diff options
| -rw-r--r-- | debian/changelog | 2 | ||||
| -rw-r--r-- | ssh.1 | 4 | ||||
| -rw-r--r-- | ssh.c | 7 |
3 files changed, 10 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog index aa1403e67..f6a5f2696 100644 --- a/debian/changelog +++ b/debian/changelog | |||
| @@ -10,6 +10,8 @@ openssh (1:4.3p2-7) UNRELEASED; urgency=low | |||
| 10 | * Default client to attempting GSSAPI authentication. | 10 | * Default client to attempting GSSAPI authentication. |
| 11 | * Remove obsolete GSSAPINoMICAuthentication from sshd_config if it's | 11 | * Remove obsolete GSSAPINoMICAuthentication from sshd_config if it's |
| 12 | found. | 12 | found. |
| 13 | * Add ssh -K option, the converse of -k, to enable GSSAPI credential | ||
| 14 | delegation (closes: #401483). | ||
| 13 | 15 | ||
| 14 | -- Colin Watson <cjwatson@debian.org> Mon, 20 Nov 2006 14:57:16 +0000 | 16 | -- Colin Watson <cjwatson@debian.org> Mon, 20 Nov 2006 14:57:16 +0000 |
| 15 | 17 | ||
| @@ -43,7 +43,7 @@ | |||
| 43 | .Nd OpenSSH SSH client (remote login program) | 43 | .Nd OpenSSH SSH client (remote login program) |
| 44 | .Sh SYNOPSIS | 44 | .Sh SYNOPSIS |
| 45 | .Nm ssh | 45 | .Nm ssh |
| 46 | .Op Fl 1246AaCfgkMNnqsTtVvXxY | 46 | .Op Fl 1246AaCfgKkMNnqsTtVvXxY |
| 47 | .Op Fl b Ar bind_address | 47 | .Op Fl b Ar bind_address |
| 48 | .Op Fl c Ar cipher_spec | 48 | .Op Fl c Ar cipher_spec |
| 49 | .Oo Fl D\ \& | 49 | .Oo Fl D\ \& |
| @@ -314,6 +314,8 @@ It is possible to have multiple | |||
| 314 | .Fl i | 314 | .Fl i |
| 315 | options (and multiple identities specified in | 315 | options (and multiple identities specified in |
| 316 | configuration files). | 316 | configuration files). |
| 317 | .It Fl K | ||
| 318 | Enables forwarding (delegation) of GSSAPI credentials to the server. | ||
| 317 | .It Fl k | 319 | .It Fl k |
| 318 | Disables forwarding (delegation) of GSSAPI credentials to the server. | 320 | Disables forwarding (delegation) of GSSAPI credentials to the server. |
| 319 | .It Fl L Xo | 321 | .It Fl L Xo |
| @@ -157,7 +157,7 @@ static void | |||
| 157 | usage(void) | 157 | usage(void) |
| 158 | { | 158 | { |
| 159 | fprintf(stderr, | 159 | fprintf(stderr, |
| 160 | "usage: ssh [-1246AaCfgkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]\n" | 160 | "usage: ssh [-1246AaCfgKkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]\n" |
| 161 | " [-D [bind_address:]port] [-e escape_char] [-F configfile]\n" | 161 | " [-D [bind_address:]port] [-e escape_char] [-F configfile]\n" |
| 162 | " [-i identity_file] [-L [bind_address:]port:host:hostport]\n" | 162 | " [-i identity_file] [-L [bind_address:]port:host:hostport]\n" |
| 163 | " [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" | 163 | " [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" |
| @@ -244,7 +244,7 @@ main(int ac, char **av) | |||
| 244 | 244 | ||
| 245 | again: | 245 | again: |
| 246 | while ((opt = getopt(ac, av, | 246 | while ((opt = getopt(ac, av, |
| 247 | "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:L:MNO:PR:S:TVw:XY")) != -1) { | 247 | "1246ab:c:e:fgi:kl:m:no:p:qstvxACD:F:I:KL:MNO:PR:S:TVw:XY")) != -1) { |
| 248 | switch (opt) { | 248 | switch (opt) { |
| 249 | case '1': | 249 | case '1': |
| 250 | options.protocol = SSH_PROTO_1; | 250 | options.protocol = SSH_PROTO_1; |
| @@ -298,6 +298,9 @@ again: | |||
| 298 | case 'k': | 298 | case 'k': |
| 299 | options.gss_deleg_creds = 0; | 299 | options.gss_deleg_creds = 0; |
| 300 | break; | 300 | break; |
| 301 | case 'K': | ||
| 302 | options.gss_deleg_creds = 1; | ||
| 303 | break; | ||
| 301 | case 'i': | 304 | case 'i': |
| 302 | if (stat(optarg, &st) < 0) { | 305 | if (stat(optarg, &st) < 0) { |
| 303 | fprintf(stderr, "Warning: Identity file %s " | 306 | fprintf(stderr, "Warning: Identity file %s " |