]>
Commit | Line | Data |
---|---|---|
0fff78ff | 1 | .\" $OpenBSD: ssh-keysign.8,v 1.7 2003/06/10 09:12:11 jmc Exp $ |
f5799ae1 | 2 | .\" |
3 | .\" Copyright (c) 2002 Markus Friedl. All rights reserved. | |
4 | .\" | |
5 | .\" Redistribution and use in source and binary forms, with or without | |
6 | .\" modification, are permitted provided that the following conditions | |
7 | .\" are met: | |
8 | .\" 1. Redistributions of source code must retain the above copyright | |
9 | .\" notice, this list of conditions and the following disclaimer. | |
10 | .\" 2. Redistributions in binary form must reproduce the above copyright | |
11 | .\" notice, this list of conditions and the following disclaimer in the | |
12 | .\" documentation and/or other materials provided with the distribution. | |
13 | .\" | |
14 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
15 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
16 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
17 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
18 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
19 | .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
20 | .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
21 | .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
24 | .\" | |
25 | .Dd May 24, 2002 | |
26 | .Dt SSH-KEYSIGN 8 | |
27 | .Os | |
28 | .Sh NAME | |
29 | .Nm ssh-keysign | |
30 | .Nd ssh helper program for hostbased authentication | |
31 | .Sh SYNOPSIS | |
32 | .Nm | |
33 | .Sh DESCRIPTION | |
34 | .Nm | |
35 | is used by | |
36 | .Xr ssh 1 | |
37 | to access the local host keys and generate the digital signature | |
38 | required during hostbased authentication with SSH protocol version 2. | |
41b2f314 | 39 | .Pp |
40 | .Nm | |
41 | is disabled by default and can only be enabled in the | |
6a9b3198 | 42 | global client configuration file |
41b2f314 | 43 | .Pa /etc/ssh/ssh_config |
44 | by setting | |
6a9b3198 | 45 | .Cm EnableSSHKeysign |
41b2f314 | 46 | to |
47 | .Dq yes . | |
48 | .Pp | |
f5799ae1 | 49 | .Nm |
50 | is not intended to be invoked by the user, but from | |
51 | .Xr ssh 1 . | |
52 | See | |
53 | .Xr ssh 1 | |
54 | and | |
55 | .Xr sshd 8 | |
56 | for more information about hostbased authentication. | |
57 | .Sh FILES | |
58 | .Bl -tag -width Ds | |
41b2f314 | 59 | .It Pa /etc/ssh/ssh_config |
60 | Controls whether | |
61 | .Nm | |
62 | is enabled. | |
f5799ae1 | 63 | .It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key |
64 | These files contain the private parts of the host keys used to | |
6a9b3198 | 65 | generate the digital signature. |
66 | They should be owned by root, readable only by root, and not | |
f5799ae1 | 67 | accessible to others. |
68 | Since they are readable only by root, | |
69 | .Nm | |
70 | must be set-uid root if hostbased authentication is used. | |
71 | .El | |
72 | .Sh SEE ALSO | |
73 | .Xr ssh 1 , | |
74 | .Xr ssh-keygen 1 , | |
41b2f314 | 75 | .Xr ssh_config 5 , |
f5799ae1 | 76 | .Xr sshd 8 |
f5799ae1 | 77 | .Sh HISTORY |
78 | .Nm | |
79 | first appeared in | |
80 | .Ox 3.2 . | |
0fff78ff | 81 | .Sh AUTHORS |
82 | .An Markus Friedl Aq markus@openbsd.org |