diff options
author | des <des@FreeBSD.org> | 2005-09-03 07:04:25 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2005-09-03 07:04:25 +0000 |
commit | 88c7c9558ba88abbcc00dcd9133b4996eff74033 (patch) | |
tree | 15c858fecc18a67f9dcc639fd5be6afa6ed7037f /crypto/openssh/ssh_config.5 | |
parent | 1ea3628aba1278f27d571a26380b4e91155d3973 (diff) | |
download | FreeBSD-src-88c7c9558ba88abbcc00dcd9133b4996eff74033.zip FreeBSD-src-88c7c9558ba88abbcc00dcd9133b4996eff74033.tar.gz |
Resolve conflicts.
Diffstat (limited to 'crypto/openssh/ssh_config.5')
-rw-r--r-- | crypto/openssh/ssh_config.5 | 84 |
1 files changed, 66 insertions, 18 deletions
diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index 805dd9e..7701421 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.49 2005/03/16 11:10:38 jmc Exp $ +.\" $OpenBSD: ssh_config.5,v 1.61 2005/07/08 12:53:10 jmc Exp $ .\" $FreeBSD$ .Dd September 25, 1999 .Dt SSH_CONFIG 5 @@ -44,7 +44,7 @@ .Nd OpenSSH SSH client configuration files .Sh SYNOPSIS .Bl -tag -width Ds -compact -.It Pa $HOME/.ssh/config +.It Pa ~/.ssh/config .It Pa /etc/ssh/ssh_config .El .Sh DESCRIPTION @@ -56,7 +56,7 @@ the following order: command-line options .It user's configuration file -.Pq Pa $HOME/.ssh/config +.Pq Pa ~/.ssh/config .It system-wide configuration file .Pq Pa /etc/ssh/ssh_config @@ -137,8 +137,9 @@ or The default is .Dq no . .It Cm BindAddress -Specify the interface to transmit from on machines with multiple -interfaces or aliased addresses. +Use the specified address on the local machine as the source address of +the connection. +Only useful on systems with more than one address. Note that this option does not work if .Cm UsePrivilegedPort is set to @@ -194,14 +195,17 @@ The supported ciphers are .Dq aes128-ctr , .Dq aes192-ctr , .Dq aes256-ctr , +.Dq arcfour128 , +.Dq arcfour256 , .Dq arcfour , .Dq blowfish-cbc , and .Dq cast128-cbc . The default is .Bd -literal - ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, - aes192-cbc,aes256-cbc'' + ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, + arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr, + aes192-ctr,aes256-ctr'' .Ed .It Cm ClearAllForwardings Specifies that all local, remote and dynamic port forwardings @@ -271,11 +275,47 @@ to listen for control connections, but require confirmation using the program before they are accepted (see .Xr ssh-add 1 for details). +If the +.Cm ControlPath +can not be opened, +.Nm ssh +will continue without connecting to a master instance. +.Pp +X11 and +.Xr ssh-agent 1 +forwarding is supported over these multiplexed connections, however the +display and agent fowarded will be the one belonging to the master +connection i.e. it is not possible to forward multiple displays or agents. +.Pp +Two additional options allow for opportunistic multiplexing: try to use a +master connection but fall back to creating a new one if one does not already +exist. +These options are: +.Dq auto +and +.Dq autoask . +The latter requires confirmation like the +.Dq ask +option. .It Cm ControlPath -Specify the path to the control socket used for connection sharing. -See +Specify the path to the control socket used for connection sharing as described +in the .Cm ControlMaster -above. +section above or the string +.Dq none +to disable connection sharing. +In the path, +.Ql %h +will be substituted by the target host name, +.Ql %p +the port and +.Ql %r +by the remote login username. +It is recommended that any +.Cm ControlPath +used for opportunistic connection sharing include +all three of these escape sequences. +This ensures that shared connections are uniquely identified. .It Cm DynamicForward Specifies that a TCP/IP port on the local machine be forwarded over the secure channel, and the application @@ -412,7 +452,7 @@ Note that this option applies to protocol version 2 only. Indicates that .Nm ssh should hash host names and addresses when they are added to -.Pa $HOME/.ssh/known_hosts . +.Pa ~/.ssh/known_hosts . These hashed names may be used normally by .Nm ssh and @@ -458,11 +498,11 @@ specifications). Specifies a file from which the user's RSA or DSA authentication identity is read. The default is -.Pa $HOME/.ssh/identity +.Pa ~/.ssh/identity for protocol version 1, and -.Pa $HOME/.ssh/id_rsa +.Pa ~/.ssh/id_rsa and -.Pa $HOME/.ssh/id_dsa +.Pa ~/.ssh/id_dsa for protocol version 2. Additionally, any identities represented by the authentication agent will be used for authentication. @@ -617,6 +657,14 @@ Note that .Cm CheckHostIP is not available for connects with a proxy command. .Pp +This directive is useful in conjunction with +.Xr nc 1 +and its proxy support. +For example, the following directive would connect via an HTTP proxy at +192.0.2.0: +.Bd -literal -offset 3n +ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p +.Ed .It Cm PubkeyAuthentication Specifies whether to try public key authentication. The argument to this keyword must be @@ -752,7 +800,7 @@ If this flag is set to .Dq yes , .Nm ssh will never automatically add host keys to the -.Pa $HOME/.ssh/known_hosts +.Pa ~/.ssh/known_hosts file, and refuses to connect to hosts whose host key has changed. This provides maximum protection against trojan horse attacks, however, can be annoying when the @@ -824,7 +872,7 @@ having to remember to give the user name on the command line. .It Cm UserKnownHostsFile Specifies a file to use for the user host key database instead of -.Pa $HOME/.ssh/known_hosts . +.Pa ~/.ssh/known_hosts . .It Cm VerifyHostKeyDNS Specifies whether to verify the remote key using DNS and SSHFP resource records. @@ -852,7 +900,7 @@ Note that this option applies to protocol version 2 only. Specifies a string to append to the regular version string to identify OS- or site-specific modifications. The default is -.Dq FreeBSD-20050605 . +.Dq FreeBSD-20050903 . .It Cm XAuthLocation Specifies the full pathname of the .Xr xauth 1 @@ -862,7 +910,7 @@ The default is .El .Sh FILES .Bl -tag -width Ds -.It Pa $HOME/.ssh/config +.It Pa ~/.ssh/config This is the per-user configuration file. The format of this file is described above. This file is used by the |