src/usr.bin/ssh/sshd.8 - diff

Return to sshd.8 CVS log

Up to [local] / src / usr.bin / ssh

version 1.130, 2001/06/22 21:55:50

version 1.131, 2001/06/23 02:34:33

Line 1017

.Sh SSH_KNOWN_HOSTS FILE FORMAT

The

.Pa /etc/ssh_known_hosts ,

.Pa /etc/ssh_known_hosts2 ,

.Pa $HOME/.ssh/known_hosts ,

and

.Pa $HOME/.ssh/known_hosts2

.Pa $HOME/.ssh/known_hosts

files contain host public keys for all known hosts.

The global file should

be prepared by the administrator (optional), and the per-user file is

Line 1121

Line 1119

.Xr ssh-keygen 1 .

.It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts"

These files are consulted when using rhosts with RSA host

authentication to check the public key of the host.

authentication or protocol version 2 hostbased authentication

to check the public key of the host.

The key must be listed in one of these files to be accepted.

The client uses the same files

to verify that it is connecting to the correct remote host.

Line 1129

Line 1128

.Pa /etc/ssh_known_hosts

should be world-readable, and

.Pa $HOME/.ssh/known_hosts

can but need not be world-readable.

.It Pa "/etc/ssh_known_hosts2" and "$HOME/.ssh/known_hosts2"

These files are consulted when using protocol version 2 hostbased

authentication to check the public key of the host.

The key must be listed in one of these files to be accepted.

The client uses the same files

to verify that it is connecting to the correct remote host.

These files should be writable only by root/the owner.

.Pa /etc/ssh_known_hosts2

should be world-readable, and

.Pa $HOME/.ssh/known_hosts2

can but need not be world-readable.

.It Pa /etc/nologin

If this file exists,