upstream: document changed default for UpdateHostKeys

OpenBSD-Commit-ID: 25c390b21d142f78ac0106241d13441c4265fd2c
author: djm@openbsd.org <djm@openbsd.org> 2020-01-30 22:25:34 +0000
committer: Damien Miller <djm@mindrot.org> 2020-01-31 09:27:10 +1100
commit: 771891a044f763be0711493eca14b6b0082e030f (patch)
tree: b02322e129197bea4493034072283020523141fb /ssh_config.5
parent: d53a518536c552672c00e8892e2aea28f664148c (diff)
1 files changed, 13 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index d36889b93..6d1d5e583 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.319 2020/01/28 01:49:36 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.320 2020/01/30 22:25:34 djm Exp $
-.Dd $Mdocdate: January 28 2020 $
+.Dd $Mdocdate: January 30 2020 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -1678,13 +1678,22 @@ after authentication has completed and add them to
 The argument must be
 .Cm yes ,
 .Cm no
-(the default) or
+or
 .Cm ask .
-Enabling this option allows learning alternate hostkeys for a server
+This option allows learning alternate hostkeys for a server
 and supports graceful key rotation by allowing a server to send replacement
 public keys before old ones are removed.
 Additional hostkeys are only accepted if the key used to authenticate the
 host was already trusted or explicitly accepted by the user.
+.Pp
+.Cm UpdateHostKeys
+is enabled by default if the user has not overriden the default
+.Cm UserKnownHostsFile
+setting, otherwise
+.Cm UpdateHostKeys
+will be set to
+.Cm ask .
+.Pp
 If
 .Cm UpdateHostKeys
 is set to
author	djm@openbsd.org <djm@openbsd.org>	2020-01-30 22:25:34 +0000
committer	Damien Miller <djm@mindrot.org>	2020-01-31 09:27:10 +1100
commit	771891a044f763be0711493eca14b6b0082e030f (patch)
tree	b02322e129197bea4493034072283020523141fb /ssh_config.5
parent	d53a518536c552672c00e8892e2aea28f664148c (diff)

diff --git a/ssh_config.5 b/ssh_config.5 index d36889b93..6d1d5e583 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: ssh_config.5,v 1.319 2020/01/28 01:49:36 djm Exp $	36	.\" $OpenBSD: ssh_config.5,v 1.320 2020/01/30 22:25:34 djm Exp $
37	.Dd $Mdocdate: January 28 2020 $	37	.Dd $Mdocdate: January 30 2020 $
38	.Dt SSH_CONFIG 5	38	.Dt SSH_CONFIG 5
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -1678,13 +1678,22 @@ after authentication has completed and add them to
1678	The argument must be	1678	The argument must be
1679	.Cm yes ,	1679	.Cm yes ,
1680	.Cm no	1680	.Cm no
1681	(the default) or	1681	or
1682	.Cm ask .	1682	.Cm ask .
1683	Enabling this option allows learning alternate hostkeys for a server	1683	This option allows learning alternate hostkeys for a server
1684	and supports graceful key rotation by allowing a server to send replacement	1684	and supports graceful key rotation by allowing a server to send replacement
1685	public keys before old ones are removed.	1685	public keys before old ones are removed.
1686	Additional hostkeys are only accepted if the key used to authenticate the	1686	Additional hostkeys are only accepted if the key used to authenticate the
1687	host was already trusted or explicitly accepted by the user.	1687	host was already trusted or explicitly accepted by the user.
		1688	.Pp
		1689	.Cm UpdateHostKeys
		1690	is enabled by default if the user has not overriden the default
		1691	.Cm UserKnownHostsFile
		1692	setting, otherwise
		1693	.Cm UpdateHostKeys
		1694	will be set to
		1695	.Cm ask .
		1696	.Pp
1688	If	1697	If
1689	.Cm UpdateHostKeys	1698	.Cm UpdateHostKeys
1690	is set to	1699	is set to