diff options
author | Colin Watson <cjwatson@debian.org> | 2013-09-14 15:43:03 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2013-09-14 15:43:03 +0100 |
commit | 8faf8c84430cf3c19705b1d9f8889d256e7fd1fd (patch) | |
tree | e6cb74192adb00fda5e4d1457547851d7e0d86af /ssh_config.5 | |
parent | 328b60656f29db6306994d7498dede386ec2d1c3 (diff) | |
parent | c41345ad7ee5a22689e2c009595e85fa27b4b39a (diff) |
merge 6.3p1
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 46 |
1 files changed, 36 insertions, 10 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index bd3a7127a..e72919a89 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.161 2013/01/08 18:49:04 markus Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.166 2013/06/27 14:05:37 jmc Exp $ |
37 | .Dd $Mdocdate: January 8 2013 $ | 37 | .Dd $Mdocdate: June 27 2013 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -474,8 +474,7 @@ option is also enabled. | |||
474 | .It Cm ForwardX11Timeout | 474 | .It Cm ForwardX11Timeout |
475 | Specify a timeout for untrusted X11 forwarding | 475 | Specify a timeout for untrusted X11 forwarding |
476 | using the format described in the | 476 | using the format described in the |
477 | .Sx TIME FORMATS | 477 | TIME FORMATS section of |
478 | section of | ||
479 | .Xr sshd_config 5 . | 478 | .Xr sshd_config 5 . |
480 | X11 connections received by | 479 | X11 connections received by |
481 | .Xr ssh 1 | 480 | .Xr ssh 1 |
@@ -660,7 +659,9 @@ and | |||
660 | .Pa ~/.ssh/id_rsa | 659 | .Pa ~/.ssh/id_rsa |
661 | for protocol version 2. | 660 | for protocol version 2. |
662 | Additionally, any identities represented by the authentication agent | 661 | Additionally, any identities represented by the authentication agent |
663 | will be used for authentication. | 662 | will be used for authentication unless |
663 | .Cm IdentitiesOnly | ||
664 | is set. | ||
664 | .Xr ssh 1 | 665 | .Xr ssh 1 |
665 | will try to load certificate information from the filename obtained by | 666 | will try to load certificate information from the filename obtained by |
666 | appending | 667 | appending |
@@ -689,6 +690,22 @@ Multiple | |||
689 | .Cm IdentityFile | 690 | .Cm IdentityFile |
690 | directives will add to the list of identities tried (this behaviour | 691 | directives will add to the list of identities tried (this behaviour |
691 | differs from that of other configuration directives). | 692 | differs from that of other configuration directives). |
693 | .Pp | ||
694 | .Cm IdentityFile | ||
695 | may be used in conjunction with | ||
696 | .Cm IdentitiesOnly | ||
697 | to select which identities in an agent are offered during authentication. | ||
698 | .It Cm IgnoreUnknown | ||
699 | Specifies a pattern-list of unknown options to be ignored if they are | ||
700 | encountered in configuration parsing. | ||
701 | This may be used to suppress errors if | ||
702 | .Nm | ||
703 | contains options that are unrecognised by | ||
704 | .Xr ssh 1 . | ||
705 | It is recommended that | ||
706 | .Cm IgnoreUnknown | ||
707 | be listed early in the configuration file as it will not be applied | ||
708 | to unknown options that appear before it. | ||
692 | .It Cm IPQoS | 709 | .It Cm IPQoS |
693 | Specifies the IPv4 type-of-service or DSCP class for connections. | 710 | Specifies the IPv4 type-of-service or DSCP class for connections. |
694 | Accepted values are | 711 | Accepted values are |
@@ -963,8 +980,9 @@ The default is | |||
963 | This option applies to protocol version 2 only. | 980 | This option applies to protocol version 2 only. |
964 | .It Cm RekeyLimit | 981 | .It Cm RekeyLimit |
965 | Specifies the maximum amount of data that may be transmitted before the | 982 | Specifies the maximum amount of data that may be transmitted before the |
966 | session key is renegotiated. | 983 | session key is renegotiated, optionally followed a maximum amount of |
967 | The argument is the number of bytes, with an optional suffix of | 984 | time that may pass before the session key is renegotiated. |
985 | The first argument is specified in bytes and may have a suffix of | ||
968 | .Sq K , | 986 | .Sq K , |
969 | .Sq M , | 987 | .Sq M , |
970 | or | 988 | or |
@@ -975,6 +993,16 @@ The default is between | |||
975 | and | 993 | and |
976 | .Sq 4G , | 994 | .Sq 4G , |
977 | depending on the cipher. | 995 | depending on the cipher. |
996 | The optional second value is specified in seconds and may use any of the | ||
997 | units documented in the | ||
998 | TIME FORMATS section of | ||
999 | .Xr sshd_config 5 . | ||
1000 | The default value for | ||
1001 | .Cm RekeyLimit | ||
1002 | is | ||
1003 | .Dq default none , | ||
1004 | which means that rekeying is performed after the cipher's default amount | ||
1005 | of data has been sent or received and no time based rekeying is done. | ||
978 | This option applies to protocol version 2 only. | 1006 | This option applies to protocol version 2 only. |
979 | .It Cm RemoteForward | 1007 | .It Cm RemoteForward |
980 | Specifies that a TCP port on the remote machine be forwarded over | 1008 | Specifies that a TCP port on the remote machine be forwarded over |
@@ -1253,9 +1281,7 @@ The default is | |||
1253 | .Dq no . | 1281 | .Dq no . |
1254 | Note that this option applies to protocol version 2 only. | 1282 | Note that this option applies to protocol version 2 only. |
1255 | .Pp | 1283 | .Pp |
1256 | See also | 1284 | See also VERIFYING HOST KEYS in |
1257 | .Sx VERIFYING HOST KEYS | ||
1258 | in | ||
1259 | .Xr ssh 1 . | 1285 | .Xr ssh 1 . |
1260 | .It Cm VisualHostKey | 1286 | .It Cm VisualHostKey |
1261 | If this flag is set to | 1287 | If this flag is set to |