upstream: auth2-pubkey r1.89 changed the order of operations to

author djm@openbsd.org <djm@openbsd.org>

Fri, 17 Apr 2020 04:27:03 +0000 (04:27 +0000)

committer Damien Miller <djm@mindrot.org>

Fri, 17 Apr 2020 07:17:47 +0000 (17:17 +1000)
author djm@openbsd.org <djm@openbsd.org>
Fri, 17 Apr 2020 04:27:03 +0000 (04:27 +0000)
committer Damien Miller <djm@mindrot.org>
Fri, 17 Apr 2020 07:17:47 +0000 (17:17 +1000)
diff --git a/sshd_config.5 b/sshd_config.5

index 5648337a6c8df600ade16d89446c0bef06703f28..b2fda8d520fd9df3e31f3bbfebebca0f4c32a890 100644 (file)
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,7 +33,7 @@
  .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  .\"
-.\" $OpenBSD: sshd_config.5,v 1.309 2020/04/17 03:30:05 djm Exp $
+.\" $OpenBSD: sshd_config.5,v 1.310 2020/04/17 04:27:03 djm Exp $
  .Dd $Mdocdate: April 17 2020 $
  .Dt SSHD_CONFIG 5
  .Os
@@ -247,12 +247,10 @@ more lines of authorized_keys output (see
  .Sx AUTHORIZED_KEYS
  in
  .Xr sshd 8 ) .
-If a key supplied by
  .Cm AuthorizedKeysCommand
-does not successfully authenticate
-and authorize the user then public key authentication continues using the usual
+is tried after the usual
  .Cm AuthorizedKeysFile
-files.
+files and will not be executed if a matching key is found there.
  By default, no
  .Cm AuthorizedKeysCommand
  is run.
author	djm@openbsd.org <djm@openbsd.org>
	Fri, 17 Apr 2020 04:27:03 +0000 (04:27 +0000)
committer	Damien Miller <djm@mindrot.org>
	Fri, 17 Apr 2020 07:17:47 +0000 (17:17 +1000)