.\" t .\" Process this file with .\" groff -man -Tascii sshproxy.ini.5 .\" .TH SSHPROXY.INI 5 "OCTOBER 2006" Linux "User Manuals" .SH NAME sshproxy.ini \- sshproxy configuration file .SH FORMAT The configuration file \fIsshproxy.ini\fR is a simple INI file containing several sections. .SH "SECTION [sshproxy]" This is the main section of the configuration file. .B bindip .RS Bind sshproxy to the given IP address. Default (when empty) is to bind to all adresses (0.0.0.0). .RE .B port .RS Bind to port. Default is 2242. .RE .B plugin_dir .RS Where the plugins are located. Defaults to \fI/usr/lib/sshproxy\fR. .RE .B logger_conf .RS Point to the logger.conf file. Default is .RS \fI/usr/share/sshproxy/logger.conf\fR. .RE .RE .B log_dir .RS This directory will contain debug logs from paramiko and sshproxy. Defaults to \fI@log\fR. .RE .B pkey_id .RS The id string of the \fIsshproxyd\fR(8) public key, used when a client connects with the option --get-pkey. Defaults to \fIsshproxy@penguin.fr\fR. .RE .B auto_add_key .RS If \fIno\fR, the client's public key will not be added in the database (equivalent to the authorized_keys file for sshd). If \fIyes\fR, the client's public key will always be added, no matter how many keys are already in the database. You can give a number to limit the number of keys automatically added. Defaults to \fIno\fR. .RE .B client_db .RS The type of backend to use to handle the clients database. This is the name of the chosen plugin. .RE .B acl_db .RS The type of backend to use to handle the ACL database. This is the name of the chosen plugin. .RE .B site_db .RS The type of backend to use to handle the sites database. This is the name of the chosen plugin. .RE .B plugin_list .RS Space separated list of plugins to load at startup. Plugins are located by default in \fI/usr/share/sshproxy\fR. You \fBMUST\fR give at least one backend plugin (*_db). .RE .B cipher_type .RS The cipher type to use, one of \fIplain\fR, \fIbase64\fR or \fIblowfish\fR (default). .RE .SH "SECTION [blowfish]" This section configures the blowfish cipher engine. .B secret .RS The secret passphrase for the blowfish cipher engine. It \fBMUST\fR be at least 10 characters long. .RE .SH "SECTIONS [client_db.file] [acl_db.file] [site_db.file]" These sections configure the three databases of the \fIfile_db\fR backend. .B file \fR(applies to client_db, acl_db) .RS The path to the database file. Defaults are resp. \fI@client_db\fR and \fI@acl_db\fR. .RE .B db_path \fR(applies to site_db) .RS The path to the database directory. Defaults to \fI@site_db\fR. .RE .SH "SECTIONS [client_db.mysql] [acl_db.mysql] [site_db.mysql]" These sections configure the three databases of the \fImysql_db\fR backend. .B host .RS The IP address or resolvable name of the database host. Defaults to \fIlocalhost\fR. .RE .B port .RS The database host port. Defaults to \fI3306\fR. .RE .B db .RS The database name. Defaults to \fIsshproxy\fR. .RE .B user .RS The database user. Defaults to \fIsshproxy\fR. .RE .B password .RS The database user password. Defaults to \fIsshproxypw\fR, but you should change it. .RE .SH EXAMPLES Here is a complete configuration file which tells \fIsshproxyd\fR(8) to use the \fIfile_db\fR plugin for the ACL database, and the \fImysql_db\fR plugin for client and site databases: .RS .sp .nf .ne 19 [sshproxy] bindip = port = 2242 plugin_dir = /usr/lib/sshproxy logger_conf = /usr/share/sshproxy/logger.conf log_dir = @log pkey_id = sshproxy@penguin.fr auto_add_key = no client_db = mysql_db acl_db = file_db site_db = mysql_db plugin_list = file_db mysql_db cipher_type = blowfish [blowfish] secret = This should be a valid passphrase [acl_db.file] file = @acl.db [client_db.mysql] db = sshproxy host = localhost user = sshproxy password = sshproxypw port = 3306 [site_db.mysql] db = sshproxy host = localhost user = sshproxy password = sshproxypw port = 3306 .SH FILES .I ~/.sshproxy/sshproxy.ini .RS The main configuration file. See \fIsshproxy.ini\fR for further details. .RE .I ~/.sshproxy/id_dsa .RS The private hostkey file. This hostkey is automatically generated by \fIsshproxyd\fR(8) at startup if it doesn't exist. .RE .SH AUTHOR David Guerizec .SH "SEE ALSO" .BR sshproxy-setup (1), .BR sshproxyd (8), .BR pssh (1), .BR pscp (1), The sshproxy home page: <\fIhttp://penguin.fr/sshproxy/\fR> The sshproxy online documentation: .RS <\fIhttp://penguin.fr/sshproxy/wiki/SshProxy/DocV0.5\fR>