X-Git-Url: http://andersk.mit.edu/gitweb/gssapi-openssh.git/blobdiff_plain/d037a8b0691afd8685d1a1202b3bf88c9542a8a9..c7931c9aedd8e12fdd0df715dcefce0e0c95be6a:/openssh/ssh_config.5

diff --git a/openssh/ssh_config.5 b/openssh/ssh_config.5
index 073d038..a72a35b 100644
--- a/openssh/ssh_config.5
+++ b/openssh/ssh_config.5
@@ -490,18 +490,28 @@ GSSAPI key exchange the server need not have a host key.
 The default is
 .Dq yes .
 Note that this option applies to protocol version 2 only.
+.It Cm GSSAPIClientIdentity
+If set, specifies the GSSAPI client identity that ssh should use when 
+connecting to the server. The default is unset, which means that the default 
+identity will be used.
 .It Cm GSSAPIDelegateCredentials
 Forward (delegate) credentials to the server.
 The default is
 .Dq yes .
-Note that this option applies to protocol version 2 only.
+Note that this option applies to protocol version 2 connections using GSSAPI.
+.It Cm GSSAPIRenewalForcesRekey
+If set to 
+.Dq yes
+then renewal of the client's GSSAPI credentials will force the rekeying of the
+ssh connection. With a compatible server, this can delegate the renewed 
+credentials to a session on the server.
+The default is
+.Dq yes .
 .It Cm GSSAPITrustDns
 Set to 
-.Dq yes 
-to indicate that the DNS is trusted to securely canonicalize
+.Dq yes to indicate that the DNS is trusted to securely canonicalize
 the name of the host being connected to. If 
-.Dq no , 
-the hostname entered on the
+.Dq no, the hostname entered on the
 command line will be passed untouched to the GSSAPI library.
 The default is
 .Dq yes .