Import OpenSSH 3.6p1.

1 files changed, 400 insertions, 0 deletions

diff --git a/ssh_config.0 b/ssh_config.0
new file mode 100644
index 000000000..559705343
--- /dev/null
+++ b/ssh_config.0
@@ -0,0 +1,400 @@
+SSH_CONFIG(5)               BSD File Formats Manual              SSH_CONFIG(5)
+
+^[[1mNAME^[[0m
+     ^[[1mssh_config ^[[22mM-bMM-^R OpenSSH SSH client configuration files
+
+^[[1mSYNOPSIS^[[0m
+     ^[[4m$HOME/.ssh/config^[[0m
+     ^[[4m/etc/ssh/ssh_config^[[0m
+
+^[[1mDESCRIPTION^[[0m
+     ^[[1mssh ^[[22mobtains configuration data from the following sources in the followM-bM-^@M-^P
+     ing order:
+           1.   commandM-bM-^@M-^Pline options
+           2.   userM-bM-^@M-^Ys configuration file (^[[4m$HOME/.ssh/config^[[24m)
+           3.   systemM-bM-^@M-^Pwide configuration file (^[[4m/etc/ssh/ssh_config^[[24m)
+
+     For each parameter, the first obtained value will be used.  The configuM-bM-^@M-^P
+     ration files contain sections bracketed by M-bM-^@M-^\HostM-bM-^@M-^] specifications, and
+     that section is only applied for hosts that match one of the patterns
+     given in the specification.  The matched host name is the one given on
+     the command line.
+
+     Since the first obtained value for each parameter is used, more hostM-bM-^@M-^PspeM-bM-^@M-^P
+     cific declarations should be given near the beginning of the file, and
+     general defaults at the end.
+
+     The configuration file has the following format:
+
+     Empty lines and lines starting with M-bM-^@M-^X#M-bM-^@M-^Y are comments.
+
+     Otherwise a line is of the format M-bM-^@M-^\keyword argumentsM-bM-^@M-^].  Configuration
+     options may be separated by whitespace or optional whitespace and exactly
+     one M-bM-^@M-^X=M-bM-^@M-^Y; the latter format is useful to avoid the need to quote whitesM-bM-^@M-^P
+     pace when specifying configuration options using the ^[[1mssh^[[22m, ^[[1mscp ^[[22mand ^[[1msftp M-bMM-^Ro^[[0m
+     option.
+
+     The possible keywords and their meanings are as follows (note that keyM-bM-^@M-^P
+     words are caseM-bM-^@M-^Pinsensitive and arguments are caseM-bM-^@M-^Psensitive):
+
+     ^[[1mHost    ^[[22mRestricts the following declarations (up to the next ^[[1mHost ^[[22mkeyM-bM-^@M-^P
+             word) to be only for those hosts that match one of the patterns
+             given after the keyword.  M-bM-^@M-^X*M-bM-^@M-^Y and M-bM-^@M-^XM-bM-^@M-^Y?  can be used as wildcards
+             in the patterns.  A single M-bM-^@M-^X*M-bM-^@M-^Y as a pattern can be used to proM-bM-^@M-^P
+             vide global defaults for all hosts.  The host is the ^[[4mhostname^[[0m
+             argument given on the command line (i.e., the name is not conM-bM-^@M-^P
+             verted to a canonicalized host name before matching).
+
+     ^[[1mAFSTokenPassing^[[0m
+             Specifies whether to pass AFS tokens to remote host.  The arguM-bM-^@M-^P
+             ment to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  This option applies
+             to protocol version 1 only.
+
+     ^[[1mBatchMode^[[0m
+             If set to M-bM-^@M-^\yesM-bM-^@M-^], passphrase/password querying will be disabled.
+             This option is useful in scripts and other batch jobs where no
+             user is present to supply the password.  The argument must be
+             M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
+
+     ^[[1mBindAddress^[[0m
+             Specify the interface to transmit from on machines with multiple
+             interfaces or aliased addresses.  Note that this option does not
+             work if ^[[1mUsePrivilegedPort ^[[22mis set to M-bM-^@M-^\yesM-bM-^@M-^].
+
+     ^[[1mChallengeResponseAuthentication^[[0m
+             Specifies whether to use challenge response authentication.  The
+             argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is
+             M-bM-^@M-^\yesM-bM-^@M-^].
+
+     ^[[1mCheckHostIP^[[0m
+             If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ssh will additionally check the
+             host IP address in the ^[[4mknown_hosts^[[24m file.  This allows ssh to
+             detect if a host key changed due to DNS spoofing.  If the option
+             is set to M-bM-^@M-^\noM-bM-^@M-^], the check will not be executed.  The default is
+             M-bM-^@M-^\yesM-bM-^@M-^].
+
+     ^[[1mCipher  ^[[22mSpecifies the cipher to use for encrypting the session in protoM-bM-^@M-^P
+             col version 1.  Currently, M-bM-^@M-^\blowfishM-bM-^@M-^], M-bM-^@M-^\3desM-bM-^@M-^], and M-bM-^@M-^\desM-bM-^@M-^] are supM-bM-^@M-^P
+             ported.  ^[[4mdes^[[24m is only supported in the ^[[1mssh ^[[22mclient for interoperM-bM-^@M-^P
+             ability with legacy protocol 1 implementations that do not supM-bM-^@M-^P
+             port the ^[[4m3des^[[24m cipher.  Its use is strongly discouraged due to
+             cryptographic weaknesses.  The default is M-bM-^@M-^\3desM-bM-^@M-^].
+
+     ^[[1mCiphers^[[0m
+             Specifies the ciphers allowed for protocol version 2 in order of
+             preference.  Multiple ciphers must be commaM-bM-^@M-^Pseparated.  The
+             default is
+
+               M-bM-^@M-^XM-bM-^@M-^Xaes128M-bM-^@M-^Pcbc,3desM-bM-^@M-^Pcbc,blowfishM-bM-^@M-^Pcbc,cast128M-bM-^@M-^Pcbc,arcfour,
+                 aes192M-bM-^@M-^Pcbc,aes256M-bM-^@M-^PcbcM-bM-^@M-^YM-bM-^@M-^Y
+
+     ^[[1mClearAllForwardings^[[0m
+             Specifies that all local, remote and dynamic port forwardings
+             specified in the configuration files or on the command line be
+             cleared.  This option is primarily useful when used from the ^[[1mssh^[[0m
+             command line to clear port forwardings set in configuration
+             files, and is automatically set by scp(1) and sftp(1).  The arguM-bM-^@M-^P
+             ment must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
+
+     ^[[1mCompression^[[0m
+             Specifies whether to use compression.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^]
+             or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
+
+     ^[[1mCompressionLevel^[[0m
+             Specifies the compression level to use if compression is enabled.
+             The argument must be an integer from 1 (fast) to 9 (slow, best).
+             The default level is 6, which is good for most applications.  The
+             meaning of the values is the same as in gzip(1).  Note that this
+             option applies to protocol version 1 only.
+
+     ^[[1mConnectionAttempts^[[0m
+             Specifies the number of tries (one per second) to make before
+             exiting.  The argument must be an integer.  This may be useful in
+             scripts if the connection sometimes fails.  The default is 1.
+
+     ^[[1mDynamicForward^[[0m
+             Specifies that a TCP/IP port on the local machine be forwarded
+             over the secure channel, and the application protocol is then
+             used to determine where to connect to from the remote machine.
+             The argument must be a port number.  Currently the SOCKS4 protoM-bM-^@M-^P
+             col is supported, and ^[[1mssh ^[[22mwill act as a SOCKS4 server.  Multiple
+             forwardings may be specified, and additional forwardings can be
+             given on the command line.  Only the superuser can forward priviM-bM-^@M-^P
+             leged ports.
+
+     ^[[1mEscapeChar^[[0m
+             Sets the escape character (default: M-bM-^@M-^X~M-bM-^@M-^Y).  The escape character
+             can also be set on the command line.  The argument should be a
+             single character, M-bM-^@M-^X^M-bM-^@M-^Y followed by a letter, or M-bM-^@M-^\noneM-bM-^@M-^] to disable
+             the escape character entirely (making the connection transparent
+             for binary data).
+
+     ^[[1mForwardAgent^[[0m
+             Specifies whether the connection to the authentication agent (if
+             any) will be forwarded to the remote machine.  The argument must
+             be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
+
+             Agent forwarding should be enabled with caution.  Users with the
+             ability to bypass file permissions on the remote host (for the
+             agentM-bM-^@M-^Ys UnixM-bM-^@M-^Pdomain socket) can access the local agent through
+             the forwarded connection.  An attacker cannot obtain key material
+             from the agent, however they can perform operations on the keys
+             that enable them to authenticate using the identities loaded into
+             the agent.
+
+     ^[[1mForwardX11^[[0m
+             Specifies whether X11 connections will be automatically rediM-bM-^@M-^P
+             rected over the secure channel and DISPLAY set.  The argument
+             must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
+
+             X11 forwarding should be enabled with caution.  Users with the
+             ability to bypass file permissions on the remote host (for the
+             userM-bM-^@M-^Ys X authorization database) can access the local X11 display
+             through the forwarded connection.  An attacker may then be able
+             to perform activities such as keystroke monitoring.
+
+     ^[[1mGatewayPorts^[[0m
+             Specifies whether remote hosts are allowed to connect to local
+             forwarded ports.  By default, ^[[1mssh ^[[22mbinds local port forwardings to
+             the loopback address.  This prevents other remote hosts from conM-bM-^@M-^P
+             necting to forwarded ports.  ^[[1mGatewayPorts ^[[22mcan be used to specify
+             that ^[[1mssh ^[[22mshould bind local port forwardings to the wildcard
+             address, thus allowing remote hosts to connect to forwarded
+             ports.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
+
+     ^[[1mGlobalKnownHostsFile^[[0m
+             Specifies a file to use for the global host key database instead
+             of ^[[4m/etc/ssh/ssh_known_hosts^[[24m.
+
+     ^[[1mHostbasedAuthentication^[[0m
+             Specifies whether to try rhosts based authentication with public
+             key authentication.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The
+             default is M-bM-^@M-^\noM-bM-^@M-^].  This option applies to protocol version 2 only
+             and is similar to ^[[1mRhostsRSAAuthentication^[[22m.
+
+     ^[[1mHostKeyAlgorithms^[[0m
+             Specifies the protocol version 2 host key algorithms that the
+             client wants to use in order of preference.  The default for this
+             option is: M-bM-^@M-^\sshM-bM-^@M-^Prsa,sshM-bM-^@M-^PdssM-bM-^@M-^].
+
+     ^[[1mHostKeyAlias^[[0m
+             Specifies an alias that should be used instead of the real host
+             name when looking up or saving the host key in the host key
+             database files.  This option is useful for tunneling ssh connecM-bM-^@M-^P
+             tions or for multiple servers running on a single host.
+
+     ^[[1mHostName^[[0m
+             Specifies the real host name to log into.  This can be used to
+             specify nicknames or abbreviations for hosts.  Default is the
+             name given on the command line.  Numeric IP addresses are also
+             permitted (both on the command line and in ^[[1mHostName ^[[22mspecificaM-bM-^@M-^P
+             tions).
+
+     ^[[1mIdentityFile^[[0m
+             Specifies a file from which the userM-bM-^@M-^Ys RSA or DSA authentication
+             identity is read. The default is ^[[4m$HOME/.ssh/identity^[[24m for protocol
+             version 1, and ^[[4m$HOME/.ssh/id_rsa^[[24m and ^[[4m$HOME/.ssh/id_dsa^[[24m for protoM-bM-^@M-^P
+             col version 2.  Additionally, any identities represented by the
+             authentication agent will be used for authentication.  The file
+             name may use the tilde syntax to refer to a userM-bM-^@M-^Ys home direcM-bM-^@M-^P
+             tory.  It is possible to have multiple identity files specified
+             in configuration files; all these identities will be tried in
+             sequence.
+
+     ^[[1mKeepAlive^[[0m
+             Specifies whether the system should send TCP keepalive messages
+             to the other side.  If they are sent, death of the connection or
+             crash of one of the machines will be properly noticed.  However,
+             this means that connections will die if the route is down temM-bM-^@M-^P
+             porarily, and some people find it annoying.
+
+             The default is M-bM-^@M-^\yesM-bM-^@M-^] (to send keepalives), and the client will
+             notice if the network goes down or the remote host dies.  This is
+             important in scripts, and many users want it too.
+
+             To disable keepalives, the value should be set to M-bM-^@M-^\noM-bM-^@M-^].
+
+     ^[[1mKerberosAuthentication^[[0m
+             Specifies whether Kerberos authentication will be used.  The
+             argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].
+
+     ^[[1mKerberosTgtPassing^[[0m
+             Specifies whether a Kerberos TGT will be forwarded to the server.
+             This will only work if the Kerberos server is actually an AFS
+             kaserver.  The argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].
+
+     ^[[1mLocalForward^[[0m
+             Specifies that a TCP/IP port on the local machine be forwarded
+             over the secure channel to the specified host and port from the
+             remote machine.  The first argument must be a port number, and
+             the second must be ^[[4mhost:port^[[24m.  IPv6 addresses can be specified
+             with an alternative syntax: ^[[4mhost/port^[[24m.  Multiple forwardings may
+             be specified, and additional forwardings can be given on the comM-bM-^@M-^P
+             mand line.  Only the superuser can forward privileged ports.
+
+     ^[[1mLogLevel^[[0m
+             Gives the verbosity level that is used when logging messages from
+             ^[[1mssh^[[22m.  The possible values are: QUIET, FATAL, ERROR, INFO, VERM-bM-^@M-^P
+             BOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.  The default is INFO.
+             DEBUG and DEBUG1 are equivalent.  DEBUG2 and DEBUG3 each specify
+             higher levels of verbose output.
+
+     ^[[1mMACs    ^[[22mSpecifies the MAC (message authentication code) algorithms in
+             order of preference.  The MAC algorithm is used in protocol verM-bM-^@M-^P
+             sion 2 for data integrity protection.  Multiple algorithms must
+             be commaM-bM-^@M-^Pseparated.  The default is
+             M-bM-^@M-^\hmacM-bM-^@M-^Pmd5,hmacM-bM-^@M-^Psha1,hmacM-bM-^@M-^Pripemd160,hmacM-bM-^@M-^Psha1M-bM-^@M-^P96,hmacM-bM-^@M-^Pmd5M-bM-^@M-^P96M-bM-^@M-^].
+
+     ^[[1mNoHostAuthenticationForLocalhost^[[0m
+             This option can be used if the home directory is shared across
+             machines.  In this case localhost will refer to a different
+             machine on each of the machines and the user will get many warnM-bM-^@M-^P
+             ings about changed host keys.  However, this option disables host
+             authentication for localhost.  The argument to this keyword must
+             be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is to check the host key for
+             localhost.
+
+     ^[[1mNumberOfPasswordPrompts^[[0m
+             Specifies the number of password prompts before giving up.  The
+             argument to this keyword must be an integer.  Default is 3.
+
+     ^[[1mPasswordAuthentication^[[0m
+             Specifies whether to use password authentication.  The argument
+             to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\yesM-bM-^@M-^].
+
+     ^[[1mPort    ^[[22mSpecifies the port number to connect on the remote host.  Default
+             is 22.
+
+     ^[[1mPreferredAuthentications^[[0m
+             Specifies the order in which the client should try protocol 2
+             authentication methods. This allows a client to prefer one method
+             (e.g.  ^[[1mkeyboardM-bM-^@M-^Pinteractive^[[22m) over another method (e.g.  ^[[1mpassword^[[22m)
+             The default for this option is:
+             M-bM-^@M-^\hostbased,publickey,keyboardM-bM-^@M-^Pinteractive,passwordM-bM-^@M-^].
+
+     ^[[1mProtocol^[[0m
+             Specifies the protocol versions ^[[1mssh ^[[22mshould support in order of
+             preference.  The possible values are M-bM-^@M-^\1M-bM-^@M-^] and M-bM-^@M-^\2M-bM-^@M-^].  Multiple verM-bM-^@M-^P
+             sions must be commaM-bM-^@M-^Pseparated.  The default is M-bM-^@M-^\2,1M-bM-^@M-^].  This means
+             that ^[[1mssh ^[[22mtries version 2 and falls back to version 1 if version 2
+             is not available.
+
+     ^[[1mProxyCommand^[[0m
+             Specifies the command to use to connect to the server.  The comM-bM-^@M-^P
+             mand string extends to the end of the line, and is executed with
+             ^[[4m/bin/sh^[[24m.  In the command string, M-bM-^@M-^X%hM-bM-^@M-^Y will be substituted by the
+             host name to connect and M-bM-^@M-^X%pM-bM-^@M-^Y by the port.  The command can be
+             basically anything, and should read from its standard input and
+             write to its standard output.  It should eventually connect an
+             sshd(8) server running on some machine, or execute ^[[1msshd M-bM-^@M-^Pi ^[[22msomeM-bM-^@M-^P
+             where.  Host key management will be done using the HostName of
+             the host being connected (defaulting to the name typed by the
+             user).  Setting the command to M-bM-^@M-^\noneM-bM-^@M-^] disables this option
+             entirely.  Note that ^[[1mCheckHostIP ^[[22mis not available for connects
+             with a proxy command.
+
+     ^[[1mPubkeyAuthentication^[[0m
+             Specifies whether to try public key authentication.  The argument
+             to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\yesM-bM-^@M-^].
+             This option applies to protocol version 2 only.
+
+     ^[[1mRemoteForward^[[0m
+             Specifies that a TCP/IP port on the remote machine be forwarded
+             over the secure channel to the specified host and port from the
+             local machine.  The first argument must be a port number, and the
+             second must be ^[[4mhost:port^[[24m.  IPv6 addresses can be specified with
+             an alternative syntax: ^[[4mhost/port^[[24m.  Multiple forwardings may be
+             specified, and additional forwardings can be given on the command
+             line.  Only the superuser can forward privileged ports.
+
+     ^[[1mRhostsAuthentication^[[0m
+             Specifies whether to try rhosts based authentication.  Note that
+             this declaration only affects the client side and has no effect
+             whatsoever on security.  Most servers do not permit RhostsAuthenM-bM-^@M-^P
+             tication because it is not secure (see ^[[1mRhostsRSAAuthentication^[[22m).
+             The argument to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default
+             is M-bM-^@M-^\noM-bM-^@M-^].  This option applies to protocol version 1 only and
+             requires ^[[1mssh ^[[22mto be setuid root and ^[[1mUsePrivilegedPort ^[[22mto be set to
+             M-bM-^@M-^\yesM-bM-^@M-^].
+
+     ^[[1mRhostsRSAAuthentication^[[0m
+             Specifies whether to try rhosts based authentication with RSA
+             host authentication.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The
+             default is M-bM-^@M-^\noM-bM-^@M-^].  This option applies to protocol version 1 only
+             and requires ^[[1mssh ^[[22mto be setuid root.
+
+     ^[[1mRSAAuthentication^[[0m
+             Specifies whether to try RSA authentication.  The argument to
+             this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  RSA authentication will only
+             be attempted if the identity file exists, or an authentication
+             agent is running.  The default is M-bM-^@M-^\yesM-bM-^@M-^].  Note that this option
+             applies to protocol version 1 only.
+
+     ^[[1mSmartcardDevice^[[0m
+             Specifies which smartcard device to use. The argument to this
+             keyword is the device ^[[1mssh ^[[22mshould use to communicate with a smartM-bM-^@M-^P
+             card used for storing the userM-bM-^@M-^Ys private RSA key. By default, no
+             device is specified and smartcard support is not activated.
+
+     ^[[1mStrictHostKeyChecking^[[0m
+             If this flag is set to M-bM-^@M-^\yesM-bM-^@M-^], ^[[1mssh ^[[22mwill never automatically add
+             host keys to the ^[[4m$HOME/.ssh/known_hosts^[[24m file, and refuses to conM-bM-^@M-^P
+             nect to hosts whose host key has changed.  This provides maximum
+             protection against trojan horse attacks, however, can be annoying
+             when the ^[[4m/etc/ssh/ssh_known_hosts^[[24m file is poorly maintained, or
+             connections to new hosts are frequently made.  This option forces
+             the user to manually add all new hosts.  If this flag is set to
+             M-bM-^@M-^\noM-bM-^@M-^], ^[[1mssh ^[[22mwill automatically add new host keys to the user known
+             hosts files.  If this flag is set to M-bM-^@M-^\askM-bM-^@M-^], new host keys will be
+             added to the user known host files only after the user has conM-bM-^@M-^P
+             firmed that is what they really want to do, and ^[[1mssh ^[[22mwill refuse
+             to connect to hosts whose host key has changed.  The host keys of
+             known hosts will be verified automatically in all cases.  The
+             argument must be M-bM-^@M-^\yesM-bM-^@M-^], M-bM-^@M-^\noM-bM-^@M-^] or M-bM-^@M-^\askM-bM-^@M-^].  The default is M-bM-^@M-^\askM-bM-^@M-^].
+
+     ^[[1mUsePrivilegedPort^[[0m
+             Specifies whether to use a privileged port for outgoing connecM-bM-^@M-^P
+             tions.  The argument must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\noM-bM-^@M-^].
+             If set to M-bM-^@M-^\yesM-bM-^@M-^] ^[[1mssh ^[[22mmust be setuid root.  Note that this option
+             must be set to M-bM-^@M-^\yesM-bM-^@M-^] if ^[[1mRhostsAuthentication ^[[22mand
+             ^[[1mRhostsRSAAuthentication ^[[22mauthentications are needed with older
+             servers.
+
+     ^[[1mUser    ^[[22mSpecifies the user to log in as.  This can be useful when a difM-bM-^@M-^P
+             ferent user name is used on different machines.  This saves the
+             trouble of having to remember to give the user name on the comM-bM-^@M-^P
+             mand line.
+
+     ^[[1mUserKnownHostsFile^[[0m
+             Specifies a file to use for the user host key database instead of
+             ^[[4m$HOME/.ssh/known_hosts^[[24m.
+
+     ^[[1mXAuthLocation^[[0m
+             Specifies the full pathname of the xauth(1) program.  The default
+             is ^[[4m/usr/X11R6/bin/xauth^[[24m.
+
+^[[1mFILES^[[0m
+     $HOME/.ssh/config
+             This is the perM-bM-^@M-^Puser configuration file.  The format of this file
+             is described above.  This file is used by the ^[[1mssh ^[[22mclient.  This
+             file does not usually contain any sensitive information, but the
+             recommended permissions are read/write for the user, and not
+             accessible by others.
+
+     /etc/ssh/ssh_config
+             Systemwide configuration file.  This file provides defaults for
+             those values that are not specified in the userM-bM-^@M-^Ys configuration
+             file, and for those users who do not have a configuration file.
+             This file must be worldM-bM-^@M-^Preadable.
+
+^[[1mAUTHORS^[[0m
+     OpenSSH is a derivative of the original and free ssh 1.2.12 release by
+     Tatu Ylonen.  Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
+     de Raadt and Dug Song removed many bugs, reM-bM-^@M-^Padded newer features and creM-bM-^@M-^P
+     ated OpenSSH.  Markus Friedl contributed the support for SSH protocol
+     versions 1.5 and 2.0.
+
+^[[1mSEE ALSO^[[0m
+     ssh(1)
+
+BSD                           September 25, 1999                           BSD