diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | sshd.8 | 29 |
2 files changed, 25 insertions, 10 deletions
@@ -5,6 +5,10 @@ | |||
5 | support changes. | 5 | support changes. |
6 | - (bal) Too many <sys/queue.h> issues. Remove all workarounds and | 6 | - (bal) Too many <sys/queue.h> issues. Remove all workarounds and |
7 | using internal version only. | 7 | using internal version only. |
8 | - (bal) OpenBSD CVS Sync | ||
9 | - stevesk@cvs.openbsd.org 2002/04/05 20:56:21 | ||
10 | [sshd.8] | ||
11 | clarify sshrc some and handle X11UseLocalhost=yes; ok markus@ | ||
8 | 12 | ||
9 | 20020404 | 13 | 20020404 |
10 | - (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h | 14 | - (stevesk) [auth-pam.c auth-pam.h auth-passwd.c auth-sia.c auth-sia.h |
@@ -8163,4 +8167,4 @@ | |||
8163 | - Wrote replacements for strlcpy and mkdtemp | 8167 | - Wrote replacements for strlcpy and mkdtemp |
8164 | - Released 1.0pre1 | 8168 | - Released 1.0pre1 |
8165 | 8169 | ||
8166 | $Id: ChangeLog,v 1.2024 2002/04/05 20:23:35 mouring Exp $ | 8170 | $Id: ChangeLog,v 1.2025 2002/04/05 22:18:48 mouring Exp $ |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.175 2002/03/29 19:16:22 stevesk Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.176 2002/04/05 20:56:21 stevesk Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -1324,13 +1324,17 @@ only by the user; it need not be readable by anyone else. | |||
1324 | .It Pa $HOME/.ssh/rc | 1324 | .It Pa $HOME/.ssh/rc |
1325 | If this file exists, it is run with /bin/sh after reading the | 1325 | If this file exists, it is run with /bin/sh after reading the |
1326 | environment files but before starting the user's shell or command. | 1326 | environment files but before starting the user's shell or command. |
1327 | If X11 spoofing is in use, this will receive the "proto cookie" pair in | 1327 | It must not produce any output on stdout; stderr must be used |
1328 | standard input (and | 1328 | instead. |
1329 | If X11 forwarding is in use, it will receive the "proto cookie" pair in | ||
1330 | its standard input (and | ||
1329 | .Ev DISPLAY | 1331 | .Ev DISPLAY |
1330 | in environment). | 1332 | in its environment). |
1331 | This must call | 1333 | The script must call |
1332 | .Xr xauth 1 | 1334 | .Xr xauth 1 |
1333 | in that case. | 1335 | because |
1336 | .Nm | ||
1337 | will not run xauth automatically to add X11 cookies. | ||
1334 | .Pp | 1338 | .Pp |
1335 | The primary purpose of this file is to run any initialization routines | 1339 | The primary purpose of this file is to run any initialization routines |
1336 | which may be needed before the user's home directory becomes | 1340 | which may be needed before the user's home directory becomes |
@@ -1339,15 +1343,22 @@ accessible; AFS is a particular example of such an environment. | |||
1339 | This file will probably contain some initialization code followed by | 1343 | This file will probably contain some initialization code followed by |
1340 | something similar to: | 1344 | something similar to: |
1341 | .Bd -literal | 1345 | .Bd -literal |
1342 | if read proto cookie; then | 1346 | if read proto cookie && [ -n "$DISPLAY" ]; then |
1343 | echo add $DISPLAY $proto $cookie | xauth -q - | 1347 | if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then |
1348 | # X11UseLocalhost=yes | ||
1349 | xauth add unix:`echo $DISPLAY | | ||
1350 | cut -c11-` $proto $cookie | ||
1351 | else | ||
1352 | # X11UseLocalhost=no | ||
1353 | xauth add $DISPLAY $proto $cookie | ||
1344 | fi | 1354 | fi |
1355 | fi | ||
1345 | .Ed | 1356 | .Ed |
1346 | .Pp | 1357 | .Pp |
1347 | If this file does not exist, | 1358 | If this file does not exist, |
1348 | .Pa /etc/ssh/sshrc | 1359 | .Pa /etc/ssh/sshrc |
1349 | is run, and if that | 1360 | is run, and if that |
1350 | does not exist either, xauth is used to store the cookie. | 1361 | does not exist either, xauth is used to add the cookie. |
1351 | .Pp | 1362 | .Pp |
1352 | This file should be writable only by the user, and need not be | 1363 | This file should be writable only by the user, and need not be |
1353 | readable by anyone else. | 1364 | readable by anyone else. |