version 1.5.4.1, 2017/08/15 05:27:53 |
version 1.6, 2013/07/20 21:39:56 |
|
|
.\" $NetBSD$ |
.\" $NetBSD$ |
.\" $OpenBSD: ssh-keysign.8,v 1.15 2016/02/17 07:38:19 jmc Exp $ |
.\" $OpenBSD: ssh-keysign.8,v 1.12 2010/08/31 11:54:45 djm Exp $ |
.\" |
.\" |
.\" Copyright (c) 2002 Markus Friedl. All rights reserved. |
.\" Copyright (c) 2002 Markus Friedl. All rights reserved. |
.\" |
.\" |
|
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
.\" |
.\" |
.Dd February 17 2016 |
.Dd August 31, 2010 |
.Dt SSH-KEYSIGN 8 |
.Dt SSH-KEYSIGN 8 |
.Os |
.Os |
.Sh NAME |
.Sh NAME |
|
|
is used by |
is used by |
.Xr ssh 1 |
.Xr ssh 1 |
to access the local host keys and generate the digital signature |
to access the local host keys and generate the digital signature |
required during host-based authentication. |
required during host-based authentication with SSH protocol version 2. |
.Pp |
.Pp |
.Nm |
.Nm |
is disabled by default and can only be enabled in the |
is disabled by default and can only be enabled in the |
|
|
.Pp |
.Pp |
.It Pa /etc/ssh/ssh_host_dsa_key |
.It Pa /etc/ssh/ssh_host_dsa_key |
.It Pa /etc/ssh/ssh_host_ecdsa_key |
.It Pa /etc/ssh/ssh_host_ecdsa_key |
.It Pa /etc/ssh/ssh_host_ed25519_key |
|
.It Pa /etc/ssh/ssh_host_rsa_key |
.It Pa /etc/ssh/ssh_host_rsa_key |
These files contain the private parts of the host keys used to |
These files contain the private parts of the host keys used to |
generate the digital signature. |
generate the digital signature. |
Line 76 must be set-uid root if host-based authe |
|
Line 75 must be set-uid root if host-based authe |
|
.Pp |
.Pp |
.It Pa /etc/ssh/ssh_host_dsa_key-cert.pub |
.It Pa /etc/ssh/ssh_host_dsa_key-cert.pub |
.It Pa /etc/ssh/ssh_host_ecdsa_key-cert.pub |
.It Pa /etc/ssh/ssh_host_ecdsa_key-cert.pub |
.It Pa /etc/ssh/ssh_host_ed25519_key-cert.pub |
|
.It Pa /etc/ssh/ssh_host_rsa_key-cert.pub |
.It Pa /etc/ssh/ssh_host_rsa_key-cert.pub |
If these files exist they are assumed to contain public certificate |
If these files exist they are assumed to contain public certificate |
information corresponding with the private keys above. |
information corresponding with the private keys above. |