| version 1.205, 2015/07/03 03:49:45 |
version 1.206, 2015/07/10 06:21:53 |
|
|
| .It Cm HostbasedAcceptedKeyTypes |
.It Cm HostbasedAcceptedKeyTypes |
| Specifies the key types that will be accepted for hostbased authentication |
Specifies the key types that will be accepted for hostbased authentication |
| as a comma-separated pattern list. |
as a comma-separated pattern list. |
| The default |
The default for this option is: |
| .Dq * |
.Bd -literal -offset 3n |
| will allow all key types. |
ecdsa-sha2-nistp256-cert-v01@openssh.com, |
| |
ecdsa-sha2-nistp384-cert-v01@openssh.com, |
| |
ecdsa-sha2-nistp521-cert-v01@openssh.com, |
| |
ssh-ed25519-cert-v01@openssh.com, |
| |
ssh-rsa-cert-v01@openssh.com, |
| |
ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
| |
ssh-ed25519,ssh-rsa |
| |
.Ed |
| |
.Pp |
| The |
The |
| .Fl Q |
.Fl Q |
| option of |
option of |
|
|
| and |
and |
| .Pa /etc/ssh/ssh_host_rsa_key |
.Pa /etc/ssh/ssh_host_rsa_key |
| for protocol version 2. |
for protocol version 2. |
| |
.Pp |
| Note that |
Note that |
| .Xr sshd 8 |
.Xr sshd 8 |
| will refuse to use a file if it is group/world-accessible. |
will refuse to use a file if it is group/world-accessible |
| |
and that the |
| |
.Cm HostKeyAlgorithms |
| |
option restricts which of the keys are actually used by |
| |
.Xr sshd 8 . |
| |
.Pp |
| It is possible to have multiple host key files. |
It is possible to have multiple host key files. |
| .Dq rsa1 |
.Dq rsa1 |
| keys are used for version 1 and |
keys are used for version 1 and |
|
|
| is specified, the location of the socket will be read from the |
is specified, the location of the socket will be read from the |
| .Ev SSH_AUTH_SOCK |
.Ev SSH_AUTH_SOCK |
| environment variable. |
environment variable. |
| |
.It Cm HostKeyAlgorithms |
| |
Specifies the protocol version 2 host key algorithms |
| |
that the server offers. |
| |
The default for this option is: |
| |
.Bd -literal -offset 3n |
| |
ecdsa-sha2-nistp256-cert-v01@openssh.com, |
| |
ecdsa-sha2-nistp384-cert-v01@openssh.com, |
| |
ecdsa-sha2-nistp521-cert-v01@openssh.com, |
| |
ssh-ed25519-cert-v01@openssh.com, |
| |
ssh-rsa-cert-v01@openssh.com, |
| |
ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
| |
ssh-ed25519,ssh-rsa |
| |
.Ed |
| |
.Pp |
| |
The list of available key types may also be obtained using the |
| |
.Fl Q |
| |
option of |
| |
.Xr ssh 1 |
| |
with an argument of |
| |
.Dq key . |
| .It Cm IgnoreRhosts |
.It Cm IgnoreRhosts |
| Specifies that |
Specifies that |
| .Pa .rhosts |
.Pa .rhosts |
|
|
| .It Cm PubkeyAcceptedKeyTypes |
.It Cm PubkeyAcceptedKeyTypes |
| Specifies the key types that will be accepted for public key authentication |
Specifies the key types that will be accepted for public key authentication |
| as a comma-separated pattern list. |
as a comma-separated pattern list. |
| The default |
The default for this option is: |
| .Dq * |
.Bd -literal -offset 3n |
| will allow all key types. |
ecdsa-sha2-nistp256-cert-v01@openssh.com, |
| |
ecdsa-sha2-nistp384-cert-v01@openssh.com, |
| |
ecdsa-sha2-nistp521-cert-v01@openssh.com, |
| |
ssh-ed25519-cert-v01@openssh.com, |
| |
ssh-rsa-cert-v01@openssh.com, |
| |
ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
| |
ssh-ed25519,ssh-rsa |
| |
.Ed |
| |
.Pp |
| The |
The |
| .Fl Q |
.Fl Q |
| option of |
option of |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd_config.5 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh