- (djm) Merge OpenBSD changes:

- markus@cvs.openbsd.org 2000/11/06 16:04:56 [channels.c channels.h clientloop.c nchan.c serverloop.c] [session.c ssh.c] agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi - markus@cvs.openbsd.org 2000/11/06 16:13:27 [ssh.c sshconnect.c sshd.c] do not disabled rhosts(rsa) if server port > 1024; from pekkas@netcore.fi - markus@cvs.openbsd.org 2000/11/06 16:16:35 [sshconnect.c] downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net - markus@cvs.openbsd.org 2000/11/09 18:04:40 [auth1.c] typo; from mouring@pconline.com - markus@cvs.openbsd.org 2000/11/12 12:03:28 [ssh-agent.c] off-by-one when removing a key from the agent - markus@cvs.openbsd.org 2000/11/12 12:50:39 [auth-rh-rsa.c auth2.c authfd.c authfd.h] [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] add support for RSA to SSH2. please test. there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. - (djm) Fix up Makefile and Redhat init script to create RSA host keys - (djm) Change to interim version
author: Damien Miller <djm@mindrot.org> 2000-11-13 22:57:25 +1100
committer: Damien Miller <djm@mindrot.org> 2000-11-13 22:57:25 +1100
commit: 0bc1bd814e3c2b5e92d6f595930051960d17f47f (patch)
tree: 176c7dc2844ecc2c1de0f72d221449556ffa5209 /sshd.8
parent: 559d383037b0872fcde4e6c40188b649c574be74 (diff)
1 files changed, 15 insertions, 15 deletions
diff --git a/sshd.8 b/sshd.8
index e53eebe82..823282018 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.70 2000/10/16 09:38:44 djm Exp $
+.\" $OpenBSD: sshd.8,v 1.72 2000/11/12 19:50:38 markus Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -144,7 +144,7 @@ through a cryptographic message authentication code
 (hmac-sha1 or hmac-md5).
 .Pp
 Protocol version 2 provides a public key based
-user authentication method (DSAAuthentication)
+user authentication method (PubkeyAuthentication)
 and conventional password authentication.
 .Pp
 .Ss Command execution and data forwarding
@@ -359,8 +359,8 @@ and
 can be used as wildcards in the patterns.
 Only user names are valid; a numerical user ID isn't recognized.
 By default login is allowed regardless of the user name.
-.It Cm DSAAuthentication
+.It Cm PubkeyAuthentication
-Specifies whether DSA authentication is allowed.
+Specifies whether public key authentication is allowed.
 The default is
 .Dq yes .
 Note that this option applies to protocol version 2 only.
@@ -373,20 +373,20 @@ or
 .Dq no .
 The default is
 .Dq no .
-.It Cm HostDSAKey
-Specifies the file containing the private DSA host key (default
-.Pa /etc/ssh_host_dsa_key )
-used by SSH protocol 2.0.
-Note that
-.Nm
-disables protocol 2.0 if this file is group/world-accessible.
 .It Cm HostKey
-Specifies the file containing the private RSA host key (default
+Specifies the file containing the private host keys (default
 .Pa /etc/ssh_host_key )
-used by SSH protocols 1.3 and 1.5.
+used by SSH protocol versions 1 and 2.
 Note that
 .Nm
-disables protocols 1.3 and 1.5 if this file is group/world-accessible.
+if this file is group/world-accessible.
+It is possible to have multiple host key files.
+.Dq rsa1
+keys are used for version 1 and
+.Dq dsa
+or
+.Dq rsa
+are used for version 2 of the SSH protocol.
 .It Cm IgnoreRhosts
 Specifies that
 .Pa .rhosts
@@ -1039,7 +1039,7 @@ This can be used to specify
 machine-specific login-time initializations globally.
 This file should be writable only by root, and should be world-readable.
 .El
-.Sh AUTHOR
+.Sh AUTHORS
 OpenSSH
 is a derivative of the original (free) ssh 1.2.12 release by Tatu Ylonen,
 but with bugs removed and newer features re-added.
author	Damien Miller <djm@mindrot.org>	2000-11-13 22:57:25 +1100
committer	Damien Miller <djm@mindrot.org>	2000-11-13 22:57:25 +1100
commit	0bc1bd814e3c2b5e92d6f595930051960d17f47f (patch)
tree	176c7dc2844ecc2c1de0f72d221449556ffa5209 /sshd.8
parent	559d383037b0872fcde4e6c40188b649c574be74 (diff)

diff --git a/sshd.8 b/sshd.8 index e53eebe82..823282018 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.70 2000/10/16 09:38:44 djm Exp $	37	.\" $OpenBSD: sshd.8,v 1.72 2000/11/12 19:50:38 markus Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -144,7 +144,7 @@ through a cryptographic message authentication code
144	(hmac-sha1 or hmac-md5).	144	(hmac-sha1 or hmac-md5).
145	.Pp	145	.Pp
146	Protocol version 2 provides a public key based	146	Protocol version 2 provides a public key based
147	user authentication method (DSAAuthentication)	147	user authentication method (PubkeyAuthentication)
148	and conventional password authentication.	148	and conventional password authentication.
149	.Pp	149	.Pp
150	.Ss Command execution and data forwarding	150	.Ss Command execution and data forwarding
@@ -359,8 +359,8 @@ and
359	can be used as wildcards in the patterns.	359	can be used as wildcards in the patterns.
360	Only user names are valid; a numerical user ID isn't recognized.	360	Only user names are valid; a numerical user ID isn't recognized.
361	By default login is allowed regardless of the user name.	361	By default login is allowed regardless of the user name.
362	.It Cm DSAAuthentication	362	.It Cm PubkeyAuthentication
363	Specifies whether DSA authentication is allowed.	363	Specifies whether public key authentication is allowed.
364	The default is	364	The default is
365	.Dq yes .	365	.Dq yes .
366	Note that this option applies to protocol version 2 only.	366	Note that this option applies to protocol version 2 only.
@@ -373,20 +373,20 @@ or
373	.Dq no .	373	.Dq no .
374	The default is	374	The default is
375	.Dq no .	375	.Dq no .
376	.It Cm HostDSAKey
377	Specifies the file containing the private DSA host key (default
378	.Pa /etc/ssh_host_dsa_key )
379	used by SSH protocol 2.0.
380	Note that
381	.Nm
382	disables protocol 2.0 if this file is group/world-accessible.
383	.It Cm HostKey	376	.It Cm HostKey
384	Specifies the file containing the private RSA host key (default	377	Specifies the file containing the private host keys (default
385	.Pa /etc/ssh_host_key )	378	.Pa /etc/ssh_host_key )
386	used by SSH protocols 1.3 and 1.5.	379	used by SSH protocol versions 1 and 2.
387	Note that	380	Note that
388	.Nm	381	.Nm
389	disables protocols 1.3 and 1.5 if this file is group/world-accessible.	382	if this file is group/world-accessible.
		383	It is possible to have multiple host key files.
		384	.Dq rsa1
		385	keys are used for version 1 and
		386	.Dq dsa
		387	or
		388	.Dq rsa
		389	are used for version 2 of the SSH protocol.
390	.It Cm IgnoreRhosts	390	.It Cm IgnoreRhosts
391	Specifies that	391	Specifies that
392	.Pa .rhosts	392	.Pa .rhosts
@@ -1039,7 +1039,7 @@ This can be used to specify
1039	machine-specific login-time initializations globally.	1039	machine-specific login-time initializations globally.
1040	This file should be writable only by root, and should be world-readable.	1040	This file should be writable only by root, and should be world-readable.
1041	.El	1041	.El
1042	.Sh AUTHOR	1042	.Sh AUTHORS
1043	OpenSSH	1043	OpenSSH
1044	is a derivative of the original (free) ssh 1.2.12 release by Tatu Ylonen,	1044	is a derivative of the original (free) ssh 1.2.12 release by Tatu Ylonen,
1045	but with bugs removed and newer features re-added.	1045	but with bugs removed and newer features re-added.