- djm@cvs.openbsd.org 2012/11/04 10:38:43

[auth2-pubkey.c sshd.c sshd_config.5] Remove default of AuthorizedCommandUser. Administrators are now expected to explicitly specify a user. feedback and ok markus@
author: Damien Miller <djm@mindrot.org> 2012-11-04 22:23:14 +1100
committer: Damien Miller <djm@mindrot.org> 2012-11-04 22:23:14 +1100
commit: d0d1099b3b8a766480ce6df215631bf0af6e6bcd (patch)
tree: e29b37b3e3a9e8e14e78ddc5eb15005fe201717f /sshd_config.5
parent: f33580eed055472b9e5ca05f4826b05e9eacc651 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index 3cc901a82..0fb0b837d 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.147 2012/10/31 08:04:50 jmc Exp $
+.\" $OpenBSD: sshd_config.5,v 1.148 2012/11/04 10:38:43 djm Exp $
-.Dd $Mdocdate: October 31 2012 $
+.Dd $Mdocdate: November 4 2012 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -166,7 +166,6 @@ files.
 By default, no AuthorizedKeysCommand is run.
 .It Cm AuthorizedKeysCommandUser
 Specifies the user under whose account the AuthorizedKeysCommand is run.
-The default is the user being authenticated.
 It is recommended to use a dedicated user that has no other role on the host
 than running authorized keys commands.
 .It Cm AuthorizedKeysFile
author	Damien Miller <djm@mindrot.org>	2012-11-04 22:23:14 +1100
committer	Damien Miller <djm@mindrot.org>	2012-11-04 22:23:14 +1100
commit	d0d1099b3b8a766480ce6df215631bf0af6e6bcd (patch)
tree	e29b37b3e3a9e8e14e78ddc5eb15005fe201717f /sshd_config.5
parent	f33580eed055472b9e5ca05f4826b05e9eacc651 (diff)

diff --git a/sshd_config.5 b/sshd_config.5 index 3cc901a82..0fb0b837d 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: sshd_config.5,v 1.147 2012/10/31 08:04:50 jmc Exp $	36	.\" $OpenBSD: sshd_config.5,v 1.148 2012/11/04 10:38:43 djm Exp $
37	.Dd $Mdocdate: October 31 2012 $	37	.Dd $Mdocdate: November 4 2012 $
38	.Dt SSHD_CONFIG 5	38	.Dt SSHD_CONFIG 5
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -166,7 +166,6 @@ files.
166	By default, no AuthorizedKeysCommand is run.	166	By default, no AuthorizedKeysCommand is run.
167	.It Cm AuthorizedKeysCommandUser	167	.It Cm AuthorizedKeysCommandUser
168	Specifies the user under whose account the AuthorizedKeysCommand is run.	168	Specifies the user under whose account the AuthorizedKeysCommand is run.
169	The default is the user being authenticated.
170	It is recommended to use a dedicated user that has no other role on the host	169	It is recommended to use a dedicated user that has no other role on the host
171	than running authorized keys commands.	170	than running authorized keys commands.
172	.It Cm AuthorizedKeysFile	171	.It Cm AuthorizedKeysFile