.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.117 2009/02/12 03:46:17 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.125 2009/12/29 18:03:32 jmc Exp $
.Dd $Mdocdate$
.Dt SSH_CONFIG 5
.Os
(remote user name) or
.Ql %u
(local user name).
+.Pp
+The command is run synchronously and does not have access to the
+session of the
+.Xr ssh 1
+that spawned it.
+It should not be used for interactive commands.
+.Pp
This directive is ignored unless
.Cm PermitLocalCommand
has been enabled.
and
.Sq 2 .
Multiple versions must be comma-separated.
-The default is
-.Dq 2,1 .
-This means that ssh
-tries version 2 and falls back to version 1
+When this option is set to
+.Dq 2,1
+.Nm ssh
+will try version 2 and fall back to version 1
if version 2 is not available.
+The default is
+.Sq 2 .
.It Cm ProxyCommand
Specifies the command to use to connect to the server.
The command
forwardings can be given on the command line.
Privileged ports can be forwarded only when
logging in as root on the remote machine.
-.Pp
+.Pp
If the
.Ar port
argument is
This option applies to protocol version 1 only and requires
.Xr ssh 1
to be setuid root.
+.It Cm RoutingDomain
+Set the routing domain number.
+The default routing domain is set by the system.
.It Cm RSAAuthentication
Specifies whether to try RSA authentication.
The argument to this keyword must be
program.
The default is
.Pa /usr/X11R6/bin/xauth .
-.It Cm ZeroKnowledgePasswordAuthentication
-Specifies whether to use zero knowledge password authentication.
-This authentication method avoids exposure of password to untrusted
-hosts.
-The argument to this keyword must be
-.Dq yes
-or
-.Dq no .
-The default is currently
-.Dq no
-as this method is considered experimental.
.El
.Sh PATTERNS
A