Check for blacklists in /usr/share/ssh/ as well as /etc/ssh/ (see

#481283).
author: Colin Watson <cjwatson@debian.org> 2008-05-25 19:57:41 +0000
committer: Colin Watson <cjwatson@debian.org> 2008-05-25 19:57:41 +0000
commit: 399dfbc499f54bccb81318cbe86acddcd4bdfeee (patch)
tree: 6cf28410fcfc165af7dc1c0b6700422721dda560 /ssh-vulnkey.1
parent: 56c12903717deaf5eecd4c1b772de1eeb6ec4499 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/ssh-vulnkey.1 b/ssh-vulnkey.1
index 73570fcad..c0a7592f8 100644
--- a/ssh-vulnkey.1
+++ b/ssh-vulnkey.1
@@ -163,7 +163,7 @@ If present, contains the protocol version 2 RSA identity of the system.
 If present, contains the protocol version 2 DSA identity of the system.
 .It Pa /etc/ssh/ssh_host_key
 If present, contains the protocol version 1 RSA identity of the system.
-.It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH
+.It Pa /usr/share/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH
 If present, lists the blacklisted keys of type
 .Ar TYPE
 .Pf ( Dq RSA
@@ -175,6 +175,10 @@ The format of this file is described above.
 RSA1 keys are converted to RSA before being checked in the blacklist.
 Note that the fingerprints of RSA1 keys are computed differently, so you
 will not be able to find them in the blacklist by hand.
+.It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH
+Same as
+.Pa /usr/share/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH ,
+but may be edited by the system administrator to add new blacklist entries.
 .El
 .Sh SEE ALSO
 .Xr ssh-keygen 1 ,
author	Colin Watson <cjwatson@debian.org>	2008-05-25 19:57:41 +0000
committer	Colin Watson <cjwatson@debian.org>	2008-05-25 19:57:41 +0000
commit	399dfbc499f54bccb81318cbe86acddcd4bdfeee (patch)
tree	6cf28410fcfc165af7dc1c0b6700422721dda560 /ssh-vulnkey.1
parent	56c12903717deaf5eecd4c1b772de1eeb6ec4499 (diff)

diff --git a/ssh-vulnkey.1 b/ssh-vulnkey.1 index 73570fcad..c0a7592f8 100644 --- a/ssh-vulnkey.1 +++ b/ssh-vulnkey.1
@@ -163,7 +163,7 @@ If present, contains the protocol version 2 RSA identity of the system.
163	If present, contains the protocol version 2 DSA identity of the system.	163	If present, contains the protocol version 2 DSA identity of the system.
164	.It Pa /etc/ssh/ssh_host_key	164	.It Pa /etc/ssh/ssh_host_key
165	If present, contains the protocol version 1 RSA identity of the system.	165	If present, contains the protocol version 1 RSA identity of the system.
166	.It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH	166	.It Pa /usr/share/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH
167	If present, lists the blacklisted keys of type	167	If present, lists the blacklisted keys of type
168	.Ar TYPE	168	.Ar TYPE
169	.Pf ( Dq RSA	169	.Pf ( Dq RSA
@@ -175,6 +175,10 @@ The format of this file is described above.
175	RSA1 keys are converted to RSA before being checked in the blacklist.	175	RSA1 keys are converted to RSA before being checked in the blacklist.
176	Note that the fingerprints of RSA1 keys are computed differently, so you	176	Note that the fingerprints of RSA1 keys are computed differently, so you
177	will not be able to find them in the blacklist by hand.	177	will not be able to find them in the blacklist by hand.
		178	.It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH
		179	Same as
		180	.Pa /usr/share/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH ,
		181	but may be edited by the system administrator to add new blacklist entries.
178	.El	182	.El
179	.Sh SEE ALSO	183	.Sh SEE ALSO
180	.Xr ssh-keygen 1 ,	184	.Xr ssh-keygen 1 ,