1SSHD(8) System Manager's Manual SSHD(8) 2 3NAME 4 sshd M-bM-^@M-^S OpenSSH daemon 5 6SYNOPSIS 7 sshd [-46DdeiqTt] [-C connection_spec] [-c host_certificate_file] 8 [-E log_file] [-f config_file] [-g login_grace_time] 9 [-h host_key_file] [-o option] [-p port] [-u len] 10 11DESCRIPTION 12 sshd (OpenSSH Daemon) is the daemon program for ssh(1). It provides 13 secure encrypted communications between two untrusted hosts over an 14 insecure network. 15 16 sshd listens for connections from clients. It is normally started at 17 boot from /etc/rc. It forks a new daemon for each incoming connection. 18 The forked daemons handle key exchange, encryption, authentication, 19 command execution, and data exchange. 20 21 sshd can be configured using command-line options or a configuration file 22 (by default sshd_config(5)); command-line options override values 23 specified in the configuration file. sshd rereads its configuration file 24 when it receives a hangup signal, SIGHUP, by executing itself with the 25 name and options it was started with, e.g. /usr/sbin/sshd. 26 27 The options are as follows: 28 29 -4 Forces sshd to use IPv4 addresses only. 30 31 -6 Forces sshd to use IPv6 addresses only. 32 33 -C connection_spec 34 Specify the connection parameters to use for the -T extended test 35 mode. If provided, any Match directives in the configuration 36 file that would apply are applied before the configuration is 37 written to standard output. The connection parameters are 38 supplied as keyword=value pairs and may be supplied in any order, 39 either with multiple -C options or as a comma-separated list. 40 The keywords are M-bM-^@M-^\addrM-bM-^@M-^], M-bM-^@M-^\userM-bM-^@M-^], M-bM-^@M-^\hostM-bM-^@M-^], M-bM-^@M-^\laddrM-bM-^@M-^], M-bM-^@M-^\lportM-bM-^@M-^], and 41 M-bM-^@M-^\rdomainM-bM-^@M-^] and correspond to source address, user, resolved source 42 host name, local address, local port number and routing domain 43 respectively. 44 45 -c host_certificate_file 46 Specifies a path to a certificate file to identify sshd during 47 key exchange. The certificate file must match a host key file 48 specified using the -h option or the HostKey configuration 49 directive. 50 51 -D When this option is specified, sshd will not detach and does not 52 become a daemon. This allows easy monitoring of sshd. 53 54 -d Debug mode. The server sends verbose debug output to standard 55 error, and does not put itself in the background. The server 56 also will not fork(2) and will only process one connection. This 57 option is only intended for debugging for the server. Multiple 58 -d options increase the debugging level. Maximum is 3. 59 60 -E log_file 61 Append debug logs to log_file instead of the system log. 62 63 -e Write debug logs to standard error instead of the system log. 64 65 -f config_file 66 Specifies the name of the configuration file. The default is 67 /etc/ssh/sshd_config. sshd refuses to start if there is no 68 configuration file. 69 70 -g login_grace_time 71 Gives the grace time for clients to authenticate themselves 72 (default 120 seconds). If the client fails to authenticate the 73 user within this many seconds, the server disconnects and exits. 74 A value of zero indicates no limit. 75 76 -h host_key_file 77 Specifies a file from which a host key is read. This option must 78 be given if sshd is not run as root (as the normal host key files 79 are normally not readable by anyone but root). The default is 80 /etc/ssh/ssh_host_ecdsa_key, /etc/ssh/ssh_host_ed25519_key and 81 /etc/ssh/ssh_host_rsa_key. It is possible to have multiple host 82 key files for the different host key algorithms. 83 84 -i Specifies that sshd is being run from inetd(8). 85 86 -o option 87 Can be used to give options in the format used in the 88 configuration file. This is useful for specifying options for 89 which there is no separate command-line flag. For full details 90 of the options, and their values, see sshd_config(5). 91 92 -p port 93 Specifies the port on which the server listens for connections 94 (default 22). Multiple port options are permitted. Ports 95 specified in the configuration file with the Port option are 96 ignored when a command-line port is specified. Ports specified 97 using the ListenAddress option override command-line ports. 98 99 -q Quiet mode. Nothing is sent to the system log. Normally the 100 beginning, authentication, and termination of each connection is 101 logged. 102 103 -T Extended test mode. Check the validity of the configuration 104 file, output the effective configuration to stdout and then exit. 105 Optionally, Match rules may be applied by specifying the 106 connection parameters using one or more -C options. 107 108 -t Test mode. Only check the validity of the configuration file and 109 sanity of the keys. This is useful for updating sshd reliably as 110 configuration options may change. 111 112 -u len This option is used to specify the size of the field in the utmp 113 structure that holds the remote host name. If the resolved host 114 name is longer than len, the dotted decimal value will be used 115 instead. This allows hosts with very long host names that 116 overflow this field to still be uniquely identified. Specifying 117 -u0 indicates that only dotted decimal addresses should be put 118 into the utmp file. -u0 may also be used to prevent sshd from 119 making DNS requests unless the authentication mechanism or 120 configuration requires it. Authentication mechanisms that may 121 require DNS include HostbasedAuthentication and using a 122 from="pattern-list" option in a key file. Configuration options 123 that require DNS include using a USER@HOST pattern in AllowUsers 124 or DenyUsers. 125 126AUTHENTICATION 127 The OpenSSH SSH daemon supports SSH protocol 2 only. Each host has a 128 host-specific key, used to identify the host. Whenever a client 129 connects, the daemon responds with its public host key. The client 130 compares the host key against its own database to verify that it has not 131 changed. Forward secrecy is provided through a Diffie-Hellman key 132 agreement. This key agreement results in a shared session key. The rest 133 of the session is encrypted using a symmetric cipher. The client selects 134 the encryption algorithm to use from those offered by the server. 135 Additionally, session integrity is provided through a cryptographic 136 message authentication code (MAC). 137 138 Finally, the server and the client enter an authentication dialog. The 139 client tries to authenticate itself using host-based authentication, 140 public key authentication, challenge-response authentication, or password 141 authentication. 142 143 Regardless of the authentication type, the account is checked to ensure 144 that it is accessible. An account is not accessible if it is locked, 145 listed in DenyUsers or its group is listed in DenyGroups . The 146 definition of a locked account is system dependent. Some platforms have 147 their own account database (eg AIX) and some modify the passwd field ( 148 M-bM-^@M-^X*LK*M-bM-^@M-^Y on Solaris and UnixWare, M-bM-^@M-^X*M-bM-^@M-^Y on HP-UX, containing M-bM-^@M-^XNologinM-bM-^@M-^Y on 149 Tru64, a leading M-bM-^@M-^X*LOCKED*M-bM-^@M-^Y on FreeBSD and a leading M-bM-^@M-^X!M-bM-^@M-^Y on most 150 Linuxes). If there is a requirement to disable password authentication 151 for the account while allowing still public-key, then the passwd field 152 should be set to something other than these values (eg M-bM-^@M-^XNPM-bM-^@M-^Y or M-bM-^@M-^X*NP*M-bM-^@M-^Y ). 153 154 If the client successfully authenticates itself, a dialog for preparing 155 the session is entered. At this time the client may request things like 156 allocating a pseudo-tty, forwarding X11 connections, forwarding TCP 157 connections, or forwarding the authentication agent connection over the 158 secure channel. 159 160 After this, the client either requests an interactive shell or execution 161 or a non-interactive command, which sshd will execute via the user's 162 shell using its -c option. The sides then enter session mode. In this 163 mode, either side may send data at any time, and such data is forwarded 164 to/from the shell or command on the server side, and the user terminal in 165 the client side. 166 167 When the user program terminates and all forwarded X11 and other 168 connections have been closed, the server sends command exit status to the 169 client, and both sides exit. 170 171LOGIN PROCESS 172 When a user successfully logs in, sshd does the following: 173 174 1. If the login is on a tty, and no command has been specified, 175 prints last login time and /etc/motd (unless prevented in the 176 configuration file or by ~/.hushlogin; see the FILES section). 177 178 2. If the login is on a tty, records login time. 179 180 3. Checks /etc/nologin; if it exists, prints contents and quits 181 (unless root). 182 183 4. Changes to run with normal user privileges. 184 185 5. Sets up basic environment. 186 187 6. Reads the file ~/.ssh/environment, if it exists, and users are 188 allowed to change their environment. See the 189 PermitUserEnvironment option in sshd_config(5). 190 191 7. Changes to user's home directory. 192 193 8. If ~/.ssh/rc exists and the sshd_config(5) PermitUserRC option 194 is set, runs it; else if /etc/ssh/sshrc exists, runs it; 195 otherwise runs xauth(1). The M-bM-^@M-^\rcM-bM-^@M-^] files are given the X11 196 authentication protocol and cookie in standard input. See 197 SSHRC, below. 198 199 9. Runs user's shell or command. All commands are run under the 200 user's login shell as specified in the system password 201 database. 202 203SSHRC 204 If the file ~/.ssh/rc exists, sh(1) runs it after reading the environment 205 files but before starting the user's shell or command. It must not 206 produce any output on stdout; stderr must be used instead. If X11 207 forwarding is in use, it will receive the "proto cookie" pair in its 208 standard input (and DISPLAY in its environment). The script must call 209 xauth(1) because sshd will not run xauth automatically to add X11 210 cookies. 211 212 The primary purpose of this file is to run any initialization routines 213 which may be needed before the user's home directory becomes accessible; 214 AFS is a particular example of such an environment. 215 216 This file will probably contain some initialization code followed by 217 something similar to: 218 219 if read proto cookie && [ -n "$DISPLAY" ]; then 220 if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then 221 # X11UseLocalhost=yes 222 echo add unix:`echo $DISPLAY | 223 cut -c11-` $proto $cookie 224 else 225 # X11UseLocalhost=no 226 echo add $DISPLAY $proto $cookie 227 fi | xauth -q - 228 fi 229 230 If this file does not exist, /etc/ssh/sshrc is run, and if that does not 231 exist either, xauth is used to add the cookie. 232 233AUTHORIZED_KEYS FILE FORMAT 234 AuthorizedKeysFile specifies the files containing public keys for public 235 key authentication; if this option is not specified, the default is 236 ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2. Each line of the 237 file contains one key (empty lines and lines starting with a M-bM-^@M-^X#M-bM-^@M-^Y are 238 ignored as comments). Public keys consist of the following space- 239 separated fields: options, keytype, base64-encoded key, comment. The 240 options field is optional. The supported key types are: 241 242 sk-ecdsa-sha2-nistp256@openssh.com 243 ecdsa-sha2-nistp256 244 ecdsa-sha2-nistp384 245 ecdsa-sha2-nistp521 246 sk-ssh-ed25519@openssh.com 247 ssh-ed25519 248 ssh-dss 249 ssh-rsa 250 251 The comment field is not used for anything (but may be convenient for the 252 user to identify the key). 253 254 Note that lines in this file can be several hundred bytes long (because 255 of the size of the public key encoding) up to a limit of 8 kilobytes, 256 which permits RSA keys up to 16 kilobits. You don't want to type them 257 in; instead, copy the id_dsa.pub, id_ecdsa.pub, id_ecdsa_sk.pub, 258 id_ed25519.pub, id_ed25519_sk.pub, or the id_rsa.pub file and edit it. 259 260 sshd enforces a minimum RSA key modulus size of 1024 bits. 261 262 The options (if present) consist of comma-separated option 263 specifications. No spaces are permitted, except within double quotes. 264 The following option specifications are supported (note that option 265 keywords are case-insensitive): 266 267 agent-forwarding 268 Enable authentication agent forwarding previously disabled by the 269 restrict option. 270 271 cert-authority 272 Specifies that the listed key is a certification authority (CA) 273 that is trusted to validate signed certificates for user 274 authentication. 275 276 Certificates may encode access restrictions similar to these key 277 options. If both certificate restrictions and key options are 278 present, the most restrictive union of the two is applied. 279 280 command="command" 281 Specifies that the command is executed whenever this key is used 282 for authentication. The command supplied by the user (if any) is 283 ignored. The command is run on a pty if the client requests a 284 pty; otherwise it is run without a tty. If an 8-bit clean 285 channel is required, one must not request a pty or should specify 286 no-pty. A quote may be included in the command by quoting it 287 with a backslash. 288 289 This option might be useful to restrict certain public keys to 290 perform just a specific operation. An example might be a key 291 that permits remote backups but nothing else. Note that the 292 client may specify TCP and/or X11 forwarding unless they are 293 explicitly prohibited, e.g. using the restrict key option. 294 295 The command originally supplied by the client is available in the 296 SSH_ORIGINAL_COMMAND environment variable. Note that this option 297 applies to shell, command or subsystem execution. Also note that 298 this command may be superseded by a sshd_config(5) ForceCommand 299 directive. 300 301 If a command is specified and a forced-command is embedded in a 302 certificate used for authentication, then the certificate will be 303 accepted only if the two commands are identical. 304 305 environment="NAME=value" 306 Specifies that the string is to be added to the environment when 307 logging in using this key. Environment variables set this way 308 override other default environment values. Multiple options of 309 this type are permitted. Environment processing is disabled by 310 default and is controlled via the PermitUserEnvironment option. 311 312 expiry-time="timespec" 313 Specifies a time after which the key will not be accepted. The 314 time may be specified as a YYYYMMDD date or a YYYYMMDDHHMM[SS] 315 time in the system time-zone. 316 317 from="pattern-list" 318 Specifies that in addition to public key authentication, either 319 the canonical name of the remote host or its IP address must be 320 present in the comma-separated list of patterns. See PATTERNS in 321 ssh_config(5) for more information on patterns. 322 323 In addition to the wildcard matching that may be applied to 324 hostnames or addresses, a from stanza may match IP addresses 325 using CIDR address/masklen notation. 326 327 The purpose of this option is to optionally increase security: 328 public key authentication by itself does not trust the network or 329 name servers or anything (but the key); however, if somebody 330 somehow steals the key, the key permits an intruder to log in 331 from anywhere in the world. This additional option makes using a 332 stolen key more difficult (name servers and/or routers would have 333 to be compromised in addition to just the key). 334 335 no-agent-forwarding 336 Forbids authentication agent forwarding when this key is used for 337 authentication. 338 339 no-port-forwarding 340 Forbids TCP forwarding when this key is used for authentication. 341 Any port forward requests by the client will return an error. 342 This might be used, e.g. in connection with the command option. 343 344 no-pty Prevents tty allocation (a request to allocate a pty will fail). 345 346 no-user-rc 347 Disables execution of ~/.ssh/rc. 348 349 no-X11-forwarding 350 Forbids X11 forwarding when this key is used for authentication. 351 Any X11 forward requests by the client will return an error. 352 353 permitlisten="[host:]port" 354 Limit remote port forwarding with the ssh(1) -R option such that 355 it may only listen on the specified host (optional) and port. 356 IPv6 addresses can be specified by enclosing the address in 357 square brackets. Multiple permitlisten options may be applied 358 separated by commas. Hostnames may include wildcards as 359 described in the PATTERNS section in ssh_config(5). A port 360 specification of * matches any port. Note that the setting of 361 GatewayPorts may further restrict listen addresses. Note that 362 ssh(1) will send a hostname of M-bM-^@M-^\localhostM-bM-^@M-^] if a listen host was 363 not specified when the forwarding was requested, and that this 364 name is treated differently to the explicit localhost addresses 365 M-bM-^@M-^\127.0.0.1M-bM-^@M-^] and M-bM-^@M-^\::1M-bM-^@M-^]. 366 367 permitopen="host:port" 368 Limit local port forwarding with the ssh(1) -L option such that 369 it may only connect to the specified host and port. IPv6 370 addresses can be specified by enclosing the address in square 371 brackets. Multiple permitopen options may be applied separated 372 by commas. No pattern matching or name lookup is performed on 373 the specified hostnames, they must be literal host names and/or 374 addresses. A port specification of * matches any port. 375 376 port-forwarding 377 Enable port forwarding previously disabled by the restrict 378 option. 379 380 principals="principals" 381 On a cert-authority line, specifies allowed principals for 382 certificate authentication as a comma-separated list. At least 383 one name from the list must appear in the certificate's list of 384 principals for the certificate to be accepted. This option is 385 ignored for keys that are not marked as trusted certificate 386 signers using the cert-authority option. 387 388 pty Permits tty allocation previously disabled by the restrict 389 option. 390 391 no-touch-required 392 Do not require demonstration of user presence for signatures made 393 using this key. This option only makes sense for the FIDO 394 authenticator algorithms ecdsa-sk and ed25519-sk. 395 396 verify-required 397 Require that signatures made using this key attest that they 398 verified the user, e.g. via a PIN. This option only makes sense 399 for the FIDO authenticator algorithms ecdsa-sk and ed25519-sk. 400 401 restrict 402 Enable all restrictions, i.e. disable port, agent and X11 403 forwarding, as well as disabling PTY allocation and execution of 404 ~/.ssh/rc. If any future restriction capabilities are added to 405 authorized_keys files they will be included in this set. 406 407 tunnel="n" 408 Force a tun(4) device on the server. Without this option, the 409 next available device will be used if the client requests a 410 tunnel. 411 412 user-rc 413 Enables execution of ~/.ssh/rc previously disabled by the 414 restrict option. 415 416 X11-forwarding 417 Permits X11 forwarding previously disabled by the restrict 418 option. 419 420 An example authorized_keys file: 421 422 # Comments are allowed at start of line. Blank lines are allowed. 423 # Plain key, no restrictions 424 ssh-rsa ... 425 # Forced command, disable PTY and all forwarding 426 restrict,command="dump /home" ssh-rsa ... 427 # Restriction of ssh -L forwarding destinations 428 permitopen="192.0.2.1:80",permitopen="192.0.2.2:25" ssh-rsa ... 429 # Restriction of ssh -R forwarding listeners 430 permitlisten="localhost:8080",permitlisten="[::1]:22000" ssh-rsa ... 431 # Configuration for tunnel forwarding 432 tunnel="0",command="sh /etc/netstart tun0" ssh-rsa ... 433 # Override of restriction to allow PTY allocation 434 restrict,pty,command="nethack" ssh-rsa ... 435 # Allow FIDO key without requiring touch 436 no-touch-required sk-ecdsa-sha2-nistp256@openssh.com ... 437 # Require user-verification (e.g. PIN or biometric) for FIDO key 438 verify-required sk-ecdsa-sha2-nistp256@openssh.com ... 439 # Trust CA key, allow touch-less FIDO if requested in certificate 440 cert-authority,no-touch-required,principals="user_a" ssh-rsa ... 441 442SSH_KNOWN_HOSTS FILE FORMAT 443 The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host 444 public keys for all known hosts. The global file should be prepared by 445 the administrator (optional), and the per-user file is maintained 446 automatically: whenever the user connects to an unknown host, its key is 447 added to the per-user file. 448 449 Each line in these files contains the following fields: marker 450 (optional), hostnames, keytype, base64-encoded key, comment. The fields 451 are separated by spaces. 452 453 The marker is optional, but if it is present then it must be one of 454 M-bM-^@M-^\@cert-authorityM-bM-^@M-^], to indicate that the line contains a certification 455 authority (CA) key, or M-bM-^@M-^\@revokedM-bM-^@M-^], to indicate that the key contained on 456 the line is revoked and must not ever be accepted. Only one marker 457 should be used on a key line. 458 459 Hostnames is a comma-separated list of patterns (M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^X?M-bM-^@M-^Y act as 460 wildcards); each pattern in turn is matched against the host name. When 461 sshd is authenticating a client, such as when using 462 HostbasedAuthentication, this will be the canonical client host name. 463 When ssh(1) is authenticating a server, this will be the host name given 464 by the user, the value of the ssh(1) HostkeyAlias if it was specified, or 465 the canonical server hostname if the ssh(1) CanonicalizeHostname option 466 was used. 467 468 A pattern may also be preceded by M-bM-^@M-^X!M-bM-^@M-^Y to indicate negation: if the host 469 name matches a negated pattern, it is not accepted (by that line) even if 470 it matched another pattern on the line. A hostname or address may 471 optionally be enclosed within M-bM-^@M-^X[M-bM-^@M-^Y and M-bM-^@M-^X]M-bM-^@M-^Y brackets then followed by M-bM-^@M-^X:M-bM-^@M-^Y 472 and a non-standard port number. 473 474 Alternately, hostnames may be stored in a hashed form which hides host 475 names and addresses should the file's contents be disclosed. Hashed 476 hostnames start with a M-bM-^@M-^X|M-bM-^@M-^Y character. Only one hashed hostname may 477 appear on a single line and none of the above negation or wildcard 478 operators may be applied. 479 480 The keytype and base64-encoded key are taken directly from the host key; 481 they can be obtained, for example, from /etc/ssh/ssh_host_rsa_key.pub. 482 The optional comment field continues to the end of the line, and is not 483 used. 484 485 Lines starting with M-bM-^@M-^X#M-bM-^@M-^Y and empty lines are ignored as comments. 486 487 When performing host authentication, authentication is accepted if any 488 matching line has the proper key; either one that matches exactly or, if 489 the server has presented a certificate for authentication, the key of the 490 certification authority that signed the certificate. For a key to be 491 trusted as a certification authority, it must use the M-bM-^@M-^\@cert-authorityM-bM-^@M-^] 492 marker described above. 493 494 The known hosts file also provides a facility to mark keys as revoked, 495 for example when it is known that the associated private key has been 496 stolen. Revoked keys are specified by including the M-bM-^@M-^\@revokedM-bM-^@M-^] marker at 497 the beginning of the key line, and are never accepted for authentication 498 or as certification authorities, but instead will produce a warning from 499 ssh(1) when they are encountered. 500 501 It is permissible (but not recommended) to have several lines or 502 different host keys for the same names. This will inevitably happen when 503 short forms of host names from different domains are put in the file. It 504 is possible that the files contain conflicting information; 505 authentication is accepted if valid information can be found from either 506 file. 507 508 Note that the lines in these files are typically hundreds of characters 509 long, and you definitely don't want to type in the host keys by hand. 510 Rather, generate them by a script, ssh-keyscan(1) or by taking, for 511 example, /etc/ssh/ssh_host_rsa_key.pub and adding the host names at the 512 front. ssh-keygen(1) also offers some basic automated editing for 513 ~/.ssh/known_hosts including removing hosts matching a host name and 514 converting all host names to their hashed representations. 515 516 An example ssh_known_hosts file: 517 518 # Comments allowed at start of line 519 closenet,...,192.0.2.53 1024 37 159...93 closenet.example.net 520 cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....= 521 # A hashed hostname 522 |1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa 523 AAAA1234.....= 524 # A revoked key 525 @revoked * ssh-rsa AAAAB5W... 526 # A CA key, accepted for any host in *.mydomain.com or *.mydomain.org 527 @cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W... 528 529FILES 530 ~/.hushlogin 531 This file is used to suppress printing the last login time and 532 /etc/motd, if PrintLastLog and PrintMotd, respectively, are 533 enabled. It does not suppress printing of the banner specified 534 by Banner. 535 536 ~/.rhosts 537 This file is used for host-based authentication (see ssh(1) for 538 more information). On some machines this file may need to be 539 world-readable if the user's home directory is on an NFS 540 partition, because sshd reads it as root. Additionally, this 541 file must be owned by the user, and must not have write 542 permissions for anyone else. The recommended permission for most 543 machines is read/write for the user, and not accessible by 544 others. 545 546 ~/.shosts 547 This file is used in exactly the same way as .rhosts, but allows 548 host-based authentication without permitting login with 549 rlogin/rsh. 550 551 ~/.ssh/ 552 This directory is the default location for all user-specific 553 configuration and authentication information. There is no 554 general requirement to keep the entire contents of this directory 555 secret, but the recommended permissions are read/write/execute 556 for the user, and not accessible by others. 557 558 ~/.ssh/authorized_keys 559 Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used 560 for logging in as this user. The format of this file is 561 described above. The content of the file is not highly 562 sensitive, but the recommended permissions are read/write for the 563 user, and not accessible by others. 564 565 If this file, the ~/.ssh directory, or the user's home directory 566 are writable by other users, then the file could be modified or 567 replaced by unauthorized users. In this case, sshd will not 568 allow it to be used unless the StrictModes option has been set to 569 M-bM-^@M-^\noM-bM-^@M-^]. 570 571 ~/.ssh/environment 572 This file is read into the environment at login (if it exists). 573 It can only contain empty lines, comment lines (that start with 574 M-bM-^@M-^X#M-bM-^@M-^Y), and assignment lines of the form name=value. The file 575 should be writable only by the user; it need not be readable by 576 anyone else. Environment processing is disabled by default and 577 is controlled via the PermitUserEnvironment option. 578 579 ~/.ssh/known_hosts 580 Contains a list of host keys for all hosts the user has logged 581 into that are not already in the systemwide list of known host 582 keys. The format of this file is described above. This file 583 should be writable only by root/the owner and can, but need not 584 be, world-readable. 585 586 ~/.ssh/rc 587 Contains initialization routines to be run before the user's home 588 directory becomes accessible. This file should be writable only 589 by the user, and need not be readable by anyone else. 590 591 /etc/hosts.equiv 592 This file is for host-based authentication (see ssh(1)). It 593 should only be writable by root. 594 595 /etc/moduli 596 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group 597 Exchange" key exchange method. The file format is described in 598 moduli(5). If no usable groups are found in this file then fixed 599 internal groups will be used. 600 601 /etc/motd 602 See motd(5). 603 604 /etc/nologin 605 If this file exists, sshd refuses to let anyone except root log 606 in. The contents of the file are displayed to anyone trying to 607 log in, and non-root connections are refused. The file should be 608 world-readable. 609 610 /etc/shosts.equiv 611 This file is used in exactly the same way as hosts.equiv, but 612 allows host-based authentication without permitting login with 613 rlogin/rsh. 614 615 /etc/ssh/ssh_host_ecdsa_key 616 /etc/ssh/ssh_host_ed25519_key 617 /etc/ssh/ssh_host_rsa_key 618 These files contain the private parts of the host keys. These 619 files should only be owned by root, readable only by root, and 620 not accessible to others. Note that sshd does not start if these 621 files are group/world-accessible. 622 623 /etc/ssh/ssh_host_ecdsa_key.pub 624 /etc/ssh/ssh_host_ed25519_key.pub 625 /etc/ssh/ssh_host_rsa_key.pub 626 These files contain the public parts of the host keys. These 627 files should be world-readable but writable only by root. Their 628 contents should match the respective private parts. These files 629 are not really used for anything; they are provided for the 630 convenience of the user so their contents can be copied to known 631 hosts files. These files are created using ssh-keygen(1). 632 633 /etc/ssh/ssh_known_hosts 634 Systemwide list of known host keys. This file should be prepared 635 by the system administrator to contain the public host keys of 636 all machines in the organization. The format of this file is 637 described above. This file should be writable only by root/the 638 owner and should be world-readable. 639 640 /etc/ssh/sshd_config 641 Contains configuration data for sshd. The file format and 642 configuration options are described in sshd_config(5). 643 644 /etc/ssh/sshrc 645 Similar to ~/.ssh/rc, it can be used to specify machine-specific 646 login-time initializations globally. This file should be 647 writable only by root, and should be world-readable. 648 649 /var/empty 650 chroot(2) directory used by sshd during privilege separation in 651 the pre-authentication phase. The directory should not contain 652 any files and must be owned by root and not group or world- 653 writable. 654 655 /var/run/sshd.pid 656 Contains the process ID of the sshd listening for connections (if 657 there are several daemons running concurrently for different 658 ports, this contains the process ID of the one started last). 659 The content of this file is not sensitive; it can be world- 660 readable. 661 662SEE ALSO 663 scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), 664 ssh-keyscan(1), chroot(2), login.conf(5), moduli(5), sshd_config(5), 665 inetd(8), sftp-server(8) 666 667AUTHORS 668 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 669 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 670 de Raadt and Dug Song removed many bugs, re-added newer features and 671 created OpenSSH. Markus Friedl contributed the support for SSH protocol 672 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 673 for privilege separation. 674 675OpenBSD 6.9 September 10, 2021 OpenBSD 6.9 676