diff options
| author | Colin Watson <cjwatson@debian.org> | 2015-08-22 10:05:45 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2015-08-22 10:05:45 +0100 |
| commit | 58ddb8ad21f21f5358db0204c4ba9abf94a1ca11 (patch) | |
| tree | c55df1f23e6fa0fb87a96d8ec4c06a68c3a82b45 /sshd.0 | |
| parent | 544df7a04ae5b5c1fc30be7c445ad685d7a02dc9 (diff) | |
| parent | 1dc8d93ce69d6565747eb44446ed117187621b26 (diff) | |
Import openssh_7.0p1.orig.tar.gz
Diffstat (limited to 'sshd.0')
| -rw-r--r-- | sshd.0 | 15 |
1 files changed, 7 insertions, 8 deletions
| @@ -87,12 +87,11 @@ DESCRIPTION | |||
| 87 | files for the different protocol versions and host key | 87 | files for the different protocol versions and host key |
| 88 | algorithms. | 88 | algorithms. |
| 89 | 89 | ||
| 90 | -i Specifies that sshd is being run from inetd(8). sshd is normally | 90 | -i Specifies that sshd is being run from inetd(8). If SSH protocol |
| 91 | not run from inetd because it needs to generate the server key | 91 | 1 is enabled, sshd should not normally be run from inetd because |
| 92 | before it can respond to the client, and this may take tens of | 92 | it needs to generate the server key before it can respond to the |
| 93 | seconds. Clients would have to wait too long if the key was | 93 | client, and this may take some time. Clients may have to wait |
| 94 | regenerated every time. However, with small key sizes (e.g. 512) | 94 | too long if the key was regenerated every time. |
| 95 | using sshd from inetd may be feasible. | ||
| 96 | 95 | ||
| 97 | -k key_gen_time | 96 | -k key_gen_time |
| 98 | Specifies how often the ephemeral protocol version 1 server key | 97 | Specifies how often the ephemeral protocol version 1 server key |
| @@ -152,7 +151,7 @@ AUTHENTICATION | |||
| 152 | host-specific key, normally 2048 bits, used to identify the host. | 151 | host-specific key, normally 2048 bits, used to identify the host. |
| 153 | 152 | ||
| 154 | Forward security for protocol 1 is provided through an additional server | 153 | Forward security for protocol 1 is provided through an additional server |
| 155 | key, normally 768 bits, generated when the server starts. This key is | 154 | key, normally 1024 bits, generated when the server starts. This key is |
| 156 | normally regenerated every hour if it has been used, and is never stored | 155 | normally regenerated every hour if it has been used, and is never stored |
| 157 | on disk. Whenever a client connects, the daemon responds with its public | 156 | on disk. Whenever a client connects, the daemon responds with its public |
| 158 | host and server keys. The client compares the RSA host key against its | 157 | host and server keys. The client compares the RSA host key against its |
| @@ -633,4 +632,4 @@ AUTHORS | |||
| 633 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | 632 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
| 634 | for privilege separation. | 633 | for privilege separation. |
| 635 | 634 | ||
| 636 | OpenBSD 5.7 May 1, 2015 OpenBSD 5.7 | 635 | OpenBSD 5.8 July 3, 2015 OpenBSD 5.8 |