blob: 8e0f377199eebf9ec83776bcbe62004068969ce4 [file] [log] [blame]
Damien Miller32aa1441999-10-29 09:15:49 +10001.\" -*- nroff -*-
2.\"
Damien Miller32aa1441999-10-29 09:15:49 +10003.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
Damien Miller32aa1441999-10-29 09:15:49 +10004.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5.\" All rights reserved
6.\"
Damien Millere4340be2000-09-16 13:29:08 +11007.\" As far as I am concerned, the code I have written for this software
8.\" can be used freely for any purpose. Any derived versions of this
9.\" software must be clearly marked as such, and if the derived work is
10.\" incompatible with the protocol description in the RFC file, it must be
11.\" called by a name other than "ssh" or "Secure Shell".
Damien Miller32aa1441999-10-29 09:15:49 +100012.\"
Ben Lindstrom92a2e382001-03-05 06:59:27 +000013.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
14.\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
15.\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
Damien Millere4340be2000-09-16 13:29:08 +110016.\"
17.\" Redistribution and use in source and binary forms, with or without
18.\" modification, are permitted provided that the following conditions
19.\" are met:
20.\" 1. Redistributions of source code must retain the above copyright
21.\" notice, this list of conditions and the following disclaimer.
22.\" 2. Redistributions in binary form must reproduce the above copyright
23.\" notice, this list of conditions and the following disclaimer in the
24.\" documentation and/or other materials provided with the distribution.
25.\"
26.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
27.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
28.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
29.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
30.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
31.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
32.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
33.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Damien Miller32aa1441999-10-29 09:15:49 +100036.\"
Darren Tucker1e4308e2005-10-03 18:18:40 +100037.\" $OpenBSD: ssh.1,v 1.212 2005/09/19 23:31:31 djm Exp $
Damien Miller32aa1441999-10-29 09:15:49 +100038.Dd September 25, 1999
39.Dt SSH 1
40.Os
41.Sh NAME
42.Nm ssh
Ben Lindstromd58eb5f2001-03-07 06:07:22 +000043.Nd OpenSSH SSH client (remote login program)
Damien Miller32aa1441999-10-29 09:15:49 +100044.Sh SYNOPSIS
45.Nm ssh
Darren Tuckerba5c5922004-06-18 16:22:39 +100046.Op Fl 1246AaCfgkMNnqsTtVvXxY
Ben Lindstrome0f88042001-04-30 13:06:24 +000047.Op Fl b Ar bind_address
Damien Miller30c3d422000-05-09 11:02:59 +100048.Op Fl c Ar cipher_spec
Darren Tuckerc8d64212005-10-03 18:13:42 +100049.Oo Fl D\ \&
50.Sm off
51.Oo Ar bind_address : Oc
52.Ar port
53.Sm on
54.Oc
Damien Miller32aa1441999-10-29 09:15:49 +100055.Op Fl e Ar escape_char
Ben Lindstrom14f31ab2001-09-12 17:48:04 +000056.Op Fl F Ar configfile
Darren Tucker05d4dfe2005-10-03 18:17:38 +100057.Bk -words
Darren Tucker61776952003-10-02 16:19:47 +100058.Op Fl i Ar identity_file
Darren Tucker05d4dfe2005-10-03 18:17:38 +100059.Ek
Damien Miller36bf7dd2005-03-02 12:02:47 +110060.Oo Fl L\ \&
Damien Miller32aa1441999-10-29 09:15:49 +100061.Sm off
Damien Millerf91ee4c2005-03-01 21:24:33 +110062.Oo Ar bind_address : Oc
Damien Miller36bf7dd2005-03-02 12:02:47 +110063.Ar port : host : hostport
Damien Miller32aa1441999-10-29 09:15:49 +100064.Sm on
Damien Miller32aa1441999-10-29 09:15:49 +100065.Oc
Darren Tucker05d4dfe2005-10-03 18:17:38 +100066.Bk -words
Darren Tucker61776952003-10-02 16:19:47 +100067.Op Fl l Ar login_name
Darren Tucker05d4dfe2005-10-03 18:17:38 +100068.Ek
Darren Tucker61776952003-10-02 16:19:47 +100069.Op Fl m Ar mac_spec
Darren Tucker7ebfc102004-11-07 20:06:19 +110070.Op Fl O Ar ctl_cmd
Darren Tucker61776952003-10-02 16:19:47 +100071.Op Fl o Ar option
Darren Tucker61776952003-10-02 16:19:47 +100072.Op Fl p Ar port
Damien Miller36bf7dd2005-03-02 12:02:47 +110073.Oo Fl R\ \&
Damien Miller32aa1441999-10-29 09:15:49 +100074.Sm off
Damien Millerf91ee4c2005-03-01 21:24:33 +110075.Oo Ar bind_address : Oc
Damien Miller36bf7dd2005-03-02 12:02:47 +110076.Ar port : host : hostport
Damien Miller32aa1441999-10-29 09:15:49 +100077.Sm on
Damien Miller32aa1441999-10-29 09:15:49 +100078.Oc
Darren Tucker7ebfc102004-11-07 20:06:19 +110079.Op Fl S Ar ctl_path
Darren Tucker61776952003-10-02 16:19:47 +100080.Oo Ar user Ns @ Oc Ns Ar hostname
Damien Miller32aa1441999-10-29 09:15:49 +100081.Op Ar command
Damien Miller22c77262000-04-13 12:26:34 +100082.Sh DESCRIPTION
Damien Miller32aa1441999-10-29 09:15:49 +100083.Nm
Ben Lindstromd58eb5f2001-03-07 06:07:22 +000084(SSH client) is a program for logging into a remote machine and for
Damien Miller7684ee12000-03-17 23:40:15 +110085executing commands on a remote machine.
Darren Tucker61776952003-10-02 16:19:47 +100086It is intended to replace rlogin and rsh,
87and provide secure encrypted communications between
Damien Miller7684ee12000-03-17 23:40:15 +110088two untrusted hosts over an insecure network.
Darren Tucker61776952003-10-02 16:19:47 +100089X11 connections and arbitrary TCP/IP ports
90can also be forwarded over the secure channel.
Damien Miller32aa1441999-10-29 09:15:49 +100091.Pp
92.Nm
Damien Miller22c77262000-04-13 12:26:34 +100093connects and logs into the specified
Darren Tucker61776952003-10-02 16:19:47 +100094.Ar hostname
95(with optional
96.Ar user
97name).
Damien Miller32aa1441999-10-29 09:15:49 +100098The user must prove
Damien Millere247cc42000-05-07 12:03:14 +100099his/her identity to the remote machine using one of several methods
Darren Tucker61776952003-10-02 16:19:47 +1000100depending on the protocol version used.
Damien Millere247cc42000-05-07 12:03:14 +1000101.Pp
Darren Tucker61776952003-10-02 16:19:47 +1000102If
103.Ar command
104is specified,
105.Ar command
106is executed on the remote host instead of a login shell.
Damien Millere247cc42000-05-07 12:03:14 +1000107.Ss SSH protocol version 1
Darren Tuckerdb693902004-08-29 16:37:24 +1000108The first authentication method is the
Darren Tucker61776952003-10-02 16:19:47 +1000109.Em rhosts
Damien Miller32aa1441999-10-29 09:15:49 +1000110or
Darren Tucker61776952003-10-02 16:19:47 +1000111.Em hosts.equiv
Damien Miller7684ee12000-03-17 23:40:15 +1100112method combined with RSA-based host authentication.
Darren Tuckerdb693902004-08-29 16:37:24 +1000113If the machine the user logs in from is listed in
114.Pa /etc/hosts.equiv
Damien Miller32aa1441999-10-29 09:15:49 +1000115or
Darren Tuckerdb693902004-08-29 16:37:24 +1000116.Pa /etc/shosts.equiv
117on the remote machine, and the user names are
118the same on both sides, or if the files
Damien Miller167ea5d2005-05-26 12:04:02 +1000119.Pa ~/.rhosts
Darren Tuckerdb693902004-08-29 16:37:24 +1000120or
Damien Miller167ea5d2005-05-26 12:04:02 +1000121.Pa ~/.shosts
Darren Tuckerdb693902004-08-29 16:37:24 +1000122exist in the user's home directory on the
123remote machine and contain a line containing the name of the client
124machine and the name of the user on that machine, the user is
125considered for log in.
126Additionally, if the server can verify the client's
Damien Miller22c77262000-04-13 12:26:34 +1000127host key (see
Damien Miller05eda432002-02-10 18:32:28 +1100128.Pa /etc/ssh/ssh_known_hosts
Damien Miller33e511e1999-11-11 11:43:13 +1100129and
Damien Miller167ea5d2005-05-26 12:04:02 +1000130.Pa ~/.ssh/known_hosts
Damien Miller32aa1441999-10-29 09:15:49 +1000131in the
132.Sx FILES
Darren Tucker61776952003-10-02 16:19:47 +1000133section), only then is login permitted.
Damien Miller7684ee12000-03-17 23:40:15 +1100134This authentication method closes security holes due to IP
135spoofing, DNS spoofing and routing spoofing.
136[Note to the administrator:
Damien Miller32aa1441999-10-29 09:15:49 +1000137.Pa /etc/hosts.equiv ,
Damien Miller167ea5d2005-05-26 12:04:02 +1000138.Pa ~/.rhosts ,
Damien Miller32aa1441999-10-29 09:15:49 +1000139and the rlogin/rsh protocol in general, are inherently insecure and should be
140disabled if security is desired.]
141.Pp
Darren Tuckerdb693902004-08-29 16:37:24 +1000142As a second authentication method,
Damien Miller32aa1441999-10-29 09:15:49 +1000143.Nm
144supports RSA based authentication.
145The scheme is based on public-key cryptography: there are cryptosystems
146where encryption and decryption are done using separate keys, and it
147is not possible to derive the decryption key from the encryption key.
Damien Miller7684ee12000-03-17 23:40:15 +1100148RSA is one such system.
Damien Miller22c77262000-04-13 12:26:34 +1000149The idea is that each user creates a public/private
Damien Miller7684ee12000-03-17 23:40:15 +1100150key pair for authentication purposes.
151The server knows the public key, and only the user knows the private key.
Darren Tucker61776952003-10-02 16:19:47 +1000152.Pp
Damien Miller22c77262000-04-13 12:26:34 +1000153The file
Damien Miller167ea5d2005-05-26 12:04:02 +1000154.Pa ~/.ssh/authorized_keys
Darren Tucker61776952003-10-02 16:19:47 +1000155lists the public keys that are permitted for logging in.
Damien Miller7684ee12000-03-17 23:40:15 +1100156When the user logs in, the
Damien Miller32aa1441999-10-29 09:15:49 +1000157.Nm
158program tells the server which key pair it would like to use for
Damien Miller7684ee12000-03-17 23:40:15 +1100159authentication.
Darren Tucker61776952003-10-02 16:19:47 +1000160The server checks if this key is permitted, and if so,
161sends the user (actually the
Damien Miller32aa1441999-10-29 09:15:49 +1000162.Nm
163program running on behalf of the user) a challenge, a random number,
Damien Miller7684ee12000-03-17 23:40:15 +1100164encrypted by the user's public key.
Darren Tucker61776952003-10-02 16:19:47 +1000165The challenge can only be decrypted using the proper private key.
166The user's client then decrypts the challenge using the private key,
167proving that he/she knows the private key
168but without disclosing it to the server.
Damien Miller32aa1441999-10-29 09:15:49 +1000169.Pp
170.Nm
Damien Miller7684ee12000-03-17 23:40:15 +1100171implements the RSA authentication protocol automatically.
172The user creates his/her RSA key pair by running
Damien Miller32aa1441999-10-29 09:15:49 +1000173.Xr ssh-keygen 1 .
Damien Miller22c77262000-04-13 12:26:34 +1000174This stores the private key in
Damien Miller167ea5d2005-05-26 12:04:02 +1000175.Pa ~/.ssh/identity
Darren Tucker61776952003-10-02 16:19:47 +1000176and stores the public key in
Damien Miller167ea5d2005-05-26 12:04:02 +1000177.Pa ~/.ssh/identity.pub
Damien Miller7684ee12000-03-17 23:40:15 +1100178in the user's home directory.
179The user should then copy the
Damien Miller32aa1441999-10-29 09:15:49 +1000180.Pa identity.pub
Damien Miller22c77262000-04-13 12:26:34 +1000181to
Damien Miller167ea5d2005-05-26 12:04:02 +1000182.Pa ~/.ssh/authorized_keys
Damien Miller22c77262000-04-13 12:26:34 +1000183in his/her home directory on the remote machine (the
Damien Miller32aa1441999-10-29 09:15:49 +1000184.Pa authorized_keys
Damien Miller22c77262000-04-13 12:26:34 +1000185file corresponds to the conventional
Damien Miller167ea5d2005-05-26 12:04:02 +1000186.Pa ~/.rhosts
Damien Miller32aa1441999-10-29 09:15:49 +1000187file, and has one key
Damien Miller7684ee12000-03-17 23:40:15 +1100188per line, though the lines can be very long).
189After this, the user can log in without giving the password.
Damien Miller32aa1441999-10-29 09:15:49 +1000190.Pp
191The most convenient way to use RSA authentication may be with an
Damien Miller7684ee12000-03-17 23:40:15 +1100192authentication agent.
193See
Damien Miller32aa1441999-10-29 09:15:49 +1000194.Xr ssh-agent 1
195for more information.
196.Pp
Damien Miller22c77262000-04-13 12:26:34 +1000197If other authentication methods fail,
Damien Miller32aa1441999-10-29 09:15:49 +1000198.Nm
Damien Miller7684ee12000-03-17 23:40:15 +1100199prompts the user for a password.
200The password is sent to the remote
Damien Miller32aa1441999-10-29 09:15:49 +1000201host for checking; however, since all communications are encrypted,
202the password cannot be seen by someone listening on the network.
Damien Millere247cc42000-05-07 12:03:14 +1000203.Ss SSH protocol version 2
Darren Tucker61776952003-10-02 16:19:47 +1000204When a user connects using protocol version 2,
Damien Miller07a2d422002-02-05 12:16:15 +1100205similar authentication methods are available.
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000206Using the default values for
207.Cm PreferredAuthentications ,
Ben Lindstroma9086a12001-08-06 20:58:51 +0000208the client will try to authenticate first using the hostbased method;
Darren Tucker61776952003-10-02 16:19:47 +1000209if this method fails, public key authentication is attempted,
210and finally if this method fails, keyboard-interactive and
Ben Lindstroma9086a12001-08-06 20:58:51 +0000211password authentication are tried.
Damien Millere247cc42000-05-07 12:03:14 +1000212.Pp
213The public key method is similar to RSA authentication described
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000214in the previous section and allows the RSA or DSA algorithm to be used:
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000215The client uses his private key,
Damien Miller167ea5d2005-05-26 12:04:02 +1000216.Pa ~/.ssh/id_dsa
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000217or
Damien Miller167ea5d2005-05-26 12:04:02 +1000218.Pa ~/.ssh/id_rsa ,
Damien Millere247cc42000-05-07 12:03:14 +1000219to sign the session identifier and sends the result to the server.
220The server checks whether the matching public key is listed in
Damien Miller167ea5d2005-05-26 12:04:02 +1000221.Pa ~/.ssh/authorized_keys
Damien Millere247cc42000-05-07 12:03:14 +1000222and grants access if both the key is found and the signature is correct.
223The session identifier is derived from a shared Diffie-Hellman value
224and is only known to the client and the server.
225.Pp
Darren Tucker61776952003-10-02 16:19:47 +1000226If public key authentication fails or is not available, a password
227can be sent encrypted to the remote host to prove the user's identity.
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000228.Pp
229Additionally,
230.Nm
231supports hostbased or challenge response authentication.
Damien Millere247cc42000-05-07 12:03:14 +1000232.Pp
233Protocol 2 provides additional mechanisms for confidentiality
Damien Miller05202ff2004-06-15 10:30:39 +1000234(the traffic is encrypted using AES, 3DES, Blowfish, CAST128 or Arcfour)
235and integrity (hmac-md5, hmac-sha1, hmac-ripemd160).
Damien Millere247cc42000-05-07 12:03:14 +1000236Note that protocol 1 lacks a strong mechanism for ensuring the
237integrity of the connection.
Damien Millere247cc42000-05-07 12:03:14 +1000238.Ss Login session and remote execution
Damien Miller32aa1441999-10-29 09:15:49 +1000239When the user's identity has been accepted by the server, the server
240either executes the given command, or logs into the machine and gives
Damien Miller7684ee12000-03-17 23:40:15 +1100241the user a normal shell on the remote machine.
242All communication with
Damien Miller32aa1441999-10-29 09:15:49 +1000243the remote command or shell will be automatically encrypted.
244.Pp
245If a pseudo-terminal has been allocated (normal login session), the
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000246user may use the escape characters noted below.
Damien Miller32aa1441999-10-29 09:15:49 +1000247.Pp
Darren Tucker61776952003-10-02 16:19:47 +1000248If no pseudo-tty has been allocated,
249the session is transparent and can be used to reliably transfer binary data.
Damien Miller7684ee12000-03-17 23:40:15 +1100250On most systems, setting the escape character to
Damien Miller32aa1441999-10-29 09:15:49 +1000251.Dq none
252will also make the session transparent even if a tty is used.
253.Pp
Ben Lindstroma6885612000-12-09 03:45:32 +0000254The session terminates when the command or shell on the remote
Ben Lindstromebd888d2001-03-05 05:49:29 +0000255machine exits and all X11 and TCP/IP connections have been closed.
Darren Tucker61776952003-10-02 16:19:47 +1000256The exit status of the remote program is returned as the exit status of
Damien Miller32aa1441999-10-29 09:15:49 +1000257.Nm ssh .
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000258.Ss Escape Characters
Darren Tucker61776952003-10-02 16:19:47 +1000259When a pseudo-terminal has been requested,
260.Nm
261supports a number of functions through the use of an escape character.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000262.Pp
263A single tilde character can be sent as
264.Ic ~~
Ben Lindstrom66007692001-07-22 20:41:59 +0000265or by following the tilde by a character other than those described below.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000266The escape character must always follow a newline to be interpreted as
267special.
268The escape character can be changed in configuration files using the
269.Cm EscapeChar
Ben Lindstrom24643222001-06-25 05:08:11 +0000270configuration directive or on the command line by the
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000271.Fl e
272option.
273.Pp
274The supported escapes (assuming the default
275.Ql ~ )
276are:
277.Bl -tag -width Ds
278.It Cm ~.
Darren Tucker61776952003-10-02 16:19:47 +1000279Disconnect.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000280.It Cm ~^Z
Darren Tucker61776952003-10-02 16:19:47 +1000281Background
282.Nm ssh .
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000283.It Cm ~#
Darren Tucker61776952003-10-02 16:19:47 +1000284List forwarded connections.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000285.It Cm ~&
Darren Tucker61776952003-10-02 16:19:47 +1000286Background
287.Nm
288at logout when waiting for forwarded connection / X11 sessions to terminate.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000289.It Cm ~?
Darren Tucker61776952003-10-02 16:19:47 +1000290Display a list of escape characters.
Damien Miller54c45982003-05-15 10:20:13 +1000291.It Cm ~B
Darren Tucker61776952003-10-02 16:19:47 +1000292Send a BREAK to the remote system
293(only useful for SSH protocol version 2 and if the peer supports it).
Ben Lindstrom5589f4b2002-03-22 03:24:32 +0000294.It Cm ~C
Darren Tuckere7066df2004-05-24 10:18:05 +1000295Open command line.
296Currently this allows the addition of port forwardings using the
Ben Lindstrom5589f4b2002-03-22 03:24:32 +0000297.Fl L
298and
299.Fl R
Darren Tuckere7066df2004-05-24 10:18:05 +1000300options (see below).
Darren Tuckere534e122004-05-24 10:35:14 +1000301It also allows the cancellation of existing remote port-forwardings
Darren Tuckere7066df2004-05-24 10:18:05 +1000302using
303.Fl KR Ar hostport .
Darren Tucker1973c882004-05-24 10:34:36 +1000304Basic help is available, using the
305.Fl h
Darren Tuckere7066df2004-05-24 10:18:05 +1000306option.
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000307.It Cm ~R
Darren Tucker61776952003-10-02 16:19:47 +1000308Request rekeying of the connection
309(only useful for SSH protocol version 2 and if the peer supports it).
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000310.El
Damien Millere247cc42000-05-07 12:03:14 +1000311.Ss X11 and TCP forwarding
Ben Lindstrom71215072001-05-17 03:16:18 +0000312If the
313.Cm ForwardX11
314variable is set to
315.Dq yes
Darren Tucker61776952003-10-02 16:19:47 +1000316(or see the description of the
Ben Lindstrom71215072001-05-17 03:16:18 +0000317.Fl X
318and
319.Fl x
320options described later)
321and the user is using X11 (the
Damien Miller32aa1441999-10-29 09:15:49 +1000322.Ev DISPLAY
323environment variable is set), the connection to the X11 display is
324automatically forwarded to the remote side in such a way that any X11
325programs started from the shell (or command) will go through the
326encrypted channel, and the connection to the real X server will be made
Damien Miller7684ee12000-03-17 23:40:15 +1100327from the local machine.
328The user should not manually set
Damien Miller32aa1441999-10-29 09:15:49 +1000329.Ev DISPLAY .
330Forwarding of X11 connections can be
331configured on the command line or in configuration files.
332.Pp
333The
Damien Miller22c77262000-04-13 12:26:34 +1000334.Ev DISPLAY
Damien Miller32aa1441999-10-29 09:15:49 +1000335value set by
336.Nm
Darren Tucker61776952003-10-02 16:19:47 +1000337will point to the server machine, but with a display number greater than zero.
Damien Miller7684ee12000-03-17 23:40:15 +1100338This is normal, and happens because
Damien Miller32aa1441999-10-29 09:15:49 +1000339.Nm
340creates a
341.Dq proxy
342X server on the server machine for forwarding the
343connections over the encrypted channel.
344.Pp
345.Nm
346will also automatically set up Xauthority data on the server machine.
347For this purpose, it will generate a random authorization cookie,
348store it in Xauthority on the server, and verify that any forwarded
349connections carry this cookie and replace it by the real cookie when
Damien Miller7684ee12000-03-17 23:40:15 +1100350the connection is opened.
351The real authentication cookie is never
Damien Miller32aa1441999-10-29 09:15:49 +1000352sent to the server machine (and no cookies are sent in the plain).
353.Pp
Ben Lindstrom3541f182002-08-20 19:03:20 +0000354If the
355.Cm ForwardAgent
356variable is set to
357.Dq yes
Darren Tucker61776952003-10-02 16:19:47 +1000358(or see the description of the
Ben Lindstrom3541f182002-08-20 19:03:20 +0000359.Fl A
360and
361.Fl a
Damien Miller495dca32003-04-01 21:42:14 +1000362options described later) and
Ben Lindstrom3541f182002-08-20 19:03:20 +0000363the user is using an authentication agent, the connection to the agent
364is automatically forwarded to the remote side.
Damien Miller32aa1441999-10-29 09:15:49 +1000365.Pp
366Forwarding of arbitrary TCP/IP connections over the secure channel can
Ben Lindstrom979c9812001-07-22 20:45:39 +0000367be specified either on the command line or in a configuration file.
Damien Miller7684ee12000-03-17 23:40:15 +1100368One possible application of TCP/IP forwarding is a secure connection to an
Ben Lindstromebd888d2001-03-05 05:49:29 +0000369electronic purse; another is going through firewalls.
Damien Millere247cc42000-05-07 12:03:14 +1000370.Ss Server authentication
Damien Miller32aa1441999-10-29 09:15:49 +1000371.Nm
Damien Millere247cc42000-05-07 12:03:14 +1000372automatically maintains and checks a database containing
Damien Miller7684ee12000-03-17 23:40:15 +1100373identifications for all hosts it has ever been used with.
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000374Host keys are stored in
Damien Miller167ea5d2005-05-26 12:04:02 +1000375.Pa ~/.ssh/known_hosts
Damien Miller7684ee12000-03-17 23:40:15 +1100376in the user's home directory.
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000377Additionally, the file
Damien Miller05eda432002-02-10 18:32:28 +1100378.Pa /etc/ssh/ssh_known_hosts
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000379is automatically checked for known hosts.
Damien Miller7684ee12000-03-17 23:40:15 +1100380Any new hosts are automatically added to the user's file.
Darren Tucker61776952003-10-02 16:19:47 +1000381If a host's identification ever changes,
Damien Miller32aa1441999-10-29 09:15:49 +1000382.Nm
383warns about this and disables password authentication to prevent a
Damien Miller7684ee12000-03-17 23:40:15 +1100384trojan horse from getting the user's password.
Darren Tucker61776952003-10-02 16:19:47 +1000385Another purpose of this mechanism is to prevent man-in-the-middle attacks
386which could otherwise be used to circumvent the encryption.
Damien Miller7684ee12000-03-17 23:40:15 +1100387The
Damien Miller32aa1441999-10-29 09:15:49 +1000388.Cm StrictHostKeyChecking
Ben Lindstrom9f049032002-06-21 00:59:05 +0000389option can be used to prevent logins to machines whose
Damien Miller32aa1441999-10-29 09:15:49 +1000390host key is not known or has changed.
Damien Miller0bc1bd82000-11-13 22:57:25 +1100391.Pp
Darren Tucker0b42e6d2004-08-13 21:22:40 +1000392.Nm
393can be configured to verify host identification using fingerprint resource
394records (SSHFP) published in DNS.
395The
396.Cm VerifyHostKeyDNS
397option can be used to control how DNS lookups are performed.
398SSHFP resource records can be generated using
399.Xr ssh-keygen 1 .
400.Pp
Damien Miller0bc1bd82000-11-13 22:57:25 +1100401The options are as follows:
Damien Miller32aa1441999-10-29 09:15:49 +1000402.Bl -tag -width Ds
Darren Tucker61776952003-10-02 16:19:47 +1000403.It Fl 1
404Forces
405.Nm
406to try protocol version 1 only.
407.It Fl 2
408Forces
409.Nm
410to try protocol version 2 only.
411.It Fl 4
412Forces
413.Nm
414to use IPv4 addresses only.
415.It Fl 6
416Forces
417.Nm
418to use IPv6 addresses only.
Damien Millerb1715dc2000-05-30 13:44:51 +1000419.It Fl A
420Enables forwarding of the authentication agent connection.
421This can also be specified on a per-host basis in a configuration file.
Damien Millerb5fdfaa2002-09-12 09:52:03 +1000422.Pp
Damien Miller495dca32003-04-01 21:42:14 +1000423Agent forwarding should be enabled with caution.
424Users with the ability to bypass file permissions on the remote host
425(for the agent's Unix-domain socket)
426can access the local agent through the forwarded connection.
427An attacker cannot obtain key material from the agent,
Damien Millerb5fdfaa2002-09-12 09:52:03 +1000428however they can perform operations on the keys that enable them to
429authenticate using the identities loaded into the agent.
Darren Tucker61776952003-10-02 16:19:47 +1000430.It Fl a
431Disables forwarding of the authentication agent connection.
Ben Lindstrome0f88042001-04-30 13:06:24 +0000432.It Fl b Ar bind_address
Darren Tuckera5cf8552005-07-14 17:04:18 +1000433Use
434.Ar bind_address
435on the local machine as the source address
436of the connection.
437Only useful on systems with more than one address.
Darren Tucker61776952003-10-02 16:19:47 +1000438.It Fl C
439Requests compression of all data (including stdin, stdout, stderr, and
440data for forwarded X11 and TCP/IP connections).
441The compression algorithm is the same used by
442.Xr gzip 1 ,
443and the
444.Dq level
445can be controlled by the
446.Cm CompressionLevel
447option for protocol version 1.
448Compression is desirable on modem lines and other
449slow connections, but will only slow down things on fast networks.
450The default value can be set on a host-by-host basis in the
451configuration files; see the
452.Cm Compression
453option.
Damien Miller05202ff2004-06-15 10:30:39 +1000454.It Fl c Ar cipher_spec
455Selects the cipher specification for encrypting the session.
456.Pp
457Protocol version 1 allows specification of a single cipher.
Darren Tucker1e4308e2005-10-03 18:18:40 +1000458The supported values are
Damien Miller05202ff2004-06-15 10:30:39 +1000459.Dq 3des ,
460.Dq blowfish
461and
462.Dq des .
Damien Miller32aa1441999-10-29 09:15:49 +1000463.Ar 3des
464(triple-des) is an encrypt-decrypt-encrypt triple with three different keys.
Damien Miller05202ff2004-06-15 10:30:39 +1000465It is believed to be secure.
Damien Miller32aa1441999-10-29 09:15:49 +1000466.Ar blowfish
Darren Tucker61776952003-10-02 16:19:47 +1000467is a fast block cipher; it appears very secure and is much faster than
Damien Miller7684ee12000-03-17 23:40:15 +1100468.Ar 3des .
Ben Lindstromffa1dd62001-09-12 16:52:28 +0000469.Ar des
470is only supported in the
471.Nm
472client for interoperability with legacy protocol 1 implementations
473that do not support the
474.Ar 3des
Damien Miller495dca32003-04-01 21:42:14 +1000475cipher.
476Its use is strongly discouraged due to cryptographic weaknesses.
Damien Miller05202ff2004-06-15 10:30:39 +1000477The default is
478.Dq 3des .
479.Pp
480For protocol version 2
481.Ar cipher_spec
482is a comma-separated list of ciphers
483listed in order of preference.
484The supported ciphers are
485.Dq 3des-cbc ,
486.Dq aes128-cbc ,
487.Dq aes192-cbc ,
488.Dq aes256-cbc ,
489.Dq aes128-ctr ,
490.Dq aes192-ctr ,
491.Dq aes256-ctr ,
Damien Miller3710f272005-05-26 12:19:17 +1000492.Dq arcfour128 ,
493.Dq arcfour256 ,
Damien Miller05202ff2004-06-15 10:30:39 +1000494.Dq arcfour ,
495.Dq blowfish-cbc ,
496and
497.Dq cast128-cbc .
498The default is
499.Bd -literal
Damien Miller3710f272005-05-26 12:19:17 +1000500 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
501 arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
502 aes192-ctr,aes256-ctr''
Damien Miller05202ff2004-06-15 10:30:39 +1000503.Ed
Darren Tuckerc8d64212005-10-03 18:13:42 +1000504.It Fl D Xo
505.Sm off
506.Oo Ar bind_address : Oc
507.Ar port
508.Sm on
509.Xc
Darren Tucker61776952003-10-02 16:19:47 +1000510Specifies a local
511.Dq dynamic
512application-level port forwarding.
513This works by allocating a socket to listen to
514.Ar port
Darren Tuckerc8d64212005-10-03 18:13:42 +1000515on the local side, optionally bound to the specified
516.Ar bind_address .
517Whenever a connection is made to this port, the
Darren Tucker61776952003-10-02 16:19:47 +1000518connection is forwarded over the secure channel, and the application
519protocol is then used to determine where to connect to from the
520remote machine.
521Currently the SOCKS4 and SOCKS5 protocols are supported, and
522.Nm
523will act as a SOCKS server.
524Only root can forward privileged ports.
525Dynamic port forwardings can also be specified in the configuration file.
Darren Tuckerc8d64212005-10-03 18:13:42 +1000526.Pp
527IPv6 addresses can be specified with an alternative syntax:
528.Sm off
529.Xo
530.Op Ar bind_address No /
531.Ar port
532.Xc
533.Sm on
534or by enclosing the address in square brackets.
535Only the superuser can forward privileged ports.
536By default, the local port is bound in accordance with the
537.Cm GatewayPorts
538setting.
539However, an explicit
540.Ar bind_address
541may be used to bind the connection to a specific address.
542The
543.Ar bind_address
544of
545.Dq localhost
546indicates that the listening port be bound for local use only, while an
547empty address or
548.Sq *
549indicates that the port should be available from all interfaces.
Darren Tucker61776952003-10-02 16:19:47 +1000550.It Fl e Ar ch | ^ch | none
Damien Miller32aa1441999-10-29 09:15:49 +1000551Sets the escape character for sessions with a pty (default:
552.Ql ~ ) .
Damien Miller7684ee12000-03-17 23:40:15 +1100553The escape character is only recognized at the beginning of a line.
554The escape character followed by a dot
Damien Miller32aa1441999-10-29 09:15:49 +1000555.Pq Ql \&.
Darren Tucker61776952003-10-02 16:19:47 +1000556closes the connection;
557followed by control-Z suspends the connection;
558and followed by itself sends the escape character once.
Damien Miller7684ee12000-03-17 23:40:15 +1100559Setting the character to
Damien Miller32aa1441999-10-29 09:15:49 +1000560.Dq none
561disables any escapes and makes the session fully transparent.
Darren Tucker61776952003-10-02 16:19:47 +1000562.It Fl F Ar configfile
563Specifies an alternative per-user configuration file.
564If a configuration file is given on the command line,
565the system-wide configuration file
566.Pq Pa /etc/ssh/ssh_config
567will be ignored.
568The default for the per-user configuration file is
Damien Miller167ea5d2005-05-26 12:04:02 +1000569.Pa ~/.ssh/config .
Damien Miller32aa1441999-10-29 09:15:49 +1000570.It Fl f
571Requests
572.Nm
Damien Miller7684ee12000-03-17 23:40:15 +1100573to go to background just before command execution.
574This is useful if
Damien Miller32aa1441999-10-29 09:15:49 +1000575.Nm
576is going to ask for passwords or passphrases, but the user
Damien Miller7684ee12000-03-17 23:40:15 +1100577wants it in the background.
Damien Miller22c77262000-04-13 12:26:34 +1000578This implies
Damien Miller32aa1441999-10-29 09:15:49 +1000579.Fl n .
580The recommended way to start X11 programs at a remote site is with
581something like
582.Ic ssh -f host xterm .
Damien Miller396691a2000-01-20 22:44:08 +1100583.It Fl g
584Allows remote hosts to connect to local forwarded ports.
Darren Tucker61776952003-10-02 16:19:47 +1000585.It Fl I Ar smartcard_device
586Specifies which smartcard device to use.
587The argument is the device
588.Nm
589should use to communicate with a smartcard used for storing the user's
590private RSA key.
Damien Miller32aa1441999-10-29 09:15:49 +1000591.It Fl i Ar identity_file
Damien Millerfae23862002-01-22 23:32:26 +1100592Selects a file from which the identity (private key) for
Damien Miller0bc1bd82000-11-13 22:57:25 +1100593RSA or DSA authentication is read.
Damien Millerfae23862002-01-22 23:32:26 +1100594The default is
Damien Miller167ea5d2005-05-26 12:04:02 +1000595.Pa ~/.ssh/identity
Damien Millerfae23862002-01-22 23:32:26 +1100596for protocol version 1, and
Damien Miller167ea5d2005-05-26 12:04:02 +1000597.Pa ~/.ssh/id_rsa
Damien Millerfae23862002-01-22 23:32:26 +1100598and
Damien Miller167ea5d2005-05-26 12:04:02 +1000599.Pa ~/.ssh/id_dsa
Damien Millerfae23862002-01-22 23:32:26 +1100600for protocol version 2.
Damien Miller7684ee12000-03-17 23:40:15 +1100601Identity files may also be specified on
602a per-host basis in the configuration file.
603It is possible to have multiple
Damien Miller32aa1441999-10-29 09:15:49 +1000604.Fl i
605options (and multiple identities specified in
606configuration files).
Damien Miller32aa1441999-10-29 09:15:49 +1000607.It Fl k
Damien Millere0113cc2003-11-24 13:10:09 +1100608Disables forwarding (delegation) of GSSAPI credentials to the server.
Darren Tucker61776952003-10-02 16:19:47 +1000609.It Fl L Xo
610.Sm off
Damien Millerf91ee4c2005-03-01 21:24:33 +1100611.Oo Ar bind_address : Oc
Darren Tucker61776952003-10-02 16:19:47 +1000612.Ar port : host : hostport
613.Sm on
614.Xc
615Specifies that the given port on the local (client) host is to be
616forwarded to the given host and port on the remote side.
617This works by allocating a socket to listen to
618.Ar port
Damien Millerf91ee4c2005-03-01 21:24:33 +1100619on the local side, optionally bound to the specified
620.Ar bind_address .
621Whenever a connection is made to this port, the
Darren Tucker61776952003-10-02 16:19:47 +1000622connection is forwarded over the secure channel, and a connection is
623made to
624.Ar host
625port
626.Ar hostport
627from the remote machine.
628Port forwardings can also be specified in the configuration file.
Darren Tucker61776952003-10-02 16:19:47 +1000629IPv6 addresses can be specified with an alternative syntax:
630.Sm off
631.Xo
Damien Millerb096ac42005-03-09 11:00:05 +1100632.Op Ar bind_address No /
Darren Tucker61776952003-10-02 16:19:47 +1000633.Ar port No / Ar host No /
Damien Millerf91ee4c2005-03-01 21:24:33 +1100634.Ar hostport
Darren Tucker61776952003-10-02 16:19:47 +1000635.Xc
636.Sm on
Damien Millerf91ee4c2005-03-01 21:24:33 +1100637or by enclosing the address in square brackets.
638Only the superuser can forward privileged ports.
639By default, the local port is bound in accordance with the
640.Cm GatewayPorts
641setting.
642However, an explicit
643.Ar bind_address
644may be used to bind the connection to a specific address.
645The
646.Ar bind_address
647of
648.Dq localhost
Damien Miller36bf7dd2005-03-02 12:02:47 +1100649indicates that the listening port be bound for local use only, while an
650empty address or
651.Sq *
Damien Millerf91ee4c2005-03-01 21:24:33 +1100652indicates that the port should be available from all interfaces.
Damien Miller32aa1441999-10-29 09:15:49 +1000653.It Fl l Ar login_name
Damien Miller7684ee12000-03-17 23:40:15 +1100654Specifies the user to log in as on the remote machine.
655This also may be specified on a per-host basis in the configuration file.
Damien Miller0e220db2004-06-15 10:34:08 +1000656.It Fl M
657Places the
658.Nm
659client into
660.Dq master
661mode for connection sharing.
662Refer to the description of
663.Cm ControlMaster
664in
665.Xr ssh_config 5
666for details.
Damien Miller5d1eceb2004-06-30 22:37:57 +1000667.It Fl m Ar mac_spec
668Additionally, for protocol version 2 a comma-separated list of MAC
669(message authentication code) algorithms can
670be specified in order of preference.
671See the
672.Cm MACs
673keyword for more information.
Darren Tucker61776952003-10-02 16:19:47 +1000674.It Fl N
675Do not execute a remote command.
676This is useful for just forwarding ports
677(protocol version 2 only).
Damien Miller32aa1441999-10-29 09:15:49 +1000678.It Fl n
679Redirects stdin from
680.Pa /dev/null
681(actually, prevents reading from stdin).
682This must be used when
683.Nm
Damien Miller7684ee12000-03-17 23:40:15 +1100684is run in the background.
685A common trick is to use this to run X11 programs on a remote machine.
686For example,
Damien Miller32aa1441999-10-29 09:15:49 +1000687.Ic ssh -n shadows.cs.hut.fi emacs &
688will start an emacs on shadows.cs.hut.fi, and the X11
689connection will be automatically forwarded over an encrypted channel.
690The
691.Nm
692program will be put in the background.
693(This does not work if
694.Nm
695needs to ask for a password or passphrase; see also the
696.Fl f
697option.)
Darren Tuckere04644c2004-12-03 14:08:45 +1100698.It Fl O Ar ctl_cmd
699Control an active connection multiplexing master process.
700When the
701.Fl O
702option is specified, the
703.Ar ctl_cmd
704argument is interpreted and passed to the master process.
705Valid commands are:
706.Dq check
707(check that the master process is running) and
708.Dq exit
709(request the master to exit).
Damien Miller32aa1441999-10-29 09:15:49 +1000710.It Fl o Ar option
Ben Lindstrom14c62eb2001-08-15 23:25:46 +0000711Can be used to give options in the format used in the configuration file.
Damien Miller32aa1441999-10-29 09:15:49 +1000712This is useful for specifying options for which there is no separate
Damien Miller7684ee12000-03-17 23:40:15 +1100713command-line flag.
Darren Tucker61776952003-10-02 16:19:47 +1000714For full details of the options listed below, and their possible values, see
715.Xr ssh_config 5 .
716.Pp
717.Bl -tag -width Ds -offset indent -compact
718.It AddressFamily
719.It BatchMode
720.It BindAddress
721.It ChallengeResponseAuthentication
722.It CheckHostIP
723.It Cipher
724.It Ciphers
725.It ClearAllForwardings
726.It Compression
727.It CompressionLevel
728.It ConnectionAttempts
Darren Tuckeredae0ec2004-05-02 22:15:52 +1000729.It ConnectTimeout
Damien Miller0e220db2004-06-15 10:34:08 +1000730.It ControlMaster
731.It ControlPath
Darren Tucker61776952003-10-02 16:19:47 +1000732.It DynamicForward
Darren Tucker61776952003-10-02 16:19:47 +1000733.It EscapeChar
734.It ForwardAgent
735.It ForwardX11
Darren Tucker0a118da2003-10-15 15:54:32 +1000736.It ForwardX11Trusted
Darren Tucker61776952003-10-02 16:19:47 +1000737.It GatewayPorts
738.It GlobalKnownHostsFile
739.It GSSAPIAuthentication
740.It GSSAPIDelegateCredentials
Damien Millere1776152005-03-01 21:47:37 +1100741.It HashKnownHosts
Darren Tucker61776952003-10-02 16:19:47 +1000742.It Host
743.It HostbasedAuthentication
744.It HostKeyAlgorithms
745.It HostKeyAlias
746.It HostName
747.It IdentityFile
Damien Millerbd394c32004-03-08 23:12:36 +1100748.It IdentitiesOnly
Darren Tucker636ca902004-11-05 20:22:00 +1100749.It KbdInteractiveDevices
Darren Tucker61776952003-10-02 16:19:47 +1000750.It LocalForward
751.It LogLevel
752.It MACs
753.It NoHostAuthenticationForLocalhost
754.It NumberOfPasswordPrompts
755.It PasswordAuthentication
756.It Port
757.It PreferredAuthentications
758.It Protocol
759.It ProxyCommand
760.It PubkeyAuthentication
761.It RemoteForward
762.It RhostsRSAAuthentication
763.It RSAAuthentication
Darren Tucker7a6c0662004-05-02 22:14:03 +1000764.It SendEnv
Damien Miller509b0102003-12-17 16:33:10 +1100765.It ServerAliveInterval
766.It ServerAliveCountMax
Darren Tucker61776952003-10-02 16:19:47 +1000767.It SmartcardDevice
768.It StrictHostKeyChecking
Damien Miller12c150e2003-12-17 16:31:10 +1100769.It TCPKeepAlive
Darren Tucker61776952003-10-02 16:19:47 +1000770.It UsePrivilegedPort
771.It User
772.It UserKnownHostsFile
773.It VerifyHostKeyDNS
774.It XAuthLocation
775.El
Damien Miller32aa1441999-10-29 09:15:49 +1000776.It Fl p Ar port
Damien Miller7684ee12000-03-17 23:40:15 +1100777Port to connect to on the remote host.
778This can be specified on a
Damien Miller32aa1441999-10-29 09:15:49 +1000779per-host basis in the configuration file.
Damien Miller32aa1441999-10-29 09:15:49 +1000780.It Fl q
Damien Miller7684ee12000-03-17 23:40:15 +1100781Quiet mode.
782Causes all warning and diagnostic messages to be suppressed.
Darren Tucker61776952003-10-02 16:19:47 +1000783.It Fl R Xo
784.Sm off
Damien Millerf91ee4c2005-03-01 21:24:33 +1100785.Oo Ar bind_address : Oc
Darren Tucker61776952003-10-02 16:19:47 +1000786.Ar port : host : hostport
787.Sm on
788.Xc
Damien Miller32aa1441999-10-29 09:15:49 +1000789Specifies that the given port on the remote (server) host is to be
Damien Miller7684ee12000-03-17 23:40:15 +1100790forwarded to the given host and port on the local side.
791This works by allocating a socket to listen to
Damien Miller32aa1441999-10-29 09:15:49 +1000792.Ar port
793on the remote side, and whenever a connection is made to this port, the
794connection is forwarded over the secure channel, and a connection is
795made to
Damien Miller34132e52000-01-14 15:45:46 +1100796.Ar host
797port
798.Ar hostport
Damien Miller7684ee12000-03-17 23:40:15 +1100799from the local machine.
Damien Millerf91ee4c2005-03-01 21:24:33 +1100800.Pp
Damien Miller7684ee12000-03-17 23:40:15 +1100801Port forwardings can also be specified in the configuration file.
802Privileged ports can be forwarded only when
Damien Miller32aa1441999-10-29 09:15:49 +1000803logging in as root on the remote machine.
Damien Millerf91ee4c2005-03-01 21:24:33 +1100804IPv6 addresses can be specified by enclosing the address in square braces or
805using an alternative syntax:
Damien Millerf91ee4c2005-03-01 21:24:33 +1100806.Sm off
Damien Miller36bf7dd2005-03-02 12:02:47 +1100807.Xo
Damien Millerb096ac42005-03-09 11:00:05 +1100808.Op Ar bind_address No /
Damien Miller36bf7dd2005-03-02 12:02:47 +1100809.Ar host No / Ar port No /
810.Ar hostport
Damien Millerf91ee4c2005-03-01 21:24:33 +1100811.Xc .
Damien Miller36bf7dd2005-03-02 12:02:47 +1100812.Sm on
Damien Millerf91ee4c2005-03-01 21:24:33 +1100813.Pp
814By default, the listening socket on the server will be bound to the loopback
815interface only.
816This may be overriden by specifying a
817.Ar bind_address .
Damien Miller36bf7dd2005-03-02 12:02:47 +1100818An empty
819.Ar bind_address ,
Damien Millerf91ee4c2005-03-01 21:24:33 +1100820or the address
Damien Miller36bf7dd2005-03-02 12:02:47 +1100821.Ql * ,
Damien Millerf91ee4c2005-03-01 21:24:33 +1100822indicates that the remote socket should listen on all interfaces.
823Specifying a remote
824.Ar bind_address
Damien Miller36bf7dd2005-03-02 12:02:47 +1100825will only succeed if the server's
826.Cm GatewayPorts
Damien Millerf91ee4c2005-03-01 21:24:33 +1100827option is enabled (see
Damien Miller36bf7dd2005-03-02 12:02:47 +1100828.Xr sshd_config 5 ) .
Darren Tucker7ebfc102004-11-07 20:06:19 +1100829.It Fl S Ar ctl_path
Damien Miller5d1eceb2004-06-30 22:37:57 +1000830Specifies the location of a control socket for connection sharing.
Damien Miller0e220db2004-06-15 10:34:08 +1000831Refer to the description of
Darren Tuckerba5c5922004-06-18 16:22:39 +1000832.Cm ControlPath
833and
Damien Miller0e220db2004-06-15 10:34:08 +1000834.Cm ControlMaster
835in
836.Xr ssh_config 5
837for details.
Darren Tucker61776952003-10-02 16:19:47 +1000838.It Fl s
839May be used to request invocation of a subsystem on the remote system.
840Subsystems are a feature of the SSH2 protocol which facilitate the use
841of SSH as a secure transport for other applications (eg.\&
842.Xr sftp 1 ) .
843The subsystem is specified as the remote command.
844.It Fl T
845Disable pseudo-tty allocation.
846.It Fl t
847Force pseudo-tty allocation.
848This can be used to execute arbitrary
849screen-based programs on a remote machine, which can be very useful,
850e.g., when implementing menu services.
851Multiple
852.Fl t
853options force tty allocation, even if
Ben Lindstrom19ceb172001-09-12 17:54:24 +0000854.Nm
Darren Tucker61776952003-10-02 16:19:47 +1000855has no local tty.
856.It Fl V
857Display the version number and exit.
858.It Fl v
859Verbose mode.
860Causes
Ben Lindstrom5ab6ae12001-02-10 22:08:03 +0000861.Nm
Darren Tucker61776952003-10-02 16:19:47 +1000862to print debugging messages about its progress.
863This is helpful in
864debugging connection, authentication, and configuration problems.
865Multiple
866.Fl v
867options increase the verbosity.
868The maximum is 3.
869.It Fl X
870Enables X11 forwarding.
871This can also be specified on a per-host basis in a configuration file.
872.Pp
873X11 forwarding should be enabled with caution.
874Users with the ability to bypass file permissions on the remote host
875(for the user's X authorization database)
876can access the local X11 display through the forwarded connection.
877An attacker may then be able to perform activities such as keystroke monitoring.
Damien Miller947219e2005-03-02 13:22:30 +1100878.Pp
Damien Millerb022b232005-03-05 11:22:36 +1100879For this reason, X11 forwarding is subjected to X11 SECURITY extension
Damien Miller947219e2005-03-02 13:22:30 +1100880restrictions by default.
881Please refer to the
882.Nm
883.Fl Y
884option and the
885.Cm ForwardX11Trusted
886directive in
887.Xr ssh_config 5
888for more information.
Darren Tucker61776952003-10-02 16:19:47 +1000889.It Fl x
890Disables X11 forwarding.
Darren Tucker0a118da2003-10-15 15:54:32 +1000891.It Fl Y
892Enables trusted X11 forwarding.
Damien Miller947219e2005-03-02 13:22:30 +1100893Trusted X11 forwardings are not subjected to the X11 SECURITY extension
894controls.
Damien Miller32aa1441999-10-29 09:15:49 +1000895.El
896.Sh CONFIGURATION FILES
897.Nm
Ben Lindstrom9f049032002-06-21 00:59:05 +0000898may additionally obtain configuration data from
899a per-user configuration file and a system-wide configuration file.
900The file format and configuration options are described in
901.Xr ssh_config 5 .
Damien Miller32aa1441999-10-29 09:15:49 +1000902.Sh ENVIRONMENT
903.Nm
904will normally set the following environment variables:
Darren Tucker61776952003-10-02 16:19:47 +1000905.Bl -tag -width LOGNAME
Damien Miller32aa1441999-10-29 09:15:49 +1000906.It Ev DISPLAY
907The
908.Ev DISPLAY
Damien Miller7684ee12000-03-17 23:40:15 +1100909variable indicates the location of the X11 server.
Damien Miller22c77262000-04-13 12:26:34 +1000910It is automatically set by
Damien Miller32aa1441999-10-29 09:15:49 +1000911.Nm
912to point to a value of the form
913.Dq hostname:n
914where hostname indicates
Darren Tucker61776952003-10-02 16:19:47 +1000915the host where the shell runs, and n is an integer \*(Ge 1.
Damien Miller7684ee12000-03-17 23:40:15 +1100916.Nm
917uses this special value to forward X11 connections over the secure
918channel.
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000919The user should normally not set
920.Ev DISPLAY
921explicitly, as that
Damien Miller32aa1441999-10-29 09:15:49 +1000922will render the X11 connection insecure (and will require the user to
923manually copy any required authorization cookies).
924.It Ev HOME
925Set to the path of the user's home directory.
926.It Ev LOGNAME
927Synonym for
928.Ev USER ;
929set for compatibility with systems that use this variable.
930.It Ev MAIL
Ben Lindstrome59433d2001-09-12 16:41:37 +0000931Set to the path of the user's mailbox.
Damien Miller7684ee12000-03-17 23:40:15 +1100932.It Ev PATH
Damien Miller32aa1441999-10-29 09:15:49 +1000933Set to the default
934.Ev PATH ,
935as specified when compiling
936.Nm ssh .
Ben Lindstrom5bf5d672001-07-04 04:31:38 +0000937.It Ev SSH_ASKPASS
938If
939.Nm
940needs a passphrase, it will read the passphrase from the current
941terminal if it was run from a terminal.
942If
943.Nm
944does not have a terminal associated with it but
945.Ev DISPLAY
946and
947.Ev SSH_ASKPASS
948are set, it will execute the program specified by
949.Ev SSH_ASKPASS
950and open an X11 window to read the passphrase.
951This is particularly useful when calling
952.Nm
953from a
Darren Tucker4e4fe002004-11-05 20:01:03 +1100954.Pa .xsession
Ben Lindstrom5bf5d672001-07-04 04:31:38 +0000955or related script.
956(Note that on some machines it
957may be necessary to redirect the input from
958.Pa /dev/null
959to make this work.)
Damien Miller32aa1441999-10-29 09:15:49 +1000960.It Ev SSH_AUTH_SOCK
Ben Lindstrome59433d2001-09-12 16:41:37 +0000961Identifies the path of a unix-domain socket used to communicate with the
Damien Miller32aa1441999-10-29 09:15:49 +1000962agent.
Damien Millerf37e2462002-09-19 11:47:55 +1000963.It Ev SSH_CONNECTION
964Identifies the client and server ends of the connection.
Damien Miller7684ee12000-03-17 23:40:15 +1100965The variable contains
Damien Millerf37e2462002-09-19 11:47:55 +1000966four space-separated values: client ip-address, client port number,
967server ip-address and server port number.
Ben Lindstrom4dccfa52000-12-28 16:40:05 +0000968.It Ev SSH_ORIGINAL_COMMAND
969The variable contains the original command line if a forced command
970is executed.
971It can be used to extract the original arguments.
Damien Miller32aa1441999-10-29 09:15:49 +1000972.It Ev SSH_TTY
973This is set to the name of the tty (path to the device) associated
Damien Miller7684ee12000-03-17 23:40:15 +1100974with the current shell or command.
975If the current session has no tty,
Damien Miller32aa1441999-10-29 09:15:49 +1000976this variable is not set.
977.It Ev TZ
978The timezone variable is set to indicate the present timezone if it
Damien Miller942da032000-08-18 13:59:06 +1000979was set when the daemon was started (i.e., the daemon passes the value
Damien Miller32aa1441999-10-29 09:15:49 +1000980on to new connections).
981.It Ev USER
982Set to the name of the user logging in.
983.El
984.Pp
Damien Miller22c77262000-04-13 12:26:34 +1000985Additionally,
Damien Miller32aa1441999-10-29 09:15:49 +1000986.Nm
Damien Miller22c77262000-04-13 12:26:34 +1000987reads
Damien Miller167ea5d2005-05-26 12:04:02 +1000988.Pa ~/.ssh/environment ,
Damien Miller32aa1441999-10-29 09:15:49 +1000989and adds lines of the format
990.Dq VARNAME=value
Ben Lindstromdc7adf22002-08-20 18:38:02 +0000991to the environment if the file exists and if users are allowed to
992change their environment.
Darren Tucker61776952003-10-02 16:19:47 +1000993For more information, see the
Ben Lindstromdc7adf22002-08-20 18:38:02 +0000994.Cm PermitUserEnvironment
Ben Lindstrombd9bf382002-08-20 18:54:20 +0000995option in
Ben Lindstromdc7adf22002-08-20 18:38:02 +0000996.Xr sshd_config 5 .
Damien Miller32aa1441999-10-29 09:15:49 +1000997.Sh FILES
Damien Miller98c7ad62000-03-09 21:27:49 +1100998.Bl -tag -width Ds
Damien Miller167ea5d2005-05-26 12:04:02 +1000999.It Pa ~/.ssh/known_hosts
Ben Lindstrome59433d2001-09-12 16:41:37 +00001000Records host keys for all hosts the user has logged into that are not
Damien Miller32aa1441999-10-29 09:15:49 +10001001in
Damien Miller05eda432002-02-10 18:32:28 +11001002.Pa /etc/ssh/ssh_known_hosts .
Damien Miller32aa1441999-10-29 09:15:49 +10001003See
1004.Xr sshd 8 .
Damien Miller167ea5d2005-05-26 12:04:02 +10001005.It Pa ~/.ssh/identity, ~/.ssh/id_dsa, ~/.ssh/id_rsa
Ben Lindstrom18a82ac2001-04-11 15:59:35 +00001006Contains the authentication identity of the user.
1007They are for protocol 1 RSA, protocol 2 DSA, and protocol 2 RSA, respectively.
Damien Millere247cc42000-05-07 12:03:14 +10001008These files
1009contain sensitive data and should be readable by the user but not
Damien Miller32aa1441999-10-29 09:15:49 +10001010accessible by others (read/write/execute).
1011Note that
1012.Nm
Damien Millere247cc42000-05-07 12:03:14 +10001013ignores a private key file if it is accessible by others.
Damien Miller32aa1441999-10-29 09:15:49 +10001014It is possible to specify a passphrase when
1015generating the key; the passphrase will be used to encrypt the
1016sensitive part of this file using 3DES.
Damien Miller167ea5d2005-05-26 12:04:02 +10001017.It Pa ~/.ssh/identity.pub, ~/.ssh/id_dsa.pub, ~/.ssh/id_rsa.pub
Damien Miller32aa1441999-10-29 09:15:49 +10001018Contains the public key for authentication (public part of the
Damien Miller7684ee12000-03-17 23:40:15 +11001019identity file in human-readable form).
Damien Millere247cc42000-05-07 12:03:14 +10001020The contents of the
Damien Miller167ea5d2005-05-26 12:04:02 +10001021.Pa ~/.ssh/identity.pub
Darren Tucker61776952003-10-02 16:19:47 +10001022file should be added to the file
Damien Miller167ea5d2005-05-26 12:04:02 +10001023.Pa ~/.ssh/authorized_keys
Damien Miller32aa1441999-10-29 09:15:49 +10001024on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +00001025where the user wishes to log in using protocol version 1 RSA authentication.
Damien Millere247cc42000-05-07 12:03:14 +10001026The contents of the
Damien Miller167ea5d2005-05-26 12:04:02 +10001027.Pa ~/.ssh/id_dsa.pub
Ben Lindstrom18a82ac2001-04-11 15:59:35 +00001028and
Damien Miller167ea5d2005-05-26 12:04:02 +10001029.Pa ~/.ssh/id_rsa.pub
Damien Millere247cc42000-05-07 12:03:14 +10001030file should be added to
Damien Miller167ea5d2005-05-26 12:04:02 +10001031.Pa ~/.ssh/authorized_keys
Damien Millere247cc42000-05-07 12:03:14 +10001032on all machines
Ben Lindstrom594e2032001-09-12 18:35:30 +00001033where the user wishes to log in using protocol version 2 DSA/RSA authentication.
Damien Millere247cc42000-05-07 12:03:14 +10001034These files are not
Damien Miller7684ee12000-03-17 23:40:15 +11001035sensitive and can (but need not) be readable by anyone.
Damien Millere247cc42000-05-07 12:03:14 +10001036These files are
Kevin Steves3c034ae2001-02-05 13:47:11 +00001037never used automatically and are not necessary; they are only provided for
Damien Miller32aa1441999-10-29 09:15:49 +10001038the convenience of the user.
Damien Miller167ea5d2005-05-26 12:04:02 +10001039.It Pa ~/.ssh/config
Damien Miller7684ee12000-03-17 23:40:15 +11001040This is the per-user configuration file.
Ben Lindstrom9f049032002-06-21 00:59:05 +00001041The file format and configuration options are described in
1042.Xr ssh_config 5 .
Damien Millerc970cb92004-04-20 20:12:53 +10001043Because of the potential for abuse, this file must have strict permissions:
1044read/write for the user, and not accessible by others.
Damien Miller167ea5d2005-05-26 12:04:02 +10001045.It Pa ~/.ssh/authorized_keys
Ben Lindstromf96704d2001-06-25 04:17:12 +00001046Lists the public keys (RSA/DSA) that can be used for logging in as this user.
Damien Miller7684ee12000-03-17 23:40:15 +11001047The format of this file is described in the
Damien Miller32aa1441999-10-29 09:15:49 +10001048.Xr sshd 8
Damien Miller7684ee12000-03-17 23:40:15 +11001049manual page.
Darren Tucker61776952003-10-02 16:19:47 +10001050In the simplest form the format is the same as the
1051.Pa .pub
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001052identity files.
Damien Millere247cc42000-05-07 12:03:14 +10001053This file is not highly sensitive, but the recommended
1054permissions are read/write for the user, and not accessible by others.
Damien Miller05eda432002-02-10 18:32:28 +11001055.It Pa /etc/ssh/ssh_known_hosts
Damien Miller7684ee12000-03-17 23:40:15 +11001056Systemwide list of known host keys.
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001057This file should be prepared by the
Damien Miller32aa1441999-10-29 09:15:49 +10001058system administrator to contain the public host keys of all machines in the
Damien Miller7684ee12000-03-17 23:40:15 +11001059organization.
1060This file should be world-readable.
1061This file contains
Damien Miller32aa1441999-10-29 09:15:49 +10001062public keys, one per line, in the following format (fields separated
Ben Lindstromd6481ea2001-06-25 04:37:41 +00001063by spaces): system name, public key and optional comment field.
Damien Miller7684ee12000-03-17 23:40:15 +11001064When different names are used
Damien Miller32aa1441999-10-29 09:15:49 +10001065for the same machine, all such names should be listed, separated by
Damien Miller7684ee12000-03-17 23:40:15 +11001066commas.
Darren Tucker61776952003-10-02 16:19:47 +10001067The format is described in the
Damien Miller32aa1441999-10-29 09:15:49 +10001068.Xr sshd 8
1069manual page.
1070.Pp
1071The canonical system name (as returned by name servers) is used by
1072.Xr sshd 8
1073to verify the client host when logging in; other names are needed because
1074.Nm
1075does not convert the user-supplied name to a canonical name before
1076checking the key, because someone with access to the name servers
1077would then be able to fool host authentication.
Damien Miller05eda432002-02-10 18:32:28 +11001078.It Pa /etc/ssh/ssh_config
Damien Miller7684ee12000-03-17 23:40:15 +11001079Systemwide configuration file.
Ben Lindstrom9f049032002-06-21 00:59:05 +00001080The file format and configuration options are described in
1081.Xr ssh_config 5 .
Damien Miller05eda432002-02-10 18:32:28 +11001082.It Pa /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
Damien Miller705499b2001-11-12 11:05:38 +11001083These three files contain the private parts of the host keys
1084and are used for
1085.Cm RhostsRSAAuthentication
1086and
1087.Cm HostbasedAuthentication .
Ben Lindstrom5cac4232002-06-11 15:45:02 +00001088If the protocol version 1
1089.Cm RhostsRSAAuthentication
Ben Lindstromcb72e4f2002-06-21 00:41:51 +00001090method is used,
Damien Miller705499b2001-11-12 11:05:38 +11001091.Nm
Ben Lindstrom5cac4232002-06-11 15:45:02 +00001092must be setuid root, since the host key is readable only by root.
1093For protocol version 2,
1094.Nm
1095uses
1096.Xr ssh-keysign 8
1097to access the host keys for
1098.Cm HostbasedAuthentication .
1099This eliminates the requirement that
1100.Nm
1101be setuid root when that authentication method is used.
1102By default
1103.Nm
1104is not setuid root.
Damien Miller167ea5d2005-05-26 12:04:02 +10001105.It Pa ~/.rhosts
Damien Miller32aa1441999-10-29 09:15:49 +10001106This file is used in
Darren Tuckerdb693902004-08-29 16:37:24 +10001107.Cm RhostsRSAAuthentication
1108and
1109.Cm HostbasedAuthentication
Damien Miller32aa1441999-10-29 09:15:49 +10001110authentication to list the
Damien Miller7684ee12000-03-17 23:40:15 +11001111host/user pairs that are permitted to log in.
1112(Note that this file is
Damien Miller32aa1441999-10-29 09:15:49 +10001113also used by rlogin and rsh, which makes using this file insecure.)
1114Each line of the file contains a host name (in the canonical form
1115returned by name servers), and then a user name on that host,
Damien Miller7684ee12000-03-17 23:40:15 +11001116separated by a space.
Ben Lindstromebd888d2001-03-05 05:49:29 +00001117On some machines this file may need to be
Damien Miller32aa1441999-10-29 09:15:49 +10001118world-readable if the user's home directory is on a NFS partition,
1119because
1120.Xr sshd 8
Damien Miller7684ee12000-03-17 23:40:15 +11001121reads it as root.
1122Additionally, this file must be owned by the user,
1123and must not have write permissions for anyone else.
1124The recommended
Damien Miller32aa1441999-10-29 09:15:49 +10001125permission for most machines is read/write for the user, and not
1126accessible by others.
1127.Pp
Darren Tuckerdb693902004-08-29 16:37:24 +10001128Note that
Damien Miller32aa1441999-10-29 09:15:49 +10001129.Xr sshd 8
Darren Tuckerdb693902004-08-29 16:37:24 +10001130allows authentication only in combination with client host key
1131authentication before permitting log in.
Ben Lindstrom594e2032001-09-12 18:35:30 +00001132If the server machine does not have the client's host key in
Damien Miller05eda432002-02-10 18:32:28 +11001133.Pa /etc/ssh/ssh_known_hosts ,
Ben Lindstrom594e2032001-09-12 18:35:30 +00001134it can be stored in
Damien Miller167ea5d2005-05-26 12:04:02 +10001135.Pa ~/.ssh/known_hosts .
Damien Miller32aa1441999-10-29 09:15:49 +10001136The easiest way to do this is to
1137connect back to the client from the server machine using ssh; this
Damien Millere247cc42000-05-07 12:03:14 +10001138will automatically add the host key to
Damien Miller167ea5d2005-05-26 12:04:02 +10001139.Pa ~/.ssh/known_hosts .
1140.It Pa ~/.shosts
Damien Miller32aa1441999-10-29 09:15:49 +10001141This file is used exactly the same way as
Darren Tucker61776952003-10-02 16:19:47 +10001142.Pa .rhosts .
Damien Miller32aa1441999-10-29 09:15:49 +10001143The purpose for
Darren Tuckerdb693902004-08-29 16:37:24 +10001144having this file is to be able to use
1145.Cm RhostsRSAAuthentication
1146and
1147.Cm HostbasedAuthentication
1148authentication without permitting login with
Darren Tucker61776952003-10-02 16:19:47 +10001149.Xr rlogin
Damien Miller32aa1441999-10-29 09:15:49 +10001150or
1151.Xr rsh 1 .
1152.It Pa /etc/hosts.equiv
1153This file is used during
Darren Tuckerdb693902004-08-29 16:37:24 +10001154.Cm RhostsRSAAuthentication
1155and
1156.Cm HostbasedAuthentication
Damien Millerf1ce5052003-06-11 22:04:39 +10001157authentication.
Damien Miller7684ee12000-03-17 23:40:15 +11001158It contains
Darren Tucker61776952003-10-02 16:19:47 +10001159canonical hosts names, one per line (the full format is described in the
Damien Miller32aa1441999-10-29 09:15:49 +10001160.Xr sshd 8
Damien Miller7684ee12000-03-17 23:40:15 +11001161manual page).
1162If the client host is found in this file, login is
Damien Miller32aa1441999-10-29 09:15:49 +10001163automatically permitted provided client and server user names are the
Damien Miller7684ee12000-03-17 23:40:15 +11001164same.
Darren Tuckerdb693902004-08-29 16:37:24 +10001165Additionally, successful client host key authentication is required.
Damien Miller7684ee12000-03-17 23:40:15 +11001166This file should only be writable by root.
Damien Miller886c63a2000-01-20 23:13:36 +11001167.It Pa /etc/shosts.equiv
Damien Miller22c77262000-04-13 12:26:34 +10001168This file is processed exactly as
Damien Miller32aa1441999-10-29 09:15:49 +10001169.Pa /etc/hosts.equiv .
1170This file may be useful to permit logins using
1171.Nm
1172but not using rsh/rlogin.
Damien Miller05eda432002-02-10 18:32:28 +11001173.It Pa /etc/ssh/sshrc
Damien Miller32aa1441999-10-29 09:15:49 +10001174Commands in this file are executed by
1175.Nm
1176when the user logs in just before the user's shell (or command) is started.
1177See the
1178.Xr sshd 8
1179manual page for more information.
Damien Miller167ea5d2005-05-26 12:04:02 +10001180.It Pa ~/.ssh/rc
Damien Miller32aa1441999-10-29 09:15:49 +10001181Commands in this file are executed by
1182.Nm
1183when the user logs in just before the user's shell (or command) is
1184started.
Damien Miller22c77262000-04-13 12:26:34 +10001185See the
Damien Miller32aa1441999-10-29 09:15:49 +10001186.Xr sshd 8
1187manual page for more information.
Damien Miller167ea5d2005-05-26 12:04:02 +10001188.It Pa ~/.ssh/environment
Damien Miller4f0fa561999-12-26 14:24:41 +11001189Contains additional definitions for environment variables, see section
1190.Sx ENVIRONMENT
1191above.
Damien Miller7b28dc52000-09-05 13:34:53 +11001192.El
Damien Miller07a2d422002-02-05 12:16:15 +11001193.Sh DIAGNOSTICS
1194.Nm
1195exits with the exit status of the remote command or with 255
1196if an error occurred.
Damien Miller32aa1441999-10-29 09:15:49 +10001197.Sh SEE ALSO
Darren Tucker61776952003-10-02 16:19:47 +10001198.Xr gzip 1 ,
Damien Miller32aa1441999-10-29 09:15:49 +10001199.Xr rsh 1 ,
1200.Xr scp 1 ,
Damien Miller33804262001-02-04 23:20:18 +11001201.Xr sftp 1 ,
Damien Miller32aa1441999-10-29 09:15:49 +10001202.Xr ssh-add 1 ,
1203.Xr ssh-agent 1 ,
1204.Xr ssh-keygen 1 ,
1205.Xr telnet 1 ,
Darren Tucker61776952003-10-02 16:19:47 +10001206.Xr hosts.equiv 5 ,
Ben Lindstrombf69e3b2002-06-23 00:31:24 +00001207.Xr ssh_config 5 ,
Ben Lindstromc001cd32002-06-23 00:32:11 +00001208.Xr ssh-keysign 8 ,
Ben Lindstrom5ab6ae12001-02-10 22:08:03 +00001209.Xr sshd 8
Ben Lindstrom160ec622001-04-22 17:17:46 +00001210.Rs
1211.%A T. Ylonen
1212.%A T. Kivinen
1213.%A M. Saarinen
1214.%A T. Rinne
1215.%A S. Lehtinen
1216.%T "SSH Protocol Architecture"
Ben Lindstromf1813842002-03-27 17:18:31 +00001217.%N draft-ietf-secsh-architecture-12.txt
1218.%D January 2002
Ben Lindstrom160ec622001-04-22 17:17:46 +00001219.%O work in progress material
1220.Re
Damien Millerf1ce5052003-06-11 22:04:39 +10001221.Sh AUTHORS
1222OpenSSH is a derivative of the original and free
1223ssh 1.2.12 release by Tatu Ylonen.
1224Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
1225Theo de Raadt and Dug Song
1226removed many bugs, re-added newer features and
1227created OpenSSH.
1228Markus Friedl contributed the support for SSH
1229protocol versions 1.5 and 2.0.