upstream: "Forward security" -> "Forward secrecy" since that's the

correct term. Add "MAC" since we use that acronym in other man pages. ok naddy@ OpenBSD-Commit-ID: c35529e511788586725fb63bda3459e10738c5f5
author: dtucker@openbsd.org <dtucker@openbsd.org> 2019-12-19 03:50:01 +0000
committer: Darren Tucker <dtucker@dtucker.net> 2019-12-20 14:25:08 +1100
commit: bc2dc091e0ac4ff6245c43a61ebe12c7e9ea0b7f (patch)
tree: db7f630456cb7bd83d32d24a5852fcc86f5865e4 /sshd.8
parent: e905f7260d72bc0e33ef5f10a0db737ff6e77ba7 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/sshd.8 b/sshd.8
index c052b8005..dc11a0d00 100644
--- a/sshd.8
+++ b/sshd.8
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.309 2019/12/17 16:21:07 naddy Exp $
+.\" $OpenBSD: sshd.8,v 1.310 2019/12/19 03:50:01 dtucker Exp $
-.Dd $Mdocdate: December 17 2019 $
+.Dd $Mdocdate: December 19 2019 $
 .Dt SSHD 8
 .Os
 .Sh NAME
@@ -253,13 +253,13 @@ Whenever a client connects, the daemon responds with its public
 host key.
 The client compares the
 host key against its own database to verify that it has not changed.
-Forward security is provided through a Diffie-Hellman key agreement.
+Forward secrecy is provided through a Diffie-Hellman key agreement.
 This key agreement results in a shared session key.
 The rest of the session is encrypted using a symmetric cipher.
 The client selects the encryption algorithm
 to use from those offered by the server.
 Additionally, session integrity is provided
-through a cryptographic message authentication code.
+through a cryptographic message authentication code (MAC).
 .Pp
 Finally, the server and the client enter an authentication dialog.
 The client tries to authenticate itself using
author	dtucker@openbsd.org <dtucker@openbsd.org>	2019-12-19 03:50:01 +0000
committer	Darren Tucker <dtucker@dtucker.net>	2019-12-20 14:25:08 +1100
commit	bc2dc091e0ac4ff6245c43a61ebe12c7e9ea0b7f (patch)
tree	db7f630456cb7bd83d32d24a5852fcc86f5865e4 /sshd.8
parent	e905f7260d72bc0e33ef5f10a0db737ff6e77ba7 (diff)

diff --git a/sshd.8 b/sshd.8 index c052b8005..dc11a0d00 100644 --- a/sshd.8 +++ b/sshd.8
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: sshd.8,v 1.309 2019/12/17 16:21:07 naddy Exp $	36	.\" $OpenBSD: sshd.8,v 1.310 2019/12/19 03:50:01 dtucker Exp $
37	.Dd $Mdocdate: December 17 2019 $	37	.Dd $Mdocdate: December 19 2019 $
38	.Dt SSHD 8	38	.Dt SSHD 8
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -253,13 +253,13 @@ Whenever a client connects, the daemon responds with its public
253	host key.	253	host key.
254	The client compares the	254	The client compares the
255	host key against its own database to verify that it has not changed.	255	host key against its own database to verify that it has not changed.
256	Forward security is provided through a Diffie-Hellman key agreement.	256	Forward secrecy is provided through a Diffie-Hellman key agreement.
257	This key agreement results in a shared session key.	257	This key agreement results in a shared session key.
258	The rest of the session is encrypted using a symmetric cipher.	258	The rest of the session is encrypted using a symmetric cipher.
259	The client selects the encryption algorithm	259	The client selects the encryption algorithm
260	to use from those offered by the server.	260	to use from those offered by the server.
261	Additionally, session integrity is provided	261	Additionally, session integrity is provided
262	through a cryptographic message authentication code.	262	through a cryptographic message authentication code (MAC).
263	.Pp	263	.Pp
264	Finally, the server and the client enter an authentication dialog.	264	Finally, the server and the client enter an authentication dialog.
265	The client tries to authenticate itself using	265	The client tries to authenticate itself using