Lines Matching full:be
7 .\" can be used freely for any purpose. Any derived versions of this
8 .\" software must be clearly marked as such, and if the derived work is
9 .\" incompatible with the protocol description in the RFC file, it must be
28 .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
60 will be used.
71 host-specific declarations should be given near the beginning of the
78 Arguments may optionally be enclosed in double quotes
81 Configuration options may be separated by whitespace or
102 keyword) to be only for those hosts that match one of the patterns
104 If more than one pattern is provided, they should be separated by whitespace.
107 as a pattern can be used to provide global
116 A pattern entry may be negated by prefixing it with an exclamation mark
133 keyword) to be used only when the conditions following the
157 Other criteria may be combined arbitrarily.
164 Criteria may be negated by prepending an exclamation mark
173 This may be useful to specify conditions that work with canonical host
178 keyword requests that the configuration be re-parsed (regardless of whether
193 Commands containing whitespace characters must be quoted.
204 This may be convenient for varying the effective configuration on devices that
208 and so caution should be applied if using it to control security-sensitive
211 The other keywords' criteria must be single entries or comma-separated
242 (this keyword may be useful in system-wide
246 Specifies whether keys should be automatically added to a running
263 each use of the key must be confirmed, as if the
270 Alternately, this option may be specified as a time interval
277 after which it will automatically be removed.
278 The argument must be
299 will be disabled.
303 The argument must be
332 is enabled and the target hostname cannot be found in any of the domains
377 Specifies rules to determine whether CNAMEs should be followed when
392 to be canonicalized to names in the
400 causes no CNAMEs to be considered for canonicalization.
416 character, then the specified algorithms will be appended to the default set
420 character, then the specified algorithms (including wildcards) will be removed
428 A corresponding private key must be provided separately in order
453 configuration files; these certificates will be tried in sequence.
466 must be the special keyword
486 expires then all open channels will be closed.
487 Note that this global timeout is not matched by wildcards and must be
550 the check will not be executed.
553 Multiple ciphers must be comma-separated.
556 character, then the specified ciphers will be appended to the default set
560 character, then the specified ciphers (including wildcards) will be removed
564 character, then the specified ciphers will be placed at the head of the
588 The list of available ciphers may also be obtained using
592 specified in the configuration files or on the command line be
601 The argument must be
608 The argument must be
615 The argument must be an integer.
616 This may be useful in scripts if the connection sometimes fails.
650 cannot be opened,
657 display and agent forwarded will be the one belonging to the master
688 at least %h, %p, and %r (or alternatively %C) and be placed in a directory
700 then the master connection will not be placed into the background,
714 Specifies that a TCP port on the local machine be forwarded
719 The argument must be
723 IPv6 addresses can be specified by enclosing addresses in square brackets.
729 may be used to bind the connection to a specific address.
734 indicates that the listening port be bound for local use only, while an
737 indicates that the port should be available from all interfaces.
742 Multiple forwardings may be specified, and
743 additional forwardings can be given on the command line.
760 The argument must be
765 This option should be placed in the non-hostspecific section.
774 The argument should be a single character,
793 The argument must be
835 will wait for all remote port forwards to be successfully established
837 The argument to this keyword must be
846 will be forwarded to the remote machine.
847 The argument may be
856 Agent forwarding should be enabled with caution.
864 Specifies whether X11 connections will be automatically redirected
868 The argument must be
874 X11 forwarding should be enabled with caution.
878 An attacker may then be able to perform activities such as keystroke monitoring
890 after this time will be refused.
905 remote X11 clients will be considered untrusted and prevented
910 token used for the session will be set to expire after 20 minutes.
911 Remote clients will be refused access after this time.
923 can be used to specify that ssh
926 The argument must be
950 These hashed names may be used normally by
959 will not be converted automatically,
960 but may be manually hashed using
963 Specifies the signature algorithms that will be used for hostbased
967 character, then the specified signature algorithms will be appended
972 will be removed from the default set instead of replacing them.
975 character, then the specified signature algorithms will be placed
998 may be used to list supported signature algorithms.
1003 The argument must be
1013 character, then the specified signature algorithms will be appended to
1018 will be removed from the default set instead of replacing them.
1021 character, then the specified signature algorithms will be placed
1043 The list of available signature algorithms may also be obtained using
1046 Specifies an alias that should be used instead of the
1053 This can be used to specify nicknames or abbreviations for hosts.
1080 The argument to this keyword must be
1094 environment variable and can be used to select a specific agent.
1100 is specified, the location of the socket will be read from the
1105 character, then it will be treated as an environment variable containing
1131 will be used for authentication unless
1151 may be used to indicate no identity files should be loaded.
1155 identities will be tried in sequence.
1162 may be used in conjunction with
1166 may also be used in conjunction with
1171 Specifies a pattern-list of unknown options to be ignored if they are
1173 This may be used to suppress errors if
1179 be listed early in the configuration file as it will not be applied
1183 Multiple pathnames may be specified and each pathname may contain
1193 Wildcards will be expanded and processed in lexical order.
1194 Files without absolute paths are assumed to be in
1250 The argument to this keyword must be
1259 Multiple method names must be comma-separated.
1263 it may be zero or more of:
1268 Specifies the permitted KEX (Key Exchange) algorithms that will be used and
1270 The selected algorithm will be the first algorithm in this list that
1272 Multiple algorithms must be comma-separated.
1276 character, then the specified algorithms will be appended to the default set
1280 character, then the specified algorithms (including wildcards) will be removed
1284 character, then the specified algorithms will be placed at the head of the
1299 The list of supported key exchange algorithms may also be obtained using
1318 The command may be invoked multiple times per connection: once when preparing
1341 It should not be used for interactive commands.
1347 Specifies that a TCP port on the local machine be forwarded over
1349 The first argument specifies the listener and may be
1354 The second argument is the destination and may be
1358 IPv6 addresses can be specified by enclosing addresses in square brackets.
1359 Multiple forwardings may be specified, and additional forwardings can be
1367 may be used to bind the connection to a specific address.
1372 indicates that the listening port be bound for local use only, while an
1375 indicates that the port should be available from all interfaces.
1410 Multiple algorithms must be comma-separated.
1413 character, then the specified algorithms will be appended to the default set
1417 character, then the specified algorithms (including wildcards) will be removed
1421 character, then the specified algorithms will be placed at the head of the
1438 The list of available MAC algorithms may also be obtained using
1442 The argument to this keyword must be
1449 The argument to this keyword must be an integer.
1460 The argument to this keyword must be
1472 The argument to this keyword must be
1484 The argument must be
1493 The forwarding specification must be one of the following forms:
1513 Multiple forwards may be specified by separating them with whitespace.
1516 can be used to remove all restrictions and permit any forwarding requests.
1519 can be used to prohibit all forwarding requests.
1522 can be used for host or port to allow all hosts or ports respectively.
1528 to indicate that no provider should be used (the default).
1560 The command can be basically anything,
1567 Host key management will be done using the
1595 Multiple proxies may be separated by comma characters and will be visited
1618 should be used if specific configuration is required for jump hosts.
1628 Specifies the signature algorithms that will be used for public key
1632 character, then the algorithms after it will be appended to the default
1636 character, then the specified algorithms (including wildcards) will be removed
1640 character, then the specified algorithms will be placed at the head of the
1659 The list of available signature algorithms may also be obtained using
1663 The argument to this keyword must be
1676 Specifies the maximum amount of data that may be transmitted or received
1710 Specifies that a TCP port on the remote machine be forwarded over
1712 The remote port may either be forwarded to a specified host and port
1715 The first argument is the listening specification and may be
1720 If forwarding to a specific destination then the second argument must be
1724 will be established as a SOCKS proxy.
1725 When acting as a SOCKS proxy, the destination of the connection can be
1729 IPv6 addresses can be specified by enclosing addresses in square brackets.
1730 Multiple forwardings may be specified, and additional
1731 forwardings can be given on the command line.
1732 Privileged ports can be forwarded only when
1743 the listen port will be dynamically allocated on the server and reported
1763 The argument may be one of:
1782 User authentication keys smaller than this limit will be ignored.
1784 connection to be terminated.
1788 Note that this limit may only be raised from the default.
1791 Keys listed in this file will be refused for host authentication.
1793 then host authentication will be refused for all hosts.
1794 Keys may be specified as a text file, listing one public key per line, or as
1808 Specifies a path to a library that will be used when loading any
1814 character, then it will be treated as an environment variable containing
1819 should be sent to the server.
1820 The server must also support it, and the server must be configured to
1832 Multiple environment variables may be separated by whitespace or spread
1847 Sets the number of server alive messages (see below) which may be
1858 and therefore will not be spoofable.
1879 is 0, indicating that these messages will not be sent to the server.
1881 May be used to either request invocation of a subsystem on the remote system,
1884 The argument to this keyword must be
1902 variable, the server must be prepared to accept the environment variable.
1909 option must be used when
1912 The argument to this keyword must be
1937 will be unable to forward the port to the Unix-domain socket file.
1940 The argument must be
1953 though it can be annoying when the
1977 will be added to the user known host files only after the user
1981 known hosts will be verified automatically in all cases.
1992 of the machines will be properly noticed.
2003 To disable TCP keepalive messages, the value should be set to
2009 Specify a configuration tag name that may be later used by a
2016 The argument must be
2037 The argument must be
2041 The devices may be specified by numerical ID or the keyword
2056 The argument must be
2080 will be set to
2090 and will be disabled if it is enabled.
2099 This can be useful when a different user name is used on different machines.
2126 Insecure fingerprints will be handled as if this option was set to
2130 information on fingerprint match will be displayed, but the user will still
2151 only the fingerprint string will be printed for unknown host keys.
2171 the following pattern could be used:
2183 Patterns within pattern-lists may be negated
2187 to allow a key to be used from anywhere within an organization
2191 the following entry (in authorized_keys) could be used:
2314 Arguments to some keywords can be expanded at runtime from environment
2320 If a specified environment variable does not exist then an error will be
2321 returned and the setting for that keyword will be ignored.
2351 This file must be world-readable.