Context Navigation

← Previous Changeset
Next Changeset →

Changeset e4e0d060

Timestamp:

05/18/2005 04:31:24 PM (19 years ago)

Author:

Manuel Canales Esparcia <manuel@…>

Branches:

10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal

Children:

84f1407

Parents:

b86cfc2

Message:

Tagged openssh.xml

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@4347 af4574ff-66df-0310-9fd7-8a98e5e911e0

File:

: 1 edited

server/major/openssh.xml (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

server/major/openssh.xml

-              rb86cfc2
+              re4e0d060
   %general-entities;
 <!ENTITY openssh-download-http "http://sunsite.ualberta.ca/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">
 <!ENTITY openssh-download-ftp "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">
 <!ENTITY openssh-md5sum "7b36f28fc16e1b7f4ba3c1dca191ac92">
 <!ENTITY openssh-size "889 KB">
 <!ENTITY openssh-buildsize "14.5 MB">
 <!ENTITY openssh-time "0.42 SBU">
+  <!ENTITY openssh-download-http "http://sunsite.ualberta.ca/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">
+  <!ENTITY openssh-download-ftp "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">
+  <!ENTITY openssh-md5sum "7b36f28fc16e1b7f4ba3c1dca191ac92">
+  <!ENTITY openssh-size "889 KB">
+  <!ENTITY openssh-buildsize "14.5 MB">
+  <!ENTITY openssh-time "0.42 SBU">
 ]>
 <sect1 id="openssh" xreflabel="OpenSSH-&openssh-version;">
+<sect1info>
+<othername>$LastChangedBy$</othername>
+<date>$Date$</date>
+</sect1info>
+<?dbhtml filename="openssh.html"?>
+<title>Open<acronym>SSH</acronym>-&openssh-version;</title>
+<indexterm zone="openssh">
+<primary sortas="a-OpenSSH">OpenSSH</primary></indexterm>
+<sect2>
+<title>Introduction to
+<application>Open<acronym>SSH</acronym></application></title>
+<para>The <application>Open<acronym>SSH</acronym></application> package
+contains <command>ssh</command> clients and the <command>sshd</command> daemon.
+This is useful for encrypting authentication and subsequent traffic over a
+network.</para>
+<sect3><title>Package information</title>
+<itemizedlist spacing='compact'>
+<listitem><para>Download (HTTP):
+<ulink url="&openssh-download-http;"/></para></listitem>
+<listitem><para>Download (FTP):
+<ulink url="&openssh-download-ftp;"/></para></listitem>
+<listitem><para>Download MD5 sum: &openssh-md5sum;</para></listitem>
+<listitem><para>Download size: &openssh-size;</para></listitem>
+<listitem><para>Estimated disk space required:
+&openssh-buildsize;</para></listitem>
+<listitem><para>Estimated build time:
+&openssh-time;</para></listitem></itemizedlist>
+</sect3>
+<sect3><title><application>Open<acronym>SSH</acronym></application>
+dependencies</title>
+<sect4><title>Required</title>
+<para><xref linkend="openssl"/></para>
+</sect4>
+<sect4><title>Optional</title>
+<para><xref linkend="Linux_PAM"/>,
+<xref linkend="tcpwrappers"/>,
+X (<xref linkend="xfree86"/> or <xref linkend="xorg"/>),
+<xref linkend="mitkrb"/> or <xref linkend="heimdal"/>,
+<xref linkend="jdk"/>,
+<xref linkend="net-tools"/>,
+<ulink url="http://www.opensc.org/">OpenSC</ulink> and
+<ulink url="http://sourceforge.net/projects/libedit/">libedit</ulink></para>
+</sect4>
+</sect3>
+</sect2>
+<sect2>
+<title>Installation of
+<application>Open<acronym>SSH</acronym></application></title>
+<para><application>Open<acronym>SSH</acronym></application> runs as two
+processes when connecting to other computers. The first process is a
+privileged process and controls the issuance of privileges as necessary.
+The second process communicates with the network. Additional installation
+steps are necessary to set up the proper environment, which are performed
+by the following commands:</para>
+<screen><userinput><command>install -v -d -m700 /var/lib/sshd &amp;&amp;
+  <?dbhtml filename="openssh.html"?>
+  <sect1info>
+    <othername>$LastChangedBy$</othername>
+    <date>$Date$</date>
+  </sect1info>
+  <title>OpenSSH-&openssh-version;</title>
+  <indexterm zone="openssh">
+    <primary sortas="a-OpenSSH">OpenSSH</primary>
+  </indexterm>
+  <sect2 role="package">
+    <title>Introduction to OpenSSH</title>
+    <para>The <application>OpenSSH</application> package contains
+    <command>ssh</command> clients and the <command>sshd</command> daemon.
+    This is useful for encrypting authentication and subsequent traffic
+    over a network.</para>
+    <bridgehead renderas="sect3">Package Information</bridgehead>
+    <itemizedlist spacing="compact">
+      <listitem>
+        <para>Download (HTTP): <ulink url="&openssh-download-http;"/></para>
+      </listitem>
+      <listitem>
+        <para>Download (FTP): <ulink url="&openssh-download-ftp;"/></para>
+      </listitem>
+      <listitem>
+        <para>Download MD5 sum: &openssh-md5sum;</para>
+      </listitem>
+      <listitem>
+        <para>Download size: &openssh-size;</para>
+      </listitem>
+      <listitem>
+        <para>Estimated disk space required: &openssh-buildsize;</para>
+      </listitem>
+      <listitem>
+        <para>Estimated build time: &openssh-time;</para>
+      </listitem>
+    </itemizedlist>
+    <bridgehead renderas="sect3">OpenSSH Dependencies</bridgehead>
+    <bridgehead renderas="sect4">Required</bridgehead>
+    <para><xref linkend="openssl"/></para>
+    <bridgehead renderas="sect4">Optional</bridgehead>
+    <para><xref linkend="Linux_PAM"/>,
+    <xref linkend="tcpwrappers"/>,
+    X (<xref linkend="xfree86"/> or <xref linkend="xorg"/>),
+    <xref linkend="mitkrb"/> or <xref linkend="heimdal"/>,
+    <xref linkend="jdk"/>,
+    <xref linkend="net-tools"/>,
+    <ulink url="http://www.opensc.org/">OpenSC</ulink> and
+    <ulink url="http://sourceforge.net/projects/libedit/">libedit</ulink></para>
+  </sect2>
+  <sect2 role="installation">
+    <title>Installation of OpenSSH</title>
+    <para><application>OpenSSH</application> runs as two processes when
+    connecting to other computers. The first process is a privileged process
+    and controls the issuance of privileges as necessary. The second process
+    communicates with the network. Additional installation steps are necessary
+    to set up the proper environment, which are performed by the following
+    commands:</para>
+<screen role="root"><userinput>install -v -d -m700 /var/lib/sshd &amp;&amp;
 chown root:sys /var/lib/sshd &amp;&amp;
 groupadd sshd &amp;&amp;
 useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd -s /bin/false sshd</command></userinput></screen>
+<para><application>OpenSSH</application> is very sensitive to changes in the
 linked <application>OpenSSL</application> libraries. If you recompile
 <application>OpenSSL</application>, <application>OpenSSH</application> may
+fail to startup. An alternative is to link against the static
+<application>OpenSSL</application> library. To link against the static
 library, execute the following command:</para>
 <screen><userinput><command>sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" configure</command></userinput></screen>
+<para>Install <application>Open<acronym>SSH</acronym></application> by running
 the following commands:</para>
 <screen><userinput><command>./configure --prefix=/usr --sysconfdir=/etc/ssh \
+useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd -s /bin/false sshd</userinput></screen>
+    <para><application>OpenSSH</application> is very sensitive to changes in
+    the linked <application>OpenSSL</application> libraries. If you recompile
+    <application>OpenSSL</application>, <application>OpenSSH</application> may
+    fail to startup. An alternative is to link against the static
+    <application>OpenSSL</application> library. To link against the static
+    library, execute the following command:</para>
+<screen><userinput>sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" configure</userinput></screen>
+    <para>Install <application>OpenSSH</application> by running
+    the following commands:</para>
+<screen><userinput>./configure --prefix=/usr --sysconfdir=/etc/ssh \
     --libexecdir=/usr/sbin --with-md5-passwords \
+    --with-privsep-path=/var/lib/sshd</command></userinput></screen>
+<para>If you use <application>Heimdal</application> as your Kerberos5
+implementation and you linked the <application>Heimdal</application> libraries
+into the build using the <option>--with-kerberos5</option> parameter, you'll
+need to modify the <filename>Makefile</filename> or the build will fail. Use
+the following command:</para>
+<screen><userinput><command>sed -i -e "s/lkrb5 -ldes/lkrb5/" Makefile</command></userinput></screen>
+<para>Continue the build:</para>
+<screen><userinput><command>make</command></userinput></screen>
+<para>If you linked <application>tcp_wrappers</application> into the build
+using the <option>--with-tcp-wrappers</option> parameter, ensure you add
+.0.0.1 to the sshd line in <filename>/etc/hosts.allow</filename> if you
+have a restrictive <filename>/etc/hosts.deny</filename> file, or the testsuite
+will fail. To run the testsuite, issue: <command>make -k
+tests</command>.</para>
+<para>Now, as the root user:</para>
+<screen><userinput role='root'><command>make install</command></userinput></screen>
+</sect2>
+<sect2>
+<title>Command explanations</title>
+<para><parameter>--sysconfdir=/etc/ssh</parameter>: This prevents the
+configuration files from being installed in
+<filename class="directory">/usr/etc</filename>.</para>
+<para><parameter>--with-md5-passwords</parameter>: This is required
+if you made the changes recommended by the shadowpasswd_plus
+<acronym>LFS</acronym> hint on
+your <acronym>SSH</acronym> server when you installed the Shadow Password
+Suite or if you access a <acronym>SSH</acronym> server that authenticates by
+user passwords encrypted with md5. </para>
+<para><parameter>--libexecdir=/usr/sbin</parameter>: This parameter
+changes the installation path of some programs to
+<filename class="directory">/usr/sbin</filename> instead of
+<filename class="directory">/usr/libexec</filename>.</para>
+</sect2>
+<sect2>
+<title>Configuring <application>Open<acronym>SSH</acronym></application></title>
+<sect3 id="openssh-config"><title>Config files</title>
+<para><filename>~/.ssh/*, /etc/ssh/ssh_config</filename> and
+<filename>/etc/ssh/sshd_config</filename></para>
+<indexterm zone="openssh openssh-config">
+<primary sortas="e-AA.ssh">~/.ssh/*</primary></indexterm>
+<indexterm zone="openssh openssh-config">
+<primary sortas="e-etc-ssh-ssh_config">/etc/ssh/ssh_config</primary>
+</indexterm>
+<indexterm zone="openssh openssh-config">
+<primary sortas="e-etc-ssh-sshd_config">/etc/ssh/sshd_config</primary>
+</indexterm>
+<para>There are no required changes to any of these files. However,
+you may wish to view the <filename class='directory'>/etc/ssh/</filename>
+files and make any changes appropriate for the security of your system. One
+recomended change is that you disable root login via <command>ssh</command>.
+Execute the following command to disable root login via
+<command>ssh</command>:</para>
+<screen><userinput><command>echo "PermitRootLogin no" >> /etc/ssh/sshd_config</command></userinput></screen>
+<para>Additional configuration information can be found in the man pages for
+<command>sshd</command>, <command>ssh</command> and
+<command>ssh-agent</command>.</para>
+</sect3>
+<sect3 id="openssh-init"><title>sshd init.d script</title>
+<para>To start the <acronym>SSH</acronym> server at system boot, install the
+<filename>/etc/rc.d/init.d/sshd</filename> init script included in the
+<xref linkend="intro-important-bootscripts"/> package.</para>
+<indexterm zone="openssh openssh-init">
+<primary sortas="f-sshd">sshd</primary></indexterm>
+<screen><userinput><command>make install-sshd</command></userinput></screen>
+</sect3>
+</sect2>
+<sect2>
+<title>Contents</title>
+<segmentedlist>
+<segtitle>Installed Programs</segtitle>
+<segtitle>Installed Libraries</segtitle>
+<segtitle>Installed Directories</segtitle>
+<seglistitem>
+<seg>scp, sftp, sftp-server, slogin, ssh, sshd, ssh-add, ssh-agent,
+ssh-keygen, ssh-keyscan and ssh-keysign</seg>
+<seg>None</seg>
+<seg>/etc/ssh and /var/lib/sshd</seg>
+</seglistitem>
+</segmentedlist>
+<variablelist>
+<bridgehead renderas="sect3">Short Descriptions</bridgehead>
+<?dbfo list-presentation="list"?>
+<varlistentry id="scp">
+<term><command>scp</command></term>
+<listitem><para>is a file copy program that acts like <command>rcp</command>
+except it uses an encrypted protocol.</para>
+<indexterm zone="openssh scp">
+<primary sortas="b-scp">scp</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="sftp">
+<term><command>sftp</command></term>
+<listitem><para>is an <acronym>FTP</acronym>-like program that works over
+<acronym>SSH</acronym>1 and <acronym>SSH</acronym>2 protocols.</para>
+<indexterm zone="openssh sftp">
+<primary sortas="b-sftp">sftp</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="sftp-server">
+<term><command>sftp-server</command></term>
+<listitem><para>is an <acronym>SFTP</acronym> server subsystem.</para>
+<indexterm zone="openssh sftp-server">
+<primary sortas="b-sftp-server">sftp-server</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="slogin">
+<term><command>slogin</command></term>
+<listitem><para>is a symlink to <command>ssh</command>.</para>
+<indexterm zone="openssh slogin">
+<primary sortas="g-slogin">slogin</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="ssh">
+<term><command>ssh</command></term>
+<listitem><para>is an <command>rlogin</command>/<command>rsh</command>-like
+client program except it uses an encrypted protocol.</para>
+<indexterm zone="openssh ssh">
+<primary sortas="b-ssh">ssh</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="sshd">
+<term><command>sshd</command></term>
+<listitem><para>is a daemon that listens for <command>ssh</command> login
+requests.</para>
+<indexterm zone="openssh sshd">
+<primary sortas="b-sshd">sshd</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="ssh-add">
+<term><command>ssh-add</command></term>
+<listitem><para>is a tool which adds keys to the
+<command>ssh-agent</command>.</para>
+<indexterm zone="openssh ssh-add">
+<primary sortas="b-ssh-add">ssh-add</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="ssh-agent">
+<term><command>ssh-agent</command></term>
+<listitem><para>is an authentication agent that can store private keys.</para>
+<indexterm zone="openssh ssh-agent">
+<primary sortas="b-ssh-agent">ssh-agent</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="ssh-keygen">
+<term><command>ssh-keygen</command></term>
+<listitem><para>is a key generation tool.</para>
+<indexterm zone="openssh ssh-keygen">
+<primary sortas="b-ssh-keygen">ssh-keygen</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="ssh-keyscan">
+<term><command>ssh-keyscan</command></term>
+<listitem><para>is a utility for gathering public host keys from a number of
+hosts.</para>
+<indexterm zone="openssh ssh-keyscan">
+<primary sortas="b-ssh-keyscan">ssh-keyscan</primary>
+</indexterm></listitem>
+</varlistentry>
+<varlistentry id="ssh-keysign">
+<term><command>ssh-keysign</command></term>
+<listitem><para>is used by <command>ssh</command> to access the local host
+keys and generate the digital signature required during hostbased
+authentication with <acronym>SSH</acronym> protocol version 2.</para>
+<indexterm zone="openssh ssh-keysign">
+<primary sortas="b-ssh-keysign">ssh-keysign</primary>
+</indexterm></listitem>
+</varlistentry>
+</variablelist>
+</sect2>
+    --with-privsep-path=/var/lib/sshd</userinput></screen>
+    <para>If you use <application>Heimdal</application> as your Kerberos5
+    implementation and you linked the <application>Heimdal</application>
+    libraries into the build using the <option>--with-kerberos5</option>
+    parameter, you'll need to modify the <filename>Makefile</filename> or
+    the build will fail. Use the following command:</para>
+<screen><userinput>sed -i -e "s/lkrb5 -ldes/lkrb5/" Makefile</userinput></screen>
+    <para>Continue the build:</para>
+<screen><userinput>make</userinput></screen>
+    <para>If you linked <application>tcp_wrappers</application> into the
+    build using the <option>--with-tcp-wrappers</option> parameter, ensure
+    you add 127.0.0.1 to the sshd line in <filename>/etc/hosts.allow</filename>
+    if you have a restrictive <filename>/etc/hosts.deny</filename> file, or the
+    testsuite will fail. To run the testsuite, issue: <command>make -k
+    tests</command>.</para>
+    <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
+<screen role="root"><userinput>make install</userinput></screen>
+  </sect2>
+  <sect2 role="commands">
+    <title>Command Explanations</title>
+    <para><parameter>--sysconfdir=/etc/ssh</parameter>: This prevents
+    the configuration files from being installed in
+    <filename class="directory">/usr/etc</filename>.</para>
+    <para><parameter>--with-md5-passwords</parameter>: This is required
+    if you made the changes recommended by the shadowpasswd_plus
+    LFS hint on your SSH server when you installed the Shadow Password
+    Suite or if you access a SSH server that authenticates by
+    user passwords encrypted with md5.</para>
+    <para><parameter>--libexecdir=/usr/sbin</parameter>: This parameter
+    changes the installation path of some programs to
+    <filename class="directory">/usr/sbin</filename> instead of
+    <filename class="directory">/usr/libexec</filename>.</para>
+  </sect2>
+  <sect2 role="configuration">
+    <title>Configuring OpenSSH</title>
+    <sect3 id="openssh-config">
+      <title>Config Files</title>
+      <para><filename>~/.ssh/*</filename>,
+      <filename>/etc/ssh/ssh_config</filename>, and
+      <filename>/etc/ssh/sshd_config</filename></para>
+      <indexterm zone="openssh openssh-config">
+        <primary sortas="e-AA.ssh">~/.ssh/*</primary>
+      </indexterm>
+      <indexterm zone="openssh openssh-config">
+        <primary sortas="e-etc-ssh-ssh_config">/etc/ssh/ssh_config</primary>
+      </indexterm>
+      <indexterm zone="openssh openssh-config">
+        <primary sortas="e-etc-ssh-sshd_config">/etc/ssh/sshd_config</primary>
+      </indexterm>
+      <para>There are no required changes to any of these files. However,
+      you may wish to view the <filename class='directory'>/etc/ssh/</filename>
+      files and make any changes appropriate for the security of your system. One
+      recomended change is that you disable root login via <command>ssh</command>.
+      Execute the following command to disable root login via
+      <command>ssh</command>:</para>
+<screen role="root"><userinput>echo "PermitRootLogin no" >> /etc/ssh/sshd_config</userinput></screen>
+      <para>Additional configuration information can be found in the man
+      pages for <command>sshd</command>, <command>ssh</command> and
+      <command>ssh-agent</command>.</para>
+    </sect3>
+    <sect3  id="openssh-init">
+      <title>Boot Script</title>
+      <para>To start the SSH server at system boot, install the
+      <filename>/etc/rc.d/init.d/sshd</filename> init script included
+      in the <xref linkend="intro-important-bootscripts"/> package.</para>
+      <indexterm zone="openssh openssh-init">
+        <primary sortas="f-sshd">sshd</primary>
+      </indexterm>
+<screen role="root"><userinput>make install-sshd</userinput></screen>
+    </sect3>
+  </sect2>
+  <sect2 role="content">
+    <title>Contents</title>
+    <segmentedlist>
+      <segtitle>Installed Programs</segtitle>
+      <segtitle>Installed Libraries</segtitle>
+      <segtitle>Installed Directories</segtitle>
+      <seglistitem>
+        <seg>scp, sftp, sftp-server, slogin, ssh, sshd, ssh-add, ssh-agent,
+        ssh-keygen, ssh-keyscan, and ssh-keysign</seg>
+        <seg>None</seg>
+        <seg>/etc/ssh and /var/lib/sshd</seg>
+      </seglistitem>
+    </segmentedlist>
+    <variablelist>
+      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
+      <?dbfo list-presentation="list"?>
+      <?dbhtml list-presentation="table"?>
+      <varlistentry id="scp">
+        <term><command>scp</command></term>
+        <listitem>
+          <para>is a file copy program that acts like <command>rcp</command>
+          except it uses an encrypted protocol.</para>
+          <indexterm zone="openssh scp">
+            <primary sortas="b-scp">scp</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="sftp">
+        <term><command>sftp</command></term>
+        <listitem>
+          <para>is an FTP-like program that works over
+          SSH1 and SSH2 protocols.</para>
+          <indexterm zone="openssh sftp">
+            <primary sortas="b-sftp">sftp</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="sftp-server">
+        <term><command>sftp-server</command></term>
+        <listitem>
+          <para>is an SFTP server subsystem.</para>
+          <indexterm zone="openssh sftp-server">
+            <primary sortas="b-sftp-server">sftp-server</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="slogin">
+        <term><command>slogin</command></term>
+        <listitem>
+          <para>is a symlink to <command>ssh</command>.</para>
+          <indexterm zone="openssh slogin">
+            <primary sortas="g-slogin">slogin</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="ssh">
+        <term><command>ssh</command></term>
+        <listitem>
+          <para>is an <command>rlogin</command>/<command>rsh</command>-like
+          client program except it uses an encrypted protocol.</para>
+          <indexterm zone="openssh ssh">
+            <primary sortas="b-ssh">ssh</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="sshd">
+        <term><command>sshd</command></term>
+        <listitem>
+          <para>is a daemon that listens for <command>ssh</command> login
+          requests.</para>
+          <indexterm zone="openssh sshd">
+            <primary sortas="b-sshd">sshd</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="ssh-add">
+        <term><command>ssh-add</command></term>
+        <listitem>
+          <para>is a tool which adds keys to the
+          <command>ssh-agent</command>.</para>
+          <indexterm zone="openssh ssh-add">
+            <primary sortas="b-ssh-add">ssh-add</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="ssh-agent">
+        <term><command>ssh-agent</command></term>
+        <listitem>
+          <para>is an authentication agent that can store private keys.</para>
+          <indexterm zone="openssh ssh-agent">
+            <primary sortas="b-ssh-agent">ssh-agent</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="ssh-keygen">
+        <term><command>ssh-keygen</command></term>
+        <listitem>
+          <para>is a key generation tool.</para>
+          <indexterm zone="openssh ssh-keygen">
+            <primary sortas="b-ssh-keygen">ssh-keygen</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="ssh-keyscan">
+        <term><command>ssh-keyscan</command></term>
+        <listitem>
+          <para>is a utility for gathering public host keys from a
+          number of hosts.</para>
+          <indexterm zone="openssh ssh-keyscan">
+            <primary sortas="b-ssh-keyscan">ssh-keyscan</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+      <varlistentry id="ssh-keysign">
+        <term><command>ssh-keysign</command></term>
+        <listitem>
+          <para>is used by <command>ssh</command> to access the local host
+          keys and generate the digital signature required during hostbased
+          authentication with SSH protocol version 2.</para>
+          <indexterm zone="openssh ssh-keysign">
+            <primary sortas="b-ssh-keysign">ssh-keysign</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+    </variablelist>
+  </sect2>
 </sect1>

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset e4e0d060

Legend:

server/major/openssh.xml

Download in other formats: