From 3882325ff60f89d0c312e9519bdfd1351978fd73 Mon Sep 17 00:00:00 2001
From: Jan Cholasta <jcholast@redhat.com>
Date: Tue, 25 Sep 2012 04:29:29 -0400
Subject: SSH: Expire hosts in known_hosts

---
 src/config/SSSDConfig/__init__.py.in | 1 +
 src/config/etc/sssd.api.conf         | 1 +
 2 files changed, 2 insertions(+)

(limited to 'src/config')

diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in
index 8f0483908..3c6d84c5d 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -89,6 +89,7 @@ option_strings = {
 
     # [ssh]
     'ssh_hash_known_hosts': _('Whether to hash host names and addresses in the known_hosts file'),
+    'ssh_known_hosts_timeout': _('How many seconds to keep a host in the known_hosts file after its host keys were requested'),
 
     # [pac]
     'allowed_uids': _('List of UIDs or user names allowed to access the PAC responder'),
diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf
index f17fbb50f..2ba47d716 100644
--- a/src/config/etc/sssd.api.conf
+++ b/src/config/etc/sssd.api.conf
@@ -64,6 +64,7 @@ autofs_negative_timeout = int, None, false
 [ssh]
 # ssh service
 ssh_hash_known_hosts = bool, None, false
+ssh_known_hosts_timeout = int, None, false
 
 [pac]
 # PAC responder
-- 
cgit