diff options
author | Damien Miller <djm@mindrot.org> | 2006-03-15 11:27:20 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2006-03-15 11:27:20 +1100 |
commit | c47d7e9e1905adbef3489cc2bbdceda02d212f7e (patch) | |
tree | b86312b40d29f5fe9c38a9d2c4cf6769035bc128 | |
parent | 1d90540534da87ba4ac5b48037f1d66f82569ff7 (diff) |
- jmc@cvs.openbsd.org 2006/02/09 10:10:47
[sshd.8]
- move some text into a CAVEATS section
- merge the COMMAND EXECUTION... section into AUTHENTICATION
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | sshd.8 | 26 |
2 files changed, 18 insertions, 14 deletions
@@ -54,6 +54,10 @@ | |||
54 | [includes.h] | 54 | [includes.h] |
55 | #include <sys/endian.h> not needed; ok djm@ | 55 | #include <sys/endian.h> not needed; ok djm@ |
56 | NB. ID Sync only - we still need this (but it may move later) | 56 | NB. ID Sync only - we still need this (but it may move later) |
57 | - jmc@cvs.openbsd.org 2006/02/09 10:10:47 | ||
58 | [sshd.8] | ||
59 | - move some text into a CAVEATS section | ||
60 | - merge the COMMAND EXECUTION... section into AUTHENTICATION | ||
57 | 61 | ||
58 | 20060313 | 62 | 20060313 |
59 | - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong) | 63 | - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong) |
@@ -3955,4 +3959,4 @@ | |||
3955 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 3959 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
3956 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 3960 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
3957 | 3961 | ||
3958 | $Id: ChangeLog,v 1.4155 2006/03/15 00:26:55 djm Exp $ | 3962 | $Id: ChangeLog,v 1.4156 2006/03/15 00:27:20 djm Exp $ |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.215 2006/02/01 09:11:41 jmc Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.216 2006/02/09 10:10:47 jmc Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -308,17 +308,6 @@ or | |||
308 | .Ql \&*NP\&* | 308 | .Ql \&*NP\&* |
309 | ). | 309 | ). |
310 | .Pp | 310 | .Pp |
311 | System security is not improved unless | ||
312 | .Nm rshd , | ||
313 | .Nm rlogind , | ||
314 | and | ||
315 | .Nm rexecd | ||
316 | are disabled (thus completely disabling | ||
317 | .Xr rlogin | ||
318 | and | ||
319 | .Xr rsh | ||
320 | into the machine). | ||
321 | .Sh COMMAND EXECUTION AND DATA FORWARDING | ||
322 | If the client successfully authenticates itself, a dialog for | 311 | If the client successfully authenticates itself, a dialog for |
323 | preparing the session is entered. | 312 | preparing the session is entered. |
324 | At this time the client may request | 313 | At this time the client may request |
@@ -326,7 +315,7 @@ things like allocating a pseudo-tty, forwarding X11 connections, | |||
326 | forwarding TCP connections, or forwarding the authentication agent | 315 | forwarding TCP connections, or forwarding the authentication agent |
327 | connection over the secure channel. | 316 | connection over the secure channel. |
328 | .Pp | 317 | .Pp |
329 | Finally, the client either requests a shell or execution of a command. | 318 | After this, the client either requests a shell or execution of a command. |
330 | The sides then enter session mode. | 319 | The sides then enter session mode. |
331 | In this mode, either side may send | 320 | In this mode, either side may send |
332 | data at any time, and such data is forwarded to/from the shell or | 321 | data at any time, and such data is forwarded to/from the shell or |
@@ -867,3 +856,14 @@ Markus Friedl contributed the support for SSH | |||
867 | protocol versions 1.5 and 2.0. | 856 | protocol versions 1.5 and 2.0. |
868 | Niels Provos and Markus Friedl contributed support | 857 | Niels Provos and Markus Friedl contributed support |
869 | for privilege separation. | 858 | for privilege separation. |
859 | .Sh CAVEATS | ||
860 | System security is not improved unless | ||
861 | .Nm rshd , | ||
862 | .Nm rlogind , | ||
863 | and | ||
864 | .Nm rexecd | ||
865 | are disabled (thus completely disabling | ||
866 | .Xr rlogin | ||
867 | and | ||
868 | .Xr rsh | ||
869 | into the machine). | ||