| version 1.220, 2015/09/22 08:33:23 |
version 1.221, 2015/09/24 06:15:11 |
|
|
| or |
or |
| .Dq *.c.example.com |
.Dq *.c.example.com |
| domains. |
domains. |
| |
.It Cm CertificateFile |
| |
Specifies a file from which the user's certificate is read. |
| |
A corresponding private key must be provided separately in order |
| |
to use this certificate either |
| |
from an |
| |
.Cm IdentityFile |
| |
directive or |
| |
.Fl i |
| |
flag to |
| |
.Xr ssh 1 , |
| |
via |
| |
.Xr ssh-agent 1 , |
| |
or via a |
| |
.Cm PKCS11Provider . |
| |
.Pp |
| |
The file name may use the tilde |
| |
syntax to refer to a user's home directory or one of the following |
| |
escape characters: |
| |
.Ql %d |
| |
(local user's home directory), |
| |
.Ql %u |
| |
(local user name), |
| |
.Ql %l |
| |
(local host name), |
| |
.Ql %h |
| |
(remote host name) or |
| |
.Ql %r |
| |
(remote user name). |
| |
.Pp |
| |
It is possible to have multiple certificate files specified in |
| |
configuration files; these certificates will be tried in sequence. |
| |
Multiple |
| |
.Cm CertificateFile |
| |
directives will add to the list of certificates used for |
| |
authentication. |
| .It Cm ChallengeResponseAuthentication |
.It Cm ChallengeResponseAuthentication |
| Specifies whether to use challenge-response authentication. |
Specifies whether to use challenge-response authentication. |
| The argument to this keyword must be |
The argument to this keyword must be |
|
|
| .It Cm IdentitiesOnly |
.It Cm IdentitiesOnly |
| Specifies that |
Specifies that |
| .Xr ssh 1 |
.Xr ssh 1 |
| should only use the authentication identity files configured in the |
should only use the authentication identity and certificate files explicitly |
| |
configured in the |
| .Nm |
.Nm |
| files, |
files |
| |
or passed on the |
| |
.Xr ssh 1 |
| |
command-line, |
| even if |
even if |
| .Xr ssh-agent 1 |
.Xr ssh-agent 1 |
| or a |
or a |
|
|
| will be used for authentication unless |
will be used for authentication unless |
| .Cm IdentitiesOnly |
.Cm IdentitiesOnly |
| is set. |
is set. |
| |
If no certificates have been explicitly specified by |
| |
.Cm CertificateFile , |
| .Xr ssh 1 |
.Xr ssh 1 |
| will try to load certificate information from the filename obtained by |
will try to load certificate information from the filename obtained by |
| appending |
appending |
|
|
| may be used in conjunction with |
may be used in conjunction with |
| .Cm IdentitiesOnly |
.Cm IdentitiesOnly |
| to select which identities in an agent are offered during authentication. |
to select which identities in an agent are offered during authentication. |
| |
.Cm IdentityFile |
| |
may also be used in conjunction with |
| |
.Cm CertificateFile |
| |
in order to provide any certificate also needed for authentication with |
| |
the identity. |
| .It Cm IgnoreUnknown |
.It Cm IgnoreUnknown |
| Specifies a pattern-list of unknown options to be ignored if they are |
Specifies a pattern-list of unknown options to be ignored if they are |
| encountered in configuration parsing. |
encountered in configuration parsing. |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh_config.5 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh