2 files changed, 29 insertions, 21 deletions
diff --git a/ChangeLog b/ChangeLog
index 7f34f310f..4d289aa4c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -154,6 +154,9 @@
     [ssh_config.5]
     add section on patterns;
     from dtucker + myself
+   - jmc@cvs.openbsd.org 2006/02/24 10:33:54
+     [sshd_config.5]
+     signpost to PATTERNS;
 20060313
 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@@ -4055,4 +4058,4 @@
   - (djm) Trim deprecated options from INSTALL. Mention UsePAM
   - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
-$Id: ChangeLog,v 1.4182 2006/03/15 00:54:05 djm Exp $
+$Id: ChangeLog,v 1.4183 2006/03/15 00:54:21 djm Exp $
diff --git a/sshd_config.5 b/sshd_config.5
index 6e2de10d7..e0768230e 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.48 2006/01/02 17:09:49 jmc Exp $
+.\" $OpenBSD: sshd_config.5,v 1.49 2006/02/24 10:33:54 jmc Exp $
 .Dd September 25, 1999
 .Dt SSHD_CONFIG 5
 .Os
@@ -99,13 +99,14 @@ This keyword can be followed by a list of group name patterns, separated
 by spaces.
 If specified, login is allowed only for users whose primary
 group or supplementary group list matches one of the patterns.
-.Ql \&*
-and
-.Ql \&?
-can be used as
-wildcards in the patterns.
 Only group names are valid; a numerical group ID is not recognized.
 By default, login is allowed for all groups.
+.Pp
+See
+.Sx PATTERNS
+in
+.Xr ssh_config 5
+for more information on patterns.
 .It Cm AllowTcpForwarding
 Specifies whether TCP forwarding is permitted.
 The default is
@@ -118,16 +119,17 @@ This keyword can be followed by a list of user name patterns, separated
 by spaces.
 If specified, login is allowed only for user names that
 match one of the patterns.
-.Ql \&*
-and
-.Ql \&?
-can be used as
-wildcards in the patterns.
 Only user names are valid; a numerical user ID is not recognized.
 By default, login is allowed for all users.
 If the pattern takes the form USER@HOST then USER and HOST
 are separately checked, restricting logins to particular
 users from particular hosts.
+.Pp
+See
+.Sx PATTERNS
+in
+.Xr ssh_config 5
+for more information on patterns.
 .It Cm AuthorizedKeysFile
 Specifies the file that contains the public keys that can be used
 for user authentication.
@@ -231,26 +233,29 @@ This keyword can be followed by a list of group name patterns, separated
 by spaces.
 Login is disallowed for users whose primary group or supplementary
 group list matches one of the patterns.
-.Ql \&*
-and
-.Ql \&?
-can be used as
-wildcards in the patterns.
 Only group names are valid; a numerical group ID is not recognized.
 By default, login is allowed for all groups.
+.Pp
+See
+.Sx PATTERNS
+in
+.Xr ssh_config 5
+for more information on patterns.
 .It Cm DenyUsers
 This keyword can be followed by a list of user name patterns, separated
 by spaces.
 Login is disallowed for user names that match one of the patterns.
-.Ql \&*
-and
-.Ql \&?
-can be used as wildcards in the patterns.
 Only user names are valid; a numerical user ID is not recognized.
 By default, login is allowed for all users.
 If the pattern takes the form USER@HOST then USER and HOST
 are separately checked, restricting logins to particular
 users from particular hosts.
+.Pp
+See
+.Sx PATTERNS
+in
+.Xr ssh_config 5
+for more information on patterns.
 .It Cm GatewayPorts
 Specifies whether remote hosts are allowed to connect to ports
 forwarded for the client.

diff --git a/ChangeLog b/ChangeLog index 7f34f310f..4d289aa4c 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -154,6 +154,9 @@
154	[ssh_config.5]	154	[ssh_config.5]
155	add section on patterns;	155	add section on patterns;
156	from dtucker + myself	156	from dtucker + myself
		157	- jmc@cvs.openbsd.org 2006/02/24 10:33:54
		158	[sshd_config.5]
		159	signpost to PATTERNS;
157		160
158	20060313	161	20060313
159	- (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)	162	- (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@@ -4055,4 +4058,4 @@
4055	- (djm) Trim deprecated options from INSTALL. Mention UsePAM	4058	- (djm) Trim deprecated options from INSTALL. Mention UsePAM
4056	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu	4059	- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
4057		4060
4058	$Id: ChangeLog,v 1.4182 2006/03/15 00:54:05 djm Exp $	4061	$Id: ChangeLog,v 1.4183 2006/03/15 00:54:21 djm Exp $


diff --git a/sshd_config.5 b/sshd_config.5 index 6e2de10d7..e0768230e 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd_config.5,v 1.48 2006/01/02 17:09:49 jmc Exp $	37	.\" $OpenBSD: sshd_config.5,v 1.49 2006/02/24 10:33:54 jmc Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD_CONFIG 5	39	.Dt SSHD_CONFIG 5
40	.Os	40	.Os
@@ -99,13 +99,14 @@ This keyword can be followed by a list of group name patterns, separated
99	by spaces.	99	by spaces.
100	If specified, login is allowed only for users whose primary	100	If specified, login is allowed only for users whose primary
101	group or supplementary group list matches one of the patterns.	101	group or supplementary group list matches one of the patterns.
102	.Ql \&*
103	and
104	.Ql \&?
105	can be used as
106	wildcards in the patterns.
107	Only group names are valid; a numerical group ID is not recognized.	102	Only group names are valid; a numerical group ID is not recognized.
108	By default, login is allowed for all groups.	103	By default, login is allowed for all groups.
		104	.Pp
		105	See
		106	.Sx PATTERNS
		107	in
		108	.Xr ssh_config 5
		109	for more information on patterns.
109	.It Cm AllowTcpForwarding	110	.It Cm AllowTcpForwarding
110	Specifies whether TCP forwarding is permitted.	111	Specifies whether TCP forwarding is permitted.
111	The default is	112	The default is
@@ -118,16 +119,17 @@ This keyword can be followed by a list of user name patterns, separated
118	by spaces.	119	by spaces.
119	If specified, login is allowed only for user names that	120	If specified, login is allowed only for user names that
120	match one of the patterns.	121	match one of the patterns.
121	.Ql \&*
122	and
123	.Ql \&?
124	can be used as
125	wildcards in the patterns.
126	Only user names are valid; a numerical user ID is not recognized.	122	Only user names are valid; a numerical user ID is not recognized.
127	By default, login is allowed for all users.	123	By default, login is allowed for all users.
128	If the pattern takes the form USER@HOST then USER and HOST	124	If the pattern takes the form USER@HOST then USER and HOST
129	are separately checked, restricting logins to particular	125	are separately checked, restricting logins to particular
130	users from particular hosts.	126	users from particular hosts.
		127	.Pp
		128	See
		129	.Sx PATTERNS
		130	in
		131	.Xr ssh_config 5
		132	for more information on patterns.
131	.It Cm AuthorizedKeysFile	133	.It Cm AuthorizedKeysFile
132	Specifies the file that contains the public keys that can be used	134	Specifies the file that contains the public keys that can be used
133	for user authentication.	135	for user authentication.
@@ -231,26 +233,29 @@ This keyword can be followed by a list of group name patterns, separated
231	by spaces.	233	by spaces.
232	Login is disallowed for users whose primary group or supplementary	234	Login is disallowed for users whose primary group or supplementary
233	group list matches one of the patterns.	235	group list matches one of the patterns.
234	.Ql \&*
235	and
236	.Ql \&?
237	can be used as
238	wildcards in the patterns.
239	Only group names are valid; a numerical group ID is not recognized.	236	Only group names are valid; a numerical group ID is not recognized.
240	By default, login is allowed for all groups.	237	By default, login is allowed for all groups.
		238	.Pp
		239	See
		240	.Sx PATTERNS
		241	in
		242	.Xr ssh_config 5
		243	for more information on patterns.
241	.It Cm DenyUsers	244	.It Cm DenyUsers
242	This keyword can be followed by a list of user name patterns, separated	245	This keyword can be followed by a list of user name patterns, separated
243	by spaces.	246	by spaces.
244	Login is disallowed for user names that match one of the patterns.	247	Login is disallowed for user names that match one of the patterns.
245	.Ql \&*
246	and
247	.Ql \&?
248	can be used as wildcards in the patterns.
249	Only user names are valid; a numerical user ID is not recognized.	248	Only user names are valid; a numerical user ID is not recognized.
250	By default, login is allowed for all users.	249	By default, login is allowed for all users.
251	If the pattern takes the form USER@HOST then USER and HOST	250	If the pattern takes the form USER@HOST then USER and HOST
252	are separately checked, restricting logins to particular	251	are separately checked, restricting logins to particular
253	users from particular hosts.	252	users from particular hosts.
		253	.Pp
		254	See
		255	.Sx PATTERNS
		256	in
		257	.Xr ssh_config 5
		258	for more information on patterns.
254	.It Cm GatewayPorts	259	.It Cm GatewayPorts
255	Specifies whether remote hosts are allowed to connect to ports	260	Specifies whether remote hosts are allowed to connect to ports
256	forwarded for the client.	261	forwarded for the client.