On Mon, Sep 25, 2017 at 04:50:42PM +0100, Stuart Henderson wrote: > On 2017/09/25 13:03, Lars Nood?n wrote: > > I would propose the following change, or something similar, to sshd_config.5 > > > > It is then more clear which options are accepted and how the directive is > > used. > > Saying that it can be yes or no and the default is no seems a bit > long-winded, this smaller diff seems just as clear to me? >
i'm fine with this, though i liked how lars rearranged that first sentence - i would like that change included. jmc > Index: sshd_config.5 > =================================================================== > RCS file: /cvs/src/usr.bin/ssh/sshd_config.5,v > retrieving revision 1.252 > diff -u -p -u -6 -r1.252 sshd_config.5 > --- sshd_config.5 1 Sep 2017 15:41:26 -0000 1.252 > +++ sshd_config.5 25 Sep 2017 15:45:40 -0000 > @@ -578,12 +578,14 @@ simplify restricted configurations. > .It Cm ExposeAuthInfo > Enables writing a file containing a list of authentication methods and > public credentials (e.g. keys) used to authenticate the user. > The location of the file is exposed to the user session through the > .Ev SSH_USER_AUTH > environment variable. > +The default is > +.Cm no . > .It Cm FingerprintHash > Specifies the hash algorithm used when logging key fingerprints. > Valid options are: > .Cm md5 > and > .Cm sha256 . > > > > > /Lars > > > > Index: src/usr.bin/ssh/sshd_config.5 > > =================================================================== > > RCS file: /cvs/src/usr.bin/ssh/sshd_config.5,v > > retrieving revision 1.252 > > diff -u -p -u -r1.252 sshd_config.5 > > --- src/usr.bin/ssh/sshd_config.5 1 Sep 2017 15:41:26 -0000 > > 1.252 > > +++ src/usr.bin/ssh/sshd_config.5 25 Sep 2017 12:49:21 -0000 > > @@ -576,11 +576,17 @@ TCP and StreamLocal. > > This option overrides all other forwarding-related options and may > > simplify restricted configurations. > > .It Cm ExposeAuthInfo > > -Enables writing a file containing a list of authentication methods and > > +Writes a temporary file containing a list of authentication methods and > > public credentials (e.g. keys) used to authenticate the user. > > The location of the file is exposed to the user session through the > > .Ev SSH_USER_AUTH > > environment variable. > > +The value can be set to > > +.Cm yes > > +or > > +.Cm no . > > +The default is > > +.Cm no . > > .It Cm FingerprintHash > > Specifies the hash algorithm used when logging key fingerprints. > > Valid options are: > > >