Skip to content

Instantly share code, notes, and snippets.

@AGWA AGWA/all_client_options
Last active Jan 14, 2016

Embed
What would you like to do?
Investigation into undocumented ssh_config and sshd_config options, as of https://github.com/openssh/openssh-portable/tree/e6c85f8889c5c9eb04796fdb76d2807636b9eef5 Scroll to bottom for the upshot
addkeystoagent
addressfamily
afstokenpassing
batchmode
bindaddress
canonicaldomains
canonicalizefallbacklocal
canonicalizehostname
canonicalizemaxdots
canonicalizepermittedcnames
certificatefile
challengeresponseauthentication
checkhostip
cipher
ciphers
clearallforwardings
compression
compressionlevel
connectionattempts
connecttimeout
controlmaster
controlpath
controlpersist
dsaauthentication
dynamicforward
enablesshkeysign
escapechar
exitonforwardfailure
fallbacktorsh
fingerprinthash
forwardagent
forwardx11
forwardx11timeout
forwardx11trusted
gatewayports
globalknownhostsfile
globalknownhostsfile2
gssapiauthentication
gssapidelegatecredentials
hashknownhosts
host
hostbasedauthentication
hostbasedkeytypes
hostkeyalgorithms
hostkeyalias
hostname
identitiesonly
identityfile
identityfile2
ignoreunknown
ipqos
kbdinteractiveauthentication
kbdinteractivedevices
keepalive
kerberosauthentication
kerberostgtpassing
kexalgorithms
localcommand
localforward
loglevel
macs
match
nohostauthenticationforlocalhost
numberofpasswordprompts
passwordauthentication
permitlocalcommand
pkcs11provider
port
preferredauthentications
protocol
proxycommand
proxyusefdpass
pubkeyacceptedkeytypes
pubkeyauthentication
rekeylimit
remoteforward
requesttty
revokedhostkeys
rhostsauthentication
rhostsrsaauthentication
rsaauthentication
sendenv
serveralivecountmax
serveraliveinterval
skeyauthentication
smartcarddevice
streamlocalbindmask
streamlocalbindunlink
stricthostkeychecking
tcpkeepalive
tisauthentication
tunnel
tunneldevice
updatehostkeys
useprivilegedport
user
userknownhostsfile
userknownhostsfile2
useroaming
usersh
verifyhostkeydns
visualhostkey
xauthlocation
acceptenv
addressfamily
afstokenpassing
allowagentforwarding
allowgroups
allowstreamlocalforwarding
allowtcpforwarding
allowusers
authenticationmethods
authorizedkeyscommand
authorizedkeyscommanduser
authorizedkeysfile
authorizedkeysfile2
authorizedprincipalscommand
authorizedprincipalscommanduser
authorizedprincipalsfile
banner
challengeresponseauthentication
checkmail
chrootdirectory
ciphers
clientalivecountmax
clientaliveinterval
compression
denygroups
denyusers
dsaauthentication
fingerprinthash
forcecommand
gatewayports
gssapiauthentication
gssapicleanupcredentials
gssapistrictacceptorcheck
hostbasedacceptedkeytypes
hostbasedauthentication
hostbasedusesnamefrompacketonly
hostcertificate
hostdsakey
hostkey
hostkeyagent
hostkeyalgorithms
ignorerhosts
ignoreuserknownhosts
ipqos
kbdinteractiveauthentication
keepalive
kerberosauthentication
kerberosgetafstoken
kerberosorlocalpasswd
kerberostgtpassing
kerberosticketcleanup
kexalgorithms
keyregenerationinterval
listenaddress
logingracetime
loglevel
macs
match
maxauthtries
maxsessions
maxstartups
pamauthenticationviakbdint
passwordauthentication
permitemptypasswords
permitopen
permitrootlogin
permittty
permittunnel
permituserenvironment
permituserrc
pidfile
port
printlastlog
printmotd
protocol
pubkeyacceptedkeytypes
pubkeyauthentication
rekeylimit
reversemappingcheck
revokedkeys
rhostsauthentication
rhostsrsaauthentication
rsaauthentication
serverkeybits
skeyauthentication
streamlocalbindmask
streamlocalbindunlink
strictmodes
subsystem
syslogfacility
tcpkeepalive
trustedusercakeys
usedns
uselogin
usepam
useprivilegeseparation
verifyreversemapping
versionaddendum
x11displayoffset
x11forwarding
x11uselocalhost
xauthlocation
#!/bin/sh
while read option
do
if ! fgrep -i "Cm $option" "$1" >/dev/null
then
echo "$option"
fi
done
afstokenpassing unsupported (raises error if set)
dsaauthentication alias for pubkeyauthentication
fallbacktorsh deprecated (ignored with warning if set)
globalknownhostsfile2 deprecated
identityfile2 alias for identityfile
keepalive alias for tcpkeepalive
kerberosauthentication unsupported
kerberostgtpassing unsupported
rhostsauthentication deprecated
skeyauthentication alias for challengeresponseauthentication
smartcarddevice alias for pkcs11provider
tisauthentication alias for challengeresponseauthentication
userknownhostsfile2 deprecated
useroaming UNDOCUMENTED!!!!
usersh deprecated
afstokenpassing unsupported (ignored with warning if set)
authorizedkeysfile2 deprecated (ignored with warning if set)
checkmail deprecated
dsaauthentication alias for pubkeyauthentication
hostdsakey alias for hostkey
keepalive alias for tcpkeepalive
kerberostgtpassing unsupported
pamauthenticationviakbdint deprecated
reversemappingcheck deprecated
rhostsauthentication deprecated
skeyauthentication alias for challengeresponseauthentication
verifyreversemapping deprecated
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.