Path fix /etc -> /etc/ssh
This commit is contained in:
Damien Miller
parent
32aa144d70
commit
f1d9a30b4f
28
ssh.1
28
ssh.1
|
|
@ -9,7 +9,7 @@
|
|||
.\"
|
||||
.\" Created: Sat Apr 22 21:55:14 1995 ylo
|
||||
.\"
|
||||
.\" $Id: ssh.1,v 1.3 1999/10/28 23:15:50 damien Exp $
|
||||
.\" $Id: ssh.1,v 1.4 1999/10/28 23:17:36 damien Exp $
|
||||
.\"
|
||||
.Dd September 25, 1999
|
||||
.Dt SSH 1
|
||||
|
|
@ -66,7 +66,7 @@ his/her identity to the remote machine using one of several methods.
|
|||
First, if the machine the user logs in from is listed in
|
||||
.Pa /etc/hosts.equiv
|
||||
or
|
||||
.Pa /etc/shosts.equiv
|
||||
.Pa /etc/ssh/shosts.equiv
|
||||
on the remote machine, and the user names are
|
||||
the same on both sides, the user is immediately permitted to log in.
|
||||
Second, if
|
||||
|
|
@ -89,10 +89,10 @@ means that if the login would be permitted by
|
|||
.Pa \&.shosts ,
|
||||
.Pa /etc/hosts.equiv ,
|
||||
or
|
||||
.Pa /etc/shosts.equiv ,
|
||||
.Pa /etc/ssh/shosts.equiv ,
|
||||
and if additionally the server can verify the client's
|
||||
host key (see
|
||||
.Pa /etc/ssh_known_hosts
|
||||
.Pa /etc/ssh/ssh_known_hosts
|
||||
in the
|
||||
.Sx FILES
|
||||
section), only then login is
|
||||
|
|
@ -248,7 +248,7 @@ identifications for all hosts it has ever been used with. The
|
|||
database is stored in
|
||||
.Pa \&.ssh/known_hosts
|
||||
in the user's home directory. Additionally, the file
|
||||
.Pa /etc/ssh_known_hosts
|
||||
.Pa /etc/ssh/ssh_known_hosts
|
||||
is automatically checked for known hosts. Any new hosts are
|
||||
automatically added to the user's file. If a host's identification
|
||||
ever changes,
|
||||
|
|
@ -416,7 +416,7 @@ obtains configuration data from the following sources (in this order):
|
|||
command line options, user's configuration file
|
||||
.Pq Pa $HOME/.ssh/config ,
|
||||
and system-wide configuration file
|
||||
.Pq Pa /etc/ssh_config .
|
||||
.Pq Pa /etc/ssh/ssh_config .
|
||||
For each parameter, the first obtained value
|
||||
will be used. The configuration files contain sections bracketed by
|
||||
"Host" specifications, and that section is only applied for hosts that
|
||||
|
|
@ -540,7 +540,7 @@ The default is
|
|||
.Dq no .
|
||||
.It Cm GlobalKnownHostsFile
|
||||
Specifies a file to use instead of
|
||||
.Pa /etc/ssh_known_hosts .
|
||||
.Pa /etc/ssh/ssh_known_hosts .
|
||||
.It Cm HostName
|
||||
Specifies the real host name to log into. This can be used to specify
|
||||
nicnames or abbreviations for hosts. Default is the name given on the
|
||||
|
|
@ -672,7 +672,7 @@ ssh will never automatically add host keys to the
|
|||
file, and refuses to connect hosts whose host key has changed. This
|
||||
provides maximum protection against trojan horse attacks. However, it
|
||||
can be somewhat annoying if you don't have good
|
||||
.Pa /etc/ssh_known_hosts
|
||||
.Pa /etc/ssh/ssh_known_hosts
|
||||
files installed and frequently
|
||||
connect new hosts. Basically this option forces the user to manually
|
||||
add any new hosts. Normally this option is disabled, and new hosts
|
||||
|
|
@ -779,7 +779,7 @@ to the environment.
|
|||
.It Pa $HOME/.ssh/known_hosts
|
||||
Records host keys for all hosts the user has logged into (that are not
|
||||
in
|
||||
.Pa /etc/ssh_known_hosts ) .
|
||||
.Pa /etc/ssh/ssh_known_hosts ) .
|
||||
See
|
||||
.Xr sshd 8 .
|
||||
.It Pa $HOME/.ssh/random_seed
|
||||
|
|
@ -824,7 +824,7 @@ identity files (that is, each line contains the number of bits in
|
|||
modulus, public exponent, modulus, and comment fields, separated by
|
||||
spaces). This file is not highly sensitive, but the recommended
|
||||
permissions are read/write for the user, and not accessible by others.
|
||||
.It Pa /etc/ssh_known_hosts
|
||||
.It Pa /etc/ssh/ssh_known_hosts
|
||||
Systemwide list of known host keys. This file should be prepared by the
|
||||
system administrator to contain the public host keys of all machines in the
|
||||
organization. This file should be world-readable. This file contains
|
||||
|
|
@ -843,7 +843,7 @@ to verify the client host when logging in; other names are needed because
|
|||
does not convert the user-supplied name to a canonical name before
|
||||
checking the key, because someone with access to the name servers
|
||||
would then be able to fool host authentication.
|
||||
.It Pa /etc/ssh_config
|
||||
.It Pa /etc/ssh/ssh_config
|
||||
Systemwide configuration file. This file provides defaults for those
|
||||
values that are not specified in the user's configuration file, and
|
||||
for those users who do not have a configuration file. This file must
|
||||
|
|
@ -870,7 +870,7 @@ Note that by default
|
|||
will be installed so that it requires successful RSA host
|
||||
authentication before permitting \s+2.\s0rhosts authentication. If your
|
||||
server machine does not have the client's host key in
|
||||
.Pa /etc/ssh_known_hosts ,
|
||||
.Pa /etc/ssh/ssh_known_hosts ,
|
||||
you can store it in
|
||||
.Pa $HOME/.ssh/known_hosts .
|
||||
The easiest way to do this is to
|
||||
|
|
@ -897,13 +897,13 @@ manual page). If the client host is found in this file, login is
|
|||
automatically permitted provided client and server user names are the
|
||||
same. Additionally, successful RSA host authentication is normally
|
||||
required. This file should only be writable by root.
|
||||
.It Pa /etc/shosts.equiv
|
||||
.It Pa /etc/ssh/shosts.equiv
|
||||
This file is processed exactly as
|
||||
.Pa /etc/hosts.equiv .
|
||||
This file may be useful to permit logins using
|
||||
.Nm
|
||||
but not using rsh/rlogin.
|
||||
.It Pa /etc/sshrc
|
||||
.It Pa /etc/ssh/sshrc
|
||||
Commands in this file are executed by
|
||||
.Nm
|
||||
when the user logs in just before the user's shell (or command) is started.
|
||||
|
|
|
|||
38
sshd.8
38
sshd.8
|
|
@ -9,7 +9,7 @@
|
|||
.\"
|
||||
.\" Created: Sat Apr 22 21:55:14 1995 ylo
|
||||
.\"
|
||||
.\" $Id: sshd.8,v 1.3 1999/10/28 23:15:50 damien Exp $
|
||||
.\" $Id: sshd.8,v 1.4 1999/10/28 23:17:36 damien Exp $
|
||||
.\"
|
||||
.Dd September 25, 1999
|
||||
.Dt SSHD 8
|
||||
|
|
@ -118,7 +118,7 @@ not fork and will only process one connection. This option is only
|
|||
intended for debugging for the server.
|
||||
.It Fl f Ar configuration_file
|
||||
Specifies the name of the configuration file. The default is
|
||||
.Pa /etc/sshd_config .
|
||||
.Pa /etc/ssh/sshd_config .
|
||||
.Nm
|
||||
refuses to start if there is no configuration file.
|
||||
.It Fl g Ar login_grace_time
|
||||
|
|
@ -128,7 +128,7 @@ this many seconds, the server disconnects and exits. A value of zero
|
|||
indicates no limit.
|
||||
.It Fl h Ar host_key_file
|
||||
Specifies the file from which the host key is read (default
|
||||
.Pa /etc/ssh_host_key ) .
|
||||
.Pa /etc/ssh/ssh_host_key ) .
|
||||
This option must be given if
|
||||
.Nm
|
||||
is not run as root (as the normal
|
||||
|
|
@ -165,7 +165,7 @@ Do not print an error message if RSA support is missing.
|
|||
.Sh CONFIGURATION FILE
|
||||
.Nm
|
||||
reads configuration data from
|
||||
.Pa /etc/sshd_config
|
||||
.Pa /etc/ssh/sshd_config
|
||||
(or the file specified with
|
||||
.Fl f
|
||||
on the command line). The file
|
||||
|
|
@ -242,7 +242,7 @@ The default is
|
|||
.Dq no .
|
||||
.It Cm HostKey
|
||||
Specifies the file containing the private host key (default
|
||||
.Pa /etc/ssh_host_key ) .
|
||||
.Pa /etc/ssh/ssh_host_key ) .
|
||||
Note that
|
||||
.Nm
|
||||
does not start if this file is group/world-accessible.
|
||||
|
|
@ -251,7 +251,7 @@ Specifies that rhosts and shosts files will not be used in
|
|||
authentication.
|
||||
.Pa /etc/hosts.equiv
|
||||
and
|
||||
.Pa /etc/shosts.equiv
|
||||
.Pa /etc/ssh/shosts.equiv
|
||||
are still used. The default is
|
||||
.Dq no .
|
||||
.It Cm KeepAlive
|
||||
|
|
@ -455,7 +455,7 @@ Changes to user's home directory.
|
|||
If
|
||||
.Pa $HOME/.ssh/rc
|
||||
exists, runs it; else if
|
||||
.Pa /etc/sshrc
|
||||
.Pa /etc/ssh/sshrc
|
||||
exists, runs
|
||||
it; otherwise runs xauth. The
|
||||
.Dq rc
|
||||
|
|
@ -541,7 +541,7 @@ from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula
|
|||
command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi
|
||||
.Sh SSH_KNOWN_HOSTS FILE FORMAT
|
||||
The
|
||||
.Pa /etc/ssh_known_hosts
|
||||
.Pa /etc/ssh/ssh_known_hosts
|
||||
and
|
||||
.Pa $HOME/.ssh/known_hosts
|
||||
files contain host public keys for all known hosts. The global file should
|
||||
|
|
@ -564,7 +564,7 @@ pattern on the line.
|
|||
.Pp
|
||||
Bits, exponent, and modulus are taken directly from the host key; they
|
||||
can be obtained, e.g., from
|
||||
.Pa /etc/ssh_host_key.pub .
|
||||
.Pa /etc/ssh/ssh_host_key.pub .
|
||||
The optional comment field continues to the end of the line, and is not used.
|
||||
.Pp
|
||||
Lines starting with
|
||||
|
|
@ -583,25 +583,25 @@ Note that the lines in these files are typically hundreds of characters
|
|||
long, and you definitely don't want to type in the host keys by hand.
|
||||
Rather, generate them by a script
|
||||
or by taking
|
||||
.Pa /etc/ssh_host_key.pub
|
||||
.Pa /etc/ssh/ssh_host_key.pub
|
||||
and adding the host names at the front.
|
||||
.Ss Examples
|
||||
closenet,closenet.hut.fi,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi
|
||||
.Sh FILES
|
||||
.Bl -tag -width Ds
|
||||
.It Pa /etc/sshd_config
|
||||
.It Pa /etc/ssh/sshd_config
|
||||
Contains configuration data for
|
||||
.Nm sshd .
|
||||
This file should be writable by root only, but it is recommended
|
||||
(though not necessary) that it be world-readable.
|
||||
.It Pa /etc/ssh_host_key
|
||||
.It Pa /etc/ssh/ssh_host_key
|
||||
Contains the private part of the host key.
|
||||
This file should only be owned by root, readable only by root, and not
|
||||
accessible to others.
|
||||
Note that
|
||||
.Nm
|
||||
does not start if this file is group/world-accessible.
|
||||
.It Pa /etc/ssh_host_key.pub
|
||||
.It Pa /etc/ssh/ssh_host_key.pub
|
||||
Contains the public part of the host key.
|
||||
This file should be world-readable but writable only by
|
||||
root. Its contents should match the private part. This file is not
|
||||
|
|
@ -622,17 +622,17 @@ This file must be readable by root (which may on some machines imply
|
|||
it being world-readable if the user's home directory resides on an NFS
|
||||
volume). It is recommended that it not be accessible by others. The
|
||||
format of this file is described above.
|
||||
.It Pa /etc/ssh_known_hosts
|
||||
.It Pa /etc/ssh/ssh_known_hosts
|
||||
This file is consulted when using rhosts with RSA host
|
||||
authentication to check the public key of the host. The key must be
|
||||
listed in this file to be accepted.
|
||||
.It Pa $HOME/.ssh/known_hosts
|
||||
The client uses this file
|
||||
and
|
||||
.Pa /etc/ssh_known_hosts
|
||||
.Pa /etc/ssh/ssh_known_hosts
|
||||
to verify that the remote host is the one we intended to
|
||||
connect. These files should be writable only by root/the owner.
|
||||
.Pa /etc/ssh_known_hosts
|
||||
.Pa /etc/ssh/ssh_known_hosts
|
||||
should be world-readable, and
|
||||
.Pa $HOME/.ssh/known_hosts
|
||||
can but need not be world-readable.
|
||||
|
|
@ -694,7 +694,7 @@ user root access. The only valid use for user names that I can think
|
|||
of is in negative entries.
|
||||
.Pp
|
||||
Note that this warning also applies to rsh/rlogin.
|
||||
.It Pa /etc/shosts.equiv
|
||||
.It Pa /etc/ssh/shosts.equiv
|
||||
This is processed exactly as
|
||||
.Pa /etc/hosts.equiv .
|
||||
However, this file may be useful in environments that want to run both
|
||||
|
|
@ -724,13 +724,13 @@ something similar to: "if read proto cookie; then echo add $DISPLAY
|
|||
$proto $cookie | xauth -q -; fi".
|
||||
.Pp
|
||||
If this file does not exist,
|
||||
.Pa /etc/sshrc
|
||||
.Pa /etc/ssh/sshrc
|
||||
is run, and if that
|
||||
does not exist either, xauth is used to store the cookie.
|
||||
.Pp
|
||||
This file should be writable only by the user, and need not be
|
||||
readable by anyone else.
|
||||
.It Pa /etc/sshrc
|
||||
.It Pa /etc/ssh/sshrc
|
||||
Like
|
||||
.Pa $HOME/.ssh/rc .
|
||||
This can be used to specify
|
||||
|
|
|
|||
Loading…
Reference in New Issue