2 files changed, 40 insertions, 37 deletions
diff --git a/ChangeLog b/ChangeLog
index bdfb7520b..dbfb130a6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -186,6 +186,9 @@
     [sshd_config.5]
     document the order in which allow/deny directives are processed;
     help/ok dtucker
+   - jmc@cvs.openbsd.org 2006/02/26 17:17:18
+     [ssh_config.5]
+     move PATTERNS to the end of the main body; requested by dtucker
 20060313
 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@@ -4087,4 +4090,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.4193 2006/03/15 00:58:49 djm Exp $
+$Id: ChangeLog,v 1.4194 2006/03/15 00:59:08 djm Exp $
diff --git a/ssh_config.5 b/ssh_config.5
index 0e6a41808..3c5bf3919 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.85 2006/02/25 12:26:17 jmc Exp $
+.\" $OpenBSD: ssh_config.5,v 1.86 2006/02/26 17:17:18 jmc Exp $
 .Dd September 25, 1999
 .Dt SSH_CONFIG 5
 .Os
@@ -73,42 +73,7 @@ The matched host name is the one given on the command line.
 Since the first obtained value for each parameter is used, more
 host-specific declarations should be given near the beginning of the
 file, and general defaults at the end.
-.Sh PATTERNS
-A
-.Em pattern
-consists of zero or more non-whitespace characters,
-.Sq *
-(a wildcard that matches zero or more characters),
-or
-.Sq ?\&
-(a wildcard that matches exactly one character).
-For example, to specify a set of declarations for any host in the
-.Dq .co.uk
-set of domains,
-the following pattern could be used:
-.Pp
-.Dl Host *.co.uk
-.Pp
-The following pattern
-would match any host in the 192.168.0.[0-9] network range:
 .Pp
-.Dl Host 192.168.0.?
-.Pp
-A
-.Em pattern-list
-is a comma-separated list of patterns.
-Patterns within pattern-lists may be negated
-by preceding them with an exclamation mark
-.Pq Sq !\& .
-For example,
-to allow a key to be used from anywhere within an organisation
-except from the
-.Dq dialup
-pool,
-the following entry (in authorized_keys) could be used:
-.Pp
-.Dl from=\&"!*.dialup.example.com,*.example.com\&"
-.Sh FILE FORMAT
 The configuration file has the following format:
 .Pp
 Empty lines and lines starting with
@@ -1023,6 +988,41 @@ program.
 The default is
 .Pa /usr/X11R6/bin/xauth .
 .El
+.Sh PATTERNS
+A
+.Em pattern
+consists of zero or more non-whitespace characters,
+.Sq *
+(a wildcard that matches zero or more characters),
+or
+.Sq ?\&
+(a wildcard that matches exactly one character).
+For example, to specify a set of declarations for any host in the
+.Dq .co.uk
+set of domains,
+the following pattern could be used:
+.Pp
+.Dl Host *.co.uk
+.Pp
+The following pattern
+would match any host in the 192.168.0.[0-9] network range:
+.Pp
+.Dl Host 192.168.0.?
+.Pp
+A
+.Em pattern-list
+is a comma-separated list of patterns.
+Patterns within pattern-lists may be negated
+by preceding them with an exclamation mark
+.Pq Sq !\& .
+For example,
+to allow a key to be used from anywhere within an organisation
+except from the
+.Dq dialup
+pool,
+the following entry (in authorized_keys) could be used:
+.Pp
+.Dl from=\&"!*.dialup.example.com,*.example.com\&"
 .Sh FILES
 .Bl -tag -width Ds
 .It Pa ~/.ssh/config

diff --git a/ChangeLog b/ChangeLog index bdfb7520b..dbfb130a6 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -186,6 +186,9 @@
186	[sshd_config.5]	186	[sshd_config.5]
187	document the order in which allow/deny directives are processed;	187	document the order in which allow/deny directives are processed;
188	help/ok dtucker	188	help/ok dtucker
		189	- jmc@cvs.openbsd.org 2006/02/26 17:17:18
		190	[ssh_config.5]
		191	move PATTERNS to the end of the main body; requested by dtucker
189		192
190	20060313	193	20060313
191	- (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)	194	- (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@@ -4087,4 +4090,4 @@
4087	- (djm) Trim deprecated options from INSTALL. Mention UsePAM	4090	- (djm) Trim deprecated options from INSTALL. Mention UsePAM
4088	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu	4091	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
4089		4092
4090	$Id: ChangeLog,v 1.4193 2006/03/15 00:58:49 djm Exp $	4093	$Id: ChangeLog,v 1.4194 2006/03/15 00:59:08 djm Exp $


diff --git a/ssh_config.5 b/ssh_config.5 index 0e6a41808..3c5bf3919 100644 --- a/ssh_config.5 +++ b/ssh_config.5
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: ssh_config.5,v 1.85 2006/02/25 12:26:17 jmc Exp $	37	.\" $OpenBSD: ssh_config.5,v 1.86 2006/02/26 17:17:18 jmc Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSH_CONFIG 5	39	.Dt SSH_CONFIG 5
40	.Os	40	.Os
@@ -73,42 +73,7 @@ The matched host name is the one given on the command line.
73	Since the first obtained value for each parameter is used, more	73	Since the first obtained value for each parameter is used, more
74	host-specific declarations should be given near the beginning of the	74	host-specific declarations should be given near the beginning of the
75	file, and general defaults at the end.	75	file, and general defaults at the end.
76	.Sh PATTERNS
77	A
78	.Em pattern
79	consists of zero or more non-whitespace characters,
80	.Sq *
81	(a wildcard that matches zero or more characters),
82	or
83	.Sq ?\&
84	(a wildcard that matches exactly one character).
85	For example, to specify a set of declarations for any host in the
86	.Dq .co.uk
87	set of domains,
88	the following pattern could be used:
89	.Pp
90	.Dl Host *.co.uk
91	.Pp
92	The following pattern
93	would match any host in the 192.168.0.[0-9] network range:
94	.Pp	76	.Pp
95	.Dl Host 192.168.0.?
96	.Pp
97	A
98	.Em pattern-list
99	is a comma-separated list of patterns.
100	Patterns within pattern-lists may be negated
101	by preceding them with an exclamation mark
102	.Pq Sq !\& .
103	For example,
104	to allow a key to be used from anywhere within an organisation
105	except from the
106	.Dq dialup
107	pool,
108	the following entry (in authorized_keys) could be used:
109	.Pp
110	.Dl from=\&"!.dialup.example.com,.example.com\&"
111	.Sh FILE FORMAT
112	The configuration file has the following format:	77	The configuration file has the following format:
113	.Pp	78	.Pp
114	Empty lines and lines starting with	79	Empty lines and lines starting with
@@ -1023,6 +988,41 @@ program.
1023	The default is	988	The default is
1024	.Pa /usr/X11R6/bin/xauth .	989	.Pa /usr/X11R6/bin/xauth .
1025	.El	990	.El
		991	.Sh PATTERNS
		992	A
		993	.Em pattern
		994	consists of zero or more non-whitespace characters,
		995	.Sq *
		996	(a wildcard that matches zero or more characters),
		997	or
		998	.Sq ?\&
		999	(a wildcard that matches exactly one character).
		1000	For example, to specify a set of declarations for any host in the
		1001	.Dq .co.uk
		1002	set of domains,
		1003	the following pattern could be used:
		1004	.Pp
		1005	.Dl Host *.co.uk
		1006	.Pp
		1007	The following pattern
		1008	would match any host in the 192.168.0.[0-9] network range:
		1009	.Pp
		1010	.Dl Host 192.168.0.?
		1011	.Pp
		1012	A
		1013	.Em pattern-list
		1014	is a comma-separated list of patterns.
		1015	Patterns within pattern-lists may be negated
		1016	by preceding them with an exclamation mark
		1017	.Pq Sq !\& .
		1018	For example,
		1019	to allow a key to be used from anywhere within an organisation
		1020	except from the
		1021	.Dq dialup
		1022	pool,
		1023	the following entry (in authorized_keys) could be used:
		1024	.Pp
		1025	.Dl from=\&"!.dialup.example.com,.example.com\&"
1026	.Sh FILES	1026	.Sh FILES
1027	.Bl -tag -width Ds	1027	.Bl -tag -width Ds
1028	.It Pa ~/.ssh/config	1028	.It Pa ~/.ssh/config