|
1.13.2
by Colin Watson
Import upstream version 4.7p1 |
1 |
.\" $OpenBSD: ssh-keysign.8,v 1.9 2007/05/31 19:20:16 jmc Exp $ |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
2 |
.\" |
3 |
.\" Copyright (c) 2002 Markus Friedl. All rights reserved. |
|
4 |
.\" |
|
5 |
.\" Redistribution and use in source and binary forms, with or without |
|
6 |
.\" modification, are permitted provided that the following conditions |
|
7 |
.\" are met: |
|
8 |
.\" 1. Redistributions of source code must retain the above copyright |
|
9 |
.\" notice, this list of conditions and the following disclaimer. |
|
10 |
.\" 2. Redistributions in binary form must reproduce the above copyright |
|
11 |
.\" notice, this list of conditions and the following disclaimer in the |
|
12 |
.\" documentation and/or other materials provided with the distribution. |
|
13 |
.\" |
|
14 |
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
|
15 |
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
|
16 |
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
|
17 |
.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
|
18 |
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
|
19 |
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
|
20 |
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
|
21 |
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
|
22 |
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
|
23 |
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
24 |
.\" |
|
|
1.13.3
by Colin Watson
Import upstream version 5.1p1 |
25 |
.Dd $Mdocdate: May 31 2007 $ |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
26 |
.Dt SSH-KEYSIGN 8 |
27 |
.Os
|
|
28 |
.Sh NAME |
|
29 |
.Nm ssh-keysign |
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
30 |
.Nd ssh helper program for host-based authentication |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
31 |
.Sh SYNOPSIS |
32 |
.Nm
|
|
33 |
.Sh DESCRIPTION |
|
34 |
.Nm
|
|
35 |
is used by |
|
36 |
.Xr ssh 1 |
|
37 |
to access the local host keys and generate the digital signature |
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
38 |
required during host-based authentication with SSH protocol version 2. |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
39 |
.Pp
|
40 |
.Nm
|
|
41 |
is disabled by default and can only be enabled in the |
|
42 |
global client configuration file |
|
43 |
.Pa /etc/ssh/ssh_config |
|
44 |
by setting |
|
45 |
.Cm EnableSSHKeysign |
|
46 |
to |
|
47 |
.Dq yes . |
|
48 |
.Pp
|
|
49 |
.Nm
|
|
50 |
is not intended to be invoked by the user, but from |
|
51 |
.Xr ssh 1 . |
|
52 |
See |
|
53 |
.Xr ssh 1 |
|
54 |
and |
|
55 |
.Xr sshd 8 |
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
56 |
for more information about host-based authentication. |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
57 |
.Sh FILES |
58 |
.Bl -tag -width Ds |
|
59 |
.It Pa /etc/ssh/ssh_config |
|
60 |
Controls whether |
|
61 |
.Nm
|
|
62 |
is enabled. |
|
63 |
.It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key |
|
64 |
These files contain the private parts of the host keys used to |
|
65 |
generate the digital signature. |
|
66 |
They should be owned by root, readable only by root, and not |
|
67 |
accessible to others. |
|
68 |
Since they are readable only by root, |
|
69 |
.Nm
|
|
|
1.13.1
by Colin Watson
Import upstream version 4.6p1 |
70 |
must be set-uid root if host-based authentication is used. |
|
1
by Noah Meyerhans
Import upstream version 3.8.1p1 |
71 |
.El
|
72 |
.Sh SEE ALSO |
|
73 |
.Xr ssh 1 , |
|
74 |
.Xr ssh-keygen 1 , |
|
75 |
.Xr ssh_config 5 , |
|
76 |
.Xr sshd 8 |
|
77 |
.Sh HISTORY |
|
78 |
.Nm
|
|
79 |
first appeared in |
|
80 |
.Ox 3.2 . |
|
81 |
.Sh AUTHORS |
|
82 |
.An Markus Friedl Aq markus@openbsd.org |