diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-10-31 21:22:01 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-11-01 09:46:09 +1100 |
commit | 07da39f71d36fb547749a5b16aa8892e621a7e4a (patch) | |
tree | dd75cbd723102d887bc11f781cc0a23eee6b2f2f /ssh-agent.1 | |
parent | eebec620c9519c4839d781c4d5b6082152998f82 (diff) | |
download | openssh-git-07da39f71d36fb547749a5b16aa8892e621a7e4a.tar.gz |
upstream: ssh-agent support for U2F/FIDO keys
feedback & ok markus@
OpenBSD-Commit-ID: bb544a44bc32e45d2ec8bf652db2046f38360acb
Diffstat (limited to 'ssh-agent.1')
-rw-r--r-- | ssh-agent.1 | 20 |
1 files changed, 11 insertions, 9 deletions
diff --git a/ssh-agent.1 b/ssh-agent.1 index 83b2b41c..7719384f 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-agent.1,v 1.64 2016/11/30 06:54:26 jmc Exp $ +.\" $OpenBSD: ssh-agent.1,v 1.65 2019/10/31 21:22:01 djm Exp $ .\" .\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 30 2016 $ +.Dd $Mdocdate: October 31 2019 $ .Dt SSH-AGENT 1 .Os .Sh NAME @@ -46,7 +46,7 @@ .Op Fl \&Dd .Op Fl a Ar bind_address .Op Fl E Ar fingerprint_hash -.Op Fl P Ar pkcs11_whitelist +.Op Fl P Ar provider_whitelist .Op Fl t Ar life .Op Ar command Op Ar arg ... .Nm ssh-agent @@ -122,15 +122,17 @@ The default is Kill the current agent (given by the .Ev SSH_AGENT_PID environment variable). -.It Fl P Ar pkcs11_whitelist -Specify a pattern-list of acceptable paths for PKCS#11 shared libraries -that may be added using the +.It Fl P Ar provider_whitelist +Specify a pattern-list of acceptable paths for PKCS#11 and security key shared +libraries that may be used with the .Fl s -option to +or +.Fl S +options to .Xr ssh-add 1 . -The default is to allow loading PKCS#11 libraries from +The default is to allow loading libraries from .Dq /usr/lib/*,/usr/local/lib/* . -PKCS#11 libraries that do not match the whitelist will be refused. +Libraries that do not match the whitelist will be refused. See PATTERNS in .Xr ssh_config 5 for a description of pattern-list syntax. |