Changeset View
Changeset View
Standalone View
Standalone View
head/crypto/openssh/sshd_config.5
Show First 20 Lines • Show All 1,531 Lines • ▼ Show 20 Lines | |||||
If a certificate is presented for authentication and has its signing CA key | If a certificate is presented for authentication and has its signing CA key | ||||
listed in this file, then it may be used for authentication for any user | listed in this file, then it may be used for authentication for any user | ||||
listed in the certificate's principals list. | listed in the certificate's principals list. | ||||
Note that certificates that lack a list of principals will not be permitted | Note that certificates that lack a list of principals will not be permitted | ||||
for authentication using | for authentication using | ||||
.Cm TrustedUserCAKeys . | .Cm TrustedUserCAKeys . | ||||
For more details on certificates, see the CERTIFICATES section in | For more details on certificates, see the CERTIFICATES section in | ||||
.Xr ssh-keygen 1 . | .Xr ssh-keygen 1 . | ||||
.It Cm UseBlacklist | |||||
Specifies whether | |||||
.Xr sshd 8 | |||||
attempts to send authentication success and failure messages | |||||
to the | |||||
.Xr blacklistd 8 | |||||
daemon. | |||||
The default is | |||||
.Dq no . | |||||
.It Cm UseDNS | .It Cm UseDNS | ||||
Specifies whether | Specifies whether | ||||
.Xr sshd 8 | .Xr sshd 8 | ||||
should look up the remote host name, and to check that | should look up the remote host name, and to check that | ||||
the resolved host name for the remote IP address maps back to the | the resolved host name for the remote IP address maps back to the | ||||
very same IP address. | very same IP address. | ||||
.Pp | .Pp | ||||
If this option is set to | If this option is set to | ||||
▲ Show 20 Lines • Show All 220 Lines • Show Last 20 Lines |