| version 1.4, 1999/09/29 18:16:20 |
version 1.5, 1999/09/30 08:52:34 |
|
|
| .Sh SYNOPSIS |
.Sh SYNOPSIS |
| .Nm ssh |
.Nm ssh |
| .Op Fl l Ar login_name |
.Op Fl l Ar login_name |
| .Ar hostname |
.Op Ar hostname | user@hostname |
| .Op Ar command |
.Op Ar command |
| .Pp |
.Pp |
| .Nm ssh |
.Nm ssh |
| .Op Fl agknqtvxXC |
.Op Fl agknqtvxXC |
| .Op Fl c Ar blowfish|idea|des|3des|none |
.Op Fl c Ar blowfish|3des|none |
| .Op Fl e Ar escape_char |
.Op Fl e Ar escape_char |
| .Op Fl i Ar identity_file |
.Op Fl i Ar identity_file |
| .Op Fl l Ar login_name |
.Op Fl l Ar login_name |
|
|
| .Op Fl p Ar port |
.Op Fl p Ar port |
| .Op Fl L Ar port:host:hostport |
.Op Fl L Ar port:host:hostport |
| .Op Fl R Ar port:host:hostport |
.Op Fl R Ar port:host:hostport |
| .Ar hostname |
.Op Ar hostname | user@hostname |
| .Op Ar command |
.Op Ar command |
| .Sh DESCRIPTION |
.Sh DESCRIPTION |
| .Nm |
.Nm |
| (Secure Shell) a program for logging into a remote machine and for |
(Secure Shell) is a program for logging into a remote machine and for |
| executing commands in a remote machine. It is intended to replace |
executing commands on a remote machine. It is intended to replace |
| rlogin and rsh, and provide secure encrypted communications between |
rlogin and rsh, and provide secure encrypted communications between |
| two untrusted hosts over an insecure network. X11 connections and |
two untrusted hosts over an insecure network. X11 connections and |
| arbitrary TCP/IP ports can also be forwarded over the secure channel. |
arbitrary TCP/IP ports can also be forwarded over the secure channel. |
|
|
| .It Fl a |
.It Fl a |
| Disables forwarding of the authentication agent connection. This may |
Disables forwarding of the authentication agent connection. This may |
| also be specified on a per-host basis in the configuration file. |
also be specified on a per-host basis in the configuration file. |
| .It Fl c Ar blowfish|idea|des|3des|none |
.It Fl c Ar blowfish|3des|none |
| Selects the cipher to use for encrypting the session. |
Selects the cipher to use for encrypting the session. |
| .Ar 3des |
.Ar 3des |
| is used by default. It is believed to be secure. |
is used by default. It is believed to be secure. |
| .Ar des |
|
| is the data encryption standard, but is breakable by |
|
| governments, large corporations, and major criminal organizations. |
|
| .Ar 3des |
.Ar 3des |
| (triple-des) is encrypt-decrypt-encrypt triple with three different keys. |
(triple-des) is an encrypt-decrypt-encrypt triple with three different keys. |
| It is presumably more secure than DES. |
It is presumably more secure than the |
| |
.Ar des |
| |
cipher which is no longer supported in ssh. |
| |
.Ar blowfish |
| |
is a fast block cipher, it appears very secure and is much faster than |
| |
.Ar 3des . |
| .Ar none |
.Ar none |
| disables encryption entirely; it is only intended for debugging, and |
disables encryption entirely; it is only intended for debugging, and |
| it renders the connection insecure. |
it renders the connection insecure. |
|
|
| .It Cm Cipher |
.It Cm Cipher |
| Specifies the cipher to use for encrypting the session. Currently, |
Specifies the cipher to use for encrypting the session. Currently, |
| .Dq blowfish , |
.Dq blowfish , |
| .Dq idea , |
|
| .Dq des , |
|
| .Dq 3des , |
.Dq 3des , |
| and |
and |
| .Dq none |
.Dq none |
|
|
| See the |
See the |
| .Xr sshd 8 |
.Xr sshd 8 |
| manual page for more information. |
manual page for more information. |
| .Sh INSTALLATION |
.It Pa libcrypto.so.X.1 |
| .Nm |
A version of this library which includes support for the RSA algorithm |
| is normally installed as suid root. It needs root privileges only for |
is required for proper operation. |
| rhosts authentication (rhosts authentication requires that the |
|
| connection must come from a privileged port, and allocating such a |
|
| port requires root privileges). It also needs to be able to read |
|
| .Pa /etc/ssh_host_key |
|
| to perform RSA |
|
| host authentication. It is possible to use |
|
| .Nm |
|
| without root privileges, but rhosts authentication will then be |
|
| disabled. |
|
| .Nm |
|
| drops any extra privileges immediately after the connection to the |
|
| remote host has been made. |
|
| .Pp |
|
| Considerable work has been put into making |
|
| .Xr sshd 8 |
|
| secure. However, if you find a security problem, please report it |
|
| immediately to <ssh-bugs@cs.hut.fi>. |
|
| .Sh AUTHOR |
.Sh AUTHOR |
| Tatu Ylonen <ylo@cs.hut.fi> |
Tatu Ylonen <ylo@cs.hut.fi> |
| .Pp |
.Pp |
| Issues can be found from the SSH WWW home page: |
Issues can be found from the SSH WWW home page: |
| .Pp |
.Pp |
| .Dl http://www.cs.hut.fi/ssh |
.Dl http://www.cs.hut.fi/ssh |
| |
.Pp |
| |
This version of |
| |
.Nm |
| |
is a derivative of the original 1.2.16 release, but with bugs removed and |
| |
newer features re-added. Rapidly after 1.2.16 release newer versions bore |
| |
successively more restrictive licenses. In this version, all components |
| |
of a restrictive nature (ie. patents) have been directly removed from the |
| |
source code; any licensed or patented components are chosen from external |
| |
libraries. The libraries described in |
| |
.Xr ssl 8 |
| |
are required for proper operation. |
| .Sh SEE ALSO |
.Sh SEE ALSO |
| .Xr make-ssh-known-hosts 1 , |
.Xr make-ssh-known-hosts 1 , |
| .Xr rlogin 1 , |
.Xr rlogin 1 , |
|
|
| .Xr ssh-agent 1 , |
.Xr ssh-agent 1 , |
| .Xr ssh-keygen 1 , |
.Xr ssh-keygen 1 , |
| .Xr telnet 1 , |
.Xr telnet 1 , |
| .Xr sshd 8 |
.Xr sshd 8 , |
| |
.Xr ssl 8 |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh