1 files changed, 63 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index e72919a89..127540a60 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
 host-specific declarations should be given near the beginning of the
 file, and general defaults at the end.
 .Pp
+Note that the Debian
+.Ic openssh-client
+package sets several options as standard in
+.Pa /etc/ssh/ssh_config
+which are not the default in
+.Xr ssh 1 :
+.Pp
+.Bl -bullet -offset indent -compact
+.It
+.Cm SendEnv No LANG LC_*
+.It
+.Cm HashKnownHosts No yes
+.It
+.Cm GSSAPIAuthentication No yes
+.El
+.Pp
 The configuration file has the following format:
 .Pp
 Empty lines and lines starting with
@@ -136,8 +152,12 @@ Valid arguments are
 If set to
 .Dq yes ,
 passphrase/password querying will be disabled.
+In addition, the
+.Cm ServerAliveInterval
+option will be set to 300 seconds by default.
 This option is useful in scripts and other batch jobs where no user
-is present to supply the password.
+is present to supply the password,
+and where it is desirable to detect a broken network swiftly.
 The argument must be
 .Dq yes
 or
@@ -497,7 +517,8 @@ token used for the session will be set to expire after 20 minutes.
 Remote clients will be refused access after this time.
 .Pp
 The default is
-.Dq no .
+.Dq yes
+(Debian-specific).
 .Pp
 See the X11 SECURITY extension specification for full details on
 the restrictions imposed on untrusted clients.
@@ -583,6 +604,9 @@ Note that existing names and addresses in known hosts files
 will not be converted automatically,
 but may be manually hashed using
 .Xr ssh-keygen 1 .
+Use of this option may break facilities such as tab-completion that rely
+on being able to read unhashed host names from
+.Pa ~/.ssh/known_hosts .
 .It Cm HostbasedAuthentication
 Specifies whether to try rhosts based authentication with public key
 authentication.
@@ -1130,7 +1154,10 @@ If, for example,
 .Cm ServerAliveCountMax
 is left at the default, if the server becomes unresponsive,
 ssh will disconnect after approximately 45 seconds.
-This option applies to protocol version 2 only.
+This option applies to protocol version 2 only; in protocol version
+1 there is no mechanism to request a response from the server to the
+server alive messages, so disconnection is the responsibility of the TCP
+stack.
 .It Cm ServerAliveInterval
 Sets a timeout interval in seconds after which if no data has been received
 from the server,
@@ -1138,8 +1165,15 @@ from the server,
 will send a message through the encrypted
 channel to request a response from the server.
 The default
-is 0, indicating that these messages will not be sent to the server.
+is 0, indicating that these messages will not be sent to the server,
+or 300 if the
+.Cm BatchMode
+option is set.
 This option applies to protocol version 2 only.
+.Cm ProtocolKeepAlives
+and
+.Cm SetupTimeOut
+are Debian-specific compatibility aliases for this option.
 .It Cm StrictHostKeyChecking
 If this flag is set to
 .Dq yes ,
@@ -1178,6 +1212,12 @@ Specifies whether the system should send TCP keepalive messages to the
 other side.
 If they are sent, death of the connection or crash of one
 of the machines will be properly noticed.
+This option only uses TCP keepalives (as opposed to using ssh level
+keepalives), so takes a long time to notice when the connection dies.
+As such, you probably want
+the
+.Cm ServerAliveInterval
+option as well.
 However, this means that
 connections will die if the route is down temporarily, and some people
 find it annoying.
@@ -1229,6 +1269,23 @@ is not specified, it defaults to
 .Dq any .
 The default is
 .Dq any:any .
+.It Cm UseBlacklistedKeys
+Specifies whether
+.Xr ssh 1
+should use keys recorded in its blacklist of known-compromised keys (see
+.Xr ssh-vulnkey 1 )
+for authentication.
+If
+.Dq yes ,
+then attempts to use compromised keys for authentication will be logged but
+accepted.
+It is strongly recommended that this be used only to install new authorized
+keys on the remote system, and even then only with the utmost care.
+If
+.Dq no ,
+then attempts to use compromised keys for authentication will be prevented.
+The default is
+.Dq no .
 .It Cm UsePrivilegedPort
 Specifies whether to use a privileged port for outgoing connections.
 The argument must be
@@ -1345,6 +1402,8 @@ The format of this file is described above.
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
+It may be group-writable provided that the group in question contains only
+the user.
 .It Pa /etc/ssh/ssh_config
 Systemwide configuration file.
 This file provides defaults for those

diff --git a/ssh_config.5 b/ssh_config.5 index e72919a89..127540a60 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
71	host-specific declarations should be given near the beginning of the	71	host-specific declarations should be given near the beginning of the
72	file, and general defaults at the end.	72	file, and general defaults at the end.
73	.Pp	73	.Pp
		74	Note that the Debian
		75	.Ic openssh-client
		76	package sets several options as standard in
		77	.Pa /etc/ssh/ssh_config
		78	which are not the default in
		79	.Xr ssh 1 :
		80	.Pp
		81	.Bl -bullet -offset indent -compact
		82	.It
		83	.Cm SendEnv No LANG LC_*
		84	.It
		85	.Cm HashKnownHosts No yes
		86	.It
		87	.Cm GSSAPIAuthentication No yes
		88	.El
		89	.Pp
74	The configuration file has the following format:	90	The configuration file has the following format:
75	.Pp	91	.Pp
76	Empty lines and lines starting with	92	Empty lines and lines starting with
@@ -136,8 +152,12 @@ Valid arguments are
136	If set to	152	If set to
137	.Dq yes ,	153	.Dq yes ,
138	passphrase/password querying will be disabled.	154	passphrase/password querying will be disabled.
		155	In addition, the
		156	.Cm ServerAliveInterval
		157	option will be set to 300 seconds by default.
139	This option is useful in scripts and other batch jobs where no user	158	This option is useful in scripts and other batch jobs where no user
140	is present to supply the password.	159	is present to supply the password,
		160	and where it is desirable to detect a broken network swiftly.
141	The argument must be	161	The argument must be
142	.Dq yes	162	.Dq yes
143	or	163	or
@@ -497,7 +517,8 @@ token used for the session will be set to expire after 20 minutes.
497	Remote clients will be refused access after this time.	517	Remote clients will be refused access after this time.
498	.Pp	518	.Pp
499	The default is	519	The default is
500	.Dq no .	520	.Dq yes
		521	(Debian-specific).
501	.Pp	522	.Pp
502	See the X11 SECURITY extension specification for full details on	523	See the X11 SECURITY extension specification for full details on
503	the restrictions imposed on untrusted clients.	524	the restrictions imposed on untrusted clients.
@@ -583,6 +604,9 @@ Note that existing names and addresses in known hosts files
583	will not be converted automatically,	604	will not be converted automatically,
584	but may be manually hashed using	605	but may be manually hashed using
585	.Xr ssh-keygen 1 .	606	.Xr ssh-keygen 1 .
		607	Use of this option may break facilities such as tab-completion that rely
		608	on being able to read unhashed host names from
		609	.Pa ~/.ssh/known_hosts .
586	.It Cm HostbasedAuthentication	610	.It Cm HostbasedAuthentication
587	Specifies whether to try rhosts based authentication with public key	611	Specifies whether to try rhosts based authentication with public key
588	authentication.	612	authentication.
@@ -1130,7 +1154,10 @@ If, for example,
1130	.Cm ServerAliveCountMax	1154	.Cm ServerAliveCountMax
1131	is left at the default, if the server becomes unresponsive,	1155	is left at the default, if the server becomes unresponsive,
1132	ssh will disconnect after approximately 45 seconds.	1156	ssh will disconnect after approximately 45 seconds.
1133	This option applies to protocol version 2 only.	1157	This option applies to protocol version 2 only; in protocol version
		1158	1 there is no mechanism to request a response from the server to the
		1159	server alive messages, so disconnection is the responsibility of the TCP
		1160	stack.
1134	.It Cm ServerAliveInterval	1161	.It Cm ServerAliveInterval
1135	Sets a timeout interval in seconds after which if no data has been received	1162	Sets a timeout interval in seconds after which if no data has been received
1136	from the server,	1163	from the server,
@@ -1138,8 +1165,15 @@ from the server,
1138	will send a message through the encrypted	1165	will send a message through the encrypted
1139	channel to request a response from the server.	1166	channel to request a response from the server.
1140	The default	1167	The default
1141	is 0, indicating that these messages will not be sent to the server.	1168	is 0, indicating that these messages will not be sent to the server,
		1169	or 300 if the
		1170	.Cm BatchMode
		1171	option is set.
1142	This option applies to protocol version 2 only.	1172	This option applies to protocol version 2 only.
		1173	.Cm ProtocolKeepAlives
		1174	and
		1175	.Cm SetupTimeOut
		1176	are Debian-specific compatibility aliases for this option.
1143	.It Cm StrictHostKeyChecking	1177	.It Cm StrictHostKeyChecking
1144	If this flag is set to	1178	If this flag is set to
1145	.Dq yes ,	1179	.Dq yes ,
@@ -1178,6 +1212,12 @@ Specifies whether the system should send TCP keepalive messages to the
1178	other side.	1212	other side.
1179	If they are sent, death of the connection or crash of one	1213	If they are sent, death of the connection or crash of one
1180	of the machines will be properly noticed.	1214	of the machines will be properly noticed.
		1215	This option only uses TCP keepalives (as opposed to using ssh level
		1216	keepalives), so takes a long time to notice when the connection dies.
		1217	As such, you probably want
		1218	the
		1219	.Cm ServerAliveInterval
		1220	option as well.
1181	However, this means that	1221	However, this means that
1182	connections will die if the route is down temporarily, and some people	1222	connections will die if the route is down temporarily, and some people
1183	find it annoying.	1223	find it annoying.
@@ -1229,6 +1269,23 @@ is not specified, it defaults to
1229	.Dq any .	1269	.Dq any .
1230	The default is	1270	The default is
1231	.Dq any:any .	1271	.Dq any:any .
		1272	.It Cm UseBlacklistedKeys
		1273	Specifies whether
		1274	.Xr ssh 1
		1275	should use keys recorded in its blacklist of known-compromised keys (see
		1276	.Xr ssh-vulnkey 1 )
		1277	for authentication.
		1278	If
		1279	.Dq yes ,
		1280	then attempts to use compromised keys for authentication will be logged but
		1281	accepted.
		1282	It is strongly recommended that this be used only to install new authorized
		1283	keys on the remote system, and even then only with the utmost care.
		1284	If
		1285	.Dq no ,
		1286	then attempts to use compromised keys for authentication will be prevented.
		1287	The default is
		1288	.Dq no .
1232	.It Cm UsePrivilegedPort	1289	.It Cm UsePrivilegedPort
1233	Specifies whether to use a privileged port for outgoing connections.	1290	Specifies whether to use a privileged port for outgoing connections.
1234	The argument must be	1291	The argument must be
@@ -1345,6 +1402,8 @@ The format of this file is described above.
1345	This file is used by the SSH client.	1402	This file is used by the SSH client.
1346	Because of the potential for abuse, this file must have strict permissions:	1403	Because of the potential for abuse, this file must have strict permissions:
1347	read/write for the user, and not accessible by others.	1404	read/write for the user, and not accessible by others.
		1405	It may be group-writable provided that the group in question contains only
		1406	the user.
1348	.It Pa /etc/ssh/ssh_config	1407	.It Pa /etc/ssh/ssh_config
1349	Systemwide configuration file.	1408	Systemwide configuration file.
1350	This file provides defaults for those	1409	This file provides defaults for those