1.\" 2.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 3.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4.\" All rights reserved 5.\" 6.\" As far as I am concerned, the code I have written for this software 7.\" can be used freely for any purpose. Any derived versions of this 8.\" software must be clearly marked as such, and if the derived work is 9.\" incompatible with the protocol description in the RFC file, it must be 10.\" called by a name other than "ssh" or "Secure Shell". 11.\" 12.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. 13.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. 14.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. 15.\" 16.\" Redistribution and use in source and binary forms, with or without 17.\" modification, are permitted provided that the following conditions 18.\" are met: 19.\" 1. Redistributions of source code must retain the above copyright 20.\" notice, this list of conditions and the following disclaimer. 21.\" 2. Redistributions in binary form must reproduce the above copyright 22.\" notice, this list of conditions and the following disclaimer in the 23.\" documentation and/or other materials provided with the distribution. 24.\" 25.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 26.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 27.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 28.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 29.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 30.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 31.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 32.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" 36.\" $OpenBSD: ssh_config.5,v 1.146 2010/12/08 04:02:47 djm Exp $ 37.Dd $Mdocdate: December 8 2010 $ 38.Dt SSH_CONFIG 5 39.Os 40.Sh NAME 41.Nm ssh_config 42.Nd OpenSSH SSH client configuration files 43.Sh SYNOPSIS 44.Nm ~/.ssh/config 45.Nm /etc/ssh/ssh_config 46.Sh DESCRIPTION 47.Xr ssh 1 48obtains configuration data from the following sources in 49the following order: 50.Pp 51.Bl -enum -offset indent -compact 52.It 53command-line options 54.It 55user's configuration file 56.Pq Pa ~/.ssh/config 57.It 58system-wide configuration file 59.Pq Pa /etc/ssh/ssh_config 60.El 61.Pp 62For each parameter, the first obtained value 63will be used. 64The configuration files contain sections separated by 65.Dq Host 66specifications, and that section is only applied for hosts that 67match one of the patterns given in the specification. 68The matched host name is the one given on the command line. 69.Pp 70Since the first obtained value for each parameter is used, more 71host-specific declarations should be given near the beginning of the 72file, and general defaults at the end. 73.Pp 74The configuration file has the following format: 75.Pp 76Empty lines and lines starting with 77.Ql # 78are comments. 79Otherwise a line is of the format 80.Dq keyword arguments . 81Configuration options may be separated by whitespace or 82optional whitespace and exactly one 83.Ql = ; 84the latter format is useful to avoid the need to quote whitespace 85when specifying configuration options using the 86.Nm ssh , 87.Nm scp , 88and 89.Nm sftp 90.Fl o 91option. 92Arguments may optionally be enclosed in double quotes 93.Pq \&" 94in order to represent arguments containing spaces. 95.Pp 96The possible 97keywords and their meanings are as follows (note that 98keywords are case-insensitive and arguments are case-sensitive): 99.Bl -tag -width Ds 100.It Cm Host 101Restricts the following declarations (up to the next 102.Cm Host 103keyword) to be only for those hosts that match one of the patterns 104given after the keyword. 105If more than one pattern is provided, they should be separated by whitespace. 106A single 107.Ql * 108as a pattern can be used to provide global 109defaults for all hosts. 110The host is the 111.Ar hostname 112argument given on the command line (i.e. the name is not converted to 113a canonicalized host name before matching). 114.Pp 115See 116.Sx PATTERNS 117for more information on patterns. 118.It Cm AddressFamily 119Specifies which address family to use when connecting. 120Valid arguments are 121.Dq any , 122.Dq inet 123(use IPv4 only), or 124.Dq inet6 125(use IPv6 only). 126.It Cm BatchMode 127If set to 128.Dq yes , 129passphrase/password querying will be disabled. 130This option is useful in scripts and other batch jobs where no user 131is present to supply the password. 132The argument must be 133.Dq yes 134or 135.Dq no . 136The default is 137.Dq no . 138.It Cm BindAddress 139Use the specified address on the local machine as the source address of 140the connection. 141Only useful on systems with more than one address. 142Note that this option does not work if 143.Cm UsePrivilegedPort 144is set to 145.Dq yes . 146.It Cm ChallengeResponseAuthentication 147Specifies whether to use challenge-response authentication. 148The argument to this keyword must be 149.Dq yes 150or 151.Dq no . 152The default is 153.Dq yes . 154.It Cm CheckHostIP 155If this flag is set to 156.Dq yes , 157.Xr ssh 1 158will additionally check the host IP address in the 159.Pa known_hosts 160file. 161This allows ssh to detect if a host key changed due to DNS spoofing. 162If the option is set to 163.Dq no , 164the check will not be executed. 165The default is 166.Dq no . 167.It Cm Cipher 168Specifies the cipher to use for encrypting the session 169in protocol version 1. 170Currently, 171.Dq blowfish , 172.Dq 3des , 173and 174.Dq des 175are supported. 176.Ar des 177is only supported in the 178.Xr ssh 1 179client for interoperability with legacy protocol 1 implementations 180that do not support the 181.Ar 3des 182cipher. 183Its use is strongly discouraged due to cryptographic weaknesses. 184The default is 185.Dq 3des . 186.It Cm Ciphers 187Specifies the ciphers allowed for protocol version 2 188in order of preference. 189Multiple ciphers must be comma-separated. 190The supported ciphers are 191.Dq 3des-cbc , 192.Dq aes128-cbc , 193.Dq aes192-cbc , 194.Dq aes256-cbc , 195.Dq aes128-ctr , 196.Dq aes192-ctr , 197.Dq aes256-ctr , 198.Dq arcfour128 , 199.Dq arcfour256 , 200.Dq arcfour , 201.Dq blowfish-cbc , 202and 203.Dq cast128-cbc . 204The default is: 205.Bd -literal -offset 3n 206aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, 207aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, 208aes256-cbc,arcfour 209.Ed 210.It Cm ClearAllForwardings 211Specifies that all local, remote, and dynamic port forwardings 212specified in the configuration files or on the command line be 213cleared. 214This option is primarily useful when used from the 215.Xr ssh 1 216command line to clear port forwardings set in 217configuration files, and is automatically set by 218.Xr scp 1 219and 220.Xr sftp 1 . 221The argument must be 222.Dq yes 223or 224.Dq no . 225The default is 226.Dq no . 227.It Cm Compression 228Specifies whether to use compression. 229The argument must be 230.Dq yes 231or 232.Dq no . 233The default is 234.Dq no . 235.It Cm CompressionLevel 236Specifies the compression level to use if compression is enabled. 237The argument must be an integer from 1 (fast) to 9 (slow, best). 238The default level is 6, which is good for most applications. 239The meaning of the values is the same as in 240.Xr gzip 1 . 241Note that this option applies to protocol version 1 only. 242.It Cm ConnectionAttempts 243Specifies the number of tries (one per second) to make before exiting. 244The argument must be an integer. 245This may be useful in scripts if the connection sometimes fails. 246The default is 1. 247.It Cm ConnectTimeout 248Specifies the timeout (in seconds) used when connecting to the 249SSH server, instead of using the default system TCP timeout. 250This value is used only when the target is down or really unreachable, 251not when it refuses the connection. 252.It Cm ControlMaster 253Enables the sharing of multiple sessions over a single network connection. 254When set to 255.Dq yes , 256.Xr ssh 1 257will listen for connections on a control socket specified using the 258.Cm ControlPath 259argument. 260Additional sessions can connect to this socket using the same 261.Cm ControlPath 262with 263.Cm ControlMaster 264set to 265.Dq no 266(the default). 267These sessions will try to reuse the master instance's network connection 268rather than initiating new ones, but will fall back to connecting normally 269if the control socket does not exist, or is not listening. 270.Pp 271Setting this to 272.Dq ask 273will cause ssh 274to listen for control connections, but require confirmation using the 275.Ev SSH_ASKPASS 276program before they are accepted (see 277.Xr ssh-add 1 278for details). 279If the 280.Cm ControlPath 281cannot be opened, 282ssh will continue without connecting to a master instance. 283.Pp 284X11 and 285.Xr ssh-agent 1 286forwarding is supported over these multiplexed connections, however the 287display and agent forwarded will be the one belonging to the master 288connection i.e. it is not possible to forward multiple displays or agents. 289.Pp 290Two additional options allow for opportunistic multiplexing: try to use a 291master connection but fall back to creating a new one if one does not already 292exist. 293These options are: 294.Dq auto 295and 296.Dq autoask . 297The latter requires confirmation like the 298.Dq ask 299option. 300.It Cm ControlPath 301Specify the path to the control socket used for connection sharing as described 302in the 303.Cm ControlMaster 304section above or the string 305.Dq none 306to disable connection sharing. 307In the path, 308.Ql %l 309will be substituted by the local host name, 310.Ql %h 311will be substituted by the target host name, 312.Ql %p 313the port, and 314.Ql %r 315by the remote login username. 316It is recommended that any 317.Cm ControlPath 318used for opportunistic connection sharing include 319at least %h, %p, and %r. 320This ensures that shared connections are uniquely identified. 321.It Cm ControlPersist 322When used in conjunction with 323.Cm ControlMaster , 324specifies that the master connection should remain open 325in the background (waiting for future client connections) 326after the initial client connection has been closed. 327If set to 328.Dq no , 329then the master connection will not be placed into the background, 330and will close as soon as the initial client connection is closed. 331If set to 332.Dq yes , 333then the master connection will remain in the background indefinitely 334(until killed or closed via a mechanism such as the 335.Xr ssh 1 336.Dq Fl O No exit 337option). 338If set to a time in seconds, or a time in any of the formats documented in 339.Xr sshd_config 5 , 340then the backgrounded master connection will automatically terminate 341after it has remained idle (with no client connections) for the 342specified time. 343.It Cm DynamicForward 344Specifies that a TCP port on the local machine be forwarded 345over the secure channel, and the application 346protocol is then used to determine where to connect to from the 347remote machine. 348.Pp 349The argument must be 350.Sm off 351.Oo Ar bind_address : Oc Ar port . 352.Sm on 353IPv6 addresses can be specified by enclosing addresses in square brackets. 354By default, the local port is bound in accordance with the 355.Cm GatewayPorts 356setting. 357However, an explicit 358.Ar bind_address 359may be used to bind the connection to a specific address. 360The 361.Ar bind_address 362of 363.Dq localhost 364indicates that the listening port be bound for local use only, while an 365empty address or 366.Sq * 367indicates that the port should be available from all interfaces. 368.Pp 369Currently the SOCKS4 and SOCKS5 protocols are supported, and 370.Xr ssh 1 371will act as a SOCKS server. 372Multiple forwardings may be specified, and 373additional forwardings can be given on the command line. 374Only the superuser can forward privileged ports. 375.It Cm EnableSSHKeysign 376Setting this option to 377.Dq yes 378in the global client configuration file 379.Pa /etc/ssh/ssh_config 380enables the use of the helper program 381.Xr ssh-keysign 8 382during 383.Cm HostbasedAuthentication . 384The argument must be 385.Dq yes 386or 387.Dq no . 388The default is 389.Dq no . 390This option should be placed in the non-hostspecific section. 391See 392.Xr ssh-keysign 8 393for more information. 394.It Cm EscapeChar 395Sets the escape character (default: 396.Ql ~ ) . 397The escape character can also 398be set on the command line. 399The argument should be a single character, 400.Ql ^ 401followed by a letter, or 402.Dq none 403to disable the escape 404character entirely (making the connection transparent for binary 405data). 406.It Cm ExitOnForwardFailure 407Specifies whether 408.Xr ssh 1 409should terminate the connection if it cannot set up all requested 410dynamic, tunnel, local, and remote port forwardings. 411The argument must be 412.Dq yes 413or 414.Dq no . 415The default is 416.Dq no . 417.It Cm ForwardAgent 418Specifies whether the connection to the authentication agent (if any) 419will be forwarded to the remote machine. 420The argument must be 421.Dq yes 422or 423.Dq no . 424The default is 425.Dq no . 426.Pp 427Agent forwarding should be enabled with caution. 428Users with the ability to bypass file permissions on the remote host 429(for the agent's Unix-domain socket) 430can access the local agent through the forwarded connection. 431An attacker cannot obtain key material from the agent, 432however they can perform operations on the keys that enable them to 433authenticate using the identities loaded into the agent. 434.It Cm ForwardX11 435Specifies whether X11 connections will be automatically redirected 436over the secure channel and 437.Ev DISPLAY 438set. 439The argument must be 440.Dq yes 441or 442.Dq no . 443The default is 444.Dq no . 445.Pp 446X11 forwarding should be enabled with caution. 447Users with the ability to bypass file permissions on the remote host 448(for the user's X11 authorization database) 449can access the local X11 display through the forwarded connection. 450An attacker may then be able to perform activities such as keystroke monitoring 451if the 452.Cm ForwardX11Trusted 453option is also enabled. 454.It Cm ForwardX11Timeout 455Specify a timeout for untrusted X11 forwarding 456using the format described in the 457.Sx TIME FORMATS 458section of 459.Xr sshd_config 5 . 460X11 connections received by 461.Xr ssh 1 462after this time will be refused. 463The default is to disable untrusted X11 forwarding after twenty minutes has 464elapsed. 465.It Cm ForwardX11Trusted 466If this option is set to 467.Dq yes , 468remote X11 clients will have full access to the original X11 display. 469.Pp 470If this option is set to 471.Dq no , 472remote X11 clients will be considered untrusted and prevented 473from stealing or tampering with data belonging to trusted X11 474clients. 475Furthermore, the 476.Xr xauth 1 477token used for the session will be set to expire after 20 minutes. 478Remote clients will be refused access after this time. 479.Pp 480The default is 481.Dq no . 482.Pp 483See the X11 SECURITY extension specification for full details on 484the restrictions imposed on untrusted clients. 485.It Cm GatewayPorts 486Specifies whether remote hosts are allowed to connect to local 487forwarded ports. 488By default, 489.Xr ssh 1 490binds local port forwardings to the loopback address. 491This prevents other remote hosts from connecting to forwarded ports. 492.Cm GatewayPorts 493can be used to specify that ssh 494should bind local port forwardings to the wildcard address, 495thus allowing remote hosts to connect to forwarded ports. 496The argument must be 497.Dq yes 498or 499.Dq no . 500The default is 501.Dq no . 502.It Cm GlobalKnownHostsFile 503Specifies a file to use for the global 504host key database instead of 505.Pa /etc/ssh/ssh_known_hosts . 506.It Cm GSSAPIAuthentication 507Specifies whether user authentication based on GSSAPI is allowed. 508The default is 509.Dq no . 510Note that this option applies to protocol version 2 only. 511.It Cm GSSAPIDelegateCredentials 512Forward (delegate) credentials to the server. 513The default is 514.Dq no . 515Note that this option applies to protocol version 2 only. 516.It Cm HashKnownHosts 517Indicates that 518.Xr ssh 1 519should hash host names and addresses when they are added to 520.Pa ~/.ssh/known_hosts . 521These hashed names may be used normally by 522.Xr ssh 1 523and 524.Xr sshd 8 , 525but they do not reveal identifying information should the file's contents 526be disclosed. 527The default is 528.Dq no . 529Note that existing names and addresses in known hosts files 530will not be converted automatically, 531but may be manually hashed using 532.Xr ssh-keygen 1 . 533.It Cm HostbasedAuthentication 534Specifies whether to try rhosts based authentication with public key 535authentication. 536The argument must be 537.Dq yes 538or 539.Dq no . 540The default is 541.Dq no . 542This option applies to protocol version 2 only and 543is similar to 544.Cm RhostsRSAAuthentication . 545.It Cm HostKeyAlgorithms 546Specifies the protocol version 2 host key algorithms 547that the client wants to use in order of preference. 548The default for this option is: 549.Bd -literal -offset 3n 550ecdsa-sha2-nistp256-cert-v01@openssh.com, 551ecdsa-sha2-nistp384-cert-v01@openssh.com, 552ecdsa-sha2-nistp521-cert-v01@openssh.com, 553ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com, 554ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com, 555ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 556ssh-rsa,ssh-dss 557.Ed 558.Pp 559If hostkeys are known for the destination host then this default is modified 560to prefer their algorithms. 561.It Cm HostKeyAlias 562Specifies an alias that should be used instead of the 563real host name when looking up or saving the host key 564in the host key database files. 565This option is useful for tunneling SSH connections 566or for multiple servers running on a single host. 567.It Cm HostName 568Specifies the real host name to log into. 569This can be used to specify nicknames or abbreviations for hosts. 570If the hostname contains the character sequence 571.Ql %h , 572then this will be replaced with the host name specified on the commandline 573(this is useful for manipulating unqualified names). 574The default is the name given on the command line. 575Numeric IP addresses are also permitted (both on the command line and in 576.Cm HostName 577specifications). 578.It Cm IdentitiesOnly 579Specifies that 580.Xr ssh 1 581should only use the authentication identity files configured in the 582.Nm 583files, 584even if 585.Xr ssh-agent 1 586offers more identities. 587The argument to this keyword must be 588.Dq yes 589or 590.Dq no . 591This option is intended for situations where ssh-agent 592offers many different identities. 593The default is 594.Dq no . 595.It Cm IdentityFile 596Specifies a file from which the user's DSA, ECDSA or DSA authentication 597identity is read. 598The default is 599.Pa ~/.ssh/identity 600for protocol version 1, and 601.Pa ~/.ssh/id_dsa , 602.Pa ~/.ssh/id_ecdsa 603and 604.Pa ~/.ssh/id_rsa 605for protocol version 2. 606Additionally, any identities represented by the authentication agent 607will be used for authentication. 608.Xr ssh 1 609will try to load certificate information from the filename obtained by 610appending 611.Pa -cert.pub 612to the path of a specified 613.Cm IdentityFile . 614.Pp 615The file name may use the tilde 616syntax to refer to a user's home directory or one of the following 617escape characters: 618.Ql %d 619(local user's home directory), 620.Ql %u 621(local user name), 622.Ql %l 623(local host name), 624.Ql %h 625(remote host name) or 626.Ql %r 627(remote user name). 628.Pp 629It is possible to have 630multiple identity files specified in configuration files; all these 631identities will be tried in sequence. 632.It Cm IPQoS 633Specifies the IPv4 type-of-service or DSCP class for connections. 634Accepted values are 635.Dq af11 , 636.Dq af12 , 637.Dq af13 , 638.Dq af14 , 639.Dq af22 , 640.Dq af23 , 641.Dq af31 , 642.Dq af32 , 643.Dq af33 , 644.Dq af41 , 645.Dq af42 , 646.Dq af43 , 647.Dq cs0 , 648.Dq cs1 , 649.Dq cs2 , 650.Dq cs3 , 651.Dq cs4 , 652.Dq cs5 , 653.Dq cs6 , 654.Dq cs7 , 655.Dq ef , 656.Dq lowdelay , 657.Dq throughput , 658.Dq reliability , 659or a numeric value. 660This option may take one or two arguments, separated by whitespace. 661If one argument is specified, it is used as the packet class unconditionally. 662If two values are specified, the first is automatically selected for 663interactive sessions and the second for non-interactive sessions. 664The default is 665.Dq lowdelay 666for interactive sessions and 667.Dq throughput 668for non-interactive sessions. 669.It Cm KbdInteractiveAuthentication 670Specifies whether to use keyboard-interactive authentication. 671The argument to this keyword must be 672.Dq yes 673or 674.Dq no . 675The default is 676.Dq yes . 677.It Cm KbdInteractiveDevices 678Specifies the list of methods to use in keyboard-interactive authentication. 679Multiple method names must be comma-separated. 680The default is to use the server specified list. 681The methods available vary depending on what the server supports. 682For an OpenSSH server, 683it may be zero or more of: 684.Dq bsdauth , 685.Dq pam , 686and 687.Dq skey . 688.It Cm KexAlgorithms 689Specifies the available KEX (Key Exchange) algorithms. 690Multiple algorithms must be comma-separated. 691The default is: 692.Bd -literal -offset indent 693ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, 694diffie-hellman-group-exchange-sha256, 695diffie-hellman-group-exchange-sha1, 696diffie-hellman-group14-sha1, 697diffie-hellman-group1-sha1 698.Ed 699.It Cm LocalCommand 700Specifies a command to execute on the local machine after successfully 701connecting to the server. 702The command string extends to the end of the line, and is executed with 703the user's shell. 704The following escape character substitutions will be performed: 705.Ql %d 706(local user's home directory), 707.Ql %h 708(remote host name), 709.Ql %l 710(local host name), 711.Ql %n 712(host name as provided on the command line), 713.Ql %p 714(remote port), 715.Ql %r 716(remote user name) or 717.Ql %u 718(local user name). 719.Pp 720The command is run synchronously and does not have access to the 721session of the 722.Xr ssh 1 723that spawned it. 724It should not be used for interactive commands. 725.Pp 726This directive is ignored unless 727.Cm PermitLocalCommand 728has been enabled. 729.It Cm LocalForward 730Specifies that a TCP port on the local machine be forwarded over 731the secure channel to the specified host and port from the remote machine. 732The first argument must be 733.Sm off 734.Oo Ar bind_address : Oc Ar port 735.Sm on 736and the second argument must be 737.Ar host : Ns Ar hostport . 738IPv6 addresses can be specified by enclosing addresses in square brackets. 739Multiple forwardings may be specified, and additional forwardings can be 740given on the command line. 741Only the superuser can forward privileged ports. 742By default, the local port is bound in accordance with the 743.Cm GatewayPorts 744setting. 745However, an explicit 746.Ar bind_address 747may be used to bind the connection to a specific address. 748The 749.Ar bind_address 750of 751.Dq localhost 752indicates that the listening port be bound for local use only, while an 753empty address or 754.Sq * 755indicates that the port should be available from all interfaces. 756.It Cm LogLevel 757Gives the verbosity level that is used when logging messages from 758.Xr ssh 1 . 759The possible values are: 760QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. 761The default is INFO. 762DEBUG and DEBUG1 are equivalent. 763DEBUG2 and DEBUG3 each specify higher levels of verbose output. 764.It Cm MACs 765Specifies the MAC (message authentication code) algorithms 766in order of preference. 767The MAC algorithm is used in protocol version 2 768for data integrity protection. 769Multiple algorithms must be comma-separated. 770The default is: 771.Bd -literal -offset indent 772hmac-md5,hmac-sha1,umac-64@openssh.com, 773hmac-ripemd160,hmac-sha1-96,hmac-md5-96 774.Ed 775.It Cm NoHostAuthenticationForLocalhost 776This option can be used if the home directory is shared across machines. 777In this case localhost will refer to a different machine on each of 778the machines and the user will get many warnings about changed host keys. 779However, this option disables host authentication for localhost. 780The argument to this keyword must be 781.Dq yes 782or 783.Dq no . 784The default is to check the host key for localhost. 785.It Cm NumberOfPasswordPrompts 786Specifies the number of password prompts before giving up. 787The argument to this keyword must be an integer. 788The default is 3. 789.It Cm PasswordAuthentication 790Specifies whether to use password authentication. 791The argument to this keyword must be 792.Dq yes 793or 794.Dq no . 795The default is 796.Dq yes . 797.It Cm PermitLocalCommand 798Allow local command execution via the 799.Ic LocalCommand 800option or using the 801.Ic !\& Ns Ar command 802escape sequence in 803.Xr ssh 1 . 804The argument must be 805.Dq yes 806or 807.Dq no . 808The default is 809.Dq no . 810.It Cm PKCS11Provider 811Specifies which PKCS#11 provider to use. 812The argument to this keyword is the PKCS#11 shared library 813.Xr ssh 1 814should use to communicate with a PKCS#11 token providing the user's 815private RSA key. 816.It Cm Port 817Specifies the port number to connect on the remote host. 818The default is 22. 819.It Cm PreferredAuthentications 820Specifies the order in which the client should try protocol 2 821authentication methods. 822This allows a client to prefer one method (e.g.\& 823.Cm keyboard-interactive ) 824over another method (e.g.\& 825.Cm password ) . 826The default is: 827.Bd -literal -offset indent 828gssapi-with-mic,hostbased,publickey, 829keyboard-interactive,password 830.Ed 831.It Cm Protocol 832Specifies the protocol versions 833.Xr ssh 1 834should support in order of preference. 835The possible values are 836.Sq 1 837and 838.Sq 2 . 839Multiple versions must be comma-separated. 840When this option is set to 841.Dq 2,1 842.Nm ssh 843will try version 2 and fall back to version 1 844if version 2 is not available. 845The default is 846.Sq 2 . 847.It Cm ProxyCommand 848Specifies the command to use to connect to the server. 849The command 850string extends to the end of the line, and is executed with 851the user's shell. 852In the command string, any occurrence of 853.Ql %h 854will be substituted by the host name to 855connect, 856.Ql %p 857by the port, and 858.Ql %r 859by the remote user name. 860The command can be basically anything, 861and should read from its standard input and write to its standard output. 862It should eventually connect an 863.Xr sshd 8 864server running on some machine, or execute 865.Ic sshd -i 866somewhere. 867Host key management will be done using the 868HostName of the host being connected (defaulting to the name typed by 869the user). 870Setting the command to 871.Dq none 872disables this option entirely. 873Note that 874.Cm CheckHostIP 875is not available for connects with a proxy command. 876.Pp 877This directive is useful in conjunction with 878.Xr nc 1 879and its proxy support. 880For example, the following directive would connect via an HTTP proxy at 881192.0.2.0: 882.Bd -literal -offset 3n 883ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p 884.Ed 885.It Cm PubkeyAuthentication 886Specifies whether to try public key authentication. 887The argument to this keyword must be 888.Dq yes 889or 890.Dq no . 891The default is 892.Dq yes . 893This option applies to protocol version 2 only. 894.It Cm RekeyLimit 895Specifies the maximum amount of data that may be transmitted before the 896session key is renegotiated. 897The argument is the number of bytes, with an optional suffix of 898.Sq K , 899.Sq M , 900or 901.Sq G 902to indicate Kilobytes, Megabytes, or Gigabytes, respectively. 903The default is between 904.Sq 1G 905and 906.Sq 4G , 907depending on the cipher. 908This option applies to protocol version 2 only. 909.It Cm RemoteForward 910Specifies that a TCP port on the remote machine be forwarded over 911the secure channel to the specified host and port from the local machine. 912The first argument must be 913.Sm off 914.Oo Ar bind_address : Oc Ar port 915.Sm on 916and the second argument must be 917.Ar host : Ns Ar hostport . 918IPv6 addresses can be specified by enclosing addresses in square brackets. 919Multiple forwardings may be specified, and additional 920forwardings can be given on the command line. 921Privileged ports can be forwarded only when 922logging in as root on the remote machine. 923.Pp 924If the 925.Ar port 926argument is 927.Ql 0 , 928the listen port will be dynamically allocated on the server and reported 929to the client at run time. 930.Pp 931If the 932.Ar bind_address 933is not specified, the default is to only bind to loopback addresses. 934If the 935.Ar bind_address 936is 937.Ql * 938or an empty string, then the forwarding is requested to listen on all 939interfaces. 940Specifying a remote 941.Ar bind_address 942will only succeed if the server's 943.Cm GatewayPorts 944option is enabled (see 945.Xr sshd_config 5 ) . 946.It Cm RhostsRSAAuthentication 947Specifies whether to try rhosts based authentication with RSA host 948authentication. 949The argument must be 950.Dq yes 951or 952.Dq no . 953The default is 954.Dq no . 955This option applies to protocol version 1 only and requires 956.Xr ssh 1 957to be setuid root. 958.It Cm RSAAuthentication 959Specifies whether to try RSA authentication. 960The argument to this keyword must be 961.Dq yes 962or 963.Dq no . 964RSA authentication will only be 965attempted if the identity file exists, or an authentication agent is 966running. 967The default is 968.Dq yes . 969Note that this option applies to protocol version 1 only. 970.It Cm SendEnv 971Specifies what variables from the local 972.Xr environ 7 973should be sent to the server. 974Note that environment passing is only supported for protocol 2. 975The server must also support it, and the server must be configured to 976accept these environment variables. 977Refer to 978.Cm AcceptEnv 979in 980.Xr sshd_config 5 981for how to configure the server. 982Variables are specified by name, which may contain wildcard characters. 983Multiple environment variables may be separated by whitespace or spread 984across multiple 985.Cm SendEnv 986directives. 987The default is not to send any environment variables. 988.Pp 989See 990.Sx PATTERNS 991for more information on patterns. 992.It Cm ServerAliveCountMax 993Sets the number of server alive messages (see below) which may be 994sent without 995.Xr ssh 1 996receiving any messages back from the server. 997If this threshold is reached while server alive messages are being sent, 998ssh will disconnect from the server, terminating the session. 999It is important to note that the use of server alive messages is very 1000different from 1001.Cm TCPKeepAlive 1002(below). 1003The server alive messages are sent through the encrypted channel 1004and therefore will not be spoofable. 1005The TCP keepalive option enabled by 1006.Cm TCPKeepAlive 1007is spoofable. 1008The server alive mechanism is valuable when the client or 1009server depend on knowing when a connection has become inactive. 1010.Pp 1011The default value is 3. 1012If, for example, 1013.Cm ServerAliveInterval 1014(see below) is set to 15 and 1015.Cm ServerAliveCountMax 1016is left at the default, if the server becomes unresponsive, 1017ssh will disconnect after approximately 45 seconds. 1018This option applies to protocol version 2 only. 1019.It Cm ServerAliveInterval 1020Sets a timeout interval in seconds after which if no data has been received 1021from the server, 1022.Xr ssh 1 1023will send a message through the encrypted 1024channel to request a response from the server. 1025The default 1026is 0, indicating that these messages will not be sent to the server. 1027This option applies to protocol version 2 only. 1028.It Cm StrictHostKeyChecking 1029If this flag is set to 1030.Dq yes , 1031.Xr ssh 1 1032will never automatically add host keys to the 1033.Pa ~/.ssh/known_hosts 1034file, and refuses to connect to hosts whose host key has changed. 1035This provides maximum protection against trojan horse attacks, 1036though it can be annoying when the 1037.Pa /etc/ssh/ssh_known_hosts 1038file is poorly maintained or when connections to new hosts are 1039frequently made. 1040This option forces the user to manually 1041add all new hosts. 1042If this flag is set to 1043.Dq no , 1044ssh will automatically add new host keys to the 1045user known hosts files. 1046If this flag is set to 1047.Dq ask , 1048new host keys 1049will be added to the user known host files only after the user 1050has confirmed that is what they really want to do, and 1051ssh will refuse to connect to hosts whose host key has changed. 1052The host keys of 1053known hosts will be verified automatically in all cases. 1054The argument must be 1055.Dq yes , 1056.Dq no , 1057or 1058.Dq ask . 1059The default is 1060.Dq ask . 1061.It Cm TCPKeepAlive 1062Specifies whether the system should send TCP keepalive messages to the 1063other side. 1064If they are sent, death of the connection or crash of one 1065of the machines will be properly noticed. 1066However, this means that 1067connections will die if the route is down temporarily, and some people 1068find it annoying. 1069.Pp 1070The default is 1071.Dq yes 1072(to send TCP keepalive messages), and the client will notice 1073if the network goes down or the remote host dies. 1074This is important in scripts, and many users want it too. 1075.Pp 1076To disable TCP keepalive messages, the value should be set to 1077.Dq no . 1078.It Cm Tunnel 1079Request 1080.Xr tun 4 1081device forwarding between the client and the server. 1082The argument must be 1083.Dq yes , 1084.Dq point-to-point 1085(layer 3), 1086.Dq ethernet 1087(layer 2), 1088or 1089.Dq no . 1090Specifying 1091.Dq yes 1092requests the default tunnel mode, which is 1093.Dq point-to-point . 1094The default is 1095.Dq no . 1096.It Cm TunnelDevice 1097Specifies the 1098.Xr tun 4 1099devices to open on the client 1100.Pq Ar local_tun 1101and the server 1102.Pq Ar remote_tun . 1103.Pp 1104The argument must be 1105.Sm off 1106.Ar local_tun Op : Ar remote_tun . 1107.Sm on 1108The devices may be specified by numerical ID or the keyword 1109.Dq any , 1110which uses the next available tunnel device. 1111If 1112.Ar remote_tun 1113is not specified, it defaults to 1114.Dq any . 1115The default is 1116.Dq any:any . 1117.It Cm UsePrivilegedPort 1118Specifies whether to use a privileged port for outgoing connections. 1119The argument must be 1120.Dq yes 1121or 1122.Dq no . 1123The default is 1124.Dq no . 1125If set to 1126.Dq yes , 1127.Xr ssh 1 1128must be setuid root. 1129Note that this option must be set to 1130.Dq yes 1131for 1132.Cm RhostsRSAAuthentication 1133with older servers. 1134.It Cm User 1135Specifies the user to log in as. 1136This can be useful when a different user name is used on different machines. 1137This saves the trouble of 1138having to remember to give the user name on the command line. 1139.It Cm UserKnownHostsFile 1140Specifies a file to use for the user 1141host key database instead of 1142.Pa ~/.ssh/known_hosts . 1143.It Cm VerifyHostKeyDNS 1144Specifies whether to verify the remote key using DNS and SSHFP resource 1145records. 1146If this option is set to 1147.Dq yes , 1148the client will implicitly trust keys that match a secure fingerprint 1149from DNS. 1150Insecure fingerprints will be handled as if this option was set to 1151.Dq ask . 1152If this option is set to 1153.Dq ask , 1154information on fingerprint match will be displayed, but the user will still 1155need to confirm new host keys according to the 1156.Cm StrictHostKeyChecking 1157option. 1158The argument must be 1159.Dq yes , 1160.Dq no , 1161or 1162.Dq ask . 1163The default is 1164.Dq no . 1165Note that this option applies to protocol version 2 only. 1166.Pp 1167See also 1168.Sx VERIFYING HOST KEYS 1169in 1170.Xr ssh 1 . 1171.It Cm VersionAddendum 1172Specifies a string to append to the regular version string to identify 1173OS- or site-specific modifications. 1174The default is 1175.Dq DragonFly-20110408 . 1176.It Cm VisualHostKey 1177If this flag is set to 1178.Dq yes , 1179an ASCII art representation of the remote host key fingerprint is 1180printed in addition to the hex fingerprint string at login and 1181for unknown host keys. 1182If this flag is set to 1183.Dq no , 1184no fingerprint strings are printed at login and 1185only the hex fingerprint string will be printed for unknown host keys. 1186The default is 1187.Dq no . 1188.It Cm XAuthLocation 1189Specifies the full pathname of the 1190.Xr xauth 1 1191program. 1192The default is 1193.Pa /usr/X11R6/bin/xauth . 1194.El 1195.Sh PATTERNS 1196A 1197.Em pattern 1198consists of zero or more non-whitespace characters, 1199.Sq * 1200(a wildcard that matches zero or more characters), 1201or 1202.Sq ?\& 1203(a wildcard that matches exactly one character). 1204For example, to specify a set of declarations for any host in the 1205.Dq .co.uk 1206set of domains, 1207the following pattern could be used: 1208.Pp 1209.Dl Host *.co.uk 1210.Pp 1211The following pattern 1212would match any host in the 192.168.0.[0-9] network range: 1213.Pp 1214.Dl Host 192.168.0.? 1215.Pp 1216A 1217.Em pattern-list 1218is a comma-separated list of patterns. 1219Patterns within pattern-lists may be negated 1220by preceding them with an exclamation mark 1221.Pq Sq !\& . 1222For example, 1223to allow a key to be used from anywhere within an organisation 1224except from the 1225.Dq dialup 1226pool, 1227the following entry (in authorized_keys) could be used: 1228.Pp 1229.Dl from=\&"!*.dialup.example.com,*.example.com\&" 1230.Sh FILES 1231.Bl -tag -width Ds 1232.It Pa ~/.ssh/config 1233This is the per-user configuration file. 1234The format of this file is described above. 1235This file is used by the SSH client. 1236Because of the potential for abuse, this file must have strict permissions: 1237read/write for the user, and not accessible by others. 1238.It Pa /etc/ssh/ssh_config 1239Systemwide configuration file. 1240This file provides defaults for those 1241values that are not specified in the user's configuration file, and 1242for those users who do not have a configuration file. 1243This file must be world-readable. 1244.El 1245.Sh SEE ALSO 1246.Xr ssh 1 1247.Sh AUTHORS 1248OpenSSH is a derivative of the original and free 1249ssh 1.2.12 release by Tatu Ylonen. 1250Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, 1251Theo de Raadt and Dug Song 1252removed many bugs, re-added newer features and 1253created OpenSSH. 1254Markus Friedl contributed the support for SSH 1255protocol versions 1.5 and 2.0. 1256