Config-Model-OpenSsh
10 results

 view release on metacpan or  search on metacpan

lib/Config/Model/models/Ssh/HostElement.pod  view on Meta::CPAN 

requested to listen on all interfaces. Specifying a remote
I<bind_address> will only succeed if the server’s
B<GatewayPorts> option is enabled (see
L<sshd_config(5)>). I< Optional. Type list of node of class L<Ssh::PortForward|Config::Model::models::Ssh::PortForward> .  > 

=head2 RequestTTY

Specifies whether to request a
pseudo-tty for the session. The argument may be one of:
B<no> (never request a TTY), B<yes> (always request
a TTY when standard input is a TTY), B<force> (always
request a TTY) or B<auto> (request a TTY when opening a
login session). This option mirrors the B<-t> and
B<-T> flags for L<ssh(1)>.Specifies whether to request a
pseudo-tty for the session. The argument may be one of:
B<no> (never request a TTY), B<yes> (always request
a TTY when standard input is a TTY), B<force> (always
request a TTY) or B<auto> (request a TTY when opening a
login session). This option mirrors the B<-t> and
B<-T> flags for L<ssh(1)>. I< Optional. Type enum. choice: 'no', 'yes', 'force', 'auto'.  > 

=head2 RevokedHostKeys

Specifies revoked host public
keys. Keys listed in this file will be refused for host
authentication. Note that if this file does not exist or is
not readable, then host authentication will be refused for
all hosts. Keys may be specified as a text file, listing one
public key per line, or as an OpenSSH Key Revocation List
(KRL) as generated by L<ssh-keygen(1)>. For more information on
KRLs, see the KEY REVOCATION LISTS section in
L<ssh-keygen(1)>.Specifies revoked host public
keys. Keys listed in this file will be refused for host
authentication. Note that if this file does not exist or is
not readable, then host authentication will be refused for
all hosts. Keys may be specified as a text file, listing one
public key per line, or as an OpenSSH Key Revocation List
(KRL) as generated by L<ssh-keygen(1)>. For more information on
KRLs, see the KEY REVOCATION LISTS section in
L<ssh-keygen(1)>. I< Optional. Type uniline.  > 

=head2 SendEnv

Specifies what variables from
the local L<environ(7)> should be sent to the server. The
server must also support it, and the server must be
configured to accept these environment variables. Note that
the TERM environment variable is always sent whenever a
pseudo-terminal is requested as it is required by the
protocol. Refer to B<AcceptEnv> in L<sshd_config(5)> for
how to configure the server. Variables are specified by
name, which may contain wildcard characters. Multiple
environment variables may be separated by whitespace or
spread across multiple B<SendEnv> directives.It is possible
to clear previously set B<SendEnv> variable names by
prefixing patterns with I<->. The default is not to send
any environment variables. I< Optional. Type list of uniline.  > 

=head2 ServerAliveCountMax

Sets the number of server alive
messages (see below) which may be sent without L<ssh(1)>
receiving any messages back from the server. If this
threshold is reached while server alive messages are being
sent, ssh will disconnect from the server, terminating the
session. It is important to note that the use of server
alive messages is very different from B<TCPKeepAlive>
(below). The server alive messages are sent through the
encrypted channel and therefore will not be spoofable. The
TCP keepalive option enabled by B<TCPKeepAlive> is
spoofable. The server alive mechanism is valuable when the
client or server depend on knowing when a connection has
become inactive.The default
value is 3. If, for example, B<ServerAliveInterval> (see
below) is set to 15 and B<ServerAliveCountMax> is left
at the default, if the server becomes unresponsive, ssh will
disconnect after approximately 45 seconds. I< Optional. Type integer.  > 

=over 4

=item upstream_default value :

3

=back



=head2 ServerAliveInterval

Sets a timeout interval in
seconds after which if no data has been received from the
server, L<ssh(1)> will send a message through the encrypted
channel to request a response from the server. The default
is 0, indicating that these messages will not be sent to the
server, or 300 if the B<BatchMode> option is set
(Debian-specific). B<ProtocolKeepAlives> and
B<SetupTimeOut> are Debian-specific compatibility
aliases for this option.Sets a timeout interval in
seconds after which if no data has been received from the
server, L<ssh(1)> will send a message through the encrypted
channel to request a response from the server. The default
is 0, indicating that these messages will not be sent to the
server, or 300 if the B<BatchMode> option is set
(Debian-specific). B<ProtocolKeepAlives> and
B<SetupTimeOut> are Debian-specific compatibility
aliases for this option. I< Optional. Type integer.  > 

=over 4

=item upstream_default value :

0

=back



=head2 SetEnv

Directly
specify one or more environment variables and their contents
to be sent to the server. Similarly to B<SendEnv>, the
server must be prepared to accept the environment
variable.Directly
specify one or more environment variables and their contents
to be sent to the server. Similarly to B<SendEnv>, the
server must be prepared to accept the environment
variable. I< Optional. Type uniline.  > 

=head2 StreamLocalBindMask

lib/Config/Model/models/Ssh/HostElement.pod  view on Meta::CPAN 



=head2 StrictHostKeyChecking

If this flag is set to
B<yes>, L<ssh(1)> will never automatically add host keys to
the I<~/.ssh/known_hosts> file, and refuses to connect
to hosts whose host key has changed. This provides maximum
protection against man-in-the-middle (MITM) attacks, though
it can be annoying when the I</etc/ssh/ssh_known_hosts>
file is poorly maintained or when connections to new hosts
are frequently made. This option forces the user to manually
add all new hosts.If this flag is
set to “accept-new” then ssh will automatically
add new host keys to the user known hosts files, but will
not permit connections to hosts with changed host keys. If
this flag is set to “no” or “off”,
ssh will automatically add new host keys to the user known
hosts files and allow connections to hosts with changed
hostkeys to proceed, subject to some restrictions. If this
flag is set to B<ask> (the default), new host keys will
be added to the user known host files only after the user
has confirmed that is what they really want to do, and ssh
will refuse to connect to hosts whose host key has changed.
The host keys of known hosts will be verified automatically
in all cases. I< Optional. Type enum. choice: 'yes', 'accept-new', 'no', 'off', 'ask'.  > 

=over 4

=item upstream_default value :

ask

=back



=head2 SyslogFacility

Gives the facility code that is
used when logging messages from L<ssh(1)>. The possible values
are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3,
LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is USER.Gives the facility code that is
used when logging messages from L<ssh(1)>. The possible values
are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3,
LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is USER. I< Optional. Type enum. choice: 'DAEMON', 'USER', 'AUTH', 'LOCAL0', 'LOCAL1', 'LOCAL2', 'LOCAL3', 'LOCAL4', 'LOCAL5', 'LOCAL6', 'LOCAL7'.  > 

=over 4

=item upstream_default value :

USER

=back



=head2 TCPKeepAlive

Specifies whether the system
should send TCP keepalive messages to the other side. If
they are sent, death of the connection or crash of one of
the machines will be properly noticed. This option only uses
TCP keepalives (as opposed to using ssh level keepalives),
so takes a long time to notice when the connection dies. As
such, you probably want the B<ServerAliveInterval>
option as well. However, this means that connections will
die if the route is down temporarily, and some people find
it annoying.To disable TCP
keepalive messages, the value should be set to B<no>.
See also B<ServerAliveInterval> for protocol-level
keepalives. I< Optional. Type boolean.  > 

=over 4

=item upstream_default value :

yes

=back



=head2 Tunnel

Request L<tun(4)>
device forwarding between the client and the server. The
argument must be B<yes>, B<point-to-point> (layer
3), B<ethernet> (layer 2), or B<no> (the default).
Specifying B<yes> requests the default tunnel mode,
which is B<point-to-point>.Request L<tun(4)>
device forwarding between the client and the server. The
argument must be B<yes>, B<point-to-point> (layer
3), B<ethernet> (layer 2), or B<no> (the default).
Specifying B<yes> requests the default tunnel mode,
which is B<point-to-point>. I< Optional. Type enum. choice: 'yes', 'point-to-point', 'ethernet', 'no'.  > 

=over 4

=item upstream_default value :

no

=back



=head2 TunnelDevice

Specifies the L<tun(4)> devices to
open on the client (I<local_tun>) and the server
(I<remote_tun>).The argument
must be I<local_tun>[:I<remote_tun>]. The devices
may be specified by numerical ID or the keyword B<any>,
which uses the next available tunnel device. If
I<remote_tun> is not specified, it defaults to
B<any>. The default is B<any:any>. I< Optional. Type uniline.  > 

=over 4

=item upstream_default value :

any:any

=back



=head2 UpdateHostKeys

Specifies whether L<ssh(1)> should
accept notifications of additional hostkeys from the server



( run in 1.612 second using v1.01-cache-2.11-cpan-39bf76dae61 )