JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Security Services     Oracle Solaris 10 1/13 Information Library
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Controlling Access to Devices (Tasks)

5.  Using the Basic Audit Reporting Tool (Tasks)

6.  Controlling Access to Files (Tasks)

7.  Using the Automated Security Enhancement Tool (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Role-Based Access Control (Reference)

11.  Privileges (Tasks)

12.  Privileges (Reference)

Part IV Cryptographic Services

13.  Oracle Solaris Cryptographic Framework (Overview)

14.  Oracle Solaris Cryptographic Framework (Tasks)

15.  Oracle Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16.  Using Authentication Services (Tasks)

17.  Using PAM

18.  Using SASL

19.  Using Secure Shell (Tasks)

20.  Secure Shell (Reference)

A Typical Secure Shell Session

Session Characteristics in Secure Shell

Authentication and Key Exchange in Secure Shell

Acquiring GSS Credentials in Secure Shell

Command Execution and Data Forwarding in Secure Shell

Client and Server Configuration in Secure Shell

Client Configuration in Secure Shell

Server Configuration in Secure Shell

Keywords in Secure Shell

Host-Specific Parameters in Secure Shell

Secure Shell and Login Environment Variables

Maintaining Known Hosts in Secure Shell

Secure Shell Packages and Initialization

Secure Shell Files

Secure Shell Commands

Part VI Kerberos Service

21.  Introduction to the Kerberos Service

22.  Planning for the Kerberos Service

23.  Configuring the Kerberos Service (Tasks)

24.  Kerberos Error Messages and Troubleshooting

25.  Administering Kerberos Principals and Policies (Tasks)

26.  Using Kerberos Applications (Tasks)

27.  The Kerberos Service (Reference)

Part VII Auditing in Oracle Solaris

28.  Oracle Solaris Auditing (Overview)

29.  Planning for Oracle Solaris Auditing

30.  Managing Oracle Solaris Auditing (Tasks)

31.  Oracle Solaris Auditing (Reference)

Glossary

Index

Secure Shell Commands

The following table summarizes the major Secure Shell commands.

Table 20-7 Commands in Secure Shell

Command
Description
Man Page
ssh
Logs a user in to a remote machine and securely executes commands on a remote machine. This command is the Secure Shell replacement for the rlogin and rsh commands. The ssh command enables secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel.
ssh(1)
sshd
Is the daemon for Secure Shell. The daemon listens for connections from clients and enables secure encrypted communications between two untrusted hosts over an insecure network.
sshd(1M)
ssh-add
Adds RSA or DSA identities to the authentication agent, ssh-agent. Identities are also called keys.
ssh-add(1)
ssh-agent
Holds private keys that are used for public key authentication. The ssh-agent program is started at the beginning of an X-session or a login session. All other windows and other programs are started as clients of the ssh-agent program. Through the use of environment variables, the agent can be located and used for authentication when users use the ssh command to log in to other systems.
ssh-agent(1)
ssh-keygen
Generates and manages authentication keys for Secure Shell.
ssh-keygen(1)
ssh-keyscan
Gathers the public keys of a number of Secure Shell hosts. Aids in building and verifying ssh_known_hosts files.
ssh-keyscan(1)
ssh-keysign
Is used by the ssh command to access the host keys on the local host. Generates the digital signature that is required during host-based authentication with Secure Shell v2. The command is invoked by the ssh command, not by the user.
ssh-keysign(1M)
scp
Securely copies files between hosts on a network over an encrypted ssh transport. Unlike the rcp command, the scp command prompts for passwords or passphrases, if password information is needed for authentication.
scp(1)
sftp
Is an interactive file transfer program that is similar to the ftp command. Unlike the ftp command, the sftp command performs all operations over an encrypted ssh transport. The command connects, logs in to the specified host name, and then enters interactive command mode.
sftp(1)

The following table lists the command options that override Secure Shell keywords. The keywords are specified in the ssh_config and sshd_config files.

Table 20-8 Command-Line Equivalents for Secure Shell Keywords

Keyword
ssh Command-Line Override
scp Command-Line Override
BatchMode
scp -B
BindAddress
ssh -b bind-addr
scp -a bind-addr
Cipher
ssh -c cipher
scp -c cipher
Ciphers
ssh -c cipher-spec
scp -c cipher-spec
Compression
ssh -C
scp -C
DynamicForward
ssh -D SOCKS4-port
EscapeChar
ssh -e escape-char
ForwardAgent
ssh -A to enable

ssh -a to disable
ForwardX11
ssh -X to enable

ssh -x to disable
GatewayPorts
ssh -g
IPv4
ssh -4
scp -4
IPv6
ssh -6
scp -6
LocalForward
ssh -L localport:remotehost:remoteport
MACS
ssh -m mac-spec
Port
ssh -p port
scp -P port
Protocol
ssh -1 for v1 only

ssh -2 for v2 only
RemoteForward
ssh -R remoteport:localhost:localport
Copyright © 2002, 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next