diff options
Diffstat (limited to 'ssh.1')
| -rw-r--r-- | ssh.1 | 47 |
1 files changed, 33 insertions, 14 deletions
@@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.419 2021/02/15 20:43:15 markus Exp $ -.Dd $Mdocdate: February 15 2021 $ +.\" $OpenBSD: ssh.1,v 1.425 2021/07/28 05:57:42 jmc Exp $ +.Dd $Mdocdate: July 28 2021 $ .Dt SSH 1 .Os .Sh NAME @@ -88,7 +88,7 @@ or a URI of the form .No ssh:// Oo user @ Oc hostname Op : port . .Sm on The user must prove -his/her identity to the remote machine using one of several methods +their identity to the remote machine using one of several methods (see below). .Pp If a @@ -259,6 +259,11 @@ then a client started with .Fl f will wait for all remote port forwards to be successfully established before placing itself in the background. +Refer to the description of +.Cm ForkAfterAuthentication +in +.Xr ssh_config 5 +for details. .Pp .It Fl G Causes @@ -425,6 +430,11 @@ keyword for more information. .It Fl N Do not execute a remote command. This is useful for just forwarding ports. +Refer to the description of +.Cm SessionType +in +.Xr ssh_config 5 +for details. .Pp .It Fl n Redirects stdin from @@ -446,6 +456,11 @@ program will be put in the background. needs to ask for a password or passphrase; see also the .Fl f option.) +Refer to the description of +.Cm StdinNull +in +.Xr ssh_config 5 +for details. .Pp .It Fl O Ar ctl_cmd Control an active connection multiplexing master process. @@ -485,7 +500,6 @@ For full details of the options listed below, and their possible values, see .It CanonicalizePermittedCNAMEs .It CASignatureAlgorithms .It CertificateFile -.It ChallengeResponseAuthentication .It CheckHostIP .It Ciphers .It ClearAllForwardings @@ -499,6 +513,7 @@ For full details of the options listed below, and their possible values, see .It EscapeChar .It ExitOnForwardFailure .It FingerprintHash +.It ForkAfterAuthentication .It ForwardAgent .It ForwardX11 .It ForwardX11Timeout @@ -547,7 +562,9 @@ For full details of the options listed below, and their possible values, see .It SendEnv .It ServerAliveInterval .It ServerAliveCountMax +.It SessionType .It SetEnv +.It StdinNull .It StreamLocalBindMask .It StreamLocalBindUnlink .It StrictHostKeyChecking @@ -568,10 +585,7 @@ This can be specified on a per-host basis in the configuration file. .Pp .It Fl Q Ar query_option -Queries -.Nm -for the algorithms supported for the specified version 2. -The available features are: +Queries for the algorithms supported by one of the following features: .Ar cipher (supported symmetric ciphers), .Ar cipher-auth @@ -704,6 +718,11 @@ Subsystems facilitate the use of SSH as a secure transport for other applications (e.g.\& .Xr sftp 1 ) . The subsystem is specified as the remote command. +Refer to the description of +.Cm SessionType +in +.Xr ssh_config 5 +for details. .Pp .It Fl T Disable pseudo-terminal allocation. @@ -833,7 +852,7 @@ The methods available for authentication are: GSSAPI-based authentication, host-based authentication, public key authentication, -challenge-response authentication, +keyboard-interactive authentication, and password authentication. Authentication methods are tried in the order specified above, though @@ -908,7 +927,7 @@ or higher (e.g. by using the .Fl v flag). .Pp -The user creates his/her key pair by running +The user creates their key pair by running .Xr ssh-keygen 1 . This stores the private key in .Pa ~/.ssh/id_dsa @@ -942,7 +961,7 @@ in the user's home directory. The user should then copy the public key to .Pa ~/.ssh/authorized_keys -in his/her home directory on the remote machine. +in their home directory on the remote machine. The .Pa authorized_keys file corresponds to the conventional @@ -971,11 +990,11 @@ directive in .Xr ssh_config 5 for more information. .Pp -Challenge-response authentication works as follows: +Keyboard-interactive authentication works as follows: The server sends an arbitrary .Qq challenge -text, and prompts for a response. -Examples of challenge-response authentication include +text and prompts for a response, possibly multiple times. +Examples of keyboard-interactive authentication include .Bx Authentication (see .Xr login.conf 5 ) |