- jmc@cvs.openbsd.org 2006/02/24 10:25:14

[openssh.git] / ssh_config.5

diff --git a/ssh_config.5 b/ssh_config.5
index 44107bfe72df3a31524805d1b904673cbd4bf891..5f1ced5b6f9d86ffc867e04f3646321f214fc638 100644 (file)
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"

-.\" $OpenBSD: ssh_config.5,v 1.79 2006/02/19 20:12:25 jmc Exp $
+.\" $OpenBSD: ssh_config.5,v 1.80 2006/02/24 10:25:14 jmc Exp $

 .Dd September 25, 1999
 .Dt SSH_CONFIG 5
 .Os
 .Dd September 25, 1999
 .Dt SSH_CONFIG 5
 .Os


@@ -73,13 +73,47 @@ The matched host name is the one given on the command line.
 Since the first obtained value for each parameter is used, more
 host-specific declarations should be given near the beginning of the
 file, and general defaults at the end.
 Since the first obtained value for each parameter is used, more
 host-specific declarations should be given near the beginning of the
 file, and general defaults at the end.

+.Sh PATTERNS
+A
+.Em pattern
+consists of zero or more non-whitespace characters,
+.Sq *
+(a wildcard that matches zero or more characters),
+or
+.Sq ?\&
+(a wildcard that matches exactly one character).
+For example, to specify a set of declarations for any host in the
+.Dq .co.uk
+set of domains,
+the following pattern could be used:
+.Pp
+.Dl Host *.co.uk
+.Pp
+The following pattern
+would match any host in the 192.168.0.[0-9] network range:

 .Pp
 .Pp

+.Dl Host 192.168.0.?
+.Pp
+A
+.Em pattern-list
+is a comma-separated list of patterns.
+Patterns within pattern-lists may be negated
+by preceding them with an exclamation mark
+.Pq Sq !\& .
+For example,
+to allow a key to be used from anywhere within an organisation
+except from the
+.Dq dialup
+pool,
+the following entry (in authorized_keys) could be used:
+.Pp
+.Dl from=\&"!*.dialup.example.com,*.example.com\&"
+.Sh FILE FORMAT

 The configuration file has the following format:
 .Pp
 Empty lines and lines starting with
 .Ql #
 are comments.
 The configuration file has the following format:
 .Pp
 Empty lines and lines starting with
 .Ql #
 are comments.

-.Pp

 Otherwise a line is of the format
 .Dq keyword arguments .
 Configuration options may be separated by whitespace or
 Otherwise a line is of the format
 .Dq keyword arguments .
 Configuration options may be separated by whitespace or


@@ -103,15 +137,13 @@ Restricts the following declarations (up to the next
 .Cm Host
 keyword) to be only for those hosts that match one of the patterns
 given after the keyword.
 .Cm Host
 keyword) to be only for those hosts that match one of the patterns
 given after the keyword.

-.Ql \&*
-and
-.Ql \&?
-can be used as wildcards in the
-patterns.

 A single
 .Ql \&*
 as a pattern can be used to provide global
 defaults for all hosts.
 A single
 .Ql \&*
 as a pattern can be used to provide global
 defaults for all hosts.

+See
+.Sx PATTERNS
+for more information on patterns.

 The host is the
 .Ar hostname
 argument given on the command line (i.e., the name is not converted to
 The host is the
 .Ar hostname
 argument given on the command line (i.e., the name is not converted to


@@ -805,10 +837,10 @@ Refer to
 in
 .Xr sshd_config 5
 for how to configure the server.
 in
 .Xr sshd_config 5
 for how to configure the server.

-Variables are specified by name, which may contain the wildcard characters
-.Ql \&*
-and
-.Ql \&? .
+Variables are specified by name, which may contain wildcard characters.
+See
+.Sx PATTERNS
+for more information on patterns.

 Multiple environment variables may be separated by whitespace or spread
 across multiple
 .Cm SendEnv
 Multiple environment variables may be separated by whitespace or spread
 across multiple
 .Cm SendEnv