| version 1.308, 2010/08/04 05:37:01 |
version 1.309, 2010/08/08 19:36:30 |
|
|
| .Xr sshd_config 5 . |
.Xr sshd_config 5 . |
| .Sh FILES |
.Sh FILES |
| .Bl -tag -width Ds -compact |
.Bl -tag -width Ds -compact |
| .It ~/.rhosts |
.It Pa ~/.rhosts |
| This file is used for host-based authentication (see above). |
This file is used for host-based authentication (see above). |
| On some machines this file may need to be |
On some machines this file may need to be |
| world-readable if the user's home directory is on an NFS partition, |
world-readable if the user's home directory is on an NFS partition, |
|
|
| permission for most machines is read/write for the user, and not |
permission for most machines is read/write for the user, and not |
| accessible by others. |
accessible by others. |
| .Pp |
.Pp |
| .It ~/.shosts |
.It Pa ~/.shosts |
| This file is used in exactly the same way as |
This file is used in exactly the same way as |
| .Pa .rhosts , |
.Pa .rhosts , |
| but allows host-based authentication without permitting login with |
but allows host-based authentication without permitting login with |
| rlogin/rsh. |
rlogin/rsh. |
| .Pp |
.Pp |
| .It ~/.ssh/ |
.It Pa ~/.ssh/ |
| This directory is the default location for all user-specific configuration |
This directory is the default location for all user-specific configuration |
| and authentication information. |
and authentication information. |
| There is no general requirement to keep the entire contents of this directory |
There is no general requirement to keep the entire contents of this directory |
| secret, but the recommended permissions are read/write/execute for the user, |
secret, but the recommended permissions are read/write/execute for the user, |
| and not accessible by others. |
and not accessible by others. |
| .Pp |
.Pp |
| .It ~/.ssh/authorized_keys |
.It Pa ~/.ssh/authorized_keys |
| Lists the public keys (RSA/DSA) that can be used for logging in as this user. |
Lists the public keys (RSA/DSA) that can be used for logging in as this user. |
| The format of this file is described in the |
The format of this file is described in the |
| .Xr sshd 8 |
.Xr sshd 8 |
|
|
| This file is not highly sensitive, but the recommended |
This file is not highly sensitive, but the recommended |
| permissions are read/write for the user, and not accessible by others. |
permissions are read/write for the user, and not accessible by others. |
| .Pp |
.Pp |
| .It ~/.ssh/config |
.It Pa ~/.ssh/config |
| This is the per-user configuration file. |
This is the per-user configuration file. |
| The file format and configuration options are described in |
The file format and configuration options are described in |
| .Xr ssh_config 5 . |
.Xr ssh_config 5 . |
| Because of the potential for abuse, this file must have strict permissions: |
Because of the potential for abuse, this file must have strict permissions: |
| read/write for the user, and not accessible by others. |
read/write for the user, and not accessible by others. |
| .Pp |
.Pp |
| .It ~/.ssh/environment |
.It Pa ~/.ssh/environment |
| Contains additional definitions for environment variables; see |
Contains additional definitions for environment variables; see |
| .Sx ENVIRONMENT , |
.Sx ENVIRONMENT , |
| above. |
above. |
| .Pp |
.Pp |
| .It ~/.ssh/identity |
.It Pa ~/.ssh/identity |
| .It ~/.ssh/id_dsa |
.It Pa ~/.ssh/id_dsa |
| .It ~/.ssh/id_rsa |
.It Pa ~/.ssh/id_rsa |
| Contains the private key for authentication. |
Contains the private key for authentication. |
| These files |
These files |
| contain sensitive data and should be readable by the user but not |
contain sensitive data and should be readable by the user but not |
|
|
| generating the key which will be used to encrypt the |
generating the key which will be used to encrypt the |
| sensitive part of this file using 3DES. |
sensitive part of this file using 3DES. |
| .Pp |
.Pp |
| .It ~/.ssh/identity.pub |
.It Pa ~/.ssh/identity.pub |
| .It ~/.ssh/id_dsa.pub |
.It Pa ~/.ssh/id_dsa.pub |
| .It ~/.ssh/id_rsa.pub |
.It Pa ~/.ssh/id_rsa.pub |
| Contains the public key for authentication. |
Contains the public key for authentication. |
| These files are not |
These files are not |
| sensitive and can (but need not) be readable by anyone. |
sensitive and can (but need not) be readable by anyone. |
| .Pp |
.Pp |
| .It ~/.ssh/known_hosts |
.It Pa ~/.ssh/known_hosts |
| Contains a list of host keys for all hosts the user has logged into |
Contains a list of host keys for all hosts the user has logged into |
| that are not already in the systemwide list of known host keys. |
that are not already in the systemwide list of known host keys. |
| See |
See |
| .Xr sshd 8 |
.Xr sshd 8 |
| for further details of the format of this file. |
for further details of the format of this file. |
| .Pp |
.Pp |
| .It ~/.ssh/rc |
.It Pa ~/.ssh/rc |
| Commands in this file are executed by |
Commands in this file are executed by |
| .Nm |
.Nm |
| when the user logs in, just before the user's shell (or command) is |
when the user logs in, just before the user's shell (or command) is |
|
|
| .Xr sshd 8 |
.Xr sshd 8 |
| manual page for more information. |
manual page for more information. |
| .Pp |
.Pp |
| .It /etc/hosts.equiv |
.It Pa /etc/hosts.equiv |
| This file is for host-based authentication (see above). |
This file is for host-based authentication (see above). |
| It should only be writable by root. |
It should only be writable by root. |
| .Pp |
.Pp |
| .It /etc/shosts.equiv |
.It Pa /etc/shosts.equiv |
| This file is used in exactly the same way as |
This file is used in exactly the same way as |
| .Pa hosts.equiv , |
.Pa hosts.equiv , |
| but allows host-based authentication without permitting login with |
but allows host-based authentication without permitting login with |
|
|
| The file format and configuration options are described in |
The file format and configuration options are described in |
| .Xr ssh_config 5 . |
.Xr ssh_config 5 . |
| .Pp |
.Pp |
| .It /etc/ssh/ssh_host_key |
.It Pa /etc/ssh/ssh_host_key |
| .It /etc/ssh/ssh_host_dsa_key |
.It Pa /etc/ssh/ssh_host_dsa_key |
| .It /etc/ssh/ssh_host_rsa_key |
.It Pa /etc/ssh/ssh_host_rsa_key |
| These three files contain the private parts of the host keys |
These three files contain the private parts of the host keys |
| and are used for host-based authentication. |
and are used for host-based authentication. |
| If protocol version 1 is used, |
If protocol version 1 is used, |
|
|
| .Nm |
.Nm |
| is not setuid root. |
is not setuid root. |
| .Pp |
.Pp |
| .It /etc/ssh/ssh_known_hosts |
.It Pa /etc/ssh/ssh_known_hosts |
| Systemwide list of known host keys. |
Systemwide list of known host keys. |
| This file should be prepared by the |
This file should be prepared by the |
| system administrator to contain the public host keys of all machines in the |
system administrator to contain the public host keys of all machines in the |
|
|
| .Xr sshd 8 |
.Xr sshd 8 |
| for further details of the format of this file. |
for further details of the format of this file. |
| .Pp |
.Pp |
| .It /etc/ssh/sshrc |
.It Pa /etc/ssh/sshrc |
| Commands in this file are executed by |
Commands in this file are executed by |
| .Nm |
.Nm |
| when the user logs in, just before the user's shell (or command) is started. |
when the user logs in, just before the user's shell (or command) is started. |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh