478 6503 +.Ql #
6479 6504 +and empty lines are interpreted as comments.
6480 6505 +Arguments may optionally be enclosed in double quotes
6481 6506 +.Pq \&"
6482 6507 +in order to represent arguments containing spaces.
6483 6508 +.Pp
6484 6509 +The possible
6485 6510 +keywords and their meanings are as follows (note that
6486 6511 +keywords are case-insensitive and arguments are case-sensitive):
6487 6512 +.Bl -tag -width Ds
6488 6513 +.It Cm AcceptEnv
6489 6514 +Specifies what environment variables sent by the client will be copied into
6490 6515 +the session's
6491 6516 +.Xr environ 7 .
6492 6517 +See
6493 6518 +.Cm SendEnv
6494 6519 +in
6495 6520 +.Xr ssh_config 4
6496 6521 +for how to configure the client.
6497 6522 +Note that environment passing is only supported for protocol 2, and
6498 6523 +that the
6499 6524 +.Ev TERM
6500 6525 +environment variable is always sent whenever the client
6501 6526 +requests a pseudo-terminal as it is required by the protocol.
6502 6527 +Variables are specified by name, which may contain the wildcard characters
6503 6528 +.Ql *
6504 6529 +and
6505 6530 +.Ql \&? .
6506 6531 +Multiple environment variables may be separated by whitespace or spread
6507 6532 +across multiple
6508 6533 +.Cm AcceptEnv
6509 6534 +directives.
6510 6535 +Be warned that some environment variables could be used to bypass restricted
6511 6536 +user environments.
6512 6537 +For this reason, care should be taken in the use of this directive.
6513 6538 +The default is not to accept any environment variables.
6514 6539 +.It Cm AddressFamily
6515 6540 +Specifies which address family should be used by
6516 6541 +.Xr sshd 1M .
6517 6542 +Valid arguments are
6518 6543 +.Dq any ,
6519 6544 +.Dq inet
6520 6545 +(use IPv4 only), or
6521 6546 +.Dq inet6
6522 6547 +(use IPv6 only).
6523 6548 +The default is
6524 6549 +.Dq any .
6525 6550 +.It Cm AllowAgentForwarding
6526 6551 +Specifies whether
6527 6552 +.Xr ssh-agent 1
6528 6553 +forwarding is permitted.
6529 6554 +The default is
6530 6555 +.Dq yes .
6531 6556 +Note that disabling agent forwarding does not improve security
6532 6557 +unless users are also denied shell access, as they can always install
6533 6558 +their own forwarders.
6534 6559 +.It Cm AllowGroups
6535 6560 +This keyword can be followed by a list of group name patterns, separated
6536 6561 +by spaces.
6537 6562 +If specified, login is allowed only for users whose primary
6538 6563 +group or supplementary group list matches one of the patterns.
6539 6564 +Only group names are valid; a numerical group ID is not recognized.
6540 6565 +By default, login is allowed for all groups.
6541 6566 +The allow/deny directives are processed in the following order:
6542 6567 +.Cm DenyUsers ,
6543 6568 +.Cm AllowUsers ,
6544 6569 +.Cm DenyGroups ,
6545 6570 +and finally
6546 6571 +.Cm AllowGroups .
6547 6572 +.Pp
6548 6573 +See PATTERNS in
6549 6574 +.Xr ssh_config 4
6550 6575 +for more information on patterns.
6551 6576 +.It Cm AllowTcpForwarding
6552 6577 +Specifies whether TCP forwarding is permitted.
6553 6578 +The available options are
6554 6579 +.Dq yes
6555 6580 +or
6556 6581 +.Dq all
6557 6582 +to allow TCP forwarding,
6558 6583 +.Dq no
6559 6584 +to prevent all TCP forwarding,
6560 6585 +.Dq local
6561 6586 +to allow local (from the perspective of
6562 6587 +.Xr ssh 1 )
6563 6588 +forwarding only or
6564 6589 +.Dq remote
6565 6590 +to allow remote forwarding only.
6566 6591 +The default is
6567 6592 +.Dq yes .
6568 6593 +Note that disabling TCP forwarding does not improve security unless
6569 6594 +users are also denied shell access, as they can always install their
6570 6595 +own forwarders.
6571 6596 +.It Cm AllowStreamLocalForwarding
6572 6597 +Specifies whether StreamLocal (Unix-domain socket) forwarding is permitted.
6573 6598 +The available options are
6574 6599 +.Dq yes
6575 6600 +or
6576 6601 +.Dq all
6577 6602 +to allow StreamLocal forwarding,
6578 6603 +.Dq no
6579 6604 +to prevent all StreamLocal forwarding,
6580 6605 +.Dq local
6581 6606 +to allow local (from the perspective of
6582 6607 +.Xr ssh 1 )
6583 6608 +forwarding only or
6584 6609 +.Dq remote
6585 6610 +to allow remote forwarding only.
6586 6611 +The default is
6587 6612 +.Dq yes .
6588 6613 +Note that disabling StreamLocal forwarding does not improve security unless
6589 6614 +users are also denied shell access, as they can always install their
6590 6615 +own forwarders.
6591 6616 +.It Cm AllowUsers
6592 6617 +This keyword can be followed by a list of user name patterns, separated
6593 6618 +by spaces.
6594 6619 +If specified, login is allowed only for user names that
6595 6620 +match one of the patterns.
6596 6621 +Only user names are valid; a numerical user ID is not recognized.
6597 6622 +By default, login is allowed for all users.
6598 6623 +If the pattern takes the form USER@HOST then USER and HOST
6599 6624 +are separately checked, restricting logins to particular
6600 6625 +users from particular hosts.
6601 6626 +The allow/deny directives are processed in the following order:
6602 6627 +.Cm DenyUsers ,
6603 6628 +.Cm AllowUsers ,
6604 6629 +.Cm DenyGroups ,
6605 6630 +and finally
6606 6631 +.Cm AllowGroups .
6607 6632 +.Pp
6608 6633 +See PATTERNS in
6609 6634 +.Xr ssh_config 4
6610 6635 +for more information on patterns.
6611 6636 +.It Cm AuthenticationMethods
6612 6637 +Specifies the authentication methods that must be successfully completed
6613 6638 +for a user to be granted access.
6614 6639 +This option must be followed by one or more comma-separated lists of
6615 6640 +authentication method names.
6616 6641 +Successful authentication requires completion of every method in at least
6617 6642 +one of these lists.
6618 6643 +.Pp
6619 6644 +For example, an argument of
6620 6645 +.Dq publickey,password publickey,keyboard-interactive
6621 6646 +would require the user to complete public key authentication, followed by
6622 6647 +either password or keyboard interactive authentication.
6623 6648 +Only methods that are next in one or more lists are offered at each stage,
6624 6649 +so for this example, it would not be possible to attempt password or
6625 6650 +keyboard-interactive authentication before public key.
6626 6651 +.Pp
6627 6652 +For keyboard interactive authentication it is also possible to
6628 6653 +restrict authentication to a specific device by appending a
6629 6654 +colon followed by the device identifier
6630 6655 +.Dq bsdauth ,
6631 6656 +.Dq pam ,
6632 6657 +or
6633 6658 +.Dq skey ,
6634 6659 +depending on the server configuration.
6635 6660 +For example,
6636 6661 +.Dq keyboard-interactive:bsdauth
6637 6662 +would restrict keyboard interactive authentication to the
6638 6663 +.Dq bsdauth
6639 6664 +device.
6640 6665 +.Pp
6641 6666 +If the
6642 6667 +.Dq publickey
6643 6668 +method is listed more than once,
6644 6669 +.Xr sshd 8
6645 6670 +verifies that keys that have been used successfully are not reused for
6646 6671 +subsequent authentications.
6647 6672 +For example, an
6648 6673 +.Cm AuthenticationMethods
6649 6674 +of
6650 6675 +.Dq publickey,publickey
6651 6676 +will require successful authentication using two different public keys.
6652 6677 +.Pp
6653 6678 +This option is only available for SSH protocol 2 and will yield a fatal
6654 6679 +error if enabled if protocol 1 is also enabled.
6655 6680 +Note that each authentication method listed should also be explicitly enabled
6656 6681 +in the configuration.
6657 6682 +The default is not to require multiple authentication; successful completion
6658 6683 +of a single authentication method is sufficient.
6659 6684 +.It Cm AuthorizedKeysCommand
6660 6685 +Specifies a program to be used to look up the user's public keys.
6661 6686 +The program must be owned by root, not writable by group or others and
6662 6687 +specified by an absolute path.
6663 6688 +.Pp
6664 6689 +Arguments to
6665 6690 +.Cm AuthorizedKeysCommand
6666 6691 +may be provided using the following tokens, which will be expanded
6667 6692 +at runtime: %% is replaced by a literal '%', %u is replaced by the
6668 6693 +username being authenticated, %h is replaced by the home directory
6669 6694 +of the user being authenticated, %t is replaced with the key type
6670 6695 +offered for authentication, %f is replaced with the fingerprint of
6671 6696 +the key, and %k is replaced with the key being offered for authentication.
6672 6697 +If no arguments are specified then the username of the target user
6673 6698 +will be supplied.
6674 6699 +.Pp
6675 6700 +The program should produce on standard output zero or
6676 6701 +more lines of authorized_keys output (see AUTHORIZED_KEYS in
6677 6702 +.Xr sshd 1M ) .
6678 6703 +If a key supplied by AuthorizedKeysCommand does not successfully authenticate
6679 6704 +and authorize the user then public key authentication continues using the usual
6680 6705 +.Cm AuthorizedKeysFile
6681 6706 +files.
6682 6707 +By default, no AuthorizedKeysCommand is run.
6683 6708 +.It Cm AuthorizedKeysCommandUser
6684 6709 +Specifies the user under whose account the AuthorizedKeysCommand is run.
6685 6710 +It is recommended to use a dedicated user that has no other role on the host
6686 6711 +than running authorized keys commands.
6687 6712 +If
6688 6713 +.Cm AuthorizedKeysCommand
6689 6714 +is specified but
6690 6715 +.Cm AuthorizedKeysCommandUser
6691 6716 +is not, then
6692 6717 +.Xr sshd 8
6693 6718 +will refuse to start.
6694 6719 +.It Cm AuthorizedKeysFile
6695 6720 +Specifies the file that contains the public keys that can be used
6696 6721 +for user authentication.
6697 6722 +The format is described in the
6698 6723 +AUTHORIZED_KEYS FILE FORMAT
6699 6724 +section of
6700 6725 +.Xr sshd 1M .
6701 6726 +.Cm AuthorizedKeysFile
6702 6727 +may contain tokens of the form %T which are substituted during connection
6703 6728 +setup.
6704 6729 +The following tokens are defined: %% is replaced by a literal '%',
6705 6730 +%h is replaced by the home directory of the user being authenticated, and
6706 6731 +%u is replaced by the username of that user.
6707 6732 +After expansion,
6708 6733 +.Cm AuthorizedKeysFile
6709 6734 +is taken to be an absolute path or one relative to the user's home
6710 6735 +directory.
6711 6736 +Multiple files may be listed, separated by whitespace.
6712 6737 +The default is
6713 6738 +.Dq .ssh/authorized_keys .ssh/authorized_keys2 .
6714 6739 +.It Cm AuthorizedPrincipalsCommand
6715 6740 +Specifies a program to be used to generate the list of allowed
6716 6741 +certificate principals as per
6717 6742 +.Cm AuthorizedPrincipalsFile .
6718 6743 +The program must be owned by root, not writable by group or others and
6719 6744 +specified by an absolute path.
6720 6745 +.Pp
6721 6746 +Arguments to
6722 6747 +.Cm AuthorizedPrincipalsCommand
6723 6748 +may be provided using the following tokens, which will be expanded
6724 6749 +at runtime: %% is replaced by a literal '%', %u is replaced by the
6725 6750 +username being authenticated and %h is replaced by the home directory
6726 6751 +of the user being authenticated.
6727 6752 +.Pp
6728 6753 +The program should produce on standard output zero or
6729 6754 +more lines of
6730 6755 +.Cm AuthorizedPrincipalsFile
6731 6756 +output.
6732 6757 +If either
6733 6758 +.Cm AuthorizedPrincipalsCommand
6734 6759 +or
6735 6760 +.Cm AuthorizedPrincipalsFile
6736 6761 +is specified, then certificates offered by the client for authentication
6737 6762 +must contain a principal that is listed.
6738 6763 +By default, no AuthorizedPrincipalsCommand is run.
6739 6764 +.It Cm AuthorizedPrincipalsCommandUser
6740 6765 +Specifies the user under whose account the AuthorizedPrincipalsCommand is run.
6741 6766 +It is recommended to use a dedicated user that has no other role on the host
6742 6767 +than running authorized principals commands.
6743 6768 +If
6744 6769 +.Cm AuthorizedPrincipalsCommand
6745 6770 +is specified but
6746 6771 +.Cm AuthorizedPrincipalsCommandUser
6747 6772 +is not, then
6748 6773 +.Xr sshd 8
6749 6774 +will refuse to start.
6750 6775 +.It Cm AuthorizedPrincipalsFile
6751 6776 +Specifies a file that lists principal names that are accepted for
6752 6777 +certificate authentication.
6753 6778 +When using certificates signed by a key listed in
6754 6779 +.Cm TrustedUserCAKeys ,
6755 6780 +this file lists names, one of which must appear in the certificate for it
6756 6781 +to be accepted for authentication.
6757 6782 +Names are listed one per line preceded by key options (as described
6758 6783 +in AUTHORIZED_KEYS FILE FORMAT in
6759 6784 +.Xr sshd 1M ) .
6760 6785 +Empty lines and comments starting with
6761 6786 +.Ql #
6762 6787 +are ignored.
6763 6788 +.Pp
6764 6789 +.Cm AuthorizedPrincipalsFile
6765 6790 +may contain tokens of the form %T which are substituted during connection
6766 6791 +setup.
6767 6792 +The following tokens are defined: %% is replaced by a literal '%',
6768 6793 +%h is replaced by the home directory of the user being authenticated, and
6769 6794 +%u is replaced by the username of that user.
6770 6795 +After expansion,
6771 6796 +.Cm AuthorizedPrincipalsFile
6772 6797 +is taken to be an absolute path or one relative to the user's home
6773 6798 +directory.
6774 6799 +.Pp
6775 6800 +The default is
6776 6801 +.Dq none ,
6777 6802 +i.e. not to use a principals file \(en in this case, the username
6778 6803 +of the user must appear in a certificate's principals list for it to be
6779 6804 +accepted.
6780 6805 +Note that
6781 6806 +.Cm AuthorizedPrincipalsFile
6782 6807 +is only used when authentication proceeds using a CA listed in
6783 6808 +.Cm TrustedUserCAKeys
6784 6809 +and is not consulted for certification authorities trusted via
6785 6810 +.Pa ~/.ssh/authorized_keys ,
6786 6811 +though the
6787 6812 +.Cm principals=
6788 6813 +key option offers a similar facility (see
6789 6814 +.Xr sshd 1M
6790 6815 +for details).
6791 6816 +.It Cm Banner
6792 6817 +The contents of the specified file are sent to the remote user before
6793 6818 +authentication is allowed.
6794 6819 +If the argument is
6795 6820 +.Dq none
6796 6821 +then no banner is displayed.
6797 6822 +This option is only available for protocol version 2.
6798 6823 +By default, no banner is displayed.
6799 6824 +.It Cm ChallengeResponseAuthentication
6800 6825 +Specifies whether challenge-response authentication is allowed (e.g. via
6801 6826 +PAM or through authentication styles supported in
6802 6827 +.Xr login.conf 5 )
6803 6828 +The default is
6804 6829 +.Dq yes .
6805 6830 +.It Cm ChrootDirectory
6806 6831 +Specifies the pathname of a directory to
6807 6832 +.Xr chroot 2
6808 6833 +to after authentication.
6809 6834 +At session startup
6810 6835 +.Xr sshd 8
6811 6836 +checks that all components of the pathname are root-owned directories
6812 6837 +which are not writable by any other user or group.
6813 6838 +After the chroot,
6814 6839 +.Xr sshd 1M
6815 6840 +changes the working directory to the user's home directory.
6816 6841 +.Pp
6817 6842 +The pathname may contain the following tokens that are expanded at runtime once
6818 6843 +the connecting user has been authenticated: %% is replaced by a literal '%',
6819 6844 +%h is replaced by the home directory of the user being authenticated, and
6820 6845 +%u is replaced by the username of that user.
6821 6846 +.Pp
6822 6847 +The
6823 6848 +.Cm ChrootDirectory
6824 6849 +must contain the necessary files and directories to support the
6825 6850 +user's session.
6826 6851 +For an interactive session this requires at least a shell, typically
6827 6852 +.Xr sh 1 ,
6828 6853 +and basic
6829 6854 +.Pa /dev
6830 6855 +nodes such as
6831 6856 +.Xr null 4 ,
6832 6857 +.Xr zero 4 ,
6833 6858 +.Xr stdin 4 ,
6834 6859 +.Xr stdout 4 ,
6835 6860 +.Xr stderr 4 ,
6836 6861 +and
6837 6862 +.Xr tty 4
6838 6863 +devices.
6839 6864 +For file transfer sessions using
6840 6865 +.Dq sftp ,
6841 6866 +no additional configuration of the environment is necessary if the
6842 6867 +in-process sftp server is used,
6843 6868 +though sessions which use logging may require
6844 6869 +.Pa /dev/log
6845 6870 +inside the chroot directory on some operating systems (see
6846 6871 +.Xr sftp-server 8
6847 6872 +for details).
6848 6873 +.Pp
6849 6874 +For safety, it is very important that the directory hierarchy be
6850 6875 +prevented from modification by other processes on the system (especially
6851 6876 +those outside the jail).
6852 6877 +Misconfiguration can lead to unsafe environments which
6853 6878 +.Xr sshd 8
6854 6879 +cannot detect.
6855 6880 +.Pp
6856 6881 +The default is not to
6857 6882 +.Xr chroot 2 .
6858 6883 +.It Cm Ciphers
6859 6884 +Specifies the ciphers allowed for protocol version 2.
6860 6885 +Multiple ciphers must be comma-separated.
6861 6886 +If the specified value begins with a
6862 6887 +.Sq +
6863 6888 +character, then the specified ciphers will be appended to the default set
6864 6889 +instead of replacing them.
6865 6890 +.Pp
6866 6891 +The supported ciphers are:
6867 6892 +.Pp
6868 6893 +.Bl -item -compact -offset indent
6869 6894 +.It
6870 6895 +3des-cbc
6871 6896 +.It
6872 6897 +aes128-cbc
6873 6898 +.It
6874 6899 +aes192-cbc
6875 6900 +.It
6876 6901 +aes256-cbc
6877 6902 +.It
6878 6903 +aes128-ctr
6879 6904 +.It
6880 6905 +aes192-ctr
6881 6906 +.It
6882 6907 +aes256-ctr
6883 6908 +.It
6884 6909 +aes128-gcm@openssh.com
6885 6910 +.It
6886 6911 +aes256-gcm@openssh.com
6887 6912 +.It
6888 6913 +arcfour
6889 6914 +.It
6890 6915 +arcfour128
6891 6916 +.It
6892 6917 +arcfour256
6893 6918 +.It
6894 6919 +blowfish-cbc
6895 6920 +.It
6896 6921 +cast128-cbc
6897 6922 +.It
6898 6923 +chacha20-poly1305@openssh.com
6899 6924 +.El
6900 6925 +.Pp
6901 6926 +The default is:
6902 6927 +.Bd -literal -offset indent
6903 6928 +chacha20-poly1305@openssh.com,
6904 6929 +aes128-ctr,aes192-ctr,aes256-ctr,
6905 6930 +aes128-gcm@openssh.com,aes256-gcm@openssh.com
6906 6931 +.Ed
6907 6932 +.Pp
6908 6933 +The list of available ciphers may also be obtained using the
6909 6934 +.Fl Q
6910 6935 +option of
6911 6936 +.Xr ssh 1
6912 6937 +with an argument of
6913 6938 +.Dq cipher .
6914 6939 +.It Cm ClientAliveCountMax
6915 6940 +Sets the number of client alive messages (see below) which may be
6916 6941 +sent without
6917 6942 +.Xr sshd 1M
6918 6943 +receiving any messages back from the client.
6919 6944 +If this threshold is reached while client alive messages are being sent,
6920 6945 +sshd will disconnect the client, terminating the session.
6921 6946 +It is important to note that the use of client alive messages is very
6922 6947 +different from
6923 6948 +.Cm TCPKeepAlive
6924 6949 +(below).
6925 6950 +The client alive messages are sent through the encrypted channel
6926 6951 +and therefore will not be spoofable.
6927 6952 +The TCP keepalive option enabled by
6928 6953 +.Cm TCPKeepAlive
6929 6954 +is spoofable.
6930 6955 +The client alive mechanism is valuable when the client or
6931 6956 +server depend on knowing when a connection has become inactive.
6932 6957 +.Pp
6933 6958 +The default value is 3.
6934 6959 +If
6935 6960 +.Cm ClientAliveInterval
6936 6961 +(see below) is set to 15, and
6937 6962 +.Cm ClientAliveCountMax
6938 6963 +is left at the default, unresponsive SSH clients
6939 6964 +will be disconnected after approximately 45 seconds.
6940 6965 +This option applies to protocol version 2 only.
6941 6966 +.It Cm ClientAliveInterval
6942 6967 +Sets a timeout interval in seconds after which if no data has been received
6943 6968 +from the client,
6944 6969 +.Xr sshd 1M
6945 6970 +will send a message through the encrypted
6946 6971 +channel to request a response from the client.
6947 6972 +The default
6948 6973 +is 0, indicating that these messages will not be sent to the client.
6949 6974 +This option applies to protocol version 2 only.
6950 6975 +.It Cm Compression
6951 6976 +Specifies whether compression is allowed, or delayed until
6952 6977 +the user has authenticated successfully.
6953 6978 +The argument must be
6954 6979 +.Dq yes ,
6955 6980 +.Dq delayed ,
6956 6981 +or
6957 6982 +.Dq no .
6958 6983 +The default is
6959 6984 +.Dq delayed .
6960 6985 +.It Cm DenyGroups
6961 6986 +This keyword can be followed by a list of group name patterns, separated
6962 6987 +by spaces.
6963 6988 +Login is disallowed for users whose primary group or supplementary
6964 6989 +group list matches one of the patterns.
6965 6990 +Only group names are valid; a numerical group ID is not recognized.
6966 6991 +By default, login is allowed for all groups.
6967 6992 +The allow/deny directives are processed in the following order:
6968 6993 +.Cm DenyUsers ,
6969 6994 +.Cm AllowUsers ,
6970 6995 +.Cm DenyGroups ,
6971 6996 +and finally
6972 6997 +.Cm AllowGroups .
6973 6998 +.Pp
6974 6999 +See PATTERNS in
6975 7000 +.Xr ssh_config 4
6976 7001 +for more information on patterns.
6977 7002 +.It Cm DenyUsers
6978 7003 +This keyword can be followed by a list of user name patterns, separated
6979 7004 +by spaces.
6980 7005 +Login is disallowed for user names that match one of the patterns.
6981 7006 +Only user names are valid; a numerical user ID is not recognized.
6982 7007 +By default, login is allowed for all users.
6983 7008 +If the pattern takes the form USER@HOST then USER and HOST
6984 7009 +are separately checked, restricting logins to particular
6985 7010 +users from particular hosts.
6986 7011 +The allow/deny directives are processed in the following order:
6987 7012 +.Cm DenyUsers ,
6988 7013 +.Cm AllowUsers ,
6989 7014 +.Cm DenyGroups ,
6990 7015 +and finally
6991 7016 +.Cm AllowGroups .
6992 7017 +.Pp
6993 7018 +See PATTERNS in
6994 7019 +.Xr ssh_config 4
6995 7020 +for more information on patterns.
6996 7021 +.It Cm FingerprintHash
6997 7022 +Specifies the hash algorithm used when logging key fingerprints.
6998 7023 +Valid options are:
6999 7024 +.Dq md5
7000 7025 +and
7001 7026 +.Dq sha256 .
7002 7027 +The default is
7003 7028 +.Dq sha256 .
7004 7029 +.It Cm ForceCommand
7005 7030 +Forces the execution of the command specified by
7006 7031 +.Cm ForceCommand ,
7007 7032 +ignoring any command supplied by the client and
7008 7033 +.Pa ~/.ssh/rc
7009 7034 +if present.
7010 7035 +The command is invoked by using the user's login shell with the -c option.
7011 7036 +This applies to shell, command, or subsystem execution.
7012 7037 +It is most useful inside a
7013 7038 +.Cm Match
7014 7039 +block.
7015 7040 +The command originally supplied by the client is available in the
7016 7041 +.Ev SSH_ORIGINAL_COMMAND
7017 7042 +environment variable.
7018 7043 +Specifying a command of
7019 7044 +.Dq internal-sftp
7020 7045 +will force the use of an in-process sftp server that requires no support
7021 7046 +files when used with
7022 7047 +.Cm ChrootDirectory .
7023 7048 +.It Cm GatewayPorts
7024 7049 +Specifies whether remote hosts are allowed to connect to ports
7025 7050 +forwarded for the client.
7026 7051 +By default,
7027 7052 +.Xr sshd 1M
7028 7053 +binds remote port forwardings to the loopback address.
7029 7054 +This prevents other remote hosts from connecting to forwarded ports.
7030 7055 +.Cm GatewayPorts
7031 7056 +can be used to specify that sshd
7032 7057 +should allow remote port forwardings to bind to non-loopback addresses, thus
7033 7058 +allowing other hosts to connect.
7034 7059 +The argument may be
7035 7060 +.Dq no
7036 7061 +to force remote port forwardings to be available to the local host only,
7037 7062 +.Dq yes
7038 7063 +to force remote port forwardings to bind to the wildcard address, or
7039 7064 +.Dq clientspecified
7040 7065 +to allow the client to select the address to which the forwarding is bound.
7041 7066 +The default is
7042 7067 +.Dq no .
7043 7068 +.It Cm GSSAPIAuthentication
7044 7069 +Specifies whether user authentication based on GSSAPI is allowed.
7045 7070 +The default is
7046 7071 +.Dq no .
7047 7072 +Note that this option applies to protocol version 2 only.
7048 7073 +.It Cm GSSAPICleanupCredentials
7049 7074 +Specifies whether to automatically destroy the user's credentials cache
7050 7075 +on logout.
7051 7076 +The default is
7052 7077 +.Dq yes .
7053 7078 +Note that this option applies to protocol version 2 only.
7054 7079 +.It Cm GSSAPIStrictAcceptorCheck
7055 7080 +Determines whether to be strict about the identity of the GSSAPI acceptor
7056 7081 +a client authenticates against.
7057 7082 +If set to
7058 7083 +.Dq yes
7059 7084 +then the client must authenticate against the
7060 7085 +.Pa host
7061 7086 +service on the current hostname.
7062 7087 +If set to
7063 7088 +.Dq no
7064 7089 +then the client may authenticate against any service key stored in the
7065 7090 +machine's default store.
7066 7091 +This facility is provided to assist with operation on multi homed machines.
7067 7092 +The default is
7068 7093 +.Dq yes .
7069 7094 +.It Cm HostbasedAcceptedKeyTypes
7070 7095 +Specifies the key types that will be accepted for hostbased authentication
7071 7096 +as a comma-separated pattern list.
7072 7097 +Alternately if the specified value begins with a
7073 7098 +.Sq +
7074 7099 +character, then the specified key types will be appended to the default set
7075 7100 +instead of replacing them.
7076 7101 +The default for this option is:
7077 7102 +.Bd -literal -offset 3n
7078 7103 +ecdsa-sha2-nistp256-cert-v01@openssh.com,
7079 7104 +ecdsa-sha2-nistp384-cert-v01@openssh.com,
7080 7105 +ecdsa-sha2-nistp521-cert-v01@openssh.com,
7081 7106 +ssh-ed25519-cert-v01@openssh.com,
7082 7107 +ssh-rsa-cert-v01@openssh.com,
7083 7108 +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
7084 7109 +ssh-ed25519,ssh-rsa
7085 7110 +.Ed
7086 7111 +.Pp
7087 7112 +The
7088 7113 +.Fl Q
7089 7114 +option of
7090 7115 +.Xr ssh 1
7091 7116 +may be used to list supported key types.
7092 7117 +.It Cm HostbasedAuthentication
7093 7118 +Specifies whether rhosts or /etc/hosts.equiv authentication together
7094 7119 +with successful public key client host authentication is allowed
7095 7120 +(host-based authentication).
7096 7121 +This option is similar to
7097 7122 +.Cm RhostsRSAAuthentication
7098 7123 +and applies to protocol version 2 only.
7099 7124 +The default is
7100 7125 +.Dq no .
7101 7126 +.It Cm HostbasedUsesNameFromPacketOnly
7102 7127 +Specifies whether or not the server will attempt to perform a reverse
7103 7128 +name lookup when matching the name in the
7104 7129 +.Pa ~/.shosts ,
7105 7130 +.Pa ~/.rhosts ,
7106 7131 +and
7107 7132 +.Pa /etc/hosts.equiv
7108 7133 +files during
7109 7134 +.Cm HostbasedAuthentication .
7110 7135 +A setting of
7111 7136 +.Dq yes
7112 7137 +means that
7113 7138 +.Xr sshd 1M
7114 7139 +uses the name supplied by the client rather than
7115 7140 +attempting to resolve the name from the TCP connection itself.
7116 7141 +The default is
7117 7142 +.Dq no .
7118 7143 +.It Cm HostCertificate
7119 7144 +Specifies a file containing a public host certificate.
7120 7145 +The certificate's public key must match a private host key already specified
7121 7146 +by
7122 7147 +.Cm HostKey .
7123 7148 +The default behaviour of
7124 7149 +.Xr sshd 1M
7125 7150 +is not to load any certificates.
7126 7151 +.It Cm HostKey
7127 7152 +Specifies a file containing a private host key
7128 7153 +used by SSH.
7129 7154 +The default is
7130 7155 +.Pa /etc/ssh/ssh_host_key
7131 7156 +for protocol version 1, and
7132 7157 +.Pa /etc/ssh/ssh_host_dsa_key ,
7133 7158 +.Pa /etc/ssh/ssh_host_ecdsa_key ,
7134 7159 +.Pa /etc/ssh/ssh_host_ed25519_key
7135 7160 +and
7136 7161 +.Pa /etc/ssh/ssh_host_rsa_key
7137 7162 +for protocol version 2.
7138 7163 +.Pp
7139 7164 +Note that
7140 7165 +.Xr sshd 1M
7141 7166 +will refuse to use a file if it is group/world-accessible
7142 7167 +and that the
7143 7168 +.Cm HostKeyAlgorithms
7144 7169 +option restricts which of the keys are actually used by
7145 7170 +.Xr sshd 1M .
7146 7171 +.Pp
7147 7172 +It is possible to have multiple host key files.
7148 7173 +.Dq rsa1
7149 7174 +keys are used for version 1 and
7150 7175 +.Dq dsa ,
7151 7176 +.Dq ecdsa ,
7152 7177 +.Dq ed25519
7153 7178 +or
7154 7179 +.Dq rsa
7155 7180 +are used for version 2 of the SSH protocol.
7156 7181 +It is also possible to specify public host key files instead.
7157 7182 +In this case operations on the private key will be delegated
7158 7183 +to an
7159 7184 +.Xr ssh-agent 1 .
7160 7185 +.It Cm HostKeyAgent
7161 7186 +Identifies the UNIX-domain socket used to communicate
7162 7187 +with an agent that has access to the private host keys.
7163 7188 +If
7164 7189 +.Dq SSH_AUTH_SOCK
7165 7190 +is specified, the location of the socket will be read from the
7166 7191 +.Ev SSH_AUTH_SOCK
7167 7192 +environment variable.
7168 7193 +.It Cm HostKeyAlgorithms
7169 7194 +Specifies the protocol version 2 host key algorithms
7170 7195 +that the server offers.
7171 7196 +The default for this option is:
7172 7197 +.Bd -literal -offset 3n
7173 7198 +ecdsa-sha2-nistp256-cert-v01@openssh.com,
7174 7199 +ecdsa-sha2-nistp384-cert-v01@openssh.com,
7175 7200 +ecdsa-sha2-nistp521-cert-v01@openssh.com,
7176 7201 +ssh-ed25519-cert-v01@openssh.com,
7177 7202 +ssh-rsa-cert-v01@openssh.com,
7178 7203 +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
7179 7204 +ssh-ed25519,ssh-rsa
7180 7205 +.Ed
7181 7206 +.Pp
7182 7207 +The list of available key types may also be obtained using the
7183 7208 +.Fl Q
7184 7209 +option of
7185 7210 +.Xr ssh 1
7186 7211 +with an argument of
7187 7212 +.Dq key .
7188 7213 +.It Cm IgnoreRhosts
7189 7214 +Specifies that
7190 7215 +.Pa .rhosts
7191 7216 +and
7192 7217 +.Pa .shosts
7193 7218 +files will not be used in
7194 7219 +.Cm RhostsRSAAuthentication
7195 7220 +or
7196 7221 +.Cm HostbasedAuthentication .
7197 7222 +.Pp
7198 7223 +.Pa /etc/hosts.equiv
7199 7224 +and
7200 7225 +.Pa /etc/shosts.equiv
7201 7226 +are still used.
7202 7227 +The default is
7203 7228 +.Dq yes .
7204 7229 +.It Cm IgnoreUserKnownHosts
7205 7230 +Specifies whether
7206 7231 +.Xr sshd 1M
7207 7232 +should ignore the user's
7208 7233 +.Pa ~/.ssh/known_hosts
7209 7234 +during
7210 7235 +.Cm RhostsRSAAuthentication
7211 7236 +or
7212 7237 +.Cm HostbasedAuthentication .
7213 7238 +The default is
7214 7239 +.Dq no .
7215 7240 +.It Cm IPQoS
7216 7241 +Specifies the IPv4 type-of-service or DSCP class for the connection.
7217 7242 +Accepted values are
7218 7243 +.Dq af11 ,
7219 7244 +.Dq af12 ,
7220 7245 +.Dq af13 ,
7221 7246 +.Dq af21 ,
7222 7247 +.Dq af22 ,
7223 7248 +.Dq af23 ,
7224 7249 +.Dq af31 ,
7225 7250 +.Dq af32 ,
7226 7251 +.Dq af33 ,
7227 7252 +.Dq af41 ,
7228 7253 +.Dq af42 ,
7229 7254 +.Dq af43 ,
7230 7255 +.Dq cs0 ,
7231 7256 +.Dq cs1 ,
7232 7257 +.Dq cs2 ,
7233 7258 +.Dq cs3 ,
7234 7259 +.Dq cs4 ,
7235 7260 +.Dq cs5 ,
7236 7261 +.Dq cs6 ,
7237 7262 +.Dq cs7 ,
7238 7263 +.Dq ef ,
7239 7264 +.Dq lowdelay ,
7240 7265 +.Dq throughput ,
7241 7266 +.Dq reliability ,
7242 7267 +or a numeric value.
7243 7268 +This option may take one or two arguments, separated by whitespace.
7244 7269 +If one argument is specified, it is used as the packet class unconditionally.
7245 7270 +If two values are specified, the first is automatically selected for
7246 7271 +interactive sessions and the second for non-interactive sessions.
7247 7272 +The default is
7248 7273 +.Dq lowdelay
7249 7274 +for interactive sessions and
7250 7275 +.Dq throughput
7251 7276 +for non-interactive sessions.
7252 7277 +.It Cm KbdInteractiveAuthentication
7253 7278 +Specifies whether to allow keyboard-interactive authentication.
7254 7279 +The argument to this keyword must be
7255 7280 +.Dq yes
7256 7281 +or
7257 7282 +.Dq no .
7258 7283 +The default is to use whatever value
7259 7284 +.Cm ChallengeResponseAuthentication
7260 7285 +is set to
7261 7286 +(by default
7262 7287 +.Dq yes ) .
7263 7288 +.It Cm KerberosAuthentication
7264 7289 +Specifies whether the password provided by the user for
7265 7290 +.Cm PasswordAuthentication
7266 7291 +will be validated through the Kerberos KDC.
7267 7292 +To use this option, the server needs a
7268 7293 +Kerberos servtab which allows the verification of the KDC's identity.
7269 7294 +The default is
7270 7295 +.Dq no .
7271 7296 +.It Cm KerberosGetAFSToken
7272 7297 +If AFS is active and the user has a Kerberos 5 TGT, attempt to acquire
7273 7298 +an AFS token before accessing the user's home directory.
7274 7299 +The default is
7275 7300 +.Dq no .
7276 7301 +.It Cm KerberosOrLocalPasswd
7277 7302 +If password authentication through Kerberos fails then
7278 7303 +the password will be validated via any additional local mechanism
7279 7304 +such as
7280 7305 +.Pa /etc/passwd .
7281 7306 +The default is
7282 7307 +.Dq yes .
7283 7308 +.It Cm KerberosTicketCleanup
7284 7309 +Specifies whether to automatically destroy the user's ticket cache
7285 7310 +file on logout.
7286 7311 +The default is
7287 7312 +.Dq yes .
7288 7313 +.It Cm KexAlgorithms
7289 7314 +Specifies the available KEX (Key Exchange) algorithms.
7290 7315 +Multiple algorithms must be comma-separated.
7291 7316 +Alternately if the specified value begins with a
7292 7317 +.Sq +
7293 7318 +character, then the specified methods will be appended to the default set
7294 7319 +instead of replacing them.
7295 7320 +The supported algorithms are:
7296 7321 +.Pp
7297 7322 +.Bl -item -compact -offset indent
7298 7323 +.It
7299 7324 +curve25519-sha256@libssh.org
7300 7325 +.It
7301 7326 +diffie-hellman-group1-sha1
7302 7327 +.It
7303 7328 +diffie-hellman-group14-sha1
7304 7329 +.It
7305 7330 +diffie-hellman-group-exchange-sha1
7306 7331 +.It
7307 7332 +diffie-hellman-group-exchange-sha256
7308 7333 +.It
7309 7334 +ecdh-sha2-nistp256
7310 7335 +.It
7311 7336 +ecdh-sha2-nistp384
7312 7337 +.It
7313 7338 +ecdh-sha2-nistp521
7314 7339 +.El
7315 7340 +.Pp
7316 7341 +The default is:
7317 7342 +.Bd -literal -offset indent
7318 7343 +curve25519-sha256@libssh.org,
7319 7344 +ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
7320 7345 +diffie-hellman-group-exchange-sha256,
7321 7346 +diffie-hellman-group14-sha1
7322 7347 +.Ed
7323 7348 +.Pp
7324 7349 +The list of available key exchange algorithms may also be obtained using the
7325 7350 +.Fl Q
7326 7351 +option of
7327 7352 +.Xr ssh 1
7328 7353 +with an argument of
7329 7354 +.Dq kex .
7330 7355 +.It Cm KeyRegenerationInterval
7331 7356 +In protocol version 1, the ephemeral server key is automatically regenerated
7332 7357 +after this many seconds (if it has been used).
7333 7358 +The purpose of regeneration is to prevent
7334 7359 +decrypting captured sessions by later breaking into the machine and
7335 7360 +stealing the keys.
7336 7361 +The key is never stored anywhere.
7337 7362 +If the value is 0, the key is never regenerated.
7338 7363 +The default is 3600 (seconds).
7339 7364 +.It Cm ListenAddress
7340 7365 +Specifies the local addresses
7341 7366 +.Xr sshd 1M
7342 7367 +should listen on.
7343 7368 +The following forms may be used:
7344 7369 +.Pp
7345 7370 +.Bl -item -offset indent -compact
7346 7371 +.It
7347 7372 +.Cm ListenAddress
7348 7373 +.Sm off
7349 7374 +.Ar host | Ar IPv4_addr | Ar IPv6_addr
7350 7375 +.Sm on
7351 7376 +.It
7352 7377 +.Cm ListenAddress
7353 7378 +.Sm off
7354 7379 +.Ar host | Ar IPv4_addr : Ar port
7355 7380 +.Sm on
7356 7381 +.It
7357 7382 +.Cm ListenAddress
7358 7383 +.Sm off
7359 7384 +.Oo
7360 7385 +.Ar host | Ar IPv6_addr Oc : Ar port
7361 7386 +.Sm on
7362 7387 +.El
7363 7388 +.Pp
7364 7389 +If
7365 7390 +.Ar port
7366 7391 +is not specified,
7367 7392 +sshd will listen on the address and all
7368 7393 +.Cm Port
7369 7394 +options specified.
7370 7395 +The default is to listen on all local addresses.
7371 7396 +Multiple
7372 7397 +.Cm ListenAddress
7373 7398 +options are permitted.
7374 7399 +.It Cm LoginGraceTime
7375 7400 +The server disconnects after this time if the user has not
7376 7401 +successfully logged in.
7377 7402 +If the value is 0, there is no time limit.
7378 7403 +The default is 120 seconds.
7379 7404 +.It Cm LogLevel
7380 7405 +Gives the verbosity level that is used when logging messages from
7381 7406 +.Xr sshd 1M .
7382 7407 +The possible values are:
7383 7408 +QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
7384 7409 +The default is INFO.
7385 7410 +DEBUG and DEBUG1 are equivalent.
7386 7411 +DEBUG2 and DEBUG3 each specify higher levels of debugging output.
7387 7412 +Logging with a DEBUG level violates the privacy of users and is not recommended.
7388 7413 +.It Cm MACs
7389 7414 +Specifies the available MAC (message authentication code) algorithms.
7390 7415 +The MAC algorithm is used in protocol version 2
7391 7416 +for data integrity protection.
7392 7417 +Multiple algorithms must be comma-separated.
7393 7418 +If the specified value begins with a
7394 7419 +.Sq +
7395 7420 +character, then the specified algorithms will be appended to the default set
7396 7421 +instead of replacing them.
7397 7422 +.Pp
7398 7423 +The algorithms that contain
7399 7424 +.Dq -etm
7400 7425 +calculate the MAC after encryption (encrypt-then-mac).
7401 7426 +These are considered safer and their use recommended.
7402 7427 +The supported MACs are:
7403 7428 +.Pp
7404 7429 +.Bl -item -compact -offset indent
7405 7430 +.It
7406 7431 +hmac-md5
7407 7432 +.It
7408 7433 +hmac-md5-96
7409 7434 +.It
7410 7435 +hmac-ripemd160
7411 7436 +.It
7412 7437 +hmac-sha1
7413 7438 +.It
7414 7439 +hmac-sha1-96
7415 7440 +.It
7416 7441 +hmac-sha2-256
7417 7442 +.It
7418 7443 +hmac-sha2-512
7419 7444 +.It
7420 7445 +umac-64@openssh.com
7421 7446 +.It
7422 7447 +umac-128@openssh.com
7423 7448 +.It
7424 7449 +hmac-md5-etm@openssh.com
7425 7450 +.It
7426 7451 +hmac-md5-96-etm@openssh.com
7427 7452 +.It
7428 7453 +hmac-ripemd160-etm@openssh.com
7429 7454 +.It
7430 7455 +hmac-sha1-etm@openssh.com
7431 7456 +.It
7432 7457 +hmac-sha1-96-etm@openssh.com
7433 7458 +.It
7434 7459 +hmac-sha2-256-etm@openssh.com
7435 7460 +.It
7436 7461 +hmac-sha2-512-etm@openssh.com
7437 7462 +.It
7438 7463 +umac-64-etm@openssh.com
7439 7464 +.It
7440 7465 +umac-128-etm@openssh.com
7441 7466 +.El
7442 7467 +.Pp
7443 7468 +The default is:
7444 7469 +.Bd -literal -offset indent
7445 7470 +umac-64-etm@openssh.com,umac-128-etm@openssh.com,
7446 7471 +hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
7447 7472 +umac-64@openssh.com,umac-128@openssh.com,
7448 7473 +hmac-sha2-256,hmac-sha2-512
7449 7474 +.Ed
7450 7475 +.Pp
7451 7476 +The list of available MAC algorithms may also be obtained using the
7452 7477 +.Fl Q
7453 7478 +option of
7454 7479 +.Xr ssh 1
7455 7480 +with an argument of
7456 7481 +.Dq mac .
7457 7482 +.It Cm Match
7458 7483 +Introduces a conditional block.
7459 7484 +If all of the criteria on the
7460 7485 +.Cm Match
7461 7486 +line are satisfied, the keywords on the following lines override those
7462 7487 +set in the global section of the config file, until either another
7463 7488 +.Cm Match
7464 7489 +line or the end of the file.
7465 7490 +If a keyword appears in multiple
7466 7491 +.Cm Match
7467 7492 +blocks that are satisfied, only the first instance of the keyword is
7468 7493 +applied.
7469 7494 +.Pp
7470 7495 +The arguments to
7471 7496 +.Cm Match
7472 7497 +are one or more criteria-pattern pairs or the single token
7473 7498 +.Cm All
7474 7499 +which matches all criteria.
7475 7500 +The available criteria are
7476 7501 +.Cm User ,
7477 7502 +.Cm Group ,
7478 7503 +.Cm Host ,
7479 7504 +.Cm LocalAddress ,
7480 7505 +.Cm LocalPort ,
7481 7506 +and
7482 7507 +.Cm Address .
7483 7508 +The match patterns may consist of single entries or comma-separated
7484 7509 +lists and may use the wildcard and negation operators described in the
7485 7510 +PATTERNS section of
7486 7511 +.Xr ssh_config 4 .
7487 7512 +.Pp
7488 7513 +The patterns in an
7489 7514 +.Cm Address
7490 7515 +criteria may additionally contain addresses to match in CIDR
7491 7516 +address/masklen format, e.g.\&
7492 7517 +.Dq 192.0.2.0/24
7493 7518 +or
7494 7519 +.Dq 3ffe:ffff::/32 .
7495 7520 +Note that the mask length provided must be consistent with the address -
7496 7521 +it is an error to specify a mask length that is too long for the address
7497 7522 +or one with bits set in this host portion of the address.
7498 7523 +For example,
7499 7524 +.Dq 192.0.2.0/33
7500 7525 +and
7501 7526 +.Dq 192.0.2.0/8
7502 7527 +respectively.
7503 7528 +.Pp
7504 7529 +Only a subset of keywords may be used on the lines following a
7505 7530 +.Cm Match
7506 7531 +keyword.
7507 7532 +Available keywords are
7508 7533 +.Cm AcceptEnv ,
7509 7534 +.Cm AllowAgentForwarding ,
7510 7535 +.Cm AllowGroups ,
7511 7536 +.Cm AllowStreamLocalForwarding ,
7512 7537 +.Cm AllowTcpForwarding ,
7513 7538 +.Cm AllowUsers ,
7514 7539 +.Cm AuthenticationMethods ,
7515 7540 +.Cm AuthorizedKeysCommand ,
7516 7541 +.Cm AuthorizedKeysCommandUser ,
7517 7542 +.Cm AuthorizedKeysFile ,
7518 7543 +.Cm AuthorizedPrincipalsFile ,
7519 7544 +.Cm Banner ,
7520 7545 +.Cm ChrootDirectory ,
7521 7546 +.Cm DenyGroups ,
7522 7547 +.Cm DenyUsers ,
7523 7548 +.Cm ForceCommand ,
7524 7549 +.Cm GatewayPorts ,
7525 7550 +.Cm GSSAPIAuthentication ,
7526 7551 +.Cm HostbasedAcceptedKeyTypes ,
7527 7552 +.Cm HostbasedAuthentication ,
7528 7553 +.Cm HostbasedUsesNameFromPacketOnly ,
7529 7554 +.Cm IPQoS ,
7530 7555 +.Cm KbdInteractiveAuthentication ,
7531 7556 +.Cm KerberosAuthentication ,
7532 7557 +.Cm MaxAuthTries ,
7533 7558 +.Cm MaxSessions ,
7534 7559 +.Cm PasswordAuthentication ,
7535 7560 +.Cm PermitEmptyPasswords ,
7536 7561 +.Cm PermitOpen ,
7537 7562 +.Cm PermitRootLogin ,
7538 7563 +.Cm PermitTTY ,
7539 7564 +.Cm PermitTunnel ,
7540 7565 +.Cm PermitUserRC ,
7541 7566 +.Cm PubkeyAcceptedKeyTypes ,
7542 7567 +.Cm PubkeyAuthentication ,
7543 7568 +.Cm RekeyLimit ,
7544 7569 +.Cm RevokedKeys ,
7545 7570 +.Cm RhostsRSAAuthentication ,
7546 7571 +.Cm RSAAuthentication ,
7547 7572 +.Cm StreamLocalBindMask ,
7548 7573 +.Cm StreamLocalBindUnlink ,
7549 7574 +.Cm TrustedUserCAKeys ,
7550 7575 +.Cm X11DisplayOffset ,
7551 7576 +.Cm X11Forwarding
7552 7577 +and
7553 7578 +.Cm X11UseLocalHost .
7554 7579 +.It Cm MaxAuthTries
7555 7580 +Specifies the maximum number of authentication attempts permitted per
7556 7581 +connection.
7557 7582 +Once the number of failures reaches half this value,
7558 7583 +additional failures are logged.
7559 7584 +The default is 6.
7560 7585 +.It Cm MaxSessions
7561 7586 +Specifies the maximum number of open sessions permitted per network connection.
7562 7587 +The default is 10.
7563 7588 +.It Cm MaxStartups
7564 7589 +Specifies the maximum number of concurrent unauthenticated connections to the
7565 7590 +SSH daemon.
7566 7591 +Additional connections will be dropped until authentication succeeds or the
7567 7592 +.Cm LoginGraceTime
7568 7593 +expires for a connection.
7569 7594 +The default is 10:30:100.
7570 7595 +.Pp
7571 7596 +Alternatively, random early drop can be enabled by specifying
7572 7597 +the three colon separated values
7573 7598 +.Dq start:rate:full
7574 7599 +(e.g. "10:30:60").
7575 7600 +.Xr sshd 1M
7576 7601 +will refuse connection attempts with a probability of
7577 7602 +.Dq rate/100
7578 7603 +(30%)
7579 7604 +if there are currently
7580 7605 +.Dq start
7581 7606 +(10)
7582 7607 +unauthenticated connections.
7583 7608 +The probability increases linearly and all connection attempts
7584 7609 +are refused if the number of unauthenticated connections reaches
7585 7610 +.Dq full
7586 7611 +(60).
7587 7612 +.It Cm PasswordAuthentication
7588 7613 +Specifies whether password authentication is allowed.
7589 7614 +The default is
7590 7615 +.Dq yes .
7591 7616 +.It Cm PermitEmptyPasswords
7592 7617 +When password authentication is allowed, it specifies whether the
7593 7618 +server allows login to accounts with empty password strings.
7594 7619 +The default is
7595 7620 +.Dq no .
7596 7621 +.It Cm PermitOpen
7597 7622 +Specifies the destinations to which TCP port forwarding is permitted.
7598 7623 +The forwarding specification must be one of the following forms:
7599 7624 +.Pp
7600 7625 +.Bl -item -offset indent -compact
7601 7626 +.It
7602 7627 +.Cm PermitOpen
7603 7628 +.Sm off
7604 7629 +.Ar host : port
7605 7630 +.Sm on
7606 7631 +.It
7607 7632 +.Cm PermitOpen
7608 7633 +.Sm off
7609 7634 +.Ar IPv4_addr : port
7610 7635 +.Sm on
7611 7636 +.It
7612 7637 +.Cm PermitOpen
7613 7638 +.Sm off
7614 7639 +.Ar \&[ IPv6_addr \&] : port
7615 7640 +.Sm on
7616 7641 +.El
7617 7642 +.Pp
7618 7643 +Multiple forwards may be specified by separating them with whitespace.
7619 7644 +An argument of
7620 7645 +.Dq any
7621 7646 +can be used to remove all restrictions and permit any forwarding requests.
7622 7647 +An argument of
7623 7648 +.Dq none
7624 7649 +can be used to prohibit all forwarding requests.
7625 7650 +By default all port forwarding requests are permitted.
7626 7651 +.It Cm PermitRootLogin
7627 7652 +Specifies whether root can log in using
7628 7653 +.Xr ssh 1 .
7629 7654 +The argument must be
7630 7655 +.Dq yes ,
7631 7656 +.Dq prohibit-password ,
7632 7657 +.Dq without-password ,
7633 7658 +.Dq forced-commands-only ,
7634 7659 +or
7635 7660 +.Dq no .
7636 7661 +The default is
7637 7662 +.Dq prohibit-password .
7638 7663 +.Pp
7639 7664 +If this option is set to
7640 7665 +.Dq prohibit-password
7641 7666 +or
7642 7667 +.Dq without-password ,
7643 7668 +password and keyboard-interactive authentication are disabled for root.
7644 7669 +.Pp
7645 7670 +If this option is set to
7646 7671 +.Dq forced-commands-only ,
7647 7672 +root login with public key authentication will be allowed,
7648 7673 +but only if the
7649 7674 +.Ar command
7650 7675 +option has been specified
7651 7676 +(which may be useful for taking remote backups even if root login is
7652 7677 +normally not allowed).
7653 7678 +All other authentication methods are disabled for root.
7654 7679 +.Pp
7655 7680 +If this option is set to
7656 7681 +.Dq no ,
7657 7682 +root is not allowed to log in.
7658 7683 +.It Cm PermitTunnel
7659 7684 +Specifies whether
7660 7685 +.Xr tun 4
7661 7686 +device forwarding is allowed.
7662 7687 +The argument must be
7663 7688 +.Dq yes ,
7664 7689 +.Dq point-to-point
7665 7690 +(layer 3),
7666 7691 +.Dq ethernet
7667 7692 +(layer 2), or
7668 7693 +.Dq no .
7669 7694 +Specifying
7670 7695 +.Dq yes
7671 7696 +permits both
7672 7697 +.Dq point-to-point
7673 7698 +and
7674 7699 +.Dq ethernet .
7675 7700 +The default is
7676 7701 +.Dq no .
7677 7702 +.Pp
7678 7703 +Independent of this setting, the permissions of the selected
7679 7704 +.Xr tun 4
7680 7705 +device must allow access to the user.
7681 7706 +.It Cm PermitTTY
7682 7707 +Specifies whether
7683 7708 +.Xr pty 4
7684 7709 +allocation is permitted.
7685 7710 +The default is
7686 7711 +.Dq yes .
7687 7712 +.It Cm PermitUserEnvironment
7688 7713 +Specifies whether
7689 7714 +.Pa ~/.ssh/environment
7690 7715 +and
7691 7716 +.Cm environment=
7692 7717 +options in
7693 7718 +.Pa ~/.ssh/authorized_keys
7694 7719 +are processed by
7695 7720 +.Xr sshd 1M .
7696 7721 +The default is
7697 7722 +.Dq no .
7698 7723 +Enabling environment processing may enable users to bypass access
7699 7724 +restrictions in some configurations using mechanisms such as
7700 7725 +.Ev LD_PRELOAD .
7701 7726 +.It Cm PermitUserRC
7702 7727 +Specifies whether any
7703 7728 +.Pa ~/.ssh/rc
7704 7729 +file is executed.
7705 7730 +The default is
7706 7731 +.Dq yes .
7707 7732 +.It Cm PidFile
7708 7733 +Specifies the file that contains the process ID of the
7709 7734 +SSH daemon, or
7710 7735 +.Dq none
7711 7736 +to not write one.
7712 7737 +The default is
7713 7738 +.Pa /var/run/sshd.pid .
7714 7739 +.It Cm Port
7715 7740 +Specifies the port number that
7716 7741 +.Xr sshd 1M
7717 7742 +listens on.
7718 7743 +The default is 22.
7719 7744 +Multiple options of this type are permitted.
7720 7745 +See also
7721 7746 +.Cm ListenAddress .
7722 7747 +.It Cm PrintLastLog
7723 7748 +Specifies whether
7724 7749 +.Xr sshd 1M
7725 7750 +should print the date and time of the last user login when a user logs
7726 7751 +in interactively.
7727 7752 +On Solaris this option is always ignored since pam_unix_session(5)
7728 7753 +reports the last login time.
7729 7754 +.It Cm PrintMotd
7730 7755 +Specifies whether
7731 7756 +.Xr sshd 1M
7732 7757 +should print
7733 7758 +.Pa /etc/motd
7734 7759 +when a user logs in interactively.
7735 7760 +(On some systems it is also printed by the shell,
7736 7761 +.Pa /etc/profile ,
7737 7762 +or equivalent.)
7738 7763 +The default is
7739 7764 +.Dq yes .
7740 7765 +.It Cm Protocol
7741 7766 +Specifies the protocol versions
7742 7767 +.Xr sshd 1M
7743 7768 +supports.
7744 7769 +The possible values are
7745 7770 +.Sq 1
7746 7771 +and
7747 7772 +.Sq 2 .
7748 7773 +Multiple versions must be comma-separated.
7749 7774 +The default is
7750 7775 +.Sq 2 .
7751 7776 +Note that the order of the protocol list does not indicate preference,
7752 7777 +because the client selects among multiple protocol versions offered
7753 7778 +by the server.
7754 7779 +Specifying
7755 7780 +.Dq 2,1
7756 7781 +is identical to
7757 7782 +.Dq 1,2 .
7758 7783 +.It Cm PubkeyAcceptedKeyTypes
7759 7784 +Specifies the key types that will be accepted for public key authentication
7760 7785 +as a comma-separated pattern list.
7761 7786 +Alternately if the specified value begins with a
7762 7787 +.Sq +
7763 7788 +character, then the specified key types will be appended to the default set
7764 7789 +instead of replacing them.
7765 7790 +The default for this option is:
7766 7791 +.Bd -literal -offset 3n
7767 7792 +ecdsa-sha2-nistp256-cert-v01@openssh.com,
7768 7793 +ecdsa-sha2-nistp384-cert-v01@openssh.com,
7769 7794 +ecdsa-sha2-nistp521-cert-v01@openssh.com,
7770 7795 +ssh-ed25519-cert-v01@openssh.com,
7771 7796 +ssh-rsa-cert-v01@openssh.com,
7772 7797 +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
7773 7798 +ssh-ed25519,ssh-rsa
7774 7799 +.Ed
7775 7800 +.Pp
7776 7801 +The
7777 7802 +.Fl Q
7778 7803 +option of
7779 7804 +.Xr ssh 1
7780 7805 +may be used to list supported key types.
7781 7806 +.It Cm PubkeyAuthentication
7782 7807 +Specifies whether public key authentication is allowed.
7783 7808 +The default is
7784 7809 +.Dq yes .
7785 7810 +Note that this option applies to protocol version 2 only.
7786 7811 +.It Cm RekeyLimit
7787 7812 +Specifies the maximum amount of data that may be transmitted before the
7788 7813 +session key is renegotiated, optionally followed a maximum amount of
7789 7814 +time that may pass before the session key is renegotiated.
7790 7815 +The first argument is specified in bytes and may have a suffix of
7791 7816 +.Sq K ,
7792 7817 +.Sq M ,
7793 7818 +or
7794 7819 +.Sq G
7795 7820 +to indicate Kilobytes, Megabytes, or Gigabytes, respectively.
7796 7821 +The default is between
7797 7822 +.Sq 1G
7798 7823 +and
7799 7824 +.Sq 4G ,
7800 7825 +depending on the cipher.
7801 7826 +The optional second value is specified in seconds and may use any of the
7802 7827 +units documented in the
7803 7828 +.Sx TIME FORMATS
7804 7829 +section.
7805 7830 +The default value for
7806 7831 +.Cm RekeyLimit
7807 7832 +is
7808 7833 +.Dq default none ,
7809 7834 +which means that rekeying is performed after the cipher's default amount
7810 7835 +of data has been sent or received and no time based rekeying is done.
7811 7836 +This option applies to protocol version 2 only.
7812 7837 +.It Cm RevokedKeys
7813 7838 +Specifies revoked public keys file, or
7814 7839 +.Dq none
7815 7840 +to not use one.
7816 7841 +Keys listed in this file will be refused for public key authentication.
7817 7842 +Note that if this file is not readable, then public key authentication will
7818 7843 +be refused for all users.
7819 7844 +Keys may be specified as a text file, listing one public key per line, or as
7820 7845 +an OpenSSH Key Revocation List (KRL) as generated by
7821 7846 +.Xr ssh-keygen 1 .
7822 7847 +For more information on KRLs, see the KEY REVOCATION LISTS section in
7823 7848 +.Xr ssh-keygen 1 .
7824 7849 +.It Cm RhostsRSAAuthentication
7825 7850 +Specifies whether rhosts or /etc/hosts.equiv authentication together
7826 7851 +with successful RSA host authentication is allowed.
7827 7852 +The default is
7828 7853 +.Dq no .
7829 7854 +This option applies to protocol version 1 only.
7830 7855 +.It Cm RSAAuthentication
7831 7856 +Specifies whether pure RSA authentication is allowed.
7832 7857 +The default is
7833 7858 +.Dq yes .
7834 7859 +This option applies to protocol version 1 only.
7835 7860 +.It Cm ServerKeyBits
7836 7861 +Defines the number of bits in the ephemeral protocol version 1 server key.
7837 7862 +The default and minimum value is 1024.
7838 7863 +.It Cm StreamLocalBindMask
7839 7864 +Sets the octal file creation mode mask
7840 7865 +.Pq umask
7841 7866 +used when creating a Unix-domain socket file for local or remote
7842 7867 +port forwarding.
7843 7868 +This option is only used for port forwarding to a Unix-domain socket file.
7844 7869 +.Pp
7845 7870 +The default value is 0177, which creates a Unix-domain socket file that is
7846 7871 +readable and writable only by the owner.
7847 7872 +Note that not all operating systems honor the file mode on Unix-domain
7848 7873 +socket files.
7849 7874 +.It Cm StreamLocalBindUnlink
7850 7875 +Specifies whether to remove an existing Unix-domain socket file for local
7851 7876 +or remote port forwarding before creating a new one.
7852 7877 +If the socket file already exists and
7853 7878 +.Cm StreamLocalBindUnlink
7854 7879 +is not enabled,
7855 7880 +.Nm sshd
7856 7881 +will be unable to forward the port to the Unix-domain socket file.
7857 7882 +This option is only used for port forwarding to a Unix-domain socket file.
7858 7883 +.Pp
7859 7884 +The argument must be
7860 7885 +.Dq yes
7861 7886 +or
7862 7887 +.Dq no .
7863 7888 +The default is
7864 7889 +.Dq no .
7865 7890 +.It Cm StrictModes
7866 7891 +Specifies whether
7867 7892 +.Xr sshd 1M
7868 7893 +should check file modes and ownership of the
7869 7894 +user's files and home directory before accepting login.
7870 7895 +This is normally desirable because novices sometimes accidentally leave their
7871 7896 +directory or files world-writable.
7872 7897 +The default is
7873 7898 +.Dq yes .
7874 7899 +Note that this does not apply to
7875 7900 +.Cm ChrootDirectory ,
7876 7901 +whose permissions and ownership are checked unconditionally.
7877 7902 +.It Cm Subsystem
7878 7903 +Configures an external subsystem (e.g. file transfer daemon).
7879 7904 +Arguments should be a subsystem name and a command (with optional arguments)
7880 7905 +to execute upon subsystem request.
7881 7906 +.Pp
7882 7907 +The command
7883 7908 +.Xr sftp-server 8
7884 7909 +implements the
7885 7910 +.Dq sftp
7886 7911 +file transfer subsystem.
7887 7912 +.Pp
7888 7913 +Alternately the name
7889 7914 +.Dq internal-sftp
7890 7915 +implements an in-process
7891 7916 +.Dq sftp
7892 7917 +server.
7893 7918 +This may simplify configurations using
7894 7919 +.Cm ChrootDirectory
7895 7920 +to force a different filesystem root on clients.
7896 7921 +.Pp
7897 7922 +By default no subsystems are defined.
7898 7923 +Note that this option applies to protocol version 2 only.
7899 7924 +.It Cm SyslogFacility
7900 7925 +Gives the facility code that is used when logging messages from
7901 7926 +.Xr sshd 1M .
7902 7927 +The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
7903 7928 +LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
7904 7929 +The default is AUTH.
7905 7930 +.It Cm TCPKeepAlive
7906 7931 +Specifies whether the system should send TCP keepalive messages to the
7907 7932 +other side.
7908 7933 +If they are sent, death of the connection or crash of one
7909 7934 +of the machines will be properly noticed.
7910 7935 +However, this means that
7911 7936 +connections will die if the route is down temporarily, and some people
7912 7937 +find it annoying.
7913 7938 +On the other hand, if TCP keepalives are not sent,
7914 7939 +sessions may hang indefinitely on the server, leaving
7915 7940 +.Dq ghost
7916 7941 +users and consuming server resources.
7917 7942 +.Pp
7918 7943 +The default is
7919 7944 +.Dq yes
7920 7945 +(to send TCP keepalive messages), and the server will notice
7921 7946 +if the network goes down or the client host crashes.
7922 7947 +This avoids infinitely hanging sessions.
7923 7948 +.Pp
7924 7949 +To disable TCP keepalive messages, the value should be set to
7925 7950 +.Dq no .
7926 7951 +.It Cm TrustedUserCAKeys
7927 7952 +Specifies a file containing public keys of certificate authorities that are
7928 7953 +trusted to sign user certificates for authentication, or
7929 7954 +.Dq none
7930 7955 +to not use one.
7931 7956 +Keys are listed one per line; empty lines and comments starting with
7932 7957 +.Ql #
7933 7958 +are allowed.
7934 7959 +If a certificate is presented for authentication and has its signing CA key
7935 7960 +listed in this file, then it may be used for authentication for any user
7936 7961 +listed in the certificate's principals list.
7937 7962 +Note that certificates that lack a list of principals will not be permitted
7938 7963 +for authentication using
7939 7964 +.Cm TrustedUserCAKeys .
7940 7965 +For more details on certificates, see the CERTIFICATES section in
7941 7966 +.Xr ssh-keygen 1 .
7942 7967 +.It Cm UseDNS
7943 7968 +Specifies whether
7944 7969 +.Xr sshd 1M
7945 7970 +should look up the remote host name, and to check that
7946 7971 +the resolved host name for the remote IP address maps back to the
7947 7972 +very same IP address.
7948 7973 +.Pp
7949 7974 +If this option is set to
7950 7975 +.Dq no
7951 7976 +(the default) then only addresses and not host names may be used in
7952 7977 +.Pa ~/.ssh/known_hosts
7953 7978 +.Cm from
7954 7979 +and
7955 7980 +.Nm
7956 7981 +.Cm Match
7957 7982 +.Cm Host
7958 7983 +directives.
7959 7984 +.It Cm UseLogin
7960 7985 +Specifies whether
7961 7986 +.Xr login 1
7962 7987 +is used for interactive login sessions.
7963 7988 +The default is
7964 7989 +.Dq no .
7965 7990 +Note that
7966 7991 +.Xr login 1
7967 7992 +is never used for remote command execution.
7968 7993 +Note also, that if this is enabled,
7969 7994 +.Cm X11Forwarding
7970 7995 +will be disabled because
7971 7996 +.Xr login 1
7972 7997 +does not know how to handle
7973 7998 +.Xr xauth 1
7974 7999 +cookies.
7975 8000 +If
7976 8001 +.Cm UsePrivilegeSeparation
7977 8002 +is specified, it will be disabled after authentication.
7978 8003 +.It Cm UsePAM
7979 8004 +Enables the Pluggable Authentication Module interface.
7980 8005 +If set to
7981 8006 +.Dq yes
7982 8007 +this will enable PAM authentication using
7983 8008 +.Cm ChallengeResponseAuthentication
7984 8009 +and
7985 8010 +.Cm PasswordAuthentication
7986 8011 +in addition to PAM account and session module processing for all
7987 8012 +authentication types.
7988 8013 +.Pp
7989 8014 +Because PAM challenge-response authentication usually serves an equivalent
7990 8015 +role to password authentication, you should disable either
7991 8016 +.Cm PasswordAuthentication
7992 8017 +or
7993 8018 +.Cm ChallengeResponseAuthentication.
7994 8019 +.Pp
7995 8020 +If
7996 8021 +.Cm UsePAM
7997 8022 +is enabled, you will not be able to run
7998 8023 +.Xr sshd 1M
7999 8024 +as a non-root user.
8000 8025 +The default is
8001 8026 +.Dq no .
8002 8027 +.It Cm UsePrivilegeSeparation
8003 8028 +Specifies whether
8004 8029 +.Xr sshd 1M
8005 8030 +separates privileges by creating an unprivileged child process
8006 8031 +to deal with incoming network traffic.
8007 8032 +After successful authentication, another process will be created that has
8008 8033 +the privilege of the authenticated user.
8009 8034 +The goal of privilege separation is to prevent privilege
8010 8035 +escalation by containing any corruption within the unprivileged processes.
8011 8036 +The default is
8012 8037 +.Dq yes .
8013 8038 +If
8014 8039 +.Cm UsePrivilegeSeparation
8015 8040 +is set to
8016 8041 +.Dq sandbox
8017 8042 +then the pre-authentication unprivileged process is subject to additional
8018 8043 +restrictions.
8019 8044 +.It Cm VersionAddendum
8020 8045 +Optionally specifies additional text to append to the SSH protocol banner
8021 8046 +sent by the server upon connection.
8022 8047 +The default is
8023 8048 +.Dq none .
8024 8049 +.It Cm X11DisplayOffset
8025 8050 +Specifies the first display number available for
8026 8051 +.Xr sshd 1M Ns 's
8027 8052 +X11 forwarding.
8028 8053 +This prevents sshd from interfering with real X11 servers.
8029 8054 +The default is 10.
8030 8055 +.It Cm X11Forwarding
8031 8056 +Specifies whether X11 forwarding is permitted.
8032 8057 +The argument must be
8033 8058 +.Dq yes
8034 8059 +or
8035 8060 +.Dq no .
8036 8061 +The default is
8037 8062 +.Dq no .
8038 8063 +.Pp
8039 8064 +When X11 forwarding is enabled, there may be additional exposure to
8040 8065 +the server and to client displays if the
8041 8066 +.Xr sshd 1M
8042 8067 +proxy display is configured to listen on the wildcard address (see
8043 8068 +.Cm X11UseLocalhost
8044 8069 +below), though this is not the default.
8045 8070 +Additionally, the authentication spoofing and authentication data
8046 8071 +verification and substitution occur on the client side.
8047 8072 +The security risk of using X11 forwarding is that the client's X11
8048 8073 +display server may be exposed to attack when the SSH client requests
8049 8074 +forwarding (see the warnings for
8050 8075 +.Cm ForwardX11
8051 8076 +in
8052 8077 +.Xr ssh_config 4 ) .
8053 8078 +A system administrator may have a stance in which they want to
8054 8079 +protect clients that may expose themselves to attack by unwittingly
8055 8080 +requesting X11 forwarding, which can warrant a
8056 8081 +.Dq no
8057 8082 +setting.
8058 8083 +.Pp
8059 8084 +Note that disabling X11 forwarding does not prevent users from
8060 8085 +forwarding X11 traffic, as users can always install their own forwarders.
8061 8086 +X11 forwarding is automatically disabled if
8062 8087 +.Cm UseLogin
8063 8088 +is enabled.
8064 8089 +.It Cm X11UseLocalhost
8065 8090 +Specifies whether
8066 8091 +.Xr sshd 1M
8067 8092 +should bind the X11 forwarding server to the loopback address or to
8068 8093 +the wildcard address.
8069 8094 +By default,
8070 8095 +sshd binds the forwarding server to the loopback address and sets the
8071 8096 +hostname part of the
8072 8097 +.Ev DISPLAY
8073 8098 +environment variable to
8074 8099 +.Dq localhost .
8075 8100 +This prevents remote hosts from connecting to the proxy display.
8076 8101 +However, some older X11 clients may not function with this
8077 8102 +configuration.
8078 8103 +.Cm X11UseLocalhost
8079 8104 +may be set to
8080 8105 +.Dq no
8081 8106 +to specify that the forwarding server should be bound to the wildcard
8082 8107 +address.
8083 8108 +The argument must be
8084 8109 +.Dq yes
8085 8110 +or
8086 8111 +.Dq no .
8087 8112 +The default is
8088 8113 +.Dq yes .
8089 8114 +.It Cm XAuthLocation
8090 8115 +Specifies the full pathname of the
8091 8116 +.Xr xauth 1
8092 8117 +program, or
8093 8118 +.Dq none
8094 8119 +to not use one.
8095 8120 +The default is
8096 8121 +.Pa /usr/X11R6/bin/xauth .
8097 8122 +.El
8098 8123 +.Sh TIME FORMATS
8099 8124 +.Xr sshd 1M
8100 8125 +command-line arguments and configuration file options that specify time
8101 8126 +may be expressed using a sequence of the form:
8102 8127 +.Sm off
8103 8128 +.Ar time Op Ar qualifier ,
8104 8129 +.Sm on
8105 8130 +where
8106 8131 +.Ar time
8107 8132 +is a positive integer value and
8108 8133 +.Ar qualifier
8109 8134 +is one of the following:
8110 8135 +.Pp
8111 8136 +.Bl -tag -width Ds -compact -offset indent
8112 8137 +.It Aq Cm none
8113 8138 +seconds
8114 8139 +.It Cm s | Cm S
8115 8140 +seconds
8116 8141 +.It Cm m | Cm M
8117 8142 +minutes
8118 8143 +.It Cm h | Cm H
8119 8144 +hours
8120 8145 +.It Cm d | Cm D
8121 8146 +days
8122 8147 +.It Cm w | Cm W
8123 8148 +weeks
8124 8149 +.El
8125 8150 +.Pp
8126 8151 +Each member of the sequence is added together to calculate
8127 8152 +the total time value.
8128 8153 +.Pp
8129 8154 +Time format examples:
8130 8155 +.Pp
8131 8156 +.Bl -tag -width Ds -compact -offset indent
8132 8157 +.It 600
8133 8158 +600 seconds (10 minutes)
8134 8159 +.It 10m
8135 8160 +10 minutes
8136 8161 +.It 1h30m
8137 8162 +1 hour 30 minutes (90 minutes)
8138 8163 +.El
8139 8164 +.Sh FILES
8140 8165 +.Bl -tag -width Ds
8141 8166 +.It Pa /etc/ssh/sshd_config
8142 8167 +Contains configuration data for
8143 8168 +.Xr sshd 1M .
8144 8169 +This file should be writable by root only, but it is recommended
8145 8170 +(though not necessary) that it be world-readable.
8146 8171 +.El
8147 8172 +.Sh SEE ALSO
8148 8173 +.Xr sshd 1M ,
8149 8174 +.Xr pam_unix_session 5
8150 8175 +.Sh AUTHORS
8151 8176 +OpenSSH is a derivative of the original and free
8152 8177 +ssh 1.2.12 release by Tatu Ylonen.
8153 8178 +Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
8154 8179 +Theo de Raadt and Dug Song
8155 8180 +removed many bugs, re-added newer features and
8156 8181 +created OpenSSH.
8157 8182 +Markus Friedl contributed the support for SSH
8158 8183 +protocol versions 1.5 and 2.0.
8159 8184 +Niels Provos and Markus Friedl contributed support
8160 8185 +for privilege separation.
8161 8186 diff --git a/sshd_config.5 b/sshd_config.5
8162 8187 deleted file mode 100644
8163 8188 index 476f71c..0000000
8164 8189 --- a/sshd_config.5
8165 8190 +++ /dev/null
8166 8191 @@ -1,1736 +0,0 @@
8167 8192 -.\"
8168 8193 -.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
8169 8194 -.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8170 8195 -.\" All rights reserved
8171 8196 -.\"
8172 8197 -.\" As far as I am concerned, the code I have written for this software
8173 8198 -.\" can be used freely for any purpose. Any derived versions of this
8174 8199 -.\" software must be clearly marked as such, and if the derived work is
8175 8200 -.\" incompatible with the protocol description in the RFC file, it must be
8176 8201 -.\" called by a name other than "ssh" or "Secure Shell".
8177 8202 -.\"
8178 8203 -.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
8179 8204 -.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
8180 8205 -.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
8181 8206 -.\"
8182 8207 -.\" Redistribution and use in source and binary forms, with or without
8183 8208 -.\" modification, are permitted provided that the following conditions
8184 8209 -.\" are met:
8185 8210 -.\" 1. Redistributions of source code must retain the above copyright
8186 8211 -.\" notice, this list of conditions and the following disclaimer.
8187 8212 -.\" 2. Redistributions in binary form must reproduce the above copyright
8188 8213 -.\" notice, this list of conditions and the following disclaimer in the
8189 8214 -.\" documentation and/or other materials provided with the distribution.
8190 8215 -.\"
8191 8216 -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
8192 8217 -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
8193 8218 -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
8194 8219 -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
8195 8220 -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
8196 8221 -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
8197 8222 -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
8198 8223 -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
8199 8224 -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
8200 8225 -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
8201 8226 -.\"
8202 8227 -.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $
8203 8228 -.Dd $Mdocdate: August 14 2015 $
8204 8229 -.Dt SSHD_CONFIG 5
8205 8230 -.Os
8206 8231 -.Sh NAME
8207 8232 -.Nm sshd_config
8208 8233 -.Nd OpenSSH SSH daemon configuration file
8209 8234 -.Sh SYNOPSIS
8210 8235 -.Nm /etc/ssh/sshd_config
8211 8236 -.Sh DESCRIPTION
8212 8237 -.Xr sshd 8
8213 8238 -reads configuration data from
8214 8239 -.Pa /etc/ssh/sshd_config
8215 8240 -(or the file specified with
8216 8241 -.Fl f
8217 8242 -on the command line).
8218 8243 -The file contains keyword-argument pairs, one per line.
8219 8244 -Lines starting with
8220 8245 -.Ql #
8221 8246 -and empty lines are interpreted as comments.
8222 8247 -Arguments may optionally be enclosed in double quotes
8223 8248 -.Pq \&"
8224 8249 -in order to represent arguments containing spaces.
8225 8250 -.Pp
8226 8251 -The possible
8227 8252 -keywords and their meanings are as follows (note that
8228 8253 -keywords are case-insensitive and arguments are case-sensitive):
8229 8254 -.Bl -tag -width Ds
8230 8255 -.It Cm AcceptEnv
8231 8256 -Specifies what environment variables sent by the client will be copied into
8232 8257 -the session's
8233 8258 -.Xr environ 7 .
8234 8259 -See
8235 8260 -.Cm SendEnv
8236 8261 -in
8237 8262 -.Xr ssh_config 5
8238 8263 -for how to configure the client.
8239 8264 -Note that environment passing is only supported for protocol 2, and
8240 8265 -that the
8241 8266 -.Ev TERM
8242 8267 -environment variable is always sent whenever the client
8243 8268 -requests a pseudo-terminal as it is required by the protocol.
8244 8269 -Variables are specified by name, which may contain the wildcard characters
8245 8270 -.Ql *
8246 8271 -and
8247 8272 -.Ql \&? .
8248 8273 -Multiple environment variables may be separated by whitespace or spread
8249 8274 -across multiple
8250 8275 -.Cm AcceptEnv
8251 8276 -directives.
8252 8277 -Be warned that some environment variables could be used to bypass restricted
8253 8278 -user environments.
8254 8279 -For this reason, care should be taken in the use of this directive.
8255 8280 -The default is not to accept any environment variables.
8256 8281 -.It Cm AddressFamily
8257 8282 -Specifies which address family should be used by
8258 8283 -.Xr sshd 8 .
8259 8284 -Valid arguments are
8260 8285 -.Dq any ,
8261 8286 -.Dq inet
8262 8287 -(use IPv4 only), or
8263 8288 -.Dq inet6
8264 8289 -(use IPv6 only).
8265 8290 -The default is
8266 8291 -.Dq any .
8267 8292 -.It Cm AllowAgentForwarding
8268 8293 -Specifies whether
8269 8294 -.Xr ssh-agent 1
8270 8295 -forwarding is permitted.
8271 8296 -The default is
8272 8297 -.Dq yes .
8273 8298 -Note that disabling agent forwarding does not improve security
8274 8299 -unless users are also denied shell access, as they can always install
8275 8300 -their own forwarders.
8276 8301 -.It Cm AllowGroups
8277 8302 -This keyword can be followed by a list of group name patterns, separated
8278 8303 -by spaces.
8279 8304 -If specified, login is allowed only for users whose primary
8280 8305 -group or supplementary group list matches one of the patterns.
8281 8306 -Only group names are valid; a numerical group ID is not recognized.
8282 8307 -By default, login is allowed for all groups.
8283 8308 -The allow/deny directives are processed in the following order:
8284 8309 -.Cm DenyUsers ,
8285 8310 -.Cm AllowUsers ,
8286 8311 -.Cm DenyGroups ,
8287 8312 -and finally
8288 8313 -.Cm AllowGroups .
8289 8314 -.Pp
8290 8315 -See PATTERNS in
8291 8316 -.Xr ssh_config 5
8292 8317 -for more information on patterns.
8293 8318 -.It Cm AllowTcpForwarding
8294 8319 -Specifies whether TCP forwarding is permitted.
8295 8320 -The available options are
8296 8321 -.Dq yes
8297 8322 -or
8298 8323 -.Dq all
8299 8324 -to allow TCP forwarding,
8300 8325 -.Dq no
8301 8326 -to prevent all TCP forwarding,
8302 8327 -.Dq local
8303 8328 -to allow local (from the perspective of
8304 8329 -.Xr ssh 1 )
8305 8330 -forwarding only or
8306 8331 -.Dq remote
8307 8332 -to allow remote forwarding only.
8308 8333 -The default is
8309 8334 -.Dq yes .
8310 8335 -Note that disabling TCP forwarding does not improve security unless
8311 8336 -users are also denied shell access, as they can always install their
8312 8337 -own forwarders.
8313 8338 -.It Cm AllowStreamLocalForwarding
8314 8339 -Specifies whether StreamLocal (Unix-domain socket) forwarding is permitted.
8315 8340 -The available options are
8316 8341 -.Dq yes
8317 8342 -or
8318 8343 -.Dq all
8319 8344 -to allow StreamLocal forwarding,
8320 8345 -.Dq no
8321 8346 -to prevent all StreamLocal forwarding,
8322 8347 -.Dq local
8323 8348 -to allow local (from the perspective of
8324 8349 -.Xr ssh 1 )
8325 8350 -forwarding only or
8326 8351 -.Dq remote
8327 8352 -to allow remote forwarding only.
8328 8353 -The default is
8329 8354 -.Dq yes .
8330 8355 -Note that disabling StreamLocal forwarding does not improve security unless
8331 8356 -users are also denied shell access, as they can always install their
8332 8357 -own forwarders.
8333 8358 -.It Cm AllowUsers
8334 8359 -This keyword can be followed by a list of user name patterns, separated
8335 8360 -by spaces.
8336 8361 -If specified, login is allowed only for user names that
8337 8362 -match one of the patterns.
8338 8363 -Only user names are valid; a numerical user ID is not recognized.
8339 8364 -By default, login is allowed for all users.
8340 8365 -If the pattern takes the form USER@HOST then USER and HOST
8341 8366 -are separately checked, restricting logins to particular
8342 8367 -users from particular hosts.
8343 8368 -The allow/deny directives are processed in the following order:
8344 8369 -.Cm DenyUsers ,
8345 8370 -.Cm AllowUsers ,
8346 8371 -.Cm DenyGroups ,
8347 8372 -and finally
8348 8373 -.Cm AllowGroups .
8349 8374 -.Pp
8350 8375 -See PATTERNS in
8351 8376 -.Xr ssh_config 5
8352 8377 -for more information on patterns.
8353 8378 -.It Cm AuthenticationMethods
8354 8379 -Specifies the authentication methods that must be successfully completed
8355 8380 -for a user to be granted access.
8356 8381 -This option must be followed by one or more comma-separated lists of
8357 8382 -authentication method names.
8358 8383 -Successful authentication requires completion of every method in at least
8359 8384 -one of these lists.
8360 8385 -.Pp
8361 8386 -For example, an argument of
8362 8387 -.Dq publickey,password publickey,keyboard-interactive
8363 8388 -would require the user to complete public key authentication, followed by
8364 8389 -either password or keyboard interactive authentication.
8365 8390 -Only methods that are next in one or more lists are offered at each stage,
8366 8391 -so for this example, it would not be possible to attempt password or
8367 8392 -keyboard-interactive authentication before public key.
8368 8393 -.Pp
8369 8394 -For keyboard interactive authentication it is also possible to
8370 8395 -restrict authentication to a specific device by appending a
8371 8396 -colon followed by the device identifier
8372 8397 -.Dq bsdauth ,
8373 8398 -.Dq pam ,
8374 8399 -or
8375 8400 -.Dq skey ,
8376 8401 -depending on the server configuration.
8377 8402 -For example,
8378 8403 -.Dq keyboard-interactive:bsdauth
8379 8404 -would restrict keyboard interactive authentication to the
8380 8405 -.Dq bsdauth
8381 8406 -device.
8382 8407 -.Pp
8383 8408 -If the
8384 8409 -.Dq publickey
8385 8410 -method is listed more than once,
8386 8411 -.Xr sshd 8
8387 8412 -verifies that keys that have been used successfully are not reused for
8388 8413 -subsequent authentications.
8389 8414 -For example, an
8390 8415 -.Cm AuthenticationMethods
8391 8416 -of
8392 8417 -.Dq publickey,publickey
8393 8418 -will require successful authentication using two different public keys.
8394 8419 -.Pp
8395 8420 -This option is only available for SSH protocol 2 and will yield a fatal
8396 8421 -error if enabled if protocol 1 is also enabled.
8397 8422 -Note that each authentication method listed should also be explicitly enabled
8398 8423 -in the configuration.
8399 8424 -The default is not to require multiple authentication; successful completion
8400 8425 -of a single authentication method is sufficient.
8401 8426 -.It Cm AuthorizedKeysCommand
8402 8427 -Specifies a program to be used to look up the user's public keys.
8403 8428 -The program must be owned by root, not writable by group or others and
8404 8429 -specified by an absolute path.
8405 8430 -.Pp
8406 8431 -Arguments to
8407 8432 -.Cm AuthorizedKeysCommand
8408 8433 -may be provided using the following tokens, which will be expanded
8409 8434 -at runtime: %% is replaced by a literal '%', %u is replaced by the
8410 8435 -username being authenticated, %h is replaced by the home directory
8411 8436 -of the user being authenticated, %t is replaced with the key type
8412 8437 -offered for authentication, %f is replaced with the fingerprint of
8413 8438 -the key, and %k is replaced with the key being offered for authentication.
8414 8439 -If no arguments are specified then the username of the target user
8415 8440 -will be supplied.
8416 8441 -.Pp
8417 8442 -The program should produce on standard output zero or
8418 8443 -more lines of authorized_keys output (see AUTHORIZED_KEYS in
8419 8444 -.Xr sshd 8 ) .
8420 8445 -If a key supplied by AuthorizedKeysCommand does not successfully authenticate
8421 8446 -and authorize the user then public key authentication continues using the usual
8422 8447 -.Cm AuthorizedKeysFile
8423 8448 -files.
8424 8449 -By default, no AuthorizedKeysCommand is run.
8425 8450 -.It Cm AuthorizedKeysCommandUser
8426 8451 -Specifies the user under whose account the AuthorizedKeysCommand is run.
8427 8452 -It is recommended to use a dedicated user that has no other role on the host
8428 8453 -than running authorized keys commands.
8429 8454 -If
8430 8455 -.Cm AuthorizedKeysCommand
8431 8456 -is specified but
8432 8457 -.Cm AuthorizedKeysCommandUser
8433 8458 -is not, then
8434 8459 -.Xr sshd 8
8435 8460 -will refuse to start.
8436 8461 -.It Cm AuthorizedKeysFile
8437 8462 -Specifies the file that contains the public keys that can be used
8438 8463 -for user authentication.
8439 8464 -The format is described in the
8440 8465 -AUTHORIZED_KEYS FILE FORMAT
8441 8466 -section of
8442 8467 -.Xr sshd 8 .
8443 8468 -.Cm AuthorizedKeysFile
8444 8469 -may contain tokens of the form %T which are substituted during connection
8445 8470 -setup.
8446 8471 -The following tokens are defined: %% is replaced by a literal '%',
8447 8472 -%h is replaced by the home directory of the user being authenticated, and
8448 8473 -%u is replaced by the username of that user.
8449 8474 -After expansion,
8450 8475 -.Cm AuthorizedKeysFile
8451 8476 -is taken to be an absolute path or one relative to the user's home
8452 8477 -directory.
8453 8478 -Multiple files may be listed, separated by whitespace.
8454 8479 -The default is
8455 8480 -.Dq .ssh/authorized_keys .ssh/authorized_keys2 .
8456 8481 -.It Cm AuthorizedPrincipalsCommand
8457 8482 -Specifies a program to be used to generate the list of allowed
8458 8483 -certificate principals as per
8459 8484 -.Cm AuthorizedPrincipalsFile .
8460 8485 -The program must be owned by root, not writable by group or others and
8461 8486 -specified by an absolute path.
8462 8487 -.Pp
8463 8488 -Arguments to
8464 8489 -.Cm AuthorizedPrincipalsCommand
8465 8490 -may be provided using the following tokens, which will be expanded
8466 8491 -at runtime: %% is replaced by a literal '%', %u is replaced by the
8467 8492 -username being authenticated and %h is replaced by the home directory
8468 8493 -of the user being authenticated.
8469 8494 -.Pp
8470 8495 -The program should produce on standard output zero or
8471 8496 -more lines of
8472 8497 -.Cm AuthorizedPrincipalsFile
8473 8498 -output.
8474 8499 -If either
8475 8500 -.Cm AuthorizedPrincipalsCommand
8476 8501 -or
8477 8502 -.Cm AuthorizedPrincipalsFile
8478 8503 -is specified, then certificates offered by the client for authentication
8479 8504 -must contain a principal that is listed.
8480 8505 -By default, no AuthorizedPrincipalsCommand is run.
8481 8506 -.It Cm AuthorizedPrincipalsCommandUser
8482 8507 -Specifies the user under whose account the AuthorizedPrincipalsCommand is run.
8483 8508 -It is recommended to use a dedicated user that has no other role on the host
8484 8509 -than running authorized principals commands.
8485 8510 -If
8486 8511 -.Cm AuthorizedPrincipalsCommand
8487 8512 -is specified but
8488 8513 -.Cm AuthorizedPrincipalsCommandUser
8489 8514 -is not, then
8490 8515 -.Xr sshd 8
8491 8516 -will refuse to start.
8492 8517 -.It Cm AuthorizedPrincipalsFile
8493 8518 -Specifies a file that lists principal names that are accepted for
8494 8519 -certificate authentication.
8495 8520 -When using certificates signed by a key listed in
8496 8521 -.Cm TrustedUserCAKeys ,
8497 8522 -this file lists names, one of which must appear in the certificate for it
8498 8523 -to be accepted for authentication.
8499 8524 -Names are listed one per line preceded by key options (as described
8500 8525 -in AUTHORIZED_KEYS FILE FORMAT in
8501 8526 -.Xr sshd 8 ) .
8502 8527 -Empty lines and comments starting with
8503 8528 -.Ql #
8504 8529 -are ignored.
8505 8530 -.Pp
8506 8531 -.Cm AuthorizedPrincipalsFile
8507 8532 -may contain tokens of the form %T which are substituted during connection
8508 8533 -setup.
8509 8534 -The following tokens are defined: %% is replaced by a literal '%',
8510 8535 -%h is replaced by the home directory of the user being authenticated, and
8511 8536 -%u is replaced by the username of that user.
8512 8537 -After expansion,
8513 8538 -.Cm AuthorizedPrincipalsFile
8514 8539 -is taken to be an absolute path or one relative to the user's home
8515 8540 -directory.
8516 8541 -.Pp
8517 8542 -The default is
8518 8543 -.Dq none ,
8519 8544 -i.e. not to use a principals file \(en in this case, the username
8520 8545 -of the user must appear in a certificate's principals list for it to be
8521 8546 -accepted.
8522 8547 -Note that
8523 8548 -.Cm AuthorizedPrincipalsFile
8524 8549 -is only used when authentication proceeds using a CA listed in
8525 8550 -.Cm TrustedUserCAKeys
8526 8551 -and is not consulted for certification authorities trusted via
8527 8552 -.Pa ~/.ssh/authorized_keys ,
8528 8553 -though the
8529 8554 -.Cm principals=
8530 8555 -key option offers a similar facility (see
8531 8556 -.Xr sshd 8
8532 8557 -for details).
8533 8558 -.It Cm Banner
8534 8559 -The contents of the specified file are sent to the remote user before
8535 8560 -authentication is allowed.
8536 8561 -If the argument is
8537 8562 -.Dq none
8538 8563 -then no banner is displayed.
8539 8564 -This option is only available for protocol version 2.
8540 8565 -By default, no banner is displayed.
8541 8566 -.It Cm ChallengeResponseAuthentication
8542 8567 -Specifies whether challenge-response authentication is allowed (e.g. via
8543 8568 -PAM or through authentication styles supported in
8544 8569 -.Xr login.conf 5 )
8545 8570 -The default is
8546 8571 -.Dq yes .
8547 8572 -.It Cm ChrootDirectory
8548 8573 -Specifies the pathname of a directory to
8549 8574 -.Xr chroot 2
8550 8575 -to after authentication.
8551 8576 -At session startup
8552 8577 -.Xr sshd 8
8553 8578 -checks that all components of the pathname are root-owned directories
8554 8579 -which are not writable by any other user or group.
8555 8580 -After the chroot,
8556 8581 -.Xr sshd 8
8557 8582 -changes the working directory to the user's home directory.
8558 8583 -.Pp
8559 8584 -The pathname may contain the following tokens that are expanded at runtime once
8560 8585 -the connecting user has been authenticated: %% is replaced by a literal '%',
8561 8586 -%h is replaced by the home directory of the user being authenticated, and
8562 8587 -%u is replaced by the username of that user.
8563 8588 -.Pp
8564 8589 -The
8565 8590 -.Cm ChrootDirectory
8566 8591 -must contain the necessary files and directories to support the
8567 8592 -user's session.
8568 8593 -For an interactive session this requires at least a shell, typically
8569 8594 -.Xr sh 1 ,
8570 8595 -and basic
8571 8596 -.Pa /dev
8572 8597 -nodes such as
8573 8598 -.Xr null 4 ,
8574 8599 -.Xr zero 4 ,
8575 8600 -.Xr stdin 4 ,
8576 8601 -.Xr stdout 4 ,
8577 8602 -.Xr stderr 4 ,
8578 8603 -and
8579 8604 -.Xr tty 4
8580 8605 -devices.
8581 8606 -For file transfer sessions using
8582 8607 -.Dq sftp ,
8583 8608 -no additional configuration of the environment is necessary if the
8584 8609 -in-process sftp server is used,
8585 8610 -though sessions which use logging may require
8586 8611 -.Pa /dev/log
8587 8612 -inside the chroot directory on some operating systems (see
8588 8613 -.Xr sftp-server 8
8589 8614 -for details).
8590 8615 -.Pp
8591 8616 -For safety, it is very important that the directory hierarchy be
8592 8617 -prevented from modification by other processes on the system (especially
8593 8618 -those outside the jail).
8594 8619 -Misconfiguration can lead to unsafe environments which
8595 8620 -.Xr sshd 8
8596 8621 -cannot detect.
8597 8622 -.Pp
8598 8623 -The default is not to
8599 8624 -.Xr chroot 2 .
8600 8625 -.It Cm Ciphers
8601 8626 -Specifies the ciphers allowed for protocol version 2.
8602 8627 -Multiple ciphers must be comma-separated.
8603 8628 -If the specified value begins with a
8604 8629 -.Sq +
8605 8630 -character, then the specified ciphers will be appended to the default set
8606 8631 -instead of replacing them.
8607 8632 -.Pp
8608 8633 -The supported ciphers are:
8609 8634 -.Pp
8610 8635 -.Bl -item -compact -offset indent
8611 8636 -.It
8612 8637 -3des-cbc
8613 8638 -.It
8614 8639 -aes128-cbc
8615 8640 -.It
8616 8641 -aes192-cbc
8617 8642 -.It
8618 8643 -aes256-cbc
8619 8644 -.It
8620 8645 -aes128-ctr
8621 8646 -.It
8622 8647 -aes192-ctr
8623 8648 -.It
8624 8649 -aes256-ctr
8625 8650 -.It
8626 8651 -aes128-gcm@openssh.com
8627 8652 -.It
8628 8653 -aes256-gcm@openssh.com
8629 8654 -.It
8630 8655 -arcfour
8631 8656 -.It
8632 8657 -arcfour128
8633 8658 -.It
8634 8659 -arcfour256
8635 8660 -.It
8636 8661 -blowfish-cbc
8637 8662 -.It
8638 8663 -cast128-cbc
8639 8664 -.It
8640 8665 -chacha20-poly1305@openssh.com
8641 8666 -.El
8642 8667 -.Pp
8643 8668 -The default is:
8644 8669 -.Bd -literal -offset indent
8645 8670 -chacha20-poly1305@openssh.com,
8646 8671 -aes128-ctr,aes192-ctr,aes256-ctr,
8647 8672 -aes128-gcm@openssh.com,aes256-gcm@openssh.com
8648 8673 -.Ed
8649 8674 -.Pp
8650 8675 -The list of available ciphers may also be obtained using the
8651 8676 -.Fl Q
8652 8677 -option of
8653 8678 -.Xr ssh 1
8654 8679 -with an argument of
8655 8680 -.Dq cipher .
8656 8681 -.It Cm ClientAliveCountMax
8657 8682 -Sets the number of client alive messages (see below) which may be
8658 8683 -sent without
8659 8684 -.Xr sshd 8
8660 8685 -receiving any messages back from the client.
8661 8686 -If this threshold is reached while client alive messages are being sent,
8662 8687 -sshd will disconnect the client, terminating the session.
8663 8688 -It is important to note that the use of client alive messages is very
8664 8689 -different from
8665 8690 -.Cm TCPKeepAlive
8666 8691 -(below).
8667 8692 -The client alive messages are sent through the encrypted channel
8668 8693 -and therefore will not be spoofable.
8669 8694 -The TCP keepalive option enabled by
8670 8695 -.Cm TCPKeepAlive
8671 8696 -is spoofable.
8672 8697 -The client alive mechanism is valuable when the client or
8673 8698 -server depend on knowing when a connection has become inactive.
8674 8699 -.Pp
8675 8700 -The default value is 3.
8676 8701 -If
8677 8702 -.Cm ClientAliveInterval
8678 8703 -(see below) is set to 15, and
8679 8704 -.Cm ClientAliveCountMax
8680 8705 -is left at the default, unresponsive SSH clients
8681 8706 -will be disconnected after approximately 45 seconds.
8682 8707 -This option applies to protocol version 2 only.
8683 8708 -.It Cm ClientAliveInterval
8684 8709 -Sets a timeout interval in seconds after which if no data has been received
8685 8710 -from the client,
8686 8711 -.Xr sshd 8
8687 8712 -will send a message through the encrypted
8688 8713 -channel to request a response from the client.
8689 8714 -The default
8690 8715 -is 0, indicating that these messages will not be sent to the client.
8691 8716 -This option applies to protocol version 2 only.
8692 8717 -.It Cm Compression
8693 8718 -Specifies whether compression is allowed, or delayed until
8694 8719 -the user has authenticated successfully.
8695 8720 -The argument must be
8696 8721 -.Dq yes ,
8697 8722 -.Dq delayed ,
8698 8723 -or
8699 8724 -.Dq no .
8700 8725 -The default is
8701 8726 -.Dq delayed .
8702 8727 -.It Cm DenyGroups
8703 8728 -This keyword can be followed by a list of group name patterns, separated
8704 8729 -by spaces.
8705 8730 -Login is disallowed for users whose primary group or supplementary
8706 8731 -group list matches one of the patterns.
8707 8732 -Only group names are valid; a numerical group ID is not recognized.
8708 8733 -By default, login is allowed for all groups.
8709 8734 -The allow/deny directives are processed in the following order:
8710 8735 -.Cm DenyUsers ,
8711 8736 -.Cm AllowUsers ,
8712 8737 -.Cm DenyGroups ,
8713 8738 -and finally
8714 8739 -.Cm AllowGroups .
8715 8740 -.Pp
8716 8741 -See PATTERNS in
8717 8742 -.Xr ssh_config 5
8718 8743 -for more information on patterns.
8719 8744 -.It Cm DenyUsers
8720 8745 -This keyword can be followed by a list of user name patterns, separated
8721 8746 -by spaces.
8722 8747 -Login is disallowed for user names that match one of the patterns.
8723 8748 -Only user names are valid; a numerical user ID is not recognized.
8724 8749 -By default, login is allowed for all users.
8725 8750 -If the pattern takes the form USER@HOST then USER and HOST
8726 8751 -are separately checked, restricting logins to particular
8727 8752 -users from particular hosts.
8728 8753 -The allow/deny directives are processed in the following order:
8729 8754 -.Cm DenyUsers ,
8730 8755 -.Cm AllowUsers ,
8731 8756 -.Cm DenyGroups ,
8732 8757 -and finally
8733 8758 -.Cm AllowGroups .
8734 8759 -.Pp
8735 8760 -See PATTERNS in
8736 8761 -.Xr ssh_config 5
8737 8762 -for more information on patterns.
8738 8763 -.It Cm FingerprintHash
8739 8764 -Specifies the hash algorithm used when logging key fingerprints.
8740 8765 -Valid options are:
8741 8766 -.Dq md5
8742 8767 -and
8743 8768 -.Dq sha256 .
8744 8769 -The default is
8745 8770 -.Dq sha256 .
8746 8771 -.It Cm ForceCommand
8747 8772 -Forces the execution of the command specified by
8748 8773 -.Cm ForceCommand ,
8749 8774 -ignoring any command supplied by the client and
8750 8775 -.Pa ~/.ssh/rc
8751 8776 -if present.
8752 8777 -The command is invoked by using the user's login shell with the -c option.
8753 8778 -This applies to shell, command, or subsystem execution.
8754 8779 -It is most useful inside a
8755 8780 -.Cm Match
8756 8781 -block.
8757 8782 -The command originally supplied by the client is available in the
8758 8783 -.Ev SSH_ORIGINAL_COMMAND
8759 8784 -environment variable.
8760 8785 -Specifying a command of
8761 8786 -.Dq internal-sftp
8762 8787 -will force the use of an in-process sftp server that requires no support
8763 8788 -files when used with
8764 8789 -.Cm ChrootDirectory .
8765 8790 -.It Cm GatewayPorts
8766 8791 -Specifies whether remote hosts are allowed to connect to ports
8767 8792 -forwarded for the client.
8768 8793 -By default,
8769 8794 -.Xr sshd 8
8770 8795 -binds remote port forwardings to the loopback address.
8771 8796 -This prevents other remote hosts from connecting to forwarded ports.
8772 8797 -.Cm GatewayPorts
8773 8798 -can be used to specify that sshd
8774 8799 -should allow remote port forwardings to bind to non-loopback addresses, thus
8775 8800 -allowing other hosts to connect.
8776 8801 -The argument may be
8777 8802 -.Dq no
8778 8803 -to force remote port forwardings to be available to the local host only,
8779 8804 -.Dq yes
8780 8805 -to force remote port forwardings to bind to the wildcard address, or
8781 8806 -.Dq clientspecified
8782 8807 -to allow the client to select the address to which the forwarding is bound.
8783 8808 -The default is
8784 8809 -.Dq no .
8785 8810 -.It Cm GSSAPIAuthentication
8786 8811 -Specifies whether user authentication based on GSSAPI is allowed.
8787 8812 -The default is
8788 8813 -.Dq no .
8789 8814 -Note that this option applies to protocol version 2 only.
8790 8815 -.It Cm GSSAPICleanupCredentials
8791 8816 -Specifies whether to automatically destroy the user's credentials cache
8792 8817 -on logout.
8793 8818 -The default is
8794 8819 -.Dq yes .
8795 8820 -Note that this option applies to protocol version 2 only.
8796 8821 -.It Cm GSSAPIStrictAcceptorCheck
8797 8822 -Determines whether to be strict about the identity of the GSSAPI acceptor
8798 8823 -a client authenticates against.
8799 8824 -If set to
8800 8825 -.Dq yes
8801 8826 -then the client must authenticate against the
8802 8827 -.Pa host
8803 8828 -service on the current hostname.
8804 8829 -If set to
8805 8830 -.Dq no
8806 8831 -then the client may authenticate against any service key stored in the
8807 8832 -machine's default store.
8808 8833 -This facility is provided to assist with operation on multi homed machines.
8809 8834 -The default is
8810 8835 -.Dq yes .
8811 8836 -.It Cm HostbasedAcceptedKeyTypes
8812 8837 -Specifies the key types that will be accepted for hostbased authentication
8813 8838 -as a comma-separated pattern list.
8814 8839 -Alternately if the specified value begins with a
8815 8840 -.Sq +
8816 8841 -character, then the specified key types will be appended to the default set
8817 8842 -instead of replacing them.
8818 8843 -The default for this option is:
8819 8844 -.Bd -literal -offset 3n
8820 8845 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
8821 8846 -ecdsa-sha2-nistp384-cert-v01@openssh.com,
8822 8847 -ecdsa-sha2-nistp521-cert-v01@openssh.com,
8823 8848 -ssh-ed25519-cert-v01@openssh.com,
8824 8849 -ssh-rsa-cert-v01@openssh.com,
8825 8850 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
8826 8851 -ssh-ed25519,ssh-rsa
8827 8852 -.Ed
8828 8853 -.Pp
8829 8854 -The
8830 8855 -.Fl Q
8831 8856 -option of
8832 8857 -.Xr ssh 1
8833 8858 -may be used to list supported key types.
8834 8859 -.It Cm HostbasedAuthentication
8835 8860 -Specifies whether rhosts or /etc/hosts.equiv authentication together
8836 8861 -with successful public key client host authentication is allowed
8837 8862 -(host-based authentication).
8838 8863 -This option is similar to
8839 8864 -.Cm RhostsRSAAuthentication
8840 8865 -and applies to protocol version 2 only.
8841 8866 -The default is
8842 8867 -.Dq no .
8843 8868 -.It Cm HostbasedUsesNameFromPacketOnly
8844 8869 -Specifies whether or not the server will attempt to perform a reverse
8845 8870 -name lookup when matching the name in the
8846 8871 -.Pa ~/.shosts ,
8847 8872 -.Pa ~/.rhosts ,
8848 8873 -and
8849 8874 -.Pa /etc/hosts.equiv
8850 8875 -files during
8851 8876 -.Cm HostbasedAuthentication .
8852 8877 -A setting of
8853 8878 -.Dq yes
8854 8879 -means that
8855 8880 -.Xr sshd 8
8856 8881 -uses the name supplied by the client rather than
8857 8882 -attempting to resolve the name from the TCP connection itself.
8858 8883 -The default is
8859 8884 -.Dq no .
8860 8885 -.It Cm HostCertificate
8861 8886 -Specifies a file containing a public host certificate.
8862 8887 -The certificate's public key must match a private host key already specified
8863 8888 -by
8864 8889 -.Cm HostKey .
8865 8890 -The default behaviour of
8866 8891 -.Xr sshd 8
8867 8892 -is not to load any certificates.
8868 8893 -.It Cm HostKey
8869 8894 -Specifies a file containing a private host key
8870 8895 -used by SSH.
8871 8896 -The default is
8872 8897 -.Pa /etc/ssh/ssh_host_key
8873 8898 -for protocol version 1, and
8874 8899 -.Pa /etc/ssh/ssh_host_dsa_key ,
8875 8900 -.Pa /etc/ssh/ssh_host_ecdsa_key ,
8876 8901 -.Pa /etc/ssh/ssh_host_ed25519_key
8877 8902 -and
8878 8903 -.Pa /etc/ssh/ssh_host_rsa_key
8879 8904 -for protocol version 2.
8880 8905 -.Pp
8881 8906 -Note that
8882 8907 -.Xr sshd 8
8883 8908 -will refuse to use a file if it is group/world-accessible
8884 8909 -and that the
8885 8910 -.Cm HostKeyAlgorithms
8886 8911 -option restricts which of the keys are actually used by
8887 8912 -.Xr sshd 8 .
8888 8913 -.Pp
8889 8914 -It is possible to have multiple host key files.
8890 8915 -.Dq rsa1
8891 8916 -keys are used for version 1 and
8892 8917 -.Dq dsa ,
8893 8918 -.Dq ecdsa ,
8894 8919 -.Dq ed25519
8895 8920 -or
8896 8921 -.Dq rsa
8897 8922 -are used for version 2 of the SSH protocol.
8898 8923 -It is also possible to specify public host key files instead.
8899 8924 -In this case operations on the private key will be delegated
8900 8925 -to an
8901 8926 -.Xr ssh-agent 1 .
8902 8927 -.It Cm HostKeyAgent
8903 8928 -Identifies the UNIX-domain socket used to communicate
8904 8929 -with an agent that has access to the private host keys.
8905 8930 -If
8906 8931 -.Dq SSH_AUTH_SOCK
8907 8932 -is specified, the location of the socket will be read from the
8908 8933 -.Ev SSH_AUTH_SOCK
8909 8934 -environment variable.
8910 8935 -.It Cm HostKeyAlgorithms
8911 8936 -Specifies the protocol version 2 host key algorithms
8912 8937 -that the server offers.
8913 8938 -The default for this option is:
8914 8939 -.Bd -literal -offset 3n
8915 8940 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
8916 8941 -ecdsa-sha2-nistp384-cert-v01@openssh.com,
8917 8942 -ecdsa-sha2-nistp521-cert-v01@openssh.com,
8918 8943 -ssh-ed25519-cert-v01@openssh.com,
8919 8944 -ssh-rsa-cert-v01@openssh.com,
8920 8945 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
8921 8946 -ssh-ed25519,ssh-rsa
8922 8947 -.Ed
8923 8948 -.Pp
8924 8949 -The list of available key types may also be obtained using the
8925 8950 -.Fl Q
8926 8951 -option of
8927 8952 -.Xr ssh 1
8928 8953 -with an argument of
8929 8954 -.Dq key .
8930 8955 -.It Cm IgnoreRhosts
8931 8956 -Specifies that
8932 8957 -.Pa .rhosts
8933 8958 -and
8934 8959 -.Pa .shosts
8935 8960 -files will not be used in
8936 8961 -.Cm RhostsRSAAuthentication
8937 8962 -or
8938 8963 -.Cm HostbasedAuthentication .
8939 8964 -.Pp
8940 8965 -.Pa /etc/hosts.equiv
8941 8966 -and
8942 8967 -.Pa /etc/shosts.equiv
8943 8968 -are still used.
8944 8969 -The default is
8945 8970 -.Dq yes .
8946 8971 -.It Cm IgnoreUserKnownHosts
8947 8972 -Specifies whether
8948 8973 -.Xr sshd 8
8949 8974 -should ignore the user's
8950 8975 -.Pa ~/.ssh/known_hosts
8951 8976 -during
8952 8977 -.Cm RhostsRSAAuthentication
8953 8978 -or
8954 8979 -.Cm HostbasedAuthentication .
8955 8980 -The default is
8956 8981 -.Dq no .
8957 8982 -.It Cm IPQoS
8958 8983 -Specifies the IPv4 type-of-service or DSCP class for the connection.
8959 8984 -Accepted values are
8960 8985 -.Dq af11 ,
8961 8986 -.Dq af12 ,
8962 8987 -.Dq af13 ,
8963 8988 -.Dq af21 ,
8964 8989 -.Dq af22 ,
8965 8990 -.Dq af23 ,
8966 8991 -.Dq af31 ,
8967 8992 -.Dq af32 ,
8968 8993 -.Dq af33 ,
8969 8994 -.Dq af41 ,
8970 8995 -.Dq af42 ,
8971 8996 -.Dq af43 ,
8972 8997 -.Dq cs0 ,
8973 8998 -.Dq cs1 ,
8974 8999 -.Dq cs2 ,
8975 9000 -.Dq cs3 ,
8976 9001 -.Dq cs4 ,
8977 9002 -.Dq cs5 ,
8978 9003 -.Dq cs6 ,
8979 9004 -.Dq cs7 ,
8980 9005 -.Dq ef ,
8981 9006 -.Dq lowdelay ,
8982 9007 -.Dq throughput ,
8983 9008 -.Dq reliability ,
8984 9009 -or a numeric value.
8985 9010 -This option may take one or two arguments, separated by whitespace.
8986 9011 -If one argument is specified, it is used as the packet class unconditionally.
8987 9012 -If two values are specified, the first is automatically selected for
8988 9013 -interactive sessions and the second for non-interactive sessions.
8989 9014 -The default is
8990 9015 -.Dq lowdelay
8991 9016 -for interactive sessions and
8992 9017 -.Dq throughput
8993 9018 -for non-interactive sessions.
8994 9019 -.It Cm KbdInteractiveAuthentication
8995 9020 -Specifies whether to allow keyboard-interactive authentication.
8996 9021 -The argument to this keyword must be
8997 9022 -.Dq yes
8998 9023 -or
8999 9024 -.Dq no .
9000 9025 -The default is to use whatever value
9001 9026 -.Cm ChallengeResponseAuthentication
9002 9027 -is set to
9003 9028 -(by default
9004 9029 -.Dq yes ) .
9005 9030 -.It Cm KerberosAuthentication
9006 9031 -Specifies whether the password provided by the user for
9007 9032 -.Cm PasswordAuthentication
9008 9033 -will be validated through the Kerberos KDC.
9009 9034 -To use this option, the server needs a
9010 9035 -Kerberos servtab which allows the verification of the KDC's identity.
9011 9036 -The default is
9012 9037 -.Dq no .
9013 9038 -.It Cm KerberosGetAFSToken
9014 9039 -If AFS is active and the user has a Kerberos 5 TGT, attempt to acquire
9015 9040 -an AFS token before accessing the user's home directory.
9016 9041 -The default is
9017 9042 -.Dq no .
9018 9043 -.It Cm KerberosOrLocalPasswd
9019 9044 -If password authentication through Kerberos fails then
9020 9045 -the password will be validated via any additional local mechanism
9021 9046 -such as
9022 9047 -.Pa /etc/passwd .
9023 9048 -The default is
9024 9049 -.Dq yes .
9025 9050 -.It Cm KerberosTicketCleanup
9026 9051 -Specifies whether to automatically destroy the user's ticket cache
9027 9052 -file on logout.
9028 9053 -The default is
9029 9054 -.Dq yes .
9030 9055 -.It Cm KexAlgorithms
9031 9056 -Specifies the available KEX (Key Exchange) algorithms.
9032 9057 -Multiple algorithms must be comma-separated.
9033 9058 -Alternately if the specified value begins with a
9034 9059 -.Sq +
9035 9060 -character, then the specified methods will be appended to the default set
9036 9061 -instead of replacing them.
9037 9062 -The supported algorithms are:
9038 9063 -.Pp
9039 9064 -.Bl -item -compact -offset indent
9040 9065 -.It
9041 9066 -curve25519-sha256@libssh.org
9042 9067 -.It
9043 9068 -diffie-hellman-group1-sha1
9044 9069 -.It
9045 9070 -diffie-hellman-group14-sha1
9046 9071 -.It
9047 9072 -diffie-hellman-group-exchange-sha1
9048 9073 -.It
9049 9074 -diffie-hellman-group-exchange-sha256
9050 9075 -.It
9051 9076 -ecdh-sha2-nistp256
9052 9077 -.It
9053 9078 -ecdh-sha2-nistp384
9054 9079 -.It
9055 9080 -ecdh-sha2-nistp521
9056 9081 -.El
9057 9082 -.Pp
9058 9083 -The default is:
9059 9084 -.Bd -literal -offset indent
9060 9085 -curve25519-sha256@libssh.org,
9061 9086 -ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
9062 9087 -diffie-hellman-group-exchange-sha256,
9063 9088 -diffie-hellman-group14-sha1
9064 9089 -.Ed
9065 9090 -.Pp
9066 9091 -The list of available key exchange algorithms may also be obtained using the
9067 9092 -.Fl Q
9068 9093 -option of
9069 9094 -.Xr ssh 1
9070 9095 -with an argument of
9071 9096 -.Dq kex .
9072 9097 -.It Cm KeyRegenerationInterval
9073 9098 -In protocol version 1, the ephemeral server key is automatically regenerated
9074 9099 -after this many seconds (if it has been used).
9075 9100 -The purpose of regeneration is to prevent
9076 9101 -decrypting captured sessions by later breaking into the machine and
9077 9102 -stealing the keys.
9078 9103 -The key is never stored anywhere.
9079 9104 -If the value is 0, the key is never regenerated.
9080 9105 -The default is 3600 (seconds).
9081 9106 -.It Cm ListenAddress
9082 9107 -Specifies the local addresses
9083 9108 -.Xr sshd 8
9084 9109 -should listen on.
9085 9110 -The following forms may be used:
9086 9111 -.Pp
9087 9112 -.Bl -item -offset indent -compact
9088 9113 -.It
9089 9114 -.Cm ListenAddress
9090 9115 -.Sm off
9091 9116 -.Ar host | Ar IPv4_addr | Ar IPv6_addr
9092 9117 -.Sm on
9093 9118 -.It
9094 9119 -.Cm ListenAddress
9095 9120 -.Sm off
9096 9121 -.Ar host | Ar IPv4_addr : Ar port
9097 9122 -.Sm on
9098 9123 -.It
9099 9124 -.Cm ListenAddress
9100 9125 -.Sm off
9101 9126 -.Oo
9102 9127 -.Ar host | Ar IPv6_addr Oc : Ar port
9103 9128 -.Sm on
9104 9129 -.El
9105 9130 -.Pp
9106 9131 -If
9107 9132 -.Ar port
9108 9133 -is not specified,
9109 9134 -sshd will listen on the address and all
9110 9135 -.Cm Port
9111 9136 -options specified.
9112 9137 -The default is to listen on all local addresses.
9113 9138 -Multiple
9114 9139 -.Cm ListenAddress
9115 9140 -options are permitted.
9116 9141 -.It Cm LoginGraceTime
9117 9142 -The server disconnects after this time if the user has not
9118 9143 -successfully logged in.
9119 9144 -If the value is 0, there is no time limit.
9120 9145 -The default is 120 seconds.
9121 9146 -.It Cm LogLevel
9122 9147 -Gives the verbosity level that is used when logging messages from
9123 9148 -.Xr sshd 8 .
9124 9149 -The possible values are:
9125 9150 -QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
9126 9151 -The default is INFO.
9127 9152 -DEBUG and DEBUG1 are equivalent.
9128 9153 -DEBUG2 and DEBUG3 each specify higher levels of debugging output.
9129 9154 -Logging with a DEBUG level violates the privacy of users and is not recommended.
9130 9155 -.It Cm MACs
9131 9156 -Specifies the available MAC (message authentication code) algorithms.
9132 9157 -The MAC algorithm is used in protocol version 2
9133 9158 -for data integrity protection.
9134 9159 -Multiple algorithms must be comma-separated.
9135 9160 -If the specified value begins with a
9136 9161 -.Sq +
9137 9162 -character, then the specified algorithms will be appended to the default set
9138 9163 -instead of replacing them.
9139 9164 -.Pp
9140 9165 -The algorithms that contain
9141 9166 -.Dq -etm
9142 9167 -calculate the MAC after encryption (encrypt-then-mac).
9143 9168 -These are considered safer and their use recommended.
9144 9169 -The supported MACs are:
9145 9170 -.Pp
9146 9171 -.Bl -item -compact -offset indent
9147 9172 -.It
9148 9173 -hmac-md5
9149 9174 -.It
9150 9175 -hmac-md5-96
9151 9176 -.It
9152 9177 -hmac-ripemd160
9153 9178 -.It
9154 9179 -hmac-sha1
9155 9180 -.It
9156 9181 -hmac-sha1-96
9157 9182 -.It
9158 9183 -hmac-sha2-256
9159 9184 -.It
9160 9185 -hmac-sha2-512
9161 9186 -.It
9162 9187 -umac-64@openssh.com
9163 9188 -.It
9164 9189 -umac-128@openssh.com
9165 9190 -.It
9166 9191 -hmac-md5-etm@openssh.com
9167 9192 -.It
9168 9193 -hmac-md5-96-etm@openssh.com
9169 9194 -.It
9170 9195 -hmac-ripemd160-etm@openssh.com
9171 9196 -.It
9172 9197 -hmac-sha1-etm@openssh.com
9173 9198 -.It
9174 9199 -hmac-sha1-96-etm@openssh.com
9175 9200 -.It
9176 9201 -hmac-sha2-256-etm@openssh.com
9177 9202 -.It
9178 9203 -hmac-sha2-512-etm@openssh.com
9179 9204 -.It
9180 9205 -umac-64-etm@openssh.com
9181 9206 -.It
9182 9207 -umac-128-etm@openssh.com
9183 9208 -.El
9184 9209 -.Pp
9185 9210 -The default is:
9186 9211 -.Bd -literal -offset indent
9187 9212 -umac-64-etm@openssh.com,umac-128-etm@openssh.com,
9188 9213 -hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
9189 9214 -umac-64@openssh.com,umac-128@openssh.com,
9190 9215 -hmac-sha2-256,hmac-sha2-512
9191 9216 -.Ed
9192 9217 -.Pp
9193 9218 -The list of available MAC algorithms may also be obtained using the
9194 9219 -.Fl Q
9195 9220 -option of
9196 9221 -.Xr ssh 1
9197 9222 -with an argument of
9198 9223 -.Dq mac .
9199 9224 -.It Cm Match
9200 9225 -Introduces a conditional block.
9201 9226 -If all of the criteria on the
9202 9227 -.Cm Match
9203 9228 -line are satisfied, the keywords on the following lines override those
9204 9229 -set in the global section of the config file, until either another
9205 9230 -.Cm Match
9206 9231 -line or the end of the file.
9207 9232 -If a keyword appears in multiple
9208 9233 -.Cm Match
9209 9234 -blocks that are satisfied, only the first instance of the keyword is
9210 9235 -applied.
9211 9236 -.Pp
9212 9237 -The arguments to
9213 9238 -.Cm Match
9214 9239 -are one or more criteria-pattern pairs or the single token
9215 9240 -.Cm All
9216 9241 -which matches all criteria.
9217 9242 -The available criteria are
9218 9243 -.Cm User ,
9219 9244 -.Cm Group ,
9220 9245 -.Cm Host ,
9221 9246 -.Cm LocalAddress ,
9222 9247 -.Cm LocalPort ,
9223 9248 -and
9224 9249 -.Cm Address .
9225 9250 -The match patterns may consist of single entries or comma-separated
9226 9251 -lists and may use the wildcard and negation operators described in the
9227 9252 -PATTERNS section of
9228 9253 -.Xr ssh_config 5 .
9229 9254 -.Pp
9230 9255 -The patterns in an
9231 9256 -.Cm Address
9232 9257 -criteria may additionally contain addresses to match in CIDR
9233 9258 -address/masklen format, e.g.\&
9234 9259 -.Dq 192.0.2.0/24
9235 9260 -or
9236 9261 -.Dq 3ffe:ffff::/32 .
9237 9262 -Note that the mask length provided must be consistent with the address -
9238 9263 -it is an error to specify a mask length that is too long for the address
9239 9264 -or one with bits set in this host portion of the address.
9240 9265 -For example,
9241 9266 -.Dq 192.0.2.0/33
9242 9267 -and
9243 9268 -.Dq 192.0.2.0/8
9244 9269 -respectively.
9245 9270 -.Pp
9246 9271 -Only a subset of keywords may be used on the lines following a
9247 9272 -.Cm Match
9248 9273 -keyword.
9249 9274 -Available keywords are
9250 9275 -.Cm AcceptEnv ,
9251 9276 -.Cm AllowAgentForwarding ,
9252 9277 -.Cm AllowGroups ,
9253 9278 -.Cm AllowStreamLocalForwarding ,
9254 9279 -.Cm AllowTcpForwarding ,
9255 9280 -.Cm AllowUsers ,
9256 9281 -.Cm AuthenticationMethods ,
9257 9282 -.Cm AuthorizedKeysCommand ,
9258 9283 -.Cm AuthorizedKeysCommandUser ,
9259 9284 -.Cm AuthorizedKeysFile ,
9260 9285 -.Cm AuthorizedPrincipalsFile ,
9261 9286 -.Cm Banner ,
9262 9287 -.Cm ChrootDirectory ,
9263 9288 -.Cm DenyGroups ,
9264 9289 -.Cm DenyUsers ,
9265 9290 -.Cm ForceCommand ,
9266 9291 -.Cm GatewayPorts ,
9267 9292 -.Cm GSSAPIAuthentication ,
9268 9293 -.Cm HostbasedAcceptedKeyTypes ,
9269 9294 -.Cm HostbasedAuthentication ,
9270 9295 -.Cm HostbasedUsesNameFromPacketOnly ,
9271 9296 -.Cm IPQoS ,
9272 9297 -.Cm KbdInteractiveAuthentication ,
9273 9298 -.Cm KerberosAuthentication ,
9274 9299 -.Cm MaxAuthTries ,
9275 9300 -.Cm MaxSessions ,
9276 9301 -.Cm PasswordAuthentication ,
9277 9302 -.Cm PermitEmptyPasswords ,
9278 9303 -.Cm PermitOpen ,
9279 9304 -.Cm PermitRootLogin ,
9280 9305 -.Cm PermitTTY ,
9281 9306 -.Cm PermitTunnel ,
9282 9307 -.Cm PermitUserRC ,
9283 9308 -.Cm PubkeyAcceptedKeyTypes ,
9284 9309 -.Cm PubkeyAuthentication ,
9285 9310 -.Cm RekeyLimit ,
9286 9311 -.Cm RevokedKeys ,
9287 9312 -.Cm RhostsRSAAuthentication ,
9288 9313 -.Cm RSAAuthentication ,
9289 9314 -.Cm StreamLocalBindMask ,
9290 9315 -.Cm StreamLocalBindUnlink ,
9291 9316 -.Cm TrustedUserCAKeys ,
9292 9317 -.Cm X11DisplayOffset ,
9293 9318 -.Cm X11Forwarding
9294 9319 -and
9295 9320 -.Cm X11UseLocalHost .
9296 9321 -.It Cm MaxAuthTries
9297 9322 -Specifies the maximum number of authentication attempts permitted per
9298 9323 -connection.
9299 9324 -Once the number of failures reaches half this value,
9300 9325 -additional failures are logged.
9301 9326 -The default is 6.
9302 9327 -.It Cm MaxSessions
9303 9328 -Specifies the maximum number of open sessions permitted per network connection.
9304 9329 -The default is 10.
9305 9330 -.It Cm MaxStartups
9306 9331 -Specifies the maximum number of concurrent unauthenticated connections to the
9307 9332 -SSH daemon.
9308 9333 -Additional connections will be dropped until authentication succeeds or the
9309 9334 -.Cm LoginGraceTime
9310 9335 -expires for a connection.
9311 9336 -The default is 10:30:100.
9312 9337 -.Pp
9313 9338 -Alternatively, random early drop can be enabled by specifying
9314 9339 -the three colon separated values
9315 9340 -.Dq start:rate:full
9316 9341 -(e.g. "10:30:60").
9317 9342 -.Xr sshd 8
9318 9343 -will refuse connection attempts with a probability of
9319 9344 -.Dq rate/100
9320 9345 -(30%)
9321 9346 -if there are currently
9322 9347 -.Dq start
9323 9348 -(10)
9324 9349 -unauthenticated connections.
9325 9350 -The probability increases linearly and all connection attempts
9326 9351 -are refused if the number of unauthenticated connections reaches
9327 9352 -.Dq full
9328 9353 -(60).
9329 9354 -.It Cm PasswordAuthentication
9330 9355 -Specifies whether password authentication is allowed.
9331 9356 -The default is
9332 9357 -.Dq yes .
9333 9358 -.It Cm PermitEmptyPasswords
9334 9359 -When password authentication is allowed, it specifies whether the
9335 9360 -server allows login to accounts with empty password strings.
9336 9361 -The default is
9337 9362 -.Dq no .
9338 9363 -.It Cm PermitOpen
9339 9364 -Specifies the destinations to which TCP port forwarding is permitted.
9340 9365 -The forwarding specification must be one of the following forms:
9341 9366 -.Pp
9342 9367 -.Bl -item -offset indent -compact
9343 9368 -.It
9344 9369 -.Cm PermitOpen
9345 9370 -.Sm off
9346 9371 -.Ar host : port
9347 9372 -.Sm on
9348 9373 -.It
9349 9374 -.Cm PermitOpen
9350 9375 -.Sm off
9351 9376 -.Ar IPv4_addr : port
9352 9377 -.Sm on
9353 9378 -.It
9354 9379 -.Cm PermitOpen
9355 9380 -.Sm off
9356 9381 -.Ar \&[ IPv6_addr \&] : port
9357 9382 -.Sm on
9358 9383 -.El
9359 9384 -.Pp
9360 9385 -Multiple forwards may be specified by separating them with whitespace.
9361 9386 -An argument of
9362 9387 -.Dq any
9363 9388 -can be used to remove all restrictions and permit any forwarding requests.
9364 9389 -An argument of
9365 9390 -.Dq none
9366 9391 -can be used to prohibit all forwarding requests.
9367 9392 -By default all port forwarding requests are permitted.
9368 9393 -.It Cm PermitRootLogin
9369 9394 -Specifies whether root can log in using
9370 9395 -.Xr ssh 1 .
9371 9396 -The argument must be
9372 9397 -.Dq yes ,
9373 9398 -.Dq prohibit-password ,
9374 9399 -.Dq without-password ,
9375 9400 -.Dq forced-commands-only ,
9376 9401 -or
9377 9402 -.Dq no .
9378 9403 -The default is
9379 9404 -.Dq prohibit-password .
9380 9405 -.Pp
9381 9406 -If this option is set to
9382 9407 -.Dq prohibit-password
9383 9408 -or
9384 9409 -.Dq without-password ,
9385 9410 -password and keyboard-interactive authentication are disabled for root.
9386 9411 -.Pp
9387 9412 -If this option is set to
9388 9413 -.Dq forced-commands-only ,
9389 9414 -root login with public key authentication will be allowed,
9390 9415 -but only if the
9391 9416 -.Ar command
9392 9417 -option has been specified
9393 9418 -(which may be useful for taking remote backups even if root login is
9394 9419 -normally not allowed).
9395 9420 -All other authentication methods are disabled for root.
9396 9421 -.Pp
9397 9422 -If this option is set to
9398 9423 -.Dq no ,
9399 9424 -root is not allowed to log in.
9400 9425 -.It Cm PermitTunnel
9401 9426 -Specifies whether
9402 9427 -.Xr tun 4
9403 9428 -device forwarding is allowed.
9404 9429 -The argument must be
9405 9430 -.Dq yes ,
9406 9431 -.Dq point-to-point
9407 9432 -(layer 3),
9408 9433 -.Dq ethernet
9409 9434 -(layer 2), or
9410 9435 -.Dq no .
9411 9436 -Specifying
9412 9437 -.Dq yes
9413 9438 -permits both
9414 9439 -.Dq point-to-point
9415 9440 -and
9416 9441 -.Dq ethernet .
9417 9442 -The default is
9418 9443 -.Dq no .
9419 9444 -.Pp
9420 9445 -Independent of this setting, the permissions of the selected
9421 9446 -.Xr tun 4
9422 9447 -device must allow access to the user.
9423 9448 -.It Cm PermitTTY
9424 9449 -Specifies whether
9425 9450 -.Xr pty 4
9426 9451 -allocation is permitted.
9427 9452 -The default is
9428 9453 -.Dq yes .
9429 9454 -.It Cm PermitUserEnvironment
9430 9455 -Specifies whether
9431 9456 -.Pa ~/.ssh/environment
9432 9457 -and
9433 9458 -.Cm environment=
9434 9459 -options in
9435 9460 -.Pa ~/.ssh/authorized_keys
9436 9461 -are processed by
9437 9462 -.Xr sshd 8 .
9438 9463 -The default is
9439 9464 -.Dq no .
9440 9465 -Enabling environment processing may enable users to bypass access
9441 9466 -restrictions in some configurations using mechanisms such as
9442 9467 -.Ev LD_PRELOAD .
9443 9468 -.It Cm PermitUserRC
9444 9469 -Specifies whether any
9445 9470 -.Pa ~/.ssh/rc
9446 9471 -file is executed.
9447 9472 -The default is
9448 9473 -.Dq yes .
9449 9474 -.It Cm PidFile
9450 9475 -Specifies the file that contains the process ID of the
9451 9476 -SSH daemon, or
9452 9477 -.Dq none
9453 9478 -to not write one.
9454 9479 -The default is
9455 9480 -.Pa /var/run/sshd.pid .
9456 9481 -.It Cm Port
9457 9482 -Specifies the port number that
9458 9483 -.Xr sshd 8
9459 9484 -listens on.
9460 9485 -The default is 22.
9461 9486 -Multiple options of this type are permitted.
9462 9487 -See also
9463 9488 -.Cm ListenAddress .
9464 9489 -.It Cm PrintLastLog
9465 9490 -Specifies whether
9466 9491 -.Xr sshd 8
9467 9492 -should print the date and time of the last user login when a user logs
9468 9493 -in interactively.
9469 9494 -On Solaris this option is always ignored since pam_unix_session(5)
9470 9495 -reports the last login time.
9471 9496 -.It Cm PrintMotd
9472 9497 -Specifies whether
9473 9498 -.Xr sshd 8
9474 9499 -should print
9475 9500 -.Pa /etc/motd
9476 9501 -when a user logs in interactively.
9477 9502 -(On some systems it is also printed by the shell,
9478 9503 -.Pa /etc/profile ,
9479 9504 -or equivalent.)
9480 9505 -The default is
9481 9506 -.Dq yes .
9482 9507 -.It Cm Protocol
9483 9508 -Specifies the protocol versions
9484 9509 -.Xr sshd 8
9485 9510 -supports.
9486 9511 -The possible values are
9487 9512 -.Sq 1
9488 9513 -and
9489 9514 -.Sq 2 .
9490 9515 -Multiple versions must be comma-separated.
9491 9516 -The default is
9492 9517 -.Sq 2 .
9493 9518 -Note that the order of the protocol list does not indicate preference,
9494 9519 -because the client selects among multiple protocol versions offered
9495 9520 -by the server.
9496 9521 -Specifying
9497 9522 -.Dq 2,1
9498 9523 -is identical to
9499 9524 -.Dq 1,2 .
9500 9525 -.It Cm PubkeyAcceptedKeyTypes
9501 9526 -Specifies the key types that will be accepted for public key authentication
9502 9527 -as a comma-separated pattern list.
9503 9528 -Alternately if the specified value begins with a
9504 9529 -.Sq +
9505 9530 -character, then the specified key types will be appended to the default set
9506 9531 -instead of replacing them.
9507 9532 -The default for this option is:
9508 9533 -.Bd -literal -offset 3n
9509 9534 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
9510 9535 -ecdsa-sha2-nistp384-cert-v01@openssh.com,
9511 9536 -ecdsa-sha2-nistp521-cert-v01@openssh.com,
9512 9537 -ssh-ed25519-cert-v01@openssh.com,
9513 9538 -ssh-rsa-cert-v01@openssh.com,
9514 9539 -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
9515 9540 -ssh-ed25519,ssh-rsa
9516 9541 -.Ed
9517 9542 -.Pp
9518 9543 -The
9519 9544 -.Fl Q
9520 9545 -option of
9521 9546 -.Xr ssh 1
9522 9547 -may be used to list supported key types.
9523 9548 -.It Cm PubkeyAuthentication
9524 9549 -Specifies whether public key authentication is allowed.
9525 9550 -The default is
9526 9551 -.Dq yes .
9527 9552 -Note that this option applies to protocol version 2 only.
9528 9553 -.It Cm RekeyLimit
9529 9554 -Specifies the maximum amount of data that may be transmitted before the
9530 9555 -session key is renegotiated, optionally followed a maximum amount of
9531 9556 -time that may pass before the session key is renegotiated.
9532 9557 -The first argument is specified in bytes and may have a suffix of
9533 9558 -.Sq K ,
9534 9559 -.Sq M ,
9535 9560 -or
9536 9561 -.Sq G
9537 9562 -to indicate Kilobytes, Megabytes, or Gigabytes, respectively.
9538 9563 -The default is between
9539 9564 -.Sq 1G
9540 9565 -and
9541 9566 -.Sq 4G ,
9542 9567 -depending on the cipher.
9543 9568 -The optional second value is specified in seconds and may use any of the
9544 9569 -units documented in the
9545 9570 -.Sx TIME FORMATS
9546 9571 -section.
9547 9572 -The default value for
9548 9573 -.Cm RekeyLimit
9549 9574 -is
9550 9575 -.Dq default none ,
9551 9576 -which means that rekeying is performed after the cipher's default amount
9552 9577 -of data has been sent or received and no time based rekeying is done.
9553 9578 -This option applies to protocol version 2 only.
9554 9579 -.It Cm RevokedKeys
9555 9580 -Specifies revoked public keys file, or
9556 9581 -.Dq none
9557 9582 -to not use one.
9558 9583 -Keys listed in this file will be refused for public key authentication.
9559 9584 -Note that if this file is not readable, then public key authentication will
9560 9585 -be refused for all users.
9561 9586 -Keys may be specified as a text file, listing one public key per line, or as
9562 9587 -an OpenSSH Key Revocation List (KRL) as generated by
9563 9588 -.Xr ssh-keygen 1 .
9564 9589 -For more information on KRLs, see the KEY REVOCATION LISTS section in
9565 9590 -.Xr ssh-keygen 1 .
9566 9591 -.It Cm RhostsRSAAuthentication
9567 9592 -Specifies whether rhosts or /etc/hosts.equiv authentication together
9568 9593 -with successful RSA host authentication is allowed.
9569 9594 -The default is
9570 9595 -.Dq no .
9571 9596 -This option applies to protocol version 1 only.
9572 9597 -.It Cm RSAAuthentication
9573 9598 -Specifies whether pure RSA authentication is allowed.
9574 9599 -The default is
9575 9600 -.Dq yes .
9576 9601 -This option applies to protocol version 1 only.
9577 9602 -.It Cm ServerKeyBits
9578 9603 -Defines the number of bits in the ephemeral protocol version 1 server key.
9579 9604 -The default and minimum value is 1024.
9580 9605 -.It Cm StreamLocalBindMask
9581 9606 -Sets the octal file creation mode mask
9582 9607 -.Pq umask
9583 9608 -used when creating a Unix-domain socket file for local or remote
9584 9609 -port forwarding.
9585 9610 -This option is only used for port forwarding to a Unix-domain socket file.
9586 9611 -.Pp
9587 9612 -The default value is 0177, which creates a Unix-domain socket file that is
9588 9613 -readable and writable only by the owner.
9589 9614 -Note that not all operating systems honor the file mode on Unix-domain
9590 9615 -socket files.
9591 9616 -.It Cm StreamLocalBindUnlink
9592 9617 -Specifies whether to remove an existing Unix-domain socket file for local
9593 9618 -or remote port forwarding before creating a new one.
9594 9619 -If the socket file already exists and
9595 9620 -.Cm StreamLocalBindUnlink
9596 9621 -is not enabled,
9597 9622 -.Nm sshd
9598 9623 -will be unable to forward the port to the Unix-domain socket file.
9599 9624 -This option is only used for port forwarding to a Unix-domain socket file.
9600 9625 -.Pp
9601 9626 -The argument must be
9602 9627 -.Dq yes
9603 9628 -or
9604 9629 -.Dq no .
9605 9630 -The default is
9606 9631 -.Dq no .
9607 9632 -.It Cm StrictModes
9608 9633 -Specifies whether
9609 9634 -.Xr sshd 8
9610 9635 -should check file modes and ownership of the
9611 9636 -user's files and home directory before accepting login.
9612 9637 -This is normally desirable because novices sometimes accidentally leave their
9613 9638 -directory or files world-writable.
9614 9639 -The default is
9615 9640 -.Dq yes .
9616 9641 -Note that this does not apply to
9617 9642 -.Cm ChrootDirectory ,
9618 9643 -whose permissions and ownership are checked unconditionally.
9619 9644 -.It Cm Subsystem
9620 9645 -Configures an external subsystem (e.g. file transfer daemon).
9621 9646 -Arguments should be a subsystem name and a command (with optional arguments)
9622 9647 -to execute upon subsystem request.
9623 9648 -.Pp
9624 9649 -The command
9625 9650 -.Xr sftp-server 8
9626 9651 -implements the
9627 9652 -.Dq sftp
9628 9653 -file transfer subsystem.
9629 9654 -.Pp
9630 9655 -Alternately the name
9631 9656 -.Dq internal-sftp
9632 9657 -implements an in-process
9633 9658 -.Dq sftp
9634 9659 -server.
9635 9660 -This may simplify configurations using
9636 9661 -.Cm ChrootDirectory
9637 9662 -to force a different filesystem root on clients.
9638 9663 -.Pp
9639 9664 -By default no subsystems are defined.
9640 9665 -Note that this option applies to protocol version 2 only.
9641 9666 -.It Cm SyslogFacility
9642 9667 -Gives the facility code that is used when logging messages from
9643 9668 -.Xr sshd 8 .
9644 9669 -The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
9645 9670 -LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
9646 9671 -The default is AUTH.
9647 9672 -.It Cm TCPKeepAlive
9648 9673 -Specifies whether the system should send TCP keepalive messages to the
9649 9674 -other side.
9650 9675 -If they are sent, death of the connection or crash of one
9651 9676 -of the machines will be properly noticed.
9652 9677 -However, this means that
9653 9678 -connections will die if the route is down temporarily, and some people
9654 9679 -find it annoying.
9655 9680 -On the other hand, if TCP keepalives are not sent,
9656 9681 -sessions may hang indefinitely on the server, leaving
9657 9682 -.Dq ghost
9658 9683 -users and consuming server resources.
9659 9684 -.Pp
9660 9685 -The default is
9661 9686 -.Dq yes
9662 9687 -(to send TCP keepalive messages), and the server will notice
9663 9688 -if the network goes down or the client host crashes.
9664 9689 -This avoids infinitely hanging sessions.
9665 9690 -.Pp
9666 9691 -To disable TCP keepalive messages, the value should be set to
9667 9692 -.Dq no .
9668 9693 -.It Cm TrustedUserCAKeys
9669 9694 -Specifies a file containing public keys of certificate authorities that are
9670 9695 -trusted to sign user certificates for authentication, or
9671 9696 -.Dq none
9672 9697 -to not use one.
9673 9698 -Keys are listed one per line; empty lines and comments starting with
9674 9699 -.Ql #
9675 9700 -are allowed.
9676 9701 -If a certificate is presented for authentication and has its signing CA key
9677 9702 -listed in this file, then it may be used for authentication for any user
9678 9703 -listed in the certificate's principals list.
9679 9704 -Note that certificates that lack a list of principals will not be permitted
9680 9705 -for authentication using
9681 9706 -.Cm TrustedUserCAKeys .
9682 9707 -For more details on certificates, see the CERTIFICATES section in
9683 9708 -.Xr ssh-keygen 1 .
9684 9709 -.It Cm UseDNS
9685 9710 -Specifies whether
9686 9711 -.Xr sshd 8
9687 9712 -should look up the remote host name, and to check that
9688 9713 -the resolved host name for the remote IP address maps back to the
9689 9714 -very same IP address.
9690 9715 -.Pp
9691 9716 -If this option is set to
9692 9717 -.Dq no
9693 9718 -(the default) then only addresses and not host names may be used in
9694 9719 -.Pa ~/.ssh/known_hosts
9695 9720 -.Cm from
9696 9721 -and
9697 9722 -.Nm
9698 9723 -.Cm Match
9699 9724 -.Cm Host
9700 9725 -directives.
9701 9726 -.It Cm UseLogin
9702 9727 -Specifies whether
9703 9728 -.Xr login 1
9704 9729 -is used for interactive login sessions.
9705 9730 -The default is
9706 9731 -.Dq no .
9707 9732 -Note that
9708 9733 -.Xr login 1
9709 9734 -is never used for remote command execution.
9710 9735 -Note also, that if this is enabled,
9711 9736 -.Cm X11Forwarding
9712 9737 -will be disabled because
9713 9738 -.Xr login 1
9714 9739 -does not know how to handle
9715 9740 -.Xr xauth 1
9716 9741 -cookies.
9717 9742 -If
9718 9743 -.Cm UsePrivilegeSeparation
9719 9744 -is specified, it will be disabled after authentication.
9720 9745 -.It Cm UsePAM
9721 9746 -Enables the Pluggable Authentication Module interface.
9722 9747 -If set to
9723 9748 -.Dq yes
9724 9749 -this will enable PAM authentication using
9725 9750 -.Cm ChallengeResponseAuthentication
9726 9751 -and
9727 9752 -.Cm PasswordAuthentication
9728 9753 -in addition to PAM account and session module processing for all
9729 9754 -authentication types.
9730 9755 -.Pp
9731 9756 -Because PAM challenge-response authentication usually serves an equivalent
9732 9757 -role to password authentication, you should disable either
9733 9758 -.Cm PasswordAuthentication
9734 9759 -or
9735 9760 -.Cm ChallengeResponseAuthentication.
9736 9761 -.Pp
9737 9762 -If
9738 9763 -.Cm UsePAM
9739 9764 -is enabled, you will not be able to run
9740 9765 -.Xr sshd 8
9741 9766 -as a non-root user.
9742 9767 -The default is
9743 9768 -.Dq no .
9744 9769 -.It Cm UsePrivilegeSeparation
9745 9770 -Specifies whether
9746 9771 -.Xr sshd 8
9747 9772 -separates privileges by creating an unprivileged child process
9748 9773 -to deal with incoming network traffic.
9749 9774 -After successful authentication, another process will be created that has
9750 9775 -the privilege of the authenticated user.
9751 9776 -The goal of privilege separation is to prevent privilege
9752 9777 -escalation by containing any corruption within the unprivileged processes.
9753 9778 -The default is
9754 9779 -.Dq yes .
9755 9780 -If
9756 9781 -.Cm UsePrivilegeSeparation
9757 9782 -is set to
9758 9783 -.Dq sandbox
9759 9784 -then the pre-authentication unprivileged process is subject to additional
9760 9785 -restrictions.
9761 9786 -.It Cm VersionAddendum
9762 9787 -Optionally specifies additional text to append to the SSH protocol banner
9763 9788 -sent by the server upon connection.
9764 9789 -The default is
9765 9790 -.Dq none .
9766 9791 -.It Cm X11DisplayOffset
9767 9792 -Specifies the first display number available for
9768 9793 -.Xr sshd 8 Ns 's
9769 9794 -X11 forwarding.
9770 9795 -This prevents sshd from interfering with real X11 servers.
9771 9796 -The default is 10.
9772 9797 -.It Cm X11Forwarding
9773 9798 -Specifies whether X11 forwarding is permitted.
9774 9799 -The argument must be
9775 9800 -.Dq yes
9776 9801 -or
9777 9802 -.Dq no .
9778 9803 -The default is
9779 9804 -.Dq no .
9780 9805 -.Pp
9781 9806 -When X11 forwarding is enabled, there may be additional exposure to
9782 9807 -the server and to client displays if the
9783 9808 -.Xr sshd 8
9784 9809 -proxy display is configured to listen on the wildcard address (see
9785 9810 -.Cm X11UseLocalhost
9786 9811 -below), though this is not the default.
9787 9812 -Additionally, the authentication spoofing and authentication data
9788 9813 -verification and substitution occur on the client side.
9789 9814 -The security risk of using X11 forwarding is that the client's X11
9790 9815 -display server may be exposed to attack when the SSH client requests
9791 9816 -forwarding (see the warnings for
9792 9817 -.Cm ForwardX11
9793 9818 -in
9794 9819 -.Xr ssh_config 5 ) .
9795 9820 -A system administrator may have a stance in which they want to
9796 9821 -protect clients that may expose themselves to attack by unwittingly
9797 9822 -requesting X11 forwarding, which can warrant a
9798 9823 -.Dq no
9799 9824 -setting.
9800 9825 -.Pp
9801 9826 -Note that disabling X11 forwarding does not prevent users from
9802 9827 -forwarding X11 traffic, as users can always install their own forwarders.
9803 9828 -X11 forwarding is automatically disabled if
9804 9829 -.Cm UseLogin
9805 9830 -is enabled.
9806 9831 -.It Cm X11UseLocalhost
9807 9832 -Specifies whether
9808 9833 -.Xr sshd 8
9809 9834 -should bind the X11 forwarding server to the loopback address or to
9810 9835 -the wildcard address.
9811 9836 -By default,
9812 9837 -sshd binds the forwarding server to the loopback address and sets the
9813 9838 -hostname part of the
9814 9839 -.Ev DISPLAY
9815 9840 -environment variable to
9816 9841 -.Dq localhost .
9817 9842 -This prevents remote hosts from connecting to the proxy display.
9818 9843 -However, some older X11 clients may not function with this
9819 9844 -configuration.
9820 9845 -.Cm X11UseLocalhost
9821 9846 -may be set to
9822 9847 -.Dq no
9823 9848 -to specify that the forwarding server should be bound to the wildcard
9824 9849 -address.
9825 9850 -The argument must be
9826 9851 -.Dq yes
9827 9852 -or
9828 9853 -.Dq no .
9829 9854 -The default is
9830 9855 -.Dq yes .
9831 9856 -.It Cm XAuthLocation
9832 9857 -Specifies the full pathname of the
9833 9858 -.Xr xauth 1
9834 9859 -program, or
9835 9860 -.Dq none
9836 9861 -to not use one.
9837 9862 -The default is
9838 9863 -.Pa /usr/X11R6/bin/xauth .
9839 9864 -.El
9840 9865 -.Sh TIME FORMATS
9841 9866 -.Xr sshd 8
9842 9867 -command-line arguments and configuration file options that specify time
9843 9868 -may be expressed using a sequence of the form:
9844 9869 -.Sm off
9845 9870 -.Ar time Op Ar qualifier ,
9846 9871 -.Sm on
9847 9872 -where
9848 9873 -.Ar time
9849 9874 -is a positive integer value and
9850 9875 -.Ar qualifier
9851 9876 -is one of the following:
9852 9877 -.Pp
9853 9878 -.Bl -tag -width Ds -compact -offset indent
9854 9879 -.It Aq Cm none
9855 9880 -seconds
9856 9881 -.It Cm s | Cm S
9857 9882 -seconds
9858 9883 -.It Cm m | Cm M
9859 9884 -minutes
9860 9885 -.It Cm h | Cm H
9861 9886 -hours
9862 9887 -.It Cm d | Cm D
9863 9888 -days
9864 9889 -.It Cm w | Cm W
9865 9890 -weeks
9866 9891 -.El
9867 9892 -.Pp
9868 9893 -Each member of the sequence is added together to calculate
9869 9894 -the total time value.
9870 9895 -.Pp
9871 9896 -Time format examples:
9872 9897 -.Pp
9873 9898 -.Bl -tag -width Ds -compact -offset indent
9874 9899 -.It 600
9875 9900 -600 seconds (10 minutes)
9876 9901 -.It 10m
9877 9902 -10 minutes
9878 9903 -.It 1h30m
9879 9904 -1 hour 30 minutes (90 minutes)
9880 9905 -.El
9881 9906 -.Sh FILES
9882 9907 -.Bl -tag -width Ds
9883 9908 -.It Pa /etc/ssh/sshd_config
9884 9909 -Contains configuration data for
9885 9910 -.Xr sshd 8 .
9886 9911 -This file should be writable by root only, but it is recommended
9887 9912 -(though not necessary) that it be world-readable.
9888 9913 -.El
9889 9914 -.Sh SEE ALSO
9890 9915 -.Xr sshd 8 ,
9891 9916 -.Xr pam_unix_session 5
9892 9917 -.Sh AUTHORS
9893 9918 -OpenSSH is a derivative of the original and free
|
↓ open down ↓ |
5343 lines elided |
↑ open up ↑ |
9894 9919 -ssh 1.2.12 release by Tatu Ylonen.
9895 9920 -Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
9896 9921 -Theo de Raadt and Dug Song
9897 9922 -removed many bugs, re-added newer features and
9898 9923 -created OpenSSH.
9899 9924 -Markus Friedl contributed the support for SSH
9900 9925 -protocol versions 1.5 and 2.0.
9901 9926 -Niels Provos and Markus Friedl contributed support
9902 9927 -for privilege separation.
9903 9928 --
9904 -2.3.2 (Apple Git-55)
9929 +2.5.4 (Apple Git-61)
9905 9930
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX