- (djm) Big OpenBSD sync:

- markus@cvs.openbsd.org 2000/09/30 10:27:44 [log.c] allow loglevel debug - markus@cvs.openbsd.org 2000/10/03 11:59:57 [packet.c] hmac->mac - markus@cvs.openbsd.org 2000/10/03 12:03:03 [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c] move fake-auth from auth1.c to individual auth methods, disables s/key in debug-msg - markus@cvs.openbsd.org 2000/10/03 12:16:48 ssh.c do not resolve canonname, i have no idea why this was added oin ossh - markus@cvs.openbsd.org 2000/10/09 15:30:44 ssh-keygen.1 ssh-keygen.c -X now reads private ssh.com DSA keys, too. - markus@cvs.openbsd.org 2000/10/09 15:32:34 auth-options.c clear options on every call. - markus@cvs.openbsd.org 2000/10/09 15:51:00 authfd.c authfd.h interop with ssh-agent2, from <res@shore.net> - markus@cvs.openbsd.org 2000/10/10 14:20:45 compat.c use rexexp for version string matching - provos@cvs.openbsd.org 2000/10/10 22:02:18 [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h] First rough implementation of the diffie-hellman group exchange. The client can ask the server for bigger groups to perform the diffie-hellman in, thus increasing the attack complexity when using ciphers with longer keys. University of Windsor provided network, T the company. - markus@cvs.openbsd.org 2000/10/11 13:59:52 [auth-rsa.c auth2.c] clear auth options unless auth sucessfull - markus@cvs.openbsd.org 2000/10/11 14:00:27 [auth-options.h] clear auth options unless auth sucessfull - markus@cvs.openbsd.org 2000/10/11 14:03:27 [scp.1 scp.c] support 'scp -o' with help from mouring@pconline.com - markus@cvs.openbsd.org 2000/10/11 14:11:35 [dh.c] Wall - markus@cvs.openbsd.org 2000/10/11 14:14:40 [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h] [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h] add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me - markus@cvs.openbsd.org 2000/10/11 14:27:24 [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h] [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c] [sshconnect2.c sshd.c] new cipher framework - markus@cvs.openbsd.org 2000/10/11 14:45:21 [cipher.c] remove DES - markus@cvs.openbsd.org 2000/10/12 03:59:20 [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c] enable DES in SSH-1 clients only - markus@cvs.openbsd.org 2000/10/12 08:21:13 [kex.h packet.c] remove unused - markus@cvs.openbsd.org 2000/10/13 12:34:46 [sshd.c] Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se - markus@cvs.openbsd.org 2000/10/13 12:59:15 [cipher.c cipher.h myproposal.h rijndael.c rijndael.h] rijndael/aes support - markus@cvs.openbsd.org 2000/10/13 13:10:54 [sshd.8] more info about -V - markus@cvs.openbsd.org 2000/10/13 13:12:02 [myproposal.h] prefer no compression
author: Damien Miller <djm@mindrot.org> 2000-10-14 16:23:11 +1100
committer: Damien Miller <djm@mindrot.org> 2000-10-14 16:23:11 +1100
commit: 874d77bb134a21a5cf625956b60173376a993ba8 (patch)
tree: 93dd73b2ff1fbf0ad5f3978a2c4e0d8438a0bf7c /sshd.8
parent: 89d9796fbedef4eed6956a2c095c7cc25330c28d (diff)
1 files changed, 10 insertions, 6 deletions
diff --git a/sshd.8 b/sshd.8
index cd2a8e962..29ad2144a 100644
--- a/sshd.8
+++ b/sshd.8
@@ -186,7 +186,8 @@ The server sends verbose debug output to the system
 log, and does not put itself in the background.
 The server also will not fork and will only process one connection.
 This option is only intended for debugging for the server.
-Multiple -d options increases the debugging level. Maximum is 3.
+Multiple -d options increases the debugging level.
+Maximum is 3.
 .It Fl f Ar configuration_file
 Specifies the name of the configuration file.
 The default is
@@ -255,12 +256,13 @@ file.
 .It Fl Q
 Do not print an error message if RSA support is missing.
 .It Fl V Ar client_protocol_id
-SSH2 compatibility mode.
+SSH-2 compatibility mode.
 When this option is specified
 .Nm
 assumes the client has sent the supplied version string
 and skips the
 Protocol Version Identification Exchange.
+This option is not intended to be called directly.
 .It Fl 4
 Forces
 .Nm
@@ -424,7 +426,8 @@ Specifies whether Kerberos authentication is allowed.
 This can be in the form of a Kerberos ticket, or if
 .Cm PasswordAuthentication
 is yes, the password provided by the user will be validated through
-the Kerberos KDC.  To use this option, the server needs a 
+the Kerberos KDC.
+To use this option, the server needs a
 Kerberos servtab which allows the verification of the KDC's identity.
 Default is
 .Dq yes .
@@ -488,7 +491,7 @@ The default is 10.
 Alternatively, random early drop can be enabled by specifying
 the three colon separated values
 .Dq start:rate:full
-(e.g. "10:30:60").
+(e.g., "10:30:60").
 .Nm
 will refuse connection attempts with a probabillity of
 .Dq rate/100
@@ -610,8 +613,9 @@ directory or files world-writable.
 The default is
 .Dq yes .
 .It Cm Subsystem
-Configures an external subsystem (e.g. file transfer daemon).
+Configures an external subsystem (e.g., file transfer daemon).
-Arguments should be a subsystem name and a command to execute upon subsystem request. 
+Arguments should be a subsystem name and a command to execute upon subsystem
+request.
 The command
 .Xr sftp-server 8
 implements the
author	Damien Miller <djm@mindrot.org>	2000-10-14 16:23:11 +1100
committer	Damien Miller <djm@mindrot.org>	2000-10-14 16:23:11 +1100
commit	874d77bb134a21a5cf625956b60173376a993ba8 (patch)
tree	93dd73b2ff1fbf0ad5f3978a2c4e0d8438a0bf7c /sshd.8
parent	89d9796fbedef4eed6956a2c095c7cc25330c28d (diff)

diff --git a/sshd.8 b/sshd.8 index cd2a8e962..29ad2144a 100644 --- a/sshd.8 +++ b/sshd.8
@@ -186,7 +186,8 @@ The server sends verbose debug output to the system
186	log, and does not put itself in the background.	186	log, and does not put itself in the background.
187	The server also will not fork and will only process one connection.	187	The server also will not fork and will only process one connection.
188	This option is only intended for debugging for the server.	188	This option is only intended for debugging for the server.
189	Multiple -d options increases the debugging level. Maximum is 3.	189	Multiple -d options increases the debugging level.
		190	Maximum is 3.
190	.It Fl f Ar configuration_file	191	.It Fl f Ar configuration_file
191	Specifies the name of the configuration file.	192	Specifies the name of the configuration file.
192	The default is	193	The default is
@@ -255,12 +256,13 @@ file.
255	.It Fl Q	256	.It Fl Q
256	Do not print an error message if RSA support is missing.	257	Do not print an error message if RSA support is missing.
257	.It Fl V Ar client_protocol_id	258	.It Fl V Ar client_protocol_id
258	SSH2 compatibility mode.	259	SSH-2 compatibility mode.
259	When this option is specified	260	When this option is specified
260	.Nm	261	.Nm
261	assumes the client has sent the supplied version string	262	assumes the client has sent the supplied version string
262	and skips the	263	and skips the
263	Protocol Version Identification Exchange.	264	Protocol Version Identification Exchange.
		265	This option is not intended to be called directly.
264	.It Fl 4	266	.It Fl 4
265	Forces	267	Forces
266	.Nm	268	.Nm
@@ -424,7 +426,8 @@ Specifies whether Kerberos authentication is allowed.
424	This can be in the form of a Kerberos ticket, or if	426	This can be in the form of a Kerberos ticket, or if
425	.Cm PasswordAuthentication	427	.Cm PasswordAuthentication
426	is yes, the password provided by the user will be validated through	428	is yes, the password provided by the user will be validated through
427	the Kerberos KDC. To use this option, the server needs a	429	the Kerberos KDC.
		430	To use this option, the server needs a
428	Kerberos servtab which allows the verification of the KDC's identity.	431	Kerberos servtab which allows the verification of the KDC's identity.
429	Default is	432	Default is
430	.Dq yes .	433	.Dq yes .
@@ -488,7 +491,7 @@ The default is 10.
488	Alternatively, random early drop can be enabled by specifying	491	Alternatively, random early drop can be enabled by specifying
489	the three colon separated values	492	the three colon separated values
490	.Dq start:rate:full	493	.Dq start:rate:full
491	(e.g. "10:30:60").	494	(e.g., "10:30:60").
492	.Nm	495	.Nm
493	will refuse connection attempts with a probabillity of	496	will refuse connection attempts with a probabillity of
494	.Dq rate/100	497	.Dq rate/100
@@ -610,8 +613,9 @@ directory or files world-writable.
610	The default is	613	The default is
611	.Dq yes .	614	.Dq yes .
612	.It Cm Subsystem	615	.It Cm Subsystem
613	Configures an external subsystem (e.g. file transfer daemon).	616	Configures an external subsystem (e.g., file transfer daemon).
614	Arguments should be a subsystem name and a command to execute upon subsystem request.	617	Arguments should be a subsystem name and a command to execute upon subsystem
		618	request.
615	The command	619	The command
616	.Xr sftp-server 8	620	.Xr sftp-server 8
617	implements the	621	implements the