SSH(1) SSH(1) NAME ssh - secure shell remote login client SYNOPSIS ssh [ -drRX ] [ -t thumbfile ] [ -T tries ] [ -u user ] [ -h ] [ user@]host [ -W remote!port ] [ cmd args ... ] DESCRIPTION Ssh starts a remote shell or cmd on the computer host logged in as user. The input file descriptor is forwarded to the remote side and output and error descriptors are forwarded to the local side. The connection is authenticated and encrypted using the SSH2 protocol. The user authenticates itself to the host using his RSA key pair (stored in factotum) or plaintext pass- words. To authenticate the host to the user, the hosts RSA public key is hashed and compared to the entries in $home/lib/sshthumbs file (see thumbprint(6)). The thumbfile location can be changed with the -t option. When cmd is specified, it is concatenated with the list of quoted args and run on the remote side. No pseudo terminal will be requested. A cmd beginning with # is interpreted as a subsystem name such as sftp (see sshfs(4)). Without cmd, a shell is started on the remote side. In that case and when the $TERM environment variable is set (such as when started under a terminal emulator like vt(1)), a pseudo terminal will be requested for the shell. This can be dis- abled with the -R flag. A pseudo-terminal can be requested in all cases with the -r flag. With the -W option, instead of executing a command remotely, makes the server dial a tcp connection to remote!port which the client relays on standard input and output. For han- dling multiple connections transparently to programs, see sshnet(4). The -d flag enables debug output. The -X flag enables mux mode, which after establishing the tunnel, relays the plaintext SSH protocol messages on file- descriptor 0 and 1. This is used by programs such as sshnet(4) and sshfs(4). FILES $home/lib/sshthumbs the user's thumbfile of known host fin- gerprints Page 1 Plan 9 (printed 12/22/24) SSH(1) SSH(1) SOURCE /sys/src/cmd/ssh.c BUGS If keyboard-interactive authentication fails, by default it is retried three times. The number of tries can be changed with -T. Setting it to zero disables keyboard-interactive authentication. SEE ALSO vt(1), rsa(8), thumbprint(6), factotum(4), sshfs(4), sshnet(4) Page 2 Plan 9 (printed 12/22/24)