1.\" -*- nroff -*- 2.\" 3.\" Author: Tatu Ylonen <ylo@cs.hut.fi> 4.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 5.\" All rights reserved 6.\" 7.\" As far as I am concerned, the code I have written for this software 8.\" can be used freely for any purpose. Any derived versions of this 9.\" software must be clearly marked as such, and if the derived work is 10.\" incompatible with the protocol description in the RFC file, it must be 11.\" called by a name other than "ssh" or "Secure Shell". 12.\" 13.\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. 14.\" Copyright (c) 1999 Aaron Campbell. All rights reserved. 15.\" Copyright (c) 1999 Theo de Raadt. All rights reserved. 16.\" 17.\" Redistribution and use in source and binary forms, with or without 18.\" modification, are permitted provided that the following conditions 19.\" are met: 20.\" 1. Redistributions of source code must retain the above copyright 21.\" notice, this list of conditions and the following disclaimer. 22.\" 2. Redistributions in binary form must reproduce the above copyright 23.\" notice, this list of conditions and the following disclaimer in the 24.\" documentation and/or other materials provided with the distribution. 25.\" 26.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 27.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 28.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 29.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 30.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 31.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 32.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 33.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 36.\" 37.\" $OpenBSD: ssh_config.5,v 1.76 2006/01/20 11:21:45 jmc Exp $ 38.\" $FreeBSD$ 39.Dd September 25, 1999 40.Dt SSH_CONFIG 5 41.Os 42.Sh NAME 43.Nm ssh_config 44.Nd OpenSSH SSH client configuration files 45.Sh SYNOPSIS 46.Bl -tag -width Ds -compact 47.It Pa ~/.ssh/config 48.It Pa /etc/ssh/ssh_config 49.El 50.Sh DESCRIPTION 51.Nm ssh 52obtains configuration data from the following sources in 53the following order: 54.Bl -enum -offset indent -compact 55.It 56command-line options 57.It 58user's configuration file 59.Pq Pa ~/.ssh/config 60.It 61system-wide configuration file 62.Pq Pa /etc/ssh/ssh_config 63.El 64.Pp 65For each parameter, the first obtained value 66will be used. 67The configuration files contain sections separated by 68.Dq Host 69specifications, and that section is only applied for hosts that 70match one of the patterns given in the specification. 71The matched host name is the one given on the command line. 72.Pp 73Since the first obtained value for each parameter is used, more 74host-specific declarations should be given near the beginning of the 75file, and general defaults at the end. 76.Pp 77The configuration file has the following format: 78.Pp 79Empty lines and lines starting with 80.Ql # 81are comments. 82.Pp 83Otherwise a line is of the format 84.Dq keyword arguments . 85Configuration options may be separated by whitespace or 86optional whitespace and exactly one 87.Ql = ; 88the latter format is useful to avoid the need to quote whitespace 89when specifying configuration options using the 90.Nm ssh , 91.Nm scp 92and 93.Nm sftp 94.Fl o 95option. 96.Pp 97The possible 98keywords and their meanings are as follows (note that 99keywords are case-insensitive and arguments are case-sensitive): 100.Bl -tag -width Ds 101.It Cm Host 102Restricts the following declarations (up to the next 103.Cm Host 104keyword) to be only for those hosts that match one of the patterns 105given after the keyword. 106.Ql \&* 107and 108.Ql \&? 109can be used as wildcards in the 110patterns. 111A single 112.Ql \&* 113as a pattern can be used to provide global 114defaults for all hosts. 115The host is the 116.Ar hostname 117argument given on the command line (i.e., the name is not converted to 118a canonicalized host name before matching). 119.It Cm AddressFamily 120Specifies which address family to use when connecting. 121Valid arguments are 122.Dq any , 123.Dq inet 124(use IPv4 only) or 125.Dq inet6 126(use IPv6 only). 127.It Cm BatchMode 128If set to 129.Dq yes , 130passphrase/password querying will be disabled. 131This option is useful in scripts and other batch jobs where no user 132is present to supply the password. 133The argument must be 134.Dq yes 135or 136.Dq no . 137The default is 138.Dq no . 139.It Cm BindAddress 140Use the specified address on the local machine as the source address of 141the connection. 142Only useful on systems with more than one address. 143Note that this option does not work if 144.Cm UsePrivilegedPort 145is set to 146.Dq yes . 147.It Cm ChallengeResponseAuthentication 148Specifies whether to use challenge response authentication. 149The argument to this keyword must be 150.Dq yes 151or 152.Dq no . 153The default is 154.Dq yes . 155.It Cm CheckHostIP 156If this flag is set to 157.Dq yes , 158ssh will additionally check the host IP address in the 159.Pa known_hosts 160file. 161This allows ssh to detect if a host key changed due to DNS spoofing. 162If the option is set to 163.Dq no , 164the check will not be executed. 165The default is 166.Dq no . 167.It Cm Cipher 168Specifies the cipher to use for encrypting the session 169in protocol version 1. 170Currently, 171.Dq blowfish , 172.Dq 3des , 173and 174.Dq des 175are supported. 176.Ar des 177is only supported in the 178.Nm ssh 179client for interoperability with legacy protocol 1 implementations 180that do not support the 181.Ar 3des 182cipher. 183Its use is strongly discouraged due to cryptographic weaknesses. 184The default is 185.Dq 3des . 186.It Cm Ciphers 187Specifies the ciphers allowed for protocol version 2 188in order of preference. 189Multiple ciphers must be comma-separated. 190The supported ciphers are 191.Dq 3des-cbc , 192.Dq aes128-cbc , 193.Dq aes192-cbc , 194.Dq aes256-cbc , 195.Dq aes128-ctr , 196.Dq aes192-ctr , 197.Dq aes256-ctr , 198.Dq arcfour128 , 199.Dq arcfour256 , 200.Dq arcfour , 201.Dq blowfish-cbc , 202and 203.Dq cast128-cbc . 204The default is 205.Bd -literal 206 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128, 207 arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr, 208 aes192-ctr,aes256-ctr'' 209.Ed 210.It Cm ClearAllForwardings 211Specifies that all local, remote and dynamic port forwardings 212specified in the configuration files or on the command line be 213cleared. 214This option is primarily useful when used from the 215.Nm ssh 216command line to clear port forwardings set in 217configuration files, and is automatically set by 218.Xr scp 1 219and 220.Xr sftp 1 . 221The argument must be 222.Dq yes 223or 224.Dq no . 225The default is 226.Dq no . 227.It Cm Compression 228Specifies whether to use compression. 229The argument must be 230.Dq yes 231or 232.Dq no . 233The default is 234.Dq no . 235.It Cm CompressionLevel 236Specifies the compression level to use if compression is enabled. 237The argument must be an integer from 1 (fast) to 9 (slow, best). 238The default level is 6, which is good for most applications. 239The meaning of the values is the same as in 240.Xr gzip 1 . 241Note that this option applies to protocol version 1 only. 242.It Cm ConnectionAttempts 243Specifies the number of tries (one per second) to make before exiting. 244The argument must be an integer. 245This may be useful in scripts if the connection sometimes fails. 246The default is 1. 247.It Cm ConnectTimeout 248Specifies the timeout (in seconds) used when connecting to the ssh 249server, instead of using the default system TCP timeout. 250This value is used only when the target is down or really unreachable, 251not when it refuses the connection. 252.It Cm ControlMaster 253Enables the sharing of multiple sessions over a single network connection. 254When set to 255.Dq yes 256.Nm ssh 257will listen for connections on a control socket specified using the 258.Cm ControlPath 259argument. 260Additional sessions can connect to this socket using the same 261.Cm ControlPath 262with 263.Cm ControlMaster 264set to 265.Dq no 266(the default). 267These sessions will try to reuse the master instance's network connection 268rather than initiating new ones, but will fall back to connecting normally 269if the control socket does not exist, or is not listening. 270.Pp 271Setting this to 272.Dq ask 273will cause 274.Nm ssh 275to listen for control connections, but require confirmation using the 276.Ev SSH_ASKPASS 277program before they are accepted (see 278.Xr ssh-add 1 279for details). 280If the 281.Cm ControlPath 282can not be opened, 283.Nm ssh 284will continue without connecting to a master instance. 285.Pp 286X11 and 287.Xr ssh-agent 1 288forwarding is supported over these multiplexed connections, however the 289display and agent forwarded will be the one belonging to the master 290connection i.e. it is not possible to forward multiple displays or agents. 291.Pp 292Two additional options allow for opportunistic multiplexing: try to use a 293master connection but fall back to creating a new one if one does not already 294exist. 295These options are: 296.Dq auto 297and 298.Dq autoask . 299The latter requires confirmation like the 300.Dq ask 301option. 302.It Cm ControlPath 303Specify the path to the control socket used for connection sharing as described 304in the 305.Cm ControlMaster 306section above or the string 307.Dq none 308to disable connection sharing. 309In the path, 310.Ql %h 311will be substituted by the target host name, 312.Ql %p 313the port and 314.Ql %r 315by the remote login username. 316It is recommended that any 317.Cm ControlPath 318used for opportunistic connection sharing include 319all three of these escape sequences. 320This ensures that shared connections are uniquely identified. 321.It Cm DynamicForward 322Specifies that a TCP port on the local machine be forwarded 323over the secure channel, and the application 324protocol is then used to determine where to connect to from the 325remote machine. 326.Pp 327The argument must be 328.Sm off 329.Oo Ar bind_address : Oc Ar port . 330.Sm on 331IPv6 addresses can be specified by enclosing addresses in square brackets or 332by using an alternative syntax: 333.Oo Ar bind_address Ns / Oc Ns Ar port . 334By default, the local port is bound in accordance with the 335.Cm GatewayPorts 336setting. 337However, an explicit 338.Ar bind_address 339may be used to bind the connection to a specific address. 340The 341.Ar bind_address 342of 343.Dq localhost 344indicates that the listening port be bound for local use only, while an 345empty address or 346.Sq * 347indicates that the port should be available from all interfaces. 348.Pp 349Currently the SOCKS4 and SOCKS5 protocols are supported, and 350.Nm ssh 351will act as a SOCKS server. 352Multiple forwardings may be specified, and 353additional forwardings can be given on the command line. 354Only the superuser can forward privileged ports. 355.It Cm EnableSSHKeysign 356Setting this option to 357.Dq yes 358in the global client configuration file 359.Pa /etc/ssh/ssh_config 360enables the use of the helper program 361.Xr ssh-keysign 8 362during 363.Cm HostbasedAuthentication . 364The argument must be 365.Dq yes 366or 367.Dq no . 368The default is 369.Dq no . 370This option should be placed in the non-hostspecific section. 371See 372.Xr ssh-keysign 8 373for more information. 374.It Cm EscapeChar 375Sets the escape character (default: 376.Ql ~ ) . 377The escape character can also 378be set on the command line. 379The argument should be a single character, 380.Ql ^ 381followed by a letter, or 382.Dq none 383to disable the escape 384character entirely (making the connection transparent for binary 385data). 386.It Cm ForwardAgent 387Specifies whether the connection to the authentication agent (if any) 388will be forwarded to the remote machine. 389The argument must be 390.Dq yes 391or 392.Dq no . 393The default is 394.Dq no . 395.Pp 396Agent forwarding should be enabled with caution. 397Users with the ability to bypass file permissions on the remote host 398(for the agent's Unix-domain socket) 399can access the local agent through the forwarded connection. 400An attacker cannot obtain key material from the agent, 401however they can perform operations on the keys that enable them to 402authenticate using the identities loaded into the agent. 403.It Cm ForwardX11 404Specifies whether X11 connections will be automatically redirected 405over the secure channel and 406.Ev DISPLAY 407set. 408The argument must be 409.Dq yes 410or 411.Dq no . 412The default is 413.Dq no . 414.Pp 415X11 forwarding should be enabled with caution. 416Users with the ability to bypass file permissions on the remote host 417(for the user's X11 authorization database) 418can access the local X11 display through the forwarded connection. 419An attacker may then be able to perform activities such as keystroke monitoring 420if the 421.Cm ForwardX11Trusted 422option is also enabled. 423.It Cm ForwardX11Trusted 424If this option is set to 425.Dq yes 426then remote X11 clients will have full access to the original X11 display. 427.Pp 428If this option is set to 429.Dq no 430then remote X11 clients will be considered untrusted and prevented 431from stealing or tampering with data belonging to trusted X11 432clients. 433Furthermore, the 434.Xr xauth 1 435token used for the session will be set to expire after 20 minutes. 436Remote clients will be refused access after this time. 437.Pp 438The default is 439.Dq no . 440.Pp 441See the X11 SECURITY extension specification for full details on 442the restrictions imposed on untrusted clients. 443.It Cm GatewayPorts 444Specifies whether remote hosts are allowed to connect to local 445forwarded ports. 446By default, 447.Nm ssh 448binds local port forwardings to the loopback address. 449This prevents other remote hosts from connecting to forwarded ports. 450.Cm GatewayPorts 451can be used to specify that 452.Nm ssh 453should bind local port forwardings to the wildcard address, 454thus allowing remote hosts to connect to forwarded ports. 455The argument must be 456.Dq yes 457or 458.Dq no . 459The default is 460.Dq no . 461.It Cm GlobalKnownHostsFile 462Specifies a file to use for the global 463host key database instead of 464.Pa /etc/ssh/ssh_known_hosts . 465.It Cm GSSAPIAuthentication 466Specifies whether user authentication based on GSSAPI is allowed. 467The default is 468.Dq no . 469Note that this option applies to protocol version 2 only. 470.It Cm GSSAPIDelegateCredentials 471Forward (delegate) credentials to the server. 472The default is 473.Dq no . 474Note that this option applies to protocol version 2 only. 475.It Cm HashKnownHosts 476Indicates that 477.Nm ssh 478should hash host names and addresses when they are added to 479.Pa ~/.ssh/known_hosts . 480These hashed names may be used normally by 481.Nm ssh 482and 483.Nm sshd , 484but they do not reveal identifying information should the file's contents 485be disclosed. 486The default is 487.Dq no . 488Note that hashing of names and addresses will not be retrospectively applied 489to existing known hosts files, but these may be manually hashed using 490.Xr ssh-keygen 1 . 491.It Cm HostbasedAuthentication 492Specifies whether to try rhosts based authentication with public key 493authentication. 494The argument must be 495.Dq yes 496or 497.Dq no . 498The default is 499.Dq no . 500This option applies to protocol version 2 only and 501is similar to 502.Cm RhostsRSAAuthentication . 503.It Cm HostKeyAlgorithms 504Specifies the protocol version 2 host key algorithms 505that the client wants to use in order of preference. 506The default for this option is: 507.Dq ssh-rsa,ssh-dss . 508.It Cm HostKeyAlias 509Specifies an alias that should be used instead of the 510real host name when looking up or saving the host key 511in the host key database files. 512This option is useful for tunneling ssh connections 513or for multiple servers running on a single host. 514.It Cm HostName 515Specifies the real host name to log into. 516This can be used to specify nicknames or abbreviations for hosts. 517Default is the name given on the command line. 518Numeric IP addresses are also permitted (both on the command line and in 519.Cm HostName 520specifications). 521.It Cm IdentitiesOnly 522Specifies that 523.Nm ssh 524should only use the authentication identity files configured in the 525.Nm 526files, 527even if the 528.Nm ssh-agent 529offers more identities. 530The argument to this keyword must be 531.Dq yes 532or 533.Dq no . 534This option is intended for situations where 535.Nm ssh-agent 536offers many different identities. 537The default is 538.Dq no . 539.It Cm IdentityFile 540Specifies a file from which the user's RSA or DSA authentication identity 541is read. 542The default is 543.Pa ~/.ssh/identity 544for protocol version 1, and 545.Pa ~/.ssh/id_rsa 546and 547.Pa ~/.ssh/id_dsa 548for protocol version 2. 549Additionally, any identities represented by the authentication agent 550will be used for authentication. 551The file name may use the tilde 552syntax to refer to a user's home directory. 553It is possible to have 554multiple identity files specified in configuration files; all these 555identities will be tried in sequence. 556.It Cm KbdInteractiveDevices 557Specifies the list of methods to use in keyboard-interactive authentication. 558Multiple method names must be comma-separated. 559The default is to use the server specified list. 560.It Cm LocalCommand 561Specifies a command to execute on the local machine after successfully 562connecting to the server. 563The command string extends to the end of the line, and is executed with 564.Pa /bin/sh . 565This directive is ignored unless 566.Cm PermitLocalCommand 567has been enabled. 568.It Cm LocalForward 569Specifies that a TCP port on the local machine be forwarded over 570the secure channel to the specified host and port from the remote machine. 571The first argument must be 572.Sm off 573.Oo Ar bind_address : Oc Ar port 574.Sm on 575and the second argument must be 576.Ar host : Ns Ar hostport . 577IPv6 addresses can be specified by enclosing addresses in square brackets or 578by using an alternative syntax: 579.Oo Ar bind_address Ns / Oc Ns Ar port 580and 581.Ar host Ns / Ns Ar hostport . 582Multiple forwardings may be specified, and additional forwardings can be 583given on the command line. 584Only the superuser can forward privileged ports. 585By default, the local port is bound in accordance with the 586.Cm GatewayPorts 587setting. 588However, an explicit 589.Ar bind_address 590may be used to bind the connection to a specific address. 591The 592.Ar bind_address 593of 594.Dq localhost 595indicates that the listening port be bound for local use only, while an 596empty address or 597.Sq * 598indicates that the port should be available from all interfaces. 599.It Cm LogLevel 600Gives the verbosity level that is used when logging messages from 601.Nm ssh . 602The possible values are: 603QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3. 604The default is INFO. 605DEBUG and DEBUG1 are equivalent. 606DEBUG2 and DEBUG3 each specify higher levels of verbose output. 607.It Cm MACs 608Specifies the MAC (message authentication code) algorithms 609in order of preference. 610The MAC algorithm is used in protocol version 2 611for data integrity protection. 612Multiple algorithms must be comma-separated. 613The default is 614.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 . 615.It Cm NoHostAuthenticationForLocalhost 616This option can be used if the home directory is shared across machines. 617In this case localhost will refer to a different machine on each of 618the machines and the user will get many warnings about changed host keys. 619However, this option disables host authentication for localhost. 620The argument to this keyword must be 621.Dq yes 622or 623.Dq no . 624The default is to check the host key for localhost. 625.It Cm NumberOfPasswordPrompts 626Specifies the number of password prompts before giving up. 627The argument to this keyword must be an integer. 628Default is 3. 629.It Cm PasswordAuthentication 630Specifies whether to use password authentication. 631The argument to this keyword must be 632.Dq yes 633or 634.Dq no . 635The default is 636.Dq yes . 637.It Cm PermitLocalCommand 638Allow local command execution via the 639.Ic LocalCommand 640option or using the 641.Ic !\& Ns Ar command 642escape sequence in 643.Xr ssh 1 . 644The argument must be 645.Dq yes 646or 647.Dq no . 648The default is 649.Dq no . 650.It Cm Port 651Specifies the port number to connect on the remote host. 652Default is 22. 653.It Cm PreferredAuthentications 654Specifies the order in which the client should try protocol 2 655authentication methods. 656This allows a client to prefer one method (e.g.\& 657.Cm keyboard-interactive ) 658over another method (e.g.\& 659.Cm password ) 660The default for this option is: 661.Dq hostbased,publickey,keyboard-interactive,password . 662.It Cm Protocol 663Specifies the protocol versions 664.Nm ssh 665should support in order of preference. 666The possible values are 667.Dq 1 668and 669.Dq 2 . 670Multiple versions must be comma-separated. 671The default is 672.Dq 2,1 . 673This means that 674.Nm ssh 675tries version 2 and falls back to version 1 676if version 2 is not available. 677.It Cm ProxyCommand 678Specifies the command to use to connect to the server. 679The command 680string extends to the end of the line, and is executed with 681.Pa /bin/sh . 682In the command string, 683.Ql %h 684will be substituted by the host name to 685connect and 686.Ql %p 687by the port. 688The command can be basically anything, 689and should read from its standard input and write to its standard output. 690It should eventually connect an 691.Xr sshd 8 692server running on some machine, or execute 693.Ic sshd -i 694somewhere. 695Host key management will be done using the 696HostName of the host being connected (defaulting to the name typed by 697the user). 698Setting the command to 699.Dq none 700disables this option entirely. 701Note that 702.Cm CheckHostIP 703is not available for connects with a proxy command. 704.Pp 705This directive is useful in conjunction with 706.Xr nc 1 707and its proxy support. 708For example, the following directive would connect via an HTTP proxy at 709192.0.2.0: 710.Bd -literal -offset 3n 711ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p 712.Ed 713.It Cm PubkeyAuthentication 714Specifies whether to try public key authentication. 715The argument to this keyword must be 716.Dq yes 717or 718.Dq no . 719The default is 720.Dq yes . 721This option applies to protocol version 2 only. 722.It Cm RekeyLimit 723Specifies the maximum amount of data that may be transmitted before the 724session key is renegotiated. 725The argument is the number of bytes, with an optional suffix of 726.Sq K , 727.Sq M , 728or 729.Sq G 730to indicate Kilobytes, Megabytes, or Gigabytes, respectively. 731The default is between 732.Dq 1G 733and 734.Dq 4G , 735depending on the cipher. 736This option applies to protocol version 2 only. 737.It Cm RemoteForward 738Specifies that a TCP port on the remote machine be forwarded over 739the secure channel to the specified host and port from the local machine. 740The first argument must be 741.Sm off 742.Oo Ar bind_address : Oc Ar port 743.Sm on 744and the second argument must be 745.Ar host : Ns Ar hostport . 746IPv6 addresses can be specified by enclosing addresses in square brackets 747or by using an alternative syntax: 748.Oo Ar bind_address Ns / Oc Ns Ar port 749and 750.Ar host Ns / Ns Ar hostport . 751Multiple forwardings may be specified, and additional 752forwardings can be given on the command line. 753Only the superuser can forward privileged ports. 754.Pp 755If the 756.Ar bind_address 757is not specified, the default is to only bind to loopback addresses. 758If the 759.Ar bind_address 760is 761.Ql * 762or an empty string, then the forwarding is requested to listen on all 763interfaces. 764Specifying a remote 765.Ar bind_address 766will only succeed if the server's 767.Cm GatewayPorts 768option is enabled (see 769.Xr sshd_config 5 ) . 770.It Cm RhostsRSAAuthentication 771Specifies whether to try rhosts based authentication with RSA host 772authentication. 773The argument must be 774.Dq yes 775or 776.Dq no . 777The default is 778.Dq no . 779This option applies to protocol version 1 only and requires 780.Nm ssh 781to be setuid root. 782.It Cm RSAAuthentication 783Specifies whether to try RSA authentication. 784The argument to this keyword must be 785.Dq yes 786or 787.Dq no . 788RSA authentication will only be 789attempted if the identity file exists, or an authentication agent is 790running. 791The default is 792.Dq yes . 793Note that this option applies to protocol version 1 only. 794.It Cm SendEnv 795Specifies what variables from the local 796.Xr environ 7 797should be sent to the server. 798Note that environment passing is only supported for protocol 2, the 799server must also support it, and the server must be configured to 800accept these environment variables. 801Refer to 802.Cm AcceptEnv 803in 804.Xr sshd_config 5 805for how to configure the server. 806Variables are specified by name, which may contain the wildcard characters 807.Ql \&* 808and 809.Ql \&? . 810Multiple environment variables may be separated by whitespace or spread 811across multiple 812.Cm SendEnv 813directives. 814The default is not to send any environment variables. 815.It Cm ServerAliveCountMax 816Sets the number of server alive messages (see below) which may be 817sent without 818.Nm ssh 819receiving any messages back from the server. 820If this threshold is reached while server alive messages are being sent, 821.Nm ssh 822will disconnect from the server, terminating the session. 823It is important to note that the use of server alive messages is very 824different from 825.Cm TCPKeepAlive 826(below). 827The server alive messages are sent through the encrypted channel 828and therefore will not be spoofable. 829The TCP keepalive option enabled by 830.Cm TCPKeepAlive 831is spoofable. 832The server alive mechanism is valuable when the client or 833server depend on knowing when a connection has become inactive. 834.Pp 835The default value is 3. 836If, for example, 837.Cm ServerAliveInterval 838(see below) is set to 15, and 839.Cm ServerAliveCountMax 840is left at the default, if the server becomes unresponsive ssh 841will disconnect after approximately 45 seconds. 842.It Cm ServerAliveInterval 843Sets a timeout interval in seconds after which if no data has been received 844from the server, 845.Nm ssh 846will send a message through the encrypted 847channel to request a response from the server. 848The default 849is 0, indicating that these messages will not be sent to the server. 850This option applies to protocol version 2 only. 851.It Cm SmartcardDevice 852Specifies which smartcard device to use. 853The argument to this keyword is the device 854.Nm ssh 855should use to communicate with a smartcard used for storing the user's 856private RSA key. 857By default, no device is specified and smartcard support is not activated. 858.It Cm StrictHostKeyChecking 859If this flag is set to 860.Dq yes , 861.Nm ssh 862will never automatically add host keys to the 863.Pa ~/.ssh/known_hosts 864file, and refuses to connect to hosts whose host key has changed. 865This provides maximum protection against trojan horse attacks, 866however, can be annoying when the 867.Pa /etc/ssh/ssh_known_hosts 868file is poorly maintained, or connections to new hosts are 869frequently made. 870This option forces the user to manually 871add all new hosts. 872If this flag is set to 873.Dq no , 874.Nm ssh 875will automatically add new host keys to the 876user known hosts files. 877If this flag is set to 878.Dq ask , 879new host keys 880will be added to the user known host files only after the user 881has confirmed that is what they really want to do, and 882.Nm ssh 883will refuse to connect to hosts whose host key has changed. 884The host keys of 885known hosts will be verified automatically in all cases. 886The argument must be 887.Dq yes , 888.Dq no 889or 890.Dq ask . 891The default is 892.Dq ask . 893.It Cm TCPKeepAlive 894Specifies whether the system should send TCP keepalive messages to the 895other side. 896If they are sent, death of the connection or crash of one 897of the machines will be properly noticed. 898However, this means that 899connections will die if the route is down temporarily, and some people 900find it annoying. 901.Pp 902The default is 903.Dq yes 904(to send TCP keepalive messages), and the client will notice 905if the network goes down or the remote host dies. 906This is important in scripts, and many users want it too. 907.Pp 908To disable TCP keepalive messages, the value should be set to 909.Dq no . 910.It Cm Tunnel 911Request starting 912.Xr tun 4 913device forwarding between the client and the server. 914This option also allows requesting layer 2 (ethernet) 915instead of layer 3 (point-to-point) tunneling from the server. 916The argument must be 917.Dq yes , 918.Dq point-to-point , 919.Dq ethernet 920or 921.Dq no . 922The default is 923.Dq no . 924.It Cm TunnelDevice 925Force a specified 926.Xr tun 4 927device on the client. 928Without this option, the next available device will be used. 929.It Cm UsePrivilegedPort 930Specifies whether to use a privileged port for outgoing connections. 931The argument must be 932.Dq yes 933or 934.Dq no . 935The default is 936.Dq no . 937If set to 938.Dq yes 939.Nm ssh 940must be setuid root. 941Note that this option must be set to 942.Dq yes 943for 944.Cm RhostsRSAAuthentication 945with older servers. 946.It Cm User 947Specifies the user to log in as. 948This can be useful when a different user name is used on different machines. 949This saves the trouble of 950having to remember to give the user name on the command line. 951.It Cm UserKnownHostsFile 952Specifies a file to use for the user 953host key database instead of 954.Pa ~/.ssh/known_hosts . 955.It Cm VerifyHostKeyDNS 956Specifies whether to verify the remote key using DNS and SSHFP resource 957records. 958If this option is set to 959.Dq yes , 960the client will implicitly trust keys that match a secure fingerprint 961from DNS. 962Insecure fingerprints will be handled as if this option was set to 963.Dq ask . 964If this option is set to 965.Dq ask , 966information on fingerprint match will be displayed, but the user will still 967need to confirm new host keys according to the 968.Cm StrictHostKeyChecking 969option. 970The argument must be 971.Dq yes , 972.Dq no 973or 974.Dq ask . 975The default is 976.Dq no . 977Note that this option applies to protocol version 2 only. 978.It Cm VersionAddendum 979Specifies a string to append to the regular version string to identify 980OS- or site-specific modifications. 981The default is 982.Dq FreeBSD-20060322 . 983.It Cm XAuthLocation 984Specifies the full pathname of the 985.Xr xauth 1 986program. 987The default is 988.Pa /usr/X11R6/bin/xauth . 989.El 990.Sh FILES 991.Bl -tag -width Ds 992.It Pa ~/.ssh/config 993This is the per-user configuration file. 994The format of this file is described above. 995This file is used by the 996.Nm ssh 997client. 998Because of the potential for abuse, this file must have strict permissions: 999read/write for the user, and not accessible by others. 1000.It Pa /etc/ssh/ssh_config 1001Systemwide configuration file. 1002This file provides defaults for those 1003values that are not specified in the user's configuration file, and 1004for those users who do not have a configuration file. 1005This file must be world-readable. 1006.El 1007.Sh SEE ALSO 1008.Xr ssh 1 1009.Sh AUTHORS 1010OpenSSH is a derivative of the original and free 1011ssh 1.2.12 release by Tatu Ylonen. 1012Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, 1013Theo de Raadt and Dug Song 1014removed many bugs, re-added newer features and 1015created OpenSSH. 1016Markus Friedl contributed the support for SSH 1017protocol versions 1.5 and 2.0. 1018