diff options
author | Damien Miller <djm@mindrot.org> | 2006-01-06 14:48:18 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2006-01-06 14:48:18 +1100 |
commit | 7655f5cd9fe856bb833de92521d415b66bf4d5d4 (patch) | |
tree | 53ffe9cbf0fb2d35e1475d897685861b2cc73e09 | |
parent | a969437645550a8f7595ba017c7658c4341d77d1 (diff) |
- jmc@cvs.openbsd.org 2006/01/03 16:31:10
[ssh.1]
move FILES to a -compact list, and make each files an item in that list.
this avoids nastly line wrap when we have long pathnames, and treats
each file as a separate item;
remove the .Pa too, since it is useless.
-rw-r--r-- | ChangeLog | 11 | ||||
-rw-r--r-- | ssh.1 | 52 |
2 files changed, 46 insertions, 17 deletions
@@ -1,3 +1,12 @@ | |||
1 | 20060106 | ||
2 | - (djm) OpenBSD CVS Sync | ||
3 | - jmc@cvs.openbsd.org 2006/01/03 16:31:10 | ||
4 | [ssh.1] | ||
5 | move FILES to a -compact list, and make each files an item in that list. | ||
6 | this avoids nastly line wrap when we have long pathnames, and treats | ||
7 | each file as a separate item; | ||
8 | remove the .Pa too, since it is useless. | ||
9 | |||
1 | 20060103 | 10 | 20060103 |
2 | - (djm) [channels.c] clean up harmless merge error, from reyk@ | 11 | - (djm) [channels.c] clean up harmless merge error, from reyk@ |
3 | 12 | ||
@@ -3631,4 +3640,4 @@ | |||
3631 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 3640 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
3632 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 3641 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
3633 | 3642 | ||
3634 | $Id: ChangeLog,v 1.4073 2006/01/03 20:27:50 djm Exp $ | 3643 | $Id: ChangeLog,v 1.4074 2006/01/06 03:48:18 djm Exp $ |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: ssh.1,v 1.235 2006/01/02 12:31:06 jmc Exp $ | 37 | .\" $OpenBSD: ssh.1,v 1.236 2006/01/03 16:31:10 jmc Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSH 1 | 39 | .Dt SSH 1 |
40 | .Os | 40 | .Os |
@@ -1053,14 +1053,17 @@ For more information, see the | |||
1053 | option in | 1053 | option in |
1054 | .Xr sshd_config 5 . | 1054 | .Xr sshd_config 5 . |
1055 | .Sh FILES | 1055 | .Sh FILES |
1056 | .Bl -tag -width Ds | 1056 | .Bl -tag -width Ds -compact |
1057 | .It Pa ~/.ssh/known_hosts | 1057 | .It ~/.ssh/known_hosts |
1058 | Records host keys for all hosts the user has logged into that are not | 1058 | Records host keys for all hosts the user has logged into that are not |
1059 | in | 1059 | in |
1060 | .Pa /etc/ssh/ssh_known_hosts . | 1060 | .Pa /etc/ssh/ssh_known_hosts . |
1061 | See | 1061 | See |
1062 | .Xr sshd 8 . | 1062 | .Xr sshd 8 . |
1063 | .It Pa ~/.ssh/identity, ~/.ssh/id_dsa, ~/.ssh/id_rsa | 1063 | .Pp |
1064 | .It ~/.ssh/identity | ||
1065 | .It ~/.ssh/id_dsa | ||
1066 | .It ~/.ssh/id_rsa | ||
1064 | Contains the private key for authentication. | 1067 | Contains the private key for authentication. |
1065 | These files | 1068 | These files |
1066 | contain sensitive data and should be readable by the user but not | 1069 | contain sensitive data and should be readable by the user but not |
@@ -1070,20 +1073,25 @@ will simply ignore a private key file if it is accessible by others. | |||
1070 | It is possible to specify a passphrase when | 1073 | It is possible to specify a passphrase when |
1071 | generating the key which will be used to encrypt the | 1074 | generating the key which will be used to encrypt the |
1072 | sensitive part of this file using 3DES. | 1075 | sensitive part of this file using 3DES. |
1073 | .It Pa ~/.ssh/identity.pub, ~/.ssh/id_dsa.pub, ~/.ssh/id_rsa.pub | 1076 | .Pp |
1077 | .It ~/.ssh/identity.pub | ||
1078 | .It ~/.ssh/id_dsa.pub | ||
1079 | .It ~/.ssh/id_rsa.pub | ||
1074 | Contains the public key for authentication. | 1080 | Contains the public key for authentication. |
1075 | These files are not | 1081 | These files are not |
1076 | sensitive and can (but need not) be readable by anyone. | 1082 | sensitive and can (but need not) be readable by anyone. |
1077 | They are | 1083 | They are |
1078 | never used automatically and are not necessary: they are only provided for | 1084 | never used automatically and are not necessary: they are only provided for |
1079 | the convenience of the user. | 1085 | the convenience of the user. |
1080 | .It Pa ~/.ssh/config | 1086 | .Pp |
1087 | .It ~/.ssh/config | ||
1081 | This is the per-user configuration file. | 1088 | This is the per-user configuration file. |
1082 | The file format and configuration options are described in | 1089 | The file format and configuration options are described in |
1083 | .Xr ssh_config 5 . | 1090 | .Xr ssh_config 5 . |
1084 | Because of the potential for abuse, this file must have strict permissions: | 1091 | Because of the potential for abuse, this file must have strict permissions: |
1085 | read/write for the user, and not accessible by others. | 1092 | read/write for the user, and not accessible by others. |
1086 | .It Pa ~/.ssh/authorized_keys | 1093 | .Pp |
1094 | .It ~/.ssh/authorized_keys | ||
1087 | Lists the public keys (RSA/DSA) that can be used for logging in as this user. | 1095 | Lists the public keys (RSA/DSA) that can be used for logging in as this user. |
1088 | The format of this file is described in the | 1096 | The format of this file is described in the |
1089 | .Xr sshd 8 | 1097 | .Xr sshd 8 |
@@ -1093,7 +1101,8 @@ In the simplest form the format is the same as the | |||
1093 | identity files. | 1101 | identity files. |
1094 | This file is not highly sensitive, but the recommended | 1102 | This file is not highly sensitive, but the recommended |
1095 | permissions are read/write for the user, and not accessible by others. | 1103 | permissions are read/write for the user, and not accessible by others. |
1096 | .It Pa /etc/ssh/ssh_known_hosts | 1104 | .Pp |
1105 | .It /etc/ssh/ssh_known_hosts | ||
1097 | Systemwide list of known host keys. | 1106 | Systemwide list of known host keys. |
1098 | This file should be prepared by the | 1107 | This file should be prepared by the |
1099 | system administrator to contain the public host keys of all machines in the | 1108 | system administrator to contain the public host keys of all machines in the |
@@ -1116,11 +1125,15 @@ to verify the client host when logging in; other names are needed because | |||
1116 | does not convert the user-supplied name to a canonical name before | 1125 | does not convert the user-supplied name to a canonical name before |
1117 | checking the key, because someone with access to the name servers | 1126 | checking the key, because someone with access to the name servers |
1118 | would then be able to fool host authentication. | 1127 | would then be able to fool host authentication. |
1128 | .Pp | ||
1119 | .It Pa /etc/ssh/ssh_config | 1129 | .It Pa /etc/ssh/ssh_config |
1120 | Systemwide configuration file. | 1130 | Systemwide configuration file. |
1121 | The file format and configuration options are described in | 1131 | The file format and configuration options are described in |
1122 | .Xr ssh_config 5 . | 1132 | .Xr ssh_config 5 . |
1123 | .It Pa /etc/ssh/ssh_host_key, /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key | 1133 | .Pp |
1134 | .It /etc/ssh/ssh_host_key | ||
1135 | .It /etc/ssh/ssh_host_dsa_key | ||
1136 | .It /etc/ssh/ssh_host_rsa_key | ||
1124 | These three files contain the private parts of the host keys | 1137 | These three files contain the private parts of the host keys |
1125 | and are used for | 1138 | and are used for |
1126 | .Cm RhostsRSAAuthentication | 1139 | .Cm RhostsRSAAuthentication |
@@ -1143,7 +1156,8 @@ be setuid root when that authentication method is used. | |||
1143 | By default | 1156 | By default |
1144 | .Nm | 1157 | .Nm |
1145 | is not setuid root. | 1158 | is not setuid root. |
1146 | .It Pa ~/.rhosts | 1159 | .Pp |
1160 | .It ~/.rhosts | ||
1147 | This file is used in | 1161 | This file is used in |
1148 | .Cm RhostsRSAAuthentication | 1162 | .Cm RhostsRSAAuthentication |
1149 | and | 1163 | and |
@@ -1178,7 +1192,8 @@ The easiest way to do this is to | |||
1178 | connect back to the client from the server machine using ssh; this | 1192 | connect back to the client from the server machine using ssh; this |
1179 | will automatically add the host key to | 1193 | will automatically add the host key to |
1180 | .Pa ~/.ssh/known_hosts . | 1194 | .Pa ~/.ssh/known_hosts . |
1181 | .It Pa ~/.shosts | 1195 | .Pp |
1196 | .It ~/.shosts | ||
1182 | This file is used exactly the same way as | 1197 | This file is used exactly the same way as |
1183 | .Pa .rhosts . | 1198 | .Pa .rhosts . |
1184 | The purpose for | 1199 | The purpose for |
@@ -1190,7 +1205,8 @@ authentication without permitting login with | |||
1190 | .Xr rlogin | 1205 | .Xr rlogin |
1191 | or | 1206 | or |
1192 | .Xr rsh 1 . | 1207 | .Xr rsh 1 . |
1193 | .It Pa /etc/hosts.equiv | 1208 | .Pp |
1209 | .It /etc/hosts.equiv | ||
1194 | This file is used during | 1210 | This file is used during |
1195 | .Cm RhostsRSAAuthentication | 1211 | .Cm RhostsRSAAuthentication |
1196 | and | 1212 | and |
@@ -1205,20 +1221,23 @@ automatically permitted provided client and server user names are the | |||
1205 | same. | 1221 | same. |
1206 | Additionally, successful client host key authentication is required. | 1222 | Additionally, successful client host key authentication is required. |
1207 | This file should only be writable by root. | 1223 | This file should only be writable by root. |
1208 | .It Pa /etc/shosts.equiv | 1224 | .Pp |
1225 | .It /etc/shosts.equiv | ||
1209 | This file is processed exactly as | 1226 | This file is processed exactly as |
1210 | .Pa /etc/hosts.equiv . | 1227 | .Pa /etc/hosts.equiv . |
1211 | This file may be useful to permit logins using | 1228 | This file may be useful to permit logins using |
1212 | .Nm | 1229 | .Nm |
1213 | but not using rsh/rlogin. | 1230 | but not using rsh/rlogin. |
1214 | .It Pa /etc/ssh/sshrc | 1231 | .Pp |
1232 | .It /etc/ssh/sshrc | ||
1215 | Commands in this file are executed by | 1233 | Commands in this file are executed by |
1216 | .Nm | 1234 | .Nm |
1217 | when the user logs in just before the user's shell (or command) is started. | 1235 | when the user logs in just before the user's shell (or command) is started. |
1218 | See the | 1236 | See the |
1219 | .Xr sshd 8 | 1237 | .Xr sshd 8 |
1220 | manual page for more information. | 1238 | manual page for more information. |
1221 | .It Pa ~/.ssh/rc | 1239 | .Pp |
1240 | .It ~/.ssh/rc | ||
1222 | Commands in this file are executed by | 1241 | Commands in this file are executed by |
1223 | .Nm | 1242 | .Nm |
1224 | when the user logs in just before the user's shell (or command) is | 1243 | when the user logs in just before the user's shell (or command) is |
@@ -1226,7 +1245,8 @@ started. | |||
1226 | See the | 1245 | See the |
1227 | .Xr sshd 8 | 1246 | .Xr sshd 8 |
1228 | manual page for more information. | 1247 | manual page for more information. |
1229 | .It Pa ~/.ssh/environment | 1248 | .Pp |
1249 | .It ~/.ssh/environment | ||
1230 | Contains additional definitions for environment variables, see section | 1250 | Contains additional definitions for environment variables, see section |
1231 | .Sx ENVIRONMENT | 1251 | .Sx ENVIRONMENT |
1232 | above. | 1252 | above. |