From 3cbc677d137f61fedbec433b565c003871d6ae9d Mon Sep 17 00:00:00 2001 From: djm Date: Fri, 23 May 2003 08:44:23 +0000 Subject: [PATCH] - jmc@cvs.openbsd.org 2003/05/20 12:09:31 [ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1] new sentence, new line --- ChangeLog | 3 +++ ssh-keygen.1 | 6 +++--- ssh.1 | 13 +++++++------ ssh_config.5 | 25 ++++++++++++++----------- sshd.8 | 14 +++++++------- sshd_config.5 | 38 ++++++++++++++++++++++---------------- 6 files changed, 56 insertions(+), 43 deletions(-) diff --git a/ChangeLog b/ChangeLog index c87b22d9..397605c7 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,9 @@ - added .Xr's - typos ok djm@ + - jmc@cvs.openbsd.org 2003/05/20 12:09:31 + [ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1] + new sentence, new line 20030520 - (djm) OpenBSD CVS Sync diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 613d71a0..1583384a 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.57 2003/05/14 18:16:20 jakob Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.58 2003/05/20 12:09:31 jmc Exp $ .\" .\" -*- nroff -*- .\" @@ -93,8 +93,8 @@ generates, manages and converts authentication keys for .Xr ssh 1 . .Nm can create RSA keys for use by SSH protocol version 1 and RSA or DSA -keys for use by SSH protocol version 2. The type of key to be generated -is specified with the +keys for use by SSH protocol version 2. +The type of key to be generated is specified with the .Fl t option. .Pp diff --git a/ssh.1 b/ssh.1 index f4b1679e..d8af4de6 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.171 2003/05/15 04:08:41 markus Exp $ +.\" $OpenBSD: ssh.1,v 1.172 2003/05/20 12:09:31 jmc Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -488,8 +488,8 @@ It is possible to have multiple options (and multiple identities specified in configuration files). .It Fl I Ar smartcard_device -Specifies which smartcard device to use. The argument is -the device +Specifies which smartcard device to use. +The argument is the device .Nm should use to communicate with a smartcard used for storing the user's private RSA key. @@ -542,9 +542,10 @@ per-host basis in the configuration file. Quiet mode. Causes all warning and diagnostic messages to be suppressed. .It Fl s -May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which facilitate the use -of SSH as a secure transport for other applications (eg. sftp). The -subsystem is specified as the remote command. +May be used to request invocation of a subsystem on the remote system. +Subsystems are a feature of the SSH2 protocol which facilitate the use +of SSH as a secure transport for other applications (eg. sftp). +The subsystem is specified as the remote command. .It Fl t Force pseudo-tty allocation. This can be used to execute arbitrary diff --git a/ssh_config.5 b/ssh_config.5 index 67166b75..99050d38 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.10 2003/05/16 03:27:12 djm Exp $ +.\" $OpenBSD: ssh_config.5,v 1.11 2003/05/20 12:09:32 jmc Exp $ .Dd September 25, 1999 .Dt SSH_CONFIG 5 .Os @@ -116,7 +116,8 @@ The host is the argument given on the command line (i.e., the name is not converted to a canonicalized host name before matching). .It Cm AddressFamily -Specifies which address family to use when connecting. Valid arguments are +Specifies which address family to use when connecting. +Valid arguments are .Dq any , .Dq inet (Use IPv4 only) or @@ -236,9 +237,9 @@ This may be useful in scripts if the connection sometimes fails. The default is 1. .It Cm ConnectTimeout Specifies the timeout (in seconds) used when connecting to the ssh -server, instead of using the default system TCP timeout. This value is -used only when the target is down or really unreachable, not when it -refuses the connection. +server, instead of using the default system TCP timeout. +This value is used only when the target is down or really unreachable, +not when it refuses the connection. .It Cm DynamicForward Specifies that a TCP/IP port on the local machine be forwarded over the secure channel, and the application @@ -351,7 +352,8 @@ Numeric IP addresses are also permitted (both on the command line and in specifications). .It Cm IdentityFile Specifies a file from which the user's RSA or DSA authentication identity -is read. The default is +is read. +The default is .Pa $HOME/.ssh/identity for protocol version 1, and .Pa $HOME/.ssh/id_rsa @@ -448,7 +450,8 @@ Specifies the port number to connect on the remote host. Default is 22. .It Cm PreferredAuthentications Specifies the order in which the client should try protocol 2 -authentication methods. This allows a client to prefer one method (e.g. +authentication methods. +This allows a client to prefer one method (e.g. .Cm keyboard-interactive ) over another method (e.g. .Cm password ) @@ -561,12 +564,12 @@ The default is .Dq yes . Note that this option applies to protocol version 1 only. .It Cm SmartcardDevice -Specifies which smartcard device to use. The argument to this keyword is -the device +Specifies which smartcard device to use. +The argument to this keyword is the device .Nm ssh should use to communicate with a smartcard used for storing the user's -private RSA key. By default, no device is specified and smartcard support -is not activated. +private RSA key. +By default, no device is specified and smartcard support is not activated. .It Cm StrictHostKeyChecking If this flag is set to .Dq yes , diff --git a/sshd.8 b/sshd.8 index f7464d95..827f4f77 100644 --- a/sshd.8 +++ b/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.196 2003/04/30 20:41:07 david Exp $ +.\" $OpenBSD: sshd.8,v 1.197 2003/05/20 12:09:32 jmc Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -497,9 +497,9 @@ IPv6 addresses can be specified with an alternative syntax: .Ar host/port . Multiple .Cm permitopen -options may be applied separated by commas. No pattern matching is -performed on the specified hostnames, they must be literal domains or -addresses. +options may be applied separated by commas. +No pattern matching is performed on the specified hostnames, +they must be literal domains or addresses. .El .Ss Examples 1024 33 12121.\|.\|.\|312314325 ylo@foo.bar @@ -525,9 +525,9 @@ bits, exponent, modulus, comment. The fields are separated by spaces. .Pp Hostnames is a comma-separated list of patterns -.Pf ( Ql \&* -and -.Ql \&? +.Pf ( Ql \&* +and +.Ql \&? act as wildcards); each pattern in turn is matched against the canonical host name (when authenticating a client) or against the user-supplied diff --git a/sshd_config.5 b/sshd_config.5 index 8250be8d..86b3289a 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.16 2003/04/30 01:16:20 mouring Exp $ +.\" $OpenBSD: sshd_config.5,v 1.17 2003/05/20 12:09:32 jmc Exp $ .Dd September 25, 1999 .Dt SSHD_CONFIG 5 .Os @@ -107,7 +107,8 @@ Specifies the file that contains the public keys that can be used for user authentication. .Cm AuthorizedKeysFile may contain tokens of the form %T which are substituted during connection -set-up. The following tokens are defined: %% is replaced by a literal '%', +set-up. +The following tokens are defined: %% is replaced by a literal '%', %h is replaced by the home directory of the user being authenticated and %u is replaced by the username of that user. After expansion, @@ -153,20 +154,24 @@ This option applies to protocol version 2 only. Sets the number of client alive messages (see above) which may be sent without .Nm sshd -receiving any messages back from the client. If this threshold is -reached while client alive messages are being sent, +receiving any messages back from the client. +If this threshold is reached while client alive messages are being sent, .Nm sshd -will disconnect the client, terminating the session. It is important -to note that the use of client alive messages is very different from +will disconnect the client, terminating the session. +It is important to note that the use of client alive messages is very +different from .Cm KeepAlive -(below). The client alive messages are sent through the -encrypted channel and therefore will not be spoofable. The TCP keepalive -option enabled by +(below). +The client alive messages are sent through the encrypted channel +and therefore will not be spoofable. +The TCP keepalive option enabled by .Cm KeepAlive -is spoofable. The client alive mechanism is valuable when the client or +is spoofable. +The client alive mechanism is valuable when the client or server depend on knowing when a connection has become inactive. .Pp -The default value is 3. If +The default value is 3. +If .Cm ClientAliveInterval (above) is set to 15, and .Cm ClientAliveCountMax @@ -369,11 +374,12 @@ is not specified, .Nm sshd will listen on the address and all prior .Cm Port -options specified. The default is to listen on all local -addresses. +options specified. +The default is to listen on all local addresses. Multiple .Cm ListenAddress -options are permitted. Additionally, any +options are permitted. +Additionally, any .Cm Port options must precede this option for non port qualified addresses. .It Cm LoginGraceTime @@ -454,8 +460,8 @@ but only if the .Ar command option has been specified (which may be useful for taking remote backups even if root login is -normally not allowed). All other authentication methods are disabled -for root. +normally not allowed). +All other authentication methods are disabled for root. .Pp If this option is set to .Dq no -- 2.45.2