=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/PROTOCOL.certkeys,v retrieving revision 1.16 retrieving revision 1.18 diff -u -r1.16 -r1.18 --- src/usr.bin/ssh/PROTOCOL.certkeys 2018/10/26 01:23:03 1.16 +++ src/usr.bin/ssh/PROTOCOL.certkeys 2021/06/04 04:02:21 1.18 @@ -260,6 +260,14 @@ certificates may be presented from any source address. +verify-required empty Flag indicating that signatures made + with this certificate must assert FIDO + user verification (e.g. PIN or + biometric). This option only make sense + for the U2F/FIDO security key types that + support this feature in their signature + formats. + Extensions ---------- @@ -280,6 +288,13 @@ Name Format Description ----------------------------------------------------------------------------- +no-touch-required empty Flag indicating that signatures made + with this certificate need not assert + FIDO user presence. This option only + make sense for the U2F/FIDO security + key types that support this feature in + their signature formats. + permit-X11-forwarding empty Flag indicating that X11 forwarding should be permitted. X11 forwarding will be refused if this option is absent. @@ -304,4 +319,4 @@ of this script will not be permitted if this option is not present. -$OpenBSD: PROTOCOL.certkeys,v 1.16 2018/10/26 01:23:03 djm Exp $ +$OpenBSD: PROTOCOL.certkeys,v 1.18 2021/06/04 04:02:21 djm Exp $