X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/8a4c4ee4e710c79d1f008e51715515b5f33b0aea..d1cf9a87fafc26849daa2806f3c5b01a87652408:/sshd_config.5

diff --git a/sshd_config.5 b/sshd_config.5
index da6d97c6..cec2a238 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.38 2005/01/08 00:41:19 jmc Exp $
+.\" $OpenBSD: sshd_config.5,v 1.43 2005/05/23 23:32:46 djm Exp $
 .Dd September 25, 1999
 .Dt SSHD_CONFIG 5
 .Os
@@ -168,24 +168,18 @@ The supported ciphers are
 .Dq aes128-ctr ,
 .Dq aes192-ctr ,
 .Dq aes256-ctr ,
+.Dq arcfour128 ,
+.Dq arcfour256 ,
 .Dq arcfour ,
 .Dq blowfish-cbc ,
 and
 .Dq cast128-cbc .
 The default is
 .Bd -literal
-  ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
-    aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr''
+  ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
+    arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
+    aes192-ctr,aes256-ctr''
 .Ed
-.It Cm ClientAliveInterval
-Sets a timeout interval in seconds after which if no data has been received
-from the client,
-.Nm sshd
-will send a message through the encrypted
-channel to request a response from the client.
-The default
-is 0, indicating that these messages will not be sent to the client.
-This option applies to protocol version 2 only.
 .It Cm ClientAliveCountMax
 Sets the number of client alive messages (see above) which may be
 sent without
@@ -213,6 +207,15 @@ If
 .Cm ClientAliveCountMax
 is left at the default, unresponsive ssh clients
 will be disconnected after approximately 45 seconds.
+.It Cm ClientAliveInterval
+Sets a timeout interval in seconds after which if no data has been received
+from the client,
+.Nm sshd
+will send a message through the encrypted
+channel to request a response from the client.
+The default
+is 0, indicating that these messages will not be sent to the client.
+This option applies to protocol version 2 only.
 .It Cm Compression
 Specifies whether compression is allowed.
 The argument must be
@@ -256,12 +259,15 @@ This prevents other remote hosts from connecting to forwarded ports.
 .Cm GatewayPorts
 can be used to specify that
 .Nm sshd
-should bind remote port forwardings to the wildcard address,
-thus allowing remote hosts to connect to forwarded ports.
-The argument must be
+should allow remote port forwardings to bind to non-loopback addresses, thus
+allowing other hosts to connect.
+The argument may be
+.Dq no
+to force remote port forwardings to be available to the local host only,
 .Dq yes
-or
-.Dq no .
+to force remote port forwardings to bind to the wildcard address, or
+.Dq clientspecified
+to allow the client to select the address to which the forwarding is bound.
 The default is
 .Dq no .
 .It Cm GSSAPIAuthentication
@@ -324,7 +330,7 @@ The default is
 Specifies whether
 .Nm sshd
 should ignore the user's
-.Pa $HOME/.ssh/known_hosts
+.Pa ~/.ssh/known_hosts
 during
 .Cm RhostsRSAAuthentication
 or
@@ -627,7 +633,7 @@ To disable TCP keepalive messages, the value should be set to
 .It Cm UseDNS
 Specifies whether
 .Nm sshd
-should lookup the remote host name and check that
+should look up the remote host name and check that
 the resolved host name for the remote IP address maps back to the
 very same IP address.
 The default is