X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/884dc78b37d30d2afc7a88c60fd6a88563d126d7..8af0406b1081f4edaca548090d7c5d4cfb8fb9a3:/openssh/ssh-keysign.8

diff --git a/openssh/ssh-keysign.8 b/openssh/ssh-keysign.8
index ab2cf21..a17e8d5 100644
--- a/openssh/ssh-keysign.8
+++ b/openssh/ssh-keysign.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-keysign.8,v 1.2 2002/06/10 16:56:30 stevesk Exp $
+.\" $OpenBSD: ssh-keysign.8,v 1.7 2003/06/10 09:12:11 jmc Exp $
 .\"
 .\" Copyright (c) 2002 Markus Friedl.  All rights reserved.
 .\"
@@ -36,6 +36,16 @@ is used by
 .Xr ssh 1
 to access the local host keys and generate the digital signature
 required during hostbased authentication with SSH protocol version 2.
+.Pp
+.Nm
+is disabled by default and can only be enabled in the
+global client configuration file
+.Pa /etc/ssh/ssh_config
+by setting
+.Cm EnableSSHKeysign
+to
+.Dq yes .
+.Pp
 .Nm
 is not intended to be invoked by the user, but from
 .Xr ssh 1 .
@@ -46,10 +56,14 @@ and
 for more information about hostbased authentication.
 .Sh FILES
 .Bl -tag -width Ds
+.It Pa /etc/ssh/ssh_config
+Controls whether
+.Nm
+is enabled.
 .It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
 These files contain the private parts of the host keys used to
-generate the digital signature.  They
-should be owned by root, readable only by root, and not
+generate the digital signature.
+They should be owned by root, readable only by root, and not
 accessible to others.
 Since they are readable only by root,
 .Nm
@@ -58,10 +72,11 @@ must be set-uid root if hostbased authentication is used.
 .Sh SEE ALSO
 .Xr ssh 1 ,
 .Xr ssh-keygen 1 ,
+.Xr ssh_config 5 ,
 .Xr sshd 8
-.Sh AUTHORS
-Markus Friedl <markus@openbsd.org>
 .Sh HISTORY
 .Nm
 first appeared in
 .Ox 3.2 .
+.Sh AUTHORS
+.An Markus Friedl Aq markus@openbsd.org