| version 1.43, 2000/05/01 18:50:59 |
version 1.44, 2000/05/02 23:41:31 |
|
|
| .Nm |
.Nm |
| should ignore the user's |
should ignore the user's |
| .Pa $HOME/.ssh/known_hosts |
.Pa $HOME/.ssh/known_hosts |
| during |
and |
| |
.Pa $HOME/.ssh/known_hosts2 |
| |
files during |
| .Cm RhostsRSAAuthentication . |
.Cm RhostsRSAAuthentication . |
| The default is |
The default is |
| .Dq no . |
.Dq no . |
|
|
| The |
The |
| .Pa $HOME/.ssh/authorized_keys |
.Pa $HOME/.ssh/authorized_keys |
| file lists the RSA keys that are |
file lists the RSA keys that are |
| permitted for RSA authentication. |
permitted for RSA authentication in SSH protocols 1.3 and 1.5 |
| |
Similarily, the |
| |
.Pa $HOME/.ssh/authorized_keys2 |
| |
file lists the DSA keys that are |
| |
permitted for DSA authentication in SSH protocol 2.0. |
| Each line of the file contains one |
Each line of the file contains one |
| key (empty lines and lines starting with a |
key (empty lines and lines starting with a |
| .Ql # |
.Ql # |
|
|
| command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi |
command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi |
| .Sh SSH_KNOWN_HOSTS FILE FORMAT |
.Sh SSH_KNOWN_HOSTS FILE FORMAT |
| The |
The |
| .Pa /etc/ssh_known_hosts |
.Pa /etc/ssh_known_hosts , |
| |
.Pa /etc/ssh_known_hosts2 , |
| |
.Pa $HOME/.ssh/known_hosts , |
| and |
and |
| .Pa $HOME/.ssh/known_hosts |
.Pa $HOME/.ssh/known_hosts2 |
| files contain host public keys for all known hosts. |
files contain host public keys for all known hosts. |
| The global file should |
The global file should |
| be prepared by the administrator (optional), and the per-user file is |
be prepared by the administrator (optional), and the per-user file is |
|
|
| volume). |
volume). |
| It is recommended that it not be accessible by others. |
It is recommended that it not be accessible by others. |
| The format of this file is described above. |
The format of this file is described above. |
| |
Users will place the contents of their |
| |
.Pa identity.pub |
| |
files into this file, as described in |
| |
.Xr ssh-keygen 1 . |
| |
.It Pa $HOME/.ssh/authorized_keys2 |
| |
Lists the DSA keys that can be used to log into the user's account. |
| |
This file must be readable by root (which may on some machines imply |
| |
it being world-readable if the user's home directory resides on an NFS |
| |
volume). |
| |
It is recommended that it not be accessible by others. |
| |
The format of this file is described above. |
| |
Users will place the contents of their |
| |
.Pa id_dsa.pub |
| |
files into this file, as described in |
| |
.Xr ssh-keygen 1 . |
| .It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts" |
.It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts" |
| These files are consulted when using rhosts with RSA host |
These files are consulted when using rhosts with RSA host |
| |
authentication to check the public key of the host. |
| |
The key must be listed in one of these files to be accepted. |
| |
The client uses the same files |
| |
to verify that the remote host is the one we intended to connect. |
| |
These files should be writable only by root/the owner. |
| |
.Pa /etc/ssh_known_hosts |
| |
should be world-readable, and |
| |
.Pa $HOME/.ssh/known_hosts |
| |
can but need not be world-readable. |
| |
.It Pa "/etc/ssh_known_hosts2" and "$HOME/.ssh/known_hosts2" |
| |
These files are consulted when using rhosts with DSA host |
| authentication to check the public key of the host. |
authentication to check the public key of the host. |
| The key must be listed in one of these files to be accepted. |
The key must be listed in one of these files to be accepted. |
| The client uses the same files |
The client uses the same files |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd.8 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh