1 files changed, 26 insertions, 2 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index cec2a023a..88fe90193 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.188 2014/12/22 09:05:17 djm Exp $
+.\" $OpenBSD: sshd_config.5,v 1.189 2015/01/13 07:39:19 djm Exp $
-.Dd $Mdocdate: December 22 2014 $
+.Dd $Mdocdate: January 13 2015 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -561,6 +561,17 @@ on logout.
 The default is
 .Dq yes .
 Note that this option applies to protocol version 2 only.
+.It Cm HostbasedAcceptedKeyTypes
+Specifies the key types that will be accepted for hostbased authentication
+as a comma-separated pattern list.
+The default
+.Dq *
+will allow all key types.
+The
+.Fl Q
+option of
+.Xr ssh 1
+may be used to list supported key types.
 .It Cm HostbasedAuthentication
 Specifies whether rhosts or /etc/hosts.equiv authentication together
 with successful public key client host authentication is allowed
@@ -962,6 +973,7 @@ Available keywords are
 .Cm ForceCommand ,
 .Cm GatewayPorts ,
 .Cm GSSAPIAuthentication ,
+.Cm HostbasedAcceptedKeyTypes ,
 .Cm HostbasedAuthentication ,
 .Cm HostbasedUsesNameFromPacketOnly ,
 .Cm KbdInteractiveAuthentication ,
@@ -975,6 +987,7 @@ Available keywords are
 .Cm PermitTTY ,
 .Cm PermitTunnel ,
 .Cm PermitUserRC ,
+.Cm PubkeyAcceptedKeyTypes ,
 .Cm PubkeyAuthentication ,
 .Cm RekeyLimit ,
 .Cm RhostsRSAAuthentication ,
@@ -1182,6 +1195,17 @@ Specifying
 .Dq 2,1
 is identical to
 .Dq 1,2 .
+.It Cm PubkeyAcceptedKeyTypes
+Specifies the key types that will be accepted for public key authentication
+as a comma-separated pattern list.
+The default
+.Dq *
+will allow all key types.
+The
+.Fl Q
+option of
+.Xr ssh 1
+may be used to list supported key types.
 .It Cm PubkeyAuthentication
 Specifies whether public key authentication is allowed.
 The default is

diff --git a/sshd_config.5 b/sshd_config.5 index cec2a023a..88fe90193 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: sshd_config.5,v 1.188 2014/12/22 09:05:17 djm Exp $	36	.\" $OpenBSD: sshd_config.5,v 1.189 2015/01/13 07:39:19 djm Exp $
37	.Dd $Mdocdate: December 22 2014 $	37	.Dd $Mdocdate: January 13 2015 $
38	.Dt SSHD_CONFIG 5	38	.Dt SSHD_CONFIG 5
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -561,6 +561,17 @@ on logout.
561	The default is	561	The default is
562	.Dq yes .	562	.Dq yes .
563	Note that this option applies to protocol version 2 only.	563	Note that this option applies to protocol version 2 only.
		564	.It Cm HostbasedAcceptedKeyTypes
		565	Specifies the key types that will be accepted for hostbased authentication
		566	as a comma-separated pattern list.
		567	The default
		568	.Dq *
		569	will allow all key types.
		570	The
		571	.Fl Q
		572	option of
		573	.Xr ssh 1
		574	may be used to list supported key types.
564	.It Cm HostbasedAuthentication	575	.It Cm HostbasedAuthentication
565	Specifies whether rhosts or /etc/hosts.equiv authentication together	576	Specifies whether rhosts or /etc/hosts.equiv authentication together
566	with successful public key client host authentication is allowed	577	with successful public key client host authentication is allowed
@@ -962,6 +973,7 @@ Available keywords are
962	.Cm ForceCommand ,	973	.Cm ForceCommand ,
963	.Cm GatewayPorts ,	974	.Cm GatewayPorts ,
964	.Cm GSSAPIAuthentication ,	975	.Cm GSSAPIAuthentication ,
		976	.Cm HostbasedAcceptedKeyTypes ,
965	.Cm HostbasedAuthentication ,	977	.Cm HostbasedAuthentication ,
966	.Cm HostbasedUsesNameFromPacketOnly ,	978	.Cm HostbasedUsesNameFromPacketOnly ,
967	.Cm KbdInteractiveAuthentication ,	979	.Cm KbdInteractiveAuthentication ,
@@ -975,6 +987,7 @@ Available keywords are
975	.Cm PermitTTY ,	987	.Cm PermitTTY ,
976	.Cm PermitTunnel ,	988	.Cm PermitTunnel ,
977	.Cm PermitUserRC ,	989	.Cm PermitUserRC ,
		990	.Cm PubkeyAcceptedKeyTypes ,
978	.Cm PubkeyAuthentication ,	991	.Cm PubkeyAuthentication ,
979	.Cm RekeyLimit ,	992	.Cm RekeyLimit ,
980	.Cm RhostsRSAAuthentication ,	993	.Cm RhostsRSAAuthentication ,
@@ -1182,6 +1195,17 @@ Specifying
1182	.Dq 2,1	1195	.Dq 2,1
1183	is identical to	1196	is identical to
1184	.Dq 1,2 .	1197	.Dq 1,2 .
		1198	.It Cm PubkeyAcceptedKeyTypes
		1199	Specifies the key types that will be accepted for public key authentication
		1200	as a comma-separated pattern list.
		1201	The default
		1202	.Dq *
		1203	will allow all key types.
		1204	The
		1205	.Fl Q
		1206	option of
		1207	.Xr ssh 1
		1208	may be used to list supported key types.
1185	.It Cm PubkeyAuthentication	1209	.It Cm PubkeyAuthentication
1186	Specifies whether public key authentication is allowed.	1210	Specifies whether public key authentication is allowed.
1187	The default is	1211	The default is