Import openssh_6.5p1.orig.tar.gz

author: Colin Watson <cjwatson@debian.org> 2014-02-10 00:18:28 +0000
committer: Colin Watson <cjwatson@debian.org> 2014-02-10 00:18:28 +0000
commit: 9a975a9faed7c4f334e8c8490db3e77e102f2b21 (patch)
tree: 764a885ec9a963f6a8b15de6e1765f16b9ac4738 /sshd_config.0
parent: ee196dab7c5f97f0b80c8099343a375bead92010 (diff)
parent: cdb6c90811caa5df2df856be9b0b16db020fe31d (diff)
1 files changed, 40 insertions, 26 deletions
diff --git a/sshd_config.0 b/sshd_config.0
index 5f1df7b58..5962b02b9 100644
--- a/sshd_config.0
+++ b/sshd_config.0
@@ -198,18 +198,25 @@ DESCRIPTION
     Ciphers
             Specifies the ciphers allowed for protocol version 2.  Multiple
-             ciphers must be comma-separated.  The supported ciphers are
+             ciphers must be comma-separated.  The supported ciphers are:
             ``3des-cbc'', ``aes128-cbc'', ``aes192-cbc'', ``aes256-cbc'',
             ``aes128-ctr'', ``aes192-ctr'', ``aes256-ctr'',
             ``aes128-gcm@openssh.com'', ``aes256-gcm@openssh.com'',
             ``arcfour128'', ``arcfour256'', ``arcfour'', ``blowfish-cbc'',
-             and ``cast128-cbc''.  The default is:
+             ``cast128-cbc'', and ``chacha20-poly1305@openssh.com''.
+             The default is:
                aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
                aes128-gcm@openssh.com,aes256-gcm@openssh.com,
+                chacha20-poly1305@openssh.com,
                aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
                aes256-cbc,arcfour
+             The list of available ciphers may also be obtained using the -Q
+             option of ssh(1).
     ClientAliveCountMax
             Sets the number of client alive messages (see below) which may be
             sent without sshd(8) receiving any messages back from the client.
@@ -325,15 +332,15 @@ DESCRIPTION
     HostKey
             Specifies a file containing a private host key used by SSH.  The
             default is /etc/ssh/ssh_host_key for protocol version 1, and
-             /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key and
+             /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key,
-             /etc/ssh/ssh_host_rsa_key for protocol version 2.  Note that
+             /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for
-             sshd(8) will refuse to use a file if it is group/world-
+             protocol version 2.  Note that sshd(8) will refuse to use a file
-             accessible.  It is possible to have multiple host key files.
+             if it is group/world-accessible.  It is possible to have multiple
-             ``rsa1'' keys are used for version 1 and ``dsa'', ``ecdsa'' or
+             host key files.  ``rsa1'' keys are used for version 1 and
-             ``rsa'' are used for version 2 of the SSH protocol.  It is also
+             ``dsa'', ``ecdsa'', ``ed25519'' or ``rsa'' are used for version 2
-             possible to specify public host key files instead.  In this case
+             of the SSH protocol.  It is also possible to specify public host
-             operations on the private key will be delegated to an
+             key files instead.  In this case operations on the private key
-             ssh-agent(1).
+             will be delegated to an ssh-agent(1).
     HostKeyAgent
             Identifies the UNIX-domain socket used to communicate with an
@@ -391,10 +398,13 @@ DESCRIPTION
     KexAlgorithms
             Specifies the available KEX (Key Exchange) algorithms.  Multiple
             algorithms must be comma-separated.  The default is
-             ``ecdh-sha2-nistp256'', ``ecdh-sha2-nistp384'',
-             ``ecdh-sha2-nistp521'', ``diffie-hellman-group-exchange-sha256'',
+                   curve25519-sha256@libssh.org,
-             ``diffie-hellman-group-exchange-sha1'',
+                   ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
-             ``diffie-hellman-group14-sha1'', ``diffie-hellman-group1-sha1''.
+                   diffie-hellman-group-exchange-sha256,
+                   diffie-hellman-group-exchange-sha1,
+                   diffie-hellman-group14-sha1,
+                   diffie-hellman-group1-sha1
     KeyRegenerationInterval
             In protocol version 1, the ephemeral server key is automatically
@@ -452,12 +462,12 @@ DESCRIPTION
             override those set in the global section of the config file,
             until either another Match line or the end of the file.
-             The arguments to Match are one or more criteria-pattern pairs.
+             The arguments to Match are one or more criteria-pattern pairs or
-             The available criteria are User, Group, Host, LocalAddress,
+             the single token All which matches all criteria.  The available
-             LocalPort, and Address.  The match patterns may consist of single
+             criteria are User, Group, Host, LocalAddress, LocalPort, and
-             entries or comma-separated lists and may use the wildcard and
+             Address.  The match patterns may consist of single entries or
-             negation operators described in the PATTERNS section of
+             comma-separated lists and may use the wildcard and negation
-             ssh_config(5).
+             operators described in the PATTERNS section of ssh_config(5).
             The patterns in an Address criteria may additionally contain
             addresses to match in CIDR address/masklen format, e.g.
@@ -477,10 +487,10 @@ DESCRIPTION
             HostbasedAuthentication, HostbasedUsesNameFromPacketOnly,
             KbdInteractiveAuthentication, KerberosAuthentication,
             MaxAuthTries, MaxSessions, PasswordAuthentication,
-             PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTunnel,
+             PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTTY,
-             PubkeyAuthentication, RekeyLimit, RhostsRSAAuthentication,
+             PermitTunnel, PubkeyAuthentication, RekeyLimit,
-             RSAAuthentication, X11DisplayOffset, X11Forwarding and
+             RhostsRSAAuthentication, RSAAuthentication, X11DisplayOffset,
-             X11UseLocalHost.
+             X11Forwarding and X11UseLocalHost.
     MaxAuthTries
             Specifies the maximum number of authentication attempts permitted
@@ -551,6 +561,10 @@ DESCRIPTION
             ``ethernet'' (layer 2), or ``no''.  Specifying ``yes'' permits
             both ``point-to-point'' and ``ethernet''.  The default is ``no''.
+     PermitTTY
+             Specifies whether pty(4) allocation is permitted.  The default is
+             ``yes''.
     PermitUserEnvironment
             Specifies whether ~/.ssh/environment and environment= options in
             ~/.ssh/authorized_keys are processed by sshd(8).  The default is
@@ -810,4 +824,4 @@ AUTHORS
     versions 1.5 and 2.0.  Niels Provos and Markus Friedl contributed support
     for privilege separation.
-OpenBSD 5.4                      July 19, 2013                     OpenBSD 5.4
+OpenBSD 5.4                    December 8, 2013                    OpenBSD 5.4
author	Colin Watson <cjwatson@debian.org>	2014-02-10 00:18:28 +0000
committer	Colin Watson <cjwatson@debian.org>	2014-02-10 00:18:28 +0000
commit	9a975a9faed7c4f334e8c8490db3e77e102f2b21 (patch)
tree	764a885ec9a963f6a8b15de6e1765f16b9ac4738 /sshd_config.0
parent	ee196dab7c5f97f0b80c8099343a375bead92010 (diff)
parent	cdb6c90811caa5df2df856be9b0b16db020fe31d (diff)

diff --git a/sshd_config.0 b/sshd_config.0 index 5f1df7b58..5962b02b9 100644 --- a/sshd_config.0 +++ b/sshd_config.0
@@ -198,18 +198,25 @@ DESCRIPTION
198		198
199	Ciphers	199	Ciphers
200	Specifies the ciphers allowed for protocol version 2. Multiple	200	Specifies the ciphers allowed for protocol version 2. Multiple
201	ciphers must be comma-separated. The supported ciphers are	201	ciphers must be comma-separated. The supported ciphers are:
		202
202	``3des-cbc'', ``aes128-cbc'', ``aes192-cbc'', ``aes256-cbc'',	203	``3des-cbc'', ``aes128-cbc'', ``aes192-cbc'', ``aes256-cbc'',
203	``aes128-ctr'', ``aes192-ctr'', ``aes256-ctr'',	204	``aes128-ctr'', ``aes192-ctr'', ``aes256-ctr'',
204	``aes128-gcm@openssh.com'', ``aes256-gcm@openssh.com'',	205	``aes128-gcm@openssh.com'', ``aes256-gcm@openssh.com'',
205	``arcfour128'', ``arcfour256'', ``arcfour'', ``blowfish-cbc'',	206	``arcfour128'', ``arcfour256'', ``arcfour'', ``blowfish-cbc'',
206	and ``cast128-cbc''. The default is:	207	``cast128-cbc'', and ``chacha20-poly1305@openssh.com''.
		208
		209	The default is:
207		210
208	aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,	211	aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
209	aes128-gcm@openssh.com,aes256-gcm@openssh.com,	212	aes128-gcm@openssh.com,aes256-gcm@openssh.com,
		213	chacha20-poly1305@openssh.com,
210	aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,	214	aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
211	aes256-cbc,arcfour	215	aes256-cbc,arcfour
212		216
		217	The list of available ciphers may also be obtained using the -Q
		218	option of ssh(1).
		219
213	ClientAliveCountMax	220	ClientAliveCountMax
214	Sets the number of client alive messages (see below) which may be	221	Sets the number of client alive messages (see below) which may be
215	sent without sshd(8) receiving any messages back from the client.	222	sent without sshd(8) receiving any messages back from the client.
@@ -325,15 +332,15 @@ DESCRIPTION
325	HostKey	332	HostKey
326	Specifies a file containing a private host key used by SSH. The	333	Specifies a file containing a private host key used by SSH. The
327	default is /etc/ssh/ssh_host_key for protocol version 1, and	334	default is /etc/ssh/ssh_host_key for protocol version 1, and
328	/etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key and	335	/etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key,
329	/etc/ssh/ssh_host_rsa_key for protocol version 2. Note that	336	/etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_rsa_key for
330	sshd(8) will refuse to use a file if it is group/world-	337	protocol version 2. Note that sshd(8) will refuse to use a file
331	accessible. It is possible to have multiple host key files.	338	if it is group/world-accessible. It is possible to have multiple
332	``rsa1'' keys are used for version 1 and ``dsa'', ``ecdsa'' or	339	host key files. ``rsa1'' keys are used for version 1 and
333	``rsa'' are used for version 2 of the SSH protocol. It is also	340	``dsa'', ``ecdsa'', ``ed25519'' or ``rsa'' are used for version 2
334	possible to specify public host key files instead. In this case	341	of the SSH protocol. It is also possible to specify public host
335	operations on the private key will be delegated to an	342	key files instead. In this case operations on the private key
336	ssh-agent(1).	343	will be delegated to an ssh-agent(1).
337		344
338	HostKeyAgent	345	HostKeyAgent
339	Identifies the UNIX-domain socket used to communicate with an	346	Identifies the UNIX-domain socket used to communicate with an
@@ -391,10 +398,13 @@ DESCRIPTION
391	KexAlgorithms	398	KexAlgorithms
392	Specifies the available KEX (Key Exchange) algorithms. Multiple	399	Specifies the available KEX (Key Exchange) algorithms. Multiple
393	algorithms must be comma-separated. The default is	400	algorithms must be comma-separated. The default is
394	``ecdh-sha2-nistp256'', ``ecdh-sha2-nistp384'',	401
395	``ecdh-sha2-nistp521'', ``diffie-hellman-group-exchange-sha256'',	402	curve25519-sha256@libssh.org,
396	``diffie-hellman-group-exchange-sha1'',	403	ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
397	``diffie-hellman-group14-sha1'', ``diffie-hellman-group1-sha1''.	404	diffie-hellman-group-exchange-sha256,
		405	diffie-hellman-group-exchange-sha1,
		406	diffie-hellman-group14-sha1,
		407	diffie-hellman-group1-sha1
398		408
399	KeyRegenerationInterval	409	KeyRegenerationInterval
400	In protocol version 1, the ephemeral server key is automatically	410	In protocol version 1, the ephemeral server key is automatically
@@ -452,12 +462,12 @@ DESCRIPTION
452	override those set in the global section of the config file,	462	override those set in the global section of the config file,
453	until either another Match line or the end of the file.	463	until either another Match line or the end of the file.
454		464
455	The arguments to Match are one or more criteria-pattern pairs.	465	The arguments to Match are one or more criteria-pattern pairs or
456	The available criteria are User, Group, Host, LocalAddress,	466	the single token All which matches all criteria. The available
457	LocalPort, and Address. The match patterns may consist of single	467	criteria are User, Group, Host, LocalAddress, LocalPort, and
458	entries or comma-separated lists and may use the wildcard and	468	Address. The match patterns may consist of single entries or
459	negation operators described in the PATTERNS section of	469	comma-separated lists and may use the wildcard and negation
460	ssh_config(5).	470	operators described in the PATTERNS section of ssh_config(5).
461		471
462	The patterns in an Address criteria may additionally contain	472	The patterns in an Address criteria may additionally contain
463	addresses to match in CIDR address/masklen format, e.g.	473	addresses to match in CIDR address/masklen format, e.g.
@@ -477,10 +487,10 @@ DESCRIPTION
477	HostbasedAuthentication, HostbasedUsesNameFromPacketOnly,	487	HostbasedAuthentication, HostbasedUsesNameFromPacketOnly,
478	KbdInteractiveAuthentication, KerberosAuthentication,	488	KbdInteractiveAuthentication, KerberosAuthentication,
479	MaxAuthTries, MaxSessions, PasswordAuthentication,	489	MaxAuthTries, MaxSessions, PasswordAuthentication,
480	PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTunnel,	490	PermitEmptyPasswords, PermitOpen, PermitRootLogin, PermitTTY,
481	PubkeyAuthentication, RekeyLimit, RhostsRSAAuthentication,	491	PermitTunnel, PubkeyAuthentication, RekeyLimit,
482	RSAAuthentication, X11DisplayOffset, X11Forwarding and	492	RhostsRSAAuthentication, RSAAuthentication, X11DisplayOffset,
483	X11UseLocalHost.	493	X11Forwarding and X11UseLocalHost.
484		494
485	MaxAuthTries	495	MaxAuthTries
486	Specifies the maximum number of authentication attempts permitted	496	Specifies the maximum number of authentication attempts permitted
@@ -551,6 +561,10 @@ DESCRIPTION
551	``ethernet'' (layer 2), or ``no''. Specifying ``yes'' permits	561	``ethernet'' (layer 2), or ``no''. Specifying ``yes'' permits
552	both ``point-to-point'' and ``ethernet''. The default is ``no''.	562	both ``point-to-point'' and ``ethernet''. The default is ``no''.
553		563
		564	PermitTTY
		565	Specifies whether pty(4) allocation is permitted. The default is
		566	``yes''.
		567
554	PermitUserEnvironment	568	PermitUserEnvironment
555	Specifies whether ~/.ssh/environment and environment= options in	569	Specifies whether ~/.ssh/environment and environment= options in
556	~/.ssh/authorized_keys are processed by sshd(8). The default is	570	~/.ssh/authorized_keys are processed by sshd(8). The default is
@@ -810,4 +824,4 @@ AUTHORS
810	versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support	824	versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
811	for privilege separation.	825	for privilege separation.
812		826
813	OpenBSD 5.4 July 19, 2013 OpenBSD 5.4	827	OpenBSD 5.4 December 8, 2013 OpenBSD 5.4