From 7a2cb18a215b2cb335da3dc99489c52a91f4925b Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Tue, 22 Jan 2019 11:51:25 +0000 Subject: [PATCH] upstream: Mention that configuration for the destination host is not applied to any ProxyJump/-J hosts. This has confused a few people... OpenBSD-Commit-ID: 03f4f641df6ca236c1bfc69836a256b873db868b --- ssh.1 | 9 +++++++-- ssh_config.5 | 10 ++++++++-- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/ssh.1 b/ssh.1 index 7760c3075..ca4373d11 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.399 2018/09/20 06:58:48 jmc Exp $ -.Dd $Mdocdate: September 20 2018 $ +.\" $OpenBSD: ssh.1,v 1.400 2019/01/22 11:51:25 djm Exp $ +.Dd $Mdocdate: January 22 2019 $ .Dt SSH 1 .Os .Sh NAME @@ -308,6 +308,11 @@ Multiple jump hops may be specified separated by comma characters. This is a shortcut to specify a .Cm ProxyJump configuration directive. +Note that configuration directives supplied on the command-line generally +apply to the destination host and not any specified jump hosts. +Use +.Pa ~/.ssh/config +to specify configuration for jump hosts. .Pp .It Fl K Enables GSSAPI-based authentication and forwarding (delegation) of GSSAPI diff --git a/ssh_config.5 b/ssh_config.5 index 0a19ba64c..1d57eef58 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.288 2018/11/23 06:58:28 jmc Exp $ -.Dd $Mdocdate: November 23 2018 $ +.\" $OpenBSD: ssh_config.5,v 1.289 2019/01/22 11:51:25 djm Exp $ +.Dd $Mdocdate: January 22 2019 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1263,6 +1263,12 @@ Note that this option will compete with the .Cm ProxyCommand option - whichever is specified first will prevent later instances of the other from taking effect. +.Pp +Note also that the configuration for the destination host (either supplied +via the command-line or the configuration file) is not generally applied +to jump hosts. +.Pa ~/.ssh/config +should be used if specific configuration is required for jump hosts. .It Cm ProxyUseFdpass Specifies that .Cm ProxyCommand