[BACK]Return to ssh.1 CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh.1 between version 1.139.2.6 and 1.139.2.7

version 1.139.2.6, 2002/06/26 18:22:36 version 1.139.2.7, 2002/10/11 14:53:07
Line 48 
Line 48 
 .Op Ar command  .Op Ar command
 .Pp  .Pp
 .Nm ssh  .Nm ssh
 .Op Fl afgknqstvxACNPTX1246  .Op Fl afgknqstvxACNTX1246
 .Op Fl b Ar bind_address  .Op Fl b Ar bind_address
 .Op Fl c Ar cipher_spec  .Op Fl c Ar cipher_spec
 .Op Fl e Ar escape_char  .Op Fl e Ar escape_char
Line 353 
Line 353 
 The real authentication cookie is never  The real authentication cookie is never
 sent to the server machine (and no cookies are sent in the plain).  sent to the server machine (and no cookies are sent in the plain).
 .Pp  .Pp
 If the user is using an authentication agent, the connection to the agent  If the
 is automatically forwarded to the remote side unless disabled on  .Cm ForwardAgent
 the command line or in a configuration file.  variable is set to
   .Dq yes
   (or, see the description of the
   .Fl A
   and
   .Fl a
   options described later) and
   the user is using an authentication agent, the connection to the agent
   is automatically forwarded to the remote side.
 .Pp  .Pp
 Forwarding of arbitrary TCP/IP connections over the secure channel can  Forwarding of arbitrary TCP/IP connections over the secure channel can
 be specified either on the command line or in a configuration file.  be specified either on the command line or in a configuration file.
Line 394 
Line 402 
 .It Fl A  .It Fl A
 Enables forwarding of the authentication agent connection.  Enables forwarding of the authentication agent connection.
 This can also be specified on a per-host basis in a configuration file.  This can also be specified on a per-host basis in a configuration file.
   .Pp
   Agent forwarding should be enabled with caution.  Users with the
   ability to bypass file permissions on the remote host (for the agent's
   Unix-domain socket) can access the local agent through the forwarded
   connection.  An attacker cannot obtain key material from the agent,
   however they can perform operations on the keys that enable them to
   authenticate using the identities loaded into the agent.
 .It Fl b Ar bind_address  .It Fl b Ar bind_address
 Specify the interface to transmit from on machines with multiple  Specify the interface to transmit from on machines with multiple
 interfaces or aliased addresses.  interfaces or aliased addresses.
Line 515 
Line 530 
 Port to connect to on the remote host.  Port to connect to on the remote host.
 This can be specified on a  This can be specified on a
 per-host basis in the configuration file.  per-host basis in the configuration file.
 .It Fl P  
 Use a non-privileged port for outgoing connections.  
 This can be used if a firewall does  
 not permit connections from privileged ports.  
 Note that this option turns off  
 .Cm RhostsAuthentication  
 and  
 .Cm RhostsRSAAuthentication  
 for older servers.  
 .It Fl q  .It Fl q
 Quiet mode.  Quiet mode.
 Causes all warning and diagnostic messages to be suppressed.  Causes all warning and diagnostic messages to be suppressed.
Line 559 
Line 565 
 .It Fl X  .It Fl X
 Enables X11 forwarding.  Enables X11 forwarding.
 This can also be specified on a per-host basis in a configuration file.  This can also be specified on a per-host basis in a configuration file.
   .Pp
   X11 forwarding should be enabled with caution.  Users with the ability
   to bypass file permissions on the remote host (for the user's X
   authorization database) can access the local X11 display through the
   forwarded connection.  An attacker may then be able to perform
   activities such as keystroke monitoring.
 .It Fl C  .It Fl C
 Requests compression of all data (including stdin, stdout, stderr, and  Requests compression of all data (including stdin, stdout, stderr, and
 data for forwarded X11 and TCP/IP connections).  data for forwarded X11 and TCP/IP connections).
Line 568 
Line 580 
 .Dq level  .Dq level
 can be controlled by the  can be controlled by the
 .Cm CompressionLevel  .Cm CompressionLevel
 option.  option for protocol version 1.
 Compression is desirable on modem lines and other  Compression is desirable on modem lines and other
 slow connections, but will only slow down things on fast networks.  slow connections, but will only slow down things on fast networks.
 The default value can be set on a host-by-host basis in the  The default value can be set on a host-by-host basis in the
Line 714 
Line 726 
 .It Ev SSH_AUTH_SOCK  .It Ev SSH_AUTH_SOCK
 Identifies the path of a unix-domain socket used to communicate with the  Identifies the path of a unix-domain socket used to communicate with the
 agent.  agent.
 .It Ev SSH_CLIENT  .It Ev SSH_CONNECTION
 Identifies the client end of the connection.  Identifies the client and server ends of the connection.
 The variable contains  The variable contains
 three space-separated values: client ip-address, client port number,  four space-separated values: client ip-address, client port number,
 and server port number.  server ip-address and server port number.
 .It Ev SSH_ORIGINAL_COMMAND  .It Ev SSH_ORIGINAL_COMMAND
 The variable contains the original command line if a forced command  The variable contains the original command line if a forced command
 is executed.  is executed.
Line 742 
Line 754 
 .Pa $HOME/.ssh/environment ,  .Pa $HOME/.ssh/environment ,
 and adds lines of the format  and adds lines of the format
 .Dq VARNAME=value  .Dq VARNAME=value
 to the environment.  to the environment if the file exists and if users are allowed to
   change their environment.
   See the
   .Cm PermitUserEnvironment
   option in
   .Xr sshd_config 5 .
 .Sh FILES  .Sh FILES
 .Bl -tag -width Ds  .Bl -tag -width Ds
 .It Pa $HOME/.ssh/known_hosts  .It Pa $HOME/.ssh/known_hosts
Legend:
Removed from v.1.139.2.6  
changed lines
  Added in v.1.139.2.7