diff options
author | Colin Watson <cjwatson@debian.org> | 2004-05-01 11:41:25 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2004-05-01 11:41:25 +0000 |
commit | 915bfea2af69a3bb352a9b4e98e3434b8425124d (patch) | |
tree | ef732498a75f2e13a7a9827edc833dc58bc2a2af /sshd_config.5 | |
parent | 89e7a2dfe6044f3980098911a7470d401ff70eb1 (diff) | |
parent | 16f1d21ea191deaaeeba719d01c0ad82aa044653 (diff) |
Merge 3.8.1p1 to the trunk, minus RFC.nroff (#211640).
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 41228248c..e15a225f2 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd_config.5,v 1.28 2004/02/17 19:35:21 jmc Exp $ | 37 | .\" $OpenBSD: sshd_config.5,v 1.29 2004/03/08 10:18:57 dtucker Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD_CONFIG 5 | 39 | .Dt SSHD_CONFIG 5 |
40 | .Os | 40 | .Os |
@@ -300,6 +300,11 @@ To use this option, the server needs a | |||
300 | Kerberos servtab which allows the verification of the KDC's identity. | 300 | Kerberos servtab which allows the verification of the KDC's identity. |
301 | Default is | 301 | Default is |
302 | .Dq no . | 302 | .Dq no . |
303 | .It Cm KerberosGetAFSToken | ||
304 | If AFS is active and the user has a Kerberos 5 TGT, attempt to aquire | ||
305 | an AFS token before accessing the user's home directory. | ||
306 | Default is | ||
307 | .Dq no . | ||
303 | .It Cm KerberosOrLocalPasswd | 308 | .It Cm KerberosOrLocalPasswd |
304 | If set then if password authentication through Kerberos fails then | 309 | If set then if password authentication through Kerberos fails then |
305 | the password will be validated via any additional local mechanism | 310 | the password will be validated via any additional local mechanism |
@@ -429,7 +434,9 @@ The default is | |||
429 | .Pp | 434 | .Pp |
430 | If this option is set to | 435 | If this option is set to |
431 | .Dq without-password | 436 | .Dq without-password |
432 | password authentication is disabled for root. | 437 | password authentication is disabled for root. Note that other authentication |
438 | methods (e.g., keyboard-interactive/PAM) may still allow root to login using | ||
439 | a password. | ||
433 | .Pp | 440 | .Pp |
434 | If this option is set to | 441 | If this option is set to |
435 | .Dq forced-commands-only | 442 | .Dq forced-commands-only |