- jmc@cvs.openbsd.org 2006/01/18 10:53:29
[ssh.1]
add a section on ssh-based vpn, based on reyk's README.tun;
+ - dtucker@cvs.openbsd.org 2006/01/20 00:14:55
+ [scp.1 ssh.1 ssh_config.5 sftp.1]
+ Document RekeyLimit. Based on patch from jan.iven at cern.ch from mindrot
+ #1056 with feedback from jmc, djm and markus; ok jmc@ djm@
20060114
- (djm) OpenBSD CVS Sync
.\"
.\" Created: Sun May 7 00:14:37 1995 ylo
.\"
-.\" $OpenBSD: scp.1,v 1.38 2005/03/01 17:19:35 jmc Exp $
+.\" $OpenBSD: scp.1,v 1.39 2006/01/20 00:14:55 dtucker Exp $
.\"
.Dd September 25, 1999
.Dt SCP 1
.It Protocol
.It ProxyCommand
.It PubkeyAuthentication
+.It RekeyLimit
.It RhostsRSAAuthentication
.It RSAAuthentication
.It SendEnv
-.\" $OpenBSD: sftp.1,v 1.62 2005/12/30 16:59:00 jmc Exp $
+.\" $OpenBSD: sftp.1,v 1.63 2006/01/20 00:14:55 dtucker Exp $
.\"
.\" Copyright (c) 2001 Damien Miller. All rights reserved.
.\"
.It Protocol
.It ProxyCommand
.It PubkeyAuthentication
+.It RekeyLimit
.It RhostsRSAAuthentication
.It RSAAuthentication
.It SendEnv
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.250 2006/01/18 10:53:29 jmc Exp $
+.\" $OpenBSD: ssh.1,v 1.251 2006/01/20 00:14:55 dtucker Exp $
.Dd September 25, 1999
.Dt SSH 1
.Os
.It Protocol
.It ProxyCommand
.It PubkeyAuthentication
+.It RekeyLimit
.It RemoteForward
.It RhostsRSAAuthentication
.It RSAAuthentication
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.74 2006/01/12 22:26:02 jmc Exp $
+.\" $OpenBSD: ssh_config.5,v 1.75 2006/01/20 00:14:55 dtucker Exp $
.Dd September 25, 1999
.Dt SSH_CONFIG 5
.Os
The default is
.Dq yes .
This option applies to protocol version 2 only.
+.It Cm RekeyLimit
+Specifies the maximum amount of data that may be transmitted before the
+session key will be renegotiated.
+The argument is the number of bytes, with an optional suffix of
+.Dq K ,
+.Dq M ,
+or
+.Dq G
+to indicate Kilobytes, Megabytes, or Gigabytes, respectively.
+The default is between
+.Dq 1G
+and
+.Dq 4G ,
+depending on the cipher.
+Note that this option applies to protocol version 2 only.
.It Cm RemoteForward
Specifies that a TCP port on the remote machine be forwarded over
the secure channel to the specified host and port from the local machine.