1 | .\" $OpenBSD: ssh-keysign.8,v 1.3 2002/07/03 14:21:05 markus Exp $ |
---|
2 | .\" |
---|
3 | .\" Copyright (c) 2002 Markus Friedl. All rights reserved. |
---|
4 | .\" |
---|
5 | .\" Redistribution and use in source and binary forms, with or without |
---|
6 | .\" modification, are permitted provided that the following conditions |
---|
7 | .\" are met: |
---|
8 | .\" 1. Redistributions of source code must retain the above copyright |
---|
9 | .\" notice, this list of conditions and the following disclaimer. |
---|
10 | .\" 2. Redistributions in binary form must reproduce the above copyright |
---|
11 | .\" notice, this list of conditions and the following disclaimer in the |
---|
12 | .\" documentation and/or other materials provided with the distribution. |
---|
13 | .\" |
---|
14 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
---|
15 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
---|
16 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
---|
17 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
---|
18 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
---|
19 | .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
---|
20 | .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
---|
21 | .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
---|
22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
---|
23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
---|
24 | .\" |
---|
25 | .Dd May 24, 2002 |
---|
26 | .Dt SSH-KEYSIGN 8 |
---|
27 | .Os |
---|
28 | .Sh NAME |
---|
29 | .Nm ssh-keysign |
---|
30 | .Nd ssh helper program for hostbased authentication |
---|
31 | .Sh SYNOPSIS |
---|
32 | .Nm |
---|
33 | .Sh DESCRIPTION |
---|
34 | .Nm |
---|
35 | is used by |
---|
36 | .Xr ssh 1 |
---|
37 | to access the local host keys and generate the digital signature |
---|
38 | required during hostbased authentication with SSH protocol version 2. |
---|
39 | .Pp |
---|
40 | .Nm |
---|
41 | is disabled by default and can only be enabled in the |
---|
42 | the global client configuration file |
---|
43 | .Pa /etc/ssh/ssh_config |
---|
44 | by setting |
---|
45 | .Cm HostbasedAuthentication |
---|
46 | to |
---|
47 | .Dq yes . |
---|
48 | .Pp |
---|
49 | .Nm |
---|
50 | is not intended to be invoked by the user, but from |
---|
51 | .Xr ssh 1 . |
---|
52 | See |
---|
53 | .Xr ssh 1 |
---|
54 | and |
---|
55 | .Xr sshd 8 |
---|
56 | for more information about hostbased authentication. |
---|
57 | .Sh FILES |
---|
58 | .Bl -tag -width Ds |
---|
59 | .It Pa /etc/ssh/ssh_config |
---|
60 | Controls whether |
---|
61 | .Nm |
---|
62 | is enabled. |
---|
63 | .It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key |
---|
64 | These files contain the private parts of the host keys used to |
---|
65 | generate the digital signature. They |
---|
66 | should be owned by root, readable only by root, and not |
---|
67 | accessible to others. |
---|
68 | Since they are readable only by root, |
---|
69 | .Nm |
---|
70 | must be set-uid root if hostbased authentication is used. |
---|
71 | .El |
---|
72 | .Sh SEE ALSO |
---|
73 | .Xr ssh 1 , |
---|
74 | .Xr ssh-keygen 1 , |
---|
75 | .Xr ssh_config 5 , |
---|
76 | .Xr sshd 8 |
---|
77 | .Sh AUTHORS |
---|
78 | Markus Friedl <markus@openbsd.org> |
---|
79 | .Sh HISTORY |
---|
80 | .Nm |
---|
81 | first appeared in |
---|
82 | .Ox 3.2 . |
---|