1 files changed, 42 insertions, 4 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index 0e1a031e5..a8767b493 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -127,8 +127,15 @@ Valid arguments are
 If set to
 .Dq yes ,
 passphrase/password querying will be disabled.
+In addition, the 
+.Cm ServerAliveInterval 
+and
+.Cm SetupTimeOut
+options will both be set to 300 seconds by default.
 This option is useful in scripts and other batch jobs where no user
-is present to supply the password.
+is present to supply the password,
+and where it is desirable to detect a
+broken network swiftly.
 The argument must be
 .Dq yes
 or
@@ -366,7 +373,8 @@ from stealing or tampering with data belonging to trusted X11
 clients.
 .Pp
 The default is
-.Dq no .
+.Dq yes
+(Debian-specific).
 .Pp
 See the X11 SECURITY extension specification for full details on
 the restrictions imposed on untrusted clients.
@@ -641,8 +649,12 @@ from the server,
 will send a message through the encrypted
 channel to request a response from the server.
 The default
-is 0, indicating that these messages will not be sent to the server.
+is 0, indicating that these messages will not be sent to the server,
-This option applies to protocol version 2 only.
+or 300 if the
+.Cm BatchMode
+option is set.
+.Cm ProtocolKeepAlives
+is a Debian-specific compatibility alias for this option.
 .It Cm ServerAliveCountMax
 Sets the number of server alive messages (see above) which may be
 sent without
@@ -670,6 +682,26 @@ If, for example,
 .Cm ServerAliveCountMax
 is left at the default, if the server becomes unresponsive ssh
 will disconnect after approximately 45 seconds.
+This option works when using protocol version 2 only; in protocol version
+1 there is no mechanism to request a response from the server to the
+server alive messages, so disconnection is the responsibility of the TCP
+stack.
+.It Cm SetupTimeOut
+Normally,
+.Nm ssh
+blocks indefinitely whilst waiting to receive the ssh banner and other
+setup protocol from the server, during the session setup.
+This can cause
+.Nm ssh
+to hang under certain circumstances.
+If this option is set,
+.Nm ssh
+will give up if no data from the server is received for the specified
+number of seconds.
+The argument must be an integer.
+The default is 0 (disabled), or 300 if
+.Cm BatchMode
+is set.
 .It Cm SmartcardDevice
 Specifies which smartcard device to use.
 The argument to this keyword is the device
@@ -717,6 +749,12 @@ Specifies whether the system should send TCP keepalive messages to the
 other side.
 If they are sent, death of the connection or crash of one
 of the machines will be properly noticed.
+This option only uses TCP keepalives (as opposed to using ssh level
+keepalives), so takes a long time to notice when the connection dies.
+As such, you probably want
+the
+.Cm ServerAliveInterval
+option as well.
 However, this means that
 connections will die if the route is down temporarily, and some people
 find it annoying.

diff --git a/ssh_config.5 b/ssh_config.5 index 0e1a031e5..a8767b493 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -127,8 +127,15 @@ Valid arguments are
127	If set to	127	If set to
128	.Dq yes ,	128	.Dq yes ,
129	passphrase/password querying will be disabled.	129	passphrase/password querying will be disabled.
		130	In addition, the
		131	.Cm ServerAliveInterval
		132	and
		133	.Cm SetupTimeOut
		134	options will both be set to 300 seconds by default.
130	This option is useful in scripts and other batch jobs where no user	135	This option is useful in scripts and other batch jobs where no user
131	is present to supply the password.	136	is present to supply the password,
		137	and where it is desirable to detect a
		138	broken network swiftly.
132	The argument must be	139	The argument must be
133	.Dq yes	140	.Dq yes
134	or	141	or
@@ -366,7 +373,8 @@ from stealing or tampering with data belonging to trusted X11
366	clients.	373	clients.
367	.Pp	374	.Pp
368	The default is	375	The default is
369	.Dq no .	376	.Dq yes
		377	(Debian-specific).
370	.Pp	378	.Pp
371	See the X11 SECURITY extension specification for full details on	379	See the X11 SECURITY extension specification for full details on
372	the restrictions imposed on untrusted clients.	380	the restrictions imposed on untrusted clients.
@@ -641,8 +649,12 @@ from the server,
641	will send a message through the encrypted	649	will send a message through the encrypted
642	channel to request a response from the server.	650	channel to request a response from the server.
643	The default	651	The default
644	is 0, indicating that these messages will not be sent to the server.	652	is 0, indicating that these messages will not be sent to the server,
645	This option applies to protocol version 2 only.	653	or 300 if the
		654	.Cm BatchMode
		655	option is set.
		656	.Cm ProtocolKeepAlives
		657	is a Debian-specific compatibility alias for this option.
646	.It Cm ServerAliveCountMax	658	.It Cm ServerAliveCountMax
647	Sets the number of server alive messages (see above) which may be	659	Sets the number of server alive messages (see above) which may be
648	sent without	660	sent without
@@ -670,6 +682,26 @@ If, for example,
670	.Cm ServerAliveCountMax	682	.Cm ServerAliveCountMax
671	is left at the default, if the server becomes unresponsive ssh	683	is left at the default, if the server becomes unresponsive ssh
672	will disconnect after approximately 45 seconds.	684	will disconnect after approximately 45 seconds.
		685	This option works when using protocol version 2 only; in protocol version
		686	1 there is no mechanism to request a response from the server to the
		687	server alive messages, so disconnection is the responsibility of the TCP
		688	stack.
		689	.It Cm SetupTimeOut
		690	Normally,
		691	.Nm ssh
		692	blocks indefinitely whilst waiting to receive the ssh banner and other
		693	setup protocol from the server, during the session setup.
		694	This can cause
		695	.Nm ssh
		696	to hang under certain circumstances.
		697	If this option is set,
		698	.Nm ssh
		699	will give up if no data from the server is received for the specified
		700	number of seconds.
		701	The argument must be an integer.
		702	The default is 0 (disabled), or 300 if
		703	.Cm BatchMode
		704	is set.
673	.It Cm SmartcardDevice	705	.It Cm SmartcardDevice
674	Specifies which smartcard device to use.	706	Specifies which smartcard device to use.
675	The argument to this keyword is the device	707	The argument to this keyword is the device
@@ -717,6 +749,12 @@ Specifies whether the system should send TCP keepalive messages to the
717	other side.	749	other side.
718	If they are sent, death of the connection or crash of one	750	If they are sent, death of the connection or crash of one
719	of the machines will be properly noticed.	751	of the machines will be properly noticed.
		752	This option only uses TCP keepalives (as opposed to using ssh level
		753	keepalives), so takes a long time to notice when the connection dies.
		754	As such, you probably want
		755	the
		756	.Cm ServerAliveInterval
		757	option as well.
720	However, this means that	758	However, this means that
721	connections will die if the route is down temporarily, and some people	759	connections will die if the route is down temporarily, and some people
722	find it annoying.	760	find it annoying.