source: trunk/third/ssh/ssh.1.in @ 12646

Revision 12646, 37.7 KB checked in by danw, 26 years ago (diff)
This commit was generated by cvs2svn to compensate for changes in r12645, which included commits to RCS files with non-trunk default branches.
Line 
1.\"  -*- nroff -*-
2.\"
3.\" ssh.1.in
4.\"
5.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
6.\"
7.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8.\"                    All rights reserved
9.\"
10.\" Created: Sat Apr 22 21:55:14 1995 ylo
11.\"
12.\" $Id: ssh.1.in,v 1.1.1.4 1999-03-08 17:42:58 danw Exp $
13.\" $Log: not supported by cvs2svn $
14.\" Revision 1.18  1998/07/08 00:41:03  kivinen
15.\"     Changed to do similar commercial #ifdef processing than other
16.\"     files. Fixed privileged typo.
17.\"
18.\" Revision 1.17  1998/06/11 00:10:36  kivinen
19.\"     Fixed comment characters.
20.\"
21.\" Revision 1.16  1998/04/30  01:56:20  kivinen
22.\"     Added PasswordPromptLogin and PasswordPromptHost option
23.\"     documentation.
24.\"
25.\" Revision 1.15  1998/03/27 17:27:07  kivinen
26.\"     Removed TSS.
27.\"
28.\" Revision 1.14  1998/03/27 17:01:15  kivinen
29.\"     Documented -g option and GatewayPorts config option.
30.\"
31.\" Revision 1.13  1998/01/02 06:22:26  kivinen
32.\"     Sorted options. Added XAuthLocation option. Renamed
33.\"     SSH_AUTHENTICATION_SOCKET to SSH_AUTH_SOCK.
34.\"
35.\" Revision 1.12  1997/05/08 03:05:39  kivinen
36.\"     Added \ before all '-characters (it is troff command if it is
37.\"     in the beginning of line).
38.\"
39.\" Revision 1.11  1997/04/27 21:50:30  kivinen
40.\"     Added F-SECURE stuff.
41.\"
42.\" Revision 1.10  1997/04/23 00:04:36  kivinen
43.\"     Documented ClearAllForwardings and NumberOfPasswordPrompts
44.\"     options. Sorted options.
45.\"
46.\" Revision 1.9  1997/04/17 04:17:23  kivinen
47.\"     Documented StrictHostKeyChecking=ask.
48.\"
49.\" Revision 1.8  1997/03/27 03:16:23  kivinen
50.\"     Added kerberos patches from Glenn Machin.
51.\"     Added -V and -k options.
52.\"
53.\" Revision 1.7  1997/03/26 05:35:12  kivinen
54.\"     Documented UsePriviledgedPort config file option and -P
55.\"     option.
56.\"
57.\" Revision 1.6  1997/03/25 05:42:57  kivinen
58.\"     Updated. Changed ylo's email to @ssh.fi.
59.\"
60.\" Revision 1.5  1997/03/19 17:43:26  kivinen
61.\"     Documented TISAuthentication stuff.
62.\"
63.\" Revision 1.4  1997/01/10 17:47:25  ttsalo
64.\"     Updated the enviroment variable descriptions
65.\"
66.\" Revision 1.3  1996/09/29 01:03:36  ylo
67.\"     Documented blowfish.
68.\"
69.\" Revision 1.2  1996/09/27 14:31:34  ttsalo
70.\"     Socks5 support from David Kågedal  <davidk@lysator.liu.se>
71.\"
72.\" Revision 1.1.1.1  1996/02/18 21:38:13  ylo
73.\"     Imported ssh-1.2.13.
74.\"
75.\" Revision 1.9  1995/10/02  01:28:11  ylo
76.\"     Make substitutions in configure.
77.\"
78.\" Revision 1.8  1995/09/25  00:00:49  ylo
79.\"     Added ConnectionAttempts.
80.\"
81.\" Revision 1.7  1995/08/31  09:23:03  ylo
82.\"     Minor cleanup.
83.\"
84.\" Revision 1.6  1995/08/29  22:31:11  ylo
85.\"     Improved manual pages from Andrew Macpherson.
86.\"
87.\" Revision 1.5  1995/08/21  23:27:44  ylo
88.\"     Added -q.
89.\"
90.\" Revision 1.4  1995/07/27  00:40:24  ylo
91.\"     Added GlobalKnownHostsFile and UserKnownHostsFile.
92.\"
93.\" Revision 1.3  1995/07/15  22:24:51  ylo
94.\"     Added documentation for -o.
95.\"
96.\" Revision 1.2  1995/07/13  01:36:20  ylo
97.\"     Removed "Last modified" header.
98.\"     Added cvs log.
99.\"
100.\" $Endlog$
101.\"
102.\"
103.\"
104.\"
105.\" #ifndef F_SECURE_COMMERCIAL
106.TH SSH 1 "November 8, 1995" "SSH" "SSH"
107.\" #endif F_SECURE_COMMERCIAL
108
109.SH NAME
110ssh \- secure shell client (remote login program)
111
112.SH SYNOPSIS
113.B ssh
114[\c
115.BI \-l \ login_name\fR\c
116]
117.B hostname
118[\c
119.IR command \c
120]
121
122.B ssh
123[\c
124.BR \-a \c
125]
126[\c
127.B \-c
128\fIidea\fR\||\|\fIblowfish\fR\||\|\fIdes\fR\||\|\fI3des\c
129\fR\||\|\fIarcfour\fR\||\|\fInone\fR\c
130]
131[\c
132.BI \-e \ escape_char\fR\c
133]
134[\c
135.BI \-i \ identity_file\fR\c
136]
137[\c
138.BI \-l \ login_name\fR\c
139]
140[\c
141.BR \-n \c
142]
143[\c
144.BR \-k \c
145]
146[\c
147.BR \-V \c
148]
149[\c
150.BI \-o \ option\fR\c
151]
152[\c
153.BI \-p \ port\fR\c
154]
155[\c
156.BR \-q \c
157]
158[\c
159.BR \-P \c
160]
161[\c
162.BR \-t \c
163]
164[\c
165.BR \-v \c
166]
167[\c
168.BR \-x \c
169]
170[\c
171.BR \-C \c
172]
173[\c
174.BR \-g \c
175]
176[\c
177.BI \-L \ port\fB:\fIhost\fB:\fIhostport\fR\c
178]
179[\c
180.BI \-R \ port\fB:\fIhost\fB:\fIhostport\fR\c
181]
182.I hostname
183[\c
184.IR command \c
185]
186
187.SH DESCRIPTION
188.LP
189.B Ssh
190(Secure Shell) a program for logging into a remote machine and for
191executing commands in a remote machine.  It is intended to replace
192rlogin and rsh, and provide secure encrypted communications between
193two untrusted hosts over an insecure network.  X11 connections and
194arbitrary TCP/IP ports can also be forwarded over the secure channel.
195.LP
196.B Ssh
197connects and logs into the specified
198.IR hostname . 
199The user must prove
200his/her identity to the remote machine using one of several methods.
201.LP
202First, if the machine the user logs in from is listed in
203.I /etc/hosts.equiv
204or
205.I @ETCDIR@/shosts.equiv
206on the remote machine, and the user names are
207the same on both sides, the user is immediately permitted to log in.
208Second, if
209.I \&\s+2.\s0rhosts
210or
211.I \&\s+2.\s0shosts
212exists in the user's home directory on the
213remote machine and contains a line containing the name of the client
214machine and the name of the user on that machine, the user is
215permitted to log in.  This form of authentication alone is normally not
216allowed by the server because it is not secure.
217.LP
218The second (and primary) authentication method is the
219.B rhosts
220or
221.B hosts.equiv
222method combined with RSA-based host authentication.  It
223means that if the login would be permitted by
224.I \&\s+2.\s0rhosts\c
225\|,
226.I \&\s+2.\s0shosts\c
227\|,
228.IR /etc/hosts.equiv\c
229\|,
230or
231.IR @ETCDIR@/shosts.equiv ",
232and additionally it can verify the client's
233host key (see
234.I \&$HOME/\s+2.\s0ssh/known_hosts
235and
236.I @ETCDIR@/ssh_known_hosts
237in the
238.B \s-1FILES\s0
239section), only then login is
240permitted.  This authentication method closes security holes due to IP
241spoofing, DNS spoofing and routing spoofing.  [Note to the
242administrator:
243.IR /etc/hosts.equiv ",
244.IR \&\s+2.\s0rhosts ",
245and the rlogin/rsh protocol in general, are inherently insecure and should be
246disabled if security is desired.]
247.LP
248As a third authentication method,
249.B ssh
250supports RSA based authentication.
251The scheme is based on public-key cryptography: there are cryptosystems
252where encryption and decryption are done using separate keys, and it
253is not possible to derive the decryption key from the encryption key.
254RSA is one such system.  The idea is that each user creates a public/private
255key pair for authentication purposes.  The
256server knows the public key, and only the user knows the private key.
257The file
258.I \&$HOME/\s+2.\s0ssh/authorized_keys
259lists the public keys that are permitted for logging
260in.  When the user logs in, the
261.B ssh
262program tells the server which key pair it would like to use for
263authentication.  The server checks if this key is permitted, and if
264so, sends the user (actually the
265.B ssh
266program running on behalf of the user) a challenge, a random number,
267encrypted by the user's public key.  The challenge can only be
268decrypted using the proper private key.  The user's client then decrypts the
269challenge using the private key, proving that he/she knows the private
270key but without disclosing it to the server.
271.LP
272.B Ssh
273implements the RSA authentication protocol automatically.  The user
274creates his/her RSA key pair by running
275.BR ssh-keygen (1).
276This stores the private key in
277.I \&\s+2.\s0ssh/identity
278and the public key in
279.I \&\s+2.\s0ssh/identity.pub
280in the user's home directory.  The user should then
281copy the
282.I identity.pub
283to
284.I \&\s+2.\s0ssh/authorized_keys
285in his/her home directory on the remote machine (the
286.I authorized_keys
287file corresponds to the conventional
288.I \&\s+2.\s0rhosts
289file, and has one key
290per line, though the lines can be very long).  After this, the user
291can log in without giving the password.  RSA authentication is much
292more secure than rhosts authentication.
293.LP
294The most convenient way to use RSA authentication may be with an
295authentication agent.  See
296.BR ssh-agent (1)
297for more information.
298.LP
299As a fourth authentication method,
300.B ssh
301supports authentication through TIS authentication server. The idea is
302that
303.B ssh
304asks TIS
305.BR authsrv (8)
306to authenticate the user. Sometime, usernames in the TIS database
307cannot be the same as the local users. This can be the case if the user
308authenticates itself with a smartcard or a Digipass. In that case, the
309username in the database is usually known as the serial number of the
310authentification device. The file
311.I @ETCDIR@/sshd_tis.map
312contains the mapping between local users and their corresponding name
313in the TIS database. If the file does not
314exist or the user is not found, the corresponding name in the TIS
315database is supposed to be the same.
316.LP
317If other authentication methods fail,
318.B ssh
319prompts the user for a password.  The password is sent to the remote
320host for checking; however, since all communications are encrypted,
321the password cannot be seen by someone listening on the network.
322.LP
323When the user's identity has been accepted by the server, the server
324either executes the given command, or logs into the machine and gives
325the user a normal shell on the remote machine.  All communication with
326the remote command or shell will be automatically encrypted.
327.LP
328If a pseudo-terminal has been allocated (normal login session), the
329user can disconnect with "~.", and suspend
330.B ssh
331with "~^Z".  All forwarded connections can be listed with "~#", and if
332the session blocks waiting for forwarded X11 or TCP/IP
333connections to terminate, it can be backgrounded with "~&" (this
334should not be used while the user shell is active, as it can cause the
335shell to hang).  All available escapes can be listed with "~?".
336.LP
337A single tilde character can be sent as "~~" (or by
338following the tilde by a character other than those described above).
339The escape character must always follow a newline to be interpreted as
340special.  The escape character can be changed in configuration files
341or on the command line. 
342.LP
343If no pseudo tty has been allocated, the
344session is transparent and can be used to reliably transfer binary
345data.  On most systems, setting the escape character to ``none'' will
346also make the session transparent even if a tty is used.
347.LP
348The session terminates when the command or shell in on the remote
349machine exists and all X11 and TCP/IP connections have been closed.
350The exit status of the remote program is returned as the exit status
351of
352.B ssh.
353.LP
354If the user is using X11 (the
355.B \s-1DISPLAY\s0
356environment variable is set), the connection to the X11 display is
357automatically forwarded to the remote side in such a way that any X11
358programs started from the shell (or command) will go through the
359encrypted channel, and the connection to the real X server will be made
360from the local machine.  The user should not manually set
361.BR \s-1DISPLAY\s0 ".
362Forwarding of X11 connections can be
363configured on the command line or in configuration files.
364.LP
365The DISPLAY value set by
366.B ssh
367will point to the server machine, but with a display number greater
368than zero.  This is normal, and happens because
369.B ssh
370creates a "proxy" X server on the server machine for forwarding the
371connections over the encrypted channel.
372.LP
373.B Ssh
374will also automatically set up Xauthority data on the server machine.
375For this purpose, it will generate a random authorization cookie,
376store it in Xauthority on the server, and verify that any forwarded
377connections carry this cookie and replace it by the real cookie when
378the connection is opened.  The real authentication cookie is never
379sent to the server machine (and no cookies are sent in the plain).
380.LP
381If the user is using an authentication agent, the connection to the agent
382is automatically forwarded to the remote side unless disabled on
383command line or in a configuration file.
384.LP
385Forwarding of arbitrary TCP/IP connections over the secure channel can
386be specified either on command line or in a configuration file.  One
387possible application of TCP/IP forwarding is a secure connection to an
388electronic purse; another is going trough firewalls.
389.LP
390.B Ssh
391automatically maintains and checks a database containing RSA-based
392identifications for all hosts it has ever been used with.  The
393database is stored in
394.I \&\s+2.\s0ssh/known_hosts
395in the user's home directory.  Additionally, the file
396.I @ETCDIR@/ssh_known_hosts
397is automatically checked for known hosts.  Any new hosts are
398automatically added to the user's file.  If a host's identification
399ever changes,
400.B ssh
401warns about this and disables password authentication to prevent a
402trojan horse from getting the user's password.  Another purpose of
403this mechanism is to prevent man-in-the-middle attacks which could
404otherwise be used to circumvent the encryption.  The
405.B StrictHostKeyChecking
406option (see below) can be used to prevent logins to machines whose
407host key is not known or has changed.
408
409
410.ne 5
411.SH OPTIONS
412.TP
413.B \-a
414Disables forwarding of the authentication agent connection.  This may
415also be specified on a per-host basis in the configuration file.
416.ne 3
417.TP
418.BI \-c \ \fIidea\fR\||\|\fIdes\fR\||\|\fI3des\fR\||\|\fIblowfish\fR\||\|\fIarcfour\fR\||\|\fInone\fR
419Selects the cipher to use for encrypting the session.
420.B \s-1idea\s0
421is used by default.  It is believed to be secure.
422.B \s-1des\s0
423is the data encryption standard, but is breakable by
424governments, large corporations, and major criminal organizations.
425.B \s-13des\s0
426(triple-des) is encrypt-decrypt-encrypt triple with three different
427keys.  It is presumably more secure than
428DES.  It is used as default if both sites do not support IDEA.
429.B \s-1blowfish\s0
430is an encryption algorithm invented by Bruce Schneier.  It uses 128
431bit keys.
432.B \s-1arcfour\s0
433is an algorithm published in the Usenet News in 1995.
434This algorithm is believed to be equivalent with the RC4 cipher from
435RSA Data Security (RC4 is a trademark of RSA Data Security).  This is
436the fastest algorithm currently supported.
437.B none
438disables encryption entirely; it is only intended for debugging, and
439it renders the connection insecure.
440.ne 3
441.TP
442.B \-e \fIch\fR\||\|\fI^ch\fR\||\|\fInone\fR
443Sets the escape character for sessions with a pty (default: ~).  The
444escape character is only recognized at the beginning of a line.  The
445escape character followed by a dot (.) closes the connection, followed
446by control-Z suspends the connection, and followed by itself sends the
447escape character once.  Setting the character to \'none\' disables any
448escapes and makes the session fully transparent.
449.ne 3
450.TP
451.B \-f
452Requests ssh to go to background after authentication is done and
453forwardings have been established.  This is useful if ssh is going to
454ask for passwords or passphrases, but the user wants it in the
455background.  This may also be useful in scripts.  This implies
456.B \-n.
457The recommended way to start X11 programs at a remote site is with
458something like "ssh -f host xterm".
459.ne 3
460.TP
461.BI \-i \ identity_file
462Selects the file from which the identity (private key) for
463.B \s-1RSA\s0
464authentication is read.  Default is
465.I \&\s+2.\s0ssh/identity
466in the user's home directory.  Identity files may also be specified on
467a per-host basis in the configuration file.  It is possible to have
468multiple \-i options (and multiple identities specified in
469configuration files).
470.ne 3
471.TP
472.B \-k
473Disables forwarding of the kerberos tickets.  This may
474also be specified on a per-host basis in the configuration file.
475.ne 3
476.TP
477.BI -l \ login_name
478Specifies the user to log in as on the remote machine.  This may also
479be specified on a per-host basis in the configuration file.
480.ne 3
481.TP
482.B \-n
483Redirects stdin from /dev/null (actually, prevents reading from stdin).
484This must be used when
485.B ssh
486is run in the background.  A common trick is to use this to run X11
487programs in a remote machine.  For example, "ssh -n shadows.cs.hut.fi
488emacs &" will start an emacs on shadows.cs.hut.fi, and the X11
489connection will be automatically forwarded over an encrypted channel.
490The
491.B ssh
492program will be put in the background.
493(This does not work if
494.B ssh
495needs to ask for a password or passphrase; see also the -f option.)
496.ne 3
497.TP
498.BI \-o "\ 'option'
499Can be used to give options in the format used in the config file.
500This is useful for specifying options for which there is no separate
501command-line flag.  The option has the same format as a line in the
502configuration file.
503.ne 3
504.TP
505.BI \-p "\ port
506Port to connect to on the remote host.  This can be specified on a
507per-host basis in the configuration file.
508.ne 3
509.TP
510.B \-q
511Quiet mode.  Causes all warning and diagnostic messages to be
512suppressed.  Only fatal errors are displayed.
513.ne 3
514.TP
515.B \-P
516Use non privileged port. With this you cannot use rhosts or rsarhosts
517authentications, but it can be used to bypass some firewalls that dont
518allow privileged source ports to pass.
519.ne 3
520.TP
521.B \-t
522Force pseudo-tty allocation.  This can be used to execute arbitary
523screen-based programs on a remote machine, which can be very useful
524e.g. when implementing menu services.
525.ne 3
526.TP
527.B \-v
528Verbose mode.  Causes
529.B ssh
530to print debugging messages about its progress.  This is helpful in
531debugging connection, authentication, and configuration problems.
532.ne 3
533.TP
534.B \-V
535Print only version number and exit.
536.ne 3
537.TP
538.B \-g
539Allows remote hosts to connect local port forwarding ports. The
540default is that only localhost may connect to locally binded ports.
541.ne 3
542.TP
543.B \-x
544Disables X11 forwarding.  This can also be specified on a per-host
545basis in a configuration file.
546.ne 3
547.TP
548.B \-C
549Requests compression of all data (including stdin, stdout, stderr, and
550data for forwarded X11 and TCP/IP connections).  The compression
551algorithm is the same used by gzip, and the "level" can be controlled
552by the
553.B CompressionLevel
554option (see below).  Compression is desirable on modem lines and other
555slow connections, but will only slow down things on fast networks.
556The default value can be set on a host-by-host basis in the
557configuration files; see the
558.B Compress
559option below.
560.ne 3
561.TP
562.BI \-L "\ port:host:hostport
563Specifies that the given port on the local (client) host is to be
564forwarded to the given host and port on the remote side.  This works
565by allocating a socket to listen to
566.B port
567on the local side, and whenever a connection is made to this port, the
568connection is forwarded over the secure channel, and a connection is
569made to
570.B host:hostport
571from the remote machine.  Port forwardings can also be specified in the
572configuration file.  Only root can forward privileged ports.
573.ne 3
574.TP
575.BI \-R "\ port:host:hostport
576Specifies that the given port on the remote (server) host is to be
577forwarded to the given host and port on the local side.  This works
578by allocating a socket to listen to
579.B port
580on the remote side, and whenever a connection is made to this port, the
581connection is forwarded over the secure channel, and a connection is
582made to
583.B host:hostport
584from the local machine.  Port forwardings can also be specified in the
585configuration file.  Privileged ports can be forwarded only when
586logging in as root on the remote machine.
587
588.SH CONFIGURATION FILES
589.LP
590.B Ssh
591obtains configuration data from the following sources (in this order):
592command line options, user's configuration file
593(\fI\&$HOME/\s+2.\s0ssh/config\fR), and system-wide configuration file
594(\fI@ETCDIR@/ssh_config\fR).  For each parameter, the first obtained value
595will be used.  The configuration files contain sections bracketed by
596"Host" specifications, and that section is only applied for hosts that
597match one of the patterns given in the specification.  The matched
598host name is the one given on the command line.
599.LP
600Since the first obtained value for each parameter is used, more
601host-specific declarations should be given near the beginning of the
602file, and general defaults at the end.
603.LP
604The configuration file has the following format:
605.IP
606Empty lines and lines starting with \'#\' are comments.
607.IP
608Otherwise a line is of the format "keyword arguments" or "keyword =
609arguments".  The possible keywords and their meanings are as follows
610(note that the configuration files are case-sensitive, but keywords
611are case-insensitive):
612.ne 3
613.TP
614.de YN
615"\fByes\fR" or "\fBno\fR".
616..
617
618.B Host
619Restricts the following declarations (up to the next
620.B Host
621keyword) to be only for those hosts that match one of the patterns
622given after the keyword.  \'*\' and \'?\' can be as wildcards in the
623patterns.  A single \'*\' as a pattern can be used to provide global
624defaults for all hosts.  The host is the
625.IR hostname
626argument given on the command line (i.e., the name is not converted to
627a canonicalized host name before matching).
628.ne 3
629
630.TP
631.B BatchMode
632If set to "yes", passphrase/password querying will be disabled.  This
633option is useful in scripts and other batch jobs where you have no
634user to supply the password.  The argument must be
635.YN
636.ne 3
637
638.TP
639.B Cipher
640Specifies the cipher to use for encrypting the session.  Currently,
641.IR idea ",
642.IR des ",
643.IR 3des ",
644.IR blowfish ",
645.IR arcfour ",
646and
647.I none
648are supported.  The default is "idea" (or "3des" if "idea" is not
649supported by both hosts).  Using "none" (no encryption) is intended
650only for debugging, and will render the connection insecure.
651.ne 3
652
653.TP
654.B ClearAllForwardings
655Clears all forwardings after reading all config files and parsing
656command line. This is usefull to disable forwardings in config file
657when you want to make second connection to host having forwardings in
658config file. Scp sets this on by default so it will not fail even if
659you have some forwardings set in config file.
660.ne 3
661
662.TP
663.B Compression
664Specifies whether to use compression.  The argument must be
665.YN
666.ne 3
667
668.TP
669.B CompressionLevel
670Specifies the compression level to use if compression is enable.  The
671argument must be an integer from 1 (fast) to 9 (slow, best).  The
672default level is 6, which is good for most applications.  The meaning
673of the values is the same as in GNU GZIP.
674.ne 3
675
676.TP
677.B ConnectionAttempts
678Specifies the number of tries (one per second) to make before falling
679back to rsh or exiting.  The argument must be an integer.  This may be
680useful in scripts if the connection sometimes fails.
681.ne 3
682
683.TP
684.B EscapeChar
685Sets the escape character (default: ~).  The escape character can also
686be set on the command line.  The argument should be a single
687character, \'^\' followed by a letter, or ``none'' to disable the escape
688character entirely (making the connection transparent for binary
689data).
690.ne 3
691
692.TP
693.B FallBackToRsh
694Specifies that if connecting via
695.B ssh
696fails due to a connection refused error (there is no
697.B sshd
698listening on the remote host),
699.B rsh
700should automatically be used instead (after a suitable warning about
701the session being unencrypted).  The argument must be
702.YN
703.ne 3
704
705.TP
706.B ForwardAgent
707Specifies whether the connection to the authentication agent (if any)
708will be forwarded to the remote machine.  The argument must be
709.YN
710.ne 3
711
712.TP
713.B ForwardX11
714Specifies whether X11 connections will be automatically redirected
715over the secure channel and
716.B \s-1DISPLAY\s0
717set.  The argument must be
718.YN
719.ne 3
720
721.TP
722.B GatewayPorts
723Specifies that also remote hosts may connect to locally forwarded
724ports.  The argument must be
725.YN
726.ne 3
727
728.TP
729.B GlobalKnownHostsFile
730Specifies a file to use instead of
731.IR @ETCDIR@/ssh_known_hosts ".
732.ne 3
733
734.TP
735.B HostName
736Specifies the real host name to log into.  This can be used to specify
737nicnames or abbreviations for hosts.  Default is the name given on the
738command line.  Numeric IP addresses are also permitted (both on the
739command line and in
740.B HostName
741specifications).
742.ne 3
743
744.TP
745.B IdentityFile
746Specifies the file from which the user's RSA authentication identity
747is read (default \fI\s+2.\s0ssh/identity\fR in the user's home directory).
748Additionally, any identities represented by the authentication agent
749will be used for authentication.  The file name may use the tilde
750syntax to refer to a user's home directory.  It is possible to have
751multiple identity files specified in configuration files; all these
752identities will be tried in sequence.
753.ne 3
754
755.TP
756.B KeepAlive
757Specifies whether the system should send keepalive messages to the
758other side.  If they are sent, death of the connection or crash of one
759of the machines will be properly noticed.  However, this means that
760connections will die if the route is down temporarily, and some people
761find it annoying. 
762
763The default is "yes" (to send keepalives), and the client will notice
764if the network goes down or the remote host dies.  This is important
765in scripts, and many users want it too.
766
767To disable keepalives, the value should be set to "no" in both the
768server and the client configuration files.
769.ne 3
770
771.TP
772.B KerberosAuthentication
773Specifies whether Kerberos V5 authentication will be used.
774
775.TP
776.B KerberosTgtPassing
777Specifies whether a Kerberos V5 TGT will be forwarded to the server.
778
779.TP
780.B LocalForward
781Specifies that a TCP/IP port on the local machine be forwarded over
782the secure channel to given host:port from the remote machine.  The
783first argument must be a port number, and the second must be
784host:port.  Multiple forwardings may be specified, and additional
785forwardings can be given on the command line.  Only the root can
786forward privileged ports.
787.ne 3
788
789.TP
790.B NumberOfPasswordPrompts
791Specifies number of password prompts before giving up. The argument to
792must be integer. Note that server also limits number of attempts
793(currently 5), so setting this larger doesn't have any effect. Default
794value is one.
795.ne 3
796
797.TP
798.B PasswordAuthentication
799Specifies whether to use password authentication.  The argument to
800this keyword must be
801.YN
802.ne 3
803
804.TP
805.B PasswordPromptHost
806Specifies whether to include the remote host name in the password prompt.
807The argument to this keyword must be
808.YN
809.ne 3
810
811.TP
812.B PasswordPromptLogin
813Specifies whether to include the remote login name in the password prompt.
814The argument to this keyword must be
815.YN
816.ne 3
817
818.TP
819.B Port
820Specifies the port number to connect on the remote host.  Default is
82122.
822.ne 3
823
824.TP
825.B ProxyCommand
826Specifies the command to use to connect to the server.  The command
827string extends to the end of the line, and is executed with /bin/sh.
828In the command string, %h will be substituted by the host name to
829connect and %p by the port.  The command can be basically anything,
830and should read from its stdin and write to its stdout.  It should
831eventually connect an
832.B sshd
833server running on some machine, or execute
834"sshd -i" somewhere.  Host key management will be done using the
835HostName of the host being connected (defaulting to the name typed by
836the user).
837
838Note that
839.B ssh
840can also be configured to support the SOCKS system using the
841--with-socks4 or --with-socks5 compile-time configuration option.
842.ne 3
843
844.TP
845.B RemoteForward
846Specifies that a TCP/IP port on the remote machine be forwarded over
847the secure channel to given host:port from the local machine.  The
848first argument must be a port number, and the second must be
849host:port.  Multiple forwardings may be specified, and additional
850forwardings can be given on the command line.  Only the root can
851forward privileged ports.
852.ne 3
853
854.TP
855.B RhostsAuthentication
856Specifies whether to try rhosts based authentication.  Note that this
857declaration only affects the client side and has no effect whatsoever
858on security.  Disabling rhosts authentication may reduce
859authentication time on slow connections when rhosts authentication is
860not used.  Most servers do not permit RhostsAuthentication because it
861is not secure (see RhostsRSAAuthentication).  The argument to this
862keyword must be
863.YN
864.ne 3
865
866.TP
867.B RhostsRSAAuthentication
868Specifies whether to try rhosts based authentication with RSA host
869authentication.  This is the primary authentication method for most
870sites.  The argument must be
871.YN
872.ne 3
873
874.TP
875.B RSAAuthentication
876Specifies whether to try RSA authentication.  The argument to this
877keyword must be
878.YN
879RSA authentication will only be
880attempted if the identity file exists, or an authentication agent is
881running.
882.ne 3
883
884.TP
885.B StrictHostKeyChecking
886If this flag is set to "yes",
887.B ssh
888ssh will never automatically add host keys to the
889.I $HOME/.ssh/known_hosts
890file, and refuses to connect hosts whose host key has changed.  This
891provides maximum protection against trojan horse attacks.  However, it
892can be somewhat annoying if you don't have good
893.I @ETCDIR@/ssh_known_hosts
894files installed and frequently connect new hosts. Basically this
895option forces the user to manually add any new hosts. Normally this
896option is set to "ask", and new hosts will automatically be added to
897the known host files after you have confirmed you really want to do
898that. If this is set to "no" then new host will automatically be added
899to the known host files. The host keys of known hosts will be verified
900automatically in either case.
901
902The argument must be
903"\fByes\fR", "\fBno\fR" or "\fBask\fR".
904.ne 3
905
906.TP
907.B TISAuthentication
908Specifies whether to try TIS authentication.  The argument to this
909keyword must be
910.YN
911.ne 3
912
913.TP
914.B UsePrivilegedPort
915Specifies whether to use privileged port when connecting to other
916end. The default is yes if rhosts or rsarhosts authentications are
917enabled.
918.ne 3
919
920.TP
921.B User
922Specifies the user to log in as.  This can be useful if you have a
923different user name in different machines.  This saves the trouble of
924having to remember to give the user name on the command line.
925.ne 3
926
927.TP
928.B UserKnownHostsFile
929Specifies a file to use instead of \fI$HOME/\s+2.\s0ssh/known_hosts\fR.
930.ne 3
931
932.TP
933.B UseRsh
934Specifies that rlogin/rsh should be used for this host.  It is
935possible that the host does not at all support the
936.B ssh
937protocol.  This causes
938.B ssh
939to immediately exec
940.B rsh.
941All other options (except
942.BR HostName )
943are ignored if this has been specified.  The argument must be
944.YN
945.ne 3
946
947.TP
948.B XAuthLocation
949Specifies the path to xauth program.
950.ne 3
951
952.SH ENVIRONMENT
953.LP
954.B Ssh
955will normally set the following environment variables:
956.TP
957.B DISPLAY
958The DISPLAY variable indicates the location of the X11 server.  It is
959automatically set by
960.B ssh
961to point to a value of the form "hostname:n" where hostname indicates
962the host where the shell runs, and n is an integer >= 1.  Ssh uses
963this special value to forward X11 connections over the secure
964channel.  The user should normally not set DISPLAY explicitly, as that
965will render the X11 connection insecure (and will require the user to
966manually copy any required authorization cookies).
967.ne 3
968.TP
969.B HOME
970Set to the path of the user's home directory.
971.ne 3
972.TP
973.B LOGNAME
974Synonym for USER; set for compatibility with systems that use
975this variable.
976.ne 3
977.TP
978.B MAIL
979Set to point the user's mailbox.
980.ne 3
981.TP
982.B PATH
983Set to the default PATH, as specified when compiling
984.B ssh
985or, on some systems,
986.I /etc/environment
987or
988.IR /etc/default/login ".
989.ne 3
990.TP
991.B SSH_AUTH_SOCK
992if exists, is used to indicate the path of a unix-domain socket used
993to communicate with the authentication agent (or its local
994representative).
995.ne 3
996.TP
997.B SSH_CLIENT
998Identifies the client end of the connection.  The variable contains
999three space-separated values: client ip-address, client port number,
1000and server port number.
1001.ne 3
1002.TP
1003.B SSH_ORIGINAL_COMMAND
1004This will be the original command line of given by protocol if forced
1005command is run. It can be used to fetch arguments etc from the other
1006end.
1007.ne 3
1008.TP
1009.B SSH_TTY
1010This is set to the name of the tty (path to the device) associated
1011with the current shell or command.  If the current session has no tty,
1012this variable is not set.
1013.ne 3
1014.TP
1015.B TZ
1016The timezone variable is set to indicate the present timezone if it
1017was set when the daemon was started (e.i., the daemon passes the value
1018on to new connections).
1019.ne 3
1020.TP
1021.B USER
1022Set to the name of the user logging in.
1023.LP
1024.RT
1025Additionally,
1026.B ssh
1027reads
1028.I /etc/environment
1029and
1030.IR $HOME/.ssh/environment ",
1031and adds lines of
1032the format
1033.I VARNAME=value
1034to the environment.  Some systems may have
1035still additional mechanisms for setting up the environment, such as
1036.I /etc/default/login
1037on Solaris.
1038
1039.ne 3
1040.SH FILES
1041.TP
1042.I \&$HOME/\s+2.\s0ssh/known_hosts
1043Records host keys for all hosts the user has logged into (that are not
1044in \fI@ETCDIR@/ssh_known_hosts\fR).  See
1045.B sshd
1046manual page.
1047.ne 3
1048.TP
1049.I \&$HOME/\s+2.\s0ssh/random_seed
1050Used for seeding the random number generator.  This file contains
1051sensitive data and should read/write for the user and not accessible
1052for others.  This file is created the first time the program is run
1053and updated automatically.  The user should never need to read or
1054modify this file.
1055.ne 5
1056.TP
1057.I \&$HOME/\s+2.\s0ssh/identity
1058Contains the RSA authentication identity of the user.  This file
1059contains sensitive data and should be readable by the user but not
1060accessible by others.  It is possible to specify a passphrase when
1061generating the key; the passphrase will be used to encrypt the
1062sensitive part of this file using
1063.BR \s-1IDEA\s0 ".
1064.ne 3
1065.TP
1066.I \&$HOME/\s+2.\s0ssh/identity.pub
1067Contains the public key for authentication (public part of the
1068identity file in human-readable form).  The contents of this file
1069should be added to \fI$HOME/\s+2.\s0ssh/authorized_keys\fR on all machines
1070where you wish to log in using RSA authentication.  This file is not
1071sensitive and can (but need not) be readable by anyone.  This file is
1072never used automatically and is not necessary; it is only provided for
1073the convenience of the user.
1074.ne 3
1075.TP
1076.I \&$HOME/\s+2.\s0ssh/config
1077This is the per-user configuration file.  The format of this file is
1078described above.  This file is used by the
1079.B ssh
1080client.  This file does not usually contain any sensitive information,
1081but the recommended permissions are read/write for the user, and not
1082accessible by others.
1083.ne 3
1084.TP
1085.I \&$HOME/\s+2.\s0ssh/authorized_keys
1086Lists the RSA keys that can be used for logging in as this user.  The
1087format of this file is described in the
1088.B sshd
1089manual page.  In the simplest form the format is the same as the .pub
1090identity files (that is, each line contains the number of bits in
1091modulus, public exponent, modulus, and comment fields, separated by
1092spaces).  This file is not highly sensitive, but the recommended
1093permissions are read/write for the user, and not accessible by others.
1094.ne 3
1095.TP
1096.I @ETCDIR@/ssh_known_hosts
1097Systemwide list of known host keys.  This file should be prepared by the
1098system administrator to contain the public host keys of all machines in the
1099organization.  This file should be world-readable.  This file contains
1100public keys, one per line, in the following format (fields separated
1101by spaces): system name, number of bits in modulus, public exponent,
1102modulus, and optional comment field.  When different names are used
1103for the same machine, all such names should be listed, separated by
1104commas.  The format is described on the
1105.B sshd
1106manual page.
1107.IP
1108The canonical system name (as returned by name servers) is used by
1109.B sshd
1110to verify the client host when logging in; other names are needed because
1111.B ssh
1112does not convert the user-supplied name to a canonical name before
1113checking the key, because someone with access to the name servers
1114would then be able to fool host authentication.
1115.ne 3
1116.TP
1117.I @ETCDIR@/ssh_config
1118Systemwide configuration file.  This file provides defaults for those
1119values that are not specified in the user's configuration file, and
1120for those users who do not have a configuration file.  This file must
1121be world-readable.
1122.ne 3
1123.TP
1124.I $HOME/\s+2.\s0rhosts
1125This file is used in \s+2.\s0rhosts authentication to list the
1126host/user pairs that are permitted to log in.  (Note that this file is
1127also used by rlogin and rsh, which makes using this file insecure.)
1128Each line of the file contains a host name (in the canonical form
1129returned by name servers), and then a user name on that host,
1130separated by a space.  This file must be owned by the user,
1131and must not have write permissions for anyone else.  The recommended
1132permission is read/write for the user, and not accessible by others.
1133.IP
1134Note that by default
1135.B sshd
1136will be installed so that it requires successful RSA host
1137authentication before permitting \s+2.\s0rhosts authentication.  If your
1138server machine does not have the client's host key in
1139\fI@ETCDIR@/ssh_known_hosts\fR, you can store it in
1140\fI$HOME/\s+2.\s0ssh/known_hosts\fR.  The easiest way to do this is to
1141connect back to the client from the server machine using ssh; this
1142will automatically add the host key in \fI$HOME/\s+2.\s0ssh/known_hosts\fR.
1143.ne 3
1144.TP
1145.I $HOME/\s+2.\s0shosts
1146This file is used exactly the same way as \s+2.\s0rhosts.  The purpose for
1147having this file is to be able to use rhosts authentication with
1148.B ssh
1149without permitting login with rlogin or rsh.
1150.ne 3
1151.TP
1152.I /etc/hosts.equiv
1153This file is used during \s+2.\s0rhosts authentication.  It contains
1154canonical hosts names, one per line (the full format is described on
1155the
1156.B sshd
1157manual page).  If the client host is found in this file, login is
1158automatically permitted provided client and server user names are the
1159same.  Additionally, successful RSA host authentication is normally
1160required.  This file should only be writable by root.
1161.TP
1162.I @ETCDIR@/shosts.equiv
1163This file is processed exactly as
1164.IR /etc/hosts.equiv ". 
1165This file may be useful to permit logins using
1166.B ssh
1167but not using rsh/rlogin.
1168.ne 3
1169.TP
1170.I @ETCDIR@/sshrc
1171Commands in this file are executed by
1172.B ssh
1173when the user logs in just before the user's shell (or command) is started.
1174See the
1175.B sshd
1176manual page for more information.
1177.ne 3
1178.TP
1179.I $HOME/.ssh/rc
1180Commands in this file are executed by
1181.B ssh
1182when the user logs in just before the user's shell (or command) is
1183started.
1184See the
1185.B sshd
1186manual page for more information.
1187
1188.SH INSTALLATION
1189.LP
1190.B Ssh
1191is normally installed as suid root.  It needs root privileges only for
1192rhosts authentication (rhosts authentication requires that the
1193connection must come from a privileged port, and allocating such a
1194port requires root privileges).  It also needs to be able to read
1195\fI@ETCDIR@/ssh_host_key\fR to perform
1196.B \s-1RSA\s0
1197host authentication.  It is possible to use
1198.B ssh
1199without root privileges, but rhosts authentication will then be
1200disabled. 
1201.B Ssh
1202drops any extra privileges immediately after the connection to the
1203remote host has been made.
1204.LP
1205Considerable work has been put into making
1206.B ssh
1207secure.  However, if you find a security problem, please report it
1208immediately to <ssh-bugs@cs.hut.fi>.
1209
1210
1211.SH AUTHOR
1212.LP
1213Tatu Ylonen <ylo@ssh.fi>
1214.LP
1215Information about new releases, mailing lists, and other related
1216issues can be found from the ssh WWW home page at
1217http://www.cs.hut.fi/ssh.
1218
1219.SH SEE ALSO
1220.BR sshd (8),
1221.BR ssh-keygen (1),
1222.BR ssh-agent (1),
1223.BR ssh-add (1),
1224.BR scp (1),
1225.BR make-ssh-known-hosts (1),
1226.BR rlogin (1),
1227.BR rsh (1),
1228.BR telnet (1)
Note: See TracBrowser for help on using the repository browser.