diff options
author | naddy@openbsd.org <naddy@openbsd.org> | 2019-12-21 20:22:34 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-12-30 14:31:40 +1100 |
commit | 141df487ba699cfd1ec3dcd98186e7c956e99024 (patch) | |
tree | d759e3195bf74db1bf1673c563dd24450fcc4c50 /sshd_config.5 | |
parent | fbd9729d4eadf2f7097b6017156387ac64302453 (diff) |
upstream: Replace the term "security key" with "(FIDO)
authenticator".
The polysemous use of "key" was too confusing. Input from markus@.
ok jmc@
OpenBSD-Commit-ID: 12eea973a44c8232af89f86e4269d71ae900ca8f
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 222193170..76ec69baf 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd_config.5,v 1.296 2019/12/19 15:09:30 naddy Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.297 2019/12/21 20:22:34 naddy Exp $ |
37 | .Dd $Mdocdate: December 19 2019 $ | 37 | .Dd $Mdocdate: December 21 2019 $ |
38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -1462,20 +1462,20 @@ and | |||
1462 | .Pp | 1462 | .Pp |
1463 | The | 1463 | The |
1464 | .Cm touch-required | 1464 | .Cm touch-required |
1465 | option causes public key authentication using a security key algorithm | 1465 | option causes public key authentication using a FIDO authenticator algorithm |
1466 | (i.e.\& | 1466 | (i.e.\& |
1467 | .Cm ecdsa-sk | 1467 | .Cm ecdsa-sk |
1468 | or | 1468 | or |
1469 | .Cm ed25519-sk ) | 1469 | .Cm ed25519-sk ) |
1470 | to always require the signature to attest that a physically present user | 1470 | to always require the signature to attest that a physically present user |
1471 | explicitly confirmed the authentication (usually by touching the security key). | 1471 | explicitly confirmed the authentication (usually by touching the authenticator). |
1472 | By default, | 1472 | By default, |
1473 | .Xr sshd 8 | 1473 | .Xr sshd 8 |
1474 | requires key touch unless overridden with an authorized_keys option. | 1474 | requires user presence unless overridden with an authorized_keys option. |
1475 | The | 1475 | The |
1476 | .Cm touch-required | 1476 | .Cm touch-required |
1477 | flag disables this override. | 1477 | flag disables this override. |
1478 | This option has no effect for other, non-security key, public key types. | 1478 | This option has no effect for other, non-authenticator public key types. |
1479 | .It Cm PubkeyAuthentication | 1479 | .It Cm PubkeyAuthentication |
1480 | Specifies whether public key authentication is allowed. | 1480 | Specifies whether public key authentication is allowed. |
1481 | The default is | 1481 | The default is |
@@ -1527,9 +1527,9 @@ If the routing domain is set to | |||
1527 | .Cm \&%D , | 1527 | .Cm \&%D , |
1528 | then the domain in which the incoming connection was received will be applied. | 1528 | then the domain in which the incoming connection was received will be applied. |
1529 | .It Cm SecurityKeyProvider | 1529 | .It Cm SecurityKeyProvider |
1530 | Specifies a path to a security key provider library that will be used when | 1530 | Specifies a path to a library that will be used when loading |
1531 | loading any security key-hosted keys, overriding the default of using | 1531 | FIDO authenticator-hosted keys, overriding the default of using |
1532 | the built-in support for USB HID keys. | 1532 | the built-in USB HID support. |
1533 | .It Cm SetEnv | 1533 | .It Cm SetEnv |
1534 | Specifies one or more environment variables to set in child sessions started | 1534 | Specifies one or more environment variables to set in child sessions started |
1535 | by | 1535 | by |