blob: 8a55c2f6421b7455ad6c4ebbf938063b45e02972 [file] [log] [blame]
Damien Miller32aa1441999-10-29 09:15:49 +10001.\" -*- nroff -*-
2.\"
Damien Miller32aa1441999-10-29 09:15:49 +10003.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller32aa1441999-10-29 09:15:49 +10004.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5.\" All rights reserved
6.\"
Damien Millere4340be2000-09-16 13:29:08 +11007.\" As far as I am concerned, the code I have written for this software
8.\" can be used freely for any purpose. Any derived versions of this
9.\" software must be clearly marked as such, and if the derived work is
10.\" incompatible with the protocol description in the RFC file, it must be
11.\" called by a name other than "ssh" or "Secure Shell".
Damien Miller32aa1441999-10-29 09:15:49 +100012.\"
Ben Lindstrom92a2e382001-03-05 06:59:27 +000013.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
14.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
15.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
Damien Millere4340be2000-09-16 13:29:08 +110016.\"
17.\" Redistribution and use in source and binary forms, with or without
18.\" modification, are permitted provided that the following conditions
19.\" are met:
20.\" 1. Redistributions of source code must retain the above copyright
21.\" notice, this list of conditions and the following disclaimer.
22.\" 2. Redistributions in binary form must reproduce the above copyright
23.\" notice, this list of conditions and the following disclaimer in the
24.\" documentation and/or other materials provided with the distribution.
25.\"
26.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
27.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
28.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
29.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
30.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
31.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
32.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
33.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Damien Miller32aa1441999-10-29 09:15:49 +100036.\"
Damien Millerd27b9472005-12-13 19:29:02 +110037.\" $OpenBSD: ssh.1,v 1.215 2005/12/06 22:38:27 reyk Exp $
Damien Miller32aa1441999-10-29 09:15:49 +100038.Dd September 25, 1999
39.Dt SSH 1
40.Os
41.Sh NAME
42.Nm ssh
Ben Lindstromd58eb5f2001-03-07 06:07:22 +000043.Nd OpenSSH SSH client (remote login program)
Damien Miller32aa1441999-10-29 09:15:49 +100044.Sh SYNOPSIS
45.Nm ssh
Darren Tuckerba5c5922004-06-18 16:22:39 +100046.Op Fl 1246AaCfgkMNnqsTtVvXxY
Ben Lindstrome0f88042001-04-30 13:06:24 +000047.Op Fl b Ar bind_address
Damien Miller30c3d422000-05-09 11:02:59 +100048.Op Fl c Ar cipher_spec
Darren Tuckerc8d64212005-10-03 18:13:42 +100049.Oo Fl D\ \&
50.Sm off
51.Oo Ar bind_address : Oc
52.Ar port
53.Sm on
54.Oc
Damien Miller32aa1441999-10-29 09:15:49 +100055.Op Fl e Ar escape_char
Ben Lindstrom14f31ab2001-09-12 17:48:04 +000056.Op Fl F Ar configfile
Darren Tucker05d4dfe2005-10-03 18:17:38 +100057.Bk -words
Darren Tucker61776952003-10-02 16:19:47 +100058.Op Fl i Ar identity_file
Darren Tucker05d4dfe2005-10-03 18:17:38 +100059.Ek
Damien Miller36bf7dd2005-03-02 12:02:47 +110060.Oo Fl L\ \&
Damien Miller32aa1441999-10-29 09:15:49 +100061.Sm off
Damien Millerf91ee4c2005-03-01 21:24:33 +110062.Oo Ar bind_address : Oc
Damien Miller36bf7dd2005-03-02 12:02:47 +110063.Ar port : host : hostport
Damien Miller32aa1441999-10-29 09:15:49 +100064.Sm on
Damien Miller32aa1441999-10-29 09:15:49 +100065.Oc
Darren Tucker05d4dfe2005-10-03 18:17:38 +100066.Bk -words
Darren Tucker61776952003-10-02 16:19:47 +100067.Op Fl l Ar login_name
Darren Tucker05d4dfe2005-10-03 18:17:38 +100068.Ek
Darren Tucker61776952003-10-02 16:19:47 +100069.Op Fl m Ar mac_spec
Darren Tucker7ebfc102004-11-07 20:06:19 +110070.Op Fl O Ar ctl_cmd
Darren Tucker61776952003-10-02 16:19:47 +100071.Op Fl o Ar option
Darren Tucker61776952003-10-02 16:19:47 +100072.Op Fl p Ar port
Damien Miller36bf7dd2005-03-02 12:02:47 +110073.Oo Fl R\ \&
Damien Miller32aa1441999-10-29 09:15:49 +100074.Sm off
Damien Millerf91ee4c2005-03-01 21:24:33 +110075.Oo Ar bind_address : Oc
Damien Miller36bf7dd2005-03-02 12:02:47 +110076.Ar port : host : hostport
Damien Miller32aa1441999-10-29 09:15:49 +100077.Sm on
Damien Miller32aa1441999-10-29 09:15:49 +100078.Oc
Darren Tucker7ebfc102004-11-07 20:06:19 +110079.Op Fl S Ar ctl_path
Damien Millerd27b9472005-12-13 19:29:02 +110080.Op Fl w Ar tunnel : tunnel
Darren Tucker61776952003-10-02 16:19:47 +100081.Oo Ar user Ns @ Oc Ns Ar hostname
Damien Miller32aa1441999-10-29 09:15:49 +100082.Op Ar command
Damien Miller22c77262000-04-13 12:26:34 +100083.Sh DESCRIPTION
Damien Miller32aa1441999-10-29 09:15:49 +100084.Nm
Ben Lindstromd58eb5f2001-03-07 06:07:22 +000085(SSH client) is a program for logging into a remote machine and for
Damien Miller7684ee12000-03-17 23:40:15 +110086executing commands on a remote machine.
Darren Tucker61776952003-10-02 16:19:47 +100087It is intended to replace rlogin and rsh,
88and provide secure encrypted communications between
Damien Miller7684ee12000-03-17 23:40:15 +110089two untrusted hosts over an insecure network.
Darren Tucker61776952003-10-02 16:19:47 +100090X11 connections and arbitrary TCP/IP ports
91can also be forwarded over the secure channel.
Damien Miller32aa1441999-10-29 09:15:49 +100092.Pp
93.Nm
Damien Miller22c77262000-04-13 12:26:34 +100094connects and logs into the specified
Darren Tucker61776952003-10-02 16:19:47 +100095.Ar hostname
96(with optional
97.Ar user
98name).
Damien Miller32aa1441999-10-29 09:15:49 +100099The user must prove
Damien Millere247cc42000-05-07 12:03:14 +1000100his/her identity to the remote machine using one of several methods
Darren Tucker61776952003-10-02 16:19:47 +1000101depending on the protocol version used.
Damien Millere247cc42000-05-07 12:03:14 +1000102.Pp
Darren Tucker61776952003-10-02 16:19:47 +1000103If
104.Ar command
105is specified,
106.Ar command
107is executed on the remote host instead of a login shell.
Damien Millere247cc42000-05-07 12:03:14 +1000108.Ss SSH protocol version 1
Darren Tuckerdb693902004-08-29 16:37:24 +1000109The first authentication method is the
Darren Tucker61776952003-10-02 16:19:47 +1000110.Em rhosts
Damien Miller32aa1441999-10-29 09:15:49 +1000111or
Darren Tucker61776952003-10-02 16:19:47 +1000112.Em hosts.equiv
Damien Miller7684ee12000-03-17 23:40:15 +1100113method combined with RSA-based host authentication.
Darren Tuckerdb693902004-08-29 16:37:24 +1000114If the machine the user logs in from is listed in
115.Pa /etc/hosts.equiv
Damien Miller32aa1441999-10-29 09:15:49 +1000116or
Darren Tuckerdb693902004-08-29 16:37:24 +1000117.Pa /etc/shosts.equiv
118on the remote machine, and the user names are
119the same on both sides, or if the files
Damien Miller167ea5d2005-05-26 12:04:02 +1000120.Pa ~/.rhosts
Darren Tuckerdb693902004-08-29 16:37:24 +1000121or
Damien Miller167ea5d2005-05-26 12:04:02 +1000122.Pa ~/.shosts
Darren Tuckerdb693902004-08-29 16:37:24 +1000123exist in the user's home directory on the
124remote machine and contain a line containing the name of the client
125machine and the name of the user on that machine, the user is
126considered for log in.
127Additionally, if the server can verify the client's
Damien Miller22c77262000-04-13 12:26:34 +1000128host key (see
Damien Miller05eda432002-02-10 18:32:28 +1100129.Pa /etc/ssh/ssh_known_hosts
Damien Miller33e511e1999-11-11 11:43:13 +1100130and
Damien Miller167ea5d2005-05-26 12:04:02 +1000131.Pa ~/.ssh/known_hosts
Damien Miller32aa1441999-10-29 09:15:49 +1000132in the
133.Sx FILES
Darren Tucker61776952003-10-02 16:19:47 +1000134section), only then is login permitted.
Damien Miller7684ee12000-03-17 23:40:15 +1100135This authentication method closes security holes due to IP
136spoofing, DNS spoofing and routing spoofing.
137[Note to the administrator:
Damien Miller32aa1441999-10-29 09:15:49 +1000138.Pa /etc/hosts.equiv ,
Damien Miller167ea5d2005-05-26 12:04:02 +1000139.Pa ~/.rhosts ,
Damien Miller32aa1441999-10-29 09:15:49 +1000140and the rlogin/rsh protocol in general, are inherently insecure and should be
141disabled if security is desired.]
142.Pp
Darren Tuckerdb693902004-08-29 16:37:24 +1000143As a second authentication method,
Damien Miller32aa1441999-10-29 09:15:49 +1000144.Nm
145supports RSA based authentication.
146The scheme is based on public-key cryptography: there are cryptosystems
147where encryption and decryption are done using separate keys, and it
148is not possible to derive the decryption key from the encryption key.
Damien Miller7684ee12000-03-17 23:40:15 +1100149RSA is one such system.
Damien Miller22c77262000-04-13 12:26:34 +1000150The idea is that each user creates a public/private
Damien Miller7684ee12000-03-17 23:40:15 +1100151key pair for authentication purposes.
152The server knows the public key, and only the user knows the private key.
Darren Tucker61776952003-10-02 16:19:47 +1000153.Pp
Damien Miller22c77262000-04-13 12:26:34 +1000154The file
Damien Miller167ea5d2005-05-26 12:04:02 +1000155.Pa ~/.ssh/authorized_keys
Darren Tucker61776952003-10-02 16:19:47 +1000156lists the public keys that are permitted for logging in.
Damien Miller7684ee12000-03-17 23:40:15 +1100157When the user logs in, the
Damien Miller32aa1441999-10-29 09:15:49 +1000158.Nm
159program tells the server which key pair it would like to use for
Damien Miller7684ee12000-03-17 23:40:15 +1100160authentication.
Darren Tucker61776952003-10-02 16:19:47 +1000161The server checks if this key is permitted, and if so,
162sends the user (actually the
Damien Miller32aa1441999-10-29 09:15:49 +1000163.Nm
164program running on behalf of the user) a challenge, a random number,
Damien Miller7684ee12000-03-17 23:40:15 +1100165encrypted by the user's public key.
Darren Tucker61776952003-10-02 16:19:47 +1000166The challenge can only be decrypted using the proper private key.
167The user's client then decrypts the challenge using the private key,
168proving that he/she knows the private key
169but without disclosing it to the server.
Damien Miller32aa1441999-10-29 09:15:49 +1000170.Pp
171.Nm
Damien Miller7684ee12000-03-17 23:40:15 +1100172implements the RSA authentication protocol automatically.
173The user creates his/her RSA key pair by running
Damien Miller32aa1441999-10-29 09:15:49 +1000174.Xr ssh-keygen 1 .
Damien Miller22c77262000-04-13 12:26:34 +1000175This stores the private key in
Damien Miller167ea5d2005-05-26 12:04:02 +1000176.Pa ~/.ssh/identity
Darren Tucker61776952003-10-02 16:19:47 +1000177and stores the public key in
Damien Miller167ea5d2005-05-26 12:04:02 +1000178.Pa ~/.ssh/identity.pub
Damien Miller7684ee12000-03-17 23:40:15 +1100179in the user's home directory.
180The user should then copy the
Damien Miller32aa1441999-10-29 09:15:49 +1000181.Pa identity.pub
Damien Miller22c77262000-04-13 12:26:34 +1000182to
Damien Miller167ea5d2005-05-26 12:04:02 +1000183.Pa ~/.ssh/authorized_keys
Damien Miller22c77262000-04-13 12:26:34 +1000184in his/her home directory on the remote machine (the
Damien Miller32aa1441999-10-29 09:15:49 +1000185.Pa authorized_keys
Damien Miller22c77262000-04-13 12:26:34 +1000186file corresponds to the conventional
Damien Miller167ea5d2005-05-26 12:04:02 +1000187.Pa ~/.rhosts
Damien Miller32aa1441999-10-29 09:15:49 +1000188file, and has one key
Damien Miller7684ee12000-03-17 23:40:15 +1100189per line, though the lines can be very long).
190After this, the user can log in without giving the password.
Damien Miller32aa1441999-10-29 09:15:49 +1000191.Pp
192The most convenient way to use RSA authentication may be with an
Damien Miller7684ee12000-03-17 23:40:15 +1100193authentication agent.
194See
Damien Miller32aa1441999-10-29 09:15:49 +1000195.Xr ssh-agent 1
196for more information.
197.Pp
Damien Miller22c77262000-04-13 12:26:34 +1000198If other authentication methods fail,
Damien Miller32aa1441999-10-29 09:15:49 +1000199.Nm
Damien Miller7684ee12000-03-17 23:40:15 +1100200prompts the user for a password.
201The password is sent to the remote
Damien Miller32aa1441999-10-29 09:15:49 +1000202host for checking; however, since all communications are encrypted,
203the password cannot be seen by someone listening on the network.
Damien Millere247cc42000-05-07 12:03:14 +1000204.Ss SSH protocol version 2
Darren Tucker61776952003-10-02 16:19:47 +1000205When a user connects using protocol version 2,
Damien Miller07a2d422002-02-05 12:16:15 +1100206similar authentication methods are available.
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000207Using the default values for
208.Cm PreferredAuthentications ,
Ben Lindstroma9086a12001-08-06 20:58:51 +0000209the client will try to authenticate first using the hostbased method;
Darren Tucker61776952003-10-02 16:19:47 +1000210if this method fails, public key authentication is attempted,
211and finally if this method fails, keyboard-interactive and
Ben Lindstroma9086a12001-08-06 20:58:51 +0000212password authentication are tried.
Damien Millere247cc42000-05-07 12:03:14 +1000213.Pp
214The public key method is similar to RSA authentication described
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000215in the previous section and allows the RSA or DSA algorithm to be used:
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000216The client uses his private key,
Damien Miller167ea5d2005-05-26 12:04:02 +1000217.Pa ~/.ssh/id_dsa
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000218or
Damien Miller167ea5d2005-05-26 12:04:02 +1000219.Pa ~/.ssh/id_rsa ,
Damien Millere247cc42000-05-07 12:03:14 +1000220to sign the session identifier and sends the result to the server.
221The server checks whether the matching public key is listed in
Damien Miller167ea5d2005-05-26 12:04:02 +1000222.Pa ~/.ssh/authorized_keys
Damien Millere247cc42000-05-07 12:03:14 +1000223and grants access if both the key is found and the signature is correct.
224The session identifier is derived from a shared Diffie-Hellman value
225and is only known to the client and the server.
226.Pp
Darren Tucker61776952003-10-02 16:19:47 +1000227If public key authentication fails or is not available, a password
228can be sent encrypted to the remote host to prove the user's identity.
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000229.Pp
230Additionally,
231.Nm
232supports hostbased or challenge response authentication.
Damien Millere247cc42000-05-07 12:03:14 +1000233.Pp
234Protocol 2 provides additional mechanisms for confidentiality
Damien Miller05202ff2004-06-15 10:30:39 +1000235(the traffic is encrypted using AES, 3DES, Blowfish, CAST128 or Arcfour)
236and integrity (hmac-md5, hmac-sha1, hmac-ripemd160).
Damien Millere247cc42000-05-07 12:03:14 +1000237Note that protocol 1 lacks a strong mechanism for ensuring the
238integrity of the connection.
Damien Millere247cc42000-05-07 12:03:14 +1000239.Ss Login session and remote execution
Damien Miller32aa1441999-10-29 09:15:49 +1000240When the user's identity has been accepted by the server, the server
241either executes the given command, or logs into the machine and gives
Damien Miller7684ee12000-03-17 23:40:15 +1100242the user a normal shell on the remote machine.
243All communication with
Damien Miller32aa1441999-10-29 09:15:49 +1000244the remote command or shell will be automatically encrypted.
245.Pp
246If a pseudo-terminal has been allocated (normal login session), the
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000247user may use the escape characters noted below.
Damien Miller32aa1441999-10-29 09:15:49 +1000248.Pp
Darren Tucker61776952003-10-02 16:19:47 +1000249If no pseudo-tty has been allocated,
250the session is transparent and can be used to reliably transfer binary data.
Damien Miller7684ee12000-03-17 23:40:15 +1100251On most systems, setting the escape character to
Damien Miller32aa1441999-10-29 09:15:49 +1000252.Dq none
253will also make the session transparent even if a tty is used.
254.Pp
Ben Lindstroma6885612000-12-09 03:45:32 +0000255The session terminates when the command or shell on the remote
Ben Lindstromebd888d2001-03-05 05:49:29 +0000256machine exits and all X11 and TCP/IP connections have been closed.
Darren Tucker61776952003-10-02 16:19:47 +1000257The exit status of the remote program is returned as the exit status of
Damien Miller32aa1441999-10-29 09:15:49 +1000258.Nm ssh .
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000259.Ss Escape Characters
Darren Tucker61776952003-10-02 16:19:47 +1000260When a pseudo-terminal has been requested,
261.Nm
262supports a number of functions through the use of an escape character.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000263.Pp
264A single tilde character can be sent as
265.Ic ~~
Ben Lindstrom66007692001-07-22 20:41:59 +0000266or by following the tilde by a character other than those described below.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000267The escape character must always follow a newline to be interpreted as
268special.
269The escape character can be changed in configuration files using the
270.Cm EscapeChar
Ben Lindstrom24643222001-06-25 05:08:11 +0000271configuration directive or on the command line by the
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000272.Fl e
273option.
274.Pp
275The supported escapes (assuming the default
276.Ql ~ )
277are:
278.Bl -tag -width Ds
279.It Cm ~.
Darren Tucker61776952003-10-02 16:19:47 +1000280Disconnect.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000281.It Cm ~^Z
Darren Tucker61776952003-10-02 16:19:47 +1000282Background
283.Nm ssh .
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000284.It Cm ~#
Darren Tucker61776952003-10-02 16:19:47 +1000285List forwarded connections.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000286.It Cm ~&
Darren Tucker61776952003-10-02 16:19:47 +1000287Background
288.Nm
289at logout when waiting for forwarded connection / X11 sessions to terminate.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000290.It Cm ~?
Darren Tucker61776952003-10-02 16:19:47 +1000291Display a list of escape characters.
Damien Miller54c45982003-05-15 10:20:13 +1000292.It Cm ~B
Darren Tucker61776952003-10-02 16:19:47 +1000293Send a BREAK to the remote system
294(only useful for SSH protocol version 2 and if the peer supports it).
Ben Lindstrom5589f4b2002-03-22 03:24:32 +0000295.It Cm ~C
Darren Tuckere7066df2004-05-24 10:18:05 +1000296Open command line.
297Currently this allows the addition of port forwardings using the
Ben Lindstrom5589f4b2002-03-22 03:24:32 +0000298.Fl L
299and
300.Fl R
Darren Tuckere7066df2004-05-24 10:18:05 +1000301options (see below).
Darren Tuckere534e122004-05-24 10:35:14 +1000302It also allows the cancellation of existing remote port-forwardings
Darren Tuckere7066df2004-05-24 10:18:05 +1000303using
304.Fl KR Ar hostport .
Damien Millerd27b9472005-12-13 19:29:02 +1100305The
306.Ic ! Ar command
307allows the user to execute a local command if the
308.Ic PermitLocalCommand
309option is enabled in
310.Xr ssh_config 5 .
Darren Tucker1973c882004-05-24 10:34:36 +1000311Basic help is available, using the
312.Fl h
Darren Tuckere7066df2004-05-24 10:18:05 +1000313option.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000314.It Cm ~R
Darren Tucker61776952003-10-02 16:19:47 +1000315Request rekeying of the connection
316(only useful for SSH protocol version 2 and if the peer supports it).
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000317.El
Damien Millere247cc42000-05-07 12:03:14 +1000318.Ss X11 and TCP forwarding
Ben Lindstrom71215072001-05-17 03:16:18 +0000319If the
320.Cm ForwardX11
321variable is set to
322.Dq yes
Darren Tucker61776952003-10-02 16:19:47 +1000323(or see the description of the
Ben Lindstrom71215072001-05-17 03:16:18 +0000324.Fl X
325and
326.Fl x
327options described later)
328and the user is using X11 (the
Damien Miller32aa1441999-10-29 09:15:49 +1000329.Ev DISPLAY
330environment variable is set), the connection to the X11 display is
331automatically forwarded to the remote side in such a way that any X11
332programs started from the shell (or command) will go through the
333encrypted channel, and the connection to the real X server will be made
Damien Miller7684ee12000-03-17 23:40:15 +1100334from the local machine.
335The user should not manually set
Damien Miller32aa1441999-10-29 09:15:49 +1000336.Ev DISPLAY .
337Forwarding of X11 connections can be
338configured on the command line or in configuration files.
339.Pp
340The
Damien Miller22c77262000-04-13 12:26:34 +1000341.Ev DISPLAY
Damien Miller32aa1441999-10-29 09:15:49 +1000342value set by
343.Nm
Darren Tucker61776952003-10-02 16:19:47 +1000344will point to the server machine, but with a display number greater than zero.
Damien Miller7684ee12000-03-17 23:40:15 +1100345This is normal, and happens because
Damien Miller32aa1441999-10-29 09:15:49 +1000346.Nm
347creates a
348.Dq proxy
349X server on the server machine for forwarding the
350connections over the encrypted channel.
351.Pp
352.Nm
353will also automatically set up Xauthority data on the server machine.
354For this purpose, it will generate a random authorization cookie,
355store it in Xauthority on the server, and verify that any forwarded
356connections carry this cookie and replace it by the real cookie when
Damien Miller7684ee12000-03-17 23:40:15 +1100357the connection is opened.
358The real authentication cookie is never
Damien Miller32aa1441999-10-29 09:15:49 +1000359sent to the server machine (and no cookies are sent in the plain).
360.Pp
Ben Lindstrom3541f182002-08-20 19:03:20 +0000361If the
362.Cm ForwardAgent
363variable is set to
364.Dq yes
Darren Tucker61776952003-10-02 16:19:47 +1000365(or see the description of the
Ben Lindstrom3541f182002-08-20 19:03:20 +0000366.Fl A
367and
368.Fl a
Damien Miller495dca32003-04-01 21:42:14 +1000369options described later) and
Ben Lindstrom3541f182002-08-20 19:03:20 +0000370the user is using an authentication agent, the connection to the agent
371is automatically forwarded to the remote side.
Damien Miller32aa1441999-10-29 09:15:49 +1000372.Pp
373Forwarding of arbitrary TCP/IP connections over the secure channel can
Ben Lindstrom979c9812001-07-22 20:45:39 +0000374be specified either on the command line or in a configuration file.
Damien Miller7684ee12000-03-17 23:40:15 +1100375One possible application of TCP/IP forwarding is a secure connection to an
Ben Lindstromebd888d2001-03-05 05:49:29 +0000376electronic purse; another is going through firewalls.
Damien Millere247cc42000-05-07 12:03:14 +1000377.Ss Server authentication
Damien Miller32aa1441999-10-29 09:15:49 +1000378.Nm
Damien Millere247cc42000-05-07 12:03:14 +1000379automatically maintains and checks a database containing
Damien Miller7684ee12000-03-17 23:40:15 +1100380identifications for all hosts it has ever been used with.
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000381Host keys are stored in
Damien Miller167ea5d2005-05-26 12:04:02 +1000382.Pa ~/.ssh/known_hosts
Damien Miller7684ee12000-03-17 23:40:15 +1100383in the user's home directory.
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000384Additionally, the file
Damien Miller05eda432002-02-10 18:32:28 +1100385.Pa /etc/ssh/ssh_known_hosts
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000386is automatically checked for known hosts.
Damien Miller7684ee12000-03-17 23:40:15 +1100387Any new hosts are automatically added to the user's file.
Darren Tucker61776952003-10-02 16:19:47 +1000388If a host's identification ever changes,
Damien Miller32aa1441999-10-29 09:15:49 +1000389.Nm
390warns about this and disables password authentication to prevent a
Damien Miller7684ee12000-03-17 23:40:15 +1100391trojan horse from getting the user's password.
Darren Tucker61776952003-10-02 16:19:47 +1000392Another purpose of this mechanism is to prevent man-in-the-middle attacks
393which could otherwise be used to circumvent the encryption.
Damien Miller7684ee12000-03-17 23:40:15 +1100394The
Damien Miller32aa1441999-10-29 09:15:49 +1000395.Cm StrictHostKeyChecking
Ben Lindstrom9f049032002-06-21 00:59:05 +0000396option can be used to prevent logins to machines whose
Damien Miller32aa1441999-10-29 09:15:49 +1000397host key is not known or has changed.
Damien Miller0bc1bd82000-11-13 22:57:25 +1100398.Pp
Darren Tucker0b42e6d2004-08-13 21:22:40 +1000399.Nm
400can be configured to verify host identification using fingerprint resource
401records (SSHFP) published in DNS.
402The
403.Cm VerifyHostKeyDNS
404option can be used to control how DNS lookups are performed.
405SSHFP resource records can be generated using
406.Xr ssh-keygen 1 .
407.Pp
Damien Miller0bc1bd82000-11-13 22:57:25 +1100408The options are as follows:
Damien Miller32aa1441999-10-29 09:15:49 +1000409.Bl -tag -width Ds
Darren Tucker61776952003-10-02 16:19:47 +1000410.It Fl 1
411Forces
412.Nm
413to try protocol version 1 only.
414.It Fl 2
415Forces
416.Nm
417to try protocol version 2 only.
418.It Fl 4
419Forces
420.Nm
421to use IPv4 addresses only.
422.It Fl 6
423Forces
424.Nm
425to use IPv6 addresses only.
Damien Millerb1715dc2000-05-30 13:44:51 +1000426.It Fl A
427Enables forwarding of the authentication agent connection.
428This can also be specified on a per-host basis in a configuration file.
Damien Millerb5fdfaa2002-09-12 09:52:03 +1000429.Pp
Damien Miller495dca32003-04-01 21:42:14 +1000430Agent forwarding should be enabled with caution.
431Users with the ability to bypass file permissions on the remote host
432(for the agent's Unix-domain socket)
433can access the local agent through the forwarded connection.
434An attacker cannot obtain key material from the agent,
Damien Millerb5fdfaa2002-09-12 09:52:03 +1000435however they can perform operations on the keys that enable them to
436authenticate using the identities loaded into the agent.
Darren Tucker61776952003-10-02 16:19:47 +1000437.It Fl a
438Disables forwarding of the authentication agent connection.
Ben Lindstrome0f88042001-04-30 13:06:24 +0000439.It Fl b Ar bind_address
Darren Tuckera5cf8552005-07-14 17:04:18 +1000440Use
441.Ar bind_address
442on the local machine as the source address
443of the connection.
444Only useful on systems with more than one address.
Darren Tucker61776952003-10-02 16:19:47 +1000445.It Fl C
446Requests compression of all data (including stdin, stdout, stderr, and
447data for forwarded X11 and TCP/IP connections).
448The compression algorithm is the same used by
449.Xr gzip 1 ,
450and the
451.Dq level
452can be controlled by the
453.Cm CompressionLevel
454option for protocol version 1.
455Compression is desirable on modem lines and other
456slow connections, but will only slow down things on fast networks.
457The default value can be set on a host-by-host basis in the
458configuration files; see the
459.Cm Compression
460option.
Damien Miller05202ff2004-06-15 10:30:39 +1000461.It Fl c Ar cipher_spec
462Selects the cipher specification for encrypting the session.
463.Pp
464Protocol version 1 allows specification of a single cipher.
Darren Tucker1e4308e2005-10-03 18:18:40 +1000465The supported values are
Damien Miller05202ff2004-06-15 10:30:39 +1000466.Dq 3des ,
467.Dq blowfish
468and
469.Dq des .
Damien Miller32aa1441999-10-29 09:15:49 +1000470.Ar 3des
471(triple-des) is an encrypt-decrypt-encrypt triple with three different keys.
Damien Miller05202ff2004-06-15 10:30:39 +1000472It is believed to be secure.
Damien Miller32aa1441999-10-29 09:15:49 +1000473.Ar blowfish
Darren Tucker61776952003-10-02 16:19:47 +1000474is a fast block cipher; it appears very secure and is much faster than
Damien Miller7684ee12000-03-17 23:40:15 +1100475.Ar 3des .
Ben Lindstromffa1dd62001-09-12 16:52:28 +0000476.Ar des
477is only supported in the
478.Nm
479client for interoperability with legacy protocol 1 implementations
480that do not support the
481.Ar 3des
Damien Miller495dca32003-04-01 21:42:14 +1000482cipher.
483Its use is strongly discouraged due to cryptographic weaknesses.
Damien Miller05202ff2004-06-15 10:30:39 +1000484The default is
485.Dq 3des .
486.Pp
487For protocol version 2
488.Ar cipher_spec
489is a comma-separated list of ciphers
490listed in order of preference.
491The supported ciphers are
492.Dq 3des-cbc ,
493.Dq aes128-cbc ,
494.Dq aes192-cbc ,
495.Dq aes256-cbc ,
496.Dq aes128-ctr ,
497.Dq aes192-ctr ,
498.Dq aes256-ctr ,
Damien Miller3710f272005-05-26 12:19:17 +1000499.Dq arcfour128 ,
500.Dq arcfour256 ,
Damien Miller05202ff2004-06-15 10:30:39 +1000501.Dq arcfour ,
502.Dq blowfish-cbc ,
503and
504.Dq cast128-cbc .
505The default is
506.Bd -literal
Damien Miller3710f272005-05-26 12:19:17 +1000507 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
508 arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
509 aes192-ctr,aes256-ctr''
Damien Miller05202ff2004-06-15 10:30:39 +1000510.Ed
Darren Tuckerc8d64212005-10-03 18:13:42 +1000511.It Fl D Xo
512.Sm off
513.Oo Ar bind_address : Oc
514.Ar port
515.Sm on
516.Xc
Darren Tucker61776952003-10-02 16:19:47 +1000517Specifies a local
518.Dq dynamic
519application-level port forwarding.
520This works by allocating a socket to listen to
521.Ar port
Darren Tuckerc8d64212005-10-03 18:13:42 +1000522on the local side, optionally bound to the specified
523.Ar bind_address .
524Whenever a connection is made to this port, the
Darren Tucker61776952003-10-02 16:19:47 +1000525connection is forwarded over the secure channel, and the application
526protocol is then used to determine where to connect to from the
527remote machine.
528Currently the SOCKS4 and SOCKS5 protocols are supported, and
529.Nm
530will act as a SOCKS server.
531Only root can forward privileged ports.
532Dynamic port forwardings can also be specified in the configuration file.
Darren Tuckerc8d64212005-10-03 18:13:42 +1000533.Pp
534IPv6 addresses can be specified with an alternative syntax:
535.Sm off
536.Xo
537.Op Ar bind_address No /
538.Ar port
539.Xc
540.Sm on
541or by enclosing the address in square brackets.
542Only the superuser can forward privileged ports.
543By default, the local port is bound in accordance with the
544.Cm GatewayPorts
545setting.
546However, an explicit
547.Ar bind_address
548may be used to bind the connection to a specific address.
549The
550.Ar bind_address
551of
552.Dq localhost
553indicates that the listening port be bound for local use only, while an
554empty address or
555.Sq *
556indicates that the port should be available from all interfaces.
Darren Tucker61776952003-10-02 16:19:47 +1000557.It Fl e Ar ch | ^ch | none
Damien Miller32aa1441999-10-29 09:15:49 +1000558Sets the escape character for sessions with a pty (default:
559.Ql ~ ) .
Damien Miller7684ee12000-03-17 23:40:15 +1100560The escape character is only recognized at the beginning of a line.
561The escape character followed by a dot
Damien Miller32aa1441999-10-29 09:15:49 +1000562.Pq Ql \&.
Darren Tucker61776952003-10-02 16:19:47 +1000563closes the connection;
564followed by control-Z suspends the connection;
565and followed by itself sends the escape character once.
Damien Miller7684ee12000-03-17 23:40:15 +1100566Setting the character to
Damien Miller32aa1441999-10-29 09:15:49 +1000567.Dq none
568disables any escapes and makes the session fully transparent.
Darren Tucker61776952003-10-02 16:19:47 +1000569.It Fl F Ar configfile
570Specifies an alternative per-user configuration file.
571If a configuration file is given on the command line,
572the system-wide configuration file
573.Pq Pa /etc/ssh/ssh_config
574will be ignored.
575The default for the per-user configuration file is
Damien Miller167ea5d2005-05-26 12:04:02 +1000576.Pa ~/.ssh/config .
Damien Miller32aa1441999-10-29 09:15:49 +1000577.It Fl f
578Requests
579.Nm
Damien Miller7684ee12000-03-17 23:40:15 +1100580to go to background just before command execution.
581This is useful if
Damien Miller32aa1441999-10-29 09:15:49 +1000582.Nm
583is going to ask for passwords or passphrases, but the user
Damien Miller7684ee12000-03-17 23:40:15 +1100584wants it in the background.
Damien Miller22c77262000-04-13 12:26:34 +1000585This implies
Damien Miller32aa1441999-10-29 09:15:49 +1000586.Fl n .
587The recommended way to start X11 programs at a remote site is with
588something like
589.Ic ssh -f host xterm .
Damien Miller396691a2000-01-20 22:44:08 +1100590.It Fl g
591Allows remote hosts to connect to local forwarded ports.
Darren Tucker61776952003-10-02 16:19:47 +1000592.It Fl I Ar smartcard_device
593Specifies which smartcard device to use.
594The argument is the device
595.Nm
596should use to communicate with a smartcard used for storing the user's
597private RSA key.
Damien Miller32aa1441999-10-29 09:15:49 +1000598.It Fl i Ar identity_file
Damien Millerfae23862002-01-22 23:32:26 +1100599Selects a file from which the identity (private key) for
Damien Miller0bc1bd82000-11-13 22:57:25 +1100600RSA or DSA authentication is read.
Damien Millerfae23862002-01-22 23:32:26 +1100601The default is
Damien Miller167ea5d2005-05-26 12:04:02 +1000602.Pa ~/.ssh/identity
Damien Millerfae23862002-01-22 23:32:26 +1100603for protocol version 1, and
Damien Miller167ea5d2005-05-26 12:04:02 +1000604.Pa ~/.ssh/id_rsa
Damien Millerfae23862002-01-22 23:32:26 +1100605and
Damien Miller167ea5d2005-05-26 12:04:02 +1000606.Pa ~/.ssh/id_dsa
Damien Millerfae23862002-01-22 23:32:26 +1100607for protocol version 2.
Damien Miller7684ee12000-03-17 23:40:15 +1100608Identity files may also be specified on
609a per-host basis in the configuration file.
610It is possible to have multiple
Damien Miller32aa1441999-10-29 09:15:49 +1000611.Fl i
612options (and multiple identities specified in
613configuration files).
Damien Miller32aa1441999-10-29 09:15:49 +1000614.It Fl k
Damien Millere0113cc2003-11-24 13:10:09 +1100615Disables forwarding (delegation) of GSSAPI credentials to the server.
Darren Tucker61776952003-10-02 16:19:47 +1000616.It Fl L Xo
617.Sm off
Damien Millerf91ee4c2005-03-01 21:24:33 +1100618.Oo Ar bind_address : Oc
Darren Tucker61776952003-10-02 16:19:47 +1000619.Ar port : host : hostport
620.Sm on
621.Xc
622Specifies that the given port on the local (client) host is to be
623forwarded to the given host and port on the remote side.
624This works by allocating a socket to listen to
625.Ar port
Damien Millerf91ee4c2005-03-01 21:24:33 +1100626on the local side, optionally bound to the specified
627.Ar bind_address .
628Whenever a connection is made to this port, the
Darren Tucker61776952003-10-02 16:19:47 +1000629connection is forwarded over the secure channel, and a connection is
630made to
631.Ar host
632port
633.Ar hostport
634from the remote machine.
635Port forwardings can also be specified in the configuration file.
Darren Tucker61776952003-10-02 16:19:47 +1000636IPv6 addresses can be specified with an alternative syntax:
637.Sm off
638.Xo
Damien Millerb096ac42005-03-09 11:00:05 +1100639.Op Ar bind_address No /
Darren Tucker61776952003-10-02 16:19:47 +1000640.Ar port No / Ar host No /
Damien Millerf91ee4c2005-03-01 21:24:33 +1100641.Ar hostport
Darren Tucker61776952003-10-02 16:19:47 +1000642.Xc
643.Sm on
Damien Millerf91ee4c2005-03-01 21:24:33 +1100644or by enclosing the address in square brackets.
645Only the superuser can forward privileged ports.
646By default, the local port is bound in accordance with the
647.Cm GatewayPorts
648setting.
649However, an explicit
650.Ar bind_address
651may be used to bind the connection to a specific address.
652The
653.Ar bind_address
654of
655.Dq localhost
Damien Miller36bf7dd2005-03-02 12:02:47 +1100656indicates that the listening port be bound for local use only, while an
657empty address or
658.Sq *
Damien Millerf91ee4c2005-03-01 21:24:33 +1100659indicates that the port should be available from all interfaces.
Damien Miller32aa1441999-10-29 09:15:49 +1000660.It Fl l Ar login_name
Damien Miller7684ee12000-03-17 23:40:15 +1100661Specifies the user to log in as on the remote machine.
662This also may be specified on a per-host basis in the configuration file.
Damien Miller0e220db2004-06-15 10:34:08 +1000663.It Fl M
664Places the
665.Nm
666client into
667.Dq master
668mode for connection sharing.
669Refer to the description of
670.Cm ControlMaster
671in
672.Xr ssh_config 5
673for details.
Damien Miller5d1eceb2004-06-30 22:37:57 +1000674.It Fl m Ar mac_spec
675Additionally, for protocol version 2 a comma-separated list of MAC
676(message authentication code) algorithms can
677be specified in order of preference.
678See the
679.Cm MACs
680keyword for more information.
Darren Tucker61776952003-10-02 16:19:47 +1000681.It Fl N
682Do not execute a remote command.
683This is useful for just forwarding ports
684(protocol version 2 only).
Damien Miller32aa1441999-10-29 09:15:49 +1000685.It Fl n
686Redirects stdin from
687.Pa /dev/null
688(actually, prevents reading from stdin).
689This must be used when
690.Nm
Damien Miller7684ee12000-03-17 23:40:15 +1100691is run in the background.
692A common trick is to use this to run X11 programs on a remote machine.
693For example,
Damien Miller32aa1441999-10-29 09:15:49 +1000694.Ic ssh -n shadows.cs.hut.fi emacs &
695will start an emacs on shadows.cs.hut.fi, and the X11
696connection will be automatically forwarded over an encrypted channel.
697The
698.Nm
699program will be put in the background.
700(This does not work if
701.Nm
702needs to ask for a password or passphrase; see also the
703.Fl f
704option.)
Darren Tuckere04644c2004-12-03 14:08:45 +1100705.It Fl O Ar ctl_cmd
706Control an active connection multiplexing master process.
707When the
708.Fl O
709option is specified, the
710.Ar ctl_cmd
711argument is interpreted and passed to the master process.
712Valid commands are:
713.Dq check
714(check that the master process is running) and
715.Dq exit
716(request the master to exit).
Damien Miller32aa1441999-10-29 09:15:49 +1000717.It Fl o Ar option
Ben Lindstrom14c62eb2001-08-15 23:25:46 +0000718Can be used to give options in the format used in the configuration file.
Damien Miller32aa1441999-10-29 09:15:49 +1000719This is useful for specifying options for which there is no separate
Damien Miller7684ee12000-03-17 23:40:15 +1100720command-line flag.
Darren Tucker61776952003-10-02 16:19:47 +1000721For full details of the options listed below, and their possible values, see
722.Xr ssh_config 5 .
723.Pp
724.Bl -tag -width Ds -offset indent -compact
725.It AddressFamily
726.It BatchMode
727.It BindAddress
728.It ChallengeResponseAuthentication
729.It CheckHostIP
730.It Cipher
731.It Ciphers
732.It ClearAllForwardings
733.It Compression
734.It CompressionLevel
735.It ConnectionAttempts
Darren Tuckeredae0ec2004-05-02 22:15:52 +1000736.It ConnectTimeout
Damien Miller0e220db2004-06-15 10:34:08 +1000737.It ControlMaster
738.It ControlPath
Darren Tucker61776952003-10-02 16:19:47 +1000739.It DynamicForward
Darren Tucker61776952003-10-02 16:19:47 +1000740.It EscapeChar
741.It ForwardAgent
742.It ForwardX11
Darren Tucker0a118da2003-10-15 15:54:32 +1000743.It ForwardX11Trusted
Darren Tucker61776952003-10-02 16:19:47 +1000744.It GatewayPorts
745.It GlobalKnownHostsFile
746.It GSSAPIAuthentication
747.It GSSAPIDelegateCredentials
Damien Millere1776152005-03-01 21:47:37 +1100748.It HashKnownHosts
Darren Tucker61776952003-10-02 16:19:47 +1000749.It Host
750.It HostbasedAuthentication
751.It HostKeyAlgorithms
752.It HostKeyAlias
753.It HostName
754.It IdentityFile
Damien Millerbd394c32004-03-08 23:12:36 +1100755.It IdentitiesOnly
Darren Tucker636ca902004-11-05 20:22:00 +1100756.It KbdInteractiveDevices
Damien Millerd27b9472005-12-13 19:29:02 +1100757.It LocalCommand
Darren Tucker61776952003-10-02 16:19:47 +1000758.It LocalForward
759.It LogLevel
760.It MACs
761.It NoHostAuthenticationForLocalhost
762.It NumberOfPasswordPrompts
763.It PasswordAuthentication
Damien Millerd27b9472005-12-13 19:29:02 +1100764.It PermitLocalCommand
Darren Tucker61776952003-10-02 16:19:47 +1000765.It Port
766.It PreferredAuthentications
767.It Protocol
768.It ProxyCommand
769.It PubkeyAuthentication
770.It RemoteForward
771.It RhostsRSAAuthentication
772.It RSAAuthentication
Darren Tucker7a6c0662004-05-02 22:14:03 +1000773.It SendEnv
Damien Miller509b0102003-12-17 16:33:10 +1100774.It ServerAliveInterval
775.It ServerAliveCountMax
Darren Tucker61776952003-10-02 16:19:47 +1000776.It SmartcardDevice
777.It StrictHostKeyChecking
Damien Miller12c150e2003-12-17 16:31:10 +1100778.It TCPKeepAlive
Damien Millerd27b9472005-12-13 19:29:02 +1100779.It Tunnel
780.It TunnelDevice
Darren Tucker61776952003-10-02 16:19:47 +1000781.It UsePrivilegedPort
782.It User
783.It UserKnownHostsFile
784.It VerifyHostKeyDNS
785.It XAuthLocation
786.El
Damien Miller32aa1441999-10-29 09:15:49 +1000787.It Fl p Ar port
Damien Miller7684ee12000-03-17 23:40:15 +1100788Port to connect to on the remote host.
789This can be specified on a
Damien Miller32aa1441999-10-29 09:15:49 +1000790per-host basis in the configuration file.
Damien Miller32aa1441999-10-29 09:15:49 +1000791.It Fl q
Damien Miller7684ee12000-03-17 23:40:15 +1100792Quiet mode.
793Causes all warning and diagnostic messages to be suppressed.
Darren Tucker61776952003-10-02 16:19:47 +1000794.It Fl R Xo
795.Sm off
Damien Millerf91ee4c2005-03-01 21:24:33 +1100796.Oo Ar bind_address : Oc
Darren Tucker61776952003-10-02 16:19:47 +1000797.Ar port : host : hostport
798.Sm on
799.Xc
Damien Miller32aa1441999-10-29 09:15:49 +1000800Specifies that the given port on the remote (server) host is to be
Damien Miller7684ee12000-03-17 23:40:15 +1100801forwarded to the given host and port on the local side.
802This works by allocating a socket to listen to
Damien Miller32aa1441999-10-29 09:15:49 +1000803.Ar port
804on the remote side, and whenever a connection is made to this port, the
805connection is forwarded over the secure channel, and a connection is
806made to
Damien Miller34132e52000-01-14 15:45:46 +1100807.Ar host
808port
809.Ar hostport
Damien Miller7684ee12000-03-17 23:40:15 +1100810from the local machine.
Damien Millerf91ee4c2005-03-01 21:24:33 +1100811.Pp
Damien Miller7684ee12000-03-17 23:40:15 +1100812Port forwardings can also be specified in the configuration file.
813Privileged ports can be forwarded only when
Damien Miller32aa1441999-10-29 09:15:49 +1000814logging in as root on the remote machine.
Damien Millerf91ee4c2005-03-01 21:24:33 +1100815IPv6 addresses can be specified by enclosing the address in square braces or
816using an alternative syntax:
Damien Millerf91ee4c2005-03-01 21:24:33 +1100817.Sm off
Damien Miller36bf7dd2005-03-02 12:02:47 +1100818.Xo
Damien Millerb096ac42005-03-09 11:00:05 +1100819.Op Ar bind_address No /
Damien Miller36bf7dd2005-03-02 12:02:47 +1100820.Ar host No / Ar port No /
821.Ar hostport
Damien Millerf91ee4c2005-03-01 21:24:33 +1100822.Xc .
Damien Miller36bf7dd2005-03-02 12:02:47 +1100823.Sm on
Damien Millerf91ee4c2005-03-01 21:24:33 +1100824.Pp
825By default, the listening socket on the server will be bound to the loopback
826interface only.
827This may be overriden by specifying a
828.Ar bind_address .
Damien Miller36bf7dd2005-03-02 12:02:47 +1100829An empty
830.Ar bind_address ,
Damien Millerf91ee4c2005-03-01 21:24:33 +1100831or the address
Damien Miller36bf7dd2005-03-02 12:02:47 +1100832.Ql * ,
Damien Millerf91ee4c2005-03-01 21:24:33 +1100833indicates that the remote socket should listen on all interfaces.
834Specifying a remote
835.Ar bind_address
Damien Miller36bf7dd2005-03-02 12:02:47 +1100836will only succeed if the server's
837.Cm GatewayPorts
Damien Millerf91ee4c2005-03-01 21:24:33 +1100838option is enabled (see
Damien Miller36bf7dd2005-03-02 12:02:47 +1100839.Xr sshd_config 5 ) .
Darren Tucker7ebfc102004-11-07 20:06:19 +1100840.It Fl S Ar ctl_path
Damien Miller5d1eceb2004-06-30 22:37:57 +1000841Specifies the location of a control socket for connection sharing.
Damien Miller0e220db2004-06-15 10:34:08 +1000842Refer to the description of
Darren Tuckerba5c5922004-06-18 16:22:39 +1000843.Cm ControlPath
844and
Damien Miller0e220db2004-06-15 10:34:08 +1000845.Cm ControlMaster
846in
847.Xr ssh_config 5
848for details.
Darren Tucker61776952003-10-02 16:19:47 +1000849.It Fl s
850May be used to request invocation of a subsystem on the remote system.
851Subsystems are a feature of the SSH2 protocol which facilitate the use
852of SSH as a secure transport for other applications (eg.\&
853.Xr sftp 1 ) .
854The subsystem is specified as the remote command.
855.It Fl T
856Disable pseudo-tty allocation.
857.It Fl t
858Force pseudo-tty allocation.
859This can be used to execute arbitrary
860screen-based programs on a remote machine, which can be very useful,
861e.g., when implementing menu services.
862Multiple
863.Fl t
864options force tty allocation, even if
Ben Lindstrom19ceb172001-09-12 17:54:24 +0000865.Nm
Darren Tucker61776952003-10-02 16:19:47 +1000866has no local tty.
867.It Fl V
868Display the version number and exit.
869.It Fl v
870Verbose mode.
871Causes
Ben Lindstrom5ab6ae12001-02-10 22:08:03 +0000872.Nm
Darren Tucker61776952003-10-02 16:19:47 +1000873to print debugging messages about its progress.
874This is helpful in
875debugging connection, authentication, and configuration problems.
876Multiple
877.Fl v
878options increase the verbosity.
879The maximum is 3.
Damien Millerd27b9472005-12-13 19:29:02 +1100880.It Fl w
881Requests a
882.Xr tun 4
883device on the client and server like the
884.Cm Tunnel
885directive in
886.Xr ssh_config 5 .
Darren Tucker61776952003-10-02 16:19:47 +1000887.It Fl X
888Enables X11 forwarding.
889This can also be specified on a per-host basis in a configuration file.
890.Pp
891X11 forwarding should be enabled with caution.
892Users with the ability to bypass file permissions on the remote host
893(for the user's X authorization database)
894can access the local X11 display through the forwarded connection.
895An attacker may then be able to perform activities such as keystroke monitoring.
Damien Miller947219e2005-03-02 13:22:30 +1100896.Pp
Damien Millerb022b232005-03-05 11:22:36 +1100897For this reason, X11 forwarding is subjected to X11 SECURITY extension
Damien Miller947219e2005-03-02 13:22:30 +1100898restrictions by default.
899Please refer to the
900.Nm
901.Fl Y
902option and the
903.Cm ForwardX11Trusted
904directive in
905.Xr ssh_config 5
906for more information.
Darren Tucker61776952003-10-02 16:19:47 +1000907.It Fl x
908Disables X11 forwarding.
Darren Tucker0a118da2003-10-15 15:54:32 +1000909.It Fl Y
910Enables trusted X11 forwarding.
Damien Miller947219e2005-03-02 13:22:30 +1100911Trusted X11 forwardings are not subjected to the X11 SECURITY extension
912controls.
Damien Miller32aa1441999-10-29 09:15:49 +1000913.El
914.Sh CONFIGURATION FILES
915.Nm
Ben Lindstrom9f049032002-06-21 00:59:05 +0000916may additionally obtain configuration data from
917a per-user configuration file and a system-wide configuration file.
918The file format and configuration options are described in
919.Xr ssh_config 5 .
Damien Miller32aa1441999-10-29 09:15:49 +1000920.Sh ENVIRONMENT
921.Nm
922will normally set the following environment variables:
Darren Tucker61776952003-10-02 16:19:47 +1000923.Bl -tag -width LOGNAME
Damien Miller32aa1441999-10-29 09:15:49 +1000924.It Ev DISPLAY
925The
926.Ev DISPLAY
Damien Miller7684ee12000-03-17 23:40:15 +1100927variable indicates the location of the X11 server.
Damien Miller22c77262000-04-13 12:26:34 +1000928It is automatically set by
Damien Miller32aa1441999-10-29 09:15:49 +1000929.Nm
930to point to a value of the form
931.Dq hostname:n
932where hostname indicates
Darren Tucker61776952003-10-02 16:19:47 +1000933the host where the shell runs, and n is an integer \*(Ge 1.
Damien Miller7684ee12000-03-17 23:40:15 +1100934.Nm
935uses this special value to forward X11 connections over the secure
936channel.
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000937The user should normally not set
938.Ev DISPLAY
939explicitly, as that
Damien Miller32aa1441999-10-29 09:15:49 +1000940will render the X11 connection insecure (and will require the user to
941manually copy any required authorization cookies).
942.It Ev HOME
943Set to the path of the user's home directory.
944.It Ev LOGNAME
945Synonym for
946.Ev USER ;
947set for compatibility with systems that use this variable.
948.It Ev MAIL
Ben Lindstrome59433d2001-09-12 16:41:37 +0000949Set to the path of the user's mailbox.
Damien Miller7684ee12000-03-17 23:40:15 +1100950.It Ev PATH
Damien Miller32aa1441999-10-29 09:15:49 +1000951Set to the default
952.Ev PATH ,
953as specified when compiling
954.Nm ssh .
Ben Lindstrom5bf5d672001-07-04 04:31:38 +0000955.It Ev SSH_ASKPASS
956If
957.Nm
958needs a passphrase, it will read the passphrase from the current
959terminal if it was run from a terminal.
960If
961.Nm
962does not have a terminal associated with it but
963.Ev DISPLAY
964and
965.Ev SSH_ASKPASS
966are set, it will execute the program specified by
967.Ev SSH_ASKPASS
968and open an X11 window to read the passphrase.
969This is particularly useful when calling
970.Nm
971from a
Darren Tucker4e4fe002004-11-05 20:01:03 +1100972.Pa .xsession
Ben Lindstrom5bf5d672001-07-04 04:31:38 +0000973or related script.
974(Note that on some machines it
975may be necessary to redirect the input from
976.Pa /dev/null
977to make this work.)
Damien Miller32aa1441999-10-29 09:15:49 +1000978.It Ev SSH_AUTH_SOCK
Ben Lindstrome59433d2001-09-12 16:41:37 +0000979Identifies the path of a unix-domain socket used to communicate with the
Damien Miller32aa1441999-10-29 09:15:49 +1000980agent.
Damien Millerf37e2462002-09-19 11:47:55 +1000981.It Ev SSH_CONNECTION
982Identifies the client and server ends of the connection.
Damien Miller7684ee12000-03-17 23:40:15 +1100983The variable contains
Damien Millerf37e2462002-09-19 11:47:55 +1000984four space-separated values: client ip-address, client port number,
985server ip-address and server port number.
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000986.It Ev SSH_ORIGINAL_COMMAND
987The variable contains the original command line if a forced command
988is executed.
989It can be used to extract the original arguments.
Damien Miller32aa1441999-10-29 09:15:49 +1000990.It Ev SSH_TTY
991This is set to the name of the tty (path to the device) associated
Damien Miller7684ee12000-03-17 23:40:15 +1100992with the current shell or command.
993If the current session has no tty,
Damien Miller32aa1441999-10-29 09:15:49 +1000994this variable is not set.
995.It Ev TZ
Damien Miller6dbdb6a2005-12-13 19:25:43 +1100996This variable is set to indicate the present time zone if it
Damien Miller942da032000-08-18 13:59:06 +1000997was set when the daemon was started (i.e., the daemon passes the value
Damien Miller32aa1441999-10-29 09:15:49 +1000998on to new connections).
999.It Ev USER
1000Set to the name of the user logging in.
1001.El
1002.Pp
Damien Miller22c77262000-04-13 12:26:34 +10001003Additionally,
Damien Miller32aa1441999-10-29 09:15:49 +10001004.Nm
Damien Miller22c77262000-04-13 12:26:34 +10001005reads
Damien Miller167ea5d2005-05-26 12:04:02 +10001006.Pa ~/.ssh/environment ,
Damien Miller32aa1441999-10-29 09:15:49 +10001007and adds lines of the format
1008.Dq VARNAME=value
Ben Lindstromdc7adf22002-08-20 18:38:02 +00001009to the environment if the file exists and if users are allowed to
1010change their environment.
Darren Tucker61776952003-10-02 16:19:47 +10001011For more information, see the
Ben Lindstromdc7adf22002-08-20 18:38:02 +00001012.Cm PermitUserEnvironment
Ben Lindstrombd9bf382002-08-20 18:54:20 +00001013option in
Ben Lindstromdc7adf22002-08-20 18:38:02 +00001014.Xr sshd_config 5 .
Damien Miller32aa1441999-10-29 09:15:49 +10001015.Sh FILES
Damien Miller98c7ad62000-03-09 21:27:49 +11001016.Bl -tag -width Ds
Damien Miller167ea5d2005-05-26 12:04:02 +10001017.It Pa ~/.ssh/known_hosts
Ben Lindstrome59433d2001-09-12 16:41:37 +00001018Records host keys for all hosts the user has logged into that are not
Damien Miller32aa1441999-10-29 09:15:49 +10001019in
Damien Miller05eda432002-02-10 18:32:28 +11001020.Pa /etc/ssh/ssh_known_hosts .
Damien Miller32aa1441999-10-29 09:15:49 +10001021See
1022.Xr sshd 8 .
Damien Miller167ea5d2005-05-26 12:04:02 +10001023.It Pa ~/.ssh/identity, ~/.ssh/id_dsa, ~/.ssh/id_rsa
Ben Lindstrom18a82ac2001-04-11 15:59:35 +00001024Contains the authentication identity of the user.
1025They are for protocol 1 RSA, protocol 2 DSA, and protocol 2 RSA, respectively.
Damien Millere247cc42000-05-07 12:03:14 +10001026These files
1027contain sensitive data and should be readable by the user but not
Damien Miller32aa1441999-10-29 09:15:49 +10001028accessible by others (read/write/execute).
1029Note that
1030.Nm
Damien Millere247cc42000-05-07 12:03:14 +10001031ignores a private key file if it is accessible by others.
Damien Miller32aa1441999-10-29 09:15:49 +10001032It is possible to specify a passphrase when
1033generating the key; the passphrase will be used to encrypt the
1034sensitive part of this file using 3DES.
Damien Miller167ea5d2005-05-26 12:04:02 +10001035.It Pa ~/.ssh/identity.pub, ~/.ssh/id_dsa.pub, ~/.ssh/id_rsa.pub
Damien Miller32aa1441999-10-29 09:15:49 +10001036Contains the public key for authentication (public part of the
Damien Miller7684ee12000-03-17 23:40:15 +11001037identity file in human-readable form).
Damien Millere247cc42000-05-07 12:03:14 +10001038The contents of the
Damien Miller167ea5d2005-05-26 12:04:02 +10001039.Pa ~/.ssh/identity.pub
Darren Tucker61776952003-10-02 16:19:47 +10001040file should be added to the file
Damien Miller167ea5d2005-05-26 12:04:02 +10001041.Pa ~/.ssh/authorized_keys
Damien Miller32aa1441999-10-29 09:15:49 +10001042on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +00001043where the user wishes to log in using protocol version 1 RSA authentication.
Damien Millere247cc42000-05-07 12:03:14 +10001044The contents of the
Damien Miller167ea5d2005-05-26 12:04:02 +10001045.Pa ~/.ssh/id_dsa.pub
Ben Lindstrom18a82ac2001-04-11 15:59:35 +00001046and
Damien Miller167ea5d2005-05-26 12:04:02 +10001047.Pa ~/.ssh/id_rsa.pub
Damien Millere247cc42000-05-07 12:03:14 +10001048file should be added to
Damien Miller167ea5d2005-05-26 12:04:02 +10001049.Pa ~/.ssh/authorized_keys
Damien Millere247cc42000-05-07 12:03:14 +10001050on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +00001051where the user wishes to log in using protocol version 2 DSA/RSA authentication.
Damien Millere247cc42000-05-07 12:03:14 +10001052These files are not
Damien Miller7684ee12000-03-17 23:40:15 +11001053sensitive and can (but need not) be readable by anyone.
Damien Millere247cc42000-05-07 12:03:14 +10001054These files are
Kevin Steves3c034ae2001-02-05 13:47:11 +00001055never used automatically and are not necessary; they are only provided for
Damien Miller32aa1441999-10-29 09:15:49 +10001056the convenience of the user.
Damien Miller167ea5d2005-05-26 12:04:02 +10001057.It Pa ~/.ssh/config
Damien Miller7684ee12000-03-17 23:40:15 +11001058This is the per-user configuration file.
Ben Lindstrom9f049032002-06-21 00:59:05 +00001059The file format and configuration options are described in
1060.Xr ssh_config 5 .
Damien Millerc970cb92004-04-20 20:12:53 +10001061Because of the potential for abuse, this file must have strict permissions:
1062read/write for the user, and not accessible by others.
Damien Miller167ea5d2005-05-26 12:04:02 +10001063.It Pa ~/.ssh/authorized_keys
Ben Lindstromf96704d2001-06-25 04:17:12 +00001064Lists the public keys (RSA/DSA) that can be used for logging in as this user.
Damien Miller7684ee12000-03-17 23:40:15 +11001065The format of this file is described in the
Damien Miller32aa1441999-10-29 09:15:49 +10001066.Xr sshd 8
Damien Miller7684ee12000-03-17 23:40:15 +11001067manual page.
Darren Tucker61776952003-10-02 16:19:47 +10001068In the simplest form the format is the same as the
1069.Pa .pub
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001070identity files.
Damien Millere247cc42000-05-07 12:03:14 +10001071This file is not highly sensitive, but the recommended
1072permissions are read/write for the user, and not accessible by others.
Damien Miller05eda432002-02-10 18:32:28 +11001073.It Pa /etc/ssh/ssh_known_hosts
Damien Miller7684ee12000-03-17 23:40:15 +11001074Systemwide list of known host keys.
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001075This file should be prepared by the
Damien Miller32aa1441999-10-29 09:15:49 +10001076system administrator to contain the public host keys of all machines in the
Damien Miller7684ee12000-03-17 23:40:15 +11001077organization.
1078This file should be world-readable.
1079This file contains
Damien Miller32aa1441999-10-29 09:15:49 +10001080public keys, one per line, in the following format (fields separated
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001081by spaces): system name, public key and optional comment field.
Damien Miller7684ee12000-03-17 23:40:15 +11001082When different names are used
Damien Miller32aa1441999-10-29 09:15:49 +10001083for the same machine, all such names should be listed, separated by
Damien Miller7684ee12000-03-17 23:40:15 +11001084commas.
Darren Tucker61776952003-10-02 16:19:47 +10001085The format is described in the
Damien Miller32aa1441999-10-29 09:15:49 +10001086.Xr sshd 8
1087manual page.
1088.Pp
1089The canonical system name (as returned by name servers) is used by
1090.Xr sshd 8
1091to verify the client host when logging in; other names are needed because
1092.Nm
1093does not convert the user-supplied name to a canonical name before
1094checking the key, because someone with access to the name servers
1095would then be able to fool host authentication.
Damien Miller05eda432002-02-10 18:32:28 +11001096.It Pa /etc/ssh/ssh_config
Damien Miller7684ee12000-03-17 23:40:15 +11001097Systemwide configuration file.
Ben Lindstrom9f049032002-06-21 00:59:05 +00001098The file format and configuration options are described in
1099.Xr ssh_config 5 .
Damien Miller05eda432002-02-10 18:32:28 +11001100.It Pa /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
Damien Miller705499b2001-11-12 11:05:38 +11001101These three files contain the private parts of the host keys
1102and are used for
1103.Cm RhostsRSAAuthentication
1104and
1105.Cm HostbasedAuthentication .
Ben Lindstrom5cac4232002-06-11 15:45:02 +00001106If the protocol version 1
1107.Cm RhostsRSAAuthentication
Ben Lindstromcb72e4f2002-06-21 00:41:51 +00001108method is used,
Damien Miller705499b2001-11-12 11:05:38 +11001109.Nm
Ben Lindstrom5cac4232002-06-11 15:45:02 +00001110must be setuid root, since the host key is readable only by root.
1111For protocol version 2,
1112.Nm
1113uses
1114.Xr ssh-keysign 8
1115to access the host keys for
1116.Cm HostbasedAuthentication .
1117This eliminates the requirement that
1118.Nm
1119be setuid root when that authentication method is used.
1120By default
1121.Nm
1122is not setuid root.
Damien Miller167ea5d2005-05-26 12:04:02 +10001123.It Pa ~/.rhosts
Damien Miller32aa1441999-10-29 09:15:49 +10001124This file is used in
Darren Tuckerdb693902004-08-29 16:37:24 +10001125.Cm RhostsRSAAuthentication
1126and
1127.Cm HostbasedAuthentication
Damien Miller32aa1441999-10-29 09:15:49 +10001128authentication to list the
Damien Miller7684ee12000-03-17 23:40:15 +11001129host/user pairs that are permitted to log in.
1130(Note that this file is
Damien Miller32aa1441999-10-29 09:15:49 +10001131also used by rlogin and rsh, which makes using this file insecure.)
1132Each line of the file contains a host name (in the canonical form
1133returned by name servers), and then a user name on that host,
Damien Miller7684ee12000-03-17 23:40:15 +11001134separated by a space.
Ben Lindstromebd888d2001-03-05 05:49:29 +00001135On some machines this file may need to be
Damien Miller32aa1441999-10-29 09:15:49 +10001136world-readable if the user's home directory is on a NFS partition,
1137because
1138.Xr sshd 8
Damien Miller7684ee12000-03-17 23:40:15 +11001139reads it as root.
1140Additionally, this file must be owned by the user,
1141and must not have write permissions for anyone else.
1142The recommended
Damien Miller32aa1441999-10-29 09:15:49 +10001143permission for most machines is read/write for the user, and not
1144accessible by others.
1145.Pp
Darren Tuckerdb693902004-08-29 16:37:24 +10001146Note that
Damien Miller32aa1441999-10-29 09:15:49 +10001147.Xr sshd 8
Darren Tuckerdb693902004-08-29 16:37:24 +10001148allows authentication only in combination with client host key
1149authentication before permitting log in.
Ben Lindstrom594e2032001-09-12 18:35:30 +00001150If the server machine does not have the client's host key in
Damien Miller05eda432002-02-10 18:32:28 +11001151.Pa /etc/ssh/ssh_known_hosts ,
Ben Lindstrom594e2032001-09-12 18:35:30 +00001152it can be stored in
Damien Miller167ea5d2005-05-26 12:04:02 +10001153.Pa ~/.ssh/known_hosts .
Damien Miller32aa1441999-10-29 09:15:49 +10001154The easiest way to do this is to
1155connect back to the client from the server machine using ssh; this
Damien Millere247cc42000-05-07 12:03:14 +10001156will automatically add the host key to
Damien Miller167ea5d2005-05-26 12:04:02 +10001157.Pa ~/.ssh/known_hosts .
1158.It Pa ~/.shosts
Damien Miller32aa1441999-10-29 09:15:49 +10001159This file is used exactly the same way as
Darren Tucker61776952003-10-02 16:19:47 +10001160.Pa .rhosts .
Damien Miller32aa1441999-10-29 09:15:49 +10001161The purpose for
Darren Tuckerdb693902004-08-29 16:37:24 +10001162having this file is to be able to use
1163.Cm RhostsRSAAuthentication
1164and
1165.Cm HostbasedAuthentication
1166authentication without permitting login with
Darren Tucker61776952003-10-02 16:19:47 +10001167.Xr rlogin
Damien Miller32aa1441999-10-29 09:15:49 +10001168or
1169.Xr rsh 1 .
1170.It Pa /etc/hosts.equiv
1171This file is used during
Darren Tuckerdb693902004-08-29 16:37:24 +10001172.Cm RhostsRSAAuthentication
1173and
1174.Cm HostbasedAuthentication
Damien Millerf1ce5052003-06-11 22:04:39 +10001175authentication.
Damien Miller7684ee12000-03-17 23:40:15 +11001176It contains
Darren Tucker61776952003-10-02 16:19:47 +10001177canonical hosts names, one per line (the full format is described in the
Damien Miller32aa1441999-10-29 09:15:49 +10001178.Xr sshd 8
Damien Miller7684ee12000-03-17 23:40:15 +11001179manual page).
1180If the client host is found in this file, login is
Damien Miller32aa1441999-10-29 09:15:49 +10001181automatically permitted provided client and server user names are the
Damien Miller7684ee12000-03-17 23:40:15 +11001182same.
Darren Tuckerdb693902004-08-29 16:37:24 +10001183Additionally, successful client host key authentication is required.
Damien Miller7684ee12000-03-17 23:40:15 +11001184This file should only be writable by root.
Damien Miller886c63a2000-01-20 23:13:36 +11001185.It Pa /etc/shosts.equiv
Damien Miller22c77262000-04-13 12:26:34 +10001186This file is processed exactly as
Damien Miller32aa1441999-10-29 09:15:49 +10001187.Pa /etc/hosts.equiv .
1188This file may be useful to permit logins using
1189.Nm
1190but not using rsh/rlogin.
Damien Miller05eda432002-02-10 18:32:28 +11001191.It Pa /etc/ssh/sshrc
Damien Miller32aa1441999-10-29 09:15:49 +10001192Commands in this file are executed by
1193.Nm
1194when the user logs in just before the user's shell (or command) is started.
1195See the
1196.Xr sshd 8
1197manual page for more information.
Damien Miller167ea5d2005-05-26 12:04:02 +10001198.It Pa ~/.ssh/rc
Damien Miller32aa1441999-10-29 09:15:49 +10001199Commands in this file are executed by
1200.Nm
1201when the user logs in just before the user's shell (or command) is
1202started.
Damien Miller22c77262000-04-13 12:26:34 +10001203See the
Damien Miller32aa1441999-10-29 09:15:49 +10001204.Xr sshd 8
1205manual page for more information.
Damien Miller167ea5d2005-05-26 12:04:02 +10001206.It Pa ~/.ssh/environment
Damien Miller4f0fa561999-12-26 14:24:41 +11001207Contains additional definitions for environment variables, see section
1208.Sx ENVIRONMENT
1209above.
Damien Miller7b28dc52000-09-05 13:34:53 +11001210.El
Damien Miller07a2d422002-02-05 12:16:15 +11001211.Sh DIAGNOSTICS
1212.Nm
1213exits with the exit status of the remote command or with 255
1214if an error occurred.
Damien Miller32aa1441999-10-29 09:15:49 +10001215.Sh SEE ALSO
Darren Tucker61776952003-10-02 16:19:47 +10001216.Xr gzip 1 ,
Damien Miller32aa1441999-10-29 09:15:49 +10001217.Xr rsh 1 ,
1218.Xr scp 1 ,
Damien Miller33804262001-02-04 23:20:18 +11001219.Xr sftp 1 ,
Damien Miller32aa1441999-10-29 09:15:49 +10001220.Xr ssh-add 1 ,
1221.Xr ssh-agent 1 ,
1222.Xr ssh-keygen 1 ,
1223.Xr telnet 1 ,
Darren Tucker61776952003-10-02 16:19:47 +10001224.Xr hosts.equiv 5 ,
Ben Lindstrombf69e3b2002-06-23 00:31:24 +00001225.Xr ssh_config 5 ,
Ben Lindstromc001cd32002-06-23 00:32:11 +00001226.Xr ssh-keysign 8 ,
Ben Lindstrom5ab6ae12001-02-10 22:08:03 +00001227.Xr sshd 8
Ben Lindstrom160ec622001-04-22 17:17:46 +00001228.Rs
1229.%A T. Ylonen
1230.%A T. Kivinen
1231.%A M. Saarinen
1232.%A T. Rinne
1233.%A S. Lehtinen
1234.%T "SSH Protocol Architecture"
Ben Lindstromf1813842002-03-27 17:18:31 +00001235.%N draft-ietf-secsh-architecture-12.txt
1236.%D January 2002
Ben Lindstrom160ec622001-04-22 17:17:46 +00001237.%O work in progress material
1238.Re
Damien Millerf1ce5052003-06-11 22:04:39 +10001239.Sh AUTHORS
1240OpenSSH is a derivative of the original and free
1241ssh 1.2.12 release by Tatu Ylonen.
1242Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
1243Theo de Raadt and Dug Song
1244removed many bugs, re-added newer features and
1245created OpenSSH.
1246Markus Friedl contributed the support for SSH
1247protocol versions 1.5 and 2.0.