d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Resolve conflicts and document local changes.

Browse Source
This commit is contained in:
Dag-Erling Smørgrav 2002-06-23 21:42:47 +00:00
parent 584884ca0c
commit 614c49a910
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=98706
4 changed files with 113 additions and 1254 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

636
crypto/openssh/ssh.1
View File

@ -34,9 +34,9 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: ssh.1,v 1.148 2002/02/18 17:55:20 markus Exp $
.\" $OpenBSD: ssh.1,v 1.158 2002/06/20 19:56:07 stevesk Exp $
.\" $FreeBSD$
.Dd March 18, 2002
.Dd September 25, 1999
.Dt SSH 1
.Os
.Sh NAME
@ -298,6 +298,12 @@ Background ssh at logout when waiting for forwarded connection / X11 sessions
to terminate
.It Cm ~?
Display a list of escape characters
.It Cm ~C
Open command line (only useful for adding port forwardings using the
.Fl L
and
.Fl R
options)
.It Cm ~R
Request rekeying of the connection (only useful for SSH protocol version 2
and if the peer supports it)
@ -380,7 +386,7 @@ this mechanism is to prevent man-in-the-middle attacks which could
otherwise be used to circumvent the encryption.
The
.Cm StrictHostKeyChecking
option (see below) can be used to prevent logins to machines whose
option can be used to prevent logins to machines whose
host key is not known or has changed.
.Pp
The options are as follows:
@ -564,13 +570,13 @@ and the
.Dq level
can be controlled by the
.Cm CompressionLevel
option (see below).
option.
Compression is desirable on modem lines and other
slow connections, but will only slow down things on fast networks.
The default value can be set on a host-by-host basis in the
configuration files; see the
.Cm Compression
option below.
option.
.It Fl F Ar configfile
Specifies an alternative per-user configuration file.
If a configuration file is given on the command line,
@ -645,580 +651,10 @@ to use IPv6 addresses only.
.El
.Sh CONFIGURATION FILES
.Nm
obtains configuration data from the following sources in
the following order:
command line options, user's configuration file
.Pq Pa $HOME/.ssh/config ,
and system-wide configuration file
.Pq Pa /etc/ssh/ssh_config .
For each parameter, the first obtained value
will be used.
The configuration files contain sections bracketed by
.Dq Host
specifications, and that section is only applied for hosts that
match one of the patterns given in the specification.
The matched host name is the one given on the command line.
.Pp
Since the first obtained value for each parameter is used, more
host-specific declarations should be given near the beginning of the
file, and general defaults at the end.
.Pp
The configuration file has the following format:
.Pp
Empty lines and lines starting with
.Ql #
are comments.
.Pp
Otherwise a line is of the format
.Dq keyword arguments .
Configuration options may be separated by whitespace or
optional whitespace and exactly one
.Ql = ;
the latter format is useful to avoid the need to quote whitespace
when specifying configuration options using the
.Nm ssh ,
.Nm scp
and
.Nm sftp
.Fl o
option.
.Pp
The possible
keywords and their meanings are as follows (note that
keywords are case-insensitive and arguments are case-sensitive):
.Bl -tag -width Ds
.It Cm Host
Restricts the following declarations (up to the next
.Cm Host
keyword) to be only for those hosts that match one of the patterns
given after the keyword.
.Ql \&*
and
.Ql ?
can be used as wildcards in the
patterns.
A single
.Ql \&*
as a pattern can be used to provide global
defaults for all hosts.
The host is the
.Ar hostname
argument given on the command line (i.e., the name is not converted to
a canonicalized host name before matching).
.It Cm AFSTokenPassing
Specifies whether to pass AFS tokens to remote host.
The argument to this keyword must be
.Dq yes
or
.Dq no .
This option applies to protocol version 1 only.
.It Cm BatchMode
If set to
.Dq yes ,
passphrase/password querying will be disabled.
This option is useful in scripts and other batch jobs where no user
is present to supply the password.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
.It Cm BindAddress
Specify the interface to transmit from on machines with multiple
interfaces or aliased addresses.
Note that this option does not work if
.Cm UsePrivilegedPort
is set to
.Dq yes .
.It Cm CheckHostIP
If this flag is set to
.Dq yes ,
ssh will additionally check the host IP address in the
.Pa known_hosts
file.
This allows ssh to detect if a host key changed due to DNS spoofing.
If the option is set to
.Dq no ,
the check will not be executed.
The default is
.Dq yes .
.It Cm Cipher
Specifies the cipher to use for encrypting the session
in protocol version 1.
Currently,
.Dq blowfish ,
.Dq 3des ,
and
.Dq des
are supported.
.Ar des
is only supported in the
.Nm
client for interoperability with legacy protocol 1 implementations
that do not support the
.Ar 3des
cipher. Its use is strongly discouraged due to cryptographic
weaknesses.
The default is
.Dq 3des .
.It Cm Ciphers
Specifies the ciphers allowed for protocol version 2
in order of preference.
Multiple ciphers must be comma-separated.
The default is
.Pp
.Bd -literal
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc''
.Ed
.It Cm ClearAllForwardings
Specifies that all local, remote and dynamic port forwardings
specified in the configuration files or on the command line be
cleared. This option is primarily useful when used from the
.Nm
command line to clear port forwardings set in
configuration files, and is automatically set by
.Xr scp 1
and
.Xr sftp 1 .
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
.It Cm Compression
Specifies whether to use compression.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
.It Cm CompressionLevel
Specifies the compression level to use if compression is enabled.
The argument must be an integer from 1 (fast) to 9 (slow, best).
The default level is 6, which is good for most applications.
The meaning of the values is the same as in
.Xr gzip 1 .
Note that this option applies to protocol version 1 only.
.It Cm ConnectionAttempts
Specifies the number of tries (one per second) to make before falling
back to rsh or exiting.
The argument must be an integer.
This may be useful in scripts if the connection sometimes fails.
The default is 1.
.It Cm DynamicForward
Specifies that a TCP/IP port on the local machine be forwarded
over the secure channel, and the application
protocol is then used to determine where to connect to from the
remote machine. The argument must be a port number.
Currently the SOCKS4 protocol is supported, and
.Nm
will act as a SOCKS4 server.
Multiple forwardings may be specified, and
additional forwardings can be given on the command line. Only
the superuser can forward privileged ports.
.It Cm EscapeChar
Sets the escape character (default:
.Ql ~ ) .
The escape character can also
be set on the command line.
The argument should be a single character,
.Ql ^
followed by a letter, or
.Dq none
to disable the escape
character entirely (making the connection transparent for binary
data).
.It Cm FallBackToRsh
Specifies that if connecting via
.Nm
fails due to a connection refused error (there is no
.Xr sshd 8
listening on the remote host),
.Xr rsh 1
should automatically be used instead (after a suitable warning about
the session being unencrypted).
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
.It Cm ForwardAgent
Specifies whether the connection to the authentication agent (if any)
will be forwarded to the remote machine.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
.It Cm ForwardX11
Specifies whether X11 connections will be automatically redirected
over the secure channel and
.Ev DISPLAY
set.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
.It Cm GatewayPorts
Specifies whether remote hosts are allowed to connect to local
forwarded ports.
By default,
.Nm
binds local port forwardings to the loopback addresss. This
prevents other remote hosts from connecting to forwarded ports.
.Cm GatewayPorts
can be used to specify that
.Nm
should bind local port forwardings to the wildcard address,
thus allowing remote hosts to connect to forwarded ports.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
.It Cm GlobalKnownHostsFile
Specifies a file to use for the global
host key database instead of
.Pa /etc/ssh/ssh_known_hosts .
.It Cm HostbasedAuthentication
Specifies whether to try rhosts based authentication with public key
authentication.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
This option applies to protocol version 2 only and
is similar to
.Cm RhostsRSAAuthentication .
.It Cm HostKeyAlgorithms
Specifies the protocol version 2 host key algorithms
that the client wants to use in order of preference.
The default for this option is:
.Dq ssh-rsa,ssh-dss .
.It Cm HostKeyAlias
Specifies an alias that should be used instead of the
real host name when looking up or saving the host key
in the host key database files.
This option is useful for tunneling ssh connections
or for multiple servers running on a single host.
.It Cm HostName
Specifies the real host name to log into.
This can be used to specify nicknames or abbreviations for hosts.
Default is the name given on the command line.
Numeric IP addresses are also permitted (both on the command line and in
.Cm HostName
specifications).
.It Cm IdentityFile
Specifies a file from which the user's RSA or DSA authentication identity
is read. The default is
.Pa $HOME/.ssh/identity
for protocol version 1, and
.Pa $HOME/.ssh/id_rsa
and
.Pa $HOME/.ssh/id_dsa
for protocol version 2.
Additionally, any identities represented by the authentication agent
will be used for authentication.
The file name may use the tilde
syntax to refer to a user's home directory.
It is possible to have
multiple identity files specified in configuration files; all these
identities will be tried in sequence.
.It Cm KeepAlive
Specifies whether the system should send TCP keepalive messages to the
other side.
If they are sent, death of the connection or crash of one
of the machines will be properly noticed.
However, this means that
connections will die if the route is down temporarily, and some people
find it annoying.
.Pp
The default is
.Dq yes
(to send keepalives), and the client will notice
if the network goes down or the remote host dies.
This is important in scripts, and many users want it too.
.Pp
To disable keepalives, the value should be set to
.Dq no .
.It Cm KerberosAuthentication
Specifies whether Kerberos authentication will be used.
The argument to this keyword must be
.Dq yes
or
.Dq no .
.It Cm KerberosTgtPassing
Specifies whether a Kerberos TGT will be forwarded to the server.
This will only work if the Kerberos server is actually an AFS kaserver.
The argument to this keyword must be
.Dq yes
or
.Dq no .
.It Cm LocalForward
Specifies that a TCP/IP port on the local machine be forwarded over
the secure channel to the specified host and port from the remote machine.
The first argument must be a port number, and the second must be
.Ar host:port .
IPv6 addresses can be specified with an alternative syntax:
.Ar host/port .
Multiple forwardings may be specified, and additional
forwardings can be given on the command line.
Only the superuser can forward privileged ports.
.It Cm LogLevel
Gives the verbosity level that is used when logging messages from
.Nm ssh .
The possible values are:
QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.
The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2
and DEBUG3 each specify higher levels of verbose output.
.It Cm MACs
Specifies the MAC (message authentication code) algorithms
in order of preference.
The MAC algorithm is used in protocol version 2
for data integrity protection.
Multiple algorithms must be comma-separated.
The default is
.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 .
.It Cm NoHostAuthenticationForLocalhost
This option can be used if the home directory is shared across machines.
In this case localhost will refer to a different machine on each of
the machines and the user will get many warnings about changed host keys.
However, this option disables host authentication for localhost.
The argument to this keyword must be
.Dq yes
or
.Dq no .
The default is to check the host key for localhost.
.It Cm NumberOfPasswordPrompts
Specifies the number of password prompts before giving up.
The argument to this keyword must be an integer.
Default is 3.
.It Cm PasswordAuthentication
Specifies whether to use password authentication.
The argument to this keyword must be
.Dq yes
or
.Dq no .
The default is
.Dq yes .
.It Cm Port
Specifies the port number to connect on the remote host.
Default is 22.
.It Cm PreferredAuthentications
Specifies the order in which the client should try protocol 2
authentication methods. This allows a client to prefer one method (e.g.
.Cm keyboard-interactive )
over another method (e.g.
.Cm password )
The default for this option is:
.Dq hostbased,publickey,keyboard-interactive,password .
.It Cm Protocol
Specifies the protocol versions
.Nm
should support in order of preference.
The possible values are
.Dq 1
and
.Dq 2 .
Multiple versions must be comma-separated.
The default is
.Dq 2,1 .
This means that
.Nm
tries version 2 and falls back to version 1
if version 2 is not available.
.It Cm ProxyCommand
Specifies the command to use to connect to the server.
The command
string extends to the end of the line, and is executed with
.Pa /bin/sh .
In the command string,
.Ql %h
will be substituted by the host name to
connect and
.Ql %p
by the port.
The command can be basically anything,
and should read from its standard input and write to its standard output.
It should eventually connect an
.Xr sshd 8
server running on some machine, or execute
.Ic sshd -i
somewhere.
Host key management will be done using the
HostName of the host being connected (defaulting to the name typed by
the user).
Note that
.Cm CheckHostIP
is not available for connects with a proxy command.
.Pp
.It Cm PubkeyAuthentication
Specifies whether to try public key authentication.
The argument to this keyword must be
.Dq yes
or
.Dq no .
The default is
.Dq yes .
This option applies to protocol version 2 only.
.It Cm RemoteForward
Specifies that a TCP/IP port on the remote machine be forwarded over
the secure channel to the specified host and port from the local machine.
The first argument must be a port number, and the second must be
.Ar host:port .
IPv6 addresses can be specified with an alternative syntax:
.Ar host/port .
Multiple forwardings may be specified, and additional
forwardings can be given on the command line.
Only the superuser can forward privileged ports.
.It Cm RhostsAuthentication
Specifies whether to try rhosts based authentication.
Note that this
declaration only affects the client side and has no effect whatsoever
on security.
Disabling rhosts authentication may reduce
authentication time on slow connections when rhosts authentication is
not used.
Most servers do not permit RhostsAuthentication because it
is not secure (see
.Cm RhostsRSAAuthentication ) .
The argument to this keyword must be
.Dq yes
or
.Dq no .
The default is
.Dq yes .
This option applies to protocol version 1 only.
.It Cm RhostsRSAAuthentication
Specifies whether to try rhosts based authentication with RSA host
authentication.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq yes .
This option applies to protocol version 1 only.
.It Cm RSAAuthentication
Specifies whether to try RSA authentication.
The argument to this keyword must be
.Dq yes
or
.Dq no .
RSA authentication will only be
attempted if the identity file exists, or an authentication agent is
running.
The default is
.Dq yes .
Note that this option applies to protocol version 1 only.
.It Cm ChallengeResponseAuthentication
Specifies whether to use challenge response authentication.
The argument to this keyword must be
.Dq yes
or
.Dq no .
The default is
.Dq yes .
.It Cm SmartcardDevice
Specifies which smartcard device to use. The argument to this keyword is
the device
.Nm
should use to communicate with a smartcard used for storing the user's
private RSA key. By default, no device is specified and smartcard support
is not activated.
.It Cm StrictHostKeyChecking
If this flag is set to
.Dq yes ,
.Nm
will never automatically add host keys to the
.Pa $HOME/.ssh/known_hosts
file, and refuses to connect to hosts whose host key has changed.
This provides maximum protection against trojan horse attacks,
however, can be annoying when the
.Pa /etc/ssh/ssh_known_hosts
file is poorly maintained, or connections to new hosts are
frequently made.
This option forces the user to manually
add all new hosts.
If this flag is set to
.Dq no ,
.Nm
will automatically add new host keys to the
user known hosts files.
If this flag is set to
.Dq ask ,
new host keys
will be added to the user known host files only after the user
has confirmed that is what they really want to do, and
.Nm
will refuse to connect to hosts whose host key has changed.
The host keys of
known hosts will be verified automatically in all cases.
The argument must be
.Dq yes ,
.Dq no
or
.Dq ask .
The default is
.Dq ask .
.It Cm UsePrivilegedPort
Specifies whether to use a privileged port for outgoing connections.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
Note that this option must be set to
.Dq yes
if
.Cm RhostsAuthentication
and
.Cm RhostsRSAAuthentication
authentications are needed with older servers.
.It Cm User
Specifies the user to log in as.
This can be useful when a different user name is used on different machines.
This saves the trouble of
having to remember to give the user name on the command line.
.It Cm UserKnownHostsFile
Specifies a file to use for the user
host key database instead of
.Pa $HOME/.ssh/known_hosts .
.It Cm UseRsh
Specifies that rlogin/rsh should be used for this host.
It is possible that the host does not at all support the
.Nm
protocol.
This causes
.Nm
to immediately execute
.Xr rsh 1 .
All other options (except
.Cm HostName )
are ignored if this has been specified.
The argument must be
.Dq yes
or
.Dq no .
.It Cm XAuthLocation
Specifies the location of the
.Xr xauth 1
program.
The default is
.Pa /usr/X11R6/bin/xauth .
.El
may additionally obtain configuration data from
a per-user configuration file and a system-wide configuration file.
The file format and configuration options are described in
.Xr ssh_config 5 .
.Sh ENVIRONMENT
.Nm
will normally set the following environment variables:
@ -1353,13 +789,8 @@ never used automatically and are not necessary; they are only provided for
the convenience of the user.
.It Pa $HOME/.ssh/config
This is the per-user configuration file.
The format of this file is described above.
This file is used by the
.Nm
client.
This file does not usually contain any sensitive information,
but the recommended permissions are read/write for the user, and not
accessible by others.
The file format and configuration options are described in
.Xr ssh_config 5 .
.It Pa $HOME/.ssh/authorized_keys
Lists the public keys (RSA/DSA) that can be used for logging in as this user.
The format of this file is described in the
@ -1394,19 +825,31 @@ checking the key, because someone with access to the name servers
would then be able to fool host authentication.
.It Pa /etc/ssh/ssh_config
Systemwide configuration file.
This file provides defaults for those
values that are not specified in the user's configuration file, and
for those users who do not have a configuration file.
This file must be world-readable.
The file format and configuration options are described in
.Xr ssh_config 5 .
.It Pa /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
These three files contain the private parts of the host keys
and are used for
.Cm RhostsRSAAuthentication
and
.Cm HostbasedAuthentication .
Since they are readable only by root
If the protocol version 1
.Cm RhostsRSAAuthentication
method is used,
.Nm
must be setuid root if these authentication methods are desired.
must be setuid root, since the host key is readable only by root.
For protocol version 2,
.Nm
uses
.Xr ssh-keysign 8
to access the host keys for
.Cm HostbasedAuthentication .
This eliminates the requirement that
.Nm
be setuid root when that authentication method is used.
By default
.Nm
is not setuid root.
.It Pa $HOME/.rhosts
This file is used in
.Pa \&.rhosts
@ -1447,7 +890,7 @@ The purpose for
having this file is to be able to use rhosts authentication with
.Nm
without permitting login with
.Xr rlogin 1
.Nm rlogin
or
.Xr rsh 1 .
.It Pa /etc/hosts.equiv
@ -1505,7 +948,6 @@ created OpenSSH.
Markus Friedl contributed the support for SSH
protocol versions 1.5 and 2.0.
.Sh SEE ALSO
.Xr rlogin 1 ,
.Xr rsh 1 ,
.Xr scp 1 ,
.Xr sftp 1 ,
@ -1513,6 +955,8 @@ protocol versions 1.5 and 2.0.
.Xr ssh-agent 1 ,
.Xr ssh-keygen 1 ,
.Xr telnet 1 ,
.Xr ssh_config 4 ,
.Xr ssh-keysign 8,
.Xr sshd 8
.Rs
.%A T. Ylonen
@ -1521,7 +965,7 @@ protocol versions 1.5 and 2.0.
.%A T. Rinne
.%A S. Lehtinen
.%T "SSH Protocol Architecture"
.%N draft-ietf-secsh-architecture-09.txt
.%D July 2001
.%N draft-ietf-secsh-architecture-12.txt
.%D January 2002
.%O work in progress material
.Re

4
crypto/openssh/ssh_config.5
View File

@ -35,6 +35,7 @@
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: ssh_config.5,v 1.1 2002/06/20 19:56:07 stevesk Exp $
.\" $FreeBSD$
.Dd September 25, 1999
.Dt SSH_CONFIG 5
.Os
@ -583,6 +584,9 @@ having to remember to give the user name on the command line.
Specifies a file to use for the user
host key database instead of
.Pa $HOME/.ssh/known_hosts .
.It Cm VersionAddendum
Specifies a string to append to the regular version string to identify
OS- or site-specific modifications.
.It Cm XAuthLocation
Specifies the location of the
.Xr xauth 1

694
crypto/openssh/sshd.8
View File

@ -34,9 +34,9 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: sshd.8,v 1.170 2002/02/28 20:46:10 stevesk Exp $
.\" $OpenBSD: sshd.8,v 1.184 2002/06/20 19:56:07 stevesk Exp $
.\" $FreeBSD$
.Dd March 18, 2002
.Dd September 25, 1999
.Dt SSHD 8
.Os
.Sh NAME
@ -117,14 +117,14 @@ Rhosts authentication is normally disabled
because it is fundamentally insecure, but can be enabled in the server
configuration file if desired.
System security is not improved unless
.Xr rshd 8 ,
.Xr rlogind 8 ,
.Nm rshd ,
.Nm rlogind ,
and
.Xr rexecd 8
.Xr rexecd
are disabled (thus completely disabling
.Xr rlogin 1
.Xr rlogin
and
.Xr rsh 1
.Xr rsh
into the machine).
.Pp
.Ss SSH protocol version 2
@ -321,634 +321,8 @@ reads configuration data from
(or the file specified with
.Fl f
on the command line).
The file contains keyword-argument pairs, one per line.
Lines starting with
.Ql #
and empty lines are interpreted as comments.
.Pp
The possible
keywords and their meanings are as follows (note that
keywords are case-insensitive and arguments are case-sensitive):
.Bl -tag -width Ds
.It Cm AFSTokenPassing
Specifies whether an AFS token may be forwarded to the server.
Default is
.Dq yes .
.It Cm AllowGroups
This keyword can be followed by a list of group name patterns, separated
by spaces.
If specified, login is allowed only for users whose primary
group or supplementary group list matches one of the patterns.
.Ql \&*
and
.Ql ?
can be used as
wildcards in the patterns.
Only group names are valid; a numerical group ID is not recognized.
By default, login is allowed for all groups.
.Pp
.It Cm AllowTcpForwarding
Specifies whether TCP forwarding is permitted.
The default is
.Dq yes .
Note that disabling TCP forwarding does not improve security unless
users are also denied shell access, as they can always install their
own forwarders.
.Pp
.It Cm AllowUsers
This keyword can be followed by a list of user name patterns, separated
by spaces.
If specified, login is allowed only for users names that
match one of the patterns.
.Ql \&*
and
.Ql ?
can be used as
wildcards in the patterns.
Only user names are valid; a numerical user ID is not recognized.
By default, login is allowed for all users.
If the pattern takes the form USER@HOST then USER and HOST
are separately checked, restricting logins to particular
users from particular hosts.
.Pp
.It Cm AuthorizedKeysFile
Specifies the file that contains the public keys that can be used
for user authentication.
.Cm AuthorizedKeysFile
may contain tokens of the form %T which are substituted during connection
set-up. The following tokens are defined: %% is replaced by a literal '%',
%h is replaced by the home directory of the user being authenticated and
%u is replaced by the username of that user.
After expansion,
.Cm AuthorizedKeysFile
is taken to be an absolute path or one relative to the user's home
directory.
The default is
.Dq .ssh/authorized_keys .
.It Cm Banner
In some jurisdictions, sending a warning message before authentication
may be relevant for getting legal protection.
The contents of the specified file are sent to the remote user before
authentication is allowed.
This option is only available for protocol version 2.
.Pp
.It Cm ChallengeResponseAuthentication
Specifies whether challenge response authentication is allowed.
All authentication styles from
.Xr login.conf 5
are supported.
The default is
.Dq yes .
Note that OPIE authentication is enabled only if
.Cm PasswordAuthentication
is allowed, too.
.It Cm Ciphers
Specifies the ciphers allowed for protocol version 2.
Multiple ciphers must be comma-separated.
The default is
.Pp
.Bd -literal
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc''
.Ed
.It Cm CheckMail
Specifies whether
.Nm
should notify the user of new mail for interactive logins.
The default is
.Dq yes .
.It Cm ClientAliveInterval
Sets a timeout interval in seconds after which if no data has been received
from the client,
.Nm
will send a message through the encrypted
channel to request a response from the client.
The default
is 0, indicating that these messages will not be sent to the client.
This option applies to protocol version 2 only.
.It Cm ClientAliveCountMax
Sets the number of client alive messages (see above) which may be
sent without
.Nm
receiving any messages back from the client. If this threshold is
reached while client alive messages are being sent,
.Nm
will disconnect the client, terminating the session. It is important
to note that the use of client alive messages is very different from
.Cm KeepAlive
(below). The client alive messages are sent through the
encrypted channel and therefore will not be spoofable. The TCP keepalive
option enabled by
.Cm KeepAlive
is spoofable. The client alive mechanism is valuable when the client or
server depend on knowing when a connection has become inactive.
.Pp
The default value is 3. If
.Cm ClientAliveInterval
(above) is set to 15, and
.Cm ClientAliveCountMax
is left at the default, unresponsive ssh clients
will be disconnected after approximately 45 seconds.
.It Cm DenyGroups
This keyword can be followed by a list of group name patterns, separated
by spaces.
Login is disallowed for users whose primary group or supplementary
group list matches one of the patterns.
.Ql \&*
and
.Ql ?
can be used as
wildcards in the patterns.
Only group names are valid; a numerical group ID is not recognized.
By default, login is allowed for all groups.
.Pp
.It Cm DenyUsers
This keyword can be followed by a list of user name patterns, separated
by spaces.
Login is disallowed for user names that match one of the patterns.
.Ql \&*
and
.Ql ?
can be used as wildcards in the patterns.
Only user names are valid; a numerical user ID is not recognized.
By default, login is allowed for all users.
If the pattern takes the form USER@HOST then USER and HOST
are separately checked, restricting logins to particular
users from particular hosts.
.It Cm GatewayPorts
Specifies whether remote hosts are allowed to connect to ports
forwarded for the client.
By default,
.Nm
binds remote port forwardings to the loopback addresss. This
prevents other remote hosts from connecting to forwarded ports.
.Cm GatewayPorts
can be used to specify that
.Nm
should bind remote port forwardings to the wildcard address,
thus allowing remote hosts to connect to forwarded ports.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq no .
.It Cm HostbasedAuthentication
Specifies whether rhosts or /etc/hosts.equiv authentication together
with successful public key client host authentication is allowed
(hostbased authentication).
This option is similar to
.Cm RhostsRSAAuthentication
and applies to protocol version 2 only.
The default is
.Dq no .
.It Cm HostKey
Specifies a file containing a private host key
used by SSH.
The default is
.Pa /etc/ssh/ssh_host_key
for protocol version 1, and
.Pa /etc/ssh/ssh_host_rsa_key
and
.Pa /etc/ssh/ssh_host_dsa_key
for protocol version 2.
Note that
.Nm
will refuse to use a file if it is group/world-accessible.
It is possible to have multiple host key files.
.Dq rsa1
keys are used for version 1 and
.Dq dsa
or
.Dq rsa
are used for version 2 of the SSH protocol.
.It Cm IgnoreRhosts
Specifies that
.Pa .rhosts
and
.Pa .shosts
files will not be used in
.Cm RhostsAuthentication ,
.Cm RhostsRSAAuthentication
or
.Cm HostbasedAuthentication .
.Pp
.Pa /etc/hosts.equiv
and
.Pa /etc/ssh/shosts.equiv
are still used.
The default is
.Dq yes .
.It Cm IgnoreUserKnownHosts
Specifies whether
.Nm
should ignore the user's
.Pa $HOME/.ssh/known_hosts
during
.Cm RhostsRSAAuthentication
or
.Cm HostbasedAuthentication .
The default is
.Dq no .
.It Cm KeepAlive
Specifies whether the system should send TCP keepalive messages to the
other side.
If they are sent, death of the connection or crash of one
of the machines will be properly noticed.
However, this means that
connections will die if the route is down temporarily, and some people
find it annoying.
On the other hand, if keepalives are not sent,
sessions may hang indefinitely on the server, leaving
.Dq ghost
users and consuming server resources.
.Pp
The default is
.Dq yes
(to send keepalives), and the server will notice
if the network goes down or the client host crashes.
This avoids infinitely hanging sessions.
.Pp
To disable keepalives, the value should be set to
.Dq no .
.It Cm KerberosAuthentication
Specifies whether Kerberos authentication is allowed.
This can be in the form of a Kerberos ticket, or if
.Cm PasswordAuthentication
is yes, the password provided by the user will be validated through
the Kerberos KDC.
To use this option, the server needs a
Kerberos servtab which allows the verification of the KDC's identity.
Default is
.Dq yes .
.It Cm KerberosOrLocalPasswd
If set then if password authentication through Kerberos fails then
the password will be validated via any additional local mechanism
such as
.Pa /etc/passwd .
Default is
.Dq yes .
.It Cm KerberosTgtPassing
Specifies whether a Kerberos TGT may be forwarded to the server.
Default is
.Dq no ,
as this only works when the Kerberos KDC is actually an AFS kaserver.
.It Cm KerberosTicketCleanup
Specifies whether to automatically destroy the user's ticket cache
file on logout.
Default is
.Dq yes .
.It Cm KeyRegenerationInterval
In protocol version 1, the ephemeral server key is automatically regenerated
after this many seconds (if it has been used).
The purpose of regeneration is to prevent
decrypting captured sessions by later breaking into the machine and
stealing the keys.
The key is never stored anywhere.
If the value is 0, the key is never regenerated.
The default is 3600 (seconds).
.It Cm ListenAddress
Specifies the local addresses
.Nm
should listen on.
The following forms may be used:
.Pp
.Bl -item -offset indent -compact
.It
.Cm ListenAddress
.Sm off
.Ar host No | Ar IPv4_addr No | Ar IPv6_addr
.Sm on
.It
.Cm ListenAddress
.Sm off
.Ar host No | Ar IPv4_addr No : Ar port
.Sm on
.It
.Cm ListenAddress
.Sm off
.Oo
.Ar host No | Ar IPv6_addr Oc : Ar port
.Sm on
.El
.Pp
If
.Ar port
is not specified,
.Nm
will listen on the address and all prior
.Cm Port
options specified. The default is to listen on all local
addresses. Multiple
.Cm ListenAddress
options are permitted. Additionally, any
.Cm Port
options must precede this option for non port qualified addresses.
.It Cm LoginGraceTime
The server disconnects after this time if the user has not
successfully logged in.
If the value is 0, there is no time limit.
The default is 120 (seconds).
.It Cm LogLevel
Gives the verbosity level that is used when logging messages from
.Nm sshd .
The possible values are:
QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.
The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2
and DEBUG3 each specify higher levels of debugging output.
Logging with a DEBUG level violates the privacy of users
and is not recommended.
.It Cm MACs
Specifies the available MAC (message authentication code) algorithms.
The MAC algorithm is used in protocol version 2
for data integrity protection.
Multiple algorithms must be comma-separated.
The default is
.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 .
.It Cm MaxStartups
Specifies the maximum number of concurrent unauthenticated connections to the
.Nm
daemon.
Additional connections will be dropped until authentication succeeds or the
.Cm LoginGraceTime
expires for a connection.
The default is 10.
.Pp
Alternatively, random early drop can be enabled by specifying
the three colon separated values
.Dq start:rate:full
(e.g., "10:30:60").
.Nm
will refuse connection attempts with a probability of
.Dq rate/100
(30%)
if there are currently
.Dq start
(10)
unauthenticated connections.
The probability increases linearly and all connection attempts
are refused if the number of unauthenticated connections reaches
.Dq full
(60).
.It Cm PasswordAuthentication
Specifies whether password authentication is allowed.
The default is
.Dq yes .
.It Cm PermitEmptyPasswords
When password authentication is allowed, it specifies whether the
server allows login to accounts with empty password strings.
The default is
.Dq no .
.It Cm PermitRootLogin
Specifies whether root can login using
.Xr ssh 1 .
The argument must be
.Dq yes ,
.Dq without-password ,
.Dq forced-commands-only
or
.Dq no .
The default is
.Dq no .
.Pp
If this option is set to
.Dq without-password
password authentication is disabled for root.
.Pp
If this option is set to
.Dq forced-commands-only
root login with public key authentication will be allowed,
but only if the
.Ar command
option has been specified
(which may be useful for taking remote backups even if root login is
normally not allowed). All other authentication methods are disabled
for root.
.Pp
If this option is set to
.Dq no
root is not allowed to login.
.It Cm PidFile
Specifies the file that contains the process identifier of the
.Nm
daemon.
The default is
.Pa /var/run/sshd.pid .
.It Cm Port
Specifies the port number that
.Nm
listens on.
The default is 22.
Multiple options of this type are permitted.
See also
.Cm ListenAddress .
.It Cm PrintLastLog
Specifies whether
.Nm
should print the date and time when the user last logged in.
The default is
.Dq yes .
.It Cm PrintMotd
Specifies whether
.Nm
should print
.Pa /etc/motd
when a user logs in interactively.
(On some systems it is also printed by the shell,
.Pa /etc/profile ,
or equivalent.)
The default is
.Dq yes .
.It Cm Protocol
Specifies the protocol versions
.Nm
should support.
The possible values are
.Dq 1
and
.Dq 2 .
Multiple versions must be comma-separated.
The default is
.Dq 2,1 .
.It Cm PubkeyAuthentication
Specifies whether public key authentication is allowed.
The default is
.Dq yes .
Note that this option applies to protocol version 2 only.
.It Cm RhostsAuthentication
Specifies whether authentication using rhosts or
.Pa /etc/hosts.equiv
files is sufficient.
Normally, this method should not be permitted because it is insecure.
.Cm RhostsRSAAuthentication
should be used
instead, because it performs RSA-based host authentication in addition
to normal rhosts or
.Pa /etc/hosts.equiv
authentication.
The default is
.Dq no .
This option applies to protocol version 1 only.
.It Cm RhostsRSAAuthentication
Specifies whether rhosts or
.Pa /etc/hosts.equiv
authentication together
with successful RSA host authentication is allowed.
The default is
.Dq no .
This option applies to protocol version 1 only.
.It Cm RSAAuthentication
Specifies whether pure RSA authentication is allowed.
The default is
.Dq yes .
This option applies to protocol version 1 only.
.It Cm ServerKeyBits
Defines the number of bits in the ephemeral protocol version 1 server key.
The minimum value is 512, and the default is 768.
.It Cm SkeyAuthentication
Backward-compatibility alias for
.Cm ChallengeResponseAuthentication .
.It Cm StrictModes
Specifies whether
.Nm
should check file modes and ownership of the
user's files and home directory before accepting login.
This is normally desirable because novices sometimes accidentally leave their
directory or files world-writable.
The default is
.Dq yes .
.It Cm Subsystem
Configures an external subsystem (e.g., file transfer daemon).
Arguments should be a subsystem name and a command to execute upon subsystem
request.
The command
.Xr sftp-server 8
implements the
.Dq sftp
file transfer subsystem.
By default no subsystems are defined.
Note that this option applies to protocol version 2 only.
.It Cm SyslogFacility
Gives the facility code that is used when logging messages from
.Nm sshd .
The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
The default is AUTH.
.It Cm UseLogin
Specifies whether
.Xr login 1
is used for interactive login sessions.
The default is
.Dq no .
Note that
.Xr login 1
is never used for remote command execution.
Note also, that if this is enabled,
.Cm X11Forwarding
will be disabled because
.Xr login 1
does not know how to handle
.Xr xauth 1
cookies.
.It Cm VerifyReverseMapping
Specifies whether
.Nm
should try to verify the remote host name and check that
the resolved host name for the remote IP address maps back to the
very same IP address.
The default is
.Dq no .
.It Cm X11DisplayOffset
Specifies the first display number available for
.Nm sshd Ns 's
X11 forwarding.
This prevents
.Nm
from interfering with real X11 servers.
The default is 10.
.It Cm X11Forwarding
Specifies whether X11 forwarding is permitted.
The default is
.Dq no .
Note that disabling X11 forwarding does not improve security in any
way, as users can always install their own forwarders.
X11 forwarding is automatically disabled if
.Cm UseLogin
is enabled.
.It Cm X11UseLocalhost
Specifies whether
.Nm
should bind the X11 forwarding server to the loopback address or to
the wildcard address. By default,
.Nm
binds the forwarding server to the loopback address and sets the
hostname part of the
.Ev DISPLAY
environment variable to
.Dq localhost .
This prevents remote hosts from connecting to the fake display.
However, some older X11 clients may not function with this
configuration.
.Cm X11UseLocalhost
may be set to
.Dq no
to specify that the forwarding server should be bound to the wildcard
address.
The argument must be
.Dq yes
or
.Dq no .
The default is
.Dq yes .
.It Cm XAuthLocation
Specifies the location of the
.Xr xauth 1
program.
The default is
.Pa /usr/X11R6/bin/xauth .
.El
.Ss Time Formats
.Pp
.Nm
command-line arguments and configuration file options that specify time
may be expressed using a sequence of the form:
.Sm off
.Ar time Oo Ar qualifier Oc ,
.Sm on
where
.Ar time
is a positive integer value and
.Ar qualifier
is one of the following:
.Pp
.Bl -tag -width Ds -compact -offset indent
.It Cm <none>
seconds
.It Cm s | Cm S
seconds
.It Cm m | Cm M
minutes
.It Cm h | Cm H
hours
.It Cm d | Cm D
days
.It Cm w | Cm W
weeks
.El
.Pp
Each member of the sequence is added together to calculate
the total time value.
.Pp
Time format examples:
.Pp
.Bl -tag -width Ds -compact -offset indent
.It 600
600 seconds (10 minutes)
.It 10m
10 minutes
.It 1h30m
1 hour 30 minutes (90 minutes)
.El
The file format and configuration options are described in
.Xr sshd_config 5 .
.Sh LOGIN PROCESS
When a user successfully logs in,
.Nm
@ -1035,6 +409,10 @@ or the
.Pa id_rsa.pub
file and edit it.
.Pp
.Nm
enforces a minimum RSA key modulus size for protocol 1
and protocol 2 keys of 768 bits.
.Pp
The options (if present) consist of comma-separated option
specifications.
No spaces are permitted, except within double quotes.
@ -1182,8 +560,8 @@ cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....=
.It Pa /etc/ssh/sshd_config
Contains configuration data for
.Nm sshd .
This file should be writable by root only, but it is recommended
(though not necessary) that it be world-readable.
The file format and configuration options are described in
.Xr sshd_config 5 .
.It Pa /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
These three files contain the private parts of the host keys.
These files should only be owned by root, readable only by root, and not
@ -1321,13 +699,17 @@ If this file exists, it is run with
.Pa /bin/sh
after reading the
environment files but before starting the user's shell or command.
If X11 spoofing is in use, this will receive the "proto cookie" pair in
standard input (and
It must not produce any output on stdout; stderr must be used
instead.
If X11 forwarding is in use, it will receive the "proto cookie" pair in
its standard input (and
.Ev DISPLAY
in environment).
This must call
in its environment).
The script must call
.Xr xauth 1
in that case.
because
.Nm
will not run xauth automatically to add X11 cookies.
.Pp
The primary purpose of this file is to run any initialization routines
which may be needed before the user's home directory becomes
@ -1335,18 +717,23 @@ accessible; AFS is a particular example of such an environment.
.Pp
This file will probably contain some initialization code followed by
something similar to:
.Bd -literal -offset indent
if [ -n "$DISPLAY" ] && read proto cookie; then
echo add "$DISPLAY" "$proto" "$cookie" | xauth -q -
.Bd -literal
if read proto cookie && [ -n "$DISPLAY" ]; then
if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
# X11UseLocalhost=yes
xauth add unix:`echo $DISPLAY |
cut -c11-` $proto $cookie
else
# X11UseLocalhost=no
xauth add $DISPLAY $proto $cookie
fi
fi
.Ed
.Pp
If this file does not exist,
.Pa /etc/ssh/sshrc
is run, and if that
does not exist either,
.Xr xauth 1
is used to store the cookie.
does not exist either, xauth is used to add the cookie.
.Pp
This file should be writable only by the user, and need not be
readable by anyone else.
@ -1366,6 +753,8 @@ removed many bugs, re-added newer features and
created OpenSSH.
Markus Friedl contributed the support for SSH
protocol versions 1.5 and 2.0.
Niels Provos and Markus Friedl contributed support
for privilege separation.
.Sh SEE ALSO
.Xr scp 1 ,
.Xr sftp 1 ,
@ -1375,6 +764,7 @@ protocol versions 1.5 and 2.0.
.Xr ssh-keygen 1 ,
.Xr login.conf 5 ,
.Xr moduli 5 ,
.Xr sshd_config 5 ,
.Xr sftp-server 8
.Rs
.%A T. Ylonen
@ -1383,8 +773,8 @@ protocol versions 1.5 and 2.0.
.%A T. Rinne
.%A S. Lehtinen
.%T "SSH Protocol Architecture"
.%N draft-ietf-secsh-architecture-09.txt
.%D July 2001
.%N draft-ietf-secsh-architecture-12.txt
.%D January 2002
.%O work in progress material
.Re
.Rs
@ -1392,7 +782,7 @@ protocol versions 1.5 and 2.0.
.%A N. Provos
.%A W. A. Simpson
.%T "Diffie-Hellman Group Exchange for the SSH Transport Layer Protocol"
.%N draft-ietf-secsh-dh-group-exchange-01.txt
.%D April 2001
.%N draft-ietf-secsh-dh-group-exchange-02.txt
.%D January 2002
.%O work in progress material
.Re

33
crypto/openssh/sshd_config.5
View File

@ -35,6 +35,7 @@
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: sshd_config.5,v 1.3 2002/06/20 23:37:12 markus Exp $
.\" $FreeBSD$
.Dd September 25, 1999
.Dt SSHD_CONFIG 5
.Os
@ -131,6 +132,9 @@ All authentication styles from
are supported.
The default is
.Dq yes .
Note that OPIE authentication is enabled only if
.Cm PasswordAuthentication
is allowed, too.
.It Cm Ciphers
Specifies the ciphers allowed for protocol version 2.
Multiple ciphers must be comma-separated.
@ -140,6 +144,12 @@ The default is
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc''
.Ed
.It Cm CheckMail
Specifies whether
.Nm
should notify the user of new mail for interactive logins.
The default is
.Dq yes .
.It Cm ClientAliveInterval
Sets a timeout interval in seconds after which if no data has been received
from the client,
@ -266,7 +276,7 @@ or
.Pp
.Pa /etc/hosts.equiv
and
.Pa /etc/shosts.equiv
.Pa /etc/ssh/shosts.equiv
are still used.
The default is
.Dq yes .
@ -379,7 +389,7 @@ options must precede this option for non port qualified addresses.
The server disconnects after this time if the user has not
successfully logged in.
If the value is 0, there is no time limit.
The default is 600 (seconds).
The default is 120 (seconds).
.It Cm LogLevel
Gives the verbosity level that is used when logging messages from
.Nm sshd .
@ -440,7 +450,7 @@ The argument must be
or
.Dq no .
The default is
.Dq yes .
.Dq no .
.Pp
If this option is set to
.Dq without-password
@ -507,18 +517,23 @@ The default is
.Dq yes .
Note that this option applies to protocol version 2 only.
.It Cm RhostsAuthentication
Specifies whether authentication using rhosts or /etc/hosts.equiv
Specifies whether authentication using rhosts or
.Pa /etc/hosts.equiv
files is sufficient.
Normally, this method should not be permitted because it is insecure.
.Cm RhostsRSAAuthentication
should be used
instead, because it performs RSA-based host authentication in addition
to normal rhosts or /etc/hosts.equiv authentication.
to normal rhosts or
.Pa /etc/hosts.equiv
authentication.
The default is
.Dq no .
This option applies to protocol version 1 only.
.It Cm RhostsRSAAuthentication
Specifies whether rhosts or /etc/hosts.equiv authentication together
Specifies whether rhosts or
.Pa /etc/hosts.equiv
authentication together
with successful RSA host authentication is allowed.
The default is
.Dq no .
@ -531,6 +546,9 @@ This option applies to protocol version 1 only.
.It Cm ServerKeyBits
Defines the number of bits in the ephemeral protocol version 1 server key.
The minimum value is 512, and the default is 768.
.It Cm SkeyAuthentication
Backward-compatibility alias for
.Cm ChallengeResponseAuthentication .
.It Cm StrictModes
Specifies whether
.Nm sshd
@ -593,6 +611,9 @@ the resolved host name for the remote IP address maps back to the
very same IP address.
The default is
.Dq no .
.It Cm VersionAddendum
Specifies a string to append to the regular version string to identify
OS- or site-specific modifications.
.It Cm X11DisplayOffset
Specifies the first display number available for
.Nm sshd Ns 's