From db175906e383bf590551ef4c9b469dd8ec1864dc Mon Sep 17 00:00:00 2001 From: dtucker Date: Fri, 20 Jan 2006 00:31:47 +0000 Subject: [PATCH] - dtucker@cvs.openbsd.org 2006/01/20 00:14:55 [scp.1 ssh.1 ssh_config.5 sftp.1] Document RekeyLimit. Based on patch from jan.iven at cern.ch from mindrot #1056 with feedback from jmc, djm and markus; ok jmc@ djm@ --- ChangeLog | 4 ++++ scp.1 | 3 ++- sftp.1 | 3 ++- ssh.1 | 3 ++- ssh_config.5 | 17 ++++++++++++++++- 5 files changed, 26 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 1c81a27f..aae04444 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,10 @@ - jmc@cvs.openbsd.org 2006/01/18 10:53:29 [ssh.1] add a section on ssh-based vpn, based on reyk's README.tun; + - dtucker@cvs.openbsd.org 2006/01/20 00:14:55 + [scp.1 ssh.1 ssh_config.5 sftp.1] + Document RekeyLimit. Based on patch from jan.iven at cern.ch from mindrot + #1056 with feedback from jmc, djm and markus; ok jmc@ djm@ 20060114 - (djm) OpenBSD CVS Sync diff --git a/scp.1 b/scp.1 index b5191e31..d9b1f8e8 100644 --- a/scp.1 +++ b/scp.1 @@ -9,7 +9,7 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.38 2005/03/01 17:19:35 jmc Exp $ +.\" $OpenBSD: scp.1,v 1.39 2006/01/20 00:14:55 dtucker Exp $ .\" .Dd September 25, 1999 .Dt SCP 1 @@ -152,6 +152,7 @@ For full details of the options listed below, and their possible values, see .It Protocol .It ProxyCommand .It PubkeyAuthentication +.It RekeyLimit .It RhostsRSAAuthentication .It RSAAuthentication .It SendEnv diff --git a/sftp.1 b/sftp.1 index 6b500596..47aafa89 100644 --- a/sftp.1 +++ b/sftp.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp.1,v 1.62 2005/12/30 16:59:00 jmc Exp $ +.\" $OpenBSD: sftp.1,v 1.63 2006/01/20 00:14:55 dtucker Exp $ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. .\" @@ -180,6 +180,7 @@ For full details of the options listed below, and their possible values, see .It Protocol .It ProxyCommand .It PubkeyAuthentication +.It RekeyLimit .It RhostsRSAAuthentication .It RSAAuthentication .It SendEnv diff --git a/ssh.1 b/ssh.1 index 661e8f96..3fe142dc 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.250 2006/01/18 10:53:29 jmc Exp $ +.\" $OpenBSD: ssh.1,v 1.251 2006/01/20 00:14:55 dtucker Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -477,6 +477,7 @@ For full details of the options listed below, and their possible values, see .It Protocol .It ProxyCommand .It PubkeyAuthentication +.It RekeyLimit .It RemoteForward .It RhostsRSAAuthentication .It RSAAuthentication diff --git a/ssh_config.5 b/ssh_config.5 index e8186a98..790c9b20 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.74 2006/01/12 22:26:02 jmc Exp $ +.\" $OpenBSD: ssh_config.5,v 1.75 2006/01/20 00:14:55 dtucker Exp $ .Dd September 25, 1999 .Dt SSH_CONFIG 5 .Os @@ -718,6 +718,21 @@ or The default is .Dq yes . This option applies to protocol version 2 only. +.It Cm RekeyLimit +Specifies the maximum amount of data that may be transmitted before the +session key will be renegotiated. +The argument is the number of bytes, with an optional suffix of +.Dq K , +.Dq M , +or +.Dq G +to indicate Kilobytes, Megabytes, or Gigabytes, respectively. +The default is between +.Dq 1G +and +.Dq 4G , +depending on the cipher. +Note that this option applies to protocol version 2 only. .It Cm RemoteForward Specifies that a TCP port on the remote machine be forwarded over the secure channel to the specified host and port from the local machine. -- 2.45.2