diff options
Diffstat (limited to '')
| -rw-r--r-- | templates/man8/sshd.8.pot | 1940 |
1 files changed, 1940 insertions, 0 deletions
diff --git a/templates/man8/sshd.8.pot b/templates/man8/sshd.8.pot new file mode 100644 index 00000000..e89accb4 --- /dev/null +++ b/templates/man8/sshd.8.pot @@ -0,0 +1,1940 @@ +# SOME DESCRIPTIVE TITLE +# Copyright (C) YEAR Free Software Foundation, Inc. +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"POT-Creation-Date: 2024-03-01 17:08+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" +"Language-Team: LANGUAGE <LL@li.org>\n" +"Language: \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. type: Dd +#: archlinux debian-unstable fedora-40 fedora-rawhide opensuse-tumbleweed +#, no-wrap +msgid "$Mdocdate: September 19 2023 $" +msgstr "" + +#. type: Dt +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "SSHD 8" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "NAME" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "E<.Nm sshd>" +msgstr "" + +#. type: Nd +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "OpenSSH daemon" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "SYNOPSIS" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#: opensuse-tumbleweed +msgid "" +"E<.Nm sshd> E<.Bk -words> E<.Op Fl 46DdeGiqTtV> E<.Op Fl C Ar " +"connection_spec> E<.Op Fl c Ar host_certificate_file> E<.Op Fl E Ar " +"log_file> E<.Op Fl f Ar config_file> E<.Op Fl g Ar login_grace_time> E<.Op " +"Fl h Ar host_key_file> E<.Op Fl o Ar option> E<.Op Fl p Ar port> E<.Op Fl u " +"Ar len> E<.Ek>" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "DESCRIPTION" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"E<.Nm> (OpenSSH Daemon) is the daemon program for E<.Xr ssh 1>. It provides " +"secure encrypted communications between two untrusted hosts over an insecure " +"network." +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed +msgid "" +"E<.Nm> listens for connections from clients. It is normally started at boot " +"from E<.Pa /etc/rc>. It forks a new daemon for each incoming connection. " +"The forked daemons handle key exchange, encryption, authentication, command " +"execution, and data exchange." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"E<.Nm> can be configured using command-line options or a configuration file " +"(by default E<.Xr sshd_config 5>); command-line options override values " +"specified in the configuration file. E<.Nm> rereads its configuration file " +"when it receives a hangup signal, E<.Dv SIGHUP>, by executing itself with " +"the name and options it was started with, e.g.\\& E<.Pa /usr/sbin/sshd>." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "The options are as follows:" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl 4" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Forces E<.Nm> to use IPv4 addresses only." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl 6" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Forces E<.Nm> to use IPv6 addresses only." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl C Ar connection_spec" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specify the connection parameters to use for the E<.Fl T> extended test " +"mode. If provided, any E<.Cm Match> directives in the configuration file " +"that would apply are applied before the configuration is written to standard " +"output. The connection parameters are supplied as keyword=value pairs and " +"may be supplied in any order, either with multiple E<.Fl C> options or as a " +"comma-separated list. The keywords are E<.Dq addr>, E<.Dq user>, E<.Dq " +"host>, E<.Dq laddr>, E<.Dq lport>, and E<.Dq rdomain> and correspond to " +"source address, user, resolved source host name, local address, local port " +"number and routing domain respectively." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl c Ar host_certificate_file" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specifies a path to a certificate file to identify E<.Nm> during key " +"exchange. The certificate file must match a host key file specified using " +"the E<.Fl h> option or the E<.Cm HostKey> configuration directive." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl D" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"When this option is specified, E<.Nm> will not detach and does not become a " +"daemon. This allows easy monitoring of E<.Nm sshd>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl d" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Debug mode. The server sends verbose debug output to standard error, and " +"does not put itself in the background. The server also will not E<.Xr fork " +"2> and will only process one connection. This option is only intended for " +"debugging for the server. Multiple E<.Fl d> options increase the debugging " +"level. Maximum is 3." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl E Ar log_file" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Append debug logs to E<.Ar log_file> instead of the system log." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl e" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Write debug logs to standard error instead of the system log." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl f Ar config_file" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specifies the name of the configuration file. The default is E<.Pa /etc/ssh/" +"sshd_config>. E<.Nm> refuses to start if there is no configuration file." +msgstr "" + +#. type: It +#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#: opensuse-tumbleweed +#, no-wrap +msgid "Fl G" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#: opensuse-tumbleweed +msgid "" +"Parse and print configuration file. Check the validity of the configuration " +"file, output the effective configuration to stdout and then exit. " +"Optionally, E<.Cm Match> rules may be applied by specifying the connection " +"parameters using one or more E<.Fl C> options." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl g Ar login_grace_time" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Gives the grace time for clients to authenticate themselves (default 120 " +"seconds). If the client fails to authenticate the user within this many " +"seconds, the server disconnects and exits. A value of zero indicates no " +"limit." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl h Ar host_key_file" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specifies a file from which a host key is read. This option must be given " +"if E<.Nm> is not run as root (as the normal host key files are normally not " +"readable by anyone but root). The default is E<.Pa /etc/ssh/" +"ssh_host_ecdsa_key>, E<.Pa /etc/ssh/ssh_host_ed25519_key> and E<.Pa /etc/ssh/" +"ssh_host_rsa_key>. It is possible to have multiple host key files for the " +"different host key algorithms." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl i" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Specifies that E<.Nm> is being run from E<.Xr inetd 8>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl o Ar option" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Can be used to give options in the format used in the configuration file. " +"This is useful for specifying options for which there is no separate command-" +"line flag. For full details of the options, and their values, see E<.Xr " +"sshd_config 5>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl p Ar port" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specifies the port on which the server listens for connections (default " +"22). Multiple port options are permitted. Ports specified in the " +"configuration file with the E<.Cm Port> option are ignored when a command-" +"line port is specified. Ports specified using the E<.Cm ListenAddress> " +"option override command-line ports." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl q" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Quiet mode. Nothing is sent to the system log. Normally the beginning, " +"authentication, and termination of each connection is logged." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl T" +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron +#: opensuse-tumbleweed +msgid "" +"Extended test mode. Check the validity of the configuration file, output " +"the effective configuration to stdout and then exit. Optionally, E<.Cm " +"Match> rules may be applied by specifying the connection parameters using " +"one or more E<.Fl C> options. This is similar to the E<.Fl G> flag, but it " +"includes the additional testing performed by the E<.Fl t> flag." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl t" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Test mode. Only check the validity of the configuration file and sanity of " +"the keys. This is useful for updating E<.Nm> reliably as configuration " +"options may change." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl u Ar len" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This option is used to specify the size of the field in the E<.Vt utmp> " +"structure that holds the remote host name. If the resolved host name is " +"longer than E<.Ar len>, the dotted decimal value will be used instead. This " +"allows hosts with very long host names that overflow this field to still be " +"uniquely identified. Specifying E<.Fl u0> indicates that only dotted " +"decimal addresses should be put into the E<.Pa utmp> file. E<.Fl u0> may " +"also be used to prevent E<.Nm> from making DNS requests unless the " +"authentication mechanism or configuration requires it. Authentication " +"mechanisms that may require DNS include E<.Cm HostbasedAuthentication> and " +"using a E<.Cm from=\"pattern-list\"> option in a key file. Configuration " +"options that require DNS include using a USER@HOST pattern in E<.Cm " +"AllowUsers> or E<.Cm DenyUsers>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Fl V" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Display the version number and exit." +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "AUTHENTICATION" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The OpenSSH SSH daemon supports SSH protocol 2 only. Each host has a host-" +"specific key, used to identify the host. Whenever a client connects, the " +"daemon responds with its public host key. The client compares the host key " +"against its own database to verify that it has not changed. Forward secrecy " +"is provided through a Diffie-Hellman key agreement. This key agreement " +"results in a shared session key. The rest of the session is encrypted using " +"a symmetric cipher. The client selects the encryption algorithm to use from " +"those offered by the server. Additionally, session integrity is provided " +"through a cryptographic message authentication code (MAC)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable opensuse-tumbleweed +msgid "" +"Finally, the server and the client enter an authentication dialog. The " +"client tries to authenticate itself using host-based authentication, public " +"key authentication, challenge-response authentication, or password " +"authentication." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Regardless of the authentication type, the account is checked to ensure that " +"it is accessible. An account is not accessible if it is locked, listed in " +"E<.Cm DenyUsers> or its group is listed in E<.Cm DenyGroups> \\&. The " +"definition of a locked account is system dependent. Some platforms have " +"their own account database (eg AIX) and some modify the passwd field ( E<.Ql " +"\\&*LK\\&*> on Solaris and UnixWare, E<.Ql \\&*> on HP-UX, containing E<.Ql " +"Nologin> on Tru64, a leading E<.Ql \\&*LOCKED\\&*> on FreeBSD and a leading " +"E<.Ql \\&!> on most Linuxes). If there is a requirement to disable password " +"authentication for the account while allowing still public-key, then the " +"passwd field should be set to something other than these values (eg E<.Ql " +"NP> or E<.Ql \\&*NP\\&*> )." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"If the client successfully authenticates itself, a dialog for preparing the " +"session is entered. At this time the client may request things like " +"allocating a pseudo-tty, forwarding X11 connections, forwarding TCP " +"connections, or forwarding the authentication agent connection over the " +"secure channel." +msgstr "" + +#. type: Plain text +#: archlinux debian-unstable fedora-40 fedora-rawhide opensuse-tumbleweed +msgid "" +"After this, the client either requests an interactive shell or execution of " +"a non-interactive command, which E<.Nm> will execute via the user's shell " +"using its E<.Fl c> option. The sides then enter session mode. In this " +"mode, either side may send data at any time, and such data is forwarded to/" +"from the shell or command on the server side, and the user terminal in the " +"client side." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"When the user program terminates and all forwarded X11 and other connections " +"have been closed, the server sends command exit status to the client, and " +"both sides exit." +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "LOGIN PROCESS" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "When a user successfully logs in, E<.Nm> does the following:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"If the login is on a tty, and no command has been specified, prints last " +"login time and E<.Pa /etc/motd> (unless prevented in the configuration file " +"or by E<.Pa ~/.hushlogin>; see the E<.Sx FILES> section)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "If the login is on a tty, records login time." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Checks E<.Pa /etc/nologin>; if it exists, prints contents and quits (unless " +"root)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Changes to run with normal user privileges." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Sets up basic environment." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Reads the file E<.Pa ~/.ssh/environment>, if it exists, and users are " +"allowed to change their environment. See the E<.Cm PermitUserEnvironment> " +"option in E<.Xr sshd_config 5>." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Changes to user's home directory." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"If E<.Pa ~/.ssh/rc> exists and the E<.Xr sshd_config 5> E<.Cm PermitUserRC> " +"option is set, runs it; else if E<.Pa /etc/ssh/sshrc> exists, runs it; " +"otherwise runs E<.Xr xauth 1>. The E<.Dq rc> files are given the X11 " +"authentication protocol and cookie in standard input. See E<.Sx SSHRC>, " +"below." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Runs user's shell or command. All commands are run under the user's login " +"shell as specified in the system password database." +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "SSHRC" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"If the file E<.Pa ~/.ssh/rc> exists, E<.Xr sh 1> runs it after reading the " +"environment files but before starting the user's shell or command. It must " +"not produce any output on stdout; stderr must be used instead. If X11 " +"forwarding is in use, it will receive the \"proto cookie\" pair in its " +"standard input (and E<.Ev DISPLAY> in its environment). The script must " +"call E<.Xr xauth 1> because E<.Nm> will not run xauth automatically to add " +"X11 cookies." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The primary purpose of this file is to run any initialization routines which " +"may be needed before the user's home directory becomes accessible; AFS is a " +"particular example of such an environment." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This file will probably contain some initialization code followed by " +"something similar to:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "" +"if read proto cookie && [ -n \"$DISPLAY\" ]; then\n" +"\tif [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then\n" +"\t\t# X11UseLocalhost=yes\n" +"\t\techo add unix:`echo $DISPLAY |\n" +"\t\t cut -c11-` $proto $cookie\n" +"\telse\n" +"\t\t# X11UseLocalhost=no\n" +"\t\techo add $DISPLAY $proto $cookie\n" +"\tfi | xauth -q -\n" +"fi\n" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"If this file does not exist, E<.Pa /etc/ssh/sshrc> is run, and if that does " +"not exist either, xauth is used to add the cookie." +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "AUTHORIZED_KEYS FILE FORMAT" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"E<.Cm AuthorizedKeysFile> specifies the files containing public keys for " +"public key authentication; if this option is not specified, the default is " +"E<.Pa ~/.ssh/authorized_keys> and E<.Pa ~/.ssh/authorized_keys2>. Each line " +"of the file contains one key (empty lines and lines starting with a E<.Ql #> " +"are ignored as comments). Public keys consist of the following space-" +"separated fields: options, keytype, base64-encoded key, comment. The " +"options field is optional. The supported key types are:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "sk-ecdsa-sha2-nistp256@openssh.com" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "ecdsa-sha2-nistp256" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "ecdsa-sha2-nistp384" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "ecdsa-sha2-nistp521" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "sk-ssh-ed25519@openssh.com" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "ssh-ed25519" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "ssh-dss" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "ssh-rsa" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The comment field is not used for anything (but may be convenient for the " +"user to identify the key)." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Note that lines in this file can be several hundred bytes long (because of " +"the size of the public key encoding) up to a limit of 8 kilobytes, which " +"permits RSA keys up to 16 kilobits. You don't want to type them in; " +"instead, copy the E<.Pa id_dsa.pub>, E<.Pa id_ecdsa.pub>, E<.Pa id_ecdsa_sk." +"pub>, E<.Pa id_ed25519.pub>, E<.Pa id_ed25519_sk.pub>, or the E<.Pa id_rsa." +"pub> file and edit it." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "E<.Nm> enforces a minimum RSA key modulus size of 1024 bits." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The options (if present) consist of comma-separated option specifications. " +"No spaces are permitted, except within double quotes. The following option " +"specifications are supported (note that option keywords are case-" +"insensitive):" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm agent-forwarding" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Enable authentication agent forwarding previously disabled by the E<.Cm " +"restrict> option." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm cert-authority" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specifies that the listed key is a certification authority (CA) that is " +"trusted to validate signed certificates for user authentication." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Certificates may encode access restrictions similar to these key options. " +"If both certificate restrictions and key options are present, the most " +"restrictive union of the two is applied." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm command=\"command\"" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specifies that the command is executed whenever this key is used for " +"authentication. The command supplied by the user (if any) is ignored. The " +"command is run on a pty if the client requests a pty; otherwise it is run " +"without a tty. If an 8-bit clean channel is required, one must not request " +"a pty or should specify E<.Cm no-pty>. A quote may be included in the " +"command by quoting it with a backslash." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This option might be useful to restrict certain public keys to perform just " +"a specific operation. An example might be a key that permits remote backups " +"but nothing else. Note that the client may specify TCP and/or X11 " +"forwarding unless they are explicitly prohibited, e.g. using the E<.Cm " +"restrict> key option." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The command originally supplied by the client is available in the E<.Ev " +"SSH_ORIGINAL_COMMAND> environment variable. Note that this option applies " +"to shell, command or subsystem execution. Also note that this command may " +"be superseded by a E<.Xr sshd_config 5> E<.Cm ForceCommand> directive." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"If a command is specified and a forced-command is embedded in a certificate " +"used for authentication, then the certificate will be accepted only if the " +"two commands are identical." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm environment=\"NAME=value\"" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specifies that the string is to be added to the environment when logging in " +"using this key. Environment variables set this way override other default " +"environment values. Multiple options of this type are permitted. " +"Environment processing is disabled by default and is controlled via the E<." +"Cm PermitUserEnvironment> option." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm expiry-time=\"timespec\"" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specifies a time after which the key will not be accepted. The time may be " +"specified as a YYYYMMDD[Z] date or a YYYYMMDDHHMM[SS][Z] time. Dates and " +"times will be interpreted in the system time zone unless suffixed by a Z " +"character, in which case they will be interpreted in the UTC time zone." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm from=\"pattern-list\"" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Specifies that in addition to public key authentication, either the " +"canonical name of the remote host or its IP address must be present in the " +"comma-separated list of patterns. See PATTERNS in E<.Xr ssh_config 5> for " +"more information on patterns." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"In addition to the wildcard matching that may be applied to hostnames or " +"addresses, a E<.Cm from> stanza may match IP addresses using CIDR address/" +"masklen notation." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The purpose of this option is to optionally increase security: public key " +"authentication by itself does not trust the network or name servers or " +"anything (but the key); however, if somebody somehow steals the key, the key " +"permits an intruder to log in from anywhere in the world. This additional " +"option makes using a stolen key more difficult (name servers and/or routers " +"would have to be compromised in addition to just the key)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm no-agent-forwarding" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Forbids authentication agent forwarding when this key is used for " +"authentication." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm no-port-forwarding" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Forbids TCP forwarding when this key is used for authentication. Any port " +"forward requests by the client will return an error. This might be used, e." +"g. in connection with the E<.Cm command> option." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm no-pty" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Prevents tty allocation (a request to allocate a pty will fail)." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm no-user-rc" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Disables execution of E<.Pa ~/.ssh/rc>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm no-X11-forwarding" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Forbids X11 forwarding when this key is used for authentication. Any X11 " +"forward requests by the client will return an error." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm permitlisten=\"[host:]port\"" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Limit remote port forwarding with the E<.Xr ssh 1> E<.Fl R> option such that " +"it may only listen on the specified host (optional) and port. IPv6 " +"addresses can be specified by enclosing the address in square brackets. " +"Multiple E<.Cm permitlisten> options may be applied separated by commas. " +"Hostnames may include wildcards as described in the PATTERNS section in E<." +"Xr ssh_config 5>. A port specification of E<.Cm *> matches any port. Note " +"that the setting of E<.Cm GatewayPorts> may further restrict listen " +"addresses. Note that E<.Xr ssh 1> will send a hostname of E<.Dq localhost> " +"if a listen host was not specified when the forwarding was requested, and " +"that this name is treated differently to the explicit localhost addresses E<." +"Dq 127.0.0.1> and E<.Dq ::1>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm permitopen=\"host:port\"" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Limit local port forwarding with the E<.Xr ssh 1> E<.Fl L> option such that " +"it may only connect to the specified host and port. IPv6 addresses can be " +"specified by enclosing the address in square brackets. Multiple E<.Cm " +"permitopen> options may be applied separated by commas. No pattern matching " +"or name lookup is performed on the specified hostnames, they must be literal " +"host names and/or addresses. A port specification of E<.Cm *> matches any " +"port." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm port-forwarding" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Enable port forwarding previously disabled by the E<.Cm restrict> option." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm principals=\"principals\"" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"On a E<.Cm cert-authority> line, specifies allowed principals for " +"certificate authentication as a comma-separated list. At least one name " +"from the list must appear in the certificate's list of principals for the " +"certificate to be accepted. This option is ignored for keys that are not " +"marked as trusted certificate signers using the E<.Cm cert-authority> option." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm pty" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Permits tty allocation previously disabled by the E<.Cm restrict> option." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm no-touch-required" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Do not require demonstration of user presence for signatures made using this " +"key. This option only makes sense for the FIDO authenticator algorithms E<." +"Cm ecdsa-sk> and E<.Cm ed25519-sk>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm verify-required" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Require that signatures made using this key attest that they verified the " +"user, e.g. via a PIN. This option only makes sense for the FIDO " +"authenticator algorithms E<.Cm ecdsa-sk> and E<.Cm ed25519-sk>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm restrict" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Enable all restrictions, i.e. disable port, agent and X11 forwarding, as " +"well as disabling PTY allocation and execution of E<.Pa ~/.ssh/rc>. If any " +"future restriction capabilities are added to authorized_keys files, they " +"will be included in this set." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm tunnel=\"n\"" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Force a E<.Xr tun 4> device on the server. Without this option, the next " +"available device will be used if the client requests a tunnel." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm user-rc" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Enables execution of E<.Pa ~/.ssh/rc> previously disabled by the E<.Cm " +"restrict> option." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Cm X11-forwarding" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Permits X11 forwarding previously disabled by the E<.Cm restrict> option." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "An example authorized_keys file:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "" +"# Comments are allowed at start of line. Blank lines are allowed.\n" +"# Plain key, no restrictions\n" +"ssh-rsa ...\n" +"# Forced command, disable PTY and all forwarding\n" +"restrict,command=\"dump /home\" ssh-rsa ...\n" +"# Restriction of ssh -L forwarding destinations\n" +"permitopen=\"192.0.2.1:80\",permitopen=\"192.0.2.2:25\" ssh-rsa ...\n" +"# Restriction of ssh -R forwarding listeners\n" +"permitlisten=\"localhost:8080\",permitlisten=\"[::1]:22000\" ssh-rsa ...\n" +"# Configuration for tunnel forwarding\n" +"tunnel=\"0\",command=\"sh /etc/netstart tun0\" ssh-rsa ...\n" +"# Override of restriction to allow PTY allocation\n" +"restrict,pty,command=\"nethack\" ssh-rsa ...\n" +"# Allow FIDO key without requiring touch\n" +"no-touch-required sk-ecdsa-sha2-nistp256@openssh.com ...\n" +"# Require user-verification (e.g. PIN or biometric) for FIDO key\n" +"verify-required sk-ecdsa-sha2-nistp256@openssh.com ...\n" +"# Trust CA key, allow touch-less FIDO if requested in certificate\n" +"cert-authority,no-touch-required,principals=\"user_a\" ssh-rsa ...\n" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "SSH_KNOWN_HOSTS FILE FORMAT" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The E<.Pa /etc/ssh/ssh_known_hosts> and E<.Pa ~/.ssh/known_hosts> files " +"contain host public keys for all known hosts. The global file should be " +"prepared by the administrator (optional), and the per-user file is " +"maintained automatically: whenever the user connects to an unknown host, its " +"key is added to the per-user file." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Each line in these files contains the following fields: marker (optional), " +"hostnames, keytype, base64-encoded key, comment. The fields are separated " +"by spaces." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The marker is optional, but if it is present then it must be one of E<.Dq " +"@cert-authority>, to indicate that the line contains a certification " +"authority (CA) key, or E<.Dq @revoked>, to indicate that the key contained " +"on the line is revoked and must not ever be accepted. Only one marker " +"should be used on a key line." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Hostnames is a comma-separated list of patterns E<.Pf ( Ql *> and E<.Ql \\&?" +"> act as wildcards); each pattern in turn is matched against the host name. " +"When E<.Nm sshd> is authenticating a client, such as when using E<.Cm " +"HostbasedAuthentication>, this will be the canonical client host name. When " +"E<.Xr ssh 1> is authenticating a server, this will be the host name given by " +"the user, the value of the E<.Xr ssh 1> E<.Cm HostkeyAlias> if it was " +"specified, or the canonical server hostname if the E<.Xr ssh 1> E<.Cm " +"CanonicalizeHostname> option was used." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"A pattern may also be preceded by E<.Ql \\&!> to indicate negation: if the " +"host name matches a negated pattern, it is not accepted (by that line) even " +"if it matched another pattern on the line. A hostname or address may " +"optionally be enclosed within E<.Ql \\&[> and E<.Ql \\&]> brackets then " +"followed by E<.Ql \\&:> and a non-standard port number." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Alternately, hostnames may be stored in a hashed form which hides host names " +"and addresses should the file's contents be disclosed. Hashed hostnames " +"start with a E<.Ql |> character. Only one hashed hostname may appear on a " +"single line and none of the above negation or wildcard operators may be " +"applied." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The keytype and base64-encoded key are taken directly from the host key; " +"they can be obtained, for example, from E<.Pa /etc/ssh/ssh_host_rsa_key." +"pub>. The optional comment field continues to the end of the line, and is " +"not used." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "Lines starting with E<.Ql #> and empty lines are ignored as comments." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"When performing host authentication, authentication is accepted if any " +"matching line has the proper key; either one that matches exactly or, if the " +"server has presented a certificate for authentication, the key of the " +"certification authority that signed the certificate. For a key to be " +"trusted as a certification authority, it must use the E<.Dq @cert-authority> " +"marker described above." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"The known hosts file also provides a facility to mark keys as revoked, for " +"example when it is known that the associated private key has been stolen. " +"Revoked keys are specified by including the E<.Dq @revoked> marker at the " +"beginning of the key line, and are never accepted for authentication or as " +"certification authorities, but instead will produce a warning from E<.Xr ssh " +"1> when they are encountered." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"It is permissible (but not recommended) to have several lines or different " +"host keys for the same names. This will inevitably happen when short forms " +"of host names from different domains are put in the file. It is possible " +"that the files contain conflicting information; authentication is accepted " +"if valid information can be found from either file." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Note that the lines in these files are typically hundreds of characters " +"long, and you definitely don't want to type in the host keys by hand. " +"Rather, generate them by a script, E<.Xr ssh-keyscan 1> or by taking, for " +"example, E<.Pa /etc/ssh/ssh_host_rsa_key.pub> and adding the host names at " +"the front. E<.Xr ssh-keygen 1> also offers some basic automated editing for " +"E<.Pa ~/.ssh/known_hosts> including removing hosts matching a host name and " +"converting all host names to their hashed representations." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "An example ssh_known_hosts file:" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "" +"# Comments allowed at start of line\n" +"cvs.example.net,192.0.2.10 ssh-rsa AAAA1234.....=\n" +"# A hashed hostname\n" +"|1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa\n" +"AAAA1234.....=\n" +"# A revoked key\n" +"@revoked * ssh-rsa AAAAB5W...\n" +"# A CA key, accepted for any host in *.mydomain.com or *.mydomain.org\n" +"@cert-authority *.mydomain.org,*.mydomain.com ssh-rsa AAAAB5W...\n" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "FILES" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa ~/.hushlogin" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This file is used to suppress printing the last login time and E<.Pa /etc/" +"motd>, if E<.Cm PrintLastLog> and E<.Cm PrintMotd>, respectively, are " +"enabled. It does not suppress printing of the banner specified by E<.Cm " +"Banner>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa ~/.rhosts" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This file is used for host-based authentication (see E<.Xr ssh 1> for more " +"information). On some machines this file may need to be world-readable if " +"the user's home directory is on an NFS partition, because E<.Nm> reads it as " +"root. Additionally, this file must be owned by the user, and must not have " +"write permissions for anyone else. The recommended permission for most " +"machines is read/write for the user, and not accessible by others." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa ~/.shosts" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This file is used in exactly the same way as E<.Pa .rhosts>, but allows host-" +"based authentication without permitting login with rlogin/rsh." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa ~/.ssh/" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This directory is the default location for all user-specific configuration " +"and authentication information. There is no general requirement to keep the " +"entire contents of this directory secret, but the recommended permissions " +"are read/write/execute for the user, and not accessible by others." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa ~/.ssh/authorized_keys" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Lists the public keys (DSA, ECDSA, Ed25519, RSA) that can be used for " +"logging in as this user. The format of this file is described above. The " +"content of the file is not highly sensitive, but the recommended permissions " +"are read/write for the user, and not accessible by others." +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"If this file, the E<.Pa ~/.ssh> directory, or the user's home directory are " +"writable by other users, then the file could be modified or replaced by " +"unauthorized users. In this case, E<.Nm> will not allow it to be used " +"unless the E<.Cm StrictModes> option has been set to E<.Dq no>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa ~/.ssh/environment" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This file is read into the environment at login (if it exists). It can only " +"contain empty lines, comment lines (that start with E<.Ql #>), and " +"assignment lines of the form name=value. The file should be writable only " +"by the user; it need not be readable by anyone else. Environment processing " +"is disabled by default and is controlled via the E<.Cm " +"PermitUserEnvironment> option." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa ~/.ssh/known_hosts" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Contains a list of host keys for all hosts the user has logged into that are " +"not already in the systemwide list of known host keys. The format of this " +"file is described above. This file should be writable only by root/the " +"owner and can, but need not be, world-readable." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa ~/.ssh/rc" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Contains initialization routines to be run before the user's home directory " +"becomes accessible. This file should be writable only by the user, and need " +"not be readable by anyone else." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/hosts.equiv" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This file is for host-based authentication (see E<.Xr ssh 1>). It should " +"only be writable by root." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/moduli" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Contains Diffie-Hellman groups used for the \"Diffie-Hellman Group " +"Exchange\" key exchange method. The file format is described in E<.Xr " +"moduli 5>. If no usable groups are found in this file then fixed internal " +"groups will be used." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/motd" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "See E<.Xr motd 5>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/nologin" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"If this file exists, E<.Nm> refuses to let anyone except root log in. The " +"contents of the file are displayed to anyone trying to log in, and non-root " +"connections are refused. The file should be world-readable." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron +#, no-wrap +msgid "Pa /etc/ssh/shosts.equiv" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"This file is used in exactly the same way as E<.Pa hosts.equiv>, but allows " +"host-based authentication without permitting login with rlogin/rsh." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/ssh_host_ecdsa_key" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/ssh_host_ed25519_key" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/ssh_host_rsa_key" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"These files contain the private parts of the host keys. These files should " +"only be owned by root, readable only by root, and not accessible to others. " +"Note that E<.Nm> does not start if these files are group/world-accessible." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/ssh_host_ecdsa_key.pub" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/ssh_host_ed25519_key.pub" +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/ssh_host_rsa_key.pub" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"These files contain the public parts of the host keys. These files should " +"be world-readable but writable only by root. Their contents should match " +"the respective private parts. These files are not really used for anything; " +"they are provided for the convenience of the user so their contents can be " +"copied to known hosts files. These files are created using E<.Xr ssh-keygen " +"1>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/ssh_known_hosts" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Systemwide list of known host keys. This file should be prepared by the " +"system administrator to contain the public host keys of all machines in the " +"organization. The format of this file is described above. This file should " +"be writable only by root/the owner and should be world-readable." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/sshd_config" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Contains configuration data for E<.Nm sshd>. The file format and " +"configuration options are described in E<.Xr sshd_config 5>." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/sshrc" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Similar to E<.Pa ~/.ssh/rc>, it can be used to specify machine-specific " +"login-time initializations globally. This file should be writable only by " +"root, and should be world-readable." +msgstr "" + +#. type: It +#: archlinux +#, no-wrap +msgid "Pa /var/empty" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"E<.Xr chroot 2> directory used by E<.Nm> during privilege separation in the " +"pre-authentication phase. The directory should not contain any files and " +"must be owned by root and not group or world-writable." +msgstr "" + +#. type: It +#: archlinux debian-bookworm debian-unstable opensuse-tumbleweed +#, no-wrap +msgid "Pa /run/sshd.pid" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"Contains the process ID of the E<.Nm> listening for connections (if there " +"are several daemons running concurrently for different ports, this contains " +"the process ID of the one started last). The content of this file is not " +"sensitive; it can be world-readable." +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "SEE ALSO" +msgstr "" + +#. type: Plain text +#: archlinux fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"E<.Xr scp 1>, E<.Xr sftp 1>, E<.Xr ssh 1>, E<.Xr ssh-add 1>, E<.Xr ssh-agent " +"1>, E<.Xr ssh-keygen 1>, E<.Xr ssh-keyscan 1>, E<.Xr chroot 2>, E<.Xr login." +"conf 5>, E<.Xr moduli 5>, E<.Xr sshd_config 5>, E<.Xr inetd 8>, E<.Xr sftp-" +"server 8>" +msgstr "" + +#. type: Sh +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +#, no-wrap +msgid "AUTHORS" +msgstr "" + +#. type: Plain text +#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide +#: mageia-cauldron opensuse-tumbleweed +msgid "" +"OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu " +"Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de " +"Raadt and Dug Song removed many bugs, re-added newer features and created " +"OpenSSH. Markus Friedl contributed the support for SSH protocol versions " +"1.5 and 2.0. Niels Provos and Markus Friedl contributed support for " +"privilege separation." +msgstr "" + +#. type: Dd +#: debian-bookworm +#, no-wrap +msgid "$Mdocdate: January 18 2023 $" +msgstr "" + +#. type: Plain text +#: debian-bookworm +msgid "" +"E<.Nm sshd> E<.Bk -words> E<.Op Fl 46DdeiqTtV> E<.Op Fl C Ar " +"connection_spec> E<.Op Fl c Ar host_certificate_file> E<.Op Fl E Ar " +"log_file> E<.Op Fl f Ar config_file> E<.Op Fl g Ar login_grace_time> E<.Op " +"Fl h Ar host_key_file> E<.Op Fl o Ar option> E<.Op Fl p Ar port> E<.Op Fl u " +"Ar len> E<.Ek>" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"E<.Nm> listens for connections from clients. It is normally started at boot " +"from E<.Pa /etc/init.d/ssh>. It forks a new daemon for each incoming " +"connection. The forked daemons handle key exchange, encryption, " +"authentication, command execution, and data exchange." +msgstr "" + +#. type: Plain text +#: debian-bookworm +msgid "" +"Extended test mode. Check the validity of the configuration file, output " +"the effective configuration to stdout and then exit. Optionally, E<.Cm " +"Match> rules may be applied by specifying the connection parameters using " +"one or more E<.Fl C> options." +msgstr "" + +#. type: Plain text +#: debian-bookworm mageia-cauldron +msgid "" +"After this, the client either requests an interactive shell or execution or " +"a non-interactive command, which E<.Nm> will execute via the user's shell " +"using its E<.Fl c> option. The sides then enter session mode. In this " +"mode, either side may send data at any time, and such data is forwarded to/" +"from the shell or command on the server side, and the user terminal in the " +"client side." +msgstr "" + +#. type: It +#: debian-bookworm debian-unstable +#, no-wrap +msgid "Pa /etc/hosts.allow" +msgstr "" + +#. type: It +#: debian-bookworm debian-unstable +#, no-wrap +msgid "Pa /etc/hosts.deny" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"Access controls that should be enforced by tcp-wrappers are defined here. " +"Further details are described in E<.Xr hosts_access 5>." +msgstr "" + +#. type: It +#: debian-bookworm debian-unstable +#, no-wrap +msgid "Pa /run/sshd" +msgstr "" + +#. type: Plain text +#: debian-bookworm debian-unstable +msgid "" +"E<.Xr scp 1>, E<.Xr sftp 1>, E<.Xr ssh 1>, E<.Xr ssh-add 1>, E<.Xr ssh-agent " +"1>, E<.Xr ssh-keygen 1>, E<.Xr ssh-keyscan 1>, E<.Xr chroot 2>, E<.Xr " +"hosts_access 5>, E<.Xr moduli 5>, E<.Xr sshd_config 5>, E<.Xr inetd 8>, E<." +"Xr sftp-server 8>" +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"Finally, the server and the client enter an authentication dialog. The " +"client tries to authenticate itself using host-based authentication, public " +"key authentication, GSSAPI authentication, challenge-response " +"authentication, or password authentication." +msgstr "" + +#. type: It +#: fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Pa ~/.k5login" +msgstr "" + +#. type: It +#: fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Pa ~/.k5users" +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"These files enforce GSSAPI/Kerberos authentication access control. Further " +"details are described in E<.Xr ksu 1>. The location of the k5login file " +"depends on the configuration option E<.Cm k5login_directory> in the E<.Xr " +"krb5.conf 5>." +msgstr "" + +#. type: It +#: fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Pa /usr/share/empty.sshd" +msgstr "" + +#. type: It +#: fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "Pa /var/run/sshd.pid" +msgstr "" + +#. type: Sh +#: fedora-40 fedora-rawhide mageia-cauldron +#, no-wrap +msgid "IPV6" +msgstr "" + +#. type: Plain text +#: fedora-40 fedora-rawhide mageia-cauldron +msgid "" +"IPv6 address can be used everywhere where IPv4 address. In all entries must " +"be the IPv6 address enclosed in square brackets. Note: The square brackets " +"are metacharacters for the shell and must be escaped in shell." +msgstr "" + +#. type: Dd +#: mageia-cauldron +#, no-wrap +msgid "$Mdocdate: February 10 2023 $" +msgstr "" + +#. type: It +#: opensuse-tumbleweed +#, no-wrap +msgid "Pa /etc/ssh/ssh/shosts.equiv" +msgstr "" + +#. type: It +#: opensuse-tumbleweed +#, no-wrap +msgid "Pa /var/lib/empty" +msgstr "" + +#. type: Plain text +#: opensuse-tumbleweed +msgid "" +"E<.Xr scp 1>, E<.Xr sftp 1>, E<.Xr ssh 1>, E<.Xr ssh-add 1>, E<.Xr ssh-agent " +"1>, E<.Xr ssh-keygen 1>, E<.Xr ssh-keyscan 1>, E<.Xr chroot 2>, E<.Xr login." +"defs 5>, E<.Xr moduli 5>, E<.Xr sshd_config 5>, E<.Xr inetd 8>, E<.Xr sftp-" +"server 8>" +msgstr "" |