OpenBSD CVS Sync - djm@cvs.openbsd.org 2011/05/23 03:30:07 [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5] allow AuthorizedKeysFile to specify multiple files, separated by spaces. Bring back authorized_keys2 as a default search path (to avoid breaking existing users of this file), but override this in sshd_config so it will be no longer used on fresh installs. Maybe in 2015 we can remove it entierly :) feedback and ok markus@ dtucker@

commit: d8478b6a9b32760d47c2419279c4a73f5f88fdb6 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Sun May 29 21:39:36 2011 +1000
committer: Damien Miller <djm@mindrot.org> Sun May 29 21:39:36 2011 +1000
tree: b62b256606749fbb784ab7c2c7baa610c2a7dd71
parent: acacced70b3fd520ee3f12d3f477f9fd7c2f687a [diff] [blame]
diff --git a/sshd_config b/sshd_config
index 9b0d9fa..473e866 100644
--- a/sshd_config
+++ b/sshd_config

@@ -1,4 +1,4 @@
-#	$OpenBSD: sshd_config,v 1.83 2011/05/06 01:03:35 dtucker Exp $
+#	$OpenBSD: sshd_config,v 1.84 2011/05/23 03:30:07 djm Exp $
 
 # This is the sshd server system-wide configuration file.  See
 # sshd_config(5) for more information.
@@ -44,7 +44,10 @@
 
 #RSAAuthentication yes
 #PubkeyAuthentication yes
-#AuthorizedKeysFile	.ssh/authorized_keys
+
+# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
+# but this is overridden so installations will only check .ssh/authorized_keys
+AuthorizedKeysFile	.ssh/authorized_keys
 
 # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
 #RhostsRSAAuthentication no
commit	d8478b6a9b32760d47c2419279c4a73f5f88fdb6	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Sun May 29 21:39:36 2011 +1000
committer	Damien Miller <djm@mindrot.org>	Sun May 29 21:39:36 2011 +1000
tree	b62b256606749fbb784ab7c2c7baa610c2a7dd71
parent	acacced70b3fd520ee3f12d3f477f9fd7c2f687a [diff] [blame]