diff options
author | Darren Tucker <dtucker@zip.com.au> | 2004-08-13 21:22:40 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2004-08-13 21:22:40 +1000 |
commit | 0b42e6d95b915309187281e968049cb61b750c69 (patch) | |
tree | f4ffcfbc81898172b512c4640e5acab28b43f4e6 /ssh.1 | |
parent | bcf279783add401b9c8384b68fc4c30fa1391a22 (diff) |
- jakob@cvs.openbsd.org 2004/08/12 21:41:13
[ssh-keygen.1 ssh.1]
improve SSHFP documentation; ok deraadt@
Diffstat (limited to 'ssh.1')
-rw-r--r-- | ssh.1 | 11 |
1 files changed, 10 insertions, 1 deletions
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: ssh.1,v 1.193 2004/06/26 09:03:21 jmc Exp $ | 37 | .\" $OpenBSD: ssh.1,v 1.194 2004/08/12 21:41:13 jakob Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSH 1 | 39 | .Dt SSH 1 |
40 | .Os | 40 | .Os |
@@ -400,6 +400,15 @@ The | |||
400 | option can be used to prevent logins to machines whose | 400 | option can be used to prevent logins to machines whose |
401 | host key is not known or has changed. | 401 | host key is not known or has changed. |
402 | .Pp | 402 | .Pp |
403 | .Nm | ||
404 | can be configured to verify host identification using fingerprint resource | ||
405 | records (SSHFP) published in DNS. | ||
406 | The | ||
407 | .Cm VerifyHostKeyDNS | ||
408 | option can be used to control how DNS lookups are performed. | ||
409 | SSHFP resource records can be generated using | ||
410 | .Xr ssh-keygen 1 . | ||
411 | .Pp | ||
403 | The options are as follows: | 412 | The options are as follows: |
404 | .Bl -tag -width Ds | 413 | .Bl -tag -width Ds |
405 | .It Fl 1 | 414 | .It Fl 1 |