=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshd.8,v retrieving revision 1.51 retrieving revision 1.51.2.4 diff -u -r1.51 -r1.51.2.4 --- src/usr.bin/ssh/sshd.8 2000/05/08 17:42:31 1.51 +++ src/usr.bin/ssh/sshd.8 2001/03/12 15:44:17 1.51.2.4 @@ -1,31 +1,56 @@ .\" -*- nroff -*- .\" -.\" sshd.8.in -.\" .\" Author: Tatu Ylonen -.\" .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland .\" All rights reserved .\" -.\" Created: Sat Apr 22 21:55:14 1995 ylo +.\" As far as I am concerned, the code I have written for this software +.\" can be used freely for any purpose. Any derived versions of this +.\" software must be clearly marked as such, and if the derived work is +.\" incompatible with the protocol description in the RFC file, it must be +.\" called by a name other than "ssh" or "Secure Shell". .\" -.\" $Id: sshd.8,v 1.51 2000/05/08 17:42:31 hugh Exp $ +.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. +.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. +.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. .\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.\" $OpenBSD: sshd.8,v 1.51.2.4 2001/03/12 15:44:17 jason Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os .Sh NAME .Nm sshd -.Nd secure shell daemon +.Nd OpenSSH secure shell daemon .Sh SYNOPSIS .Nm sshd -.Op Fl diqQ46 +.Op Fl diqD46 .Op Fl b Ar bits .Op Fl f Ar config_file .Op Fl g Ar login_grace_time .Op Fl h Ar host_key_file .Op Fl k Ar key_gen_time .Op Fl p Ar port +.Op Fl u Ar len .Op Fl V Ar client_protocol_id .Sh DESCRIPTION .Nm @@ -104,7 +129,7 @@ .Pp .Ss SSH protocol version 2 .Pp -Version 2 works similar: +Version 2 works similarly: Each host has a host-specific DSA key used to identify the host. However, when the daemon starts, it does not generate a server key. Forward security is provided through a Diffie-Hellman key agreement. @@ -119,7 +144,7 @@ (hmac-sha1 or hmac-md5). .Pp Protocol version 2 provides a public key based -user authentication method (DSAAuthentication) +user authentication method (PubkeyAuthentication) and conventional password authentication. .Pp .Ss Command execution and data forwarding @@ -162,6 +187,8 @@ log, and does not put itself in the background. The server also will not fork and will only process one connection. This option is only intended for debugging for the server. +Multiple -d options increases the debugging level. +Maximum is 3. .It Fl f Ar configuration_file Specifies the name of the configuration file. The default is @@ -170,17 +197,19 @@ refuses to start if there is no configuration file. .It Fl g Ar login_grace_time Gives the grace time for clients to authenticate themselves (default -300 seconds). +600 seconds). If the client fails to authenticate the user within this many seconds, the server disconnects and exits. A value of zero indicates no limit. .It Fl h Ar host_key_file -Specifies the file from which the RSA host key is read (default +Specifies the file from which the host key is read (default .Pa /etc/ssh_host_key ) . This option must be given if .Nm is not run as root (as the normal host file is normally not readable by anyone but root). +It is possible to have multiple host key files for +the different protocol versions. .It Fl i Specifies that .Nm @@ -211,15 +240,36 @@ Nothing is sent to the system log. Normally the beginning, authentication, and termination of each connection is logged. -.It Fl Q -Do not print an error message if RSA support is missing. +.It Fl u Ar len +This option is used to specify the size of the field +in the +.Li utmp +structure that holds the remote host name. +If the resolved host name is longer than +.Ar len , +the dotted decimal value will be used instead. +This allows hosts with very long host names that +overflow this field to still be uniquely identified. +Specifying +.Fl u0 +indicates that only dotted decimal addresses +should be put into the +.Pa utmp +file. +.It Fl D +When this option is specified +.Nm +will not detach and does not become a daemon. +This allows easy monitoring of +.Nm sshd . .It Fl V Ar client_protocol_id -SSH2 compatibility mode. +SSH-2 compatibility mode. When this option is specified .Nm assumes the client has sent the supplied version string and skips the Protocol Version Identification Exchange. +This option is not intended to be called directly. .It Fl 4 Forces .Nm @@ -248,20 +298,28 @@ Default is .Dq yes . .It Cm AllowGroups -This keyword can be followed by a number of group names, separated +This keyword can be followed by a list of group names, separated by spaces. If specified, login is allowed only for users whose primary -group matches one of the patterns. +group or supplementary group list matches one of the patterns. .Ql \&* and .Ql ? can be used as wildcards in the patterns. -Only group names are valid, a numerical group ID isn't recognized. -By default login is allowed regardless of the primary group. +Only group names are valid; a numerical group ID isn't recognized. +By default login is allowed regardless of the group list. .Pp +.It Cm AllowTcpForwarding +Specifies whether TCP forwarding is permitted. +The default is +.Dq yes . +Note that disabling TCP forwarding does not improve security unless +users are also denied shell access, as they can always install their +own forwarders. +.Pp .It Cm AllowUsers -This keyword can be followed by a number of user names, separated +This keyword can be followed by a list of user names, separated by spaces. If specified, login is allowed only for users names that match one of the patterns. @@ -270,14 +328,21 @@ .Ql ? can be used as wildcards in the patterns. -Only user names are valid, a numerical user ID isn't recognized. +Only user names are valid; a numerical user ID isn't recognized. By default login is allowed regardless of the user name. .Pp +.It Cm Banner +In some jurisdictions, sending a warning message before authentication +may be relevant for getting legal protection. +The contents of the specified file are sent to the remote user before +authentication is allowed. +This option is only available for protocol version 2. +.Pp .It Cm Ciphers Specifies the ciphers allowed for protocol version 2. Multiple ciphers must be comma-separated. The default is -.Dq 3des-cbc,blowfish-cbc,arcfour,cast128-cbc . +.Dq 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc . .It Cm CheckMail Specifies whether .Nm @@ -287,15 +352,15 @@ .It Cm DenyGroups This keyword can be followed by a number of group names, separated by spaces. -Users whose primary group matches one of the patterns -aren't allowed to log in. +Users whose primary group or supplementary group list matches +one of the patterns aren't allowed to log in. .Ql \&* and .Ql ? can be used as wildcards in the patterns. -Only group names are valid, a numerical group ID isn't recognized. -By default login is allowed regardless of the primary group. +Only group names are valid; a numerical group ID isn't recognized. +By default login is allowed regardless of the group list. .Pp .It Cm DenyUsers This keyword can be followed by a number of user names, separated @@ -305,10 +370,10 @@ and .Ql ? can be used as wildcards in the patterns. -Only user names are valid, a numerical user ID isn't recognized. +Only user names are valid; a numerical user ID isn't recognized. By default login is allowed regardless of the user name. -.It Cm DSAAuthentication -Specifies whether DSA authentication is allowed. +.It Cm PubkeyAuthentication +Specifies whether public key authentication is allowed. The default is .Dq yes . Note that this option applies to protocol version 2 only. @@ -321,20 +386,20 @@ .Dq no . The default is .Dq no . -.It Cm HostDsaKey -Specifies the file containing the private DSA host key (default -.Pa /etc/ssh_host_dsa_key ) -used by SSH protocol 2.0. -Note that -.Nm -disables protocol 2.0 if this file is group/world-accessible. .It Cm HostKey -Specifies the file containing the private RSA host key (default +Specifies the file containing the private host keys (default .Pa /etc/ssh_host_key ) -used by SSH protocols 1.3 and 1.5. +used by SSH protocol versions 1 and 2. Note that .Nm -disables protocols 1.3 and 1.5 if this file is group/world-accessible. +will refuse to use a file if it is group/world-accessible. +It is possible to have multiple host key files. +.Dq rsa1 +keys are used for version 1 and +.Dq dsa +or +.Dq rsa +are used for version 2 of the SSH protocol. .It Cm IgnoreRhosts Specifies that .Pa .rhosts @@ -384,14 +449,15 @@ .Cm PasswordAuthentication is yes, the password provided by the user will be validated through the Kerberos KDC. +To use this option, the server needs a +Kerberos servtab which allows the verification of the KDC's identity. Default is .Dq yes . .It Cm KerberosOrLocalPasswd If set then if password authentication through Kerberos fails then the password will be validated via any additional local mechanism such as -.Pa /etc/passwd -or SecurID. +.Pa /etc/passwd . Default is .Dq yes . .It Cm KerberosTgtPassing @@ -435,11 +501,47 @@ The default is INFO. Logging with level DEBUG violates the privacy of users and is not recommended. +.It Cm MACs +Specifies the available MAC (message authentication code) algorithms. +The MAC algorithm is used in protocol version 2 +for data integrity protection. +Multiple algorithms must be comma-separated. +The default is +.Pp +.Bd -literal + ``hmac-sha1,hmac-md5,hmac-ripemd160,hmac-ripemd160@openssh.com, + hmac-sha1-96,hmac-md5-96'' +.Ed +.It Cm MaxStartups +Specifies the maximum number of concurrent unauthenticated connections to the +.Nm +daemon. +Additional connections will be dropped until authentication succeeds or the +.Cm LoginGraceTime +expires for a connection. +The default is 10. +.Pp +Alternatively, random early drop can be enabled by specifying +the three colon separated values +.Dq start:rate:full +(e.g., "10:30:60"). +.Nm +will refuse connection attempts with a probability of +.Dq rate/100 +(30%) +if there are currently +.Dq start +(10) +unauthenticated connections. +The probability increases linearly and all connection attempts +are refused if the number of unauthenticated connections reaches +.Dq full +(60). .It Cm PasswordAuthentication Specifies whether password authentication is allowed. The default is .Dq yes . -Note that this option applies to both protocol version 1 and 2. +Note that this option applies to both protocol versions 1 and 2. .It Cm PermitEmptyPasswords When password authentication is allowed, it specifies whether the server allows login to accounts with empty password strings. @@ -450,21 +552,26 @@ .Xr ssh 1 . The argument must be .Dq yes , -.Dq without-password +.Dq without-password , +.Dq forced-commands-only or .Dq no . The default is .Dq yes . -If this options is set to +.Pp +If this option is set to .Dq without-password -only password authentication is disabled for root. +password authentication is disabled for root. .Pp -Root login with RSA authentication when the +If this option is set to +.Dq forced-commands-only +root login with public key authentication will be allowed, +but only if the .Ar command -option has been -specified will be allowed regardless of the value of this setting +option has been specified (which may be useful for taking remote backups even if root login is -normally not allowed). +normally not allowed). All other authentication methods are disabled +for root. .It Cm PidFile Specifies the file that contains the process identifier of the .Nm @@ -502,6 +609,14 @@ .It Cm RandomSeed Obsolete. Random number generation uses other techniques. +.It Cm ReverseMappingCheck +Specifies whether +.Nm +should try to verify the remote host name and check that +the resolved host name for the remote IP address maps back to the +very same IP address. +The default is +.Dq no . .It Cm RhostsAuthentication Specifies whether authentication using rhosts or /etc/hosts.equiv files is sufficient. @@ -525,15 +640,15 @@ .It Cm ServerKeyBits Defines the number of bits in the server key. The minimum value is 512, and the default is 768. -.It Cm SkeyAuthentication +.It Cm ChallengeResponseAuthentication Specifies whether -.Xr skey 1 +challenge reponse authentication is allowed. +Currently there is only support for +.Xr skey 1 +authentication. The default is .Dq yes . -Note that s/key authentication is enabled only if -.Cm PasswordAuthentication -is allowed, too. .It Cm StrictModes Specifies whether .Nm @@ -543,6 +658,17 @@ directory or files world-writable. The default is .Dq yes . +.It Cm Subsystem +Configures an external subsystem (e.g., file transfer daemon). +Arguments should be a subsystem name and a command to execute upon subsystem +request. +The command +.Xr sftp-server 8 +implements the +.Dq sftp +file transfer subsystem. +By default no subsystems are defined. +Note that this option applies to protocol version 2 only. .It Cm SyslogFacility Gives the facility code that is used when logging messages from .Nm sshd . @@ -552,7 +678,10 @@ .It Cm UseLogin Specifies whether .Xr login 1 -is used. +is used for interactive login sessions. +Note that +.Xr login 1 +is never used for remote command execution. The default is .Dq no . .It Cm X11DisplayOffset @@ -569,6 +698,12 @@ .Dq no . Note that disabling X11 forwarding does not improve security in any way, as users can always install their own forwarders. +.It Cm XAuthLocation +Specifies the location of the +.Xr xauth 1 +program. +The default is +.Pa /usr/X11R6/bin/xauth . .El .Sh LOGIN PROCESS When a user successfully logs in, @@ -622,29 +757,40 @@ permitted for RSA authentication in SSH protocols 1.3 and 1.5 Similarly, the .Pa $HOME/.ssh/authorized_keys2 -file lists the DSA keys that are -permitted for DSA authentication in SSH protocol 2.0. +file lists the DSA and RSA keys that are +permitted for public key authentication (PubkeyAuthentication) +in SSH protocol 2.0. +.Pp Each line of the file contains one key (empty lines and lines starting with a .Ql # are ignored as comments). -Each line consists of the following fields, separated by +Each RSA public key consists of the following fields, separated by spaces: options, bits, exponent, modulus, comment. -The options field -is optional; its presence is determined by whether the line starts +Each protocol version 2 public key consists of: +options, keytype, base64 encoded key, comment. +The options fields +are optional; its presence is determined by whether the line starts with a number or not (the option field never starts with a number). -The bits, exponent, modulus and comment fields give the RSA key; the +The bits, exponent, modulus and comment fields give the RSA key for +protocol version 1; the comment field is not used for anything (but may be convenient for the user to identify the key). +For protocol version 2 the keytype is +.Dq ssh-dss +or +.Dq ssh-rsa . .Pp Note that lines in this file are usually several hundred bytes long (because of the size of the RSA key modulus). You don't want to type them in; instead, copy the .Pa identity.pub +or the +.Pa id_dsa.pub file and edit it. .Pp -The options (if present) consists of comma-separated option +The options (if present) consist of comma-separated option specifications. No spaces are permitted, except within double quotes. The following option specifications are supported: @@ -675,6 +821,9 @@ The command supplied by the user (if any) is ignored. The command is run on a pty if the connection requests a pty; otherwise it is run without a tty. +Note that if you want a 8-bit clean channel, +you must not request a pty or should specify +.Cm no-pty . A quote may be included in the command by quoting it with a backslash. This option might be useful to restrict certain RSA keys to perform just a specific operation. @@ -718,7 +867,7 @@ files contain host public keys for all known hosts. The global file should be prepared by the administrator (optional), and the per-user file is -maintained automatically: whenever the user connects an unknown host +maintained automatically: whenever the user connects from an unknown host its key is added to the per-user file. .Pp Each line in these files contains the following fields: hostnames, @@ -787,13 +936,15 @@ the user so its contents can be copied to known hosts files. These two files are created using .Xr ssh-keygen 1 . +.It Pa /etc/primes +Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". .It Pa /var/run/sshd.pid Contains the process ID of the .Nm listening for connections (if there are several daemons running concurrently for different ports, this contains the pid of the one started last). -The contents of this file are not sensitive; it can be world-readable. +The content of this file is not sensitive; it can be world-readable. .It Pa $HOME/.ssh/authorized_keys Lists the RSA keys that can be used to log into the user's account. This file must be readable by root (which may on some machines imply @@ -821,7 +972,7 @@ authentication to check the public key of the host. The key must be listed in one of these files to be accepted. The client uses the same files -to verify that the remote host is the one we intended to connect. +to verify that the remote host is the one it intended to connect. These files should be writable only by root/the owner. .Pa /etc/ssh_known_hosts should be world-readable, and @@ -860,7 +1011,7 @@ .Pa .rhosts . However, this file is not used by rlogin and rshd, so using this permits access using SSH only. -.Pa /etc/hosts.equiv +.It Pa /etc/hosts.equiv This file is used during .Pa .rhosts authentication. @@ -940,48 +1091,23 @@ This can be used to specify machine-specific login-time initializations globally. This file should be writable only by root, and should be world-readable. -.Sh AUTHOR -OpenSSH -is a derivative of the original (free) ssh 1.2.12 release by Tatu Ylonen, -but with bugs removed and newer features re-added. -Rapidly after the -1.2.12 release, newer versions of the original ssh bore successively -more restrictive licenses, and thus demand for a free version was born. -.Pp -This version of OpenSSH -.Bl -bullet -.It -has all components of a restrictive nature (i.e., patents, see -.Xr ssl 8 ) -directly removed from the source code; any licensed or patented components -are chosen from -external libraries. -.It -has been updated to support SSH protocol 1.5 and 2, making it compatible with -all other SSH clients and servers. -.It -contains added support for -.Xr kerberos 8 -authentication and ticket passing. -.It -supports one-time password authentication with -.Xr skey 1 . .El -.Pp -The libraries described in -.Xr ssl 8 -are required for proper operation. -.Pp -OpenSSH has been created by Aaron Campbell, Bob Beck, Markus Friedl, -Niels Provos, Theo de Raadt, and Dug Song. -.Pp -The support for SSH protocol 2 was written by Markus Friedl. +.Sh AUTHORS +OpenSSH is a derivative of the original and free +ssh 1.2.12 release by Tatu Ylonen. +Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, +Theo de Raadt and Dug Song +removed many bugs, re-added newer features and +created OpenSSH. +Markus Friedl contributed the support for SSH +protocol versions 1.5 and 2.0. .Sh SEE ALSO .Xr scp 1 , +.Xr sftp 1 , +.Xr sftp-server 8 , .Xr ssh 1 , .Xr ssh-add 1 , .Xr ssh-agent 1 , .Xr ssh-keygen 1 , -.Xr ssl 8 , .Xr rlogin 1 , .Xr rsh 1