X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/f0677b6924301ccedd45dd7d5411ee3880916b66..bb92e5ccb10874279c87ba8100fde22a929329c4:/ssh_config.5 diff --git a/ssh_config.5 b/ssh_config.5 index 56df3ace..7a435a90 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.14 2003/06/23 09:02:44 markus Exp $ +.\" $OpenBSD: ssh_config.5,v 1.20 2003/09/02 18:50:06 jmc Exp $ .Dd September 25, 1999 .Dt SSH_CONFIG 5 .Os @@ -104,7 +104,7 @@ keyword) to be only for those hosts that match one of the patterns given after the keyword. .Ql \&* and -.Ql ? +.Ql \&? can be used as wildcards in the patterns. A single @@ -123,13 +123,6 @@ Valid arguments are (Use IPv4 only) or .Dq inet6 (Use IPv6 only.) -.It Cm AFSTokenPassing -Specifies whether to pass AFS tokens to remote host. -The argument to this keyword must be -.Dq yes -or -.Dq no . -This option applies to protocol version 1 only. .It Cm BatchMode If set to .Dq yes , @@ -246,9 +239,9 @@ over the secure channel, and the application protocol is then used to determine where to connect to from the remote machine. The argument must be a port number. -Currently the SOCKS4 protocol is supported, and +Currently the SOCKS4 and SOCKS5 protocols are supported, and .Nm ssh -will act as a SOCKS4 server. +will act as a SOCKS server. Multiple forwardings may be specified, and additional forwardings can be given on the command line. Only the superuser can forward privileged ports. @@ -338,6 +331,18 @@ The default is Specifies a file to use for the global host key database instead of .Pa /etc/ssh/ssh_known_hosts . +.It Cm GSSAPIAuthentication +Specifies whether authentication based on GSSAPI may be used, either using +the result of a successful key exchange, or using GSSAPI user +authentication. +The default is +.Dq yes . +Note that this option applies to protocol version 2 only. +.It Cm GSSAPIDelegateCredentials +Forward (delegate) credentials to the server. +The default is +.Dq no . +Note that this option applies to protocol version 2 only. .It Cm HostbasedAuthentication Specifies whether to try rhosts based authentication with public key authentication. @@ -402,19 +407,6 @@ This is important in scripts, and many users want it too. .Pp To disable keepalives, the value should be set to .Dq no . -.It Cm KerberosAuthentication -Specifies whether Kerberos authentication will be used. -The argument to this keyword must be -.Dq yes -or -.Dq no . -.It Cm KerberosTgtPassing -Specifies whether a Kerberos TGT will be forwarded to the server. -This will only work if the Kerberos server is actually an AFS kaserver. -The argument to this keyword must be -.Dq yes -or -.Dq no . .It Cm LocalForward Specifies that a TCP/IP port on the local machine be forwarded over the secure channel to the specified host and port from the remote machine. @@ -537,26 +529,6 @@ IPv6 addresses can be specified with an alternative syntax: Multiple forwardings may be specified, and additional forwardings can be given on the command line. Only the superuser can forward privileged ports. -.It Cm RhostsAuthentication -Specifies whether to try rhosts based authentication. -Note that this -declaration only affects the client side and has no effect whatsoever -on security. -Most servers do not permit RhostsAuthentication because it -is not secure (see -.Cm RhostsRSAAuthentication ) . -The argument to this keyword must be -.Dq yes -or -.Dq no . -The default is -.Dq no . -This option applies to protocol version 1 only and requires -.Nm ssh -to be setuid root and -.Cm UsePrivilegedPort -to be set to -.Dq yes . .It Cm RhostsRSAAuthentication Specifies whether to try rhosts based authentication with RSA host authentication. @@ -637,11 +609,9 @@ If set to must be setuid root. Note that this option must be set to .Dq yes -if -.Cm RhostsAuthentication -and +for .Cm RhostsRSAAuthentication -authentications are needed with older servers. +with older servers. .It Cm User Specifies the user to log in as. This can be useful when a different user name is used on different machines.