diff options
Diffstat (limited to 'ssh_config.0')
| -rw-r--r-- | ssh_config.0 | 82 |
1 files changed, 42 insertions, 40 deletions
diff --git a/ssh_config.0 b/ssh_config.0 index 4109b19090380..00afda1cad92b 100644 --- a/ssh_config.0 +++ b/ssh_config.0 @@ -109,13 +109,11 @@ DESCRIPTION BindAddress Use the specified address on the local machine as the source address of the connection. Only useful on systems with more than - one address. Note that this option does not work if - UsePrivilegedPort is set to yes. + one address. BindInterface Use the address of the specified interface on the local machine - as the source address of the connection. Note that this option - does not work if UsePrivilegedPort is set to yes. + as the source address of the connection. CanonicalDomains When CanonicalizeHostname is enabled, this option specifies the @@ -216,8 +214,7 @@ DESCRIPTION chacha20-poly1305@openssh.com, aes128-ctr,aes192-ctr,aes256-ctr, - aes128-gcm@openssh.com,aes256-gcm@openssh.com, - aes128-cbc,aes192-cbc,aes256-cbc + aes128-gcm@openssh.com,aes256-gcm@openssh.com The list of available ciphers may also be obtained using "ssh -Q cipher". @@ -429,11 +426,11 @@ DESCRIPTION HostbasedKeyTypes Specifies the key types that will be used for hostbased - authentication as a comma-separated pattern list. Alternately if - the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the - specified key types will be appended to the default set instead - of replacing them. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y - character, then the specified key types (including wildcards) + authentication as a comma-separated list of patterns. + Alternately if the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, + then the specified key types will be appended to the default set + instead of replacing them. If the specified value begins with a + M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified key types (including wildcards) will be removed from the default set instead of replacing them. The default for this option is: @@ -441,9 +438,10 @@ DESCRIPTION ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, + rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa + ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa The -Q option of ssh(1) may be used to list supported key types. @@ -460,9 +458,10 @@ DESCRIPTION ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, + rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa + ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa If hostkeys are known for the destination host then this default is modified to prefer their algorithms. @@ -544,7 +543,7 @@ DESCRIPTION Include Include the specified configuration file(s). Multiple pathnames - may be specified and each pathname may contain glob(3) wildcards + may be specified and each pathname may contain glob(7) wildcards and, for user configurations, shell-like M-bM-^@M-^X~M-bM-^@M-^Y references to user home directories. Files without absolute paths are assumed to be in ~/.ssh if included in a user configuration file or /etc/ssh if @@ -561,8 +560,8 @@ DESCRIPTION is specified, it is used as the packet class unconditionally. If two values are specified, the first is automatically selected for interactive sessions and the second for non-interactive sessions. - The default is lowdelay for interactive sessions and throughput - for non-interactive sessions. + The default is af21 (Low-Latency Data) for interactive sessions + and cs1 (Lower Effort) for non-interactive sessions. KbdInteractiveAuthentication Specifies whether to use keyboard-interactive authentication. @@ -573,8 +572,7 @@ DESCRIPTION authentication. Multiple method names must be comma-separated. The default is to use the server specified list. The methods available vary depending on what the server supports. For an - OpenSSH server, it may be zero or more of: bsdauth, pam, and - skey. + OpenSSH server, it may be zero or more of: bsdauth and pam. KexAlgorithms Specifies the available KEX (Key Exchange) algorithms. Multiple @@ -735,11 +733,11 @@ DESCRIPTION PubkeyAcceptedKeyTypes Specifies the key types that will be used for public key - authentication as a comma-separated pattern list. Alternately if - the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the key - types after it will be appended to the default instead of - replacing it. If the specified value begins with a M-bM-^@M-^X-M-bM-^@M-^Y - character, then the specified key types (including wildcards) + authentication as a comma-separated list of patterns. + Alternately if the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, + then the key types after it will be appended to the default + instead of replacing it. If the specified value begins with a + M-bM-^@M-^X-M-bM-^@M-^Y character, then the specified key types (including wildcards) will be removed from the default set instead of replacing them. The default for this option is: @@ -747,9 +745,10 @@ DESCRIPTION ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, + rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, - ssh-ed25519,ssh-rsa + ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa The list of available key types may also be obtained using "ssh -Q key". @@ -781,7 +780,7 @@ DESCRIPTION RemoteForward Specifies that a TCP port on the remote machine be forwarded over - the secure channel. The remote port may either be fowarded to a + the secure channel. The remote port may either be forwarded to a specified host and port from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote client to connect to arbitrary destinations from the local machine. The first @@ -832,11 +831,14 @@ DESCRIPTION server. Variables are specified by name, which may contain wildcard characters. Multiple environment variables may be separated by whitespace or spread across multiple SendEnv - directives. The default is not to send any environment - variables. + directives. See PATTERNS for more information on patterns. + It is possible to clear previously set SendEnv variable names by + prefixing patterns with -. The default is not to send any + environment variables. + ServerAliveCountMax Sets the number of server alive messages (see below) which may be sent without ssh(1) receiving any messages back from the server. @@ -862,6 +864,10 @@ DESCRIPTION default is 0, indicating that these messages will not be sent to the server. + SetEnv Directly specify one or more environment variables and their + contents to be sent to the server. Similarly to SendEnv, the + server must be prepared to accept the environment variable. + StreamLocalBindMask Sets the octal file creation mode mask (umask) used when creating a Unix-domain socket file for local or remote port forwarding. @@ -956,11 +962,6 @@ DESCRIPTION "hostkeys@openssh.com" protocol extension used to inform the client of all the server's hostkeys. - UsePrivilegedPort - Specifies whether to use a privileged port for outgoing - connections. The argument must be yes or no (the default). If - set to yes, ssh(1) must be setuid root. - User Specifies the user to log in as. This can be useful when a different user name is used on different machines. This saves the trouble of having to remember to give the user name on the @@ -1046,24 +1047,25 @@ TOKENS tunnel forwarding was requested, or "NONE" otherwise. %u The local username. - Match exec accepts the tokens %%, %h, %L, %l, %n, %p, %r, and %u. + Match exec accepts the tokens %%, %h, %i, %L, %l, %n, %p, %r, and %u. - CertificateFile accepts the tokens %%, %d, %h, %l, %r, and %u. + CertificateFile accepts the tokens %%, %d, %h, %i, %l, %r, and %u. ControlPath accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and %u. HostName accepts the tokens %% and %h. - IdentityAgent and IdentityFile accept the tokens %%, %d, %h, %l, %r, and - %u. + IdentityAgent and IdentityFile accept the tokens %%, %d, %h, %i, %l, %r, + and %u. - LocalCommand accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, %T, and - %u. + LocalCommand accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, %T, + and %u. ProxyCommand accepts the tokens %%, %h, %p, and %r. - RemoteCommand accepts the tokens %%, %C, %d, %h, %l, %n, %p, %r, and %u. + RemoteCommand accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, and + %u. FILES ~/.ssh/config @@ -1089,4 +1091,4 @@ AUTHORS created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. -OpenBSD 6.2 February 23, 2018 OpenBSD 6.2 +OpenBSD 6.4 July 23, 2018 OpenBSD 6.4 |