| version 1.258, 2010/08/08 19:36:30 |
version 1.259, 2010/08/31 11:54:45 |
|
|
| The default is |
The default is |
| .Pa /etc/ssh/ssh_host_key |
.Pa /etc/ssh/ssh_host_key |
| for protocol version 1, and |
for protocol version 1, and |
| .Pa /etc/ssh/ssh_host_rsa_key |
.Pa /etc/ssh/ssh_host_dsa_key , |
| |
.Pa /etc/ssh/ssh_host_ecdsa_key |
| and |
and |
| .Pa /etc/ssh/ssh_host_dsa_key |
.Pa /etc/ssh/ssh_host_rsa_key |
| for protocol version 2. |
for protocol version 2. |
| It is possible to have multiple host key files for |
It is possible to have multiple host key files for |
| the different protocol versions and host key algorithms. |
the different protocol versions and host key algorithms. |
|
|
| .Cm Protocol |
.Cm Protocol |
| option in |
option in |
| .Xr sshd_config 5 . |
.Xr sshd_config 5 . |
| Protocol 2 supports both RSA and DSA keys; |
Protocol 2 supports DSA, ECDSA and RSA keys; |
| protocol 1 only supports RSA keys. |
protocol 1 only supports RSA keys. |
| For both protocols, |
For both protocols, |
| each host has a host-specific key, |
each host has a host-specific key, |
|
|
| comment field is not used for anything (but may be convenient for the |
comment field is not used for anything (but may be convenient for the |
| user to identify the key). |
user to identify the key). |
| For protocol version 2 the keytype is |
For protocol version 2 the keytype is |
| |
.Dq ecdsa-sha2-nistp256 , |
| |
.Dq ecdsa-sha2-nistp384 , |
| |
.Dq ecdsa-sha2-nistp521 , |
| .Dq ssh-dss |
.Dq ssh-dss |
| or |
or |
| .Dq ssh-rsa . |
.Dq ssh-rsa . |
|
|
| You don't want to type them in; instead, copy the |
You don't want to type them in; instead, copy the |
| .Pa identity.pub , |
.Pa identity.pub , |
| .Pa id_dsa.pub , |
.Pa id_dsa.pub , |
| |
.Pa id_ecdsa.pub , |
| or the |
or the |
| .Pa id_rsa.pub |
.Pa id_rsa.pub |
| file and edit it. |
file and edit it. |
|
|
| and not accessible by others. |
and not accessible by others. |
| .Pp |
.Pp |
| .It Pa ~/.ssh/authorized_keys |
.It Pa ~/.ssh/authorized_keys |
| Lists the public keys (RSA/DSA) that can be used for logging in as this user. |
Lists the public keys (DSA/ECDSA/RSA) that can be used for logging in |
| |
as this user. |
| The format of this file is described above. |
The format of this file is described above. |
| The content of the file is not highly sensitive, but the recommended |
The content of the file is not highly sensitive, but the recommended |
| permissions are read/write for the user, and not accessible by others. |
permissions are read/write for the user, and not accessible by others. |
|
|
| .Pp |
.Pp |
| .It Pa /etc/ssh/ssh_host_key |
.It Pa /etc/ssh/ssh_host_key |
| .It Pa /etc/ssh/ssh_host_dsa_key |
.It Pa /etc/ssh/ssh_host_dsa_key |
| |
.It Pa /etc/ssh/ssh_host_ecdsa_key |
| .It Pa /etc/ssh/ssh_host_rsa_key |
.It Pa /etc/ssh/ssh_host_rsa_key |
| These three files contain the private parts of the host keys. |
These three files contain the private parts of the host keys. |
| These files should only be owned by root, readable only by root, and not |
These files should only be owned by root, readable only by root, and not |
|
|
| .Pp |
.Pp |
| .It Pa /etc/ssh/ssh_host_key.pub |
.It Pa /etc/ssh/ssh_host_key.pub |
| .It Pa /etc/ssh/ssh_host_dsa_key.pub |
.It Pa /etc/ssh/ssh_host_dsa_key.pub |
| |
.It Pa /etc/ssh/ssh_host_ecdsa_key.pub |
| .It Pa /etc/ssh/ssh_host_rsa_key.pub |
.It Pa /etc/ssh/ssh_host_rsa_key.pub |
| These three files contain the public parts of the host keys. |
These three files contain the public parts of the host keys. |
| These files should be world-readable but writable only by |
These files should be world-readable but writable only by |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd.8 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh