| version 1.41, 2000/04/12 23:00:28 |
version 1.42, 2000/05/01 08:19:58 |
|
|
| .Nm |
.Nm |
| (Secure Shell Daemon) is the daemon program for |
(Secure Shell Daemon) is the daemon program for |
| .Xr ssh 1 . |
.Xr ssh 1 . |
| Together these programs replace rlogin and rsh programs, and |
Together these programs replace rlogin and rsh, and |
| provide secure encrypted communications between two untrusted hosts |
provide secure encrypted communications between two untrusted hosts |
| over an insecure network. |
over an insecure network. |
| The programs are intended to be as easy to |
The programs are intended to be as easy to |
|
|
| This key is normally regenerated every hour if it has been used, and |
This key is normally regenerated every hour if it has been used, and |
| is never stored on disk. |
is never stored on disk. |
| .Pp |
.Pp |
| Whenever a client connects the daemon, the daemon sends its host |
Whenever a client connects the daemon responds with its public |
| and server public keys to the client. |
host and server keys. |
| The client compares the |
The client compares the |
| host key against its own database to verify that it has not changed. |
host key against its own database to verify that it has not changed. |
| The client then generates a 256 bit random number. |
The client then generates a 256 bit random number. |
| It encrypts this |
It encrypts this |
| random number using both the host key and the server key, and sends |
random number using both the host key and the server key, and sends |
| the encrypted number to the server. |
the encrypted number to the server. |
| Both sides then start to use this |
Both sides then use this |
| random number as a session key which is used to encrypt all further |
random number as a session key which is used to encrypt all further |
| communications in the session. |
communications in the session. |
| The rest of the session is encrypted |
The rest of the session is encrypted |
| using a conventional cipher, currently Blowfish and 3DES, with 3DES |
using a conventional cipher, currently Blowfish or 3DES, with 3DES |
| being used by default. |
being used by default. |
| The client selects the encryption algorithm |
The client selects the encryption algorithm |
| to use from those offered by the server. |
to use from those offered by the server. |
|
|
| .Xr rlogin 1 |
.Xr rlogin 1 |
| and |
and |
| .Xr rsh 1 |
.Xr rsh 1 |
| into that machine). |
into the machine). |
| .Pp |
.Pp |
| If the client successfully authenticates itself, a dialog for |
If the client successfully authenticates itself, a dialog for |
| preparing the session is entered. |
preparing the session is entered. |
|
|
| Do not print an error message if RSA support is missing. |
Do not print an error message if RSA support is missing. |
| .It Fl V Ar client_protocol_id |
.It Fl V Ar client_protocol_id |
| SSH2 compatibility mode. |
SSH2 compatibility mode. |
| When this options is specified |
When this option is specified |
| .Nm |
.Nm |
| assumes the client has sent the given version string |
assumes the client has sent the supplied version string |
| and skips the |
and skips the |
| Protocol Version Identification Exchange. |
Protocol Version Identification Exchange. |
| .It Fl 4 |
.It Fl 4 |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd.8 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh