CURLOPT_SSH_HOSTKEYFUNCTION.md: for new connections only

author Daniel Stenberg <daniel@haxx.se>

Fri, 15 May 2026 11:54:41 +0000 (13:54 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Fri, 15 May 2026 22:54:40 +0000 (00:54 +0200)
author Daniel Stenberg <daniel@haxx.se>
Fri, 15 May 2026 11:54:41 +0000 (13:54 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Fri, 15 May 2026 22:54:40 +0000 (00:54 +0200)
diff --git a/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md b/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md

index 09aa83c875f6bdbdf1a5c1c4d740fd688955ed41..1125ec392e252a9492d687efdd16a23f6d917b1c 100644 (file)
--- a/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md
+++ b/docs/libcurl/opts/CURLOPT_SSH_HOSTKEYFUNCTION.md
@@ -38,12 +38,15 @@ shown above. It overrides CURLOPT_SSH_KNOWNHOSTS(3).
  
  This callback gets called when the verification of the SSH host key is needed.
  
-**key** is **keylen** bytes long and is the key to check. **keytype**
-says what type it is, from the **CURLKHTYPE_*** series in the
-**curl_khtype** enum.
+**key** is **keylen** bytes long and is the key to check. **keytype** says
+what type it is, from the **CURLKHTYPE_*** series in the **curl_khtype** enum.
  
  **clientp** is a custom pointer set with CURLOPT_SSH_HOSTKEYDATA(3).
  
+This option is used to verify new SSH connections only. Once the connection
+has been vetted by this callback it is deemed vetted and may be reused again
+without invoking this callback again.
+
  The callback must return one of the following return codes to tell libcurl how
  to act:
author	Daniel Stenberg <daniel@haxx.se>
	Fri, 15 May 2026 11:54:41 +0000 (13:54 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Fri, 15 May 2026 22:54:40 +0000 (00:54 +0200)