17 lines
649 B
Plaintext
17 lines
649 B
Plaintext
# IPA-related configuration changes to ssh_config
|
|
#
|
|
PubkeyAuthentication yes
|
|
${ENABLEPROXY}GlobalKnownHostsFile $KNOWNHOSTS
|
|
${VERIFYHOSTKEYDNS}VerifyHostKeyDNS yes
|
|
|
|
# use sss_ssh_knownhosts if available
|
|
# assumes that if a user does not have shell (/sbin/nologin),
|
|
# this will return nonzero exit code and proxy command will be ignored
|
|
${ENABLEKNOWNHOSTS}Match exec true
|
|
${ENABLEKNOWNHOSTS} KnownHostsCommand $KNOWNHOSTSCOMMAND %H
|
|
|
|
# assumes that if a user does not have shell (/sbin/nologin),
|
|
# this will return nonzero exit code and proxy command will be ignored
|
|
${ENABLEPROXY}Match exec true
|
|
${ENABLEPROXY} ProxyCommand $KNOWNHOSTSPROXY -p %p %h
|