SSHD(8)                        SSH                        SSHD(8)



NAME
     sshd - secure shell daemon


SYNOPSIS
     sshd [-b bits] [-d ] [-f config_file] [-g login_grace_time]
     [-h host_key_file] [-i ] [-k key_gen_time] [-p port] [-q ]



DESCRIPTION
     Sshd (Secure Shell Daemon) is the daemon  program  for  ssh.
     Together these programs replace rlogin and rsh programs, and
     provide  secure   encrypted   communications   between   two
     untrusted  hosts over an insecure network.  The programs are
     intended to be as easy to install and use as possible.

     Sshd  is  the  daemon  that  listens  for  connections  from
     clients.   It is normally started at boot from /etc/rc.local
     or equivalent.  It forks a new daemon for each incoming con-
     nection.   The  forked  daemons handle key exchange, encryp-
     tion, authentication, command execution, and data exchange.

     Sshd works as follows.  Each host has  a  host-specific  RSA
     key  (normally  1024 bits) used to identify the host.  Addi-
     tionally, when the daemon starts, it generates a server  RSA
     key  (normally  768 bits).  This key is normally regenerated
     every hour if it has been used, and is never stored on disk.

     Whenever a client connects the daemon, the daemon sends  its
     host  and server public keys to the client.  The client com-
     pares the host key against its own database to  verify  that
     it  has  not  changed.   The client then generates a 256 bit
     random number.  It encrypts this random  number  using  both
     the  host  key  and  the server key, and sends the encrypted
     number to the server.  Both sides then  start  to  use  this
     random  number as a session key which is used to encrypt all
     further communications in the session.  The rest of the ses-
     sion  is  encrypted using a conventional cipher.  Currently,
     IDEA, DES, 3DES, ARCFOUR, and TSS (a fast  home-grown  algo-
     rithm)  are  supported. IDEA is used by default.  The client
     selects the encryption algorithm to use from  those  offered
     by the server.

     Next, the server and the client enter an authentication dia-
     log.   The client tries to authenticate itself using .rhosts
     authentication, .rhosts  authentication  combined  with  RSA
     host  authentication, RSA challenge-response authentication,
     TIS channenge response  authentication,  or  password  based
     authentication.





SSH               Last change: November 8, 1995                 1






SSHD(8)                        SSH                        SSHD(8)



     Rhosts authentication is normally  disabled  because  it  is
     fundamentally  insecure,  but  can  be enabled in the server
     configuration file  if  desired.   System  security  is  not
     improved unless rshd(8), rlogind(8), rexecd(8), and rexd (8)
     are disabled (thus completely disabling rlogin(1) and rsh(1)
     into that machine).

     If the client successfully authenticates  itself,  a  dialog
     for  preparing  the  session  is  entered.  At this time the
     client may request things like allocating a pseudo-tty, for-
     warding  X11  connections, forwarding TCP/IP connections, or
     forwarding the  authentication  agent  connection  over  the
     secure channel.

     Finally, the client either requests a shell or execution  of
     a  command.   The  sides  then  enter session mode.  In this
     mode, either side may send data at any time, and  such  data
     is  forwarded  to/from  the  shell  or command on the server
     side, and the user terminal in the client side.

     When the user program terminates and all forwarded  X11  and
     other connections have been closed, the server sends command
     exit status to the client, and both sides exit.

     Sshd can be configured using command-line options or a  con-
     figuration   file.   Command-line  options  override  values
     specified in the configuration file.

     Sshd rereads its configuration file if signal, SIGHUP.


OPTIONS
     -b bits
          Specifies the number of bits in the server key (default
          768).

     -d    Debug mode.  The server sends verbose debug output  to
          the  system  log,  and does not put itself in the back-
          ground.  The server also will not fork  and  will  only
          process  one  connection.  This option is only intended
          for debugging for the server.

     -f configuration_file
          Specifies the name  of  the  configuration  file.   The
          default is /etc/sshd_config.

     -g login_grace_time
          Gives the grace time for clients to authenticate  them-
          selves  (default  600 seconds).  If the client fails to
          authenticate the user within  this  many  seconds,  the
          server  disconnects  and  exits.  A value of zero indi-
          cates no limit.



SSH               Last change: November 8, 1995                 2






SSHD(8)                        SSH                        SSHD(8)



     -h host_key_file
          Specifies the file from which  the  host  key  is  read
          (default /etc/ssh_host_key).  This option must be given
          if sshd is not run as root (as the normal host file  is
          normally not readable by anyone but root).

     -i    Specifies that sshd is being run from inetd.  Sshd  is
          normally  not  run  from inetd because it needs to gen-
          erate the server key  before  it  can  respond  to  the
          client,  and  this  may  take tens of seconds.  Clients
          would have to wait too long if the key was  regenerated
          every  time.  However, with small key sizes (e.g.  512)
          using sshd from inetd may be feasible.

     -k key_gen_time
          Specifies how  often  the  server  key  is  regenerated
          (default  3600  seconds,  or one hour).  The motivation
          for regenerating the key fairly often is that  the  key
          is  not  stored  anywhere,  and after about an hour, it
          becomes impossible to recover the  key  for  decrypting
          intercepted  communications  even  if  the  machine  is
          cracked into or physically seized.   A  value  of  zero
          indicates that the key will never be regenerated.

     -p port
          Specifies the port on which the server listens for con-
          nections (default 22).

     -q    Quiet mode.  Nothing is sent to the system log.   Nor-
          mally the beginning, authentication, and termination of
          each connection is logged.


CONFIGURATION FILE
     Sshd reads configuration data from /etc/sshd_config (or  the
     file  specified with -f on the command line).  The file con-
     tains keyword-value pairs, one  per  line.   Lines  starting
     with '#' and empty lines are interpreted as comments.

     The following  keywords  are  possible.  Keywords  are  case
     insensitive.

     AllowHosts
          This keyword can be followed by any number of host name
          patterns,  separated by spaces.  If specified, login is
          allowed only from hosts whose name matches one  of  the
          patterns.   '*' and '?' can be used as wildcards in the
          patterns.  Normal name servers  are  used  to  map  the
          client's  host into a canonical host name.  If the name
          cannot be mapped, its IP-address is used  as  the  host
          name.  By default all hosts are allowed to connect.




SSH               Last change: November 8, 1995                 3






SSHD(8)                        SSH                        SSHD(8)



          Note  that  sshd  can  also  be   configured   to   use
          tcp_wrappers using the --with-libwrap compile-time con-
          figuration option.

     DenyHosts
          This keyword can be followed by any number of host name
          patterns,  separated by spaces.  If specified, login is
          disallowed from the hosts whose name matches any of the
          patterns.

     FascistLogging
          Specifies whether to use verbose logging.  Verbose log-
          ging  violates  the  privacy of users and is not recom-
          mended.  The argument must be "yes"  or  "no"  (without
          the quotes).  The default is "no".

     HostKey
          Specifies the file  containing  the  private  host  key
          (default /etc/ssh_host_key).

     IdleTimeout time
          Sets idle timeout limit to time in seconds (s or  noth-
          ing  after  number),  in  minutes (m), in hours (h), in
          days (d), or in weeks (w).  If the connection have been
          idle  (all  channels) for that long time the child pro-
          cess is killed with SIGHUP, and  connection  is  closed
          down.

     IgnoreRhosts
          Specifies that rhosts and shosts files will not be used
          in      authentication.       /etc/hosts.equiv      and
          /etc/shosts.equiv are still used.  The default is "no".

     KeepAlive
          Specifies whether the system should send keepalive mes-
          sages  to  the  other side.  If they are sent, death of
          the connection or crash of one of the machines will  be
          properly noticed.  However, this means that connections
          will die if the route is  down  temporarily,  and  some
          people  find  it  annoying.   On  the  other  hand,  if
          keepalives are not send, sessions may hang indefinitely
          on  the  server,  leaving  "ghost"  users and consuming
          server resources.

          The default is "yes"  (to  send  keepalives),  and  the
          server  will  notice  if  the  network goes down or the
          client host reboots.  This  avoids  infinitely  hanging
          sessions.

          To disable keepalives, the value should be set to  "no"
          in both the server and the client configuration files.




SSH               Last change: November 8, 1995                 4






SSHD(8)                        SSH                        SSHD(8)



     KeyRegenerationInterval
          The server key is automatically regenerated after  this
          many  seconds  (if  it  has been used).  The purpose of
          regeneration is to prevent decrypting captured sessions
          by  later  breaking  into  the machine and stealing the
          keys.  The key is never stored anywhere.  If the  value
          is  0,  the  key  is never regenerated.  The default is
          3600 (seconds).

     ListenAddress
          Specifies the ip address of  the  interface  where  the
          sshd server socket is bind.

     LoginGraceTime
          The server disconnects after this time if the user  has
          not  successfully  logged in.  If the value is 0, there
          is no time limit.  The default is 600 (seconds).

     PasswordAuthentication
          Specifies whether password authentication  is  allowed.
          The default is "yes".

     PermitEmptyPasswords
          When password authentication is allowed,  it  specifies
          whether  the server allows login to accounts with empty
          password strings.  The default is "yes".

     PermitRootLogin
          Specifies whether the root can log in using  ssh.   May
          be  set  to  "yes",  "nopwd",  or "no".  The default is
          "yes", allowing root logins through any of the  authen-
          tication  types  allowed  for other users.  The "nopwd"
          value disables password-authenticated root logins.  The
          "no"  value  disables  root  logins  through any of the
          authentication  methods.    ("nopwd"   and   "no"   are
          equivalent  unless  you  have  a  .rhosts,  .shosts, or
          .ssh/authorized_keys file in the root home directory.)

          Root login with RSA authentication when  the  "command"
          option has been specified will be allowed regardless of
          the value of this setting (which may be useful for tak-
          ing  remote  backups even if root login is normally not
          allowed).

     PidFile
          Specifies the location of the file containing the  pro-
          cess   ID   of   the   master   sshd  daemon  (default:
          /etc/sshd.pid or /var/run/sshd.pid,  depending  on  the
          system).

     Port Specifies the port number that sshd  listens  on.   The
          default is 22.



SSH               Last change: November 8, 1995                 5






SSHD(8)                        SSH                        SSHD(8)



     PrintMotd
          Specifies whether sshd should print  /etc/motd  when  a
          user  logs  in  interactively.   (On some systems it is
          also   printed   by   the   shell,   /etc/profile,   or
          equivalent.)  The default is "yes".

     QuietMode
          Specifies whether the system runs in  quiet  mode.   In
          quiet mode, nothing is logged in the system log, except
          fatal errors.  The default is "no".

     RandomSeed
          Specifies the file containing the random seed  for  the
          server;  this file is created automatically and updated
          regularly.  The default is /etc/ssh_random_seed.

     RhostsAuthentication
          Specifies  whether  authentication  using   rhosts   or
          /etc/hosts.equiv  files  is sufficient.  Normally, this
          method should not be permitted because it is  insecure.
          RhostsRSAAuthentication should be used instead, because
          it performs RSA-based host authentication  in  addition
          to  normal  rhosts  or /etc/hosts.equiv authentication.
          The default is "no".

     RhostsRSAAuthentication
          Specifies whether rhosts or /etc/hosts.equiv  authenti-
          cation together with successful RSA host authentication
          is allowed.  The default is "yes".

     RSAAuthentication
          Specifies whether pure RSA authentication  is  allowed.
          The default is "yes".

     SilentDeny
          Specifies wheter denied (or  not  allowed)  connections
          are denied silently (just close the connection, no log-
          ging etc) or are they closed cleanly (send  error  mes-
          sage and log connection attempt).

     ServerKeyBits
          Defines the number of bits  in  the  server  key.   The
          minimum value is 512, and the default is 768.

     StrictModes
          Specifies whether ssh should check file modes and  own-
          ership  of  the  user's home directory and rhosts files
          before accepting login.   This  is  normally  desirable
          because  novices  sometimes  accidentally  leave  their
          directory or  files  world-writable.   The  default  is
          "yes".




SSH               Last change: November 8, 1995                 6






SSHD(8)                        SSH                        SSHD(8)



     SyslogFacility
          Gives the facility code that is used when logging  mes-
          sages from sshd. The possible values are: DAEMON, USER,
          AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3,  LOCAL4,  LOCAL5,
          LOCAL6, LOCAL7.  The default is DAEMON.

     TISAuthentication
          Specifies wether authentication through TIS authsrv (8)
          is allowed. The default is "no".

     Umask
          Sets default umask for sshd and its childs. Remember to
          add  0 in front of the number to make it octal. Default
          is to not set umask at all.

     X11Forwarding
          Specifies whether X11  forwarding  is  permitted.   The
          default  is  "yes".  Note that disabling X11 forwarding
          does not improve security in  any  way,  as  users  can
          always install their own forwarders.

     X11DisplayOffset
          Specifies the first display number available for sshd's
          X11  forwarding.  This  prevents  sshd from interfering
          with real X11 servers.

     AllowTcpForwarding
          Specifies whether tcp  forwarding  is  permitted.   The
          default  is  "no".   Note that disabling tcp forwarding
          does not improve security in  any  way,  as  users  can
          always install their own forwarders.

     KerberosAuthentication
          Specifies  whether  Kerberos   V5   authentication   is
          allowed.  This can be in the form of a Kerberos ticket,
          or if PasswordAuthentication is yes, the password  pro-
          vided  by  the  user will be validated through the Ker-
          beros KDC or DCE Security Server. Default is yes.

     KerberosOrLocalPasswd
          If set then if password authentication through Kerberos
          fails then the password will be validated via any addi-
          tional local mechanism such as /etc/passwd or  SecurID.
          Default is no.

     KerberosTgtPassing
          Specifies whether a Kerberos V5 TGT may be forwarded to
          the server.  Default is yes.


LOGIN PROCESS
     When a user successfully logs in, sshd does the following:



SSH               Last change: November 8, 1995                 7






SSHD(8)                        SSH                        SSHD(8)



     1.   If the login is on a  tty,  and  no  command  has  been
          specified, prints last login time and /etc/motd (unless
          prevented   in   the   configuration   file    or    by
          $HOME/.hushlogin; see the FILES section).

     2.   If the login is on a tty, records login time.

     3.   Checks /etc/nologin; if it exists, prints contents  and
          quits (unless root).

     4.   Changes to run with normal user privileges.

     5.   Sets up basic environment.

     6.   Reads /etc/environment if it exists.

     7.   Reads $HOME/.ssh/environment if it exists.

     8.   Changes to user's home directory.

     9.   If $HOME/.ssh/rc  exists,  runs  it  (with  the  user's
          shell);  else  if  /etc/sshrc  exists,  runs  it  (with
          /bin/sh); otherwise runs xauth.   The  "rc"  files  are
          given  the  X11  authentication  protocol and cookie in
          standard input.

     10.  Runs user's shell or command.



AUTHORIZED_KEYS FILE FORMAT
     The $HOME/.ssh/authorized_keys file lists the RSA keys  that
     are permitted for RSA authentication.  Each line of the file
     contains one key (empty lines and lines starting with a  '#'
     are ignored as comments).  Each line consists of the follow-
     ing fields, separated by spaces:  options,  bits,  exponent,
     modulus,  comment.  The options field is optional; its pres-
     ence is determined by whether the line starts with a  number
     or  not  (the option field never starts with a number).  The
     bits, exponent, modulus and comment fields give the RSA key;
     the  comment field is not used for anything (but may be con-
     venient for the user to identify the key).

     Note that lines in this file  are  usually  several  hundred
     bytes  long  (because  of  the size of the RSA key modulus).
     You  don't  want  to  type  them  in;  instead,   copy   the
     identity.pub file and edit it.

     The options (if present) consists of comma-separated  option
     specifications.  No spaces are permitted, except within dou-
     ble quotes.  The following option  specifications  are  sup-
     ported:



SSH               Last change: November 8, 1995                 8






SSHD(8)                        SSH                        SSHD(8)




     from="pattern-list"
          Specifies that in addition to RSA  authentication,  the
          canonical  name  of  the remote host must be present in
          the comma-separated list of patterns ('*' and '?' serve
          as  wildcards).   The  list  may  also contain patterns
          negated by prefixing them with '!';  if  the  canonical
          host  name  matches  a  negated pattern, the key is not
          accepted.  The purpose of this option is to  optionally
          increase  security:  RSA  authentication by itself does
          not trust the network or name servers or anything  (but
          the  key); however, if somebody somehow steals the key,
          the key permits an intruder to log in from anywhere  in
          the world.  This additional option makes using a stolen
          key more difficult (name servers and/or  routers  would
          have to be compromised in addition to just the key).


     command="command"
          Specifies that the command is  executed  whenever  this
          key  is  used for authentication.  The command supplied
          by the user (if any) is ignored.  The command is run on
          a pty if the connection requests a pty; otherwise it is
          run without a tty.  A quote may be included in the com-
          mand by quoting it with a backslash.  This option might
          be useful to restrict certain RSA keys to perform  just
          a  specific  operation.  An example might be a key that
          permits remote backups but nothing else.   Notice  that
          the  client  may  specify TCP/IP and/or X11 forwardings
          unless they are explicitly prohibited.


     environment="NAME=value"
          Specifies that  the  string  is  to  be  added  to  the
          environment  when  logging in using this key.  Environ-
          ment variables set  this  way  override  other  default
          environment  values.  Multiple options of this type are
          permitted.

     idle-timeout=time
          Sets idle timeout limit to time in seconds (s or  noth-
          ing  after  number),  in  minutes (m), in hours (h), in
          days (d), or in weeks (w).  If the connection have been
          idle  (all  channels) for that long time the child pro-
          cess is killed with SIGHUP, and  connection  is  closed
          down.

     no-port-forwarding
          Forbids TCP/IP forwarding when this  key  is  used  for
          authentication.   Any  port  forward  requests  by  the
          client will return an error.  This might be  used  e.g.
          in connection with the command option.



SSH               Last change: November 8, 1995                 9






SSHD(8)                        SSH                        SSHD(8)



     no-X11-forwarding
          Forbids X11  forwarding  when  this  key  is  used  for
          authentication.  Any X11 forward requests by the client
          will return an error.

     no-agent-forwarding
          Forbids authentication agent forwarding when  this  key
          is used for authentication.

     no-pty
          Prevents tty allocation (a request to  allocate  a  pty
          will fail).


  Examples
     1024 33 12121...312314325 ylo@foo.bar

     from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334
     ylo@niksula

     command="dump   /home",no-pty,no-port-forwarding   1024   33
     23...2323 backup.hut.fi




SSH_KNOWN_HOSTS FILE FORMAT
     The /etc/ssh_known_hosts  and  $HOME/.ssh/known_hosts  files
     contain  host  public  keys for all known hosts.  The global
     file should be prepared by the admistrator  (optional),  and
     the  per-user file is maintained automatically: whenever the
     user connects an unknown host its key is added to  the  per-
     user     file.     The    recommended    way    to    create
     /etc/ssh_known_hosts is to use the make-ssh-known-hosts com-
     mand.

     Each line in these  files  contains  the  following  fields:
     hostnames, bits, exponent, modulus, comment.  The fields are
     separated by spaces.

     Hostnames is a comma-separated list of patterns ('*' and '?'
     act  as  wildcards); each pattern in turn is matched against
     the canonical host name (when authenticating  a  client)  or
     against   the  user-supplied  name  (when  authenticating  a
     server).  A pattern may also be preceded by '!' to  indicate
     negation:  if the host name matches a negated pattern, it is
     not accepted (by that line) even if it matched another  pat-
     tern on the line.

     Bits, exponent, and modulus are taken directly from the host
     key;  they can be obtained e.g.  from /etc/ssh_host_key.pub.
     The optional comment field continues to the end of the line,



SSH               Last change: November 8, 1995                10






SSHD(8)                        SSH                        SSHD(8)



     and is not used.

     Lines starting with '#' and empty lines are ignored as  com-
     ments.

     When  performing  host  authentication,  authentication   is
     accepted  if  any  matching  line has the proper key.  It is
     thus permissible (but not recommended) to have several lines
     or  different host keys for the same names.  This will inev-
     itably happen when short forms of host names from  different
     domains  are put in the file.  It is possible that the files
     contain conflicting information; authentication is  accepted
     if valid information can be found from either file.

     Note that the lines in these files are typically hundreds of
     characters  long,  and  you definitely don't want to type in
     the host keys by hand.  Rather, generate them  by  a  script
     (see      make-ssh-known-hosts(1))      or     by     taking
     /etc/ssh_host_key.pub and  adding  the  host  names  at  the
     front.


  Examples
     closenet,closenet.hut.fi,...,130.233.208.41 1024 37 159...93
     closenet.hut.fi


FILES
     /etc/sshd_config
          Contains configuration data for sshd.  This file should
          be writable by root only, but it is recommended (though
          not necessary) that it be world-readable.

     /etc/ssh_host_key
          Contains the private part of the host key.   This  file
          is  normally  created  automatically by "make install",
          but can also be created manually  using  ssh-keygen(1).
          This  file  should only be owned by root, readable only
          by root, and not accessible to others.

     /etc/ssh_host_key.pub
          Contains the public part of the host key.  This file is
          normally  created  automatically by "make install", but
          can also be created  manually.   This  file  should  be
          world-readable but writable only by root.  Its contents
          should match the private part.  This file is not really
          used for anything; it is only provided for the conveni-
          ence of the user so its contents can be copied to known
          hosts files.

     /etc/ssh_random_seed
          This  file  contains  a  seed  for  the  random  number



SSH               Last change: November 8, 1995                11






SSHD(8)                        SSH                        SSHD(8)



          generator.   This  file  should  only  be accessible by
          root.

     /etc/sshd.pid
          Contains the process id of the sshd listening for  con-
          nections  (if  there  are  several daemons running con-
          currently for different ports, this contains the pid of
          the  one  started last).  The contents of this file are
          not sensitive; it can be world-readable.

     $HOME/.ssh/authorized_keys
          Lists the RSA keys that can be used  to  log  into  the
          user's  account.   This  file  must be readable by root
          (which may on  some  machines  imply  it  being  world-
          readable if the user's home directory resides on an NFS
          volume).  It is recommended that it not  be  accessible
          by others.  The format of this file is described above.

     /etc/ssh_known_hosts and $HOME/.ssh/known_hosts
          These files are consulted when using  rhosts  with  RSA
          host  authentication  to  check  the  public key of the
          host.  The key must be listed in one of these files  to
          be accepted.  (The client uses the same files to verify
          that the remote host is the one  we  intended  to  con-
          nect.)  These files should be writable only by root/the
          owner.  /etc/ssh_known_hosts should be  world-readable,
          and  $HOME/.ssh/known_hosts  can but need not be world-
          readable.

     /etc/nologin
          If this file exists, sshd refuses to let anyone  except
          root log in.  The contents of the file are displayed to
          anyone trying to log in, and non-root  connections  are
          refused.  The file should be world-readable.

     $HOME/.rhosts
          This file contains host-username pairs, separated by  a
          space, one per line.  The given user on the correspond-
          ing host is permitted to log in without password.   The
          same  file  is  used  by rlogind and rshd.  Ssh differs
          from rlogind and rshd in  that  it  requires  RSA  host
          authentication  in addition to validating the host name
          retrieved from domain  name  servers  (unless  compiled
          with the --with-rhosts configuration option).  The file
          must be writable only by the user;  it  is  recommended
          that it not be accessible by others.

          It is also possible  to  use  netgroups  in  the  file.
          Either host or user name may be of the form +@groupname
          to specify all hosts or all users in the group.

     $HOME/.shosts



SSH               Last change: November 8, 1995                12






SSHD(8)                        SSH                        SSHD(8)



          For ssh, this file is exactly the same as for  .rhosts.
          However,  this  file is not used by rlogin and rshd, so
          using this permits access using ssh only.

     /etc/hosts.equiv
          This file is used during  .rhosts  authentication.   In
          the  simplest  form, this file contains host names, one
          per line.  Users on those hosts are permitted to log in
          without  a  password,  provided they have the same user
          name on both machines.  The host name may also be  fol-
          lowed  by  a user name; such users are permitted to log
          in as any user on this machine  (except  root).   Addi-
          tionally,  the  syntax  +@group  can be used to specify
          netgroups.  Negated entries start with '-'.

          If the client host/user is successfully matched in this
          file,  login  is  automatically  permitted provided the
          client and server user names are the  same.   Addition-
          ally,  successful  RSA  host authentication is normally
          required.  This file must be writable only by root;  it
          is recommended that it be world-readable.

          Warning: It is almost never a good  idea  to  use  user
          names in hosts.equiv.  Beware that it really means that
          the named user(s) can log in as anybody, which includes
          bin,  daemon, adm, and other accounts that own critical
          binaries and directories.  Using a  user  name  practi-
          cally  grants the user root access.  The only valid use
          for user names that I  can  think  of  is  in  negative
          entries.   Note  that  this  warning  also  applies  to
          rsh/rlogin.

     /etc/shosts.equiv
          This is processed exactly as /etc/hosts.equiv. However,
          this  file  may  be useful in environments that want to
          run both rsh/rlogin and ssh.

     /etc/environment
          This file is read into the environment at login (if  it
          exists).   It  can  only  contain  empty lines, comment
          lines (that start with '#'), and  assignment  lines  of
          the  form  name=value.   This  file is processed in all
          environments (normal rsh/rlogin only process it on  AIX
          and  potentially  some other systems).  The file should
          be writable only by root, and should be world-readable.

     $HOME/.ssh/environment
          This  file  is  read   into   the   environment   after
          /etc/environment.   It  has  the same format.  The file
          should be writable only by the user;  it  need  not  be
          readable by anyone else.




SSH               Last change: November 8, 1995                13






SSHD(8)                        SSH                        SSHD(8)



     $HOME/.ssh/rc
          If this file exists, it is run with  the  user's  shell
          after reading the environment files but before starting
          the user's shell or command.  If  X11  spoofing  is  in
          use, this will receive the "proto cookie" pair in stan-
          dard input (and DISPLAY  in  environment).   This  must
          call xauth in that case.

          The primary purpose of this file is to run any initial-
          ization  routines which may be needed before the user's
          home directory becomes accessible; AFS is a  particular
          example of such an environment.

          This file will  probably  contain  some  initialization
          code  followed  by something similar to: "if read proto
          cookie; then echo add $DISPLAY $proto $cookie  |  xauth
          -q -; fi".

          If this file does not exist, /etc/sshrc is run, and  if
          that  does not exist either, xauth is used to store the
          cookie.

          This file should be writable only by the user, and need
          not be readable by anyone else.

     /etc/sshrc
          Like $HOME/.ssh/rc, but run with /bin/sh.  This can  be
          used to specify machine-specific login-time initializa-
          tions globally.  This file should be writable  only  by
          root, and should be world-readable.

     /etc/sshd_tis.map
          Establishes a mapping between a local username and  its
          corresponding  name in the TIS database. Each line con-
          tains the local name followed by a ":" followed by  the
          corresponding  name.  If the file does not exist or the
          user is not found, the corresponding name  in  the  TIS
          database is supposed to be the same.


INSTALLATION
     Sshd is normally run as root.  If it is not run as root,  it
     can  only  log in as the user it is running as, and password
     authentication may not work if the system uses shadow  pass-
     words.  An alternative host key file must also be used.

     Sshd is normally started from /etc/rc.local or equivalent at
     system boot.

     Considerable work has been put to making sshd secure.   How-
     ever,  if  you  find  a  security  problem, please report it
     immediately to <ssh-bugs@cs.hut.fi>.



SSH               Last change: November 8, 1995                14






SSHD(8)                        SSH                        SSHD(8)



AUTHOR
     Tatu Ylonen <ylo@ssh.fi>

     Information about new releases,  mailing  lists,  and  other
     related  issues  can  be found from the ssh WWW home page at
     http://www.cs.hut.fi/ssh.


SEE ALSO
     ssh(1),   make-ssh-known-hosts(1),    ssh-keygen(1),    ssh-
     agent(1), ssh-add(1), scp(1), rlogin(1), rsh(1)












































SSH               Last change: November 8, 1995                15