src/man/sss_ssh_knownhostsproxy.1.xml

	sss_ssh_knownhostsproxy.1.xml revision b2f9e5b7d553172401a340eb4a9c3abda6b5db43
1005N/A<?xml version="1.0" encoding="UTF-8"?>
1005N/A<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN"
1005N/A"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd">
1005N/A<reference>
1005N/A<title>SSSD Manual pages</title>
1005N/A<refentry>
1005N/A    <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/upstream.xml" />
1005N/A
1005N/A    <refmeta>
1005N/A        <refentrytitle>sss_ssh_knownhostsproxy</refentrytitle>
1005N/A        <manvolnum>1</manvolnum>
1005N/A    </refmeta>
1005N/A
1005N/A    <refnamediv id='name'>
1005N/A        <refname>sss_ssh_knownhostsproxy</refname>
1005N/A        <refpurpose>get OpenSSH host keys</refpurpose>
1005N/A    </refnamediv>
1005N/A
1005N/A    <refsynopsisdiv id='synopsis'>
1005N/A        <cmdsynopsis>
1005N/A            <command>sss_ssh_knownhostsproxy</command>
1005N/A            <arg choice='opt'>
1005N/A                <replaceable>options</replaceable>
1005N/A            </arg>
1005N/A            <arg choice='plain'><replaceable>HOST</replaceable></arg>
1005N/A            <arg choice='opt'><replaceable>PROXY_COMMAND</replaceable></arg>
1005N/A        </cmdsynopsis>
1005N/A    </refsynopsisdiv>
1005N/A
1005N/A    <refsect1 id='description'>
1005N/A        <title>DESCRIPTION</title>
1005N/A        <para>
1005N/A            <command>sss_ssh_knownhostsproxy</command> acquires SSH host
1005N/A            public keys for host <replaceable>HOST</replaceable>, stores
1005N/A            them in a custom OpenSSH known_hosts file (see the
1005N/A            <quote>SSH_KNOWN_HOSTS FILE FORMAT</quote> section of
            <citerefentry><refentrytitle>sshd</refentrytitle>
            <manvolnum>8</manvolnum></citerefentry> for more information)
            <filename>/var/lib/sss/pubconf/known_hosts</filename> and
            estabilishes connection to the host.
        </para>
        <para>
            If <replaceable>PROXY_COMMAND</replaceable> is specified,
            it is used to create the connection to the host instead of
            opening a socket.
        </para>
        <para>
            <citerefentry><refentrytitle>ssh</refentrytitle>
            <manvolnum>1</manvolnum></citerefentry> can be configured to
            use <command>sss_ssh_knownhostsproxy</command> for host key
            authentication by using the following directives for
            <citerefentry><refentrytitle>ssh</refentrytitle>
            <manvolnum>1</manvolnum></citerefentry> configuration:
<programlisting>
ProxyCommand /usr/bin/sss_ssh_knownhostsproxy -p %p %h
GlobalKnownHostsFile /var/lib/sss/pubconf/known_hosts
</programlisting>
        </para>
    </refsect1>

    <refsect1 id='options'>
        <title>OPTIONS</title>
        <variablelist remap='IP'>
            <varlistentry>
                <term>
                    <option>-p</option>,<option>--port</option>
                    <replaceable>PORT</replaceable>
                </term>
                <listitem>
                    <para>
                        Use port <replaceable>PORT</replaceable> to connect to the host.
                        By default, port 22 is used.
                    </para>
                </listitem>
            </varlistentry>
            <varlistentry>
                <term>
                    <option>-d</option>,<option>--domain</option>
                    <replaceable>DOMAIN</replaceable>
                </term>
                <listitem>
                    <para>
                        Search for host public keys in SSSD domain <replaceable>DOMAIN</replaceable>.
                    </para>
                </listitem>
            </varlistentry>
            <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/param_help.xml" />
        </variablelist>
    </refsect1>

    <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/seealso.xml" />

</refentry>
</reference>