diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-10-18 02:49:44 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-10-20 12:01:03 +1100 |
commit | 05b69e99570553c8e1eafb895b1fbf1d098d2e14 (patch) | |
tree | e69cabb3dd3630dacf443d87ee8b1fbd9c1815fe /ssh_config.5 | |
parent | eb80e26a15c10bc65fed8b8cdb476819a713c0fd (diff) |
upstream commit
In the description of pattern-lists, clarify negated
matches by explicitly stating that a negated match will never yield a
positive result, and that at least one positive term in the pattern-list must
match. bz#1918
Upstream-ID: 652d2f9d993f158fc5f83cef4a95cd9d95ae6a14
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index eae427607..01acd4286 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.257 2017/10/05 12:56:50 jmc Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.258 2017/10/18 02:49:44 djm Exp $ |
37 | .Dd $Mdocdate: October 5 2017 $ | 37 | .Dd $Mdocdate: October 18 2017 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -1674,6 +1674,19 @@ pool, | |||
1674 | the following entry (in authorized_keys) could be used: | 1674 | the following entry (in authorized_keys) could be used: |
1675 | .Pp | 1675 | .Pp |
1676 | .Dl from=\&"!*.dialup.example.com,*.example.com\&" | 1676 | .Dl from=\&"!*.dialup.example.com,*.example.com\&" |
1677 | .Pp | ||
1678 | Note that a negated match will never produce a positive result by itself. | ||
1679 | For example, attempting to match | ||
1680 | .Qq host3 | ||
1681 | against the following pattern-list will fail: | ||
1682 | .Pp | ||
1683 | .Dl from=\&"!host1,!host2\&" | ||
1684 | .Pp | ||
1685 | The solution here is to include a term that will yield a positive match, | ||
1686 | such as a wildcard: | ||
1687 | .Pp | ||
1688 | .Dl from=\&"!host1,!host2,*\&" | ||
1689 | .Pp | ||
1677 | .Sh TOKENS | 1690 | .Sh TOKENS |
1678 | Arguments to some keywords can make use of tokens, | 1691 | Arguments to some keywords can make use of tokens, |
1679 | which are expanded at runtime: | 1692 | which are expanded at runtime: |