System Administration Guide: Security Services
Previous Next

Solaris Secure Shell Commands

The following table summarizes the major Solaris Secure Shell commands.

Table 20-7 Commands in Solaris Secure Shell

Command

Description

Man Page

ssh

Logs a user in to a remote machine and securely executes commands on a remote machine. This command is the Solaris Secure Shell replacement for the rlogin and rsh commands. The ssh command enables secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.

ssh(1)

sshd

Is the daemon for Solaris Secure Shell. The daemon listens for connections from clients and enables secure encrypted communications between two untrusted hosts over an insecure network.

sshd(1M)

ssh-add

Adds RSA or DSA identities to the authentication agent, ssh-agent. Identities are also called keys.

ssh-add(1)

ssh-agent

Holds private keys that are used for public key authentication. The ssh-agent program is started at the beginning of an X-session or a login session. All other windows and other programs are started as clients of the ssh-agent program. Through the use of environment variables, the agent can be located and used for authentication when users use the ssh command to log in to other systems.

ssh-agent(1)

ssh-keygen

Generates and manages authentication keys for Solaris Secure Shell.

ssh-keygen(1)

ssh-keyscan

Gathers the public keys of a number of Solaris Secure Shell hosts. Aids in building and verifying ssh_known_hosts files.

ssh-keyscan(1)

ssh-keysign

Is used by the ssh command to access the host keys on the local host. Generates the digital signature that is required during host-based authentication with Solaris Secure Shell v2. The command is invoked by the ssh command, not by the user.

ssh-keysign(1M)

scp

Securely copies files between hosts on a network over an encrypted ssh transport. Unlike the rcp command, the scp command prompts for passwords or passphrases, if password information is needed for authentication.

scp(1)

sftp

Is an interactive file transfer program that is similar to the ftp command. Unlike the ftp command, the sftp command performs all operations over an encrypted ssh transport. The command connects, logs in to the specified host name, and then enters interactive command mode.

sftp(1)

The following table lists the command options that override Solaris Secure Shell keywords. The keywords are specified in the ssh_config and sshd_config files.

Table 20-8 Command-Line Equivalents for Solaris Secure Shell Keywords

Keyword

ssh Command-Line Override

scp Command-Line Override

BatchMode

scp -B

BindAddress

ssh -b bind-addr

scp -a bind-addr

Cipher

ssh -c cipher

scp -c cipher

Ciphers

ssh -c cipher-spec

scp -c cipher-spec

Compression

ssh -C

scp -C

DynamicForward

ssh -D SOCKS4-port

EscapeChar

ssh -e escape-char

ForwardAgent

ssh -A to enable

ssh -a to disable

ForwardX11

ssh -X to enable

ssh -x to disable

GatewayPorts

ssh -g

IPv4

ssh -4

scp -4

IPv6

ssh -6

scp -6

LocalForward

ssh -L localport:remotehost:remoteport

MACS

ssh -m mac-spec

Port

ssh -p port

scp -P port

Protocol

ssh -1 for v1 only

ssh -2 for v2 only

RemoteForward

ssh -R remoteport:localhost:localport

Previous Next