Minor tweak to sshd_config(5)
Damien Miller
djm at mindrot.org
Fri Mar 5 10:31:52 EST 2010
On Thu, 4 Mar 2010, Iain Morgan wrote:
> Hi,
>
> There are a few minor tweaks I would like to suggest regrading the
> Trecently added rustedUserCAKeys section in sshd_config(5).
>
> TrustedUserCAKeys Specifies a file containing public keys of
> certificate authorities that are trusted sign user certificates
> for authentication. Keys are listed one per line, empty lines
> and comments starting with '#' are allowed. If a cer- tificate
> is presented for authentication and has its signing CA key
> listed in this file, then it may be used for authentication
> for any user listed in the certificate's principals list. Note
> that certificates that lack a list of principals will not be
> permitted for authentication using TrustedUserCAKeys. For more
> details in certificates, please see the CERTIFICATES section in
> ssh-keygen(1).
>
> Replace "trusted sign user" with "trusted to sign user." Also, the
> next sentence should probably be split into two sentences to avoid a
> run-on: "Keys are listed one per line. Empty lines and comments..."
> Lastly, "more details in certificates" should be "more details on
> certificates."
Jason McIntyre (manpage whacker supreme) already found and fixed these :)
-d
More information about the openssh-unix-dev
mailing list