From dd6d3dded721ac653ea73c017325e5bfeeec837f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 15 Feb 2022 05:13:36 +0000 Subject: upstream: document the unbound/host-bound options to PubkeyAuthentication; spotted by HARUYAMA Seigo OpenBSD-Commit-ID: 298f681b66a9ecd498f0700082c7a6c46e948981 --- ssh_config.5 | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'ssh_config.5') diff --git a/ssh_config.5 b/ssh_config.5 index adf177e3..69132282 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.368 2022/02/04 02:49:17 dtucker Exp $ -.Dd $Mdocdate: February 4 2022 $ +.\" $OpenBSD: ssh_config.5,v 1.369 2022/02/15 05:13:36 djm Exp $ +.Dd $Mdocdate: February 15 2022 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1521,9 +1521,16 @@ The list of available signature algorithms may also be obtained using Specifies whether to try public key authentication. The argument to this keyword must be .Cm yes -(the default) +(the default), +.Cm no , +.Cm unbound or -.Cm no . +.Cm host-bound . +The final two options enable public key authentication while respectively +disabling or enabling the OpenSSH host-bound authentication protocol +extension required for restricted +.Xr ssh-agent 1 +forwarding. .It Cm RekeyLimit Specifies the maximum amount of data that may be transmitted before the session key is renegotiated, optionally followed by a maximum amount of -- cgit v1.2.1