- jmc@cvs.openbsd.org 2006/02/24 10:25:14
[ssh_config.5]
add section on patterns;
from dtucker + myself
diff --git a/ChangeLog b/ChangeLog
index 8d19a74..7f34f31 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -150,6 +150,10 @@
[canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
[sshconnect.c]
move #include <ctype.h> out of includes.h; ok djm@
+ - jmc@cvs.openbsd.org 2006/02/24 10:25:14
+ [ssh_config.5]
+ add section on patterns;
+ from dtucker + myself
20060313
- (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@@ -4051,4 +4055,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.4181 2006/03/15 00:53:45 djm Exp $
+$Id: ChangeLog,v 1.4182 2006/03/15 00:54:05 djm Exp $
diff --git a/ssh_config.5 b/ssh_config.5
index 44107bf..5f1ced5 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.79 2006/02/19 20:12:25 jmc Exp $
+.\" $OpenBSD: ssh_config.5,v 1.80 2006/02/24 10:25:14 jmc Exp $
.Dd September 25, 1999
.Dt SSH_CONFIG 5
.Os
@@ -73,13 +73,47 @@
Since the first obtained value for each parameter is used, more
host-specific declarations should be given near the beginning of the
file, and general defaults at the end.
+.Sh PATTERNS
+A
+.Em pattern
+consists of zero or more non-whitespace characters,
+.Sq *
+(a wildcard that matches zero or more characters),
+or
+.Sq ?\&
+(a wildcard that matches exactly one character).
+For example, to specify a set of declarations for any host in the
+.Dq .co.uk
+set of domains,
+the following pattern could be used:
.Pp
+.Dl Host *.co.uk
+.Pp
+The following pattern
+would match any host in the 192.168.0.[0-9] network range:
+.Pp
+.Dl Host 192.168.0.?
+.Pp
+A
+.Em pattern-list
+is a comma-separated list of patterns.
+Patterns within pattern-lists may be negated
+by preceding them with an exclamation mark
+.Pq Sq !\& .
+For example,
+to allow a key to be used from anywhere within an organisation
+except from the
+.Dq dialup
+pool,
+the following entry (in authorized_keys) could be used:
+.Pp
+.Dl from=\&"!*.dialup.example.com,*.example.com\&"
+.Sh FILE FORMAT
The configuration file has the following format:
.Pp
Empty lines and lines starting with
.Ql #
are comments.
-.Pp
Otherwise a line is of the format
.Dq keyword arguments .
Configuration options may be separated by whitespace or
@@ -103,15 +137,13 @@
.Cm Host
keyword) to be only for those hosts that match one of the patterns
given after the keyword.
-.Ql \&*
-and
-.Ql \&?
-can be used as wildcards in the
-patterns.
A single
.Ql \&*
as a pattern can be used to provide global
defaults for all hosts.
+See
+.Sx PATTERNS
+for more information on patterns.
The host is the
.Ar hostname
argument given on the command line (i.e., the name is not converted to
@@ -805,10 +837,10 @@
in
.Xr sshd_config 5
for how to configure the server.
-Variables are specified by name, which may contain the wildcard characters
-.Ql \&*
-and
-.Ql \&? .
+Variables are specified by name, which may contain wildcard characters.
+See
+.Sx PATTERNS
+for more information on patterns.
Multiple environment variables may be separated by whitespace or spread
across multiple
.Cm SendEnv