From 99834f6d3675e9f695c4600e881c716814182c8c Mon Sep 17 00:00:00 2001 From: djm Date: Tue, 15 Feb 2022 05:13:36 +0000 Subject: [PATCH] document the unbound/host-bound options to PubkeyAuthentication; spotted by HARUYAMA Seigo --- usr.bin/ssh/ssh_config.5 | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index 3672329fbf0..7b5827373ae 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.368 2022/02/04 02:49:17 dtucker Exp $ -.Dd $Mdocdate: February 4 2022 $ +.\" $OpenBSD: ssh_config.5,v 1.369 2022/02/15 05:13:36 djm Exp $ +.Dd $Mdocdate: February 15 2022 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1522,9 +1522,16 @@ The list of available signature algorithms may also be obtained using Specifies whether to try public key authentication. The argument to this keyword must be .Cm yes -(the default) +(the default), +.Cm no , +.Cm unbound or -.Cm no . +.Cm host-bound . +The final two options enable public key authentication while respectively +disabling or enabling the OpenSSH host-bound authentication protocol +extension required for restricted +.Xr ssh-agent 1 +forwarding. .It Cm RekeyLimit Specifies the maximum amount of data that may be transmitted before the session key is renegotiated, optionally followed by a maximum amount of -- 2.20.1