summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--sshd_config4
-rw-r--r--sshd_config.56
3 files changed, 10 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index a8312a5ef..5ca22714c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -37,6 +37,9 @@
37 [servconf.c servconf.h sshd.c sshd_config sshd_config.5] 37 [servconf.c servconf.h sshd.c sshd_config sshd_config.5]
38 VersionAddendum option to allow server operators to append some arbitrary 38 VersionAddendum option to allow server operators to append some arbitrary
39 text to the SSH-... banner; ok deraadt@ "don't care" markus@ 39 text to the SSH-... banner; ok deraadt@ "don't care" markus@
40 - djm@cvs.openbsd.org 2012/04/12 02:43:55
41 [sshd_config sshd_config.5]
42 mention AuthorizedPrincipalsFile=none default
40 43
4120120420 4420120420
42 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 45 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
diff --git a/sshd_config b/sshd_config
index 99dbd8580..ec3ca2afc 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
1# $OpenBSD: sshd_config,v 1.85 2012/04/12 02:42:32 djm Exp $ 1# $OpenBSD: sshd_config,v 1.86 2012/04/12 02:43:55 djm Exp $
2 2
3# This is the sshd server system-wide configuration file. See 3# This is the sshd server system-wide configuration file. See
4# sshd_config(5) for more information. 4# sshd_config(5) for more information.
@@ -49,6 +49,8 @@
49# but this is overridden so installations will only check .ssh/authorized_keys 49# but this is overridden so installations will only check .ssh/authorized_keys
50AuthorizedKeysFile .ssh/authorized_keys 50AuthorizedKeysFile .ssh/authorized_keys
51 51
52#AuthorizedPrincipalsFile none
53
52# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts 54# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
53#RhostsRSAAuthentication no 55#RhostsRSAAuthentication no
54# similar for protocol version 2 56# similar for protocol version 2
diff --git a/sshd_config.5 b/sshd_config.5
index 1522355a8..27ee19146 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,7 +33,7 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: sshd_config.5,v 1.137 2012/04/12 02:42:32 djm Exp $ 36.\" $OpenBSD: sshd_config.5,v 1.138 2012/04/12 02:43:55 djm Exp $
37.Dd $Mdocdate: April 12 2012 $ 37.Dd $Mdocdate: April 12 2012 $
38.Dt SSHD_CONFIG 5 38.Dt SSHD_CONFIG 5
39.Os 39.Os
@@ -198,7 +198,9 @@ After expansion,
198is taken to be an absolute path or one relative to the user's home 198is taken to be an absolute path or one relative to the user's home
199directory. 199directory.
200.Pp 200.Pp
201The default is not to use a principals file \(en in this case, the username 201The default is
202.Dq none ,
203i.e. not to use a principals file \(en in this case, the username
202of the user must appear in a certificate's principals list for it to be 204of the user must appear in a certificate's principals list for it to be
203accepted. 205accepted.
204Note that 206Note that