| version 1.14, 2003/01/23 08:58:47 |
version 1.14.2.1, 2003/05/11 12:01:52 |
|
|
| forwarded for the client. |
forwarded for the client. |
| By default, |
By default, |
| .Nm sshd |
.Nm sshd |
| binds remote port forwardings to the loopback address. This |
binds remote port forwardings to the loopback address. |
| prevents other remote hosts from connecting to forwarded ports. |
This prevents other remote hosts from connecting to forwarded ports. |
| .Cm GatewayPorts |
.Cm GatewayPorts |
| can be used to specify that |
can be used to specify that |
| .Nm sshd |
.Nm sshd |
|
|
| will listen on the address and all prior |
will listen on the address and all prior |
| .Cm Port |
.Cm Port |
| options specified. The default is to listen on all local |
options specified. The default is to listen on all local |
| addresses. Multiple |
addresses. |
| |
Multiple |
| .Cm ListenAddress |
.Cm ListenAddress |
| options are permitted. Additionally, any |
options are permitted. Additionally, any |
| .Cm Port |
.Cm Port |
|
|
| .Nm sshd . |
.Nm sshd . |
| The possible values are: |
The possible values are: |
| QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. |
QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. |
| The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2 |
The default is INFO. |
| and DEBUG3 each specify higher levels of debugging output. |
DEBUG and DEBUG1 are equivalent. |
| Logging with a DEBUG level violates the privacy of users |
DEBUG2 and DEBUG3 each specify higher levels of debugging output. |
| and is not recommended. |
Logging with a DEBUG level violates the privacy of users and is not recommended. |
| .It Cm MACs |
.It Cm MACs |
| Specifies the available MAC (message authentication code) algorithms. |
Specifies the available MAC (message authentication code) algorithms. |
| The MAC algorithm is used in protocol version 2 |
The MAC algorithm is used in protocol version 2 |
|
|
| .Xr login 1 |
.Xr login 1 |
| does not know how to handle |
does not know how to handle |
| .Xr xauth 1 |
.Xr xauth 1 |
| cookies. If |
cookies. |
| |
If |
| .Cm UsePrivilegeSeparation |
.Cm UsePrivilegeSeparation |
| is specified, it will be disabled after authentication. |
is specified, it will be disabled after authentication. |
| .It Cm UsePrivilegeSeparation |
.It Cm UsePrivilegeSeparation |
| Specifies whether |
Specifies whether |
| .Nm sshd |
.Nm sshd |
| separates privileges by creating an unprivileged child process |
separates privileges by creating an unprivileged child process |
| to deal with incoming network traffic. After successful authentication, |
to deal with incoming network traffic. |
| another process will be created that has the privilege of the authenticated |
After successful authentication, another process will be created that has |
| user. The goal of privilege separation is to prevent privilege |
the privilege of the authenticated user. |
| |
The goal of privilege separation is to prevent privilege |
| escalation by containing any corruption within the unprivileged processes. |
escalation by containing any corruption within the unprivileged processes. |
| The default is |
The default is |
| .Dq yes . |
.Dq yes . |
|
|
| Specifies whether |
Specifies whether |
| .Nm sshd |
.Nm sshd |
| should bind the X11 forwarding server to the loopback address or to |
should bind the X11 forwarding server to the loopback address or to |
| the wildcard address. By default, |
the wildcard address. |
| |
By default, |
| .Nm sshd |
.Nm sshd |
| binds the forwarding server to the loopback address and sets the |
binds the forwarding server to the loopback address and sets the |
| hostname part of the |
hostname part of the |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd_config.5 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh