Annotation of src/usr.bin/ssh/ssh-keysign.8, Revision 1.10
1.10 ! djm 1: .\" $OpenBSD: ssh-keysign.8,v 1.9 2007/05/31 19:20:16 jmc Exp $
1.1 markus 2: .\"
3: .\" Copyright (c) 2002 Markus Friedl. All rights reserved.
4: .\"
5: .\" Redistribution and use in source and binary forms, with or without
6: .\" modification, are permitted provided that the following conditions
7: .\" are met:
8: .\" 1. Redistributions of source code must retain the above copyright
9: .\" notice, this list of conditions and the following disclaimer.
10: .\" 2. Redistributions in binary form must reproduce the above copyright
11: .\" notice, this list of conditions and the following disclaimer in the
12: .\" documentation and/or other materials provided with the distribution.
13: .\"
14: .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15: .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16: .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17: .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18: .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19: .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20: .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21: .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22: .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23: .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24: .\"
1.10 ! djm 25: .Dd $Mdocdate: May 31 2007 $
1.1 markus 26: .Dt SSH-KEYSIGN 8
27: .Os
28: .Sh NAME
29: .Nm ssh-keysign
1.8 jmc 30: .Nd ssh helper program for host-based authentication
1.1 markus 31: .Sh SYNOPSIS
1.2 stevesk 32: .Nm
1.1 markus 33: .Sh DESCRIPTION
34: .Nm
35: is used by
36: .Xr ssh 1
1.2 stevesk 37: to access the local host keys and generate the digital signature
1.8 jmc 38: required during host-based authentication with SSH protocol version 2.
1.3 markus 39: .Pp
40: .Nm
41: is disabled by default and can only be enabled in the
1.5 stevesk 42: global client configuration file
1.3 markus 43: .Pa /etc/ssh/ssh_config
44: by setting
1.4 markus 45: .Cm EnableSSHKeysign
1.3 markus 46: to
47: .Dq yes .
48: .Pp
1.1 markus 49: .Nm
50: is not intended to be invoked by the user, but from
51: .Xr ssh 1 .
52: See
53: .Xr ssh 1
54: and
55: .Xr sshd 8
1.8 jmc 56: for more information about host-based authentication.
1.2 stevesk 57: .Sh FILES
58: .Bl -tag -width Ds
1.3 markus 59: .It Pa /etc/ssh/ssh_config
60: Controls whether
61: .Nm
62: is enabled.
1.2 stevesk 63: .It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
64: These files contain the private parts of the host keys used to
1.6 jmc 65: generate the digital signature.
66: They should be owned by root, readable only by root, and not
1.2 stevesk 67: accessible to others.
68: Since they are readable only by root,
69: .Nm
1.8 jmc 70: must be set-uid root if host-based authentication is used.
1.10 ! djm 71: .It Pa /etc/ssh/ssh_host_dsa_key-cert.pub, /etc/ssh/ssh_host_rsa_key-cert.pub
! 72: If these files exist they are assumed to contain public certificate
! 73: information corresponding with the private keys above.
1.2 stevesk 74: .El
1.1 markus 75: .Sh SEE ALSO
76: .Xr ssh 1 ,
1.2 stevesk 77: .Xr ssh-keygen 1 ,
1.3 markus 78: .Xr ssh_config 5 ,
1.1 markus 79: .Xr sshd 8
80: .Sh HISTORY
81: .Nm
82: first appeared in
83: .Ox 3.2 .
1.7 jmc 84: .Sh AUTHORS
85: .An Markus Friedl Aq markus@openbsd.org
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-keysign.8 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh