1.\" 2.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 3.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4.\" All rights reserved 5.\" 6.\" As far as I am concerned, the code I have written for this software 7.\" can be used freely for any purpose. Any derived versions of this 8.\" software must be clearly marked as such, and if the derived work is 9.\" incompatible with the protocol description in the RFC file, it must be 10.\" called by a name other than "ssh" or "Secure Shell". 11.\" 12.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. 13.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. 14.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. 15.\" 16.\" Redistribution and use in source and binary forms, with or without 17.\" modification, are permitted provided that the following conditions 18.\" are met: 19.\" 1. Redistributions of source code must retain the above copyright 20.\" notice, this list of conditions and the following disclaimer. 21.\" 2. Redistributions in binary form must reproduce the above copyright 22.\" notice, this list of conditions and the following disclaimer in the 23.\" documentation and/or other materials provided with the distribution. 24.\" 25.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 26.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 27.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 28.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 29.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 30.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 31.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 32.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" 36.\" $OpenBSD: ssh_config.5,v 1.236 2016/07/22 07:00:46 djm Exp $ 37.Dd $Mdocdate: July 22 2016 $ 38.Dt SSH_CONFIG 5 39.Os 40.Sh NAME 41.Nm ssh_config 42.Nd OpenSSH SSH client configuration files 43.Sh SYNOPSIS 44.Nm ~/.ssh/config 45.Nm /etc/ssh/ssh_config 46.Sh DESCRIPTION 47.Xr ssh 1 48obtains configuration data from the following sources in 49the following order: 50.Pp 51.Bl -enum -offset indent -compact 52.It 53command-line options 54.It 55user's configuration file 56.Pq Pa ~/.ssh/config 57.It 58system-wide configuration file 59.Pq Pa /etc/ssh/ssh_config 60.El 61.Pp 62For each parameter, the first obtained value 63will be used. 64The configuration files contain sections separated by 65.Dq Host 66specifications, and that section is only applied for hosts that 67match one of the patterns given in the specification. 68The matched host name is usually the one given on the command line 69(see the 70.Cm CanonicalizeHostname 71option for exceptions.) 72.Pp 73Since the first obtained value for each parameter is used, more 74host-specific declarations should be given near the beginning of the 75file, and general defaults at the end. 76.Pp 77The configuration file has the following format: 78.Pp 79Empty lines and lines starting with 80.Ql # 81are comments. 82Otherwise a line is of the format 83.Dq keyword arguments . 84Configuration options may be separated by whitespace or 85optional whitespace and exactly one 86.Ql = ; 87the latter format is useful to avoid the need to quote whitespace 88when specifying configuration options using the 89.Nm ssh , 90.Nm scp , 91and 92.Nm sftp 93.Fl o 94option. 95Arguments may optionally be enclosed in double quotes 96.Pq \&" 97in order to represent arguments containing spaces. 98.Pp 99The possible 100keywords and their meanings are as follows (note that 101keywords are case-insensitive and arguments are case-sensitive): 102.Bl -tag -width Ds 103.It Cm Host 104Restricts the following declarations (up to the next 105.Cm Host 106or 107.Cm Match 108keyword) to be only for those hosts that match one of the patterns 109given after the keyword. 110If more than one pattern is provided, they should be separated by whitespace. 111A single 112.Ql * 113as a pattern can be used to provide global 114defaults for all hosts. 115The host is usually the 116.Ar hostname 117argument given on the command line 118(see the 119.Cm CanonicalizeHostname 120option for exceptions.) 121.Pp 122A pattern entry may be negated by prefixing it with an exclamation mark 123.Pq Sq !\& . 124If a negated entry is matched, then the 125.Cm Host 126entry is ignored, regardless of whether any other patterns on the line 127match. 128Negated matches are therefore useful to provide exceptions for wildcard 129matches. 130.Pp 131See 132.Sx PATTERNS 133for more information on patterns. 134.It Cm Match 135Restricts the following declarations (up to the next 136.Cm Host 137or 138.Cm Match 139keyword) to be used only when the conditions following the 140.Cm Match 141keyword are satisfied. 142Match conditions are specified using one or more criteria 143or the single token 144.Cm all 145which always matches. 146The available criteria keywords are: 147.Cm canonical , 148.Cm exec , 149.Cm host , 150.Cm originalhost , 151.Cm user , 152and 153.Cm localuser . 154The 155.Cm all 156criteria must appear alone or immediately after 157.Cm canonical . 158Other criteria may be combined arbitrarily. 159All criteria but 160.Cm all 161and 162.Cm canonical 163require an argument. 164Criteria may be negated by prepending an exclamation mark 165.Pq Sq !\& . 166.Pp 167The 168.Cm canonical 169keyword matches only when the configuration file is being re-parsed 170after hostname canonicalization (see the 171.Cm CanonicalizeHostname 172option.) 173This may be useful to specify conditions that work with canonical host 174names only. 175The 176.Cm exec 177keyword executes the specified command under the user's shell. 178If the command returns a zero exit status then the condition is considered true. 179Commands containing whitespace characters must be quoted. 180The following character sequences in the command will be expanded prior to 181execution: 182.Ql %L 183will be substituted by the first component of the local host name, 184.Ql %l 185will be substituted by the local host name (including any domain name), 186.Ql %h 187will be substituted by the target host name, 188.Ql %n 189will be substituted by the original target host name 190specified on the command-line, 191.Ql %p 192the destination port, 193.Ql %r 194by the remote login username, and 195.Ql %u 196by the username of the user running 197.Xr ssh 1 . 198.Pp 199The other keywords' criteria must be single entries or comma-separated 200lists and may use the wildcard and negation operators described in the 201.Sx PATTERNS 202section. 203The criteria for the 204.Cm host 205keyword are matched against the target hostname, after any substitution 206by the 207.Cm Hostname 208or 209.Cm CanonicalizeHostname 210options. 211The 212.Cm originalhost 213keyword matches against the hostname as it was specified on the command-line. 214The 215.Cm user 216keyword matches against the target username on the remote host. 217The 218.Cm localuser 219keyword matches against the name of the local user running 220.Xr ssh 1 221(this keyword may be useful in system-wide 222.Nm 223files). 224.It Cm AddKeysToAgent 225Specifies whether keys should be automatically added to a running 226.Xr ssh-agent 1 . 227If this option is set to 228.Dq yes 229and a key is loaded from a file, the key and its passphrase are added to 230the agent with the default lifetime, as if by 231.Xr ssh-add 1 . 232If this option is set to 233.Dq ask , 234.Nm ssh 235will require confirmation using the 236.Ev SSH_ASKPASS 237program before adding a key (see 238.Xr ssh-add 1 239for details). 240If this option is set to 241.Dq confirm , 242each use of the key must be confirmed, as if the 243.Fl c 244option was specified to 245.Xr ssh-add 1 . 246If this option is set to 247.Dq no , 248no keys are added to the agent. 249The argument must be 250.Dq yes , 251.Dq confirm , 252.Dq ask , 253or 254.Dq no . 255The default is 256.Dq no . 257.It Cm AddressFamily 258Specifies which address family to use when connecting. 259Valid arguments are 260.Dq any , 261.Dq inet 262(use IPv4 only), or 263.Dq inet6 264(use IPv6 only). 265The default is 266.Dq any . 267.It Cm BatchMode 268If set to 269.Dq yes , 270passphrase/password querying will be disabled. 271This option is useful in scripts and other batch jobs where no user 272is present to supply the password. 273The argument must be 274.Dq yes 275or 276.Dq no . 277The default is 278.Dq no . 279.It Cm BindAddress 280Use the specified address on the local machine as the source address of 281the connection. 282Only useful on systems with more than one address. 283Note that this option does not work if 284.Cm UsePrivilegedPort 285is set to 286.Dq yes . 287.It Cm CanonicalDomains 288When 289.Cm CanonicalizeHostname 290is enabled, this option specifies the list of domain suffixes in which to 291search for the specified destination host. 292.It Cm CanonicalizeFallbackLocal 293Specifies whether to fail with an error when hostname canonicalization fails. 294The default, 295.Dq yes , 296will attempt to look up the unqualified hostname using the system resolver's 297search rules. 298A value of 299.Dq no 300will cause 301.Xr ssh 1 302to fail instantly if 303.Cm CanonicalizeHostname 304is enabled and the target hostname cannot be found in any of the domains 305specified by 306.Cm CanonicalDomains . 307.It Cm CanonicalizeHostname 308Controls whether explicit hostname canonicalization is performed. 309The default, 310.Dq no , 311is not to perform any name rewriting and let the system resolver handle all 312hostname lookups. 313If set to 314.Dq yes 315then, for connections that do not use a 316.Cm ProxyCommand , 317.Xr ssh 1 318will attempt to canonicalize the hostname specified on the command line 319using the 320.Cm CanonicalDomains 321suffixes and 322.Cm CanonicalizePermittedCNAMEs 323rules. 324If 325.Cm CanonicalizeHostname 326is set to 327.Dq always , 328then canonicalization is applied to proxied connections too. 329.Pp 330If this option is enabled, then the configuration files are processed 331again using the new target name to pick up any new configuration in matching 332.Cm Host 333and 334.Cm Match 335stanzas. 336.It Cm CanonicalizeMaxDots 337Specifies the maximum number of dot characters in a hostname before 338canonicalization is disabled. 339The default, 340.Dq 1 , 341allows a single dot (i.e. hostname.subdomain). 342.It Cm CanonicalizePermittedCNAMEs 343Specifies rules to determine whether CNAMEs should be followed when 344canonicalizing hostnames. 345The rules consist of one or more arguments of 346.Ar source_domain_list : Ns Ar target_domain_list , 347where 348.Ar source_domain_list 349is a pattern-list of domains that may follow CNAMEs in canonicalization, 350and 351.Ar target_domain_list 352is a pattern-list of domains that they may resolve to. 353.Pp 354For example, 355.Dq *.a.example.com:*.b.example.com,*.c.example.com 356will allow hostnames matching 357.Dq *.a.example.com 358to be canonicalized to names in the 359.Dq *.b.example.com 360or 361.Dq *.c.example.com 362domains. 363.It Cm CertificateFile 364Specifies a file from which the user's certificate is read. 365A corresponding private key must be provided separately in order 366to use this certificate either 367from an 368.Cm IdentityFile 369directive or 370.Fl i 371flag to 372.Xr ssh 1 , 373via 374.Xr ssh-agent 1 , 375or via a 376.Cm PKCS11Provider . 377.Pp 378The file name may use the tilde 379syntax to refer to a user's home directory or one of the following 380escape characters: 381.Ql %d 382(local user's home directory), 383.Ql %u 384(local user name), 385.Ql %l 386(local host name), 387.Ql %h 388(remote host name) or 389.Ql %r 390(remote user name). 391.Pp 392It is possible to have multiple certificate files specified in 393configuration files; these certificates will be tried in sequence. 394Multiple 395.Cm CertificateFile 396directives will add to the list of certificates used for 397authentication. 398.It Cm ChallengeResponseAuthentication 399Specifies whether to use challenge-response authentication. 400The argument to this keyword must be 401.Dq yes 402or 403.Dq no . 404The default is 405.Dq yes . 406.It Cm CheckHostIP 407If this flag is set to 408.Dq yes , 409.Xr ssh 1 410will additionally check the host IP address in the 411.Pa known_hosts 412file. 413This allows ssh to detect if a host key changed due to DNS spoofing 414and will add addresses of destination hosts to 415.Pa ~/.ssh/known_hosts 416in the process, regardless of the setting of 417.Cm StrictHostKeyChecking . 418If the option is set to 419.Dq no , 420the check will not be executed. 421The default is 422.Dq yes . 423.It Cm Cipher 424Specifies the cipher to use for encrypting the session 425in protocol version 1. 426Currently, 427.Dq blowfish , 428.Dq 3des , 429and 430.Dq des 431are supported. 432.Ar des 433is only supported in the 434.Xr ssh 1 435client for interoperability with legacy protocol 1 implementations 436that do not support the 437.Ar 3des 438cipher. 439Its use is strongly discouraged due to cryptographic weaknesses. 440The default is 441.Dq 3des . 442.It Cm Ciphers 443Specifies the ciphers allowed for protocol version 2 444in order of preference. 445Multiple ciphers must be comma-separated. 446If the specified value begins with a 447.Sq + 448character, then the specified ciphers will be appended to the default set 449instead of replacing them. 450.Pp 451The supported ciphers are: 452.Pp 453.Bl -item -compact -offset indent 454.It 4553des-cbc 456.It 457aes128-cbc 458.It 459aes192-cbc 460.It 461aes256-cbc 462.It 463aes128-ctr 464.It 465aes192-ctr 466.It 467aes256-ctr 468.It 469aes128-gcm@openssh.com 470.It 471aes256-gcm@openssh.com 472.It 473arcfour 474.It 475arcfour128 476.It 477arcfour256 478.It 479blowfish-cbc 480.It 481cast128-cbc 482.It 483chacha20-poly1305@openssh.com 484.El 485.Pp 486The default is: 487.Bd -literal -offset indent 488chacha20-poly1305@openssh.com, 489aes128-ctr,aes192-ctr,aes256-ctr, 490aes128-gcm@openssh.com,aes256-gcm@openssh.com, 491aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc 492.Ed 493.Pp 494The list of available ciphers may also be obtained using the 495.Fl Q 496option of 497.Xr ssh 1 498with an argument of 499.Dq cipher . 500.It Cm ClearAllForwardings 501Specifies that all local, remote, and dynamic port forwardings 502specified in the configuration files or on the command line be 503cleared. 504This option is primarily useful when used from the 505.Xr ssh 1 506command line to clear port forwardings set in 507configuration files, and is automatically set by 508.Xr scp 1 509and 510.Xr sftp 1 . 511The argument must be 512.Dq yes 513or 514.Dq no . 515The default is 516.Dq no . 517.It Cm Compression 518Specifies whether to use compression. 519The argument must be 520.Dq yes 521or 522.Dq no . 523The default is 524.Dq no . 525.It Cm CompressionLevel 526Specifies the compression level to use if compression is enabled. 527The argument must be an integer from 1 (fast) to 9 (slow, best). 528The default level is 6, which is good for most applications. 529The meaning of the values is the same as in 530.Xr gzip 1 . 531Note that this option applies to protocol version 1 only. 532.It Cm ConnectionAttempts 533Specifies the number of tries (one per second) to make before exiting. 534The argument must be an integer. 535This may be useful in scripts if the connection sometimes fails. 536The default is 1. 537.It Cm ConnectTimeout 538Specifies the timeout (in seconds) used when connecting to the 539SSH server, instead of using the default system TCP timeout. 540This value is used only when the target is down or really unreachable, 541not when it refuses the connection. 542.It Cm ControlMaster 543Enables the sharing of multiple sessions over a single network connection. 544When set to 545.Dq yes , 546.Xr ssh 1 547will listen for connections on a control socket specified using the 548.Cm ControlPath 549argument. 550Additional sessions can connect to this socket using the same 551.Cm ControlPath 552with 553.Cm ControlMaster 554set to 555.Dq no 556(the default). 557These sessions will try to reuse the master instance's network connection 558rather than initiating new ones, but will fall back to connecting normally 559if the control socket does not exist, or is not listening. 560.Pp 561Setting this to 562.Dq ask 563will cause ssh 564to listen for control connections, but require confirmation using 565.Xr ssh-askpass 1 . 566If the 567.Cm ControlPath 568cannot be opened, 569ssh will continue without connecting to a master instance. 570.Pp 571X11 and 572.Xr ssh-agent 1 573forwarding is supported over these multiplexed connections, however the 574display and agent forwarded will be the one belonging to the master 575connection i.e. it is not possible to forward multiple displays or agents. 576.Pp 577Two additional options allow for opportunistic multiplexing: try to use a 578master connection but fall back to creating a new one if one does not already 579exist. 580These options are: 581.Dq auto 582and 583.Dq autoask . 584The latter requires confirmation like the 585.Dq ask 586option. 587.It Cm ControlPath 588Specify the path to the control socket used for connection sharing as described 589in the 590.Cm ControlMaster 591section above or the string 592.Dq none 593to disable connection sharing. 594In the path, 595.Ql %L 596will be substituted by the first component of the local host name, 597.Ql %l 598will be substituted by the local host name (including any domain name), 599.Ql %h 600will be substituted by the target host name, 601.Ql %n 602will be substituted by the original target host name 603specified on the command line, 604.Ql %p 605the destination port, 606.Ql %r 607by the remote login username, 608.Ql %u 609by the username and 610.Ql %i 611by the numeric user ID (uid) of the user running 612.Xr ssh 1 , 613and 614.Ql \&%C 615by a hash of the concatenation: %l%h%p%r. 616It is recommended that any 617.Cm ControlPath 618used for opportunistic connection sharing include 619at least %h, %p, and %r (or alternatively %C) and be placed in a directory 620that is not writable by other users. 621This ensures that shared connections are uniquely identified. 622.It Cm ControlPersist 623When used in conjunction with 624.Cm ControlMaster , 625specifies that the master connection should remain open 626in the background (waiting for future client connections) 627after the initial client connection has been closed. 628If set to 629.Dq no , 630then the master connection will not be placed into the background, 631and will close as soon as the initial client connection is closed. 632If set to 633.Dq yes 634or 635.Dq 0 , 636then the master connection will remain in the background indefinitely 637(until killed or closed via a mechanism such as the 638.Xr ssh 1 639.Dq Fl O No exit 640option). 641If set to a time in seconds, or a time in any of the formats documented in 642.Xr sshd_config 5 , 643then the backgrounded master connection will automatically terminate 644after it has remained idle (with no client connections) for the 645specified time. 646.It Cm DynamicForward 647Specifies that a TCP port on the local machine be forwarded 648over the secure channel, and the application 649protocol is then used to determine where to connect to from the 650remote machine. 651.Pp 652The argument must be 653.Sm off 654.Oo Ar bind_address : Oc Ar port . 655.Sm on 656IPv6 addresses can be specified by enclosing addresses in square brackets. 657By default, the local port is bound in accordance with the 658.Cm GatewayPorts 659setting. 660However, an explicit 661.Ar bind_address 662may be used to bind the connection to a specific address. 663The 664.Ar bind_address 665of 666.Dq localhost 667indicates that the listening port be bound for local use only, while an 668empty address or 669.Sq * 670indicates that the port should be available from all interfaces. 671.Pp 672Currently the SOCKS4 and SOCKS5 protocols are supported, and 673.Xr ssh 1 674will act as a SOCKS server. 675Multiple forwardings may be specified, and 676additional forwardings can be given on the command line. 677Only the superuser can forward privileged ports. 678.It Cm EnableSSHKeysign 679Setting this option to 680.Dq yes 681in the global client configuration file 682.Pa /etc/ssh/ssh_config 683enables the use of the helper program 684.Xr ssh-keysign 8 685during 686.Cm HostbasedAuthentication . 687The argument must be 688.Dq yes 689or 690.Dq no . 691The default is 692.Dq no . 693This option should be placed in the non-hostspecific section. 694See 695.Xr ssh-keysign 8 696for more information. 697.It Cm EscapeChar 698Sets the escape character (default: 699.Ql ~ ) . 700The escape character can also 701be set on the command line. 702The argument should be a single character, 703.Ql ^ 704followed by a letter, or 705.Dq none 706to disable the escape 707character entirely (making the connection transparent for binary 708data). 709.It Cm ExitOnForwardFailure 710Specifies whether 711.Xr ssh 1 712should terminate the connection if it cannot set up all requested 713dynamic, tunnel, local, and remote port forwardings, (e.g.\& 714if either end is unable to bind and listen on a specified port). 715Note that 716.Cm ExitOnForwardFailure 717does not apply to connections made over port forwardings and will not, 718for example, cause 719.Xr ssh 1 720to exit if TCP connections to the ultimate forwarding destination fail. 721The argument must be 722.Dq yes 723or 724.Dq no . 725The default is 726.Dq no . 727.It Cm FingerprintHash 728Specifies the hash algorithm used when displaying key fingerprints. 729Valid options are: 730.Dq md5 731and 732.Dq sha256 . 733The default is 734.Dq sha256 . 735.It Cm ForwardAgent 736Specifies whether the connection to the authentication agent (if any) 737will be forwarded to the remote machine. 738The argument must be 739.Dq yes 740or 741.Dq no . 742The default is 743.Dq no . 744.Pp 745Agent forwarding should be enabled with caution. 746Users with the ability to bypass file permissions on the remote host 747(for the agent's Unix-domain socket) 748can access the local agent through the forwarded connection. 749An attacker cannot obtain key material from the agent, 750however they can perform operations on the keys that enable them to 751authenticate using the identities loaded into the agent. 752.It Cm ForwardX11 753Specifies whether X11 connections will be automatically redirected 754over the secure channel and 755.Ev DISPLAY 756set. 757The argument must be 758.Dq yes 759or 760.Dq no . 761The default is 762.Dq no . 763.Pp 764X11 forwarding should be enabled with caution. 765Users with the ability to bypass file permissions on the remote host 766(for the user's X11 authorization database) 767can access the local X11 display through the forwarded connection. 768An attacker may then be able to perform activities such as keystroke monitoring 769if the 770.Cm ForwardX11Trusted 771option is also enabled. 772.It Cm ForwardX11Timeout 773Specify a timeout for untrusted X11 forwarding 774using the format described in the 775TIME FORMATS section of 776.Xr sshd_config 5 . 777X11 connections received by 778.Xr ssh 1 779after this time will be refused. 780The default is to disable untrusted X11 forwarding after twenty minutes has 781elapsed. 782.It Cm ForwardX11Trusted 783If this option is set to 784.Dq yes , 785remote X11 clients will have full access to the original X11 display. 786.Pp 787If this option is set to 788.Dq no , 789remote X11 clients will be considered untrusted and prevented 790from stealing or tampering with data belonging to trusted X11 791clients. 792Furthermore, the 793.Xr xauth 1 794token used for the session will be set to expire after 20 minutes. 795Remote clients will be refused access after this time. 796.Pp 797The default is 798.Dq no . 799.Pp 800See the X11 SECURITY extension specification for full details on 801the restrictions imposed on untrusted clients. 802.It Cm GatewayPorts 803Specifies whether remote hosts are allowed to connect to local 804forwarded ports. 805By default, 806.Xr ssh 1 807binds local port forwardings to the loopback address. 808This prevents other remote hosts from connecting to forwarded ports. 809.Cm GatewayPorts 810can be used to specify that ssh 811should bind local port forwardings to the wildcard address, 812thus allowing remote hosts to connect to forwarded ports. 813The argument must be 814.Dq yes 815or 816.Dq no . 817The default is 818.Dq no . 819.It Cm GlobalKnownHostsFile 820Specifies one or more files to use for the global 821host key database, separated by whitespace. 822The default is 823.Pa /etc/ssh/ssh_known_hosts , 824.Pa /etc/ssh/ssh_known_hosts2 . 825.It Cm GSSAPIAuthentication 826Specifies whether user authentication based on GSSAPI is allowed. 827The default is 828.Dq no . 829.It Cm GSSAPIDelegateCredentials 830Forward (delegate) credentials to the server. 831The default is 832.Dq no . 833.It Cm HashKnownHosts 834Indicates that 835.Xr ssh 1 836should hash host names and addresses when they are added to 837.Pa ~/.ssh/known_hosts . 838These hashed names may be used normally by 839.Xr ssh 1 840and 841.Xr sshd 8 , 842but they do not reveal identifying information should the file's contents 843be disclosed. 844The default is 845.Dq no . 846Note that existing names and addresses in known hosts files 847will not be converted automatically, 848but may be manually hashed using 849.Xr ssh-keygen 1 . 850.It Cm HostbasedAuthentication 851Specifies whether to try rhosts based authentication with public key 852authentication. 853The argument must be 854.Dq yes 855or 856.Dq no . 857The default is 858.Dq no . 859.It Cm HostbasedKeyTypes 860Specifies the key types that will be used for hostbased authentication 861as a comma-separated pattern list. 862Alternately if the specified value begins with a 863.Sq + 864character, then the specified key types will be appended to the default set 865instead of replacing them. 866The default for this option is: 867.Bd -literal -offset 3n 868ecdsa-sha2-nistp256-cert-v01@openssh.com, 869ecdsa-sha2-nistp384-cert-v01@openssh.com, 870ecdsa-sha2-nistp521-cert-v01@openssh.com, 871ssh-ed25519-cert-v01@openssh.com, 872ssh-rsa-cert-v01@openssh.com, 873ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 874ssh-ed25519,ssh-rsa 875.Ed 876.Pp 877The 878.Fl Q 879option of 880.Xr ssh 1 881may be used to list supported key types. 882.It Cm HostKeyAlgorithms 883Specifies the host key algorithms 884that the client wants to use in order of preference. 885Alternately if the specified value begins with a 886.Sq + 887character, then the specified key types will be appended to the default set 888instead of replacing them. 889The default for this option is: 890.Bd -literal -offset 3n 891ecdsa-sha2-nistp256-cert-v01@openssh.com, 892ecdsa-sha2-nistp384-cert-v01@openssh.com, 893ecdsa-sha2-nistp521-cert-v01@openssh.com, 894ssh-ed25519-cert-v01@openssh.com, 895ssh-rsa-cert-v01@openssh.com, 896ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 897ssh-ed25519,ssh-rsa 898.Ed 899.Pp 900If hostkeys are known for the destination host then this default is modified 901to prefer their algorithms. 902.Pp 903The list of available key types may also be obtained using the 904.Fl Q 905option of 906.Xr ssh 1 907with an argument of 908.Dq key . 909.It Cm HostKeyAlias 910Specifies an alias that should be used instead of the 911real host name when looking up or saving the host key 912in the host key database files. 913This option is useful for tunneling SSH connections 914or for multiple servers running on a single host. 915.It Cm HostName 916Specifies the real host name to log into. 917This can be used to specify nicknames or abbreviations for hosts. 918If the hostname contains the character sequence 919.Ql %h , 920then this will be replaced with the host name specified on the command line 921(this is useful for manipulating unqualified names). 922The character sequence 923.Ql %% 924will be replaced by a single 925.Ql % 926character, which may be used when specifying IPv6 link-local addresses. 927.Pp 928The default is the name given on the command line. 929Numeric IP addresses are also permitted (both on the command line and in 930.Cm HostName 931specifications). 932.It Cm IdentitiesOnly 933Specifies that 934.Xr ssh 1 935should only use the authentication identity and certificate files explicitly 936configured in the 937.Nm 938files 939or passed on the 940.Xr ssh 1 941command-line, 942even if 943.Xr ssh-agent 1 944or a 945.Cm PKCS11Provider 946offers more identities. 947The argument to this keyword must be 948.Dq yes 949or 950.Dq no . 951This option is intended for situations where ssh-agent 952offers many different identities. 953The default is 954.Dq no . 955.It Cm IdentityAgent 956Specifies the 957.Ux Ns -domain 958socket used to communicate with the authentication agent. 959.Pp 960This option overrides the 961.Dq SSH_AUTH_SOCK 962environment variable and can be used to select a specific agent. 963Setting the socket name to 964.Dq none 965disables the use of an authentication agent. 966If the string 967.Dq SSH_AUTH_SOCK 968is specified, the location of the socket will be read from the 969.Ev SSH_AUTH_SOCK 970environment variable. 971.Pp 972The socket name may use the tilde 973syntax to refer to a user's home directory or one of the following 974escape characters: 975.Ql %d 976(local user's home directory), 977.Ql %u 978(local user name), 979.Ql %l 980(local host name), 981.Ql %h 982(remote host name) or 983.Ql %r 984(remote user name). 985.It Cm IdentityFile 986Specifies a file from which the user's DSA, ECDSA, Ed25519 or RSA authentication 987identity is read. 988The default is 989.Pa ~/.ssh/identity 990for protocol version 1, and 991.Pa ~/.ssh/id_dsa , 992.Pa ~/.ssh/id_ecdsa , 993.Pa ~/.ssh/id_ed25519 994and 995.Pa ~/.ssh/id_rsa 996for protocol version 2. 997Additionally, any identities represented by the authentication agent 998will be used for authentication unless 999.Cm IdentitiesOnly 1000is set. 1001If no certificates have been explicitly specified by 1002.Cm CertificateFile , 1003.Xr ssh 1 1004will try to load certificate information from the filename obtained by 1005appending 1006.Pa -cert.pub 1007to the path of a specified 1008.Cm IdentityFile . 1009.Pp 1010The file name may use the tilde 1011syntax to refer to a user's home directory or one of the following 1012escape characters: 1013.Ql %d 1014(local user's home directory), 1015.Ql %u 1016(local user name), 1017.Ql %l 1018(local host name), 1019.Ql %h 1020(remote host name) or 1021.Ql %r 1022(remote user name). 1023.Pp 1024It is possible to have 1025multiple identity files specified in configuration files; all these 1026identities will be tried in sequence. 1027Multiple 1028.Cm IdentityFile 1029directives will add to the list of identities tried (this behaviour 1030differs from that of other configuration directives). 1031.Pp 1032.Cm IdentityFile 1033may be used in conjunction with 1034.Cm IdentitiesOnly 1035to select which identities in an agent are offered during authentication. 1036.Cm IdentityFile 1037may also be used in conjunction with 1038.Cm CertificateFile 1039in order to provide any certificate also needed for authentication with 1040the identity. 1041.It Cm IgnoreUnknown 1042Specifies a pattern-list of unknown options to be ignored if they are 1043encountered in configuration parsing. 1044This may be used to suppress errors if 1045.Nm 1046contains options that are unrecognised by 1047.Xr ssh 1 . 1048It is recommended that 1049.Cm IgnoreUnknown 1050be listed early in the configuration file as it will not be applied 1051to unknown options that appear before it. 1052.It Cm Include 1053Include the specified configuration file(s). 1054Multiple pathnames may be specified and each pathname may contain 1055.Xr glob 3 1056wildcards and, for user configurations, shell-like 1057.Dq ~ 1058references to user home directories. 1059Files without absolute paths are assumed to be in 1060.Pa ~/.ssh 1061if included in a user configuration file or 1062.Pa /etc/ssh 1063if included from the system configuration file. 1064.Cm Include 1065directive may appear inside a 1066.Cm Match 1067or 1068.Cm Host 1069block 1070to perform conditional inclusion. 1071.It Cm IPQoS 1072Specifies the IPv4 type-of-service or DSCP class for connections. 1073Accepted values are 1074.Dq af11 , 1075.Dq af12 , 1076.Dq af13 , 1077.Dq af21 , 1078.Dq af22 , 1079.Dq af23 , 1080.Dq af31 , 1081.Dq af32 , 1082.Dq af33 , 1083.Dq af41 , 1084.Dq af42 , 1085.Dq af43 , 1086.Dq cs0 , 1087.Dq cs1 , 1088.Dq cs2 , 1089.Dq cs3 , 1090.Dq cs4 , 1091.Dq cs5 , 1092.Dq cs6 , 1093.Dq cs7 , 1094.Dq ef , 1095.Dq lowdelay , 1096.Dq throughput , 1097.Dq reliability , 1098or a numeric value. 1099This option may take one or two arguments, separated by whitespace. 1100If one argument is specified, it is used as the packet class unconditionally. 1101If two values are specified, the first is automatically selected for 1102interactive sessions and the second for non-interactive sessions. 1103The default is 1104.Dq lowdelay 1105for interactive sessions and 1106.Dq throughput 1107for non-interactive sessions. 1108.It Cm KbdInteractiveAuthentication 1109Specifies whether to use keyboard-interactive authentication. 1110The argument to this keyword must be 1111.Dq yes 1112or 1113.Dq no . 1114The default is 1115.Dq yes . 1116.It Cm KbdInteractiveDevices 1117Specifies the list of methods to use in keyboard-interactive authentication. 1118Multiple method names must be comma-separated. 1119The default is to use the server specified list. 1120The methods available vary depending on what the server supports. 1121For an OpenSSH server, 1122it may be zero or more of: 1123.Dq bsdauth , 1124.Dq pam , 1125and 1126.Dq skey . 1127.It Cm KexAlgorithms 1128Specifies the available KEX (Key Exchange) algorithms. 1129Multiple algorithms must be comma-separated. 1130Alternately if the specified value begins with a 1131.Sq + 1132character, then the specified methods will be appended to the default set 1133instead of replacing them. 1134The default is: 1135.Bd -literal -offset indent 1136curve25519-sha256@libssh.org, 1137ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521, 1138diffie-hellman-group-exchange-sha256, 1139diffie-hellman-group-exchange-sha1, 1140diffie-hellman-group14-sha1 1141.Ed 1142.Pp 1143The list of available key exchange algorithms may also be obtained using the 1144.Fl Q 1145option of 1146.Xr ssh 1 1147with an argument of 1148.Dq kex . 1149.It Cm LocalCommand 1150Specifies a command to execute on the local machine after successfully 1151connecting to the server. 1152The command string extends to the end of the line, and is executed with 1153the user's shell. 1154The following escape character substitutions will be performed: 1155.Ql %d 1156(local user's home directory), 1157.Ql %h 1158(remote host name), 1159.Ql %l 1160(local host name), 1161.Ql %n 1162(host name as provided on the command line), 1163.Ql %p 1164(remote port), 1165.Ql %r 1166(remote user name) or 1167.Ql %u 1168(local user name) or 1169.Ql \&%C 1170by a hash of the concatenation: %l%h%p%r. 1171.Pp 1172The command is run synchronously and does not have access to the 1173session of the 1174.Xr ssh 1 1175that spawned it. 1176It should not be used for interactive commands. 1177.Pp 1178This directive is ignored unless 1179.Cm PermitLocalCommand 1180has been enabled. 1181.It Cm LocalForward 1182Specifies that a TCP port on the local machine be forwarded over 1183the secure channel to the specified host and port from the remote machine. 1184The first argument must be 1185.Sm off 1186.Oo Ar bind_address : Oc Ar port 1187.Sm on 1188and the second argument must be 1189.Ar host : Ns Ar hostport . 1190IPv6 addresses can be specified by enclosing addresses in square brackets. 1191Multiple forwardings may be specified, and additional forwardings can be 1192given on the command line. 1193Only the superuser can forward privileged ports. 1194By default, the local port is bound in accordance with the 1195.Cm GatewayPorts 1196setting. 1197However, an explicit 1198.Ar bind_address 1199may be used to bind the connection to a specific address. 1200The 1201.Ar bind_address 1202of 1203.Dq localhost 1204indicates that the listening port be bound for local use only, while an 1205empty address or 1206.Sq * 1207indicates that the port should be available from all interfaces. 1208.It Cm LogLevel 1209Gives the verbosity level that is used when logging messages from 1210.Xr ssh 1 . 1211The possible values are: 1212QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. 1213The default is INFO. 1214DEBUG and DEBUG1 are equivalent. 1215DEBUG2 and DEBUG3 each specify higher levels of verbose output. 1216.It Cm MACs 1217Specifies the MAC (message authentication code) algorithms 1218in order of preference. 1219The MAC algorithm is used for data integrity protection. 1220Multiple algorithms must be comma-separated. 1221If the specified value begins with a 1222.Sq + 1223character, then the specified algorithms will be appended to the default set 1224instead of replacing them. 1225.Pp 1226The algorithms that contain 1227.Dq -etm 1228calculate the MAC after encryption (encrypt-then-mac). 1229These are considered safer and their use recommended. 1230.Pp 1231The default is: 1232.Bd -literal -offset indent 1233umac-64-etm@openssh.com,umac-128-etm@openssh.com, 1234hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, 1235hmac-sha1-etm@openssh.com, 1236umac-64@openssh.com,umac-128@openssh.com, 1237hmac-sha2-256,hmac-sha2-512,hmac-sha1 1238.Ed 1239.Pp 1240The list of available MAC algorithms may also be obtained using the 1241.Fl Q 1242option of 1243.Xr ssh 1 1244with an argument of 1245.Dq mac . 1246.It Cm NoHostAuthenticationForLocalhost 1247This option can be used if the home directory is shared across machines. 1248In this case localhost will refer to a different machine on each of 1249the machines and the user will get many warnings about changed host keys. 1250However, this option disables host authentication for localhost. 1251The argument to this keyword must be 1252.Dq yes 1253or 1254.Dq no . 1255The default is to check the host key for localhost. 1256.It Cm NumberOfPasswordPrompts 1257Specifies the number of password prompts before giving up. 1258The argument to this keyword must be an integer. 1259The default is 3. 1260.It Cm PasswordAuthentication 1261Specifies whether to use password authentication. 1262The argument to this keyword must be 1263.Dq yes 1264or 1265.Dq no . 1266The default is 1267.Dq yes . 1268.It Cm PermitLocalCommand 1269Allow local command execution via the 1270.Ic LocalCommand 1271option or using the 1272.Ic !\& Ns Ar command 1273escape sequence in 1274.Xr ssh 1 . 1275The argument must be 1276.Dq yes 1277or 1278.Dq no . 1279The default is 1280.Dq no . 1281.It Cm PKCS11Provider 1282Specifies which PKCS#11 provider to use. 1283The argument to this keyword is the PKCS#11 shared library 1284.Xr ssh 1 1285should use to communicate with a PKCS#11 token providing the user's 1286private RSA key. 1287.It Cm Port 1288Specifies the port number to connect on the remote host. 1289The default is 22. 1290.It Cm PreferredAuthentications 1291Specifies the order in which the client should try authentication methods. 1292This allows a client to prefer one method (e.g.\& 1293.Cm keyboard-interactive ) 1294over another method (e.g.\& 1295.Cm password ) . 1296The default is: 1297.Bd -literal -offset indent 1298gssapi-with-mic,hostbased,publickey, 1299keyboard-interactive,password 1300.Ed 1301.It Cm Protocol 1302Specifies the protocol versions 1303.Xr ssh 1 1304should support in order of preference. 1305The possible values are 1306.Sq 1 1307and 1308.Sq 2 . 1309Multiple versions must be comma-separated. 1310When this option is set to 1311.Dq 2,1 1312.Nm ssh 1313will try version 2 and fall back to version 1 1314if version 2 is not available. 1315The default is 1316.Sq 2 . 1317Protocol 1 suffers from a number of cryptographic weaknesses and should 1318not be used. 1319It is only offered to support legacy devices. 1320.It Cm ProxyCommand 1321Specifies the command to use to connect to the server. 1322The command 1323string extends to the end of the line, and is executed 1324using the user's shell 1325.Ql exec 1326directive to avoid a lingering shell process. 1327.Pp 1328In the command string, any occurrence of 1329.Ql %h 1330will be substituted by the host name to 1331connect, 1332.Ql %p 1333by the port, and 1334.Ql %r 1335by the remote user name. 1336The command can be basically anything, 1337and should read from its standard input and write to its standard output. 1338It should eventually connect an 1339.Xr sshd 8 1340server running on some machine, or execute 1341.Ic sshd -i 1342somewhere. 1343Host key management will be done using the 1344HostName of the host being connected (defaulting to the name typed by 1345the user). 1346Setting the command to 1347.Dq none 1348disables this option entirely. 1349Note that 1350.Cm CheckHostIP 1351is not available for connects with a proxy command. 1352.Pp 1353This directive is useful in conjunction with 1354.Xr nc 1 1355and its proxy support. 1356For example, the following directive would connect via an HTTP proxy at 1357192.0.2.0: 1358.Bd -literal -offset 3n 1359ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p 1360.Ed 1361.It Cm ProxyJump 1362Specifies one or more jump proxies as 1363.Xo 1364.Sm off 1365.Op Ar user No @ 1366.Ar host 1367.Op : Ns Ar port 1368.Sm on 1369.Xc . 1370Multiple proxies may be separated by comma characters and will be visited 1371sequentially. 1372Setting this option will cause 1373.Xr ssh 1 1374to connect to the target host by first making a 1375.Xr ssh 1 1376connection to the specified 1377.Cm ProxyJump 1378host and then establishing a 1379TCP forwarding to the ultimate target from there. 1380.Pp 1381Note that this option will compete with the 1382.Cm ProxyCommand 1383option - whichever is specified first will prevent later instances of the 1384other from taking effect. 1385.It Cm ProxyUseFdpass 1386Specifies that 1387.Cm ProxyCommand 1388will pass a connected file descriptor back to 1389.Xr ssh 1 1390instead of continuing to execute and pass data. 1391The default is 1392.Dq no . 1393.It Cm PubkeyAcceptedKeyTypes 1394Specifies the key types that will be used for public key authentication 1395as a comma-separated pattern list. 1396Alternately if the specified value begins with a 1397.Sq + 1398character, then the key types after it will be appended to the default 1399instead of replacing it. 1400The default for this option is: 1401.Bd -literal -offset 3n 1402ecdsa-sha2-nistp256-cert-v01@openssh.com, 1403ecdsa-sha2-nistp384-cert-v01@openssh.com, 1404ecdsa-sha2-nistp521-cert-v01@openssh.com, 1405ssh-ed25519-cert-v01@openssh.com, 1406ssh-rsa-cert-v01@openssh.com, 1407ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, 1408ssh-ed25519,ssh-rsa 1409.Ed 1410.Pp 1411The 1412.Fl Q 1413option of 1414.Xr ssh 1 1415may be used to list supported key types. 1416.It Cm PubkeyAuthentication 1417Specifies whether to try public key authentication. 1418The argument to this keyword must be 1419.Dq yes 1420or 1421.Dq no . 1422The default is 1423.Dq yes . 1424.It Cm RekeyLimit 1425Specifies the maximum amount of data that may be transmitted before the 1426session key is renegotiated, optionally followed a maximum amount of 1427time that may pass before the session key is renegotiated. 1428The first argument is specified in bytes and may have a suffix of 1429.Sq K , 1430.Sq M , 1431or 1432.Sq G 1433to indicate Kilobytes, Megabytes, or Gigabytes, respectively. 1434The default is between 1435.Sq 1G 1436and 1437.Sq 4G , 1438depending on the cipher. 1439The optional second value is specified in seconds and may use any of the 1440units documented in the 1441TIME FORMATS section of 1442.Xr sshd_config 5 . 1443The default value for 1444.Cm RekeyLimit 1445is 1446.Dq default none , 1447which means that rekeying is performed after the cipher's default amount 1448of data has been sent or received and no time based rekeying is done. 1449.It Cm RemoteForward 1450Specifies that a TCP port on the remote machine be forwarded over 1451the secure channel to the specified host and port from the local machine. 1452The first argument must be 1453.Sm off 1454.Oo Ar bind_address : Oc Ar port 1455.Sm on 1456and the second argument must be 1457.Ar host : Ns Ar hostport . 1458IPv6 addresses can be specified by enclosing addresses in square brackets. 1459Multiple forwardings may be specified, and additional 1460forwardings can be given on the command line. 1461Privileged ports can be forwarded only when 1462logging in as root on the remote machine. 1463.Pp 1464If the 1465.Ar port 1466argument is 1467.Ql 0 , 1468the listen port will be dynamically allocated on the server and reported 1469to the client at run time. 1470.Pp 1471If the 1472.Ar bind_address 1473is not specified, the default is to only bind to loopback addresses. 1474If the 1475.Ar bind_address 1476is 1477.Ql * 1478or an empty string, then the forwarding is requested to listen on all 1479interfaces. 1480Specifying a remote 1481.Ar bind_address 1482will only succeed if the server's 1483.Cm GatewayPorts 1484option is enabled (see 1485.Xr sshd_config 5 ) . 1486.It Cm RequestTTY 1487Specifies whether to request a pseudo-tty for the session. 1488The argument may be one of: 1489.Dq no 1490(never request a TTY), 1491.Dq yes 1492(always request a TTY when standard input is a TTY), 1493.Dq force 1494(always request a TTY) or 1495.Dq auto 1496(request a TTY when opening a login session). 1497This option mirrors the 1498.Fl t 1499and 1500.Fl T 1501flags for 1502.Xr ssh 1 . 1503.It Cm RevokedHostKeys 1504Specifies revoked host public keys. 1505Keys listed in this file will be refused for host authentication. 1506Note that if this file does not exist or is not readable, 1507then host authentication will be refused for all hosts. 1508Keys may be specified as a text file, listing one public key per line, or as 1509an OpenSSH Key Revocation List (KRL) as generated by 1510.Xr ssh-keygen 1 . 1511For more information on KRLs, see the KEY REVOCATION LISTS section in 1512.Xr ssh-keygen 1 . 1513.It Cm RhostsRSAAuthentication 1514Specifies whether to try rhosts based authentication with RSA host 1515authentication. 1516The argument must be 1517.Dq yes 1518or 1519.Dq no . 1520The default is 1521.Dq no . 1522This option applies to protocol version 1 only and requires 1523.Xr ssh 1 1524to be setuid root. 1525.It Cm RSAAuthentication 1526Specifies whether to try RSA authentication. 1527The argument to this keyword must be 1528.Dq yes 1529or 1530.Dq no . 1531RSA authentication will only be 1532attempted if the identity file exists, or an authentication agent is 1533running. 1534The default is 1535.Dq yes . 1536Note that this option applies to protocol version 1 only. 1537.It Cm SendEnv 1538Specifies what variables from the local 1539.Xr environ 7 1540should be sent to the server. 1541The server must also support it, and the server must be configured to 1542accept these environment variables. 1543Note that the 1544.Ev TERM 1545environment variable is always sent whenever a 1546pseudo-terminal is requested as it is required by the protocol. 1547Refer to 1548.Cm AcceptEnv 1549in 1550.Xr sshd_config 5 1551for how to configure the server. 1552Variables are specified by name, which may contain wildcard characters. 1553Multiple environment variables may be separated by whitespace or spread 1554across multiple 1555.Cm SendEnv 1556directives. 1557The default is not to send any environment variables. 1558.Pp 1559See 1560.Sx PATTERNS 1561for more information on patterns. 1562.It Cm ServerAliveCountMax 1563Sets the number of server alive messages (see below) which may be 1564sent without 1565.Xr ssh 1 1566receiving any messages back from the server. 1567If this threshold is reached while server alive messages are being sent, 1568ssh will disconnect from the server, terminating the session. 1569It is important to note that the use of server alive messages is very 1570different from 1571.Cm TCPKeepAlive 1572(below). 1573The server alive messages are sent through the encrypted channel 1574and therefore will not be spoofable. 1575The TCP keepalive option enabled by 1576.Cm TCPKeepAlive 1577is spoofable. 1578The server alive mechanism is valuable when the client or 1579server depend on knowing when a connection has become inactive. 1580.Pp 1581The default value is 3. 1582If, for example, 1583.Cm ServerAliveInterval 1584(see below) is set to 15 and 1585.Cm ServerAliveCountMax 1586is left at the default, if the server becomes unresponsive, 1587ssh will disconnect after approximately 45 seconds. 1588.It Cm ServerAliveInterval 1589Sets a timeout interval in seconds after which if no data has been received 1590from the server, 1591.Xr ssh 1 1592will send a message through the encrypted 1593channel to request a response from the server. 1594The default 1595is 0, indicating that these messages will not be sent to the server. 1596.It Cm StreamLocalBindMask 1597Sets the octal file creation mode mask 1598.Pq umask 1599used when creating a Unix-domain socket file for local or remote 1600port forwarding. 1601This option is only used for port forwarding to a Unix-domain socket file. 1602.Pp 1603The default value is 0177, which creates a Unix-domain socket file that is 1604readable and writable only by the owner. 1605Note that not all operating systems honor the file mode on Unix-domain 1606socket files. 1607.It Cm StreamLocalBindUnlink 1608Specifies whether to remove an existing Unix-domain socket file for local 1609or remote port forwarding before creating a new one. 1610If the socket file already exists and 1611.Cm StreamLocalBindUnlink 1612is not enabled, 1613.Nm ssh 1614will be unable to forward the port to the Unix-domain socket file. 1615This option is only used for port forwarding to a Unix-domain socket file. 1616.Pp 1617The argument must be 1618.Dq yes 1619or 1620.Dq no . 1621The default is 1622.Dq no . 1623.It Cm StrictHostKeyChecking 1624If this flag is set to 1625.Dq yes , 1626.Xr ssh 1 1627will never automatically add host keys to the 1628.Pa ~/.ssh/known_hosts 1629file, and refuses to connect to hosts whose host key has changed. 1630This provides maximum protection against trojan horse attacks, 1631though it can be annoying when the 1632.Pa /etc/ssh/ssh_known_hosts 1633file is poorly maintained or when connections to new hosts are 1634frequently made. 1635This option forces the user to manually 1636add all new hosts. 1637If this flag is set to 1638.Dq no , 1639ssh will automatically add new host keys to the 1640user known hosts files. 1641If this flag is set to 1642.Dq ask , 1643new host keys 1644will be added to the user known host files only after the user 1645has confirmed that is what they really want to do, and 1646ssh will refuse to connect to hosts whose host key has changed. 1647The host keys of 1648known hosts will be verified automatically in all cases. 1649The argument must be 1650.Dq yes , 1651.Dq no , 1652or 1653.Dq ask . 1654The default is 1655.Dq ask . 1656.It Cm TCPKeepAlive 1657Specifies whether the system should send TCP keepalive messages to the 1658other side. 1659If they are sent, death of the connection or crash of one 1660of the machines will be properly noticed. 1661However, this means that 1662connections will die if the route is down temporarily, and some people 1663find it annoying. 1664.Pp 1665The default is 1666.Dq yes 1667(to send TCP keepalive messages), and the client will notice 1668if the network goes down or the remote host dies. 1669This is important in scripts, and many users want it too. 1670.Pp 1671To disable TCP keepalive messages, the value should be set to 1672.Dq no . 1673.It Cm Tunnel 1674Request 1675.Xr tun 4 1676device forwarding between the client and the server. 1677The argument must be 1678.Dq yes , 1679.Dq point-to-point 1680(layer 3), 1681.Dq ethernet 1682(layer 2), 1683or 1684.Dq no . 1685Specifying 1686.Dq yes 1687requests the default tunnel mode, which is 1688.Dq point-to-point . 1689The default is 1690.Dq no . 1691.It Cm TunnelDevice 1692Specifies the 1693.Xr tun 4 1694devices to open on the client 1695.Pq Ar local_tun 1696and the server 1697.Pq Ar remote_tun . 1698.Pp 1699The argument must be 1700.Sm off 1701.Ar local_tun Op : Ar remote_tun . 1702.Sm on 1703The devices may be specified by numerical ID or the keyword 1704.Dq any , 1705which uses the next available tunnel device. 1706If 1707.Ar remote_tun 1708is not specified, it defaults to 1709.Dq any . 1710The default is 1711.Dq any:any . 1712.It Cm UpdateHostKeys 1713Specifies whether 1714.Xr ssh 1 1715should accept notifications of additional hostkeys from the server sent 1716after authentication has completed and add them to 1717.Cm UserKnownHostsFile . 1718The argument must be 1719.Dq yes , 1720.Dq no 1721(the default) or 1722.Dq ask . 1723Enabling this option allows learning alternate hostkeys for a server 1724and supports graceful key rotation by allowing a server to send replacement 1725public keys before old ones are removed. 1726Additional hostkeys are only accepted if the key used to authenticate the 1727host was already trusted or explicitly accepted by the user. 1728If 1729.Cm UpdateHostKeys 1730is set to 1731.Dq ask , 1732then the user is asked to confirm the modifications to the known_hosts file. 1733Confirmation is currently incompatible with 1734.Cm ControlPersist , 1735and will be disabled if it is enabled. 1736.Pp 1737Presently, only 1738.Xr sshd 8 1739from OpenSSH 6.8 and greater support the 1740.Dq hostkeys@openssh.com 1741protocol extension used to inform the client of all the server's hostkeys. 1742.It Cm UsePrivilegedPort 1743Specifies whether to use a privileged port for outgoing connections. 1744The argument must be 1745.Dq yes 1746or 1747.Dq no . 1748The default is 1749.Dq no . 1750If set to 1751.Dq yes , 1752.Xr ssh 1 1753must be setuid root. 1754Note that this option must be set to 1755.Dq yes 1756for 1757.Cm RhostsRSAAuthentication 1758with older servers. 1759.It Cm User 1760Specifies the user to log in as. 1761This can be useful when a different user name is used on different machines. 1762This saves the trouble of 1763having to remember to give the user name on the command line. 1764.It Cm UserKnownHostsFile 1765Specifies one or more files to use for the user 1766host key database, separated by whitespace. 1767The default is 1768.Pa ~/.ssh/known_hosts , 1769.Pa ~/.ssh/known_hosts2 . 1770.It Cm VerifyHostKeyDNS 1771Specifies whether to verify the remote key using DNS and SSHFP resource 1772records. 1773If this option is set to 1774.Dq yes , 1775the client will implicitly trust keys that match a secure fingerprint 1776from DNS. 1777Insecure fingerprints will be handled as if this option was set to 1778.Dq ask . 1779If this option is set to 1780.Dq ask , 1781information on fingerprint match will be displayed, but the user will still 1782need to confirm new host keys according to the 1783.Cm StrictHostKeyChecking 1784option. 1785The argument must be 1786.Dq yes , 1787.Dq no , 1788or 1789.Dq ask . 1790The default is 1791.Dq no . 1792.Pp 1793See also VERIFYING HOST KEYS in 1794.Xr ssh 1 . 1795.It Cm VisualHostKey 1796If this flag is set to 1797.Dq yes , 1798an ASCII art representation of the remote host key fingerprint is 1799printed in addition to the fingerprint string at login and 1800for unknown host keys. 1801If this flag is set to 1802.Dq no , 1803no fingerprint strings are printed at login and 1804only the fingerprint string will be printed for unknown host keys. 1805The default is 1806.Dq no . 1807.It Cm XAuthLocation 1808Specifies the full pathname of the 1809.Xr xauth 1 1810program. 1811The default is 1812.Pa /usr/X11R6/bin/xauth . 1813.El 1814.Sh PATTERNS 1815A 1816.Em pattern 1817consists of zero or more non-whitespace characters, 1818.Sq * 1819(a wildcard that matches zero or more characters), 1820or 1821.Sq ?\& 1822(a wildcard that matches exactly one character). 1823For example, to specify a set of declarations for any host in the 1824.Dq .co.uk 1825set of domains, 1826the following pattern could be used: 1827.Pp 1828.Dl Host *.co.uk 1829.Pp 1830The following pattern 1831would match any host in the 192.168.0.[0-9] network range: 1832.Pp 1833.Dl Host 192.168.0.? 1834.Pp 1835A 1836.Em pattern-list 1837is a comma-separated list of patterns. 1838Patterns within pattern-lists may be negated 1839by preceding them with an exclamation mark 1840.Pq Sq !\& . 1841For example, 1842to allow a key to be used from anywhere within an organization 1843except from the 1844.Dq dialup 1845pool, 1846the following entry (in authorized_keys) could be used: 1847.Pp 1848.Dl from=\&"!*.dialup.example.com,*.example.com\&" 1849.Sh FILES 1850.Bl -tag -width Ds 1851.It Pa ~/.ssh/config 1852This is the per-user configuration file. 1853The format of this file is described above. 1854This file is used by the SSH client. 1855Because of the potential for abuse, this file must have strict permissions: 1856read/write for the user, and not accessible by others. 1857.It Pa /etc/ssh/ssh_config 1858Systemwide configuration file. 1859This file provides defaults for those 1860values that are not specified in the user's configuration file, and 1861for those users who do not have a configuration file. 1862This file must be world-readable. 1863.El 1864.Sh SEE ALSO 1865.Xr ssh 1 1866.Sh AUTHORS 1867OpenSSH is a derivative of the original and free 1868ssh 1.2.12 release by Tatu Ylonen. 1869Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, 1870Theo de Raadt and Dug Song 1871removed many bugs, re-added newer features and 1872created OpenSSH. 1873Markus Friedl contributed the support for SSH 1874protocol versions 1.5 and 2.0. 1875