mirror of
				https://github.com/PowerShell/Win32-OpenSSH.git
				synced 2025-10-26 17:24:05 +01:00 
			
		
		
		
	
		
			
				
	
	
		
			94 lines
		
	
	
		
			3.0 KiB
		
	
	
	
		
			Groff
		
	
	
	
	
	
			
		
		
	
	
			94 lines
		
	
	
		
			3.0 KiB
		
	
	
	
		
			Groff
		
	
	
	
	
	
| .\" $OpenBSD: ssh-keysign.8,v 1.14 2013/12/07 11:58:46 naddy Exp $
 | |
| .\"
 | |
| .\" Copyright (c) 2002 Markus Friedl.  All rights reserved.
 | |
| .\"
 | |
| .\" Redistribution and use in source and binary forms, with or without
 | |
| .\" modification, are permitted provided that the following conditions
 | |
| .\" are met:
 | |
| .\" 1. Redistributions of source code must retain the above copyright
 | |
| .\"    notice, this list of conditions and the following disclaimer.
 | |
| .\" 2. Redistributions in binary form must reproduce the above copyright
 | |
| .\"    notice, this list of conditions and the following disclaimer in the
 | |
| .\"    documentation and/or other materials provided with the distribution.
 | |
| .\"
 | |
| .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
 | |
| .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 | |
| .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 | |
| .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 | |
| .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 | |
| .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 | |
| .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 | |
| .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 | |
| .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 | |
| .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 | |
| .\"
 | |
| .Dd $Mdocdate: December 7 2013 $
 | |
| .Dt SSH-KEYSIGN 8
 | |
| .Os
 | |
| .Sh NAME
 | |
| .Nm ssh-keysign
 | |
| .Nd ssh helper program for host-based authentication
 | |
| .Sh SYNOPSIS
 | |
| .Nm
 | |
| .Sh DESCRIPTION
 | |
| .Nm
 | |
| is used by
 | |
| .Xr ssh 1
 | |
| to access the local host keys and generate the digital signature
 | |
| required during host-based authentication with SSH protocol version 2.
 | |
| .Pp
 | |
| .Nm
 | |
| is disabled by default and can only be enabled in the
 | |
| global client configuration file
 | |
| .Pa /etc/ssh/ssh_config
 | |
| by setting
 | |
| .Cm EnableSSHKeysign
 | |
| to
 | |
| .Dq yes .
 | |
| .Pp
 | |
| .Nm
 | |
| is not intended to be invoked by the user, but from
 | |
| .Xr ssh 1 .
 | |
| See
 | |
| .Xr ssh 1
 | |
| and
 | |
| .Xr sshd 8
 | |
| for more information about host-based authentication.
 | |
| .Sh FILES
 | |
| .Bl -tag -width Ds -compact
 | |
| .It Pa /etc/ssh/ssh_config
 | |
| Controls whether
 | |
| .Nm
 | |
| is enabled.
 | |
| .Pp
 | |
| .It Pa /etc/ssh/ssh_host_dsa_key
 | |
| .It Pa /etc/ssh/ssh_host_ecdsa_key
 | |
| .It Pa /etc/ssh/ssh_host_ed25519_key
 | |
| .It Pa /etc/ssh/ssh_host_rsa_key
 | |
| These files contain the private parts of the host keys used to
 | |
| generate the digital signature.
 | |
| They should be owned by root, readable only by root, and not
 | |
| accessible to others.
 | |
| Since they are readable only by root,
 | |
| .Nm
 | |
| must be set-uid root if host-based authentication is used.
 | |
| .Pp
 | |
| .It Pa /etc/ssh/ssh_host_dsa_key-cert.pub
 | |
| .It Pa /etc/ssh/ssh_host_ecdsa_key-cert.pub
 | |
| .It Pa /etc/ssh/ssh_host_ed25519_key-cert.pub
 | |
| .It Pa /etc/ssh/ssh_host_rsa_key-cert.pub
 | |
| If these files exist they are assumed to contain public certificate
 | |
| information corresponding with the private keys above.
 | |
| .El
 | |
| .Sh SEE ALSO
 | |
| .Xr ssh 1 ,
 | |
| .Xr ssh-keygen 1 ,
 | |
| .Xr ssh_config 5 ,
 | |
| .Xr sshd 8
 | |
| .Sh HISTORY
 | |
| .Nm
 | |
| first appeared in
 | |
| .Ox 3.2 .
 | |
| .Sh AUTHORS
 | |
| .An Markus Friedl Aq Mt markus@openbsd.org
 |