1 files changed, 10 insertions, 5 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index ce79fe03f..fa59c518e 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.203 2015/02/02 07:41:40 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.204 2015/02/16 22:13:32 djm Exp $
-.Dd $Mdocdate: February 2 2015 $
+.Dd $Mdocdate: February 16 2015 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -1510,15 +1510,20 @@ should accept notifications of additional hostkeys from the server sent
 after authentication has completed and add them to
 .Cm UserKnownHostsFile .
 The argument must be
-.Dq yes
+.Dq yes ,
-or
 .Dq no
-(the default).
+(the default) or
+.Dq ask .
 Enabling this option allows learning alternate hostkeys for a server
 and supports graceful key rotation by allowing a server to send replacement
 public keys before old ones are removed.
 Additional hostkeys are only accepted if the key used to authenticate the
 host was already trusted or explicity accepted by the user.
+If
+.Cm UpdateHostKeys
+is set to
+.Dq ask ,
+then the user is asked to confirm the modifications to the known_hosts file.
 .Pp
 Presently, only
 .Xr sshd 8

diff --git a/ssh_config.5 b/ssh_config.5 index ce79fe03f..fa59c518e 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: ssh_config.5,v 1.203 2015/02/02 07:41:40 djm Exp $	36	.\" $OpenBSD: ssh_config.5,v 1.204 2015/02/16 22:13:32 djm Exp $
37	.Dd $Mdocdate: February 2 2015 $	37	.Dd $Mdocdate: February 16 2015 $
38	.Dt SSH_CONFIG 5	38	.Dt SSH_CONFIG 5
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -1510,15 +1510,20 @@ should accept notifications of additional hostkeys from the server sent
1510	after authentication has completed and add them to	1510	after authentication has completed and add them to
1511	.Cm UserKnownHostsFile .	1511	.Cm UserKnownHostsFile .
1512	The argument must be	1512	The argument must be
1513	.Dq yes	1513	.Dq yes ,
1514	or
1515	.Dq no	1514	.Dq no
1516	(the default).	1515	(the default) or
		1516	.Dq ask .
1517	Enabling this option allows learning alternate hostkeys for a server	1517	Enabling this option allows learning alternate hostkeys for a server
1518	and supports graceful key rotation by allowing a server to send replacement	1518	and supports graceful key rotation by allowing a server to send replacement
1519	public keys before old ones are removed.	1519	public keys before old ones are removed.
1520	Additional hostkeys are only accepted if the key used to authenticate the	1520	Additional hostkeys are only accepted if the key used to authenticate the
1521	host was already trusted or explicity accepted by the user.	1521	host was already trusted or explicity accepted by the user.
		1522	If
		1523	.Cm UpdateHostKeys
		1524	is set to
		1525	.Dq ask ,
		1526	then the user is asked to confirm the modifications to the known_hosts file.
1522	.Pp	1527	.Pp
1523	Presently, only	1528	Presently, only
1524	.Xr sshd 8	1529	.Xr sshd 8