plan9fox/sys/man/1/ssh
2019-04-02 18:46:00 +02:00

124 lines
2.2 KiB
Text

.TH SSH 1
.SH NAME
ssh - secure shell remote login client
.SH SYNOPSIS
.B ssh
[
.B -d
] [
.B -R
] [
.B -r
] [
.B -t
.I thumbfile
] [
.B -T
.I tries
] [
.B -u
.I user
] [
.B -h
] [
.IR user @] host
[
.B -W
.I remote!port
] [
.I cmd
.I args
.I ...
]
.SH DESCRIPTION
.I Ssh
starts a remote shell or
.I cmd
on the computer
.I host
logged in as
.IR user .
The input file descriptor is forwarded to the
remote side and output and error descriptors
are forwarded to the local side.
.PP
The connection is authenticated and encrypted
using the SSH2 protocol. The user authenticates
itself to the host using his RSA key pair (stored
in factotum) or plaintext passwords. To authenticate
the host to the user, the hosts RSA public key is
hashed and compared to the entries in
.B $home/lib/sshthumbs
file (see
.IR thumbprint (6)).
The
.I thumbfile
location can be changed with the
.B -t
option.
.PP
When
.I cmd
is specified, it is concatenated with the list of quoted
.I args
and run on the remote side. No pseudo terminal will be requested.
A
.I cmd
beginning with
.B #
is interpreted as a subsystem name such as sftp (see
.IR sshfs (4)).
.PP
Without
.IR cmd ,
a shell is started on the remote side.
In that case and when the
.B $TERM
environment variable is set (such as when started under
a terminal emulator like
.IR vt (1)),
a pseudo terminal will be requested for the shell.
This can be disabled with the
.B -R
option.
A pseudo-terminal can be requested in all cases
with the
.B -r
option.
.PP
With the
.B -W
option, instead of executing a command remotely, makes
the server dial a tcp connection to
.I remote!port
which the client relays on standard input and output.
For handling multiple connections transparently to
programs, see
.IR sshnet (4).
.PP
The
.B -d
option enables debug output.
.SH FILES
.TF $home/lib/sshthumbs
.TP
.B $home/lib/sshthumbs
the user's thumbfile of known host fingerprints
.SH SOURCE
.B /sys/src/cmd/ssh.c
.SH BUGS
If
.I keyboard-interactive
authentication fails, by default it is retried three times.
The number of
.I tries
can be changed with
.BR -T .
Setting it to zero disables keyboard-interactive authentication.
.SH "SEE ALSO"
.IR vt (1),
.IR rsa (8),
.IR thumbprint (6),
.IR factotum (4),
.IR sshfs (4),
.IR sshnet (4)