tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-27 15:54:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

- stevesk@cvs.openbsd.org 2001/01/28 20:36:16

Browse Source 
[readconf.c ssh.1]
     ``StrictHostKeyChecking ask'' documentation and small cleanup.
     ok markus@
This commit is contained in:
Ben Lindstrom 2001-01-29 08:37:08 +00:00
parent 035782e712
commit eb930d4432
2 changed files with 25 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -11,7 +11,7 @@
[sshd.c] [sshd.c]
remove -Q, no longer needed remove -Q, no longer needed
- stevesk@cvs.openbsd.org 2001/01/28 20:36:16 - stevesk@cvs.openbsd.org 2001/01/28 20:36:16
[readconf.c] [readconf.c ssh.1]
``StrictHostKeyChecking ask'' documentation and small cleanup. ``StrictHostKeyChecking ask'' documentation and small cleanup.
ok markus@ ok markus@
- stevesk@cvs.openbsd.org 2001/01/28 22:27:05 - stevesk@cvs.openbsd.org 2001/01/28 22:27:05

35
ssh.1
View File

@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: ssh.1,v 1.78 2001/01/28 10:24:04 markus Exp $ .\" $OpenBSD: ssh.1,v 1.79 2001/01/28 20:36:16 stevesk Exp $
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSH 1 .Dt SSH 1
.Os .Os
@ -924,28 +924,41 @@ The default is
If this flag is set to If this flag is set to
.Dq yes , .Dq yes ,
.Nm .Nm
ssh will never automatically add host keys to the will never automatically add host keys to the
.Pa $HOME/.ssh/known_hosts .Pa $HOME/.ssh/known_hosts
and and
.Pa $HOME/.ssh/known_hosts2 .Pa $HOME/.ssh/known_hosts2
files, and refuses to connect hosts whose host key has changed. files, and refuses to connect to hosts whose host key has changed.
This provides maximum protection against trojan horse attacks. This provides maximum protection against trojan horse attacks.
However, it can be somewhat annoying if you don't have good However, it can be somewhat annoying if you don't have good
.Pa /etc/ssh_known_hosts .Pa /etc/ssh_known_hosts
and and
.Pa /etc/ssh_known_hosts2 .Pa /etc/ssh_known_hosts2
files installed and frequently files installed and frequently
connect new hosts. connect to new hosts.
Basically this option forces the user to manually This option forces the user to manually
add any new hosts. add all new hosts.
Normally this option is disabled, and new hosts If this flag is set to
will automatically be added to the known host files. .Dq no ,
.Nm
will automatically add new host keys to the
user known hosts files.
If this flag is set to
.Dq ask ,
new host keys
will be added to the user known host files only after the user
has confirmed that is what they really want to do, and
.Nm
will refuse to connect to hosts whose host key has changed.
The host keys of The host keys of
known hosts will be verified automatically in either case. known hosts will be verified automatically in all cases.
The argument must be The argument must be
.Dq yes .Dq yes ,
.Dq no
or or
.Dq no . .Dq ask .
The default is
.Dq ask .
.It Cm UsePrivilegedPort .It Cm UsePrivilegedPort
Specifies whether to use a privileged port for outgoing connections. Specifies whether to use a privileged port for outgoing connections.
The argument must be The argument must be