diff options
author | djm@openbsd.org <djm@openbsd.org> | 2017-06-24 06:34:38 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2017-06-24 16:56:11 +1000 |
commit | 8f574959272ac7fe9239c4f5d10fd913f8920ab0 (patch) | |
tree | 51ab66a6011af6459e0d4ca15a4b4b78368607a1 /sshd_config.5 | |
parent | e2004d4bb7eb01c663dd3a3e7eb224f1ccdc9bba (diff) |
upstream commit
refactor authentication logging
optionally record successful auth methods and public credentials
used in a file accessible to user sessions
feedback and ok markus@
Upstream-ID: 090b93036967015717b9a54fd0467875ae9d32fb
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 7b4cb1d9a..cfe1db82a 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd_config.5,v 1.245 2017/05/17 01:24:17 djm Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.246 2017/06/24 06:34:38 djm Exp $ |
37 | .Dd $Mdocdate: May 17 2017 $ | 37 | .Dd $Mdocdate: June 24 2017 $ |
38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -564,6 +564,12 @@ Disables all forwarding features, including X11, | |||
564 | TCP and StreamLocal. | 564 | TCP and StreamLocal. |
565 | This option overrides all other forwarding-related options and may | 565 | This option overrides all other forwarding-related options and may |
566 | simplify restricted configurations. | 566 | simplify restricted configurations. |
567 | .It Cm ExposeAuthInfo | ||
568 | Enables writing a file containing a list of authentication methods and | ||
569 | public credentials (e.g. keys) used to authenticate the user. | ||
570 | The location of the file is exposed to the user session though the | ||
571 | .Ev SSH_AUTH_INFO | ||
572 | enviornment variable. | ||
567 | .It Cm FingerprintHash | 573 | .It Cm FingerprintHash |
568 | Specifies the hash algorithm used when logging key fingerprints. | 574 | Specifies the hash algorithm used when logging key fingerprints. |
569 | Valid options are: | 575 | Valid options are: |