[BACK]Return to ssh-agent.1 CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-agent.1 between version 1.73.6.1 and 1.74

version 1.73.6.1, 2023/07/19 14:08:59 version 1.74, 2022/10/07 04:06:26
Line 106 
Line 106 
 environment variable).  environment variable).
 .It Fl O Ar option  .It Fl O Ar option
 Specify an option when starting  Specify an option when starting
 .Nm .  .Xr ssh-agent 1 .
 Currently two options are supported:  Currently only one option is supported:
 .Cm allow-remote-pkcs11  
 and  
 .Cm no-restrict-websafe .  .Cm no-restrict-websafe .
 .Pp  This instructs
 The  .Xr ssh-agent 1
 .Cm allow-remote-pkcs11  
 option allows clients of a forwarded  
 .Nm  
 to load PKCS#11 or FIDO provider libraries.  
 By default only local clients may perform this operation.  
 Note that signalling that a  
 .Nm  
 client remote is performed by  
 .Xr ssh 1 ,  
 and use of other tools to forward access to the agent socket may circumvent  
 this restriction.  
 .Pp  
 The  
 .Cm no-restrict-websafe ,  
 instructs  
 .Nm  
 to permit signatures using FIDO keys that might be web authentication  to permit signatures using FIDO keys that might be web authentication
 requests.  requests.
 By default,  By default,
 .Nm  .Xr ssh-agent 1
 refuses signature requests for FIDO keys where the key application string  refuses signature requests for FIDO keys where the key application string
 does not start with  does not start with
 .Dq ssh:  .Dq ssh:
Line 198 
Line 180 
 .Pp  .Pp
 In both cases,  In both cases,
 .Xr ssh 1  .Xr ssh 1
 looks at these environment variables  looks at these environment variables and uses them to establish a connection to the agent.
 and uses them to establish a connection to the agent.  
 .Pp  .Pp
 The agent initially does not have any private keys.  The agent initially does not have any private keys.
 Keys are added using  Keys are added using
Legend:
Removed from v.1.73.6.1  
changed lines
  Added in v.1.74