X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/d73a67d744a7cbe0d40b6ac60482f22f62b9ba02..cf848a5ec15e0b18a187ad800272dfe7ad5cf876:/ssh.1 diff --git a/ssh.1 b/ssh.1 index 10784153..b8a91a16 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.178 2003/10/11 08:24:08 markus Exp $ +.\" $OpenBSD: ssh.1,v 1.199 2004/11/07 17:42:36 jmc Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -43,14 +43,14 @@ .Nd OpenSSH SSH client (remote login program) .Sh SYNOPSIS .Nm ssh -.Op Fl 1246AaCfgkNnqsTtVvXxY +.Op Fl 1246AaCfgkMNnqsTtVvXxY .Op Fl b Ar bind_address .Op Fl c Ar cipher_spec +.Bk -words .Op Fl D Ar port .Op Fl e Ar escape_char .Op Fl F Ar configfile .Op Fl i Ar identity_file -.Bk -words .Oo Fl L Xo .Sm off .Ar port : @@ -62,6 +62,7 @@ .Ek .Op Fl l Ar login_name .Op Fl m Ar mac_spec +.Op Fl O Ar ctl_cmd .Op Fl o Ar option .Bk -words .Op Fl p Ar port @@ -74,6 +75,7 @@ .Sm on .Xc .Oc +.Op Fl S Ar ctl_path .Oo Ar user Ns @ Oc Ns Ar hostname .Op Ar command .Sh DESCRIPTION @@ -102,35 +104,25 @@ is specified, .Ar command is executed on the remote host instead of a login shell. .Ss SSH protocol version 1 -First, if the machine the user logs in from is listed in +The first authentication method is the +.Em rhosts +or +.Em hosts.equiv +method combined with RSA-based host authentication. +If the machine the user logs in from is listed in .Pa /etc/hosts.equiv or .Pa /etc/shosts.equiv on the remote machine, and the user names are -the same on both sides, the user is immediately permitted to log in. -Second, if -.Pa .rhosts +the same on both sides, or if the files +.Pa $HOME/.rhosts or -.Pa .shosts -exists in the user's home directory on the -remote machine and contains a line containing the name of the client +.Pa $HOME/.shosts +exist in the user's home directory on the +remote machine and contain a line containing the name of the client machine and the name of the user on that machine, the user is -permitted to log in. -This form of authentication alone is normally not -allowed by the server because it is not secure. -.Pp -The second authentication method is the -.Em rhosts -or -.Em hosts.equiv -method combined with RSA-based host authentication. -It means that if the login would be permitted by -.Pa $HOME/.rhosts , -.Pa $HOME/.shosts , -.Pa /etc/hosts.equiv , -or -.Pa /etc/shosts.equiv , -and if additionally the server can verify the client's +considered for log in. +Additionally, if the server can verify the client's host key (see .Pa /etc/ssh/ssh_known_hosts and @@ -146,7 +138,7 @@ spoofing, DNS spoofing and routing spoofing. and the rlogin/rsh protocol in general, are inherently insecure and should be disabled if security is desired.] .Pp -As a third authentication method, +As a second authentication method, .Nm supports RSA based authentication. The scheme is based on public-key cryptography: there are cryptosystems @@ -194,9 +186,6 @@ file corresponds to the conventional file, and has one key per line, though the lines can be very long). After this, the user can log in without giving the password. -RSA authentication is much more secure than -.Em rhosts -authentication. .Pp The most convenient way to use RSA authentication may be with an authentication agent. @@ -241,8 +230,8 @@ Additionally, supports hostbased or challenge response authentication. .Pp Protocol 2 provides additional mechanisms for confidentiality -(the traffic is encrypted using 3DES, Blowfish, CAST128 or Arcfour) -and integrity (hmac-md5, hmac-sha1). +(the traffic is encrypted using AES, 3DES, Blowfish, CAST128 or Arcfour) +and integrity (hmac-md5, hmac-sha1, hmac-ripemd160). Note that protocol 1 lacks a strong mechanism for ensuring the integrity of the connection. .Ss Login session and remote execution @@ -302,11 +291,18 @@ Display a list of escape characters. Send a BREAK to the remote system (only useful for SSH protocol version 2 and if the peer supports it). .It Cm ~C -Open command line (only useful for adding port forwardings using the +Open command line. +Currently this allows the addition of port forwardings using the .Fl L and .Fl R -options). +options (see below). +It also allows the cancellation of existing remote port-forwardings +using +.Fl KR Ar hostport . +Basic help is available, using the +.Fl h +option. .It Cm ~R Request rekeying of the connection (only useful for SSH protocol version 2 and if the peer supports it). @@ -392,6 +388,15 @@ The option can be used to prevent logins to machines whose host key is not known or has changed. .Pp +.Nm +can be configured to verify host identification using fingerprint resource +records (SSHFP) published in DNS. +The +.Cm VerifyHostKeyDNS +option can be used to control how DNS lookups are performed. +SSHFP resource records can be generated using +.Xr ssh-keygen 1 . +.Pp The options are as follows: .Bl -tag -width Ds .It Fl 1 @@ -442,13 +447,18 @@ The default value can be set on a host-by-host basis in the configuration files; see the .Cm Compression option. -.It Fl c Ar blowfish | 3des | des -Selects the cipher to use for encrypting the session. -.Ar 3des -is used by default. -It is believed to be secure. +.It Fl c Ar cipher_spec +Selects the cipher specification for encrypting the session. +.Pp +Protocol version 1 allows specification of a single cipher. +The suported values are +.Dq 3des , +.Dq blowfish +and +.Dq des . .Ar 3des (triple-des) is an encrypt-decrypt-encrypt triple with three different keys. +It is believed to be secure. .Ar blowfish is a fast block cipher; it appears very secure and is much faster than .Ar 3des . @@ -460,12 +470,30 @@ that do not support the .Ar 3des cipher. Its use is strongly discouraged due to cryptographic weaknesses. -.It Fl c Ar cipher_spec -Additionally, for protocol version 2 a comma-separated list of ciphers can -be specified in order of preference. -See -.Cm Ciphers -for more information. +The default is +.Dq 3des . +.Pp +For protocol version 2 +.Ar cipher_spec +is a comma-separated list of ciphers +listed in order of preference. +The supported ciphers are +.Dq 3des-cbc , +.Dq aes128-cbc , +.Dq aes192-cbc , +.Dq aes256-cbc , +.Dq aes128-ctr , +.Dq aes192-ctr , +.Dq aes256-ctr , +.Dq arcfour , +.Dq blowfish-cbc , +and +.Dq cast128-cbc . +The default is +.Bd -literal + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, + aes192-cbc,aes256-cbc'' +.Ed .It Fl D Ar port Specifies a local .Dq dynamic @@ -539,8 +567,7 @@ It is possible to have multiple options (and multiple identities specified in configuration files). .It Fl k -Disables forwarding of Kerberos tickets. -This may also be specified on a per-host basis in the configuration file. +Disables forwarding (delegation) of GSSAPI credentials to the server. .It Fl L Xo .Sm off .Ar port : host : hostport @@ -569,6 +596,17 @@ IPv6 addresses can be specified with an alternative syntax: .It Fl l Ar login_name Specifies the user to log in as on the remote machine. This also may be specified on a per-host basis in the configuration file. +.It Fl M +Places the +.Nm +client into +.Dq master +mode for connection sharing. +Refer to the description of +.Cm ControlMaster +in +.Xr ssh_config 5 +for details. .It Fl m Ar mac_spec Additionally, for protocol version 2 a comma-separated list of MAC (message authentication code) algorithms can @@ -600,6 +638,18 @@ program will be put in the background. needs to ask for a password or passphrase; see also the .Fl f option.) +.It Fl O Ar ctl_cmd +Control an active connection multiplexing master process. +When the +.Fl O +option is specified, the +.Ar ctl_cmd +argument is interpreted and passed to the master process. +Valid commands are: +.Dq check +(check that the master process is running) and +.Dq exit +(request the master to exit). .It Fl o Ar option Can be used to give options in the format used in the configuration file. This is useful for specifying options for which there is no separate @@ -619,7 +669,9 @@ For full details of the options listed below, and their possible values, see .It Compression .It CompressionLevel .It ConnectionAttempts -.It ConnectionTimeout +.It ConnectTimeout +.It ControlMaster +.It ControlPath .It DynamicForward .It EscapeChar .It ForwardAgent @@ -635,7 +687,8 @@ For full details of the options listed below, and their possible values, see .It HostKeyAlias .It HostName .It IdentityFile -.It KeepAlive +.It IdentitiesOnly +.It KbdInteractiveDevices .It LocalForward .It LogLevel .It MACs @@ -650,8 +703,12 @@ For full details of the options listed below, and their possible values, see .It RemoteForward .It RhostsRSAAuthentication .It RSAAuthentication +.It SendEnv +.It ServerAliveInterval +.It ServerAliveCountMax .It SmartcardDevice .It StrictHostKeyChecking +.It TCPKeepAlive .It UsePrivilegedPort .It User .It UserKnownHostsFile @@ -691,6 +748,15 @@ IPv6 addresses can be specified with an alternative syntax: .Ar hostport . .Xc .Sm on +.It Fl S Ar ctl_path +Specifies the location of a control socket for connection sharing. +Refer to the description of +.Cm ControlPath +and +.Cm ControlMaster +in +.Xr ssh_config 5 +for details. .It Fl s May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which facilitate the use @@ -794,7 +860,7 @@ and open an X11 window to read the passphrase. This is particularly useful when calling .Nm from a -.Pa .Xsession +.Pa .xsession or related script. (Note that on some machines it may be necessary to redirect the input from @@ -883,6 +949,8 @@ the convenience of the user. This is the per-user configuration file. The file format and configuration options are described in .Xr ssh_config 5 . +Because of the potential for abuse, this file must have strict permissions: +read/write for the user, and not accessible by others. .It Pa $HOME/.ssh/authorized_keys Lists the public keys (RSA/DSA) that can be used for logging in as this user. The format of this file is described in the @@ -945,7 +1013,9 @@ By default is not setuid root. .It Pa $HOME/.rhosts This file is used in -.Em rhosts +.Cm RhostsRSAAuthentication +and +.Cm HostbasedAuthentication authentication to list the host/user pairs that are permitted to log in. (Note that this file is @@ -964,12 +1034,10 @@ The recommended permission for most machines is read/write for the user, and not accessible by others. .Pp -Note that by default +Note that .Xr sshd 8 -will be installed so that it requires successful RSA host -authentication before permitting -.Em rhosts -authentication. +allows authentication only in combination with client host key +authentication before permitting log in. If the server machine does not have the client's host key in .Pa /etc/ssh/ssh_known_hosts , it can be stored in @@ -982,15 +1050,19 @@ will automatically add the host key to This file is used exactly the same way as .Pa .rhosts . The purpose for -having this file is to be able to use rhosts authentication with -.Nm -without permitting login with +having this file is to be able to use +.Cm RhostsRSAAuthentication +and +.Cm HostbasedAuthentication +authentication without permitting login with .Xr rlogin or .Xr rsh 1 . .It Pa /etc/hosts.equiv This file is used during -.Em rhosts +.Cm RhostsRSAAuthentication +and +.Cm HostbasedAuthentication authentication. It contains canonical hosts names, one per line (the full format is described in the @@ -999,8 +1071,7 @@ manual page). If the client host is found in this file, login is automatically permitted provided client and server user names are the same. -Additionally, successful RSA host authentication is normally -required. +Additionally, successful client host key authentication is required. This file should only be writable by root. .It Pa /etc/shosts.equiv This file is processed exactly as