1 files changed, 42 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index 05581ece4..0fd3ea5f8 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -127,8 +127,15 @@ Valid arguments are
 If set to
 .Dq yes ,
 passphrase/password querying will be disabled.
+In addition, the 
+.Cm ServerAliveInterval 
+and
+.Cm SetupTimeOut
+options will both be set to 300 seconds by default.
 This option is useful in scripts and other batch jobs where no user
-is present to supply the password.
+is present to supply the password,
+and where it is desirable to detect a
+broken network swiftly.
 The argument must be
 .Dq yes
 or
@@ -323,7 +330,8 @@ from stealing or tampering with data belonging to trusted X11
 clients.
 .Pp
 The default is
-.Dq no .
+.Dq yes
+(Debian-specific).
 .Pp
 See the X11 SECURITY extension specification for full details on
 the restrictions imposed on untrusted clients.
@@ -577,8 +585,12 @@ from the server,
 will send a message through the encrypted
 channel to request a response from the server.
 The default
-is 0, indicating that these messages will not be sent to the server.
+is 0, indicating that these messages will not be sent to the server,
-This option applies to protocol version 2 only.
+or 300 if the
+.Cm BatchMode
+option is set.
+.Cm ProtocolKeepAlives
+is a Debian-specific compatibility alias for this option.
 .It Cm ServerAliveCountMax
 Sets the number of server alive messages (see above) which may be
 sent without
@@ -606,6 +618,26 @@ If, for example,
 .Cm ServerAliveCountMax
 is left at the default, if the server becomes unresponsive ssh
 will disconnect after approximately 45 seconds.
+This option works when using protocol version 2 only; in protocol version
+1 there is no mechanism to request a response from the server to the
+server alive messages, so disconnection is the responsibility of the TCP
+stack.
+.It Cm SetupTimeOut
+Normally,
+.Nm ssh
+blocks indefinitely whilst waiting to receive the ssh banner and other
+setup protocol from the server, during the session setup.
+This can cause
+.Nm ssh
+to hang under certain circumstances.
+If this option is set,
+.Nm ssh
+will give up if no data from the server is received for the specified
+number of seconds.
+The argument must be an integer.
+The default is 0 (disabled), or 300 if
+.Cm BatchMode
+is set.
 .It Cm SmartcardDevice
 Specifies which smartcard device to use.
 The argument to this keyword is the device
@@ -653,6 +685,12 @@ Specifies whether the system should send TCP keepalive messages to the
 other side.
 If they are sent, death of the connection or crash of one
 of the machines will be properly noticed.
+This option only uses TCP keepalives (as opposed to using ssh level
+keepalives), so takes a long time to notice when the connection dies.
+As such, you probably want
+the
+.Cm ServerAliveInterval
+option as well.
 However, this means that
 connections will die if the route is down temporarily, and some people
 find it annoying.

diff --git a/ssh_config.5 b/ssh_config.5 index 05581ece4..0fd3ea5f8 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -127,8 +127,15 @@ Valid arguments are
127	If set to	127	If set to
128	.Dq yes ,	128	.Dq yes ,
129	passphrase/password querying will be disabled.	129	passphrase/password querying will be disabled.
		130	In addition, the
		131	.Cm ServerAliveInterval
		132	and
		133	.Cm SetupTimeOut
		134	options will both be set to 300 seconds by default.
130	This option is useful in scripts and other batch jobs where no user	135	This option is useful in scripts and other batch jobs where no user
131	is present to supply the password.	136	is present to supply the password,
		137	and where it is desirable to detect a
		138	broken network swiftly.
132	The argument must be	139	The argument must be
133	.Dq yes	140	.Dq yes
134	or	141	or
@@ -323,7 +330,8 @@ from stealing or tampering with data belonging to trusted X11
323	clients.	330	clients.
324	.Pp	331	.Pp
325	The default is	332	The default is
326	.Dq no .	333	.Dq yes
		334	(Debian-specific).
327	.Pp	335	.Pp
328	See the X11 SECURITY extension specification for full details on	336	See the X11 SECURITY extension specification for full details on
329	the restrictions imposed on untrusted clients.	337	the restrictions imposed on untrusted clients.
@@ -577,8 +585,12 @@ from the server,
577	will send a message through the encrypted	585	will send a message through the encrypted
578	channel to request a response from the server.	586	channel to request a response from the server.
579	The default	587	The default
580	is 0, indicating that these messages will not be sent to the server.	588	is 0, indicating that these messages will not be sent to the server,
581	This option applies to protocol version 2 only.	589	or 300 if the
		590	.Cm BatchMode
		591	option is set.
		592	.Cm ProtocolKeepAlives
		593	is a Debian-specific compatibility alias for this option.
582	.It Cm ServerAliveCountMax	594	.It Cm ServerAliveCountMax
583	Sets the number of server alive messages (see above) which may be	595	Sets the number of server alive messages (see above) which may be
584	sent without	596	sent without
@@ -606,6 +618,26 @@ If, for example,
606	.Cm ServerAliveCountMax	618	.Cm ServerAliveCountMax
607	is left at the default, if the server becomes unresponsive ssh	619	is left at the default, if the server becomes unresponsive ssh
608	will disconnect after approximately 45 seconds.	620	will disconnect after approximately 45 seconds.
		621	This option works when using protocol version 2 only; in protocol version
		622	1 there is no mechanism to request a response from the server to the
		623	server alive messages, so disconnection is the responsibility of the TCP
		624	stack.
		625	.It Cm SetupTimeOut
		626	Normally,
		627	.Nm ssh
		628	blocks indefinitely whilst waiting to receive the ssh banner and other
		629	setup protocol from the server, during the session setup.
		630	This can cause
		631	.Nm ssh
		632	to hang under certain circumstances.
		633	If this option is set,
		634	.Nm ssh
		635	will give up if no data from the server is received for the specified
		636	number of seconds.
		637	The argument must be an integer.
		638	The default is 0 (disabled), or 300 if
		639	.Cm BatchMode
		640	is set.
609	.It Cm SmartcardDevice	641	.It Cm SmartcardDevice
610	Specifies which smartcard device to use.	642	Specifies which smartcard device to use.
611	The argument to this keyword is the device	643	The argument to this keyword is the device
@@ -653,6 +685,12 @@ Specifies whether the system should send TCP keepalive messages to the
653	other side.	685	other side.
654	If they are sent, death of the connection or crash of one	686	If they are sent, death of the connection or crash of one
655	of the machines will be properly noticed.	687	of the machines will be properly noticed.
		688	This option only uses TCP keepalives (as opposed to using ssh level
		689	keepalives), so takes a long time to notice when the connection dies.
		690	As such, you probably want
		691	the
		692	.Cm ServerAliveInterval
		693	option as well.
656	However, this means that	694	However, this means that
657	connections will die if the route is down temporarily, and some people	695	connections will die if the route is down temporarily, and some people
658	find it annoying.	696	find it annoying.