- dtucker@cvs.openbsd.org 2004/03/08 10:18:57

[openssh.git] / ssh.1

diff --git a/ssh.1 b/ssh.1
index 21e573b6db35da3480575ad3ed0aeb0c07591f93..31eb66c979b567195cccd8d588472162fc200238 100644 (file)
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"

-.\" $OpenBSD: ssh.1,v 1.176 2003/09/29 11:40:51 jmc Exp $
+.\" $OpenBSD: ssh.1,v 1.182 2004/03/05 10:53:58 markus Exp $

 .Dd September 25, 1999
 .Dt SSH 1
 .Os
 .Dd September 25, 1999
 .Dt SSH 1
 .Os


@@ -43,7 +43,7 @@
 .Nd OpenSSH SSH client (remote login program)
 .Sh SYNOPSIS
 .Nm ssh
 .Nd OpenSSH SSH client (remote login program)
 .Sh SYNOPSIS
 .Nm ssh

-.Op Fl 1246AaCfgkNnqsTtVvXx
+.Op Fl 1246AaCfgkNnqsTtVvXxY

 .Op Fl b Ar bind_address
 .Op Fl c Ar cipher_spec
 .Op Fl D Ar port
 .Op Fl b Ar bind_address
 .Op Fl c Ar cipher_spec
 .Op Fl D Ar port


@@ -539,8 +539,7 @@ It is possible to have multiple
 options (and multiple identities specified in
 configuration files).
 .It Fl k
 options (and multiple identities specified in
 configuration files).
 .It Fl k

-Disables forwarding of Kerberos tickets.
-This may also be specified on a per-host basis in the configuration file.
+Disables forwarding (delegation) of GSSAPI credentials to the server.

 .It Fl L Xo
 .Sm off
 .Ar port : host : hostport
 .It Fl L Xo
 .Sm off
 .Ar port : host : hostport


@@ -621,10 +620,10 @@ For full details of the options listed below, and their possible values, see
 .It ConnectionAttempts
 .It ConnectionTimeout
 .It DynamicForward
 .It ConnectionAttempts
 .It ConnectionTimeout
 .It DynamicForward

-.It EnableSSHKeysign

 .It EscapeChar
 .It ForwardAgent
 .It ForwardX11
 .It EscapeChar
 .It ForwardAgent
 .It ForwardX11

+.It ForwardX11Trusted

 .It GatewayPorts
 .It GlobalKnownHostsFile
 .It GSSAPIAuthentication
 .It GatewayPorts
 .It GlobalKnownHostsFile
 .It GSSAPIAuthentication


@@ -635,7 +634,7 @@ For full details of the options listed below, and their possible values, see
 .It HostKeyAlias
 .It HostName
 .It IdentityFile
 .It HostKeyAlias
 .It HostName
 .It IdentityFile

-.It KeepAlive
+.It IdentitiesOnly

 .It LocalForward
 .It LogLevel
 .It MACs
 .It LocalForward
 .It LogLevel
 .It MACs


@@ -650,8 +649,11 @@ For full details of the options listed below, and their possible values, see
 .It RemoteForward
 .It RhostsRSAAuthentication
 .It RSAAuthentication
 .It RemoteForward
 .It RhostsRSAAuthentication
 .It RSAAuthentication

+.It ServerAliveInterval
+.It ServerAliveCountMax

 .It SmartcardDevice
 .It StrictHostKeyChecking
 .It SmartcardDevice
 .It StrictHostKeyChecking

+.It TCPKeepAlive

 .It UsePrivilegedPort
 .It User
 .It UserKnownHostsFile
 .It UsePrivilegedPort
 .It User
 .It UserKnownHostsFile


@@ -733,6 +735,8 @@ can access the local X11 display through the forwarded connection.
 An attacker may then be able to perform activities such as keystroke monitoring.
 .It Fl x
 Disables X11 forwarding.
 An attacker may then be able to perform activities such as keystroke monitoring.
 .It Fl x
 Disables X11 forwarding.

+.It Fl Y
+Enables trusted X11 forwarding.

 .El
 .Sh CONFIGURATION FILES
 .Nm
 .El
 .Sh CONFIGURATION FILES
 .Nm