1 files changed, 63 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index 19d13f5c7..45496cfbc 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -72,6 +72,22 @@ Since the first obtained value for each parameter is used, more
 host-specific declarations should be given near the beginning of the
 file, and general defaults at the end.
 .Pp
+Note that the Debian
+.Ic openssh-client
+package sets several options as standard in
+.Pa /etc/ssh/ssh_config
+which are not the default in
+.Xr ssh 1 :
+.Pp
+.Bl -bullet -offset indent -compact
+.It
+.Cm SendEnv No LANG LC_*
+.It
+.Cm HashKnownHosts No yes
+.It
+.Cm GSSAPIAuthentication No yes
+.El
+.Pp
 The configuration file has the following format:
 .Pp
 Empty lines and lines starting with
@@ -128,8 +144,12 @@ Valid arguments are
 If set to
 .Dq yes ,
 passphrase/password querying will be disabled.
+In addition, the
+.Cm ServerAliveInterval
+option will be set to 300 seconds by default.
 This option is useful in scripts and other batch jobs where no user
-is present to supply the password.
+is present to supply the password,
+and where it is desirable to detect a broken network swiftly.
 The argument must be
 .Dq yes
 or
@@ -448,7 +468,8 @@ token used for the session will be set to expire after 20 minutes.
 Remote clients will be refused access after this time.
 .Pp
 The default is
-.Dq no .
+.Dq yes
+(Debian-specific).
 .Pp
 See the X11 SECURITY extension specification for full details on
 the restrictions imposed on untrusted clients.
@@ -527,6 +548,9 @@ Note that existing names and addresses in known hosts files
 will not be converted automatically,
 but may be manually hashed using
 .Xr ssh-keygen 1 .
+Use of this option may break facilities such as tab-completion that rely
+on being able to read unhashed host names from
+.Pa ~/.ssh/known_hosts .
 .It Cm HostbasedAuthentication
 Specifies whether to try rhosts based authentication with public key
 authentication.
@@ -952,7 +976,10 @@ If, for example,
 .Cm ServerAliveCountMax
 is left at the default, if the server becomes unresponsive,
 ssh will disconnect after approximately 45 seconds.
-This option applies to protocol version 2 only.
+This option applies to protocol version 2 only; in protocol version
+1 there is no mechanism to request a response from the server to the
+server alive messages, so disconnection is the responsibility of the TCP
+stack.
 .It Cm ServerAliveInterval
 Sets a timeout interval in seconds after which if no data has been received
 from the server,
@@ -960,8 +987,15 @@ from the server,
 will send a message through the encrypted
 channel to request a response from the server.
 The default
-is 0, indicating that these messages will not be sent to the server.
+is 0, indicating that these messages will not be sent to the server,
+or 300 if the
+.Cm BatchMode
+option is set.
 This option applies to protocol version 2 only.
+.Cm ProtocolKeepAlives
+and
+.Cm SetupTimeOut
+are Debian-specific compatibility aliases for this option.
 .It Cm StrictHostKeyChecking
 If this flag is set to
 .Dq yes ,
@@ -1000,6 +1034,12 @@ Specifies whether the system should send TCP keepalive messages to the
 other side.
 If they are sent, death of the connection or crash of one
 of the machines will be properly noticed.
+This option only uses TCP keepalives (as opposed to using ssh level
+keepalives), so takes a long time to notice when the connection dies.
+As such, you probably want
+the
+.Cm ServerAliveInterval
+option as well.
 However, this means that
 connections will die if the route is down temporarily, and some people
 find it annoying.
@@ -1051,6 +1091,23 @@ is not specified, it defaults to
 .Dq any .
 The default is
 .Dq any:any .
+.It Cm UseBlacklistedKeys
+Specifies whether
+.Xr ssh 1
+should use keys recorded in its blacklist of known-compromised keys (see
+.Xr ssh-vulnkey 1 )
+for authentication.
+If
+.Dq yes ,
+then attempts to use compromised keys for authentication will be logged but
+accepted.
+It is strongly recommended that this be used only to install new authorized
+keys on the remote system, and even then only with the utmost care.
+If
+.Dq no ,
+then attempts to use compromised keys for authentication will be prevented.
+The default is
+.Dq no .
 .It Cm UsePrivilegedPort
 Specifies whether to use a privileged port for outgoing connections.
 The argument must be
@@ -1167,6 +1224,8 @@ The format of this file is described above.
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
+It may be group-writable provided that the group in question contains only
+the user.
 .It Pa /etc/ssh/ssh_config
 Systemwide configuration file.
 This file provides defaults for those

diff --git a/ssh_config.5 b/ssh_config.5 index 19d13f5c7..45496cfbc 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -72,6 +72,22 @@ Since the first obtained value for each parameter is used, more
72	host-specific declarations should be given near the beginning of the	72	host-specific declarations should be given near the beginning of the
73	file, and general defaults at the end.	73	file, and general defaults at the end.
74	.Pp	74	.Pp
		75	Note that the Debian
		76	.Ic openssh-client
		77	package sets several options as standard in
		78	.Pa /etc/ssh/ssh_config
		79	which are not the default in
		80	.Xr ssh 1 :
		81	.Pp
		82	.Bl -bullet -offset indent -compact
		83	.It
		84	.Cm SendEnv No LANG LC_*
		85	.It
		86	.Cm HashKnownHosts No yes
		87	.It
		88	.Cm GSSAPIAuthentication No yes
		89	.El
		90	.Pp
75	The configuration file has the following format:	91	The configuration file has the following format:
76	.Pp	92	.Pp
77	Empty lines and lines starting with	93	Empty lines and lines starting with
@@ -128,8 +144,12 @@ Valid arguments are
128	If set to	144	If set to
129	.Dq yes ,	145	.Dq yes ,
130	passphrase/password querying will be disabled.	146	passphrase/password querying will be disabled.
		147	In addition, the
		148	.Cm ServerAliveInterval
		149	option will be set to 300 seconds by default.
131	This option is useful in scripts and other batch jobs where no user	150	This option is useful in scripts and other batch jobs where no user
132	is present to supply the password.	151	is present to supply the password,
		152	and where it is desirable to detect a broken network swiftly.
133	The argument must be	153	The argument must be
134	.Dq yes	154	.Dq yes
135	or	155	or
@@ -448,7 +468,8 @@ token used for the session will be set to expire after 20 minutes.
448	Remote clients will be refused access after this time.	468	Remote clients will be refused access after this time.
449	.Pp	469	.Pp
450	The default is	470	The default is
451	.Dq no .	471	.Dq yes
		472	(Debian-specific).
452	.Pp	473	.Pp
453	See the X11 SECURITY extension specification for full details on	474	See the X11 SECURITY extension specification for full details on
454	the restrictions imposed on untrusted clients.	475	the restrictions imposed on untrusted clients.
@@ -527,6 +548,9 @@ Note that existing names and addresses in known hosts files
527	will not be converted automatically,	548	will not be converted automatically,
528	but may be manually hashed using	549	but may be manually hashed using
529	.Xr ssh-keygen 1 .	550	.Xr ssh-keygen 1 .
		551	Use of this option may break facilities such as tab-completion that rely
		552	on being able to read unhashed host names from
		553	.Pa ~/.ssh/known_hosts .
530	.It Cm HostbasedAuthentication	554	.It Cm HostbasedAuthentication
531	Specifies whether to try rhosts based authentication with public key	555	Specifies whether to try rhosts based authentication with public key
532	authentication.	556	authentication.
@@ -952,7 +976,10 @@ If, for example,
952	.Cm ServerAliveCountMax	976	.Cm ServerAliveCountMax
953	is left at the default, if the server becomes unresponsive,	977	is left at the default, if the server becomes unresponsive,
954	ssh will disconnect after approximately 45 seconds.	978	ssh will disconnect after approximately 45 seconds.
955	This option applies to protocol version 2 only.	979	This option applies to protocol version 2 only; in protocol version
		980	1 there is no mechanism to request a response from the server to the
		981	server alive messages, so disconnection is the responsibility of the TCP
		982	stack.
956	.It Cm ServerAliveInterval	983	.It Cm ServerAliveInterval
957	Sets a timeout interval in seconds after which if no data has been received	984	Sets a timeout interval in seconds after which if no data has been received
958	from the server,	985	from the server,
@@ -960,8 +987,15 @@ from the server,
960	will send a message through the encrypted	987	will send a message through the encrypted
961	channel to request a response from the server.	988	channel to request a response from the server.
962	The default	989	The default
963	is 0, indicating that these messages will not be sent to the server.	990	is 0, indicating that these messages will not be sent to the server,
		991	or 300 if the
		992	.Cm BatchMode
		993	option is set.
964	This option applies to protocol version 2 only.	994	This option applies to protocol version 2 only.
		995	.Cm ProtocolKeepAlives
		996	and
		997	.Cm SetupTimeOut
		998	are Debian-specific compatibility aliases for this option.
965	.It Cm StrictHostKeyChecking	999	.It Cm StrictHostKeyChecking
966	If this flag is set to	1000	If this flag is set to
967	.Dq yes ,	1001	.Dq yes ,
@@ -1000,6 +1034,12 @@ Specifies whether the system should send TCP keepalive messages to the
1000	other side.	1034	other side.
1001	If they are sent, death of the connection or crash of one	1035	If they are sent, death of the connection or crash of one
1002	of the machines will be properly noticed.	1036	of the machines will be properly noticed.
		1037	This option only uses TCP keepalives (as opposed to using ssh level
		1038	keepalives), so takes a long time to notice when the connection dies.
		1039	As such, you probably want
		1040	the
		1041	.Cm ServerAliveInterval
		1042	option as well.
1003	However, this means that	1043	However, this means that
1004	connections will die if the route is down temporarily, and some people	1044	connections will die if the route is down temporarily, and some people
1005	find it annoying.	1045	find it annoying.
@@ -1051,6 +1091,23 @@ is not specified, it defaults to
1051	.Dq any .	1091	.Dq any .
1052	The default is	1092	The default is
1053	.Dq any:any .	1093	.Dq any:any .
		1094	.It Cm UseBlacklistedKeys
		1095	Specifies whether
		1096	.Xr ssh 1
		1097	should use keys recorded in its blacklist of known-compromised keys (see
		1098	.Xr ssh-vulnkey 1 )
		1099	for authentication.
		1100	If
		1101	.Dq yes ,
		1102	then attempts to use compromised keys for authentication will be logged but
		1103	accepted.
		1104	It is strongly recommended that this be used only to install new authorized
		1105	keys on the remote system, and even then only with the utmost care.
		1106	If
		1107	.Dq no ,
		1108	then attempts to use compromised keys for authentication will be prevented.
		1109	The default is
		1110	.Dq no .
1054	.It Cm UsePrivilegedPort	1111	.It Cm UsePrivilegedPort
1055	Specifies whether to use a privileged port for outgoing connections.	1112	Specifies whether to use a privileged port for outgoing connections.
1056	The argument must be	1113	The argument must be
@@ -1167,6 +1224,8 @@ The format of this file is described above.
1167	This file is used by the SSH client.	1224	This file is used by the SSH client.
1168	Because of the potential for abuse, this file must have strict permissions:	1225	Because of the potential for abuse, this file must have strict permissions:
1169	read/write for the user, and not accessible by others.	1226	read/write for the user, and not accessible by others.
		1227	It may be group-writable provided that the group in question contains only
		1228	the user.
1170	.It Pa /etc/ssh/ssh_config	1229	.It Pa /etc/ssh/ssh_config
1171	Systemwide configuration file.	1230	Systemwide configuration file.
1172	This file provides defaults for those	1231	This file provides defaults for those