diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-01-30 22:25:34 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-01-31 09:27:10 +1100 |
commit | 771891a044f763be0711493eca14b6b0082e030f (patch) | |
tree | b02322e129197bea4493034072283020523141fb /ssh_config.5 | |
parent | d53a518536c552672c00e8892e2aea28f664148c (diff) |
upstream: document changed default for UpdateHostKeys
OpenBSD-Commit-ID: 25c390b21d142f78ac0106241d13441c4265fd2c
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index d36889b93..6d1d5e583 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.319 2020/01/28 01:49:36 djm Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.320 2020/01/30 22:25:34 djm Exp $ |
37 | .Dd $Mdocdate: January 28 2020 $ | 37 | .Dd $Mdocdate: January 30 2020 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -1678,13 +1678,22 @@ after authentication has completed and add them to | |||
1678 | The argument must be | 1678 | The argument must be |
1679 | .Cm yes , | 1679 | .Cm yes , |
1680 | .Cm no | 1680 | .Cm no |
1681 | (the default) or | 1681 | or |
1682 | .Cm ask . | 1682 | .Cm ask . |
1683 | Enabling this option allows learning alternate hostkeys for a server | 1683 | This option allows learning alternate hostkeys for a server |
1684 | and supports graceful key rotation by allowing a server to send replacement | 1684 | and supports graceful key rotation by allowing a server to send replacement |
1685 | public keys before old ones are removed. | 1685 | public keys before old ones are removed. |
1686 | Additional hostkeys are only accepted if the key used to authenticate the | 1686 | Additional hostkeys are only accepted if the key used to authenticate the |
1687 | host was already trusted or explicitly accepted by the user. | 1687 | host was already trusted or explicitly accepted by the user. |
1688 | .Pp | ||
1689 | .Cm UpdateHostKeys | ||
1690 | is enabled by default if the user has not overriden the default | ||
1691 | .Cm UserKnownHostsFile | ||
1692 | setting, otherwise | ||
1693 | .Cm UpdateHostKeys | ||
1694 | will be set to | ||
1695 | .Cm ask . | ||
1696 | .Pp | ||
1688 | If | 1697 | If |
1689 | .Cm UpdateHostKeys | 1698 | .Cm UpdateHostKeys |
1690 | is set to | 1699 | is set to |