diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2021-12-19 22:14:47 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2021-12-20 09:28:08 +1100 |
| commit | c385abf76511451bcba78568167b1cd9e90587d5 (patch) | |
| tree | 0cb4abdca995faad6068b7edb22952b120960f96 /readconf.h | |
| parent | 34b1e9cc7654f41cd4c5b1cc290b999dcf6579bb (diff) | |
upstream: PubkeyAuthentication=yes|no|unbound|host-bound
Allow control over which pubkey methods are used. Added out of
concern that some hardware devices may have difficulty signing
the longer pubkey authentication challenges. This provides a
way for them to disable the extension. It's also handy for
testing.
feedback / ok markus@
OpenBSD-Commit-ID: ee52580db95c355cf6d563ba89974c210e603b1a
Diffstat (limited to 'readconf.h')
| -rw-r--r-- | readconf.h | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.145 2021/09/15 06:56:01 djm Exp $ */ +/* $OpenBSD: readconf.h,v 1.146 2021/12/19 22:14:47 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -179,6 +179,11 @@ typedef struct { char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ } Options; +#define SSH_PUBKEY_AUTH_NO 0x00 +#define SSH_PUBKEY_AUTH_UNBOUND 0x01 +#define SSH_PUBKEY_AUTH_HBOUND 0x02 +#define SSH_PUBKEY_AUTH_ALL 0x03 + #define SSH_CANONICALISE_NO 0 #define SSH_CANONICALISE_YES 1 #define SSH_CANONICALISE_ALWAYS 2 |