Lines Matching +full:com +full:- +full:offset

48 .Bl -enum -offset indent -compact
50 command-line options
55 system-wide configuration file
71 host-specific declarations should be given near the beginning of the
74 The file contains keyword-argument pairs, one per line.
95 keywords are case-insensitive and arguments are case-sensitive):
96 .Bl -tag -width Ds
169 keyword matches only when the configuration file is being re-parsed
178 keyword requests that the configuration be re-parsed (regardless of whether
208 and so caution should be applied if using it to control security-sensitive
211 The other keywords' criteria must be single entries or comma-separated
225 keyword matches against the hostname as it was specified on the command-line.
232 command-line using the
242 (this keyword may be useful in system-wide
247 .Xr ssh-agent 1 .
252 .Xr ssh-add 1 .
259 .Xr ssh-add 1
266 .Xr ssh-add 1 .
276 .Xr ssh-agent 1 ,
383 is a pattern-list of domains that may follow CNAMEs in canonicalization,
386 is a pattern-list of domains that they may resolve to.
389 .Qq *.a.example.com:*.b.example.com,*.c.example.com
391 .Qq *.a.example.com
393 .Qq *.b.example.com
395 .Qq *.c.example.com
406 .Bd -literal -offset indent
407 ssh-ed25519,ecdsa-sha2-nistp256,
408 ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
409 sk-ssh-ed25519@openssh.com,
410 sk-ecdsa-sha2-nistp256@openssh.com,
411 rsa-sha2-512,rsa-sha2-256
419 .Sq -
437 .Xr ssh-agent 1 ,
491 .Bl -tag -width Ds
492 .It Cm agent-connection
494 .Xr ssh-agent 1 .
495 .It Cm direct-tcpip , Cm direct-streamlocal@openssh.com
503 .It Cm forwarded-tcpip , Cm forwarded-streamlocal@openssh.com
516 .It Cm tun-connection
520 .It Cm x11-connection
553 Multiple ciphers must be comma-separated.
559 .Sq -
568 .Bd -literal -offset indent
569 3des-cbc
570 aes128-cbc
571 aes192-cbc
572 aes256-cbc
573 aes128-ctr
574 aes192-ctr
575 aes256-ctr
576 aes128-gcm@openssh.com
577 aes256-gcm@openssh.com
578 chacha20-poly1305@openssh.com
582 .Bd -literal -offset indent
583 chacha20-poly1305@openssh.com,
584 aes128-ctr,aes192-ctr,aes256-ctr,
585 aes128-gcm@openssh.com,aes256-gcm@openssh.com
589 .Qq ssh -Q cipher .
647 .Xr ssh-askpass 1 .
655 .Xr ssh-agent 1
707 .Qq ssh -O exit ) .
757 .Xr ssh-keysign 8
765 This option should be placed in the non-hostspecific section.
767 .Xr ssh-keysign 8
819 .Ic ssh -f host xterm ,
858 (for the agent's Unix-domain socket)
961 .Xr ssh-keygen 1 .
964 authentication as a comma-separated list of patterns.
970 .Sq -
978 .Bd -literal -offset 3n
979 ssh-ed25519-cert-v01@openssh.com,
980 ecdsa-sha2-nistp256-cert-v01@openssh.com,
981 ecdsa-sha2-nistp384-cert-v01@openssh.com,
982 ecdsa-sha2-nistp521-cert-v01@openssh.com,
983 sk-ssh-ed25519-cert-v01@openssh.com,
984 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
985 rsa-sha2-512-cert-v01@openssh.com,
986 rsa-sha2-256-cert-v01@openssh.com,
987 ssh-ed25519,
988 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
989 sk-ssh-ed25519@openssh.com,
990 sk-ecdsa-sha2-nistp256@openssh.com,
991 rsa-sha2-512,rsa-sha2-256
1016 .Sq -
1024 .Bd -literal -offset 3n
1025 ssh-ed25519-cert-v01@openssh.com,
1026 ecdsa-sha2-nistp256-cert-v01@openssh.com,
1027 ecdsa-sha2-nistp384-cert-v01@openssh.com,
1028 ecdsa-sha2-nistp521-cert-v01@openssh.com,
1029 sk-ssh-ed25519-cert-v01@openssh.com,
1030 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
1031 rsa-sha2-512-cert-v01@openssh.com,
1032 rsa-sha2-256-cert-v01@openssh.com,
1033 ssh-ed25519,
1034 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
1035 sk-ecdsa-sha2-nistp256@openssh.com,
1036 sk-ssh-ed25519@openssh.com,
1037 rsa-sha2-512,rsa-sha2-256
1044 .Qq ssh -Q HostKeyAlgorithms .
1072 command-line),
1074 .Xr ssh-agent 1
1085 This option is intended for situations where ssh-agent
1089 .Ux Ns -domain
1117 Specifies a file from which the user's ECDSA, authenticator-hosted ECDSA,
1118 Ed25519, authenticator-hosted Ed25519 or RSA authentication identity is read.
1121 .Xr ssh-agent 1
1139 .Pa -cert.pub
1171 Specifies a pattern-list of unknown options to be ignored if they are
1190 section and, for user configurations, shell-like
1207 Specifies the IPv4 type-of-service or DSCP class for connections.
1240 interactive sessions and the second for non-interactive sessions.
1243 (Low-Latency Data)
1247 for non-interactive sessions.
1249 Specifies whether to use keyboard-interactive authentication.
1258 Specifies the list of methods to use in keyboard-interactive authentication.
1259 Multiple method names must be comma-separated.
1272 Multiple algorithms must be comma-separated.
1279 .Sq -
1288 .Bd -literal -offset indent
1289 sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,
1290 mlkem768x25519-sha256,
1291 curve25519-sha256,curve25519-sha256@libssh.org,
1292 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
1293 diffie-hellman-group-exchange-sha256,
1294 diffie-hellman-group16-sha512,
1295 diffie-hellman-group18-sha512,
1296 diffie-hellman-group14-sha256
1300 .Qq ssh -Q kex .
1324 If the command exits abnormally or returns a non-zero exit status then the
1394 .Bd -literal -offset indent
1410 Multiple algorithms must be comma-separated.
1416 .Sq -
1425 .Qq -etm
1426 calculate the MAC after encryption (encrypt-then-mac).
1430 .Bd -literal -offset indent
1431 umac-64-etm@openssh.com,umac-128-etm@openssh.com,
1432 hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
1433 hmac-sha1-etm@openssh.com,
1434 umac-64@openssh.com,umac-128@openssh.com,
1435 hmac-sha2-256,hmac-sha2-512,hmac-sha1
1439 .Qq ssh -Q mac .
1454 should try to obscure inter-keystroke timings from passive observers of
1495 .Bl -item -offset indent -compact
1539 .Cm keyboard-interactive )
1543 .Bd -literal -offset indent
1544 gssapi-with-mic,hostbased,publickey,
1545 keyboard-interactive,password
1565 .Ic sshd -i
1582 .Bd -literal -offset 3n
1583 ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
1611 option - whichever is specified first will prevent later instances of the
1615 via the command-line or the configuration file) is not generally applied
1629 authentication as a comma-separated list of patterns.
1635 .Sq -
1643 .Bd -literal -offset 3n
1644 ssh-ed25519-cert-v01@openssh.com,
1645 ecdsa-sha2-nistp256-cert-v01@openssh.com,
1646 ecdsa-sha2-nistp384-cert-v01@openssh.com,
1647 ecdsa-sha2-nistp521-cert-v01@openssh.com,
1648 sk-ssh-ed25519-cert-v01@openssh.com,
1649 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
1650 rsa-sha2-512-cert-v01@openssh.com,
1651 rsa-sha2-256-cert-v01@openssh.com,
1652 ssh-ed25519,
1653 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
1654 sk-ssh-ed25519@openssh.com,
1655 sk-ecdsa-sha2-nistp256@openssh.com,
1656 rsa-sha2-512,rsa-sha2-256
1660 .Qq ssh -Q PubkeyAcceptedAlgorithms .
1669 .Cm host-bound .
1671 disabling or enabling the OpenSSH host-bound authentication protocol
1673 .Xr ssh-agent 1
1762 Specifies whether to request a pseudo-tty for the session.
1796 .Xr ssh-keygen 1 .
1798 .Xr ssh-keygen 1 .
1809 FIDO authenticator-hosted keys, overriding the default of using
1810 the built-in USB HID support.
1825 pseudo-terminal is requested as it is required by the protocol.
1844 .Pa - .
1922 used when creating a Unix-domain socket file for local or remote
1924 This option is only used for port forwarding to a Unix-domain socket file.
1926 The default value is 0177, which creates a Unix-domain socket file that is
1928 Note that not all operating systems honor the file mode on Unix-domain
1931 Specifies whether to remove an existing Unix-domain socket file for local
1937 will be unable to forward the port to the Unix-domain socket file.
1938 This option is only used for port forwarding to a Unix-domain socket file.
1952 This provides maximum protection against man-in-the-middle (MITM) attacks,
1961 .Cm accept-new
2007 for protocol-level keepalives.
2018 .Cm point-to-point
2028 .Cm point-to-point .
2095 .Qq hostkeys@openssh.com
2115 to ignore any user-specific known hosts files.
2162 consists of zero or more non-whitespace characters,
2176 would match any host in the 192.168.0.[0-9] network range:
2181 .Em pattern-list
2182 is a comma-separated list of patterns.
2183 Patterns within pattern-lists may be negated
2193 .Dl from=\&"!*.dialup.example.com,*.example.com\&"
2198 against the following pattern-list will fail:
2210 .Bl -tag -width XXXX -offset indent -compact
2270 .Cm ssh-ed25519 .
2339 .Bl -tag -width Ds
2341 This is the per-user configuration file.
2351 This file must be world-readable.
2356 .An -nosplit
2364 removed many bugs, re-added newer features and