diff options
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 17 |
1 files changed, 11 insertions, 6 deletions
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.194 2003/01/31 21:54:40 jmc Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.195 2003/04/30 01:16:20 mouring Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -429,13 +429,14 @@ that option keywords are case-insensitive): | |||
429 | Specifies that in addition to public key authentication, the canonical name | 429 | Specifies that in addition to public key authentication, the canonical name |
430 | of the remote host must be present in the comma-separated list of | 430 | of the remote host must be present in the comma-separated list of |
431 | patterns | 431 | patterns |
432 | .Pf ( Ql * | 432 | .Pf ( |
433 | .Ql \&* | ||
433 | and | 434 | and |
434 | .Ql ? | 435 | .Ql \&? |
435 | serve as wildcards). | 436 | serve as wildcards). |
436 | The list may also contain | 437 | The list may also contain |
437 | patterns negated by prefixing them with | 438 | patterns negated by prefixing them with |
438 | .Ql ! ; | 439 | .Ql \&! ; |
439 | if the canonical host name matches a negated pattern, the key is not accepted. | 440 | if the canonical host name matches a negated pattern, the key is not accepted. |
440 | The purpose | 441 | The purpose |
441 | of this option is to optionally increase security: public key authentication | 442 | of this option is to optionally increase security: public key authentication |
@@ -524,12 +525,16 @@ Each line in these files contains the following fields: hostnames, | |||
524 | bits, exponent, modulus, comment. | 525 | bits, exponent, modulus, comment. |
525 | The fields are separated by spaces. | 526 | The fields are separated by spaces. |
526 | .Pp | 527 | .Pp |
527 | Hostnames is a comma-separated list of patterns ('*' and '?' act as | 528 | Hostnames is a comma-separated list of patterns ( |
529 | .Ql \&* | ||
530 | and | ||
531 | .Ql \&? | ||
532 | act as | ||
528 | wildcards); each pattern in turn is matched against the canonical host | 533 | wildcards); each pattern in turn is matched against the canonical host |
529 | name (when authenticating a client) or against the user-supplied | 534 | name (when authenticating a client) or against the user-supplied |
530 | name (when authenticating a server). | 535 | name (when authenticating a server). |
531 | A pattern may also be preceded by | 536 | A pattern may also be preceded by |
532 | .Ql ! | 537 | .Ql \&! |
533 | to indicate negation: if the host name matches a negated | 538 | to indicate negation: if the host name matches a negated |
534 | pattern, it is not accepted (by that line) even if it matched another | 539 | pattern, it is not accepted (by that line) even if it matched another |
535 | pattern on the line. | 540 | pattern on the line. |