version 1.182, 2004/03/05 10:53:58 |
version 1.182.2.2, 2005/03/10 17:15:05 |
|
|
.Nd OpenSSH SSH client (remote login program) |
.Nd OpenSSH SSH client (remote login program) |
.Sh SYNOPSIS |
.Sh SYNOPSIS |
.Nm ssh |
.Nm ssh |
.Op Fl 1246AaCfgkNnqsTtVvXxY |
.Bk -words |
|
.Op Fl 1246AaCfgkMNnqsTtVvXxY |
.Op Fl b Ar bind_address |
.Op Fl b Ar bind_address |
.Op Fl c Ar cipher_spec |
.Op Fl c Ar cipher_spec |
.Op Fl D Ar port |
.Op Fl D Ar port |
.Op Fl e Ar escape_char |
.Op Fl e Ar escape_char |
.Op Fl F Ar configfile |
.Op Fl F Ar configfile |
.Op Fl i Ar identity_file |
.Op Fl i Ar identity_file |
.Bk -words |
.Oo Fl L\ \& |
.Oo Fl L Xo |
|
.Sm off |
.Sm off |
.Ar port : |
.Oo Ar bind_address : Oc |
.Ar host : |
.Ar port : host : hostport |
.Ar hostport |
|
.Sm on |
.Sm on |
.Xc |
|
.Oc |
.Oc |
.Ek |
|
.Op Fl l Ar login_name |
.Op Fl l Ar login_name |
.Op Fl m Ar mac_spec |
.Op Fl m Ar mac_spec |
|
.Op Fl O Ar ctl_cmd |
.Op Fl o Ar option |
.Op Fl o Ar option |
.Bk -words |
|
.Op Fl p Ar port |
.Op Fl p Ar port |
.Ek |
.Oo Fl R\ \& |
.Oo Fl R Xo |
|
.Sm off |
.Sm off |
.Ar port : |
.Oo Ar bind_address : Oc |
.Ar host : |
.Ar port : host : hostport |
.Ar hostport |
|
.Sm on |
.Sm on |
.Xc |
|
.Oc |
.Oc |
|
.Op Fl S Ar ctl_path |
.Oo Ar user Ns @ Oc Ns Ar hostname |
.Oo Ar user Ns @ Oc Ns Ar hostname |
.Op Ar command |
.Op Ar command |
|
.Ek |
.Sh DESCRIPTION |
.Sh DESCRIPTION |
.Nm |
.Nm |
(SSH client) is a program for logging into a remote machine and for |
(SSH client) is a program for logging into a remote machine and for |
|
|
.Ar command |
.Ar command |
is executed on the remote host instead of a login shell. |
is executed on the remote host instead of a login shell. |
.Ss SSH protocol version 1 |
.Ss SSH protocol version 1 |
First, if the machine the user logs in from is listed in |
The first authentication method is the |
|
.Em rhosts |
|
or |
|
.Em hosts.equiv |
|
method combined with RSA-based host authentication. |
|
If the machine the user logs in from is listed in |
.Pa /etc/hosts.equiv |
.Pa /etc/hosts.equiv |
or |
or |
.Pa /etc/shosts.equiv |
.Pa /etc/shosts.equiv |
on the remote machine, and the user names are |
on the remote machine, and the user names are |
the same on both sides, the user is immediately permitted to log in. |
the same on both sides, or if the files |
Second, if |
.Pa $HOME/.rhosts |
.Pa .rhosts |
|
or |
or |
.Pa .shosts |
.Pa $HOME/.shosts |
exists in the user's home directory on the |
exist in the user's home directory on the |
remote machine and contains a line containing the name of the client |
remote machine and contain a line containing the name of the client |
machine and the name of the user on that machine, the user is |
machine and the name of the user on that machine, the user is |
permitted to log in. |
considered for log in. |
This form of authentication alone is normally not |
Additionally, if the server can verify the client's |
allowed by the server because it is not secure. |
|
.Pp |
|
The second authentication method is the |
|
.Em rhosts |
|
or |
|
.Em hosts.equiv |
|
method combined with RSA-based host authentication. |
|
It means that if the login would be permitted by |
|
.Pa $HOME/.rhosts , |
|
.Pa $HOME/.shosts , |
|
.Pa /etc/hosts.equiv , |
|
or |
|
.Pa /etc/shosts.equiv , |
|
and if additionally the server can verify the client's |
|
host key (see |
host key (see |
.Pa /etc/ssh/ssh_known_hosts |
.Pa /etc/ssh/ssh_known_hosts |
and |
and |
|
|
and the rlogin/rsh protocol in general, are inherently insecure and should be |
and the rlogin/rsh protocol in general, are inherently insecure and should be |
disabled if security is desired.] |
disabled if security is desired.] |
.Pp |
.Pp |
As a third authentication method, |
As a second authentication method, |
.Nm |
.Nm |
supports RSA based authentication. |
supports RSA based authentication. |
The scheme is based on public-key cryptography: there are cryptosystems |
The scheme is based on public-key cryptography: there are cryptosystems |
|
|
file, and has one key |
file, and has one key |
per line, though the lines can be very long). |
per line, though the lines can be very long). |
After this, the user can log in without giving the password. |
After this, the user can log in without giving the password. |
RSA authentication is much more secure than |
|
.Em rhosts |
|
authentication. |
|
.Pp |
.Pp |
The most convenient way to use RSA authentication may be with an |
The most convenient way to use RSA authentication may be with an |
authentication agent. |
authentication agent. |
|
|
supports hostbased or challenge response authentication. |
supports hostbased or challenge response authentication. |
.Pp |
.Pp |
Protocol 2 provides additional mechanisms for confidentiality |
Protocol 2 provides additional mechanisms for confidentiality |
(the traffic is encrypted using 3DES, Blowfish, CAST128 or Arcfour) |
(the traffic is encrypted using AES, 3DES, Blowfish, CAST128 or Arcfour) |
and integrity (hmac-md5, hmac-sha1). |
and integrity (hmac-md5, hmac-sha1, hmac-ripemd160). |
Note that protocol 1 lacks a strong mechanism for ensuring the |
Note that protocol 1 lacks a strong mechanism for ensuring the |
integrity of the connection. |
integrity of the connection. |
.Ss Login session and remote execution |
.Ss Login session and remote execution |
|
|
Send a BREAK to the remote system |
Send a BREAK to the remote system |
(only useful for SSH protocol version 2 and if the peer supports it). |
(only useful for SSH protocol version 2 and if the peer supports it). |
.It Cm ~C |
.It Cm ~C |
Open command line (only useful for adding port forwardings using the |
Open command line. |
|
Currently this allows the addition of port forwardings using the |
.Fl L |
.Fl L |
and |
and |
.Fl R |
.Fl R |
options). |
options (see below). |
|
It also allows the cancellation of existing remote port-forwardings |
|
using |
|
.Fl KR Ar hostport . |
|
Basic help is available, using the |
|
.Fl h |
|
option. |
.It Cm ~R |
.It Cm ~R |
Request rekeying of the connection |
Request rekeying of the connection |
(only useful for SSH protocol version 2 and if the peer supports it). |
(only useful for SSH protocol version 2 and if the peer supports it). |
|
|
option can be used to prevent logins to machines whose |
option can be used to prevent logins to machines whose |
host key is not known or has changed. |
host key is not known or has changed. |
.Pp |
.Pp |
|
.Nm |
|
can be configured to verify host identification using fingerprint resource |
|
records (SSHFP) published in DNS. |
|
The |
|
.Cm VerifyHostKeyDNS |
|
option can be used to control how DNS lookups are performed. |
|
SSHFP resource records can be generated using |
|
.Xr ssh-keygen 1 . |
|
.Pp |
The options are as follows: |
The options are as follows: |
.Bl -tag -width Ds |
.Bl -tag -width Ds |
.It Fl 1 |
.It Fl 1 |
|
|
configuration files; see the |
configuration files; see the |
.Cm Compression |
.Cm Compression |
option. |
option. |
.It Fl c Ar blowfish | 3des | des |
.It Fl c Ar cipher_spec |
Selects the cipher to use for encrypting the session. |
Selects the cipher specification for encrypting the session. |
|
.Pp |
|
Protocol version 1 allows specification of a single cipher. |
|
The suported values are |
|
.Dq 3des , |
|
.Dq blowfish |
|
and |
|
.Dq des . |
.Ar 3des |
.Ar 3des |
is used by default. |
|
It is believed to be secure. |
|
.Ar 3des |
|
(triple-des) is an encrypt-decrypt-encrypt triple with three different keys. |
(triple-des) is an encrypt-decrypt-encrypt triple with three different keys. |
|
It is believed to be secure. |
.Ar blowfish |
.Ar blowfish |
is a fast block cipher; it appears very secure and is much faster than |
is a fast block cipher; it appears very secure and is much faster than |
.Ar 3des . |
.Ar 3des . |
|
|
.Ar 3des |
.Ar 3des |
cipher. |
cipher. |
Its use is strongly discouraged due to cryptographic weaknesses. |
Its use is strongly discouraged due to cryptographic weaknesses. |
.It Fl c Ar cipher_spec |
The default is |
Additionally, for protocol version 2 a comma-separated list of ciphers can |
.Dq 3des . |
be specified in order of preference. |
.Pp |
See |
For protocol version 2 |
.Cm Ciphers |
.Ar cipher_spec |
for more information. |
is a comma-separated list of ciphers |
|
listed in order of preference. |
|
The supported ciphers are |
|
.Dq 3des-cbc , |
|
.Dq aes128-cbc , |
|
.Dq aes192-cbc , |
|
.Dq aes256-cbc , |
|
.Dq aes128-ctr , |
|
.Dq aes192-ctr , |
|
.Dq aes256-ctr , |
|
.Dq arcfour , |
|
.Dq blowfish-cbc , |
|
and |
|
.Dq cast128-cbc . |
|
The default is |
|
.Bd -literal |
|
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, |
|
aes192-cbc,aes256-cbc'' |
|
.Ed |
.It Fl D Ar port |
.It Fl D Ar port |
Specifies a local |
Specifies a local |
.Dq dynamic |
.Dq dynamic |
|
|
Disables forwarding (delegation) of GSSAPI credentials to the server. |
Disables forwarding (delegation) of GSSAPI credentials to the server. |
.It Fl L Xo |
.It Fl L Xo |
.Sm off |
.Sm off |
|
.Oo Ar bind_address : Oc |
.Ar port : host : hostport |
.Ar port : host : hostport |
.Sm on |
.Sm on |
.Xc |
.Xc |
|
|
forwarded to the given host and port on the remote side. |
forwarded to the given host and port on the remote side. |
This works by allocating a socket to listen to |
This works by allocating a socket to listen to |
.Ar port |
.Ar port |
on the local side, and whenever a connection is made to this port, the |
on the local side, optionally bound to the specified |
|
.Ar bind_address . |
|
Whenever a connection is made to this port, the |
connection is forwarded over the secure channel, and a connection is |
connection is forwarded over the secure channel, and a connection is |
made to |
made to |
.Ar host |
.Ar host |
|
|
.Ar hostport |
.Ar hostport |
from the remote machine. |
from the remote machine. |
Port forwardings can also be specified in the configuration file. |
Port forwardings can also be specified in the configuration file. |
Only root can forward privileged ports. |
|
IPv6 addresses can be specified with an alternative syntax: |
IPv6 addresses can be specified with an alternative syntax: |
.Sm off |
.Sm off |
.Xo |
.Xo |
|
.Op Ar bind_address No / |
.Ar port No / Ar host No / |
.Ar port No / Ar host No / |
.Ar hostport . |
.Ar hostport |
.Xc |
.Xc |
.Sm on |
.Sm on |
|
or by enclosing the address in square brackets. |
|
Only the superuser can forward privileged ports. |
|
By default, the local port is bound in accordance with the |
|
.Cm GatewayPorts |
|
setting. |
|
However, an explicit |
|
.Ar bind_address |
|
may be used to bind the connection to a specific address. |
|
The |
|
.Ar bind_address |
|
of |
|
.Dq localhost |
|
indicates that the listening port be bound for local use only, while an |
|
empty address or |
|
.Sq * |
|
indicates that the port should be available from all interfaces. |
.It Fl l Ar login_name |
.It Fl l Ar login_name |
Specifies the user to log in as on the remote machine. |
Specifies the user to log in as on the remote machine. |
This also may be specified on a per-host basis in the configuration file. |
This also may be specified on a per-host basis in the configuration file. |
|
.It Fl M |
|
Places the |
|
.Nm |
|
client into |
|
.Dq master |
|
mode for connection sharing. |
|
Refer to the description of |
|
.Cm ControlMaster |
|
in |
|
.Xr ssh_config 5 |
|
for details. |
.It Fl m Ar mac_spec |
.It Fl m Ar mac_spec |
Additionally, for protocol version 2 a comma-separated list of MAC |
Additionally, for protocol version 2 a comma-separated list of MAC |
(message authentication code) algorithms can |
(message authentication code) algorithms can |
|
|
needs to ask for a password or passphrase; see also the |
needs to ask for a password or passphrase; see also the |
.Fl f |
.Fl f |
option.) |
option.) |
|
.It Fl O Ar ctl_cmd |
|
Control an active connection multiplexing master process. |
|
When the |
|
.Fl O |
|
option is specified, the |
|
.Ar ctl_cmd |
|
argument is interpreted and passed to the master process. |
|
Valid commands are: |
|
.Dq check |
|
(check that the master process is running) and |
|
.Dq exit |
|
(request the master to exit). |
.It Fl o Ar option |
.It Fl o Ar option |
Can be used to give options in the format used in the configuration file. |
Can be used to give options in the format used in the configuration file. |
This is useful for specifying options for which there is no separate |
This is useful for specifying options for which there is no separate |
|
|
.It Compression |
.It Compression |
.It CompressionLevel |
.It CompressionLevel |
.It ConnectionAttempts |
.It ConnectionAttempts |
.It ConnectionTimeout |
.It ConnectTimeout |
|
.It ControlMaster |
|
.It ControlPath |
.It DynamicForward |
.It DynamicForward |
.It EscapeChar |
.It EscapeChar |
.It ForwardAgent |
.It ForwardAgent |
|
|
.It GlobalKnownHostsFile |
.It GlobalKnownHostsFile |
.It GSSAPIAuthentication |
.It GSSAPIAuthentication |
.It GSSAPIDelegateCredentials |
.It GSSAPIDelegateCredentials |
|
.It HashKnownHosts |
.It Host |
.It Host |
.It HostbasedAuthentication |
.It HostbasedAuthentication |
.It HostKeyAlgorithms |
.It HostKeyAlgorithms |
|
|
.It HostName |
.It HostName |
.It IdentityFile |
.It IdentityFile |
.It IdentitiesOnly |
.It IdentitiesOnly |
|
.It KbdInteractiveDevices |
.It LocalForward |
.It LocalForward |
.It LogLevel |
.It LogLevel |
.It MACs |
.It MACs |
|
|
.It RemoteForward |
.It RemoteForward |
.It RhostsRSAAuthentication |
.It RhostsRSAAuthentication |
.It RSAAuthentication |
.It RSAAuthentication |
|
.It SendEnv |
.It ServerAliveInterval |
.It ServerAliveInterval |
.It ServerAliveCountMax |
.It ServerAliveCountMax |
.It SmartcardDevice |
.It SmartcardDevice |
|
|
Causes all warning and diagnostic messages to be suppressed. |
Causes all warning and diagnostic messages to be suppressed. |
.It Fl R Xo |
.It Fl R Xo |
.Sm off |
.Sm off |
|
.Oo Ar bind_address : Oc |
.Ar port : host : hostport |
.Ar port : host : hostport |
.Sm on |
.Sm on |
.Xc |
.Xc |
|
|
port |
port |
.Ar hostport |
.Ar hostport |
from the local machine. |
from the local machine. |
|
.Pp |
Port forwardings can also be specified in the configuration file. |
Port forwardings can also be specified in the configuration file. |
Privileged ports can be forwarded only when |
Privileged ports can be forwarded only when |
logging in as root on the remote machine. |
logging in as root on the remote machine. |
IPv6 addresses can be specified with an alternative syntax: |
IPv6 addresses can be specified by enclosing the address in square braces or |
|
using an alternative syntax: |
.Sm off |
.Sm off |
.Xo |
.Xo |
.Ar port No / Ar host No / |
.Op Ar bind_address No / |
.Ar hostport . |
.Ar host No / Ar port No / |
.Xc |
.Ar hostport |
|
.Xc . |
.Sm on |
.Sm on |
|
.Pp |
|
By default, the listening socket on the server will be bound to the loopback |
|
interface only. |
|
This may be overriden by specifying a |
|
.Ar bind_address . |
|
An empty |
|
.Ar bind_address , |
|
or the address |
|
.Ql * , |
|
indicates that the remote socket should listen on all interfaces. |
|
Specifying a remote |
|
.Ar bind_address |
|
will only succeed if the server's |
|
.Cm GatewayPorts |
|
option is enabled (see |
|
.Xr sshd_config 5 ) . |
|
.It Fl S Ar ctl_path |
|
Specifies the location of a control socket for connection sharing. |
|
Refer to the description of |
|
.Cm ControlPath |
|
and |
|
.Cm ControlMaster |
|
in |
|
.Xr ssh_config 5 |
|
for details. |
.It Fl s |
.It Fl s |
May be used to request invocation of a subsystem on the remote system. |
May be used to request invocation of a subsystem on the remote system. |
Subsystems are a feature of the SSH2 protocol which facilitate the use |
Subsystems are a feature of the SSH2 protocol which facilitate the use |
|
|
(for the user's X authorization database) |
(for the user's X authorization database) |
can access the local X11 display through the forwarded connection. |
can access the local X11 display through the forwarded connection. |
An attacker may then be able to perform activities such as keystroke monitoring. |
An attacker may then be able to perform activities such as keystroke monitoring. |
|
.Pp |
|
For this reason, X11 forwarding is subjected to X11 SECURITY extension |
|
restrictions by default. |
|
Please refer to the |
|
.Nm |
|
.Fl Y |
|
option and the |
|
.Cm ForwardX11Trusted |
|
directive in |
|
.Xr ssh_config 5 |
|
for more information. |
.It Fl x |
.It Fl x |
Disables X11 forwarding. |
Disables X11 forwarding. |
.It Fl Y |
.It Fl Y |
Enables trusted X11 forwarding. |
Enables trusted X11 forwarding. |
|
Trusted X11 forwardings are not subjected to the X11 SECURITY extension |
|
controls. |
.El |
.El |
.Sh CONFIGURATION FILES |
.Sh CONFIGURATION FILES |
.Nm |
.Nm |
|
|
This is particularly useful when calling |
This is particularly useful when calling |
.Nm |
.Nm |
from a |
from a |
.Pa .Xsession |
.Pa .xsession |
or related script. |
or related script. |
(Note that on some machines it |
(Note that on some machines it |
may be necessary to redirect the input from |
may be necessary to redirect the input from |
|
|
This is the per-user configuration file. |
This is the per-user configuration file. |
The file format and configuration options are described in |
The file format and configuration options are described in |
.Xr ssh_config 5 . |
.Xr ssh_config 5 . |
|
Because of the potential for abuse, this file must have strict permissions: |
|
read/write for the user, and not accessible by others. |
.It Pa $HOME/.ssh/authorized_keys |
.It Pa $HOME/.ssh/authorized_keys |
Lists the public keys (RSA/DSA) that can be used for logging in as this user. |
Lists the public keys (RSA/DSA) that can be used for logging in as this user. |
The format of this file is described in the |
The format of this file is described in the |
|
|
is not setuid root. |
is not setuid root. |
.It Pa $HOME/.rhosts |
.It Pa $HOME/.rhosts |
This file is used in |
This file is used in |
.Em rhosts |
.Cm RhostsRSAAuthentication |
|
and |
|
.Cm HostbasedAuthentication |
authentication to list the |
authentication to list the |
host/user pairs that are permitted to log in. |
host/user pairs that are permitted to log in. |
(Note that this file is |
(Note that this file is |
|
|
permission for most machines is read/write for the user, and not |
permission for most machines is read/write for the user, and not |
accessible by others. |
accessible by others. |
.Pp |
.Pp |
Note that by default |
Note that |
.Xr sshd 8 |
.Xr sshd 8 |
will be installed so that it requires successful RSA host |
allows authentication only in combination with client host key |
authentication before permitting |
authentication before permitting log in. |
.Em rhosts |
|
authentication. |
|
If the server machine does not have the client's host key in |
If the server machine does not have the client's host key in |
.Pa /etc/ssh/ssh_known_hosts , |
.Pa /etc/ssh/ssh_known_hosts , |
it can be stored in |
it can be stored in |
|
|
This file is used exactly the same way as |
This file is used exactly the same way as |
.Pa .rhosts . |
.Pa .rhosts . |
The purpose for |
The purpose for |
having this file is to be able to use rhosts authentication with |
having this file is to be able to use |
.Nm |
.Cm RhostsRSAAuthentication |
without permitting login with |
and |
|
.Cm HostbasedAuthentication |
|
authentication without permitting login with |
.Xr rlogin |
.Xr rlogin |
or |
or |
.Xr rsh 1 . |
.Xr rsh 1 . |
.It Pa /etc/hosts.equiv |
.It Pa /etc/hosts.equiv |
This file is used during |
This file is used during |
.Em rhosts |
.Cm RhostsRSAAuthentication |
|
and |
|
.Cm HostbasedAuthentication |
authentication. |
authentication. |
It contains |
It contains |
canonical hosts names, one per line (the full format is described in the |
canonical hosts names, one per line (the full format is described in the |
|
|
If the client host is found in this file, login is |
If the client host is found in this file, login is |
automatically permitted provided client and server user names are the |
automatically permitted provided client and server user names are the |
same. |
same. |
Additionally, successful RSA host authentication is normally |
Additionally, successful client host key authentication is required. |
required. |
|
This file should only be writable by root. |
This file should only be writable by root. |
.It Pa /etc/shosts.equiv |
.It Pa /etc/shosts.equiv |
This file is processed exactly as |
This file is processed exactly as |