summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2014-02-09 16:10:09 +0000
committerColin Watson <cjwatson@debian.org>2014-02-10 02:40:17 +0000
commit1c4af29874fe7bd1cec92ee90fc613c3cf83f571 (patch)
treef830dd6b642d2e98ed39fea6de7b2988f6dd17a6
parentcf359c36be95e478071cb0dc4491aba88a5bae70 (diff)
Adjust various OpenBSD-specific references in manual pages
No single bug reference for this patch, but history includes: http://bugs.debian.org/154434 (login.conf(5)) http://bugs.debian.org/513417 (/etc/rc) http://bugs.debian.org/530692 (ssl(8)) https://bugs.launchpad.net/bugs/456660 (ssl(8)) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: openbsd-docs.patch
-rw-r--r--moduli.54
-rw-r--r--ssh-keygen.112
-rw-r--r--ssh.14
-rw-r--r--sshd.85
-rw-r--r--sshd_config.53
5 files changed, 13 insertions, 15 deletions
diff --git a/moduli.5 b/moduli.5
index ef0de0850..149846c8c 100644
--- a/moduli.5
+++ b/moduli.5
@@ -21,7 +21,7 @@
21.Nd Diffie-Hellman moduli 21.Nd Diffie-Hellman moduli
22.Sh DESCRIPTION 22.Sh DESCRIPTION
23The 23The
24.Pa /etc/moduli 24.Pa /etc/ssh/moduli
25file contains prime numbers and generators for use by 25file contains prime numbers and generators for use by
26.Xr sshd 8 26.Xr sshd 8
27in the Diffie-Hellman Group Exchange key exchange method. 27in the Diffie-Hellman Group Exchange key exchange method.
@@ -110,7 +110,7 @@ first estimates the size of the modulus required to produce enough
110Diffie-Hellman output to sufficiently key the selected symmetric cipher. 110Diffie-Hellman output to sufficiently key the selected symmetric cipher.
111.Xr sshd 8 111.Xr sshd 8
112then randomly selects a modulus from 112then randomly selects a modulus from
113.Fa /etc/moduli 113.Fa /etc/ssh/moduli
114that best meets the size requirement. 114that best meets the size requirement.
115.Sh SEE ALSO 115.Sh SEE ALSO
116.Xr ssh-keygen 1 , 116.Xr ssh-keygen 1 ,
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 0e0ed989f..299ccf8dd 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -172,9 +172,7 @@ key in
172.Pa ~/.ssh/id_ed25519 172.Pa ~/.ssh/id_ed25519
173or 173or
174.Pa ~/.ssh/id_rsa . 174.Pa ~/.ssh/id_rsa .
175Additionally, the system administrator may use this to generate host keys, 175Additionally, the system administrator may use this to generate host keys.
176as seen in
177.Pa /etc/rc .
178.Pp 176.Pp
179Normally this program generates the key and asks for a file in which 177Normally this program generates the key and asks for a file in which
180to store the private key. 178to store the private key.
@@ -221,9 +219,7 @@ For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519)
221for which host keys 219for which host keys
222do not exist, generate the host keys with the default key file path, 220do not exist, generate the host keys with the default key file path,
223an empty passphrase, default bits for the key type, and default comment. 221an empty passphrase, default bits for the key type, and default comment.
224This is used by 222This is used by system administration scripts to generate new host keys.
225.Pa /etc/rc
226to generate new host keys.
227.It Fl a Ar rounds 223.It Fl a Ar rounds
228When saving a new-format private key (i.e. an ed25519 key or any SSH protocol 224When saving a new-format private key (i.e. an ed25519 key or any SSH protocol
2292 key when the 2252 key when the
@@ -628,7 +624,7 @@ option.
628Valid generator values are 2, 3, and 5. 624Valid generator values are 2, 3, and 5.
629.Pp 625.Pp
630Screened DH groups may be installed in 626Screened DH groups may be installed in
631.Pa /etc/moduli . 627.Pa /etc/ssh/moduli .
632It is important that this file contains moduli of a range of bit lengths and 628It is important that this file contains moduli of a range of bit lengths and
633that both ends of a connection share common moduli. 629that both ends of a connection share common moduli.
634.Sh CERTIFICATES 630.Sh CERTIFICATES
@@ -827,7 +823,7 @@ on all machines
827where the user wishes to log in using public key authentication. 823where the user wishes to log in using public key authentication.
828There is no need to keep the contents of this file secret. 824There is no need to keep the contents of this file secret.
829.Pp 825.Pp
830.It Pa /etc/moduli 826.It Pa /etc/ssh/moduli
831Contains Diffie-Hellman groups used for DH-GEX. 827Contains Diffie-Hellman groups used for DH-GEX.
832The file format is described in 828The file format is described in
833.Xr moduli 5 . 829.Xr moduli 5 .
diff --git a/ssh.1 b/ssh.1
index ff5e6acab..67b4f44b2 100644
--- a/ssh.1
+++ b/ssh.1
@@ -763,6 +763,10 @@ Protocol 1 is restricted to using only RSA keys,
763but protocol 2 may use any. 763but protocol 2 may use any.
764The HISTORY section of 764The HISTORY section of
765.Xr ssl 8 765.Xr ssl 8
766(on non-OpenBSD systems, see
767.nh
768http://www.openbsd.org/cgi\-bin/man.cgi?query=ssl&sektion=8#HISTORY)
769.hy
766contains a brief discussion of the DSA and RSA algorithms. 770contains a brief discussion of the DSA and RSA algorithms.
767.Pp 771.Pp
768The file 772The file
diff --git a/sshd.8 b/sshd.8
index e6a900b06..b016e9096 100644
--- a/sshd.8
+++ b/sshd.8
@@ -70,7 +70,7 @@ over an insecure network.
70.Nm 70.Nm
71listens for connections from clients. 71listens for connections from clients.
72It is normally started at boot from 72It is normally started at boot from
73.Pa /etc/rc . 73.Pa /etc/init.d/ssh .
74It forks a new 74It forks a new
75daemon for each incoming connection. 75daemon for each incoming connection.
76The forked daemons handle 76The forked daemons handle
@@ -862,7 +862,7 @@ This file is for host-based authentication (see
862.Xr ssh 1 ) . 862.Xr ssh 1 ) .
863It should only be writable by root. 863It should only be writable by root.
864.Pp 864.Pp
865.It Pa /etc/moduli 865.It Pa /etc/ssh/moduli
866Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". 866Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
867The file format is described in 867The file format is described in
868.Xr moduli 5 . 868.Xr moduli 5 .
@@ -961,7 +961,6 @@ The content of this file is not sensitive; it can be world-readable.
961.Xr ssh-keyscan 1 , 961.Xr ssh-keyscan 1 ,
962.Xr chroot 2 , 962.Xr chroot 2 ,
963.Xr hosts_access 5 , 963.Xr hosts_access 5 ,
964.Xr login.conf 5 ,
965.Xr moduli 5 , 964.Xr moduli 5 ,
966.Xr sshd_config 5 , 965.Xr sshd_config 5 ,
967.Xr inetd 8 , 966.Xr inetd 8 ,
diff --git a/sshd_config.5 b/sshd_config.5
index bdca79724..9fa608698 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -283,8 +283,7 @@ This option is only available for protocol version 2.
283By default, no banner is displayed. 283By default, no banner is displayed.
284.It Cm ChallengeResponseAuthentication 284.It Cm ChallengeResponseAuthentication
285Specifies whether challenge-response authentication is allowed (e.g. via 285Specifies whether challenge-response authentication is allowed (e.g. via
286PAM or though authentication styles supported in 286PAM).
287.Xr login.conf 5 )
288The default is 287The default is
289.Dq yes . 288.Dq yes .
290.It Cm ChrootDirectory 289.It Cm ChrootDirectory