diff options
author | Damien Miller <djm@mindrot.org> | 2010-03-04 21:51:37 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2010-03-04 21:51:37 +1100 |
commit | cd38c9c5551094261775b99994fa0c12d333c94c (patch) | |
tree | 5745f498ccc705261cafb43904266727f8d37726 | |
parent | 41396573afc94d64973d9eb824ca510d39260b3e (diff) |
- djm@cvs.openbsd.org 2010/03/03 22:49:50
[sshd.8]
the authorized_keys option for CA keys is "cert-authority", not
"from=cert-authority". spotted by imorgan AT nas.nasa.gov
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | sshd.8 | 6 |
2 files changed, 7 insertions, 3 deletions
@@ -11,6 +11,10 @@ | |||
11 | [auth-options.c key.c] | 11 | [auth-options.c key.c] |
12 | reject strings with embedded ASCII nul chars in certificate key IDs, | 12 | reject strings with embedded ASCII nul chars in certificate key IDs, |
13 | principal names and constraints | 13 | principal names and constraints |
14 | - djm@cvs.openbsd.org 2010/03/03 22:49:50 | ||
15 | [sshd.8] | ||
16 | the authorized_keys option for CA keys is "cert-authority", not | ||
17 | "from=cert-authority". spotted by imorgan AT nas.nasa.gov | ||
14 | 18 | ||
15 | 20100303 | 19 | 20100303 |
16 | - (djm) [PROTOCOL.certkeys] Add RCS Ident | 20 | - (djm) [PROTOCOL.certkeys] Add RCS Ident |
@@ -34,8 +34,8 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.252 2010/02/26 22:09:28 jmc Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.253 2010/03/03 22:49:50 djm Exp $ |
38 | .Dd $Mdocdate: February 26 2010 $ | 38 | .Dd $Mdocdate: March 3 2010 $ |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -508,7 +508,7 @@ No spaces are permitted, except within double quotes. | |||
508 | The following option specifications are supported (note | 508 | The following option specifications are supported (note |
509 | that option keywords are case-insensitive): | 509 | that option keywords are case-insensitive): |
510 | .Bl -tag -width Ds | 510 | .Bl -tag -width Ds |
511 | .It Cm from="cert-authority" | 511 | .It Cm cert-authority |
512 | Specifies that the listed key is a certification authority (CA) that is | 512 | Specifies that the listed key is a certification authority (CA) that is |
513 | trusted to validate signed certificates for user authentication. | 513 | trusted to validate signed certificates for user authentication. |
514 | .Pp | 514 | .Pp |