diff options
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | sshd_config | 4 | ||||
| -rw-r--r-- | sshd_config.5 | 6 |
3 files changed, 10 insertions, 3 deletions
| @@ -37,6 +37,9 @@ | |||
| 37 | [servconf.c servconf.h sshd.c sshd_config sshd_config.5] | 37 | [servconf.c servconf.h sshd.c sshd_config sshd_config.5] |
| 38 | VersionAddendum option to allow server operators to append some arbitrary | 38 | VersionAddendum option to allow server operators to append some arbitrary |
| 39 | text to the SSH-... banner; ok deraadt@ "don't care" markus@ | 39 | text to the SSH-... banner; ok deraadt@ "don't care" markus@ |
| 40 | - djm@cvs.openbsd.org 2012/04/12 02:43:55 | ||
| 41 | [sshd_config sshd_config.5] | ||
| 42 | mention AuthorizedPrincipalsFile=none default | ||
| 40 | 43 | ||
| 41 | 20120420 | 44 | 20120420 |
| 42 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | 45 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
diff --git a/sshd_config b/sshd_config index 99dbd8580..ec3ca2afc 100644 --- a/sshd_config +++ b/sshd_config | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | # $OpenBSD: sshd_config,v 1.85 2012/04/12 02:42:32 djm Exp $ | 1 | # $OpenBSD: sshd_config,v 1.86 2012/04/12 02:43:55 djm Exp $ |
| 2 | 2 | ||
| 3 | # This is the sshd server system-wide configuration file. See | 3 | # This is the sshd server system-wide configuration file. See |
| 4 | # sshd_config(5) for more information. | 4 | # sshd_config(5) for more information. |
| @@ -49,6 +49,8 @@ | |||
| 49 | # but this is overridden so installations will only check .ssh/authorized_keys | 49 | # but this is overridden so installations will only check .ssh/authorized_keys |
| 50 | AuthorizedKeysFile .ssh/authorized_keys | 50 | AuthorizedKeysFile .ssh/authorized_keys |
| 51 | 51 | ||
| 52 | #AuthorizedPrincipalsFile none | ||
| 53 | |||
| 52 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | 54 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts |
| 53 | #RhostsRSAAuthentication no | 55 | #RhostsRSAAuthentication no |
| 54 | # similar for protocol version 2 | 56 | # similar for protocol version 2 |
diff --git a/sshd_config.5 b/sshd_config.5 index 1522355a8..27ee19146 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
| @@ -33,7 +33,7 @@ | |||
| 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 35 | .\" | 35 | .\" |
| 36 | .\" $OpenBSD: sshd_config.5,v 1.137 2012/04/12 02:42:32 djm Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.138 2012/04/12 02:43:55 djm Exp $ |
| 37 | .Dd $Mdocdate: April 12 2012 $ | 37 | .Dd $Mdocdate: April 12 2012 $ |
| 38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
| 39 | .Os | 39 | .Os |
| @@ -198,7 +198,9 @@ After expansion, | |||
| 198 | is taken to be an absolute path or one relative to the user's home | 198 | is taken to be an absolute path or one relative to the user's home |
| 199 | directory. | 199 | directory. |
| 200 | .Pp | 200 | .Pp |
| 201 | The default is not to use a principals file \(en in this case, the username | 201 | The default is |
| 202 | .Dq none , | ||
| 203 | i.e. not to use a principals file \(en in this case, the username | ||
| 202 | of the user must appear in a certificate's principals list for it to be | 204 | of the user must appear in a certificate's principals list for it to be |
| 203 | accepted. | 205 | accepted. |
| 204 | Note that | 206 | Note that |