From c158331f8c7e059c6c1d099bffc7f5fc6087ddbd Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 5 Aug 2010 13:04:50 +1000
Subject:    - djm@cvs.openbsd.org 2010/08/04 05:42:47      [auth.c
 auth2-hostbased.c authfile.c authfile.h ssh-keysign.8]      [ssh-keysign.c
 ssh.c]      enable certificates for hostbased authentication, from Iain
 Morgan;      "looks ok" markus@

---
 ssh-keysign.8 | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'ssh-keysign.8')

diff --git a/ssh-keysign.8 b/ssh-keysign.8
index 3ba54b935..46c0ee9cd 100644
--- a/ssh-keysign.8
+++ b/ssh-keysign.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-keysign.8,v 1.9 2007/05/31 19:20:16 jmc Exp $
+.\" $OpenBSD: ssh-keysign.8,v 1.10 2010/08/04 05:42:47 djm Exp $
 .\"
 .\" Copyright (c) 2002 Markus Friedl.  All rights reserved.
 .\"
@@ -22,7 +22,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: May 31 2007 $
+.Dd $Mdocdate: August 4 2010 $
 .Dt SSH-KEYSIGN 8
 .Os
 .Sh NAME
@@ -68,6 +68,9 @@ accessible to others.
 Since they are readable only by root,
 .Nm
 must be set-uid root if host-based authentication is used.
+.It Pa /etc/ssh/ssh_host_dsa_key-cert.pub, /etc/ssh/ssh_host_rsa_key-cert.pub
+If these files exist they are assumed to contain public certificate
+information corresponding with the private keys above.
 .El
 .Sh SEE ALSO
 .Xr ssh 1 ,
-- 
cgit v1.2.3