2 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
3 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 .\" All rights reserved
6 .\" As far as I am concerned, the code I have written for this software
7 .\" can be used freely for any purpose. Any derived versions of this
8 .\" software must be clearly marked as such, and if the derived work is
9 .\" incompatible with the protocol description in the RFC file, it must be
10 .\" called by a name other than "ssh" or "Secure Shell".
12 .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved.
13 .\" Copyright (c) 1999 Aaron Campbell. All rights reserved.
14 .\" Copyright (c) 1999 Theo de Raadt. All rights reserved.
16 .\" Redistribution and use in source and binary forms, with or without
17 .\" modification, are permitted provided that the following conditions
19 .\" 1. Redistributions of source code must retain the above copyright
20 .\" notice, this list of conditions and the following disclaimer.
21 .\" 2. Redistributions in binary form must reproduce the above copyright
22 .\" notice, this list of conditions and the following disclaimer in the
23 .\" documentation and/or other materials provided with the distribution.
25 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
26 .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
27 .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
28 .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
29 .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
30 .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
31 .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
32 .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
33 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 .\" $OpenBSD: ssh_config.5,v 1.362 2021/08/12 23:59:25 djm Exp $
38 .Dd $Mdocdate: August 12 2021 $
43 .Nd OpenSSH client configuration file
46 obtains configuration data from the following sources in
49 .Bl -enum -offset indent -compact
53 user's configuration file
56 system-wide configuration file
57 .Pq Pa /etc/ssh/ssh_config
60 For each parameter, the first obtained value
62 The configuration files contain sections separated by
64 specifications, and that section is only applied for hosts that
65 match one of the patterns given in the specification.
66 The matched host name is usually the one given on the command line
68 .Cm CanonicalizeHostname
69 option for exceptions).
71 Since the first obtained value for each parameter is used, more
72 host-specific declarations should be given near the beginning of the
73 file, and general defaults at the end.
75 The file contains keyword-argument pairs, one per line.
78 and empty lines are interpreted as comments.
79 Arguments may optionally be enclosed in double quotes
81 in order to represent arguments containing spaces.
82 Configuration options may be separated by whitespace or
83 optional whitespace and exactly one
85 the latter format is useful to avoid the need to quote whitespace
86 when specifying configuration options using the
95 keywords and their meanings are as follows (note that
96 keywords are case-insensitive and arguments are case-sensitive):
99 Restricts the following declarations (up to the next
103 keyword) to be only for those hosts that match one of the patterns
104 given after the keyword.
105 If more than one pattern is provided, they should be separated by whitespace.
108 as a pattern can be used to provide global
109 defaults for all hosts.
110 The host is usually the
112 argument given on the command line
114 .Cm CanonicalizeHostname
115 keyword for exceptions).
117 A pattern entry may be negated by prefixing it with an exclamation mark
119 If a negated entry is matched, then the
121 entry is ignored, regardless of whether any other patterns on the line
123 Negated matches are therefore useful to provide exceptions for wildcard
128 for more information on patterns.
130 Restricts the following declarations (up to the next
134 keyword) to be used only when the conditions following the
136 keyword are satisfied.
137 Match conditions are specified using one or more criteria
140 which always matches.
141 The available criteria keywords are:
152 criteria must appear alone or immediately after
156 Other criteria may be combined arbitrarily.
163 Criteria may be negated by prepending an exclamation mark
168 keyword matches only when the configuration file is being re-parsed
169 after hostname canonicalization (see the
170 .Cm CanonicalizeHostname
172 This may be useful to specify conditions that work with canonical host
177 keyword requests that the configuration be re-parsed (regardless of whether
178 .Cm CanonicalizeHostname
179 is enabled), and matches only during this final pass.
181 .Cm CanonicalizeHostname
186 match during the same pass.
190 keyword executes the specified command under the user's shell.
191 If the command returns a zero exit status then the condition is considered true.
192 Commands containing whitespace characters must be quoted.
195 accept the tokens described in the
199 The other keywords' criteria must be single entries or comma-separated
200 lists and may use the wildcard and negation operators described in the
205 keyword are matched against the target hostname, after any substitution
209 .Cm CanonicalizeHostname
213 keyword matches against the hostname as it was specified on the command-line.
216 keyword matches against the target username on the remote host.
219 keyword matches against the name of the local user running
221 (this keyword may be useful in system-wide
224 .It Cm AddKeysToAgent
225 Specifies whether keys should be automatically added to a running
227 If this option is set to
229 and a key is loaded from a file, the key and its passphrase are added to
230 the agent with the default lifetime, as if by
232 If this option is set to
235 will require confirmation using the
237 program before adding a key (see
240 If this option is set to
242 each use of the key must be confirmed, as if the
244 option was specified to
246 If this option is set to
248 no keys are added to the agent.
249 Alternately, this option may be specified as a time interval
250 using the format described in the
254 to specify the key's lifetime in
256 after which it will automatically be removed.
262 (optionally followed by a time interval),
266 Specifies which address family to use when connecting.
277 user interaction such as password prompts and host key confirmation requests
279 This option is useful in scripts and other batch jobs where no user
280 is present to interact with
288 Use the specified address on the local machine as the source address of
290 Only useful on systems with more than one address.
292 Use the address of the specified interface on the local machine as the
293 source address of the connection.
294 .It Cm CanonicalDomains
296 .Cm CanonicalizeHostname
297 is enabled, this option specifies the list of domain suffixes in which to
298 search for the specified destination host.
299 .It Cm CanonicalizeFallbackLocal
300 Specifies whether to fail with an error when hostname canonicalization fails.
303 will attempt to look up the unqualified hostname using the system resolver's
310 .Cm CanonicalizeHostname
311 is enabled and the target hostname cannot be found in any of the domains
313 .Cm CanonicalDomains .
314 .It Cm CanonicalizeHostname
315 Controls whether explicit hostname canonicalization is performed.
318 is not to perform any name rewriting and let the system resolver handle all
322 then, for connections that do not use a
327 will attempt to canonicalize the hostname specified on the command line
331 .Cm CanonicalizePermittedCNAMEs
334 .Cm CanonicalizeHostname
337 then canonicalization is applied to proxied connections too.
339 If this option is enabled, then the configuration files are processed
340 again using the new target name to pick up any new configuration in matching
347 disables the use of a
350 .It Cm CanonicalizeMaxDots
351 Specifies the maximum number of dot characters in a hostname before
352 canonicalization is disabled.
354 allows a single dot (i.e. hostname.subdomain).
355 .It Cm CanonicalizePermittedCNAMEs
356 Specifies rules to determine whether CNAMEs should be followed when
357 canonicalizing hostnames.
358 The rules consist of one or more arguments of
359 .Ar source_domain_list : Ns Ar target_domain_list ,
361 .Ar source_domain_list
362 is a pattern-list of domains that may follow CNAMEs in canonicalization,
364 .Ar target_domain_list
365 is a pattern-list of domains that they may resolve to.
368 .Qq *.a.example.com:*.b.example.com,*.c.example.com
369 will allow hostnames matching
371 to be canonicalized to names in the
376 .It Cm CASignatureAlgorithms
377 Specifies which algorithms are allowed for signing of certificates
378 by certificate authorities (CAs).
380 .Bd -literal -offset indent
381 ssh-ed25519,ecdsa-sha2-nistp256,
382 ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
383 sk-ssh-ed25519@openssh.com,
384 sk-ecdsa-sha2-nistp256@openssh.com,
385 rsa-sha2-512,rsa-sha2-256
388 If the specified list begins with a
390 character, then the specified algorithms will be appended to the default set
391 instead of replacing them.
392 If the specified list begins with a
394 character, then the specified algorithms (including wildcards) will be removed
395 from the default set instead of replacing them.
398 will not accept host certificates signed using algorithms other than those
400 .It Cm CertificateFile
401 Specifies a file from which the user's certificate is read.
402 A corresponding private key must be provided separately in order
403 to use this certificate either
415 .Cm SecurityKeyProvider .
419 may use the tilde syntax to refer to a user's home directory,
420 the tokens described in the
422 section and environment variables as described in the
423 .Sx ENVIRONMENT VARIABLES
426 It is possible to have multiple certificate files specified in
427 configuration files; these certificates will be tried in sequence.
430 directives will add to the list of certificates used for
436 will additionally check the host IP address in the
439 This allows it to detect if a host key changed due to DNS spoofing
440 and will add addresses of destination hosts to
441 .Pa ~/.ssh/known_hosts
442 in the process, regardless of the setting of
443 .Cm StrictHostKeyChecking .
444 If the option is set to
447 the check will not be executed.
451 Specifies the ciphers allowed and their order of preference.
452 Multiple ciphers must be comma-separated.
453 If the specified list begins with a
455 character, then the specified ciphers will be appended to the default set
456 instead of replacing them.
457 If the specified list begins with a
459 character, then the specified ciphers (including wildcards) will be removed
460 from the default set instead of replacing them.
461 If the specified list begins with a
463 character, then the specified ciphers will be placed at the head of the
466 The supported ciphers are:
467 .Bd -literal -offset indent
475 aes128-gcm@openssh.com
476 aes256-gcm@openssh.com
477 chacha20-poly1305@openssh.com
481 .Bd -literal -offset indent
482 chacha20-poly1305@openssh.com,
483 aes128-ctr,aes192-ctr,aes256-ctr,
484 aes128-gcm@openssh.com,aes256-gcm@openssh.com
487 The list of available ciphers may also be obtained using
489 .It Cm ClearAllForwardings
490 Specifies that all local, remote, and dynamic port forwardings
491 specified in the configuration files or on the command line be
493 This option is primarily useful when used from the
495 command line to clear port forwardings set in
496 configuration files, and is automatically set by
506 Specifies whether to use compression.
512 .It Cm ConnectionAttempts
513 Specifies the number of tries (one per second) to make before exiting.
514 The argument must be an integer.
515 This may be useful in scripts if the connection sometimes fails.
517 .It Cm ConnectTimeout
518 Specifies the timeout (in seconds) used when connecting to the
519 SSH server, instead of using the default system TCP timeout.
520 This timeout is applied both to establishing the connection and to performing
521 the initial SSH protocol handshake and key exchange.
523 Enables the sharing of multiple sessions over a single network connection.
527 will listen for connections on a control socket specified using the
530 Additional sessions can connect to this socket using the same
537 These sessions will try to reuse the master instance's network connection
538 rather than initiating new ones, but will fall back to connecting normally
539 if the control socket does not exist, or is not listening.
545 to listen for control connections, but require confirmation using
551 will continue without connecting to a master instance.
555 forwarding is supported over these multiplexed connections, however the
556 display and agent forwarded will be the one belonging to the master
557 connection i.e. it is not possible to forward multiple displays or agents.
559 Two additional options allow for opportunistic multiplexing: try to use a
560 master connection but fall back to creating a new one if one does not already
566 The latter requires confirmation like the
570 Specify the path to the control socket used for connection sharing as described
573 section above or the string
575 to disable connection sharing.
578 may use the tilde syntax to refer to a user's home directory,
579 the tokens described in the
581 section and environment variables as described in the
582 .Sx ENVIRONMENT VARIABLES
584 It is recommended that any
586 used for opportunistic connection sharing include
587 at least %h, %p, and %r (or alternatively %C) and be placed in a directory
588 that is not writable by other users.
589 This ensures that shared connections are uniquely identified.
590 .It Cm ControlPersist
591 When used in conjunction with
593 specifies that the master connection should remain open
594 in the background (waiting for future client connections)
595 after the initial client connection has been closed.
599 then the master connection will not be placed into the background,
600 and will close as soon as the initial client connection is closed.
604 then the master connection will remain in the background indefinitely
605 (until killed or closed via a mechanism such as the
607 If set to a time in seconds, or a time in any of the formats documented in
609 then the backgrounded master connection will automatically terminate
610 after it has remained idle (with no client connections) for the
612 .It Cm DynamicForward
613 Specifies that a TCP port on the local machine be forwarded
614 over the secure channel, and the application
615 protocol is then used to determine where to connect to from the
620 .Oo Ar bind_address : Oc Ar port .
622 IPv6 addresses can be specified by enclosing addresses in square brackets.
623 By default, the local port is bound in accordance with the
628 may be used to bind the connection to a specific address.
633 indicates that the listening port be bound for local use only, while an
636 indicates that the port should be available from all interfaces.
638 Currently the SOCKS4 and SOCKS5 protocols are supported, and
640 will act as a SOCKS server.
641 Multiple forwardings may be specified, and
642 additional forwardings can be given on the command line.
643 Only the superuser can forward privileged ports.
644 .It Cm EnableSSHKeysign
645 Setting this option to
647 in the global client configuration file
648 .Pa /etc/ssh/ssh_config
649 enables the use of the helper program
652 .Cm HostbasedAuthentication .
658 This option should be placed in the non-hostspecific section.
661 for more information.
663 Sets the escape character (default:
665 The escape character can also
666 be set on the command line.
667 The argument should be a single character,
669 followed by a letter, or
671 to disable the escape
672 character entirely (making the connection transparent for binary
674 .It Cm ExitOnForwardFailure
677 should terminate the connection if it cannot set up all requested
678 dynamic, tunnel, local, and remote port forwardings, (e.g.\&
679 if either end is unable to bind and listen on a specified port).
681 .Cm ExitOnForwardFailure
682 does not apply to connections made over port forwardings and will not,
685 to exit if TCP connections to the ultimate forwarding destination fail.
691 .It Cm FingerprintHash
692 Specifies the hash algorithm used when displaying key fingerprints.
698 .It Cm ForkAfterAuthentication
701 to go to background just before command execution.
704 is going to ask for passwords or passphrases, but the user
705 wants it in the background.
708 configuration option being set to
710 The recommended way to start X11 programs at a remote site is with
712 .Ic ssh -f host xterm ,
716 .Cm ForkAfterAuthentication
717 configuration option is set to
721 .Cm ExitOnForwardFailure
722 configuration option is set to
724 then a client started with the
725 .Cm ForkAfterAuthentication
726 configuration option being set to
728 will wait for all remote port forwards to be successfully established
729 before placing itself in the background.
730 The argument to this keyword must be
738 Specifies whether the connection to the authentication agent (if any)
739 will be forwarded to the remote machine.
744 an explicit path to an agent socket or the name of an environment variable
747 in which to find the path.
749 Agent forwarding should be enabled with caution.
750 Users with the ability to bypass file permissions on the remote host
751 (for the agent's Unix-domain socket)
752 can access the local agent through the forwarded connection.
753 An attacker cannot obtain key material from the agent,
754 however they can perform operations on the keys that enable them to
755 authenticate using the identities loaded into the agent.
757 Specifies whether X11 connections will be automatically redirected
758 over the secure channel and
767 X11 forwarding should be enabled with caution.
768 Users with the ability to bypass file permissions on the remote host
769 (for the user's X11 authorization database)
770 can access the local X11 display through the forwarded connection.
771 An attacker may then be able to perform activities such as keystroke monitoring
773 .Cm ForwardX11Trusted
774 option is also enabled.
775 .It Cm ForwardX11Timeout
776 Specify a timeout for untrusted X11 forwarding
777 using the format described in the
781 X11 connections received by
783 after this time will be refused.
785 .Cm ForwardX11Timeout
786 to zero will disable the timeout and permit X11 forwarding for the life
788 The default is to disable untrusted X11 forwarding after twenty minutes has
790 .It Cm ForwardX11Trusted
791 If this option is set to
793 remote X11 clients will have full access to the original X11 display.
795 If this option is set to
798 remote X11 clients will be considered untrusted and prevented
799 from stealing or tampering with data belonging to trusted X11
803 token used for the session will be set to expire after 20 minutes.
804 Remote clients will be refused access after this time.
806 See the X11 SECURITY extension specification for full details on
807 the restrictions imposed on untrusted clients.
809 Specifies whether remote hosts are allowed to connect to local
813 binds local port forwardings to the loopback address.
814 This prevents other remote hosts from connecting to forwarded ports.
816 can be used to specify that ssh
817 should bind local port forwardings to the wildcard address,
818 thus allowing remote hosts to connect to forwarded ports.
824 .It Cm GlobalKnownHostsFile
825 Specifies one or more files to use for the global
826 host key database, separated by whitespace.
828 .Pa /etc/ssh/ssh_known_hosts ,
829 .Pa /etc/ssh/ssh_known_hosts2 .
830 .It Cm GSSAPIAuthentication
831 Specifies whether user authentication based on GSSAPI is allowed.
834 .It Cm GSSAPIDelegateCredentials
835 Forward (delegate) credentials to the server.
838 .It Cm HashKnownHosts
841 should hash host names and addresses when they are added to
842 .Pa ~/.ssh/known_hosts .
843 These hashed names may be used normally by
847 but they do not visually reveal identifying information if the
848 file's contents are disclosed.
851 Note that existing names and addresses in known hosts files
852 will not be converted automatically,
853 but may be manually hashed using
855 .It Cm HostbasedAcceptedAlgorithms
856 Specifies the signature algorithms that will be used for hostbased
857 authentication as a comma-separated list of patterns.
858 Alternately if the specified list begins with a
860 character, then the specified signature algorithms will be appended
861 to the default set instead of replacing them.
862 If the specified list begins with a
864 character, then the specified signature algorithms (including wildcards)
865 will be removed from the default set instead of replacing them.
866 If the specified list begins with a
868 character, then the specified signature algorithms will be placed
869 at the head of the default set.
870 The default for this option is:
871 .Bd -literal -offset 3n
872 ssh-ed25519-cert-v01@openssh.com,
873 ecdsa-sha2-nistp256-cert-v01@openssh.com,
874 ecdsa-sha2-nistp384-cert-v01@openssh.com,
875 ecdsa-sha2-nistp521-cert-v01@openssh.com,
876 sk-ssh-ed25519-cert-v01@openssh.com,
877 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
878 rsa-sha2-512-cert-v01@openssh.com,
879 rsa-sha2-256-cert-v01@openssh.com,
880 ssh-rsa-cert-v01@openssh.com,
882 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
883 sk-ssh-ed25519@openssh.com,
884 sk-ecdsa-sha2-nistp256@openssh.com,
885 rsa-sha2-512,rsa-sha2-256,ssh-rsa
892 may be used to list supported signature algorithms.
893 This was formerly named HostbasedKeyTypes.
894 .It Cm HostbasedAuthentication
895 Specifies whether to try rhosts based authentication with public key
902 .It Cm HostKeyAlgorithms
903 Specifies the host key signature algorithms
904 that the client wants to use in order of preference.
905 Alternately if the specified list begins with a
907 character, then the specified signature algorithms will be appended to
908 the default set instead of replacing them.
909 If the specified list begins with a
911 character, then the specified signature algorithms (including wildcards)
912 will be removed from the default set instead of replacing them.
913 If the specified list begins with a
915 character, then the specified signature algorithms will be placed
916 at the head of the default set.
917 The default for this option is:
918 .Bd -literal -offset 3n
919 ssh-ed25519-cert-v01@openssh.com,
920 ecdsa-sha2-nistp256-cert-v01@openssh.com,
921 ecdsa-sha2-nistp384-cert-v01@openssh.com,
922 ecdsa-sha2-nistp521-cert-v01@openssh.com,
923 sk-ssh-ed25519-cert-v01@openssh.com,
924 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
925 rsa-sha2-512-cert-v01@openssh.com,
926 rsa-sha2-256-cert-v01@openssh.com,
927 ssh-rsa-cert-v01@openssh.com,
929 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
930 sk-ecdsa-sha2-nistp256@openssh.com,
931 sk-ssh-ed25519@openssh.com,
932 rsa-sha2-512,rsa-sha2-256,ssh-rsa
935 If hostkeys are known for the destination host then this default is modified
936 to prefer their algorithms.
938 The list of available signature algorithms may also be obtained using
939 .Qq ssh -Q HostKeyAlgorithms .
941 Specifies an alias that should be used instead of the
942 real host name when looking up or saving the host key
943 in the host key database files and when validating host certificates.
944 This option is useful for tunneling SSH connections
945 or for multiple servers running on a single host.
947 Specifies the real host name to log into.
948 This can be used to specify nicknames or abbreviations for hosts.
951 accept the tokens described in the
954 Numeric IP addresses are also permitted (both on the command line and in
957 The default is the name given on the command line.
958 .It Cm IdentitiesOnly
961 should only use the configured authentication identity and certificate files
962 (either the default files, or those explicitly configured in the
973 .Cm SecurityKeyProvider
974 offers more identities.
975 The argument to this keyword must be
980 This option is intended for situations where ssh-agent
981 offers many different identities.
985 socket used to communicate with the authentication agent.
987 This option overrides the
989 environment variable and can be used to select a specific agent.
990 Setting the socket name to
992 disables the use of an authentication agent.
995 is specified, the location of the socket will be read from the
997 environment variable.
998 Otherwise if the specified value begins with a
1000 character, then it will be treated as an environment variable containing
1001 the location of the socket.
1005 may use the tilde syntax to refer to a user's home directory,
1006 the tokens described in the
1008 section and environment variables as described in the
1009 .Sx ENVIRONMENT VARIABLES
1012 Specifies a file from which the user's DSA, ECDSA, authenticator-hosted ECDSA,
1013 Ed25519, authenticator-hosted Ed25519 or RSA authentication identity is read.
1016 .Pa ~/.ssh/id_ecdsa ,
1017 .Pa ~/.ssh/id_ecdsa_sk ,
1018 .Pa ~/.ssh/id_ed25519 ,
1019 .Pa ~/.ssh/id_ed25519_sk
1022 Additionally, any identities represented by the authentication agent
1023 will be used for authentication unless
1026 If no certificates have been explicitly specified by
1027 .Cm CertificateFile ,
1029 will try to load certificate information from the filename obtained by
1032 to the path of a specified
1037 may use the tilde syntax to refer to a user's home directory
1038 or the tokens described in the
1042 It is possible to have
1043 multiple identity files specified in configuration files; all these
1044 identities will be tried in sequence.
1047 directives will add to the list of identities tried (this behaviour
1048 differs from that of other configuration directives).
1051 may be used in conjunction with
1053 to select which identities in an agent are offered during authentication.
1055 may also be used in conjunction with
1057 in order to provide any certificate also needed for authentication with
1059 .It Cm IgnoreUnknown
1060 Specifies a pattern-list of unknown options to be ignored if they are
1061 encountered in configuration parsing.
1062 This may be used to suppress errors if
1064 contains options that are unrecognised by
1066 It is recommended that
1068 be listed early in the configuration file as it will not be applied
1069 to unknown options that appear before it.
1071 Include the specified configuration file(s).
1072 Multiple pathnames may be specified and each pathname may contain
1074 wildcards and, for user configurations, shell-like
1076 references to user home directories.
1077 Wildcards will be expanded and processed in lexical order.
1078 Files without absolute paths are assumed to be in
1080 if included in a user configuration file or
1082 if included from the system configuration file.
1084 directive may appear inside a
1089 to perform conditional inclusion.
1091 Specifies the IPv4 type-of-service or DSCP class for connections.
1120 to use the operating system default.
1121 This option may take one or two arguments, separated by whitespace.
1122 If one argument is specified, it is used as the packet class unconditionally.
1123 If two values are specified, the first is automatically selected for
1124 interactive sessions and the second for non-interactive sessions.
1128 for interactive sessions and
1131 for non-interactive sessions.
1132 .It Cm KbdInteractiveAuthentication
1133 Specifies whether to use keyboard-interactive authentication.
1134 The argument to this keyword must be
1139 .Cm ChallengeResponseAuthentication
1140 is a deprecated alias for this.
1141 .It Cm KbdInteractiveDevices
1142 Specifies the list of methods to use in keyboard-interactive authentication.
1143 Multiple method names must be comma-separated.
1144 The default is to use the server specified list.
1145 The methods available vary depending on what the server supports.
1146 For an OpenSSH server,
1147 it may be zero or more of:
1151 .It Cm KexAlgorithms
1152 Specifies the available KEX (Key Exchange) algorithms.
1153 Multiple algorithms must be comma-separated.
1154 If the specified list begins with a
1156 character, then the specified methods will be appended to the default set
1157 instead of replacing them.
1158 If the specified list begins with a
1160 character, then the specified methods (including wildcards) will be removed
1161 from the default set instead of replacing them.
1162 If the specified list begins with a
1164 character, then the specified methods will be placed at the head of the
1167 .Bd -literal -offset indent
1168 curve25519-sha256,curve25519-sha256@libssh.org,
1169 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
1170 diffie-hellman-group-exchange-sha256,
1171 diffie-hellman-group16-sha512,
1172 diffie-hellman-group18-sha512,
1173 diffie-hellman-group14-sha256
1176 The list of available key exchange algorithms may also be obtained using
1178 .It Cm KnownHostsCommand
1179 Specifies a command to use to obtain a list of host keys, in addition to
1181 .Cm UserKnownHostsFile
1183 .Cm GlobalKnownHostsFile .
1184 This command is executed after the files have been read.
1185 It may write host key lines to standard output in identical format to the
1186 usual files (described in the
1187 .Sx VERIFYING HOST KEYS
1191 .Cm KnownHostsCommand
1192 accept the tokens described in the
1195 The command may be invoked multiple times per connection: once when preparing
1196 the preference list of host key algorithms to use, again to obtain the
1197 host key for the requested host name and, if
1199 is enabled, one more time to obtain the host key matching the server's
1201 If the command exits abnormally or returns a non-zero exit status then the
1202 connection is terminated.
1204 Specifies a command to execute on the local machine after successfully
1205 connecting to the server.
1206 The command string extends to the end of the line, and is executed with
1210 accept the tokens described in the
1214 The command is run synchronously and does not have access to the
1218 It should not be used for interactive commands.
1220 This directive is ignored unless
1221 .Cm PermitLocalCommand
1224 Specifies that a TCP port on the local machine be forwarded over
1225 the secure channel to the specified host and port from the remote machine.
1226 The first argument specifies the listener and may be
1228 .Oo Ar bind_address : Oc Ar port
1230 or a Unix domain socket path.
1231 The second argument is the destination and may be
1232 .Ar host : Ns Ar hostport
1233 or a Unix domain socket path if the remote host supports it.
1235 IPv6 addresses can be specified by enclosing addresses in square brackets.
1236 Multiple forwardings may be specified, and additional forwardings can be
1237 given on the command line.
1238 Only the superuser can forward privileged ports.
1239 By default, the local port is bound in accordance with the
1242 However, an explicit
1244 may be used to bind the connection to a specific address.
1249 indicates that the listening port be bound for local use only, while an
1252 indicates that the port should be available from all interfaces.
1253 Unix domain socket paths may use the tokens described in the
1255 section and environment variables as described in the
1256 .Sx ENVIRONMENT VARIABLES
1259 Gives the verbosity level that is used when logging messages from
1261 The possible values are:
1262 QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
1263 The default is INFO.
1264 DEBUG and DEBUG1 are equivalent.
1265 DEBUG2 and DEBUG3 each specify higher levels of verbose output.
1267 Specify one or more overrides to LogLevel.
1268 An override consists of a pattern lists that matches the source file, function
1269 and line number to force detailed logging for.
1270 For example, an override pattern of:
1271 .Bd -literal -offset indent
1272 kex.c:*:1000,*:kex_exchange_identification():*,packet.c:*
1275 would enable detailed logging for line 1000 of
1278 .Fn kex_exchange_identification
1279 function, and all code in the
1282 This option is intended for debugging and no overrides are enabled by default.
1284 Specifies the MAC (message authentication code) algorithms
1285 in order of preference.
1286 The MAC algorithm is used for data integrity protection.
1287 Multiple algorithms must be comma-separated.
1288 If the specified list begins with a
1290 character, then the specified algorithms will be appended to the default set
1291 instead of replacing them.
1292 If the specified list begins with a
1294 character, then the specified algorithms (including wildcards) will be removed
1295 from the default set instead of replacing them.
1296 If the specified list begins with a
1298 character, then the specified algorithms will be placed at the head of the
1301 The algorithms that contain
1303 calculate the MAC after encryption (encrypt-then-mac).
1304 These are considered safer and their use recommended.
1307 .Bd -literal -offset indent
1308 umac-64-etm@openssh.com,umac-128-etm@openssh.com,
1309 hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
1310 hmac-sha1-etm@openssh.com,
1311 umac-64@openssh.com,umac-128@openssh.com,
1312 hmac-sha2-256,hmac-sha2-512,hmac-sha1
1315 The list of available MAC algorithms may also be obtained using
1317 .It Cm NoHostAuthenticationForLocalhost
1318 Disable host authentication for localhost (loopback addresses).
1319 The argument to this keyword must be
1324 .It Cm NumberOfPasswordPrompts
1325 Specifies the number of password prompts before giving up.
1326 The argument to this keyword must be an integer.
1328 .It Cm PasswordAuthentication
1329 Specifies whether to use password authentication.
1330 The argument to this keyword must be
1335 .It Cm PermitLocalCommand
1336 Allow local command execution via the
1339 .Ic !\& Ns Ar command
1342 The argument must be
1347 .It Cm PermitRemoteOpen
1348 Specifies the destinations to which remote TCP port forwarding is permitted when
1350 is used as a SOCKS proxy.
1351 The forwarding specification must be one of the following forms:
1353 .Bl -item -offset indent -compact
1355 .Cm PermitRemoteOpen
1360 .Cm PermitRemoteOpen
1362 .Ar IPv4_addr : port
1365 .Cm PermitRemoteOpen
1367 .Ar \&[ IPv6_addr \&] : port
1371 Multiple forwards may be specified by separating them with whitespace.
1374 can be used to remove all restrictions and permit any forwarding requests.
1377 can be used to prohibit all forwarding requests.
1380 can be used for host or port to allow all hosts or ports respectively.
1381 Otherwise, no pattern matching or address lookups are performed on supplied
1383 .It Cm PKCS11Provider
1384 Specifies which PKCS#11 provider to use or
1386 to indicate that no provider should be used (the default).
1387 The argument to this keyword is a path to the PKCS#11 shared library
1389 should use to communicate with a PKCS#11 token providing keys for user
1392 Specifies the port number to connect on the remote host.
1394 .It Cm PreferredAuthentications
1395 Specifies the order in which the client should try authentication methods.
1396 This allows a client to prefer one method (e.g.\&
1397 .Cm keyboard-interactive )
1398 over another method (e.g.\&
1401 .Bd -literal -offset indent
1402 gssapi-with-mic,hostbased,publickey,
1403 keyboard-interactive,password
1406 Specifies the command to use to connect to the server.
1408 string extends to the end of the line, and is executed
1409 using the user's shell
1411 directive to avoid a lingering shell process.
1415 accept the tokens described in the
1418 The command can be basically anything,
1419 and should read from its standard input and write to its standard output.
1420 It should eventually connect an
1422 server running on some machine, or execute
1425 Host key management will be done using the
1427 of the host being connected (defaulting to the name typed by the user).
1428 Setting the command to
1430 disables this option entirely.
1433 is not available for connects with a proxy command.
1435 This directive is useful in conjunction with
1437 and its proxy support.
1438 For example, the following directive would connect via an HTTP proxy at
1440 .Bd -literal -offset 3n
1441 ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
1444 Specifies one or more jump proxies as either
1453 Multiple proxies may be separated by comma characters and will be visited
1455 Setting this option will cause
1457 to connect to the target host by first making a
1459 connection to the specified
1461 host and then establishing a
1462 TCP forwarding to the ultimate target from there.
1465 disables this option entirely.
1467 Note that this option will compete with the
1469 option - whichever is specified first will prevent later instances of the
1470 other from taking effect.
1472 Note also that the configuration for the destination host (either supplied
1473 via the command-line or the configuration file) is not generally applied
1476 should be used if specific configuration is required for jump hosts.
1477 .It Cm ProxyUseFdpass
1480 will pass a connected file descriptor back to
1482 instead of continuing to execute and pass data.
1485 .It Cm PubkeyAcceptedAlgorithms
1486 Specifies the signature algorithms that will be used for public key
1487 authentication as a comma-separated list of patterns.
1488 If the specified list begins with a
1490 character, then the algorithms after it will be appended to the default
1491 instead of replacing it.
1492 If the specified list begins with a
1494 character, then the specified algorithms (including wildcards) will be removed
1495 from the default set instead of replacing them.
1496 If the specified list begins with a
1498 character, then the specified algorithms will be placed at the head of the
1500 The default for this option is:
1501 .Bd -literal -offset 3n
1502 ssh-ed25519-cert-v01@openssh.com,
1503 ecdsa-sha2-nistp256-cert-v01@openssh.com,
1504 ecdsa-sha2-nistp384-cert-v01@openssh.com,
1505 ecdsa-sha2-nistp521-cert-v01@openssh.com,
1506 sk-ssh-ed25519-cert-v01@openssh.com,
1507 sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
1508 rsa-sha2-512-cert-v01@openssh.com,
1509 rsa-sha2-256-cert-v01@openssh.com,
1510 ssh-rsa-cert-v01@openssh.com,
1512 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
1513 sk-ssh-ed25519@openssh.com,
1514 sk-ecdsa-sha2-nistp256@openssh.com,
1515 rsa-sha2-512,rsa-sha2-256,ssh-rsa
1518 The list of available signature algorithms may also be obtained using
1519 .Qq ssh -Q PubkeyAcceptedAlgorithms .
1520 .It Cm PubkeyAuthentication
1521 Specifies whether to try public key authentication.
1522 The argument to this keyword must be
1528 Specifies the maximum amount of data that may be transmitted before the
1529 session key is renegotiated, optionally followed by a maximum amount of
1530 time that may pass before the session key is renegotiated.
1531 The first argument is specified in bytes and may have a suffix of
1536 to indicate Kilobytes, Megabytes, or Gigabytes, respectively.
1537 The default is between
1541 depending on the cipher.
1542 The optional second value is specified in seconds and may use any of the
1543 units documented in the TIME FORMATS section of
1545 The default value for
1549 which means that rekeying is performed after the cipher's default amount
1550 of data has been sent or received and no time based rekeying is done.
1551 .It Cm RemoteCommand
1552 Specifies a command to execute on the remote machine after successfully
1553 connecting to the server.
1554 The command string extends to the end of the line, and is executed with
1558 accept the tokens described in the
1561 .It Cm RemoteForward
1562 Specifies that a TCP port on the remote machine be forwarded over
1564 The remote port may either be forwarded to a specified host and port
1565 from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote
1566 client to connect to arbitrary destinations from the local machine.
1567 The first argument is the listening specification and may be
1569 .Oo Ar bind_address : Oc Ar port
1571 or, if the remote host supports it, a Unix domain socket path.
1572 If forwarding to a specific destination then the second argument must be
1573 .Ar host : Ns Ar hostport
1574 or a Unix domain socket path,
1575 otherwise if no destination argument is specified then the remote forwarding
1576 will be established as a SOCKS proxy.
1577 When acting as a SOCKS proxy the destination of the connection can be
1579 .Cm PermitRemoteOpen .
1581 IPv6 addresses can be specified by enclosing addresses in square brackets.
1582 Multiple forwardings may be specified, and additional
1583 forwardings can be given on the command line.
1584 Privileged ports can be forwarded only when
1585 logging in as root on the remote machine.
1586 Unix domain socket paths may use the tokens described in the
1588 section and environment variables as described in the
1589 .Sx ENVIRONMENT VARIABLES
1595 the listen port will be dynamically allocated on the server and reported
1596 to the client at run time.
1600 is not specified, the default is to only bind to loopback addresses.
1605 or an empty string, then the forwarding is requested to listen on all
1609 will only succeed if the server's
1611 option is enabled (see
1612 .Xr sshd_config 5 ) .
1614 Specifies whether to request a pseudo-tty for the session.
1615 The argument may be one of:
1617 (never request a TTY),
1619 (always request a TTY when standard input is a TTY),
1621 (always request a TTY) or
1623 (request a TTY when opening a login session).
1624 This option mirrors the
1630 .It Cm RevokedHostKeys
1631 Specifies revoked host public keys.
1632 Keys listed in this file will be refused for host authentication.
1633 Note that if this file does not exist or is not readable,
1634 then host authentication will be refused for all hosts.
1635 Keys may be specified as a text file, listing one public key per line, or as
1636 an OpenSSH Key Revocation List (KRL) as generated by
1638 For more information on KRLs, see the KEY REVOCATION LISTS section in
1640 .It Cm SecurityKeyProvider
1641 Specifies a path to a library that will be used when loading any
1642 FIDO authenticator-hosted keys, overriding the default of using
1643 the built-in USB HID support.
1645 If the specified value begins with a
1647 character, then it will be treated as an environment variable containing
1648 the path to the library.
1650 Specifies what variables from the local
1652 should be sent to the server.
1653 The server must also support it, and the server must be configured to
1654 accept these environment variables.
1657 environment variable is always sent whenever a
1658 pseudo-terminal is requested as it is required by the protocol.
1663 for how to configure the server.
1664 Variables are specified by name, which may contain wildcard characters.
1665 Multiple environment variables may be separated by whitespace or spread
1672 for more information on patterns.
1674 It is possible to clear previously set
1676 variable names by prefixing patterns with
1678 The default is not to send any environment variables.
1679 .It Cm ServerAliveCountMax
1680 Sets the number of server alive messages (see below) which may be
1683 receiving any messages back from the server.
1684 If this threshold is reached while server alive messages are being sent,
1685 ssh will disconnect from the server, terminating the session.
1686 It is important to note that the use of server alive messages is very
1690 The server alive messages are sent through the encrypted channel
1691 and therefore will not be spoofable.
1692 The TCP keepalive option enabled by
1695 The server alive mechanism is valuable when the client or
1696 server depend on knowing when a connection has become unresponsive.
1698 The default value is 3.
1700 .Cm ServerAliveInterval
1701 (see below) is set to 15 and
1702 .Cm ServerAliveCountMax
1703 is left at the default, if the server becomes unresponsive,
1704 ssh will disconnect after approximately 45 seconds.
1705 .It Cm ServerAliveInterval
1706 Sets a timeout interval in seconds after which if no data has been received
1709 will send a message through the encrypted
1710 channel to request a response from the server.
1712 is 0, indicating that these messages will not be sent to the server.
1714 May be used to either request invocation of a subsystem on the remote system,
1715 or to prevent the execution of a remote command at all.
1716 The latter is useful for just forwarding ports.
1717 The argument to this keyword must be
1727 (shell or command execution).
1729 Directly specify one or more environment variables and their contents to
1730 be sent to the server.
1733 with the exception of the
1735 variable, the server must be prepared to accept the environment variable.
1737 Redirects stdin from
1739 (actually, prevents reading from stdin).
1740 Either this or the equivalent
1742 option must be used when
1744 is run in the background.
1745 The argument to this keyword must be
1752 .It Cm StreamLocalBindMask
1753 Sets the octal file creation mode mask
1755 used when creating a Unix-domain socket file for local or remote
1757 This option is only used for port forwarding to a Unix-domain socket file.
1759 The default value is 0177, which creates a Unix-domain socket file that is
1760 readable and writable only by the owner.
1761 Note that not all operating systems honor the file mode on Unix-domain
1763 .It Cm StreamLocalBindUnlink
1764 Specifies whether to remove an existing Unix-domain socket file for local
1765 or remote port forwarding before creating a new one.
1766 If the socket file already exists and
1767 .Cm StreamLocalBindUnlink
1770 will be unable to forward the port to the Unix-domain socket file.
1771 This option is only used for port forwarding to a Unix-domain socket file.
1773 The argument must be
1778 .It Cm StrictHostKeyChecking
1779 If this flag is set to
1782 will never automatically add host keys to the
1783 .Pa ~/.ssh/known_hosts
1784 file, and refuses to connect to hosts whose host key has changed.
1785 This provides maximum protection against man-in-the-middle (MITM) attacks,
1786 though it can be annoying when the
1787 .Pa /etc/ssh/ssh_known_hosts
1788 file is poorly maintained or when connections to new hosts are
1790 This option forces the user to manually
1793 If this flag is set to
1795 then ssh will automatically add new host keys to the user's
1797 file, but will not permit connections to hosts with
1799 If this flag is set to
1803 ssh will automatically add new host keys to the user known hosts files
1804 and allow connections to hosts with changed hostkeys to proceed,
1805 subject to some restrictions.
1806 If this flag is set to
1810 will be added to the user known host files only after the user
1811 has confirmed that is what they really want to do, and
1812 ssh will refuse to connect to hosts whose host key has changed.
1814 known hosts will be verified automatically in all cases.
1815 .It Cm SyslogFacility
1816 Gives the facility code that is used when logging messages from
1818 The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
1819 LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
1820 The default is USER.
1822 Specifies whether the system should send TCP keepalive messages to the
1824 If they are sent, death of the connection or crash of one
1825 of the machines will be properly noticed.
1826 However, this means that
1827 connections will die if the route is down temporarily, and some people
1832 (to send TCP keepalive messages), and the client will notice
1833 if the network goes down or the remote host dies.
1834 This is important in scripts, and many users want it too.
1836 To disable TCP keepalive messages, the value should be set to
1839 .Cm ServerAliveInterval
1840 for protocol-level keepalives.
1844 device forwarding between the client and the server.
1845 The argument must be
1856 requests the default tunnel mode, which is
1857 .Cm point-to-point .
1861 devices to open on the client
1866 The argument must be
1868 .Ar local_tun Op : Ar remote_tun .
1870 The devices may be specified by numerical ID or the keyword
1872 which uses the next available tunnel device.
1875 is not specified, it defaults to
1879 .It Cm UpdateHostKeys
1882 should accept notifications of additional hostkeys from the server sent
1883 after authentication has completed and add them to
1884 .Cm UserKnownHostsFile .
1885 The argument must be
1890 This option allows learning alternate hostkeys for a server
1891 and supports graceful key rotation by allowing a server to send replacement
1892 public keys before old ones are removed.
1894 Additional hostkeys are only accepted if the key used to authenticate the
1895 host was already trusted or explicitly accepted by the user, the host was
1897 .Cm UserKnownHostsFile
1899 .Cm GlobalKnownHostsFile )
1900 and the host was authenticated using a plain key and not a certificate.
1903 is enabled by default if the user has not overridden the default
1904 .Cm UserKnownHostsFile
1905 setting and has not enabled
1906 .Cm VerifyHostKeyDNS ,
1916 then the user is asked to confirm the modifications to the known_hosts file.
1917 Confirmation is currently incompatible with
1918 .Cm ControlPersist ,
1919 and will be disabled if it is enabled.
1923 from OpenSSH 6.8 and greater support the
1924 .Qq hostkeys@openssh.com
1925 protocol extension used to inform the client of all the server's hostkeys.
1927 Specifies the user to log in as.
1928 This can be useful when a different user name is used on different machines.
1929 This saves the trouble of
1930 having to remember to give the user name on the command line.
1931 .It Cm UserKnownHostsFile
1932 Specifies one or more files to use for the user
1933 host key database, separated by whitespace.
1934 Each filename may use tilde notation to refer to the user's home directory,
1935 the tokens described in the
1937 section and environment variables as described in the
1938 .Sx ENVIRONMENT VARIABLES
1941 .Pa ~/.ssh/known_hosts ,
1942 .Pa ~/.ssh/known_hosts2 .
1943 .It Cm VerifyHostKeyDNS
1944 Specifies whether to verify the remote key using DNS and SSHFP resource
1946 If this option is set to
1948 the client will implicitly trust keys that match a secure fingerprint
1950 Insecure fingerprints will be handled as if this option was set to
1952 If this option is set to
1954 information on fingerprint match will be displayed, but the user will still
1955 need to confirm new host keys according to the
1956 .Cm StrictHostKeyChecking
1960 if compiled with LDNS and
1965 .Sx VERIFYING HOST KEYS
1968 .It Cm VersionAddendum
1969 Specifies a string to append to the regular version string to identify
1970 OS- or site-specific modifications.
1972 .Dq FreeBSD-20210907 .
1975 may be used to disable this.
1976 .It Cm VisualHostKey
1977 If this flag is set to
1979 an ASCII art representation of the remote host key fingerprint is
1980 printed in addition to the fingerprint string at login and
1981 for unknown host keys.
1982 If this flag is set to
1985 no fingerprint strings are printed at login and
1986 only the fingerprint string will be printed for unknown host keys.
1987 .It Cm XAuthLocation
1988 Specifies the full pathname of the
1992 .Pa /usr/local/bin/xauth .
1997 consists of zero or more non-whitespace characters,
1999 (a wildcard that matches zero or more characters),
2002 (a wildcard that matches exactly one character).
2003 For example, to specify a set of declarations for any host in the
2006 the following pattern could be used:
2010 The following pattern
2011 would match any host in the 192.168.0.[0-9] network range:
2013 .Dl Host 192.168.0.?
2017 is a comma-separated list of patterns.
2018 Patterns within pattern-lists may be negated
2019 by preceding them with an exclamation mark
2022 to allow a key to be used from anywhere within an organization
2026 the following entry (in authorized_keys) could be used:
2028 .Dl from=\&"!*.dialup.example.com,*.example.com\&"
2030 Note that a negated match will never produce a positive result by itself.
2031 For example, attempting to match
2033 against the following pattern-list will fail:
2035 .Dl from=\&"!host1,!host2\&"
2037 The solution here is to include a term that will yield a positive match,
2040 .Dl from=\&"!host1,!host2,*\&"
2042 Arguments to some keywords can make use of tokens,
2043 which are expanded at runtime:
2045 .Bl -tag -width XXXX -offset indent -compact
2052 Local user's home directory.
2054 The fingerprint of the server's host key.
2058 hostname or address that is being searched for.
2060 The remote hostname.
2062 A string describing the reason for a
2063 .Cm KnownHostsCommand
2066 when looking up a host by address (only when
2070 when searching by hostname, or
2072 when preparing the host key algorithm preference list to use for the
2077 The base64 encoded host key.
2079 The host key alias if specified, otherwise the original remote hostname given
2080 on the command line.
2084 The local hostname, including the domain name.
2086 The original remote hostname, as given on the command line.
2090 The remote username.
2096 network interface assigned if
2097 tunnel forwarding was requested, or
2101 The type of the server host key, e.g.
2107 .Cm CertificateFile ,
2111 .Cm KnownHostsCommand ,
2117 .Cm UserKnownHostsFile
2118 accept the tokens %%, %C, %d, %h, %i, %k, %L, %l, %n, %p, %r, and %u.
2120 .Cm KnownHostsCommand
2121 additionally accepts the tokens %f, %H, %I, %K and %t.
2124 accepts the tokens %% and %h.
2130 accepts the tokens %%, %h, %n, %p, and %r.
2131 .Sh ENVIRONMENT VARIABLES
2132 Arguments to some keywords can be expanded at runtime from environment
2133 variables on the client by enclosing them in
2137 would refer to the user's .ssh directory.
2138 If a specified environment variable does not exist then an error will be
2139 returned and the setting for that keyword will be ignored.
2142 .Cm CertificateFile ,
2146 .Cm KnownHostsCommand ,
2148 .Cm UserKnownHostsFile
2149 support environment variables.
2154 support environment variables only for Unix domain socket paths.
2157 .It Pa ~/.ssh/config
2158 This is the per-user configuration file.
2159 The format of this file is described above.
2160 This file is used by the SSH client.
2161 Because of the potential for abuse, this file must have strict permissions:
2162 read/write for the user, and not writable by others.
2163 .It Pa /etc/ssh/ssh_config
2164 Systemwide configuration file.
2165 This file provides defaults for those
2166 values that are not specified in the user's configuration file, and
2167 for those users who do not have a configuration file.
2168 This file must be world-readable.
2174 OpenSSH is a derivative of the original and free
2175 ssh 1.2.12 release by
2177 .An Aaron Campbell , Bob Beck , Markus Friedl ,
2178 .An Niels Provos , Theo de Raadt
2181 removed many bugs, re-added newer features and
2184 contributed the support for SSH protocol versions 1.5 and 2.0.