summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--ssh_config.572
2 files changed, 40 insertions, 37 deletions
diff --git a/ChangeLog b/ChangeLog
index bdfb7520b..dbfb130a6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -186,6 +186,9 @@
186 [sshd_config.5] 186 [sshd_config.5]
187 document the order in which allow/deny directives are processed; 187 document the order in which allow/deny directives are processed;
188 help/ok dtucker 188 help/ok dtucker
189 - jmc@cvs.openbsd.org 2006/02/26 17:17:18
190 [ssh_config.5]
191 move PATTERNS to the end of the main body; requested by dtucker
189 192
19020060313 19320060313
191 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong) 194 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@@ -4087,4 +4090,4 @@
4087 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 4090 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
4088 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 4091 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
4089 4092
4090$Id: ChangeLog,v 1.4193 2006/03/15 00:58:49 djm Exp $ 4093$Id: ChangeLog,v 1.4194 2006/03/15 00:59:08 djm Exp $
diff --git a/ssh_config.5 b/ssh_config.5
index 0e6a41808..3c5bf3919 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh_config.5,v 1.85 2006/02/25 12:26:17 jmc Exp $ 37.\" $OpenBSD: ssh_config.5,v 1.86 2006/02/26 17:17:18 jmc Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSH_CONFIG 5 39.Dt SSH_CONFIG 5
40.Os 40.Os
@@ -73,42 +73,7 @@ The matched host name is the one given on the command line.
73Since the first obtained value for each parameter is used, more 73Since the first obtained value for each parameter is used, more
74host-specific declarations should be given near the beginning of the 74host-specific declarations should be given near the beginning of the
75file, and general defaults at the end. 75file, and general defaults at the end.
76.Sh PATTERNS
77A
78.Em pattern
79consists of zero or more non-whitespace characters,
80.Sq *
81(a wildcard that matches zero or more characters),
82or
83.Sq ?\&
84(a wildcard that matches exactly one character).
85For example, to specify a set of declarations for any host in the
86.Dq .co.uk
87set of domains,
88the following pattern could be used:
89.Pp
90.Dl Host *.co.uk
91.Pp
92The following pattern
93would match any host in the 192.168.0.[0-9] network range:
94.Pp 76.Pp
95.Dl Host 192.168.0.?
96.Pp
97A
98.Em pattern-list
99is a comma-separated list of patterns.
100Patterns within pattern-lists may be negated
101by preceding them with an exclamation mark
102.Pq Sq !\& .
103For example,
104to allow a key to be used from anywhere within an organisation
105except from the
106.Dq dialup
107pool,
108the following entry (in authorized_keys) could be used:
109.Pp
110.Dl from=\&"!*.dialup.example.com,*.example.com\&"
111.Sh FILE FORMAT
112The configuration file has the following format: 77The configuration file has the following format:
113.Pp 78.Pp
114Empty lines and lines starting with 79Empty lines and lines starting with
@@ -1023,6 +988,41 @@ program.
1023The default is 988The default is
1024.Pa /usr/X11R6/bin/xauth . 989.Pa /usr/X11R6/bin/xauth .
1025.El 990.El
991.Sh PATTERNS
992A
993.Em pattern
994consists of zero or more non-whitespace characters,
995.Sq *
996(a wildcard that matches zero or more characters),
997or
998.Sq ?\&
999(a wildcard that matches exactly one character).
1000For example, to specify a set of declarations for any host in the
1001.Dq .co.uk
1002set of domains,
1003the following pattern could be used:
1004.Pp
1005.Dl Host *.co.uk
1006.Pp
1007The following pattern
1008would match any host in the 192.168.0.[0-9] network range:
1009.Pp
1010.Dl Host 192.168.0.?
1011.Pp
1012A
1013.Em pattern-list
1014is a comma-separated list of patterns.
1015Patterns within pattern-lists may be negated
1016by preceding them with an exclamation mark
1017.Pq Sq !\& .
1018For example,
1019to allow a key to be used from anywhere within an organisation
1020except from the
1021.Dq dialup
1022pool,
1023the following entry (in authorized_keys) could be used:
1024.Pp
1025.Dl from=\&"!*.dialup.example.com,*.example.com\&"
1026.Sh FILES 1026.Sh FILES
1027.Bl -tag -width Ds 1027.Bl -tag -width Ds
1028.It Pa ~/.ssh/config 1028.It Pa ~/.ssh/config