| version 1.160, 2013/05/16 06:30:06 |
version 1.161, 2013/06/27 14:05:37 |
|
|
| and finally |
and finally |
| .Cm AllowGroups . |
.Cm AllowGroups . |
| .Pp |
.Pp |
| See |
See PATTERNS in |
| .Sx PATTERNS |
|
| in |
|
| .Xr ssh_config 5 |
.Xr ssh_config 5 |
| for more information on patterns. |
for more information on patterns. |
| .It Cm AllowTcpForwarding |
.It Cm AllowTcpForwarding |
|
|
| and finally |
and finally |
| .Cm AllowGroups . |
.Cm AllowGroups . |
| .Pp |
.Pp |
| See |
See PATTERNS in |
| .Sx PATTERNS |
|
| in |
|
| .Xr ssh_config 5 |
.Xr ssh_config 5 |
| for more information on patterns. |
for more information on patterns. |
| .It Cm AuthenticationMethods |
.It Cm AuthenticationMethods |
|
|
| The program must be owned by root and not writable by group or others. |
The program must be owned by root and not writable by group or others. |
| It will be invoked with a single argument of the username |
It will be invoked with a single argument of the username |
| being authenticated, and should produce on standard output zero or |
being authenticated, and should produce on standard output zero or |
| more lines of authorized_keys output (see |
more lines of authorized_keys output (see AUTHORIZED_KEYS in |
| .Sx AUTHORIZED_KEYS |
|
| in |
|
| .Xr sshd 8 ) . |
.Xr sshd 8 ) . |
| If a key supplied by AuthorizedKeysCommand does not successfully authenticate |
If a key supplied by AuthorizedKeysCommand does not successfully authenticate |
| and authorize the user then public key authentication continues using the usual |
and authorize the user then public key authentication continues using the usual |
|
|
| Specifies the file that contains the public keys that can be used |
Specifies the file that contains the public keys that can be used |
| for user authentication. |
for user authentication. |
| The format is described in the |
The format is described in the |
| .Sx AUTHORIZED_KEYS FILE FORMAT |
AUTHORIZED_KEYS FILE FORMAT |
| section of |
section of |
| .Xr sshd 8 . |
.Xr sshd 8 . |
| .Cm AuthorizedKeysFile |
.Cm AuthorizedKeysFile |
|
|
| this file lists names, one of which must appear in the certificate for it |
this file lists names, one of which must appear in the certificate for it |
| to be accepted for authentication. |
to be accepted for authentication. |
| Names are listed one per line preceded by key options (as described |
Names are listed one per line preceded by key options (as described |
| in |
in AUTHORIZED_KEYS FILE FORMAT in |
| .Sx AUTHORIZED_KEYS FILE FORMAT |
|
| in |
|
| .Xr sshd 8 ) . |
.Xr sshd 8 ) . |
| Empty lines and comments starting with |
Empty lines and comments starting with |
| .Ql # |
.Ql # |
|
|
| and finally |
and finally |
| .Cm AllowGroups . |
.Cm AllowGroups . |
| .Pp |
.Pp |
| See |
See PATTERNS in |
| .Sx PATTERNS |
|
| in |
|
| .Xr ssh_config 5 |
.Xr ssh_config 5 |
| for more information on patterns. |
for more information on patterns. |
| .It Cm DenyUsers |
.It Cm DenyUsers |
|
|
| and finally |
and finally |
| .Cm AllowGroups . |
.Cm AllowGroups . |
| .Pp |
.Pp |
| See |
See PATTERNS in |
| .Sx PATTERNS |
|
| in |
|
| .Xr ssh_config 5 |
.Xr ssh_config 5 |
| for more information on patterns. |
for more information on patterns. |
| .It Cm ForceCommand |
.It Cm ForceCommand |
|
|
| .Cm Address . |
.Cm Address . |
| The match patterns may consist of single entries or comma-separated |
The match patterns may consist of single entries or comma-separated |
| lists and may use the wildcard and negation operators described in the |
lists and may use the wildcard and negation operators described in the |
| .Sx PATTERNS |
PATTERNS section of |
| section of |
|
| .Xr ssh_config 5 . |
.Xr ssh_config 5 . |
| .Pp |
.Pp |
| The patterns in an |
The patterns in an |
|
|
| Keys may be specified as a text file, listing one public key per line, or as |
Keys may be specified as a text file, listing one public key per line, or as |
| an OpenSSH Key Revocation List (KRL) as generated by |
an OpenSSH Key Revocation List (KRL) as generated by |
| .Xr ssh-keygen 1 . |
.Xr ssh-keygen 1 . |
| For more information on KRLs, see the |
For more information on KRLs, see the KEY REVOCATION LISTS section in |
| .Sx KEY REVOCATION LISTS |
|
| section in |
|
| .Xr ssh-keygen 1 . |
.Xr ssh-keygen 1 . |
| .It Cm RhostsRSAAuthentication |
.It Cm RhostsRSAAuthentication |
| Specifies whether rhosts or /etc/hosts.equiv authentication together |
Specifies whether rhosts or /etc/hosts.equiv authentication together |
|
|
| Note that certificates that lack a list of principals will not be permitted |
Note that certificates that lack a list of principals will not be permitted |
| for authentication using |
for authentication using |
| .Cm TrustedUserCAKeys . |
.Cm TrustedUserCAKeys . |
| For more details on certificates, see the |
For more details on certificates, see the CERTIFICATES section in |
| .Sx CERTIFICATES |
|
| section in |
|
| .Xr ssh-keygen 1 . |
.Xr ssh-keygen 1 . |
| .It Cm UseDNS |
.It Cm UseDNS |
| Specifies whether |
Specifies whether |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd_config.5 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh