- (djm) OpenBSD CVS Sync

- jmc@cvs.openbsd.org 2006/01/06 13:27:32 [ssh.1] weed out some duplicate info in the known_hosts FILES entries; ok djm
author: Damien Miller <djm@mindrot.org> 2006-01-14 10:08:36 +1100
committer: Damien Miller <djm@mindrot.org> 2006-01-14 10:08:36 +1100
commit: e87eb4ce3ce4711b94a72d729352c240047f17c1 (patch)
tree: 58d96caeccf5ebf3bf5c7228722ab1da1c4c1513 /ssh.1
parent: e78c6ce8cfe5a31db0090f91728d3b14e9875cd5 (diff)
1 files changed, 8 insertions, 22 deletions
diff --git a/ssh.1 b/ssh.1
index 789e94733..cfe1655e6 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.243 2006/01/04 19:50:09 jmc Exp $
+.\" $OpenBSD: ssh.1,v 1.244 2006/01/06 13:27:32 jmc Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -1120,11 +1120,11 @@ never used automatically and are not necessary: they are only provided for
 the convenience of the user.
 .Pp
 .It ~/.ssh/known_hosts
-Records host keys for all hosts the user has logged into that are not
+Contains a list of host keys for all hosts the user has logged into
-in
+that are not already in the systemwide list of known host keys.
-.Pa /etc/ssh/ssh_known_hosts .
 See
-.Xr sshd 8 .
+.Xr sshd 8
+for further details of the format of this file.
 .Pp
 .It ~/.ssh/rc
 Commands in this file are executed by
@@ -1181,24 +1181,10 @@ Systemwide list of known host keys.
 This file should be prepared by the
 system administrator to contain the public host keys of all machines in the
 organization.
-This file should be world-readable.
+It should be world-readable.
-This file contains
+See
-public keys, one per line, in the following format (fields separated
-by spaces): system name, public key and optional comment field.
-When different names are used
-for the same machine, all such names should be listed, separated by
-commas.
-The format is described in the
-.Xr sshd 8
-manual page.
-.Pp
-The canonical system name (as returned by name servers) is used by
 .Xr sshd 8
-to verify the client host when logging in; other names are needed because
+for further details of the format of this file.
-.Nm
-does not convert the user-supplied name to a canonical name before
-checking the key, because someone with access to the name servers
-would then be able to fool host authentication.
 .Pp
 .It /etc/ssh/sshrc
 Commands in this file are executed by
author	Damien Miller <djm@mindrot.org>	2006-01-14 10:08:36 +1100
committer	Damien Miller <djm@mindrot.org>	2006-01-14 10:08:36 +1100
commit	e87eb4ce3ce4711b94a72d729352c240047f17c1 (patch)
tree	58d96caeccf5ebf3bf5c7228722ab1da1c4c1513 /ssh.1
parent	e78c6ce8cfe5a31db0090f91728d3b14e9875cd5 (diff)

diff --git a/ssh.1 b/ssh.1 index 789e94733..cfe1655e6 100644 --- a/ssh.1 +++ b/ssh.1
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: ssh.1,v 1.243 2006/01/04 19:50:09 jmc Exp $	37	.\" $OpenBSD: ssh.1,v 1.244 2006/01/06 13:27:32 jmc Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSH 1	39	.Dt SSH 1
40	.Os	40	.Os
@@ -1120,11 +1120,11 @@ never used automatically and are not necessary: they are only provided for
1120	the convenience of the user.	1120	the convenience of the user.
1121	.Pp	1121	.Pp
1122	.It ~/.ssh/known_hosts	1122	.It ~/.ssh/known_hosts
1123	Records host keys for all hosts the user has logged into that are not	1123	Contains a list of host keys for all hosts the user has logged into
1124	in	1124	that are not already in the systemwide list of known host keys.
1125	.Pa /etc/ssh/ssh_known_hosts .
1126	See	1125	See
1127	.Xr sshd 8 .	1126	.Xr sshd 8
		1127	for further details of the format of this file.
1128	.Pp	1128	.Pp
1129	.It ~/.ssh/rc	1129	.It ~/.ssh/rc
1130	Commands in this file are executed by	1130	Commands in this file are executed by
@@ -1181,24 +1181,10 @@ Systemwide list of known host keys.
1181	This file should be prepared by the	1181	This file should be prepared by the
1182	system administrator to contain the public host keys of all machines in the	1182	system administrator to contain the public host keys of all machines in the
1183	organization.	1183	organization.
1184	This file should be world-readable.	1184	It should be world-readable.
1185	This file contains	1185	See
1186	public keys, one per line, in the following format (fields separated
1187	by spaces): system name, public key and optional comment field.
1188	When different names are used
1189	for the same machine, all such names should be listed, separated by
1190	commas.
1191	The format is described in the
1192	.Xr sshd 8
1193	manual page.
1194	.Pp
1195	The canonical system name (as returned by name servers) is used by
1196	.Xr sshd 8	1186	.Xr sshd 8
1197	to verify the client host when logging in; other names are needed because	1187	for further details of the format of this file.
1198	.Nm
1199	does not convert the user-supplied name to a canonical name before
1200	checking the key, because someone with access to the name servers
1201	would then be able to fool host authentication.
1202	.Pp	1188	.Pp
1203	.It /etc/ssh/sshrc	1189	.It /etc/ssh/sshrc
1204	Commands in this file are executed by	1190	Commands in this file are executed by