| version 1.228, 2006/02/19 20:05:00 |
version 1.229, 2006/02/24 10:39:52 |
|
|
| .It Cm from="pattern-list" |
.It Cm from="pattern-list" |
| Specifies that in addition to public key authentication, the canonical name |
Specifies that in addition to public key authentication, the canonical name |
| of the remote host must be present in the comma-separated list of |
of the remote host must be present in the comma-separated list of |
| patterns |
patterns. |
| .Pf ( Ql * |
|
| and |
|
| .Ql \&? |
|
| serve as wildcards). |
|
| The list may also contain |
|
| patterns negated by prefixing them with |
|
| .Ql \&! ; |
|
| if the canonical host name matches a negated pattern, the key is not accepted. |
|
| The purpose |
The purpose |
| of this option is to optionally increase security: public key authentication |
of this option is to optionally increase security: public key authentication |
| by itself does not trust the network or name servers or anything (but |
by itself does not trust the network or name servers or anything (but |
|
|
| This additional option makes using a stolen key more difficult (name |
This additional option makes using a stolen key more difficult (name |
| servers and/or routers would have to be compromised in addition to |
servers and/or routers would have to be compromised in addition to |
| just the key). |
just the key). |
| |
.Pp |
| |
See |
| |
.Sx PATTERNS |
| |
in |
| |
.Xr ssh_config 5 |
| |
for more information on patterns. |
| .It Cm no-agent-forwarding |
.It Cm no-agent-forwarding |
| Forbids authentication agent forwarding when this key is used for |
Forbids authentication agent forwarding when this key is used for |
| authentication. |
authentication. |
![[BACK]](/icons/back.gif){kind=icon}
Return to sshd.8 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh