Changeset View
Changeset View
Standalone View
Standalone View
crypto/openssh/ssh_config.5
Show All 28 Lines | |||||
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||||
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, | ||||
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY | ||||
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT | ||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | ||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | ||||
.\" | .\" | ||||
.\" $OpenBSD: ssh_config.5,v 1.292 2019/03/01 02:16:47 djm Exp $ | .\" $OpenBSD: ssh_config.5,v 1.292 2019/03/01 02:16:47 djm Exp $ | ||||
.\" $FreeBSD$ | |||||
.Dd $Mdocdate: March 1 2019 $ | .Dd $Mdocdate: March 1 2019 $ | ||||
.Dt SSH_CONFIG 5 | .Dt SSH_CONFIG 5 | ||||
.Os | .Os | ||||
.Sh NAME | .Sh NAME | ||||
.Nm ssh_config | .Nm ssh_config | ||||
.Nd OpenSSH SSH client configuration files | .Nd OpenSSH SSH client configuration files | ||||
.Sh DESCRIPTION | .Sh DESCRIPTION | ||||
.Xr ssh 1 | .Xr ssh 1 | ||||
▲ Show 20 Lines • Show All 355 Lines • ▼ Show 20 Lines | |||||
Specifies whether to use challenge-response authentication. | Specifies whether to use challenge-response authentication. | ||||
The argument to this keyword must be | The argument to this keyword must be | ||||
.Cm yes | .Cm yes | ||||
(the default) | (the default) | ||||
or | or | ||||
.Cm no . | .Cm no . | ||||
.It Cm CheckHostIP | .It Cm CheckHostIP | ||||
If set to | If set to | ||||
.Cm yes | .Cm yes , | ||||
(the default), | |||||
.Xr ssh 1 | .Xr ssh 1 | ||||
will additionally check the host IP address in the | will additionally check the host IP address in the | ||||
.Pa known_hosts | .Pa known_hosts | ||||
file. | file. | ||||
This allows it to detect if a host key changed due to DNS spoofing | This allows it to detect if a host key changed due to DNS spoofing | ||||
and will add addresses of destination hosts to | and will add addresses of destination hosts to | ||||
.Pa ~/.ssh/known_hosts | .Pa ~/.ssh/known_hosts | ||||
in the process, regardless of the setting of | in the process, regardless of the setting of | ||||
.Cm StrictHostKeyChecking . | .Cm StrictHostKeyChecking . | ||||
If the option is set to | If the option is set to | ||||
.Cm no , | .Cm no , | ||||
the check will not be executed. | the check will not be executed. | ||||
The default is | |||||
.Cm no . | |||||
.It Cm Ciphers | .It Cm Ciphers | ||||
Specifies the ciphers allowed and their order of preference. | Specifies the ciphers allowed and their order of preference. | ||||
Multiple ciphers must be comma-separated. | Multiple ciphers must be comma-separated. | ||||
If the specified value begins with a | If the specified value begins with a | ||||
.Sq + | .Sq + | ||||
character, then the specified ciphers will be appended to the default set | character, then the specified ciphers will be appended to the default set | ||||
instead of replacing them. | instead of replacing them. | ||||
If the specified value begins with a | If the specified value begins with a | ||||
▲ Show 20 Lines • Show All 1,233 Lines • ▼ Show 20 Lines | |||||
.Cm ask . | .Cm ask . | ||||
If this option is set to | If this option is set to | ||||
.Cm ask , | .Cm ask , | ||||
information on fingerprint match will be displayed, but the user will still | information on fingerprint match will be displayed, but the user will still | ||||
need to confirm new host keys according to the | need to confirm new host keys according to the | ||||
.Cm StrictHostKeyChecking | .Cm StrictHostKeyChecking | ||||
option. | option. | ||||
The default is | The default is | ||||
.Cm no . | .Cm yes | ||||
if compiled with LDNS and | |||||
.Cm no | |||||
otherwise. | |||||
.Pp | .Pp | ||||
See also | See also | ||||
.Sx VERIFYING HOST KEYS | .Sx VERIFYING HOST KEYS | ||||
in | in | ||||
.Xr ssh 1 . | .Xr ssh 1 . | ||||
.It Cm VersionAddendum | |||||
Specifies a string to append to the regular version string to identify | |||||
OS- or site-specific modifications. | |||||
The default is | |||||
.Dq FreeBSD-20180909 . | |||||
The value | |||||
.Cm none | |||||
may be used to disable this. | |||||
.It Cm VisualHostKey | .It Cm VisualHostKey | ||||
If this flag is set to | If this flag is set to | ||||
.Cm yes , | .Cm yes , | ||||
an ASCII art representation of the remote host key fingerprint is | an ASCII art representation of the remote host key fingerprint is | ||||
printed in addition to the fingerprint string at login and | printed in addition to the fingerprint string at login and | ||||
for unknown host keys. | for unknown host keys. | ||||
If this flag is set to | If this flag is set to | ||||
.Cm no | .Cm no | ||||
(the default), | (the default), | ||||
no fingerprint strings are printed at login and | no fingerprint strings are printed at login and | ||||
only the fingerprint string will be printed for unknown host keys. | only the fingerprint string will be printed for unknown host keys. | ||||
.It Cm XAuthLocation | .It Cm XAuthLocation | ||||
Specifies the full pathname of the | Specifies the full pathname of the | ||||
.Xr xauth 1 | .Xr xauth 1 | ||||
program. | program. | ||||
The default is | The default is | ||||
.Pa /usr/X11R6/bin/xauth . | .Pa /usr/local/bin/xauth . | ||||
.El | .El | ||||
.Sh PATTERNS | .Sh PATTERNS | ||||
A | A | ||||
.Em pattern | .Em pattern | ||||
consists of zero or more non-whitespace characters, | consists of zero or more non-whitespace characters, | ||||
.Sq * | .Sq * | ||||
(a wildcard that matches zero or more characters), | (a wildcard that matches zero or more characters), | ||||
or | or | ||||
▲ Show 20 Lines • Show All 134 Lines • Show Last 20 Lines |