From 7851df089a62515b09b45c15d584be2ab9ea0dec Mon Sep 17 00:00:00 2001
From: Piotr Pawlow <pp@siedziba.pl>
Date: Mon, 18 Jan 2016 14:35:11 +0100
Subject: [PATCH] Disable unneeded SSH features in authorized_keys example for
 security.

---
 docs/quickstart.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/quickstart.rst b/docs/quickstart.rst
index 18457e9c7..ca7acc795 100644
--- a/docs/quickstart.rst
+++ b/docs/quickstart.rst
@@ -207,7 +207,7 @@ the remote server's authorized_keys file. Only the forced command will be run
 when the key authenticates a connection. This example will start |project_name| in server
 mode, and limit the |project_name| server to a specific filesystem path::
 
-  command="borg serve --restrict-to-path /mnt/backup" ssh-rsa AAAAB3[...]
+  command="borg serve --restrict-to-path /mnt/backup",no-pty,no-agent-forwarding,no-port-forwarding,no-X11-forwarding,no-user-rc ssh-rsa AAAAB3[...]
 
 If it is not possible to install |project_name| on the remote host,
 it is still possible to use the remote host to store a repository by