| version 1.146, 2001/08/30 20:36:34 |
version 1.147, 2001/09/05 06:23:07 |
|
|
| .Ql ? |
.Ql ? |
| can be used as |
can be used as |
| wildcards in the patterns. |
wildcards in the patterns. |
| Only group names are valid; a numerical group ID isn't recognized. |
Only group names are valid; a numerical group ID is not recognized. |
| By default login is allowed regardless of the group list. |
By default login is allowed regardless of the group list. |
| .Pp |
.Pp |
| .It Cm AllowTcpForwarding |
.It Cm AllowTcpForwarding |
|
|
| .Ql ? |
.Ql ? |
| can be used as |
can be used as |
| wildcards in the patterns. |
wildcards in the patterns. |
| Only user names are valid; a numerical user ID isn't recognized. |
Only user names are valid; a numerical user ID is not recognized. |
| By default login is allowed regardless of the user name. |
By default login is allowed regardless of the user name. |
| If the pattern takes the form USER@HOST then USER and HOST |
If the pattern takes the form USER@HOST then USER and HOST |
| are separately checked, allowing you to restrict logins to particular |
are separately checked, restricting logins to particular |
| users from particular hosts. |
users from particular hosts. |
| .Pp |
.Pp |
| .It Cm AuthorizedKeysFile |
.It Cm AuthorizedKeysFile |
|
|
| encrypted channel and therefore will not be spoofable. The TCP keepalive |
encrypted channel and therefore will not be spoofable. The TCP keepalive |
| option enabled by |
option enabled by |
| .Cm Keepalive |
.Cm Keepalive |
| is spoofable. You want to use the client |
is spoofable. The client alive mechanism is valuable when the client or |
| alive mechanism when you are basing something important on |
server depend on knowing when a connection has become inactive. |
| clients having an active connection to the server. |
|
| .Pp |
.Pp |
| The default value is 3. If you set |
The default value is 3. If |
| .Cm ClientAliveInterval |
.Cm ClientAliveInterval |
| (above) to 15, and leave this value at the default, unresponsive ssh clients |
(above) is set to 15, and |
| |
.Cm Keepalive is left at the default, unresponsive ssh clients |
| will be disconnected after approximately 45 seconds. |
will be disconnected after approximately 45 seconds. |
| .It Cm DenyGroups |
.It Cm DenyGroups |
| This keyword can be followed by a number of group names, separated |
This keyword can be followed by a number of group names, separated |
|
|
| .Ql ? |
.Ql ? |
| can be used as |
can be used as |
| wildcards in the patterns. |
wildcards in the patterns. |
| Only group names are valid; a numerical group ID isn't recognized. |
Only group names are valid; a numerical group ID is not recognized. |
| By default login is allowed regardless of the group list. |
By default login is allowed regardless of the group list. |
| .Pp |
.Pp |
| .It Cm DenyUsers |
.It Cm DenyUsers |
|
|
| and |
and |
| .Ql ? |
.Ql ? |
| can be used as wildcards in the patterns. |
can be used as wildcards in the patterns. |
| Only user names are valid; a numerical user ID isn't recognized. |
Only user names are valid; a numerical user ID is not recognized. |
| By default login is allowed regardless of the user name. |
By default login is allowed regardless of the user name. |
| .It Cm GatewayPorts |
.It Cm GatewayPorts |
| Specifies whether remote hosts are allowed to connect to ports |
Specifies whether remote hosts are allowed to connect to ports |
|
|
| The command supplied by the user (if any) is ignored. |
The command supplied by the user (if any) is ignored. |
| The command is run on a pty if the connection requests a pty; |
The command is run on a pty if the connection requests a pty; |
| otherwise it is run without a tty. |
otherwise it is run without a tty. |
| Note that if you want a 8-bit clean channel, |
If a 8-bit clean channel is required, |
| you must not request a pty or should specify |
one must not request a pty or should specify |
| .Cm no-pty . |
.Cm no-pty . |
| A quote may be included in the command by quoting it with a backslash. |
A quote may be included in the command by quoting it with a backslash. |
| This option might be useful |
This option might be useful |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd.8 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh