From 3541f18e10fd43aacb04261991c5ffa4819d53c6 Mon Sep 17 00:00:00 2001 From: Ben Lindstrom Date: Tue, 20 Aug 2002 19:03:20 +0000 Subject: [PATCH] - stevesk@cvs.openbsd.org 2002/08/17 23:07:14 [ssh.1] ForwardAgent has defaulted to no for over 2 years; be more clear here. --- ChangeLog | 5 ++++- ssh.1 | 16 ++++++++++++---- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5b291c7bf..5c9037852 100644 --- a/ChangeLog +++ b/ChangeLog @@ -33,6 +33,9 @@ - stevesk@cvs.openbsd.org 2002/08/12 17:30:35 [ssh.1 sshd.8 sshd_config.5] more PermitUserEnvironment; ok markus@ + - stevesk@cvs.openbsd.org 2002/08/17 23:07:14 + [ssh.1] + ForwardAgent has defaulted to no for over 2 years; be more clear here. 20020813 - (tim) [configure.ac] Display OpenSSL header/library version. @@ -1530,4 +1533,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2423 2002/08/20 18:54:20 mouring Exp $ +$Id: ChangeLog,v 1.2424 2002/08/20 19:03:20 mouring Exp $ diff --git a/ssh.1 b/ssh.1 index 403c6ad65..97a6ed35a 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.162 2002/08/12 17:30:35 stevesk Exp $ +.\" $OpenBSD: ssh.1,v 1.163 2002/08/17 23:07:14 stevesk Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -353,9 +353,17 @@ the connection is opened. The real authentication cookie is never sent to the server machine (and no cookies are sent in the plain). .Pp -If the user is using an authentication agent, the connection to the agent -is automatically forwarded to the remote side unless disabled on -the command line or in a configuration file. +If the +.Cm ForwardAgent +variable is set to +.Dq yes +(or, see the description of the +.Fl A +and +.Fl a +options described later) and +the user is using an authentication agent, the connection to the agent +is automatically forwarded to the remote side. .Pp Forwarding of arbitrary TCP/IP connections over the secure channel can be specified either on the command line or in a configuration file.