diff options
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 18 |
1 files changed, 14 insertions, 4 deletions
@@ -34,8 +34,8 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.255 2010/03/05 06:50:35 jmc Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.257 2010/08/04 05:37:01 djm Exp $ |
38 | .Dd $Mdocdate: March 5 2010 $ | 38 | .Dd $Mdocdate: August 4 2010 $ |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -595,13 +595,23 @@ Limit local | |||
595 | .Li ``ssh -L'' | 595 | .Li ``ssh -L'' |
596 | port forwarding such that it may only connect to the specified host and | 596 | port forwarding such that it may only connect to the specified host and |
597 | port. | 597 | port. |
598 | IPv6 addresses can be specified with an alternative syntax: | 598 | IPv6 addresses can be specified by enclosing the address in square brackets. |
599 | .Ar host Ns / Ns Ar port . | ||
600 | Multiple | 599 | Multiple |
601 | .Cm permitopen | 600 | .Cm permitopen |
602 | options may be applied separated by commas. | 601 | options may be applied separated by commas. |
603 | No pattern matching is performed on the specified hostnames, | 602 | No pattern matching is performed on the specified hostnames, |
604 | they must be literal domains or addresses. | 603 | they must be literal domains or addresses. |
604 | .It Cm principals="principals" | ||
605 | On a | ||
606 | .Cm cert-authority | ||
607 | line, specifies allowed principals for certificate authentication as a | ||
608 | comma-separated list. | ||
609 | At least one name from the list must appear in the certificate's | ||
610 | list of principals for the certificate to be accepted. | ||
611 | This option is ignored for keys that are not marked as trusted certificate | ||
612 | signers using the | ||
613 | .Cm cert-authority | ||
614 | option. | ||
605 | .It Cm tunnel="n" | 615 | .It Cm tunnel="n" |
606 | Force a | 616 | Force a |
607 | .Xr tun 4 | 617 | .Xr tun 4 |