diff options
author | Colin Watson <cjwatson@debian.org> | 2015-08-22 10:05:45 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2015-08-22 10:05:45 +0100 |
commit | 58ddb8ad21f21f5358db0204c4ba9abf94a1ca11 (patch) | |
tree | c55df1f23e6fa0fb87a96d8ec4c06a68c3a82b45 /sshd.0 | |
parent | 544df7a04ae5b5c1fc30be7c445ad685d7a02dc9 (diff) | |
parent | 1dc8d93ce69d6565747eb44446ed117187621b26 (diff) |
Import openssh_7.0p1.orig.tar.gz
Diffstat (limited to 'sshd.0')
-rw-r--r-- | sshd.0 | 15 |
1 files changed, 7 insertions, 8 deletions
@@ -87,12 +87,11 @@ DESCRIPTION | |||
87 | files for the different protocol versions and host key | 87 | files for the different protocol versions and host key |
88 | algorithms. | 88 | algorithms. |
89 | 89 | ||
90 | -i Specifies that sshd is being run from inetd(8). sshd is normally | 90 | -i Specifies that sshd is being run from inetd(8). If SSH protocol |
91 | not run from inetd because it needs to generate the server key | 91 | 1 is enabled, sshd should not normally be run from inetd because |
92 | before it can respond to the client, and this may take tens of | 92 | it needs to generate the server key before it can respond to the |
93 | seconds. Clients would have to wait too long if the key was | 93 | client, and this may take some time. Clients may have to wait |
94 | regenerated every time. However, with small key sizes (e.g. 512) | 94 | too long if the key was regenerated every time. |
95 | using sshd from inetd may be feasible. | ||
96 | 95 | ||
97 | -k key_gen_time | 96 | -k key_gen_time |
98 | Specifies how often the ephemeral protocol version 1 server key | 97 | Specifies how often the ephemeral protocol version 1 server key |
@@ -152,7 +151,7 @@ AUTHENTICATION | |||
152 | host-specific key, normally 2048 bits, used to identify the host. | 151 | host-specific key, normally 2048 bits, used to identify the host. |
153 | 152 | ||
154 | Forward security for protocol 1 is provided through an additional server | 153 | Forward security for protocol 1 is provided through an additional server |
155 | key, normally 768 bits, generated when the server starts. This key is | 154 | key, normally 1024 bits, generated when the server starts. This key is |
156 | normally regenerated every hour if it has been used, and is never stored | 155 | normally regenerated every hour if it has been used, and is never stored |
157 | on disk. Whenever a client connects, the daemon responds with its public | 156 | on disk. Whenever a client connects, the daemon responds with its public |
158 | host and server keys. The client compares the RSA host key against its | 157 | host and server keys. The client compares the RSA host key against its |
@@ -633,4 +632,4 @@ AUTHORS | |||
633 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | 632 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
634 | for privilege separation. | 633 | for privilege separation. |
635 | 634 | ||
636 | OpenBSD 5.7 May 1, 2015 OpenBSD 5.7 | 635 | OpenBSD 5.8 July 3, 2015 OpenBSD 5.8 |