summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--ssh.18
-rw-r--r--sshd_config.56
3 files changed, 13 insertions, 7 deletions
diff --git a/ChangeLog b/ChangeLog
index f6c61d89d..ab7f88fe2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
120100305
2 - OpenBSD CVS Sync
3 - jmc@cvs.openbsd.org 2010/03/04 12:51:25
4 [ssh.1 sshd_config.5]
5 tweak previous;
6
120100304 720100304
2 - (djm) [ssh-keygen.c] Use correct local variable, instead of 8 - (djm) [ssh-keygen.c] Use correct local variable, instead of
3 maybe-undefined global "optarg" 9 maybe-undefined global "optarg"
diff --git a/ssh.1 b/ssh.1
index e8a4e5953..8c53d4b07 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh.1,v 1.297 2010/03/04 10:36:03 djm Exp $ 37.\" $OpenBSD: ssh.1,v 1.298 2010/03/04 12:51:25 jmc Exp $
38.Dd $Mdocdate: March 4 2010 $ 38.Dd $Mdocdate: March 4 2010 $
39.Dt SSH 1 39.Dt SSH 1
40.Os 40.Os
@@ -1122,7 +1122,7 @@ section of
1122.Xr ssh-keygen 1 1122.Xr ssh-keygen 1
1123for more details. 1123for more details.
1124.Pp 1124.Pp
1125Keys may be also be marked as revoked using the 1125Keys may also be marked as revoked using the
1126.Dq @revoked 1126.Dq @revoked
1127marker. 1127marker.
1128Revoked keys will always trigger a warning when encountered and the host 1128Revoked keys will always trigger a warning when encountered and the host
@@ -1133,10 +1133,10 @@ For example:
1133.Pp 1133.Pp
1134Revoking a key revokes it for direct use and as a certification authority. 1134Revoking a key revokes it for direct use and as a certification authority.
1135Do not use both the 1135Do not use both the
1136.Dq @cert-authority and 1136.Dq @cert-authority
1137and
1137.Dq @revoked 1138.Dq @revoked
1138markers on the same line. 1139markers on the same line.
1139.Pp
1140.Sh SSH-BASED VIRTUAL PRIVATE NETWORKS 1140.Sh SSH-BASED VIRTUAL PRIVATE NETWORKS
1141.Nm 1141.Nm
1142contains support for Virtual Private Network (VPN) tunnelling 1142contains support for Virtual Private Network (VPN) tunnelling
diff --git a/sshd_config.5 b/sshd_config.5
index 07e74e2b7..a0427584d 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd_config.5,v 1.118 2010/03/04 10:36:03 djm Exp $ 37.\" $OpenBSD: sshd_config.5,v 1.119 2010/03/04 12:51:25 jmc Exp $
38.Dd $Mdocdate: March 4 2010 $ 38.Dd $Mdocdate: March 4 2010 $
39.Dt SSHD_CONFIG 5 39.Dt SSHD_CONFIG 5
40.Os 40.Os
@@ -897,7 +897,7 @@ To disable TCP keepalive messages, the value should be set to
897.It Cm TrustedUserCAKeys 897.It Cm TrustedUserCAKeys
898Specifies a file containing public keys of certificate authorities that are 898Specifies a file containing public keys of certificate authorities that are
899trusted sign user certificates for authentication. 899trusted sign user certificates for authentication.
900Keys are listed one per line, empty lines and comments starting with 900Keys are listed one per line; empty lines and comments starting with
901.Ql # 901.Ql #
902are allowed. 902are allowed.
903If a certificate is presented for authentication and has its signing CA key 903If a certificate is presented for authentication and has its signing CA key
@@ -906,7 +906,7 @@ listed in the certificate's principals list.
906Note that certificates that lack a list of principals will not be permitted 906Note that certificates that lack a list of principals will not be permitted
907for authentication using 907for authentication using
908.Cm TrustedUserCAKeys . 908.Cm TrustedUserCAKeys .
909For more details in certificates, please see the 909For more details on certificates, see the
910.Sx CERTIFICATES 910.Sx CERTIFICATES
911section in 911section in
912.Xr ssh-keygen 1 . 912.Xr ssh-keygen 1 .