1 files changed, 63 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index e145cc8a5..cfb11d64a 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
 host-specific declarations should be given near the beginning of the
 file, and general defaults at the end.
 .Pp
+Note that the Debian
+.Ic openssh-client
+package sets several options as standard in
+.Pa /etc/ssh/ssh_config
+which are not the default in
+.Xr ssh 1 :
+.Pp
+.Bl -bullet -offset indent -compact
+.It
+.Cm SendEnv No LANG LC_*
+.It
+.Cm HashKnownHosts No yes
+.It
+.Cm GSSAPIAuthentication No yes
+.El
+.Pp
 The configuration file has the following format:
 .Pp
 Empty lines and lines starting with
@@ -136,8 +152,12 @@ Valid arguments are
 If set to
 .Dq yes ,
 passphrase/password querying will be disabled.
+In addition, the
+.Cm ServerAliveInterval
+option will be set to 300 seconds by default.
 This option is useful in scripts and other batch jobs where no user
-is present to supply the password.
+is present to supply the password,
+and where it is desirable to detect a broken network swiftly.
 The argument must be
 .Dq yes
 or
@@ -495,7 +515,8 @@ token used for the session will be set to expire after 20 minutes.
 Remote clients will be refused access after this time.
 .Pp
 The default is
-.Dq no .
+.Dq yes
+(Debian-specific).
 .Pp
 See the X11 SECURITY extension specification for full details on
 the restrictions imposed on untrusted clients.
@@ -581,6 +602,9 @@ Note that existing names and addresses in known hosts files
 will not be converted automatically,
 but may be manually hashed using
 .Xr ssh-keygen 1 .
+Use of this option may break facilities such as tab-completion that rely
+on being able to read unhashed host names from
+.Pa ~/.ssh/known_hosts .
 .It Cm HostbasedAuthentication
 Specifies whether to try rhosts based authentication with public key
 authentication.
@@ -1089,7 +1113,10 @@ If, for example,
 .Cm ServerAliveCountMax
 is left at the default, if the server becomes unresponsive,
 ssh will disconnect after approximately 45 seconds.
-This option applies to protocol version 2 only.
+This option applies to protocol version 2 only; in protocol version
+1 there is no mechanism to request a response from the server to the
+server alive messages, so disconnection is the responsibility of the TCP
+stack.
 .It Cm ServerAliveInterval
 Sets a timeout interval in seconds after which if no data has been received
 from the server,
@@ -1097,8 +1124,15 @@ from the server,
 will send a message through the encrypted
 channel to request a response from the server.
 The default
-is 0, indicating that these messages will not be sent to the server.
+is 0, indicating that these messages will not be sent to the server,
+or 300 if the
+.Cm BatchMode
+option is set.
 This option applies to protocol version 2 only.
+.Cm ProtocolKeepAlives
+and
+.Cm SetupTimeOut
+are Debian-specific compatibility aliases for this option.
 .It Cm StrictHostKeyChecking
 If this flag is set to
 .Dq yes ,
@@ -1137,6 +1171,12 @@ Specifies whether the system should send TCP keepalive messages to the
 other side.
 If they are sent, death of the connection or crash of one
 of the machines will be properly noticed.
+This option only uses TCP keepalives (as opposed to using ssh level
+keepalives), so takes a long time to notice when the connection dies.
+As such, you probably want
+the
+.Cm ServerAliveInterval
+option as well.
 However, this means that
 connections will die if the route is down temporarily, and some people
 find it annoying.
@@ -1188,6 +1228,23 @@ is not specified, it defaults to
 .Dq any .
 The default is
 .Dq any:any .
+.It Cm UseBlacklistedKeys
+Specifies whether
+.Xr ssh 1
+should use keys recorded in its blacklist of known-compromised keys (see
+.Xr ssh-vulnkey 1 )
+for authentication.
+If
+.Dq yes ,
+then attempts to use compromised keys for authentication will be logged but
+accepted.
+It is strongly recommended that this be used only to install new authorized
+keys on the remote system, and even then only with the utmost care.
+If
+.Dq no ,
+then attempts to use compromised keys for authentication will be prevented.
+The default is
+.Dq no .
 .It Cm UsePrivilegedPort
 Specifies whether to use a privileged port for outgoing connections.
 The argument must be
@@ -1306,6 +1363,8 @@ The format of this file is described above.
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
+It may be group-writable provided that the group in question contains only
+the user.
 .It Pa /etc/ssh/ssh_config
 Systemwide configuration file.
 This file provides defaults for those

diff --git a/ssh_config.5 b/ssh_config.5 index e145cc8a5..cfb11d64a 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more
71	host-specific declarations should be given near the beginning of the	71	host-specific declarations should be given near the beginning of the
72	file, and general defaults at the end.	72	file, and general defaults at the end.
73	.Pp	73	.Pp
		74	Note that the Debian
		75	.Ic openssh-client
		76	package sets several options as standard in
		77	.Pa /etc/ssh/ssh_config
		78	which are not the default in
		79	.Xr ssh 1 :
		80	.Pp
		81	.Bl -bullet -offset indent -compact
		82	.It
		83	.Cm SendEnv No LANG LC_*
		84	.It
		85	.Cm HashKnownHosts No yes
		86	.It
		87	.Cm GSSAPIAuthentication No yes
		88	.El
		89	.Pp
74	The configuration file has the following format:	90	The configuration file has the following format:
75	.Pp	91	.Pp
76	Empty lines and lines starting with	92	Empty lines and lines starting with
@@ -136,8 +152,12 @@ Valid arguments are
136	If set to	152	If set to
137	.Dq yes ,	153	.Dq yes ,
138	passphrase/password querying will be disabled.	154	passphrase/password querying will be disabled.
		155	In addition, the
		156	.Cm ServerAliveInterval
		157	option will be set to 300 seconds by default.
139	This option is useful in scripts and other batch jobs where no user	158	This option is useful in scripts and other batch jobs where no user
140	is present to supply the password.	159	is present to supply the password,
		160	and where it is desirable to detect a broken network swiftly.
141	The argument must be	161	The argument must be
142	.Dq yes	162	.Dq yes
143	or	163	or
@@ -495,7 +515,8 @@ token used for the session will be set to expire after 20 minutes.
495	Remote clients will be refused access after this time.	515	Remote clients will be refused access after this time.
496	.Pp	516	.Pp
497	The default is	517	The default is
498	.Dq no .	518	.Dq yes
		519	(Debian-specific).
499	.Pp	520	.Pp
500	See the X11 SECURITY extension specification for full details on	521	See the X11 SECURITY extension specification for full details on
501	the restrictions imposed on untrusted clients.	522	the restrictions imposed on untrusted clients.
@@ -581,6 +602,9 @@ Note that existing names and addresses in known hosts files
581	will not be converted automatically,	602	will not be converted automatically,
582	but may be manually hashed using	603	but may be manually hashed using
583	.Xr ssh-keygen 1 .	604	.Xr ssh-keygen 1 .
		605	Use of this option may break facilities such as tab-completion that rely
		606	on being able to read unhashed host names from
		607	.Pa ~/.ssh/known_hosts .
584	.It Cm HostbasedAuthentication	608	.It Cm HostbasedAuthentication
585	Specifies whether to try rhosts based authentication with public key	609	Specifies whether to try rhosts based authentication with public key
586	authentication.	610	authentication.
@@ -1089,7 +1113,10 @@ If, for example,
1089	.Cm ServerAliveCountMax	1113	.Cm ServerAliveCountMax
1090	is left at the default, if the server becomes unresponsive,	1114	is left at the default, if the server becomes unresponsive,
1091	ssh will disconnect after approximately 45 seconds.	1115	ssh will disconnect after approximately 45 seconds.
1092	This option applies to protocol version 2 only.	1116	This option applies to protocol version 2 only; in protocol version
		1117	1 there is no mechanism to request a response from the server to the
		1118	server alive messages, so disconnection is the responsibility of the TCP
		1119	stack.
1093	.It Cm ServerAliveInterval	1120	.It Cm ServerAliveInterval
1094	Sets a timeout interval in seconds after which if no data has been received	1121	Sets a timeout interval in seconds after which if no data has been received
1095	from the server,	1122	from the server,
@@ -1097,8 +1124,15 @@ from the server,
1097	will send a message through the encrypted	1124	will send a message through the encrypted
1098	channel to request a response from the server.	1125	channel to request a response from the server.
1099	The default	1126	The default
1100	is 0, indicating that these messages will not be sent to the server.	1127	is 0, indicating that these messages will not be sent to the server,
		1128	or 300 if the
		1129	.Cm BatchMode
		1130	option is set.
1101	This option applies to protocol version 2 only.	1131	This option applies to protocol version 2 only.
		1132	.Cm ProtocolKeepAlives
		1133	and
		1134	.Cm SetupTimeOut
		1135	are Debian-specific compatibility aliases for this option.
1102	.It Cm StrictHostKeyChecking	1136	.It Cm StrictHostKeyChecking
1103	If this flag is set to	1137	If this flag is set to
1104	.Dq yes ,	1138	.Dq yes ,
@@ -1137,6 +1171,12 @@ Specifies whether the system should send TCP keepalive messages to the
1137	other side.	1171	other side.
1138	If they are sent, death of the connection or crash of one	1172	If they are sent, death of the connection or crash of one
1139	of the machines will be properly noticed.	1173	of the machines will be properly noticed.
		1174	This option only uses TCP keepalives (as opposed to using ssh level
		1175	keepalives), so takes a long time to notice when the connection dies.
		1176	As such, you probably want
		1177	the
		1178	.Cm ServerAliveInterval
		1179	option as well.
1140	However, this means that	1180	However, this means that
1141	connections will die if the route is down temporarily, and some people	1181	connections will die if the route is down temporarily, and some people
1142	find it annoying.	1182	find it annoying.
@@ -1188,6 +1228,23 @@ is not specified, it defaults to
1188	.Dq any .	1228	.Dq any .
1189	The default is	1229	The default is
1190	.Dq any:any .	1230	.Dq any:any .
		1231	.It Cm UseBlacklistedKeys
		1232	Specifies whether
		1233	.Xr ssh 1
		1234	should use keys recorded in its blacklist of known-compromised keys (see
		1235	.Xr ssh-vulnkey 1 )
		1236	for authentication.
		1237	If
		1238	.Dq yes ,
		1239	then attempts to use compromised keys for authentication will be logged but
		1240	accepted.
		1241	It is strongly recommended that this be used only to install new authorized
		1242	keys on the remote system, and even then only with the utmost care.
		1243	If
		1244	.Dq no ,
		1245	then attempts to use compromised keys for authentication will be prevented.
		1246	The default is
		1247	.Dq no .
1191	.It Cm UsePrivilegedPort	1248	.It Cm UsePrivilegedPort
1192	Specifies whether to use a privileged port for outgoing connections.	1249	Specifies whether to use a privileged port for outgoing connections.
1193	The argument must be	1250	The argument must be
@@ -1306,6 +1363,8 @@ The format of this file is described above.
1306	This file is used by the SSH client.	1363	This file is used by the SSH client.
1307	Because of the potential for abuse, this file must have strict permissions:	1364	Because of the potential for abuse, this file must have strict permissions:
1308	read/write for the user, and not accessible by others.	1365	read/write for the user, and not accessible by others.
		1366	It may be group-writable provided that the group in question contains only
		1367	the user.
1309	.It Pa /etc/ssh/ssh_config	1368	.It Pa /etc/ssh/ssh_config
1310	Systemwide configuration file.	1369	Systemwide configuration file.
1311	This file provides defaults for those	1370	This file provides defaults for those