sss_ssh_knownhostsproxy.1.xml revision c5ae83788cb6b8681e52c4d940a3fd88e87bd4d6
eed2a23d9b5986937f1e2b1c120be97744508a72nd<?xml version="1.0" encoding="UTF-8"?>
b51bf223f42d43ca6b1b33c95124edcfa5a871a4nd<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN"
9963f91528694fb21e93da8584c31f226c6de97akess"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
eed2a23d9b5986937f1e2b1c120be97744508a72nd<reference>
eed2a23d9b5986937f1e2b1c120be97744508a72nd<title>SSSD Manual pages</title>
031b91a62d25106ae69d4693475c79618dd5e884fielding<refentry>
031b91a62d25106ae69d4693475c79618dd5e884fielding <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/upstream.xml" />
031b91a62d25106ae69d4693475c79618dd5e884fielding
031b91a62d25106ae69d4693475c79618dd5e884fielding <refmeta>
031b91a62d25106ae69d4693475c79618dd5e884fielding <refentrytitle>sss_ssh_knownhostsproxy</refentrytitle>
031b91a62d25106ae69d4693475c79618dd5e884fielding <manvolnum>1</manvolnum>
eed2a23d9b5986937f1e2b1c120be97744508a72nd </refmeta>
eed2a23d9b5986937f1e2b1c120be97744508a72nd
eed2a23d9b5986937f1e2b1c120be97744508a72nd <refnamediv id='name'>
eed2a23d9b5986937f1e2b1c120be97744508a72nd <refname>sss_ssh_knownhostsproxy</refname>
eed2a23d9b5986937f1e2b1c120be97744508a72nd <refpurpose>get OpenSSH host keys</refpurpose>
eed2a23d9b5986937f1e2b1c120be97744508a72nd </refnamediv>
eed2a23d9b5986937f1e2b1c120be97744508a72nd
eed2a23d9b5986937f1e2b1c120be97744508a72nd <refsynopsisdiv id='synopsis'>
eed2a23d9b5986937f1e2b1c120be97744508a72nd <cmdsynopsis>
eed2a23d9b5986937f1e2b1c120be97744508a72nd <command>sss_ssh_knownhostsproxy</command>
eed2a23d9b5986937f1e2b1c120be97744508a72nd <arg choice='opt'>
eed2a23d9b5986937f1e2b1c120be97744508a72nd <replaceable>options</replaceable>
eed2a23d9b5986937f1e2b1c120be97744508a72nd </arg>
eed2a23d9b5986937f1e2b1c120be97744508a72nd <arg choice='plain'><replaceable>HOST</replaceable></arg>
eed2a23d9b5986937f1e2b1c120be97744508a72nd <arg choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>
54c42060da90b1e584f6af6a349f964d44c6c740nd </cmdsynopsis>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes </refsynopsisdiv>
54c42060da90b1e584f6af6a349f964d44c6c740nd
54c42060da90b1e584f6af6a349f964d44c6c740nd <refsect1 id='description'>
54c42060da90b1e584f6af6a349f964d44c6c740nd <title>DESCRIPTION</title>
54c42060da90b1e584f6af6a349f964d44c6c740nd <para>
54c42060da90b1e584f6af6a349f964d44c6c740nd <command>sss_ssh_knownhostsproxy</command> acquires SSH host
54c42060da90b1e584f6af6a349f964d44c6c740nd public keys for host <replaceable>HOST</replaceable>, stores
d4b9d24a20bdf028aa15202f73ac3c0da1626252nd them in a custom OpenSSH known_hosts file (see the
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section of
0ee353fc9305065b15fb5064c5357f47380c0b6and <citerefentry><refentrytitle>sshd</refentrytitle>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <manvolnum>8</manvolnum></citerefentry> for more information)
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <filename>/var/lib/sss/pubconf/known_hosts</filename> and
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes estabilishes connection to the host.
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes </para>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <para>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes If <replaceable>PROXY_COMMAND</replaceable> is specified,
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes it is used to create the connection to the host instead of
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes opening a socket.
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes </para>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <para>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <citerefentry><refentrytitle>ssh</refentrytitle>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <manvolnum>1</manvolnum></citerefentry> can be configured to
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes use <command>sss_ssh_knownhostsproxy</command> for host key
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes authentication by using the following directives for
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <citerefentry><refentrytitle>ssh</refentrytitle>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <manvolnum>1</manvolnum></citerefentry> configuration:
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes<programlisting>
2253eb4c6e7a037e78c84e13658e23632b46ed9dlgentisProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholesGlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts
2253eb4c6e7a037e78c84e13658e23632b46ed9dlgentis</programlisting>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes </para>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes </refsect1>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <refsect1 id='options'>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <title>OPTIONS</title>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <variablelist remap='IP'>
2253eb4c6e7a037e78c84e13658e23632b46ed9dlgentis <varlistentry>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <term>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <option>-p</option>,<option>--port</option>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <replaceable>PORT</replaceable>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes </term>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <listitem>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <para>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes Use port <replaceable>PORT</replaceable> to connect to the host.
f5e4573f2a3ca4b7d7d10bfb50950fa7eff27efbnilgun By default, port 22 is used.
f5e4573f2a3ca4b7d7d10bfb50950fa7eff27efbnilgun </para>
2253eb4c6e7a037e78c84e13658e23632b46ed9dlgentis </listitem>
2253eb4c6e7a037e78c84e13658e23632b46ed9dlgentis </varlistentry>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <varlistentry>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <term>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <option>-d</option>,<option>--domain</option>
2253eb4c6e7a037e78c84e13658e23632b46ed9dlgentis <replaceable>DOMAIN</replaceable>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes </term>
c94587d1eda6474330f9fa835a6851825ed23546lgentis <listitem>
2253eb4c6e7a037e78c84e13658e23632b46ed9dlgentis <para>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>.
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes </para>
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd </listitem>
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd </varlistentry>
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/param_help.xml" />
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd </variablelist>
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd </refsect1>
2253eb4c6e7a037e78c84e13658e23632b46ed9dlgentis
2253eb4c6e7a037e78c84e13658e23632b46ed9dlgentis <refsect1 id='exit_status'>
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd <title>EXIT STATUS</title>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <para>
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd In case of success, an exit value of 0 is returned. Otherwise,
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd 1 is returned.
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd </para>
4930be147adf9e3f6d3ca9313a6524f9bf654b2dnd </refsect1>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/seealso.xml" />
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes</refentry>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes</reference>
61d237f7e3a54089a7514227d663fac296d7d8f0bnicholes