diff options
author | Colin Watson <cjwatson@debian.org> | 2014-10-07 12:13:50 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-10-07 12:13:50 +0100 |
commit | 487bdb3a5ef6075887b830ccb8a0b14f6da78e93 (patch) | |
tree | a2cff6fec1e6c4b4153a170a3e172cfe6bfdec46 /sshd.8 | |
parent | 796ba4fd011b5d0d9d78d592ba2f30fc9d5ed2e7 (diff) | |
parent | 28453d58058a4d60c3ebe7d7f0c31a510cbf6158 (diff) |
Import openssh_6.7p1.orig.tar.gz
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 32 |
1 files changed, 7 insertions, 25 deletions
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd.8,v 1.273 2013/12/07 11:58:46 naddy Exp $ | 36 | .\" $OpenBSD: sshd.8,v 1.276 2014/07/03 22:40:43 djm Exp $ |
37 | .Dd $Mdocdate: December 7 2013 $ | 37 | .Dd $Mdocdate: July 3 2014 $ |
38 | .Dt SSHD 8 | 38 | .Dt SSHD 8 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -60,10 +60,7 @@ | |||
60 | .Nm | 60 | .Nm |
61 | (OpenSSH Daemon) is the daemon program for | 61 | (OpenSSH Daemon) is the daemon program for |
62 | .Xr ssh 1 . | 62 | .Xr ssh 1 . |
63 | Together these programs replace | 63 | Together these programs replace rlogin and rsh, |
64 | .Xr rlogin 1 | ||
65 | and | ||
66 | .Xr rsh 1 , | ||
67 | and provide secure encrypted communications between two untrusted hosts | 64 | and provide secure encrypted communications between two untrusted hosts |
68 | over an insecure network. | 65 | over an insecure network. |
69 | .Pp | 66 | .Pp |
@@ -411,7 +408,10 @@ Changes to user's home directory. | |||
411 | .It | 408 | .It |
412 | If | 409 | If |
413 | .Pa ~/.ssh/rc | 410 | .Pa ~/.ssh/rc |
414 | exists, runs it; else if | 411 | exists and the |
412 | .Xr sshd_config 5 | ||
413 | .Cm PermitUserRC | ||
414 | option is set, runs it; else if | ||
415 | .Pa /etc/ssh/sshrc | 415 | .Pa /etc/ssh/sshrc |
416 | exists, runs | 416 | exists, runs |
417 | it; otherwise runs xauth. | 417 | it; otherwise runs xauth. |
@@ -851,12 +851,6 @@ the user's home directory becomes accessible. | |||
851 | This file should be writable only by the user, and need not be | 851 | This file should be writable only by the user, and need not be |
852 | readable by anyone else. | 852 | readable by anyone else. |
853 | .Pp | 853 | .Pp |
854 | .It Pa /etc/hosts.allow | ||
855 | .It Pa /etc/hosts.deny | ||
856 | Access controls that should be enforced by tcp-wrappers are defined here. | ||
857 | Further details are described in | ||
858 | .Xr hosts_access 5 . | ||
859 | .Pp | ||
860 | .It Pa /etc/hosts.equiv | 854 | .It Pa /etc/hosts.equiv |
861 | This file is for host-based authentication (see | 855 | This file is for host-based authentication (see |
862 | .Xr ssh 1 ) . | 856 | .Xr ssh 1 ) . |
@@ -960,7 +954,6 @@ The content of this file is not sensitive; it can be world-readable. | |||
960 | .Xr ssh-keygen 1 , | 954 | .Xr ssh-keygen 1 , |
961 | .Xr ssh-keyscan 1 , | 955 | .Xr ssh-keyscan 1 , |
962 | .Xr chroot 2 , | 956 | .Xr chroot 2 , |
963 | .Xr hosts_access 5 , | ||
964 | .Xr login.conf 5 , | 957 | .Xr login.conf 5 , |
965 | .Xr moduli 5 , | 958 | .Xr moduli 5 , |
966 | .Xr sshd_config 5 , | 959 | .Xr sshd_config 5 , |
@@ -977,14 +970,3 @@ Markus Friedl contributed the support for SSH | |||
977 | protocol versions 1.5 and 2.0. | 970 | protocol versions 1.5 and 2.0. |
978 | Niels Provos and Markus Friedl contributed support | 971 | Niels Provos and Markus Friedl contributed support |
979 | for privilege separation. | 972 | for privilege separation. |
980 | .Sh CAVEATS | ||
981 | System security is not improved unless | ||
982 | .Nm rshd , | ||
983 | .Nm rlogind , | ||
984 | and | ||
985 | .Nm rexecd | ||
986 | are disabled (thus completely disabling | ||
987 | .Xr rlogin | ||
988 | and | ||
989 | .Xr rsh | ||
990 | into the machine). | ||