Lines Matching +full:forward +full:- +full:channel
78 .Ux Ns -domain
79 sockets can also be forwarded over the secure channel.
108 .Bl -tag -width Ds -compact
121 .Xr ssh-agent 1 .
122 This can also be specified on a per-host basis in a configuration file.
127 .Ux Ns -domain
155 .Ux Ns -domain
161 The default value can be set on a host-by-host basis in the
170 is a comma-separated list of ciphers
186 application-level port forwarding.
192 connection is forwarded over the secure channel, and the application
198 Only root can forward privileged ports.
202 Only the superuser can forward privileged ports.
230 followed by control-Z suspends the connection;
237 Specifies an alternative per-user configuration file.
239 the system-wide configuration file
242 The default for the per-user configuration file is
260 .Ic ssh -f host xterm .
301 .Xr ssh-agent 1
311 a per-host basis in the configuration file.
322 .Pa -cert.pub
337 Note that configuration directives supplied on the command-line generally
344 Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI
381 connection is forwarded over the secure channel, and a connection is
391 Only the superuser can forward privileged ports.
411 This also may be specified on a per-host basis in the configuration file.
426 .Xr ssh-askpass 1
436 A comma-separated list of MAC (message authentication code) algorithms,
462 .Ic ssh -n shadows.cs.hut.fi emacs &
464 connection will be automatically forwarded over an encrypted channel.
489 .Dq forward
503 command-line flag.
507 .Bl -tag -width Ds -offset indent -compact
623 per-host basis in the configuration file.
629 .Ar cipher-auth
641 .Ar key-ca-sign
643 .Ar key-cert
645 .Ar key-plain
646 (non-certificate key types),
647 .Ar key-sig
649 .Ar protocol-version
699 connection is forwarded over the secure channel, and a connection
708 will act as a SOCKS 4/5 proxy and forward connections to the destinations
739 .Ic -O forward ,
768 Disable pseudo-terminal allocation.
771 Force pseudo-terminal allocation.
773 screen-based programs on a remote machine, which can be very useful,
801 over the secure channel.
841 .Dq point-to-point .
849 This can also be specified on a per-host basis in a configuration file.
885 a per-user configuration file and a system-wide configuration file.
892 GSSAPI-based authentication,
893 host-based authentication,
895 keyboard-interactive authentication,
902 Host-based authentication works as follows:
907 on the remote machine, the user is non-root and the user names are
934 The scheme is based on public-key cryptography,
968 .Xr ssh-keygen 1 .
973 (authenticator-hosted ECDSA),
977 (authenticator-hosted Ed25519),
985 (authenticator-hosted ECDSA),
989 (authenticator-hosted Ed25519),
1013 .Xr ssh-keygen 1
1019 .Xr ssh-agent 1
1026 Keyboard-interactive authentication works as follows:
1030 Examples of keyboard-interactive authentication include
1035 .Pf non- Ox
1058 server spoofing or man-in-the-middle attacks,
1066 either executes the given command in a non-interactive session or,
1074 by default will only request a pseudo-terminal (pty) for interactive
1082 If a pseudo-terminal has been allocated, the
1085 If no pseudo-terminal has been allocated,
1094 When a pseudo-terminal has been requested,
1112 .Bl -tag -width Ds
1137 It also allows the cancellation of existing port-forwardings
1150 for dynamic port-forwardings.
1172 Forwarding of arbitrary TCP connections over a secure channel
1183 specifying the ports to be used to forward the connection.
1187 will encrypt and forward the connection to the remote server.
1192 joining channel
1197 .Bd -literal -offset 4n
1198 $ ssh -f -L 6667:localhost:6667 server.example.com sleep 10
1199 $ irc -c '#users' pinky IRC/127.0.0.1
1230 encrypted channel, and the connection to the real X server will be made
1247 connections over the encrypted channel.
1276 .Xr ssh-keygen 1 :
1278 .Dl $ ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key
1283 .Xr ssh-keygen 1
1308 .Dl $ ssh-keygen -lv -f ~/.ssh/known_hosts
1323 .Bd -literal -offset indent
1324 $ ssh-keygen -r host.example.com.
1330 .Dl $ dig -t SSHFP host.example.com
1333 .Bd -literal -offset indent
1334 $ ssh -o "VerifyHostKeyDNS ask" host.example.com
1345 .Sh SSH-BASED VIRTUAL PRIVATE NETWORKS
1350 network pseudo-device,
1360 with remote network 10.0.99.0/24 using a point-to-point connection
1366 .Bd -literal -offset indent
1367 # ssh -f -w 0:1 192.168.1.15 true
1373 .Bd -literal -offset indent
1392 .Dq forced-commands-only :
1393 .Bd -literal -offset 2n
1394 tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane
1395 tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john
1398 Since an SSH-based setup entails a fair amount of overhead,
1408 .Bl -tag -width "SSH_ORIGINAL_COMMAND"
1423 uses this special value to forward X11 connections over the secure
1424 channel.
1487 .Ux Ns -domain
1492 four space-separated values: client IP address, client port number,
1535 .Bl -tag -width Ds -compact
1537 This file is used for host-based authentication (see above).
1539 world-readable if the user's home directory is on an NFS partition,
1552 but allows host-based authentication without permitting login with
1556 This directory is the default location for all user-specific configuration
1572 This is the per-user configuration file.
1596 sensitive part of this file using AES-128.
1624 This file is for host-based authentication (see above).
1630 but allows host-based authentication without permitting login with
1642 and are used for host-based authentication.
1649 It should be world-readable.
1669 .Xr ssh-add 1 ,
1670 .Xr ssh-agent 1 ,
1671 .Xr ssh-keygen 1 ,
1672 .Xr ssh-keyscan 1 ,
1675 .Xr ssh-keysign 8 ,
1739 .%T The Secure Shell (SSH) Session Channel Break Extension
1764 .%T Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol
1787 .%O International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99)
1788 .%T Hash Visualization: a New Technique to improve Real-World Security
1795 removed many bugs, re-added newer features and