version 1.5, 2010/05/01 02:50:50 |
version 1.6, 2010/05/20 23:46:02 |
|
|
|
|
extensions is a set of zero or more optional extensions. These extensions |
extensions is a set of zero or more optional extensions. These extensions |
are not critical, and an implementation that encounters one that it does |
are not critical, and an implementation that encounters one that it does |
not recognise may safely ignore it. No extensions are defined at present. |
not recognise may safely ignore it. |
|
|
The reserved field is currently unused and is ignored in this version of |
The reserved field is currently unused and is ignored in this version of |
the protocol. |
the protocol. |
|
|
ssh command-line) whenever this key is |
ssh command-line) whenever this key is |
used for authentication. |
used for authentication. |
|
|
|
source-address string Comma-separated list of source addresses |
|
from which this certificate is accepted |
|
for authentication. Addresses are |
|
specified in CIDR format (nn.nn.nn.nn/nn |
|
or hhhh::hhhh/nn). |
|
If this option is not present then |
|
certificates may be presented from any |
|
source address. |
|
|
|
Extensions |
|
---------- |
|
|
|
The extensions section of the certificate specifies zero or more |
|
non-critical certificate extensions. The encoding of extensions in this |
|
field is identical to that of the critical options. If an implementation |
|
does not recognise an extension, then it should ignore it. |
|
|
|
The supported extensions and the contents and structure of their data |
|
fields are: |
|
|
|
Name Format Description |
|
----------------------------------------------------------------------------- |
permit-X11-forwarding empty Flag indicating that X11 forwarding |
permit-X11-forwarding empty Flag indicating that X11 forwarding |
should be permitted. X11 forwarding will |
should be permitted. X11 forwarding will |
be refused if this option is absent. |
be refused if this option is absent. |
|
|
~/.ssh/rc should be permitted. Execution |
~/.ssh/rc should be permitted. Execution |
of this script will not be permitted if |
of this script will not be permitted if |
this option is not present. |
this option is not present. |
|
|
source-address string Comma-separated list of source addresses |
|
from which this certificate is accepted |
|
for authentication. Addresses are |
|
specified in CIDR format (nn.nn.nn.nn/nn |
|
or hhhh::hhhh/nn). |
|
If this option is not present then |
|
certificates may be presented from any |
|
source address. |
|
|
|
$OpenBSD$ |
$OpenBSD$ |