summaryrefslogtreecommitdiff
path: root/ssh_config.5
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2018-10-19 21:29:01 +0100
committerColin Watson <cjwatson@debian.org>2018-10-20 22:54:15 +0100
commitd80ebbf028196b2478beebf5a290b97f35e1eed9 (patch)
tree6666a5484923a26738675ff27a6186cfe15d4cad /ssh_config.5
parent4f5bbf3f11efeec65bbd56464b20a19bd250e5cc (diff)
parent1d2a55436d4b556269f42ad5f7e16608b5a8ed74 (diff)
New upstream release (7.9p1)
Diffstat (limited to 'ssh_config.5')
-rw-r--r--ssh_config.528
1 files changed, 25 insertions, 3 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index 35c578c3b..1a8e24bd1 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: ssh_config.5,v 1.281 2018/07/23 19:02:49 kn Exp $ 36.\" $OpenBSD: ssh_config.5,v 1.286 2018/10/03 06:38:35 djm Exp $
37.Dd $Mdocdate: July 23 2018 $ 37.Dd $Mdocdate: October 3 2018 $
38.Dt SSH_CONFIG 5 38.Dt SSH_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -310,7 +310,9 @@ hostname lookups.
310If set to 310If set to
311.Cm yes 311.Cm yes
312then, for connections that do not use a 312then, for connections that do not use a
313.Cm ProxyCommand , 313.Cm ProxyCommand
314or
315.Cm ProxyJump ,
314.Xr ssh 1 316.Xr ssh 1
315will attempt to canonicalize the hostname specified on the command line 317will attempt to canonicalize the hostname specified on the command line
316using the 318using the
@@ -356,6 +358,18 @@ to be canonicalized to names in the
356or 358or
357.Qq *.c.example.com 359.Qq *.c.example.com
358domains. 360domains.
361.It Cm CASignatureAlgorithms
362Specifies which algorithms are allowed for signing of certificates
363by certificate authorities (CAs).
364The default is:
365.Bd -literal -offset indent
366ecdsa-sha2-nistp256.ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
367ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
368.Ed
369.Pp
370.Xr ssh 1
371will not accept host certificates signed using algorithms other than those
372specified.
359.It Cm CertificateFile 373.It Cm CertificateFile
360Specifies a file from which the user's certificate is read. 374Specifies a file from which the user's certificate is read.
361A corresponding private key must be provided separately in order 375A corresponding private key must be provided separately in order
@@ -692,6 +706,10 @@ section of
692X11 connections received by 706X11 connections received by
693.Xr ssh 1 707.Xr ssh 1
694after this time will be refused. 708after this time will be refused.
709Setting
710.Cm ForwardX11Timeout
711to zero will disable the timeout and permit X11 forwarding for the life
712of the connection.
695The default is to disable untrusted X11 forwarding after twenty minutes has 713The default is to disable untrusted X11 forwarding after twenty minutes has
696elapsed. 714elapsed.
697.It Cm ForwardX11Trusted 715.It Cm ForwardX11Trusted
@@ -915,6 +933,10 @@ If the string
915is specified, the location of the socket will be read from the 933is specified, the location of the socket will be read from the
916.Ev SSH_AUTH_SOCK 934.Ev SSH_AUTH_SOCK
917environment variable. 935environment variable.
936Otherwise if the specified value begins with a
937.Sq $
938character, then it will be treated as an environment variable containing
939the location of the socket.
918.Pp 940.Pp
919Arguments to 941Arguments to
920.Cm IdentityAgent 942.Cm IdentityAgent