2 files changed, 22 insertions, 22 deletions
diff --git a/ChangeLog b/ChangeLog
index 7ee586cbd..a830ce51a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+20010306
+ - (bal) OpenBSD CVS Sync
+   - deraadt@cvs.openbsd.org 2001/03/05 14:28:47
+     [sshd.8]
+     alpha order; jcs@rt.fm
 20010305
 - (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
 - (bal) CVS ID touch up on sftp-int.c 
@@ -4368,4 +4374,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.908 2001/03/05 19:50:57 stevesk Exp $
+$Id: ChangeLog,v 1.909 2001/03/06 01:00:03 mouring Exp $
diff --git a/sshd.8 b/sshd.8
index 52e902ef7..c924a438f 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.103 2001/03/04 18:21:28 deraadt Exp $
+.\" $OpenBSD: sshd.8,v 1.104 2001/03/05 14:28:47 deraadt Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -339,6 +339,15 @@ The contents of the specified file are sent to the remote user before
 authentication is allowed.
 This option is only available for protocol version 2.
 .Pp
+.It Cm ChallengeResponseAuthentication
+Specifies whether
+challenge response
+authentication is allowed.
+Currently there is only support for
+.Xr skey 1
+authentication.
+The default is
+.Dq yes .
 .It Cm Ciphers
 Specifies the ciphers allowed for protocol version 2.
 Multiple ciphers must be comma-separated.
@@ -373,11 +382,6 @@ and
 can be used as wildcards in the patterns.
 Only user names are valid; a numerical user ID isn't recognized.
 By default login is allowed regardless of the user name.
-.It Cm PubkeyAuthentication
-Specifies whether public key authentication is allowed.
-The default is
-.Dq yes .
-Note that this option applies to protocol version 2 only.
 .It Cm GatewayPorts
 Specifies whether remote hosts are allowed to connect to ports
 forwarded for the client.
@@ -611,6 +615,11 @@ and
 Multiple versions must be comma-separated.
 The default is
 .Dq 1 .
+.It Cm PubkeyAuthentication
+Specifies whether public key authentication is allowed.
+The default is
+.Dq yes .
+Note that this option applies to protocol version 2 only.
 .It Cm ReverseMappingCheck
 Specifies whether
 .Nm
@@ -642,21 +651,6 @@ Note that this option applies to protocol version 1 only.
 .It Cm ServerKeyBits
 Defines the number of bits in the server key.
 The minimum value is 512, and the default is 768.
-.It Cm ChallengeResponseAuthentication
-Specifies whether
-challenge response
-authentication is allowed.
-Currently there is support for
-.Xr skey 1
-and PAM authentication.
-The default is
-.Dq yes .
-Note that enabling ChallengeResponseAuthentication for PAM bypasses 
-OpenSSH's password checking code, thus rendering options such as 
-.Cm PasswordAuthentication 
-and
-.Cm PermitEmptyPasswords
-ineffective.
 .It Cm StrictModes
 Specifies whether
 .Nm

diff --git a/ChangeLog b/ChangeLog index 7ee586cbd..a830ce51a 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -1,3 +1,9 @@
		1	20010306
		2	- (bal) OpenBSD CVS Sync
		3	- deraadt@cvs.openbsd.org 2001/03/05 14:28:47
		4	[sshd.8]
		5	alpha order; jcs@rt.fm
		6
1	20010305	7	20010305
2	- (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]	8	- (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
3	- (bal) CVS ID touch up on sftp-int.c	9	- (bal) CVS ID touch up on sftp-int.c
@@ -4368,4 +4374,4 @@
4368	- Wrote replacements for strlcpy and mkdtemp	4374	- Wrote replacements for strlcpy and mkdtemp
4369	- Released 1.0pre1	4375	- Released 1.0pre1
4370		4376
4371	$Id: ChangeLog,v 1.908 2001/03/05 19:50:57 stevesk Exp $	4377	$Id: ChangeLog,v 1.909 2001/03/06 01:00:03 mouring Exp $


diff --git a/sshd.8 b/sshd.8 index 52e902ef7..c924a438f 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.103 2001/03/04 18:21:28 deraadt Exp $	37	.\" $OpenBSD: sshd.8,v 1.104 2001/03/05 14:28:47 deraadt Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -339,6 +339,15 @@ The contents of the specified file are sent to the remote user before
339	authentication is allowed.	339	authentication is allowed.
340	This option is only available for protocol version 2.	340	This option is only available for protocol version 2.
341	.Pp	341	.Pp
		342	.It Cm ChallengeResponseAuthentication
		343	Specifies whether
		344	challenge response
		345	authentication is allowed.
		346	Currently there is only support for
		347	.Xr skey 1
		348	authentication.
		349	The default is
		350	.Dq yes .
342	.It Cm Ciphers	351	.It Cm Ciphers
343	Specifies the ciphers allowed for protocol version 2.	352	Specifies the ciphers allowed for protocol version 2.
344	Multiple ciphers must be comma-separated.	353	Multiple ciphers must be comma-separated.
@@ -373,11 +382,6 @@ and
373	can be used as wildcards in the patterns.	382	can be used as wildcards in the patterns.
374	Only user names are valid; a numerical user ID isn't recognized.	383	Only user names are valid; a numerical user ID isn't recognized.
375	By default login is allowed regardless of the user name.	384	By default login is allowed regardless of the user name.
376	.It Cm PubkeyAuthentication
377	Specifies whether public key authentication is allowed.
378	The default is
379	.Dq yes .
380	Note that this option applies to protocol version 2 only.
381	.It Cm GatewayPorts	385	.It Cm GatewayPorts
382	Specifies whether remote hosts are allowed to connect to ports	386	Specifies whether remote hosts are allowed to connect to ports
383	forwarded for the client.	387	forwarded for the client.
@@ -611,6 +615,11 @@ and
611	Multiple versions must be comma-separated.	615	Multiple versions must be comma-separated.
612	The default is	616	The default is
613	.Dq 1 .	617	.Dq 1 .
		618	.It Cm PubkeyAuthentication
		619	Specifies whether public key authentication is allowed.
		620	The default is
		621	.Dq yes .
		622	Note that this option applies to protocol version 2 only.
614	.It Cm ReverseMappingCheck	623	.It Cm ReverseMappingCheck
615	Specifies whether	624	Specifies whether
616	.Nm	625	.Nm
@@ -642,21 +651,6 @@ Note that this option applies to protocol version 1 only.
642	.It Cm ServerKeyBits	651	.It Cm ServerKeyBits
643	Defines the number of bits in the server key.	652	Defines the number of bits in the server key.
644	The minimum value is 512, and the default is 768.	653	The minimum value is 512, and the default is 768.
645	.It Cm ChallengeResponseAuthentication
646	Specifies whether
647	challenge response
648	authentication is allowed.
649	Currently there is support for
650	.Xr skey 1
651	and PAM authentication.
652	The default is
653	.Dq yes .
654	Note that enabling ChallengeResponseAuthentication for PAM bypasses
655	OpenSSH's password checking code, thus rendering options such as
656	.Cm PasswordAuthentication
657	and
658	.Cm PermitEmptyPasswords
659	ineffective.
660	.It Cm StrictModes	654	.It Cm StrictModes
661	Specifies whether	655	Specifies whether
662	.Nm	656	.Nm