diff options
Diffstat (limited to 'ssh_config.5')
| -rw-r--r-- | ssh_config.5 | 53 |
1 files changed, 29 insertions, 24 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index 06a32d3142a6..dc010ccbd5f2 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.322 2020/02/07 03:54:44 dtucker Exp $ -.Dd $Mdocdate: February 7 2020 $ +.\" $OpenBSD: ssh_config.5,v 1.325 2020/04/11 20:20:09 jmc Exp $ +.Dd $Mdocdate: April 11 2020 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1125,12 +1125,15 @@ has been enabled. .It Cm LocalForward Specifies that a TCP port on the local machine be forwarded over the secure channel to the specified host and port from the remote machine. -The first argument must be +The first argument specifies the listener and may be .Sm off .Oo Ar bind_address : Oc Ar port .Sm on -and the second argument must be -.Ar host : Ns Ar hostport . +or a Unix domain socket path. +The second argument is the destination and may be +.Ar host : Ns Ar hostport +or a Unix domain socket path if the remote host supports it. +.Pp IPv6 addresses can be specified by enclosing addresses in square brackets. Multiple forwardings may be specified, and additional forwardings can be given on the command line. @@ -1149,6 +1152,9 @@ indicates that the listening port be bound for local use only, while an empty address or .Sq * indicates that the port should be available from all interfaces. +Unix domain socket paths accept the tokens described in the +.Sx TOKENS +section. .It Cm LogLevel Gives the verbosity level that is used when logging messages from .Xr ssh 1 . @@ -1401,12 +1407,14 @@ the secure channel. The remote port may either be forwarded to a specified host and port from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote client to connect to arbitrary destinations from the local machine. -The first argument must be +The first argument is the listening specification and may be .Sm off .Oo Ar bind_address : Oc Ar port .Sm on +or, if the remote host supports it, a Unix domain socket path. If forwarding to a specific destination then the second argument must be -.Ar host : Ns Ar hostport , +.Ar host : Ns Ar hostport +or a Unix domain socket path, otherwise if no destination argument is specified then the remote forwarding will be established as a SOCKS proxy. .Pp @@ -1415,6 +1423,9 @@ Multiple forwardings may be specified, and additional forwardings can be given on the command line. Privileged ports can be forwarded only when logging in as root on the remote machine. +Unix domain socket paths accept the tokens described in the +.Sx TOKENS +section. .Pp If the .Ar port @@ -1845,31 +1856,25 @@ otherwise. The local username. .El .Pp -.Cm Match exec -accepts the tokens %%, %h, %i, %L, %l, %n, %p, %r, and %u. -.Pp -.Cm CertificateFile -accepts the tokens %%, %d, %h, %i, %l, %r, and %u. -.Pp -.Cm ControlPath -accepts the tokens %%, %C, %h, %i, %L, %l, %n, %p, %r, and %u. +.Cm CertificateFile , +.Cm ControlPath , +.Cm IdentityAgent , +.Cm IdentityFile , +.Cm LocalForward , +.Cm Match exec , +.Cm RemoteCommand , +and +.Cm RemoteForward +accept the tokens %%, %C, %d, %h, %i, %L, %l, %n, %p, %r, and %u. .Pp .Cm Hostname accepts the tokens %% and %h. .Pp -.Cm IdentityAgent -and -.Cm IdentityFile -accept the tokens %%, %d, %h, %i, %l, %r, and %u. -.Pp .Cm LocalCommand -accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, %T, and %u. +accepts all tokens. .Pp .Cm ProxyCommand accepts the tokens %%, %h, %n, %p, and %r. -.Pp -.Cm RemoteCommand -accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, and %u. .Sh FILES .Bl -tag -width Ds .It Pa ~/.ssh/config |