X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/ef07103c6bd3325aefca61da0aaa8907c3777ec3..e45da4d6928b5f35b9add90897665eaec43ac108:/ssh_config.5 diff --git a/ssh_config.5 b/ssh_config.5 index 40774297..13cdee88 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.58 2005/07/04 00:58:43 djm Exp $ +.\" $OpenBSD: ssh_config.5,v 1.64 2005/10/30 08:43:47 jmc Exp $ .Dd September 25, 1999 .Dt SSH_CONFIG 5 .Os @@ -136,8 +136,9 @@ or The default is .Dq no . .It Cm BindAddress -Specify the interface to transmit from on machines with multiple -interfaces or aliased addresses. +Use the specified address on the local machine as the source address of +the connection. +Only useful on systems with more than one address. Note that this option does not work if .Cm UsePrivilegedPort is set to @@ -262,8 +263,10 @@ with set to .Dq no (the default). -These sessions will reuse the master instance's network connection rather -than initiating new ones. +These sessions will try to reuse the master instance's network connection +rather than initiating new ones, but will fall back to connecting normally +if the control socket does not exist, or is not listening. +.Pp Setting this to .Dq ask will cause @@ -280,10 +283,10 @@ can not be opened, will continue without connecting to a master instance. .Pp X11 and -.Xr ssh-agent 4 +.Xr ssh-agent 1 forwarding is supported over these multiplexed connections, however the display and agent fowarded will be the one belonging to the master -connection. I.e. it is not possible to forward multiple displays or agents. +connection i.e. it is not possible to forward multiple displays or agents. .Pp Two additional options allow for opportunistic multiplexing: try to use a master connection but fall back to creating a new one if one does not already @@ -319,7 +322,29 @@ Specifies that a TCP/IP port on the local machine be forwarded over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. -The argument must be a port number. +.Pp +The argument must be +.Sm off +.Oo Ar bind_address : Oc Ar port . +.Sm on +IPv6 addresses can be specified by enclosing addresses in square brackets or +by using an alternative syntax: +.Oo Ar bind_address Ns / Oc Ns Ar port . +By default, the local port is bound in accordance with the +.Cm GatewayPorts +setting. +However, an explicit +.Ar bind_address +may be used to bind the connection to a specific address. +The +.Ar bind_address +of +.Dq localhost +indicates that the listening port be bound for local use only, while an +empty address or +.Sq * +indicates that the port should be available from all interfaces. +.Pp Currently the SOCKS4 and SOCKS5 protocols are supported, and .Nm ssh will act as a SOCKS server.