version 1.136, 2001/08/30 16:04:35 |
version 1.137, 2001/09/05 06:23:07 |
|
|
option.) |
option.) |
.It Fl N |
.It Fl N |
Do not execute a remote command. |
Do not execute a remote command. |
This is useful if you just want to forward ports |
This is useful for just forwarding ports |
(protocol version 2 only). |
(protocol version 2 only). |
.It Fl o Ar option |
.It Fl o Ar option |
Can be used to give options in the format used in the configuration file. |
Can be used to give options in the format used in the configuration file. |
|
|
per-host basis in the configuration file. |
per-host basis in the configuration file. |
.It Fl P |
.It Fl P |
Use a non-privileged port for outgoing connections. |
Use a non-privileged port for outgoing connections. |
This can be used if your firewall does |
This can be used if a firewall does |
not permit connections from privileged ports. |
not permit connections from privileged ports. |
Note that this option turns off |
Note that this option turns off |
.Cm RhostsAuthentication |
.Cm RhostsAuthentication |
|
|
If set to |
If set to |
.Dq yes , |
.Dq yes , |
passphrase/password querying will be disabled. |
passphrase/password querying will be disabled. |
This option is useful in scripts and other batch jobs where you have no |
This option is useful in scripts and other batch jobs where no user |
user to supply the password. |
is present to supply the password. |
The argument must be |
The argument must be |
.Dq yes |
.Dq yes |
or |
or |
|
|
real host name when looking up or saving the host key |
real host name when looking up or saving the host key |
in the host key database files. |
in the host key database files. |
This option is useful for tunneling ssh connections |
This option is useful for tunneling ssh connections |
or if you have multiple servers running on a single host. |
or for multiple servers running on a single host. |
.It Cm HostName |
.It Cm HostName |
Specifies the real host name to log into. |
Specifies the real host name to log into. |
This can be used to specify nicknames or abbreviations for hosts. |
This can be used to specify nicknames or abbreviations for hosts. |
|
|
will never automatically add host keys to the |
will never automatically add host keys to the |
.Pa $HOME/.ssh/known_hosts |
.Pa $HOME/.ssh/known_hosts |
file, and refuses to connect to hosts whose host key has changed. |
file, and refuses to connect to hosts whose host key has changed. |
This provides maximum protection against trojan horse attacks. |
This provides maximum protection against trojan horse attacks, |
However, it can be somewhat annoying if you don't have good |
however, can be annoying when the |
.Pa /etc/ssh_known_hosts |
.Pa /etc/ssh_known_hosts |
files installed and frequently |
file is poorly maintained, or connections to new hosts are |
connect to new hosts. |
frequently made. |
This option forces the user to manually |
This option forces the user to manually |
add all new hosts. |
add all new hosts. |
If this flag is set to |
If this flag is set to |
|
|
.Dq no . |
.Dq no . |
The default is |
The default is |
.Dq no . |
.Dq no . |
Note that you need to set this option to |
Note that this option must be set to |
.Dq yes |
.Dq yes |
if you want to use |
if |
.Cm RhostsAuthentication |
.Cm RhostsAuthentication |
and |
and |
.Cm RhostsRSAAuthentication |
.Cm RhostsRSAAuthentication |
with older servers. |
authentications are needed with older servers. |
.It Cm User |
.It Cm User |
Specifies the user to log in as. |
Specifies the user to log in as. |
This can be useful if you have a different user name on different machines. |
This can be useful when a different user name is used on different machines. |
This saves the trouble of |
This saves the trouble of |
having to remember to give the user name on the command line. |
having to remember to give the user name on the command line. |
.It Cm UserKnownHostsFile |
.It Cm UserKnownHostsFile |
|
|
file should be added to |
file should be added to |
.Pa $HOME/.ssh/authorized_keys |
.Pa $HOME/.ssh/authorized_keys |
on all machines |
on all machines |
where you wish to log in using protocol version 1 RSA authentication. |
where the user wishes to log in using protocol version 1 RSA authentication. |
The contents of the |
The contents of the |
.Pa $HOME/.ssh/id_dsa.pub |
.Pa $HOME/.ssh/id_dsa.pub |
and |
and |
|
|
file should be added to |
file should be added to |
.Pa $HOME/.ssh/authorized_keys |
.Pa $HOME/.ssh/authorized_keys |
on all machines |
on all machines |
where you wish to log in using protocol version 2 DSA/RSA authentication. |
where the user wishes to log in using protocol version 2 DSA/RSA authentication. |
These files are not |
These files are not |
sensitive and can (but need not) be readable by anyone. |
sensitive and can (but need not) be readable by anyone. |
These files are |
These files are |
|
|
.Xr sshd 8 |
.Xr sshd 8 |
will be installed so that it requires successful RSA host |
will be installed so that it requires successful RSA host |
authentication before permitting \s+2.\s0rhosts authentication. |
authentication before permitting \s+2.\s0rhosts authentication. |
If your server machine does not have the client's host key in |
If the server machine does not have the client's host key in |
.Pa /etc/ssh_known_hosts , |
.Pa /etc/ssh_known_hosts , |
you can store it in |
it can be stored in |
.Pa $HOME/.ssh/known_hosts . |
.Pa $HOME/.ssh/known_hosts . |
The easiest way to do this is to |
The easiest way to do this is to |
connect back to the client from the server machine using ssh; this |
connect back to the client from the server machine using ssh; this |