1ssh(3)                     Erlang Module Definition                     ssh(3)
2
3
4

NAME

6       ssh - Main API of the ssh application
7

DESCRIPTION

9       This  is the interface module for the SSH application. The Secure Shell
10       (SSH) Protocol is a protocol for secure remote login and  other  secure
11       network  services  over  an insecure network. See ssh(6) for details of
12       supported RFCs, versions, algorithms and unicode handling.
13
14       With the SSH application it is possible to start clients  and to  start
15       daemons  (servers).
16
17       Clients  are  started with connect/2, connect/3 or connect/4. They open
18       an encrypted connection on top of TCP/IP. In that encrypted  connection
19       one  or more channels could be opened with ssh_connection:session_chan‐
20       nel/2,4.
21
22       Each channel is an isolated "pipe" between a client-side process and  a
23       server-side  process. Those process pairs could handle for example file
24       transfers (sftp) or remote command execution (shell, exec and/or  cli).
25       If  a custom shell is implemented, the user of the client could execute
26       the special commands remotely. Note that the user is not necessarily  a
27       human but probably a system interfacing the SSH app.
28
29       A  server-side  subssystem  (channel) server is requested by the client
30       with ssh_connection:subsystem/4.
31
32       A server (daemon) is started with daemon/1, daemon/2 or daemon/3.  Pos‐
33       sible  channel  handlers  (subsystems)  are declared with the subsystem
34       option when the daemon is started.
35
36       To just run a shell on a remote machine, there are functions that  bun‐
37       dles  the  needed three steps needed into one: shell/1,2,3. Similarily,
38       to just open an sftp (file transfer) connection to  a  remote  machine,
39       the simplest way is to use ssh_sftp:start_channel/1,2,3.
40
41       To   write   your   own  client  channel  handler,  use  the  behaviour
42       ssh_client_channel. For server channel handlers use  ssh_server_channel
43       behaviour (replaces ssh_daemon_channel).
44
45       Both clients and daemons accepts options that controls the exact behav‐
46       iour. Some options are common to both. The three sets are called Client
47       Options, Daemon Options and Common Options.
48
49       The  descriptions  of  the  options  uses the Erlang Type Language with
50       explaining text.
51
52   Note:
53       The User's Guide has examples and a Getting Started section.
54
55

KEYS AND FILES

57       A number of objects must be present for the SSH  application  to  work.
58       Thoose  objects  are  per  default  stored in files. The default names,
59       paths and file formats are the same as for OpenSSH. Keys could be  gen‐
60       erated with the ssh-keygen program from OpenSSH. See the User's Guide.
61
62       The paths could easily be changed by options: user_dir and system_dir.
63
64       A  completly different storage could be interfaced by writing call-back
65       modules    using    the    behaviours     ssh_client_key_api     and/or
66       ssh_server_key_api.  A  callback  module  is  installed with the option
67       key_cb to the client and/or the daemon.
68
69   Daemons
70       The keys are by default stored in files:
71
72         * Mandatory: one or more Host  key(s)  ,  both  private  and  public.
73           Default is to store them in the directory /etc/ssh in the files
74
75           * ssh_host_dsa_key and ssh_host_dsa_key.pub
76
77           * ssh_host_rsa_key and ssh_host_rsa_key.pub
78
79           * ssh_host_ecdsa_key and ssh_host_ecdsa_key.pub
80
81           The  host  keys  directory  could  be  changed with the option sys‐
82           tem_dir.
83
84         * Optional: one or more User's  public  key   in  case  of  publickey
85           authorization.  Default  is  to store them concatenated in the file
86           .ssh/authorized_keys in the user's home directory.
87
88           The user keys directory could be changed with the option user_dir.
89
90   Clients
91       The keys and some other data are by default  stored  in  files  in  the
92       directory .ssh in the user's home directory.
93
94       The directory could be changed with the option user_dir.
95
96         * Optional:  a  list  of Host public key(s)  for previously connected
97           hosts. This list is handled by the SSH application without any need
98           of  user  assistance.  The  default  is  to  store them in the file
99           known_hosts.
100
101           The host_accepting_client_options() are associated with  this  list
102           of keys.
103
104         * Optional:  one  or more User's private key(s)  in case of publickey
105           authorization. The default files are
106
107           * id_dsa and id_dsa.pub
108
109           * id_rsa and id_rsa.pub
110
111           * id_ecdsa and id_ecdsa.pub
112

DATA TYPES

114   Client Options
115       client_options() = [client_option()]
116
117       client_option() =
118           ssh_file:pubkey_passphrase_client_options() |
119           host_accepting_client_options() |
120           authentication_client_options() |
121           diffie_hellman_group_exchange_client_option() |
122           connect_timeout_client_option() |
123           recv_ext_info_client_option() |
124           opaque_client_options() |
125           gen_tcp:connect_option() |
126           common_option()
127
128              Options  for  clients.  The  individual  options   are   further
129              explained below or by following the hyperlinks.
130
131       host_accepting_client_options() =
132           {silently_accept_hosts, accept_hosts()} |
133           {user_interaction, boolean()} |
134           {save_accepted_host, boolean()} |
135           {quiet_mode, boolean()}
136
137       accept_hosts() =
138           boolean() |
139           accept_callback() |
140           {HashAlgoSpec :: fp_digest_alg(), accept_callback()}
141
142       fp_digest_alg() = md5 | crypto:sha1() | crypto:sha2()
143
144       accept_callback() =
145           fun((PeerName :: string(), fingerprint()) -> boolean())
146
147       fingerprint() = string() | [string()]
148
149                silently_accept_hosts:
150                  This  option  guides the connect function on how to act when
151                  the connected server presents a Host Key that the client has
152                  not seen before. The default is to ask the user with a ques‐
153                  tion on stdio of whether to accept or reject  the  new  Host
154                  Key.  See the option user_dir for specifying the path to the
155                  file known_hosts where previously  accepted  Host  Keys  are
156                  recorded.  See also the option key_cb for the general way to
157                  handle keys.
158
159                  The option can be given in three  different  forms  as  seen
160                  above:
161
162                  * The  value  is  a  boolean(). The value true will make the
163                    client accept any unknown Host Key without any user inter‐
164                    action. The value false preserves the default behaviour of
165                    asking the user on stdio.
166
167                  * An accept_callback() will be called and the boolean return
168                    value  true  will  make  the client accept the Host Key. A
169                    return value of false will make the client to  reject  the
170                    Host  Key  and  as a result the connection will be closed.
171                    The arguments to the fun are:
172
173                    * PeerName - a string with the  name  or  address  of  the
174                      remote host.
175
176                    * FingerPrint  -  the  fingerprint of the Host Key as pub‐
177                      lic_key:ssh_hostkey_fingerprint/1 calculates it.
178
179                  * A tuple {HashAlgoSpec, accept_callback}. The  HashAlgoSpec
180                    specifies  which hash algorithm shall be used to calculate
181                    the fingerprint used in the call of the accept_callback().
182                    The  HashALgoSpec  is either an atom or a list of atoms as
183                    the  first  argument   in   public_key:ssh_hostkey_finger‐
184                    print/2. If it is a list of hash algorithm names, the Fin‐
185                    gerPrint argument in the accept_callback() will be a  list
186                    of  fingerprints  in  the  same order as the corresponding
187                    name in the HashAlgoSpec list.
188
189                user_interaction:
190                  If false, disables the client to connect to  the  server  if
191                  any user interaction is needed, such as accepting the server
192                  to be added to the known_hosts file, or  supplying  a  pass‐
193                  word.
194
195                  Even  if user interaction is allowed it can be suppressed by
196                  other options, such as silently_accept_hosts  and  password.
197                  However,  those options are not always desirable to use from
198                  a security point of view.
199
200                  Defaults to true.
201
202                save_accepted_host:
203                  If true, the client saves an accepted host key to avoid  the
204                  accept question the next time the same host is connected. If
205                  the option key_cb is not present, the key is  saved  in  the
206                  file  "known_hosts". See option user_dir for the location of
207                  that file.
208
209                  If false, the key is not saved and the  key  will  still  be
210                  unknown at the next access of the same host.
211
212                  Defaults to true
213
214                quiet_mode:
215                  If  true,  the  client does not print anything on authoriza‐
216                  tion.
217
218                  Defaults to false
219
220       authentication_client_options() =
221           {user, string()} | {password, string()}
222
223                user:
224                  Provides the username. If this  option  is  not  given,  ssh
225                  reads  from  the environment (LOGNAME or USER on UNIX, USER‐
226                  NAME on Windows).
227
228                password:
229                  Provides a password for  password  authentication.  If  this
230                  option  is  not  given, the user is asked for a password, if
231                  the password authentication method is attempted.
232
233       diffie_hellman_group_exchange_client_option() =
234           {dh_gex_limits,
235            {Min :: integer() >= 1,
236             I :: integer() >= 1,
237             Max :: integer() >= 1}}
238
239              Sets the  three  diffie-hellman-group-exchange  parameters  that
240              guides  the  connected  server in choosing a group. See RFC 4419
241              for the details. The default value is {1024, 6144, 8192}.
242
243       connect_timeout_client_option() = {connect_timeout, timeout()}
244
245              Sets a timeout on the transport layer connect time. For  gen_tcp
246              the time is in milli-seconds and the default value is infinity.
247
248              See  the  parameter  Timeout  in  connect/4 for a timeout of the
249              negotiation phase.
250
251       recv_ext_info_client_option() = {recv_ext_info, boolean()}
252
253              Make the client tell the server that the client  accepts  exten‐
254              sion  negotiation,  that  is,  include ext-info-c in the kexinit
255              message sent. See RFC 8308 for details and ssh(6) for a list  of
256              currently implemented extensions.
257
258              Default value is true which is compatible with other implementa‐
259              tions not supporting ext-info.
260
261   Daemon Options (Server Options)
262       daemon_options() = [daemon_option()]
263
264       daemon_option() =
265           subsystem_daemon_option() |
266           shell_daemon_option() |
267           exec_daemon_option() |
268           ssh_cli_daemon_option() |
269           authentication_daemon_options() |
270           diffie_hellman_group_exchange_daemon_option() |
271           negotiation_timeout_daemon_option() |
272           hardening_daemon_options() |
273           callbacks_daemon_options() |
274           send_ext_info_daemon_option() |
275           opaque_daemon_options() |
276           gen_tcp:listen_option() |
277           common_option()
278
279              Options  for  daemons.  The  individual  options   are   further
280              explained below or by following the hyperlinks.
281
282       subsystem_daemon_option() = {subsystems, subsystem_specs()}
283
284       subsystem_specs() = [subsystem_spec()]
285
286       subsystem_spec() = {Name :: string(), mod_args()}
287
288              Defines a subsystem in the daemon.
289
290              The  subsystem_name  is the name that a client requests to start
291              with for example ssh_connection:subsystem/4.
292
293              The  channel_callback  is  the  module   that   implements   the
294              ssh_server_channel  (replaces  ssh_daemon_channel)  behaviour in
295              the daemon. See the section Creating a Subsystem in  the  User's
296              Guide for more information and an example.
297
298              If   the   subsystems  option  is  not  present,  the  value  of
299              ssh_sftpd:subsystem_spec([]) is used. This enables the sftp sub‐
300              system  by  default.  The option can be set to the empty list if
301              you do not want the daemon to run any subsystems.
302
303       shell_daemon_option() =
304           {shell, mod_fun_args() | 'shell_fun/1'() | 'shell_fun/2'()}
305
306       'shell_fun/1'() = fun((User :: string()) -> pid())
307
308       'shell_fun/2'() =
309           fun((User :: string(), PeerAddr :: inet:ip_address()) -> pid())
310
311              Defines the read-eval-print loop used in a daemon when  a  shell
312              is  requested  by  the  client. The default is to use the Erlang
313              shell: {shell, start, []}
314
315              See the option exec for a description of how the daemon  execute
316              exec-requests depending on the shell- and exec-options.
317
318       exec_daemon_option() = {exec, exec_spec()}
319
320       exec_spec() = {direct, exec_fun()}
321
322       exec_fun() = 'exec_fun/1'() | 'exec_fun/2'() | 'exec_fun/3'()
323
324       'exec_fun/1'() = fun((Cmd :: string()) -> exec_result())
325
326       'exec_fun/2'() =
327           fun((Cmd :: string(), User :: string()) -> exec_result())
328
329       'exec_fun/3'() =
330           fun((Cmd :: string(),
331                User :: string(),
332                ClientAddr :: ip_port()) ->
333                   exec_result())
334
335       exec_result() =
336           {ok, Result :: term()} | {error, Reason :: term()}
337
338              This  option  changes  how the daemon execute exec-requests from
339              clients. The term in the return value is formatted to  a  string
340              if  it is a non-string type. No trailing newline is added in the
341              ok-case but in the error case.
342
343              Error texts are returned on  channel-type  1  which  usually  is
344              piped  to  stderr  on e.g Linux systems. Texts from a successful
345              execution will in similar manner be piped to stdout.  The  exit-
346              status code is set to 0 for success and -1 for errors. The exact
347              results presented on the client side depends on the  client  and
348              the client's operating system.
349
350              The  option  cooperates with the daemon-option shell in the fol‐
351              lowing way:
352
353                1. If the exec-option is present (the shell-option may or  may
354                not be present)::
355                  The exec-option fun is called with the same number of param‐
356                  eters as the arity of the fun, and the result is returned to
357                  the client.
358
359                2. If the exec-option is absent, but a shell-option is present
360                with the default Erlang shell::
361                  The default Erlang evaluator  is  used  and  the  result  is
362                  returned to the client.
363
364                3. If the exec-option is absent, but a shell-option is present
365                that is not the default Erlang shell::
366                  The exec-request is not evaluated and an  error  message  is
367                  returned to the client.
368
369                4.   If  neither  the  exec-option  nor  the  shell-option  is
370                present::
371                  The default Erlang evaluator  is  used  and  the  result  is
372                  returned to the client.
373
374              If  a custom CLI is installed (see the option ssh_cli) the rules
375              above are replaced by thoose implied by the custom CLI.
376
377          Note:
378              The exec-option has existed for a long time but has  not  previ‐
379              ously  been  documented.  The  old  definition and behaviour are
380              retained but obey the rules 1-4 above if  conflicting.  The  old
381              and undocumented style should not be used in new programs.
382
383
384       ssh_cli_daemon_option() = {ssh_cli, mod_args() | no_cli}
385
386              Provides your own CLI implementation in a daemon.
387
388              It is a channel callback module that implements a shell and com‐
389              mand execution. The shell's read-eval-print loop can be  custom‐
390              ized,  using  the option shell. This means less work than imple‐
391              menting an own CLI channel. If ssh_cli is set to no_cli, the CLI
392              channels  like  shell  and  exec are disabled and only subsystem
393              channels are allowed.
394
395       authentication_daemon_options() =
396           ssh_file:system_dir_daemon_option() |
397           {auth_method_kb_interactive_data, prompt_texts()} |
398           {user_passwords, [{UserName :: string(), Pwd :: string()}]} |
399           {password, string()} |
400           {pwdfun, pwdfun_2() | pwdfun_4()}
401
402       prompt_texts() = kb_int_tuple() | kb_int_fun_3()
403
404       kb_int_tuple() =
405           {Name :: string(),
406            Instruction :: string(),
407            Prompt :: string(),
408            Echo :: boolean()}
409
410       kb_int_fun_3() =
411           fun((Peer :: ip_port(), User :: string(), Service :: string()) ->
412                   kb_int_tuple())
413
414       pwdfun_2() =
415           fun((User :: string(), Password :: string()) -> boolean())
416
417       pwdfun_4() =
418           fun((User :: string(),
419                Password :: string(),
420                PeerAddress :: ip_port(),
421                State :: any()) ->
422                   boolean() |
423                   disconnect |
424                   {boolean(), NewState :: any()})
425
426                auth_method_kb_interactive_data:
427                  Sets the text strings that the daemon sends  to  the  client
428                  for presentation to the user when using keyboard-interactive
429                  authentication.
430
431                  If the fun/3 is used, it is called when the actual authenti‐
432                  cation  occurs  and  may  therefore return dynamic data like
433                  time, remote ip etc.
434
435                  The parameter Echo guides the client about need to hide  the
436                  password.
437
438                  The   default  value  is:  {auth_method_kb_interactive_data,
439                  {"SSH server", "Enter password for  \""++User++"\"",  "pass‐
440                  word: ", false}>
441
442                user_passwords:
443                  Provides  passwords  for  password authentication. The pass‐
444                  words are used when someone tries to connect to  the  server
445                  and  public  key  user-authentication fails. The option pro‐
446                  vides a list of valid usernames and the corresponding  pass‐
447                  words.
448
449                password:
450                  Provides a global password that authenticates any user.
451
452            Warning:
453                Intended to facilitate testing.
454
455                From  a security perspective this option makes the server very
456                vulnerable.
457
458
459                pwdfun with pwdfun_4():
460                  Provides a function for password validation. This could used
461                  for calling an external system or handeling passwords stored
462                  as hash values.
463
464                  This fun can also be used to make delays  in  authentication
465                  tries for example by calling timer:sleep/1.
466
467                  To  facilitate  for  instance  counting of failed tries, the
468                  State variable could be used. This state is  per  connection
469                  only.  The first time the pwdfun is called for a connection,
470                  the State variable has the value undefined.
471
472                  The fun should return:
473
474                  * true if the user and password is valid
475
476                  * false if the user or password is invalid
477
478                  * disconnect if a SSH_MSG_DISCONNECT message should be  sent
479                    immediately.  It will be followed by a close of the under‐
480                    lying tcp connection.
481
482                  * {true, NewState:any()} if the user and password is valid
483
484                  * {false, NewState:any()} if the user or password is invalid
485
486                  A third usage is to block login attempts from a missbehaving
487                  peer.  The  State  described above can be used for this. The
488                  return value disconnect is useful for this.
489
490                pwdfun with pwdfun_2():
491                  Provides a function for password validation.  This  function
492                  is called with user and password as strings, and returns:
493
494                  * true if the user and password is valid
495
496                  * false if the user or password is invalid
497
498                  This variant is kept for compatibility.
499
500       diffie_hellman_group_exchange_daemon_option() =
501           {dh_gex_groups,
502            [explicit_group()] |
503            explicit_group_file() |
504            ssh_moduli_file()} |
505           {dh_gex_limits, {Min :: integer() >= 1, Max :: integer() >= 1}}
506
507       explicit_group() =
508           {Size :: integer() >= 1,
509            G :: integer() >= 1,
510            P :: integer() >= 1}
511
512       explicit_group_file() = {file, string()}
513
514       ssh_moduli_file() = {ssh_moduli_file, string()}
515
516                dh_gex_groups:
517                  Defines  the groups the server may choose among when diffie-
518                  hellman-group-exchange  is  negotiated.  See  RFC  4419  for
519                  details. The three variants of this option are:
520
521                  {Size=integer(),G=integer(),P=integer()}:
522                    The groups are given explicitly in this list. There may be
523                    several elements with the same Size. In such a  case,  the
524                    server will choose one randomly in the negotiated Size.
525
526                  {file,filename()}:
527                    The  file  must  have one or more three-tuples {Size=inte‐
528                    ger(),G=integer(),P=integer()} terminated by  a  dot.  The
529                    file is read when the daemon starts.
530
531                  {ssh_moduli_file,filename()}:
532                    The  file  must  be  in ssh-keygen moduli file format. The
533                    file is read when the daemon starts.
534
535                  The default list is fetched from the public_key application.
536
537                dh_gex_limits:
538                  Limits what a client can ask  for  in  diffie-hellman-group-
539                  exchange.  The limits will be {MaxUsed = min(MaxClient,Max),
540                  MinUsed = max(MinClient,Min)} where MaxClient and  MinClient
541                  are the values proposed by a connecting client.
542
543                  The default value is {0,infinity}.
544
545                  If  MaxUsed < MinUsed in a key exchange, it will fail with a
546                  disconnect.
547
548                  See RFC 4419 for the function of the Max and Min values.
549
550       negotiation_timeout_daemon_option() =
551           {negotiation_timeout, timeout()}
552
553              Maximum time in milliseconds for the authentication negotiation.
554              Defaults to 120000 ms (2 minutes). If the client fails to log in
555              within this time, the connection is closed.
556
557       hardening_daemon_options() =
558           {max_sessions, integer() >= 1} |
559           {max_channels, integer() >= 1} |
560           {parallel_login, boolean()} |
561           {minimal_remote_max_packet_size, integer() >= 1}
562
563                max_sessions:
564                  The  maximum  number  of  simultaneous  sessions  that   are
565                  accepted at any time for this daemon. This includes sessions
566                  that are being authorized. Thus, if set to N, and N  clients
567                  have connected but not started the login process, connection
568                  attempt N+1 is aborted. If N connections  are  authenticated
569                  and  still  logged in, no more logins are accepted until one
570                  of the existing ones log out.
571
572                  The counter is per listening port. Thus, if two daemons  are
573                  started,  one  with  {max_sessions,N}  and  the  other  with
574                  {max_sessions,M}, in total N+M connections are accepted  for
575                  the whole ssh application.
576
577                  Notice that if parallel_login is false, only one client at a
578                  time can be in the authentication phase.
579
580                  By default, this option is not set. This means that the num‐
581                  ber is not limited.
582
583                max_channels:
584                  The  maximum number of channels with active remote subsystem
585                  that are accepted for each connection to this daemon
586
587                  By default, this option is not set. This means that the num‐
588                  ber is not limited.
589
590                parallel_login:
591                  If  set to false (the default value), only one login is han‐
592                  dled at a time. If set to true, an unlimited number of login
593                  attempts are allowed simultaneously.
594
595                  If the max_sessions option is set to N and parallel_login is
596                  set to  true,  the  maximum  number  of  simultaneous  login
597                  attempts  at any time is limited to N-K, where K is the num‐
598                  ber of authenticated connections present at this daemon.
599
600            Warning:
601                Do not enable parallel_logins without protecting the server by
602                other  means,  for  example,  by  the max_sessions option or a
603                firewall configuration. If set to true, there is no protection
604                against DOS attacks.
605
606
607                minimal_remote_max_packet_size:
608                  The least maximum packet size that the daemon will accept in
609                  channel open requests from the client. The default value  is
610                  0.
611
612       callbacks_daemon_options() =
613           {failfun,
614            fun((User :: string(),
615                 PeerAddress :: inet:ip_address(),
616                 Reason :: term()) ->
617                    term())} |
618           {connectfun,
619            fun((User :: string(),
620                 PeerAddress :: inet:ip_address(),
621                 Method :: string()) ->
622                    term())}
623
624                connectfun:
625                  Provides  a  fun  to  implement your own logging when a user
626                  authenticates to the server.
627
628                failfun:
629                  Provides a fun to implement your own  logging  when  a  user
630                  fails to authenticate.
631
632       send_ext_info_daemon_option() = {send_ext_info, boolean()}
633
634              Make the server (daemon) tell the client that the server accepts
635              extension negotiation, that is, include ext-info-s in  the  kex‐
636              init  message  sent.  See  RFC 8308 for details and ssh(6) for a
637              list of currently implemented extensions.
638
639              Default value is true which is compatible with other implementa‐
640              tions not supporting ext-info.
641
642   Options common to clients and daemons
643       common_options() = [common_option()]
644
645       common_option() =
646           ssh_file:user_dir_common_option() |
647           profile_common_option() |
648           max_idle_time_common_option() |
649           key_cb_common_option() |
650           disconnectfun_common_option() |
651           unexpectedfun_common_option() |
652           ssh_msg_debug_fun_common_option() |
653           rekey_limit_common_option() |
654           id_string_common_option() |
655           pref_public_key_algs_common_option() |
656           preferred_algorithms_common_option() |
657           modify_algorithms_common_option() |
658           auth_methods_common_option() |
659           inet_common_option() |
660           fd_common_option()
661
662              The  options  above  can  be used both in clients and in daemons
663              (servers). They are further explained below.
664
665       profile_common_option() = {profile, atom()}
666
667              Used together with ip-address and port to  uniquely  identify  a
668              ssh  daemon.  This  can  be useful in a virtualized environment,
669              where there can be more that one server that has  the  same  ip-
670              address  and port. If this property is not explicitly set, it is
671              assumed that the the ip-address and port uniquely identifies the
672              SSH daemon.
673
674       max_idle_time_common_option() = {idle_time, timeout()}
675
676              Sets  a  time-out  on  a connection when no channels are active.
677              Defaults to infinity.
678
679       rekey_limit_common_option() =
680           {rekey_limit,
681            Bytes ::
682                limit_bytes() |
683                {Minutes :: limit_time(), Bytes :: limit_bytes()}}
684
685       limit_bytes() = integer() >= 0 | infinity
686
687       limit_time() = integer() >= 1 | infinity
688
689              Sets the limit when rekeying is to be initiated.  Both  the  max
690              time and max amount of data could be configured:
691
692                * {Minutes,  Bytes}  initiate  rekeying when any of the limits
693                  are reached.
694
695                * Bytes initiate rekeying  when  Bytes  number  of  bytes  are
696                  transferred, or at latest after one hour.
697
698              When a rekeying is done, both the timer and the byte counter are
699              restarted. Defaults to one hour and one GByte.
700
701              If Minutes is set to infinity, no rekeying will ever  occur  due
702              to  that  max  time  has  passed. Setting Bytes to infinity will
703              inhibit rekeying after a certain amount of data has been  trans‐
704              ferred.  If  the option value is set to {infinity, infinity}, no
705              rekeying will be initiated. Note that rekeying initiated by  the
706              peer will still be performed.
707
708       key_cb_common_option() =
709           {key_cb,
710            Module :: atom() | {Module :: atom(), Opts :: [term()]}}
711
712              Module  implementing  the  behaviour  ssh_client_key_api  and/or
713              ssh_server_key_api. Can be used to  customize  the  handling  of
714              public  keys.  If  callback  options are provided along with the
715              module name, they are made available to the callback module  via
716              the options passed to it under the key 'key_cb_private'.
717
718              The Opts defaults to [] when only the Module is specified.
719
720              The default value of this option is {ssh_file, []}. See also the
721              manpage of ssh_file.
722
723              A call to the call-back function F will be
724
725                     Module:F(..., [{key_cb_private,Opts}|UserOptions])
726
727
728              where ... are arguments to F  as  in  ssh_client_key_api  and/or
729              ssh_server_key_api.  The  UserOptions  are  the options given to
730              ssh:connect, ssh:shell or ssh:daemon.
731
732       pref_public_key_algs_common_option() =
733           {pref_public_key_algs, [pubkey_alg()]}
734
735              List of user (client) public key algorithms to try to use.
736
737              The default value is the public_key entry in the  list  returned
738              by ssh:default_algorithms/0.
739
740              If  there  is  no  public key of a specified type available, the
741              corresponding entry is ignored. Note that the available  set  is
742              dependent  on the underlying cryptolib and current user's public
743              keys.
744
745              See also the option user_dir for  specifying  the  path  to  the
746              user's keys.
747
748       disconnectfun_common_option() =
749           {disconnectfun, fun((Reason :: term()) -> void | any())}
750
751              Provides  a fun to implement your own logging when the peer dis‐
752              connects.
753
754       unexpectedfun_common_option() =
755           {unexpectedfun,
756            fun((Message :: term(), {Host :: term(), Port :: term()}) ->
757                    report | skip)}
758
759              Provides a fun to implement your own  logging  or  other  action
760              when  an  unexpected  message arrives. If the fun returns report
761              the usual info report is issued  but  if  skip  is  returned  no
762              report is generated.
763
764       ssh_msg_debug_fun_common_option() =
765           {ssh_msg_debug_fun,
766            fun((ssh:connection_ref(),
767                 AlwaysDisplay :: boolean(),
768                 Msg :: binary(),
769                 LanguageTag :: binary()) ->
770                    any())}
771
772              Provide  a  fun to implement your own logging of the SSH message
773              SSH_MSG_DEBUG. The last three parameters are from  the  message,
774              see  RFC  4253, section 11.3. The connection_ref() is the refer‐
775              ence to the connection on which the message arrived. The  return
776              value from the fun is not checked.
777
778              The  default  behaviour is ignore the message. To get a printout
779              for each message with AlwaysDisplay  =  true,  use  for  example
780              {ssh_msg_debug_fun,  fun(_,true,M,_)->  io:format("DEBUG: ~p~n",
781              [M]) end}
782
783       id_string_common_option() =
784           {id_string,
785            string() |
786            random |
787            {random, Nmin :: integer() >= 1, Nmax :: integer() >= 1}}
788
789              The string the daemon will present to  a  connecting  peer  ini‐
790              tially.  The  default value is "Erlang/VSN" where VSN is the ssh
791              application version number.
792
793              The value random will cause a random string  to  be  created  at
794              each connection attempt. This is to make it a bit more difficult
795              for a malicious peer to find the ssh software brand and version.
796
797              The value {random, Nmin, Nmax} will make a random string with at
798              least Nmin characters and at most Nmax characters.
799
800       preferred_algorithms_common_option() =
801           {preferred_algorithms, algs_list()}
802
803       algs_list() = [alg_entry()]
804
805       alg_entry() =
806           {kex, [kex_alg()]} |
807           {public_key, [pubkey_alg()]} |
808           {cipher, double_algs(cipher_alg())} |
809           {mac, double_algs(mac_alg())} |
810           {compression, double_algs(compression_alg())}
811
812       kex_alg() =
813           'diffie-hellman-group-exchange-sha1' |
814           'diffie-hellman-group-exchange-sha256' |
815           'diffie-hellman-group1-sha1' | 'diffie-hellman-group14-sha1' |
816           'diffie-hellman-group14-sha256' |
817           'diffie-hellman-group16-sha512' |
818           'diffie-hellman-group18-sha512' | 'curve25519-sha256' |
819           'curve25519-sha256@libssh.org' | 'curve448-sha512' |
820           'ecdh-sha2-nistp256' | 'ecdh-sha2-nistp384' |
821           'ecdh-sha2-nistp521'
822
823       pubkey_alg() =
824           'ecdsa-sha2-nistp256' | 'ecdsa-sha2-nistp384' |
825           'ecdsa-sha2-nistp521' | 'ssh-ed25519' | 'ssh-ed448' |
826           'rsa-sha2-256' | 'rsa-sha2-512' | 'ssh-dss' | 'ssh-rsa'
827
828       cipher_alg() =
829           '3des-cbc' | 'AEAD_AES_128_GCM' | 'AEAD_AES_256_GCM' |
830           'aes128-cbc' | 'aes128-ctr' | 'aes128-gcm@openssh.com' |
831           'aes192-ctr' | 'aes256-ctr' | 'aes256-gcm@openssh.com' |
832           'chacha20-poly1305@openssh.com'
833
834       mac_alg() =
835           'AEAD_AES_128_GCM' | 'AEAD_AES_256_GCM' | 'hmac-sha1' |
836           'hmac-sha2-256' | 'hmac-sha2-512'
837
838       compression_alg() = none | zlib | 'zlib@openssh.com'
839
840       double_algs(AlgType) =
841           [{client2server, [AlgType]} | {server2client, [AlgType]}] |
842           [AlgType]
843
844              List  of  algorithms  to  use  in the algorithm negotiation. The
845              default algs_list() can be obtained from default_algorithms/0.
846
847              If an alg_entry() is missing in  the  algs_list(),  the  default
848              value is used for that entry.
849
850              Here is an example of this option:
851
852                     {preferred_algorithms,
853                     [{public_key,['ssh-rsa','ssh-dss']},
854                     {cipher,[{client2server,['aes128-ctr']},
855                        {server2client,['aes128-cbc','3des-cbc']}]},
856                     {mac,['hmac-sha2-256','hmac-sha1']},
857                     {compression,[none,zlib]}
858                     ]
859                     }
860
861
862              The example specifies different algorithms in the two directions
863              (client2server and server2client), for cipher but specifies  the
864              same  algorithms for mac and compression in both directions. The
865              kex (key exchange) is implicit but public_key is set explicitly.
866
867              For background and more examples see the User's Guide.
868
869              If an algorithm name occurs more than once in a list, the behav‐
870              iour  is  undefined.  The  tags  in  the property lists are also
871              assumed to occur at most one time.
872
873          Warning:
874              Changing the values can make a connection less  secure.  Do  not
875              change unless you know exactly what you are doing. If you do not
876              understand the values then you are not supposed to change them.
877
878
879       modify_algorithms_common_option() =
880           {modify_algorithms, modify_algs_list()}
881
882       modify_algs_list() =
883           [{append, algs_list()} |
884            {prepend, algs_list()} |
885            {rm, algs_list()}]
886
887              Modifies the list of algorithms to use in the algorithm negotia‐
888              tion.  The  modifications  are  applied  after  the  option pre‐
889              ferred_algorithms (if existing) is applied.
890
891              The algoritm for modifications works like this:
892
893                * Input is the modify_algs_list() and a set  of  algorithms  A
894                  obtained  from  the preferred_algorithms option if existing,
895                  or else from the ssh:default_algorithms/0.
896
897                * The head of the modify_algs_list()  modifies  A  giving  the
898                  result A'.
899
900                  The possible modifications are:
901
902                  * Append  or  prepend supported but not enabled algorithm(s)
903                    to the  list  of  algorithms.  If  the  wanted  algorithms
904                    already  are  in  A  they  will  first be removed and then
905                    appended or prepended,
906
907                  * Remove (rm) one or more algorithms from A.
908
909                * Repeat  the  modification  step  with  the  tail   of   mod‐
910                  ify_algs_list() and the resulting A'.
911
912              If  an  unsupported  algorithm  is in the modify_algs_list(), it
913              will be silently ignored
914
915              If there are more than one modify_algorithms options, the result
916              is undefined.
917
918              Here is an example of this option:
919
920                     {modify_algorithms,
921                     [{prepend, [{kex, ['diffie-hellman-group1-sha1']}],
922                     {rm,      [{compression, [none]}]}
923                     ]
924                     }
925
926
927              The example specifies that:
928
929                * the  old key exchange algorithm 'diffie-hellman-group1-sha1'
930                  should be the main alternative. It will be the main alterna‐
931                  tive since it is prepened to the list
932
933                * The compression algorithm none (= no compression) is removed
934                  so compression is enforced
935
936              For background and more examples see the User's Guide.
937
938       inet_common_option() = {inet, inet | inet6}
939
940              IP version to use when the host address is specified as any.
941
942       auth_methods_common_option() = {auth_methods, string()}
943
944              Comma-separated  string  that  determines  which  authentication
945              methods  that  the  client shall support and in which order they
946              are tried. Defaults to "publickey,keyboard-interactive,password"
947
948              Note that the client is free to use any  order  and  to  exclude
949              methods.
950
951       fd_common_option() = {fd, gen_tcp:socket()}
952
953              Allows  an existing file-descriptor to be used (passed on to the
954              transport protocol).
955
956   Other data types
957       host() = string() | inet:ip_address() | loopback
958
959       ip_port() = {inet:ip_address(), inet:port_number()}
960
961       mod_args() = {Module :: atom(), Args :: list()}
962
963       mod_fun_args() =
964           {Module :: atom(), Function :: atom(), Args :: list()}
965
966       open_socket() = gen_tcp:socket()
967
968              The socket is supposed to be result of a  gen_tcp:connect  or  a
969              gen_tcp:accept.  The  socket  must  be in passive mode (that is,
970              opened with the option {active,false}).
971
972       daemon_ref()
973
974              Opaque data type representing a daemon.
975
976              Returned by the functions daemon/1,2,3.
977
978       connection_ref()
979
980              Opaque data type representing a connection between a client  and
981              a server (daemon).
982
983              Returned by the functions connect/2,3,4 and ssh_sftp:start_chan‐
984              nel/2,3.
985
986       channel_id()
987
988              Opaque data type representing a channel inside a connection.
989
990              Returned by the functions ssh_connection:session_channel/2,4.
991
992       connection_info_tuple() =
993           {client_version, version()} |
994           {server_version, version()} |
995           {user, string()} |
996           {peer, {inet:hostname(), ip_port()}} |
997           {sockname, ip_port()} |
998           {options, client_options()} |
999           {algorithms, conn_info_algs()} |
1000           {channels, conn_info_channels()}
1001
1002       version() = {protocol_version(), software_version()}
1003
1004       protocol_version() =
1005           {Major :: integer() >= 1, Minor :: integer() >= 0}
1006
1007       software_version() = string()
1008
1009       conn_info_algs() =
1010           [{kex, kex_alg()} |
1011            {hkey, pubkey_alg()} |
1012            {encrypt, cipher_alg()} |
1013            {decrypt, cipher_alg()} |
1014            {send_mac, mac_alg()} |
1015            {recv_mac, mac_alg()} |
1016            {compress, compression_alg()} |
1017            {decompress, compression_alg()} |
1018            {send_ext_info, boolean()} |
1019            {recv_ext_info, boolean()}]
1020
1021       conn_info_channels() = [proplists:proplist()]
1022
1023              Return values from the connection_info/1  and  connection_info/2
1024              functions.
1025
1026              In the option info tuple are only the options included that dif‐
1027              fers from the default values.
1028
1029       daemon_info_tuple() =
1030           {port, inet:port_number()} |
1031           {ip, inet:ip_address()} |
1032           {profile, atom()} |
1033           {options, daemon_options()}
1034
1035              Return values from the  daemon_info/1  and  daemon_info/2  func‐
1036              tions.
1037
1038              In the option info tuple are only the options included that dif‐
1039              fers from the default values.
1040
1041       opaque_client_options
1042
1043       opaque_daemon_options
1044
1045       opaque_common_options
1046
1047              Opaque types that define experimental options that are not to be
1048              used in products.
1049

EXPORTS

1051       close(ConnectionRef) -> ok | {error, term()}
1052
1053              Types:
1054
1055                 ConnectionRef = connection_ref()
1056
1057              Closes an SSH connection.
1058
1059       connect(Host, Port, Options) -> Result
1060       connect(Host, Port, Options, NegotiationTimeout) -> Result
1061       connect(TcpSocket, Options) -> Result
1062       connect(TcpSocket, Options, NegotiationTimeout) -> Result
1063
1064              Types:
1065
1066                 Host = host()
1067                 Port = inet:port_number()
1068                 Options = client_options()
1069                 TcpSocket = open_socket()
1070                 NegotiationTimeout = timeout()
1071                 Result = {ok, connection_ref()} | {error, term()}
1072
1073              Connects to an SSH server at the Host on Port.
1074
1075              As an alternative, an already open TCP socket could be passed to
1076              the function in TcpSocket. The SSH  initiation  and  negotiation
1077              will be initiated on that one with the SSH that should be at the
1078              other end.
1079
1080              No channel is started. This  is  done  by  calling   ssh_connec‐
1081              tion:session_channel/[2, 4].
1082
1083              The NegotiationTimeout is in milli-seconds. The default value is
1084              infinity. For connection timeout, use the  option  connect_time‐
1085              out.
1086
1087       connection_info(ConnectionRef) -> InfoTupleList
1088
1089       connection_info(ConnectionRef, Key :: ItemList | Item) ->
1090                          InfoTupleList | InfoTuple
1091
1092              Types:
1093
1094                 ConnectionRef = connection_ref()
1095                 ItemList = [Item]
1096                 Item =
1097                     client_version  | server_version | user | peer | sockname
1098                 |
1099                     options | algorithms | sockname
1100                 InfoTupleList = [InfoTuple]
1101                 InfoTuple = connection_info_tuple()
1102
1103              Returns information about a connection intended for  e.g  debug‐
1104              ging or logging.
1105
1106              When the Key is a single Item, the result is a single InfoTuple
1107
1108       daemon(Port | TcpSocket) -> Result
1109       daemon(Port | TcpSocket, Options) -> Result
1110       daemon(HostAddress, Port, Options) -> Result
1111
1112              Types:
1113
1114                 Port = integer()
1115                 TcpSocket = open_socket()
1116                 Options = daemon_options()
1117                 HostAddress = host() | any
1118                 Result = {ok, daemon_ref()} | {error, atom()}
1119
1120              Starts a server listening for SSH connections on the given port.
1121              If the Port is 0, a random  free  port  is  selected.  See  dae‐
1122              mon_info/1 about how to find the selected port number.
1123
1124              As an alternative, an already open TCP socket could be passed to
1125              the function in TcpSocket. The SSH  initiation  and  negotiation
1126              will  be  initiated  on that one when an SSH starts at the other
1127              end of the TCP socket.
1128
1129              For a description of the options, see Daemon Options.
1130
1131              Please note that by  historical  reasons  both  the  HostAddress
1132              argument  and  the gen_tcp connect_option() {ip,Address} set the
1133              listening address. This is a  source  of  possible  inconsistent
1134              settings.
1135
1136              The rules for handling the two address passing options are:
1137
1138                * if HostAddress is an IP-address, that IP-address is the lis‐
1139                  tening address. An 'ip'-option will be discarded if present.
1140
1141                * if HostAddress is the atom loopback, the  listening  address
1142                  is  loopback  and an loopback address will be choosen by the
1143                  underlying layers.  An  'ip'-option  will  be  discarded  if
1144                  present.
1145
1146                * if  HostAddress  is  the  atom  any  and  no  'ip'-option is
1147                  present, the listening address is any and  the  socket  will
1148                  listen to all addresses
1149
1150                * if  HostAddress  is  any  and an 'ip'-option is present, the
1151                  listening address is set to the value of the 'ip'-option
1152
1153       daemon_info(DaemonRef) ->
1154                      {ok, InfoTupleList} | {error, bad_daemon_ref}
1155
1156       daemon_info(DaemonRef, Key :: ItemList | Item) ->
1157                      InfoTupleList | InfoTuple | {error, bad_daemon_ref}
1158
1159              Types:
1160
1161                 DaemonRef = daemon_ref()
1162                 ItemList = [Item]
1163                 Item = ip | port | profile | options
1164                 InfoTupleList = [InfoTuple]
1165                 InfoTuple = daemon_info_tuple()
1166
1167              Returns information about a daemon intended for e.g debugging or
1168              logging.
1169
1170              When the Key is a single Item, the result is a single InfoTuple
1171
1172              Note  that  daemon_info/1  and  daemon_info/2  returns different
1173              types due to compatibility reasons.
1174
1175       default_algorithms() -> algs_list()
1176
1177              Returns a key-value list, where the keys are the different types
1178              of algorithms and the values are the algorithms themselves.
1179
1180              See the User's Guide for an example.
1181
1182       shell(Host | TcpSocket) -> Result
1183       shell(Host | TcpSocket, Options) -> Result
1184       shell(Host, Port, Options) -> Result
1185
1186              Types:
1187
1188                 Host = host()
1189                 TcpSocket = open_socket()
1190                 Port = inet:port_number()
1191                 Options = client_options()
1192                 Result = ok | {error, Reason::term()}
1193
1194              Connects  to an SSH server at Host and Port (defaults to 22) and
1195              starts an interactive shell on that remote host.
1196
1197              As an alternative, an already open TCP socket could be passed to
1198              the  function  in  TcpSocket. The SSH initiation and negotiation
1199              will be initiated on that one and finaly a shell will be started
1200              on the host at the other end of the TCP socket.
1201
1202              For a description of the options, see Client Options.
1203
1204              The function waits for user input, and does not return until the
1205              remote shell is ended (that is, exit from the shell).
1206
1207       start() -> ok | {error, term()}
1208
1209       start(Type) -> ok | {error, term()}
1210
1211              Types:
1212
1213                 Type = permanent | transient | temporary
1214
1215              Utility function  that  starts  the  applications  crypto,  pub‐
1216              lic_key,  and  ssh. Default type is temporary. For more informa‐
1217              tion, see the application(3) manual page in Kernel.
1218
1219       stop() -> ok | {error, term()}
1220
1221              Stops the ssh application. For more information, see the  appli‐
1222              cation(3) manual page in Kernel.
1223
1224       stop_daemon(DaemonRef :: daemon_ref()) -> ok
1225
1226       stop_daemon(Address :: inet:ip_address(),
1227                   Port :: inet:port_number()) ->
1228                      ok
1229
1230       stop_daemon(Address :: any | inet:ip_address(),
1231                   Port :: inet:port_number(),
1232                   Profile :: atom()) ->
1233                      ok
1234
1235              Stops the listener and all connections started by the listener.
1236
1237       stop_listener(SysSup :: daemon_ref()) -> ok
1238
1239       stop_listener(Address :: inet:ip_address(),
1240                     Port :: inet:port_number()) ->
1241                        ok
1242
1243       stop_listener(Address :: any | inet:ip_address(),
1244                     Port :: inet:port_number(),
1245                     Profile :: term()) ->
1246                        ok
1247
1248              Stops  the  listener, but leaves existing connections started by
1249              the listener operational.
1250
1251
1252
1253Ericsson AB                         ssh 4.8                             ssh(3)
Impressum