Lines Matching +full:ipv6 +full:- +full:single +full:- +full:target

51 .Bl -enum -offset indent -compact
53 command-line options
58 system-wide configuration file
74 host-specific declarations should be given near the beginning of the
77 The file contains keyword-argument pairs, one per line.
98 keywords are case-insensitive and arguments are case-sensitive):
99 .Bl -tag -width Ds
108 A single
140 or the single token
166 keyword matches only when the configuration file is being re-parsed
183 The other keywords' criteria must be single entries or comma-separated
189 keyword are matched against the target hostname, after any substitution
197 keyword matches against the hostname as it was specified on the command-line.
200 keyword matches against the target username on the remote host.
205 (this keyword may be useful in system-wide
210 .Xr ssh-agent 1 .
215 .Xr ssh-add 1 .
222 .Xr ssh-add 1
229 .Xr ssh-add 1 .
248 (use IPv6 only).
285 is enabled and the target hostname cannot be found in any of the domains
312 again using the new target name to pick up any new configuration in matching
321 allows a single dot (i.e. hostname.subdomain).
329 is a pattern-list of domains that may follow CNAMEs in canonicalization,
332 is a pattern-list of domains that they may resolve to.
354 .Xr ssh-agent 1 ,
372 Specifies whether to use challenge-response authentication.
413 Multiple ciphers must be comma-separated.
419 .Sq -
424 .Bd -literal -offset indent
425 3des-cbc
426 aes128-cbc
427 aes192-cbc
428 aes256-cbc
429 aes128-ctr
430 aes192-ctr
431 aes256-ctr
432 aes128-gcm@openssh.com
433 aes256-gcm@openssh.com
437 blowfish-cbc
438 cast128-cbc
439 chacha20-poly1305@openssh.com
443 .Bd -literal -offset indent
444 chacha20-poly1305@openssh.com,
445 aes128-ctr,aes192-ctr,aes256-ctr,
446 aes128-gcm@openssh.com,aes256-gcm@openssh.com,
447 aes128-cbc,aes192-cbc,aes256-cbc
451 .Qq ssh -Q cipher .
490 This value is used only when the target is down or really unreachable,
493 Enables the sharing of multiple sessions over a single network connection.
516 .Xr ssh-askpass 1 .
524 .Xr ssh-agent 1
573 .Qq ssh -O exit ) .
589 IPv6 addresses can be specified by enclosing addresses in square brackets.
617 .Xr ssh-keysign 8
625 This option should be placed in the non-hostspecific section.
627 .Xr ssh-keysign 8
634 The argument should be a single character,
676 (for the agent's Unix-domain socket)
775 .Xr ssh-keygen 1 .
786 as a comma-separated pattern list.
792 .Sq -
796 .Bd -literal -offset 3n
797 ecdsa-sha2-nistp256-cert-v01@openssh.com,
798 ecdsa-sha2-nistp384-cert-v01@openssh.com,
799 ecdsa-sha2-nistp521-cert-v01@openssh.com,
800 ssh-ed25519-cert-v01@openssh.com,
801 ssh-rsa-cert-v01@openssh.com,
802 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
803 ssh-ed25519,ssh-rsa
819 .Sq -
823 .Bd -literal -offset 3n
824 ecdsa-sha2-nistp256-cert-v01@openssh.com,
825 ecdsa-sha2-nistp384-cert-v01@openssh.com,
826 ecdsa-sha2-nistp521-cert-v01@openssh.com,
827 ssh-ed25519-cert-v01@openssh.com,
828 ssh-rsa-cert-v01@openssh.com,
829 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
830 ssh-ed25519,ssh-rsa
837 .Qq ssh -Q key .
843 or for multiple servers running on a single host.
865 command-line,
867 .Xr ssh-agent 1
876 This option is intended for situations where ssh-agent
880 .Ux Ns -domain
922 .Pa -cert.pub
951 Specifies a pattern-list of unknown options to be ignored if they are
965 wildcards and, for user configurations, shell-like
981 Specifies the IPv4 type-of-service or DSCP class for connections.
1011 interactive sessions and the second for non-interactive sessions.
1016 for non-interactive sessions.
1018 Specifies whether to use keyboard-interactive authentication.
1025 Specifies the list of methods to use in keyboard-interactive authentication.
1026 Multiple method names must be comma-separated.
1037 Multiple algorithms must be comma-separated.
1043 .Sq -
1047 .Bd -literal -offset indent
1048 curve25519-sha256,curve25519-sha256@libssh.org,
1049 ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
1050 diffie-hellman-group-exchange-sha256,
1051 diffie-hellman-group-exchange-sha1,
1052 diffie-hellman-group14-sha1
1056 .Qq ssh -Q kex .
1086 IPv6 addresses can be specified by enclosing addresses in square brackets.
1116 Multiple algorithms must be comma-separated.
1122 .Sq -
1127 .Qq -etm
1128 calculate the MAC after encryption (encrypt-then-mac).
1132 .Bd -literal -offset indent
1133 umac-64-etm@openssh.com,umac-128-etm@openssh.com,
1134 hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
1135 hmac-sha1-etm@openssh.com,
1136 umac-64@openssh.com,umac-128@openssh.com,
1137 hmac-sha2-256,hmac-sha2-512,hmac-sha1
1141 .Qq ssh -Q mac .
1187 .Cm keyboard-interactive )
1191 .Bd -literal -offset indent
1192 gssapi-with-mic,hostbased,publickey,
1193 keyboard-interactive,password
1200 Multiple versions must be comma-separated.
1228 .Ic sshd -i
1245 .Bd -literal -offset 3n
1246 ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
1261 to connect to the target host by first making a
1266 TCP forwarding to the ultimate target from there.
1270 option - whichever is specified first will prevent later instances of the
1282 as a comma-separated pattern list.
1288 .Sq -
1292 .Bd -literal -offset 3n
1293 ecdsa-sha2-nistp256-cert-v01@openssh.com,
1294 ecdsa-sha2-nistp384-cert-v01@openssh.com,
1295 ecdsa-sha2-nistp521-cert-v01@openssh.com,
1296 ssh-ed25519-cert-v01@openssh.com,
1297 ssh-rsa-cert-v01@openssh.com,
1298 ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
1299 ssh-ed25519,ssh-rsa
1303 .Qq ssh -Q key .
1346 IPv6 addresses can be specified by enclosing addresses in square brackets.
1374 Specifies whether to request a pseudo-tty for the session.
1397 .Xr ssh-keygen 1 .
1399 .Xr ssh-keygen 1 .
1431 pseudo-terminal is requested as it is required by the protocol.
1484 used when creating a Unix-domain socket file for local or remote
1486 This option is only used for port forwarding to a Unix-domain socket file.
1488 The default value is 0177, which creates a Unix-domain socket file that is
1490 Note that not all operating systems honor the file mode on Unix-domain
1493 Specifies whether to remove an existing Unix-domain socket file for local
1499 will be unable to forward the port to the Unix-domain socket file.
1500 This option is only used for port forwarding to a Unix-domain socket file.
1557 .Cm point-to-point
1567 .Cm point-to-point .
1689 consists of zero or more non-whitespace characters,
1703 would match any host in the 192.168.0.[0-9] network range:
1708 .Em pattern-list
1709 is a comma-separated list of patterns.
1710 Patterns within pattern-lists may be negated
1725 .Bl -tag -width XXXX -offset indent -compact
1774 .Bl -tag -width Ds
1776 This is the per-user configuration file.
1786 This file must be world-readable.
1791 .An -nosplit
1799 removed many bugs, re-added newer features and