diff options
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 42 |
1 files changed, 34 insertions, 8 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index d29963c15..e51439849 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: ssh_config.5,v 1.212 2015/07/03 03:47:00 djm Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.213 2015/07/10 06:21:53 markus Exp $ |
37 | .Dd $Mdocdate: July 3 2015 $ | 37 | .Dd $Mdocdate: July 10 2015 $ |
38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -781,9 +781,17 @@ is similar to | |||
781 | .It Cm HostbasedKeyTypes | 781 | .It Cm HostbasedKeyTypes |
782 | Specifies the key types that will be used for hostbased authentication | 782 | Specifies the key types that will be used for hostbased authentication |
783 | as a comma-separated pattern list. | 783 | as a comma-separated pattern list. |
784 | The default | 784 | The default for this option is: |
785 | .Dq * | 785 | .Bd -literal -offset 3n |
786 | will allow all key types. | 786 | ecdsa-sha2-nistp256-cert-v01@openssh.com, |
787 | ecdsa-sha2-nistp384-cert-v01@openssh.com, | ||
788 | ecdsa-sha2-nistp521-cert-v01@openssh.com, | ||
789 | ssh-ed25519-cert-v01@openssh.com, | ||
790 | ssh-rsa-cert-v01@openssh.com, | ||
791 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, | ||
792 | ssh-ed25519,ssh-rsa | ||
793 | .Ed | ||
794 | .Pp | ||
787 | The | 795 | The |
788 | .Fl Q | 796 | .Fl Q |
789 | option of | 797 | option of |
@@ -798,10 +806,9 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com, | |||
798 | ecdsa-sha2-nistp384-cert-v01@openssh.com, | 806 | ecdsa-sha2-nistp384-cert-v01@openssh.com, |
799 | ecdsa-sha2-nistp521-cert-v01@openssh.com, | 807 | ecdsa-sha2-nistp521-cert-v01@openssh.com, |
800 | ssh-ed25519-cert-v01@openssh.com, | 808 | ssh-ed25519-cert-v01@openssh.com, |
801 | ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com, | 809 | ssh-rsa-cert-v01@openssh.com, |
802 | ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com, | ||
803 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, | 810 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, |
804 | ssh-ed25519,ssh-rsa,ssh-dss | 811 | ssh-ed25519,ssh-rsa |
805 | .Ed | 812 | .Ed |
806 | .Pp | 813 | .Pp |
807 | If hostkeys are known for the destination host then this default is modified | 814 | If hostkeys are known for the destination host then this default is modified |
@@ -1206,6 +1213,25 @@ will pass a connected file descriptor back to | |||
1206 | instead of continuing to execute and pass data. | 1213 | instead of continuing to execute and pass data. |
1207 | The default is | 1214 | The default is |
1208 | .Dq no . | 1215 | .Dq no . |
1216 | .It Cm PubkeyAcceptedKeyTypes | ||
1217 | Specifies the key types that will be used for public key authentication | ||
1218 | as a comma-separated pattern list. | ||
1219 | The default for this option is: | ||
1220 | .Bd -literal -offset 3n | ||
1221 | ecdsa-sha2-nistp256-cert-v01@openssh.com, | ||
1222 | ecdsa-sha2-nistp384-cert-v01@openssh.com, | ||
1223 | ecdsa-sha2-nistp521-cert-v01@openssh.com, | ||
1224 | ssh-ed25519-cert-v01@openssh.com, | ||
1225 | ssh-rsa-cert-v01@openssh.com, | ||
1226 | ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, | ||
1227 | ssh-ed25519,ssh-rsa | ||
1228 | .Ed | ||
1229 | .Pp | ||
1230 | The | ||
1231 | .Fl Q | ||
1232 | option of | ||
1233 | .Xr ssh 1 | ||
1234 | may be used to list supported key types. | ||
1209 | .It Cm PubkeyAuthentication | 1235 | .It Cm PubkeyAuthentication |
1210 | Specifies whether to try public key authentication. | 1236 | Specifies whether to try public key authentication. |
1211 | The argument to this keyword must be | 1237 | The argument to this keyword must be |