| version 1.40, 2005/03/18 17:05:00 |
version 1.40.2.2, 2006/02/03 02:53:46 |
|
|
| .Dq aes128-ctr , |
.Dq aes128-ctr , |
| .Dq aes192-ctr , |
.Dq aes192-ctr , |
| .Dq aes256-ctr , |
.Dq aes256-ctr , |
| |
.Dq arcfour128 , |
| |
.Dq arcfour256 , |
| .Dq arcfour , |
.Dq arcfour , |
| .Dq blowfish-cbc , |
.Dq blowfish-cbc , |
| and |
and |
| .Dq cast128-cbc . |
.Dq cast128-cbc . |
| The default is |
The default is |
| .Bd -literal |
.Bd -literal |
| ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, |
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, |
| aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr'' |
arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr, |
| |
aes192-ctr,aes256-ctr'' |
| .Ed |
.Ed |
| .It Cm ClientAliveInterval |
|
| Sets a timeout interval in seconds after which if no data has been received |
|
| from the client, |
|
| .Nm sshd |
|
| will send a message through the encrypted |
|
| channel to request a response from the client. |
|
| The default |
|
| is 0, indicating that these messages will not be sent to the client. |
|
| This option applies to protocol version 2 only. |
|
| .It Cm ClientAliveCountMax |
.It Cm ClientAliveCountMax |
| Sets the number of client alive messages (see above) which may be |
Sets the number of client alive messages (see below) which may be |
| sent without |
sent without |
| .Nm sshd |
.Nm sshd |
| receiving any messages back from the client. |
receiving any messages back from the client. |
|
|
| The default value is 3. |
The default value is 3. |
| If |
If |
| .Cm ClientAliveInterval |
.Cm ClientAliveInterval |
| (above) is set to 15, and |
(see below) is set to 15, and |
| .Cm ClientAliveCountMax |
.Cm ClientAliveCountMax |
| is left at the default, unresponsive ssh clients |
is left at the default, unresponsive ssh clients |
| will be disconnected after approximately 45 seconds. |
will be disconnected after approximately 45 seconds. |
| |
.It Cm ClientAliveInterval |
| |
Sets a timeout interval in seconds after which if no data has been received |
| |
from the client, |
| |
.Nm sshd |
| |
will send a message through the encrypted |
| |
channel to request a response from the client. |
| |
The default |
| |
is 0, indicating that these messages will not be sent to the client. |
| |
This option applies to protocol version 2 only. |
| .It Cm Compression |
.It Cm Compression |
| Specifies whether compression is allowed. |
Specifies whether compression is allowed, or delayed until |
| |
the user has authenticated successfully. |
| The argument must be |
The argument must be |
| .Dq yes |
.Dq yes , |
| |
.Dq delayed , |
| or |
or |
| .Dq no . |
.Dq no . |
| The default is |
The default is |
| .Dq yes . |
.Dq delayed . |
| .It Cm DenyGroups |
.It Cm DenyGroups |
| This keyword can be followed by a list of group name patterns, separated |
This keyword can be followed by a list of group name patterns, separated |
| by spaces. |
by spaces. |
|
|
| Specifies whether |
Specifies whether |
| .Nm sshd |
.Nm sshd |
| should ignore the user's |
should ignore the user's |
| .Pa $HOME/.ssh/known_hosts |
.Pa ~/.ssh/known_hosts |
| during |
during |
| .Cm RhostsRSAAuthentication |
.Cm RhostsRSAAuthentication |
| or |
or |
|
|
| Default is |
Default is |
| .Dq no . |
.Dq no . |
| .It Cm KerberosGetAFSToken |
.It Cm KerberosGetAFSToken |
| If AFS is active and the user has a Kerberos 5 TGT, attempt to aquire |
If AFS is active and the user has a Kerberos 5 TGT, attempt to acquire |
| an AFS token before accessing the user's home directory. |
an AFS token before accessing the user's home directory. |
| Default is |
Default is |
| .Dq no . |
.Dq no . |
|
|
| If this option is set to |
If this option is set to |
| .Dq no |
.Dq no |
| root is not allowed to log in. |
root is not allowed to log in. |
| |
.It Cm PermitTunnel |
| |
Specifies whether |
| |
.Xr tun 4 |
| |
device forwarding is allowed. |
| |
The argument must be |
| |
.Dq yes , |
| |
.Dq point-to-point , |
| |
.Dq ethernet |
| |
or |
| |
.Dq no . |
| |
The default is |
| |
.Dq no . |
| .It Cm PermitUserEnvironment |
.It Cm PermitUserEnvironment |
| Specifies whether |
Specifies whether |
| .Pa ~/.ssh/environment |
.Pa ~/.ssh/environment |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd_config.5 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh