| version 1.376, 2016/07/16 06:57:55 |
version 1.377, 2017/04/30 23:18:22 |
|
|
| .Sh SYNOPSIS |
.Sh SYNOPSIS |
| .Nm ssh |
.Nm ssh |
| .Bk -words |
.Bk -words |
| .Op Fl 1246AaCfGgKkMNnqsTtVvXxYy |
.Op Fl 46AaCfGgKkMNnqsTtVvXxYy |
| .Op Fl b Ar bind_address |
.Op Fl b Ar bind_address |
| .Op Fl c Ar cipher_spec |
.Op Fl c Ar cipher_spec |
| .Op Fl D Oo Ar bind_address : Oc Ns Ar port |
.Op Fl D Oo Ar bind_address : Oc Ns Ar port |
|
|
| The options are as follows: |
The options are as follows: |
| .Pp |
.Pp |
| .Bl -tag -width Ds -compact |
.Bl -tag -width Ds -compact |
| .It Fl 1 |
|
| Forces |
|
| .Nm |
|
| to try protocol version 1 only. |
|
| .Pp |
|
| .It Fl 2 |
|
| Forces |
|
| .Nm |
|
| to try protocol version 2 only. |
|
| .Pp |
|
| .It Fl 4 |
.It Fl 4 |
| Forces |
Forces |
| .Nm |
.Nm |
|
|
| .Ux Ns -domain |
.Ux Ns -domain |
| connections). |
connections). |
| The compression algorithm is the same used by |
The compression algorithm is the same used by |
| .Xr gzip 1 , |
.Xr gzip 1 . |
| and the |
|
| .Dq level |
|
| can be controlled by the |
|
| .Cm CompressionLevel |
|
| option for protocol version 1. |
|
| Compression is desirable on modem lines and other |
Compression is desirable on modem lines and other |
| slow connections, but will only slow down things on fast networks. |
slow connections, but will only slow down things on fast networks. |
| The default value can be set on a host-by-host basis in the |
The default value can be set on a host-by-host basis in the |
|
|
| .Pp |
.Pp |
| .It Fl c Ar cipher_spec |
.It Fl c Ar cipher_spec |
| Selects the cipher specification for encrypting the session. |
Selects the cipher specification for encrypting the session. |
| .Pp |
|
| Protocol version 1 allows specification of a single cipher. |
|
| The supported values are |
|
| .Dq 3des , |
|
| .Dq blowfish , |
|
| and |
|
| .Dq des . |
|
| For protocol version 2, |
|
| .Ar cipher_spec |
.Ar cipher_spec |
| is a comma-separated list of ciphers |
is a comma-separated list of ciphers |
| listed in order of preference. |
listed in order of preference. |
|
|
| Selects a file from which the identity (private key) for |
Selects a file from which the identity (private key) for |
| public key authentication is read. |
public key authentication is read. |
| The default is |
The default is |
| .Pa ~/.ssh/identity |
|
| for protocol version 1, and |
|
| .Pa ~/.ssh/id_dsa , |
.Pa ~/.ssh/id_dsa , |
| .Pa ~/.ssh/id_ecdsa , |
.Pa ~/.ssh/id_ecdsa , |
| .Pa ~/.ssh/id_ed25519 |
.Pa ~/.ssh/id_ed25519 |
|
|
| .It Ciphers |
.It Ciphers |
| .It ClearAllForwardings |
.It ClearAllForwardings |
| .It Compression |
.It Compression |
| .It CompressionLevel |
|
| .It ConnectionAttempts |
.It ConnectionAttempts |
| .It ConnectTimeout |
.It ConnectTimeout |
| .It ControlMaster |
.It ControlMaster |
|
|
| .It PKCS11Provider |
.It PKCS11Provider |
| .It Port |
.It Port |
| .It PreferredAuthentications |
.It PreferredAuthentications |
| .It Protocol |
|
| .It ProxyCommand |
.It ProxyCommand |
| .It ProxyJump |
.It ProxyJump |
| .It ProxyUseFdpass |
.It ProxyUseFdpass |
|
|
| .It RekeyLimit |
.It RekeyLimit |
| .It RemoteForward |
.It RemoteForward |
| .It RequestTTY |
.It RequestTTY |
| .It RhostsRSAAuthentication |
|
| .It RSAAuthentication |
|
| .It SendEnv |
.It SendEnv |
| .It ServerAliveInterval |
.It ServerAliveInterval |
| .It ServerAliveCountMax |
.It ServerAliveCountMax |
|
|
| The file format and configuration options are described in |
The file format and configuration options are described in |
| .Xr ssh_config 5 . |
.Xr ssh_config 5 . |
| .Sh AUTHENTICATION |
.Sh AUTHENTICATION |
| The OpenSSH SSH client supports SSH protocols 1 and 2. |
The OpenSSH SSH client supports SSH protocol 2. |
| The default is to use protocol 2 only, |
|
| though this can be changed via the |
|
| .Cm Protocol |
|
| option in |
|
| .Xr ssh_config 5 |
|
| or the |
|
| .Fl 1 |
|
| and |
|
| .Fl 2 |
|
| options (see above). |
|
| Protocol 1 should not be used |
|
| and is only offered to support legacy devices. |
|
| It suffers from a number of cryptographic weaknesses |
|
| and doesn't support many of the advanced features available for protocol 2. |
|
| .Pp |
.Pp |
| The methods available for authentication are: |
The methods available for authentication are: |
| GSSAPI-based authentication, |
GSSAPI-based authentication, |
|
|
| The user creates his/her key pair by running |
The user creates his/her key pair by running |
| .Xr ssh-keygen 1 . |
.Xr ssh-keygen 1 . |
| This stores the private key in |
This stores the private key in |
| .Pa ~/.ssh/identity |
|
| (protocol 1), |
|
| .Pa ~/.ssh/id_dsa |
.Pa ~/.ssh/id_dsa |
| (DSA), |
(DSA), |
| .Pa ~/.ssh/id_ecdsa |
.Pa ~/.ssh/id_ecdsa |
|
|
| .Pa ~/.ssh/id_rsa |
.Pa ~/.ssh/id_rsa |
| (RSA) |
(RSA) |
| and stores the public key in |
and stores the public key in |
| .Pa ~/.ssh/identity.pub |
|
| (protocol 1), |
|
| .Pa ~/.ssh/id_dsa.pub |
.Pa ~/.ssh/id_dsa.pub |
| (DSA), |
(DSA), |
| .Pa ~/.ssh/id_ecdsa.pub |
.Pa ~/.ssh/id_ecdsa.pub |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh