summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2014-02-09 16:10:09 +0000
committerColin Watson <cjwatson@debian.org>2015-09-08 14:50:02 +0100
commit5399167019a01a47c5208b0f8a6f0600b9af3bd5 (patch)
tree4a8e35153bbc1953ea9e6d15ca462bbdf6b5f6c6
parent5919db7dc21a34c31be70170728c2838ff59b740 (diff)
Adjust various OpenBSD-specific references in manual pages
No single bug reference for this patch, but history includes: http://bugs.debian.org/154434 (login.conf(5)) http://bugs.debian.org/513417 (/etc/rc) http://bugs.debian.org/530692 (ssl(8)) https://bugs.launchpad.net/bugs/456660 (ssl(8)) Forwarded: not-needed Last-Update: 2014-10-07 Patch-Name: openbsd-docs.patch
-rw-r--r--moduli.54
-rw-r--r--ssh-keygen.112
-rw-r--r--ssh.14
-rw-r--r--sshd.85
-rw-r--r--sshd_config.53
5 files changed, 13 insertions, 15 deletions
diff --git a/moduli.5 b/moduli.5
index ef0de0850..149846c8c 100644
--- a/moduli.5
+++ b/moduli.5
@@ -21,7 +21,7 @@
21.Nd Diffie-Hellman moduli 21.Nd Diffie-Hellman moduli
22.Sh DESCRIPTION 22.Sh DESCRIPTION
23The 23The
24.Pa /etc/moduli 24.Pa /etc/ssh/moduli
25file contains prime numbers and generators for use by 25file contains prime numbers and generators for use by
26.Xr sshd 8 26.Xr sshd 8
27in the Diffie-Hellman Group Exchange key exchange method. 27in the Diffie-Hellman Group Exchange key exchange method.
@@ -110,7 +110,7 @@ first estimates the size of the modulus required to produce enough
110Diffie-Hellman output to sufficiently key the selected symmetric cipher. 110Diffie-Hellman output to sufficiently key the selected symmetric cipher.
111.Xr sshd 8 111.Xr sshd 8
112then randomly selects a modulus from 112then randomly selects a modulus from
113.Fa /etc/moduli 113.Fa /etc/ssh/moduli
114that best meets the size requirement. 114that best meets the size requirement.
115.Sh SEE ALSO 115.Sh SEE ALSO
116.Xr ssh-keygen 1 , 116.Xr ssh-keygen 1 ,
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 9b93666c9..19bed1e34 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -174,9 +174,7 @@ key in
174.Pa ~/.ssh/id_ed25519 174.Pa ~/.ssh/id_ed25519
175or 175or
176.Pa ~/.ssh/id_rsa . 176.Pa ~/.ssh/id_rsa .
177Additionally, the system administrator may use this to generate host keys, 177Additionally, the system administrator may use this to generate host keys.
178as seen in
179.Pa /etc/rc .
180.Pp 178.Pp
181Normally this program generates the key and asks for a file in which 179Normally this program generates the key and asks for a file in which
182to store the private key. 180to store the private key.
@@ -223,9 +221,7 @@ For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519)
223for which host keys 221for which host keys
224do not exist, generate the host keys with the default key file path, 222do not exist, generate the host keys with the default key file path,
225an empty passphrase, default bits for the key type, and default comment. 223an empty passphrase, default bits for the key type, and default comment.
226This is used by 224This is used by system administration scripts to generate new host keys.
227.Pa /etc/rc
228to generate new host keys.
229.It Fl a Ar rounds 225.It Fl a Ar rounds
230When saving a new-format private key (i.e. an ed25519 key or any SSH protocol 226When saving a new-format private key (i.e. an ed25519 key or any SSH protocol
2312 key when the 2272 key when the
@@ -638,7 +634,7 @@ option.
638Valid generator values are 2, 3, and 5. 634Valid generator values are 2, 3, and 5.
639.Pp 635.Pp
640Screened DH groups may be installed in 636Screened DH groups may be installed in
641.Pa /etc/moduli . 637.Pa /etc/ssh/moduli .
642It is important that this file contains moduli of a range of bit lengths and 638It is important that this file contains moduli of a range of bit lengths and
643that both ends of a connection share common moduli. 639that both ends of a connection share common moduli.
644.Sh CERTIFICATES 640.Sh CERTIFICATES
@@ -837,7 +833,7 @@ on all machines
837where the user wishes to log in using public key authentication. 833where the user wishes to log in using public key authentication.
838There is no need to keep the contents of this file secret. 834There is no need to keep the contents of this file secret.
839.Pp 835.Pp
840.It Pa /etc/moduli 836.It Pa /etc/ssh/moduli
841Contains Diffie-Hellman groups used for DH-GEX. 837Contains Diffie-Hellman groups used for DH-GEX.
842The file format is described in 838The file format is described in
843.Xr moduli 5 . 839.Xr moduli 5 .
diff --git a/ssh.1 b/ssh.1
index c84196fd2..c3e12669b 100644
--- a/ssh.1
+++ b/ssh.1
@@ -766,6 +766,10 @@ Protocol 1 is restricted to using only RSA keys,
766but protocol 2 may use any. 766but protocol 2 may use any.
767The HISTORY section of 767The HISTORY section of
768.Xr ssl 8 768.Xr ssl 8
769(on non-OpenBSD systems, see
770.nh
771http://www.openbsd.org/cgi\-bin/man.cgi?query=ssl&sektion=8#HISTORY)
772.hy
769contains a brief discussion of the DSA and RSA algorithms. 773contains a brief discussion of the DSA and RSA algorithms.
770.Pp 774.Pp
771The file 775The file
diff --git a/sshd.8 b/sshd.8
index 5afd10f27..2f4d4f3c4 100644
--- a/sshd.8
+++ b/sshd.8
@@ -67,7 +67,7 @@ over an insecure network.
67.Nm 67.Nm
68listens for connections from clients. 68listens for connections from clients.
69It is normally started at boot from 69It is normally started at boot from
70.Pa /etc/rc . 70.Pa /etc/init.d/ssh .
71It forks a new 71It forks a new
72daemon for each incoming connection. 72daemon for each incoming connection.
73The forked daemons handle 73The forked daemons handle
@@ -864,7 +864,7 @@ This file is for host-based authentication (see
864.Xr ssh 1 ) . 864.Xr ssh 1 ) .
865It should only be writable by root. 865It should only be writable by root.
866.Pp 866.Pp
867.It Pa /etc/moduli 867.It Pa /etc/ssh/moduli
868Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". 868Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
869The file format is described in 869The file format is described in
870.Xr moduli 5 . 870.Xr moduli 5 .
@@ -963,7 +963,6 @@ The content of this file is not sensitive; it can be world-readable.
963.Xr ssh-keyscan 1 , 963.Xr ssh-keyscan 1 ,
964.Xr chroot 2 , 964.Xr chroot 2 ,
965.Xr hosts_access 5 , 965.Xr hosts_access 5 ,
966.Xr login.conf 5 ,
967.Xr moduli 5 , 966.Xr moduli 5 ,
968.Xr sshd_config 5 , 967.Xr sshd_config 5 ,
969.Xr inetd 8 , 968.Xr inetd 8 ,
diff --git a/sshd_config.5 b/sshd_config.5
index a5afbc37e..355b44544 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -374,8 +374,7 @@ This option is only available for protocol version 2.
374By default, no banner is displayed. 374By default, no banner is displayed.
375.It Cm ChallengeResponseAuthentication 375.It Cm ChallengeResponseAuthentication
376Specifies whether challenge-response authentication is allowed (e.g. via 376Specifies whether challenge-response authentication is allowed (e.g. via
377PAM or through authentication styles supported in 377PAM).
378.Xr login.conf 5 )
379The default is 378The default is
380.Dq yes . 379.Dq yes .
381.It Cm ChrootDirectory 380.It Cm ChrootDirectory