author | Jan Parcel <jan.parcel@oracle.com> |
Mon, 25 Jan 2016 10:57:40 -0800 | |
branch | s11u3-sru |
changeset 5324 | 5683175b6e99 |
parent 3946 | b1e0e68de63b |
child 6076 | 0d5715bee554 |
permissions | -rw-r--r-- |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
1 |
# This change is Solaris-specific and thus is not being contributed back |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
2 |
# to the upstream community. Details: |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
3 |
# |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
4 |
# OpenSSH uses the BSD/Linux man page scheme which is different from the SysV |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
5 |
# man page scheme used in Solaris. In order to comply to the Solaris man page |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
6 |
# policy and also use the IPS mediator to switch between SunSSH and OpenSSH man |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
7 |
# pages, the section numbers of some OpenSSH man pages are changed to be the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
8 |
# same as their corresponding ones in SunSSH. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
9 |
# |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
10 |
|
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
11 |
diff -rupN old/moduli.5 new/moduli.5 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
12 |
--- old/moduli.5 2015-12-08 21:19:59.482474430 -0800 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
13 |
+++ new/moduli.5 2015-12-08 21:15:53.128029200 -0800 |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
14 |
@@ -14,7 +14,7 @@ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
15 |
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
16 |
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
17 |
.Dd $Mdocdate: September 26 2012 $ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
18 |
-.Dt MODULI 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
19 |
+.Dt MODULI 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
20 |
.Os |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
21 |
.Sh NAME |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
22 |
.Nm moduli |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
23 |
@@ -23,7 +23,7 @@ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
24 |
The |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
25 |
.Pa /etc/moduli |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
26 |
file contains prime numbers and generators for use by |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
27 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
28 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
29 |
in the Diffie-Hellman Group Exchange key exchange method. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
30 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
31 |
New moduli may be generated with |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
32 |
@@ -40,7 +40,7 @@ pass, using |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
33 |
.Ic ssh-keygen -T , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
34 |
provides a high degree of assurance that the numbers are prime and are |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
35 |
safe for use in Diffie-Hellman operations by |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
36 |
-.Xr sshd 8 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
37 |
+.Xr sshd 1M . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
38 |
This |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
39 |
.Nm |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
40 |
format is used as the output from each pass. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
41 |
@@ -70,7 +70,7 @@ are Sophie Germain primes (type 4). |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
42 |
Further primality testing with |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
43 |
.Xr ssh-keygen 1 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
44 |
produces safe prime moduli (type 2) that are ready for use in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
45 |
-.Xr sshd 8 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
46 |
+.Xr sshd 1M . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
47 |
Other types are not used by OpenSSH. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
48 |
.It tests |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
49 |
Decimal number indicating the type of primality tests that the number |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
50 |
@@ -105,16 +105,16 @@ The modulus itself in hexadecimal. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
51 |
.El |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
52 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
53 |
When performing Diffie-Hellman Group Exchange, |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
54 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
55 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
56 |
first estimates the size of the modulus required to produce enough |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
57 |
Diffie-Hellman output to sufficiently key the selected symmetric cipher. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
58 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
59 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
60 |
then randomly selects a modulus from |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
61 |
.Fa /etc/moduli |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
62 |
that best meets the size requirement. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
63 |
.Sh SEE ALSO |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
64 |
.Xr ssh-keygen 1 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
65 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
66 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
67 |
.Sh STANDARDS |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
68 |
.Rs |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
69 |
.%A M. Friedl |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
70 |
diff -rupN old/sftp-server.8 new/sftp-server.8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
71 |
--- old/sftp-server.8 2015-12-08 21:04:19.872169630 -0800 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
72 |
+++ new/sftp-server.8 2015-12-08 21:36:18.267186200 -0800 |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
73 |
@@ -23,7 +23,7 @@ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
74 |
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
75 |
.\" |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
76 |
.Dd $Mdocdate: December 11 2014 $ |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
77 |
-.Dt SFTP-SERVER 8 |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
78 |
+.Dt SFTP-SERVER 1M |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
79 |
.Os |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
80 |
.Sh NAME |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
81 |
.Nm sftp-server |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
82 |
@@ -47,7 +47,7 @@ is a program that speaks the server side |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
83 |
to stdout and expects client requests from stdin. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
84 |
.Nm |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
85 |
is not intended to be called directly, but from |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
86 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
87 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
88 |
using the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
89 |
.Cm Subsystem |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
90 |
option. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
91 |
@@ -58,7 +58,7 @@ should be specified in the |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
92 |
.Cm Subsystem |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
93 |
declaration. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
94 |
See |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
95 |
-.Xr sshd_config 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
96 |
+.Xr sshd_config 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
97 |
for more information. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
98 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
99 |
Valid options are: |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
100 |
@@ -71,7 +71,7 @@ The pathname may contain the following t |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
101 |
and %u is replaced by the username of that user. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
102 |
The default is to use the user's home directory. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
103 |
This option is useful in conjunction with the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
104 |
-.Xr sshd_config 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
105 |
+.Xr sshd_config 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
106 |
.Cm ChrootDirectory |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
107 |
option. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
108 |
.It Fl e |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
109 |
@@ -147,13 +147,13 @@ must be able to access |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
110 |
for logging to work, and use of |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
111 |
.Nm |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
112 |
in a chroot configuration therefore requires that |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
113 |
-.Xr syslogd 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
114 |
+.Xr syslogd 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
115 |
establish a logging socket inside the chroot directory. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
116 |
.Sh SEE ALSO |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
117 |
.Xr sftp 1 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
118 |
.Xr ssh 1 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
119 |
-.Xr sshd_config 5 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
120 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
121 |
+.Xr sshd_config 4 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
122 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
123 |
.Rs |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
124 |
.%A T. Ylonen |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
125 |
.%A S. Lehtinen |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
126 |
diff -rupN old/ssh_config.5 new/ssh_config.5 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
127 |
--- old/ssh_config.5 2015-12-08 21:04:19.876611140 -0800 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
128 |
+++ new/ssh_config.5 2015-12-08 22:02:41.048804430 -0800 |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
129 |
@@ -35,7 +35,7 @@ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
130 |
.\" |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
131 |
.\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $ |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
132 |
.Dd $Mdocdate: August 14 2015 $ |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
133 |
-.Dt SSH_CONFIG 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
134 |
+.Dt SSH_CONFIG 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
135 |
.Os |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
136 |
.Sh NAME |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
137 |
.Nm ssh_config |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
138 |
@@ -568,7 +568,7 @@ then the master connection will remain i |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
139 |
.Dq Fl O No exit |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
140 |
option). |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
141 |
If set to a time in seconds, or a time in any of the formats documented in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
142 |
-.Xr sshd_config 5 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
143 |
+.Xr sshd_config 4 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
144 |
then the backgrounded master connection will automatically terminate |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
145 |
after it has remained idle (with no client connections) for the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
146 |
specified time. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
147 |
@@ -610,7 +610,7 @@ Setting this option to |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
148 |
in the global client configuration file |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
149 |
.Pa /etc/ssh/ssh_config |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
150 |
enables the use of the helper program |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
151 |
-.Xr ssh-keysign 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
152 |
+.Xr ssh-keysign 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
153 |
during |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
154 |
.Cm HostbasedAuthentication . |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
155 |
The argument must be |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
156 |
@@ -621,7 +621,7 @@ The default is |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
157 |
.Dq no . |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
158 |
This option should be placed in the non-hostspecific section. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
159 |
See |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
160 |
-.Xr ssh-keysign 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
161 |
+.Xr ssh-keysign 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
162 |
for more information. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
163 |
.It Cm EscapeChar |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
164 |
Sets the escape character (default: |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
165 |
@@ -695,7 +695,7 @@ option is also enabled. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
166 |
Specify a timeout for untrusted X11 forwarding |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
167 |
using the format described in the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
168 |
TIME FORMATS section of |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
169 |
-.Xr sshd_config 5 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
170 |
+.Xr sshd_config 4 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
171 |
X11 connections received by |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
172 |
.Xr ssh 1 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
173 |
after this time will be refused. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
174 |
@@ -762,7 +762,7 @@ should hash host names and addresses whe |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
175 |
These hashed names may be used normally by |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
176 |
.Xr ssh 1 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
177 |
and |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
178 |
-.Xr sshd 8 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
179 |
+.Xr sshd 1M , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
180 |
but they do not reveal identifying information should the file's contents |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
181 |
be disclosed. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
182 |
The default is |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
183 |
@@ -1206,7 +1206,7 @@ by the remote user name. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
184 |
The command can be basically anything, |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
185 |
and should read from its standard input and write to its standard output. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
186 |
It should eventually connect an |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
187 |
-.Xr sshd 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
188 |
+.Xr sshd 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
189 |
server running on some machine, or execute |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
190 |
.Ic sshd -i |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
191 |
somewhere. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
192 |
@@ -1286,7 +1286,7 @@ depending on the cipher. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
193 |
The optional second value is specified in seconds and may use any of the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
194 |
units documented in the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
195 |
TIME FORMATS section of |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
196 |
-.Xr sshd_config 5 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
197 |
+.Xr sshd_config 4 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
198 |
The default value for |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
199 |
.Cm RekeyLimit |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
200 |
is |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
201 |
@@ -1330,7 +1330,7 @@ Specifying a remote |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
202 |
will only succeed if the server's |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
203 |
.Cm GatewayPorts |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
204 |
option is enabled (see |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
205 |
-.Xr sshd_config 5 ) . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
206 |
+.Xr sshd_config 4 ) . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
207 |
.It Cm RequestTTY |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
208 |
Specifies whether to request a pseudo-tty for the session. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
209 |
The argument may be one of: |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
210 |
@@ -1396,7 +1396,7 @@ pseudo-terminal is requested as it is re |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
211 |
Refer to |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
212 |
.Cm AcceptEnv |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
213 |
in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
214 |
-.Xr sshd_config 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
215 |
+.Xr sshd_config 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
216 |
for how to configure the server. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
217 |
Variables are specified by name, which may contain wildcard characters. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
218 |
Multiple environment variables may be separated by whitespace or spread |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
219 |
@@ -1586,7 +1586,7 @@ Confirmation is currently incompatible w |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
220 |
and will be disabled if it is enabled. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
221 |
.Pp |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
222 |
Presently, only |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
223 |
-.Xr sshd 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
224 |
+.Xr sshd 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
225 |
from OpenSSH 6.8 and greater support the |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
226 |
.Dq [email protected] |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
227 |
protocol extension used to inform the client of all the server's hostkeys. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
228 |
diff -rupN old/ssh-keysign.8 new/ssh-keysign.8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
229 |
--- old/ssh-keysign.8 2015-12-08 21:20:45.638888550 -0800 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
230 |
+++ new/ssh-keysign.8 2015-12-08 21:15:29.266139300 -0800 |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
231 |
@@ -23,7 +23,7 @@ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
232 |
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
233 |
.\" |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
234 |
.Dd $Mdocdate: December 7 2013 $ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
235 |
-.Dt SSH-KEYSIGN 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
236 |
+.Dt SSH-KEYSIGN 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
237 |
.Os |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
238 |
.Sh NAME |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
239 |
.Nm ssh-keysign |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
240 |
@@ -52,7 +52,7 @@ is not intended to be invoked by the use |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
241 |
See |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
242 |
.Xr ssh 1 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
243 |
and |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
244 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
245 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
246 |
for more information about host-based authentication. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
247 |
.Sh FILES |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
248 |
.Bl -tag -width Ds -compact |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
249 |
@@ -83,8 +83,8 @@ information corresponding with the priva |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
250 |
.Sh SEE ALSO |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
251 |
.Xr ssh 1 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
252 |
.Xr ssh-keygen 1 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
253 |
-.Xr ssh_config 5 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
254 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
255 |
+.Xr ssh_config 4 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
256 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
257 |
.Sh HISTORY |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
258 |
.Nm |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
259 |
first appeared in |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
260 |
diff -rupN old/ssh-pkcs11-helper.8 new/ssh-pkcs11-helper.8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
261 |
--- old/ssh-pkcs11-helper.8 2015-12-08 21:18:49.511938140 -0800 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
262 |
+++ new/ssh-pkcs11-helper.8 2015-12-08 21:16:10.866823750 -0800 |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
263 |
@@ -15,7 +15,7 @@ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
264 |
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
265 |
.\" |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
266 |
.Dd $Mdocdate: July 16 2013 $ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
267 |
-.Dt SSH-PKCS11-HELPER 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
268 |
+.Dt SSH-PKCS11-HELPER 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
269 |
.Os |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
270 |
.Sh NAME |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
271 |
.Nm ssh-pkcs11-helper |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
272 |
diff -rupN old/sshd_config.5 new/sshd_config.5 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
273 |
--- old/sshd_config.5 2015-12-08 21:04:19.889738130 -0800 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
274 |
+++ new/sshd_config.5 2015-12-08 22:19:12.187929340 -0800 |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
275 |
@@ -35,7 +35,7 @@ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
276 |
.\" |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
277 |
.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $ |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
278 |
.Dd $Mdocdate: August 14 2015 $ |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
279 |
-.Dt SSHD_CONFIG 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
280 |
+.Dt SSHD_CONFIG 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
281 |
.Os |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
282 |
.Sh NAME |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
283 |
.Nm sshd_config |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
284 |
@@ -43,7 +43,7 @@ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
285 |
.Sh SYNOPSIS |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
286 |
.Nm /etc/ssh/sshd_config |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
287 |
.Sh DESCRIPTION |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
288 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
289 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
290 |
reads configuration data from |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
291 |
.Pa /etc/ssh/sshd_config |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
292 |
(or the file specified with |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
293 |
@@ -68,7 +68,7 @@ the session's |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
294 |
See |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
295 |
.Cm SendEnv |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
296 |
in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
297 |
-.Xr ssh_config 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
298 |
+.Xr ssh_config 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
299 |
for how to configure the client. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
300 |
Note that environment passing is only supported for protocol 2, and |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
301 |
that the |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
302 |
@@ -89,7 +89,7 @@ For this reason, care should be taken in |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
303 |
The default is not to accept any environment variables. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
304 |
.It Cm AddressFamily |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
305 |
Specifies which address family should be used by |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
306 |
-.Xr sshd 8 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
307 |
+.Xr sshd 1M . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
308 |
Valid arguments are |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
309 |
.Dq any , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
310 |
.Dq inet |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
311 |
@@ -122,7 +122,7 @@ and finally |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
312 |
.Cm AllowGroups . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
313 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
314 |
See PATTERNS in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
315 |
-.Xr ssh_config 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
316 |
+.Xr ssh_config 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
317 |
for more information on patterns. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
318 |
.It Cm AllowTcpForwarding |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
319 |
Specifies whether TCP forwarding is permitted. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
320 |
@@ -182,7 +182,7 @@ and finally |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
321 |
.Cm AllowGroups . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
322 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
323 |
See PATTERNS in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
324 |
-.Xr ssh_config 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
325 |
+.Xr ssh_config 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
326 |
for more information on patterns. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
327 |
.It Cm AuthenticationMethods |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
328 |
Specifies the authentication methods that must be successfully completed |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
329 |
@@ -217,7 +217,7 @@ device. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
330 |
If the |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
331 |
.Dq publickey |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
332 |
method is listed more than once, |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
333 |
-.Xr sshd 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
334 |
+.Xr sshd 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
335 |
verifies that keys that have been used successfully are not reused for |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
336 |
subsequent authentications. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
337 |
For example, an |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
338 |
@@ -250,7 +250,7 @@ will be supplied. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
339 |
.Pp |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
340 |
The program should produce on standard output zero or |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
341 |
more lines of authorized_keys output (see AUTHORIZED_KEYS in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
342 |
-.Xr sshd 8 ) . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
343 |
+.Xr sshd 1M ) . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
344 |
If a key supplied by AuthorizedKeysCommand does not successfully authenticate |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
345 |
and authorize the user then public key authentication continues using the usual |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
346 |
.Cm AuthorizedKeysFile |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
347 |
@@ -265,7 +265,7 @@ If |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
348 |
is specified but |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
349 |
.Cm AuthorizedKeysCommandUser |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
350 |
is not, then |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
351 |
-.Xr sshd 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
352 |
+.Xr sshd 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
353 |
will refuse to start. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
354 |
.It Cm AuthorizedKeysFile |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
355 |
Specifies the file that contains the public keys that can be used |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
356 |
@@ -273,7 +273,7 @@ for user authentication. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
357 |
The format is described in the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
358 |
AUTHORIZED_KEYS FILE FORMAT |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
359 |
section of |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
360 |
-.Xr sshd 8 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
361 |
+.Xr sshd 1M . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
362 |
.Cm AuthorizedKeysFile |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
363 |
may contain tokens of the form %T which are substituted during connection |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
364 |
setup. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
365 |
@@ -321,7 +321,7 @@ If |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
366 |
is specified but |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
367 |
.Cm AuthorizedPrincipalsCommandUser |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
368 |
is not, then |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
369 |
-.Xr sshd 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
370 |
+.Xr sshd 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
371 |
will refuse to start. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
372 |
.It Cm AuthorizedPrincipalsFile |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
373 |
Specifies a file that lists principal names that are accepted for |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
374 |
@@ -332,7 +332,7 @@ this file lists names, one of which must |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
375 |
to be accepted for authentication. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
376 |
Names are listed one per line preceded by key options (as described |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
377 |
in AUTHORIZED_KEYS FILE FORMAT in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
378 |
-.Xr sshd 8 ) . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
379 |
+.Xr sshd 1M ) . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
380 |
Empty lines and comments starting with |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
381 |
.Ql # |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
382 |
are ignored. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
383 |
@@ -362,7 +362,7 @@ and is not consulted for certification a |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
384 |
though the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
385 |
.Cm principals= |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
386 |
key option offers a similar facility (see |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
387 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
388 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
389 |
for details). |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
390 |
.It Cm Banner |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
391 |
The contents of the specified file are sent to the remote user before |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
392 |
@@ -383,11 +383,11 @@ Specifies the pathname of a directory to |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
393 |
.Xr chroot 2 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
394 |
to after authentication. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
395 |
At session startup |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
396 |
-.Xr sshd 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
397 |
+.Xr sshd 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
398 |
checks that all components of the pathname are root-owned directories |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
399 |
which are not writable by any other user or group. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
400 |
After the chroot, |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
401 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
402 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
403 |
changes the working directory to the user's home directory. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
404 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
405 |
The pathname may contain the following tokens that are expanded at runtime once |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
406 |
@@ -419,14 +419,14 @@ in-process sftp server is used, |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
407 |
though sessions which use logging may require |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
408 |
.Pa /dev/log |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
409 |
inside the chroot directory on some operating systems (see |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
410 |
-.Xr sftp-server 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
411 |
+.Xr sftp-server 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
412 |
for details). |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
413 |
.Pp |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
414 |
For safety, it is very important that the directory hierarchy be |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
415 |
prevented from modification by other processes on the system (especially |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
416 |
those outside the jail). |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
417 |
Misconfiguration can lead to unsafe environments which |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
418 |
-.Xr sshd 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
419 |
+.Xr sshd 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
420 |
cannot detect. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
421 |
.Pp |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
422 |
The default is not to |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
423 |
@@ -490,7 +490,7 @@ with an argument of |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
424 |
.It Cm ClientAliveCountMax |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
425 |
Sets the number of client alive messages (see below) which may be |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
426 |
sent without |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
427 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
428 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
429 |
receiving any messages back from the client. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
430 |
If this threshold is reached while client alive messages are being sent, |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
431 |
sshd will disconnect the client, terminating the session. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
432 |
@@ -517,7 +517,7 @@ This option applies to protocol version |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
433 |
.It Cm ClientAliveInterval |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
434 |
Sets a timeout interval in seconds after which if no data has been received |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
435 |
from the client, |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
436 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
437 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
438 |
will send a message through the encrypted |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
439 |
channel to request a response from the client. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
440 |
The default |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
441 |
@@ -548,7 +548,7 @@ and finally |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
442 |
.Cm AllowGroups . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
443 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
444 |
See PATTERNS in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
445 |
-.Xr ssh_config 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
446 |
+.Xr ssh_config 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
447 |
for more information on patterns. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
448 |
.It Cm DenyUsers |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
449 |
This keyword can be followed by a list of user name patterns, separated |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
450 |
@@ -567,7 +567,7 @@ and finally |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
451 |
.Cm AllowGroups . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
452 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
453 |
See PATTERNS in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
454 |
-.Xr ssh_config 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
455 |
+.Xr ssh_config 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
456 |
for more information on patterns. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
457 |
.It Cm FingerprintHash |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
458 |
Specifies the hash algorithm used when logging key fingerprints. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
459 |
@@ -600,7 +600,7 @@ files when used with |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
460 |
Specifies whether remote hosts are allowed to connect to ports |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
461 |
forwarded for the client. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
462 |
By default, |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
463 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
464 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
465 |
binds remote port forwardings to the loopback address. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
466 |
This prevents other remote hosts from connecting to forwarded ports. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
467 |
.Cm GatewayPorts |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
468 |
@@ -686,7 +686,7 @@ files during |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
469 |
A setting of |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
470 |
.Dq yes |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
471 |
means that |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
472 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
473 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
474 |
uses the name supplied by the client rather than |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
475 |
attempting to resolve the name from the TCP connection itself. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
476 |
The default is |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
477 |
@@ -697,7 +697,7 @@ The certificate's public key must match |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
478 |
by |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
479 |
.Cm HostKey . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
480 |
The default behaviour of |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
481 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
482 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
483 |
is not to load any certificates. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
484 |
.It Cm HostKey |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
485 |
Specifies a file containing a private host key |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
486 |
@@ -713,12 +713,12 @@ and |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
487 |
for protocol version 2. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
488 |
.Pp |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
489 |
Note that |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
490 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
491 |
+.Xr sshd 1M |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
492 |
will refuse to use a file if it is group/world-accessible |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
493 |
and that the |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
494 |
.Cm HostKeyAlgorithms |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
495 |
option restricts which of the keys are actually used by |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
496 |
-.Xr sshd 8 . |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
497 |
+.Xr sshd 1M . |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
498 |
.Pp |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
499 |
It is possible to have multiple host key files. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
500 |
.Dq rsa1 |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
501 |
@@ -779,7 +779,7 @@ The default is |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
502 |
.Dq yes . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
503 |
.It Cm IgnoreUserKnownHosts |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
504 |
Specifies whether |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
505 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
506 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
507 |
should ignore the user's |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
508 |
.Pa ~/.ssh/known_hosts |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
509 |
during |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
510 |
@@ -914,7 +914,7 @@ If the value is 0, the key is never rege |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
511 |
The default is 3600 (seconds). |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
512 |
.It Cm ListenAddress |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
513 |
Specifies the local addresses |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
514 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
515 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
516 |
should listen on. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
517 |
The following forms may be used: |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
518 |
.Pp |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
519 |
@@ -954,7 +954,7 @@ If the value is 0, there is no time limi |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
520 |
The default is 120 seconds. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
521 |
.It Cm LogLevel |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
522 |
Gives the verbosity level that is used when logging messages from |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
523 |
-.Xr sshd 8 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
524 |
+.Xr sshd 1M . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
525 |
The possible values are: |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
526 |
QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
527 |
The default is INFO. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
528 |
@@ -1059,7 +1059,7 @@ and |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
529 |
The match patterns may consist of single entries or comma-separated |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
530 |
lists and may use the wildcard and negation operators described in the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
531 |
PATTERNS section of |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
532 |
-.Xr ssh_config 5 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
533 |
+.Xr ssh_config 4 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
534 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
535 |
The patterns in an |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
536 |
.Cm Address |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
537 |
@@ -1148,7 +1148,7 @@ Alternatively, random early drop can be |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
538 |
the three colon separated values |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
539 |
.Dq start:rate:full |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
540 |
(e.g. "10:30:60"). |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
541 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
542 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
543 |
will refuse connection attempts with a probability of |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
544 |
.Dq rate/100 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
545 |
(30%) |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
546 |
@@ -1268,7 +1268,7 @@ and |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
547 |
options in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
548 |
.Pa ~/.ssh/authorized_keys |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
549 |
are processed by |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
550 |
-.Xr sshd 8 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
551 |
+.Xr sshd 1M . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
552 |
The default is |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
553 |
.Dq no . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
554 |
Enabling environment processing may enable users to bypass access |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
555 |
@@ -1289,7 +1289,7 @@ The default is |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
556 |
.Pa /var/run/sshd.pid . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
557 |
.It Cm Port |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
558 |
Specifies the port number that |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
559 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
560 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
561 |
listens on. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
562 |
The default is 22. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
563 |
Multiple options of this type are permitted. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
564 |
@@ -1297,14 +1297,14 @@ See also |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
565 |
.Cm ListenAddress . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
566 |
.It Cm PrintLastLog |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
567 |
Specifies whether |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
568 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
569 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
570 |
should print the date and time of the last user login when a user logs |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
571 |
in interactively. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
572 |
On Solaris this option is always ignored since pam_unix_session(5) |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
573 |
reports the last login time. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
574 |
.It Cm PrintMotd |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
575 |
Specifies whether |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
576 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
577 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
578 |
should print |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
579 |
.Pa /etc/motd |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
580 |
when a user logs in interactively. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
581 |
@@ -1315,7 +1315,7 @@ The default is |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
582 |
.Dq yes . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
583 |
.It Cm Protocol |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
584 |
Specifies the protocol versions |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
585 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
586 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
587 |
supports. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
588 |
The possible values are |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
589 |
.Sq 1 |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
590 |
@@ -1440,7 +1440,7 @@ The default is |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
591 |
.Dq no . |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
592 |
.It Cm StrictModes |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
593 |
Specifies whether |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
594 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
595 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
596 |
should check file modes and ownership of the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
597 |
user's files and home directory before accepting login. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
598 |
This is normally desirable because novices sometimes accidentally leave their |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
599 |
@@ -1456,7 +1456,7 @@ Arguments should be a subsystem name and |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
600 |
to execute upon subsystem request. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
601 |
.Pp |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
602 |
The command |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
603 |
-.Xr sftp-server 8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
604 |
+.Xr sftp-server 1M |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
605 |
implements the |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
606 |
.Dq sftp |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
607 |
file transfer subsystem. |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
608 |
@@ -1474,7 +1474,7 @@ By default no subsystems are defined. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
609 |
Note that this option applies to protocol version 2 only. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
610 |
.It Cm SyslogFacility |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
611 |
Gives the facility code that is used when logging messages from |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
612 |
-.Xr sshd 8 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
613 |
+.Xr sshd 1M . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
614 |
The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
615 |
LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
616 |
The default is AUTH. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
617 |
@@ -1517,7 +1517,7 @@ For more details on certificates, see th |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
618 |
.Xr ssh-keygen 1 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
619 |
.It Cm UseDNS |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
620 |
Specifies whether |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
621 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
622 |
+.Xr sshd 1M |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
623 |
should look up the remote host name, and to check that |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
624 |
the resolved host name for the remote IP address maps back to the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
625 |
very same IP address. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
626 |
@@ -1571,13 +1571,13 @@ or |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
627 |
If |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
628 |
.Cm UsePAM |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
629 |
is enabled, you will not be able to run |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
630 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
631 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
632 |
as a non-root user. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
633 |
The default is |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
634 |
.Dq no . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
635 |
.It Cm UsePrivilegeSeparation |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
636 |
Specifies whether |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
637 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
638 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
639 |
separates privileges by creating an unprivileged child process |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
640 |
to deal with incoming network traffic. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
641 |
After successful authentication, another process will be created that has |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
642 |
@@ -1599,7 +1599,7 @@ The default is |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
643 |
.Dq none . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
644 |
.It Cm X11DisplayOffset |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
645 |
Specifies the first display number available for |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
646 |
-.Xr sshd 8 Ns 's |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
647 |
+.Xr sshd 1M Ns 's |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
648 |
X11 forwarding. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
649 |
This prevents sshd from interfering with real X11 servers. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
650 |
The default is 10. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
651 |
@@ -1614,7 +1614,7 @@ The default is |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
652 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
653 |
When X11 forwarding is enabled, there may be additional exposure to |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
654 |
the server and to client displays if the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
655 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
656 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
657 |
proxy display is configured to listen on the wildcard address (see |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
658 |
.Cm X11UseLocalhost |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
659 |
below), though this is not the default. |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
660 |
@@ -1625,7 +1625,7 @@ display server may be exposed to attack |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
661 |
forwarding (see the warnings for |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
662 |
.Cm ForwardX11 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
663 |
in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
664 |
-.Xr ssh_config 5 ) . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
665 |
+.Xr ssh_config 4 ) . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
666 |
A system administrator may have a stance in which they want to |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
667 |
protect clients that may expose themselves to attack by unwittingly |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
668 |
requesting X11 forwarding, which can warrant a |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
669 |
@@ -1639,7 +1639,7 @@ X11 forwarding is automatically disabled |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
670 |
is enabled. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
671 |
.It Cm X11UseLocalhost |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
672 |
Specifies whether |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
673 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
674 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
675 |
should bind the X11 forwarding server to the loopback address or to |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
676 |
the wildcard address. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
677 |
By default, |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
678 |
@@ -1672,7 +1672,7 @@ The default is |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
679 |
.Pa /usr/X11R6/bin/xauth . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
680 |
.El |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
681 |
.Sh TIME FORMATS |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
682 |
-.Xr sshd 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
683 |
+.Xr sshd 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
684 |
command-line arguments and configuration file options that specify time |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
685 |
may be expressed using a sequence of the form: |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
686 |
.Sm off |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
687 |
@@ -1716,12 +1716,12 @@ Time format examples: |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
688 |
.Bl -tag -width Ds |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
689 |
.It Pa /etc/ssh/sshd_config |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
690 |
Contains configuration data for |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
691 |
-.Xr sshd 8 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
692 |
+.Xr sshd 1M . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
693 |
This file should be writable by root only, but it is recommended |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
694 |
(though not necessary) that it be world-readable. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
695 |
.El |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
696 |
.Sh SEE ALSO |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
697 |
-.Xr sshd 8 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
698 |
+.Xr sshd 1M , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
699 |
.Xr pam_unix_session 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
700 |
.Sh AUTHORS |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
701 |
OpenSSH is a derivative of the original and free |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
702 |
diff -rupN old/sshd.8 new/sshd.8 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
703 |
--- old/sshd.8 2015-12-08 21:04:19.894093050 -0800 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
704 |
+++ new/sshd.8 2015-12-08 22:08:55.024892200 -0800 |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
705 |
@@ -35,7 +35,7 @@ |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
706 |
.\" |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
707 |
.\" $OpenBSD: sshd.8,v 1.280 2015/07/03 03:49:45 djm Exp $ |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
708 |
.Dd $Mdocdate: July 3 2015 $ |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
709 |
-.Dt SSHD 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
710 |
+.Dt SSHD 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
711 |
.Os |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
712 |
.Sh NAME |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
713 |
.Nm sshd |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
714 |
@@ -77,7 +77,7 @@ and data exchange. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
715 |
.Nm |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
716 |
can be configured using command-line options or a configuration file |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
717 |
(by default |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
718 |
-.Xr sshd_config 5 ) ; |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
719 |
+.Xr sshd_config 4 ) ; |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
720 |
command-line options override values specified in the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
721 |
configuration file. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
722 |
.Nm |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
723 |
@@ -204,7 +204,7 @@ Can be used to give options in the forma |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
724 |
This is useful for specifying options for which there is no separate |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
725 |
command-line flag. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
726 |
For full details of the options, and their values, see |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
727 |
-.Xr sshd_config 5 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
728 |
+.Xr sshd_config 4 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
729 |
.It Fl p Ar port |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
730 |
Specifies the port on which the server listens for connections |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
731 |
(default 22). |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
732 |
@@ -274,7 +274,7 @@ The default is to use protocol 2 only, |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
733 |
though this can be changed via the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
734 |
.Cm Protocol |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
735 |
option in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
736 |
-.Xr sshd_config 5 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
737 |
+.Xr sshd_config 4 . |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
738 |
Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
739 |
protocol 1 only supports RSA keys. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
740 |
For both protocols, |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
741 |
@@ -399,14 +399,14 @@ if it exists, and users are allowed to c |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
742 |
See the |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
743 |
.Cm PermitUserEnvironment |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
744 |
option in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
745 |
-.Xr sshd_config 5 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
746 |
+.Xr sshd_config 4 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
747 |
.It |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
748 |
Changes to user's home directory. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
749 |
.It |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
750 |
If |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
751 |
.Pa ~/.ssh/rc |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
752 |
exists and the |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
753 |
-.Xr sshd_config 5 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
754 |
+.Xr sshd_config 4 |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
755 |
.Cm PermitUserRC |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
756 |
option is set, runs it; else if |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
757 |
.Pa /etc/ssh/sshrc |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
758 |
@@ -549,7 +549,7 @@ The command originally supplied by the c |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
759 |
environment variable. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
760 |
Note that this option applies to shell, command or subsystem execution. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
761 |
Also note that this command may be superseded by either a |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
762 |
-.Xr sshd_config 5 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
763 |
+.Xr sshd_config 4 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
764 |
.Cm ForceCommand |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
765 |
directive or a command embedded in a certificate. |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
766 |
.It Cm environment="NAME=value" |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
767 |
@@ -919,7 +919,7 @@ should be world-readable. |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
768 |
Contains configuration data for |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
769 |
.Nm sshd . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
770 |
The file format and configuration options are described in |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
771 |
-.Xr sshd_config 5 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
772 |
+.Xr sshd_config 4 . |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
773 |
.Pp |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
774 |
.It Pa /etc/ssh/sshrc |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
775 |
Similar to |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
776 |
@@ -953,11 +953,12 @@ The content of this file is not sensitiv |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
777 |
.Xr ssh-keygen 1 , |
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
778 |
.Xr ssh-keyscan 1 , |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
779 |
.Xr chroot 2 , |
5324
5683175b6e99
PSARC/2015/395 OpenSSH 7.1p1
Jan Parcel <jan.parcel@oracle.com>
parents:
3946
diff
changeset
|
780 |
+.Xr hosts_access 5 , |
3946
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
781 |
.Xr login.conf 5 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
782 |
-.Xr moduli 5 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
783 |
-.Xr sshd_config 5 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
784 |
-.Xr inetd 8 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
785 |
-.Xr sftp-server 8 |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
786 |
+.Xr moduli 4 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
787 |
+.Xr sshd_config 4 , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
788 |
+.Xr inetd 1M , |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
789 |
+.Xr sftp-server 1M |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
790 |
.Sh AUTHORS |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
791 |
OpenSSH is a derivative of the original and free |
b1e0e68de63b
PSARC 2012/335 OpenSSH migration
Huie-Ying Lee <huieying.lee@oracle.com>
parents:
diff
changeset
|
792 |
ssh 1.2.12 release by Tatu Ylonen. |