123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355 |
- .TH SSH 1
- .SH NAME
- ssh, sshnet, scp, sshserve, ssh_genkey \- secure login and file copy from/to Unix or Plan 9
- .SH SYNOPSIS
- .B ssh
- [
- .B -CfiImPpRrw
- ]
- [
- .B -A
- .I authlist
- ]
- [
- .B -c
- .I cipherlist
- ]
- [
- .B -[lu]
- .I user
- ]
- .RI [ user\fB@ ] host
- [
- .I cmd
- [
- .I args
- \&... ]]
- .PP
- .B sshnet
- [
- .B -A
- .I authlist
- ]
- [
- .B -c
- .I cipherlist
- ]
- [
- .B -m
- .I mtpt
- ]
- [
- .B -s
- .I service
- ]
- .RI [ user\fB@ ] host
- .PP
- .B scp
- [host:]file [host:]file
- .br
- .B scp
- [host:]file ... [host:]dir
- .PP
- .B aux/sshserve
- [
- .B -p
- ]
- .I address
- .PP
- .B aux/ssh_genkey
- [
- .I basename
- ]
- .SH DESCRIPTION
- .I Ssh
- allows authenticated login over an encrypted channel to hosts that
- support the ssh protocol (see the RFC listed below for encryption and
- authentication details).
- .LP
- .I Ssh
- takes the host name of the machine to connect to as its mandatory argument.
- It may be specified as a domain name or an IP address.
- Normally, login is attempted using the user name from /dev/user.
- .PP
- Command-line options are:
- .TP
- .B -C
- force input to be read in cooked mode:
- ``line at a time'' with local echo.
- .TP
- .B -f
- enable agent forwarding.
- With this flag,
- .I ssh
- uses SSH's agent forwarding protocol to allow
- programs running on the remote server to
- interact with
- .IR factotum (4)
- to perform RSA authentication.
- .TP
- .B -i
- force interactive mode.
- In interactive mode,
- .I ssh
- prompts for passwords and confirmations of
- new host keys when necessary.
- (In non-interactive mode, password requests
- are rejected and unrecognized host keys are
- cause for disconnecting.)
- By default,
- .I ssh
- runs in interactive mode only when its
- input file descriptor is
- .BR /dev/cons .
- .TP
- .B -I
- force non-interactive mode.
- .TP
- .B -m
- disable the
- .RB control- \e
- menu, described below.
- .TP
- .B -p
- force pseudoterminal request.
- The
- .I ssh
- protocol, grounded in Unix tradition,
- differentiates between connections
- that request controlling pseudoterminals
- and those that do not.
- By default,
- .I ssh
- requests a pseudoterminal only when no
- .I command
- is given.
- .TP
- .B -P
- force no pseudoterminal request.
- .TP
- .B -r
- strip carriage returns.
- .TP
- .B -R
- put the allocated pseudoterminal, if any, in raw mode.
- .TP
- .B -w
- notify the remote side whenever the window changes size.
- .TP
- .BR - [ lu ] "\fI user
- specify user name.
- This option is deprecated in favor of the
- .IB user @ hostname
- syntax.
- .TP
- .B "-A\fI authlist
- specify an ordered space-separated list of authentication protocols to try.
- The full set of authentication protocols is
- .B rsa
- (RSA using
- .IR factotum (4)
- to moderate key usage),
- .B password
- (use a password gathered from factotum),
- and
- .B tis
- (challenge-response).
- The default list is all three in that order.
- .TP
- .B "-c\fI cipherlist
- specify an ordered space-separated list of allowed ciphers to use when encrypting the channel.
- The full set of ciphers is
- .B des
- (standard DES),
- .B 3des
- (a somewhat doubtful variation on triple DES),
- .B blowfish
- (Bruce Schneier's Blowfish),
- .B rc4
- (RC4),
- and
- .B none
- (no encryption).
- The default cipher list is
- .B blowfish
- .B rc4
- .BR 3des .
- .PD
- .PP
- The
- .RB control\- \e
- character is a local escape, as in
- .IR con (1).
- It prompts with
- .BR >>> .
- Legitimate responses to the prompt are
- .TP
- .B q
- Exit.
- .TP
- .B .
- Return from the escape.
- .TP
- .B !cmd
- Run the command with the network connection as its
- standard input and standard output.
- Standard error will go to the screen.
- .TP
- .B r
- Toggle printing of carriage returns.
- .PD
- .LP
- If no command is specified,
- a login session is started on the remote
- host.
- Otherwise, the command is executed with its arguments.
- .LP
- .I Ssh
- establishes a connection with an ssh daemon on the remote host.
- The daemon sends to
- .I ssh
- its RSA public host key and session key.
- Using these,
- .I ssh
- sends a session key which, presumably, only the
- daemon can decipher. After this, both sides start encrypting their
- data with this session key.
- .LP
- When the daemon's host key has been received,
- .I ssh
- looks it up in
- .B $home/lib/keyring
- and in
- .BR /sys/lib/ssh/keyring .
- If
- the key is found there, and it matches the received key,
- .I ssh
- is satisfied. If not,
- .I ssh
- reports this and offers to add the key to
- .BR $home/lib/keyring .
- .LP
- Over the encrypted channel,
- .I ssh
- attempts to convince the daemon to accept the call
- using the listed authentication protocols
- (see the
- .B -A
- option above).
- .LP
- The preferred way to authenticate is a
- .IR netkey -style
- challenge/response or via a SecurID token.
- .I Ssh
- users on other systems than Plan 9 should enable \s-2TIS_A\s0uthentication.
- .LP
- When the connection is authenticated, the given command line,
- (by default, a login shell) is executed on the remote host.
- .sp 1
- The SSH protocol allows clients to make outgoing TCP calls via the server.
- .I Sshnet
- establishes an SSH connection and, rather than execute a remote command,
- presents the remote server's TCP stack as a network stack
- (see the discussion of TCP in
- .IR ip (3))
- mounted at
- .I mtpt
- (default
- .BR /net ),
- optionally posting a 9P service
- descriptor for the new file system as
- .IB /srv/ service \fR.
- The
- .B -A
- and
- .B -c
- arguments are as in
- .IR ssh .
- .sp 1
- .I Scp
- uses
- .I ssh
- to copy files from one host to another. A remote file is identified by
- a host name, a colon and a file name (no spaces).
- .I Scp
- can copy files from remote hosts and to remote hosts.
- .sp 1
- .I Sshserve
- is the server that services
- .I ssh
- calls from remote hosts.
- The
- .B -A
- and
- .B -c
- options set valid authentication methods and ciphers
- as in
- .IR ssh ,
- except that there is no
- .B rsa
- authentication method.
- Unlike in
- .IR ssh ,
- the list is not ordered: the server presents a set and the client makes the choice.
- The default sets are
- .B tis
- and
- .B blowfish
- .B rc4
- .BR 3des .
- By default, users start with the namespace defined in
- .BR /lib/namespace .
- Users in group
- .B noworld
- in
- .B /adm/users
- start with the namespace defined in
- .BR /lib/namespace.noworld .
- .I Sshserve
- does not provide the TCP forwarding functionality used
- by
- .IR sshnet ,
- because many Unix clients present
- this capability in an insecure manner.
- .PP
- .I Ssh_genkey
- generates an RSA key set, writing the
- private key to
- .IB basename .secret
- and the public key to
- .IB basename .public\fR.
- .I Ssh_genkey
- also writes
- a secret key in the style expected by factotum
- to
- .IB basename .secret.factotum\fR.
- The default
- .B basename
- is
- .BR /sys/lib/ssh/hostkey ,
- so running it with no arguments
- will generate an RSA key set
- for the file server in use.
- .SH FILES
- .TF /sys/lib/ssh/hostkey.public
- .TP
- .B /sys/lib/ssh/hostkey.public
- Public key for the host on which the program runs.
- .TP
- .B /sys/lib/ssh/hostkey.secret
- Secret key for the host on which the program runs. This file must
- be owned and be readable by bootes only.
- .TP
- .B /sys/lib/ssh/keyring
- System keyring file containing public keys for remote ssh clients and servers.
- .TP
- .B /usr/\fIuser\fP/lib/keyring
- Personal keyring file containing public keys for remote ssh clients and
- servers.
- .SH SOURCE
- .B /sys/src/cmd/ssh
- .SH "SEE ALSO"
- .IR /sys/src/cmd/ssh/RFC*
- .br
- .IR factotum (4),
- .IR authsrv (6)
|