diff options
Diffstat (limited to 'templates/man5/ssh_config.5.pot')
| -rw-r--r-- | templates/man5/ssh_config.5.pot | 3831 |
1 files changed, 3831 insertions, 0 deletions
diff --git a/templates/man5/ssh_config.5.pot b/templates/man5/ssh_config.5.pot new file mode 100644 index 00000000..b5cd6e47 --- /dev/null +++ b/templates/man5/ssh_config.5.pot @@ -0,0 +1,3831 @@ +# SOME DESCRIPTIVE TITLE +# Copyright (C) YEAR Free Software Foundation, Inc. +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"POT-Creation-Date: 2024-02-15 18:11+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"Language-Team: LANGUAGE <LL@li.org>\n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. type: Dd +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "$Mdocdate: October 12 2023 $" +msgstr "" + +#. type: Dt +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "SSH_CONFIG 5" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "NAME" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "E<.Nm ssh_config>" +msgstr "" + +#. type: Nd +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "OpenSSH client configuration file" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "DESCRIPTION" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"E<.Xr ssh 1> obtains configuration data from the following sources in the " +"following order:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "command-line options" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "user's configuration file E<.Pq Pa ~/.ssh/config>" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "system-wide configuration file E<.Pq Pa /etc/ssh/ssh_config>" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Unless noted otherwise, for each parameter, the first obtained value will be " +"used. The configuration files contain sections separated by E<.Cm Host> " +"specifications, and that section is only applied for hosts that match one of " +"the patterns given in the specification. The matched host name is usually " +"the one given on the command line (see the E<.Cm CanonicalizeHostname> " +"option for exceptions)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Since the first obtained value for each parameter is used, more host-" +"specific declarations should be given near the beginning of the file, and " +"general defaults at the end." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The file contains keyword-argument pairs, one per line. Lines starting with " +"E<.Ql #> and empty lines are interpreted as comments. Arguments may " +"optionally be enclosed in double quotes E<.Pq \\&\"> in order to represent " +"arguments containing spaces. Configuration options may be separated by " +"whitespace or optional whitespace and exactly one E<.Ql =>; the latter " +"format is useful to avoid the need to quote whitespace when specifying " +"configuration options using the E<.Nm ssh>, E<.Nm scp>, and E<.Nm sftp> E<." +"Fl o> option." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The possible keywords and their meanings are as follows (note that keywords " +"are case-insensitive and arguments are case-sensitive):" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm Host" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Restricts the following declarations (up to the next E<.Cm Host> or E<.Cm " +"Match> keyword) to be only for those hosts that match one of the patterns " +"given after the keyword. If more than one pattern is provided, they should " +"be separated by whitespace. A single E<.Ql *> as a pattern can be used to " +"provide global defaults for all hosts. The host is usually the E<.Ar " +"hostname> argument given on the command line (see the E<.Cm " +"CanonicalizeHostname> keyword for exceptions)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"A pattern entry may be negated by prefixing it with an exclamation mark E<." +"Pq Sq !\\&>. If a negated entry is matched, then the E<.Cm Host> entry is " +"ignored, regardless of whether any other patterns on the line match. " +"Negated matches are therefore useful to provide exceptions for wildcard " +"matches." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "See E<.Sx PATTERNS> for more information on patterns." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm Match" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Restricts the following declarations (up to the next E<.Cm Host> or E<.Cm " +"Match> keyword) to be used only when the conditions following the E<.Cm " +"Match> keyword are satisfied. Match conditions are specified using one or " +"more criteria or the single token E<.Cm all> which always matches. The " +"available criteria keywords are: E<.Cm canonical>, E<.Cm final>, E<.Cm " +"exec>, E<.Cm localnetwork>, E<.Cm host>, E<.Cm originalhost>, E<.Cm Tag>, E<." +"Cm user>, and E<.Cm localuser>. The E<.Cm all> criteria must appear alone " +"or immediately after E<.Cm canonical> or E<.Cm final>. Other criteria may " +"be combined arbitrarily. All criteria but E<.Cm all>, E<.Cm canonical>, and " +"E<.Cm final> require an argument. Criteria may be negated by prepending an " +"exclamation mark E<.Pq Sq !\\&>." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The E<.Cm canonical> keyword matches only when the configuration file is " +"being re-parsed after hostname canonicalization (see the E<.Cm " +"CanonicalizeHostname> option). This may be useful to specify conditions " +"that work with canonical host names only." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The E<.Cm final> keyword requests that the configuration be re-parsed " +"(regardless of whether E<.Cm CanonicalizeHostname> is enabled), and matches " +"only during this final pass. If E<.Cm CanonicalizeHostname> is enabled, " +"then E<.Cm canonical> and E<.Cm final> match during the same pass." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The E<.Cm exec> keyword executes the specified command under the user's " +"shell. If the command returns a zero exit status then the condition is " +"considered true. Commands containing whitespace characters must be quoted. " +"Arguments to E<.Cm exec> accept the tokens described in the E<.Sx TOKENS> " +"section." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"The E<.Cm localnetwork> keyword matches the addresses of active local " +"network interfaces against the supplied list of networks in CIDR format. " +"This may be convenient for varying the effective configuration on devices " +"that roam between networks. Note that network address is not a trustworthy " +"criteria in many situations (e.g. when the network is automatically " +"configured using DHCP) and so caution should be applied if using it to " +"control security-sensitive configuration." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"The other keywords' criteria must be single entries or comma-separated lists " +"and may use the wildcard and negation operators described in the E<.Sx " +"PATTERNS> section. The criteria for the E<.Cm host> keyword are matched " +"against the target hostname, after any substitution by the E<.Cm Hostname> " +"or E<.Cm CanonicalizeHostname> options. The E<.Cm originalhost> keyword " +"matches against the hostname as it was specified on the command-line. The " +"E<.Cm tagged> keyword matches a tag name specified by a prior E<.Cm Tag> " +"directive or on the E<.Xr ssh 1> command-line using the E<.Fl P> flag. The " +"E<.Cm user> keyword matches against the target username on the remote host. " +"The E<.Cm localuser> keyword matches against the name of the local user " +"running E<.Xr ssh 1> (this keyword may be useful in system-wide E<.Nm> " +"files)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm AddKeysToAgent" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether keys should be automatically added to a running E<.Xr ssh-" +"agent 1>. If this option is set to E<.Cm yes> and a key is loaded from a " +"file, the key and its passphrase are added to the agent with the default " +"lifetime, as if by E<.Xr ssh-add 1>. If this option is set to E<.Cm ask>, " +"E<.Xr ssh 1> will require confirmation using the E<.Ev SSH_ASKPASS> program " +"before adding a key (see E<.Xr ssh-add 1> for details). If this option is " +"set to E<.Cm confirm>, each use of the key must be confirmed, as if the E<." +"Fl c> option was specified to E<.Xr ssh-add 1>. If this option is set to E<." +"Cm no>, no keys are added to the agent. Alternately, this option may be " +"specified as a time interval using the format described in the E<.Sx TIME " +"FORMATS> section of E<.Xr sshd_config 5> to specify the key's lifetime in E<." +"Xr ssh-agent 1>, after which it will automatically be removed. The argument " +"must be E<.Cm no> (the default), E<.Cm yes>, E<.Cm confirm> (optionally " +"followed by a time interval), E<.Cm ask> or a time interval." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm AddressFamily" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies which address family to use when connecting. Valid arguments are " +"E<.Cm any> (the default), E<.Cm inet> (use IPv4 only), or E<.Cm inet6> (use " +"IPv6 only)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm BatchMode" +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"If set to E<.Cm yes>, user interaction such as password prompts and host key " +"confirmation requests will be disabled. This option is useful in scripts " +"and other batch jobs where no user is present to interact with E<.Xr ssh " +"1>. The argument must be E<.Cm yes> or E<.Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm BindAddress" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Use the specified address on the local machine as the source address of the " +"connection. Only useful on systems with more than one address." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm BindInterface" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Use the address of the specified interface on the local machine as the " +"source address of the connection." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm CanonicalDomains" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"When E<.Cm CanonicalizeHostname> is enabled, this option specifies the list " +"of domain suffixes in which to search for the specified destination host." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm CanonicalizeFallbackLocal" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether to fail with an error when hostname canonicalization " +"fails. The default, E<.Cm yes>, will attempt to look up the unqualified " +"hostname using the system resolver's search rules. A value of E<.Cm no> " +"will cause E<.Xr ssh 1> to fail instantly if E<.Cm CanonicalizeHostname> is " +"enabled and the target hostname cannot be found in any of the domains " +"specified by E<.Cm CanonicalDomains>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm CanonicalizeHostname" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Controls whether explicit hostname canonicalization is performed. The " +"default, E<.Cm no>, is not to perform any name rewriting and let the system " +"resolver handle all hostname lookups. If set to E<.Cm yes> then, for " +"connections that do not use a E<.Cm ProxyCommand> or E<.Cm ProxyJump>, E<.Xr " +"ssh 1> will attempt to canonicalize the hostname specified on the command " +"line using the E<.Cm CanonicalDomains> suffixes and E<.Cm " +"CanonicalizePermittedCNAMEs> rules. If E<.Cm CanonicalizeHostname> is set " +"to E<.Cm always>, then canonicalization is applied to proxied connections " +"too." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If this option is enabled, then the configuration files are processed again " +"using the new target name to pick up any new configuration in matching E<.Cm " +"Host> and E<.Cm Match> stanzas. A value of E<.Cm none> disables the use of " +"a E<.Cm ProxyJump> host." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm CanonicalizeMaxDots" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the maximum number of dot characters in a hostname before " +"canonicalization is disabled. The default, 1, allows a single dot (i.e. " +"hostname.subdomain)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm CanonicalizePermittedCNAMEs" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies rules to determine whether CNAMEs should be followed when " +"canonicalizing hostnames. The rules consist of one or more arguments of E<." +"Ar source_domain_list : Ns Ar target_domain_list>, where E<.Ar " +"source_domain_list> is a pattern-list of domains that may follow CNAMEs in " +"canonicalization, and E<.Ar target_domain_list> is a pattern-list of domains " +"that they may resolve to." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"For example, E<.Qq *.a.example.com:*.b.example.com,*.c.example.com> will " +"allow hostnames matching E<.Qq *.a.example.com> to be canonicalized to names " +"in the E<.Qq *.b.example.com> or E<.Qq *.c.example.com> domains." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"A single argument of E<.Qq none> causes no CNAMEs to be considered for " +"canonicalization. This is the default behaviour." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm CASignatureAlgorithms" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +msgid "" +"Specifies which algorithms are allowed for signing of certificates by " +"certificate authorities (CAs). The default is:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +#, no-wrap +msgid "" +"ssh-ed25519,ecdsa-sha2-nistp256,\n" +"ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,\n" +"sk-ssh-ed25519@openssh.com,\n" +"sk-ecdsa-sha2-nistp256@openssh.com,\n" +"rsa-sha2-512,rsa-sha2-256\n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +msgid "" +"If the specified list begins with a E<.Sq +> character, then the specified " +"algorithms will be appended to the default set instead of replacing them. " +"If the specified list begins with a E<.Sq -> character, then the specified " +"algorithms (including wildcards) will be removed from the default set " +"instead of replacing them." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"E<.Xr ssh 1> will not accept host certificates signed using algorithms other " +"than those specified." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm CertificateFile" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies a file from which the user's certificate is read. A corresponding " +"private key must be provided separately in order to use this certificate " +"either from an E<.Cm IdentityFile> directive or E<.Fl i> flag to E<.Xr ssh " +"1>, via E<.Xr ssh-agent 1>, or via a E<.Cm PKCS11Provider> or E<.Cm " +"SecurityKeyProvider>." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Arguments to E<.Cm CertificateFile> may use the tilde syntax to refer to a " +"user's home directory, the tokens described in the E<.Sx TOKENS> section and " +"environment variables as described in the E<.Sx ENVIRONMENT VARIABLES> " +"section." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"It is possible to have multiple certificate files specified in configuration " +"files; these certificates will be tried in sequence. Multiple E<.Cm " +"CertificateFile> directives will add to the list of certificates used for " +"authentication." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "Cm ChannelTimeout" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Specifies whether and how quickly E<.Xr ssh 1> should close inactive " +"channels. Timeouts are specified as one or more E<.Dq type=interval> pairs " +"separated by whitespace, where the E<.Dq type> must be a channel type name " +"(as described in the table below), optionally containing wildcard characters." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"The timeout value E<.Dq interval> is specified in seconds or may use any of " +"the units documented in the E<.Sx TIME FORMATS> section. For example, E<.Dq " +"session=5m> would cause the interactive session to terminate after five " +"minutes of inactivity. Specifying a zero value disables the inactivity " +"timeout." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "The available channel types include:" +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "Cm agent-connection" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "Open connections to E<.Xr ssh-agent 1>." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "Cm direct-tcpip , Cm direct-streamlocal@openssh.com" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Open TCP or Unix socket (respectively) connections that have been " +"established from a E<.Xr ssh 1> local forwarding, i.e.\\& E<.Cm " +"LocalForward> or E<.Cm DynamicForward>." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "Cm forwarded-tcpip , Cm forwarded-streamlocal@openssh.com" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Open TCP or Unix socket (respectively) connections that have been " +"established to a E<.Xr sshd 8> listening on behalf of a E<.Xr ssh 1> remote " +"forwarding, i.e.\\& E<.Cm RemoteForward>." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "Cm session" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"The interactive main session, including shell session, command execution, E<." +"Xr scp 1>, E<.Xr sftp 1>, etc." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "Cm tun-connection" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "Open E<.Cm TunnelForward> connections." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "Cm x11-connection" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "Open X11 forwarding sessions." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Note that in all the above cases, terminating an inactive session does not " +"guarantee to remove all resources associated with the session, e.g. shell " +"processes or X11 clients relating to the session may continue to execute." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Moreover, terminating an inactive channel or session does not necessarily " +"close the SSH connection, nor does it prevent a client from requesting " +"another channel of the same type. In particular, expiring an inactive " +"forwarding session does not prevent another identical forwarding from being " +"subsequently created." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "The default is not to expire channels of any type for inactivity." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm CheckHostIP" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If set to E<.Cm yes>, E<.Xr ssh 1> will additionally check the host IP " +"address in the E<.Pa known_hosts> file. This allows it to detect if a host " +"key changed due to DNS spoofing and will add addresses of destination hosts " +"to E<.Pa ~/.ssh/known_hosts> in the process, regardless of the setting of E<." +"Cm StrictHostKeyChecking>. If the option is set to E<.Cm no> (the default), " +"the check will not be executed." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm Ciphers" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +msgid "" +"Specifies the ciphers allowed and their order of preference. Multiple " +"ciphers must be comma-separated. If the specified list begins with a E<.Sq " +"+> character, then the specified ciphers will be appended to the default set " +"instead of replacing them. If the specified list begins with a E<.Sq -> " +"character, then the specified ciphers (including wildcards) will be removed " +"from the default set instead of replacing them. If the specified list " +"begins with a E<.Sq ^> character, then the specified ciphers will be placed " +"at the head of the default set." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The supported ciphers are:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "" +"3des-cbc\n" +"aes128-cbc\n" +"aes192-cbc\n" +"aes256-cbc\n" +"aes128-ctr\n" +"aes192-ctr\n" +"aes256-ctr\n" +"aes128-gcm@openssh.com\n" +"aes256-gcm@openssh.com\n" +"chacha20-poly1305@openssh.com\n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +msgid "The default is:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +#, no-wrap +msgid "" +"chacha20-poly1305@openssh.com,\n" +"aes128-ctr,aes192-ctr,aes256-ctr,\n" +"aes128-gcm@openssh.com,aes256-gcm@openssh.com\n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The list of available ciphers may also be obtained using E<.Qq ssh -Q " +"cipher>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ClearAllForwardings" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies that all local, remote, and dynamic port forwardings specified in " +"the configuration files or on the command line be cleared. This option is " +"primarily useful when used from the E<.Xr ssh 1> command line to clear port " +"forwardings set in configuration files, and is automatically set by E<.Xr " +"scp 1> and E<.Xr sftp 1>. The argument must be E<.Cm yes> or E<.Cm no> (the " +"default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm Compression" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether to use compression. The argument must be E<.Cm yes> or E<." +"Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ConnectionAttempts" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the number of tries (one per second) to make before exiting. The " +"argument must be an integer. This may be useful in scripts if the " +"connection sometimes fails. The default is 1." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ConnectTimeout" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the timeout (in seconds) used when connecting to the SSH server, " +"instead of using the default system TCP timeout. This timeout is applied " +"both to establishing the connection and to performing the initial SSH " +"protocol handshake and key exchange." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ControlMaster" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Enables the sharing of multiple sessions over a single network connection. " +"When set to E<.Cm yes>, E<.Xr ssh 1> will listen for connections on a " +"control socket specified using the E<.Cm ControlPath> argument. Additional " +"sessions can connect to this socket using the same E<.Cm ControlPath> with " +"E<.Cm ControlMaster> set to E<.Cm no> (the default). These sessions will " +"try to reuse the master instance's network connection rather than initiating " +"new ones, but will fall back to connecting normally if the control socket " +"does not exist, or is not listening." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Setting this to E<.Cm ask> will cause E<.Xr ssh 1> to listen for control " +"connections, but require confirmation using E<.Xr ssh-askpass 1>. If the E<." +"Cm ControlPath> cannot be opened, E<.Xr ssh 1> will continue without " +"connecting to a master instance." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"X11 and E<.Xr ssh-agent 1> forwarding is supported over these multiplexed " +"connections, however the display and agent forwarded will be the one " +"belonging to the master connection i.e. it is not possible to forward " +"multiple displays or agents." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Two additional options allow for opportunistic multiplexing: try to use a " +"master connection but fall back to creating a new one if one does not " +"already exist. These options are: E<.Cm auto> and E<.Cm autoask>. The " +"latter requires confirmation like the E<.Cm ask> option." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ControlPath" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specify the path to the control socket used for connection sharing as " +"described in the E<.Cm ControlMaster> section above or the string E<.Cm " +"none> to disable connection sharing. Arguments to E<.Cm ControlPath> may " +"use the tilde syntax to refer to a user's home directory, the tokens " +"described in the E<.Sx TOKENS> section and environment variables as " +"described in the E<.Sx ENVIRONMENT VARIABLES> section. It is recommended " +"that any E<.Cm ControlPath> used for opportunistic connection sharing " +"include at least %h, %p, and %r (or alternatively %C) and be placed in a " +"directory that is not writable by other users. This ensures that shared " +"connections are uniquely identified." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ControlPersist" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"When used in conjunction with E<.Cm ControlMaster>, specifies that the " +"master connection should remain open in the background (waiting for future " +"client connections) after the initial client connection has been closed. " +"If set to E<.Cm no> (the default), then the master connection will not be " +"placed into the background, and will close as soon as the initial client " +"connection is closed. If set to E<.Cm yes> or 0, then the master connection " +"will remain in the background indefinitely (until killed or closed via a " +"mechanism such as the E<.Qq ssh -O exit>). If set to a time in seconds, or " +"a time in any of the formats documented in E<.Xr sshd_config 5>, then the " +"backgrounded master connection will automatically terminate after it has " +"remained idle (with no client connections) for the specified time." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm DynamicForward" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies that a TCP port on the local machine be forwarded over the secure " +"channel, and the application protocol is then used to determine where to " +"connect to from the remote machine." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The argument must be E<.Sm off> E<.Oo Ar bind_address : Oc Ar port>. E<.Sm " +"on> IPv6 addresses can be specified by enclosing addresses in square " +"brackets. By default, the local port is bound in accordance with the E<.Cm " +"GatewayPorts> setting. However, an explicit E<.Ar bind_address> may be used " +"to bind the connection to a specific address. The E<.Ar bind_address> of E<." +"Cm localhost> indicates that the listening port be bound for local use only, " +"while an empty address or E<.Sq *> indicates that the port should be " +"available from all interfaces." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Currently the SOCKS4 and SOCKS5 protocols are supported, and E<.Xr ssh 1> " +"will act as a SOCKS server. Multiple forwardings may be specified, and " +"additional forwardings can be given on the command line. Only the superuser " +"can forward privileged ports." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm EnableEscapeCommandline" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Enables the command line option in the E<.Cm EscapeChar> menu for " +"interactive sessions (default E<.Ql ~C>). By default, the command line is " +"disabled." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm EnableSSHKeysign" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Setting this option to E<.Cm yes> in the global client configuration file E<." +"Pa /etc/ssh/ssh_config> enables the use of the helper program E<.Xr ssh-" +"keysign 8> during E<.Cm HostbasedAuthentication>. The argument must be E<." +"Cm yes> or E<.Cm no> (the default). This option should be placed in the non-" +"hostspecific section. See E<.Xr ssh-keysign 8> for more information." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm EscapeChar" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Sets the escape character (default: E<.Ql ~>). The escape character can " +"also be set on the command line. The argument should be a single character, " +"E<.Ql ^> followed by a letter, or E<.Cm none> to disable the escape " +"character entirely (making the connection transparent for binary data)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ExitOnForwardFailure" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether E<.Xr ssh 1> should terminate the connection if it cannot " +"set up all requested dynamic, tunnel, local, and remote port forwardings, (e." +"g.\\& if either end is unable to bind and listen on a specified port). Note " +"that E<.Cm ExitOnForwardFailure> does not apply to connections made over " +"port forwardings and will not, for example, cause E<.Xr ssh 1> to exit if " +"TCP connections to the ultimate forwarding destination fail. The argument " +"must be E<.Cm yes> or E<.Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm FingerprintHash" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the hash algorithm used when displaying key fingerprints. Valid " +"options are: E<.Cm md5> and E<.Cm sha256> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ForkAfterAuthentication" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Requests E<.Nm ssh> to go to background just before command execution. This " +"is useful if E<.Nm ssh> is going to ask for passwords or passphrases, but " +"the user wants it in the background. This implies the E<.Cm StdinNull> " +"configuration option being set to E<.Dq yes>. The recommended way to start " +"X11 programs at a remote site is with something like E<.Ic ssh -f host " +"xterm>, which is the same as E<.Ic ssh host xterm> if the E<.Cm " +"ForkAfterAuthentication> configuration option is set to E<.Dq yes>." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If the E<.Cm ExitOnForwardFailure> configuration option is set to E<.Dq " +"yes>, then a client started with the E<.Cm ForkAfterAuthentication> " +"configuration option being set to E<.Dq yes> will wait for all remote port " +"forwards to be successfully established before placing itself in the " +"background. The argument to this keyword must be E<.Cm yes> (same as the E<." +"Fl f> option) or E<.Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ForwardAgent" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether the connection to the authentication agent (if any) will " +"be forwarded to the remote machine. The argument may be E<.Cm yes>, E<.Cm " +"no> (the default), an explicit path to an agent socket or the name of an " +"environment variable (beginning with E<.Sq $>) in which to find the path." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Agent forwarding should be enabled with caution. Users with the ability to " +"bypass file permissions on the remote host (for the agent's Unix-domain " +"socket) can access the local agent through the forwarded connection. An " +"attacker cannot obtain key material from the agent, however they can perform " +"operations on the keys that enable them to authenticate using the identities " +"loaded into the agent." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ForwardX11" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether X11 connections will be automatically redirected over the " +"secure channel and E<.Ev DISPLAY> set. The argument must be E<.Cm yes> or " +"E<.Cm no> (the default)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"X11 forwarding should be enabled with caution. Users with the ability to " +"bypass file permissions on the remote host (for the user's X11 authorization " +"database) can access the local X11 display through the forwarded " +"connection. An attacker may then be able to perform activities such as " +"keystroke monitoring if the E<.Cm ForwardX11Trusted> option is also enabled." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ForwardX11Timeout" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specify a timeout for untrusted X11 forwarding using the format described in " +"the E<.Sx TIME FORMATS> section of E<.Xr sshd_config 5>. X11 connections " +"received by E<.Xr ssh 1> after this time will be refused. Setting E<.Cm " +"ForwardX11Timeout> to zero will disable the timeout and permit X11 " +"forwarding for the life of the connection. The default is to disable " +"untrusted X11 forwarding after twenty minutes has elapsed." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ForwardX11Trusted" +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"If this option is set to E<.Cm yes>, remote X11 clients will have full " +"access to the original X11 display." +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"If this option is set to E<.Cm no> (the default), remote X11 clients will be " +"considered untrusted and prevented from stealing or tampering with data " +"belonging to trusted X11 clients. Furthermore, the E<.Xr xauth 1> token " +"used for the session will be set to expire after 20 minutes. Remote clients " +"will be refused access after this time." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"See the X11 SECURITY extension specification for full details on the " +"restrictions imposed on untrusted clients." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm GatewayPorts" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether remote hosts are allowed to connect to local forwarded " +"ports. By default, E<.Xr ssh 1> binds local port forwardings to the " +"loopback address. This prevents other remote hosts from connecting to " +"forwarded ports. E<.Cm GatewayPorts> can be used to specify that ssh should " +"bind local port forwardings to the wildcard address, thus allowing remote " +"hosts to connect to forwarded ports. The argument must be E<.Cm yes> or E<." +"Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm GlobalKnownHostsFile" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies one or more files to use for the global host key database, " +"separated by whitespace. The default is E<.Pa /etc/ssh/ssh_known_hosts>, E<." +"Pa /etc/ssh/ssh_known_hosts2>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm GSSAPIAuthentication" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether user authentication based on GSSAPI is allowed. The " +"default is E<.Cm no>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm GSSAPIDelegateCredentials" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Forward (delegate) credentials to the server. The default is E<.Cm no>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm HashKnownHosts" +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Indicates that E<.Xr ssh 1> should hash host names and addresses when they " +"are added to E<.Pa ~/.ssh/known_hosts>. These hashed names may be used " +"normally by E<.Xr ssh 1> and E<.Xr sshd 8>, but they do not visually reveal " +"identifying information if the file's contents are disclosed. The default " +"is E<.Cm no>. Note that existing names and addresses in known hosts files " +"will not be converted automatically, but may be manually hashed using E<.Xr " +"ssh-keygen 1>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm HostbasedAcceptedAlgorithms" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable mageia-cauldron +msgid "" +"Specifies the signature algorithms that will be used for hostbased " +"authentication as a comma-separated list of patterns. Alternately if the " +"specified list begins with a E<.Sq +> character, then the specified " +"signature algorithms will be appended to the default set instead of " +"replacing them. If the specified list begins with a E<.Sq -> character, " +"then the specified signature algorithms (including wildcards) will be " +"removed from the default set instead of replacing them. If the specified " +"list begins with a E<.Sq ^> character, then the specified signature " +"algorithms will be placed at the head of the default set. The default for " +"this option is:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable mageia-cauldron +#, no-wrap +msgid "" +"ssh-ed25519-cert-v01@openssh.com,\n" +"ecdsa-sha2-nistp256-cert-v01@openssh.com,\n" +"ecdsa-sha2-nistp384-cert-v01@openssh.com,\n" +"ecdsa-sha2-nistp521-cert-v01@openssh.com,\n" +"sk-ssh-ed25519-cert-v01@openssh.com,\n" +"sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,\n" +"rsa-sha2-512-cert-v01@openssh.com,\n" +"rsa-sha2-256-cert-v01@openssh.com,\n" +"ssh-ed25519,\n" +"ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,\n" +"sk-ssh-ed25519@openssh.com,\n" +"sk-ecdsa-sha2-nistp256@openssh.com,\n" +"rsa-sha2-512,rsa-sha2-256\n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The E<.Fl Q> option of E<.Xr ssh 1> may be used to list supported signature " +"algorithms. This was formerly named HostbasedKeyTypes." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm HostbasedAuthentication" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether to try rhosts based authentication with public key " +"authentication. The argument must be E<.Cm yes> or E<.Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm HostKeyAlgorithms" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the host key signature algorithms that the client wants to use in " +"order of preference. Alternately if the specified list begins with a E<.Sq " +"+> character, then the specified signature algorithms will be appended to " +"the default set instead of replacing them. If the specified list begins " +"with a E<.Sq -> character, then the specified signature algorithms " +"(including wildcards) will be removed from the default set instead of " +"replacing them. If the specified list begins with a E<.Sq ^> character, " +"then the specified signature algorithms will be placed at the head of the " +"default set. The default for this option is:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "" +"ssh-ed25519-cert-v01@openssh.com,\n" +"ecdsa-sha2-nistp256-cert-v01@openssh.com,\n" +"ecdsa-sha2-nistp384-cert-v01@openssh.com,\n" +"ecdsa-sha2-nistp521-cert-v01@openssh.com,\n" +"sk-ssh-ed25519-cert-v01@openssh.com,\n" +"sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,\n" +"rsa-sha2-512-cert-v01@openssh.com,\n" +"rsa-sha2-256-cert-v01@openssh.com,\n" +"ssh-ed25519,\n" +"ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,\n" +"sk-ecdsa-sha2-nistp256@openssh.com,\n" +"sk-ssh-ed25519@openssh.com,\n" +"rsa-sha2-512,rsa-sha2-256\n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If hostkeys are known for the destination host then this default is modified " +"to prefer their algorithms." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The list of available signature algorithms may also be obtained using E<.Qq " +"ssh -Q HostKeyAlgorithms>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm HostKeyAlias" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies an alias that should be used instead of the real host name when " +"looking up or saving the host key in the host key database files and when " +"validating host certificates. This option is useful for tunneling SSH " +"connections or for multiple servers running on a single host." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm Hostname" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the real host name to log into. This can be used to specify " +"nicknames or abbreviations for hosts. Arguments to E<.Cm Hostname> accept " +"the tokens described in the E<.Sx TOKENS> section. Numeric IP addresses are " +"also permitted (both on the command line and in E<.Cm Hostname> " +"specifications). The default is the name given on the command line." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm IdentitiesOnly" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies that E<.Xr ssh 1> should only use the configured authentication " +"identity and certificate files (either the default files, or those " +"explicitly configured in the E<.Nm> files or passed on the E<.Xr ssh 1> " +"command-line), even if E<.Xr ssh-agent 1> or a E<.Cm PKCS11Provider> or E<." +"Cm SecurityKeyProvider> offers more identities. The argument to this " +"keyword must be E<.Cm yes> or E<.Cm no> (the default). This option is " +"intended for situations where ssh-agent offers many different identities." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm IdentityAgent" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the E<.Ux Ns -domain> socket used to communicate with the " +"authentication agent." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"This option overrides the E<.Ev SSH_AUTH_SOCK> environment variable and can " +"be used to select a specific agent. Setting the socket name to E<.Cm none> " +"disables the use of an authentication agent. If the string E<.Qq " +"SSH_AUTH_SOCK> is specified, the location of the socket will be read from " +"the E<.Ev SSH_AUTH_SOCK> environment variable. Otherwise if the specified " +"value begins with a E<.Sq $> character, then it will be treated as an " +"environment variable containing the location of the socket." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Arguments to E<.Cm IdentityAgent> may use the tilde syntax to refer to a " +"user's home directory, the tokens described in the E<.Sx TOKENS> section and " +"environment variables as described in the E<.Sx ENVIRONMENT VARIABLES> " +"section." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm IdentityFile" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies a file from which the user's DSA, ECDSA, authenticator-hosted " +"ECDSA, Ed25519, authenticator-hosted Ed25519 or RSA authentication identity " +"is read. You can also specify a public key file to use the corresponding " +"private key that is loaded in E<.Xr ssh-agent 1> when the private key file " +"is not present locally. The default is E<.Pa ~/.ssh/id_rsa>, E<.Pa ~/.ssh/" +"id_ecdsa>, E<.Pa ~/.ssh/id_ecdsa_sk>, E<.Pa ~/.ssh/id_ed25519>, E<.Pa ~/.ssh/" +"id_ed25519_sk> and E<.Pa ~/.ssh/id_dsa>. Additionally, any identities " +"represented by the authentication agent will be used for authentication " +"unless E<.Cm IdentitiesOnly> is set. If no certificates have been " +"explicitly specified by E<.Cm CertificateFile>, E<.Xr ssh 1> will try to " +"load certificate information from the filename obtained by appending E<.Pa -" +"cert.pub> to the path of a specified E<.Cm IdentityFile>." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Arguments to E<.Cm IdentityFile> may use the tilde syntax to refer to a " +"user's home directory or the tokens described in the E<.Sx TOKENS> section. " +"Alternately an argument of E<.Cm none> may be used to indicate no identity " +"files should be loaded." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"It is possible to have multiple identity files specified in configuration " +"files; all these identities will be tried in sequence. Multiple E<.Cm " +"IdentityFile> directives will add to the list of identities tried (this " +"behaviour differs from that of other configuration directives)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"E<.Cm IdentityFile> may be used in conjunction with E<.Cm IdentitiesOnly> to " +"select which identities in an agent are offered during authentication. E<." +"Cm IdentityFile> may also be used in conjunction with E<.Cm CertificateFile> " +"in order to provide any certificate also needed for authentication with the " +"identity." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm IgnoreUnknown" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies a pattern-list of unknown options to be ignored if they are " +"encountered in configuration parsing. This may be used to suppress errors " +"if E<.Nm> contains options that are unrecognised by E<.Xr ssh 1>. It is " +"recommended that E<.Cm IgnoreUnknown> be listed early in the configuration " +"file as it will not be applied to unknown options that appear before it." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm Include" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Include the specified configuration file(s). Multiple pathnames may be " +"specified and each pathname may contain E<.Xr glob 7> wildcards and, for " +"user configurations, shell-like E<.Sq ~> references to user home " +"directories. Wildcards will be expanded and processed in lexical order. " +"Files without absolute paths are assumed to be in E<.Pa ~/.ssh> if included " +"in a user configuration file or E<.Pa /etc/ssh> if included from the system " +"configuration file. E<.Cm Include> directive may appear inside a E<.Cm " +"Match> or E<.Cm Host> block to perform conditional inclusion." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm IPQoS" +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Specifies the IPv4 type-of-service or DSCP class for connections. Accepted " +"values are E<.Cm af11>, E<.Cm af12>, E<.Cm af13>, E<.Cm af21>, E<.Cm af22>, " +"E<.Cm af23>, E<.Cm af31>, E<.Cm af32>, E<.Cm af33>, E<.Cm af41>, E<.Cm " +"af42>, E<.Cm af43>, E<.Cm cs0>, E<.Cm cs1>, E<.Cm cs2>, E<.Cm cs3>, E<.Cm " +"cs4>, E<.Cm cs5>, E<.Cm cs6>, E<.Cm cs7>, E<.Cm ef>, E<.Cm le>, E<.Cm " +"lowdelay>, E<.Cm throughput>, E<.Cm reliability>, a numeric value, or E<.Cm " +"none> to use the operating system default. This option may take one or two " +"arguments, separated by whitespace. If one argument is specified, it is " +"used as the packet class unconditionally. If two values are specified, the " +"first is automatically selected for interactive sessions and the second for " +"non-interactive sessions. The default is E<.Cm af21> (Low-Latency Data) " +"for interactive sessions and E<.Cm cs1> (Lower Effort) for non-interactive " +"sessions." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm KbdInteractiveAuthentication" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether to use keyboard-interactive authentication. The argument " +"to this keyword must be E<.Cm yes> (the default) or E<.Cm no>. E<.Cm " +"ChallengeResponseAuthentication> is a deprecated alias for this." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm KbdInteractiveDevices" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the list of methods to use in keyboard-interactive " +"authentication. Multiple method names must be comma-separated. The default " +"is to use the server specified list. The methods available vary depending " +"on what the server supports. For an OpenSSH server, it may be zero or more " +"of: E<.Cm bsdauth> and E<.Cm pam>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm KexAlgorithms" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +msgid "" +"Specifies the available KEX (Key Exchange) algorithms. Multiple algorithms " +"must be comma-separated. If the specified list begins with a E<.Sq +> " +"character, then the specified algorithms will be appended to the default set " +"instead of replacing them. If the specified list begins with a E<.Sq -> " +"character, then the specified algorithms (including wildcards) will be " +"removed from the default set instead of replacing them. If the specified " +"list begins with a E<.Sq ^> character, then the specified algorithms will be " +"placed at the head of the default set. The default is:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +#, no-wrap +msgid "" +"sntrup761x25519-sha512@openssh.com,\n" +"curve25519-sha256,curve25519-sha256@libssh.org,\n" +"ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,\n" +"diffie-hellman-group-exchange-sha256,\n" +"diffie-hellman-group16-sha512,\n" +"diffie-hellman-group18-sha512,\n" +"diffie-hellman-group14-sha256\n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The list of available key exchange algorithms may also be obtained using E<." +"Qq ssh -Q kex>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm KnownHostsCommand" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies a command to use to obtain a list of host keys, in addition to " +"those listed in E<.Cm UserKnownHostsFile> and E<.Cm GlobalKnownHostsFile>. " +"This command is executed after the files have been read. It may write host " +"key lines to standard output in identical format to the usual files " +"(described in the E<.Sx VERIFYING HOST KEYS> section in E<.Xr ssh 1>). " +"Arguments to E<.Cm KnownHostsCommand> accept the tokens described in the E<." +"Sx TOKENS> section. The command may be invoked multiple times per " +"connection: once when preparing the preference list of host key algorithms " +"to use, again to obtain the host key for the requested host name and, if E<." +"Cm CheckHostIP> is enabled, one more time to obtain the host key matching " +"the server's address. If the command exits abnormally or returns a non-zero " +"exit status then the connection is terminated." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm LocalCommand" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies a command to execute on the local machine after successfully " +"connecting to the server. The command string extends to the end of the " +"line, and is executed with the user's shell. Arguments to E<.Cm " +"LocalCommand> accept the tokens described in the E<.Sx TOKENS> section." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The command is run synchronously and does not have access to the session of " +"the E<.Xr ssh 1> that spawned it. It should not be used for interactive " +"commands." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"This directive is ignored unless E<.Cm PermitLocalCommand> has been enabled." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm LocalForward" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies that a TCP port on the local machine be forwarded over the secure " +"channel to the specified host and port from the remote machine. The first " +"argument specifies the listener and may be E<.Sm off> E<.Oo Ar " +"bind_address : Oc Ar port> E<.Sm on> or a Unix domain socket path. The " +"second argument is the destination and may be E<.Ar host : Ns Ar hostport> " +"or a Unix domain socket path if the remote host supports it." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"IPv6 addresses can be specified by enclosing addresses in square brackets. " +"Multiple forwardings may be specified, and additional forwardings can be " +"given on the command line. Only the superuser can forward privileged " +"ports. By default, the local port is bound in accordance with the E<.Cm " +"GatewayPorts> setting. However, an explicit E<.Ar bind_address> may be used " +"to bind the connection to a specific address. The E<.Ar bind_address> of E<." +"Cm localhost> indicates that the listening port be bound for local use only, " +"while an empty address or E<.Sq *> indicates that the port should be " +"available from all interfaces. Unix domain socket paths may use the tokens " +"described in the E<.Sx TOKENS> section and environment variables as " +"described in the E<.Sx ENVIRONMENT VARIABLES> section." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm LogLevel" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Gives the verbosity level that is used when logging messages from E<.Xr ssh " +"1>. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, " +"DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1 are " +"equivalent. DEBUG2 and DEBUG3 each specify higher levels of verbose output." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm LogVerbose" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specify one or more overrides to LogLevel. An override consists of a " +"pattern lists that matches the source file, function and line number to " +"force detailed logging for. For example, an override pattern of:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "kex.c:*:1000,*:kex_exchange_identification():*,packet.c:*\n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"would enable detailed logging for line 1000 of E<.Pa kex.c>, everything in " +"the E<.Fn kex_exchange_identification> function, and all code in the E<.Pa " +"packet.c> file. This option is intended for debugging and no overrides are " +"enabled by default." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm MACs" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +msgid "" +"Specifies the MAC (message authentication code) algorithms in order of " +"preference. The MAC algorithm is used for data integrity protection. " +"Multiple algorithms must be comma-separated. If the specified list begins " +"with a E<.Sq +> character, then the specified algorithms will be appended to " +"the default set instead of replacing them. If the specified list begins " +"with a E<.Sq -> character, then the specified algorithms (including " +"wildcards) will be removed from the default set instead of replacing them. " +"If the specified list begins with a E<.Sq ^> character, then the specified " +"algorithms will be placed at the head of the default set." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The algorithms that contain E<.Qq -etm> calculate the MAC after encryption " +"(encrypt-then-mac). These are considered safer and their use recommended." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +#, no-wrap +msgid "" +"umac-64-etm@openssh.com,umac-128-etm@openssh.com,\n" +"hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,\n" +"hmac-sha1-etm@openssh.com,\n" +"umac-64@openssh.com,umac-128@openssh.com,\n" +"hmac-sha2-256,hmac-sha2-512,hmac-sha1\n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The list of available MAC algorithms may also be obtained using E<.Qq ssh -Q " +"mac>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm NoHostAuthenticationForLocalhost" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Disable host authentication for localhost (loopback addresses). The " +"argument to this keyword must be E<.Cm yes> or E<.Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm NumberOfPasswordPrompts" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the number of password prompts before giving up. The argument to " +"this keyword must be an integer. The default is 3." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "Cm ObscureKeystrokeTiming" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Specifies whether E<.Xr ssh 1> should try to obscure inter-keystroke timings " +"from passive observers of network traffic. If enabled, then for interactive " +"sessions, E<.Xr ssh 1> will send keystrokes at fixed intervals of a few tens " +"of milliseconds and will send fake keystroke packets for some time after " +"typing ceases. The argument to this keyword must be E<.Cm yes>, E<.Cm no> " +"or an interval specifier of the form E<.Cm interval:milliseconds> (e.g.\\& " +"E<.Cm interval:80> for 80 milliseconds). The default is to obscure " +"keystrokes using a 20ms packet interval. Note that smaller intervals will " +"result in higher fake keystroke packet rates." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm PasswordAuthentication" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether to use password authentication. The argument to this " +"keyword must be E<.Cm yes> (the default) or E<.Cm no>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm PermitLocalCommand" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Allow local command execution via the E<.Ic LocalCommand> option or using " +"the E<.Ic !\\& Ns Ar command> escape sequence in E<.Xr ssh 1>. The argument " +"must be E<.Cm yes> or E<.Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm PermitRemoteOpen" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the destinations to which remote TCP port forwarding is permitted " +"when E<.Cm RemoteForward> is used as a SOCKS proxy. The forwarding " +"specification must be one of the following forms:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "E<.Cm PermitRemoteOpen> E<.Sm off> E<.Ar host : port> E<.Sm on>" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "E<.Cm PermitRemoteOpen> E<.Sm off> E<.Ar IPv4_addr : port> E<.Sm on>" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"E<.Cm PermitRemoteOpen> E<.Sm off> E<.Ar \\&[ IPv6_addr \\&] : port> E<.Sm " +"on>" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Multiple forwards may be specified by separating them with whitespace. An " +"argument of E<.Cm any> can be used to remove all restrictions and permit any " +"forwarding requests. An argument of E<.Cm none> can be used to prohibit all " +"forwarding requests. The wildcard E<.Sq *> can be used for host or port to " +"allow all hosts or ports respectively. Otherwise, no pattern matching or " +"address lookups are performed on supplied names." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm PKCS11Provider" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies which PKCS#11 provider to use or E<.Cm none> to indicate that no " +"provider should be used (the default). The argument to this keyword is a " +"path to the PKCS#11 shared library E<.Xr ssh 1> should use to communicate " +"with a PKCS#11 token providing keys for user authentication." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm Port" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the port number to connect on the remote host. The default is 22." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm PreferredAuthentications" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the order in which the client should try authentication methods. " +"This allows a client to prefer one method (e.g.\\& E<.Cm keyboard-" +"interactive>) over another method (e.g.\\& E<.Cm password>). The default " +"is:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "" +"gssapi-with-mic,hostbased,publickey,\n" +"keyboard-interactive,password\n" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ProxyCommand" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the command to use to connect to the server. The command string " +"extends to the end of the line, and is executed using the user's shell E<.Ql " +"exec> directive to avoid a lingering shell process." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Arguments to E<.Cm ProxyCommand> accept the tokens described in the E<.Sx " +"TOKENS> section. The command can be basically anything, and should read " +"from its standard input and write to its standard output. It should " +"eventually connect an E<.Xr sshd 8> server running on some machine, or " +"execute E<.Ic sshd -i> somewhere. Host key management will be done using " +"the E<.Cm Hostname> of the host being connected (defaulting to the name " +"typed by the user). Setting the command to E<.Cm none> disables this option " +"entirely. Note that E<.Cm CheckHostIP> is not available for connects with a " +"proxy command." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"This directive is useful in conjunction with E<.Xr nc 1> and its proxy " +"support. For example, the following directive would connect via an HTTP " +"proxy at 192.0.2.0:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p\n" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ProxyJump" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies one or more jump proxies as either E<.Xo> E<.Sm off> E<.Op Ar user " +"No @> E<.Ar host> E<.Op : Ns Ar port> E<.Sm on> or an ssh URI E<.Xc>. " +"Multiple proxies may be separated by comma characters and will be visited " +"sequentially. Setting this option will cause E<.Xr ssh 1> to connect to the " +"target host by first making a E<.Xr ssh 1> connection to the specified E<.Cm " +"ProxyJump> host and then establishing a TCP forwarding to the ultimate " +"target from there. Setting the host to E<.Cm none> disables this option " +"entirely." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Note that this option will compete with the E<.Cm ProxyCommand> option - " +"whichever is specified first will prevent later instances of the other from " +"taking effect." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Note also that the configuration for the destination host (either supplied " +"via the command-line or the configuration file) is not generally applied to " +"jump hosts. E<.Pa ~/.ssh/config> should be used if specific configuration " +"is required for jump hosts." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ProxyUseFdpass" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies that E<.Cm ProxyCommand> will pass a connected file descriptor " +"back to E<.Xr ssh 1> instead of continuing to execute and pass data. The " +"default is E<.Cm no>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm PubkeyAcceptedAlgorithms" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable +msgid "" +"Specifies the signature algorithms that will be used for public key " +"authentication as a comma-separated list of patterns. If the specified list " +"begins with a E<.Sq +> character, then the algorithms after it will be " +"appended to the default instead of replacing it. If the specified list " +"begins with a E<.Sq -> character, then the specified algorithms (including " +"wildcards) will be removed from the default set instead of replacing them. " +"If the specified list begins with a E<.Sq ^> character, then the specified " +"algorithms will be placed at the head of the default set. The default for " +"this option is:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The list of available signature algorithms may also be obtained using E<.Qq " +"ssh -Q PubkeyAcceptedAlgorithms>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm PubkeyAuthentication" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether to try public key authentication. The argument to this " +"keyword must be E<.Cm yes> (the default), E<.Cm no>, E<.Cm unbound> or E<.Cm " +"host-bound>. The final two options enable public key authentication while " +"respectively disabling or enabling the OpenSSH host-bound authentication " +"protocol extension required for restricted E<.Xr ssh-agent 1> forwarding." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm RekeyLimit" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the maximum amount of data that may be transmitted or received " +"before the session key is renegotiated, optionally followed by a maximum " +"amount of time that may pass before the session key is renegotiated. The " +"first argument is specified in bytes and may have a suffix of E<.Sq K>, E<." +"Sq M>, or E<.Sq G> to indicate Kilobytes, Megabytes, or Gigabytes, " +"respectively. The default is between E<.Sq 1G> and E<.Sq 4G>, depending on " +"the cipher. The optional second value is specified in seconds and may use " +"any of the units documented in the TIME FORMATS section of E<.Xr sshd_config " +"5>. The default value for E<.Cm RekeyLimit> is E<.Cm default none>, which " +"means that rekeying is performed after the cipher's default amount of data " +"has been sent or received and no time based rekeying is done." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm RemoteCommand" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies a command to execute on the remote machine after successfully " +"connecting to the server. The command string extends to the end of the " +"line, and is executed with the user's shell. Arguments to E<.Cm " +"RemoteCommand> accept the tokens described in the E<.Sx TOKENS> section." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm RemoteForward" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies that a TCP port on the remote machine be forwarded over the secure " +"channel. The remote port may either be forwarded to a specified host and " +"port from the local machine, or may act as a SOCKS 4/5 proxy that allows a " +"remote client to connect to arbitrary destinations from the local machine. " +"The first argument is the listening specification and may be E<.Sm off> E<." +"Oo Ar bind_address : Oc Ar port> E<.Sm on> or, if the remote host supports " +"it, a Unix domain socket path. If forwarding to a specific destination then " +"the second argument must be E<.Ar host : Ns Ar hostport> or a Unix domain " +"socket path, otherwise if no destination argument is specified then the " +"remote forwarding will be established as a SOCKS proxy. When acting as a " +"SOCKS proxy, the destination of the connection can be restricted by E<.Cm " +"PermitRemoteOpen>." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"IPv6 addresses can be specified by enclosing addresses in square brackets. " +"Multiple forwardings may be specified, and additional forwardings can be " +"given on the command line. Privileged ports can be forwarded only when " +"logging in as root on the remote machine. Unix domain socket paths may use " +"the tokens described in the E<.Sx TOKENS> section and environment variables " +"as described in the E<.Sx ENVIRONMENT VARIABLES> section." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If the E<.Ar port> argument is 0, the listen port will be dynamically " +"allocated on the server and reported to the client at run time." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If the E<.Ar bind_address> is not specified, the default is to only bind to " +"loopback addresses. If the E<.Ar bind_address> is E<.Ql *> or an empty " +"string, then the forwarding is requested to listen on all interfaces. " +"Specifying a remote E<.Ar bind_address> will only succeed if the server's E<." +"Cm GatewayPorts> option is enabled (see E<.Xr sshd_config 5>)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm RequestTTY" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether to request a pseudo-tty for the session. The argument may " +"be one of: E<.Cm no> (never request a TTY), E<.Cm yes> (always request a TTY " +"when standard input is a TTY), E<.Cm force> (always request a TTY) or E<.Cm " +"auto> (request a TTY when opening a login session). This option mirrors the " +"E<.Fl t> and E<.Fl T> flags for E<.Xr ssh 1>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm RequiredRSASize" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the minimum RSA key size (in bits) that E<.Xr ssh 1> will accept. " +"User authentication keys smaller than this limit will be ignored. Servers " +"that present host keys smaller than this limit will cause the connection to " +"be terminated. The default is E<.Cm 1024> bits. Note that this limit may " +"only be raised from the default." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm RevokedHostKeys" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Specifies revoked host public keys. Keys listed in this file will be " +"refused for host authentication. Note that if this file does not exist or " +"is not readable, then host authentication will be refused for all hosts. " +"Keys may be specified as a text file, listing one public key per line, or as " +"an OpenSSH Key Revocation List (KRL) as generated by E<.Xr ssh-keygen 1>. " +"For more information on KRLs, see the KEY REVOCATION LISTS section in E<.Xr " +"ssh-keygen 1>. Arguments to E<.Cm RevokedHostKeys> may use the tilde syntax " +"to refer to a user's home directory, the tokens described in the E<.Sx " +"TOKENS> section and environment variables as described in the E<.Sx " +"ENVIRONMENT VARIABLES> section." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm SecurityKeyProvider" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies a path to a library that will be used when loading any FIDO " +"authenticator-hosted keys, overriding the default of using the built-in USB " +"HID support." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If the specified value begins with a E<.Sq $> character, then it will be " +"treated as an environment variable containing the path to the library." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm SendEnv" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies what variables from the local E<.Xr environ 7> should be sent to " +"the server. The server must also support it, and the server must be " +"configured to accept these environment variables. Note that the E<.Ev TERM> " +"environment variable is always sent whenever a pseudo-terminal is requested " +"as it is required by the protocol. Refer to E<.Cm AcceptEnv> in E<.Xr " +"sshd_config 5> for how to configure the server. Variables are specified by " +"name, which may contain wildcard characters. Multiple environment variables " +"may be separated by whitespace or spread across multiple E<.Cm SendEnv> " +"directives." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"It is possible to clear previously set E<.Cm SendEnv> variable names by " +"prefixing patterns with E<.Pa ->. The default is not to send any " +"environment variables." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ServerAliveCountMax" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Sets the number of server alive messages (see below) which may be sent " +"without E<.Xr ssh 1> receiving any messages back from the server. If this " +"threshold is reached while server alive messages are being sent, ssh will " +"disconnect from the server, terminating the session. It is important to " +"note that the use of server alive messages is very different from E<.Cm " +"TCPKeepAlive> (below). The server alive messages are sent through the " +"encrypted channel and therefore will not be spoofable. The TCP keepalive " +"option enabled by E<.Cm TCPKeepAlive> is spoofable. The server alive " +"mechanism is valuable when the client or server depend on knowing when a " +"connection has become unresponsive." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The default value is 3. If, for example, E<.Cm ServerAliveInterval> (see " +"below) is set to 15 and E<.Cm ServerAliveCountMax> is left at the default, " +"if the server becomes unresponsive, ssh will disconnect after approximately " +"45 seconds." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm ServerAliveInterval" +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Sets a timeout interval in seconds after which if no data has been received " +"from the server, E<.Xr ssh 1> will send a message through the encrypted " +"channel to request a response from the server. The default is 0, indicating " +"that these messages will not be sent to the server." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm SessionType" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"May be used to either request invocation of a subsystem on the remote " +"system, or to prevent the execution of a remote command at all. The latter " +"is useful for just forwarding ports. The argument to this keyword must be " +"E<.Cm none> (same as the E<.Fl N> option), E<.Cm subsystem> (same as the E<." +"Fl s> option) or E<.Cm default> (shell or command execution)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm SetEnv" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Directly specify one or more environment variables and their contents to be " +"sent to the server. Similarly to E<.Cm SendEnv>, with the exception of the " +"E<.Ev TERM> variable, the server must be prepared to accept the environment " +"variable." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm StdinNull" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Redirects stdin from E<.Pa /dev/null> (actually, prevents reading from " +"stdin). Either this or the equivalent E<.Fl n> option must be used when E<." +"Nm ssh> is run in the background. The argument to this keyword must be E<." +"Cm yes> (same as the E<.Fl n> option) or E<.Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm StreamLocalBindMask" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Sets the octal file creation mode mask E<.Pq umask> used when creating a " +"Unix-domain socket file for local or remote port forwarding. This option is " +"only used for port forwarding to a Unix-domain socket file." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The default value is 0177, which creates a Unix-domain socket file that is " +"readable and writable only by the owner. Note that not all operating " +"systems honor the file mode on Unix-domain socket files." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm StreamLocalBindUnlink" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether to remove an existing Unix-domain socket file for local or " +"remote port forwarding before creating a new one. If the socket file " +"already exists and E<.Cm StreamLocalBindUnlink> is not enabled, E<.Nm ssh> " +"will be unable to forward the port to the Unix-domain socket file. This " +"option is only used for port forwarding to a Unix-domain socket file." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The argument must be E<.Cm yes> or E<.Cm no> (the default)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm StrictHostKeyChecking" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If this flag is set to E<.Cm yes>, E<.Xr ssh 1> will never automatically add " +"host keys to the E<.Pa ~/.ssh/known_hosts> file, and refuses to connect to " +"hosts whose host key has changed. This provides maximum protection against " +"man-in-the-middle (MITM) attacks, though it can be annoying when the E<.Pa /" +"etc/ssh/ssh_known_hosts> file is poorly maintained or when connections to " +"new hosts are frequently made. This option forces the user to manually add " +"all new hosts." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If this flag is set to E<.Cm accept-new> then ssh will automatically add new " +"host keys to the user's E<.Pa known_hosts> file, but will not permit " +"connections to hosts with changed host keys. If this flag is set to E<.Cm " +"no> or E<.Cm off>, ssh will automatically add new host keys to the user " +"known hosts files and allow connections to hosts with changed hostkeys to " +"proceed, subject to some restrictions. If this flag is set to E<.Cm ask> " +"(the default), new host keys will be added to the user known host files only " +"after the user has confirmed that is what they really want to do, and ssh " +"will refuse to connect to hosts whose host key has changed. The host keys " +"of known hosts will be verified automatically in all cases." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm SyslogFacility" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Gives the facility code that is used when logging messages from E<.Xr ssh " +"1>. The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, " +"LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is USER." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm TCPKeepAlive" +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Specifies whether the system should send TCP keepalive messages to the other " +"side. If they are sent, death of the connection or crash of one of the " +"machines will be properly noticed. However, this means that connections " +"will die if the route is down temporarily, and some people find it annoying." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The default is E<.Cm yes> (to send TCP keepalive messages), and the client " +"will notice if the network goes down or the remote host dies. This is " +"important in scripts, and many users want it too." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"To disable TCP keepalive messages, the value should be set to E<.Cm no>. " +"See also E<.Cm ServerAliveInterval> for protocol-level keepalives." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "Cm Tag" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Specify a configuration tag name that may be later used by a E<.Cm Match> " +"directive to select a block of configuration." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm Tunnel" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Request E<.Xr tun 4> device forwarding between the client and the server. " +"The argument must be E<.Cm yes>, E<.Cm point-to-point> (layer 3), E<.Cm " +"ethernet> (layer 2), or E<.Cm no> (the default). Specifying E<.Cm yes> " +"requests the default tunnel mode, which is E<.Cm point-to-point>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm TunnelDevice" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the E<.Xr tun 4> devices to open on the client E<.Pq Ar local_tun> " +"and the server E<.Pq Ar remote_tun>." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The argument must be E<.Sm off> E<.Ar local_tun Op : Ar remote_tun>. E<.Sm " +"on> The devices may be specified by numerical ID or the keyword E<.Cm any>, " +"which uses the next available tunnel device. If E<.Ar remote_tun> is not " +"specified, it defaults to E<.Cm any>. The default is E<.Cm any:any>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm UpdateHostKeys" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether E<.Xr ssh 1> should accept notifications of additional " +"hostkeys from the server sent after authentication has completed and add " +"them to E<.Cm UserKnownHostsFile>. The argument must be E<.Cm yes>, E<.Cm " +"no> or E<.Cm ask>. This option allows learning alternate hostkeys for a " +"server and supports graceful key rotation by allowing a server to send " +"replacement public keys before old ones are removed." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Additional hostkeys are only accepted if the key used to authenticate the " +"host was already trusted or explicitly accepted by the user, the host was " +"authenticated via E<.Cm UserKnownHostsFile> (i.e. not E<.Cm " +"GlobalKnownHostsFile>) and the host was authenticated using a plain key and " +"not a certificate." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"E<.Cm UpdateHostKeys> is enabled by default if the user has not overridden " +"the default E<.Cm UserKnownHostsFile> setting and has not enabled E<.Cm " +"VerifyHostKeyDNS>, otherwise E<.Cm UpdateHostKeys> will be set to E<.Cm no>." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If E<.Cm UpdateHostKeys> is set to E<.Cm ask>, then the user is asked to " +"confirm the modifications to the known_hosts file. Confirmation is " +"currently incompatible with E<.Cm ControlPersist>, and will be disabled if " +"it is enabled." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Presently, only E<.Xr sshd 8> from OpenSSH 6.8 and greater support the E<.Qq " +"hostkeys@openssh.com> protocol extension used to inform the client of all " +"the server's hostkeys." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm User" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the user to log in as. This can be useful when a different user " +"name is used on different machines. This saves the trouble of having to " +"remember to give the user name on the command line." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm UserKnownHostsFile" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies one or more files to use for the user host key database, separated " +"by whitespace. Each filename may use tilde notation to refer to the user's " +"home directory, the tokens described in the E<.Sx TOKENS> section and " +"environment variables as described in the E<.Sx ENVIRONMENT VARIABLES> " +"section. A value of E<.Cm none> causes E<.Xr ssh 1> to ignore any user-" +"specific known hosts files. The default is E<.Pa ~/.ssh/known_hosts>, E<.Pa " +"~/.ssh/known_hosts2>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm VerifyHostKeyDNS" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies whether to verify the remote key using DNS and SSHFP resource " +"records. If this option is set to E<.Cm yes>, the client will implicitly " +"trust keys that match a secure fingerprint from DNS. Insecure fingerprints " +"will be handled as if this option was set to E<.Cm ask>. If this option is " +"set to E<.Cm ask>, information on fingerprint match will be displayed, but " +"the user will still need to confirm new host keys according to the E<.Cm " +"StrictHostKeyChecking> option. The default is E<.Cm no>." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "See also E<.Sx VERIFYING HOST KEYS> in E<.Xr ssh 1>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm VisualHostKey" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"If this flag is set to E<.Cm yes>, an ASCII art representation of the remote " +"host key fingerprint is printed in addition to the fingerprint string at " +"login and for unknown host keys. If this flag is set to E<.Cm no> (the " +"default), no fingerprint strings are printed at login and only the " +"fingerprint string will be printed for unknown host keys." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Cm XAuthLocation" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Specifies the full pathname of the E<.Xr xauth 1> program. The default is " +"E<.Pa /usr/bin/xauth>." +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "PATTERNS" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"A E<.Em pattern> consists of zero or more non-whitespace characters, E<.Sq " +"*> (a wildcard that matches zero or more characters), or E<.Sq ?\\&> (a " +"wildcard that matches exactly one character). For example, to specify a set " +"of declarations for any host in the E<.Qq .co.uk> set of domains, the " +"following pattern could be used:" +msgstr "" + +#. type: Dl +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Host *.co.uk" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The following pattern would match any host in the 192.168.0.[0-9] network " +"range:" +msgstr "" + +#. type: Dl +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Host 192.168.0.?" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"A E<.Em pattern-list> is a comma-separated list of patterns. Patterns " +"within pattern-lists may be negated by preceding them with an exclamation " +"mark E<.Pq Sq !\\&>. For example, to allow a key to be used from anywhere " +"within an organization except from the E<.Qq dialup> pool, the following " +"entry (in authorized_keys) could be used:" +msgstr "" + +#. type: Dl +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "from=\\(dq!*.dialup.example.com,*.example.com\\(dq" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Note that a negated match will never produce a positive result by itself. " +"For example, attempting to match E<.Qq host3> against the following pattern-" +"list will fail:" +msgstr "" + +#. type: Dl +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "from=\\(dq!host1,!host2\\(dq" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The solution here is to include a term that will yield a positive match, " +"such as a wildcard:" +msgstr "" + +#. type: Dl +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "from=\\(dq!host1,!host2,*\\(dq" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "TOKENS" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Arguments to some keywords can make use of tokens, which are expanded at " +"runtime:" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%%" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "A literal E<.Sq %>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "\\&%C" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "Hash of %l%h%p%r%j." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%d" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "Local user's home directory." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%f" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The fingerprint of the server's host key." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%H" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The E<.Pa known_hosts> hostname or address that is being searched for." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%h" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The remote hostname." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "\\%%I" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"A string describing the reason for a E<.Cm KnownHostsCommand> execution: " +"either E<.Cm ADDRESS> when looking up a host by address (only when E<.Cm " +"CheckHostIP> is enabled), E<.Cm HOSTNAME> when searching by hostname, or E<." +"Cm ORDER> when preparing the host key algorithm preference list to use for " +"the destination host." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%i" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The local user ID." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide +#, no-wrap +msgid "%j" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"The contents of the ProxyJump option, or the empty string if this option is " +"unset." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%K" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The base64 encoded host key." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%k" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The host key alias if specified, otherwise the original remote hostname " +"given on the command line." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%L" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The local hostname." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%l" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The local hostname, including the domain name." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The original remote hostname, as given on the command line." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%p" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The remote port." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%r" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The remote username." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "\\&%T" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The local E<.Xr tun 4> or E<.Xr tap 4> network interface assigned if tunnel " +"forwarding was requested, or E<.Qq NONE> otherwise." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%t" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The type of the server host key, e.g. E<.Cm ssh-ed25519>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "%u" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "The local username." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"E<.Cm CertificateFile>, E<.Cm ControlPath>, E<.Cm IdentityAgent>, E<.Cm " +"IdentityFile>, E<.Cm KnownHostsCommand>, E<.Cm LocalForward>, E<.Cm Match " +"exec>, E<.Cm RemoteCommand>, E<.Cm RemoteForward>, E<.Cm RevokedHostKeys>, " +"and E<.Cm UserKnownHostsFile> accept the tokens %%, %C, %d, %h, %i, %j, %k, " +"%L, %l, %n, %p, %r, and %u." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"E<.Cm KnownHostsCommand> additionally accepts the tokens %f, %H, %I, %K and " +"%t." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "E<.Cm Hostname> accepts the tokens %% and %h." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "E<.Cm LocalCommand> accepts all tokens." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"E<.Cm ProxyCommand> and E<.Cm ProxyJump> accept the tokens %%, %h, %n, %p, " +"and %r." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide +msgid "" +"Note that some of these directives build commands for execution via the " +"shell. Because E<.Xr ssh 1> performs no filtering or escaping of characters " +"that have special meaning in shell commands (e.g. quotes), it is the user's " +"responsibility to ensure that the arguments passed to E<.Xr ssh 1> do not " +"contain such characters and that tokens are appropriately quoted when used." +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "ENVIRONMENT VARIABLES" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Arguments to some keywords can be expanded at runtime from environment " +"variables on the client by enclosing them in E<.Ic ${}>, for example E<.Ic " +"${HOME}/.ssh> would refer to the user's .ssh directory. If a specified " +"environment variable does not exist then an error will be returned and the " +"setting for that keyword will be ignored." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"The keywords E<.Cm CertificateFile>, E<.Cm ControlPath>, E<.Cm " +"IdentityAgent>, E<.Cm IdentityFile>, E<.Cm KnownHostsCommand>, and E<.Cm " +"UserKnownHostsFile> support environment variables. The keywords E<.Cm " +"LocalForward> and E<.Cm RemoteForward> support environment variables only " +"for Unix domain socket paths." +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "FILES" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Pa ~/.ssh/config" +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"This is the per-user configuration file. The format of this file is " +"described above. This file is used by the SSH client. Because of the " +"potential for abuse, this file must have strict permissions: read/write for " +"the user, and not writable by others." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Pa /etc/ssh/ssh_config" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"Systemwide configuration file. This file provides defaults for those values " +"that are not specified in the user's configuration file, and for those users " +"who do not have a configuration file. This file must be world-readable." +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "SEE ALSO" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable mageia-cauldron +msgid "E<.Xr ssh 1>" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "AUTHORS" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +msgid "" +"E<.An -nosplit> OpenSSH is a derivative of the original and free ssh 1.2.12 " +"release by E<.An Tatu Ylonen>. E<.An Aaron Campbell , Bob Beck , Markus " +"Friedl>, E<.An Niels Provos , Theo de Raadt> and E<.An Dug Song> removed " +"many bugs, re-added newer features and created OpenSSH. E<.An Markus " +"Friedl> contributed the support for SSH protocol versions 1.5 and 2.0." +msgstr "" + +#. type: Dd +#: debian-bookworm +#, no-wrap +msgid "$Mdocdate: January 13 2023 $" +msgstr "" + +#. type: Plain text +#: debian-bookworm +msgid "" +"For each parameter, the first obtained value will be used. The " +"configuration files contain sections separated by E<.Cm Host> " +"specifications, and that section is only applied for hosts that match one of " +"the patterns given in the specification. The matched host name is usually " +"the one given on the command line (see the E<.Cm CanonicalizeHostname> " +"option for exceptions)." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"Note that the Debian E<.Ic openssh-client> package sets several options as " +"standard in E<.Pa /etc/ssh/ssh_config> which are not the default in E<.Xr " +"ssh 1>:" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "E<.Cm Include /etc/ssh/ssh_config.d/*.conf>" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "E<.Cm SendEnv No LANG LC_*>" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "E<.Cm HashKnownHosts No yes>" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "E<.Cm GSSAPIAuthentication No yes>" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"E<.Pa /etc/ssh/ssh_config.d/*.conf> files are included at the start of the " +"system-wide configuration file, so options set there will override those in " +"E<.Pa /etc/ssh/ssh_config.>" +msgstr "" + +#. type: Plain text +#: debian-bookworm mageia-cauldron +msgid "" +"Restricts the following declarations (up to the next E<.Cm Host> or E<.Cm " +"Match> keyword) to be used only when the conditions following the E<.Cm " +"Match> keyword are satisfied. Match conditions are specified using one or " +"more criteria or the single token E<.Cm all> which always matches. The " +"available criteria keywords are: E<.Cm canonical>, E<.Cm final>, E<.Cm " +"exec>, E<.Cm host>, E<.Cm originalhost>, E<.Cm user>, and E<.Cm localuser>. " +"The E<.Cm all> criteria must appear alone or immediately after E<.Cm " +"canonical> or E<.Cm final>. Other criteria may be combined arbitrarily. " +"All criteria but E<.Cm all>, E<.Cm canonical>, and E<.Cm final> require an " +"argument. Criteria may be negated by prepending an exclamation mark E<.Pq " +"Sq !\\&>." +msgstr "" + +#. type: Plain text +#: debian-bookworm mageia-cauldron +msgid "" +"The other keywords' criteria must be single entries or comma-separated lists " +"and may use the wildcard and negation operators described in the E<.Sx " +"PATTERNS> section. The criteria for the E<.Cm host> keyword are matched " +"against the target hostname, after any substitution by the E<.Cm Hostname> " +"or E<.Cm CanonicalizeHostname> options. The E<.Cm originalhost> keyword " +"matches against the hostname as it was specified on the command-line. The " +"E<.Cm user> keyword matches against the target username on the remote host. " +"The E<.Cm localuser> keyword matches against the name of the local user " +"running E<.Xr ssh 1> (this keyword may be useful in system-wide E<.Nm> " +"files)." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"If set to E<.Cm yes>, user interaction such as password prompts and host key " +"confirmation requests will be disabled. In addition, the E<.Cm " +"ServerAliveInterval> option will be set to 300 seconds by default (Debian-" +"specific). This option is useful in scripts and other batch jobs where no " +"user is present to interact with E<.Xr ssh 1>, and where it is desirable to " +"detect a broken network swiftly. The argument must be E<.Cm yes> or E<.Cm " +"no> (the default)." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"If this option is set to E<.Cm yes>, (the Debian-specific default), remote " +"X11 clients will have full access to the original X11 display." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"If this option is set to E<.Cm no> (the upstream default), remote X11 " +"clients will be considered untrusted and prevented from stealing or " +"tampering with data belonging to trusted X11 clients. Furthermore, the E<." +"Xr xauth 1> token used for the session will be set to expire after 20 " +"minutes. Remote clients will be refused access after this time." +msgstr "" + +#. type: It +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Cm GSSAPIClientIdentity" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"If set, specifies the GSSAPI client identity that ssh should use when " +"connecting to the server. The default is unset, which means that the default " +"identity will be used." +msgstr "" + +#. type: It +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Cm GSSAPIKeyExchange" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Specifies whether key exchange based on GSSAPI may be used. When using " +"GSSAPI key exchange the server need not have a host key. The default is E<." +"Dq no>." +msgstr "" + +#. type: It +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Cm GSSAPIRenewalForcesRekey" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"If set to E<.Dq yes> then renewal of the client's GSSAPI credentials will " +"force the rekeying of the ssh connection. With a compatible server, this " +"will delegate the renewed credentials to a session on the server." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Checks are made to ensure that credentials are only propagated when the new " +"credentials match the old ones on the originating client and where the " +"receiving server still has the old set in its cache." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "The default is E<.Dq no>." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"For this to work E<.Cm GSSAPIKeyExchange> needs to be enabled in the server " +"and also used by the client." +msgstr "" + +#. type: It +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Cm GSSAPIServerIdentity" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"If set, specifies the GSSAPI server identity that ssh should expect when " +"connecting to the server. The default is unset, which means that the " +"expected GSSAPI server identity will be determined from the target hostname." +msgstr "" + +#. type: It +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Cm GSSAPITrustDns" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Set to E<.Dq yes> to indicate that the DNS is trusted to securely " +"canonicalize the name of the host being connected to. If E<.Dq no>, the " +"hostname entered on the command line will be passed untouched to the GSSAPI " +"library. The default is E<.Dq no>." +msgstr "" + +#. type: It +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Cm GSSAPIKexAlgorithms" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"The list of key exchange algorithms that are offered for GSSAPI key " +"exchange. Possible values are" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "" +"gss-gex-sha1-,\n" +"gss-group1-sha1-,\n" +"gss-group14-sha1-,\n" +"gss-group14-sha256-,\n" +"gss-group16-sha512-,\n" +"gss-nistp256-sha256-,\n" +"gss-curve25519-sha256-\n" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"The default is E<.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-" +"sha256-,gss-curve25519-sha256-,gss-gex-sha1-,gss-group14-sha1->. This " +"option only applies to connections using GSSAPI." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"Indicates that E<.Xr ssh 1> should hash host names and addresses when they " +"are added to E<.Pa ~/.ssh/known_hosts>. These hashed names may be used " +"normally by E<.Xr ssh 1> and E<.Xr sshd 8>, but they do not visually reveal " +"identifying information if the file's contents are disclosed. The default " +"is E<.Cm no>. Note that existing names and addresses in known hosts files " +"will not be converted automatically, but may be manually hashed using E<.Xr " +"ssh-keygen 1>. Use of this option may break facilities such as tab-" +"completion that rely on being able to read unhashed host names from E<.Pa ~/." +"ssh/known_hosts>." +msgstr "" + +#. type: Plain text +#: debian-bookworm mageia-cauldron +msgid "" +"Arguments to E<.Cm IdentityFile> may use the tilde syntax to refer to a " +"user's home directory or the tokens described in the E<.Sx TOKENS> section." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"Specifies the IPv4 type-of-service or DSCP class for connections. Accepted " +"values are E<.Cm af11>, E<.Cm af12>, E<.Cm af13>, E<.Cm af21>, E<.Cm af22>, " +"E<.Cm af23>, E<.Cm af31>, E<.Cm af32>, E<.Cm af33>, E<.Cm af41>, E<.Cm " +"af42>, E<.Cm af43>, E<.Cm cs0>, E<.Cm cs1>, E<.Cm cs2>, E<.Cm cs3>, E<.Cm " +"cs4>, E<.Cm cs5>, E<.Cm cs6>, E<.Cm cs7>, E<.Cm ef>, E<.Cm le>, E<.Cm " +"lowdelay>, E<.Cm throughput>, E<.Cm reliability>, a numeric value, or E<.Cm " +"none> to use the operating system default. This option may take one or two " +"arguments, separated by whitespace. If one argument is specified, it is " +"used as the packet class unconditionally. If two values are specified, the " +"first is automatically selected for interactive sessions and the second for " +"non-interactive sessions. The default is E<.Cm lowdelay> for interactive " +"sessions and E<.Cm throughput> for non-interactive sessions." +msgstr "" + +#. type: Plain text +#: debian-bookworm mageia-cauldron +msgid "" +"Specifies revoked host public keys. Keys listed in this file will be " +"refused for host authentication. Note that if this file does not exist or " +"is not readable, then host authentication will be refused for all hosts. " +"Keys may be specified as a text file, listing one public key per line, or as " +"an OpenSSH Key Revocation List (KRL) as generated by E<.Xr ssh-keygen 1>. " +"For more information on KRLs, see the KEY REVOCATION LISTS section in E<.Xr " +"ssh-keygen 1>." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"Sets a timeout interval in seconds after which if no data has been received " +"from the server, E<.Xr ssh 1> will send a message through the encrypted " +"channel to request a response from the server. The default is 0, indicating " +"that these messages will not be sent to the server, or 300 if the E<.Cm " +"BatchMode> option is set (Debian-specific). E<.Cm ProtocolKeepAlives> and " +"E<.Cm SetupTimeOut> are Debian-specific compatibility aliases for this " +"option." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"Specifies whether the system should send TCP keepalive messages to the other " +"side. If they are sent, death of the connection or crash of one of the " +"machines will be properly noticed. This option only uses TCP keepalives (as " +"opposed to using ssh level keepalives), so takes a long time to notice when " +"the connection dies. As such, you probably want the E<.Cm " +"ServerAliveInterval> option as well. However, this means that connections " +"will die if the route is down temporarily, and some people find it annoying." +msgstr "" + +#. type: Plain text +#: debian-bookworm mageia-cauldron +msgid "Hash of %l%h%p%r." +msgstr "" + +#. type: Plain text +#: debian-bookworm mageia-cauldron +msgid "" +"E<.Cm CertificateFile>, E<.Cm ControlPath>, E<.Cm IdentityAgent>, E<.Cm " +"IdentityFile>, E<.Cm KnownHostsCommand>, E<.Cm LocalForward>, E<.Cm Match " +"exec>, E<.Cm RemoteCommand>, E<.Cm RemoteForward>, and E<.Cm " +"UserKnownHostsFile> accept the tokens %%, %C, %d, %h, %i, %k, %L, %l, %n, " +"%p, %r, and %u." +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"This is the per-user configuration file. The format of this file is " +"described above. This file is used by the SSH client. Because of the " +"potential for abuse, this file must have strict permissions: read/write for " +"the user, and not writable by others. It may be group-writable provided " +"that the group in question contains only the user." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"The default is handled system-wide by E<.Xr crypto-policies 7>. Information " +"about defaults, how to modify the defaults and how to customize existing " +"policies with sub-policies are present in manual page E<.Xr update-crypto-" +"policies 8>." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Specifies which algorithms are allowed for signing of certificates by " +"certificate authorities (CAs). If the specified list begins with a E<.Sq +> " +"character, then the specified algorithms will be appended to the default set " +"instead of replacing them. If the specified list begins with a E<.Sq -> " +"character, then the specified algorithms (including wildcards) will be " +"removed from the default set instead of replacing them." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Specifies the ciphers allowed and their order of preference. Multiple " +"ciphers must be comma-separated. If the specified list begins with a E<.Sq " +"+> character, then the specified ciphers will be appended to the built-in " +"openssh default set instead of replacing them. If the specified list begins " +"with a E<.Sq -> character, then the specified ciphers (including wildcards) " +"will be removed from the built-in openssh default set instead of replacing " +"them. If the specified list begins with a E<.Sq ^> character, then the " +"specified ciphers will be placed at the head of the built-in openssh default " +"set." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "This option only applies to connections using GSSAPI." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide +msgid "" +"Specifies the signature algorithms that will be used for hostbased " +"authentication as a comma-separated list of patterns. Alternately if the " +"specified list begins with a E<.Sq +> character, then the specified " +"signature algorithms will be appended to the built-in openssh default set " +"instead of replacing them. If the specified list begins with a E<.Sq -> " +"character, then the specified signature algorithms (including wildcards) " +"will be removed from the built-in openssh default set instead of replacing " +"them. If the specified list begins with a E<.Sq ^> character, then the " +"specified signature algorithms will be placed at the head of the built-in " +"openssh default set." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide +msgid "" +"The proposed E<.Cm HostKeyAlgorithms> during KEX are limited to the set of " +"algorithms that is defined in E<.Cm PubkeyAcceptedAlgorithms> and therefore " +"they are indirectly affected by system-wide E<.Xr crypto_policies 7>. E<.Xr " +"crypto_policies 7 can not handle the list of host key algorithms directly as " +"doing so> would break the order given by the E<.Pa known_hosts> file." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"The authentication identity can be also specified in a form of PKCS#11 URI " +"starting with a string E<.Cm pkcs11:>. There is supported a subset of the " +"PKCS#11 URI as defined in RFC 7512 (implemented path arguments E<.Cm id>, E<." +"Cm manufacturer>, E<.Cm object>, E<.Cm token> and query arguments E<.Cm " +"module-path> and E<.Cm pin-value> ). The URI can not be in quotes." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Specifies the available KEX (Key Exchange) algorithms. Multiple algorithms " +"must be comma-separated. If the specified list begins with a E<.Sq +> " +"character, then the specified methods will be appended to the built-in " +"openssh default set instead of replacing them. If the specified list begins " +"with a E<.Sq -> character, then the specified algorithms (including " +"wildcards) will be removed from the built-in openssh default set instead of " +"replacing them. If the specified list begins with a E<.Sq ^> character, " +"then the specified algorithms will be placed at the head of the built-in " +"openssh default set." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Specifies the MAC (message authentication code) algorithms in order of " +"preference. The MAC algorithm is used for data integrity protection. " +"Multiple algorithms must be comma-separated. If the specified list begins " +"with a E<.Sq +> character, then the specified algorithms will be appended to " +"the built-in openssh default set instead of replacing them. If the " +"specified list begins with a E<.Sq -> character, then the specified " +"algorithms (including wildcards) will be removed from the built-in openssh " +"default set instead of replacing them. If the specified list begins with a " +"E<.Sq ^> character, then the specified algorithms will be placed at the head " +"of the built-in openssh default set." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Specifies the signature algorithms that will be used for public key " +"authentication as a comma-separated list of patterns. If the specified list " +"begins with a E<.Sq +> character, then the algorithms after it will be " +"appended to the built-in openssh default instead of replacing it. If the " +"specified list begins with a E<.Sq -> character, then the specified " +"algorithms (including wildcards) will be removed from the built-in openssh " +"default set instead of replacing them. If the specified list begins with a " +"E<.Sq ^> character, then the specified algorithms will be placed at the head " +"of the built-in openssh default set." +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide +msgid "This option affects also E<.Cm HostKeyAlgorithms>" +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide +msgid "E<.Xr ssh 1>, E<.Xr crypto-policies 7>, E<.Xr update-crypto-policies 8>" +msgstr "" + +#. type: Dd +#: mageia-cauldron +#, no-wrap +msgid "$Mdocdate: March 10 2023 $" +msgstr "" + +#. type: Plain text +#: mageia-cauldron +msgid "" +"E<.Xr crypto_policies 7 does not handle the list of algorithms as doing so> " +"would break the order given by the E<.Pa known_hosts> file. Therefore the " +"list is filtered by E<.Cm PubkeyAcceptedAlgorithms.>" +msgstr "" |