Config-Model-OpenSsh
view release on metacpan or search on metacpan
lib/Config/Model/models/Ssh.pod view on Meta::CPAN
how to configure the server. Variables are specified by
name, which may contain wildcard characters. Multiple
environment variables may be separated by whitespace or
spread across multiple B<SendEnv> directives.It is possible
to clear previously set B<SendEnv> variable names by
prefixing patterns with I<->. The default is not to send
any environment variables. I< Optional. Type list of uniline. >
=head2 ServerAliveCountMax
Sets the number of server alive
messages (see below) which may be sent without L<ssh(1)>
receiving any messages back from the server. If this
threshold is reached while server alive messages are being
sent, ssh will disconnect from the server, terminating the
session. It is important to note that the use of server
alive messages is very different from B<TCPKeepAlive>
(below). The server alive messages are sent through the
encrypted channel and therefore will not be spoofable. The
TCP keepalive option enabled by B<TCPKeepAlive> is
spoofable. The server alive mechanism is valuable when the
client or server depend on knowing when a connection has
become inactive.The default
value is 3. If, for example, B<ServerAliveInterval> (see
below) is set to 15 and B<ServerAliveCountMax> is left
at the default, if the server becomes unresponsive, ssh will
disconnect after approximately 45 seconds. I< Optional. Type integer. >
=over 4
=item upstream_default value :
lib/Config/Model/models/Ssh.pod view on Meta::CPAN
USER
=back
=head2 TCPKeepAlive
Specifies whether the system
should send TCP keepalive messages to the other side. If
they are sent, death of the connection or crash of one of
the machines will be properly noticed. This option only uses
TCP keepalives (as opposed to using ssh level keepalives),
so takes a long time to notice when the connection dies. As
such, you probably want the B<ServerAliveInterval>
option as well. However, this means that connections will
die if the route is down temporarily, and some people find
it annoying.To disable TCP
keepalive messages, the value should be set to B<no>.
See also B<ServerAliveInterval> for protocol-level
keepalives. I< Optional. Type boolean. >
=over 4
=item upstream_default value :
yes
=back
lib/Config/Model/models/Ssh/HostElement.pl view on Meta::CPAN
name, which may contain wildcard characters. Multiple
environment variables may be separated by whitespace or
spread across multiple B<SendEnv> directives.It is possible
to clear previously set B<SendEnv> variable names by
prefixing patterns with I<->. The default is not to send
any environment variables.',
'type' => 'list'
},
'ServerAliveCountMax',
{
'description' => 'Sets the number of server alive
messages (see below) which may be sent without L<ssh(1)>
receiving any messages back from the server. If this
threshold is reached while server alive messages are being
sent, ssh will disconnect from the server, terminating the
session. It is important to note that the use of server
alive messages is very different from B<TCPKeepAlive>
(below). The server alive messages are sent through the
encrypted channel and therefore will not be spoofable. The
TCP keepalive option enabled by B<TCPKeepAlive> is
spoofable. The server alive mechanism is valuable when the
client or server depend on knowing when a connection has
become inactive.The default
value is 3. If, for example, B<ServerAliveInterval> (see
below) is set to 15 and B<ServerAliveCountMax> is left
at the default, if the server becomes unresponsive, ssh will
disconnect after approximately 45 seconds.',
'type' => 'leaf',
'upstream_default' => '3',
'value_type' => 'integer'
},
lib/Config/Model/models/Ssh/HostElement.pl view on Meta::CPAN
used when logging messages from L<ssh(1)>. The possible values
are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3,
LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is USER.',
'type' => 'leaf',
'upstream_default' => 'USER',
'value_type' => 'enum'
},
'TCPKeepAlive',
{
'description' => 'Specifies whether the system
should send TCP keepalive messages to the other side. If
they are sent, death of the connection or crash of one of
the machines will be properly noticed. This option only uses
TCP keepalives (as opposed to using ssh level keepalives),
so takes a long time to notice when the connection dies. As
such, you probably want the B<ServerAliveInterval>
option as well. However, this means that connections will
die if the route is down temporarily, and some people find
it annoying.To disable TCP
keepalive messages, the value should be set to B<no>.
See also B<ServerAliveInterval> for protocol-level
keepalives.',
'type' => 'leaf',
'upstream_default' => 'yes',
'value_type' => 'boolean',
'write_as' => [
'no',
'yes'
]
},
'Tunnel',
{
lib/Config/Model/models/Ssh/HostElement.pod view on Meta::CPAN
how to configure the server. Variables are specified by
name, which may contain wildcard characters. Multiple
environment variables may be separated by whitespace or
spread across multiple B<SendEnv> directives.It is possible
to clear previously set B<SendEnv> variable names by
prefixing patterns with I<->. The default is not to send
any environment variables. I< Optional. Type list of uniline. >
=head2 ServerAliveCountMax
Sets the number of server alive
messages (see below) which may be sent without L<ssh(1)>
receiving any messages back from the server. If this
threshold is reached while server alive messages are being
sent, ssh will disconnect from the server, terminating the
session. It is important to note that the use of server
alive messages is very different from B<TCPKeepAlive>
(below). The server alive messages are sent through the
encrypted channel and therefore will not be spoofable. The
TCP keepalive option enabled by B<TCPKeepAlive> is
spoofable. The server alive mechanism is valuable when the
client or server depend on knowing when a connection has
become inactive.The default
value is 3. If, for example, B<ServerAliveInterval> (see
below) is set to 15 and B<ServerAliveCountMax> is left
at the default, if the server becomes unresponsive, ssh will
disconnect after approximately 45 seconds. I< Optional. Type integer. >
=over 4
=item upstream_default value :
lib/Config/Model/models/Ssh/HostElement.pod view on Meta::CPAN
USER
=back
=head2 TCPKeepAlive
Specifies whether the system
should send TCP keepalive messages to the other side. If
they are sent, death of the connection or crash of one of
the machines will be properly noticed. This option only uses
TCP keepalives (as opposed to using ssh level keepalives),
so takes a long time to notice when the connection dies. As
such, you probably want the B<ServerAliveInterval>
option as well. However, this means that connections will
die if the route is down temporarily, and some people find
it annoying.To disable TCP
keepalive messages, the value should be set to B<no>.
See also B<ServerAliveInterval> for protocol-level
keepalives. I< Optional. Type boolean. >
=over 4
=item upstream_default value :
yes
=back
lib/Config/Model/models/Sshd.pl view on Meta::CPAN
used when logging messages from L<sshd(8)>. The possible values
are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3,
LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH.',
'type' => 'leaf',
'upstream_default' => 'AUTH',
'value_type' => 'enum'
},
'TCPKeepAlive',
{
'description' => 'B<TCPKeepAlive>Specifies whether the system
should send TCP keepalive messages to the other side. If
they are sent, death of the connection or crash of one of
the machines will be properly noticed. However, this means
that connections will die if the route is down temporarily,
and some people find it annoying. On the other hand, if TCP
keepalives are not sent, sessions may hang indefinitely on
the server, leaving "ghost" users and consuming
server resources.The default is
B<yes> (to send TCP keepalive messages), and the server
will notice if the network goes down or the client host
crashes. This avoids infinitely hanging sessions.To disable TCP
keepalive messages, the value should be set to
B<no>.This option was
formerly called B<KeepAlive>.',
'type' => 'leaf',
'upstream_default' => 'yes',
'value_type' => 'boolean',
'write_as' => [
'no',
'yes'
]
},
lib/Config/Model/models/Sshd.pod view on Meta::CPAN
=item upstream_default value :
none
=back
=head2 ClientAliveCountMax
B<ClientAliveCountMax>Sets the number of client alive
messages which may be sent without L<sshd(8)> receiving any
messages back from the client. If this threshold is reached
while client alive messages are being sent, sshd will
disconnect the client, terminating the session. It is
important to note that the use of client alive messages is
very different from B<TCPKeepAlive>. The client alive
messages are sent through the encrypted channel and
therefore will not be spoofable. The TCP keepalive option
enabled by B<TCPKeepAlive> is spoofable. The client
alive mechanism is valuable when the client or server depend
on knowing when a connection has become inactive.The default
value is 3. If B<ClientAliveInterval> is set to 15, and
B<ClientAliveCountMax> is left at the default,
unresponsive SSH clients will be disconnected after
approximately 45 seconds. I< Optional. Type integer. >
=over 4
=item upstream_default value :
lib/Config/Model/models/Sshd.pod view on Meta::CPAN
AUTH
=back
=head2 TCPKeepAlive
B<TCPKeepAlive>Specifies whether the system
should send TCP keepalive messages to the other side. If
they are sent, death of the connection or crash of one of
the machines will be properly noticed. However, this means
that connections will die if the route is down temporarily,
and some people find it annoying. On the other hand, if TCP
keepalives are not sent, sessions may hang indefinitely on
the server, leaving "ghost" users and consuming
server resources.The default is
B<yes> (to send TCP keepalive messages), and the server
will notice if the network goes down or the client host
crashes. This avoids infinitely hanging sessions.To disable TCP
keepalive messages, the value should be set to
B<no>.This option was
formerly called B<KeepAlive>. I< Optional. Type boolean. >
=over 4
=item upstream_default value :
yes
=back
lib/Config/Model/models/Sshd/MatchElement.pl view on Meta::CPAN
from modification by other processes on the system
(especially those outside the jail). Misconfiguration can
lead to unsafe environments which L<sshd(8)> cannot detect.The default is
B<none>, indicating not to L<chroot(2)>.",
'type' => 'leaf',
'upstream_default' => 'none',
'value_type' => 'uniline'
},
'ClientAliveCountMax',
{
'description' => 'B<ClientAliveCountMax>Sets the number of client alive
messages which may be sent without L<sshd(8)> receiving any
messages back from the client. If this threshold is reached
while client alive messages are being sent, sshd will
disconnect the client, terminating the session. It is
important to note that the use of client alive messages is
very different from B<TCPKeepAlive>. The client alive
messages are sent through the encrypted channel and
therefore will not be spoofable. The TCP keepalive option
enabled by B<TCPKeepAlive> is spoofable. The client
alive mechanism is valuable when the client or server depend
on knowing when a connection has become inactive.The default
value is 3. If B<ClientAliveInterval> is set to 15, and
B<ClientAliveCountMax> is left at the default,
unresponsive SSH clients will be disconnected after
approximately 45 seconds.',
'type' => 'leaf',
'upstream_default' => '3',
'value_type' => 'integer'
},
'ClientAliveInterval',
lib/Config/Model/models/Sshd/MatchElement.pod view on Meta::CPAN
=item upstream_default value :
none
=back
=head2 ClientAliveCountMax
B<ClientAliveCountMax>Sets the number of client alive
messages which may be sent without L<sshd(8)> receiving any
messages back from the client. If this threshold is reached
while client alive messages are being sent, sshd will
disconnect the client, terminating the session. It is
important to note that the use of client alive messages is
very different from B<TCPKeepAlive>. The client alive
messages are sent through the encrypted channel and
therefore will not be spoofable. The TCP keepalive option
enabled by B<TCPKeepAlive> is spoofable. The client
alive mechanism is valuable when the client or server depend
on knowing when a connection has become inactive.The default
value is 3. If B<ClientAliveInterval> is set to 15, and
B<ClientAliveCountMax> is left at the default,
unresponsive SSH clients will be disconnected after
approximately 45 seconds. I< Optional. Type integer. >
=over 4
=item upstream_default value :
lib/Config/Model/models/SystemSsh.pod view on Meta::CPAN
how to configure the server. Variables are specified by
name, which may contain wildcard characters. Multiple
environment variables may be separated by whitespace or
spread across multiple B<SendEnv> directives.It is possible
to clear previously set B<SendEnv> variable names by
prefixing patterns with I<->. The default is not to send
any environment variables. I< Optional. Type list of uniline. >
=head2 ServerAliveCountMax
Sets the number of server alive
messages (see below) which may be sent without L<ssh(1)>
receiving any messages back from the server. If this
threshold is reached while server alive messages are being
sent, ssh will disconnect from the server, terminating the
session. It is important to note that the use of server
alive messages is very different from B<TCPKeepAlive>
(below). The server alive messages are sent through the
encrypted channel and therefore will not be spoofable. The
TCP keepalive option enabled by B<TCPKeepAlive> is
spoofable. The server alive mechanism is valuable when the
client or server depend on knowing when a connection has
become inactive.The default
value is 3. If, for example, B<ServerAliveInterval> (see
below) is set to 15 and B<ServerAliveCountMax> is left
at the default, if the server becomes unresponsive, ssh will
disconnect after approximately 45 seconds. I< Optional. Type integer. >
=over 4
=item upstream_default value :
lib/Config/Model/models/SystemSsh.pod view on Meta::CPAN
USER
=back
=head2 TCPKeepAlive
Specifies whether the system
should send TCP keepalive messages to the other side. If
they are sent, death of the connection or crash of one of
the machines will be properly noticed. This option only uses
TCP keepalives (as opposed to using ssh level keepalives),
so takes a long time to notice when the connection dies. As
such, you probably want the B<ServerAliveInterval>
option as well. However, this means that connections will
die if the route is down temporarily, and some people find
it annoying.To disable TCP
keepalive messages, the value should be set to B<no>.
See also B<ServerAliveInterval> for protocol-level
keepalives. I< Optional. Type boolean. >
=over 4
=item upstream_default value :
yes
=back
xt/ssh_config.html view on Meta::CPAN
<p style="margin-left:17%; margin-top: 1em">See
<i>PATTERNS</i> for more information on patterns.</p>
<p style="margin-left:17%; margin-top: 1em">It is possible
to clear previously set <b>SendEnv</b> variable names by
prefixing patterns with <i>-</i>. The default is not to send
any environment variables.</p>
<p style="margin-top: 1em"><b>ServerAliveCountMax</b></p>
<p style="margin-left:17%;">Sets the number of server alive
messages (see below) which may be sent without ssh(1)
receiving any messages back from the server. If this
threshold is reached while server alive messages are being
sent, ssh will disconnect from the server, terminating the
session. It is important to note that the use of server
alive messages is very different from <b>TCPKeepAlive</b>
(below). The server alive messages are sent through the
encrypted channel and therefore will not be spoofable. The
TCP keepalive option enabled by <b>TCPKeepAlive</b> is
spoofable. The server alive mechanism is valuable when the
client or server depend on knowing when a connection has
become inactive.</p>
<p style="margin-left:17%; margin-top: 1em">The default
value is 3. If, for example, <b>ServerAliveInterval</b> (see
below) is set to 15 and <b>ServerAliveCountMax</b> is left
at the default, if the server becomes unresponsive, ssh will
disconnect after approximately 45 seconds.</p>
<p style="margin-top: 1em"><b>ServerAliveInterval</b></p>
xt/ssh_config.html view on Meta::CPAN
<p style="margin-top: 1em"><b>SyslogFacility</b></p>
<p style="margin-left:17%;">Gives the facility code that is
used when logging messages from ssh(1). The possible values
are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3,
LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is USER.</p>
<p style="margin-top: 1em"><b>TCPKeepAlive</b></p>
<p style="margin-left:17%;">Specifies whether the system
should send TCP keepalive messages to the other side. If
they are sent, death of the connection or crash of one of
the machines will be properly noticed. This option only uses
TCP keepalives (as opposed to using ssh level keepalives),
so takes a long time to notice when the connection dies. As
such, you probably want the <b>ServerAliveInterval</b>
option as well. However, this means that connections will
die if the route is down temporarily, and some people find
it annoying.</p>
<p style="margin-left:17%; margin-top: 1em">The default is
<b>yes</b> (to send TCP keepalive messages), and the client
will notice if the network goes down or the remote host
dies. This is important in scripts, and many users want it
too.</p>
<p style="margin-left:17%; margin-top: 1em">To disable TCP
keepalive messages, the value should be set to <b>no</b>.
See also <b>ServerAliveInterval</b> for protocol-level
keepalives.</p>
<p style="margin-top: 1em"><b>Tunnel</b></p>
<p style="margin-left:17%; margin-top: 1em">Request tun(4)
device forwarding between the client and the server. The
argument must be <b>yes</b>, <b>point-to-point</b> (layer
3), <b>ethernet</b> (layer 2), or <b>no</b> (the default).
Specifying <b>yes</b> requests the default tunnel mode,
which is <b>point-to-point</b>.</p>
xt/sshd_config.html view on Meta::CPAN
<br>
aes128-ctr,aes192-ctr,aes256-ctr, <br>
aes128-gcm@openssh.com,aes256-gcm@openssh.com</p>
<p style="margin-left:17%; margin-top: 1em">The list of
available ciphers may also be obtained using "ssh -Q
cipher".</p>
<p style="margin-top: 1em"><b>ClientAliveCountMax</b></p>
<p style="margin-left:17%;">Sets the number of client alive
messages which may be sent without sshd(8) receiving any
messages back from the client. If this threshold is reached
while client alive messages are being sent, sshd will
disconnect the client, terminating the session. It is
important to note that the use of client alive messages is
very different from <b>TCPKeepAlive</b>. The client alive
messages are sent through the encrypted channel and
therefore will not be spoofable. The TCP keepalive option
enabled by <b>TCPKeepAlive</b> is spoofable. The client
alive mechanism is valuable when the client or server depend
on knowing when a connection has become inactive.</p>
<p style="margin-left:17%; margin-top: 1em">The default
value is 3. If <b>ClientAliveInterval</b> is set to 15, and
<b>ClientAliveCountMax</b> is left at the default,
unresponsive SSH clients will be disconnected after
approximately 45 seconds.</p>
<p style="margin-top: 1em"><b>ClientAliveInterval</b></p>
xt/sshd_config.html view on Meta::CPAN
<p style="margin-top: 1em"><b>SyslogFacility</b></p>
<p style="margin-left:17%;">Gives the facility code that is
used when logging messages from sshd(8). The possible values
are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, LOCAL3,
LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH.</p>
<p style="margin-top: 1em"><b>TCPKeepAlive</b></p>
<p style="margin-left:17%;">Specifies whether the system
should send TCP keepalive messages to the other side. If
they are sent, death of the connection or crash of one of
the machines will be properly noticed. However, this means
that connections will die if the route is down temporarily,
and some people find it annoying. On the other hand, if TCP
keepalives are not sent, sessions may hang indefinitely on
the server, leaving "ghost" users and consuming
server resources.</p>
<p style="margin-left:17%; margin-top: 1em">The default is
<b>yes</b> (to send TCP keepalive messages), and the server
will notice if the network goes down or the client host
crashes. This avoids infinitely hanging sessions.</p>
<p style="margin-left:17%; margin-top: 1em">To disable TCP
keepalive messages, the value should be set to
<b>no</b>.</p>
<p style="margin-left:17%; margin-top: 1em">This option was
formerly called <b>KeepAlive</b>.</p>
<p style="margin-top: 1em"><b>TrustedUserCAKeys</b></p>
<p style="margin-left:17%;">Specifies a file containing
public keys of certificate authorities that are trusted to
sign user certificates for authentication, or <b>none</b> to
( run in 1.975 second using v1.01-cache-2.11-cpan-39bf76dae61 )