diff options
author | Colin Watson <cjwatson@debian.org> | 2020-06-07 10:19:23 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-06-07 10:19:23 +0100 |
commit | 202f5a676221c244cd450086c334c2b59f339e86 (patch) | |
tree | d2f90a3a9ce2b33485c271eab01a48f02ef6fb5a /sshd_config.5 | |
parent | f0de78bd4f29fa688c5df116f3f9cd43543a76d0 (diff) | |
parent | 9ca7e9c861775dd6c6312bc8aaab687403d24676 (diff) |
Import openssh_8.3p1.orig.tar.gz
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 70ccea449..b294efc2d 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd_config.5,v 1.307 2020/02/07 03:54:44 dtucker Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.311 2020/04/17 06:12:41 jmc Exp $ |
37 | .Dd $Mdocdate: February 7 2020 $ | 37 | .Dd $Mdocdate: April 17 2020 $ |
38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -247,12 +247,10 @@ more lines of authorized_keys output (see | |||
247 | .Sx AUTHORIZED_KEYS | 247 | .Sx AUTHORIZED_KEYS |
248 | in | 248 | in |
249 | .Xr sshd 8 ) . | 249 | .Xr sshd 8 ) . |
250 | If a key supplied by | ||
251 | .Cm AuthorizedKeysCommand | 250 | .Cm AuthorizedKeysCommand |
252 | does not successfully authenticate | 251 | is tried after the usual |
253 | and authorize the user then public key authentication continues using the usual | ||
254 | .Cm AuthorizedKeysFile | 252 | .Cm AuthorizedKeysFile |
255 | files. | 253 | files and will not be executed if a matching key is found there. |
256 | By default, no | 254 | By default, no |
257 | .Cm AuthorizedKeysCommand | 255 | .Cm AuthorizedKeysCommand |
258 | is run. | 256 | is run. |
@@ -778,19 +776,32 @@ rsa-sha2-512,rsa-sha2-256,ssh-rsa | |||
778 | The list of available key types may also be obtained using | 776 | The list of available key types may also be obtained using |
779 | .Qq ssh -Q HostKeyAlgorithms . | 777 | .Qq ssh -Q HostKeyAlgorithms . |
780 | .It Cm IgnoreRhosts | 778 | .It Cm IgnoreRhosts |
781 | Specifies that | 779 | Specifies whether to ignore per-user |
782 | .Pa .rhosts | 780 | .Pa .rhosts |
783 | and | 781 | and |
784 | .Pa .shosts | 782 | .Pa .shosts |
785 | files will not be used in | 783 | files during |
786 | .Cm HostbasedAuthentication . | 784 | .Cm HostbasedAuthentication . |
787 | .Pp | 785 | The system-wide |
788 | .Pa /etc/hosts.equiv | 786 | .Pa /etc/hosts.equiv |
789 | and | 787 | and |
790 | .Pa /etc/shosts.equiv | 788 | .Pa /etc/shosts.equiv |
791 | are still used. | 789 | are still used regardless of this setting. |
792 | The default is | 790 | .Pp |
793 | .Cm yes . | 791 | Accepted values are |
792 | .Cm yes | ||
793 | (the default) to ignore all per-user files, | ||
794 | .Cm shosts-only | ||
795 | to allow the use of | ||
796 | .Pa .shosts | ||
797 | but to ignore | ||
798 | .Pa .rhosts | ||
799 | or | ||
800 | .Cm no | ||
801 | to allow both | ||
802 | .Pa .shosts | ||
803 | and | ||
804 | .Pa rhosts . | ||
794 | .It Cm IgnoreUserKnownHosts | 805 | .It Cm IgnoreUserKnownHosts |
795 | Specifies whether | 806 | Specifies whether |
796 | .Xr sshd 8 | 807 | .Xr sshd 8 |
@@ -1162,6 +1173,7 @@ Available keywords are | |||
1162 | .Cm HostbasedAcceptedKeyTypes , | 1173 | .Cm HostbasedAcceptedKeyTypes , |
1163 | .Cm HostbasedAuthentication , | 1174 | .Cm HostbasedAuthentication , |
1164 | .Cm HostbasedUsesNameFromPacketOnly , | 1175 | .Cm HostbasedUsesNameFromPacketOnly , |
1176 | .Cm IgnoreRhosts , | ||
1165 | .Cm Include , | 1177 | .Cm Include , |
1166 | .Cm IPQoS , | 1178 | .Cm IPQoS , |
1167 | .Cm KbdInteractiveAuthentication , | 1179 | .Cm KbdInteractiveAuthentication , |