version 1.78, 2001/01/28 10:24:04 |
version 1.79, 2001/01/28 20:36:16 |
|
|
If this flag is set to |
If this flag is set to |
.Dq yes , |
.Dq yes , |
.Nm |
.Nm |
ssh will never automatically add host keys to the |
will never automatically add host keys to the |
.Pa $HOME/.ssh/known_hosts |
.Pa $HOME/.ssh/known_hosts |
and |
and |
.Pa $HOME/.ssh/known_hosts2 |
.Pa $HOME/.ssh/known_hosts2 |
files, and refuses to connect hosts whose host key has changed. |
files, and refuses to connect to hosts whose host key has changed. |
This provides maximum protection against trojan horse attacks. |
This provides maximum protection against trojan horse attacks. |
However, it can be somewhat annoying if you don't have good |
However, it can be somewhat annoying if you don't have good |
.Pa /etc/ssh_known_hosts |
.Pa /etc/ssh_known_hosts |
and |
and |
.Pa /etc/ssh_known_hosts2 |
.Pa /etc/ssh_known_hosts2 |
files installed and frequently |
files installed and frequently |
connect new hosts. |
connect to new hosts. |
Basically this option forces the user to manually |
This option forces the user to manually |
add any new hosts. |
add all new hosts. |
Normally this option is disabled, and new hosts |
If this flag is set to |
will automatically be added to the known host files. |
.Dq no , |
|
.Nm |
|
will automatically add new host keys to the |
|
user known hosts files. |
|
If this flag is set to |
|
.Dq ask , |
|
new host keys |
|
will be added to the user known host files only after the user |
|
has confirmed that is what they really want to do, and |
|
.Nm |
|
will refuse to connect to hosts whose host key has changed. |
The host keys of |
The host keys of |
known hosts will be verified automatically in either case. |
known hosts will be verified automatically in all cases. |
The argument must be |
The argument must be |
.Dq yes |
.Dq yes , |
|
.Dq no |
or |
or |
.Dq no . |
.Dq ask . |
|
The default is |
|
.Dq ask . |
.It Cm UsePrivilegedPort |
.It Cm UsePrivilegedPort |
Specifies whether to use a privileged port for outgoing connections. |
Specifies whether to use a privileged port for outgoing connections. |
The argument must be |
The argument must be |