diff options
author | Colin Watson <cjwatson@debian.org> | 2020-06-07 10:19:24 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-06-07 11:03:12 +0100 |
commit | 30337f8b66c66af6b368d1e3c789e75f1247176c (patch) | |
tree | 17e0b8652fea31c04faa19ffc4cd088552ee473a /ssh.0 | |
parent | aef2be11c5ea90bc66e774923e6570213e54c195 (diff) | |
parent | 39b8d128ef980a410bb1ea0ee80e95ac9fff59c3 (diff) |
New upstream release (8.3p1)
Also update GSSAPI key exchange patch from
https://github.com/openssh-gsskex/openssh-gsskex.
Diffstat (limited to 'ssh.0')
-rw-r--r-- | ssh.0 | 27 |
1 files changed, 14 insertions, 13 deletions
@@ -109,7 +109,8 @@ DESCRIPTION | |||
109 | Specifies an alternative per-user configuration file. If a | 109 | Specifies an alternative per-user configuration file. If a |
110 | configuration file is given on the command line, the system-wide | 110 | configuration file is given on the command line, the system-wide |
111 | configuration file (/etc/ssh/ssh_config) will be ignored. The | 111 | configuration file (/etc/ssh/ssh_config) will be ignored. The |
112 | default for the per-user configuration file is ~/.ssh/config. | 112 | default for the per-user configuration file is ~/.ssh/config. If |
113 | set to M-bM-^@M-^\noneM-bM-^@M-^], no configuration files will be read. | ||
113 | 114 | ||
114 | -f Requests ssh to go to background just before command execution. | 115 | -f Requests ssh to go to background just before command execution. |
115 | This is useful if ssh is going to ask for passwords or | 116 | This is useful if ssh is going to ask for passwords or |
@@ -460,17 +461,17 @@ AUTHENTICATION | |||
460 | 461 | ||
461 | Host-based authentication works as follows: If the machine the user logs | 462 | Host-based authentication works as follows: If the machine the user logs |
462 | in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote | 463 | in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote |
463 | machine, and the user names are the same on both sides, or if the files | 464 | machine, the user is non-root and the user names are the same on both |
464 | ~/.rhosts or ~/.shosts exist in the user's home directory on the remote | 465 | sides, or if the files ~/.rhosts or ~/.shosts exist in the user's home |
465 | machine and contain a line containing the name of the client machine and | 466 | directory on the remote machine and contain a line containing the name of |
466 | the name of the user on that machine, the user is considered for login. | 467 | the client machine and the name of the user on that machine, the user is |
467 | Additionally, the server must be able to verify the client's host key | 468 | considered for login. Additionally, the server must be able to verify |
468 | (see the description of /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts, | 469 | the client's host key (see the description of /etc/ssh/ssh_known_hosts |
469 | below) for login to be permitted. This authentication method closes | 470 | and ~/.ssh/known_hosts, below) for login to be permitted. This |
470 | security holes due to IP spoofing, DNS spoofing, and routing spoofing. | 471 | authentication method closes security holes due to IP spoofing, DNS |
471 | [Note to the administrator: /etc/hosts.equiv, ~/.rhosts, and the | 472 | spoofing, and routing spoofing. [Note to the administrator: |
472 | rlogin/rsh protocol in general, are inherently insecure and should be | 473 | /etc/hosts.equiv, ~/.rhosts, and the rlogin/rsh protocol in general, are |
473 | disabled if security is desired.] | 474 | inherently insecure and should be disabled if security is desired.] |
474 | 475 | ||
475 | Public key authentication works as follows: The scheme is based on | 476 | Public key authentication works as follows: The scheme is based on |
476 | public-key cryptography, using cryptosystems where encryption and | 477 | public-key cryptography, using cryptosystems where encryption and |
@@ -988,4 +989,4 @@ AUTHORS | |||
988 | created OpenSSH. Markus Friedl contributed the support for SSH protocol | 989 | created OpenSSH. Markus Friedl contributed the support for SSH protocol |
989 | versions 1.5 and 2.0. | 990 | versions 1.5 and 2.0. |
990 | 991 | ||
991 | OpenBSD 6.6 February 7, 2020 OpenBSD 6.6 | 992 | OpenBSD 6.7 April 17, 2020 OpenBSD 6.7 |