Debian release 3.6p1-1.

author: Colin Watson <cjwatson@debian.org> 2003-09-01 18:42:19 +0000
committer: Colin Watson <cjwatson@debian.org> 2003-09-01 18:42:19 +0000
commit: 8d6b7f4c46de3feb66f704ab483e51ea1a3bb0e1 (patch)
tree: 41fe3dd71501bbec5b0393f1536c925eaee180e9 /sshd.8
parent: f045c69060bfdd5cf8759a5f29d7008d02e4de5b (diff)
parent: 58bfa257481a1c6938ada9bbd38801cc45633fb0 (diff)
1 files changed, 19 insertions, 12 deletions
diff --git a/sshd.8 b/sshd.8
index 1605922fb..c1ac3343b 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.193 2002/09/24 20:59:44 todd Exp $
+.\" $OpenBSD: sshd.8,v 1.194 2003/01/31 21:54:40 jmc Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -43,6 +43,7 @@
 .Nd OpenSSH SSH daemon
 .Sh SYNOPSIS
 .Nm sshd
+.Bk -words
 .Op Fl deiqtD46
 .Op Fl b Ar bits
 .Op Fl f Ar config_file
@@ -52,6 +53,7 @@
 .Op Fl o Ar option
 .Op Fl p Ar port
 .Op Fl u Ar len
+.Ek
 .Sh DESCRIPTION
 .Nm
 (SSH Daemon) is the daemon program for
@@ -75,7 +77,7 @@ This implementation of
 .Nm
 supports both SSH protocol version 1 and 2 simultaneously.
 .Nm
-works as follows.
+works as follows:
 .Pp
 .Ss SSH protocol version 1
 .Pp
@@ -86,7 +88,7 @@ the daemon starts, it generates a server RSA key (normally 768 bits).
 This key is normally regenerated every hour if it has been used, and
 is never stored on disk.
 .Pp
-Whenever a client connects the daemon responds with its public
+Whenever a client connects, the daemon responds with its public
 host and server keys.
 The client compares the
 RSA host key against its own database to verify that it has not changed.
@@ -119,7 +121,7 @@ System security is not improved unless
 .Nm rshd ,
 .Nm rlogind ,
 and
-.Xr rexecd
+.Nm rexecd
 are disabled (thus completely disabling
 .Xr rlogin
 and
@@ -189,7 +191,9 @@ The server sends verbose debug output to the system
 log, and does not put itself in the background.
 The server also will not fork and will only process one connection.
 This option is only intended for debugging for the server.
-Multiple -d options increase the debugging level.
+Multiple
+.Fl d
+options increase the debugging level.
 Maximum is 3.
 .It Fl e
 When this option is specified,
@@ -225,7 +229,8 @@ the different protocol versions and host key algorithms.
 .It Fl i
 Specifies that
 .Nm
-is being run from inetd.
+is being run from
+.Xr inetd 8 .
 .Nm
 is normally not run
 from inetd because it needs to generate the server key before it can
@@ -285,7 +290,7 @@ should be put into the
 .Pa utmp
 file.
 .Fl u0
-is also be used to prevent
+may also be used to prevent
 .Nm
 from making DNS requests unless the authentication
 mechanism or configuration requires it.
@@ -449,7 +454,7 @@ authentication.
 The command supplied by the user (if any) is ignored.
 The command is run on a pty if the client requests a pty;
 otherwise it is run without a tty.
-If a 8-bit clean channel is required,
+If an 8-bit clean channel is required,
 one must not request a pty or should specify
 .Cm no-pty .
 A quote may be included in the command by quoting it with a backslash.
@@ -509,7 +514,7 @@ command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hu
 permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323
 .Sh SSH_KNOWN_HOSTS FILE FORMAT
 The
-.Pa /etc/ssh/ssh_known_hosts ,
+.Pa /etc/ssh/ssh_known_hosts
 and
 .Pa $HOME/.ssh/known_hosts
 files contain host public keys for all known hosts.
@@ -630,7 +635,7 @@ These files should be writable only by root/the owner.
 .Pa /etc/ssh/ssh_known_hosts
 should be world-readable, and
 .Pa $HOME/.ssh/known_hosts
-can but need not be world-readable.
+can, but need not be, world-readable.
 .It Pa /etc/nologin
 If this file exists,
 .Nm
@@ -647,7 +652,7 @@ Further details are described in
 This file contains host-username pairs, separated by a space, one per
 line.
 The given user on the corresponding host is permitted to log in
-without password.
+without a password.
 The same file is used by rlogind and rshd.
 The file must
 be writable only by the user; it is recommended that it not be
@@ -716,7 +721,9 @@ controlled via the
 .Cm PermitUserEnvironment
 option.
 .It Pa $HOME/.ssh/rc
-If this file exists, it is run with /bin/sh after reading the
+If this file exists, it is run with
+.Pa /bin/sh
+after reading the
 environment files but before starting the user's shell or command.
 It must not produce any output on stdout; stderr must be used
 instead.
author	Colin Watson <cjwatson@debian.org>	2003-09-01 18:42:19 +0000
committer	Colin Watson <cjwatson@debian.org>	2003-09-01 18:42:19 +0000
commit	8d6b7f4c46de3feb66f704ab483e51ea1a3bb0e1 (patch)
tree	41fe3dd71501bbec5b0393f1536c925eaee180e9 /sshd.8
parent	f045c69060bfdd5cf8759a5f29d7008d02e4de5b (diff)
parent	58bfa257481a1c6938ada9bbd38801cc45633fb0 (diff)

diff --git a/sshd.8 b/sshd.8 index 1605922fb..c1ac3343b 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.193 2002/09/24 20:59:44 todd Exp $	37	.\" $OpenBSD: sshd.8,v 1.194 2003/01/31 21:54:40 jmc Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -43,6 +43,7 @@
43	.Nd OpenSSH SSH daemon	43	.Nd OpenSSH SSH daemon
44	.Sh SYNOPSIS	44	.Sh SYNOPSIS
45	.Nm sshd	45	.Nm sshd
		46	.Bk -words
46	.Op Fl deiqtD46	47	.Op Fl deiqtD46
47	.Op Fl b Ar bits	48	.Op Fl b Ar bits
48	.Op Fl f Ar config_file	49	.Op Fl f Ar config_file
@@ -52,6 +53,7 @@
52	.Op Fl o Ar option	53	.Op Fl o Ar option
53	.Op Fl p Ar port	54	.Op Fl p Ar port
54	.Op Fl u Ar len	55	.Op Fl u Ar len
		56	.Ek
55	.Sh DESCRIPTION	57	.Sh DESCRIPTION
56	.Nm	58	.Nm
57	(SSH Daemon) is the daemon program for	59	(SSH Daemon) is the daemon program for
@@ -75,7 +77,7 @@ This implementation of
75	.Nm	77	.Nm
76	supports both SSH protocol version 1 and 2 simultaneously.	78	supports both SSH protocol version 1 and 2 simultaneously.
77	.Nm	79	.Nm
78	works as follows.	80	works as follows:
79	.Pp	81	.Pp
80	.Ss SSH protocol version 1	82	.Ss SSH protocol version 1
81	.Pp	83	.Pp
@@ -86,7 +88,7 @@ the daemon starts, it generates a server RSA key (normally 768 bits).
86	This key is normally regenerated every hour if it has been used, and	88	This key is normally regenerated every hour if it has been used, and
87	is never stored on disk.	89	is never stored on disk.
88	.Pp	90	.Pp
89	Whenever a client connects the daemon responds with its public	91	Whenever a client connects, the daemon responds with its public
90	host and server keys.	92	host and server keys.
91	The client compares the	93	The client compares the
92	RSA host key against its own database to verify that it has not changed.	94	RSA host key against its own database to verify that it has not changed.
@@ -119,7 +121,7 @@ System security is not improved unless
119	.Nm rshd ,	121	.Nm rshd ,
120	.Nm rlogind ,	122	.Nm rlogind ,
121	and	123	and
122	.Xr rexecd	124	.Nm rexecd
123	are disabled (thus completely disabling	125	are disabled (thus completely disabling
124	.Xr rlogin	126	.Xr rlogin
125	and	127	and
@@ -189,7 +191,9 @@ The server sends verbose debug output to the system
189	log, and does not put itself in the background.	191	log, and does not put itself in the background.
190	The server also will not fork and will only process one connection.	192	The server also will not fork and will only process one connection.
191	This option is only intended for debugging for the server.	193	This option is only intended for debugging for the server.
192	Multiple -d options increase the debugging level.	194	Multiple
		195	.Fl d
		196	options increase the debugging level.
193	Maximum is 3.	197	Maximum is 3.
194	.It Fl e	198	.It Fl e
195	When this option is specified,	199	When this option is specified,
@@ -225,7 +229,8 @@ the different protocol versions and host key algorithms.
225	.It Fl i	229	.It Fl i
226	Specifies that	230	Specifies that
227	.Nm	231	.Nm
228	is being run from inetd.	232	is being run from
		233	.Xr inetd 8 .
229	.Nm	234	.Nm
230	is normally not run	235	is normally not run
231	from inetd because it needs to generate the server key before it can	236	from inetd because it needs to generate the server key before it can
@@ -285,7 +290,7 @@ should be put into the
285	.Pa utmp	290	.Pa utmp
286	file.	291	file.
287	.Fl u0	292	.Fl u0
288	is also be used to prevent	293	may also be used to prevent
289	.Nm	294	.Nm
290	from making DNS requests unless the authentication	295	from making DNS requests unless the authentication
291	mechanism or configuration requires it.	296	mechanism or configuration requires it.
@@ -449,7 +454,7 @@ authentication.
449	The command supplied by the user (if any) is ignored.	454	The command supplied by the user (if any) is ignored.
450	The command is run on a pty if the client requests a pty;	455	The command is run on a pty if the client requests a pty;
451	otherwise it is run without a tty.	456	otherwise it is run without a tty.
452	If a 8-bit clean channel is required,	457	If an 8-bit clean channel is required,
453	one must not request a pty or should specify	458	one must not request a pty or should specify
454	.Cm no-pty .	459	.Cm no-pty .
455	A quote may be included in the command by quoting it with a backslash.	460	A quote may be included in the command by quoting it with a backslash.
@@ -509,7 +514,7 @@ command="dump /home",no-pty,no-port-forwarding 1024 33 23.\\|.\\|.\\|2323 backup.hu
509	permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\\|.\\|.\\|2323	514	permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\\|.\\|.\\|2323
510	.Sh SSH_KNOWN_HOSTS FILE FORMAT	515	.Sh SSH_KNOWN_HOSTS FILE FORMAT
511	The	516	The
512	.Pa /etc/ssh/ssh_known_hosts ,	517	.Pa /etc/ssh/ssh_known_hosts
513	and	518	and
514	.Pa $HOME/.ssh/known_hosts	519	.Pa $HOME/.ssh/known_hosts
515	files contain host public keys for all known hosts.	520	files contain host public keys for all known hosts.
@@ -630,7 +635,7 @@ These files should be writable only by root/the owner.
630	.Pa /etc/ssh/ssh_known_hosts	635	.Pa /etc/ssh/ssh_known_hosts
631	should be world-readable, and	636	should be world-readable, and
632	.Pa $HOME/.ssh/known_hosts	637	.Pa $HOME/.ssh/known_hosts
633	can but need not be world-readable.	638	can, but need not be, world-readable.
634	.It Pa /etc/nologin	639	.It Pa /etc/nologin
635	If this file exists,	640	If this file exists,
636	.Nm	641	.Nm
@@ -647,7 +652,7 @@ Further details are described in
647	This file contains host-username pairs, separated by a space, one per	652	This file contains host-username pairs, separated by a space, one per
648	line.	653	line.
649	The given user on the corresponding host is permitted to log in	654	The given user on the corresponding host is permitted to log in
650	without password.	655	without a password.
651	The same file is used by rlogind and rshd.	656	The same file is used by rlogind and rshd.
652	The file must	657	The file must
653	be writable only by the user; it is recommended that it not be	658	be writable only by the user; it is recommended that it not be
@@ -716,7 +721,9 @@ controlled via the
716	.Cm PermitUserEnvironment	721	.Cm PermitUserEnvironment
717	option.	722	option.
718	.It Pa $HOME/.ssh/rc	723	.It Pa $HOME/.ssh/rc
719	If this file exists, it is run with /bin/sh after reading the	724	If this file exists, it is run with
		725	.Pa /bin/sh
		726	after reading the
720	environment files but before starting the user's shell or command.	727	environment files but before starting the user's shell or command.
721	It must not produce any output on stdout; stderr must be used	728	It must not produce any output on stdout; stderr must be used
722	instead.	729	instead.