Solaris Secure Shell Commands - System Administration Guide: Security Services

Previous

Next

Document Information

Part I Security Overview

1. Security Services (Overview)

Part II System, File, and Device Security

2. Managing Machine Security (Overview)

3. Controlling Access to Systems (Tasks)

4. Virus Scanning Service (Tasks)

5. Controlling Access to Devices (Tasks)

6. Using the Basic Audit Reporting Tool (Tasks)

7. Controlling Access to Files (Tasks)

Part III Roles, Rights Profiles, and Privileges

8. Using Roles and Privileges (Overview)

9. Using Role-Based Access Control (Tasks)

10. Role-Based Access Control (Reference)

11. Privileges (Tasks)

12. Privileges (Reference)

Part IV Solaris Cryptographic Services

13. Solaris Cryptographic Framework (Overview)

14. Solaris Cryptographic Framework (Tasks)

15. Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16. Using Authentication Services (Tasks)

19. Using Solaris Secure Shell (Tasks)

20. Solaris Secure Shell (Reference)

A Typical Solaris Secure Shell Session

Client and Server Configuration in Solaris Secure Shell

Keywords in Solaris Secure Shell

Maintaining Known Hosts in Solaris Secure Shell

Solaris Secure Shell Packages and Initialization

Solaris Secure Shell Files

Solaris Secure Shell Commands

Part VI Kerberos Service

21. Introduction to the Kerberos Service

22. Planning for the Kerberos Service

23. Configuring the Kerberos Service (Tasks)

24. Kerberos Error Messages and Troubleshooting

25. Administering Kerberos Principals and Policies (Tasks)

26. Using Kerberos Applications (Tasks)

27. The Kerberos Service (Reference)

Part VII Solaris Auditing

28. Solaris Auditing (Overview)

29. Planning for Solaris Auditing

30. Managing Solaris Auditing (Tasks)

31. Solaris Auditing (Reference)

Solaris Secure Shell Commands

The following table summarizes the major Solaris Secure Shell commands.

Table 20-7 Commands in Solaris Secure Shell

Command	Description	Man Page
`ssh`	Logs a user in to a remote machine and securely executes commands on a remote machine. This command is the Solaris Secure Shell replacement for the `rlogin` and `rsh` commands. The `ssh` command enables secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.	`ssh`(1)
`sshd`	Is the daemon for Solaris Secure Shell. The daemon listens for connections from clients and enables secure encrypted communications between two untrusted hosts over an insecure network.	`sshd`(1M)
`ssh-add`	Adds RSA or DSA identities to the authentication agent, `ssh-agent`. Identities are also called keys.	`ssh-add`(1)
`ssh-agent`	Holds private keys that are used for public key authentication. The `ssh-agent` program is started at the beginning of an X-session or a login session. All other windows and other programs are started as clients of the `ssh-agent` program. Through the use of environment variables, the agent can be located and used for authentication when users use the `ssh` command to log in to other systems.	`ssh-agent`(1)
`ssh-keygen`	Generates and manages authentication keys for Solaris Secure Shell.	`ssh-keygen`(1)
`ssh-keyscan`	Gathers the public keys of a number of Solaris Secure Shell hosts. Aids in building and verifying `ssh_known_hosts` files.	`ssh-keyscan`(1)
`ssh-keysign`	Is used by the `ssh` command to access the host keys on the local host. Generates the digital signature that is required during host-based authentication with Solaris Secure Shell v2. The command is invoked by the `ssh` command, not by the user.	`ssh-keysign`(1M)
`scp`	Securely copies files between hosts on a network over an encrypted `ssh` transport. Unlike the `rcp` command, the `scp` command prompts for passwords or passphrases, if password information is needed for authentication.	`scp`(1)
`sftp`	Is an interactive file transfer program that is similar to the `ftp` command. Unlike the `ftp` command, the `sftp` command performs all operations over an encrypted `ssh` transport. The command connects, logs in to the specified host name, and then enters interactive command mode.	`sftp`(1)

The following table lists the command options that override Solaris Secure Shell keywords. The keywords are specified in the ssh_config and sshd_config files.

Table 20-8 Command-Line Equivalents for Solaris Secure Shell Keywords

Keyword	`ssh` Command-Line Override	`scp` Command-Line Override
`BatchMode`		`scp -B`
`BindAddress`	`ssh -b` bind-addr	`scp -a` bind-addr
`Cipher`	`ssh -c` cipher	`scp -c` cipher
`Ciphers`	`ssh -c` cipher-spec	`scp -c` cipher-spec
`Compression`	`ssh -C`	`scp -C`
`DynamicForward`	`ssh -D` SOCKS4-port
`EscapeChar`	`ssh -e` escape-char
`ForwardAgent`	`ssh -A` to enable `ssh -a` to disable
`ForwardX11`	`ssh -X` to enable `ssh -x` to disable
`GatewayPorts`	`ssh -g`
`IPv4`	`ssh -4`	`scp -4`
`IPv6`	`ssh -6`	`scp -6`
`LocalForward`	`ssh -L` localport:remotehost:remoteport
`MACS`	`ssh -m` mac-spec
`Port`	`ssh -p` port	`scp -P` port
`Protocol`	`ssh -1` for v1 only `ssh -2` for v2 only
`RemoteForward`	`ssh -R` remoteport:localhost:localport

Previous

Next