From 399dfbc499f54bccb81318cbe86acddcd4bdfeee Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 25 May 2008 19:57:41 +0000 Subject: Check for blacklists in /usr/share/ssh/ as well as /etc/ssh/ (see #481283). --- ssh-vulnkey.1 | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'ssh-vulnkey.1') diff --git a/ssh-vulnkey.1 b/ssh-vulnkey.1 index 73570fcad..c0a7592f8 100644 --- a/ssh-vulnkey.1 +++ b/ssh-vulnkey.1 @@ -163,7 +163,7 @@ If present, contains the protocol version 2 RSA identity of the system. If present, contains the protocol version 2 DSA identity of the system. .It Pa /etc/ssh/ssh_host_key If present, contains the protocol version 1 RSA identity of the system. -.It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH +.It Pa /usr/share/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH If present, lists the blacklisted keys of type .Ar TYPE .Pf ( Dq RSA @@ -175,6 +175,10 @@ The format of this file is described above. RSA1 keys are converted to RSA before being checked in the blacklist. Note that the fingerprints of RSA1 keys are computed differently, so you will not be able to find them in the blacklist by hand. +.It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH +Same as +.Pa /usr/share/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH , +but may be edited by the system administrator to add new blacklist entries. .El .Sh SEE ALSO .Xr ssh-keygen 1 , -- cgit v1.2.3