1 files changed, 28 insertions, 1 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index ea9a20b23..024491b90 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -478,11 +478,38 @@ Specifies whether user authentication based on GSSAPI is allowed.
 The default is
 .Dq no .
 Note that this option applies to protocol version 2 only.
+.It Cm GSSAPIKeyExchange
+Specifies whether key exchange based on GSSAPI may be used. When using
+GSSAPI key exchange the server need not have a host key.
+The default is
+.Dq no .
+Note that this option applies to protocol version 2 only.
+.It Cm GSSAPIClientIdentity
+If set, specifies the GSSAPI client identity that ssh should use when 
+connecting to the server. The default is unset, which means that the default 
+identity will be used.
 .It Cm GSSAPIDelegateCredentials
 Forward (delegate) credentials to the server.
 The default is
 .Dq no .
-Note that this option applies to protocol version 2 only.
+Note that this option applies to protocol version 2 connections using GSSAPI.
+.It Cm GSSAPIRenewalForcesRekey
+If set to 
+.Dq yes
+then renewal of the client's GSSAPI credentials will force the rekeying of the
+ssh connection. With a compatible server, this can delegate the renewed 
+credentials to a session on the server.
+The default is
+.Dq no .
+.It Cm GSSAPITrustDns
+Set to 
+.Dq yes to indicate that the DNS is trusted to securely canonicalize
+the name of the host being connected to. If 
+.Dq no, the hostname entered on the
+command line will be passed untouched to the GSSAPI library.
+The default is
+.Dq no .
+This option only applies to protocol version 2 connections using GSSAPI.
 .It Cm HashKnownHosts
 Indicates that
 .Xr ssh 1

diff --git a/ssh_config.5 b/ssh_config.5 index ea9a20b23..024491b90 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -478,11 +478,38 @@ Specifies whether user authentication based on GSSAPI is allowed.
478	The default is	478	The default is
479	.Dq no .	479	.Dq no .
480	Note that this option applies to protocol version 2 only.	480	Note that this option applies to protocol version 2 only.
		481	.It Cm GSSAPIKeyExchange
		482	Specifies whether key exchange based on GSSAPI may be used. When using
		483	GSSAPI key exchange the server need not have a host key.
		484	The default is
		485	.Dq no .
		486	Note that this option applies to protocol version 2 only.
		487	.It Cm GSSAPIClientIdentity
		488	If set, specifies the GSSAPI client identity that ssh should use when
		489	connecting to the server. The default is unset, which means that the default
		490	identity will be used.
481	.It Cm GSSAPIDelegateCredentials	491	.It Cm GSSAPIDelegateCredentials
482	Forward (delegate) credentials to the server.	492	Forward (delegate) credentials to the server.
483	The default is	493	The default is
484	.Dq no .	494	.Dq no .
485	Note that this option applies to protocol version 2 only.	495	Note that this option applies to protocol version 2 connections using GSSAPI.
		496	.It Cm GSSAPIRenewalForcesRekey
		497	If set to
		498	.Dq yes
		499	then renewal of the client's GSSAPI credentials will force the rekeying of the
		500	ssh connection. With a compatible server, this can delegate the renewed
		501	credentials to a session on the server.
		502	The default is
		503	.Dq no .
		504	.It Cm GSSAPITrustDns
		505	Set to
		506	.Dq yes to indicate that the DNS is trusted to securely canonicalize
		507	the name of the host being connected to. If
		508	.Dq no, the hostname entered on the
		509	command line will be passed untouched to the GSSAPI library.
		510	The default is
		511	.Dq no .
		512	This option only applies to protocol version 2 connections using GSSAPI.
486	.It Cm HashKnownHosts	513	.It Cm HashKnownHosts
487	Indicates that	514	Indicates that
488	.Xr ssh 1	515	.Xr ssh 1