Manualshelf

HP-UX Secure Shell Getting Started Guide HP-UX 11i v1, HP-UX 11i v2, and HP-UX 11i v3 (5900-3142, June 2013)

ManualsBrandsHP ManualsSoftwareHP-UX 11i Secure Shell Software
81828384858687888990
The default value is ~.
For example:
EscapeChar ~
ExitOnForwardFailure
Use this directive to specify whether ssh( 1) must terminate the connection if it cannot set up all
requested dynamic, local, and remote port forwardings. The values for ExitOnForwardFailure
are yes or no. The default value is no.
For example:
ExitOnForwardFailure no
ForwardAgent
Use this directive to specify whether the connection to the authentication agent is forwarded to the
remote machine.
NOTE: Enable agent forwarding with caution. Users with privileges to bypass file permissions
on the remote host, for the agent’s UNIX domain socket, can access the local agent through the
forwarded connection. Attackers cannot obtain key material from the agent, but they can perform
operations on the keys that enable them to authenticate using the identities loaded into the agent.
The default setting is no.
For example:
ForwardAgent no
ForwardX11
Use this directive to specify whether X11 connections must be automatically redirected over the
secure channel and DISPLAY set.
NOTE: Enable X11 forwarding with caution. Users with privileges to bypass file permissions on
the remote host, for the user’s X11 authorization database, can access the local X11 display
through the forwarded connection. An attacker can perform activities, such as keystroke monitoring,
if the ForwardX11Trusted option is also enabled.
The default setting is no.
For example:
ForwardX11 no
ForwardX11Trusted
Use this directive to specify whether remote X11 clients can access the original X11 display. The
xauth(1) token used for the session is set to expires after 20 minutes. Remote clients are refused
access after the time elapses.
The default setting is no.
For example:
ForwardX11Trusted no
ForwardX11Timeout
Use this directive to specify a timeout for untrusted X11 forwarding using the format specified in
the TIME FORMATS section of the sshd_config(5) file. The X11 connections received by ssh(1)
after the specified time is rejected. The default is to disable untrusted X11 forwarding after 20
minutes have elapsed.
88 Configuration Files and Directives