.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.112 2009/11/10 02:58:56 djm Exp $
+.\" $OpenBSD: sshd_config.5,v 1.115 2009/12/29 18:03:32 jmc Exp $
.Dd $Mdocdate$
.Dt SSHD_CONFIG 5
.Os
The default is
.Dq yes .
.It Cm ChrootDirectory
-Specifies a path to
+Specifies the pathname of a directory to
.Xr chroot 2
to after authentication.
-This path, and all its components, must be root-owned directories that are
+All components of the pathname must be root-owned directories that are
not writable by any other user or group.
After the chroot,
.Xr sshd 8
changes the working directory to the user's home directory.
.Pp
-The path may contain the following tokens that are expanded at runtime once
+The pathname may contain the following tokens that are expanded at runtime once
the connecting user has been authenticated: %% is replaced by a literal '%',
%h is replaced by the home directory of the user being authenticated, and
%u is replaced by the username of that user.
The default is
.Dq yes .
Note that this option applies to protocol version 2 only.
-.It Cm RDomain
-Set the routing domain number.
-The default routing domain is set by the system.
.It Cm RhostsRSAAuthentication
Specifies whether rhosts or /etc/hosts.equiv authentication together
with successful RSA host authentication is allowed.
The default is
.Dq no .
This option applies to protocol version 1 only.
+.It Cm RoutingDomain
+Set the routing domain number.
+The default routing domain is set by the system.
.It Cm RSAAuthentication
Specifies whether pure RSA authentication is allowed.
The default is