- markus@cvs.openbsd.org 2001/06/22 21:55:49

[auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config ssh-keygen.1] merge authorized_keys2 into authorized_keys. authorized_keys2 is used for backward compat. (just append authorized_keys2 to authorized_keys).
author: Ben Lindstrom <mouring@eviladmin.org> 2001-06-25 04:17:12 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-06-25 04:17:12 +0000
commit: f96704d4ef4c55599d9999292abc1457e8153674 (patch)
tree: 3e3e8a85ae03df6a26b425b607496bac0949e8c0 /sshd.8
parent: ae1c51c208917198fd96f0aca209459f37001ea4 (diff)
1 files changed, 6 insertions, 35 deletions
diff --git a/sshd.8 b/sshd.8
index ee3f1164f..b6ac3d40a 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.129 2001/06/22 21:28:53 provos Exp $
+.\" $OpenBSD: sshd.8,v 1.130 2001/06/22 21:55:50 markus Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -345,20 +345,6 @@ is taken to be an absolute path or one relative to the user's home
 directory.
 The default is
 .Dq .ssh/authorized_keys
-.It Cm AuthorizedKeysFile2
-Specifies the file that contains the public keys that can be used
-for public key authentication in protocol version 2.
-.Cm AuthorizedKeysFile2
-may contain tokens of the form %T which are substituted during connection
-set-up. The following tokens are defined; %% is replaces by a literal '%',
-%h is replaced by the home directory of the user being authenticated and
-%u is replaced by the username of that user.
-After expansion,
-.Cm AuthorizedKeysFile2
-is taken to be an absolute path or one relative to the user's home
-directory.
-The default is
-.Dq .ssh/authorized_keys2
 .It Cm Banner
 In some jurisdictions, sending a warning message before authentication
 may be relevant for getting legal protection.
@@ -921,16 +907,11 @@ Runs user's shell or command.
 .El
 .Sh AUTHORIZED_KEYS FILE FORMAT
 .Pa $HOME/.ssh/authorized_keys
-is the default file that lists the RSA keys that are
+is the default file that lists the public keys that are
-permitted for RSA authentication in protocol version 1.
+permitted for RSA authentication in protocol version 1
-.Cm AuthorizedKeysFile
+and for public key authentication (PubkeyAuthentication)
-may be used to specify an alternative file.
-Similarly,
-.Pa $HOME/.ssh/authorized_keys2
-is the default file that lists the DSA and RSA keys that are
-permitted for public key authentication (PubkeyAuthentication)
 in protocol version 2.
-.Cm AuthorizedKeysFile2
+.Cm AuthorizedKeysFile
 may be used to specify an alternative file.
 .Pp
 Each line of the file contains one
@@ -1133,17 +1114,6 @@ concurrently for different ports, this contains the pid of the one
 started last).
 The content of this file is not sensitive; it can be world-readable.
 .It Pa $HOME/.ssh/authorized_keys
-Lists the RSA keys that can be used to log into the user's account.
-This file must be readable by root (which may on some machines imply
-it being world-readable if the user's home directory resides on an NFS
-volume).
-It is recommended that it not be accessible by others.
-The format of this file is described above.
-Users will place the contents of their
-.Pa identity.pub
-files into this file, as described in
-.Xr ssh-keygen 1 .
-.It Pa $HOME/.ssh/authorized_keys2
 Lists the public keys (RSA or DSA) that can be used to log into the user's account.
 This file must be readable by root (which may on some machines imply
 it being world-readable if the user's home directory resides on an NFS
@@ -1151,6 +1121,7 @@ volume).
 It is recommended that it not be accessible by others.
 The format of this file is described above.
 Users will place the contents of their
+.Pa identity.pub ,
 .Pa id_dsa.pub
 and/or
 .Pa id_rsa.pub
author	Ben Lindstrom <mouring@eviladmin.org>	2001-06-25 04:17:12 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-06-25 04:17:12 +0000
commit	f96704d4ef4c55599d9999292abc1457e8153674 (patch)
tree	3e3e8a85ae03df6a26b425b607496bac0949e8c0 /sshd.8
parent	ae1c51c208917198fd96f0aca209459f37001ea4 (diff)

diff --git a/sshd.8 b/sshd.8 index ee3f1164f..b6ac3d40a 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.129 2001/06/22 21:28:53 provos Exp $	37	.\" $OpenBSD: sshd.8,v 1.130 2001/06/22 21:55:50 markus Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -345,20 +345,6 @@ is taken to be an absolute path or one relative to the user's home
345	directory.	345	directory.
346	The default is	346	The default is
347	.Dq .ssh/authorized_keys	347	.Dq .ssh/authorized_keys
348	.It Cm AuthorizedKeysFile2
349	Specifies the file that contains the public keys that can be used
350	for public key authentication in protocol version 2.
351	.Cm AuthorizedKeysFile2
352	may contain tokens of the form %T which are substituted during connection
353	set-up. The following tokens are defined; %% is replaces by a literal '%',
354	%h is replaced by the home directory of the user being authenticated and
355	%u is replaced by the username of that user.
356	After expansion,
357	.Cm AuthorizedKeysFile2
358	is taken to be an absolute path or one relative to the user's home
359	directory.
360	The default is
361	.Dq .ssh/authorized_keys2
362	.It Cm Banner	348	.It Cm Banner
363	In some jurisdictions, sending a warning message before authentication	349	In some jurisdictions, sending a warning message before authentication
364	may be relevant for getting legal protection.	350	may be relevant for getting legal protection.
@@ -921,16 +907,11 @@ Runs user's shell or command.
921	.El	907	.El
922	.Sh AUTHORIZED_KEYS FILE FORMAT	908	.Sh AUTHORIZED_KEYS FILE FORMAT
923	.Pa $HOME/.ssh/authorized_keys	909	.Pa $HOME/.ssh/authorized_keys
924	is the default file that lists the RSA keys that are	910	is the default file that lists the public keys that are
925	permitted for RSA authentication in protocol version 1.	911	permitted for RSA authentication in protocol version 1
926	.Cm AuthorizedKeysFile	912	and for public key authentication (PubkeyAuthentication)
927	may be used to specify an alternative file.
928	Similarly,
929	.Pa $HOME/.ssh/authorized_keys2
930	is the default file that lists the DSA and RSA keys that are
931	permitted for public key authentication (PubkeyAuthentication)
932	in protocol version 2.	913	in protocol version 2.
933	.Cm AuthorizedKeysFile2	914	.Cm AuthorizedKeysFile
934	may be used to specify an alternative file.	915	may be used to specify an alternative file.
935	.Pp	916	.Pp
936	Each line of the file contains one	917	Each line of the file contains one
@@ -1133,17 +1114,6 @@ concurrently for different ports, this contains the pid of the one
1133	started last).	1114	started last).
1134	The content of this file is not sensitive; it can be world-readable.	1115	The content of this file is not sensitive; it can be world-readable.
1135	.It Pa $HOME/.ssh/authorized_keys	1116	.It Pa $HOME/.ssh/authorized_keys
1136	Lists the RSA keys that can be used to log into the user's account.
1137	This file must be readable by root (which may on some machines imply
1138	it being world-readable if the user's home directory resides on an NFS
1139	volume).
1140	It is recommended that it not be accessible by others.
1141	The format of this file is described above.
1142	Users will place the contents of their
1143	.Pa identity.pub
1144	files into this file, as described in
1145	.Xr ssh-keygen 1 .
1146	.It Pa $HOME/.ssh/authorized_keys2
1147	Lists the public keys (RSA or DSA) that can be used to log into the user's account.	1117	Lists the public keys (RSA or DSA) that can be used to log into the user's account.
1148	This file must be readable by root (which may on some machines imply	1118	This file must be readable by root (which may on some machines imply
1149	it being world-readable if the user's home directory resides on an NFS	1119	it being world-readable if the user's home directory resides on an NFS
@@ -1151,6 +1121,7 @@ volume).
1151	It is recommended that it not be accessible by others.	1121	It is recommended that it not be accessible by others.
1152	The format of this file is described above.	1122	The format of this file is described above.
1153	Users will place the contents of their	1123	Users will place the contents of their
		1124	.Pa identity.pub ,
1154	.Pa id_dsa.pub	1125	.Pa id_dsa.pub
1155	and/or	1126	and/or
1156	.Pa id_rsa.pub	1127	.Pa id_rsa.pub