JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Security Services     Oracle Solaris 10 1/13 Information Library
search filter icon
search icon

Document Information


Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Controlling Access to Devices (Tasks)

5.  Using the Basic Audit Reporting Tool (Tasks)

6.  Controlling Access to Files (Tasks)

7.  Using the Automated Security Enhancement Tool (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Role-Based Access Control (Reference)

11.  Privileges (Tasks)

12.  Privileges (Reference)

Part IV Cryptographic Services

13.  Oracle Solaris Cryptographic Framework (Overview)

14.  Oracle Solaris Cryptographic Framework (Tasks)

15.  Oracle Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16.  Using Authentication Services (Tasks)

17.  Using PAM

18.  Using SASL

19.  Using Secure Shell (Tasks)

20.  Secure Shell (Reference)

A Typical Secure Shell Session

Session Characteristics in Secure Shell

Authentication and Key Exchange in Secure Shell

Acquiring GSS Credentials in Secure Shell

Command Execution and Data Forwarding in Secure Shell

Client and Server Configuration in Secure Shell

Client Configuration in Secure Shell

Server Configuration in Secure Shell

Keywords in Secure Shell

Host-Specific Parameters in Secure Shell

Secure Shell and Login Environment Variables

Maintaining Known Hosts in Secure Shell

Secure Shell Packages and Initialization

Secure Shell Files

Secure Shell Commands

Part VI Kerberos Service

21.  Introduction to the Kerberos Service

22.  Planning for the Kerberos Service

23.  Configuring the Kerberos Service (Tasks)

24.  Kerberos Error Messages and Troubleshooting

25.  Administering Kerberos Principals and Policies (Tasks)

26.  Using Kerberos Applications (Tasks)

27.  The Kerberos Service (Reference)

Part VII Auditing in Oracle Solaris

28.  Oracle Solaris Auditing (Overview)

29.  Planning for Oracle Solaris Auditing

30.  Managing Oracle Solaris Auditing (Tasks)

31.  Oracle Solaris Auditing (Reference)



Secure Shell Commands

The following table summarizes the major Secure Shell commands.

Table 20-7 Commands in Secure Shell

Man Page
Logs a user in to a remote machine and securely executes commands on a remote machine. This command is the Secure Shell replacement for the rlogin and rsh commands. The ssh command enables secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.
Is the daemon for Secure Shell. The daemon listens for connections from clients and enables secure encrypted communications between two untrusted hosts over an insecure network.
Adds RSA or DSA identities to the authentication agent, ssh-agent. Identities are also called keys.
Holds private keys that are used for public key authentication. The ssh-agent program is started at the beginning of an X-session or a login session. All other windows and other programs are started as clients of the ssh-agent program. Through the use of environment variables, the agent can be located and used for authentication when users use the ssh command to log in to other systems.
Generates and manages authentication keys for Secure Shell.
Gathers the public keys of a number of Secure Shell hosts. Aids in building and verifying ssh_known_hosts files.
Is used by the ssh command to access the host keys on the local host. Generates the digital signature that is required during host-based authentication with Secure Shell v2. The command is invoked by the ssh command, not by the user.
Securely copies files between hosts on a network over an encrypted ssh transport. Unlike the rcp command, the scp command prompts for passwords or passphrases, if password information is needed for authentication.
Is an interactive file transfer program that is similar to the ftp command. Unlike the ftp command, the sftp command performs all operations over an encrypted ssh transport. The command connects, logs in to the specified host name, and then enters interactive command mode.

The following table lists the command options that override Secure Shell keywords. The keywords are specified in the ssh_config and sshd_config files.

Table 20-8 Command-Line Equivalents for Secure Shell Keywords

ssh Command-Line Override
scp Command-Line Override
scp -B
ssh -b bind-addr
scp -a bind-addr
ssh -c cipher
scp -c cipher
ssh -c cipher-spec
scp -c cipher-spec
ssh -C
scp -C
ssh -D SOCKS4-port
ssh -e escape-char
ssh -A to enable

ssh -a to disable

ssh -X to enable

ssh -x to disable

ssh -g
ssh -4
scp -4
ssh -6
scp -6
ssh -L localport:remotehost:remoteport
ssh -m mac-spec
ssh -p port
scp -P port
ssh -1 for v1 only

ssh -2 for v2 only

ssh -R remoteport:localhost:localport