1 files changed, 28 insertions, 1 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index ddb806ec0..91c2cd2c6 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -509,11 +509,38 @@ Specifies whether user authentication based on GSSAPI is allowed.
 The default is
 .Dq no .
 Note that this option applies to protocol version 2 only.
+.It Cm GSSAPIKeyExchange
+Specifies whether key exchange based on GSSAPI may be used. When using
+GSSAPI key exchange the server need not have a host key.
+The default is
+.Dq no .
+Note that this option applies to protocol version 2 only.
+.It Cm GSSAPIClientIdentity
+If set, specifies the GSSAPI client identity that ssh should use when 
+connecting to the server. The default is unset, which means that the default 
+identity will be used.
 .It Cm GSSAPIDelegateCredentials
 Forward (delegate) credentials to the server.
 The default is
 .Dq no .
-Note that this option applies to protocol version 2 only.
+Note that this option applies to protocol version 2 connections using GSSAPI.
+.It Cm GSSAPIRenewalForcesRekey
+If set to 
+.Dq yes
+then renewal of the client's GSSAPI credentials will force the rekeying of the
+ssh connection. With a compatible server, this can delegate the renewed 
+credentials to a session on the server.
+The default is
+.Dq no .
+.It Cm GSSAPITrustDns
+Set to 
+.Dq yes to indicate that the DNS is trusted to securely canonicalize
+the name of the host being connected to. If 
+.Dq no, the hostname entered on the
+command line will be passed untouched to the GSSAPI library.
+The default is
+.Dq no .
+This option only applies to protocol version 2 connections using GSSAPI.
 .It Cm HashKnownHosts
 Indicates that
 .Xr ssh 1

diff --git a/ssh_config.5 b/ssh_config.5 index ddb806ec0..91c2cd2c6 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -509,11 +509,38 @@ Specifies whether user authentication based on GSSAPI is allowed.
509	The default is	509	The default is
510	.Dq no .	510	.Dq no .
511	Note that this option applies to protocol version 2 only.	511	Note that this option applies to protocol version 2 only.
		512	.It Cm GSSAPIKeyExchange
		513	Specifies whether key exchange based on GSSAPI may be used. When using
		514	GSSAPI key exchange the server need not have a host key.
		515	The default is
		516	.Dq no .
		517	Note that this option applies to protocol version 2 only.
		518	.It Cm GSSAPIClientIdentity
		519	If set, specifies the GSSAPI client identity that ssh should use when
		520	connecting to the server. The default is unset, which means that the default
		521	identity will be used.
512	.It Cm GSSAPIDelegateCredentials	522	.It Cm GSSAPIDelegateCredentials
513	Forward (delegate) credentials to the server.	523	Forward (delegate) credentials to the server.
514	The default is	524	The default is
515	.Dq no .	525	.Dq no .
516	Note that this option applies to protocol version 2 only.	526	Note that this option applies to protocol version 2 connections using GSSAPI.
		527	.It Cm GSSAPIRenewalForcesRekey
		528	If set to
		529	.Dq yes
		530	then renewal of the client's GSSAPI credentials will force the rekeying of the
		531	ssh connection. With a compatible server, this can delegate the renewed
		532	credentials to a session on the server.
		533	The default is
		534	.Dq no .
		535	.It Cm GSSAPITrustDns
		536	Set to
		537	.Dq yes to indicate that the DNS is trusted to securely canonicalize
		538	the name of the host being connected to. If
		539	.Dq no, the hostname entered on the
		540	command line will be passed untouched to the GSSAPI library.
		541	The default is
		542	.Dq no .
		543	This option only applies to protocol version 2 connections using GSSAPI.
517	.It Cm HashKnownHosts	544	.It Cm HashKnownHosts
518	Indicates that	545	Indicates that
519	.Xr ssh 1	546	.Xr ssh 1