-.\" $OpenBSD: ssh-keygen.1,v 1.129 2015/11/13 04:34:15 djm Exp $
+.\" $OpenBSD: ssh-keygen.1,v 1.130 2016/02/17 07:38:19 jmc Exp $
.\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: November 13 2015 $
+.Dd $Mdocdate: February 17 2016 $
.Dt SSH-KEYGEN 1
.Os
.Sh NAME
generates, manages and converts authentication keys for
.Xr ssh 1 .
.Nm
-can create RSA keys for use by SSH protocol version 1 and
-DSA, ECDSA, Ed25519 or RSA keys for use by SSH protocol version 2.
+can create keys for use by SSH protocol versions 1 and 2.
+Protocol 1 should not be used
+and is only offered to support legacy devices.
+It suffers from a number of cryptographic weaknesses
+and doesn't support many of the advanced features available for protocol 2.
+.Pp
The type of key to be generated is specified with the
.Fl t
option.
.It Fl o
Causes
.Nm
-to save SSH protocol 2 private keys using the new OpenSSH format rather than
+to save private keys using the new OpenSSH format rather than
the more compatible PEM format.
The new format has increased resistance to brute-force password cracking
but is not supported by versions of OpenSSH prior to 6.5.
-.\" $OpenBSD: ssh-keysign.8,v 1.14 2013/12/07 11:58:46 naddy Exp $
+.\" $OpenBSD: ssh-keysign.8,v 1.15 2016/02/17 07:38:19 jmc Exp $
.\"
.\" Copyright (c) 2002 Markus Friedl. All rights reserved.
.\"
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: December 7 2013 $
+.Dd $Mdocdate: February 17 2016 $
.Dt SSH-KEYSIGN 8
.Os
.Sh NAME
is used by
.Xr ssh 1
to access the local host keys and generate the digital signature
-required during host-based authentication with SSH protocol version 2.
+required during host-based authentication.
.Pp
.Nm
is disabled by default and can only be enabled in the
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.368 2016/02/16 07:47:54 jmc Exp $
-.Dd $Mdocdate: February 16 2016 $
+.\" $OpenBSD: ssh.1,v 1.369 2016/02/17 07:38:19 jmc Exp $
+.Dd $Mdocdate: February 17 2016 $
.Dt SSH 1
.Os
.Sh NAME
for details.
.Pp
.It Fl m Ar mac_spec
-Additionally, for protocol version 2 a comma-separated list of MAC
-(message authentication code) algorithms can
-be specified in order of preference.
+A comma-separated list of MAC (message authentication code) algorithms,
+specified in order of preference.
See the
.Cm MACs
keyword for more information.
.Pp
.It Fl N
Do not execute a remote command.
-This is useful for just forwarding ports
-(protocol version 2 only).
+This is useful for just forwarding ports.
.Pp
.It Fl n
Redirects stdin from
.Pp
.It Fl s
May be used to request invocation of a subsystem on the remote system.
-Subsystems are a feature of the SSH2 protocol which facilitate the use
-of SSH as a secure transport for other applications (eg.\&
+Subsystems facilitate the use of SSH
+as a secure transport for other applications (e.g.\&
.Xr sftp 1 ) .
The subsystem is specified as the remote command.
.Pp
.Cm ExitOnForwardFailure
and
.Cm ClearAllForwardings .
-Works with Protocol version 2 only.
.Pp
.It Fl w Xo
.Ar local_tun Ns Op : Ns Ar remote_tun
and
.Fl 2
options (see above).
-Protocol 1 should not be used - it suffers from a number of cryptographic
-weaknesses and is only offered to support legacy devices.
+Protocol 1 should not be used
+and is only offered to support legacy devices.
+It suffers from a number of cryptographic weaknesses
+and doesn't support many of the advanced features available for protocol 2.
.Pp
The methods available for authentication are:
GSSAPI-based authentication,
challenge-response authentication,
and password authentication.
Authentication methods are tried in the order specified above,
-though protocol 2 has a configuration option to change the default order:
-.Cm PreferredAuthentications .
+though
+.Cm PreferredAuthentications
+can be used to change the default order.
.Pp
Host-based authentication works as follows:
If the machine the user logs in from is listed in
.Nm
implements public key authentication protocol automatically,
using one of the DSA, ECDSA, Ed25519 or RSA algorithms.
-Protocol 1 is restricted to using only RSA keys,
-but protocol 2 may use any.
The HISTORY section of
.Xr ssl 8
contains a brief discussion of the DSA and RSA algorithms.
.Pa ~/.ssh/identity
(protocol 1),
.Pa ~/.ssh/id_dsa
-(protocol 2 DSA),
+(DSA),
.Pa ~/.ssh/id_ecdsa
-(protocol 2 ECDSA),
+(ECDSA),
.Pa ~/.ssh/id_ed25519
-(protocol 2 Ed25519),
+(Ed25519),
or
.Pa ~/.ssh/id_rsa
-(protocol 2 RSA)
+(RSA)
and stores the public key in
.Pa ~/.ssh/identity.pub
(protocol 1),
.Pa ~/.ssh/id_dsa.pub
-(protocol 2 DSA),
+(DSA),
.Pa ~/.ssh/id_ecdsa.pub
-(protocol 2 ECDSA),
+(ECDSA),
.Pa ~/.ssh/id_ed25519.pub
-(protocol 2 Ed25519),
+(Ed25519),
or
.Pa ~/.ssh/id_rsa.pub
-(protocol 2 RSA)
+(RSA)
in the user's home directory.
The user should then copy the public key
to
The server sends an arbitrary
.Qq challenge
text, and prompts for a response.
-Protocol 2 allows multiple challenges and responses;
-protocol 1 is restricted to just one challenge/response.
Examples of challenge-response authentication include
.Bx
Authentication (see
Display a list of escape characters.
.It Cm ~B
Send a BREAK to the remote system
-(only useful for SSH protocol version 2 and if the peer supports it).
+(only useful if the peer supports it).
.It Cm ~C
Open command line.
Currently this allows the addition of port forwardings using the
option.
.It Cm ~R
Request rekeying of the connection
-(only useful for SSH protocol version 2 and if the peer supports it).
+(only useful if the peer supports it).
.It Cm ~V
Decrease the verbosity
.Pq Ic LogLevel
.It Pa /etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys
and are used for host-based authentication.
-If protocol version 1 is used,
-.Nm
-must be setuid root, since the host key is readable only by root.
-For protocol version 2,
-.Nm
-uses
-.Xr ssh-keysign 8
-to access the host keys,
-eliminating the requirement that
-.Nm
-be setuid root when host-based authentication is used.
-By default
-.Nm
-is not setuid root.
.Pp
.It Pa /etc/ssh/ssh_known_hosts
Systemwide list of known host keys.
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.225 2016/02/16 05:11:04 djm Exp $
-.Dd $Mdocdate: February 16 2016 $
+.\" $OpenBSD: ssh_config.5,v 1.226 2016/02/17 07:38:19 jmc Exp $
+.Dd $Mdocdate: February 17 2016 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
Specifies whether user authentication based on GSSAPI is allowed.
The default is
.Dq no .
-Note that this option applies to protocol version 2 only.
.It Cm GSSAPIDelegateCredentials
Forward (delegate) credentials to the server.
The default is
.Dq no .
-Note that this option applies to protocol version 2 only.
.It Cm HashKnownHosts
Indicates that
.Xr ssh 1
.Dq no .
The default is
.Dq no .
-This option applies to protocol version 2 only and
-is similar to
-.Cm RhostsRSAAuthentication .
.It Cm HostbasedKeyTypes
Specifies the key types that will be used for hostbased authentication
as a comma-separated pattern list.
.Xr ssh 1
may be used to list supported key types.
.It Cm HostKeyAlgorithms
-Specifies the protocol version 2 host key algorithms
+Specifies the host key algorithms
that the client wants to use in order of preference.
Alternately if the specified value begins with a
.Sq +
.It Cm MACs
Specifies the MAC (message authentication code) algorithms
in order of preference.
-The MAC algorithm is used in protocol version 2
-for data integrity protection.
+The MAC algorithm is used for data integrity protection.
Multiple algorithms must be comma-separated.
If the specified value begins with a
.Sq +
Specifies the port number to connect on the remote host.
The default is 22.
.It Cm PreferredAuthentications
-Specifies the order in which the client should try protocol 2
-authentication methods.
+Specifies the order in which the client should try authentication methods.
This allows a client to prefer one method (e.g.\&
.Cm keyboard-interactive )
over another method (e.g.\&
.Dq no .
The default is
.Dq yes .
-This option applies to protocol version 2 only.
.It Cm RekeyLimit
Specifies the maximum amount of data that may be transmitted before the
session key is renegotiated, optionally followed a maximum amount of
.Dq default none ,
which means that rekeying is performed after the cipher's default amount
of data has been sent or received and no time based rekeying is done.
-This option applies to protocol version 2 only.
.It Cm RemoteForward
Specifies that a TCP port on the remote machine be forwarded over
the secure channel to the specified host and port from the local machine.
Specifies what variables from the local
.Xr environ 7
should be sent to the server.
-Note that environment passing is only supported for protocol 2.
The server must also support it, and the server must be configured to
accept these environment variables.
Note that the
.Cm ServerAliveCountMax
is left at the default, if the server becomes unresponsive,
ssh will disconnect after approximately 45 seconds.
-This option applies to protocol version 2 only.
.It Cm ServerAliveInterval
Sets a timeout interval in seconds after which if no data has been received
from the server,
channel to request a response from the server.
The default
is 0, indicating that these messages will not be sent to the server.
-This option applies to protocol version 2 only.
.It Cm StreamLocalBindMask
Sets the octal file creation mode mask
.Pq umask
.Dq ask .
The default is
.Dq no .
-Note that this option applies to protocol version 2 only.
.Pp
See also VERIFYING HOST KEYS in
.Xr ssh 1 .
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.283 2016/02/05 03:07:06 djm Exp $
-.Dd $Mdocdate: February 5 2016 $
+.\" $OpenBSD: sshd.8,v 1.284 2016/02/17 07:38:19 jmc Exp $
+.Dd $Mdocdate: February 17 2016 $
.Dt SSHD 8
.Os
.Sh NAME
.Cm Protocol
option in
.Xr sshd_config 5 .
-Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys;
-protocol 1 only supports RSA keys.
-For both protocols,
-each host has a host-specific key,
-normally 2048 bits,
-used to identify the host.
+Protocol 1 should not be used
+and is only offered to support legacy devices.
.Pp
-Forward security for protocol 1 is provided through
+Each host has a host-specific key,
+used to identify the host.
+Partial forward security for protocol 1 is provided through
an additional server key,
normally 1024 bits,
generated when the server starts.
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.218 2016/02/16 05:11:04 djm Exp $
-.Dd $Mdocdate: February 16 2016 $
+.\" $OpenBSD: sshd_config.5,v 1.219 2016/02/17 07:38:19 jmc Exp $
+.Dd $Mdocdate: February 17 2016 $
.Dt SSHD_CONFIG 5
.Os
.Sh NAME
in
.Xr ssh_config 5
for how to configure the client.
-Note that environment passing is only supported for protocol 2, and
-that the
+The
.Ev TERM
environment variable is always sent whenever the client
requests a pseudo-terminal as it is required by the protocol.
.Dq publickey,publickey
will require successful authentication using two different public keys.
.Pp
-This option is only available for SSH protocol 2 and will yield a fatal
+This option will yield a fatal
error if enabled if protocol 1 is also enabled.
Note that each authentication method listed should also be explicitly enabled
in the configuration.
If the argument is
.Dq none
then no banner is displayed.
-This option is only available for protocol version 2.
By default, no banner is displayed.
.It Cm ChallengeResponseAuthentication
Specifies whether challenge-response authentication is allowed (e.g. via
indicating not to
.Xr chroot 2 .
.It Cm Ciphers
-Specifies the ciphers allowed for protocol version 2.
+Specifies the ciphers allowed.
Multiple ciphers must be comma-separated.
If the specified value begins with a
.Sq +
.Cm ClientAliveCountMax
is left at the default, unresponsive SSH clients
will be disconnected after approximately 45 seconds.
-This option applies to protocol version 2 only.
.It Cm ClientAliveInterval
Sets a timeout interval in seconds after which if no data has been received
from the client,
channel to request a response from the client.
The default
is 0, indicating that these messages will not be sent to the client.
-This option applies to protocol version 2 only.
.It Cm Compression
Specifies whether compression is allowed, or delayed until
the user has authenticated successfully.
Specifies whether user authentication based on GSSAPI is allowed.
The default is
.Dq no .
-Note that this option applies to protocol version 2 only.
.It Cm GSSAPICleanupCredentials
Specifies whether to automatically destroy the user's credentials cache
on logout.
The default is
.Dq yes .
-Note that this option applies to protocol version 2 only.
.It Cm GSSAPIStrictAcceptorCheck
Determines whether to be strict about the identity of the GSSAPI acceptor
a client authenticates against.
Specifies whether rhosts or /etc/hosts.equiv authentication together
with successful public key client host authentication is allowed
(host-based authentication).
-This option is similar to
-.Cm RhostsRSAAuthentication
-and applies to protocol version 2 only.
The default is
.Dq no .
.It Cm HostbasedUsesNameFromPacketOnly
.Ev SSH_AUTH_SOCK
environment variable.
.It Cm HostKeyAlgorithms
-Specifies the protocol version 2 host key algorithms
+Specifies the host key algorithms
that the server offers.
The default for this option is:
.Bd -literal -offset 3n
Logging with a DEBUG level violates the privacy of users and is not recommended.
.It Cm MACs
Specifies the available MAC (message authentication code) algorithms.
-The MAC algorithm is used in protocol version 2
-for data integrity protection.
+The MAC algorithm is used for data integrity protection.
Multiple algorithms must be comma-separated.
If the specified value begins with a
.Sq +
Specifies whether public key authentication is allowed.
The default is
.Dq yes .
-Note that this option applies to protocol version 2 only.
.It Cm RekeyLimit
Specifies the maximum amount of data that may be transmitted before the
session key is renegotiated, optionally followed a maximum amount of
.Dq default none ,
which means that rekeying is performed after the cipher's default amount
of data has been sent or received and no time based rekeying is done.
-This option applies to protocol version 2 only.
.It Cm RevokedKeys
Specifies revoked public keys file, or
.Dq none
to force a different filesystem root on clients.
.Pp
By default no subsystems are defined.
-Note that this option applies to protocol version 2 only.
.It Cm SyslogFacility
Gives the facility code that is used when logging messages from
.Xr sshd 8 .
projects / thirdparty / openssh-portable.git / commitdiff
