Lines Matching full:be

7 .\" can be used freely for any purpose.  Any derived versions of this
8 .\" software must be clearly marked as such, and if the derived work is
9 .\" incompatible with the protocol description in the RFC file, it must be
28 .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
60 will be used.
71 host-specific declarations should be given near the beginning of the
78 Arguments may optionally be enclosed in double quotes
81 Configuration options may be separated by whitespace or
102 keyword) to be only for those hosts that match one of the patterns
104 If more than one pattern is provided, they should be separated by whitespace.
107 as a pattern can be used to provide global
116 A pattern entry may be negated by prefixing it with an exclamation mark
133 keyword) to be used only when the conditions following the
157 Other criteria may be combined arbitrarily.
164 Criteria may be negated by prepending an exclamation mark
173 This may be useful to specify conditions that work with canonical host
178 keyword requests that the configuration be re-parsed (regardless of whether
193 Commands containing whitespace characters must be quoted.
204 This may be convenient for varying the effective configuration on devices that
208 and so caution should be applied if using it to control security-sensitive
211 The other keywords' criteria must be single entries or comma-separated
242 (this keyword may be useful in system-wide
246 Specifies whether keys should be automatically added to a running
263 each use of the key must be confirmed, as if the
270 Alternately, this option may be specified as a time interval
277 after which it will automatically be removed.
278 The argument must be
299 will be disabled.
303 The argument must be
332 is enabled and the target hostname cannot be found in any of the domains
377 Specifies rules to determine whether CNAMEs should be followed when
392 to be canonicalized to names in the
400 causes no CNAMEs to be considered for canonicalization.
416 character, then the specified algorithms will be appended to the default set
420 character, then the specified algorithms (including wildcards) will be removed
428 A corresponding private key must be provided separately in order
453 configuration files; these certificates will be tried in sequence.
466 must be the special keyword
486 expires then all open channels will be closed.
487 Note that this global timeout is not matched by wildcards and must be
550 the check will not be executed.
553 Multiple ciphers must be comma-separated.
556 character, then the specified ciphers will be appended to the default set
560 character, then the specified ciphers (including wildcards) will be removed
564 character, then the specified ciphers will be placed at the head of the
588 The list of available ciphers may also be obtained using
592 specified in the configuration files or on the command line be
601 The argument must be
608 The argument must be
615 The argument must be an integer.
616 This may be useful in scripts if the connection sometimes fails.
650 cannot be opened,
657 display and agent forwarded will be the one belonging to the master
688 at least %h, %p, and %r (or alternatively %C) and be placed in a directory
700 then the master connection will not be placed into the background,
714 Specifies that a TCP port on the local machine be forwarded
719 The argument must be
723 IPv6 addresses can be specified by enclosing addresses in square brackets.
729 may be used to bind the connection to a specific address.
734 indicates that the listening port be bound for local use only, while an
737 indicates that the port should be available from all interfaces.
742 Multiple forwardings may be specified, and
743 additional forwardings can be given on the command line.
760 The argument must be
765 This option should be placed in the non-hostspecific section.
773 be set on the command line.
774 The argument should be a single character,
793 The argument must be
835 will wait for all remote port forwards to be successfully established
837 The argument to this keyword must be
846 will be forwarded to the remote machine.
847 The argument may be
856 Agent forwarding should be enabled with caution.
864 Specifies whether X11 connections will be automatically redirected
868 The argument must be
874 X11 forwarding should be enabled with caution.
878 An attacker may then be able to perform activities such as keystroke monitoring
890 after this time will be refused.
905 remote X11 clients will be considered untrusted and prevented
910 token used for the session will be set to expire after 20 minutes.
911 Remote clients will be refused access after this time.
923 can be used to specify that ssh
926 The argument must be
950 These hashed names may be used normally by
959 will not be converted automatically,
960 but may be manually hashed using
963 Specifies the signature algorithms that will be used for hostbased
967 character, then the specified signature algorithms will be appended
972 will be removed from the default set instead of replacing them.
975 character, then the specified signature algorithms will be placed
998 may be used to list supported signature algorithms.
1003 The argument must be
1013 character, then the specified signature algorithms will be appended to
1018 will be removed from the default set instead of replacing them.
1021 character, then the specified signature algorithms will be placed
1043 The list of available signature algorithms may also be obtained using
1046 Specifies an alias that should be used instead of the
1053 This can be used to specify nicknames or abbreviations for hosts.
1080 The argument to this keyword must be
1094 environment variable and can be used to select a specific agent.
1100 is specified, the location of the socket will be read from the
1105 character, then it will be treated as an environment variable containing
1131 will be used for authentication unless
1151 may be used to indicate no identity files should be loaded.
1155 identities will be tried in sequence.
1162 may be used in conjunction with
1166 may also be used in conjunction with
1171 Specifies a pattern-list of unknown options to be ignored if they are
1173 This may be used to suppress errors if
1179 be listed early in the configuration file as it will not be applied
1183 Multiple pathnames may be specified and each pathname may contain
1193 Wildcards will be expanded and processed in lexical order.
1194 Files without absolute paths are assumed to be in
1250 The argument to this keyword must be
1259 Multiple method names must be comma-separated.
1263 it may be zero or more of:
1269 Specifies the permitted KEX (Key Exchange) algorithms that will be used and
1271 The selected algorithm will be the first algorithm in this list that
1273 Multiple algorithms must be comma-separated.
1277 character, then the specified algorithms will be appended to the default set
1281 character, then the specified algorithms (including wildcards) will be removed
1285 character, then the specified algorithms will be placed at the head of the
1300 The list of supported key exchange algorithms may also be obtained using
1319 The command may be invoked multiple times per connection: once when preparing
1342 It should not be used for interactive commands.
1349 be forwarded over
1352 For a TCP port, the first argument must be
1357 The second argument is the destination and may be
1361 IPv6 addresses can be specified by enclosing addresses in square brackets.
1363 If either argument contains a '/' in it, that argument will be
1367 Multiple forwardings may be specified, and additional forwardings can be
1375 may be used to bind the connection to a specific address.
1380 indicates that the listening port be bound for local use only, while an
1383 indicates that the port should be available from all interfaces.
1418 Multiple algorithms must be comma-separated.
1421 character, then the specified algorithms will be appended to the default set
1425 character, then the specified algorithms (including wildcards) will be removed
1429 character, then the specified algorithms will be placed at the head of the
1446 The list of available MAC algorithms may also be obtained using
1450 The argument to this keyword must be
1457 The argument to this keyword must be an integer.
1468 The argument to this keyword must be
1480 The argument to this keyword must be
1492 The argument must be
1501 The forwarding specification must be one of the following forms:
1521 Multiple forwards may be specified by separating them with whitespace.
1524 can be used to remove all restrictions and permit any forwarding requests.
1527 can be used to prohibit all forwarding requests.
1530 can be used for host or port to allow all hosts or ports respectively.
1536 to indicate that no provider should be used (the default).
1568 The command can be basically anything,
1575 Host key management will be done using the
1601 Multiple proxies may be separated by comma characters and will be visited
1624 should be used if specific configuration is required for jump hosts.
1634 Specifies the signature algorithms that will be used for public key
1638 character, then the algorithms after it will be appended to the default
1642 character, then the specified algorithms (including wildcards) will be removed
1646 character, then the specified algorithms will be placed at the head of the
1665 The list of available signature algorithms may also be obtained using
1669 The argument to this keyword must be
1682 Specifies the maximum amount of data that may be transmitted or received
1717 be forwarded over the secure channel.
1718 The remote port may either be forwarded to a specified host and port
1722 The first argument is the listening specification and may be
1727 If forwarding to a specific destination then the second argument must be
1731 will be established as a SOCKS proxy.
1732 When acting as a SOCKS proxy, the destination of the connection can be
1736 IPv6 addresses can be specified by enclosing addresses in square brackets.
1738 If either argument contains a '/' in it, that argument will be
1742 Multiple forwardings may be specified, and additional
1743 forwardings can be given on the command line.
1744 Privileged ports can be forwarded only when
1755 the listen port will be dynamically allocated on the server and reported
1775 The argument may be one of:
1794 User authentication keys smaller than this limit will be ignored.
1796 connection to be terminated.
1800 Note that this limit may only be raised from the default.
1803 Keys listed in this file will be refused for host authentication.
1805 then host authentication will be refused for all hosts.
1806 Keys may be specified as a text file, listing one public key per line, or as
1820 Specifies a path to a library that will be used when loading any
1826 character, then it will be treated as an environment variable containing
1831 should be sent to the server.
1832 The server must also support it, and the server must be configured to
1844 Multiple environment variables may be separated by whitespace or spread
1859 Sets the number of server alive messages (see below) which may be
1870 and therefore will not be spoofable.
1891 is 0, indicating that these messages will not be sent to the server.
1893 May be used to either request invocation of a subsystem on the remote system,
1896 The argument to this keyword must be
1909 be sent to the server.
1914 variable, the server must be prepared to accept the environment variable.
1921 option must be used when
1924 The argument to this keyword must be
1949 will be unable to forward the port to the Unix-domain socket file.
1952 The argument must be
1965 though it can be annoying when the
1989 will be added to the user known host files only after the user
1993 known hosts will be verified automatically in all cases.
2004 of the machines will be properly noticed.
2015 To disable TCP keepalive messages, the value should be set to
2021 Specify a configuration tag name that may be later used by a
2028 The argument must be
2049 The argument must be
2053 The devices may be specified by numerical ID or the keyword
2068 The argument must be
2092 will be set to
2102 and will be disabled if it is enabled.
2111 This can be useful when a different user name is used on different machines.
2138 Insecure fingerprints will be handled as if this option was set to
2142 information on fingerprint match will be displayed, but the user will still
2168 only the fingerprint string will be printed for unknown host keys.
2188 the following pattern could be used:
2200 Patterns within pattern-lists may be negated
2204 to allow a key to be used from anywhere within an organization
2208 the following entry (in authorized_keys) could be used:
2332 Arguments to some keywords can be expanded at runtime from environment
2338 If a specified environment variable does not exist then an error will be
2339 returned and the setting for that keyword will be ignored.
2369 This file must be world-readable.