Annotation of src/usr.bin/ssh/sshd_config.5, Revision 1.14.2.3
1.1 stevesk 1: .\" -*- nroff -*-
2: .\"
3: .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4: .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5: .\" All rights reserved
6: .\"
7: .\" As far as I am concerned, the code I have written for this software
8: .\" can be used freely for any purpose. Any derived versions of this
9: .\" software must be clearly marked as such, and if the derived work is
10: .\" incompatible with the protocol description in the RFC file, it must be
11: .\" called by a name other than "ssh" or "Secure Shell".
12: .\"
13: .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
14: .\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
15: .\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
16: .\"
17: .\" Redistribution and use in source and binary forms, with or without
18: .\" modification, are permitted provided that the following conditions
19: .\" are met:
20: .\" 1. Redistributions of source code must retain the above copyright
21: .\" notice, this list of conditions and the following disclaimer.
22: .\" 2. Redistributions in binary form must reproduce the above copyright
23: .\" notice, this list of conditions and the following disclaimer in the
24: .\" documentation and/or other materials provided with the distribution.
25: .\"
26: .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
27: .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
28: .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
29: .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
30: .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
31: .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
32: .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
33: .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
34: .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35: .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36: .\"
1.14.2.3! brad 37: .\" $OpenBSD: sshd_config.5,v 1.28 2004/02/17 19:35:21 jmc Exp $
1.1 stevesk 38: .Dd September 25, 1999
39: .Dt SSHD_CONFIG 5
40: .Os
41: .Sh NAME
42: .Nm sshd_config
43: .Nd OpenSSH SSH daemon configuration file
44: .Sh SYNOPSIS
45: .Bl -tag -width Ds -compact
46: .It Pa /etc/ssh/sshd_config
47: .El
48: .Sh DESCRIPTION
49: .Nm sshd
50: reads configuration data from
51: .Pa /etc/ssh/sshd_config
52: (or the file specified with
53: .Fl f
54: on the command line).
55: The file contains keyword-argument pairs, one per line.
56: Lines starting with
57: .Ql #
58: and empty lines are interpreted as comments.
59: .Pp
60: The possible
61: keywords and their meanings are as follows (note that
62: keywords are case-insensitive and arguments are case-sensitive):
63: .Bl -tag -width Ds
64: .It Cm AllowGroups
65: This keyword can be followed by a list of group name patterns, separated
66: by spaces.
67: If specified, login is allowed only for users whose primary
68: group or supplementary group list matches one of the patterns.
69: .Ql \&*
70: and
1.14.2.2 brad 71: .Ql \&?
1.1 stevesk 72: can be used as
73: wildcards in the patterns.
74: Only group names are valid; a numerical group ID is not recognized.
75: By default, login is allowed for all groups.
76: .Pp
77: .It Cm AllowTcpForwarding
78: Specifies whether TCP forwarding is permitted.
79: The default is
80: .Dq yes .
81: Note that disabling TCP forwarding does not improve security unless
82: users are also denied shell access, as they can always install their
83: own forwarders.
84: .Pp
85: .It Cm AllowUsers
86: This keyword can be followed by a list of user name patterns, separated
87: by spaces.
1.14 jmc 88: If specified, login is allowed only for user names that
1.1 stevesk 89: match one of the patterns.
90: .Ql \&*
91: and
1.14.2.2 brad 92: .Ql \&?
1.1 stevesk 93: can be used as
94: wildcards in the patterns.
95: Only user names are valid; a numerical user ID is not recognized.
96: By default, login is allowed for all users.
97: If the pattern takes the form USER@HOST then USER and HOST
98: are separately checked, restricting logins to particular
99: users from particular hosts.
100: .Pp
101: .It Cm AuthorizedKeysFile
102: Specifies the file that contains the public keys that can be used
103: for user authentication.
104: .Cm AuthorizedKeysFile
105: may contain tokens of the form %T which are substituted during connection
1.14.2.2 brad 106: set-up.
107: The following tokens are defined: %% is replaced by a literal '%',
1.1 stevesk 108: %h is replaced by the home directory of the user being authenticated and
109: %u is replaced by the username of that user.
110: After expansion,
111: .Cm AuthorizedKeysFile
112: is taken to be an absolute path or one relative to the user's home
113: directory.
114: The default is
115: .Dq .ssh/authorized_keys .
116: .It Cm Banner
117: In some jurisdictions, sending a warning message before authentication
118: may be relevant for getting legal protection.
119: The contents of the specified file are sent to the remote user before
120: authentication is allowed.
121: This option is only available for protocol version 2.
122: By default, no banner is displayed.
123: .Pp
124: .It Cm ChallengeResponseAuthentication
125: Specifies whether challenge response authentication is allowed.
126: All authentication styles from
127: .Xr login.conf 5
128: are supported.
129: The default is
130: .Dq yes .
131: .It Cm Ciphers
132: Specifies the ciphers allowed for protocol version 2.
133: Multiple ciphers must be comma-separated.
134: The default is
135: .Pp
136: .Bd -literal
137: ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
1.14.2.2 brad 138: aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr''
1.1 stevesk 139: .Ed
140: .It Cm ClientAliveInterval
141: Sets a timeout interval in seconds after which if no data has been received
142: from the client,
143: .Nm sshd
144: will send a message through the encrypted
145: channel to request a response from the client.
146: The default
147: is 0, indicating that these messages will not be sent to the client.
148: This option applies to protocol version 2 only.
149: .It Cm ClientAliveCountMax
150: Sets the number of client alive messages (see above) which may be
151: sent without
152: .Nm sshd
1.14.2.2 brad 153: receiving any messages back from the client.
154: If this threshold is reached while client alive messages are being sent,
1.1 stevesk 155: .Nm sshd
1.14.2.2 brad 156: will disconnect the client, terminating the session.
157: It is important to note that the use of client alive messages is very
158: different from
1.14.2.3! brad 159: .Cm TCPKeepAlive
1.14.2.2 brad 160: (below).
161: The client alive messages are sent through the encrypted channel
162: and therefore will not be spoofable.
163: The TCP keepalive option enabled by
1.14.2.3! brad 164: .Cm TCPKeepAlive
1.14.2.2 brad 165: is spoofable.
166: The client alive mechanism is valuable when the client or
1.1 stevesk 167: server depend on knowing when a connection has become inactive.
168: .Pp
1.14.2.2 brad 169: The default value is 3.
170: If
1.1 stevesk 171: .Cm ClientAliveInterval
172: (above) is set to 15, and
173: .Cm ClientAliveCountMax
174: is left at the default, unresponsive ssh clients
175: will be disconnected after approximately 45 seconds.
1.3 markus 176: .It Cm Compression
177: Specifies whether compression is allowed.
178: The argument must be
179: .Dq yes
180: or
181: .Dq no .
182: The default is
183: .Dq yes .
1.1 stevesk 184: .It Cm DenyGroups
185: This keyword can be followed by a list of group name patterns, separated
186: by spaces.
187: Login is disallowed for users whose primary group or supplementary
188: group list matches one of the patterns.
189: .Ql \&*
190: and
1.14.2.2 brad 191: .Ql \&?
1.1 stevesk 192: can be used as
193: wildcards in the patterns.
194: Only group names are valid; a numerical group ID is not recognized.
195: By default, login is allowed for all groups.
196: .Pp
197: .It Cm DenyUsers
198: This keyword can be followed by a list of user name patterns, separated
199: by spaces.
200: Login is disallowed for user names that match one of the patterns.
201: .Ql \&*
202: and
1.14.2.2 brad 203: .Ql \&?
1.1 stevesk 204: can be used as wildcards in the patterns.
205: Only user names are valid; a numerical user ID is not recognized.
206: By default, login is allowed for all users.
207: If the pattern takes the form USER@HOST then USER and HOST
208: are separately checked, restricting logins to particular
209: users from particular hosts.
210: .It Cm GatewayPorts
211: Specifies whether remote hosts are allowed to connect to ports
212: forwarded for the client.
213: By default,
214: .Nm sshd
1.14.2.1 margarid 215: binds remote port forwardings to the loopback address.
216: This prevents other remote hosts from connecting to forwarded ports.
1.1 stevesk 217: .Cm GatewayPorts
218: can be used to specify that
219: .Nm sshd
220: should bind remote port forwardings to the wildcard address,
221: thus allowing remote hosts to connect to forwarded ports.
222: The argument must be
223: .Dq yes
224: or
225: .Dq no .
226: The default is
227: .Dq no .
1.14.2.2 brad 228: .It Cm GSSAPIAuthentication
229: Specifies whether user authentication based on GSSAPI is allowed.
1.14.2.3! brad 230: The default is
1.14.2.2 brad 231: .Dq no .
232: Note that this option applies to protocol version 2 only.
233: .It Cm GSSAPICleanupCredentials
234: Specifies whether to automatically destroy the user's credentials cache
235: on logout.
236: The default is
237: .Dq yes .
238: Note that this option applies to protocol version 2 only.
1.1 stevesk 239: .It Cm HostbasedAuthentication
240: Specifies whether rhosts or /etc/hosts.equiv authentication together
241: with successful public key client host authentication is allowed
242: (hostbased authentication).
243: This option is similar to
244: .Cm RhostsRSAAuthentication
245: and applies to protocol version 2 only.
246: The default is
247: .Dq no .
248: .It Cm HostKey
249: Specifies a file containing a private host key
250: used by SSH.
251: The default is
252: .Pa /etc/ssh/ssh_host_key
253: for protocol version 1, and
254: .Pa /etc/ssh/ssh_host_rsa_key
255: and
256: .Pa /etc/ssh/ssh_host_dsa_key
257: for protocol version 2.
258: Note that
259: .Nm sshd
260: will refuse to use a file if it is group/world-accessible.
261: It is possible to have multiple host key files.
262: .Dq rsa1
263: keys are used for version 1 and
264: .Dq dsa
265: or
266: .Dq rsa
267: are used for version 2 of the SSH protocol.
268: .It Cm IgnoreRhosts
269: Specifies that
270: .Pa .rhosts
271: and
272: .Pa .shosts
273: files will not be used in
274: .Cm RhostsRSAAuthentication
275: or
276: .Cm HostbasedAuthentication .
277: .Pp
278: .Pa /etc/hosts.equiv
279: and
280: .Pa /etc/shosts.equiv
281: are still used.
282: The default is
283: .Dq yes .
284: .It Cm IgnoreUserKnownHosts
285: Specifies whether
286: .Nm sshd
287: should ignore the user's
288: .Pa $HOME/.ssh/known_hosts
289: during
290: .Cm RhostsRSAAuthentication
291: or
292: .Cm HostbasedAuthentication .
293: The default is
294: .Dq no .
295: .It Cm KerberosAuthentication
1.14.2.2 brad 296: Specifies whether the password provided by the user for
1.1 stevesk 297: .Cm PasswordAuthentication
1.14.2.2 brad 298: will be validated through the Kerberos KDC.
1.1 stevesk 299: To use this option, the server needs a
300: Kerberos servtab which allows the verification of the KDC's identity.
301: Default is
302: .Dq no .
303: .It Cm KerberosOrLocalPasswd
304: If set then if password authentication through Kerberos fails then
305: the password will be validated via any additional local mechanism
306: such as
307: .Pa /etc/passwd .
308: Default is
309: .Dq yes .
310: .It Cm KerberosTicketCleanup
311: Specifies whether to automatically destroy the user's ticket cache
312: file on logout.
313: Default is
314: .Dq yes .
315: .It Cm KeyRegenerationInterval
316: In protocol version 1, the ephemeral server key is automatically regenerated
317: after this many seconds (if it has been used).
318: The purpose of regeneration is to prevent
319: decrypting captured sessions by later breaking into the machine and
320: stealing the keys.
321: The key is never stored anywhere.
322: If the value is 0, the key is never regenerated.
323: The default is 3600 (seconds).
324: .It Cm ListenAddress
325: Specifies the local addresses
326: .Nm sshd
327: should listen on.
328: The following forms may be used:
329: .Pp
330: .Bl -item -offset indent -compact
331: .It
332: .Cm ListenAddress
333: .Sm off
334: .Ar host No | Ar IPv4_addr No | Ar IPv6_addr
335: .Sm on
336: .It
337: .Cm ListenAddress
338: .Sm off
339: .Ar host No | Ar IPv4_addr No : Ar port
340: .Sm on
341: .It
342: .Cm ListenAddress
343: .Sm off
344: .Oo
345: .Ar host No | Ar IPv6_addr Oc : Ar port
346: .Sm on
347: .El
348: .Pp
349: If
350: .Ar port
351: is not specified,
352: .Nm sshd
353: will listen on the address and all prior
354: .Cm Port
1.14.2.2 brad 355: options specified.
356: The default is to listen on all local addresses.
1.14.2.1 margarid 357: Multiple
1.1 stevesk 358: .Cm ListenAddress
1.14.2.2 brad 359: options are permitted.
360: Additionally, any
1.1 stevesk 361: .Cm Port
362: options must precede this option for non port qualified addresses.
363: .It Cm LoginGraceTime
364: The server disconnects after this time if the user has not
365: successfully logged in.
366: If the value is 0, there is no time limit.
1.12 stevesk 367: The default is 120 seconds.
1.1 stevesk 368: .It Cm LogLevel
369: Gives the verbosity level that is used when logging messages from
370: .Nm sshd .
371: The possible values are:
372: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.
1.14.2.1 margarid 373: The default is INFO.
374: DEBUG and DEBUG1 are equivalent.
375: DEBUG2 and DEBUG3 each specify higher levels of debugging output.
376: Logging with a DEBUG level violates the privacy of users and is not recommended.
1.1 stevesk 377: .It Cm MACs
378: Specifies the available MAC (message authentication code) algorithms.
379: The MAC algorithm is used in protocol version 2
380: for data integrity protection.
381: Multiple algorithms must be comma-separated.
382: The default is
383: .Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 .
384: .It Cm MaxStartups
385: Specifies the maximum number of concurrent unauthenticated connections to the
386: .Nm sshd
387: daemon.
388: Additional connections will be dropped until authentication succeeds or the
389: .Cm LoginGraceTime
390: expires for a connection.
391: The default is 10.
392: .Pp
393: Alternatively, random early drop can be enabled by specifying
394: the three colon separated values
395: .Dq start:rate:full
396: (e.g., "10:30:60").
397: .Nm sshd
398: will refuse connection attempts with a probability of
399: .Dq rate/100
400: (30%)
401: if there are currently
402: .Dq start
403: (10)
404: unauthenticated connections.
405: The probability increases linearly and all connection attempts
406: are refused if the number of unauthenticated connections reaches
407: .Dq full
408: (60).
409: .It Cm PasswordAuthentication
410: Specifies whether password authentication is allowed.
411: The default is
412: .Dq yes .
413: .It Cm PermitEmptyPasswords
414: When password authentication is allowed, it specifies whether the
415: server allows login to accounts with empty password strings.
416: The default is
417: .Dq no .
418: .It Cm PermitRootLogin
419: Specifies whether root can login using
420: .Xr ssh 1 .
421: The argument must be
422: .Dq yes ,
423: .Dq without-password ,
424: .Dq forced-commands-only
425: or
426: .Dq no .
427: The default is
428: .Dq yes .
429: .Pp
430: If this option is set to
431: .Dq without-password
432: password authentication is disabled for root.
433: .Pp
434: If this option is set to
435: .Dq forced-commands-only
436: root login with public key authentication will be allowed,
437: but only if the
438: .Ar command
439: option has been specified
440: (which may be useful for taking remote backups even if root login is
1.14.2.2 brad 441: normally not allowed).
442: All other authentication methods are disabled for root.
1.1 stevesk 443: .Pp
444: If this option is set to
445: .Dq no
446: root is not allowed to login.
1.6 markus 447: .It Cm PermitUserEnvironment
448: Specifies whether
449: .Pa ~/.ssh/environment
1.9 stevesk 450: and
1.6 markus 451: .Cm environment=
452: options in
453: .Pa ~/.ssh/authorized_keys
1.9 stevesk 454: are processed by
455: .Nm sshd .
1.6 markus 456: The default is
457: .Dq no .
1.9 stevesk 458: Enabling environment processing may enable users to bypass access
459: restrictions in some configurations using mechanisms such as
460: .Ev LD_PRELOAD .
1.1 stevesk 461: .It Cm PidFile
1.4 stevesk 462: Specifies the file that contains the process ID of the
1.1 stevesk 463: .Nm sshd
464: daemon.
465: The default is
466: .Pa /var/run/sshd.pid .
467: .It Cm Port
468: Specifies the port number that
469: .Nm sshd
470: listens on.
471: The default is 22.
472: Multiple options of this type are permitted.
473: See also
474: .Cm ListenAddress .
475: .It Cm PrintLastLog
476: Specifies whether
477: .Nm sshd
478: should print the date and time when the user last logged in.
479: The default is
480: .Dq yes .
481: .It Cm PrintMotd
482: Specifies whether
483: .Nm sshd
484: should print
485: .Pa /etc/motd
486: when a user logs in interactively.
487: (On some systems it is also printed by the shell,
488: .Pa /etc/profile ,
489: or equivalent.)
490: The default is
491: .Dq yes .
492: .It Cm Protocol
493: Specifies the protocol versions
494: .Nm sshd
1.5 stevesk 495: supports.
1.1 stevesk 496: The possible values are
497: .Dq 1
498: and
499: .Dq 2 .
500: Multiple versions must be comma-separated.
501: The default is
502: .Dq 2,1 .
1.5 stevesk 503: Note that the order of the protocol list does not indicate preference,
504: because the client selects among multiple protocol versions offered
505: by the server.
506: Specifying
507: .Dq 2,1
508: is identical to
509: .Dq 1,2 .
1.1 stevesk 510: .It Cm PubkeyAuthentication
511: Specifies whether public key authentication is allowed.
512: The default is
513: .Dq yes .
514: Note that this option applies to protocol version 2 only.
515: .It Cm RhostsRSAAuthentication
516: Specifies whether rhosts or /etc/hosts.equiv authentication together
517: with successful RSA host authentication is allowed.
518: The default is
519: .Dq no .
520: This option applies to protocol version 1 only.
521: .It Cm RSAAuthentication
522: Specifies whether pure RSA authentication is allowed.
523: The default is
524: .Dq yes .
525: This option applies to protocol version 1 only.
526: .It Cm ServerKeyBits
527: Defines the number of bits in the ephemeral protocol version 1 server key.
528: The minimum value is 512, and the default is 768.
529: .It Cm StrictModes
530: Specifies whether
531: .Nm sshd
532: should check file modes and ownership of the
533: user's files and home directory before accepting login.
534: This is normally desirable because novices sometimes accidentally leave their
535: directory or files world-writable.
536: The default is
537: .Dq yes .
538: .It Cm Subsystem
539: Configures an external subsystem (e.g., file transfer daemon).
540: Arguments should be a subsystem name and a command to execute upon subsystem
541: request.
542: The command
543: .Xr sftp-server 8
544: implements the
545: .Dq sftp
546: file transfer subsystem.
547: By default no subsystems are defined.
548: Note that this option applies to protocol version 2 only.
549: .It Cm SyslogFacility
550: Gives the facility code that is used when logging messages from
551: .Nm sshd .
552: The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
553: LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
554: The default is AUTH.
1.14.2.3! brad 555: .It Cm TCPKeepAlive
! 556: Specifies whether the system should send TCP keepalive messages to the
! 557: other side.
! 558: If they are sent, death of the connection or crash of one
! 559: of the machines will be properly noticed.
! 560: However, this means that
! 561: connections will die if the route is down temporarily, and some people
! 562: find it annoying.
! 563: On the other hand, if TCP keepalives are not sent,
! 564: sessions may hang indefinitely on the server, leaving
! 565: .Dq ghost
! 566: users and consuming server resources.
! 567: .Pp
! 568: The default is
! 569: .Dq yes
! 570: (to send TCP keepalive messages), and the server will notice
! 571: if the network goes down or the client host crashes.
! 572: This avoids infinitely hanging sessions.
! 573: .Pp
! 574: To disable TCP keepalive messages, the value should be set to
! 575: .Dq no .
1.14.2.2 brad 576: .It Cm UseDNS
577: Specifies whether
578: .Nm sshd
579: should lookup the remote host name and check that
580: the resolved host name for the remote IP address maps back to the
581: very same IP address.
582: The default is
583: .Dq yes .
1.1 stevesk 584: .It Cm UseLogin
585: Specifies whether
586: .Xr login 1
587: is used for interactive login sessions.
588: The default is
589: .Dq no .
590: Note that
591: .Xr login 1
592: is never used for remote command execution.
593: Note also, that if this is enabled,
594: .Cm X11Forwarding
595: will be disabled because
596: .Xr login 1
597: does not know how to handle
598: .Xr xauth 1
1.14.2.1 margarid 599: cookies.
600: If
1.1 stevesk 601: .Cm UsePrivilegeSeparation
602: is specified, it will be disabled after authentication.
603: .It Cm UsePrivilegeSeparation
604: Specifies whether
605: .Nm sshd
1.2 stevesk 606: separates privileges by creating an unprivileged child process
1.14.2.1 margarid 607: to deal with incoming network traffic.
608: After successful authentication, another process will be created that has
609: the privilege of the authenticated user.
610: The goal of privilege separation is to prevent privilege
1.1 stevesk 611: escalation by containing any corruption within the unprivileged processes.
612: The default is
613: .Dq yes .
614: .It Cm X11DisplayOffset
615: Specifies the first display number available for
616: .Nm sshd Ns 's
617: X11 forwarding.
618: This prevents
619: .Nm sshd
620: from interfering with real X11 servers.
621: The default is 10.
622: .It Cm X11Forwarding
623: Specifies whether X11 forwarding is permitted.
1.13 stevesk 624: The argument must be
625: .Dq yes
626: or
627: .Dq no .
1.1 stevesk 628: The default is
629: .Dq no .
1.13 stevesk 630: .Pp
631: When X11 forwarding is enabled, there may be additional exposure to
632: the server and to client displays if the
633: .Nm sshd
634: proxy display is configured to listen on the wildcard address (see
635: .Cm X11UseLocalhost
636: below), however this is not the default.
637: Additionally, the authentication spoofing and authentication data
638: verification and substitution occur on the client side.
639: The security risk of using X11 forwarding is that the client's X11
640: display server may be exposed to attack when the ssh client requests
641: forwarding (see the warnings for
642: .Cm ForwardX11
643: in
1.14.2.2 brad 644: .Xr ssh_config 5 ) .
1.13 stevesk 645: A system administrator may have a stance in which they want to
646: protect clients that may expose themselves to attack by unwittingly
647: requesting X11 forwarding, which can warrant a
648: .Dq no
649: setting.
650: .Pp
651: Note that disabling X11 forwarding does not prevent users from
652: forwarding X11 traffic, as users can always install their own forwarders.
1.1 stevesk 653: X11 forwarding is automatically disabled if
654: .Cm UseLogin
655: is enabled.
656: .It Cm X11UseLocalhost
657: Specifies whether
658: .Nm sshd
659: should bind the X11 forwarding server to the loopback address or to
1.14.2.1 margarid 660: the wildcard address.
661: By default,
1.1 stevesk 662: .Nm sshd
663: binds the forwarding server to the loopback address and sets the
664: hostname part of the
665: .Ev DISPLAY
666: environment variable to
667: .Dq localhost .
1.8 stevesk 668: This prevents remote hosts from connecting to the proxy display.
1.1 stevesk 669: However, some older X11 clients may not function with this
670: configuration.
671: .Cm X11UseLocalhost
672: may be set to
673: .Dq no
674: to specify that the forwarding server should be bound to the wildcard
675: address.
676: The argument must be
677: .Dq yes
678: or
679: .Dq no .
680: The default is
681: .Dq yes .
682: .It Cm XAuthLocation
1.11 stevesk 683: Specifies the full pathname of the
1.1 stevesk 684: .Xr xauth 1
685: program.
686: The default is
687: .Pa /usr/X11R6/bin/xauth .
688: .El
689: .Ss Time Formats
690: .Nm sshd
691: command-line arguments and configuration file options that specify time
692: may be expressed using a sequence of the form:
693: .Sm off
1.7 stevesk 694: .Ar time Op Ar qualifier ,
1.1 stevesk 695: .Sm on
696: where
697: .Ar time
698: is a positive integer value and
699: .Ar qualifier
700: is one of the following:
701: .Pp
702: .Bl -tag -width Ds -compact -offset indent
703: .It Cm <none>
704: seconds
705: .It Cm s | Cm S
706: seconds
707: .It Cm m | Cm M
708: minutes
709: .It Cm h | Cm H
710: hours
711: .It Cm d | Cm D
712: days
713: .It Cm w | Cm W
714: weeks
715: .El
716: .Pp
717: Each member of the sequence is added together to calculate
718: the total time value.
719: .Pp
720: Time format examples:
721: .Pp
722: .Bl -tag -width Ds -compact -offset indent
723: .It 600
724: 600 seconds (10 minutes)
725: .It 10m
726: 10 minutes
727: .It 1h30m
728: 1 hour 30 minutes (90 minutes)
729: .El
730: .Sh FILES
731: .Bl -tag -width Ds
732: .It Pa /etc/ssh/sshd_config
733: Contains configuration data for
734: .Nm sshd .
735: This file should be writable by root only, but it is recommended
736: (though not necessary) that it be world-readable.
737: .El
1.14.2.2 brad 738: .Sh SEE ALSO
739: .Xr sshd 8
1.1 stevesk 740: .Sh AUTHORS
741: OpenSSH is a derivative of the original and free
742: ssh 1.2.12 release by Tatu Ylonen.
743: Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
744: Theo de Raadt and Dug Song
745: removed many bugs, re-added newer features and
746: created OpenSSH.
747: Markus Friedl contributed the support for SSH
748: protocol versions 1.5 and 2.0.
749: Niels Provos and Markus Friedl contributed support
750: for privilege separation.