diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | ssh.1 | 8 | ||||
-rw-r--r-- | sshd_config.5 | 6 |
3 files changed, 13 insertions, 7 deletions
@@ -1,3 +1,9 @@ | |||
1 | 20100305 | ||
2 | - OpenBSD CVS Sync | ||
3 | - jmc@cvs.openbsd.org 2010/03/04 12:51:25 | ||
4 | [ssh.1 sshd_config.5] | ||
5 | tweak previous; | ||
6 | |||
1 | 20100304 | 7 | 20100304 |
2 | - (djm) [ssh-keygen.c] Use correct local variable, instead of | 8 | - (djm) [ssh-keygen.c] Use correct local variable, instead of |
3 | maybe-undefined global "optarg" | 9 | maybe-undefined global "optarg" |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: ssh.1,v 1.297 2010/03/04 10:36:03 djm Exp $ | 37 | .\" $OpenBSD: ssh.1,v 1.298 2010/03/04 12:51:25 jmc Exp $ |
38 | .Dd $Mdocdate: March 4 2010 $ | 38 | .Dd $Mdocdate: March 4 2010 $ |
39 | .Dt SSH 1 | 39 | .Dt SSH 1 |
40 | .Os | 40 | .Os |
@@ -1122,7 +1122,7 @@ section of | |||
1122 | .Xr ssh-keygen 1 | 1122 | .Xr ssh-keygen 1 |
1123 | for more details. | 1123 | for more details. |
1124 | .Pp | 1124 | .Pp |
1125 | Keys may be also be marked as revoked using the | 1125 | Keys may also be marked as revoked using the |
1126 | .Dq @revoked | 1126 | .Dq @revoked |
1127 | marker. | 1127 | marker. |
1128 | Revoked keys will always trigger a warning when encountered and the host | 1128 | Revoked keys will always trigger a warning when encountered and the host |
@@ -1133,10 +1133,10 @@ For example: | |||
1133 | .Pp | 1133 | .Pp |
1134 | Revoking a key revokes it for direct use and as a certification authority. | 1134 | Revoking a key revokes it for direct use and as a certification authority. |
1135 | Do not use both the | 1135 | Do not use both the |
1136 | .Dq @cert-authority and | 1136 | .Dq @cert-authority |
1137 | and | ||
1137 | .Dq @revoked | 1138 | .Dq @revoked |
1138 | markers on the same line. | 1139 | markers on the same line. |
1139 | .Pp | ||
1140 | .Sh SSH-BASED VIRTUAL PRIVATE NETWORKS | 1140 | .Sh SSH-BASED VIRTUAL PRIVATE NETWORKS |
1141 | .Nm | 1141 | .Nm |
1142 | contains support for Virtual Private Network (VPN) tunnelling | 1142 | contains support for Virtual Private Network (VPN) tunnelling |
diff --git a/sshd_config.5 b/sshd_config.5 index 07e74e2b7..a0427584d 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd_config.5,v 1.118 2010/03/04 10:36:03 djm Exp $ | 37 | .\" $OpenBSD: sshd_config.5,v 1.119 2010/03/04 12:51:25 jmc Exp $ |
38 | .Dd $Mdocdate: March 4 2010 $ | 38 | .Dd $Mdocdate: March 4 2010 $ |
39 | .Dt SSHD_CONFIG 5 | 39 | .Dt SSHD_CONFIG 5 |
40 | .Os | 40 | .Os |
@@ -897,7 +897,7 @@ To disable TCP keepalive messages, the value should be set to | |||
897 | .It Cm TrustedUserCAKeys | 897 | .It Cm TrustedUserCAKeys |
898 | Specifies a file containing public keys of certificate authorities that are | 898 | Specifies a file containing public keys of certificate authorities that are |
899 | trusted sign user certificates for authentication. | 899 | trusted sign user certificates for authentication. |
900 | Keys are listed one per line, empty lines and comments starting with | 900 | Keys are listed one per line; empty lines and comments starting with |
901 | .Ql # | 901 | .Ql # |
902 | are allowed. | 902 | are allowed. |
903 | If a certificate is presented for authentication and has its signing CA key | 903 | If a certificate is presented for authentication and has its signing CA key |
@@ -906,7 +906,7 @@ listed in the certificate's principals list. | |||
906 | Note that certificates that lack a list of principals will not be permitted | 906 | Note that certificates that lack a list of principals will not be permitted |
907 | for authentication using | 907 | for authentication using |
908 | .Cm TrustedUserCAKeys . | 908 | .Cm TrustedUserCAKeys . |
909 | For more details in certificates, please see the | 909 | For more details on certificates, see the |
910 | .Sx CERTIFICATES | 910 | .Sx CERTIFICATES |
911 | section in | 911 | section in |
912 | .Xr ssh-keygen 1 . | 912 | .Xr ssh-keygen 1 . |