summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2002-09-04 16:24:55 +1000
committerDamien Miller <djm@mindrot.org>2002-09-04 16:24:55 +1000
commitb83df8d50531611cbd090d0d8f24789ea21386b1 (patch)
tree3a59a1474fba10b86e989ed5101fff761dc20779
parent6cffb9a8cdc628d5310550265ebd41a4dab0a822 (diff)
- espie@cvs.openbsd.org 2002/08/21 11:20:59
[sshd.8] `RSA' updated to refer to `public key', where it matters. okay markus@
-rw-r--r--ChangeLog6
-rw-r--r--sshd.816
2 files changed, 13 insertions, 9 deletions
diff --git a/ChangeLog b/ChangeLog
index 42f09d77a..0936c83c9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,10 @@
3 - markus@cvs.openbsd.org 2002/08/12 10:46:35 3 - markus@cvs.openbsd.org 2002/08/12 10:46:35
4 [ssh-agent.c] 4 [ssh-agent.c]
5 make ssh-agent setgid, disallow ptrace. 5 make ssh-agent setgid, disallow ptrace.
6 - espie@cvs.openbsd.org 2002/08/21 11:20:59
7 [sshd.8]
8 `RSA' updated to refer to `public key', where it matters.
9 okay markus@
6 10
720020820 1120020820
8 - OpenBSD CVS Sync 12 - OpenBSD CVS Sync
@@ -1544,4 +1548,4 @@
1544 - (stevesk) entropy.c: typo in debug message 1548 - (stevesk) entropy.c: typo in debug message
1545 - (djm) ssh-keygen -i needs seeded RNG; report from markus@ 1549 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
1546 1550
1547$Id: ChangeLog,v 1.2427 2002/09/04 06:20:26 djm Exp $ 1551$Id: ChangeLog,v 1.2428 2002/09/04 06:24:55 djm Exp $
diff --git a/sshd.8 b/sshd.8
index 769c74224..2849a8b4c 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd.8,v 1.188 2002/08/12 17:30:35 stevesk Exp $ 37.\" $OpenBSD: sshd.8,v 1.189 2002/08/21 11:20:59 espie Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSHD 8 39.Dt SSHD 8
40.Os 40.Os
@@ -389,9 +389,9 @@ Each RSA public key consists of the following fields, separated by
389spaces: options, bits, exponent, modulus, comment. 389spaces: options, bits, exponent, modulus, comment.
390Each protocol version 2 public key consists of: 390Each protocol version 2 public key consists of:
391options, keytype, base64 encoded key, comment. 391options, keytype, base64 encoded key, comment.
392The options fields 392The options field
393are optional; its presence is determined by whether the line starts 393is optional; its presence is determined by whether the line starts
394with a number or not (the option field never starts with a number). 394with a number or not (the options field never starts with a number).
395The bits, exponent, modulus and comment fields give the RSA key for 395The bits, exponent, modulus and comment fields give the RSA key for
396protocol version 1; the 396protocol version 1; the
397comment field is not used for anything (but may be convenient for the 397comment field is not used for anything (but may be convenient for the
@@ -402,7 +402,7 @@ or
402.Dq ssh-rsa . 402.Dq ssh-rsa .
403.Pp 403.Pp
404Note that lines in this file are usually several hundred bytes long 404Note that lines in this file are usually several hundred bytes long
405(because of the size of the RSA key modulus). 405(because of the size of the public key encoding).
406You don't want to type them in; instead, copy the 406You don't want to type them in; instead, copy the
407.Pa identity.pub , 407.Pa identity.pub ,
408.Pa id_dsa.pub 408.Pa id_dsa.pub
@@ -421,7 +421,7 @@ The following option specifications are supported (note
421that option keywords are case-insensitive): 421that option keywords are case-insensitive):
422.Bl -tag -width Ds 422.Bl -tag -width Ds
423.It Cm from="pattern-list" 423.It Cm from="pattern-list"
424Specifies that in addition to RSA authentication, the canonical name 424Specifies that in addition to public key authentication, the canonical name
425of the remote host must be present in the comma-separated list of 425of the remote host must be present in the comma-separated list of
426patterns 426patterns
427.Pf ( Ql * 427.Pf ( Ql *
@@ -433,7 +433,7 @@ patterns negated by prefixing them with
433.Ql ! ; 433.Ql ! ;
434if the canonical host name matches a negated pattern, the key is not accepted. 434if the canonical host name matches a negated pattern, the key is not accepted.
435The purpose 435The purpose
436of this option is to optionally increase security: RSA authentication 436of this option is to optionally increase security: public key authentication
437by itself does not trust the network or name servers or anything (but 437by itself does not trust the network or name servers or anything (but
438the key); however, if somebody somehow steals the key, the key 438the key); however, if somebody somehow steals the key, the key
439permits an intruder to log in from anywhere in the world. 439permits an intruder to log in from anywhere in the world.
@@ -451,7 +451,7 @@ one must not request a pty or should specify
451.Cm no-pty . 451.Cm no-pty .
452A quote may be included in the command by quoting it with a backslash. 452A quote may be included in the command by quoting it with a backslash.
453This option might be useful 453This option might be useful
454to restrict certain RSA keys to perform just a specific operation. 454to restrict certain public keys to perform just a specific operation.
455An example might be a key that permits remote backups but nothing else. 455An example might be a key that permits remote backups but nothing else.
456Note that the client may specify TCP/IP and/or X11 456Note that the client may specify TCP/IP and/or X11
457forwarding unless they are explicitly prohibited. 457forwarding unless they are explicitly prohibited.