diff options
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 479fa38eb..690797958 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd_config.5,v 1.223 2016/05/04 14:29:58 markus Exp $ | 36 | .\" $OpenBSD: sshd_config.5,v 1.224 2016/06/17 05:03:40 djm Exp $ |
37 | .Dd $Mdocdate: May 4 2016 $ | 37 | .Dd $Mdocdate: June 17 2016 $ |
38 | .Dt SSHD_CONFIG 5 | 38 | .Dt SSHD_CONFIG 5 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -189,9 +189,12 @@ for more information on patterns. | |||
189 | Specifies the authentication methods that must be successfully completed | 189 | Specifies the authentication methods that must be successfully completed |
190 | for a user to be granted access. | 190 | for a user to be granted access. |
191 | This option must be followed by one or more comma-separated lists of | 191 | This option must be followed by one or more comma-separated lists of |
192 | authentication method names. | 192 | authentication method names, or by the single string |
193 | Successful authentication requires completion of every method in at least | 193 | .Dq any |
194 | one of these lists. | 194 | to indicate the default behaviour of accepting any single authentication |
195 | methods. | ||
196 | if the default is overridden, then successful authentication requires | ||
197 | completion of every method in at least one of these lists. | ||
195 | .Pp | 198 | .Pp |
196 | For example, an argument of | 199 | For example, an argument of |
197 | .Dq publickey,password publickey,keyboard-interactive | 200 | .Dq publickey,password publickey,keyboard-interactive |
@@ -231,7 +234,9 @@ This option will yield a fatal | |||
231 | error if enabled if protocol 1 is also enabled. | 234 | error if enabled if protocol 1 is also enabled. |
232 | Note that each authentication method listed should also be explicitly enabled | 235 | Note that each authentication method listed should also be explicitly enabled |
233 | in the configuration. | 236 | in the configuration. |
234 | The default is not to require multiple authentication; successful completion | 237 | The default |
238 | .Dq any | ||
239 | is not to require multiple authentication; successful completion | ||
235 | of a single authentication method is sufficient. | 240 | of a single authentication method is sufficient. |
236 | .It Cm AuthorizedKeysCommand | 241 | .It Cm AuthorizedKeysCommand |
237 | Specifies a program to be used to look up the user's public keys. | 242 | Specifies a program to be used to look up the user's public keys. |