*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->Tru64 Unix man pages -> sshd2_subconfig (4)              



NAME    [Toc]    [Back]

       sshd2_subconfig  - Describes the subconfiguration that can
       be used for the sshd2 daemon

DESCRIPTION    [Toc]    [Back]

       You can specify configuration options in  subconfiguration
       files  that have the same format as the main configuration
       file. They are read after the daemon forks a  new  process
       to  handle the connection. If they are modified, it is not
       necessary to restart the server process.

       If parsing of the subconfiguration files fails, the server
       terminates the connection for the host-specific subconfiguration
 or denies access for the user-specific subconfiguration.

       Most  of  the  configuration options that work in the main
       file work in the subconfiguration files.

       The value for {Host,User}SpecificConfig keywords is a pattern-filename
  pair.  The pattern user is matched with the
       user name and user ID. Group is matched  with  the  user's
       primary  and  secondary  groups, both group name and group
       ID, and host is matched as described for AllowHosts.

       With HostSpecificConfig,  the  pattern  is  host.   Unlike
       sshd2_config,  the sshd2_subconfig files can have configuration
 blocks, or stanzas.   With  the  UserSpecificConfig
       subconfiguration,  the  format is user[%group][@host], and
       with HostSpecificConfig the format is host.

       The subconfiguration files  are  divided  into  two  categories:
 user-specific host-specific

       The user-specific subconfiguration files are read when the
       client enters a user  name.  At  this  point,  the  server
       obtains additional information about the user, such as the
       user's ID and user  groups.  With  this  information,  the
       server  can  read the user-specific configuration files in
       the main sshd2 configuration file.

       The host-specific configuration files are configured  with
       the  HostSpecificConfig  variable. They are read after the
       daemon forks a new process to handle the connection.  Most
       configuration options can be set here.

       It  is  possible  to  mix the configuration files, but not
       recommended.  Mixing  the  files  might  cause  unexpected
       behavior  because the global settings in these files would
       be set multiple times.

       Subconfigurations are very flexible. You can specify  different
 authentication methods for different users, different
 banner messages for people coming from certain  hosts,
       and  set log messages of certain groups to go to different

NOTES    [Toc]    [Back]

       The following configuration variables  work  in  the  main
       file,  the  user-specific file, and the host-specific configuration
    files:    AllowShosts     AllowTcpForwarding
       AllowedAuthentications       AuthInteractiveFailureTimeout
       AuthKbdInt.NumOptional AuthKbdInt.Optional AuthKbdInt.Plugin
  AuthKbdInt.Required AuthKbdInt.Retries AuthorizationFile
 AuthPublicKey.MaxSize AuthPublicKey.MinSize CheckMail
       DenyShosts  FascistLogging  ForwardAgent  ForwardX11 HostbasedAuthForceClientHostnameDNSMatch
  IdleTimeout   IgnoreRhosts
  IgnoreRootRhosts  PasswdPath PasswordGuesses PermitEmptyPasswords
 PrintMOTD QuietMode RekeyIntervalSeconds
       RequiredAuthentications   SecurIdGuesses  SettableEnvironmentVars
  SftpSysLogFacility  StrictModes   SysLogFacility
       UserConfigDirectory UserKnownHosts VerboseMode

       The following variables work in the host-specific configuration
 file and in the main file: AllowGroups AllowTcpForwardingForGroups
   AllowTcpForwardingForUsers   AllowUsers
       BannerMessageFile ChrootGroups ChrootUsers  Ciphers  DenyGroups
    DenyTcpForwardingForGroups    DenyTcpForwardingForUsers
 DenyUsers ExternalAuthorizationProgram ForwardACL
       LoginGraceTime   MACs   PermitRootLogin  SSH1Compatibility
       Sshd1ConfigFile Sshd1Path

LEGAL NOTICES    [Toc]    [Back]

       SSH is a registered trademark of SSH  Communication  Security

SEE ALSO    [Toc]    [Back]

       Commands: sshd2(8), sshd-check-conf(8)

       Files: sshd2_config(4)

       Other: sshregex(5)

[ Back ]
 Similar pages
Name OS Title
sshd2_config Tru64 Configuration file for the sshd2 daemon
sys_attrs_vba_vipvic Tru64 Describes how to
vme_univ_manual_setup Tru64 Describes how
vme_manual_setup Tru64 Describes how to
sys_attrs_vba_univ Tru64 Describes how
uucp_manual_setup Tru64 Describes how to manually set up the
whatis Tru64 Describes a command's function
buf Tru64 General: Describes arbitrary I/O
network_manual_setup Tru64 Describes how to manually set up the network
modem Tru64 Describes guidelines for using modems
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service