| version 1.2, 1999/09/26 22:30:06 |
version 1.3, 1999/09/29 18:16:21 |
|
|
| The following keywords are possible. |
The following keywords are possible. |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Cm AFSTokenPassing |
.It Cm AFSTokenPassing |
| Specifies whether to accept AFS tokens passed from the client. Default |
Specifies whether an AFS token may be forwarded to the server. Default is |
| is |
|
| .Dq yes . |
.Dq yes . |
| |
.Pp |
| .It Cm AllowHosts |
.It Cm AllowHosts |
| This keyword can be followed by any number of host name patterns, |
This keyword can be followed by any number of host name patterns, |
| separated by spaces. If specified, login is allowed only from hosts |
separated by spaces. If specified, login is allowed only from hosts |
|
|
| Specifies whether Kerberos authentication is allowed. This can |
Specifies whether Kerberos authentication is allowed. This can |
| be in the form of a Kerberos ticket, or if PasswordAuthentication |
be in the form of a Kerberos ticket, or if PasswordAuthentication |
| is yes, the password provided by the user will be validated through |
is yes, the password provided by the user will be validated through |
| the Kerberos KDC / AFS kaserver / DCE Security Server. Default is yes. |
the Kerberos KDC. Default is |
| |
.Dq yes . |
| .It Cm KerberosOrLocalPasswd |
.It Cm KerberosOrLocalPasswd |
| If set then if password authentication through Kerberos fails then |
If set then if password authentication through Kerberos fails then |
| the password will be validated via any additional local mechanism |
the password will be validated via any additional local mechanism |
|
|
| .Dq no . |
.Dq no . |
| .It Cm KerberosTgtPassing |
.It Cm KerberosTgtPassing |
| Specifies whether a Kerberos TGT may be forwarded to the server. |
Specifies whether a Kerberos TGT may be forwarded to the server. |
| Default is no, TGT forwarding does only work with the AFS kaserver. |
Default is |
| |
.Dq no , |
| |
as this only works when the Kerberos KDC is actually an AFS kaserver. |
| .It Cm KerberosTicketCleanup |
.It Cm KerberosTicketCleanup |
| Specifies whether to automatically destroy the user's |
Specifies whether to automatically destroy the user's |
| ticket cache file on logout. Default is yes. |
ticket cache file on logout. Default is |
| |
.Dq yes . |
| .It Cm KeyRegenerationInterval |
.It Cm KeyRegenerationInterval |
| The server key is automatically regenerated after this many seconds |
The server key is automatically regenerated after this many seconds |
| (if it has been used). The purpose of regeneration is to prevent |
(if it has been used). The purpose of regeneration is to prevent |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd.8 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh