SSH.COM is one of the most trusted brands in cyber security. We help enterprises and agencies solve the security challenges of digital transformation with innovative access management solutions.
sshd-check-conf — checks what your configuration allows or denies based on the incoming user name and/or host name
sshd-check-conf checks how sshd2 will react to an
incoming user, based on the user name and the remote host name given as parameters. Currently,
DenyTcpForwardingForGroups are checked.
The following options are available:
Debug mode. The debugging level is either a number or a comma-separated list of
assignments of the format
debug_level, for example
Enables verbose mode. Displays verbose debugging messages. Equivalent to
Displays version string.
Displays a short help on command-line options.
Specifies the name of the configuration file. The default is
$HOME/.ssh2/sshd2_config, depending on who is running the
program, root or normal user.
Any non-options given on the command line will be regarded as
patterns (that is, the user part is optional). If the host part is a valid IP address, it is
looked up from DNS. Otherwise it is interpreted as a host name and the corresponding IP
addresses will be queried from DNS.
You can specify multiple patterns on the command line.
If no patterns are specified on the command line, sshd-check-conf will go into interactive mode where the patterns can be given one at a time and they will be checked.
You may also specify one command in interactive mode, "dump". This command dumps the configuration (with subconfigurations amended) for the previous pattern.