ssh_config
If you want to send us your comments, please do so. Thanks
More on comments
ssh_config
The client side config file
All options
Option | Setting | Remark |
---|---|---|
IgnoreUnknown | Put in front so all consecutive options are checked when this option is activated | |
AddKeysToAgent | no | Default |
AddressFamily | inet | IPv4 only. Default: any |
BatchMode | no | Default |
BindAddress | ||
CanonicalDomains | ||
CanonicalizeFallbackLocal | ||
CanonicalizeHostname | no | Default |
CanonicalizeMaxDots | ||
CanonicalizePermittedCNAMEs | ||
CertificateFile | ||
CertificateFile | ||
ChallengeResponseAuthentication | no | Default |
CheckHostIP | yes | Default |
Cipher | blowfish, 3des | Default |
Ciphers | chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc | Default. Comma separated list |
ClearAllForwardings | no | Default. Comma separated list |
Compression | no | Default |
CompressionLevel | 6 | Default |
ConnectionAttempts | 1 | Default |
ConnectTimeout | Default: Follow the system TCP timeout | |
ControlMaster | no | Default |
ControlPath | ||
ControlPersist | ||
DynamicForward | ||
EnableSSHKeysign | no | Default |
EscapeChar | ~ | Default |
ExitOnForwardFailure | no | Default |
FingerprintHash | sha256 | Default |
ForwardAgent | no | Default |
ForwardX11 | ||
ForwardX11Timeout | ||
ForwardX11Trusted | ||
GatewayPorts | ||
GlobalKnownHostsFile | ||
GSSAPIAuthentication | yes | Default for the Debian openssh-client. Otherwise the default is “no” |
GSSAPIKeyExchange | ||
GSSAPIClientIdentity | ||
GSSAPIServerIdentity | ||
GSSAPIDelegateCredentials | ||
GSSAPIRenewalForcesRekey | ||
GSSAPITrustDns | ||
HashKnownHosts | yes | Default for the Debian openssh-client. Otherwise the default is “no” |
Host | * | Allow all |
HostbasedAuthentication | no | Default |
HostbasedKeyTypes | ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa | Default. Comma separated list |
HostKeyAlgorithms | ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa | Default. Comma separated list |
HostKeyAlias | ||
HostName | ||
IdentitiesOnly | no | Default |
IdentityAgent | ||
IdentityFile | ~/.ssh/id_dsa, ~/.ssh/id_ecdsa, ~/.ssh/id_ed25519 and ~/.ssh/id_rsa | Default. Protocol version 2 |
Include | ||
IPQoS | lowdelay throughput | Default |
KbdInteractiveAuthentication | yes | Default |
KbdInteractiveDevices | OpenSSH server: zero or more of: bsdauth, pam, skey | |
KexAlgorithms | curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1 | Default. Comma separated list |
LocalCommand | ||
LocalForward | ||
LogLevel | INFO | Default |
MACs | umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1 | Default |
Match | ||
NoHostAuthenticationForLocalhost | no | Default |
NumberOfPasswordPrompts | 3 | Default |
PasswordAuthentication | yes | Default |
PermitLocalCommand | no | Default |
PKCS11Provider | ||
Port | 22 | Default |
PreferredAuthentications | gssapi-with-mic,hostbased,publickey,keyboard-interactive,password | Default |
Protocol | 2 | Default |
ProxyCommand | ||
ProxyJump | ||
ProxyUseFdpass | no | Default |
PubkeyAcceptedKeyTypes | ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,ssh-rsa | Default. Comma separated list |
PubkeyAuthentication | yes | Default |
RekeyLimit | none | Default |
RemoteForward | Bind to loopback addresses | Default |
RequestTTY | no | |
RevokedHostKeys | ||
RhostsRSAAuthentication | no | Default |
RSAAuthentication | yes | Default |
SendEnv | LANG LC_* | Default for the Debian openssh-client Otherwise the default is ““ |
ServerAliveCountMax | 3 | Default |
ServerAliveInterval | 0 | |
StreamLocalBindMask | 0177 | Default |
StreamLocalBindUnlink | no | Default |
StrictHostKeyChecking | ask | Default |
TCPKeepAlive | yes | Default |
Tunnel | no | Default |
TunnelDevice | any:any | Default |
UpdateHostKeys | no | Default |
UsePrivilegedPort | no | Default |
User | User to log in as | |
UserKnownHostsFile | ~/.ssh/known_hosts, ~/.ssh/known_hosts2 | Default |
VerifyHostKeyDNS | no | Default |
VisualHostKey | no | Default |
XAuthLocation | /usr/bin/xauth | Default |
Main subjects on this wiki: Linux, Debian, HTML, Microcontrollers, Privacy
RSS
Disclaimer
Privacy statement
Bugs statement
Cookies
Copyright © : 2014 - 2024 Webevaluation.nl and the authors
Changes reserved.
ssh_config.txt · Last modified: 09-05-2020 18:03 by wim