From 9a26a6e2c095126b12081661b5c47933babb2599 Mon Sep 17 00:00:00 2001 From: djm Date: Wed, 14 May 2003 03:44:42 +0000 Subject: [PATCH] - mouring@cvs.openbsd.org 2003/04/30 01:16:20 [sshd.8 sshd_config.5] Escape ?, * and ! in .Ql for nroff compatibility. OpenSSH Portable Bug #550 and * escaping suggested by jmc@. --- ChangeLog | 4 ++++ sshd.8 | 17 +++++++++++------ sshd_config.5 | 10 +++++----- 3 files changed, 20 insertions(+), 11 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0b5531e3..efb3de2f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -28,6 +28,10 @@ - deraadt@cvs.openbsd.org 2003/04/26 04:29:49 [ssh-keyscan.c] -t in usage(); rogier@quaak.org + - mouring@cvs.openbsd.org 2003/04/30 01:16:20 + [sshd.8 sshd_config.5] + Escape ?, * and ! in .Ql for nroff compatibility. OpenSSH Portable + Bug #550 and * escaping suggested by jmc@. 20030512 - (djm) Redhat spec: Don't install profile.d scripts when not diff --git a/sshd.8 b/sshd.8 index a99c4f16..1d4e90fb 100644 --- a/sshd.8 +++ b/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.194 2003/01/31 21:54:40 jmc Exp $ +.\" $OpenBSD: sshd.8,v 1.195 2003/04/30 01:16:20 mouring Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -429,13 +429,14 @@ that option keywords are case-insensitive): Specifies that in addition to public key authentication, the canonical name of the remote host must be present in the comma-separated list of patterns -.Pf ( Ql * +.Pf ( +.Ql \&* and -.Ql ? +.Ql \&? serve as wildcards). The list may also contain patterns negated by prefixing them with -.Ql ! ; +.Ql \&! ; if the canonical host name matches a negated pattern, the key is not accepted. The purpose of this option is to optionally increase security: public key authentication @@ -524,12 +525,16 @@ Each line in these files contains the following fields: hostnames, bits, exponent, modulus, comment. The fields are separated by spaces. .Pp -Hostnames is a comma-separated list of patterns ('*' and '?' act as +Hostnames is a comma-separated list of patterns ( +.Ql \&* +and +.Ql \&? +act as wildcards); each pattern in turn is matched against the canonical host name (when authenticating a client) or against the user-supplied name (when authenticating a server). A pattern may also be preceded by -.Ql ! +.Ql \&! to indicate negation: if the host name matches a negated pattern, it is not accepted (by that line) even if it matched another pattern on the line. diff --git a/sshd_config.5 b/sshd_config.5 index 6f38a260..31ef3996 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.15 2003/03/28 10:11:43 jmc Exp $ +.\" $OpenBSD: sshd_config.5,v 1.16 2003/04/30 01:16:20 mouring Exp $ .Dd September 25, 1999 .Dt SSHD_CONFIG 5 .Os @@ -72,7 +72,7 @@ If specified, login is allowed only for users whose primary group or supplementary group list matches one of the patterns. .Ql \&* and -.Ql ? +.Ql \&? can be used as wildcards in the patterns. Only group names are valid; a numerical group ID is not recognized. @@ -93,7 +93,7 @@ If specified, login is allowed only for user names that match one of the patterns. .Ql \&* and -.Ql ? +.Ql \&? can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. @@ -187,7 +187,7 @@ Login is disallowed for users whose primary group or supplementary group list matches one of the patterns. .Ql \&* and -.Ql ? +.Ql \&? can be used as wildcards in the patterns. Only group names are valid; a numerical group ID is not recognized. @@ -199,7 +199,7 @@ by spaces. Login is disallowed for user names that match one of the patterns. .Ql \&* and -.Ql ? +.Ql \&? can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. -- 2.45.1