SYNOPSIS
secsh-keysign
ssh-keysign
DESCRIPTION
The secsh-keysign utility is used by secsh to access the local host keys and generate the digital signature required during host-based authentication.
By default, secsh-keysign is disabled and can only be enabled in the global client configuration or by setting EnableSSHKeysign to yes.
ssh-keysign is not intended to be invoked by the user, but from secsh. See the secsh and secshd reference pages for more information about host-based authentication.
FILES
- HKEY_LOCAL_MACHINE/Software/Mortice Kern Systems/etc/ssh_config
-
Is a registry key that controls whether secsh-keysign is enabled.
- $ROOTDIR/etc/ssh_host_dsa_key
- $ROOTDIR/etc/ssh_host_ecdsa_key
- $ROOTDIR/etc/ssh_host_ed25519_key
- $ROOTDIR/etc/ssh_host_rsa_key
-
Contain the private parts of the host keys used to generate the digital signature. They should be readable only by an administrator, and not accessible to others.
- $ROOTDIR/etc/ssh_host_dsa_key-cert.pub
- $ROOTDIR/etc/ssh_host_ecdsa_key-cert.pub
- $ROOTDIR/etc/ssh_host_ed25519_key-cert.pub
- $ROOTDIR/etc/ssh_host_rsa_key-cert.pub
-
If these files exist, they are assumed to contain public certificate information corresponding with the private keys above.
AUTHORS
Markus Friedl <markus@openbsd.org>
PORTABILITY
All UNIX systems. Windows 10. Windows Server 2016. Windows Server 2019. Windows 11. Windows Server 2022. Windows Server 2025.
AVAILABILITY
PTC MKS Toolkit for System Administrators
PTC MKS Toolkit for Developers
PTC MKS Toolkit for Interoperability
PTC MKS Toolkit for Professional Developers
PTC MKS Toolkit for Professional Developers 64-Bit Edition
PTC MKS Toolkit for Enterprise Developers
PTC MKS Toolkit for Enterprise Developers 64-Bit Edition
SEE ALSO
- Commands:
- secsh, secsh-agent, secshd, secsh-keygen
PTC MKS Toolkit Connectivity Solutions Guide
PTC MKS Toolkit 10.5 Documentation Build 40.