version 1.228, 2006/02/19 20:05:00 |
version 1.229, 2006/02/24 10:39:52 |
|
|
.It Cm from="pattern-list" |
.It Cm from="pattern-list" |
Specifies that in addition to public key authentication, the canonical name |
Specifies that in addition to public key authentication, the canonical name |
of the remote host must be present in the comma-separated list of |
of the remote host must be present in the comma-separated list of |
patterns |
patterns. |
.Pf ( Ql * |
|
and |
|
.Ql \&? |
|
serve as wildcards). |
|
The list may also contain |
|
patterns negated by prefixing them with |
|
.Ql \&! ; |
|
if the canonical host name matches a negated pattern, the key is not accepted. |
|
The purpose |
The purpose |
of this option is to optionally increase security: public key authentication |
of this option is to optionally increase security: public key authentication |
by itself does not trust the network or name servers or anything (but |
by itself does not trust the network or name servers or anything (but |
|
|
This additional option makes using a stolen key more difficult (name |
This additional option makes using a stolen key more difficult (name |
servers and/or routers would have to be compromised in addition to |
servers and/or routers would have to be compromised in addition to |
just the key). |
just the key). |
|
.Pp |
|
See |
|
.Sx PATTERNS |
|
in |
|
.Xr ssh_config 5 |
|
for more information on patterns. |
.It Cm no-agent-forwarding |
.It Cm no-agent-forwarding |
Forbids authentication agent forwarding when this key is used for |
Forbids authentication agent forwarding when this key is used for |
authentication. |
authentication. |