diff options
Diffstat (limited to 'usr.bin/ssh/ssh.1')
| -rw-r--r-- | usr.bin/ssh/ssh.1 | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index 183dc277fc5..e8a4e5953a5 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.296 2010/02/26 22:09:28 jmc Exp $ -.Dd $Mdocdate: February 26 2010 $ +.\" $OpenBSD: ssh.1,v 1.297 2010/03/04 10:36:03 djm Exp $ +.Dd $Mdocdate: March 4 2010 $ .Dt SSH 1 .Os .Sh NAME @@ -1121,6 +1121,22 @@ See the section of .Xr ssh-keygen 1 for more details. +.Pp +Keys may be also be marked as revoked using the +.Dq @revoked +marker. +Revoked keys will always trigger a warning when encountered and the host +that presented them will be treated as untrusted. +For example: +.Pp +.Dl @revoked * ssh-rsa AAAAB5W... +.Pp +Revoking a key revokes it for direct use and as a certification authority. +Do not use both the +.Dq @cert-authority and +.Dq @revoked +markers on the same line. +.Pp .Sh SSH-BASED VIRTUAL PRIVATE NETWORKS .Nm contains support for Virtual Private Network (VPN) tunnelling |