version 1.48, 2000/05/03 18:04:39 |
version 1.49, 2000/05/03 22:01:09 |
|
|
connects and logs into the specified |
connects and logs into the specified |
.Ar hostname . |
.Ar hostname . |
The user must prove |
The user must prove |
his/her identity to the remote machine using one of several methods. |
his/her identity to the remote machine using one of several methods |
|
depending on the protocol version used: |
.Pp |
.Pp |
|
.Ss SSH protocol version 1 |
|
.Pp |
First, if the machine the user logs in from is listed in |
First, if the machine the user logs in from is listed in |
.Pa /etc/hosts.equiv |
.Pa /etc/hosts.equiv |
or |
or |
|
|
.Pa hosts.equiv |
.Pa hosts.equiv |
method combined with RSA-based host authentication. |
method combined with RSA-based host authentication. |
It means that if the login would be permitted by |
It means that if the login would be permitted by |
.Pa \&.rhosts , |
.Pa $HOME/.rhosts , |
.Pa \&.shosts , |
.Pa $HOME/.shosts , |
.Pa /etc/hosts.equiv , |
.Pa /etc/hosts.equiv , |
or |
or |
.Pa /etc/shosts.equiv , |
.Pa /etc/shosts.equiv , |
|
|
spoofing, DNS spoofing and routing spoofing. |
spoofing, DNS spoofing and routing spoofing. |
[Note to the administrator: |
[Note to the administrator: |
.Pa /etc/hosts.equiv , |
.Pa /etc/hosts.equiv , |
.Pa \&.rhosts , |
.Pa $HOME/.rhosts , |
and the rlogin/rsh protocol in general, are inherently insecure and should be |
and the rlogin/rsh protocol in general, are inherently insecure and should be |
disabled if security is desired.] |
disabled if security is desired.] |
.Pp |
.Pp |
|
|
The user creates his/her RSA key pair by running |
The user creates his/her RSA key pair by running |
.Xr ssh-keygen 1 . |
.Xr ssh-keygen 1 . |
This stores the private key in |
This stores the private key in |
.Pa \&.ssh/identity |
.Pa $HOME/.ssh/identity |
and the public key in |
and the public key in |
.Pa \&.ssh/identity.pub |
.Pa $HOME/.ssh/identity.pub |
in the user's home directory. |
in the user's home directory. |
The user should then copy the |
The user should then copy the |
.Pa identity.pub |
.Pa identity.pub |
to |
to |
.Pa \&.ssh/authorized_keys |
.Pa $HOME/.ssh/authorized_keys |
in his/her home directory on the remote machine (the |
in his/her home directory on the remote machine (the |
.Pa authorized_keys |
.Pa authorized_keys |
file corresponds to the conventional |
file corresponds to the conventional |
.Pa \&.rhosts |
.Pa $HOME/.rhosts |
file, and has one key |
file, and has one key |
per line, though the lines can be very long). |
per line, though the lines can be very long). |
After this, the user can log in without giving the password. |
After this, the user can log in without giving the password. |
|
|
host for checking; however, since all communications are encrypted, |
host for checking; however, since all communications are encrypted, |
the password cannot be seen by someone listening on the network. |
the password cannot be seen by someone listening on the network. |
.Pp |
.Pp |
|
.Ss SSH protocol version 2 |
|
.Pp |
|
When a user connects using the protocol version 2 |
|
different authentication methods are available: |
|
At first, the client attempts to authenticate using the public key method. |
|
If this method fails password authentication is tried. |
|
.Pp |
|
The public key method is similar to RSA authentication described |
|
in the previous section except that the DSA algorithm is used |
|
instead of the patented RSA algorithm. |
|
The client uses his private DSA key |
|
.Pa $HOME/.ssh/id_dsa |
|
to sign the session identifier and sends the result to the server. |
|
The server checks whether the matching public key is listed in |
|
.Pa $HOME/.ssh/authorized_keys2 |
|
and grants access if both the key is found and the signature is correct. |
|
The session identifier is derived from a shared Diffie-Hellman value |
|
and is only known to the client and the server. |
|
.Pp |
|
If public key authentication fails or is not available a password |
|
can be sent encrypted to the remote host for proving the user's identity. |
|
This protocol 2 implementation does not yet support Kerberos or |
|
S/Key authentication. |
|
.Pp |
|
Protocol 2 provides additional mechanisms for confidentiality |
|
(the traffic is encrypted using 3DES, blowfish, cast128 or arcfour) |
|
and integrity (hmac-sha1, hmac-md5). |
|
Note that protocol 1 lacks a strong mechanism for ensuring the |
|
integrity of the connection. |
|
.Pp |
|
.Ss Login session and remote execution |
|
.Pp |
When the user's identity has been accepted by the server, the server |
When the user's identity has been accepted by the server, the server |
either executes the given command, or logs into the machine and gives |
either executes the given command, or logs into the machine and gives |
the user a normal shell on the remote machine. |
the user a normal shell on the remote machine. |
|
|
of |
of |
.Nm ssh . |
.Nm ssh . |
.Pp |
.Pp |
|
.Ss X11 and TCP forwarding |
|
.Pp |
If the user is using X11 (the |
If the user is using X11 (the |
.Ev DISPLAY |
.Ev DISPLAY |
environment variable is set), the connection to the X11 display is |
environment variable is set), the connection to the X11 display is |
|
|
One possible application of TCP/IP forwarding is a secure connection to an |
One possible application of TCP/IP forwarding is a secure connection to an |
electronic purse; another is going trough firewalls. |
electronic purse; another is going trough firewalls. |
.Pp |
.Pp |
|
.Ss Server authentication |
|
.Pp |
.Nm |
.Nm |
automatically maintains and checks a database containing RSA-based |
automatically maintains and checks a database containing |
identifications for all hosts it has ever been used with. |
identifications for all hosts it has ever been used with. |
The database is stored in |
RSA host keys are stored in |
.Pa \&.ssh/known_hosts |
.Pa $HOME/.ssh/known_hosts |
|
and |
|
DSA host keys are stored in |
|
.Pa $HOME/.ssh/known_hosts2 |
in the user's home directory. |
in the user's home directory. |
Additionally, the file |
Additionally, the files |
.Pa /etc/ssh_known_hosts |
.Pa /etc/ssh_known_hosts |
is automatically checked for known hosts. |
and |
|
.Pa /etc/ssh_known_hosts2 |
|
are automatically checked for known hosts. |
Any new hosts are automatically added to the user's file. |
Any new hosts are automatically added to the user's file. |
If a host's identification |
If a host's identification |
ever changes, |
ever changes, |
|
|
Selects the file from which the identity (private key) for |
Selects the file from which the identity (private key) for |
RSA authentication is read. |
RSA authentication is read. |
Default is |
Default is |
.Pa \&.ssh/identity |
.Pa $HOME/.ssh/identity |
in the user's home directory. |
in the user's home directory. |
Identity files may also be specified on |
Identity files may also be specified on |
a per-host basis in the configuration file. |
a per-host basis in the configuration file. |
|
|
.It Cm IdentityFile |
.It Cm IdentityFile |
Specifies the file from which the user's RSA authentication identity |
Specifies the file from which the user's RSA authentication identity |
is read (default |
is read (default |
.Pa .ssh/identity |
.Pa $HOME/.ssh/identity |
in the user's home directory). |
in the user's home directory). |
Additionally, any identities represented by the authentication agent |
Additionally, any identities represented by the authentication agent |
will be used for authentication. |
will be used for authentication. |
|
|
.It Cm IdentityFile2 |
.It Cm IdentityFile2 |
Specifies the file from which the user's DSA authentication identity |
Specifies the file from which the user's DSA authentication identity |
is read (default |
is read (default |
.Pa .ssh/id_dsa |
.Pa $HOME/.ssh/id_dsa |
in the user's home directory). |
in the user's home directory). |
The file name may use the tilde |
The file name may use the tilde |
syntax to refer to a user's home directory. |
syntax to refer to a user's home directory. |
|
|
.Dq 2 . |
.Dq 2 . |
Multiple versions must be comma-separated. |
Multiple versions must be comma-separated. |
The default is |
The default is |
.Dq 1 . |
.Dq 1,2 . |
|
This means that |
|
.Nm |
|
tries version 1 and falls back to version 2 |
|
if version 1 is no available. |
.It Cm ProxyCommand |
.It Cm ProxyCommand |
Specifies the command to use to connect to the server. |
Specifies the command to use to connect to the server. |
The command |
The command |