diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | sshd.8 | 17 | ||||
-rw-r--r-- | sshd_config.5 | 10 |
3 files changed, 21 insertions, 12 deletions
@@ -28,6 +28,10 @@ | |||
28 | - deraadt@cvs.openbsd.org 2003/04/26 04:29:49 | 28 | - deraadt@cvs.openbsd.org 2003/04/26 04:29:49 |
29 | [ssh-keyscan.c] | 29 | [ssh-keyscan.c] |
30 | -t in usage(); rogier@quaak.org | 30 | -t in usage(); rogier@quaak.org |
31 | - mouring@cvs.openbsd.org 2003/04/30 01:16:20 | ||
32 | [sshd.8 sshd_config.5] | ||
33 | Escape ?, * and ! in .Ql for nroff compatibility. OpenSSH Portable | ||
34 | Bug #550 and * escaping suggested by jmc@. | ||
31 | 35 | ||
32 | 20030512 | 36 | 20030512 |
33 | - (djm) Redhat spec: Don't install profile.d scripts when not | 37 | - (djm) Redhat spec: Don't install profile.d scripts when not |
@@ -1415,4 +1419,4 @@ | |||
1415 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1419 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
1416 | ok provos@ | 1420 | ok provos@ |
1417 | 1421 | ||
1418 | $Id: ChangeLog,v 1.2684 2003/05/14 03:43:53 djm Exp $ | 1422 | $Id: ChangeLog,v 1.2685 2003/05/14 03:44:42 djm Exp $ |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.194 2003/01/31 21:54:40 jmc Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.195 2003/04/30 01:16:20 mouring Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -429,13 +429,14 @@ that option keywords are case-insensitive): | |||
429 | Specifies that in addition to public key authentication, the canonical name | 429 | Specifies that in addition to public key authentication, the canonical name |
430 | of the remote host must be present in the comma-separated list of | 430 | of the remote host must be present in the comma-separated list of |
431 | patterns | 431 | patterns |
432 | .Pf ( Ql * | 432 | .Pf ( |
433 | .Ql \&* | ||
433 | and | 434 | and |
434 | .Ql ? | 435 | .Ql \&? |
435 | serve as wildcards). | 436 | serve as wildcards). |
436 | The list may also contain | 437 | The list may also contain |
437 | patterns negated by prefixing them with | 438 | patterns negated by prefixing them with |
438 | .Ql ! ; | 439 | .Ql \&! ; |
439 | if the canonical host name matches a negated pattern, the key is not accepted. | 440 | if the canonical host name matches a negated pattern, the key is not accepted. |
440 | The purpose | 441 | The purpose |
441 | of this option is to optionally increase security: public key authentication | 442 | of this option is to optionally increase security: public key authentication |
@@ -524,12 +525,16 @@ Each line in these files contains the following fields: hostnames, | |||
524 | bits, exponent, modulus, comment. | 525 | bits, exponent, modulus, comment. |
525 | The fields are separated by spaces. | 526 | The fields are separated by spaces. |
526 | .Pp | 527 | .Pp |
527 | Hostnames is a comma-separated list of patterns ('*' and '?' act as | 528 | Hostnames is a comma-separated list of patterns ( |
529 | .Ql \&* | ||
530 | and | ||
531 | .Ql \&? | ||
532 | act as | ||
528 | wildcards); each pattern in turn is matched against the canonical host | 533 | wildcards); each pattern in turn is matched against the canonical host |
529 | name (when authenticating a client) or against the user-supplied | 534 | name (when authenticating a client) or against the user-supplied |
530 | name (when authenticating a server). | 535 | name (when authenticating a server). |
531 | A pattern may also be preceded by | 536 | A pattern may also be preceded by |
532 | .Ql ! | 537 | .Ql \&! |
533 | to indicate negation: if the host name matches a negated | 538 | to indicate negation: if the host name matches a negated |
534 | pattern, it is not accepted (by that line) even if it matched another | 539 | pattern, it is not accepted (by that line) even if it matched another |
535 | pattern on the line. | 540 | pattern on the line. |
diff --git a/sshd_config.5 b/sshd_config.5 index 6f38a260a..31ef3996d 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd_config.5,v 1.15 2003/03/28 10:11:43 jmc Exp $ | 37 | .\" $OpenBSD: sshd_config.5,v 1.16 2003/04/30 01:16:20 mouring Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD_CONFIG 5 | 39 | .Dt SSHD_CONFIG 5 |
40 | .Os | 40 | .Os |
@@ -72,7 +72,7 @@ If specified, login is allowed only for users whose primary | |||
72 | group or supplementary group list matches one of the patterns. | 72 | group or supplementary group list matches one of the patterns. |
73 | .Ql \&* | 73 | .Ql \&* |
74 | and | 74 | and |
75 | .Ql ? | 75 | .Ql \&? |
76 | can be used as | 76 | can be used as |
77 | wildcards in the patterns. | 77 | wildcards in the patterns. |
78 | Only group names are valid; a numerical group ID is not recognized. | 78 | Only group names are valid; a numerical group ID is not recognized. |
@@ -93,7 +93,7 @@ If specified, login is allowed only for user names that | |||
93 | match one of the patterns. | 93 | match one of the patterns. |
94 | .Ql \&* | 94 | .Ql \&* |
95 | and | 95 | and |
96 | .Ql ? | 96 | .Ql \&? |
97 | can be used as | 97 | can be used as |
98 | wildcards in the patterns. | 98 | wildcards in the patterns. |
99 | Only user names are valid; a numerical user ID is not recognized. | 99 | Only user names are valid; a numerical user ID is not recognized. |
@@ -187,7 +187,7 @@ Login is disallowed for users whose primary group or supplementary | |||
187 | group list matches one of the patterns. | 187 | group list matches one of the patterns. |
188 | .Ql \&* | 188 | .Ql \&* |
189 | and | 189 | and |
190 | .Ql ? | 190 | .Ql \&? |
191 | can be used as | 191 | can be used as |
192 | wildcards in the patterns. | 192 | wildcards in the patterns. |
193 | Only group names are valid; a numerical group ID is not recognized. | 193 | Only group names are valid; a numerical group ID is not recognized. |
@@ -199,7 +199,7 @@ by spaces. | |||
199 | Login is disallowed for user names that match one of the patterns. | 199 | Login is disallowed for user names that match one of the patterns. |
200 | .Ql \&* | 200 | .Ql \&* |
201 | and | 201 | and |
202 | .Ql ? | 202 | .Ql \&? |
203 | can be used as wildcards in the patterns. | 203 | can be used as wildcards in the patterns. |
204 | Only user names are valid; a numerical user ID is not recognized. | 204 | Only user names are valid; a numerical user ID is not recognized. |
205 | By default, login is allowed for all users. | 205 | By default, login is allowed for all users. |