.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.246 2008/07/02 02:24:18 djm Exp $
+.\" $OpenBSD: sshd.8,v 1.249 2009/10/08 20:42:13 jmc Exp $
.Dd $Mdocdate$
.Dt SSHD 8
.Os
.El
.Sh AUTHENTICATION
The OpenSSH SSH daemon supports SSH protocols 1 and 2.
-Both protocols are supported by default,
+The default is to use protocol 2 only,
though this can be changed via the
.Cm Protocol
option in
In addition to the wildcard matching that may be applied to hostnames or
addresses, a
.Cm from
-stanza may match IP addressess using CIDR address/masklen notation.
+stanza may match IP addresses using CIDR address/masklen notation.
.Pp
The purpose of this option is to optionally increase security: public key
authentication by itself does not trust the network or name servers or
.Cm StrictModes
option has been set to
.Dq no .
-The recommended permissions can be set by executing
-.Dq chmod go-w ~/ ~/.ssh ~/.ssh/authorized_keys .
.Pp
.It ~/.ssh/environment
This file is read into the environment at login (if it exists).