|
Hopefully, this page is exactly what you are looking for, but if not, you can always find further assistance on Unix/Linux Forum!
System Administration Commands ssh-keysign(1M)
NAME
ssh-keysign - ssh helper program for host-based authentica-
tion
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys
and generate the digital signature required during host-
based authentication with SSH protocol version 2. This sig-
nature is of data that includes, among other items, the name
of the client host and the name of the client user.
ssh-keysign is disabled by default and can be enabled only
in the global client configuration file /etc/ssh/ssh_config
by setting HostbasedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but
from ssh. See ssh(1) and sshd(1M) for more information about
host-based authentication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys
used to generate the digital signature. They should be
owned by root, readable only by root, and not accessible
to others. Because they are readable only by root, ssh-
keysign must be set-uid root if host-based authentica-
tion is used.
SECURITY
ssh-keysign will not sign host-based authentication data
under the following conditions:
o If the HostbasedAuthentication client configuration
parameter is not set to yes in /etc/ssh/ssh_config.
This setting cannot be overriden in users'
~/.ssh/ssh_config files.
o
SunOS 5.10 Last change: 9 Jun 2004 1
System Administration Commands ssh-keysign(1M)
If the client hostname and username in
/etc/ssh/ssh_config do not match the canonical hostname
of the client where ssh-keysign is invoked and the name
of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of
the host-based authentication data, there remains the abil-
ity of users to use it as an avenue for obtaining the
client's private host keys. For this reason host-based
authentication is turned off by default.
ATTRIBUTES
See attributes(5) for descriptions of the following attri-
butes:
____________________________________________________________
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|_____________________________|_____________________________|
| Availability | SUNWsshu |
|_____________________________|_____________________________|
| Interface Stability | Evolving |
|_____________________________|_____________________________|
SEE ALSO
ssh(1), sshd(1M), ssh_config(4), attributes(5)
AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
SunOS 5.10 Last change: 9 Jun 2004 2
Man(1) output converted with
man2html and wrapped by fishsponge
This page was generated on Wed Sep 12 11:26:40 GMT 2007
|
Your favourite pages:
No pages logged yet.
Trying to save cookie... Top 10 most popular pages:
sqlite3 man page (5334 hits)
(openSUSE 10.2)
svn man page (5209 hits)
(FreeBSD 6.2)
adv_cap_autoneg man page (4870 hits)
(Solaris 10 11_06)
CPAN man page (4607 hits)
(Suse Linux 10.1)
ssh man page (4342 hits)
(Suse Linux 10.1)
ssh-socks5-proxy-connect man page (2884 hits)
(Solaris 10 11_06)
netcat man page (2717 hits)
(Suse Linux 10.1)
pprosetup man page (2492 hits)
(Solaris 10 11_06)
startproc man page (2471 hits)
(Suse Linux 10.1)
signal man page (2408 hits)
(Suse Linux 10.1)
|
Man Pages 
