Minor tweak to sshd_config(5)
Iain Morgan
imorgan at nas.nasa.gov
Fri Mar 5 05:33:49 EST 2010
Hi,
There are a few minor tweaks I would like to suggest regrading the recently added
TrustedUserCAKeys section in sshd_config(5).
TrustedUserCAKeys
Specifies a file containing public keys of certificate authorities that are
trusted sign user certificates for authentication. Keys are listed one per
line, empty lines and comments starting with '#' are allowed. If a cer-
tificate is presented for authentication and has its signing CA key listed
in this file, then it may be used for authentication for any user listed in
the certificate's principals list. Note that certificates that lack a list
of principals will not be permitted for authentication using
TrustedUserCAKeys. For more details in certificates, please see the
CERTIFICATES section in ssh-keygen(1).
Replace "trusted sign user" with "trusted to sign user." Also, the next sentence
should probably be split into two sentences to avoid a run-on: "Keys are listed
one per line. Empty lines and comments..." Lastly, "more details in
certificates" should be "more details on certificates."
--
Iain Morgan
More information about the openssh-unix-dev
mailing list