Changeset View
Changeset View
Standalone View
Standalone View
head/crypto/openssh/sshd_config.5
| Show First 20 Lines • Show All 1,531 Lines • ▼ Show 20 Lines | |||||
| If a certificate is presented for authentication and has its signing CA key | If a certificate is presented for authentication and has its signing CA key | ||||
| listed in this file, then it may be used for authentication for any user | listed in this file, then it may be used for authentication for any user | ||||
| listed in the certificate's principals list. | listed in the certificate's principals list. | ||||
| Note that certificates that lack a list of principals will not be permitted | Note that certificates that lack a list of principals will not be permitted | ||||
| for authentication using | for authentication using | ||||
| .Cm TrustedUserCAKeys . | .Cm TrustedUserCAKeys . | ||||
| For more details on certificates, see the CERTIFICATES section in | For more details on certificates, see the CERTIFICATES section in | ||||
| .Xr ssh-keygen 1 . | .Xr ssh-keygen 1 . | ||||
| .It Cm UseBlacklist | |||||
| Specifies whether | |||||
| .Xr sshd 8 | |||||
| attempts to send authentication success and failure messages | |||||
| to the | |||||
| .Xr blacklistd 8 | |||||
| daemon. | |||||
| The default is | |||||
| .Dq no . | |||||
| .It Cm UseDNS | .It Cm UseDNS | ||||
| Specifies whether | Specifies whether | ||||
| .Xr sshd 8 | .Xr sshd 8 | ||||
| should look up the remote host name, and to check that | should look up the remote host name, and to check that | ||||
| the resolved host name for the remote IP address maps back to the | the resolved host name for the remote IP address maps back to the | ||||
| very same IP address. | very same IP address. | ||||
| .Pp | .Pp | ||||
| If this option is set to | If this option is set to | ||||
| ▲ Show 20 Lines • Show All 220 Lines • Show Last 20 Lines | |||||