[RFR] po4a://manpages-fr/sshd_config.5/po/fr.po
Le 27/04/2024 à 14:00, Lucien Gentis a écrit :
Bonjour,
Prochainement, une proposition de traduction de sshd_config.5
Voici la première partie de sshd_config.5 (les 2180 premières lignes).
Autres parties suivront.
Merci d’avance pour vos relectures
Lucien
# French translation of manpages
# This file is distributed under the same license as the manpages-l10n package.
# Copyright © of this file:
# Laurent GAUTROT <l dot gautrot at free dot fr>, 2002.
# Lucien Gentis <lucien.gentis@waika9.com>, 2024.
#
msgid ""
msgstr ""
"Project-Id-Version: manpages-fr\n"
"POT-Creation-Date: 2024-05-01 15:54+0200\n"
"PO-Revision-Date: 2024-05-11 15:56+0200\n"
"Last-Translator: Lucien Gentis <lucien.gentis@waika9.com>\n"
"Language-Team: French <debian-l10n-french@lists.debian.org>\n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
"X-Generator: vim-gtk3\n"
#. type: Dd
#: archlinux debian-unstable
#, no-wrap
msgid "$Mdocdate: February 21 2024 $"
msgstr "$Mdocdate: February 21 2024 $"
#. type: Dt
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "SSHD_CONFIG 5"
msgstr "SSHD_CONFIG 5"
#. type: Sh
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "NAME"
msgstr "NOM"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "E<.Nm sshd_config>"
msgstr "E<.Nm sshd_config>"
#. type: Nd
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "OpenSSH daemon configuration file"
msgstr "Fichier de configuration du démon d’OpenSSH"
#. type: Sh
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "DESCRIPTION"
msgstr "DESCRIPTION"
#. type: Plain text
#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"E<.Xr sshd 8> reads configuration data from E<.Pa /etc/ssh/sshd_config> (or "
"the file specified with E<.Fl f> on the command line). The file contains "
"keyword-argument pairs, one per line. Unless noted otherwise, for each "
"keyword, the first obtained value will be used. Lines starting with E<.Ql "
"#> and empty lines are interpreted as comments. Arguments may optionally be "
"enclosed in double quotes E<.Pq \\&\"> in order to represent arguments "
"containing spaces."
msgstr ""
"E<.Xr sshd 8> lit ses données de configuration dans le fichier E<.Pa /etc/"
"ssh/sshd_config> (ou dans le fichier spécifié à l'aide de l'option E<.Fl f> "
"sur la ligne de commande). Chaque ligne de ce fichier contient une seule "
"paire option/argument. Sauf mention contraire, c’est la première valeur lue "
"qui sera utilisée pour chaque option. Les lignes qui commencent par le "
"caractère « #> et les lignes vides sont considérées comme des commentaires. "
"Pour représenter des valeurs contenant des espaces, les arguments doivent "
"être entourés de guillemets droits doubles « \\&\" »."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The possible keywords and their meanings are as follows (note that keywords "
"are case-insensitive and arguments are case-sensitive):"
msgstr ""
"Les options disponibles et leur signification sont les suivantes (les noms "
"d’option ne sont pas sensibles à la casse, mais les arguments le sont) :"
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AcceptEnv"
msgstr "Cm AcceptEnv"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies what environment variables sent by the client will be copied into "
"the session's E<.Xr environ 7>. See E<.Cm SendEnv> and E<.Cm SetEnv> in E<."
"Xr ssh_config 5> for how to configure the client. The E<.Ev TERM> "
"environment variable is always accepted whenever the client requests a "
"pseudo-terminal as it is required by the protocol. Variables are specified "
"by name, which may contain the wildcard characters E<.Ql *> and E<.Ql \\&?"
">. Multiple environment variables may be separated by whitespace or spread "
"across multiple E<.Cm AcceptEnv> directives. Be warned that some "
"environment variables could be used to bypass restricted user environments. "
"For this reason, care should be taken in the use of this directive. The "
"default is not to accept any environment variables."
msgstr ""
"Cette option permet de spécifier quelles variables d’environnement envoyées "
"par le client seront copiées dans l’environnement de session E<.Xr environ "
"7>. Voir E<.Cm SendEnv> et E<.Cm SetEnv> dans E<.Xr ssh_config 5> pour la "
"configuration du client. La variable d’environnement E<.Ev TERM> est "
"toujours acceptée quand un client demande un pseudo-terminal comme requis "
"par le protocole. Les variables sont spécifiées à l’aide de leur nom qui "
"peut contenir les caractères génériques « * » et « \\&? ». Il est possible "
"de spécifier plusieurs variables d’environnement en les séparant par des "
"espaces ou en définissant plusieurs directives E<.Cm AcceptEnv>. Gardez à "
"l’esprit que certaines variables d’environnement pourraient être utilisées "
"pour court-circuiter des environnements utilisateur restreints ; c’est "
"pourquoi cette directive doit être utilisée avec prudence. Par défaut, "
"aucune variable d’environnement n’est acceptée."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AddressFamily"
msgstr "Cm AddressFamily"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies which address family should be used by E<.Xr sshd 8>. Valid "
"arguments are E<.Cm any> (the default), E<.Cm inet> (use IPv4 only), or E<."
"Cm inet6> (use IPv6 only)."
msgstr ""
"Cette option permet de spécifier la famille d’adresses que E<.Xr sshd 8> "
"doit utiliser. Les arguments valables sont E<.Cm any> (la valeur par "
"défaut), E<.Cm inet> (utiliser IPv4 seulement) ou E<.Cm inet6> (utiliser "
"IPv6 seulement)."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AllowAgentForwarding"
msgstr "Cm AllowAgentForwarding"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Xr ssh-agent 1> forwarding is permitted. The default "
"is E<.Cm yes>. Note that disabling agent forwarding does not improve "
"security unless users are also denied shell access, as they can always "
"install their own forwarders."
msgstr ""
"Cette option permet de spécifier si la redirection de E<.Xr ssh-agent 1> est "
"autorisée. La valeur par défaut est E<.Cm yes>. Notez que désactiver la "
"redirection d’agent n’améliore la sécurité que si les utilisateurs se voient "
"refuser l’accès à un interpréteur de commande car dans le cas contraire, ils "
"peuvent toujours installer leurs propres redirecteurs."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AllowGroups"
msgstr "Cm AllowGroups"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"This keyword can be followed by a list of group name patterns, separated by "
"spaces. If specified, login is allowed only for users whose primary group "
"or supplementary group list matches one of the patterns. Only group names "
"are valid; a numerical group ID is not recognized. By default, login is "
"allowed for all groups. The allow/deny groups directives are processed in "
"the following order: E<.Cm DenyGroups>, E<.Cm AllowGroups>."
msgstr ""
"Cette option peut être suivie d'une liste de motifs de nom de groupe séparés "
"par des espaces. Si elle est spécifiée, seuls les utilisateurs dont le "
"groupe principal ou les groupes supplémentaires correspondent à un des "
"motifs sont autorisés à se connecter. Seuls les noms de groupes sont "
"valables ; les identifiants de groupes (GID) numériques ne sont pas "
"reconnus. Par défaut, tous les groupes son autorisés à se connecter. Les "
"directives de groupe allow/deny sont traitées dans l’ordre suivant : E<.Cm "
"DenyGroups>, E<.Cm AllowGroups>."
#. type: Plain text
#: archlinux debian-unstable fedora-40 fedora-rawhide mageia-cauldron
#: opensuse-tumbleweed
msgid ""
"See PATTERNS in E<.Xr ssh_config 5> for more information on patterns. This "
"keyword may appear multiple times in E<.Nm> with each instance appending to "
"the list."
msgstr ""
"Voir la section MOTIFS dans E<.Xr ssh_config 5> pour plus d’informations à "
"propos des motifs. Cette option peut apparaître plusieurs fois dans E<.Nm>, "
"chaque instance s’ajoutant à la liste."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AllowStreamLocalForwarding"
msgstr "Cm AllowStreamLocalForwarding"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether StreamLocal (Unix-domain socket) forwarding is permitted. "
"The available options are E<.Cm yes> (the default) or E<.Cm all> to allow "
"StreamLocal forwarding, E<.Cm no> to prevent all StreamLocal forwarding, E<."
"Cm local> to allow local (from the perspective of E<.Xr ssh 1>) forwarding "
"only or E<.Cm remote> to allow remote forwarding only. Note that disabling "
"StreamLocal forwarding does not improve security unless users are also "
"denied shell access, as they can always install their own forwarders."
msgstr ""
"Cette option permet de spécifier si la redirection de StreamLocal (socket de "
"domaine Unix) est autorisée. Les arguments valables sont E<.Cm yes> (la "
"valeur par défaut), E<.Cm all> pour autoriser la redirection de StreamLocal, "
"E<.Cm no> pour interdire toute redirection de StreamLocal, E<.Cm local> pour "
"n’autoriser que la redirection locale (vue de E<.Xr ssh 1>) ou E<.Cm remote> "
"pour n’autoriser que la redirection distante. Notez que désactiver la "
"redirection de StreamLocal n’améliore la sécurité que si les utilisateurs se "
"voient refuser l’accès à un interpréteur de commande car dans le cas "
"contraire, ils peuvent toujours installer leurs propres redirecteurs."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AllowTcpForwarding"
msgstr "Cm AllowTcpForwarding"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether TCP forwarding is permitted. The available options are E<."
"Cm yes> (the default) or E<.Cm all> to allow TCP forwarding, E<.Cm no> to "
"prevent all TCP forwarding, E<.Cm local> to allow local (from the "
"perspective of E<.Xr ssh 1>) forwarding only or E<.Cm remote> to allow "
"remote forwarding only. Note that disabling TCP forwarding does not improve "
"security unless users are also denied shell access, as they can always "
"install their own forwarders."
msgstr ""
"Cette option permet de spécifier si les redirections TCP sont autorisées. "
"Les arguments valables sont E<.Cm yes> (la valeur par défaut), E<.Cm all> "
"pour autoriser la redirection TCP, E<.Cm no> pour interdire toute "
"redirection TCP, E<.Cm local> pour n’autoriser que la redirection locale "
"(vue de E<.Xr ssh 1>) ou E<.Cm remote> pour n’autoriser que la redirection "
"distante. Notez que désactiver la redirection TCP n’améliore la sécurité que "
"si les utilisateurs se voient refuser l’accès à un interpréteur de commande "
"car dans le cas contraire, ils peuvent toujours installer leurs propres "
"redirecteurs."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AllowUsers"
msgstr "Cm AllowUsers"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"This keyword can be followed by a list of user name patterns, separated by "
"spaces. If specified, login is allowed only for user names that match one "
"of the patterns. Only user names are valid; a numerical user ID is not "
"recognized. By default, login is allowed for all users. If the pattern "
"takes the form USER@HOST then USER and HOST are separately checked, "
"restricting logins to particular users from particular hosts. HOST criteria "
"may additionally contain addresses to match in CIDR address/masklen format. "
"The allow/deny users directives are processed in the following order: E<.Cm "
"DenyUsers>, E<.Cm AllowUsers>."
msgstr ""
"Cette option peut être suivie d'une liste de motifs de noms d'utilisateurs "
"séparés par des espaces. Si elle est spécifiée, seuls les noms "
"d'utilisateurs correspondant à un des motifs sont autorisés à se connecter. "
"Seuls les noms d’utilisateur sont valables ; un identifiant utilisateur "
"numérique (UID) ne sera pas reconnu. Par défaut, la connexion est autorisée "
"pour tous les utilisateurs. Si le motif est de la forme UTILISATEUR@HOTE, "
"UTILISATEUR et HOTE sont vérifiés séparément, ce qui permet de restreindre "
"les connexions à certains utilisateurs d’un hôte particulier. Le critère "
"HOTE peut contenir en plus une adresse à faire correspondre sous le format "
"CIDR adresse/masque. Les directives d’utilisateur allow/deny sont traitées "
"dans l’ordre suivant : E<.Cm DenyUsers>, E<.Cm AllowUsers>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AuthenticationMethods"
msgstr "Cm AuthenticationMethods"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the authentication methods that must be successfully completed for "
"a user to be granted access. This option must be followed by one or more "
"lists of comma-separated authentication method names, or by the single "
"string E<.Cm any> to indicate the default behaviour of accepting any single "
"authentication method. If the default is overridden, then successful "
"authentication requires completion of every method in at least one of these "
"lists."
msgstr ""
"Cette option permet de spécifier les méthodes d’authentification qui doivent "
"être appliquées avec succès pour qu’un utilisateur se voie autoriser "
"l’accès. Elle doit être suivie d’une ou plusieurs listes de noms de méthode "
"d’authentification séparés par des virgules ou de l’unique chaîne E<.Cm any> "
"pour indiquer le comportement par défaut qui consiste à accepter toute "
"méthode d’authentification unique. Si des listes sont spécifiées, "
"l’application avec succès de toutes les méthodes d’authentification d’au "
"moins une de ces listes sera requise pour réussir l’authentification."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"For example, E<.Qq publickey,password publickey,keyboard-interactive> would "
"require the user to complete public key authentication, followed by either "
"password or keyboard interactive authentication. Only methods that are next "
"in one or more lists are offered at each stage, so for this example it would "
"not be possible to attempt password or keyboard-interactive authentication "
"before public key."
msgstr ""
"Par exemple, E<.Qq publickey,password publickey,keyboard-interactive> "
"nécessiterait de la part de l’utilisateur une authentification par clé "
"publique suivi d’une authentification par mot de passe ou d’une "
"authentification par saisie au clavier. Les méthodes d’authentification "
"doivent être appliquées dans l’ordre selon lequel elles apparaissent dans "
"chaque liste ; ainsi, dans cet exemple, l’application d’une méthode "
"d’authentification par mot de passe ou par saisie au clavier avant "
"l’application d’une méthode d’authentification par clé publique ne serait "
"pas valable."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"For keyboard interactive authentication it is also possible to restrict "
"authentication to a specific device by appending a colon followed by the "
"device identifier E<.Cm bsdauth> or E<.Cm pam>. depending on the server "
"configuration. For example, E<.Qq keyboard-interactive:bsdauth> would "
"restrict keyboard interactive authentication to the E<.Cm bsdauth> device."
msgstr ""
"Avec l’authentification par saisie au clavier, il est aussi possible de "
"restreindre l’authentification à un dispositif spécifique en ajoutant un "
"deux-points « : » suivi de l’identifiant du dispositif E<.Cm bsdauth> ou E<."
"Cm pam>, en fonction de la configuration du serveur. Par exemple, E<.Qq "
"keyboard-interactive:bsdauth> restreint l’authentification par saisie au "
"clavier au dispositif E<.Cm bsdauth>."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"If the publickey method is listed more than once, E<.Xr sshd 8> verifies "
"that keys that have been used successfully are not reused for subsequent "
"authentications. For example, E<.Qq publickey,publickey> requires "
"successful authentication using two different public keys."
msgstr ""
"Si la méthode d’authentification par clé publique est indiquée plusieurs "
"fois, E<.Xr sshd 8> s’assure que les clés qui ont été utilisées avec succès "
"ne seront pas réutilisées pour les authentifications suivantes. Par exemple, "
"E<.Qq publickey,publickey> requiert l’utilisation de deux clés publiques "
"différentes pour une authentification réussie."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Note that each authentication method listed should also be explicitly "
"enabled in the configuration."
msgstr ""
"Notez que chaque méthode d’authentification indiquée doit aussi être "
"explicitement activée dans la configuration."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The available authentication methods are: E<.Qq gssapi-with-mic>, E<.Qq "
"hostbased>, E<.Qq keyboard-interactive>, E<.Qq none> (used for access to "
"password-less accounts when E<.Cm PermitEmptyPasswords> is enabled), E<.Qq "
"password> and E<.Qq publickey>."
msgstr ""
"Les méthodes d’authentification disponibles sont : E<.Qq gssapi-with-mic>, "
"E<.Qq hostbased>, E<.Qq keyboard-interactive>, E<.Qq none> (utilisée pour "
"l’accès à des comptes sans mot de passe lorsque E<.Cm PermitEmptyPasswords> "
"est activé), E<.Qq password> et E<.Qq publickey>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AuthorizedKeysCommand"
msgstr "Cm AuthorizedKeysCommand"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies a program to be used to look up the user's public keys. The "
"program must be owned by root, not writable by group or others and specified "
"by an absolute path. Arguments to E<.Cm AuthorizedKeysCommand> accept the "
"tokens described in the E<.Sx TOKENS> section. If no arguments are "
"specified then the username of the target user is used."
msgstr ""
"Cette option permet de spécifier un programme à utiliser pour rechercher les "
"clés publiques de l’utilisateur. Le programme doit être la propriété du "
"superutilisateur, non accessible en écriture pour le groupe ou les autres et "
"spécifié à l’aide d’un chemin absolu. Les arguments de E<.Cm "
"AuthorizedKeysCommand> acceptent les symboles décrits dans la section E<.Sx "
"SYMBOLES>. Si aucun argument n’est spécifié, c’est le nom d’utilisateur de "
"l’utilisateur cible qui est utilisé."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The program should produce on standard output zero or more lines of "
"authorized_keys output (see E<.Sx AUTHORIZED_KEYS> in E<.Xr sshd 8>). E<.Cm "
"AuthorizedKeysCommand> is tried after the usual E<.Cm AuthorizedKeysFile> "
"files and will not be executed if a matching key is found there. By "
"default, no E<.Cm AuthorizedKeysCommand> is run."
msgstr ""
"Le programme doit produire sur la sortie standard zéro ou plusieurs lignes "
"au format authorized_keys (voir E<.Sx AUTHORIZED_KEYS> dans E<.Xr sshd 8>). "
"E<.Cm AuthorizedKeysCommand> est utilisée après les fichiers E<.Cm "
"AuthorizedKeysFile> usuels et ne sera pas exécutée si une clé correspondante "
"est trouvée dans ces derniers. Par défaut, aucune E<.Cm "
"AuthorizedKeysCommand> n’est exécutée."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AuthorizedKeysCommandUser"
msgstr "Cm AuthorizedKeysCommandUser"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the user under whose account the E<.Cm AuthorizedKeysCommand> is "
"run. It is recommended to use a dedicated user that has no other role on "
"the host than running authorized keys commands. If E<.Cm "
"AuthorizedKeysCommand> is specified but E<.Cm AuthorizedKeysCommandUser> is "
"not, then E<.Xr sshd 8> will refuse to start."
msgstr ""
"Cette option permet de spécifier l’utilisateur sous le compte duquel la "
"commande E<.Cm AuthorizedKeysCommand> sera exécutée. Il est recommandé de "
"spécifier un utilisateur dédié qui n’a pas d’autre rôle sur l’hôte que "
"d’exécuter des commandes de clés autorisées. Si E<.Cm AuthorizedKeysCommand> "
"est spécifié alors que E<.Cm AuthorizedKeysCommandUser> ne l’est pas, E<.Xr "
"sshd 8> refusera de démarrer."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AuthorizedKeysFile"
msgstr "Cm AuthorizedKeysFile"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the file that contains the public keys used for user "
"authentication. The format is described in the AUTHORIZED_KEYS FILE FORMAT "
"section of E<.Xr sshd 8>. Arguments to E<.Cm AuthorizedKeysFile> accept the "
"tokens described in the E<.Sx TOKENS> section. After expansion, E<.Cm "
"AuthorizedKeysFile> is taken to be an absolute path or one relative to the "
"user's home directory. Multiple files may be listed, separated by "
"whitespace. Alternately this option may be set to E<.Cm none> to skip "
"checking for user keys in files. The default is E<.Qq .ssh/authorized_keys ."
"ssh/authorized_keys2>."
msgstr ""
"Cette option permet de spécifier le fichier contenant les clés publiques à "
"utiliser pour l'authentification de l'utilisateur. Le format de ce fichier "
"est décrit dans la section FORMAT DU FICHIER AUTHORIZED_KEYS de E<.Xr sshd "
"8>. Les arguments de E<.Cm AuthorizedKeysFile> acceptent les symboles "
"décrits dans la section E<.Sx SYMBOLES>. Après extension, E<.Cm "
"AuthorizedKeysFile> est interprété comme un chemin absolu ou comme un chemin "
"relatif au répertoire personnel de l’utilisateur. Il est possible de "
"spécifier plusieurs fichiers en les séparant par des blancs. Pour se passer "
"de la vérification des clés d’utilisateur dans des fichiers, cette option "
"doit être définie à E<.Cm none>. L’argument par défaut de cette option est "
"E<.Qq .ssh/authorized_keys .ssh/authorized_keys2>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AuthorizedPrincipalsCommand"
msgstr "Cm AuthorizedPrincipalsCommand"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies a program to be used to generate the list of allowed certificate "
"principals as per E<.Cm AuthorizedPrincipalsFile>. The program must be "
"owned by root, not writable by group or others and specified by an absolute "
"path. Arguments to E<.Cm AuthorizedPrincipalsCommand> accept the tokens "
"described in the E<.Sx TOKENS> section. If no arguments are specified then "
"the username of the target user is used."
msgstr ""
"Cette option permet de spécifier un programme à utiliser pour générer une "
"liste d’identités (« principals ») de certificat autorisées en se basant sur "
"E<.Cm AuthorizedPrincipalsFile>. Le programme doit être la propriété du "
"superutilisateur, non accessible en écriture pour le groupe ou pour les "
"autres et spécifié à l’aide d’un chemin absolu. Les arguments de E<.Cm "
"AuthorizedPrincipalsCommand> acceptent les symboles décrits dans la section "
"E<.Sx SYMBOLES>. Si aucun argument n’est spécifié, c’est le nom "
"d’utilisateur de l’utilisateur cible qui sera utilisé."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The program should produce on standard output zero or more lines of E<.Cm "
"AuthorizedPrincipalsFile> output. If either E<.Cm "
"AuthorizedPrincipalsCommand> or E<.Cm AuthorizedPrincipalsFile> is "
"specified, then certificates offered by the client for authentication must "
"contain a principal that is listed. By default, no E<.Cm "
"AuthorizedPrincipalsCommand> is run."
msgstr ""
"Le programme doit produire sur la sortie standard zéro ou plusieurs lignes "
"du fichier E<.Cm AuthorizedPrincipalsFile>. Si au moins un des deux mots-"
"clés E<.Cm AuthorizedPrincipalsCommand> ou E<.Cm AuthorizedPrincipalsFile> "
"est spécifié, les certificats proposées par le client pour "
"l’authentification devront contenir une identité faisant partie de la liste. "
"Par défaut, aucune commande E<.Cm AuthorizedPrincipalsCommand> n’est "
"exécutée."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AuthorizedPrincipalsCommandUser"
msgstr "Cm AuthorizedPrincipalsCommandUser"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the user under whose account the E<.Cm "
"AuthorizedPrincipalsCommand> is run. It is recommended to use a dedicated "
"user that has no other role on the host than running authorized principals "
"commands. If E<.Cm AuthorizedPrincipalsCommand> is specified but E<.Cm "
"AuthorizedPrincipalsCommandUser> is not, then E<.Xr sshd 8> will refuse to "
"start."
msgstr ""
"Cette option permet de spécifier l’utilisateur sous le compte duquel la "
"commande E<.Cm AuthorizedPrincipalsCommand> sera exécutée. Il est recommandé "
"de spécifier un utilisateur dédié qui n’a pas d’autre rôle sur l’hôte que "
"d’exécuter des commandes d’identités autorisées. Si E<.Cm "
"AuthorizedPrincipalsCommand> est spécifié alors que E<.Cm "
"AuthorizedPrincipalsCommandUser> ne l’est pas, E<.Xr sshd 8> refusera de "
"démarrer."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm AuthorizedPrincipalsFile"
msgstr "Cm AuthorizedPrincipalsFile"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies a file that lists principal names that are accepted for "
"certificate authentication. When using certificates signed by a key listed "
"in E<.Cm TrustedUserCAKeys>, this file lists names, one of which must appear "
"in the certificate for it to be accepted for authentication. Names are "
"listed one per line preceded by key options (as described in E<.Sx "
"AUTHORIZED_KEYS FILE FORMAT> in E<.Xr sshd 8>). Empty lines and comments "
"starting with E<.Ql #> are ignored."
msgstr ""
"Cette option permet de spécifier un fichier contenant la liste des noms "
"d’identité (« principal ») acceptées pour une authentification par "
"certificat. Lorsque l’on utilise des certificats signés par une clé listée "
"dans E<.Cm TrustedUserCAKeys>, un des noms contenus dans ce fichier doit "
"apparaître dans le certificat afin que ce dernier soit accepté pour "
"l’authentification. Chaque ligne du fichier contient un seul nom précédé des "
"options de clé (comme décrit dans la section E<.Sx FORMAT DU FICHIER "
"AUTHORIZED_KEYS> de E<.Xr sshd 8>). Les lignes vides et les commentaires "
"(lignes commençant par « # ») sont ignorés."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Arguments to E<.Cm AuthorizedPrincipalsFile> accept the tokens described in "
"the E<.Sx TOKENS> section. After expansion, E<.Cm AuthorizedPrincipalsFile> "
"is taken to be an absolute path or one relative to the user's home "
"directory. The default is E<.Cm none>, i.e. not to use a principals file "
"\\(en in this case, the username of the user must appear in a certificate's "
"principals list for it to be accepted."
msgstr ""
"Les arguments de E<.Cm AuthorizedPrincipalsFile> acceptent les symboles "
"décrits dans la section E<.Sx SYMBOLES>. Après extension, E<.Cm "
"AuthorizedPrincipalsFile> est interprété comme un chemin absolu ou comme un "
"chemin relatif au répertoire personnel de l’utilisateur. L’argument par "
"défaut est E<.Cm none> et indique qu’aucun fichier d’identités ne sera "
"utilisé ; dans ce cas, le nom d’utilisateur de l’utilisateur devra "
"apparaître dans une liste d’identités du certificat pour que ce dernier soit "
"accepté."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Note that E<.Cm AuthorizedPrincipalsFile> is only used when authentication "
"proceeds using a CA listed in E<.Cm TrustedUserCAKeys> and is not consulted "
"for certification authorities trusted via E<.Pa ~/.ssh/authorized_keys>, "
"though the E<.Cm principals=> key option offers a similar facility (see E<."
"Xr sshd 8> for details)."
msgstr ""
"Notez que E<.Cm AuthorizedPrincipalsFile> n’est utilisé que lorsque "
"l’authentification est effectuée en utilisant une CA listée dans E<.Cm "
"TrustedUserCAKeys> et n’est pas consulté pour des CA définies comme fiables "
"à l’aide de E<.Pa ~/.ssh/authorized_keys>, bien que l’option de clé E<.Cm "
"principals=> offre des possibilités similaires (voir E<.Xr sshd 8> pour les "
"détails)."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm Banner"
msgstr "Cm Banner"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The contents of the specified file are sent to the remote user before "
"authentication is allowed. If the argument is E<.Cm none> then no banner is "
"displayed. By default, no banner is displayed."
msgstr ""
"Le contenu du fichier spécifié est envoyé à l'utilisateur distant avant que "
"la connexion ne soit autorisée. Si l’argument est E<.Cm none>, aucune "
"bannière n’est affichée, ce qui correspond au comportement par défaut."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm CASignatureAlgorithms"
msgstr "Cm CASignatureAlgorithms"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
msgid ""
"Specifies which algorithms are allowed for signing of certificates by "
"certificate authorities (CAs). The default is:"
msgstr ""
"Cette option permet de spécifier quels algorithmes sont autorisés pour la "
"signature des certificats par les autorités de certification (CA). Les "
"algorithmes par défaut sont :"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
#, no-wrap
msgid ""
"ssh-ed25519,ecdsa-sha2-nistp256,\n"
"ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,\n"
"sk-ssh-ed25519@openssh.com,\n"
"sk-ecdsa-sha2-nistp256@openssh.com,\n"
"rsa-sha2-512,rsa-sha2-256\n"
msgstr ""
"ssh-ed25519,ecdsa-sha2-nistp256,\n"
"ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,\n"
"sk-ssh-ed25519@openssh.com,\n"
"sk-ecdsa-sha2-nistp256@openssh.com,\n"
"rsa-sha2-512,rsa-sha2-256\n"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
msgid ""
"If the specified list begins with a E<.Sq +> character, then the specified "
"algorithms will be appended to the default set instead of replacing them. "
"If the specified list begins with a E<.Sq -> character, then the specified "
"algorithms (including wildcards) will be removed from the default set "
"instead of replacing them."
msgstr ""
"Si la liste spécifiée commence par un caractère « + », les algorithmes "
"qu’elle contient seront ajoutés à la liste par défaut au lieu de la "
"remplacer. Si la liste spécifiée commence par un caractère « - », les "
"algorithmes qu’elle contient (pouvant contenir des caractères génériques) "
"seront supprimés de la liste par défaut au lieu de la remplacer."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Certificates signed using other algorithms will not be accepted for public "
"key or host-based authentication."
msgstr ""
"Les certificats signés en utilisant d’autres algorithmes ne seront pas "
"acceptés pour l’authentification par clé publique ou basée sur l’hôte."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm ChannelTimeout"
msgstr "Cm ChannelTimeout"
#. type: Plain text
#: archlinux debian-unstable
msgid ""
"Specifies whether and how quickly E<.Xr sshd 8> should close inactive "
"channels. Timeouts are specified as one or more E<.Dq type=interval> pairs "
"separated by whitespace, where the E<.Dq type> must be the special keyword "
"E<.Dq global> or a channel type name from the list below, optionally "
"containing wildcard characters."
msgstr ""
"Cette option permet de spécifier si et sous quel délai E<.Xr sshd 8> doit "
"fermer les canaux inactifs. Les délais sont spécifiés sous forme d’une ou "
"plusieurs paires « type=intervalle » séparées par des blancs, où « type » "
"doit être le mot-clé spécial « global » ou un nom de type de canal issu de "
"la liste ci-dessous et comportant éventuellement des caractères génériques."
#. type: Plain text
#: archlinux debian-unstable
msgid ""
"The timeout value E<.Dq interval> is specified in seconds or may use any of "
"the units documented in the E<.Sx TIME FORMATS> section. For example, E<.Dq "
"session=5m> would cause interactive sessions to terminate after five minutes "
"of inactivity. Specifying a zero value disables the inactivity timeout."
msgstr ""
"La valeur de délai « intervalle » est spécifiée en secondes ou peut utiliser "
"une unité documentée dans la section E<.Sx FORMATS DE TEMPS>. Par exemple, "
"« session=5m » signifierait que les sessions interactives seraient fermées "
"après cinq minutes d’inactivité. Spécifier une valeur de zéro désactive le "
"délai d’inactivité."
#. type: Plain text
#: archlinux debian-unstable
msgid ""
"The special timeout E<.Dq global> applies to all active channels, taken "
"together. Traffic on any active channel will reset the timeout, but when "
"the timeout expires then all open channels will be closed. Note that this "
"global timeout is not matched by wildcards and must be specified explicitly."
msgstr ""
"La valeur spéciale de délai « global » s’applique à tous les canaux actifs "
"pris dans leur ensemble. La présence de trafic sur un canal actif "
"réinitialise le délai, mais lorsque le délai expire, tous les canaux sont "
"fermés. Notez que ce délai « global » ne peut pas être exprimé à l’aide de "
"caractères génériques et qu’il doit donc être spécifié explicitement."
#. type: Plain text
#: archlinux debian-unstable
msgid "The available channel type names include:"
msgstr "Les noms de type de canal comprennent :"
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm agent-connection"
msgstr "Cm agent-connection"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "Open connections to E<.Xr ssh-agent 1>."
msgstr "Connexions ouvertes vers E<.Xr ssh-agent 1>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm direct-tcpip , Cm direct-streamlocal@openssh.com"
msgstr "Cm direct-tcpip , Cm direct-streamlocal@openssh.com"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Open TCP or Unix socket (respectively) connections that have been "
"established from a E<.Xr ssh 1> local forwarding, i.e.\\& E<.Cm "
"LocalForward> or E<.Cm DynamicForward>."
msgstr ""
"Connexions TCP ou socket Unix (respectivement) ouvertes qui ont été établies "
"depuis une redirection locale de E<.Xr ssh 1>, c’est-à-dire à l’aide de E<."
"Cm LocalForward> ou E<.Cm DynamicForward>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm forwarded-tcpip , Cm forwarded-streamlocal@openssh.com"
msgstr "Cm forwarded-tcpip , Cm forwarded-streamlocal@openssh.com"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Open TCP or Unix socket (respectively) connections that have been "
"established to a E<.Xr sshd 8> listening on behalf of a E<.Xr ssh 1> remote "
"forwarding, i.e.\\& E<.Cm RemoteForward>."
msgstr ""
"Connexions TCP ou socket Unix (respectivement) ouvertes qui ont été établies "
"vers un démon E<.Xr sshd 8> en écoute au nom d’une redirection distante de "
"E<.Xr ssh 1>, c’est-à-dire à l’aide de E<.Cm RemoteForward>."
#. type: It
#: archlinux debian-unstable
#, no-wrap
msgid "Cm session"
msgstr "Cm session"
#. type: Plain text
#: archlinux debian-unstable
msgid ""
"The interactive main session, including shell session, command execution, E<."
"Xr scp 1>, E<.Xr sftp 1>, etc."
msgstr ""
"La session interactive principale comprenant la session de l’interpréteur de "
"commande, l’exécution de commande, E<.Xr scp 1>, E<.Xr sftp 1>, etc."
#. type: It
#: archlinux debian-unstable
#, no-wrap
msgid "Cm tun-connection"
msgstr "Cm tun-connection"
#. type: Plain text
#: archlinux debian-unstable
msgid "Open E<.Cm TunnelForward> connections."
msgstr "Les connexions ouvertes à l’aide de E<.Cm TunnelForward>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm x11-connection"
msgstr "Cm x11-connection"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "Open X11 forwarding sessions."
msgstr "Les sessions de redirections de X11 ouvertes."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Note that in all the above cases, terminating an inactive session does not "
"guarantee to remove all resources associated with the session, e.g. shell "
"processes or X11 clients relating to the session may continue to execute."
msgstr ""
"Notez que dans tous les cas ci-dessus, fermer une session inactive ne "
"garantit pas que toutes les ressources associées à la session seront "
"supprimées ; par exemple, les processus de l’interpréteur de commande ou les "
"clients X11 liés à la session pourront continuer leur exécution."
#. type: Plain text
#: archlinux debian-unstable
msgid ""
"Moreover, terminating an inactive channel or session does not necessarily "
"close the SSH connection, nor does it prevent a client from requesting "
"another channel of the same type. In particular, expiring an inactive "
"forwarding session does not prevent another identical forwarding from being "
"subsequently created."
msgstr ""
"En outre, fermer une session ou un canal inactif ne ferme pas nécessairement "
"la connexion SSH et n’empêche pas un client de demander l’ouverture d’un "
"autre canal du même type. En particulier, fermer une session de redirection "
"inactive n’empêche pas la création subséquente d’une autre redirection "
"identique."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The default is not to expire channels of any type for inactivity."
msgstr ""
"Par défaut, aucun canal de quelque type que ce soit ne sera fermé pour "
"inactivité."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm ChrootDirectory"
msgstr "Cm ChrootDirectory"
#. type: Plain text
#: archlinux debian-unstable
msgid ""
"Specifies the pathname of a directory to E<.Xr chroot 2> to after "
"authentication. At session startup E<.Xr sshd 8> checks that all components "
"of the pathname are root-owned directories which are not writable by group "
"or others. After the chroot, E<.Xr sshd 8> changes the working directory to "
"the user's home directory. Arguments to E<.Cm ChrootDirectory> accept the "
"tokens described in the E<.Sx TOKENS> section."
msgstr ""
"Cette option permet de spécifier le chemin d’un répertoire pour passer en E<."
"Xr chroot 2> après l’authentification. Au démarrage de la session, E<.Xr "
"sshd 8> vérifie que tous les composants du chemin sont des répertoires qui "
"sont la propriété du superutilisateur et non accessibles en écriture pour le "
"groupe ou les autres. Après passage en chroot, E<.Xr sshd 8> définit le "
"répertoire personnel de l’utilisateur comme répertoire de travail. Les "
"arguments de E<.Cm ChrootDirectory> acceptent les symboles décrits dans la "
"section E<.Sx SYMBOLES>."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The E<.Cm ChrootDirectory> must contain the necessary files and directories "
"to support the user's session. For an interactive session this requires at "
"least a shell, typically E<.Xr sh 1>, and basic E<.Pa /dev> nodes such as E<."
"Xr null 4>, E<.Xr zero 4>, E<.Xr stdin 4>, E<.Xr stdout 4>, E<.Xr stderr 4>, "
"and E<.Xr tty 4> devices. For file transfer sessions using SFTP no "
"additional configuration of the environment is necessary if the in-process "
"sftp-server is used, though sessions which use logging may require E<.Pa /"
"dev/log> inside the chroot directory on some operating systems (see E<.Xr "
"sftp-server 8> for details)."
msgstr ""
"Le répertoire E<.Cm ChrootDirectory> doit contenir les répertoires et "
"fichiers nécessaires pour prendre en charge la session de l’utilisateur. "
"Pour une session interactive, cela comprend au moins un interpréteur de "
"commande, en général E<.Xr sh 1> et des nœuds E<.Pa /dev> de base tels que "
"les dispositifs E<.Xr null 4>, E<.Xr zero 4>, E<.Xr stdin 4>, E<.Xr stdout "
"4>, E<.Xr stderr 4> et E<.Xr tty 4>. Pour les sessions de transfert de "
"fichiers utilisant SFTP, aucune configuration additionnelle de "
"l’environnement n’est nécessaire si l’on utilise le serveur sftp interne, "
"bien que sur certains systèmes d’exploitation, les sessions qui utilisent la "
"journalisation puissent nécessiter E<.Pa /dev/log> à l’intérieur du "
"répertoire de chroot (voir E<.Xr sftp-server 8> pour les détails)."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"For safety, it is very important that the directory hierarchy be prevented "
"from modification by other processes on the system (especially those outside "
"the jail). Misconfiguration can lead to unsafe environments which E<.Xr "
"sshd 8> cannot detect."
msgstr ""
"Pour la sécurité, il est très important que l’arborescence du répertoire ne "
"puisse pas être modifiée par d’autres processus sur le système (en "
"particulier ceux qui se trouvent en dehors du « bac à sable »). Un mauvaise "
"configuration peut induire des environnements non sécurisés que E<.Xr sshd "
"8> ne pourra pas détecter."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The default is E<.Cm none>, indicating not to E<.Xr chroot 2>."
msgstr ""
"L’argument par défaut est E<.Cm none>, indiquant de ne pas passer en E<.Xr "
"chroot 2>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm Ciphers"
msgstr "Cm Ciphers"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
msgid ""
"Specifies the ciphers allowed. Multiple ciphers must be comma-separated. "
"If the specified list begins with a E<.Sq +> character, then the specified "
"ciphers will be appended to the default set instead of replacing them. If "
"the specified list begins with a E<.Sq -> character, then the specified "
"ciphers (including wildcards) will be removed from the default set instead "
"of replacing them. If the specified list begins with a E<.Sq ^> character, "
"then the specified ciphers will be placed at the head of the default set."
msgstr ""
"Cette option permet de spécifier les algorithmes de chiffrement autorisés. "
"Plusieurs algorithmes de chiffrement peuvent être spécifiés en les séparant "
"par des virgules. Si la liste spécifiée commence par un caractère « + », les "
"algorithmes qu’elle contient seront ajoutés à la liste par défaut au lieu de "
"la remplacer. Si la liste spécifiée commence par un caractère « - », les "
"algorithmes qu’elle contient (pouvant contenir des caractères génériques) "
"seront supprimés de la liste par défaut au lieu de la remplacer. Si la liste "
"spécifiée commence par un caret « ^ », les algorithmes qu’elle contient "
"seront ajoutés au début de la liste par défaut."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The supported ciphers are:"
msgstr "Les algorithmes de chiffrement pris en charge sont :"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "3des-cbc"
msgstr "3des-cbc"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "aes128-cbc"
msgstr "aes128-cbc"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "aes192-cbc"
msgstr "aes192-cbc"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "aes256-cbc"
msgstr "aes256-cbc"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "aes128-ctr"
msgstr "aes128-ctr"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "aes192-ctr"
msgstr "aes192-ctr"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "aes256-ctr"
msgstr "aes256-ctr"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "aes128-gcm@openssh.com"
msgstr "aes128-gcm@openssh.com"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "aes256-gcm@openssh.com"
msgstr "aes256-gcm@openssh.com"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "chacha20-poly1305@openssh.com"
msgstr "chacha20-poly1305@openssh.com"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
msgid "The default is:"
msgstr "La liste par défaut est :"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
#, no-wrap
msgid ""
"chacha20-poly1305@openssh.com,\n"
"aes128-ctr,aes192-ctr,aes256-ctr,\n"
"aes128-gcm@openssh.com,aes256-gcm@openssh.com\n"
msgstr ""
"chacha20-poly1305@openssh.com,\n"
"aes128-ctr,aes192-ctr,aes256-ctr,\n"
"aes128-gcm@openssh.com,aes256-gcm@openssh.com\n"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The list of available ciphers may also be obtained using E<.Qq ssh -Q "
"cipher>."
msgstr ""
"La liste des algorithmes de chiffrement disponibles peut aussi être obtenue "
"en utilisant la commande « ssh -Q cipher »."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm ClientAliveCountMax"
msgstr "Cm ClientAliveCountMax"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Sets the number of client alive messages which may be sent without E<.Xr "
"sshd 8> receiving any messages back from the client. If this threshold is "
"reached while client alive messages are being sent, sshd will disconnect the "
"client, terminating the session. It is important to note that the use of "
"client alive messages is very different from E<.Cm TCPKeepAlive>. The "
"client alive messages are sent through the encrypted channel and therefore "
"will not be spoofable. The TCP keepalive option enabled by E<.Cm "
"TCPKeepAlive> is spoofable. The client alive mechanism is valuable when the "
"client or server depend on knowing when a connection has become unresponsive."
msgstr ""
"Cette option permet de définir le nombre de messages de rappel au client qui "
"peuvent être envoyés sans que E<.Xr sshd 8> reçoive de message en retour du "
"client. Si cette limite est atteinte alors que des messages de rappel au "
"client sont envoyés, sshd déconnectera le client et fermera la session. Il "
"est important de noter que l’utilisation de messages de rappel au client est "
"très différente de E<.Cm TCPKeepAlive>. Les messages de rappel au client "
"sont envoyés par le canal chiffré et ne sont donc pas falsifiables. L’option "
"« keepalive » de TCP activée par E<.Cm TCPKeepAlive> peut être compromise. "
"Le mécanisme de rappel au client s’avère utile lorsque le client ou le "
"serveur ont besoin d’être informés quand une connexion ne répond plus."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The default value is 3. If E<.Cm ClientAliveInterval> is set to 15, and E<."
"Cm ClientAliveCountMax> is left at the default, unresponsive SSH clients "
"will be disconnected after approximately 45 seconds. Setting a zero E<.Cm "
"ClientAliveCountMax> disables connection termination."
msgstr ""
"La valeur par défaut est 3. Si E<.Cm ClientAliveInterval> est défini à 15 et "
"si E<.Cm ClientAliveCountMax> conserve sa valeur par défaut de 3, les "
"clients SSH qui ne répondent pas seront déconnectés après approximativement "
"45 secondes. Définir E<.Cm ClientAliveCountMax> à zéro désactive la "
"fermeture des connexions inactives."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm ClientAliveInterval"
msgstr "Cm ClientAliveInterval"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Sets a timeout interval in seconds after which if no data has been received "
"from the client, E<.Xr sshd 8> will send a message through the encrypted "
"channel to request a response from the client. The default is 0, indicating "
"that these messages will not be sent to the client."
msgstr ""
"Cette option permet de définir un délai après lequel, si aucune donnée n'est "
"reçue de la part du client, E<.Xr sshd 8> enverra un message par le canal "
"chiffré pour demander une réponse au client. La valeur par défaut est 0, ce "
"qui signifie qu’aucun message de rappel ne sera envoyé au client."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm Compression"
msgstr "Cm Compression"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether compression is enabled after the user has authenticated "
"successfully. The argument must be E<.Cm yes>, E<.Cm delayed> (a legacy "
"synonym for E<.Cm yes>) or E<.Cm no>. The default is E<.Cm yes>."
msgstr ""
"Cette option permet d’indiquer si la compression est activée après une "
"authentification réussie de l’utilisateur. L’argument doit être E<.Cm yes>, "
"E<.Cm delayed> (un équivalent hérité de E<.Cm yes>) ou E<.Cm no>. La valeur "
"par défaut est E<.Cm yes>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm DenyGroups"
msgstr "Cm DenyGroups"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"This keyword can be followed by a list of group name patterns, separated by "
"spaces. Login is disallowed for users whose primary group or supplementary "
"group list matches one of the patterns. Only group names are valid; a "
"numerical group ID is not recognized. By default, login is allowed for all "
"groups. The allow/deny groups directives are processed in the following "
"order: E<.Cm DenyGroups>, E<.Cm AllowGroups>."
msgstr ""
"Cette option peut être suivie d'une liste de motifs de nom de groupe séparés "
"par des espaces. Les utilisateurs dont le groupe principal ou les groupes "
"secondaires correspondent à un des motifs ne sont pas autorisés à se "
"connecter. Seuls les noms de groupes sont valables ; les identifiants "
"numériques de groupes ne sont pas reconnus. Par défaut, tous les groupes "
"sont autorisés à se connecter. Les directives de groupe allow/deny sont "
"traitées dans l’ordre suivant : E<.Cm DenyGroups>, E<.Cm AllowGroups>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm DenyUsers"
msgstr "Cm DenyUsers"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"This keyword can be followed by a list of user name patterns, separated by "
"spaces. Login is disallowed for user names that match one of the patterns. "
"Only user names are valid; a numerical user ID is not recognized. By "
"default, login is allowed for all users. If the pattern takes the form "
"USER@HOST then USER and HOST are separately checked, restricting logins to "
"particular users from particular hosts. HOST criteria may additionally "
"contain addresses to match in CIDR address/masklen format. The allow/deny "
"users directives are processed in the following order: E<.Cm DenyUsers>, E<."
"Cm AllowUsers>."
msgstr ""
"Cette option peut être suivie d'une liste de motifs de nom d'utilisateur "
"séparés par des espaces. Les utilisateurs dont le nom correspond à un des "
"motifs ne sont pas autorisés à se connecter. Seuls les noms d'utilisateurs "
"sont valables ; les identifiants numériques d'utilisateurs ne sont pas "
"reconnus. Par défaut, tous les utilisateurs sont autorisés à se connecter. "
"Si le motif est de la forme UTILISATEUR@HOTE, UTILISATEUR et HOTE sont "
"vérifiés séparément, et la connexion est restreinte à certains utilisateurs "
"de certains hôtes. Le critère HOTE peut aussi contenir des correspondances "
"d’adresse au format CIDR adresse/taille de masque. Les directives "
"d’utilisateur sont traitées dans l’ordre suivant : E<.Cm DenyUsers>, E<.Cm "
"AllowUsers>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm DisableForwarding"
msgstr "Cm DisableForwarding"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Disables all forwarding features, including X11, E<.Xr ssh-agent 1>, TCP and "
"StreamLocal. This option overrides all other forwarding-related options and "
"may simplify restricted configurations."
msgstr ""
"Cette option permet de désactiver toutes les redirections, y compris X11, E<."
"Xr ssh-agent 1>, TCP et StreamLocal. Elle outrepasse tout autre option "
"concernant une redirection et peut simplifier les configurations restreintes."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm ExposeAuthInfo"
msgstr "Cm ExposeAuthInfo"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Writes a temporary file containing a list of authentication methods and "
"public credentials (e.g. keys) used to authenticate the user. The location "
"of the file is exposed to the user session through the E<.Ev SSH_USER_AUTH> "
"environment variable. The default is E<.Cm no>."
msgstr ""
"Cette option permet d’écrire un fichier temporaire contenant une liste des "
"méthodes d’authentification et des données d’authentification publiques "
"(comme les clés) utilisées pour authentifier l’utilisateur. L’emplacement du "
"fichier est indiqué à la session utilisateur à l’aide de la variable "
"d’environnement E<.Ev SSH_USER_AUTH>. La valeur par défaut est E<.Cm no>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm FingerprintHash"
msgstr "Cm FingerprintHash"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the hash algorithm used when logging key fingerprints. Valid "
"options are: E<.Cm md5> and E<.Cm sha256>. The default is E<.Cm sha256>."
msgstr ""
"Cette option permet de spécifier l’algorithme de hachage utilisé pour la "
"journalisation des empreintes de clé. Les arguments valables sont E<.Cm md5> "
"et E<.Cm sha256>. La valeur par défaut est E<.Cm sha256>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm ForceCommand"
msgstr "Cm ForceCommand"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Forces the execution of the command specified by E<.Cm ForceCommand>, "
"ignoring any command supplied by the client and E<.Pa ~/.ssh/rc> if "
"present. The command is invoked by using the user's login shell with the -c "
"option. This applies to shell, command, or subsystem execution. It is most "
"useful inside a E<.Cm Match> block. The command originally supplied by the "
"client is available in the E<.Ev SSH_ORIGINAL_COMMAND> environment "
"variable. Specifying a command of E<.Cm internal-sftp> will force the use "
"of an in-process SFTP server that requires no support files when used with "
"E<.Cm ChrootDirectory>. The default is E<.Cm none>."
msgstr ""
"Cette option permet de forcer l’exécution de la commande spécifiée en "
"ignorant toute commande fournie par le client et E<.Pa ~/.ssh/rc>, s’il "
"existe. La commande est invoquée en utilisant l’interpréteur de commande de "
"connexion de l’utilisateur avec l’option -c. Cette option s’applique à "
"l’exécution de l’interpréteur de commande, de la commande ou du sous-"
"système. Elle s’avère particulièrement utile dans un bloc E<.Cm Match>. La "
"commande initialement fournie par le client est disponible dans la variable "
"d’environnement E<.Ev SSH_ORIGINAL_COMMAND>. Spécifier la commande E<.Cm "
"internal-sftp> forcera l’utilisation d’un serveur SFTP interne qui ne "
"nécessite pas de fichier support lorsqu’il est utilisé avec E<.Cm "
"ChrootDirectory>. La valeur par défaut est E<.Cm none>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm GatewayPorts"
msgstr "Cm GatewayPorts"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether remote hosts are allowed to connect to ports forwarded for "
"the client. By default, E<.Xr sshd 8> binds remote port forwardings to the "
"loopback address. This prevents other remote hosts from connecting to "
"forwarded ports. E<.Cm GatewayPorts> can be used to specify that sshd "
"should allow remote port forwardings to bind to non-loopback addresses, thus "
"allowing other hosts to connect. The argument may be E<.Cm no> to force "
"remote port forwardings to be available to the local host only, E<.Cm yes> "
"to force remote port forwardings to bind to the wildcard address, or E<.Cm "
"clientspecified> to allow the client to select the address to which the "
"forwarding is bound. The default is E<.Cm no>."
msgstr ""
"Cette option permet de spécifier si les machines distantes sont autorisées à "
"se connecter à des ports redirigés pour le client. Par défaut, E<.Xr sshd 8> "
"branche les redirections de ports à l'adresse de bouclage (loopback "
"address). Cela empêche les autres machines distantes de se connecter aux "
"ports redirigés. E<.Cm GatewayPorts> peut être utilisé pour indiquer que E<."
"Xr sshd 8> doit permettre le branchement des redirections de ports distantes "
"à des adresses autres que loopback, et par conséquent autoriser les autres "
"machines à se connecter. L’argument peut être E<.Cm no> pour forcer les "
"redirections de ports distants à n’être disponibles que pour l’hôte local, "
"E<.Cm yes> pour forcer les redirections de ports distants à se lier à "
"l’adresse avec caractères génériques ou E<.Cm clientspecified> pour "
"permettre au client de sélectionner l’adresse à laquelle la redirection est "
"liée. La valeur par défaut est E<.Cm no>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm GSSAPIAuthentication"
msgstr "Cm GSSAPIAuthentication"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether user authentication based on GSSAPI is allowed. The "
"default is E<.Cm no>."
msgstr ""
"Cette option permet de spécifier si l’authentification utilisateur basée sur "
"GSSAPI est autorisée. La valeur par défaut est E<.Cm no>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm GSSAPICleanupCredentials"
msgstr "Cm GSSAPICleanupCredentials"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether to automatically destroy the user's credentials cache on "
"logout. The default is E<.Cm yes>."
msgstr ""
"Cette option permet d’indiquer si le cache des données d’identification des "
"utilisateurs doit être automatiquement vidé à la déconnexion. La valeur par "
"défaut est E<.Cm yes>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm GSSAPIStrictAcceptorCheck"
msgstr "Cm GSSAPIStrictAcceptorCheck"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Determines whether to be strict about the identity of the GSSAPI acceptor a "
"client authenticates against. If set to E<.Cm yes> then the client must "
"authenticate against the host service on the current hostname. If set to E<."
"Cm no> then the client may authenticate against any service key stored in "
"the machine's default store. This facility is provided to assist with "
"operation on multi homed machines. The default is E<.Cm yes>."
msgstr ""
"Cette option permet d’indiquer si l’on doit être strict quant à l’identité "
"de l’accepteur GSSAPI auprès duquel le client s’authentifie. Si elle est "
"définie à E<.Cm yes>, le client doit s’authentifier auprès du service "
"« host » avec le nom d’hôte actuel. Si elle est définie à E<.Cm no>, le "
"client peut s’authentifier auprès de n'importe quelle clé de service stockée "
"dans le magasin par défaut de la machine. Cette possibilité facilite les "
"opérations sur les machines multi-réseaux. La valeur par défaut est E<.Cm "
"yes>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm HostbasedAcceptedAlgorithms"
msgstr "Cm HostbasedAcceptedAlgorithms"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable mageia-cauldron
msgid ""
"Specifies the signature algorithms that will be accepted for hostbased "
"authentication as a list of comma-separated patterns. Alternately if the "
"specified list begins with a E<.Sq +> character, then the specified "
"signature algorithms will be appended to the default set instead of "
"replacing them. If the specified list begins with a E<.Sq -> character, "
"then the specified signature algorithms (including wildcards) will be "
"removed from the default set instead of replacing them. If the specified "
"list begins with a E<.Sq ^> character, then the specified signature "
"algorithms will be placed at the head of the default set. The default for "
"this option is:"
msgstr ""
"Cette option permet de spécifier les algorithmes de signature qui seront "
"acceptés pour une authentification basée sur l’hôte sous la forme d’une "
"liste de motifs séparés par des virgules. Si la liste spécifiée commence par "
"un caractère « + », les algorithmes de signature qu’elle contient seront "
"ajoutés à la liste par défaut au lieu de la remplacer. Si la liste spécifiée "
"commence par un caractère « - », les algorithmes de signature qu’elle "
"contient (pouvant contenir des caractères génériques) seront supprimés de la "
"liste par défaut au lieu de la remplacer. Si la liste spécifiée commence par "
"un caret « ^ », les algorithmes de signature qu’elle contient seront ajoutés "
"au début de la liste par défaut. La liste par défaut est :"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable mageia-cauldron
#, no-wrap
msgid ""
"ssh-ed25519-cert-v01@openssh.com,\n"
"ecdsa-sha2-nistp256-cert-v01@openssh.com,\n"
"ecdsa-sha2-nistp384-cert-v01@openssh.com,\n"
"ecdsa-sha2-nistp521-cert-v01@openssh.com,\n"
"sk-ssh-ed25519-cert-v01@openssh.com,\n"
"sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,\n"
"rsa-sha2-512-cert-v01@openssh.com,\n"
"rsa-sha2-256-cert-v01@openssh.com,\n"
"ssh-ed25519,\n"
"ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,\n"
"sk-ssh-ed25519@openssh.com,\n"
"sk-ecdsa-sha2-nistp256@openssh.com,\n"
"rsa-sha2-512,rsa-sha2-256\n"
msgstr ""
"ssh-ed25519-cert-v01@openssh.com,\n"
"ecdsa-sha2-nistp256-cert-v01@openssh.com,\n"
"ecdsa-sha2-nistp384-cert-v01@openssh.com,\n"
"ecdsa-sha2-nistp521-cert-v01@openssh.com,\n"
"sk-ssh-ed25519-cert-v01@openssh.com,\n"
"sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,\n"
"rsa-sha2-512-cert-v01@openssh.com,\n"
"rsa-sha2-256-cert-v01@openssh.com,\n"
"ssh-ed25519,\n"
"ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,\n"
"sk-ssh-ed25519@openssh.com,\n"
"sk-ecdsa-sha2-nistp256@openssh.com,\n"
"rsa-sha2-512,rsa-sha2-256\n"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The list of available signature algorithms may also be obtained using E<.Qq "
"ssh -Q HostbasedAcceptedAlgorithms>. This was formerly named "
"HostbasedAcceptedKeyTypes."
msgstr ""
"La liste des algorithmes de signature disponibles peut aussi être obtenue en "
"utilisant la commande « ssh -Q HostbasedAcceptedAlgorithms ». Cette option "
"se nommait par le passé HostbasedAcceptedKeyTypes."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm HostbasedAuthentication"
msgstr "Cm HostbasedAuthentication"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether rhosts or /etc/hosts.equiv authentication together with "
"successful public key client host authentication is allowed (host-based "
"authentication). The default is E<.Cm no>."
msgstr ""
"Spécifie si l’authentification par rhosts ou /etc/hosts.equiv conjointement "
"avec une authentification de machine cliente par clé publique réussie est "
"autorisée (authentification basée sur l’hôte). La valeur par défaut est E<."
"Cm no>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm HostbasedUsesNameFromPacketOnly"
msgstr "Cm HostbasedUsesNameFromPacketOnly"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether or not the server will attempt to perform a reverse name "
"lookup when matching the name in the E<.Pa ~/.shosts>, E<.Pa ~/.rhosts>, and "
"E<.Pa /etc/hosts.equiv> files during E<.Cm HostbasedAuthentication>. A "
"setting of E<.Cm yes> means that E<.Xr sshd 8> uses the name supplied by the "
"client rather than attempting to resolve the name from the TCP connection "
"itself. The default is E<.Cm no>."
msgstr ""
"Cette option permet d’indiquer si le serveur essaiera d’effectuer une "
"recherche de nom inverse lors d’une comparaison de nom dans les fichiers E<."
"Pa ~/.shosts>, E<.Pa ~/.rhosts> et E<.Pa /etc/hosts.equiv> pendant une "
"authentification basée sur l’hôte. Si elle est définie à E<.Cm yes>, E<.Xr "
"sshd 8> va utiliser le nom fourni par le client plutôt que de tenter lui-"
"même de résoudre le nom à partir de la connexion TCP. La valeur par défaut "
"est E<.Cm no>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm HostCertificate"
msgstr "Cm HostCertificate"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies a file containing a public host certificate. The certificate's "
"public key must match a private host key already specified by E<.Cm "
"HostKey>. The default behaviour of E<.Xr sshd 8> is not to load any "
"certificates."
msgstr ""
"Cette option permet de spécifier un fichier contenant un certificat d’hôte "
"public. La clé publique du certificat doit correspondre à une clé d’hôte "
"privée déjà spécifiée à l’aide de E<.Cm HostKey>. Par défaut, E<.Xr sshd 8> "
"ne charge aucun certificat."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm HostKey"
msgstr "Cm HostKey"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies a file containing a private host key used by SSH. The defaults "
"are E<.Pa /etc/ssh/ssh_host_ecdsa_key>, E<.Pa /etc/ssh/ssh_host_ed25519_key> "
"and E<.Pa /etc/ssh/ssh_host_rsa_key>."
msgstr ""
"Cette option permet de spécifier un fichier contenant une clef d’hôte privée "
"utilisée par SSH. Les fichiers par défaut sont E<.Pa /etc/ssh/"
"ssh_host_ecdsa_key>, E<.Pa /etc/ssh/ssh_host_ed25519_key> et E<.Pa /etc/ssh/"
"ssh_host_rsa_key>."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Note that E<.Xr sshd 8> will refuse to use a file if it is group/world-"
"accessible and that the E<.Cm HostKeyAlgorithms> option restricts which of "
"the keys are actually used by E<.Xr sshd 8>."
msgstr ""
"Notez que E<.Xr sshd 8> refusera d'utiliser un fichier accessible au groupe "
"ou aux autres et que l’option E<.Cm HostKeyAlgorithms> restreint la liste "
"des clés réellement utilisées par E<.Xr sshd 8>."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"It is possible to have multiple host key files. It is also possible to "
"specify public host key files instead. In this case operations on the "
"private key will be delegated to an E<.Xr ssh-agent 1>."
msgstr ""
"Il est possible d’avoir plusieurs fichiers de clés d’hôte. Il est aussi "
"possible de spécifier des fichiers de clés d’hôte publiques à la place. Dans "
"ce cas, les opérations sur la clé privée seront déléguées à un agent E<.Xr "
"ssh-agent 1>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm HostKeyAgent"
msgstr "Cm HostKeyAgent"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Identifies the UNIX-domain socket used to communicate with an agent that has "
"access to the private host keys. If the string E<.Qq SSH_AUTH_SOCK> is "
"specified, the location of the socket will be read from the E<.Ev "
"SSH_AUTH_SOCK> environment variable."
msgstr ""
"Cette option permet d’identifier le socket de domaine Unix utilisé pour "
"communiquer avec un agent qui a accès aux clés d’hôte privées. Si l’argument "
"est « SSH_AUTH_SOCK », l’emplacement du socket sera lu depuis la variable "
"d’environnement E<.Ev SSH_AUTH_SOCK>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm HostKeyAlgorithms"
msgstr "Cm HostKeyAlgorithms"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
msgid ""
"Specifies the host key signature algorithms that the server offers. The "
"default for this option is:"
msgstr ""
"Cette option permet d’indiquer les algorithmes de signature de clé d’hôte "
"qu’offre le serveur. La valeur par défaut de cette option est :"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
msgid ""
"The list of available signature algorithms may also be obtained using E<.Qq "
"ssh -Q HostKeyAlgorithms>."
msgstr ""
"La liste des algorithmes de signature disponibles peut aussi être obtenue en "
"utilisant la commande « ssh -Q HostKeyAlgorithms »."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm IgnoreRhosts"
msgstr "Cm IgnoreRhosts"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron
msgid ""
"Specifies whether to ignore per-user E<.Pa .rhosts> and E<.Pa .shosts> files "
"during E<.Cm HostbasedAuthentication>. The system-wide E<.Pa /etc/hosts."
"equiv> and E<.Pa /etc/ssh/shosts.equiv> are still used regardless of this "
"setting."
msgstr ""
"Cette option permet de spécifier si les fichiers E<.Pa .rhosts> et E<.Pa ."
"shosts> doivent être ignorés lors d’une authentification basée sur l’hôte. "
"Les fichiers globaux du système E<.Pa /etc/hosts.equiv> et E<.Pa /etc/ssh/"
"shosts.equiv> seront quant à eux toujours utilisés, et cela quelle que soit "
"la valeur de cette option."
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Accepted values are E<.Cm yes> (the default) to ignore all per-user files, "
"E<.Cm shosts-only> to allow the use of E<.Pa .shosts> but to ignore E<.Pa ."
"rhosts> or E<.Cm no> to allow both E<.Pa .shosts> and E<.Pa rhosts>."
msgstr ""
"Les valeurs acceptées sont E<.Cm yes> (la valeur par défaut) pour ignorer "
"tous les fichiers utilisateur, E<.Cm shosts-only> pour autoriser "
"l’utilisation de E<.Pa .shosts> mais ignorer E<.Pa .rhosts> ou E<.Cm no> "
"pour autoriser l’utilisation de E<.Pa .shosts> et E<.Pa rhosts>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm IgnoreUserKnownHosts"
msgstr "Cm IgnoreUserKnownHosts"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Xr sshd 8> should ignore the user's E<.Pa ~/.ssh/"
"known_hosts> during E<.Cm HostbasedAuthentication> and use only the system-"
"wide known hosts file E<.Pa /etc/ssh/ssh_known_hosts>. The default is E<.Dq "
"no>."
msgstr ""
"Cette option permet de spécifier si E<.Xr sshd 8> doit ignorer le fichier E<."
"Pa ~/.ssh/known_hosts> de l’utilisateur lors des authentifications basées "
"sur l’hôte pour n’utiliser que le fichier des hôtes connus global du système "
"E<.Pa /etc/ssh/ssh_known_hosts>. La valeur par défaut est E<.Cm no>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm Include"
msgstr "Cm Include"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Include the specified configuration file(s). Multiple pathnames may be "
"specified and each pathname may contain E<.Xr glob 7> wildcards that will be "
"expanded and processed in lexical order. Files without absolute paths are "
"assumed to be in E<.Pa /etc/ssh>. An E<.Cm Include> directive may appear "
"inside a E<.Cm Match> block to perform conditional inclusion."
msgstr ""
"Cette option permet d’inclure le(s) fichier(s) de configuration spécifié(s). "
"Plusieurs noms de chemin peuvent être spécifiés, chacun d’entre eux pouvant "
"contenir des caractères génériques E<.Xr glob 7>, et seront expansés et "
"traités selon l’ordre lexical. Les fichiers qui ne sont pas spécifiés à "
"l’aide d’un chemin absolu sont supposés être situés dans E<.Pa /etc/ssh>. "
"Une directive E<.Cm Include> peut être placée dans un bloc E<.Cm Match> afin "
"d’effectuer une inclusion conditionnelle."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm IPQoS"
msgstr "Cm IPQoS"
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"Specifies the IPv4 type-of-service or DSCP class for the connection. "
"Accepted values are E<.Cm af11>, E<.Cm af12>, E<.Cm af13>, E<.Cm af21>, E<."
"Cm af22>, E<.Cm af23>, E<.Cm af31>, E<.Cm af32>, E<.Cm af33>, E<.Cm af41>, "
"E<.Cm af42>, E<.Cm af43>, E<.Cm cs0>, E<.Cm cs1>, E<.Cm cs2>, E<.Cm cs3>, E<."
"Cm cs4>, E<.Cm cs5>, E<.Cm cs6>, E<.Cm cs7>, E<.Cm ef>, E<.Cm le>, E<.Cm "
"lowdelay>, E<.Cm throughput>, E<.Cm reliability>, a numeric value, or E<.Cm "
"none> to use the operating system default. This option may take one or two "
"arguments, separated by whitespace. If one argument is specified, it is "
"used as the packet class unconditionally. If two values are specified, the "
"first is automatically selected for interactive sessions and the second for "
"non-interactive sessions. The default is E<.Cm af21> (Low-Latency Data) "
"for interactive sessions and E<.Cm cs1> (Lower Effort) for non-interactive "
"sessions."
msgstr ""
"Cette option permet de spécifier le type de service IPv4 ou la classe DSCP "
"pour la connexion. Les valeurs acceptées sont E<.Cm af11>, E<.Cm af12>, E<."
"Cm af13>, E<.Cm af21>, E<.Cm af22>, E<.Cm af23>, E<.Cm af31>, E<.Cm af32>, "
"E<.Cm af33>, E<.Cm af41>, E<.Cm af42>, E<.Cm af43>, E<.Cm cs0>, E<.Cm cs1>, "
"E<.Cm cs2>, E<.Cm cs3>, E<.Cm cs4>, E<.Cm cs5>, E<.Cm cs6>, E<.Cm cs7>, E<."
"Cm ef>, E<.Cm le>, E<.Cm lowdelay>, E<.Cm throughput>, E<.Cm reliability>, "
"une valeur numérique ou E<.Cm none> pour utiliser la valeur par défaut du "
"système d’exploitation. Cette option peut prendre un ou deux arguments "
"séparés par des blancs. Si un seul argument est spécifié, il est utilisé en "
"tant que classe du paquet sans condition. Si deux arguments sont spécifiés, "
"le premier est automatiquement sélectionné pour les sessions interactives et "
"le second pour les sessions non interactives. La valeur par défaut est E<.Cm "
"af21> (données à faible latence) pour les sessions interactives et E<.Cm "
"cs1> (effort moindre) pour les sessions non interactives."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm KbdInteractiveAuthentication"
msgstr "Cm KbdInteractiveAuthentication"
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"Specifies whether to allow keyboard-interactive authentication. All "
"authentication styles from E<.Xr login.conf 5> are supported. The default "
"is E<.Cm yes>. The argument to this keyword must be E<.Cm yes> or E<.Cm "
"no>. E<.Cm ChallengeResponseAuthentication> is a deprecated alias for this."
msgstr ""
"Cette option permet de spécifier si l’authentification par saisie au clavier "
"est autorisée. Tous les styles d’authentification de E<.Xr login.conf 5> "
"sont pris en charge. La valeur par défaut est E<.Cm yes>. L’argument doit "
"être E<.Cm yes> ou E<.Cm no>. E<.Cm ChallengeResponseAuthentication> est un "
"alias obsolète de cette option."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm KerberosAuthentication"
msgstr "Cm KerberosAuthentication"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether the password provided by the user for E<.Cm "
"PasswordAuthentication> will be validated through the Kerberos KDC. To use "
"this option, the server needs a Kerberos servtab which allows the "
"verification of the KDC's identity. The default is E<.Cm no>."
msgstr ""
"Cette option permet de spécifier si le mot de passe fourni par l’utilisateur "
"pour l’authentification par mot de passe sera validé à l’aide du KDC (Centre "
"de Distribution de Clé) Kerberos. Pour utiliser cette option, le serveur a "
"besoin d'un fichier de clé servtab Kerberos qui autorise la vérification de "
"l'identité du KDC. La valeur par défaut est E<.Cm no>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm KerberosGetAFSToken"
msgstr "Cm KerberosGetAFSToken"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"If AFS is active and the user has a Kerberos 5 TGT, attempt to acquire an "
"AFS token before accessing the user's home directory. The default is E<.Cm "
"no>."
msgstr ""
"Si AFS est actif et si l’utilisateur possède un ticket (TGT) Kerberos 5, "
"essayer d’obtenir un jeton AFS avant d’accéder au répertoire personnel de "
"l’utilisateur. La valeur par défaut est E<.Cm no>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm KerberosOrLocalPasswd"
msgstr "Cm KerberosOrLocalPasswd"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"If password authentication through Kerberos fails then the password will be "
"validated via any additional local mechanism such as E<.Pa /etc/passwd>. "
"The default is E<.Cm yes>."
msgstr ""
"Si cette option est définie à E<.Cm yes> et si l'authentification par mot de "
"passe à l’aide de Kerberos échoue, le mot de passe sera validé à l’aide de "
"n'importe quel mécanisme additionnel local tel que E<.Pa /etc/passwd>. La "
"valeur par défaut est E<.Cm yes>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm KerberosTicketCleanup"
msgstr "Cm KerberosTicketCleanup"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether to automatically destroy the user's ticket cache file on "
"logout. The default is E<.Cm yes>."
msgstr ""
"Cette option permet de spécifier si le fichier cache du ticket de "
"l'utilisateur doit être automatiquement détruit à la déconnexion. La valeur "
"par défaut est E<.Cm yes>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm KexAlgorithms"
msgstr "Cm KexAlgorithms"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
msgid ""
"Specifies the available KEX (Key Exchange) algorithms. Multiple algorithms "
"must be comma-separated. Alternately if the specified list begins with a E<."
"Sq +> character, then the specified algorithms will be appended to the "
"default set instead of replacing them. If the specified list begins with a "
"E<.Sq -> character, then the specified algorithms (including wildcards) will "
"be removed from the default set instead of replacing them. If the specified "
"list begins with a E<.Sq ^> character, then the specified algorithms will be "
"placed at the head of the default set. The supported algorithms are:"
msgstr ""
"Cette option permet de spécifier les algorithmes d’échange de clés KEX (Key "
"Exchange) disponibles. Il est possible de spécifier plusieurs algorithmes en "
"les séparant par des virgules. Si la liste spécifiée commence par un "
"caractère « + », les algorithmes qu’elle contient seront ajoutés à la liste "
"par défaut au lieu de la remplacer. Si la liste spécifiée commence par un "
"caractère « - », les algorithmes qu’elle contient (pouvant contenir des "
"caractères génériques) seront supprimés de la liste par défaut au lieu de la "
"remplacer. Si la liste spécifiée commence par un caret « ^ », les "
"algorithmes qu’elle contient seront ajoutés au début de la liste par défaut. "
"Les algorithmes pris en charge sont :"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "curve25519-sha256"
msgstr "curve25519-sha256"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "curve25519-sha256@libssh.org"
msgstr "curve25519-sha256@libssh.org"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "diffie-hellman-group1-sha1"
msgstr "diffie-hellman-group1-sha1"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "diffie-hellman-group14-sha1"
msgstr "diffie-hellman-group14-sha1"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "diffie-hellman-group14-sha256"
msgstr "diffie-hellman-group14-sha256"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "diffie-hellman-group16-sha512"
msgstr "diffie-hellman-group16-sha512"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "diffie-hellman-group18-sha512"
msgstr "diffie-hellman-group18-sha512"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "diffie-hellman-group-exchange-sha1"
msgstr "diffie-hellman-group-exchange-sha1"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "diffie-hellman-group-exchange-sha256"
msgstr "diffie-hellman-group-exchange-sha256"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "ecdh-sha2-nistp256"
msgstr "ecdh-sha2-nistp256"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "ecdh-sha2-nistp384"
msgstr "ecdh-sha2-nistp384"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "ecdh-sha2-nistp521"
msgstr "ecdh-sha2-nistp521"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "sntrup761x25519-sha512@openssh.com"
msgstr "sntrup761x25519-sha512@openssh.com"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
#, no-wrap
msgid ""
"sntrup761x25519-sha512@openssh.com,\n"
"curve25519-sha256,curve25519-sha256@libssh.org,\n"
"ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,\n"
"diffie-hellman-group-exchange-sha256,\n"
"diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,\n"
"diffie-hellman-group14-sha256\n"
msgstr ""
"sntrup761x25519-sha512@openssh.com,\n"
"curve25519-sha256,curve25519-sha256@libssh.org,\n"
"ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,\n"
"diffie-hellman-group-exchange-sha256,\n"
"diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,\n"
"diffie-hellman-group14-sha256\n"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The list of available key exchange algorithms may also be obtained using E<."
"Qq ssh -Q KexAlgorithms>."
msgstr ""
"La liste des algorithmes d’échange de clés disponibles peut aussi être "
"obtenue en utilisant la commande « ssh -Q KexAlgorithms »."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm ListenAddress"
msgstr "Cm ListenAddress"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the local addresses E<.Xr sshd 8> should listen on. The following "
"forms may be used:"
msgstr ""
"Cette option permet de spécifier les adresses locales d'écoute sur "
"lesquelles E<.Xr sshd 8> doit attendre les connexions. On peut utiliser les "
"formes suivantes :"
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"E<.Cm ListenAddress> E<.Sm off> E<.Ar hostname | address> E<.Sm on> E<.Op Cm "
"rdomain Ar domain>"
msgstr ""
"E<.Cm ListenAddress> E<.Sm off> E<.Ar nom_hôte | adresse> E<.Sm on> E<.Op Cm "
"rdomain Ar domaine>"
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"E<.Cm ListenAddress> E<.Sm off> E<.Ar hostname : port> E<.Sm on> E<.Op Cm "
"rdomain Ar domain>"
msgstr ""
"E<.Cm ListenAddress> E<.Sm off> E<.Ar nom_hôte : port> E<.Sm on> E<.Op Cm "
"rdomain Ar domaine>"
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"E<.Cm ListenAddress> E<.Sm off> E<.Ar IPv4_address : port> E<.Sm on> E<.Op "
"Cm rdomain Ar domain>"
msgstr ""
"E<.Cm ListenAddress> E<.Sm off> E<.Ar adresse_IPv4 : port> E<.Sm on> E<.Op "
"Cm rdomain Ar domaine>"
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"E<.Cm ListenAddress> E<.Sm off> E<.Oo Ar hostname | address Oc : Ar port> E<."
"Sm on> E<.Op Cm rdomain Ar domain>"
msgstr ""
"E<.Cm ListenAddress> E<.Sm off> E<.Oo Ar nom_hôte | adresse Oc : Ar port> E<."
"Sm on> E<.Op Cm rdomain Ar domaine>"
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"The optional E<.Cm rdomain> qualifier requests E<.Xr sshd 8> listen in an "
"explicit routing domain. If E<.Ar port> is not specified, sshd will listen "
"on the address and all E<.Cm Port> options specified. The default is to "
"listen on all local addresses on the current default routing domain. "
"Multiple E<.Cm ListenAddress> options are permitted. For more information "
"on routing domains, see E<.Xr rdomain 4>."
msgstr ""
"Le qualifieur facultatif E<.Cm rdomain> demande à E<.Xr sshd 8> d’écouter "
"dans un domaine de routage explicite. Si E<.Ar port> n’est pas spécifié, "
"sshd va écouter sur l’adresse et les ports spécifiés à l’aide de toutes les "
"options E<.Cm Port>. Par défaut, l’écoute s’effectue sur toutes les adresses "
"locales du domaine de routage par défaut actuel. Il est possible de "
"spécifier plusieurs options E<.Cm ListenAddress>. Pour plus d’informations à "
"propos des domaines de routage, voir E<.Xr rdomain 4>."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm LoginGraceTime"
msgstr "Cm LoginGraceTime"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The server disconnects after this time if the user has not successfully "
"logged in. If the value is 0, there is no time limit. The default is 120 "
"seconds."
msgstr ""
"Le serveur se déconnecte après ce délai si l'utilisateur n’a pas réussi à se "
"connecter. Si la valeur est 0, il n'y a aucune limite de temps. La valeur "
"par défaut est 120 (secondes)."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm LogLevel"
msgstr "Cm LogLevel"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Gives the verbosity level that is used when logging messages from E<.Xr sshd "
"8>. The possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, "
"DEBUG1, DEBUG2, and DEBUG3. The default is INFO. DEBUG and DEBUG1 are "
"equivalent. DEBUG2 and DEBUG3 each specify higher levels of debugging "
"output. Logging with a DEBUG level violates the privacy of users and is not "
"recommended."
msgstr ""
"Cette option permet d’indiquer le niveau de prolixité utilisé lors de la "
"journalisation des messages en provenance de E<.Xr sshd 8>. Les valeurs "
"possibles sont : QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 "
"et DEBUG3. La valeur par défaut est INFO. DEBUG et DEBUG1 sont équivalents. "
"DEBUG2 et DEBUG3 indiquent des niveaux de débogage supérieurs pour la "
"sortie. Le niveau de journalisation DEBUG viole la vie privée des "
"utilisateurs et n’est pas recommandé."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm LogVerbose"
msgstr "Cm LogVerbose"
#. type: Plain text
#: archlinux debian-unstable
msgid ""
"Specify one or more overrides to E<.Cm LogLevel>. An override consists of a "
"pattern lists that matches the source file, function and line number to "
"force detailed logging for. For example, an override pattern of:"
msgstr ""
"Cette option permet de spécifier plusieurs outrepassements de E<.Cm "
"LogLevel>. Un outrepassement consiste en une liste de motifs qui correspond "
"au fichier source, à la fonction et au numéro de ligne pour lesquels la "
"journalisation doit être plus détaillée. Par exemple, le motif "
"d’outrepassement suivant :"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "kex.c:*:1000,*:kex_exchange_identification():*,packet.c:*\n"
msgstr "kex.c:*:1000,*:kex_exchange_identification():*,packet.c:*\n"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"would enable detailed logging for line 1000 of E<.Pa kex.c>, everything in "
"the E<.Fn kex_exchange_identification> function, and all code in the E<.Pa "
"packet.c> file. This option is intended for debugging and no overrides are "
"enabled by default."
msgstr ""
"activerait la journalisation détaillée pour la ligne 1000 de E<.Pa kex.c>, "
"tout le contenu de la fonction E<.Fn kex_exchange_identification> et tout le "
"code du fichier E<.Pa packet.c>. Cette option est destinée au débogage et "
"aucun outrepassement n’est activé par défaut."
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm MACs"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
msgid ""
"Specifies the available MAC (message authentication code) algorithms. The "
"MAC algorithm is used for data integrity protection. Multiple algorithms "
"must be comma-separated. If the specified list begins with a E<.Sq +> "
"character, then the specified algorithms will be appended to the default set "
"instead of replacing them. If the specified list begins with a E<.Sq -> "
"character, then the specified algorithms (including wildcards) will be "
"removed from the default set instead of replacing them. If the specified "
"list begins with a E<.Sq ^> character, then the specified algorithms will be "
"placed at the head of the default set."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The algorithms that contain E<.Qq -etm> calculate the MAC after encryption "
"(encrypt-then-mac). These are considered safer and their use recommended. "
"The supported MACs are:"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-md5"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-md5-96"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-sha1"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-sha1-96"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-sha2-256"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-sha2-512"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "umac-64@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "umac-128@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-md5-etm@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-md5-96-etm@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-sha1-etm@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-sha1-96-etm@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-sha2-256-etm@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hmac-sha2-512-etm@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "umac-64-etm@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "umac-128-etm@openssh.com"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
#, no-wrap
msgid ""
"umac-64-etm@openssh.com,umac-128-etm@openssh.com,\n"
"hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,\n"
"hmac-sha1-etm@openssh.com,\n"
"umac-64@openssh.com,umac-128@openssh.com,\n"
"hmac-sha2-256,hmac-sha2-512,hmac-sha1\n"
msgstr ""
"umac-64-etm@openssh.com,umac-128-etm@openssh.com,\n"
"hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,\n"
"hmac-sha1-etm@openssh.com,\n"
"umac-64@openssh.com,umac-128@openssh.com,\n"
"hmac-sha2-256,hmac-sha2-512,hmac-sha1\n"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The list of available MAC algorithms may also be obtained using E<.Qq ssh -Q "
"mac>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm Match"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Introduces a conditional block. If all of the criteria on the E<.Cm Match> "
"line are satisfied, the keywords on the following lines override those set "
"in the global section of the config file, until either another E<.Cm Match> "
"line or the end of the file. If a keyword appears in multiple E<.Cm Match> "
"blocks that are satisfied, only the first instance of the keyword is applied."
msgstr ""
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"The arguments to E<.Cm Match> are one or more criteria-pattern pairs or the "
"single token E<.Cm All> which matches all criteria. The available criteria "
"are E<.Cm User>, E<.Cm Group>, E<.Cm Host>, E<.Cm LocalAddress>, E<.Cm "
"LocalPort>, E<.Cm RDomain>, and E<.Cm Address> (with E<.Cm RDomain> "
"representing the E<.Xr rdomain 4> on which the connection was received)."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The match patterns may consist of single entries or comma-separated lists "
"and may use the wildcard and negation operators described in the E<.Sx "
"PATTERNS> section of E<.Xr ssh_config 5>."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The patterns in an E<.Cm Address> criteria may additionally contain "
"addresses to match in CIDR address/masklen format, such as 192.0.2.0/24 or "
"2001:db8::/32. Note that the mask length provided must be consistent with "
"the address - it is an error to specify a mask length that is too long for "
"the address or one with bits set in this host portion of the address. For "
"example, 192.0.2.0/33 and 192.0.2.0/8, respectively."
msgstr ""
#. type: Plain text
#: archlinux opensuse-tumbleweed
msgid ""
"Only a subset of keywords may be used on the lines following a E<.Cm Match> "
"keyword. Available keywords are E<.Cm AcceptEnv>, E<.Cm "
"AllowAgentForwarding>, E<.Cm AllowGroups>, E<.Cm "
"AllowStreamLocalForwarding>, E<.Cm AllowTcpForwarding>, E<.Cm AllowUsers>, "
"E<.Cm AuthenticationMethods>, E<.Cm AuthorizedKeysCommand>, E<.Cm "
"AuthorizedKeysCommandUser>, E<.Cm AuthorizedKeysFile>, E<.Cm "
"AuthorizedPrincipalsCommand>, E<.Cm AuthorizedPrincipalsCommandUser>, E<.Cm "
"AuthorizedPrincipalsFile>, E<.Cm Banner>, E<.Cm CASignatureAlgorithms>, E<."
"Cm ChannelTimeout>, E<.Cm ChrootDirectory>, E<.Cm ClientAliveCountMax>, E<."
"Cm ClientAliveInterval>, E<.Cm DenyGroups>, E<.Cm DenyUsers>, E<.Cm "
"DisableForwarding>, E<.Cm ExposeAuthInfo>, E<.Cm ForceCommand>, E<.Cm "
"GatewayPorts>, E<.Cm GSSAPIAuthentication>, E<.Cm "
"HostbasedAcceptedAlgorithms>, E<.Cm HostbasedAuthentication>, E<.Cm "
"HostbasedUsesNameFromPacketOnly>, E<.Cm IgnoreRhosts>, E<.Cm Include>, E<.Cm "
"IPQoS>, E<.Cm KbdInteractiveAuthentication>, E<.Cm KerberosAuthentication>, "
"E<.Cm LogLevel>, E<.Cm MaxAuthTries>, E<.Cm MaxSessions>, E<.Cm "
"PasswordAuthentication>, E<.Cm PermitEmptyPasswords>, E<.Cm PermitListen>, "
"E<.Cm PermitOpen>, E<.Cm PermitRootLogin>, E<.Cm PermitTTY>, E<.Cm "
"PermitTunnel>, E<.Cm PermitUserRC>, E<.Cm PubkeyAcceptedAlgorithms>, E<.Cm "
"PubkeyAuthentication>, E<.Cm PubkeyAuthOptions>, E<.Cm RekeyLimit>, E<.Cm "
"RevokedKeys>, E<.Cm RDomain>, E<.Cm SetEnv>, E<.Cm StreamLocalBindMask>, E<."
"Cm StreamLocalBindUnlink>, E<.Cm TrustedUserCAKeys>, E<.Cm "
"UnusedConnectionTimeout>, E<.Cm X11DisplayOffset>, E<.Cm X11Forwarding> and "
"E<.Cm X11UseLocalhost>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm MaxAuthTries"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the maximum number of authentication attempts permitted per "
"connection. Once the number of failures reaches half this value, additional "
"failures are logged. The default is 6."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm MaxSessions"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the maximum number of open shell, login or subsystem (e.g. sftp) "
"sessions permitted per network connection. Multiple sessions may be "
"established by clients that support connection multiplexing. Setting E<.Cm "
"MaxSessions> to 1 will effectively disable session multiplexing, whereas "
"setting it to 0 will prevent all shell, login and subsystem sessions while "
"still permitting forwarding. The default is 10."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm MaxStartups"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the maximum number of concurrent unauthenticated connections to "
"the SSH daemon. Additional connections will be dropped until authentication "
"succeeds or the E<.Cm LoginGraceTime> expires for a connection. The default "
"is 10:30:100."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Alternatively, random early drop can be enabled by specifying the three "
"colon separated values start:rate:full (e.g. \"10:30:60\"). E<.Xr sshd 8> "
"will refuse connection attempts with a probability of rate/100 (30%) if "
"there are currently start (10) unauthenticated connections. The probability "
"increases linearly and all connection attempts are refused if the number of "
"unauthenticated connections reaches full (60)."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm ModuliFile"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the E<.Xr moduli 5> file that contains the Diffie-Hellman groups "
"used for the E<.Dq diffie-hellman-group-exchange-sha1> and E<.Dq diffie-"
"hellman-group-exchange-sha256> key exchange methods. The default is E<.Pa /"
"etc/ssh/moduli>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PasswordAuthentication"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether password authentication is allowed. The default is E<.Cm "
"yes>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PermitEmptyPasswords"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"When password authentication is allowed, it specifies whether the server "
"allows login to accounts with empty password strings. The default is E<.Cm "
"no>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PermitListen"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the addresses/ports on which a remote TCP port forwarding may "
"listen. The listen specification must be one of the following forms:"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "E<.Cm PermitListen> E<.Sm off> E<.Ar port> E<.Sm on>"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "E<.Cm PermitListen> E<.Sm off> E<.Ar host : port> E<.Sm on>"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Multiple permissions may be specified by separating them with whitespace. "
"An argument of E<.Cm any> can be used to remove all restrictions and permit "
"any listen requests. An argument of E<.Cm none> can be used to prohibit all "
"listen requests. The host name may contain wildcards as described in the "
"PATTERNS section in E<.Xr ssh_config 5>. The wildcard E<.Sq *> can also be "
"used in place of a port number to allow all ports. By default all port "
"forwarding listen requests are permitted. Note that the E<.Cm GatewayPorts> "
"option may further restrict which addresses may be listened on. Note also "
"that E<.Xr ssh 1> will request a listen host of E<.Dq localhost> if no "
"listen host was specifically requested, and this name is treated differently "
"to explicit localhost addresses of E<.Dq 127.0.0.1> and E<.Dq ::1>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PermitOpen"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the destinations to which TCP port forwarding is permitted. The "
"forwarding specification must be one of the following forms:"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "E<.Cm PermitOpen> E<.Sm off> E<.Ar host : port> E<.Sm on>"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "E<.Cm PermitOpen> E<.Sm off> E<.Ar IPv4_addr : port> E<.Sm on>"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"E<.Cm PermitOpen> E<.Sm off> E<.Ar \\&[ IPv6_addr \\&] : port> E<.Sm on>"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Multiple forwards may be specified by separating them with whitespace. An "
"argument of E<.Cm any> can be used to remove all restrictions and permit any "
"forwarding requests. An argument of E<.Cm none> can be used to prohibit all "
"forwarding requests. The wildcard E<.Sq *> can be used for host or port to "
"allow all hosts or ports respectively. Otherwise, no pattern matching or "
"address lookups are performed on supplied names. By default all port "
"forwarding requests are permitted."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PermitRootLogin"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether root can log in using E<.Xr ssh 1>. The argument must be "
"E<.Cm yes>, E<.Cm prohibit-password>, E<.Cm forced-commands-only>, or E<.Cm "
"no>. The default is E<.Cm prohibit-password>."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"If this option is set to E<.Cm prohibit-password> (or its deprecated alias, "
"E<.Cm without-password>), password and keyboard-interactive authentication "
"are disabled for root."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"If this option is set to E<.Cm forced-commands-only>, root login with public "
"key authentication will be allowed, but only if the E<.Ar command> option "
"has been specified (which may be useful for taking remote backups even if "
"root login is normally not allowed). All other authentication methods are "
"disabled for root."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "If this option is set to E<.Cm no>, root is not allowed to log in."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PermitTTY"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Xr pty 4> allocation is permitted. The default is E<."
"Cm yes>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PermitTunnel"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Xr tun 4> device forwarding is allowed. The argument "
"must be E<.Cm yes>, E<.Cm point-to-point> (layer 3), E<.Cm ethernet> (layer "
"2), or E<.Cm no>. Specifying E<.Cm yes> permits both E<.Cm point-to-point> "
"and E<.Cm ethernet>. The default is E<.Cm no>."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Independent of this setting, the permissions of the selected E<.Xr tun 4> "
"device must allow access to the user."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PermitUserEnvironment"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Pa ~/.ssh/environment> and E<.Cm environment=> options "
"in E<.Pa ~/.ssh/authorized_keys> are processed by E<.Xr sshd 8>. Valid "
"options are E<.Cm yes>, E<.Cm no> or a pattern-list specifying which "
"environment variable names to accept (for example E<.Qq LANG,LC_*>). The "
"default is E<.Cm no>. Enabling environment processing may enable users to "
"bypass access restrictions in some configurations using mechanisms such as "
"E<.Ev LD_PRELOAD>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PermitUserRC"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether any E<.Pa ~/.ssh/rc> file is executed. The default is E<."
"Cm yes>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PerSourceMaxStartups"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the number of unauthenticated connections allowed from a given "
"source address, or E<.Dq none> if there is no limit. This limit is applied "
"in addition to E<.Cm MaxStartups>, whichever is lower. The default is E<.Cm "
"none>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PerSourceNetBlockSize"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the number of bits of source address that are grouped together for "
"the purposes of applying PerSourceMaxStartups limits. Values for IPv4 and "
"optionally IPv6 may be specified, separated by a colon. The default is E<."
"Cm 32:128>, which means each address is considered individually."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PidFile"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable opensuse-tumbleweed
msgid ""
"Specifies the file that contains the process ID of the SSH daemon, or E<.Cm "
"none> to not write one. The default is E<.Pa /run/sshd.pid>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm Port"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the port number that E<.Xr sshd 8> listens on. The default is "
"22. Multiple options of this type are permitted. See also E<.Cm "
"ListenAddress>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PrintLastLog"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Xr sshd 8> should print the date and time of the last "
"user login when a user logs in interactively. The default is E<.Cm yes>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PrintMotd"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Xr sshd 8> should print E<.Pa /etc/motd> when a user "
"logs in interactively. (On some systems it is also printed by the shell, E<."
"Pa /etc/profile>, or equivalent.) The default is E<.Cm yes>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PubkeyAcceptedAlgorithms"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable
msgid ""
"Specifies the signature algorithms that will be accepted for public key "
"authentication as a list of comma-separated patterns. Alternately if the "
"specified list begins with a E<.Sq +> character, then the specified "
"algorithms will be appended to the default set instead of replacing them. "
"If the specified list begins with a E<.Sq -> character, then the specified "
"algorithms (including wildcards) will be removed from the default set "
"instead of replacing them. If the specified list begins with a E<.Sq ^> "
"character, then the specified algorithms will be placed at the head of the "
"default set. The default for this option is:"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The list of available signature algorithms may also be obtained using E<.Qq "
"ssh -Q PubkeyAcceptedAlgorithms>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PubkeyAuthOptions"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Sets one or more public key authentication options. The supported keywords "
"are: E<.Cm none> (the default; indicating no additional options are "
"enabled), E<.Cm touch-required> and E<.Cm verify-required>."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The E<.Cm touch-required> option causes public key authentication using a "
"FIDO authenticator algorithm (i.e.\\& E<.Cm ecdsa-sk> or E<.Cm ed25519-sk>) "
"to always require the signature to attest that a physically present user "
"explicitly confirmed the authentication (usually by touching the "
"authenticator). By default, E<.Xr sshd 8> requires user presence unless "
"overridden with an authorized_keys option. The E<.Cm touch-required> flag "
"disables this override."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The E<.Cm verify-required> option requires a FIDO key signature attest that "
"the user was verified, e.g. via a PIN."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Neither the E<.Cm touch-required> or E<.Cm verify-required> options have any "
"effect for other, non-FIDO, public key types."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm PubkeyAuthentication"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether public key authentication is allowed. The default is E<."
"Cm yes>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm RekeyLimit"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the maximum amount of data that may be transmitted or received "
"before the session key is renegotiated, optionally followed by a maximum "
"amount of time that may pass before the session key is renegotiated. The "
"first argument is specified in bytes and may have a suffix of E<.Sq K>, E<."
"Sq M>, or E<.Sq G> to indicate Kilobytes, Megabytes, or Gigabytes, "
"respectively. The default is between E<.Sq 1G> and E<.Sq 4G>, depending on "
"the cipher. The optional second value is specified in seconds and may use "
"any of the units documented in the E<.Sx TIME FORMATS> section. The default "
"value for E<.Cm RekeyLimit> is E<.Cm default none>, which means that "
"rekeying is performed after the cipher's default amount of data has been "
"sent or received and no time based rekeying is done."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm RequiredRSASize"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the minimum RSA key size (in bits) that E<.Xr sshd 8> will "
"accept. User and host-based authentication keys smaller than this limit "
"will be refused. The default is E<.Cm 1024> bits. Note that this limit may "
"only be raised from the default."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm RevokedKeys"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies revoked public keys file, or E<.Cm none> to not use one. Keys "
"listed in this file will be refused for public key authentication. Note "
"that if this file is not readable, then public key authentication will be "
"refused for all users. Keys may be specified as a text file, listing one "
"public key per line, or as an OpenSSH Key Revocation List (KRL) as generated "
"by E<.Xr ssh-keygen 1>. For more information on KRLs, see the KEY "
"REVOCATION LISTS section in E<.Xr ssh-keygen 1>."
msgstr ""
#. type: It
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm RDomain"
msgstr ""
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies an explicit routing domain that is applied after authentication "
"has completed. The user session, as well as any forwarded or listening IP "
"sockets, will be bound to this E<.Xr rdomain 4>. If the routing domain is "
"set to E<.Cm \\&%D>, then the domain in which the incoming connection was "
"received will be applied."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm SecurityKeyProvider"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies a path to a library that will be used when loading FIDO "
"authenticator-hosted keys, overriding the default of using the built-in USB "
"HID support."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm SetEnv"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies one or more environment variables to set in child sessions started "
"by E<.Xr sshd 8> as E<.Dq NAME=VALUE>. The environment value may be quoted "
"(e.g. if it contains whitespace characters). Environment variables set by "
"E<.Cm SetEnv> override the default environment and any variables specified "
"by the user via E<.Cm AcceptEnv> or E<.Cm PermitUserEnvironment>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm StreamLocalBindMask"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Sets the octal file creation mode mask E<.Pq umask> used when creating a "
"Unix-domain socket file for local or remote port forwarding. This option is "
"only used for port forwarding to a Unix-domain socket file."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The default value is 0177, which creates a Unix-domain socket file that is "
"readable and writable only by the owner. Note that not all operating "
"systems honor the file mode on Unix-domain socket files."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm StreamLocalBindUnlink"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether to remove an existing Unix-domain socket file for local or "
"remote port forwarding before creating a new one. If the socket file "
"already exists and E<.Cm StreamLocalBindUnlink> is not enabled, E<.Nm sshd> "
"will be unable to forward the port to the Unix-domain socket file. This "
"option is only used for port forwarding to a Unix-domain socket file."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The argument must be E<.Cm yes> or E<.Cm no>. The default is E<.Cm no>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm StrictModes"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Xr sshd 8> should check file modes and ownership of the "
"user's files and home directory before accepting login. This is normally "
"desirable because novices sometimes accidentally leave their directory or "
"files world-writable. The default is E<.Cm yes>. Note that this does not "
"apply to E<.Cm ChrootDirectory>, whose permissions and ownership are checked "
"unconditionally."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm Subsystem"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Configures an external subsystem (e.g. file transfer daemon). Arguments "
"should be a subsystem name and a command (with optional arguments) to "
"execute upon subsystem request."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The command E<.Cm sftp-server> implements the SFTP file transfer subsystem."
msgstr ""
#. type: Plain text
#: archlinux debian-unstable
msgid ""
"Alternately the name E<.Cm internal-sftp> implements an in-process SFTP "
"server. This may simplify configurations using E<.Cm ChrootDirectory> to "
"force a different filesystem root on clients. It accepts the same command "
"line arguments as E<.Cm sftp-server> and even though it is in-process, "
"settings such as E<.Cm LogLevel> or E<.Cm SyslogFacility> do not apply to it "
"and must be set explicitly via command line arguments."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "By default no subsystems are defined."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm SyslogFacility"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable opensuse-tumbleweed
msgid ""
"Gives the facility code that is used when logging messages from E<.Xr sshd "
"8>. The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, "
"LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm TCPKeepAlive"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether the system should send TCP keepalive messages to the other "
"side. If they are sent, death of the connection or crash of one of the "
"machines will be properly noticed. However, this means that connections "
"will die if the route is down temporarily, and some people find it "
"annoying. On the other hand, if TCP keepalives are not sent, sessions may "
"hang indefinitely on the server, leaving E<.Qq ghost> users and consuming "
"server resources."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The default is E<.Cm yes> (to send TCP keepalive messages), and the server "
"will notice if the network goes down or the client host crashes. This "
"avoids infinitely hanging sessions."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"To disable TCP keepalive messages, the value should be set to E<.Cm no>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm TrustedUserCAKeys"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies a file containing public keys of certificate authorities that are "
"trusted to sign user certificates for authentication, or E<.Cm none> to not "
"use one. Keys are listed one per line; empty lines and comments starting "
"with E<.Ql #> are allowed. If a certificate is presented for authentication "
"and has its signing CA key listed in this file, then it may be used for "
"authentication for any user listed in the certificate's principals list. "
"Note that certificates that lack a list of principals will not be permitted "
"for authentication using E<.Cm TrustedUserCAKeys>. For more details on "
"certificates, see the CERTIFICATES section in E<.Xr ssh-keygen 1>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm UnusedConnectionTimeout"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether and how quickly E<.Xr sshd 8> should close client "
"connections with no open channels. Open channels include active shell, "
"command execution or subsystem sessions, connected network, socket, agent or "
"X11 forwardings. Forwarding listeners, such as those from the E<.Xr ssh 1> "
"E<.Fl R> flag, are not considered as open channels and do not prevent the "
"timeout. The timeout value is specified in seconds or may use any of the "
"units documented in the E<.Sx TIME FORMATS> section."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Note that this timeout starts when the client connection completes user "
"authentication but before the client has an opportunity to open any "
"channels. Caution should be used when using short timeout values, as they "
"may not provide sufficient time for the client to request and open its "
"channels before terminating the connection."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"The default E<.Cm none> is to never expire connections for having no open "
"channels. This option may be useful in conjunction with E<.Cm "
"ChannelTimeout>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm UseDNS"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Xr sshd 8> should look up the remote host name, and to "
"check that the resolved host name for the remote IP address maps back to the "
"very same IP address."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"If this option is set to E<.Cm no> (the default) then only addresses and not "
"host names may be used in E<.Pa ~/.ssh/authorized_keys> E<.Cm from> and E<."
"Nm> E<.Cm Match> E<.Cm Host> directives."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm UsePAM"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Enables the Pluggable Authentication Module interface. If set to E<.Cm yes> "
"this will enable PAM authentication using E<.Cm "
"KbdInteractiveAuthentication> and E<.Cm PasswordAuthentication> in addition "
"to PAM account and session module processing for all authentication types."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Because PAM keyboard-interactive authentication usually serves an equivalent "
"role to password authentication, you should disable either E<.Cm "
"PasswordAuthentication> or E<.Cm KbdInteractiveAuthentication>."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"If E<.Cm UsePAM> is enabled, you will not be able to run E<.Xr sshd 8> as a "
"non-root user. The default is E<.Cm no>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm VersionAddendum"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Optionally specifies additional text to append to the SSH protocol banner "
"sent by the server upon connection. The default is E<.Cm none>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm X11DisplayOffset"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the first display number available for E<.Xr sshd 8 Ns 's> X11 "
"forwarding. This prevents sshd from interfering with real X11 servers. The "
"default is 10."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm X11Forwarding"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether X11 forwarding is permitted. The argument must be E<.Cm "
"yes> or E<.Cm no>. The default is E<.Cm no>."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"When X11 forwarding is enabled, there may be additional exposure to the "
"server and to client displays if the E<.Xr sshd 8> proxy display is "
"configured to listen on the wildcard address (see E<.Cm X11UseLocalhost>), "
"though this is not the default. Additionally, the authentication spoofing "
"and authentication data verification and substitution occur on the client "
"side. The security risk of using X11 forwarding is that the client's X11 "
"display server may be exposed to attack when the SSH client requests "
"forwarding (see the warnings for E<.Cm ForwardX11> in E<.Xr ssh_config 5>). "
"A system administrator may have a stance in which they want to protect "
"clients that may expose themselves to attack by unwittingly requesting X11 "
"forwarding, which can warrant a E<.Cm no> setting."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Note that disabling X11 forwarding does not prevent users from forwarding "
"X11 traffic, as users can always install their own forwarders."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm X11UseLocalhost"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether E<.Xr sshd 8> should bind the X11 forwarding server to the "
"loopback address or to the wildcard address. By default, sshd binds the "
"forwarding server to the loopback address and sets the hostname part of the "
"E<.Ev DISPLAY> environment variable to E<.Cm localhost>. This prevents "
"remote hosts from connecting to the proxy display. However, some older X11 "
"clients may not function with this configuration. E<.Cm X11UseLocalhost> "
"may be set to E<.Cm no> to specify that the forwarding server should be "
"bound to the wildcard address. The argument must be E<.Cm yes> or E<.Cm "
"no>. The default is E<.Cm yes>."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm XAuthLocation"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the full pathname of the E<.Xr xauth 1> program, or E<.Cm none> to "
"not use one. The default is E<.Pa /usr/bin/xauth>."
msgstr ""
#. type: Sh
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "TIME FORMATS"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"E<.Xr sshd 8> command-line arguments and configuration file options that "
"specify time may be expressed using a sequence of the form: E<.Sm off> E<.Ar "
"time Op Ar qualifier>, E<.Sm on> where E<.Ar time> is a positive integer "
"value and E<.Ar qualifier> is one of the following:"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Aq Cm none"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "seconds"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm s | Cm S"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm m | Cm M"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "minutes"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm h | Cm H"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "hours"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm d | Cm D"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "days"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm w | Cm W"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "weeks"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Each member of the sequence is added together to calculate the total time "
"value."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "Time format examples:"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "600"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "600 seconds (10 minutes)"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "10m"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "10 minutes"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "1h30m"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "1 hour 30 minutes (90 minutes)"
msgstr ""
#. type: Sh
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "TOKENS"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Arguments to some keywords can make use of tokens, which are expanded at "
"runtime:"
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%%"
msgstr "%%"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "A literal E<.Sq %>."
msgstr ""
#. type: It
#: archlinux debian-unstable fedora-40 fedora-rawhide opensuse-tumbleweed
#, no-wrap
msgid "\\&%C"
msgstr ""
#. type: Plain text
#: archlinux debian-unstable fedora-40 fedora-rawhide opensuse-tumbleweed
msgid ""
"Identifies the connection endpoints, containing four space-separated values: "
"client address, client port number, server address, and server port number."
msgstr ""
#. type: It
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "\\&%D"
msgstr ""
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid "The routing domain in which the incoming connection was received."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%F"
msgstr "%F"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The fingerprint of the CA key."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%f"
msgstr "%f"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The fingerprint of the key or certificate."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%h"
msgstr "%h"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The home directory of the user."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%i"
msgstr "%i"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The key ID in the certificate."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%K"
msgstr "%K"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The base64-encoded CA key."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%k"
msgstr "%k"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The base64-encoded key or certificate for authentication."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%s"
msgstr "%s"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The serial number of the certificate."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "\\&%T"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The type of the CA key."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%t"
msgstr "%t"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The key or certificate type."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "\\&%U"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The numeric user ID of the target user."
msgstr ""
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "%u"
msgstr "%u"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "The username."
msgstr ""
#. type: Plain text
#: archlinux debian-unstable fedora-40 fedora-rawhide opensuse-tumbleweed
msgid ""
"E<.Cm AuthorizedKeysCommand> accepts the tokens %%, %C, %D, %f, %h, %k, %t, "
"%U, and %u."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "E<.Cm AuthorizedKeysFile> accepts the tokens %%, %h, %U, and %u."
msgstr ""
#. type: Plain text
#: archlinux debian-unstable fedora-40 fedora-rawhide opensuse-tumbleweed
msgid ""
"E<.Cm AuthorizedPrincipalsCommand> accepts the tokens %%, %C, %D, %F, %f, "
"%h, %i, %K, %k, %s, %T, %t, %U, and %u."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "E<.Cm AuthorizedPrincipalsFile> accepts the tokens %%, %h, %U, and %u."
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid "E<.Cm ChrootDirectory> accepts the tokens %%, %h, %U, and %u."
msgstr ""
#. type: Plain text
#: archlinux fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid "E<.Cm RoutingDomain> accepts the token %D."
msgstr ""
#. type: Sh
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "FILES"
msgstr "FICHIERS"
#. type: It
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Pa /etc/ssh/sshd_config"
msgstr ""
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"Contains configuration data for E<.Xr sshd 8>. This file should be writable "
"by root only, but it is recommended (though not necessary) that it be world-"
"readable."
msgstr ""
#. type: Sh
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "SEE ALSO"
msgstr "VOIR AUSSI"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable mageia-cauldron
msgid "E<.Xr sftp-server 8>, E<.Xr sshd 8>"
msgstr ""
#. type: Sh
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "AUTHORS"
msgstr "AUTEURS"
#. type: Plain text
#: archlinux debian-bookworm debian-unstable fedora-40 fedora-rawhide
#: mageia-cauldron opensuse-tumbleweed
msgid ""
"E<.An -nosplit> OpenSSH is a derivative of the original and free ssh 1.2.12 "
"release by E<.An Tatu Ylonen>. E<.An Aaron Campbell , Bob Beck , Markus "
"Friedl , Niels Provos>, E<.An Theo de Raadt> and E<.An Dug Song> removed "
"many bugs, re-added newer features and created OpenSSH. E<.An Markus "
"Friedl> contributed the support for SSH protocol versions 1.5 and 2.0. E<."
"An Niels Provos> and E<.An Markus Friedl> contributed support for privilege "
"separation."
msgstr ""
#. type: Dd
#: debian-bookworm
#, no-wrap
msgid "$Mdocdate: January 18 2023 $"
msgstr ""
#. type: Plain text
#: debian-bookworm
msgid ""
"E<.Xr sshd 8> reads configuration data from E<.Pa /etc/ssh/sshd_config> (or "
"the file specified with E<.Fl f> on the command line). The file contains "
"keyword-argument pairs, one per line. For each keyword, the first obtained "
"value will be used. Lines starting with E<.Ql #> and empty lines are "
"interpreted as comments. Arguments may optionally be enclosed in double "
"quotes E<.Pq \\&\"> in order to represent arguments containing spaces."
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Note that the Debian E<.Ic openssh-server> package sets several options as "
"standard in E<.Pa /etc/ssh/sshd_config> which are not the default in E<.Xr "
"sshd 8>:"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm Include /etc/ssh/sshd_config.d/*.conf>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm KbdInteractiveAuthentication No no>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm X11Forwarding No yes>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm PrintMotd No no>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm AcceptEnv No LANG LC_*>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm Subsystem No sftp /usr/lib/openssh/sftp-server>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm UsePAM No yes>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"E<.Pa /etc/ssh/sshd_config.d/*.conf> files are included at the start of the "
"configuration file, so options set there will override those in E<.Pa /etc/"
"ssh/sshd_config.>"
msgstr ""
#. type: Plain text
#: debian-bookworm
msgid "See PATTERNS in E<.Xr ssh_config 5> for more information on patterns."
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies whether and how quickly E<.Xr sshd 8> should close inactive "
"channels. Timeouts are specified as one or more E<.Dq type=interval> pairs "
"separated by whitespace, where the E<.Dq type> must be a channel type name "
"(as described in the table below), optionally containing wildcard characters."
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"The timeout value E<.Dq interval> is specified in seconds or may use any of "
"the units documented in the E<.Sx TIME FORMATS> section. For example, E<.Dq "
"session:*=5m> would cause all sessions to terminate after five minutes of "
"inactivity. Specifying a zero value disables the inactivity timeout."
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid "The available channel types include:"
msgstr ""
#. type: It
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm session:command"
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid "Command execution sessions."
msgstr ""
#. type: It
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm session:shell"
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid "Interactive shell sessions."
msgstr ""
#. type: It
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid "Cm session:subsystem:..."
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Subsystem sessions, e.g. for E<.Xr sftp 1>, which could be identified as E<."
"Cm session:subsystem:sftp>."
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Moreover, terminating an inactive channel or session does not necessarily "
"close the SSH connection, nor does it prevent a client from requesting "
"another channel of the same type. In particular, expiring an inactive "
"forwarding session does not prevent another identical forwarding from being "
"subsequently created. See also E<.Cm UnusedConnectionTimeout>, which may be "
"used in conjunction with this option."
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the pathname of a directory to E<.Xr chroot 2> to after "
"authentication. At session startup E<.Xr sshd 8> checks that all components "
"of the pathname are root-owned directories which are not writable by any "
"other user or group. After the chroot, E<.Xr sshd 8> changes the working "
"directory to the user's home directory. Arguments to E<.Cm ChrootDirectory> "
"accept the tokens described in the E<.Sx TOKENS> section."
msgstr ""
#. type: It
#: debian-bookworm debian-unstable
#, no-wrap
msgid "Cm DebianBanner"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Specifies whether the distribution-specified extra version suffix is "
"included during initial protocol handshake. The default is E<.Cm yes>."
msgstr ""
#. type: It
#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron
#: opensuse-tumbleweed
#, no-wrap
msgid "Cm GSSAPIKeyExchange"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron
#: opensuse-tumbleweed
msgid ""
"Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key "
"exchange doesn't rely on ssh keys to verify host identity. The default is "
"E<.Cm no>."
msgstr ""
#. type: It
#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron
#: opensuse-tumbleweed
#, no-wrap
msgid "Cm GSSAPIStoreCredentialsOnRekey"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron
#: opensuse-tumbleweed
msgid ""
"Controls whether the user's GSSAPI credentials should be updated following a "
"successful connection rekeying. This option can be used to accepted renewed "
"or updated credentials from a compatible client. The default is E<.Dq no>."
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron
#: opensuse-tumbleweed
msgid ""
"For this to work E<.Cm GSSAPIKeyExchange> needs to be enabled in the server "
"and also used by the client."
msgstr ""
#. type: It
#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron
#: opensuse-tumbleweed
#, no-wrap
msgid "Cm GSSAPIKexAlgorithms"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable fedora-40 fedora-rawhide mageia-cauldron
#: opensuse-tumbleweed
msgid ""
"The list of key exchange algorithms that are accepted by GSSAPI key "
"exchange. Possible values are"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
#, no-wrap
msgid ""
"gss-gex-sha1-,\n"
"gss-group1-sha1-,\n"
"gss-group14-sha1-,\n"
"gss-group14-sha256-,\n"
"gss-group16-sha512-,\n"
"gss-nistp256-sha256-,\n"
"gss-curve25519-sha256-\n"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"The default is E<.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-"
"sha256-,gss-curve25519-sha256-,gss-gex-sha1-,gss-group14-sha1->. This "
"option only applies to connections using GSSAPI."
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable opensuse-tumbleweed
msgid ""
"Specifies the IPv4 type-of-service or DSCP class for the connection. "
"Accepted values are E<.Cm af11>, E<.Cm af12>, E<.Cm af13>, E<.Cm af21>, E<."
"Cm af22>, E<.Cm af23>, E<.Cm af31>, E<.Cm af32>, E<.Cm af33>, E<.Cm af41>, "
"E<.Cm af42>, E<.Cm af43>, E<.Cm cs0>, E<.Cm cs1>, E<.Cm cs2>, E<.Cm cs3>, E<."
"Cm cs4>, E<.Cm cs5>, E<.Cm cs6>, E<.Cm cs7>, E<.Cm ef>, E<.Cm le>, E<.Cm "
"lowdelay>, E<.Cm throughput>, E<.Cm reliability>, a numeric value, or E<.Cm "
"none> to use the operating system default. This option may take one or two "
"arguments, separated by whitespace. If one argument is specified, it is "
"used as the packet class unconditionally. If two values are specified, the "
"first is automatically selected for interactive sessions and the second for "
"non-interactive sessions. The default is E<.Cm lowdelay> for interactive "
"sessions and E<.Cm throughput> for non-interactive sessions."
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Specifies whether to allow keyboard-interactive authentication. The default "
"is E<.Cm yes>. The argument to this keyword must be E<.Cm yes> or E<.Cm "
"no>. E<.Cm ChallengeResponseAuthentication> is a deprecated alias for this."
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm ListenAddress> E<.Sm off> E<.Ar hostname | address> E<.Sm on>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm ListenAddress> E<.Sm off> E<.Ar hostname : port> E<.Sm on>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "E<.Cm ListenAddress> E<.Sm off> E<.Ar IPv4_address : port> E<.Sm on>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"E<.Cm ListenAddress> E<.Sm off> E<.Oo Ar hostname | address Oc : Ar port> E<."
"Sm on>"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"If E<.Ar port> is not specified, sshd will listen on the address and all E<."
"Cm Port> options specified. The default is to listen on all local "
"addresses. Multiple E<.Cm ListenAddress> options are permitted."
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specify one or more overrides to LogLevel. An override consists of a "
"pattern lists that matches the source file, function and line number to "
"force detailed logging for. For example, an override pattern of:"
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"The arguments to E<.Cm Match> are one or more criteria-pattern pairs or the "
"single token E<.Cm All> which matches all criteria. The available criteria "
"are E<.Cm User>, E<.Cm Group>, E<.Cm Host>, E<.Cm LocalAddress>, E<.Cm "
"LocalPort>, and E<.Cm Address>."
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid ""
"Only a subset of keywords may be used on the lines following a E<.Cm Match> "
"keyword. Available keywords are E<.Cm AcceptEnv>, E<.Cm "
"AllowAgentForwarding>, E<.Cm AllowGroups>, E<.Cm "
"AllowStreamLocalForwarding>, E<.Cm AllowTcpForwarding>, E<.Cm AllowUsers>, "
"E<.Cm AuthenticationMethods>, E<.Cm AuthorizedKeysCommand>, E<.Cm "
"AuthorizedKeysCommandUser>, E<.Cm AuthorizedKeysFile>, E<.Cm "
"AuthorizedPrincipalsCommand>, E<.Cm AuthorizedPrincipalsCommandUser>, E<.Cm "
"AuthorizedPrincipalsFile>, E<.Cm Banner>, E<.Cm CASignatureAlgorithms>, E<."
"Cm ChannelTimeout>, E<.Cm ChrootDirectory>, E<.Cm ClientAliveCountMax>, E<."
"Cm ClientAliveInterval>, E<.Cm DenyGroups>, E<.Cm DenyUsers>, E<.Cm "
"DisableForwarding>, E<.Cm ExposeAuthInfo>, E<.Cm ForceCommand>, E<.Cm "
"GatewayPorts>, E<.Cm GSSAPIAuthentication>, E<.Cm "
"HostbasedAcceptedAlgorithms>, E<.Cm HostbasedAuthentication>, E<.Cm "
"HostbasedUsesNameFromPacketOnly>, E<.Cm IgnoreRhosts>, E<.Cm Include>, E<.Cm "
"IPQoS>, E<.Cm KbdInteractiveAuthentication>, E<.Cm KerberosAuthentication>, "
"E<.Cm LogLevel>, E<.Cm MaxAuthTries>, E<.Cm MaxSessions>, E<.Cm "
"PasswordAuthentication>, E<.Cm PermitEmptyPasswords>, E<.Cm PermitListen>, "
"E<.Cm PermitOpen>, E<.Cm PermitRootLogin>, E<.Cm PermitTTY>, E<.Cm "
"PermitTunnel>, E<.Cm PermitUserRC>, E<.Cm PubkeyAcceptedAlgorithms>, E<.Cm "
"PubkeyAuthentication>, E<.Cm PubkeyAuthOptions>, E<.Cm RekeyLimit>, E<.Cm "
"RevokedKeys>, E<.Cm SetEnv>, E<.Cm StreamLocalBindMask>, E<.Cm "
"StreamLocalBindUnlink>, E<.Cm TrustedUserCAKeys>, E<.Cm "
"UnusedConnectionTimeout>, E<.Cm X11DisplayOffset>, E<.Cm X11Forwarding> and "
"E<.Cm X11UseLocalhost>."
msgstr ""
#. type: Plain text
#: debian-bookworm fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Alternately the name E<.Cm internal-sftp> implements an in-process SFTP "
"server. This may simplify configurations using E<.Cm ChrootDirectory> to "
"force a different filesystem root on clients."
msgstr ""
#. type: Plain text
#: debian-bookworm debian-unstable
msgid "This option was formerly called E<.Cm KeepAlive>."
msgstr ""
#. type: Plain text
#: debian-bookworm mageia-cauldron
msgid ""
"E<.Cm AuthorizedKeysCommand> accepts the tokens %%, %f, %h, %k, %t, %U, and "
"%u."
msgstr ""
#. type: Plain text
#: debian-bookworm mageia-cauldron
msgid ""
"E<.Cm AuthorizedPrincipalsCommand> accepts the tokens %%, %F, %f, %h, %i, "
"%K, %k, %s, %T, %t, %U, and %u."
msgstr ""
#. type: Dd
#: fedora-40 fedora-rawhide opensuse-tumbleweed
#, no-wrap
msgid "$Mdocdate: July 28 2023 $"
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"The default is handled system-wide by E<.Xr crypto-policies 7>. Information "
"about defaults, how to modify the defaults and how to customize existing "
"policies with sub-policies are present in manual page E<.Xr update-crypto-"
"policies 8>."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies which algorithms are allowed for signing of certificates by "
"certificate authorities (CAs). If the specified list begins with a E<.Sq +> "
"character, then the specified algorithms will be appended to the default set "
"instead of replacing them. If the specified list begins with a E<.Sq -> "
"character, then the specified algorithms (including wildcards) will be "
"removed from the default set instead of replacing them."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the ciphers allowed. Multiple ciphers must be comma-separated. "
"If the specified list begins with a E<.Sq +> character, then the specified "
"ciphers will be appended to the built-in openssh default set instead of "
"replacing them. If the specified list begins with a E<.Sq -> character, "
"then the specified ciphers (including wildcards) will be removed from the "
"built-in openssh default set instead of replacing them. If the specified "
"list begins with a E<.Sq ^> character, then the specified ciphers will be "
"placed at the head of the built-in openssh default set."
msgstr ""
#. type: It
#: fedora-40 fedora-rawhide mageia-cauldron
#, no-wrap
msgid "Cm GSSAPIEnablek5users"
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"Specifies whether to look at .k5users file for GSSAPI authentication access "
"control. Further details are described in E<.Xr ksu 1>. The default is E<."
"Cm no>."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
#, no-wrap
msgid ""
"gss-gex-sha1-\n"
"gss-group1-sha1-\n"
"gss-group14-sha1-\n"
"gss-group14-sha256-\n"
"gss-group16-sha512-\n"
"gss-nistp256-sha256-\n"
"gss-curve25519-sha256-\n"
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron
msgid "This option only applies to connections using GSSAPI."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide
msgid ""
"Specifies the signature algorithms that will be accepted for hostbased "
"authentication as a list of comma-separated patterns. Alternately if the "
"specified list begins with a E<.Sq +> character, then the specified "
"signature algorithms will be appended to the built-in openssh default set "
"instead of replacing them. If the specified list begins with a E<.Sq -> "
"character, then the specified signature algorithms (including wildcards) "
"will be removed from the built-in openssh default set instead of replacing "
"them. If the specified list begins with a E<.Sq ^> character, then the "
"specified signature algorithms will be placed at the head of the built-in "
"openssh default set."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the host key signature algorithms that the server offers. The "
"default for this option is: The list of available signature algorithms may "
"also be obtained using E<.Qq ssh -Q HostKeyAlgorithms>."
msgstr ""
#. type: It
#: fedora-40 fedora-rawhide mageia-cauldron
#, no-wrap
msgid "Cm KerberosUniqueCCache"
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"Specifies whether to store the acquired tickets in the per-session "
"credential cache under /tmp/ or whether to use per-user credential cache as "
"configured in E<.Pa /etc/krb5.conf>. The default value E<.Cm no> can lead "
"to overwriting previous tickets by subseqent connections to the same user "
"account."
msgstr ""
#. type: It
#: fedora-40 fedora-rawhide mageia-cauldron
#, no-wrap
msgid "Cm KerberosUseKuserok"
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"Specifies whether to look at .k5login file for user's aliases. The default "
"is E<.Cm yes>."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the available KEX (Key Exchange) algorithms. Multiple algorithms "
"must be comma-separated. Alternately if the specified list begins with a E<."
"Sq +> character, then the specified methods will be appended to the built-in "
"openssh default set instead of replacing them. If the specified list begins "
"with a E<.Sq -> character, then the specified algorithms (including "
"wildcards) will be removed from the built-in openssh default set instead of "
"replacing them. If the specified list begins with a E<.Sq ^> character, "
"then the specified algorithms will be placed at the head of the built-in "
"openssh default set. The supported algorithms are:"
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the available MAC (message authentication code) algorithms. The "
"MAC algorithm is used for data integrity protection. Multiple algorithms "
"must be comma-separated. If the specified list begins with a E<.Sq +> "
"character, then the specified algorithms will be appended to the built-in "
"openssh default set instead of replacing them. If the specified list begins "
"with a E<.Sq -> character, then the specified algorithms (including "
"wildcards) will be removed from the built-in openssh default set instead of "
"replacing them. If the specified list begins with a E<.Sq ^> character, "
"then the specified algorithms will be placed at the head of the built-in "
"openssh default set."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"Only a subset of keywords may be used on the lines following a E<.Cm Match> "
"keyword. Available keywords are E<.Cm AcceptEnv>, E<.Cm "
"AllowAgentForwarding>, E<.Cm AllowGroups>, E<.Cm "
"AllowStreamLocalForwarding>, E<.Cm AllowTcpForwarding>, E<.Cm AllowUsers>, "
"E<.Cm AuthenticationMethods>, E<.Cm AuthorizedKeysCommand>, E<.Cm "
"AuthorizedKeysCommandUser>, E<.Cm AuthorizedKeysFile>, E<.Cm "
"AuthorizedPrincipalsCommand>, E<.Cm AuthorizedPrincipalsCommandUser>, E<.Cm "
"AuthorizedPrincipalsFile>, E<.Cm Banner>, E<.Cm CASignatureAlgorithms>, E<."
"Cm ChannelTimeout>, E<.Cm ChrootDirectory>, E<.Cm ClientAliveCountMax>, E<."
"Cm ClientAliveInterval>, E<.Cm DenyGroups>, E<.Cm DenyUsers>, E<.Cm "
"DisableForwarding>, E<.Cm ExposeAuthInfo>, E<.Cm ForceCommand>, E<.Cm "
"GatewayPorts>, E<.Cm GSSAPIAuthentication>, E<.Cm "
"HostbasedAcceptedAlgorithms>, E<.Cm HostbasedAuthentication>, E<.Cm "
"HostbasedUsesNameFromPacketOnly>, E<.Cm IgnoreRhosts>, E<.Cm Include>, E<.Cm "
"IPQoS>, E<.Cm KbdInteractiveAuthentication>, E<.Cm KerberosAuthentication>, "
"E<.Cm KerberosUseKuserok>, E<.Cm LogLevel>, E<.Cm MaxAuthTries>, E<.Cm "
"MaxSessions>, E<.Cm PasswordAuthentication>, E<.Cm PermitEmptyPasswords>, E<."
"Cm PermitListen>, E<.Cm PermitOpen>, E<.Cm PermitRootLogin>, E<.Cm "
"PermitTTY>, E<.Cm PermitTunnel>, E<.Cm PermitUserRC>, E<.Cm "
"PubkeyAcceptedAlgorithms>, E<.Cm PubkeyAuthentication>, E<.Cm "
"PubkeyAuthOptions>, E<.Cm RekeyLimit>, E<.Cm RevokedKeys>, E<.Cm RDomain>, "
"E<.Cm SetEnv>, E<.Cm StreamLocalBindMask>, E<.Cm StreamLocalBindUnlink>, E<."
"Cm TrustedUserCAKeys>, E<.Cm UnusedConnectionTimeout>, E<.Cm "
"X11DisplayOffset>, E<.Cm X11MaxDisplays>, E<.Cm X11Forwarding> and E<.Cm "
"X11UseLocalhost>."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"Specifies the file that contains the process ID of the SSH daemon, or E<.Cm "
"none> to not write one. The default is E<.Pa /var/run/sshd.pid>."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron opensuse-tumbleweed
msgid ""
"Specifies the signature algorithms that will be accepted for public key "
"authentication as a list of comma-separated patterns. Alternately if the "
"specified list begins with a E<.Sq +> character, then the specified "
"algorithms will be appended to the built-in openssh default set instead of "
"replacing them. If the specified list begins with a E<.Sq -> character, "
"then the specified algorithms (including wildcards) will be removed from the "
"built-in openssh default set instead of replacing them. If the specified "
"list begins with a E<.Sq ^> character, then the specified algorithms will be "
"placed at the head of the built-in openssh default set."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"Gives the facility code that is used when logging messages from E<.Xr sshd "
"8>. The possible values are: DAEMON, USER, AUTH, AUTHPRIV, LOCAL0, LOCAL1, "
"LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH."
msgstr ""
#. type: It
#: fedora-40 fedora-rawhide mageia-cauldron
#, no-wrap
msgid "Cm X11MaxDisplays"
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide mageia-cauldron
msgid ""
"Specifies the maximum number of displays available for E<.Xr sshd 8 Ns 's> "
"X11 forwarding. This prevents sshd from exhausting local ports. The "
"default is 1000."
msgstr ""
#. type: Plain text
#: fedora-40 fedora-rawhide opensuse-tumbleweed
msgid ""
"E<.Xr sftp-server 8>, E<.Xr sshd 8>, E<.Xr crypto-policies 7>, E<.Xr update-"
"crypto-policies 8>"
msgstr ""
#. type: Dd
#: mageia-cauldron
#, no-wrap
msgid "$Mdocdate: March 3 2023 $"
msgstr ""
#. type: Plain text
#: opensuse-tumbleweed
msgid ""
"E<.Xr sshd 8> reads configuration data from E<.Pa /etc/ssh/sshd_config> ( E<."
"Pa /usr/etc/ssh/sshd_config> if the file does not exist or the file "
"specified with E<.Fl f> on the command line). The file contains keyword-"
"argument pairs, one per line. Unless noted otherwise, for each keyword, the "
"first obtained value will be used. Lines starting with E<.Ql #> and empty "
"lines are interpreted as comments. Arguments may optionally be enclosed in "
"double quotes E<.Pq \\&\"> in order to represent arguments containing spaces."
msgstr ""
#. type: Plain text
#: opensuse-tumbleweed
msgid "In the FIPS mode the minimum of SHA-1 is enforced (which means sha256)."
msgstr ""
#. type: Plain text
#: opensuse-tumbleweed
msgid ""
"This option only applies to protocol version 2 connections using GSSAPI."
msgstr ""
#. type: Plain text
#: opensuse-tumbleweed
msgid ""
"Specifies the signature algorithms that will be accepted for hostbased "
"authentication as a list of comma-separated patterns. Alternately if the "
"specified list begins with a E<.Sq +> character, then the specified "
"signature algorithms will be appended to the built-in openssh set instead of "
"replacing them. If the specified list begins with a E<.Sq -> character, "
"then the specified signature algorithms (including wildcards) will be "
"removed from the built-in openssh set instead of replacing them. If the "
"specified list begins with a E<.Sq ^> character, then the specified "
"signature algorithms will be placed at the head of the built-in openssh "
"default set."
msgstr ""
"Cette option permet de spécifier les algorithmes de signature qui seront "
"acceptés pour une authentification basée sur l’hôte sous la forme d’une "
"liste de motifs séparés par des virgules. Si la liste spécifiée commence par "
"un caractère « + », les algorithmes de signature qu’elle contient seront "
"ajoutés à la liste intégrée d’openssh au lieu de la remplacer. Si la liste "
"spécifiée commence par un caractère « - », les algorithmes de signature "
"qu’elle contient (pouvant contenir des caractères génériques) seront "
"supprimés de la liste intégrée d’openssh au lieu de la remplacer. Si la "
"liste spécifiée commence par un caret « ^ », les algorithmes de signature "
"qu’elle contient seront ajoutés au début de la liste intégrée d’openssh par "
"défaut."
#. type: Plain text
#: opensuse-tumbleweed
msgid ""
"Specifies whether to ignore per-user E<.Pa .rhosts> and E<.Pa .shosts> files "
"during E<.Cm HostbasedAuthentication>. The system-wide E<.Pa /etc/hosts."
"equiv> and E<.Pa /etc/ssh/ssh/shosts.equiv> are still used regardless of "
"this setting."
msgstr ""
#. type: Plain text
#: opensuse-tumbleweed
msgid ""
"Specifies whether to allow keyboard-interactive authentication. All "
"authentication styles from E<.Xr login.defs 5> are supported. The default "
"is E<.Cm yes>. The argument to this keyword must be E<.Cm yes> or E<.Cm "
"no>. E<.Cm ChallengeResponseAuthentication> is a deprecated alias for this."
msgstr ""
#. type: It
#: opensuse-tumbleweed
#, no-wrap
msgid "Cm UsePAMCheckLocks"
msgstr ""
#. type: Plain text
#: opensuse-tumbleweed
msgid ""
"When set to E<.Dq yes> , the checks whether the account has been locked with "
"E<.Pa passwd -l> are performed even when PAM authentication is enabled via "
"E<.Cm UsePAM>. This is to ensure that it is not possible to log in with e."
"g. a public key (in such a case PAM is used only to set up the session and "
"some PAM modules will not check whether the account is locked in this "
"scenario). The default is E<.Dq no>."
msgstr ""
Reply to: