1 files changed, 63 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index 269d3941b..fc994d482 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
 host-specific declarations should be given near the beginning of the
 file, and general defaults at the end.
 .Pp
+Note that the Debian
+.Ic openssh-client
+package sets several options as standard in
+.Pa /etc/ssh/ssh_config
+which are not the default in
+.Xr ssh 1 :
+.Pp
+.Bl -bullet -offset indent -compact
+.It
+.Cm SendEnv No LANG LC_*
+.It
+.Cm HashKnownHosts No yes
+.It
+.Cm GSSAPIAuthentication No yes
+.El
+.Pp
 The configuration file has the following format:
 .Pp
 Empty lines and lines starting with
@@ -127,8 +143,12 @@ Valid arguments are
 If set to
 .Dq yes ,
 passphrase/password querying will be disabled.
+In addition, the
+.Cm ServerAliveInterval
+option will be set to 300 seconds by default.
 This option is useful in scripts and other batch jobs where no user
-is present to supply the password.
+is present to supply the password,
+and where it is desirable to detect a broken network swiftly.
 The argument must be
 .Dq yes
 or
@@ -478,7 +498,8 @@ token used for the session will be set to expire after 20 minutes.
 Remote clients will be refused access after this time.
 .Pp
 The default is
-.Dq no .
+.Dq yes
+(Debian-specific).
 .Pp
 See the X11 SECURITY extension specification for full details on
 the restrictions imposed on untrusted clients.
@@ -562,6 +583,9 @@ Note that existing names and addresses in known hosts files
 will not be converted automatically,
 but may be manually hashed using
 .Xr ssh-keygen 1 .
+Use of this option may break facilities such as tab-completion that rely
+on being able to read unhashed host names from
+.Pa ~/.ssh/known_hosts .
 .It Cm HostbasedAuthentication
 Specifies whether to try rhosts based authentication with public key
 authentication.
@@ -1047,7 +1071,10 @@ If, for example,
 .Cm ServerAliveCountMax
 is left at the default, if the server becomes unresponsive,
 ssh will disconnect after approximately 45 seconds.
-This option applies to protocol version 2 only.
+This option applies to protocol version 2 only; in protocol version
+1 there is no mechanism to request a response from the server to the
+server alive messages, so disconnection is the responsibility of the TCP
+stack.
 .It Cm ServerAliveInterval
 Sets a timeout interval in seconds after which if no data has been received
 from the server,
@@ -1055,8 +1082,15 @@ from the server,
 will send a message through the encrypted
 channel to request a response from the server.
 The default
-is 0, indicating that these messages will not be sent to the server.
+is 0, indicating that these messages will not be sent to the server,
+or 300 if the
+.Cm BatchMode
+option is set.
 This option applies to protocol version 2 only.
+.Cm ProtocolKeepAlives
+and
+.Cm SetupTimeOut
+are Debian-specific compatibility aliases for this option.
 .It Cm StrictHostKeyChecking
 If this flag is set to
 .Dq yes ,
@@ -1095,6 +1129,12 @@ Specifies whether the system should send TCP keepalive messages to the
 other side.
 If they are sent, death of the connection or crash of one
 of the machines will be properly noticed.
+This option only uses TCP keepalives (as opposed to using ssh level
+keepalives), so takes a long time to notice when the connection dies.
+As such, you probably want
+the
+.Cm ServerAliveInterval
+option as well.
 However, this means that
 connections will die if the route is down temporarily, and some people
 find it annoying.
@@ -1146,6 +1186,23 @@ is not specified, it defaults to
 .Dq any .
 The default is
 .Dq any:any .
+.It Cm UseBlacklistedKeys
+Specifies whether
+.Xr ssh 1
+should use keys recorded in its blacklist of known-compromised keys (see
+.Xr ssh-vulnkey 1 )
+for authentication.
+If
+.Dq yes ,
+then attempts to use compromised keys for authentication will be logged but
+accepted.
+It is strongly recommended that this be used only to install new authorized
+keys on the remote system, and even then only with the utmost care.
+If
+.Dq no ,
+then attempts to use compromised keys for authentication will be prevented.
+The default is
+.Dq no .
 .It Cm UsePrivilegedPort
 Specifies whether to use a privileged port for outgoing connections.
 The argument must be
@@ -1262,6 +1319,8 @@ The format of this file is described above.
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
+It may be group-writable provided that the group in question contains only
+the user.
 .It Pa /etc/ssh/ssh_config
 Systemwide configuration file.
 This file provides defaults for those

diff --git a/ssh_config.5 b/ssh_config.5 index 269d3941b..fc994d482 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
71	host-specific declarations should be given near the beginning of the	71	host-specific declarations should be given near the beginning of the
72	file, and general defaults at the end.	72	file, and general defaults at the end.
73	.Pp	73	.Pp
		74	Note that the Debian
		75	.Ic openssh-client
		76	package sets several options as standard in
		77	.Pa /etc/ssh/ssh_config
		78	which are not the default in
		79	.Xr ssh 1 :
		80	.Pp
		81	.Bl -bullet -offset indent -compact
		82	.It
		83	.Cm SendEnv No LANG LC_*
		84	.It
		85	.Cm HashKnownHosts No yes
		86	.It
		87	.Cm GSSAPIAuthentication No yes
		88	.El
		89	.Pp
74	The configuration file has the following format:	90	The configuration file has the following format:
75	.Pp	91	.Pp
76	Empty lines and lines starting with	92	Empty lines and lines starting with
@@ -127,8 +143,12 @@ Valid arguments are
127	If set to	143	If set to
128	.Dq yes ,	144	.Dq yes ,
129	passphrase/password querying will be disabled.	145	passphrase/password querying will be disabled.
		146	In addition, the
		147	.Cm ServerAliveInterval
		148	option will be set to 300 seconds by default.
130	This option is useful in scripts and other batch jobs where no user	149	This option is useful in scripts and other batch jobs where no user
131	is present to supply the password.	150	is present to supply the password,
		151	and where it is desirable to detect a broken network swiftly.
132	The argument must be	152	The argument must be
133	.Dq yes	153	.Dq yes
134	or	154	or
@@ -478,7 +498,8 @@ token used for the session will be set to expire after 20 minutes.
478	Remote clients will be refused access after this time.	498	Remote clients will be refused access after this time.
479	.Pp	499	.Pp
480	The default is	500	The default is
481	.Dq no .	501	.Dq yes
		502	(Debian-specific).
482	.Pp	503	.Pp
483	See the X11 SECURITY extension specification for full details on	504	See the X11 SECURITY extension specification for full details on
484	the restrictions imposed on untrusted clients.	505	the restrictions imposed on untrusted clients.
@@ -562,6 +583,9 @@ Note that existing names and addresses in known hosts files
562	will not be converted automatically,	583	will not be converted automatically,
563	but may be manually hashed using	584	but may be manually hashed using
564	.Xr ssh-keygen 1 .	585	.Xr ssh-keygen 1 .
		586	Use of this option may break facilities such as tab-completion that rely
		587	on being able to read unhashed host names from
		588	.Pa ~/.ssh/known_hosts .
565	.It Cm HostbasedAuthentication	589	.It Cm HostbasedAuthentication
566	Specifies whether to try rhosts based authentication with public key	590	Specifies whether to try rhosts based authentication with public key
567	authentication.	591	authentication.
@@ -1047,7 +1071,10 @@ If, for example,
1047	.Cm ServerAliveCountMax	1071	.Cm ServerAliveCountMax
1048	is left at the default, if the server becomes unresponsive,	1072	is left at the default, if the server becomes unresponsive,
1049	ssh will disconnect after approximately 45 seconds.	1073	ssh will disconnect after approximately 45 seconds.
1050	This option applies to protocol version 2 only.	1074	This option applies to protocol version 2 only; in protocol version
		1075	1 there is no mechanism to request a response from the server to the
		1076	server alive messages, so disconnection is the responsibility of the TCP
		1077	stack.
1051	.It Cm ServerAliveInterval	1078	.It Cm ServerAliveInterval
1052	Sets a timeout interval in seconds after which if no data has been received	1079	Sets a timeout interval in seconds after which if no data has been received
1053	from the server,	1080	from the server,
@@ -1055,8 +1082,15 @@ from the server,
1055	will send a message through the encrypted	1082	will send a message through the encrypted
1056	channel to request a response from the server.	1083	channel to request a response from the server.
1057	The default	1084	The default
1058	is 0, indicating that these messages will not be sent to the server.	1085	is 0, indicating that these messages will not be sent to the server,
		1086	or 300 if the
		1087	.Cm BatchMode
		1088	option is set.
1059	This option applies to protocol version 2 only.	1089	This option applies to protocol version 2 only.
		1090	.Cm ProtocolKeepAlives
		1091	and
		1092	.Cm SetupTimeOut
		1093	are Debian-specific compatibility aliases for this option.
1060	.It Cm StrictHostKeyChecking	1094	.It Cm StrictHostKeyChecking
1061	If this flag is set to	1095	If this flag is set to
1062	.Dq yes ,	1096	.Dq yes ,
@@ -1095,6 +1129,12 @@ Specifies whether the system should send TCP keepalive messages to the
1095	other side.	1129	other side.
1096	If they are sent, death of the connection or crash of one	1130	If they are sent, death of the connection or crash of one
1097	of the machines will be properly noticed.	1131	of the machines will be properly noticed.
		1132	This option only uses TCP keepalives (as opposed to using ssh level
		1133	keepalives), so takes a long time to notice when the connection dies.
		1134	As such, you probably want
		1135	the
		1136	.Cm ServerAliveInterval
		1137	option as well.
1098	However, this means that	1138	However, this means that
1099	connections will die if the route is down temporarily, and some people	1139	connections will die if the route is down temporarily, and some people
1100	find it annoying.	1140	find it annoying.
@@ -1146,6 +1186,23 @@ is not specified, it defaults to
1146	.Dq any .	1186	.Dq any .
1147	The default is	1187	The default is
1148	.Dq any:any .	1188	.Dq any:any .
		1189	.It Cm UseBlacklistedKeys
		1190	Specifies whether
		1191	.Xr ssh 1
		1192	should use keys recorded in its blacklist of known-compromised keys (see
		1193	.Xr ssh-vulnkey 1 )
		1194	for authentication.
		1195	If
		1196	.Dq yes ,
		1197	then attempts to use compromised keys for authentication will be logged but
		1198	accepted.
		1199	It is strongly recommended that this be used only to install new authorized
		1200	keys on the remote system, and even then only with the utmost care.
		1201	If
		1202	.Dq no ,
		1203	then attempts to use compromised keys for authentication will be prevented.
		1204	The default is
		1205	.Dq no .
1149	.It Cm UsePrivilegedPort	1206	.It Cm UsePrivilegedPort
1150	Specifies whether to use a privileged port for outgoing connections.	1207	Specifies whether to use a privileged port for outgoing connections.
1151	The argument must be	1208	The argument must be
@@ -1262,6 +1319,8 @@ The format of this file is described above.
1262	This file is used by the SSH client.	1319	This file is used by the SSH client.
1263	Because of the potential for abuse, this file must have strict permissions:	1320	Because of the potential for abuse, this file must have strict permissions:
1264	read/write for the user, and not accessible by others.	1321	read/write for the user, and not accessible by others.
		1322	It may be group-writable provided that the group in question contains only
		1323	the user.
1265	.It Pa /etc/ssh/ssh_config	1324	.It Pa /etc/ssh/ssh_config
1266	Systemwide configuration file.	1325	Systemwide configuration file.
1267	This file provides defaults for those	1326	This file provides defaults for those