summaryrefslogtreecommitdiff
path: root/other/ssharp/sshd.0
diff options
context:
space:
mode:
Diffstat (limited to 'other/ssharp/sshd.0')
-rw-r--r--other/ssharp/sshd.0866
1 files changed, 866 insertions, 0 deletions
diff --git a/other/ssharp/sshd.0 b/other/ssharp/sshd.0
new file mode 100644
index 0000000..0d9e741
--- /dev/null
+++ b/other/ssharp/sshd.0
@@ -0,0 +1,866 @@
1
2SSHD(8) System Manager's Manual SSHD(8)
3
4NAME
5 sshd - OpenSSH SSH daemon
6
7SYNOPSIS
8 sshd [-deiqD46] [-b bits] [-f config_file] [-g login_grace_time] [-h
9 host_key_file] [-k key_gen_time] [-p port] [-u len] [-V
10 client_protocol_id]
11
12DESCRIPTION
13 sshd (SSH Daemon) is the daemon program for ssh(1). Together these proM--
14 grams replace rlogin and rsh, and provide secure encrypted communications
15 between two untrusted hosts over an insecure network. The programs are
16 intended to be as easy to install and use as possible.
17
18 sshd is the daemon that listens for connections from clients. It is norM--
19 mally started at boot from /etc/rc. It forks a new daemon for each incomM--
20 ing connection. The forked daemons handle key exchange, encryption, auM--
21 thentication, command execution, and data exchange. This implementation
22 of sshd supports both SSH protocol version 1 and 2 simultaneously. sshd
23 works as follows.
24
25 SSH protocol version 1
26
27 Each host has a host-specific RSA key (normally 1024 bits) used to idenM--
28 tify the host. Additionally, when the daemon starts, it generates a
29 server RSA key (normally 768 bits). This key is normally regenerated evM--
30 ery hour if it has been used, and is never stored on disk.
31
32 Whenever a client connects the daemon responds with its public host and
33 server keys. The client compares the RSA host key against its own
34 database to verify that it has not changed. The client then generates a
35 256 bit random number. It encrypts this random number using both the
36 host key and the server key, and sends the encrypted number to the servM--
37 er. Both sides then use this random number as a session key which is
38 used to encrypt all further communications in the session. The rest of
39 the session is encrypted using a conventional cipher, currently Blowfish
40 or 3DES, with 3DES being used by default. The client selects the encrypM--
41 tion algorithm to use from those offered by the server.
42
43 Next, the server and the client enter an authentication dialog. The
44 client tries to authenticate itself using .rhosts authentication, .rhosts
45 authentication combined with RSA host authentication, RSA challenge-reM--
46 sponse authentication, or password based authentication.
47
48 Rhosts authentication is normally disabled because it is fundamentally
49 insecure, but can be enabled in the server configuration file if desired.
50 System security is not improved unless rshd(8), rlogind(8), rexecd(8),
51 and rexd(8) are disabled (thus completely disabling rlogin(1) and rsh(1)
52 into the machine).
53
54 SSH protocol version 2
55
56 Version 2 works similarly: Each host has a host-specific DSA key used to
57 identify the host. However, when the daemon starts, it does not generate
58 a server key. Forward security is provided through a Diffie-Hellman key
59 agreement. This key agreement results in a shared session key.
60
61 The rest of the session is encrypted using a symmetric cipher, currently
62 128 bit AES, Blowfish, 3DES, CAST128, Arcfour, 192 bit AES, or 256 bit
63 AES. The client selects the encryption algorithm to use from those ofM--
64 fered by the server. Additionally, session integrity is provided through
65 a cryptographic message authentication code (hmac-sha1 or hmac-md5).
66
67 Protocol version 2 provides a public key based user (PubkeyAuthenticaM--
68 tion) or client host (HostbasedAuthentication) authentication method,
69 conventional password authentication and challenge response based methM--
70 ods.
71
72 Command execution and data forwarding
73
74 If the client successfully authenticates itself, a dialog for preparing
75 the session is entered. At this time the client may request things like
76 allocating a pseudo-tty, forwarding X11 connections, forwarding TCP/IP
77 connections, or forwarding the authentication agent connection over the
78 secure channel.
79
80 Finally, the client either requests a shell or execution of a command.
81 The sides then enter session mode. In this mode, either side may send
82 data at any time, and such data is forwarded to/from the shell or command
83 on the server side, and the user terminal in the client side.
84
85 When the user program terminates and all forwarded X11 and other connecM--
86 tions have been closed, the server sends command exit status to the
87 client, and both sides exit.
88
89 sshd can be configured using command-line options or a configuration
90 file. Command-line options override values specified in the configuraM--
91 tion file.
92
93 sshd rereads its configuration file when it receives a hangup signal,
94 SIGHUP, by executing itself with the name it was started as, ie.
95 /usr/sbin/sshd.
96
97 The options are as follows:
98
99 -b bits
100 Specifies the number of bits in the ephemeral protocol version 1
101 server key (default 768).
102
103 -d Debug mode. The server sends verbose debug output to the system
104 log, and does not put itself in the background. The server also
105 will not fork and will only process one connection. This option
106 is only intended for debugging for the server. Multiple -d opM--
107 tions increase the debugging level. Maximum is 3.
108
109 -e When this option is specified, sshd will send the output to the
110 standard error instead of the system log.
111
112 -f configuration_file
113 Specifies the name of the configuration file. The default is
114 /etc/sshd_config. sshd refuses to start if there is no configuraM--
115 tion file.
116
117 -g login_grace_time
118 Gives the grace time for clients to authenticate themselves (deM--
119 fault 600 seconds). If the client fails to authenticate the user
120 within this many seconds, the server disconnects and exits. A
121 value of zero indicates no limit.
122
123 -h host_key_file
124 Specifies the file from which the host key is read (default
125 /etc/ssh_host_key). This option must be given if sshd is not run
126 as root (as the normal host file is normally not readable by anyM--
127 one but root). It is possible to have multiple host key files
128 for the different protocol versions and host key algorithms.
129
130 -i Specifies that sshd is being run from inetd. sshd is normally
131 not run from inetd because it needs to generate the server key
132 before it can respond to the client, and this may take tens of
133 seconds. Clients would have to wait too long if the key was reM--
134 generated every time. However, with small key sizes (e.g., 512)
135 using sshd from inetd may be feasible.
136
137 -k key_gen_time
138 Specifies how often the ephemeral protocol version 1 server key
139 is regenerated (default 3600 seconds, or one hour). The motivaM--
140 tion for regenerating the key fairly often is that the key is not
141 stored anywhere, and after about an hour, it becomes impossible
142 to recover the key for decrypting intercepted communications even
143 if the machine is cracked into or physically seized. A value of
144 zero indicates that the key will never be regenerated.
145
146 -p port
147 Specifies the port on which the server listens for connections
148 (default 22).
149
150 -q Quiet mode. Nothing is sent to the system log. Normally the beM--
151 ginning, authentication, and termination of each connection is
152 logged.
153
154 -u len This option is used to specify the size of the field in the utmp
155 structure that holds the remote host name. If the resolved host
156 name is longer than len, the dotted decimal value will be used
157 instead. This allows hosts with very long host names that overM--
158 flow this field to still be uniquely identified. Specifying -u0
159 indicates that only dotted decimal addresses should be put into
160 the utmp file.
161
162 -D When this option is specified sshd will not detach and does not
163 become a daemon. This allows easy monitoring of sshd.
164
165 -4 Forces sshd to use IPv4 addresses only.
166
167 -6 Forces sshd to use IPv6 addresses only.
168
169CONFIGURATION FILE
170 sshd reads configuration data from /etc/sshd_config (or the file speciM--
171 fied with -f on the command line). The file contains keyword-value
172 pairs, one per line. Lines starting with `#' and empty lines are interM--
173 preted as comments.
174
175 The following keywords are possible.
176
177 AFSTokenPassing
178 Specifies whether an AFS token may be forwarded to the server.
179 Default is ``yes''.
180
181 AllowGroups
182 This keyword can be followed by a list of group names, separated
183 by spaces. If specified, login is allowed only for users whose
184 primary group or supplementary group list matches one of the patM--
185 terns. `*' and `?' can be used as wildcards in the patterns.
186 Only group names are valid; a numerical group ID isn't recogM--
187 nized. By default login is allowed regardless of the group list.
188
189 AllowTcpForwarding
190 Specifies whether TCP forwarding is permitted. The default is
191 ``yes''. Note that disabling TCP forwarding does not improve seM--
192 curity unless users are also denied shell access, as they can alM--
193 ways install their own forwarders.
194
195 AllowUsers
196 This keyword can be followed by a list of user names, separated
197 by spaces. If specified, login is allowed only for users names
198 that match one of the patterns. `*' and `?' can be used as wildM--
199 cards in the patterns. Only user names are valid; a numerical
200 user ID isn't recognized. By default login is allowed regardless
201 of the user name.
202
203 Banner In some jurisdictions, sending a warning message before authentiM--
204 cation may be relevant for getting legal protection. The conM--
205 tents of the specified file are sent to the remote user before
206 authentication is allowed. This option is only available for
207 protocol version 2.
208
209 ChallengeResponseAuthentication
210 Specifies whether challenge response authentication is allowed.
211 Currently there is only support for skey(1) authentication. The
212 default is ``yes''.
213
214 Ciphers
215 Specifies the ciphers allowed for protocol version 2. Multiple
216 ciphers must be comma-separated. The default is
217 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour.''
218
219 CheckMail
220 Specifies whether sshd should check for new mail for interactive
221 logins. The default is ``no''.
222
223 ClientAliveInterval
224 Sets a timeout interval in seconds after which if no data has
225 been received from the client, sshd will send a message through
226 the encrypted channel to request a response from the client. The
227 default is 0, indicating that these messages will not be sent to
228 the client. This option applies to protocol version 2 only.
229
230 ClientAliveCountMax
231 Sets the number of client alive messages (see above) which may be
232 sent without sshd receiving any messages back from the client. If
233 this threshold is reached while client alive messages are being
234 sent, sshd will disconnect the client, terminating the session.
235 It is important to note that the use of client alive messages is
236 very different from Keepalive (below). The client alive messages
237 are sent through the encrypted channel and therefore will not be
238 spoofable. The TCP keepalive option enabled by Keepalive is
239 spoofable. You want to use the client alive mechanism when you
240 are basing something important on clients having an active conM--
241 nection to the server.
242
243 The default value is 3. If you set ClientAliveInterval (above) to
244 15, and leave this value at the default, unresponsive ssh clients
245 will be disconnected after approximately 45 seconds.
246
247 DenyGroups
248 This keyword can be followed by a number of group names, separatM--
249 ed by spaces. Users whose primary group or supplementary group
250 list matches one of the patterns aren't allowed to log in. `*'
251 and `?' can be used as wildcards in the patterns. Only group
252 names are valid; a numerical group ID isn't recognized. By deM--
253 fault login is allowed regardless of the group list.
254
255 DenyUsers
256 This keyword can be followed by a number of user names, separated
257 by spaces. Login is disallowed for user names that match one of
258 the patterns. `*' and `?' can be used as wildcards in the patM--
259 terns. Only user names are valid; a numerical user ID isn't recM--
260 ognized. By default login is allowed regardless of the user
261 name.
262
263 GatewayPorts
264 Specifies whether remote hosts are allowed to connect to ports
265 forwarded for the client. The argument must be ``yes'' or
266 ``no''. The default is ``no''.
267
268 HostbasedAuthentication
269 Specifies whether rhosts or /etc/hosts.equiv authentication toM--
270 gether with successful public key client host authentication is
271 allowed (hostbased authentication). This option is similar to
272 RhostsRSAAuthentication and applies to protocol version 2 only.
273 The default is ``no''.
274
275 HostKey
276 Specifies the file containing the private host keys (default
277 /etc/ssh_host_key) used by SSH protocol versions 1 and 2. Note
278 that sshd will refuse to use a file if it is group/world-accessiM--
279 ble. It is possible to have multiple host key files. ``rsa1''
280 keys are used for version 1 and ``dsa'' or ``rsa'' are used for
281 version 2 of the SSH protocol.
282
283 IgnoreRhosts
284 Specifies that .rhosts and .shosts files will not be used in
285 RhostsAuthentication, RhostsRSAAuthentication or
286 HostbasedAuthentication.
287
288 /etc/hosts.equiv and /etc/shosts.equiv are still used. The deM--
289 fault is ``yes''.
290
291 IgnoreUserKnownHosts
292 Specifies whether sshd should ignore the user's
293 $HOME/.ssh/known_hosts during RhostsRSAAuthentication or
294 HostbasedAuthentication. The default is ``no''.
295
296 KeepAlive
297 Specifies whether the system should send keepalive messages to
298 the other side. If they are sent, death of the connection or
299 crash of one of the machines will be properly noticed. However,
300 this means that connections will die if the route is down temM--
301 porarily, and some people find it annoying. On the other hand,
302 if keepalives are not sent, sessions may hang indefinitely on the
303 server, leaving ``ghost'' users and consuming server resources.
304
305 The default is ``yes'' (to send keepalives), and the server will
306 notice if the network goes down or the client host reboots. This
307 avoids infinitely hanging sessions.
308
309 To disable keepalives, the value should be set to ``no'' in both
310 the server and the client configuration files.
311
312 KerberosAuthentication
313 Specifies whether Kerberos authentication is allowed. This can
314 be in the form of a Kerberos ticket, or if PasswordAuthentication
315 is yes, the password provided by the user will be validated
316 through the Kerberos KDC. To use this option, the server needs a
317 Kerberos servtab which allows the verification of the KDC's idenM--
318 tity. Default is ``yes''.
319
320 KerberosOrLocalPasswd
321 If set then if password authentication through Kerberos fails
322 then the password will be validated via any additional local
323 mechanism such as /etc/passwd. Default is ``yes''.
324
325 KerberosTgtPassing
326 Specifies whether a Kerberos TGT may be forwarded to the server.
327 Default is ``no'', as this only works when the Kerberos KDC is
328
329
330 actually an AFS kaserver.
331
332 KerberosTicketCleanup
333 Specifies whether to automatically destroy the user's ticket
334 cache file on logout. Default is ``yes''.
335
336 KeyRegenerationInterval
337 In protocol version 1, the ephemeral server key is automatically
338 regenerated after this many seconds (if it has been used). The
339 purpose of regeneration is to prevent decrypting captured sesM--
340 sions by later breaking into the machine and stealing the keys.
341 The key is never stored anywhere. If the value is 0, the key is
342 never regenerated. The default is 3600 (seconds).
343
344 ListenAddress
345 Specifies the local addresses sshd should listen on. The followM--
346 ing forms may be used:
347
348 ListenAddress host|IPv4_addr|IPv6_addr
349 ListenAddress host|IPv4_addr:port
350 ListenAddress [host|IPv6_addr]:port
351
352 If port is not specified, sshd will listen on the address and all
353 prior Port options specified. The default is to listen on all loM--
354 cal addresses. Multiple ListenAddress options are permitted. AdM--
355 ditionally, any Port options must precede this option for non
356 port qualified addresses.
357
358 LoginGraceTime
359 The server disconnects after this time if the user has not sucM--
360 cessfully logged in. If the value is 0, there is no time limit.
361 The default is 600 (seconds).
362
363 LogLevel
364 Gives the verbosity level that is used when logging messages from
365 sshd. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE
366 and DEBUG. The default is INFO. Logging with level DEBUG vioM--
367 lates the privacy of users and is not recommended.
368
369 MACs Specifies the available MAC (message authentication code) algoM--
370 rithms. The MAC algorithm is used in protocol version 2 for data
371 integrity protection. Multiple algorithms must be comma-separatM--
372 ed. The default is
373
374 ``hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,
375 hmac-sha1-96,hmac-md5-96''
376
377 MaxStartups
378 Specifies the maximum number of concurrent unauthenticated conM--
379 nections to the sshd daemon. Additional connections will be
380 dropped until authentication succeeds or the LoginGraceTime exM--
381 pires for a connection. The default is 10.
382
383 Alternatively, random early drop can be enabled by specifying the
384 three colon separated values ``start:rate:full'' (e.g.,
385 "10:30:60"). sshd will refuse connection attempts with a probaM--
386 bility of ``rate/100'' (30%) if there are currently ``start''
387 (10) unauthenticated connections. The probability increases linM--
388 early and all connection attempts are refused if the number of
389 unauthenticated connections reaches ``full'' (60).
390
391 PAMAuthenticationViaKbdInt
392 Specifies whether PAM challenge response authentication is alM--
393 lowed. This allows the use of most PAM challenge response authenM--
394 tication modules, but it will allow password authentication reM--
395 gardless of whether PasswordAuthentication is disabled. The deM--
396
397 fault is ``no''.
398
399 PasswordAuthentication
400 Specifies whether password authentication is allowed. The deM--
401 fault is ``yes''.
402
403 PermitEmptyPasswords
404 When password authentication is allowed, it specifies whether the
405 server allows login to accounts with empty password strings. The
406 default is ``no''.
407
408 PermitRootLogin
409 Specifies whether root can login using ssh(1). The argument must
410 be ``yes'', ``without-password'', ``forced-commands-only'' or
411 ``no''. The default is ``yes''.
412
413 If this option is set to ``without-password'' password authentiM--
414 cation is disabled for root.
415
416 If this option is set to ``forced-commands-only'' root login with
417 public key authentication will be allowed, but only if the
418 command option has been specified (which may be useful for taking
419 remote backups even if root login is normally not allowed). All
420 other authentication methods are disabled for root.
421
422 If this option is set to ``no'' root is not allowed to login.
423
424 PidFile
425 Specifies the file that contains the process identifier of the
426 sshd daemon. The default is /var/run/sshd.pid.
427
428 Port Specifies the port number that sshd listens on. The default is
429 22. Multiple options of this type are permitted. See also
430 ListenAddress.
431
432 PrintLastLog
433 Specifies whether sshd should print the date and time when the
434 user last logged in. The default is ``yes''.
435
436 PrintMotd
437 Specifies whether sshd should print /etc/motd when a user logs in
438 interactively. (On some systems it is also printed by the shell,
439 /etc/profile, or equivalent.) The default is ``yes''.
440
441 Protocol
442 Specifies the protocol versions sshd should support. The possiM--
443 ble values are ``1'' and ``2''. Multiple versions must be comma-
444 separated. The default is ``2,1''.
445
446 PubkeyAuthentication
447 Specifies whether public key authentication is allowed. The deM--
448 fault is ``yes''. Note that this option applies to protocol verM--
449 sion 2 only.
450
451 ReverseMappingCheck
452 Specifies whether sshd should try to verify the remote host name
453 and check that the resolved host name for the remote IP address
454 maps back to the very same IP address. The default is ``no''.
455
456 RhostsAuthentication
457 Specifies whether authentication using rhosts or /etc/hosts.equiv
458 files is sufficient. Normally, this method should not be permitM--
459 ted because it is insecure. RhostsRSAAuthentication should be
460 used instead, because it performs RSA-based host authentication
461 in addition to normal rhosts or /etc/hosts.equiv authentication.
462 The default is ``no''. This option applies to protocol version 1
463 only.
464
465 RhostsRSAAuthentication
466 Specifies whether rhosts or /etc/hosts.equiv authentication toM--
467 gether with successful RSA host authentication is allowed. The
468 default is ``no''. This option applies to protocol version 1 onM--
469 ly.
470
471 RSAAuthentication
472 Specifies whether pure RSA authentication is allowed. The deM--
473 fault is ``yes''. This option applies to protocol version 1 only.
474
475 ServerKeyBits
476 Defines the number of bits in the ephemeral protocol version 1
477 server key. The minimum value is 512, and the default is 768.
478
479 StrictModes
480 Specifies whether sshd should check file modes and ownership of
481 the user's files and home directory before accepting login. This
482 is normally desirable because novices sometimes accidentally
483 leave their directory or files world-writable. The default is
484 ``yes''.
485
486 Subsystem
487 Configures an external subsystem (e.g., file transfer daemon).
488 Arguments should be a subsystem name and a command to execute upM--
489 on subsystem request. The command sftp-server(8) implements the
490 ``sftp'' file transfer subsystem. By default no subsystems are
491 defined. Note that this option applies to protocol version 2 onM--
492 ly.
493
494 SyslogFacility
495 Gives the facility code that is used when logging messages from
496 sshd. The possible values are: DAEMON, USER, AUTH, LOCAL0, LOM--
497 CAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The deM--
498 fault is AUTH.
499
500 UseLogin
501 Specifies whether login(1) is used for interactive login sesM--
502 sions. Note that login(1) is never used for remote command exeM--
503 cution. The default is ``no''.
504
505 X11DisplayOffset
506 Specifies the first display number available for sshd's X11 forM--
507 warding. This prevents sshd from interfering with real X11
508 servers. The default is 10.
509
510 X11Forwarding
511 Specifies whether X11 forwarding is permitted. The default is
512 ``no''. Note that disabling X11 forwarding does not improve secuM--
513 rity in any way, as users can always install their own forM--
514 warders.
515
516 XAuthLocation
517 Specifies the location of the xauth(1) program. The default is
518 /usr/X11R6/bin/xauth.
519
520LOGIN PROCESS
521 When a user successfully logs in, sshd does the following:
522
523 1. If the login is on a tty, and no command has been specified,
524 prints last login time and /etc/motd (unless prevented in the
525 configuration file or by $HOME/.hushlogin; see the FILES secM--
526
527
528 tion).
529
530 2. If the login is on a tty, records login time.
531
532 3. Checks /etc/nologin; if it exists, prints contents and quits
533 (unless root).
534
535 4. Changes to run with normal user privileges.
536
537 5. Sets up basic environment.
538
539 6. Reads $HOME/.ssh/environment if it exists.
540
541 7. Changes to user's home directory.
542
543 8. If $HOME/.ssh/rc exists, runs it; else if /etc/sshrc exists,
544 runs it; otherwise runs xauth. The ``rc'' files are given the
545 X11 authentication protocol and cookie in standard input.
546
547 9. Runs user's shell or command.
548
549AUTHORIZED_KEYS FILE FORMAT
550 The $HOME/.ssh/authorized_keys file lists the RSA keys that are permitted
551 for RSA authentication in protocol version 1 Similarly, the
552 $HOME/.ssh/authorized_keys2 file lists the DSA and RSA keys that are perM--
553 mitted for public key authentication (PubkeyAuthentication) in protocol
554 version 2.
555
556 Each line of the file contains one key (empty lines and lines starting
557 with a `#' are ignored as comments). Each RSA public key consists of the
558 following fields, separated by spaces: options, bits, exponent, modulus,
559 comment. Each protocol version 2 public key consists of: options, keyM--
560 type, base64 encoded key, comment. The options fields are optional; its
561 presence is determined by whether the line starts with a number or not
562 (the option field never starts with a number). The bits, exponent, moduM--
563 lus and comment fields give the RSA key for protocol version 1; the comM--
564 ment field is not used for anything (but may be convenient for the user
565 to identify the key). For protocol version 2 the keytype is ``ssh-dss''
566 or ``ssh-rsa''.
567
568 Note that lines in this file are usually several hundred bytes long (beM--
569 cause of the size of the RSA key modulus). You don't want to type them
570 in; instead, copy the identity.pub, id_dsa.pub or the id_rsa.pub file and
571 edit it.
572
573 The options (if present) consist of comma-separated option specificaM--
574 tions. No spaces are permitted, except within double quotes. The folM--
575 lowing option specifications are supported:
576
577 from="pattern-list"
578 Specifies that in addition to RSA authentication, the canonical
579 name of the remote host must be present in the comma-separated
580 list of patterns (`*' and `?' serve as wildcards). The list may
581 also contain patterns negated by prefixing them with `!'; if the
582 canonical host name matches a negated pattern, the key is not acM--
583 cepted. The purpose of this option is to optionally increase seM--
584 curity: RSA authentication by itself does not trust the network
585 or name servers or anything (but the key); however, if somebody
586 somehow steals the key, the key permits an intruder to log in
587 from anywhere in the world. This additional option makes using a
588 stolen key more difficult (name servers and/or routers would have
589 to be compromised in addition to just the key).
590
591 command="command"
592 Specifies that the command is executed whenever this key is used
593 for authentication. The command supplied by the user (if any) is
594 ignored. The command is run on a pty if the connection requests
595 a pty; otherwise it is run without a tty. Note that if you want
596 a 8-bit clean channel, you must not request a pty or should specM--
597 ify no-pty. A quote may be included in the command by quoting it
598 with a backslash. This option might be useful to restrict cerM--
599 tain RSA keys to perform just a specific operation. An example
600 might be a key that permits remote backups but nothing else.
601 Note that the client may specify TCP/IP and/or X11 forwarding unM--
602 less they are explicitly prohibited.
603
604 environment="NAME=value"
605 Specifies that the string is to be added to the environment when
606 logging in using this key. Environment variables set this way
607 override other default environment values. Multiple options of
608 this type are permitted.
609
610 no-port-forwarding
611 Forbids TCP/IP forwarding when this key is used for authenticaM--
612 tion. Any port forward requests by the client will return an erM--
613 ror. This might be used, e.g., in connection with the command
614 option.
615
616 no-X11-forwarding
617 Forbids X11 forwarding when this key is used for authentication.
618 Any X11 forward requests by the client will return an error.
619
620 no-agent-forwarding
621 Forbids authentication agent forwarding when this key is used for
622 authentication.
623
624 no-pty Prevents tty allocation (a request to allocate a pty will fail).
625
626 permitopen="host:port"
627 Limit local ``ssh -L'' port forwarding such that it may only conM--
628 nect to the specified host and port. Multiple permitopen options
629 may be applied separated by commas. No pattern matching is perM--
630 formed on the specified hostnames, they must be literal domains
631 or addresses.
632
633 Examples
634 1024 33 12121...312314325 ylo@foo.bar
635
636 from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula
637
638 command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 backM--
639 up.hut.fi
640
641 permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323
642
643SSH_KNOWN_HOSTS FILE FORMAT
644 The /etc/ssh_known_hosts, /etc/ssh_known_hosts2, $HOME/.ssh/known_hosts,
645 and $HOME/.ssh/known_hosts2 files contain host public keys for all known
646 hosts. The global file should be prepared by the administrator (optionM--
647 al), and the per-user file is maintained automatically: whenever the user
648 connects from an unknown host its key is added to the per-user file.
649
650 Each line in these files contains the following fields: hostnames, bits,
651 exponent, modulus, comment. The fields are separated by spaces.
652
653 Hostnames is a comma-separated list of patterns ('*' and '?' act as wildM--
654 cards); each pattern in turn is matched against the canonical host name
655 (when authenticating a client) or against the user-supplied name (when
656 authenticating a server). A pattern may also be preceded by `!' to indiM--
657 cate negation: if the host name matches a negated pattern, it is not acM--
658 cepted (by that line) even if it matched another pattern on the line.
659
660
661 Bits, exponent, and modulus are taken directly from the RSA host key;
662 they can be obtained, e.g., from /etc/ssh_host_key.pub. The optional comM--
663 ment field continues to the end of the line, and is not used.
664
665 Lines starting with `#' and empty lines are ignored as comments.
666
667 When performing host authentication, authentication is accepted if any
668 matching line has the proper key. It is thus permissible (but not recomM--
669 mended) to have several lines or different host keys for the same names.
670 This will inevitably happen when short forms of host names from different
671 domains are put in the file. It is possible that the files contain conM--
672 flicting information; authentication is accepted if valid information can
673 be found from either file.
674
675 Note that the lines in these files are typically hundreds of characters
676 long, and you definitely don't want to type in the host keys by hand.
677 Rather, generate them by a script or by taking /etc/ssh_host_key.pub and
678 adding the host names at the front.
679
680 Examples
681
682 closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi
683 cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....=
684
685FILES
686 /etc/sshd_config
687 Contains configuration data for sshd. This file should be
688 writable by root only, but it is recommended (though not necesM--
689 sary) that it be world-readable.
690
691 /etc/ssh_host_key, /etc/ssh_host_dsa_key, /etc/ssh_host_rsa_key
692 These three files contain the private parts of the host keys.
693 These files should only be owned by root, readable only by root,
694 and not accessible to others. Note that sshd does not start if
695 this file is group/world-accessible.
696
697 /etc/ssh_host_key.pub, /etc/ssh_host_dsa_key.pub,
698 /etc/ssh_host_rsa_key.pub
699 These three files contain the public parts of the host keys.
700 These files should be world-readable but writable only by root.
701 Their contents should match the respective private parts. These
702 files are not really used for anything; they are provided for the
703 convenience of the user so their contents can be copied to known
704 hosts files. These files are created using ssh-keygen(1).
705
706 /etc/primes
707 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group
708 Exchange".
709
710 /var/run/sshd.pid
711 Contains the process ID of the sshd listening for connections (if
712 there are several daemons running concurrently for different
713 ports, this contains the pid of the one started last). The conM--
714 tent of this file is not sensitive; it can be world-readable.
715
716 $HOME/.ssh/authorized_keys
717 Lists the RSA keys that can be used to log into the user's acM--
718 count. This file must be readable by root (which may on some maM--
719 chines imply it being world-readable if the user's home directory
720 resides on an NFS volume). It is recommended that it not be acM--
721 cessible by others. The format of this file is described above.
722 Users will place the contents of their identity.pub files into
723 this file, as described in ssh-keygen(1).
724
725 $HOME/.ssh/authorized_keys2
726 Lists the public keys (RSA or DSA) that can be used to log into
727 the user's account. This file must be readable by root (which
728 may on some machines imply it being world-readable if the user's
729 home directory resides on an NFS volume). It is recommended that
730 it not be accessible by others. The format of this file is deM--
731 scribed above. Users will place the contents of their id_dsa.pub
732 and/or id_rsa.pub files into this file, as described in ssh-
733 keygen(1).
734
735 /etc/ssh_known_hosts and $HOME/.ssh/known_hosts
736 These files are consulted when using rhosts with RSA host authenM--
737 tication to check the public key of the host. The key must be
738 listed in one of these files to be accepted. The client uses the
739 same files to verify that it is connecting to the correct remote
740 host. These files should be writable only by root/the owner.
741 /etc/ssh_known_hosts should be world-readable, and
742 $HOME/.ssh/known_hosts can but need not be world-readable.
743
744 /etc/ssh_known_hosts2 and $HOME/.ssh/known_hosts2
745 These files are consulted when using protocol version 2 hostbased
746 authentication to check the public key of the host. The key must
747 be listed in one of these files to be accepted. The client uses
748 the same files to verify that it is connecting to the correct reM--
749 mote host. These files should be writable only by root/the ownM--
750 er. /etc/ssh_known_hosts2 should be world-readable, and
751 $HOME/.ssh/known_hosts2 can but need not be world-readable.
752
753 /etc/nologin
754 If this file exists, sshd refuses to let anyone except root log
755 in. The contents of the file are displayed to anyone trying to
756 log in, and non-root connections are refused. The file should be
757 world-readable.
758
759 /etc/hosts.allow, /etc/hosts.deny
760 If compiled with LIBWRAP support, tcp-wrappers access controls
761 may be defined here as described in hosts_access(5).
762
763 $HOME/.rhosts
764 This file contains host-username pairs, separated by a space, one
765 per line. The given user on the corresponding host is permitted
766 to log in without password. The same file is used by rlogind and
767 rshd. The file must be writable only by the user; it is recomM--
768 mended that it not be accessible by others.
769
770 If is also possible to use netgroups in the file. Either host or
771 user name may be of the form +@groupname to specify all hosts or
772 all users in the group.
773
774 $HOME/.shosts
775 For ssh, this file is exactly the same as for .rhosts. However,
776 this file is not used by rlogin and rshd, so using this permits
777 access using SSH only.
778
779 /etc/hosts.equiv
780 This file is used during .rhosts authentication. In the simplest
781 form, this file contains host names, one per line. Users on
782 those hosts are permitted to log in without a password, provided
783 they have the same user name on both machines. The host name may
784 also be followed by a user name; such users are permitted to log
785 in as any user on this machine (except root). Additionally, the
786 syntax ``+@group'' can be used to specify netgroups. Negated enM--
787 tries start with `-'.
788
789 If the client host/user is successfully matched in this file, loM--
790 gin is automatically permitted provided the client and server usM--
791 er names are the same. Additionally, successful RSA host authenM--
792 tication is normally required. This file must be writable only
793 by root; it is recommended that it be world-readable.
794
795 Warning: It is almost never a good idea to use user names in
796 hosts.equiv. Beware that it really means that the named user(s)
797 can log in as anybody, which includes bin, daemon, adm, and other
798 accounts that own critical binaries and directories. Using a usM--
799 er name practically grants the user root access. The only valid
800 use for user names that I can think of is in negative entries.
801
802 Note that this warning also applies to rsh/rlogin.
803
804 /etc/shosts.equiv
805 This is processed exactly as /etc/hosts.equiv. However, this file
806 may be useful in environments that want to run both rsh/rlogin
807 and ssh.
808
809 $HOME/.ssh/environment
810 This file is read into the environment at login (if it exists).
811 It can only contain empty lines, comment lines (that start with
812 `#'), and assignment lines of the form name=value. The file
813 should be writable only by the user; it need not be readable by
814 anyone else.
815
816 $HOME/.ssh/rc
817 If this file exists, it is run with /bin/sh after reading the enM--
818 vironment files but before starting the user's shell or command.
819 If X11 spoofing is in use, this will receive the "proto cookie"
820 pair in standard input (and DISPLAY in environment). This must
821 call xauth(1) in that case.
822
823 The primary purpose of this file is to run any initialization
824 routines which may be needed before the user's home directory beM--
825 comes accessible; AFS is a particular example of such an environM--
826 ment.
827
828 This file will probably contain some initialization code followed
829 by something similar to:
830
831 if read proto cookie; then
832 echo add $DISPLAY $proto $cookie | xauth -q -
833 fi
834
835 If this file does not exist, /etc/sshrc is run, and if that does
836 not exist either, xauth is used to store the cookie.
837
838 This file should be writable only by the user, and need not be
839 readable by anyone else.
840
841 /etc/sshrc
842 Like $HOME/.ssh/rc. This can be used to specify machine-specific
843 login-time initializations globally. This file should be
844 writable only by root, and should be world-readable.
845
846AUTHORS
847 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
848 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
849 de Raadt and Dug Song removed many bugs, re-added newer features and creM--
850 ated OpenSSH. Markus Friedl contributed the support for SSH protocol
851 versions 1.5 and 2.0.
852
853SEE ALSO
854 scp(1), sftp(1), sftp-server(8), ssh(1), ssh-add(1), ssh-agent(1),
855 ssh-keygen(1), rlogin(1), rsh(1)
856
857
858 T. Ylonen, T. Kivinen, M. Saarinen, T. Rinne, and S. Lehtinen, SSH
859 Protocol Architecture, draft-ietf-secsh-architecture-07.txt, January
860 2001, work in progress material.
861
862 M. Friedl, N. Provos, and W. A. Simpson, Diffie-Hellman Group Exchange
863 for the SSH Transport Layer Protocol, draft-ietf-secsh-dh-group-
864 exchange-00.txt, January 2001, work in progress material.
865
866BSD Experimental September 25, 1999 14