summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/scp.1 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* move HostbasedAcceptedAlgorithms to the right place in alphabetical ordernaddy2021-01-261-2/+2
|
* Rename HostbasedKeyTypes (ssh) and HostbasedAcceptedKeyTypes (sshd) todtucker2021-01-261-3/+3
| | | | | | HostbasedAcceptedAlgorithms, which more accurately reflects its effect. This matches a previous change to PubkeyAcceptedAlgorithms. The previous names are retained as aliases. ok djm@
* Rename PubkeyAcceptedKeyTypes keyword to PubkeyAcceptedAlgorithms.dtucker2021-01-221-3/+3
| | | | | | | | While the two were originally equivalent, this actually specifies the signature algorithms that are accepted. Some key types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512) so the old name is becoming increasingly misleading. The old name is retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@
* tweak the description of KnownHostsCommand in ssh_conf.5, and addjmc2020-12-221-2/+3
| | | | | | entries for it to the -O list in scp.1 and sftp.1; ok djm
* split introductory paragraph, and insert ominous words about the globderaadt2020-10-031-4/+8
| | | | | | issue, which cannot be fully fixed and really requires completely replacing scp with a completely different subsystem. team effort to find the right words..
* allow -A to explicitly enable agent forwarding in scp and sftp. Thedjm2020-08-031-3/+8
| | | | | default remains to not forward an agent, even when ssh_config enables it. ok jmc dtucker markus
* tweak previous; ok markusjmc2020-04-301-3/+3
|
* run the 2nd ssh with BatchMode for scp -3markus2020-04-301-3/+6
|
* tweak the Nd lines for a bit of consistency;jmc2019-11-301-3/+3
| | | | ok markus
* Hostname->HostName cleanup; from lauri tirkkonenjmc2019-06-121-3/+3
| | | | ok dtucker
* check in scp client that filenames sent during remote->local directorydjm2019-01-261-3/+13
| | | | | | | | | | | | | | copies satisfy the wildcard specified by the user. This checking provides some protection against a malicious server sending unexpected filenames, but it comes at a risk of rejecting wanted files due to differences between client and server wildcard expansion rules. For this reason, this also adds a new -T flag to disable the check. reported by Harry Sintonen fix approach suggested by markus@; has been in snaps for ~1wk courtesy deraadt@
* tweak previous;jmc2019-01-221-4/+4
|
* Forgot to add -J to the synopsis.tb2019-01-211-1/+2
|
* Add a -J option as a shortcut for -o Proxyjump= to scp(1) and sftp(1)tb2019-01-211-2/+15
| | | | | | to match ssh(1)'s interface. ok djm
* reorder CASignatureAlgorithms, and add them to the various -o lists;jmc2018-09-201-2/+3
| | | | ok djm
* Deprecate UsePrivilegedPort now that support for running ssh(1)dtucker2018-07-191-3/+2
| | | | | | | | | | | setuid has been removed, remove supporting code and clean up references to it in the man pages We have not shipped ssh(1) the setuid bit since 2002. If ayone really needs to make connections from a low port number this can be implemented via a small setuid ProxyCommand. ok markus@ jmc@ djm@
* sort previous;jmc2018-06-091-2/+2
|
* add a SetEnv directive to ssh_config that allows setting environmentdjm2018-06-091-2/+3
| | | | | | | | variables for the remote session (subject to the server accepting them) refactor SendEnv to remove the arbitrary limit of variable names. ok markus@
* some cleanup for BindInterface and ssh-keyscan;jmc2018-02-231-2/+3
|
* tweak the uri text, specifically removing some markup to make it ajmc2017-10-251-11/+12
| | | | | | bit more readable; issue reported by - and diff ok - millert
* Add URI support to ssh, sftp and scp. For example ssh://user@hostmillert2017-10-211-19/+22
| | | | | | | or sftp://user@host/path. The connection parameters described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since the ssh fingerprint format in the draft uses md5 with no way to specify the hash function type. OK djm@
* restore mistakenly deleted description of the ConnectionAttempts optionnaddy2017-05-031-2/+3
| | | | ok markus@
* remove now obsolete protocol1 options from the -o lists;jmc2017-05-021-8/+2
|
* exterminate the -1 flag from scpdjm2017-04-301-11/+3
| | | | ok markus@
* - add proxyjump to the options listjmc2016-07-161-2/+3
| | | | | | | - formatting fixes - update usage() ok djm
* sort the -o list;jmc2016-06-291-3/+3
|
* add IdentityAgent; noticed & ok jmc@markus2016-05-041-2/+3
|
* some certificatefile tweaks; ok djmjmc2015-09-251-2/+3
|
* Turn off DSA by default; add HostKeyAlgorithms to the server andmarkus2015-07-101-2/+3
| | | | | PubkeyAcceptedKeyTypes to the client side, so it still can be tested or turned back on; feedback and ok djm@
* Add a ssh_config HostbasedKeyType option to control whichdjm2015-01-301-2/+3
| | | | | | | | | host public key types are tried during hostbased authentication. This may be used to prevent too many keys being sent to the server, and blowing past its MaxAuthTries limit. bz#2211 based on patch by Iain Morgan; ok markus@
* sort previous;jmc2015-01-261-2/+2
|
* correct description of UpdateHostKeys in ssh_config.5 anddjm2015-01-261-2/+3
| | | | | add it to -o lists for ssh, scp and sftp; pointed out by jmc@
* garbage collect empty .No macros mandoc warns aboutschwarze2015-01-161-4/+4
|
* there is no need for rcp anymoretedu2014-03-191-10/+4
| | | | ok deraadt millert
* add canonicalisation options to -o listsdjm2013-10-201-2/+7
|
* some Bx/Ox conversion;jmc2013-08-141-4/+5
| | | | From: Jan Stary
* use .Mt for email addresses; from Jan Stary <hans at stare dot cz>; ok jmc@schwarze2013-07-161-4/+4
|
* knock out a useless Ns;jmc2011-09-051-2/+2
|
* mention ControlPersist and KbdInteractiveAuthentication in the -odjm2011-09-051-2/+4
| | | | verbiage in these pages too (prompted by jmc@)
* scp.1: grammer fixjmc2010-12-091-3/+3
| | | | scp.c: add -3 to usage()
* add a new -3 option to scp: Copies between two remote hosts aremarkus2010-12-081-3/+8
| | | | | transferred through the local host. Without this option the data is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
* add IPQoS to the various -o lists, and zap some trailing whitespace;jmc2010-11-181-2/+3
|
* knock out some "-*- nroff -*-" lines;jmc2010-10-281-3/+2
|
* add KexAlgorithms to the -o list;jmc2010-09-231-2/+3
|
* add an EXIT STATUS section for /usr/bin;jmc2010-09-031-3/+3
|
* replace our obsolete smartcard code with PKCS#11.markus2010-02-081-3/+3
| | | | | | | | | ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 provider (shared library) while ssh-agent(1) delegates PKCS#11 to a forked a ssh-pkcs11-helper process. PKCS#11 is currently a compile time option. feedback and ok djm@; inspired by patches from Alon Bar-Lev
* Remove RoutingDomain from ssh since it's now not needed. It can be replaceddtucker2010-01-091-3/+2
| | | | | | | | | | | | | with "route exec" or "nc -V" as a proxycommand. "route exec" also ensures that trafic such as DNS lookups stays withing the specified routingdomain. For example (from reyk): # route -T 2 exec /usr/sbin/sshd or inherited from the parent process $ route -T 2 exec sh $ ssh 10.1.2.3 ok deraadt@ markus@ stevesk@ reyk@
* Rename RDomain config option to RoutingDomain to be more clear andstevesk2009-12-291-3/+3
| | | | | | | | | consistent with other options. NOTE: if you currently use RDomain in the ssh client or server config, or ssh/sshd -o, you must update to use RoutingDomain. ok markus@ djm@
* Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan.reyk2009-10-281-2/+3
| | | | ok markus@
* better description for -i flag:djm2008-07-121-3/+3
| | | | s/RSA authentication/public key authentication/
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.