diff options
Diffstat (limited to 'crypto/openssh/ssh.1')
-rw-r--r-- | crypto/openssh/ssh.1 | 55 |
1 files changed, 36 insertions, 19 deletions
diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index d2e1d71..48aa748 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -33,9 +33,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.334 2013/07/18 01:12:26 djm Exp $ +.\" $OpenBSD: ssh.1,v 1.343 2013/12/07 11:58:46 naddy Exp $ .\" $FreeBSD$ -.Dd July 18, 2013 +.Dd December 7, 2013 .Dt SSH 1 .Os .Sh NAME @@ -59,6 +59,7 @@ .Op Fl O Ar ctl_cmd .Op Fl o Ar option .Op Fl p Ar port +.Op Fl Q Cm cipher | cipher-auth | mac | kex | key .Op Fl R Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport .Op Fl S Ar ctl_path .Op Fl W Ar host : Ns Ar port @@ -66,8 +67,6 @@ .Oo Ar user Ns @ Oc Ns Ar hostname .Op Ar command .Ek -.Nm -.Fl Q Ar protocol_feature .Sh DESCRIPTION .Nm (SSH client) is a program for logging into a remote machine and for @@ -281,7 +280,8 @@ The default is .Pa ~/.ssh/identity for protocol version 1, and .Pa ~/.ssh/id_dsa , -.Pa ~/.ssh/id_ecdsa +.Pa ~/.ssh/id_ecdsa , +.Pa ~/.ssh/id_ed25519 and .Pa ~/.ssh/id_rsa for protocol version 2. @@ -418,6 +418,11 @@ For full details of the options listed below, and their possible values, see .It AddressFamily .It BatchMode .It BindAddress +.It CanonicalDomains +.It CanonicalizeFallbackLocal +.It CanonicalizeHostname +.It CanonicalizeMaxDots +.It CanonicalizePermittedCNAMEs .It ChallengeResponseAuthentication .It CheckHostIP .It Cipher @@ -457,6 +462,7 @@ For full details of the options listed below, and their possible values, see .It LocalForward .It LogLevel .It MACs +.It Match .It NoHostAuthenticationForLocalhost .It NumberOfPasswordPrompts .It PasswordAuthentication @@ -466,6 +472,7 @@ For full details of the options listed below, and their possible values, see .It PreferredAuthentications .It Protocol .It ProxyCommand +.It ProxyUseFdpass .It PubkeyAuthentication .It RekeyLimit .It RemoteForward @@ -491,21 +498,21 @@ For full details of the options listed below, and their possible values, see Port to connect to on the remote host. This can be specified on a per-host basis in the configuration file. -.It Fl Q Ar protocol_feature +.It Fl Q Cm cipher | cipher-auth | mac | kex | key Queries .Nm -for the algorithms supported for the specified version 2 -.Ar protocol_feature . -The queriable features are: -.Dq cipher +for the algorithms supported for the specified version 2. +The available features are: +.Ar cipher (supported symmetric ciphers), -.Dq MAC +.Ar cipher-auth +(supported symmetric ciphers that support authenticated encryption), +.Ar mac (supported message integrity codes), -.Dq KEX +.Ar kex (key exchange algorithms), -.Dq key +.Ar key (key types). -Protocol features are treated case-insensitively. .It Fl q Quiet mode. Causes most warning and diagnostic messages to be suppressed. @@ -753,7 +760,7 @@ key pair for authentication purposes. The server knows the public key, and only the user knows the private key. .Nm implements public key authentication protocol automatically, -using one of the DSA, ECDSA or RSA algorithms. +using one of the DSA, ECDSA, ED25519 or RSA algorithms. Protocol 1 is restricted to using only RSA keys, but protocol 2 may use any. The HISTORY section of @@ -780,6 +787,8 @@ This stores the private key in (protocol 2 DSA), .Pa ~/.ssh/id_ecdsa (protocol 2 ECDSA), +.Pa ~/.ssh/id_ed25519 +(protocol 2 ED25519), or .Pa ~/.ssh/id_rsa (protocol 2 RSA) @@ -790,6 +799,8 @@ and stores the public key in (protocol 2 DSA), .Pa ~/.ssh/id_ecdsa.pub (protocol 2 ECDSA), +.Pa ~/.ssh/id_ed25519.pub +(protocol 2 ED25519), or .Pa ~/.ssh/id_rsa.pub (protocol 2 RSA) @@ -829,9 +840,12 @@ text, and prompts for a response. Protocol 2 allows multiple challenges and responses; protocol 1 is restricted to just one challenge/response. Examples of challenge-response authentication include -BSD Authentication (see +.Bx +Authentication (see .Xr login.conf 5 ) -and PAM (some non-OpenBSD systems). +and PAM (some +.Pf non- Ox +systems). .Pp Finally, if other authentication methods fail, .Nm @@ -1326,8 +1340,8 @@ secret, but the recommended permissions are read/write/execute for the user, and not accessible by others. .Pp .It Pa ~/.ssh/authorized_keys -Lists the public keys (DSA/ECDSA/RSA) that can be used for logging in as -this user. +Lists the public keys (DSA, ECDSA, ED25519, RSA) +that can be used for logging in as this user. The format of this file is described in the .Xr sshd 8 manual page. @@ -1349,6 +1363,7 @@ above. .It Pa ~/.ssh/identity .It Pa ~/.ssh/id_dsa .It Pa ~/.ssh/id_ecdsa +.It Pa ~/.ssh/id_ed25519 .It Pa ~/.ssh/id_rsa Contains the private key for authentication. These files @@ -1363,6 +1378,7 @@ sensitive part of this file using 3DES. .It Pa ~/.ssh/identity.pub .It Pa ~/.ssh/id_dsa.pub .It Pa ~/.ssh/id_ecdsa.pub +.It Pa ~/.ssh/id_ed25519.pub .It Pa ~/.ssh/id_rsa.pub Contains the public key for authentication. These files are not @@ -1402,6 +1418,7 @@ The file format and configuration options are described in .It Pa /etc/ssh/ssh_host_key .It Pa /etc/ssh/ssh_host_dsa_key .It Pa /etc/ssh/ssh_host_ecdsa_key +.It Pa /etc/ssh/ssh_host_ed25519_key .It Pa /etc/ssh/ssh_host_rsa_key These files contain the private parts of the host keys and are used for host-based authentication. |