]>
Commit | Line | Data |
---|---|---|
1 | .\" $OpenBSD: ssh-keysign.8,v 1.8 2006/02/24 20:22:16 jmc Exp $ | |
2 | .\" | |
3 | .\" Copyright (c) 2002 Markus Friedl. All rights reserved. | |
4 | .\" | |
5 | .\" Redistribution and use in source and binary forms, with or without | |
6 | .\" modification, are permitted provided that the following conditions | |
7 | .\" are met: | |
8 | .\" 1. Redistributions of source code must retain the above copyright | |
9 | .\" notice, this list of conditions and the following disclaimer. | |
10 | .\" 2. Redistributions in binary form must reproduce the above copyright | |
11 | .\" notice, this list of conditions and the following disclaimer in the | |
12 | .\" documentation and/or other materials provided with the distribution. | |
13 | .\" | |
14 | .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
15 | .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES | |
16 | .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. | |
17 | .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, | |
18 | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | |
19 | .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | |
20 | .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | |
21 | .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | |
22 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | |
23 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | |
24 | .\" | |
25 | .Dd May 24, 2002 | |
26 | .Dt SSH-KEYSIGN 8 | |
27 | .Os | |
28 | .Sh NAME | |
29 | .Nm ssh-keysign | |
30 | .Nd ssh helper program for host-based authentication | |
31 | .Sh SYNOPSIS | |
32 | .Nm | |
33 | .Sh DESCRIPTION | |
34 | .Nm | |
35 | is used by | |
36 | .Xr ssh 1 | |
37 | to access the local host keys and generate the digital signature | |
38 | required during host-based authentication with SSH protocol version 2. | |
39 | .Pp | |
40 | .Nm | |
41 | is disabled by default and can only be enabled in the | |
42 | global client configuration file | |
43 | .Pa /etc/ssh/ssh_config | |
44 | by setting | |
45 | .Cm EnableSSHKeysign | |
46 | to | |
47 | .Dq yes . | |
48 | .Pp | |
49 | .Nm | |
50 | is not intended to be invoked by the user, but from | |
51 | .Xr ssh 1 . | |
52 | See | |
53 | .Xr ssh 1 | |
54 | and | |
55 | .Xr sshd 8 | |
56 | for more information about host-based authentication. | |
57 | .Sh FILES | |
58 | .Bl -tag -width Ds | |
59 | .It Pa /etc/ssh/ssh_config | |
60 | Controls whether | |
61 | .Nm | |
62 | is enabled. | |
63 | .It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key | |
64 | These files contain the private parts of the host keys used to | |
65 | generate the digital signature. | |
66 | They should be owned by root, readable only by root, and not | |
67 | accessible to others. | |
68 | Since they are readable only by root, | |
69 | .Nm | |
70 | must be set-uid root if host-based authentication is used. | |
71 | .El | |
72 | .Sh SEE ALSO | |
73 | .Xr ssh 1 , | |
74 | .Xr ssh-keygen 1 , | |
75 | .Xr ssh_config 5 , | |
76 | .Xr sshd 8 | |
77 | .Sh HISTORY | |
78 | .Nm | |
79 | first appeared in | |
80 | .Ox 3.2 . | |
81 | .Sh AUTHORS | |
82 | .An Markus Friedl Aq markus@openbsd.org |