version 1.250, 2010/01/30 21:08:33 |
version 1.251, 2010/02/26 20:29:54 |
|
|
.Op Fl 46DdeiqTt |
.Op Fl 46DdeiqTt |
.Op Fl b Ar bits |
.Op Fl b Ar bits |
.Op Fl C Ar connection_spec |
.Op Fl C Ar connection_spec |
|
.Op Fl c Ar host_certificate_file |
.Op Fl f Ar config_file |
.Op Fl f Ar config_file |
.Op Fl g Ar login_grace_time |
.Op Fl g Ar login_grace_time |
.Op Fl h Ar host_key_file |
.Op Fl h Ar host_key_file |
|
|
.It Fl b Ar bits |
.It Fl b Ar bits |
Specifies the number of bits in the ephemeral protocol version 1 |
Specifies the number of bits in the ephemeral protocol version 1 |
server key (default 1024). |
server key (default 1024). |
|
.It Fl c Ar host_certificate_file |
|
Specifies a path to a certificate file to identify |
|
.Nm |
|
during key exchange. |
|
The certificate file must match a host key file specified using the |
|
.Fl -h |
|
option or the |
|
.Cm HostKey |
|
configuration directive. |
.It Fl C Ar connection_spec |
.It Fl C Ar connection_spec |
Specify the connection parameters to use for the |
Specify the connection parameters to use for the |
.Fl T |
.Fl T |
|
|
The following option specifications are supported (note |
The following option specifications are supported (note |
that option keywords are case-insensitive): |
that option keywords are case-insensitive): |
.Bl -tag -width Ds |
.Bl -tag -width Ds |
|
.It Cm from="cert-authority" |
|
Specifies that the listed key is a certification authority (CA) that is |
|
trusted to validate signed certificates for user authentication. |
|
.Pp |
|
Certificates may encode access restrictions similar to these key options. |
|
If both certificate restrictions and key options are present, the most |
|
restrictive union of the two is applied. |
.It Cm command="command" |
.It Cm command="command" |
Specifies that the command is executed whenever this key is used for |
Specifies that the command is executed whenever this key is used for |
authentication. |
authentication. |
|
|
.Ev SSH_ORIGINAL_COMMAND |
.Ev SSH_ORIGINAL_COMMAND |
environment variable. |
environment variable. |
Note that this option applies to shell, command or subsystem execution. |
Note that this option applies to shell, command or subsystem execution. |
|
Also note that this command may be superseded by either a |
|
.Xr sshd_config 5 |
|
.Cm ForceCommand |
|
directive or a command embedded in a certificate. |
.It Cm environment="NAME=value" |
.It Cm environment="NAME=value" |
Specifies that the string is to be added to the environment when |
Specifies that the string is to be added to the environment when |
logging in using this key. |
logging in using this key. |