- Remove references to SSLeay.
- Big OpenBSD CVS update
- markus@cvs.openbsd.org
[clientloop.c]
- typo
[session.c]
- update proctitle on pty alloc/dealloc, e.g. w/ windows client
[session.c]
- update proctitle for proto 1, too
[channels.h nchan.c serverloop.c session.c sshd.c]
- use c-style comments
- deraadt@cvs.openbsd.org
[scp.c]
- more atomicio
- markus@cvs.openbsd.org
[channels.c]
- set O_NONBLOCK
[ssh.1]
- update AUTHOR
[readconf.c ssh-keygen.c ssh.h]
- default DSA key file ~/.ssh/id_dsa
[clientloop.c]
- typo, rm verbose debug
- deraadt@cvs.openbsd.org
[ssh-keygen.1]
- document DSA use of ssh-keygen
[sshd.8]
- a start at describing what i understand of the DSA side
[ssh-keygen.1]
- document -X and -x
[ssh-keygen.c]
- simplify usage
- markus@cvs.openbsd.org
[sshd.8]
- there is no rhosts_dsa
[ssh-keygen.1]
- document -y, update -X,-x
[nchan.c]
- fix close for non-open ssh1 channels
[servconf.c servconf.h ssh.h sshd.8 sshd.c ]
- s/DsaKey/HostDSAKey/, document option
[sshconnect2.c]
- respect number_of_password_prompts
[channels.c channels.h servconf.c servconf.h session.c sshd.8]
- GatewayPorts for sshd, ok deraadt@
[ssh-add.1 ssh-agent.1 ssh.1]
- more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
[ssh.1]
- more info on proto 2
[sshd.8]
- sync AUTHOR w/ ssh.1
[key.c key.h sshconnect.c]
- print key type when talking about host keys
[packet.c]
- clear padding in ssh2
[dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
- replace broken uuencode w/ libc b64_ntop
[auth2.c]
- log failure before sending the reply
[key.c radix.c uuencode.c]
- remote trailing comments before calling __b64_pton
[auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
[sshconnect2.c sshd.8]
- add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
- Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
diff --git a/ssh.1 b/ssh.1
index c916927..a4738e6 100644
--- a/ssh.1
+++ b/ssh.1
@@ -9,7 +9,7 @@
.\"
.\" Created: Sat Apr 22 21:55:14 1995 ylo
.\"
-.\" $Id: ssh.1,v 1.23 2000/04/20 13:27:27 damien Exp $
+.\" $Id: ssh.1,v 1.24 2000/05/07 02:03:19 damien Exp $
.\"
.Dd September 25, 1999
.Dt SSH 1
@@ -63,7 +63,10 @@
connects and logs into the specified
.Ar hostname .
The user must prove
-his/her identity to the remote machine using one of several methods.
+his/her identity to the remote machine using one of several methods
+depending on the protocol version used:
+.Pp
+.Ss SSH protocol version 1
.Pp
First, if the machine the user logs in from is listed in
.Pa /etc/hosts.equiv
@@ -88,8 +91,8 @@
.Pa hosts.equiv
method combined with RSA-based host authentication.
It means that if the login would be permitted by
-.Pa \&.rhosts ,
-.Pa \&.shosts ,
+.Pa $HOME/.rhosts ,
+.Pa $HOME/.shosts ,
.Pa /etc/hosts.equiv ,
or
.Pa /etc/shosts.equiv ,
@@ -105,7 +108,7 @@
spoofing, DNS spoofing and routing spoofing.
[Note to the administrator:
.Pa /etc/hosts.equiv ,
-.Pa \&.rhosts ,
+.Pa $HOME/.rhosts ,
and the rlogin/rsh protocol in general, are inherently insecure and should be
disabled if security is desired.]
.Pp
@@ -143,18 +146,18 @@
The user creates his/her RSA key pair by running
.Xr ssh-keygen 1 .
This stores the private key in
-.Pa \&.ssh/identity
+.Pa $HOME/.ssh/identity
and the public key in
-.Pa \&.ssh/identity.pub
+.Pa $HOME/.ssh/identity.pub
in the user's home directory.
The user should then copy the
.Pa identity.pub
to
-.Pa \&.ssh/authorized_keys
+.Pa $HOME/.ssh/authorized_keys
in his/her home directory on the remote machine (the
.Pa authorized_keys
file corresponds to the conventional
-.Pa \&.rhosts
+.Pa $HOME/.rhosts
file, and has one key
per line, though the lines can be very long).
After this, the user can log in without giving the password.
@@ -174,6 +177,38 @@
host for checking; however, since all communications are encrypted,
the password cannot be seen by someone listening on the network.
.Pp
+.Ss SSH protocol version 2
+.Pp
+When a user connects using the protocol version 2
+different authentication methods are available:
+At first, the client attempts to authenticate using the public key method.
+If this method fails password authentication is tried.
+.Pp
+The public key method is similar to RSA authentication described
+in the previous section except that the DSA algorithm is used
+instead of the patented RSA algorithm.
+The client uses his private DSA key
+.Pa $HOME/.ssh/id_dsa
+to sign the session identifier and sends the result to the server.
+The server checks whether the matching public key is listed in
+.Pa $HOME/.ssh/authorized_keys2
+and grants access if both the key is found and the signature is correct.
+The session identifier is derived from a shared Diffie-Hellman value
+and is only known to the client and the server.
+.Pp
+If public key authentication fails or is not available a password
+can be sent encrypted to the remote host for proving the user's identity.
+This protocol 2 implementation does not yet support Kerberos or
+S/Key authentication.
+.Pp
+Protocol 2 provides additional mechanisms for confidentiality
+(the traffic is encrypted using 3DES, blowfish, cast128 or arcfour)
+and integrity (hmac-sha1, hmac-md5).
+Note that protocol 1 lacks a strong mechanism for ensuring the
+integrity of the connection.
+.Pp
+.Ss Login session and remote execution
+.Pp
When the user's identity has been accepted by the server, the server
either executes the given command, or logs into the machine and gives
the user a normal shell on the remote machine.
@@ -219,6 +254,8 @@
of
.Nm ssh .
.Pp
+.Ss X11 and TCP forwarding
+.Pp
If the user is using X11 (the
.Ev DISPLAY
environment variable is set), the connection to the X11 display is
@@ -262,15 +299,22 @@
One possible application of TCP/IP forwarding is a secure connection to an
electronic purse; another is going trough firewalls.
.Pp
+.Ss Server authentication
+.Pp
.Nm
-automatically maintains and checks a database containing RSA-based
+automatically maintains and checks a database containing
identifications for all hosts it has ever been used with.
-The database is stored in
-.Pa \&.ssh/known_hosts
+RSA host keys are stored in
+.Pa $HOME/.ssh/known_hosts
+and
+DSA host keys are stored in
+.Pa $HOME/.ssh/known_hosts2
in the user's home directory.
-Additionally, the file
+Additionally, the files
.Pa /etc/ssh_known_hosts
-is automatically checked for known hosts.
+and
+.Pa /etc/ssh_known_hosts2
+are automatically checked for known hosts.
Any new hosts are automatically added to the user's file.
If a host's identification
ever changes,
@@ -333,7 +377,7 @@
Selects the file from which the identity (private key) for
RSA authentication is read.
Default is
-.Pa \&.ssh/identity
+.Pa $HOME/.ssh/identity
in the user's home directory.
Identity files may also be specified on
a per-host basis in the configuration file.
@@ -458,7 +502,7 @@
.It Fl 2
Forces
.Nm
-to use protocol version 2 only.
+to try protocol version 2 only.
.It Fl 4
Forces
.Nm
@@ -575,6 +619,15 @@
back to rsh or exiting.
The argument must be an integer.
This may be useful in scripts if the connection sometimes fails.
+.It Cm DSAAuthentication
+Specifies whether to try DSA authentication.
+The argument to this keyword must be
+.Dq yes
+or
+.Dq no .
+DSA authentication will only be
+attempted if a DSA identity file exists.
+Note that this option applies to protocol version 2 only.
.It Cm EscapeChar
Sets the escape character (default:
.Ql ~ ) .
@@ -640,7 +693,7 @@
.It Cm IdentityFile
Specifies the file from which the user's RSA authentication identity
is read (default
-.Pa .ssh/identity
+.Pa $HOME/.ssh/identity
in the user's home directory).
Additionally, any identities represented by the authentication agent
will be used for authentication.
@@ -649,6 +702,16 @@
It is possible to have
multiple identity files specified in configuration files; all these
identities will be tried in sequence.
+.It Cm IdentityFile2
+Specifies the file from which the user's DSA authentication identity
+is read (default
+.Pa $HOME/.ssh/id_dsa
+in the user's home directory).
+The file name may use the tilde
+syntax to refer to a user's home directory.
+It is possible to have
+multiple identity files specified in configuration files; all these
+identities will be tried in sequence.
.It Cm KeepAlive
Specifies whether the system should send keepalive messages to the
other side.
@@ -704,6 +767,7 @@
.Dq yes
or
.Dq no .
+Note that this option applies to both protocol version 1 and 2.
.It Cm Port
Specifies the port number to connect on the remote host.
Default is 22.
@@ -717,7 +781,11 @@
.Dq 2 .
Multiple versions must be comma-separated.
The default is
-.Dq 1 .
+.Dq 1,2 .
+This means that
+.Nm
+tries version 1 and falls back to version 2
+if version 1 is no available.
.It Cm ProxyCommand
Specifies the command to use to connect to the server.
The command
@@ -782,6 +850,7 @@
RSA authentication will only be
attempted if the identity file exists, or an authentication agent is
running.
+Note that this option applies to protocol version 1 only.
.It Cm SkeyAuthentication
Specifies whether to use
.Xr skey 1
@@ -798,10 +867,14 @@
.Nm
ssh will never automatically add host keys to the
.Pa $HOME/.ssh/known_hosts
-file, and refuses to connect hosts whose host key has changed.
+and
+.Pa $HOME/.ssh/known_hosts2
+files, and refuses to connect hosts whose host key has changed.
This provides maximum protection against trojan horse attacks.
However, it can be somewhat annoying if you don't have good
.Pa /etc/ssh_known_hosts
+and
+.Pa /etc/ssh_known_hosts2
files installed and frequently
connect new hosts.
Basically this option forces the user to manually
@@ -921,28 +994,36 @@
.Pa /etc/ssh_known_hosts ) .
See
.Xr sshd 8 .
-.It Pa $HOME/.ssh/identity
-Contains the RSA authentication identity of the user.
-This file
-contains sensitive data and should be readable by the user but not
+.It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa
+Contains the RSA and the DSA authentication identity of the user.
+These files
+contain sensitive data and should be readable by the user but not
accessible by others (read/write/execute).
Note that
.Nm
-ignores this file if it is accessible by others.
+ignores a private key file if it is accessible by others.
It is possible to specify a passphrase when
generating the key; the passphrase will be used to encrypt the
sensitive part of this file using 3DES.
-.It Pa $HOME/.ssh/identity.pub
+.It Pa $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub
Contains the public key for authentication (public part of the
identity file in human-readable form).
-The contents of this file should be added to
+The contents of the
+.Pa $HOME/.ssh/identity.pub
+file should be added to
.Pa $HOME/.ssh/authorized_keys
on all machines
where you wish to log in using RSA authentication.
-This file is not
+The contents of the
+.Pa $HOME/.ssh/id_dsa.pub
+file should be added to
+.Pa $HOME/.ssh/authorized_keys2
+on all machines
+where you wish to log in using DSA authentication.
+These files are not
sensitive and can (but need not) be readable by anyone.
-This file is
-never used automatically and is not necessary; it is only provided for
+These files are
+never used automatically and are not necessary; they is only provided for
the convenience of the user.
.It Pa $HOME/.ssh/config
This is the per-user configuration file.
@@ -964,9 +1045,17 @@
spaces).
This file is not highly sensitive, but the recommended
permissions are read/write for the user, and not accessible by others.
-.It Pa /etc/ssh_known_hosts
+.It Pa $HOME/.ssh/authorized_keys2
+Lists the DSA keys that can be used for logging in as this user.
+This file is not highly sensitive, but the recommended
+permissions are read/write for the user, and not accessible by others.
+.It Pa /etc/ssh_known_hosts, /etc/ssh_known_hosts2
Systemwide list of known host keys.
-This file should be prepared by the
+.Pa /etc/ssh_known_hosts
+contains RSA and
+.Pa /etc/ssh_known_hosts2
+contains DSA keys.
+These files should be prepared by the
system administrator to contain the public host keys of all machines in the
organization.
This file should be world-readable.
@@ -1025,7 +1114,7 @@
.Pa $HOME/.ssh/known_hosts .
The easiest way to do this is to
connect back to the client from the server machine using ssh; this
-will automatically add the host key inxi
+will automatically add the host key to
.Pa $HOME/.ssh/known_hosts .
.It Pa $HOME/.shosts
This file is used exactly the same way as
@@ -1086,6 +1175,7 @@
Rapidly after the
1.2.12 release, newer versions of the original ssh bore successively
more restrictive licenses, and thus demand for a free version was born.
+.Pp
This version of OpenSSH
.Bl -bullet
.It
@@ -1094,8 +1184,8 @@
are chosen from
external libraries.
.It
-has been updated to support ssh protocol 1.5, making it compatible with
-all other ssh protocol 1 clients and servers.
+has been updated to support SSH protocol 1.5 and 2, making it compatible with
+all other SSH clients and servers.
.It
contains added support for
.Xr kerberos 8
@@ -1107,6 +1197,8 @@
.Pp
OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl,
Niels Provos, Theo de Raadt, and Dug Song.
+.Pp
+The support for SSH protocol 2 was written by Markus Friedl.
.Sh SEE ALSO
.Xr rlogin 1 ,
.Xr rsh 1 ,