version 1.347, 2021/02/15 20:43:15 |
version 1.348, 2021/02/23 21:55:08 |
|
|
but may be manually hashed using |
but may be manually hashed using |
.Xr ssh-keygen 1 . |
.Xr ssh-keygen 1 . |
.It Cm HostbasedAcceptedAlgorithms |
.It Cm HostbasedAcceptedAlgorithms |
Specifies the key types that will be used for hostbased authentication |
Specifies the signature algorithms that will be used for hostbased |
as a comma-separated list of patterns. |
authentication as a comma-separated list of patterns. |
Alternately if the specified list begins with a |
Alternately if the specified list begins with a |
.Sq + |
.Sq + |
character, then the specified key types will be appended to the default set |
character, then the specified signature algorithms will be appended |
instead of replacing them. |
to the default set instead of replacing them. |
If the specified list begins with a |
If the specified list begins with a |
.Sq - |
.Sq - |
character, then the specified key types (including wildcards) will be removed |
character, then the specified signature algorithms (including wildcards) |
from the default set instead of replacing them. |
will be removed from the default set instead of replacing them. |
If the specified list begins with a |
If the specified list begins with a |
.Sq ^ |
.Sq ^ |
character, then the specified key types will be placed at the head of the |
character, then the specified signature algorithms will be placed |
default set. |
at the head of the default set. |
The default for this option is: |
The default for this option is: |
.Bd -literal -offset 3n |
.Bd -literal -offset 3n |
ssh-ed25519-cert-v01@openssh.com, |
ssh-ed25519-cert-v01@openssh.com, |
|
|
.Fl Q |
.Fl Q |
option of |
option of |
.Xr ssh 1 |
.Xr ssh 1 |
may be used to list supported key types. |
may be used to list supported signature algorithms. |
This was formerly named HostbasedKeyTypes. |
This was formerly named HostbasedKeyTypes. |
.It Cm HostbasedAuthentication |
.It Cm HostbasedAuthentication |
Specifies whether to try rhosts based authentication with public key |
Specifies whether to try rhosts based authentication with public key |
|
|
.Cm no |
.Cm no |
(the default). |
(the default). |
.It Cm HostKeyAlgorithms |
.It Cm HostKeyAlgorithms |
Specifies the host key algorithms |
Specifies the host key signature algorithms |
that the client wants to use in order of preference. |
that the client wants to use in order of preference. |
Alternately if the specified list begins with a |
Alternately if the specified list begins with a |
.Sq + |
.Sq + |
character, then the specified key types will be appended to the default set |
character, then the specified signature algorithms will be appended to |
instead of replacing them. |
the default set instead of replacing them. |
If the specified list begins with a |
If the specified list begins with a |
.Sq - |
.Sq - |
character, then the specified key types (including wildcards) will be removed |
character, then the specified signature algorithms (including wildcards) |
from the default set instead of replacing them. |
will be removed from the default set instead of replacing them. |
If the specified list begins with a |
If the specified list begins with a |
.Sq ^ |
.Sq ^ |
character, then the specified key types will be placed at the head of the |
character, then the specified signature algorithms will be placed |
default set. |
at the head of the default set. |
The default for this option is: |
The default for this option is: |
.Bd -literal -offset 3n |
.Bd -literal -offset 3n |
ssh-ed25519-cert-v01@openssh.com, |
ssh-ed25519-cert-v01@openssh.com, |
|
|
If hostkeys are known for the destination host then this default is modified |
If hostkeys are known for the destination host then this default is modified |
to prefer their algorithms. |
to prefer their algorithms. |
.Pp |
.Pp |
The list of available key types may also be obtained using |
The list of available signature algorithms may also be obtained using |
.Qq ssh -Q HostKeyAlgorithms . |
.Qq ssh -Q HostKeyAlgorithms . |
.It Cm HostKeyAlias |
.It Cm HostKeyAlias |
Specifies an alias that should be used instead of the |
Specifies an alias that should be used instead of the |
|
|
rsa-sha2-512,rsa-sha2-256,ssh-rsa |
rsa-sha2-512,rsa-sha2-256,ssh-rsa |
.Ed |
.Ed |
.Pp |
.Pp |
The list of available key types may also be obtained using |
The list of available signature algorithms may also be obtained using |
.Qq ssh -Q PubkeyAcceptedAlgorithms . |
.Qq ssh -Q PubkeyAcceptedAlgorithms . |
.It Cm PubkeyAuthentication |
.It Cm PubkeyAuthentication |
Specifies whether to try public key authentication. |
Specifies whether to try public key authentication. |