1 files changed, 28 insertions, 14 deletions

diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5
index b0497d1e5f14..0f67fdc6c8a0 100644
--- a/crypto/openssh/ssh_config.5
+++ b/crypto/openssh/ssh_config.5
@@ -34,9 +34,9 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.119 2009/02/22 23:50:57 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.129 2010/03/05 10:28:21 djm Exp $
 .\" $FreeBSD$
-.Dd February 22 2009
+.Dd March 5 2010
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -560,6 +560,12 @@ and
 for protocol version 2.
 Additionally, any identities represented by the authentication agent
 will be used for authentication.
+.Xr ssh 1
+will try to load certificate information from the filename obtained by
+appending
+.Pa -cert.pub
+to the path of a specified
+.Cm IdentityFile .
 .Pp
 The file name may use the tilde
 syntax to refer to a user's home directory or one of the following
@@ -617,6 +623,13 @@ The following escape character substitutions will be performed:
 (remote user name) or
 .Ql %u
 (local user name).
+.Pp
+The command is run synchronously and does not have access to the
+session of the
+.Xr ssh 1
+that spawned it.
+It should not be used for interactive commands.
+.Pp
 This directive is ignored unless
 .Cm PermitLocalCommand
 has been enabled.
@@ -705,6 +718,12 @@ or
 .Dq no .
 The default is
 .Dq no .
+.It Cm PKCS11Provider
+Specifies which PKCS#11 provider to use.
+The argument to this keyword is the PKCS#11 shared libary
+.Xr ssh 1
+should use to communicate with a PKCS#11 token providing the user's
+private RSA key.
 .It Cm Port
 Specifies the port number to connect on the remote host.
 The default is 22.
@@ -731,11 +750,13 @@ The possible values are
 and
 .Sq 2 .
 Multiple versions must be comma-separated.
-The default is
-.Dq 2,1 .
-This means that ssh
-tries version 2 and falls back to version 1
+When this option is set to
+.Dq 2,1
+.Nm ssh
+will try version 2 and fall back to version 1
 if version 2 is not available.
+The default is
+.Sq 2 .
 .It Cm ProxyCommand
 Specifies the command to use to connect to the server.
 The command
@@ -919,13 +940,6 @@ channel to request a response from the server.
 The default
 is 0, indicating that these messages will not be sent to the server.
 This option applies to protocol version 2 only.
-.It Cm SmartcardDevice
-Specifies which smartcard device to use.
-The argument to this keyword is the device
-.Xr ssh 1
-should use to communicate with a smartcard used for storing the user's
-private RSA key.
-By default, no device is specified and smartcard support is not activated.
 .It Cm StrictHostKeyChecking
 If this flag is set to
 .Dq yes ,
@@ -1073,7 +1087,7 @@ in
 Specifies a string to append to the regular version string to identify
 OS- or site-specific modifications.
 The default is
-.Dq FreeBSD-20091001 .
+.Dq FreeBSD-20100308 .
 .It Cm VisualHostKey
 If this flag is set to
 .Dq yes ,