1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
1 |
SSHD(8) OpenBSD System Manager's Manual SSHD(8) |
2 |
||
3 |
NAME
|
|
4 |
sshd - OpenSSH SSH daemon
|
|
5 |
||
6 |
SYNOPSIS
|
|
1.13.3
by Colin Watson
Import upstream version 5.1p1 |
7 |
sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-f config_file]
|
8 |
[-g login_grace_time] [-h host_key_file] [-k key_gen_time]
|
|
9 |
[-o option] [-p port] [-u len]
|
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
10 |
|
11 |
DESCRIPTION
|
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
12 |
sshd (OpenSSH Daemon) is the daemon program for ssh(1). Together these
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
13 |
programs replace rlogin(1) and rsh(1), and provide secure encrypted com-
|
14 |
munications between two untrusted hosts over an insecure network.
|
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
15 |
|
16 |
sshd listens for connections from clients. It is normally started at
|
|
17 |
boot from /etc/rc. It forks a new daemon for each incoming connection.
|
|
18 |
The forked daemons handle key exchange, encryption, authentication, com-
|
|
19 |
mand execution, and data exchange.
|
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
20 |
|
21 |
sshd can be configured using command-line options or a configuration file
|
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
22 |
(by default sshd_config(5)); command-line options override values speci-
|
23 |
fied in the configuration file. sshd rereads its configuration file when
|
|
24 |
it receives a hangup signal, SIGHUP, by executing itself with the name
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
25 |
and options it was started with, e.g. /usr/sbin/sshd.
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
26 |
|
27 |
The options are as follows:
|
|
28 |
||
29 |
-4 Forces sshd to use IPv4 addresses only.
|
|
30 |
||
31 |
-6 Forces sshd to use IPv6 addresses only.
|
|
32 |
||
33 |
-b bits
|
|
34 |
Specifies the number of bits in the ephemeral protocol version 1
|
|
1.13.3
by Colin Watson
Import upstream version 5.1p1 |
35 |
server key (default 1024).
|
36 |
||
37 |
-C connection_spec
|
|
38 |
Specify the connection parameters to use for the -T extended test
|
|
39 |
mode. If provided, any Match directives in the configuration
|
|
40 |
file that would apply to the specified user, host, and address
|
|
41 |
will be set before the configuration is written to standard out-
|
|
42 |
put. The connection parameters are supplied as keyword=value
|
|
43 |
pairs. The keywords are ``user'', ``host'', and ``addr''. All
|
|
44 |
are required and may be supplied in any order, either with multi-
|
|
45 |
ple -C options or as a comma-separated list.
|
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
46 |
|
47 |
-D When this option is specified, sshd will not detach and does not
|
|
48 |
become a daemon. This allows easy monitoring of sshd.
|
|
49 |
||
50 |
-d Debug mode. The server sends verbose debug output to the system
|
|
51 |
log, and does not put itself in the background. The server also
|
|
52 |
will not fork and will only process one connection. This option
|
|
53 |
is only intended for debugging for the server. Multiple -d op-
|
|
54 |
tions increase the debugging level. Maximum is 3.
|
|
55 |
||
56 |
-e When this option is specified, sshd will send the output to the
|
|
57 |
standard error instead of the system log.
|
|
58 |
||
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
59 |
-f config_file
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
60 |
Specifies the name of the configuration file. The default is
|
61 |
/etc/ssh/sshd_config. sshd refuses to start if there is no con-
|
|
62 |
figuration file.
|
|
63 |
||
64 |
-g login_grace_time
|
|
65 |
Gives the grace time for clients to authenticate themselves (de-
|
|
66 |
fault 120 seconds). If the client fails to authenticate the user
|
|
67 |
within this many seconds, the server disconnects and exits. A
|
|
68 |
value of zero indicates no limit.
|
|
69 |
||
70 |
-h host_key_file
|
|
71 |
Specifies a file from which a host key is read. This option must
|
|
72 |
be given if sshd is not run as root (as the normal host key files
|
|
73 |
are normally not readable by anyone but root). The default is
|
|
74 |
/etc/ssh/ssh_host_key for protocol version 1, and
|
|
75 |
/etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro-
|
|
76 |
tocol version 2. It is possible to have multiple host key files
|
|
77 |
for the different protocol versions and host key algorithms.
|
|
78 |
||
79 |
-i Specifies that sshd is being run from inetd(8). sshd is normally
|
|
80 |
not run from inetd because it needs to generate the server key
|
|
81 |
before it can respond to the client, and this may take tens of
|
|
82 |
seconds. Clients would have to wait too long if the key was re-
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
83 |
generated every time. However, with small key sizes (e.g. 512)
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
84 |
using sshd from inetd may be feasible.
|
85 |
||
86 |
-k key_gen_time
|
|
87 |
Specifies how often the ephemeral protocol version 1 server key
|
|
88 |
is regenerated (default 3600 seconds, or one hour). The motiva-
|
|
89 |
tion for regenerating the key fairly often is that the key is not
|
|
90 |
stored anywhere, and after about an hour it becomes impossible to
|
|
91 |
recover the key for decrypting intercepted communications even if
|
|
92 |
the machine is cracked into or physically seized. A value of ze-
|
|
93 |
ro indicates that the key will never be regenerated.
|
|
94 |
||
95 |
-o option
|
|
96 |
Can be used to give options in the format used in the configura-
|
|
97 |
tion file. This is useful for specifying options for which there
|
|
98 |
is no separate command-line flag. For full details of the op-
|
|
99 |
tions, and their values, see sshd_config(5).
|
|
100 |
||
101 |
-p port
|
|
102 |
Specifies the port on which the server listens for connections
|
|
103 |
(default 22). Multiple port options are permitted. Ports speci-
|
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
104 |
fied in the configuration file with the Port option are ignored
|
105 |
when a command-line port is specified. Ports specified using the
|
|
106 |
ListenAddress option override command-line ports.
|
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
107 |
|
108 |
-q Quiet mode. Nothing is sent to the system log. Normally the be-
|
|
109 |
ginning, authentication, and termination of each connection is
|
|
110 |
logged.
|
|
111 |
||
1.13.3
by Colin Watson
Import upstream version 5.1p1 |
112 |
-T Extended test mode. Check the validity of the configuration
|
113 |
file, output the effective configuration to stdout and then exit.
|
|
114 |
Optionally, Match rules may be applied by specifying the connec-
|
|
115 |
tion parameters using one or more -C options.
|
|
116 |
||
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
117 |
-t Test mode. Only check the validity of the configuration file and
|
118 |
sanity of the keys. This is useful for updating sshd reliably as
|
|
119 |
configuration options may change.
|
|
120 |
||
121 |
-u len This option is used to specify the size of the field in the utmp
|
|
122 |
structure that holds the remote host name. If the resolved host
|
|
123 |
name is longer than len, the dotted decimal value will be used
|
|
124 |
instead. This allows hosts with very long host names that over-
|
|
125 |
flow this field to still be uniquely identified. Specifying -u0
|
|
126 |
indicates that only dotted decimal addresses should be put into
|
|
127 |
the utmp file. -u0 may also be used to prevent sshd from making
|
|
128 |
DNS requests unless the authentication mechanism or configuration
|
|
129 |
requires it. Authentication mechanisms that may require DNS in-
|
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
130 |
clude RhostsRSAAuthentication, HostbasedAuthentication, and using
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
131 |
a from="pattern-list" option in a key file. Configuration op-
|
132 |
tions that require DNS include using a USER@HOST pattern in
|
|
133 |
AllowUsers or DenyUsers.
|
|
134 |
||
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
135 |
AUTHENTICATION
|
136 |
The OpenSSH SSH daemon supports SSH protocols 1 and 2. Both protocols
|
|
137 |
are supported by default, though this can be changed via the Protocol op-
|
|
138 |
tion in sshd_config(5). Protocol 2 supports both RSA and DSA keys; pro-
|
|
139 |
tocol 1 only supports RSA keys. For both protocols, each host has a
|
|
140 |
host-specific key, normally 2048 bits, used to identify the host.
|
|
141 |
||
142 |
Forward security for protocol 1 is provided through an additional server
|
|
143 |
key, normally 768 bits, generated when the server starts. This key is
|
|
144 |
normally regenerated every hour if it has been used, and is never stored
|
|
145 |
on disk. Whenever a client connects, the daemon responds with its public
|
|
146 |
host and server keys. The client compares the RSA host key against its
|
|
147 |
own database to verify that it has not changed. The client then gener-
|
|
148 |
ates a 256-bit random number. It encrypts this random number using both
|
|
149 |
the host key and the server key, and sends the encrypted number to the
|
|
150 |
server. Both sides then use this random number as a session key which is
|
|
151 |
used to encrypt all further communications in the session. The rest of
|
|
152 |
the session is encrypted using a conventional cipher, currently Blowfish
|
|
153 |
or 3DES, with 3DES being used by default. The client selects the encryp-
|
|
154 |
tion algorithm to use from those offered by the server.
|
|
155 |
||
156 |
For protocol 2, forward security is provided through a Diffie-Hellman key
|
|
157 |
agreement. This key agreement results in a shared session key. The rest
|
|
158 |
of the session is encrypted using a symmetric cipher, currently 128-bit
|
|
159 |
AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. The
|
|
160 |
client selects the encryption algorithm to use from those offered by the
|
|
161 |
server. Additionally, session integrity is provided through a crypto-
|
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
162 |
graphic message authentication code (hmac-md5, hmac-sha1, umac-64 or
|
163 |
hmac-ripemd160).
|
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
164 |
|
165 |
Finally, the server and the client enter an authentication dialog. The
|
|
166 |
client tries to authenticate itself using host-based authentication, pub-
|
|
167 |
lic key authentication, challenge-response authentication, or password
|
|
168 |
authentication.
|
|
169 |
||
170 |
Regardless of the authentication type, the account is checked to ensure
|
|
171 |
that it is accessible. An account is not accessible if it is locked,
|
|
172 |
listed in DenyUsers or its group is listed in DenyGroups . The defini-
|
|
173 |
tion of a locked account is system dependant. Some platforms have their
|
|
174 |
own account database (eg AIX) and some modify the passwd field ( `*LK*'
|
|
175 |
on Solaris and UnixWare, `*' on HP-UX, containing `Nologin' on Tru64, a |
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
176 |
leading `*LOCKED*' on FreeBSD and a leading `!' on most Linuxes). If |
177 |
there is a requirement to disable password authentication for the account |
|
178 |
while allowing still public-key, then the passwd field should be set to |
|
179 |
something other than these values (eg `NP' or `*NP*' ). |
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
180 |
|
181 |
If the client successfully authenticates itself, a dialog for preparing |
|
182 |
the session is entered. At this time the client may request things like |
|
183 |
allocating a pseudo-tty, forwarding X11 connections, forwarding TCP con- |
|
184 |
nections, or forwarding the authentication agent connection over the se- |
|
185 |
cure channel. |
|
186 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
187 |
After this, the client either requests a shell or execution of a command. |
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
188 |
The sides then enter session mode. In this mode, either side may send |
189 |
data at any time, and such data is forwarded to/from the shell or command |
|
190 |
on the server side, and the user terminal in the client side. |
|
191 |
||
192 |
When the user program terminates and all forwarded X11 and other connec- |
|
193 |
tions have been closed, the server sends command exit status to the |
|
194 |
client, and both sides exit. |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
195 |
|
196 |
LOGIN PROCESS |
|
197 |
When a user successfully logs in, sshd does the following: |
|
198 |
||
199 |
1. If the login is on a tty, and no command has been specified, |
|
200 |
prints last login time and /etc/motd (unless prevented in the |
|
1.1.3
by Colin Watson
Import upstream version 4.2p1 |
201 |
configuration file or by ~/.hushlogin; see the FILES section). |
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
202 |
|
203 |
2. If the login is on a tty, records login time. |
|
204 |
||
205 |
3. Checks /etc/nologin; if it exists, prints contents and quits |
|
206 |
(unless root). |
|
207 |
||
208 |
4. Changes to run with normal user privileges. |
|
209 |
||
210 |
5. Sets up basic environment. |
|
211 |
||
1.1.3
by Colin Watson
Import upstream version 4.2p1 |
212 |
6. Reads the file ~/.ssh/environment, if it exists, and users are |
213 |
allowed to change their environment. See the |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
214 |
PermitUserEnvironment option in sshd_config(5). |
215 |
||
216 |
7. Changes to user's home directory. |
|
217 |
||
1.1.3
by Colin Watson
Import upstream version 4.2p1 |
218 |
8. If ~/.ssh/rc exists, runs it; else if /etc/ssh/sshrc exists,
|
219 |
runs it; otherwise runs xauth. The ``rc'' files are given the
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
220 |
X11 authentication protocol and cookie in standard input. See
|
221 |
SSHRC, below.
|
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
222 |
|
223 |
9. Runs user's shell or command. |
|
224 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
225 |
SSHRC
|
226 |
If the file ~/.ssh/rc exists, sh(1) runs it after reading the environment |
|
227 |
files but before starting the user's shell or command. It must not pro- |
|
228 |
duce any output on stdout; stderr must be used instead. If X11 forward-
|
|
229 |
ing is in use, it will receive the "proto cookie" pair in its standard
|
|
230 |
input (and DISPLAY in its environment). The script must call xauth(1)
|
|
231 |
because sshd will not run xauth automatically to add X11 cookies.
|
|
232 |
||
233 |
The primary purpose of this file is to run any initialization routines
|
|
234 |
which may be needed before the user's home directory becomes accessible; |
|
235 |
AFS is a particular example of such an environment. |
|
236 |
||
237 |
This file will probably contain some initialization code followed by |
|
238 |
something similar to: |
|
239 |
||
240 |
if read proto cookie && [ -n "$DISPLAY" ]; then |
|
241 |
if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then |
|
242 |
# X11UseLocalhost=yes |
|
243 |
echo add unix:`echo $DISPLAY | |
|
244 |
cut -c11-` $proto $cookie |
|
245 |
else
|
|
246 |
# X11UseLocalhost=no |
|
247 |
echo add $DISPLAY $proto $cookie |
|
248 |
fi | xauth -q - |
|
249 |
fi
|
|
250 |
||
251 |
If this file does not exist, /etc/ssh/sshrc is run, and if that does not |
|
252 |
exist either, xauth is used to add the cookie. |
|
253 |
||
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
254 |
AUTHORIZED_KEYS FILE FORMAT |
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
255 |
AuthorizedKeysFile specifies the file containing public keys for public |
256 |
key authentication; if none is specified, the default is |
|
257 |
~/.ssh/authorized_keys. Each line of the file contains one key (empty |
|
258 |
lines and lines starting with a `#' are ignored as comments). Protocol 1 |
|
259 |
public keys consist of the following space-separated fields: options,
|
|
260 |
bits, exponent, modulus, comment. Protocol 2 public key consist of: op-
|
|
261 |
tions, keytype, base64-encoded key, comment. The options field is op-
|
|
262 |
tional; its presence is determined by whether the line starts with a num-
|
|
263 |
ber or not (the options field never starts with a number). The bits, ex-
|
|
264 |
ponent, modulus, and comment fields give the RSA key for protocol version
|
|
265 |
1; the comment field is not used for anything (but may be convenient for
|
|
266 |
the user to identify the key). For protocol version 2 the keytype is
|
|
267 |
``ssh-dss'' or ``ssh-rsa''.
|
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
268 |
|
269 |
Note that lines in this file are usually several hundred bytes long (be-
|
|
1.1.2
by Colin Watson
Import upstream version 4.1p1 |
270 |
cause of the size of the public key encoding) up to a limit of 8 kilo-
|
271 |
bytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16
|
|
272 |
kilobits. You don't want to type them in; instead, copy the |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
273 |
identity.pub, id_dsa.pub, or the id_rsa.pub file and edit it. |
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
274 |
|
275 |
sshd enforces a minimum RSA key modulus size for protocol 1 and protocol |
|
276 |
2 keys of 768 bits. |
|
277 |
||
278 |
The options (if present) consist of comma-separated option specifica- |
|
279 |
tions. No spaces are permitted, except within double quotes. The fol- |
|
280 |
lowing option specifications are supported (note that option keywords are |
|
281 |
case-insensitive): |
|
282 |
||
283 |
command="command" |
|
284 |
Specifies that the command is executed whenever this key is used |
|
285 |
for authentication. The command supplied by the user (if any) is |
|
286 |
ignored. The command is run on a pty if the client requests a |
|
287 |
pty; otherwise it is run without a tty. If an 8-bit clean chan- |
|
288 |
nel is required, one must not request a pty or should specify no- |
|
289 |
pty. A quote may be included in the command by quoting it with a |
|
290 |
backslash. This option might be useful to restrict certain pub- |
|
291 |
lic keys to perform just a specific operation. An example might |
|
292 |
be a key that permits remote backups but nothing else. Note that |
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
293 |
the client may specify TCP and/or X11 forwarding unless they are |
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
294 |
explicitly prohibited. The command originally supplied by the |
295 |
client is available in the SSH_ORIGINAL_COMMAND environment vari- |
|
296 |
able. Note that this option applies to shell, command or subsys- |
|
297 |
tem execution. |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
298 |
|
299 |
environment="NAME=value" |
|
300 |
Specifies that the string is to be added to the environment when |
|
301 |
logging in using this key. Environment variables set this way |
|
302 |
override other default environment values. Multiple options of |
|
303 |
this type are permitted. Environment processing is disabled by |
|
304 |
default and is controlled via the PermitUserEnvironment option. |
|
305 |
This option is automatically disabled if UseLogin is enabled. |
|
306 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
307 |
from="pattern-list" |
1.13.3
by Colin Watson
Import upstream version 5.1p1 |
308 |
Specifies that in addition to public key authentication, either |
309 |
the canonical name of the remote host or its IP address must be |
|
310 |
present in the comma-separated list of patterns. See PATTERNS in |
|
311 |
ssh_config(5) for more information on patterns. |
|
312 |
||
313 |
In addition to the wildcard matching that may be applied to host- |
|
314 |
names or addresses, a from stanza may match IP addressess using |
|
315 |
CIDR address/masklen notation. |
|
316 |
||
317 |
The purpose of this option is to optionally increase security: |
|
318 |
public key authentication by itself does not trust the network or |
|
319 |
name servers or anything (but the key); however, if somebody |
|
320 |
somehow steals the key, the key permits an intruder to log in |
|
321 |
from anywhere in the world. This additional option makes using a |
|
322 |
stolen key more difficult (name servers and/or routers would have |
|
323 |
to be compromised in addition to just the key). |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
324 |
|
325 |
no-agent-forwarding |
|
326 |
Forbids authentication agent forwarding when this key is used for |
|
327 |
authentication. |
|
328 |
||
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
329 |
no-port-forwarding |
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
330 |
Forbids TCP forwarding when this key is used for authentication. |
331 |
Any port forward requests by the client will return an error. |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
332 |
This might be used, e.g. in connection with the command option. |
333 |
||
334 |
no-pty Prevents tty allocation (a request to allocate a pty will fail). |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
335 |
|
1.13.3
by Colin Watson
Import upstream version 5.1p1 |
336 |
no-user-rc |
337 |
Disables execution of ~/.ssh/rc. |
|
338 |
||
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
339 |
no-X11-forwarding |
340 |
Forbids X11 forwarding when this key is used for authentication. |
|
341 |
Any X11 forward requests by the client will return an error. |
|
342 |
||
343 |
permitopen="host:port" |
|
344 |
Limit local ``ssh -L'' port forwarding such that it may only con- |
|
345 |
nect to the specified host and port. IPv6 addresses can be spec- |
|
346 |
ified with an alternative syntax: host/port. Multiple permitopen |
|
347 |
options may be applied separated by commas. No pattern matching |
|
348 |
is performed on the specified hostnames, they must be literal do- |
|
349 |
mains or addresses. |
|
350 |
||
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
351 |
tunnel="n" |
352 |
Force a tun(4) device on the server. Without this option, the |
|
353 |
next available device will be used if the client requests a tun- |
|
354 |
nel. |
|
355 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
356 |
An example authorized_keys file: |
357 |
||
358 |
# Comments allowed at start of line |
|
359 |
ssh-rsa AAAAB3Nza...LiPk== user@example.net |
|
360 |
from="*.sales.example.net,!pc.sales.example.net" ssh-rsa |
|
361 |
AAAAB2...19Q== john@example.net |
|
362 |
command="dump /home",no-pty,no-port-forwarding ssh-dss |
|
363 |
AAAAC3...51R== example.net |
|
364 |
permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-dss |
|
365 |
AAAAB5...21S== |
|
366 |
tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== |
|
367 |
jane@example.net |
|
1.6.1
by Colin Watson
Import upstream version 4.3p2 |
368 |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
369 |
SSH_KNOWN_HOSTS FILE FORMAT |
1.1.3
by Colin Watson
Import upstream version 4.2p1 |
370 |
The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host |
371 |
public keys for all known hosts. The global file should be prepared by |
|
372 |
the administrator (optional), and the per-user file is maintained auto- |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
373 |
matically: whenever the user connects from an unknown host, its key is |
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
374 |
added to the per-user file. |
375 |
||
376 |
Each line in these files contains the following fields: hostnames, bits, |
|
377 |
exponent, modulus, comment. The fields are separated by spaces. |
|
378 |
||
379 |
Hostnames is a comma-separated list of patterns (`*' and `?' act as wild- |
|
380 |
cards); each pattern in turn is matched against the canonical host name |
|
381 |
(when authenticating a client) or against the user-supplied name (when |
|
382 |
authenticating a server). A pattern may also be preceded by `!' to indi- |
|
383 |
cate negation: if the host name matches a negated pattern, it is not ac-
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
384 |
cepted (by that line) even if it matched another pattern on the line. A
|
385 |
hostname or address may optionally be enclosed within `[' and `]' brack- |
|
386 |
ets then followed by `:' and a non-standard port number. |
|
387 |
||
1.1.2
by Colin Watson
Import upstream version 4.1p1 |
388 |
Alternately, hostnames may be stored in a hashed form which hides host |
389 |
names and addresses should the file's contents be disclosed. Hashed |
|
390 |
hostnames start with a `|' character. Only one hashed hostname may ap- |
|
391 |
pear on a single line and none of the above negation or wildcard opera- |
|
392 |
tors may be applied. |
|
393 |
||
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
394 |
Bits, exponent, and modulus are taken directly from the RSA host key; |
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
395 |
they can be obtained, for example, from /etc/ssh/ssh_host_key.pub. The |
396 |
optional comment field continues to the end of the line, and is not used. |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
397 |
|
398 |
Lines starting with `#' and empty lines are ignored as comments. |
|
399 |
||
400 |
When performing host authentication, authentication is accepted if any
|
|
401 |
matching line has the proper key. It is thus permissible (but not recom-
|
|
402 |
mended) to have several lines or different host keys for the same names.
|
|
403 |
This will inevitably happen when short forms of host names from different
|
|
404 |
domains are put in the file. It is possible that the files contain con-
|
|
405 |
flicting information; authentication is accepted if valid information can
|
|
406 |
be found from either file.
|
|
407 |
||
408 |
Note that the lines in these files are typically hundreds of characters
|
|
409 |
long, and you definitely don't want to type in the host keys by hand. |
|
410 |
Rather, generate them by a script or by taking /etc/ssh/ssh_host_key.pub |
|
411 |
and adding the host names at the front. |
|
412 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
413 |
An example ssh_known_hosts file: |
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
414 |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
415 |
# Comments allowed at start of line |
416 |
closenet,...,192.0.2.53 1024 37 159...93 closenet.example.net |
|
417 |
cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....= |
|
418 |
# A hashed hostname |
|
419 |
|1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa |
|
420 |
AAAA1234.....= |
|
1.1.2
by Colin Watson
Import upstream version 4.1p1 |
421 |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
422 |
FILES
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
423 |
~/.hushlogin |
424 |
This file is used to suppress printing the last login time and |
|
425 |
/etc/motd, if PrintLastLog and PrintMotd, respectively, are en- |
|
426 |
abled. It does not suppress printing of the banner specified by |
|
427 |
Banner. |
|
428 |
||
429 |
~/.rhosts |
|
430 |
This file is used for host-based authentication (see ssh(1) for |
|
431 |
more information). On some machines this file may need to be |
|
432 |
world-readable if the user's home directory is on an NFS parti- |
|
433 |
tion, because sshd reads it as root. Additionally, this file
|
|
434 |
must be owned by the user, and must not have write permissions
|
|
435 |
for anyone else. The recommended permission for most machines is
|
|
436 |
read/write for the user, and not accessible by others.
|
|
437 |
||
438 |
~/.shosts
|
|
439 |
This file is used in exactly the same way as .rhosts, but allows
|
|
440 |
host-based authentication without permitting login with
|
|
441 |
rlogin/rsh.
|
|
442 |
||
1.13.3
by Colin Watson
Import upstream version 5.1p1 |
443 |
~/.ssh/
|
444 |
This directory is the default location for all user-specific con-
|
|
445 |
figuration and authentication information. There is no general
|
|
446 |
requirement to keep the entire contents of this directory secret,
|
|
447 |
but the recommended permissions are read/write/execute for the
|
|
448 |
user, and not accessible by others.
|
|
449 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
450 |
~/.ssh/authorized_keys
|
451 |
Lists the public keys (RSA/DSA) that can be used for logging in
|
|
452 |
as this user. The format of this file is described above. The
|
|
453 |
content of the file is not highly sensitive, but the recommended
|
|
454 |
permissions are read/write for the user, and not accessible by
|
|
455 |
others.
|
|
456 |
||
457 |
If this file, the ~/.ssh directory, or the user's home directory |
|
458 |
are writable by other users, then the file could be modified or |
|
459 |
replaced by unauthorized users. In this case, sshd will not al- |
|
460 |
low it to be used unless the StrictModes option has been set to |
|
461 |
``no''. The recommended permissions can be set by executing |
|
462 |
``chmod go-w ~/ ~/.ssh ~/.ssh/authorized_keys''. |
|
463 |
||
464 |
~/.ssh/environment |
|
465 |
This file is read into the environment at login (if it exists). |
|
466 |
It can only contain empty lines, comment lines (that start with |
|
467 |
`#'), and assignment lines of the form name=value. The file |
|
468 |
should be writable only by the user; it need not be readable by
|
|
469 |
anyone else. Environment processing is disabled by default and
|
|
470 |
is controlled via the PermitUserEnvironment option.
|
|
471 |
||
472 |
~/.ssh/known_hosts
|
|
473 |
Contains a list of host keys for all hosts the user has logged
|
|
474 |
into that are not already in the systemwide list of known host
|
|
475 |
keys. The format of this file is described above. This file
|
|
476 |
should be writable only by root/the owner and can, but need not
|
|
477 |
be, world-readable.
|
|
478 |
||
479 |
~/.ssh/rc
|
|
480 |
Contains initialization routines to be run before the user's home |
|
481 |
directory becomes accessible. This file should be writable only |
|
482 |
by the user, and need not be readable by anyone else. |
|
483 |
||
484 |
/etc/hosts.allow |
|
485 |
/etc/hosts.deny |
|
486 |
Access controls that should be enforced by tcp-wrappers are de- |
|
487 |
fined here. Further details are described in hosts_access(5). |
|
488 |
||
489 |
/etc/hosts.equiv |
|
490 |
This file is for host-based authentication (see ssh(1)). It |
|
491 |
should only be writable by root. |
|
492 |
||
493 |
/etc/moduli |
|
494 |
Contains Diffie-Hellman groups used for the "Diffie-Hellman Group |
|
495 |
Exchange". The file format is described in moduli(5). |
|
496 |
||
497 |
/etc/motd |
|
498 |
See motd(5). |
|
499 |
||
500 |
/etc/nologin |
|
501 |
If this file exists, sshd refuses to let anyone except root log |
|
502 |
in. The contents of the file are displayed to anyone trying to |
|
503 |
log in, and non-root connections are refused. The file should be |
|
504 |
world-readable. |
|
505 |
||
506 |
/etc/shosts.equiv |
|
507 |
This file is used in exactly the same way as hosts.equiv, but al- |
|
508 |
lows host-based authentication without permitting login with |
|
509 |
rlogin/rsh. |
|
510 |
||
511 |
/etc/ssh/ssh_host_key |
|
512 |
/etc/ssh/ssh_host_dsa_key |
|
513 |
/etc/ssh/ssh_host_rsa_key |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
514 |
These three files contain the private parts of the host keys. |
515 |
These files should only be owned by root, readable only by root, |
|
516 |
and not accessible to others. Note that sshd does not start if |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
517 |
these files are group/world-accessible. |
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
518 |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
519 |
/etc/ssh/ssh_host_key.pub |
520 |
/etc/ssh/ssh_host_dsa_key.pub |
|
521 |
/etc/ssh/ssh_host_rsa_key.pub |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
522 |
These three files contain the public parts of the host keys. |
523 |
These files should be world-readable but writable only by root. |
|
524 |
Their contents should match the respective private parts. These |
|
525 |
files are not really used for anything; they are provided for the |
|
526 |
convenience of the user so their contents can be copied to known |
|
527 |
hosts files. These files are created using ssh-keygen(1). |
|
528 |
||
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
529 |
/etc/ssh/ssh_known_hosts |
530 |
Systemwide list of known host keys. This file should be prepared |
|
531 |
by the system administrator to contain the public host keys of |
|
532 |
all machines in the organization. The format of this file is de- |
|
533 |
scribed above. This file should be writable only by root/the |
|
534 |
owner and should be world-readable. |
|
535 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
536 |
/etc/ssh/sshd_config |
537 |
Contains configuration data for sshd. The file format and con- |
|
538 |
figuration options are described in sshd_config(5). |
|
539 |
||
540 |
/etc/ssh/sshrc |
|
541 |
Similar to ~/.ssh/rc, it can be used to specify machine-specific |
|
542 |
login-time initializations globally. This file should be |
|
543 |
writable only by root, and should be world-readable. |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
544 |
|
545 |
/var/empty |
|
546 |
chroot(2) directory used by sshd during privilege separation in |
|
547 |
the pre-authentication phase. The directory should not contain |
|
548 |
any files and must be owned by root and not group or world- |
|
549 |
writable. |
|
550 |
||
551 |
/var/run/sshd.pid |
|
552 |
Contains the process ID of the sshd listening for connections (if |
|
553 |
there are several daemons running concurrently for different |
|
554 |
ports, this contains the process ID of the one started last). |
|
555 |
The content of this file is not sensitive; it can be world-read- |
|
556 |
able. |
|
557 |
||
558 |
SEE ALSO |
|
559 |
scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), |
|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
560 |
ssh-keyscan(1), chroot(2), hosts_access(5), login.conf(5), moduli(5), |
561 |
sshd_config(5), inetd(8), sftp-server(8) |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
562 |
|
563 |
AUTHORS
|
|
564 |
OpenSSH is a derivative of the original and free ssh 1.2.12 release by |
|
565 |
Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo |
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
566 |
de Raadt and Dug Song removed many bugs, re-added newer features and cre- |
567 |
ated OpenSSH. Markus Friedl contributed the support for SSH protocol |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
568 |
versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
569 |
for privilege separation. |
|
570 |
||
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
571 |
CAVEATS
|
572 |
System security is not improved unless rshd, rlogind, and rexecd are dis- |
|
573 |
abled (thus completely disabling rlogin and rsh into the machine). |
|
574 |
||
1.13.3
by Colin Watson
Import upstream version 5.1p1 |
575 |
OpenBSD 4.4 July 2, 2008 9 |