- markus@cvs.openbsd.org 2001/05/20 17:20:36

[auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8 sshd_config] configurable authorized_keys{,2} location; originally from peter@; ok djm@
author: Ben Lindstrom <mouring@eviladmin.org> 2001-06-05 20:25:05 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-06-05 20:25:05 +0000
commit: bfb3a0e973214fabc1be744b8c7e4a89a0c5570c (patch)
tree: 8227151356ee10ae6762c42442f272b0db418973 /sshd.8
parent: e2595448766a4149bbd2652830d1b086a066af13 (diff)
1 files changed, 36 insertions, 5 deletions
diff --git a/sshd.8 b/sshd.8
index 02960b70b..a66dac54e 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.124 2001/05/19 19:43:57 stevesk Exp $
+.\" $OpenBSD: sshd.8,v 1.125 2001/05/20 17:20:35 markus Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -331,6 +331,34 @@ wildcards in the patterns.
 Only user names are valid; a numerical user ID isn't recognized.
 By default login is allowed regardless of the user name.
 .Pp
+.It Cm AuthorizedKeysFile
+Specifies the file that contains the public RSA keys that can be used
+for RSA authentication in protocol version 1.
+.Cm AuthorizedKeysFile
+may contain tokens of the form %T which are substituted during connection
+set-up. The following tokens are defined; %% is replaces by a literal '%',
+%h is replaced by the home directory of the user being authenticated and
+%u is replaced by the username of that user.
+After expansion,
+.Cm AuthorizedKeysFile
+is taken to be an absolute path or one realtive to the user's home
+directory.
+The default is
+.Dq .ssh/authorized_keys
+.It Cm AuthorizedKeysFile2
+Specifies the file that contains the public keys that can be used
+for public key authentication in protocol version 2.
+.Cm AuthorizedKeysFile2
+may contain tokens of the form %T which are substituted during connection
+set-up. The following tokens are defined; %% is replaces by a literal '%',
+%h is replaced by the home directory of the user being authenticated and
+%u is replaced by the username of that user.
+After expansion,
+.Cm AuthorizedKeysFile2
+is taken to be an absolute path or one realtive to the user's home
+directory.
+The default is
+.Dq .ssh/authorized_keys2
 .It Cm Banner
 In some jurisdictions, sending a warning message before authentication
 may be relevant for getting legal protection.
@@ -883,15 +911,18 @@ authentication protocol and cookie in standard input.
 Runs user's shell or command.
 .El
 .Sh AUTHORIZED_KEYS FILE FORMAT
-The
 .Pa $HOME/.ssh/authorized_keys
-file lists the RSA keys that are
+is the default file that lists the RSA keys that are
 permitted for RSA authentication in protocol version 1.
-Similarly, the
+.Cm AuthorizedKeysFile
+may be used to specify an alternative file.
+Similarly,
 .Pa $HOME/.ssh/authorized_keys2
-file lists the DSA and RSA keys that are
+is the default file that lists the DSA and RSA keys that are
 permitted for public key authentication (PubkeyAuthentication)
 in protocol version 2.
+.Cm AuthorizedKeysFile2
+may be used to specify an alternative file.
 .Pp
 Each line of the file contains one
 key (empty lines and lines starting with a
author	Ben Lindstrom <mouring@eviladmin.org>	2001-06-05 20:25:05 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-06-05 20:25:05 +0000
commit	bfb3a0e973214fabc1be744b8c7e4a89a0c5570c (patch)
tree	8227151356ee10ae6762c42442f272b0db418973 /sshd.8
parent	e2595448766a4149bbd2652830d1b086a066af13 (diff)

diff --git a/sshd.8 b/sshd.8 index 02960b70b..a66dac54e 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.124 2001/05/19 19:43:57 stevesk Exp $	37	.\" $OpenBSD: sshd.8,v 1.125 2001/05/20 17:20:35 markus Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -331,6 +331,34 @@ wildcards in the patterns.
331	Only user names are valid; a numerical user ID isn't recognized.	331	Only user names are valid; a numerical user ID isn't recognized.
332	By default login is allowed regardless of the user name.	332	By default login is allowed regardless of the user name.
333	.Pp	333	.Pp
		334	.It Cm AuthorizedKeysFile
		335	Specifies the file that contains the public RSA keys that can be used
		336	for RSA authentication in protocol version 1.
		337	.Cm AuthorizedKeysFile
		338	may contain tokens of the form %T which are substituted during connection
		339	set-up. The following tokens are defined; %% is replaces by a literal '%',
		340	%h is replaced by the home directory of the user being authenticated and
		341	%u is replaced by the username of that user.
		342	After expansion,
		343	.Cm AuthorizedKeysFile
		344	is taken to be an absolute path or one realtive to the user's home
		345	directory.
		346	The default is
		347	.Dq .ssh/authorized_keys
		348	.It Cm AuthorizedKeysFile2
		349	Specifies the file that contains the public keys that can be used
		350	for public key authentication in protocol version 2.
		351	.Cm AuthorizedKeysFile2
		352	may contain tokens of the form %T which are substituted during connection
		353	set-up. The following tokens are defined; %% is replaces by a literal '%',
		354	%h is replaced by the home directory of the user being authenticated and
		355	%u is replaced by the username of that user.
		356	After expansion,
		357	.Cm AuthorizedKeysFile2
		358	is taken to be an absolute path or one realtive to the user's home
		359	directory.
		360	The default is
		361	.Dq .ssh/authorized_keys2
334	.It Cm Banner	362	.It Cm Banner
335	In some jurisdictions, sending a warning message before authentication	363	In some jurisdictions, sending a warning message before authentication
336	may be relevant for getting legal protection.	364	may be relevant for getting legal protection.
@@ -883,15 +911,18 @@ authentication protocol and cookie in standard input.
883	Runs user's shell or command.	911	Runs user's shell or command.
884	.El	912	.El
885	.Sh AUTHORIZED_KEYS FILE FORMAT	913	.Sh AUTHORIZED_KEYS FILE FORMAT
886	The
887	.Pa $HOME/.ssh/authorized_keys	914	.Pa $HOME/.ssh/authorized_keys
888	file lists the RSA keys that are	915	is the default file that lists the RSA keys that are
889	permitted for RSA authentication in protocol version 1.	916	permitted for RSA authentication in protocol version 1.
890	Similarly, the	917	.Cm AuthorizedKeysFile
		918	may be used to specify an alternative file.
		919	Similarly,
891	.Pa $HOME/.ssh/authorized_keys2	920	.Pa $HOME/.ssh/authorized_keys2
892	file lists the DSA and RSA keys that are	921	is the default file that lists the DSA and RSA keys that are
893	permitted for public key authentication (PubkeyAuthentication)	922	permitted for public key authentication (PubkeyAuthentication)
894	in protocol version 2.	923	in protocol version 2.
		924	.Cm AuthorizedKeysFile2
		925	may be used to specify an alternative file.
895	.Pp	926	.Pp
896	Each line of the file contains one	927	Each line of the file contains one
897	key (empty lines and lines starting with a	928	key (empty lines and lines starting with a