From 7f5637c4a67a49ef256cb4eedf14e8590ac30976 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 9 Jun 2017 06:43:01 +0000 Subject: [PATCH] upstream commit in description of public key authentication, mention that the server will send debug messages to the client for some error conditions after authentication has completed. bz#2709 ok dtucker Upstream-ID: 750127dbd58c5a2672c2d28bc35fe221fcc8d1dd --- ssh.1 | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/ssh.1 b/ssh.1 index 47cd0211d..3aacec415 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.382 2017/05/30 18:58:37 bluhm Exp $ -.Dd $Mdocdate: May 30 2017 $ +.\" $OpenBSD: ssh.1,v 1.383 2017/06/09 06:43:01 djm Exp $ +.Dd $Mdocdate: June 9 2017 $ .Dt SSH 1 .Os .Sh NAME @@ -846,6 +846,17 @@ The client proves that it has access to the private key and the server checks that the corresponding public key is authorized to accept the account. .Pp +The server may inform the client of errors that prevented public key +authentication from succeeding after authentication completes using a +different method. +These may be viewed by increasing the +.Cm LogLevel +to +.Cm DEBUG +or higher (e.g. by using the +.Fl v +flag). +.Pp The user creates his/her key pair by running .Xr ssh-keygen 1 . This stores the private key in