View | Details | Raw Unified | Return to bug 2423
Collapse All | Expand All

(-)a/ssh.1 (-17 / +62 lines)
Lines 53-58 Link Here
53 
.Op Fl I Ar pkcs11
 53 
.Op Fl I Ar pkcs11
54 
.Op Fl i Ar identity_file
 54 
.Op Fl i Ar identity_file
55 
.Op Fl L Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
 55 
.Op Fl L Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
56 
.Op Fl L Oo Ar bind_address : Oc Ns Ar port : Ns Ar host_socket
57 
.Op Fl L Ar unix_socket : Ns Ar host : Ns Ar hostport
58 
.Op Fl L Ar unix_socket : Ns Ar host_socket
56 
.Op Fl l Ar login_name
 59 
.Op Fl l Ar login_name
57 
.Op Fl m Ar mac_spec
 60 
.Op Fl m Ar mac_spec
58 
.Op Fl O Ar ctl_cmd
 61 
.Op Fl O Ar ctl_cmd
Lines 60-65 Link Here
60 
.Op Fl p Ar port
 63 
.Op Fl p Ar port
61 
.Op Fl Q Cm cipher | cipher-auth | mac | kex | key | protocol-version
 64 
.Op Fl Q Cm cipher | cipher-auth | mac | kex | key | protocol-version
62 
.Op Fl R Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
 65 
.Op Fl R Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
66 
.Op Fl R Oo Ar bind_address : Oc Ns Ar port : Ns Ar host_socket
67 
.Op Fl R Ar unix_socket : Ns Ar host : Ns Ar hostport
68 
.Op Fl R Ar unix_socket : Ns Ar host_socket
63 
.Op Fl S Ar ctl_path
 69 
.Op Fl S Ar ctl_path
64 
.Op Fl W Ar host : Ns Ar port
 70 
.Op Fl W Ar host : Ns Ar port
65 
.Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun
 71 
.Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun
Lines 302-319 Disables forwarding (delegation) of GSSAPI credentials to the server. Link Here
302 
.Ar port : host : hostport
 308 
.Ar port : host : hostport
303 
.Sm on
 309 
.Sm on
304 
.Xc
 310 
.Xc
305 
Specifies that the given port on the local (client) host is to be
 311 
.It Fl L Xo
306 
forwarded to the given host and port on the remote side.
 312 
.Sm off
307 
This works by allocating a socket to listen to
 313 
.Oo Ar bind_address : Oc
314 
.Ar port : host_socket
315 
.Sm on
316 
.Xc
317 
.It Fl L Xo
318 
.Sm off
319 
.Ar unix_socket : host : hostport
320 
.Sm on
321 
.Xc
322 
.It Fl L Xo
323 
.Sm off
324 
.Ar unix_socket : host_socket
325 
.Sm on
326 
.Xc
327 
Specifies that connections to the given port or unix socket on the local
328 
(client) host is to be forwarded to the given host and port, or unix_socket,
329 
on the remote side. This works by allocating a socket to listen to either, a
308 
.Ar port
 330 
.Ar port
309 
on the local side, optionally bound to the specified
 331 
on the local side, optionally bound to the specified
310 
.Ar bind_address .
 332 
.Ar bind_address ,
311 
Whenever a connection is made to this port, the
 333 
or to a
334 
.Ar unix_socket .
335 
Whenever a connection is made to the local port or socket, the
312 
connection is forwarded over the secure channel, and a connection is
 336 
connection is forwarded over the secure channel, and a connection is
313 
made to
 337 
made to either,
314 
.Ar host
 338 
.Ar host
315 
port
 339 
port
316 
.Ar hostport
 340 
.Ar hostport ,
341 
or the unix socket
342 
.Ar host_socket ,
317 
from the remote machine.
 343 
from the remote machine.
318 
Port forwardings can also be specified in the configuration file.
 344 
Port forwardings can also be specified in the configuration file.
319 
IPv6 addresses can be specified by enclosing the address in square brackets.
 345 
IPv6 addresses can be specified by enclosing the address in square brackets.
Lines 523-538 Causes most warning and diagnostic messages to be suppressed. Link Here
523 
.Ar port : host : hostport
 549 
.Ar port : host : hostport
524 
.Sm on
 550 
.Sm on
525 
.Xc
 551 
.Xc
526 
Specifies that the given port on the remote (server) host is to be
 552 
.It Fl R Xo
527 
forwarded to the given host and port on the local side.
 553 
.Sm off
528 
This works by allocating a socket to listen to
 554 
.Oo Ar bind_address : Oc
555 
.Ar port : host_socket
556 
.Sm on
557 
.Xc
558 
.It Fl R Xo
559 
.Sm off
560 
.Ar unix_socket : host : hostport
561 
.Sm on
562 
.Xc
563 
.It Fl R Xo
564 
.Sm off
565 
.Ar unix_socket : host_socket
566 
.Sm on
567 
.Xc
568 
Specifies that the given port or unix socket on the remote (server) host is
569 
to be forwarded to the given host and port, or unix socket, on the local side.
570 
This works by allocating a socket to listen to either
529 
.Ar port
 571 
.Ar port
530 
on the remote side, and whenever a connection is made to this port, the
 572 
or
531 
connection is forwarded over the secure channel, and a connection is
 573 
.Ar unix_socket
532 
made to
 574 
on the remote side, and whenever a connection is made to this port/unix
575 
socket, the connection is forwarded over the secure channel, and a connection
576 
is made to either,
533 
.Ar host
 577 
.Ar host
534 
port
 578 
port
535 
.Ar hostport
 579 
.Ar hostport ,
580 
or
581 
.Ar host_socket ,
536 
from the local machine.
 582 
from the local machine.
537 
.Pp
 583 
.Pp
538 
Port forwardings can also be specified in the configuration file.
 584 
Port forwardings can also be specified in the configuration file.
Lines 540-548 Privileged ports can be forwarded only when Link Here
540 
logging in as root on the remote machine.
 586 
logging in as root on the remote machine.
541 
IPv6 addresses can be specified by enclosing the address in square brackets.
 587 
IPv6 addresses can be specified by enclosing the address in square brackets.
542 
.Pp
 588 
.Pp
543 
By default, the listening socket on the server will be bound to the loopback
 589 
By default for TCP based sockets, the listening socket on the server will be
544 
interface only.
 590 
bound to the loopback interface only. This may be overridden by specifying a
545 
This may be overridden by specifying a
546 
.Ar bind_address .
 591 
.Ar bind_address .
547 
An empty
 592 
An empty
548 
.Ar bind_address ,
 593 
.Ar bind_address ,

Return to bug 2423