1 files changed, 63 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index 91c2cd2c6..2f0cd8c83 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -72,6 +72,22 @@ Since the first obtained value for each parameter is used, more
 host-specific declarations should be given near the beginning of the
 file, and general defaults at the end.
 .Pp
+Note that the Debian
+.Ic openssh-client
+package sets several options as standard in
+.Pa /etc/ssh/ssh_config
+which are not the default in
+.Xr ssh 1 :
+.Pp
+.Bl -bullet -offset indent -compact
+.It
+.Cm SendEnv No LANG LC_*
+.It
+.Cm HashKnownHosts No yes
+.It
+.Cm GSSAPIAuthentication No yes
+.El
+.Pp
 The configuration file has the following format:
 .Pp
 Empty lines and lines starting with
@@ -128,8 +144,12 @@ Valid arguments are
 If set to
 .Dq yes ,
 passphrase/password querying will be disabled.
+In addition, the
+.Cm ServerAliveInterval
+option will be set to 300 seconds by default.
 This option is useful in scripts and other batch jobs where no user
-is present to supply the password.
+is present to supply the password,
+and where it is desirable to detect a broken network swiftly.
 The argument must be
 .Dq yes
 or
@@ -479,7 +499,8 @@ token used for the session will be set to expire after 20 minutes.
 Remote clients will be refused access after this time.
 .Pp
 The default is
-.Dq no .
+.Dq yes
+(Debian-specific).
 .Pp
 See the X11 SECURITY extension specification for full details on
 the restrictions imposed on untrusted clients.
@@ -558,6 +579,9 @@ Note that existing names and addresses in known hosts files
 will not be converted automatically,
 but may be manually hashed using
 .Xr ssh-keygen 1 .
+Use of this option may break facilities such as tab-completion that rely
+on being able to read unhashed host names from
+.Pa ~/.ssh/known_hosts .
 .It Cm HostbasedAuthentication
 Specifies whether to try rhosts based authentication with public key
 authentication.
@@ -983,7 +1007,10 @@ If, for example,
 .Cm ServerAliveCountMax
 is left at the default, if the server becomes unresponsive,
 ssh will disconnect after approximately 45 seconds.
-This option applies to protocol version 2 only.
+This option applies to protocol version 2 only; in protocol version
+1 there is no mechanism to request a response from the server to the
+server alive messages, so disconnection is the responsibility of the TCP
+stack.
 .It Cm ServerAliveInterval
 Sets a timeout interval in seconds after which if no data has been received
 from the server,
@@ -991,8 +1018,15 @@ from the server,
 will send a message through the encrypted
 channel to request a response from the server.
 The default
-is 0, indicating that these messages will not be sent to the server.
+is 0, indicating that these messages will not be sent to the server,
+or 300 if the
+.Cm BatchMode
+option is set.
 This option applies to protocol version 2 only.
+.Cm ProtocolKeepAlives
+and
+.Cm SetupTimeOut
+are Debian-specific compatibility aliases for this option.
 .It Cm StrictHostKeyChecking
 If this flag is set to
 .Dq yes ,
@@ -1031,6 +1065,12 @@ Specifies whether the system should send TCP keepalive messages to the
 other side.
 If they are sent, death of the connection or crash of one
 of the machines will be properly noticed.
+This option only uses TCP keepalives (as opposed to using ssh level
+keepalives), so takes a long time to notice when the connection dies.
+As such, you probably want
+the
+.Cm ServerAliveInterval
+option as well.
 However, this means that
 connections will die if the route is down temporarily, and some people
 find it annoying.
@@ -1082,6 +1122,23 @@ is not specified, it defaults to
 .Dq any .
 The default is
 .Dq any:any .
+.It Cm UseBlacklistedKeys
+Specifies whether
+.Xr ssh 1
+should use keys recorded in its blacklist of known-compromised keys (see
+.Xr ssh-vulnkey 1 )
+for authentication.
+If
+.Dq yes ,
+then attempts to use compromised keys for authentication will be logged but
+accepted.
+It is strongly recommended that this be used only to install new authorized
+keys on the remote system, and even then only with the utmost care.
+If
+.Dq no ,
+then attempts to use compromised keys for authentication will be prevented.
+The default is
+.Dq no .
 .It Cm UsePrivilegedPort
 Specifies whether to use a privileged port for outgoing connections.
 The argument must be
@@ -1198,6 +1255,8 @@ The format of this file is described above.
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
+It may be group-writable provided that the group in question contains only
+the user.
 .It Pa /etc/ssh/ssh_config
 Systemwide configuration file.
 This file provides defaults for those

diff --git a/ssh_config.5 b/ssh_config.5 index 91c2cd2c6..2f0cd8c83 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -72,6 +72,22 @@ Since the first obtained value for each parameter is used, more
72	host-specific declarations should be given near the beginning of the	72	host-specific declarations should be given near the beginning of the
73	file, and general defaults at the end.	73	file, and general defaults at the end.
74	.Pp	74	.Pp
		75	Note that the Debian
		76	.Ic openssh-client
		77	package sets several options as standard in
		78	.Pa /etc/ssh/ssh_config
		79	which are not the default in
		80	.Xr ssh 1 :
		81	.Pp
		82	.Bl -bullet -offset indent -compact
		83	.It
		84	.Cm SendEnv No LANG LC_*
		85	.It
		86	.Cm HashKnownHosts No yes
		87	.It
		88	.Cm GSSAPIAuthentication No yes
		89	.El
		90	.Pp
75	The configuration file has the following format:	91	The configuration file has the following format:
76	.Pp	92	.Pp
77	Empty lines and lines starting with	93	Empty lines and lines starting with
@@ -128,8 +144,12 @@ Valid arguments are
128	If set to	144	If set to
129	.Dq yes ,	145	.Dq yes ,
130	passphrase/password querying will be disabled.	146	passphrase/password querying will be disabled.
		147	In addition, the
		148	.Cm ServerAliveInterval
		149	option will be set to 300 seconds by default.
131	This option is useful in scripts and other batch jobs where no user	150	This option is useful in scripts and other batch jobs where no user
132	is present to supply the password.	151	is present to supply the password,
		152	and where it is desirable to detect a broken network swiftly.
133	The argument must be	153	The argument must be
134	.Dq yes	154	.Dq yes
135	or	155	or
@@ -479,7 +499,8 @@ token used for the session will be set to expire after 20 minutes.
479	Remote clients will be refused access after this time.	499	Remote clients will be refused access after this time.
480	.Pp	500	.Pp
481	The default is	501	The default is
482	.Dq no .	502	.Dq yes
		503	(Debian-specific).
483	.Pp	504	.Pp
484	See the X11 SECURITY extension specification for full details on	505	See the X11 SECURITY extension specification for full details on
485	the restrictions imposed on untrusted clients.	506	the restrictions imposed on untrusted clients.
@@ -558,6 +579,9 @@ Note that existing names and addresses in known hosts files
558	will not be converted automatically,	579	will not be converted automatically,
559	but may be manually hashed using	580	but may be manually hashed using
560	.Xr ssh-keygen 1 .	581	.Xr ssh-keygen 1 .
		582	Use of this option may break facilities such as tab-completion that rely
		583	on being able to read unhashed host names from
		584	.Pa ~/.ssh/known_hosts .
561	.It Cm HostbasedAuthentication	585	.It Cm HostbasedAuthentication
562	Specifies whether to try rhosts based authentication with public key	586	Specifies whether to try rhosts based authentication with public key
563	authentication.	587	authentication.
@@ -983,7 +1007,10 @@ If, for example,
983	.Cm ServerAliveCountMax	1007	.Cm ServerAliveCountMax
984	is left at the default, if the server becomes unresponsive,	1008	is left at the default, if the server becomes unresponsive,
985	ssh will disconnect after approximately 45 seconds.	1009	ssh will disconnect after approximately 45 seconds.
986	This option applies to protocol version 2 only.	1010	This option applies to protocol version 2 only; in protocol version
		1011	1 there is no mechanism to request a response from the server to the
		1012	server alive messages, so disconnection is the responsibility of the TCP
		1013	stack.
987	.It Cm ServerAliveInterval	1014	.It Cm ServerAliveInterval
988	Sets a timeout interval in seconds after which if no data has been received	1015	Sets a timeout interval in seconds after which if no data has been received
989	from the server,	1016	from the server,
@@ -991,8 +1018,15 @@ from the server,
991	will send a message through the encrypted	1018	will send a message through the encrypted
992	channel to request a response from the server.	1019	channel to request a response from the server.
993	The default	1020	The default
994	is 0, indicating that these messages will not be sent to the server.	1021	is 0, indicating that these messages will not be sent to the server,
		1022	or 300 if the
		1023	.Cm BatchMode
		1024	option is set.
995	This option applies to protocol version 2 only.	1025	This option applies to protocol version 2 only.
		1026	.Cm ProtocolKeepAlives
		1027	and
		1028	.Cm SetupTimeOut
		1029	are Debian-specific compatibility aliases for this option.
996	.It Cm StrictHostKeyChecking	1030	.It Cm StrictHostKeyChecking
997	If this flag is set to	1031	If this flag is set to
998	.Dq yes ,	1032	.Dq yes ,
@@ -1031,6 +1065,12 @@ Specifies whether the system should send TCP keepalive messages to the
1031	other side.	1065	other side.
1032	If they are sent, death of the connection or crash of one	1066	If they are sent, death of the connection or crash of one
1033	of the machines will be properly noticed.	1067	of the machines will be properly noticed.
		1068	This option only uses TCP keepalives (as opposed to using ssh level
		1069	keepalives), so takes a long time to notice when the connection dies.
		1070	As such, you probably want
		1071	the
		1072	.Cm ServerAliveInterval
		1073	option as well.
1034	However, this means that	1074	However, this means that
1035	connections will die if the route is down temporarily, and some people	1075	connections will die if the route is down temporarily, and some people
1036	find it annoying.	1076	find it annoying.
@@ -1082,6 +1122,23 @@ is not specified, it defaults to
1082	.Dq any .	1122	.Dq any .
1083	The default is	1123	The default is
1084	.Dq any:any .	1124	.Dq any:any .
		1125	.It Cm UseBlacklistedKeys
		1126	Specifies whether
		1127	.Xr ssh 1
		1128	should use keys recorded in its blacklist of known-compromised keys (see
		1129	.Xr ssh-vulnkey 1 )
		1130	for authentication.
		1131	If
		1132	.Dq yes ,
		1133	then attempts to use compromised keys for authentication will be logged but
		1134	accepted.
		1135	It is strongly recommended that this be used only to install new authorized
		1136	keys on the remote system, and even then only with the utmost care.
		1137	If
		1138	.Dq no ,
		1139	then attempts to use compromised keys for authentication will be prevented.
		1140	The default is
		1141	.Dq no .
1085	.It Cm UsePrivilegedPort	1142	.It Cm UsePrivilegedPort
1086	Specifies whether to use a privileged port for outgoing connections.	1143	Specifies whether to use a privileged port for outgoing connections.
1087	The argument must be	1144	The argument must be
@@ -1198,6 +1255,8 @@ The format of this file is described above.
1198	This file is used by the SSH client.	1255	This file is used by the SSH client.
1199	Because of the potential for abuse, this file must have strict permissions:	1256	Because of the potential for abuse, this file must have strict permissions:
1200	read/write for the user, and not accessible by others.	1257	read/write for the user, and not accessible by others.
		1258	It may be group-writable provided that the group in question contains only
		1259	the user.
1201	.It Pa /etc/ssh/ssh_config	1260	.It Pa /etc/ssh/ssh_config
1202	Systemwide configuration file.	1261	Systemwide configuration file.
1203	This file provides defaults for those	1262	This file provides defaults for those