1 files changed, 63 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index 1c118eefc..9d4b38aa8 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
 host-specific declarations should be given near the beginning of the
 file, and general defaults at the end.
 .Pp
+Note that the Debian
+.Ic openssh-client
+package sets several options as standard in
+.Pa /etc/ssh/ssh_config
+which are not the default in
+.Xr ssh 1 :
+.Pp
+.Bl -bullet -offset indent -compact
+.It
+.Cm SendEnv No LANG LC_*
+.It
+.Cm HashKnownHosts No yes
+.It
+.Cm GSSAPIAuthentication No yes
+.El
+.Pp
 The configuration file has the following format:
 .Pp
 Empty lines and lines starting with
@@ -136,8 +152,12 @@ Valid arguments are
 If set to
 .Dq yes ,
 passphrase/password querying will be disabled.
+In addition, the
+.Cm ServerAliveInterval
+option will be set to 300 seconds by default.
 This option is useful in scripts and other batch jobs where no user
-is present to supply the password.
+is present to supply the password,
+and where it is desirable to detect a broken network swiftly.
 The argument must be
 .Dq yes
 or
@@ -495,7 +515,8 @@ token used for the session will be set to expire after 20 minutes.
 Remote clients will be refused access after this time.
 .Pp
 The default is
-.Dq no .
+.Dq yes
+(Debian-specific).
 .Pp
 See the X11 SECURITY extension specification for full details on
 the restrictions imposed on untrusted clients.
@@ -581,6 +602,9 @@ Note that existing names and addresses in known hosts files
 will not be converted automatically,
 but may be manually hashed using
 .Xr ssh-keygen 1 .
+Use of this option may break facilities such as tab-completion that rely
+on being able to read unhashed host names from
+.Pa ~/.ssh/known_hosts .
 .It Cm HostbasedAuthentication
 Specifies whether to try rhosts based authentication with public key
 authentication.
@@ -1088,7 +1112,10 @@ If, for example,
 .Cm ServerAliveCountMax
 is left at the default, if the server becomes unresponsive,
 ssh will disconnect after approximately 45 seconds.
-This option applies to protocol version 2 only.
+This option applies to protocol version 2 only; in protocol version
+1 there is no mechanism to request a response from the server to the
+server alive messages, so disconnection is the responsibility of the TCP
+stack.
 .It Cm ServerAliveInterval
 Sets a timeout interval in seconds after which if no data has been received
 from the server,
@@ -1096,8 +1123,15 @@ from the server,
 will send a message through the encrypted
 channel to request a response from the server.
 The default
-is 0, indicating that these messages will not be sent to the server.
+is 0, indicating that these messages will not be sent to the server,
+or 300 if the
+.Cm BatchMode
+option is set.
 This option applies to protocol version 2 only.
+.Cm ProtocolKeepAlives
+and
+.Cm SetupTimeOut
+are Debian-specific compatibility aliases for this option.
 .It Cm StrictHostKeyChecking
 If this flag is set to
 .Dq yes ,
@@ -1136,6 +1170,12 @@ Specifies whether the system should send TCP keepalive messages to the
 other side.
 If they are sent, death of the connection or crash of one
 of the machines will be properly noticed.
+This option only uses TCP keepalives (as opposed to using ssh level
+keepalives), so takes a long time to notice when the connection dies.
+As such, you probably want
+the
+.Cm ServerAliveInterval
+option as well.
 However, this means that
 connections will die if the route is down temporarily, and some people
 find it annoying.
@@ -1187,6 +1227,23 @@ is not specified, it defaults to
 .Dq any .
 The default is
 .Dq any:any .
+.It Cm UseBlacklistedKeys
+Specifies whether
+.Xr ssh 1
+should use keys recorded in its blacklist of known-compromised keys (see
+.Xr ssh-vulnkey 1 )
+for authentication.
+If
+.Dq yes ,
+then attempts to use compromised keys for authentication will be logged but
+accepted.
+It is strongly recommended that this be used only to install new authorized
+keys on the remote system, and even then only with the utmost care.
+If
+.Dq no ,
+then attempts to use compromised keys for authentication will be prevented.
+The default is
+.Dq no .
 .It Cm UsePrivilegedPort
 Specifies whether to use a privileged port for outgoing connections.
 The argument must be
@@ -1305,6 +1362,8 @@ The format of this file is described above.
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
+It may be group-writable provided that the group in question contains only
+the user.
 .It Pa /etc/ssh/ssh_config
 Systemwide configuration file.
 This file provides defaults for those

diff --git a/ssh_config.5 b/ssh_config.5 index 1c118eefc..9d4b38aa8 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
71	host-specific declarations should be given near the beginning of the	71	host-specific declarations should be given near the beginning of the
72	file, and general defaults at the end.	72	file, and general defaults at the end.
73	.Pp	73	.Pp
		74	Note that the Debian
		75	.Ic openssh-client
		76	package sets several options as standard in
		77	.Pa /etc/ssh/ssh_config
		78	which are not the default in
		79	.Xr ssh 1 :
		80	.Pp
		81	.Bl -bullet -offset indent -compact
		82	.It
		83	.Cm SendEnv No LANG LC_*
		84	.It
		85	.Cm HashKnownHosts No yes
		86	.It
		87	.Cm GSSAPIAuthentication No yes
		88	.El
		89	.Pp
74	The configuration file has the following format:	90	The configuration file has the following format:
75	.Pp	91	.Pp
76	Empty lines and lines starting with	92	Empty lines and lines starting with
@@ -136,8 +152,12 @@ Valid arguments are
136	If set to	152	If set to
137	.Dq yes ,	153	.Dq yes ,
138	passphrase/password querying will be disabled.	154	passphrase/password querying will be disabled.
		155	In addition, the
		156	.Cm ServerAliveInterval
		157	option will be set to 300 seconds by default.
139	This option is useful in scripts and other batch jobs where no user	158	This option is useful in scripts and other batch jobs where no user
140	is present to supply the password.	159	is present to supply the password,
		160	and where it is desirable to detect a broken network swiftly.
141	The argument must be	161	The argument must be
142	.Dq yes	162	.Dq yes
143	or	163	or
@@ -495,7 +515,8 @@ token used for the session will be set to expire after 20 minutes.
495	Remote clients will be refused access after this time.	515	Remote clients will be refused access after this time.
496	.Pp	516	.Pp
497	The default is	517	The default is
498	.Dq no .	518	.Dq yes
		519	(Debian-specific).
499	.Pp	520	.Pp
500	See the X11 SECURITY extension specification for full details on	521	See the X11 SECURITY extension specification for full details on
501	the restrictions imposed on untrusted clients.	522	the restrictions imposed on untrusted clients.
@@ -581,6 +602,9 @@ Note that existing names and addresses in known hosts files
581	will not be converted automatically,	602	will not be converted automatically,
582	but may be manually hashed using	603	but may be manually hashed using
583	.Xr ssh-keygen 1 .	604	.Xr ssh-keygen 1 .
		605	Use of this option may break facilities such as tab-completion that rely
		606	on being able to read unhashed host names from
		607	.Pa ~/.ssh/known_hosts .
584	.It Cm HostbasedAuthentication	608	.It Cm HostbasedAuthentication
585	Specifies whether to try rhosts based authentication with public key	609	Specifies whether to try rhosts based authentication with public key
586	authentication.	610	authentication.
@@ -1088,7 +1112,10 @@ If, for example,
1088	.Cm ServerAliveCountMax	1112	.Cm ServerAliveCountMax
1089	is left at the default, if the server becomes unresponsive,	1113	is left at the default, if the server becomes unresponsive,
1090	ssh will disconnect after approximately 45 seconds.	1114	ssh will disconnect after approximately 45 seconds.
1091	This option applies to protocol version 2 only.	1115	This option applies to protocol version 2 only; in protocol version
		1116	1 there is no mechanism to request a response from the server to the
		1117	server alive messages, so disconnection is the responsibility of the TCP
		1118	stack.
1092	.It Cm ServerAliveInterval	1119	.It Cm ServerAliveInterval
1093	Sets a timeout interval in seconds after which if no data has been received	1120	Sets a timeout interval in seconds after which if no data has been received
1094	from the server,	1121	from the server,
@@ -1096,8 +1123,15 @@ from the server,
1096	will send a message through the encrypted	1123	will send a message through the encrypted
1097	channel to request a response from the server.	1124	channel to request a response from the server.
1098	The default	1125	The default
1099	is 0, indicating that these messages will not be sent to the server.	1126	is 0, indicating that these messages will not be sent to the server,
		1127	or 300 if the
		1128	.Cm BatchMode
		1129	option is set.
1100	This option applies to protocol version 2 only.	1130	This option applies to protocol version 2 only.
		1131	.Cm ProtocolKeepAlives
		1132	and
		1133	.Cm SetupTimeOut
		1134	are Debian-specific compatibility aliases for this option.
1101	.It Cm StrictHostKeyChecking	1135	.It Cm StrictHostKeyChecking
1102	If this flag is set to	1136	If this flag is set to
1103	.Dq yes ,	1137	.Dq yes ,
@@ -1136,6 +1170,12 @@ Specifies whether the system should send TCP keepalive messages to the
1136	other side.	1170	other side.
1137	If they are sent, death of the connection or crash of one	1171	If they are sent, death of the connection or crash of one
1138	of the machines will be properly noticed.	1172	of the machines will be properly noticed.
		1173	This option only uses TCP keepalives (as opposed to using ssh level
		1174	keepalives), so takes a long time to notice when the connection dies.
		1175	As such, you probably want
		1176	the
		1177	.Cm ServerAliveInterval
		1178	option as well.
1139	However, this means that	1179	However, this means that
1140	connections will die if the route is down temporarily, and some people	1180	connections will die if the route is down temporarily, and some people
1141	find it annoying.	1181	find it annoying.
@@ -1187,6 +1227,23 @@ is not specified, it defaults to
1187	.Dq any .	1227	.Dq any .
1188	The default is	1228	The default is
1189	.Dq any:any .	1229	.Dq any:any .
		1230	.It Cm UseBlacklistedKeys
		1231	Specifies whether
		1232	.Xr ssh 1
		1233	should use keys recorded in its blacklist of known-compromised keys (see
		1234	.Xr ssh-vulnkey 1 )
		1235	for authentication.
		1236	If
		1237	.Dq yes ,
		1238	then attempts to use compromised keys for authentication will be logged but
		1239	accepted.
		1240	It is strongly recommended that this be used only to install new authorized
		1241	keys on the remote system, and even then only with the utmost care.
		1242	If
		1243	.Dq no ,
		1244	then attempts to use compromised keys for authentication will be prevented.
		1245	The default is
		1246	.Dq no .
1190	.It Cm UsePrivilegedPort	1247	.It Cm UsePrivilegedPort
1191	Specifies whether to use a privileged port for outgoing connections.	1248	Specifies whether to use a privileged port for outgoing connections.
1192	The argument must be	1249	The argument must be
@@ -1305,6 +1362,8 @@ The format of this file is described above.
1305	This file is used by the SSH client.	1362	This file is used by the SSH client.
1306	Because of the potential for abuse, this file must have strict permissions:	1363	Because of the potential for abuse, this file must have strict permissions:
1307	read/write for the user, and not accessible by others.	1364	read/write for the user, and not accessible by others.
		1365	It may be group-writable provided that the group in question contains only
		1366	the user.
1308	.It Pa /etc/ssh/ssh_config	1367	.It Pa /etc/ssh/ssh_config
1309	Systemwide configuration file.	1368	Systemwide configuration file.
1310	This file provides defaults for those	1369	This file provides defaults for those