centos man page for ssh-keysign

Centos Man Pages All Man Pages Latest Topics Forum Categories

Query: ssh-keysign

OS: centos

Section: 8

Format: Original Unix Latex Style Formatted with HTML and a Horizontal Scroll Bar

SSH-KEYSIGN(8)						    BSD System Manager's Manual 					    SSH-KEYSIGN(8)


NAME

     ssh-keysign -- ssh helper program for host-based authentication


SYNOPSIS

     ssh-keysign


DESCRIPTION

     ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
     SSH protocol version 2.

     ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
     EnableSSHKeysign to ``yes''.

     ssh-keysign is not intended to be invoked by the user, but from ssh(1).  See ssh(1) and sshd(8) for more information about host-based authen-
     tication.


FILES

     /etc/ssh/ssh_config
	     Controls whether ssh-keysign is enabled.

     /etc/ssh/ssh_host_dsa_key
     /etc/ssh/ssh_host_ecdsa_key
     /etc/ssh/ssh_host_rsa_key
	     These files contain the private parts of the host keys used to generate the digital signature.  They should be owned by root, read-
	     able only by root, and not accessible to others.  Since they are readable only by root, ssh-keysign must be set-uid root if host-
	     based authentication is used.

     /etc/ssh/ssh_host_dsa_key-cert.pub
     /etc/ssh/ssh_host_ecdsa_key-cert.pub
     /etc/ssh/ssh_host_rsa_key-cert.pub
	     If these files exist they are assumed to contain public certificate information corresponding with the private keys above.


ENVIRONMENT

     SSH_USE_STRONG_RNG
	     The reseeding of the OpenSSL random generator is usually done from /dev/urandom.  If the SSH_USE_STRONG_RNG environment variable is
	     set to value other than 0 the OpenSSL random generator is reseeded from /dev/random.  The number of bytes read is defined by the
	     SSH_USE_STRONG_RNG value.	Minimum is 14 bytes.  This setting is not recommended on the computers without the hardware random genera-
	     tor because insufficient entropy causes the connection to be blocked until enough entropy is available.


SEE ALSO

     ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)


HISTORY

     ssh-keysign first appeared in OpenBSD 3.2.


AUTHORS

     Markus Friedl <markus@openbsd.org>


BSD
								   July 16, 2013							       BSD
Related Man Pages
ssh-keysign(1m) - plan9
ssh-keysign(1m) - v7
ssh-keysign(1m) - posix
ssh-keysign(1m) - bsd
ssh-keysign(1m) - ultrix
Similar Topics in the Unix Linux Community
SSH, again...
ssh1 ssh2 how to tell which version i have?
SSH public key failing without error message
SSH connection &quot;Permission denied&quot;
Can't establish outbound ssh connection on an OpenBSD system