- djm@cvs.openbsd.org 2014/07/03 22:40:43
[servconf.c servconf.h session.c sshd.8 sshd_config.5]
Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is
executed, mirroring the no-user-rc authorized_keys option;
bz#2160; ok markus@
diff --git a/sshd_config.5 b/sshd_config.5
index 88be8d9..06fd62d 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.173 2014/03/28 05:17:11 naddy Exp $
-.Dd $Mdocdate: March 28 2014 $
+.\" $OpenBSD: sshd_config.5,v 1.174 2014/07/03 22:40:43 djm Exp $
+.Dd $Mdocdate: July 3 2014 $
.Dt SSHD_CONFIG 5
.Os
.Sh NAME
@@ -912,6 +912,7 @@
.Cm PermitRootLogin ,
.Cm PermitTTY ,
.Cm PermitTunnel ,
+.Cm PermitUserRC ,
.Cm PubkeyAuthentication ,
.Cm RekeyLimit ,
.Cm RhostsRSAAuthentication ,
@@ -1060,6 +1061,12 @@
Enabling environment processing may enable users to bypass access
restrictions in some configurations using mechanisms such as
.Ev LD_PRELOAD .
+.It Cm PermitUserRC
+Specifies whether any
+.Pa ~/.ssh/rc
+file is executed.
+The default is
+.Dq yes .
.It Cm PidFile
Specifies the file that contains the process ID of the
SSH daemon.