1 files changed, 148 insertions, 0 deletions
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
new file mode 100644
index 000000000..46e1f8712
--- /dev/null
+++ b/debian/patches/openbsd-docs.patch
@@ -0,0 +1,148 @@
+From 8fb8f70b0534897791c61f2757e97bd13385944e Mon Sep 17 00:00:00 2001
+From: Colin Watson <cjwatson@debian.org>
+Date: Sun, 9 Feb 2014 16:10:09 +0000
+Subject: Adjust various OpenBSD-specific references in manual pages
+No single bug reference for this patch, but history includes:
+ http://bugs.debian.org/154434 (login.conf(5))
+ http://bugs.debian.org/513417 (/etc/rc)
+ http://bugs.debian.org/530692 (ssl(8))
+ https://bugs.launchpad.net/bugs/456660 (ssl(8))
+Forwarded: not-needed
+Last-Update: 2017-10-04
+Patch-Name: openbsd-docs.patch
+---
+ moduli.5      |  4 ++--
+ ssh-keygen.1  | 12 ++++--------
+ ssh.1         |  4 ++++
+ sshd.8        |  5 ++---
+ sshd_config.5 |  3 +--
+ 5 files changed, 13 insertions(+), 15 deletions(-)
+diff --git a/moduli.5 b/moduli.5
+index ef0de0850..149846c8c 100644
+--- a/moduli.5
+++ b/moduli.5
+@@ -21,7 +21,7 @@
+ .Nd Diffie-Hellman moduli
+ .Sh DESCRIPTION
+ The
+-.Pa /etc/moduli
+.Pa /etc/ssh/moduli
+ file contains prime numbers and generators for use by
+ .Xr sshd 8
+ in the Diffie-Hellman Group Exchange key exchange method.
+@@ -110,7 +110,7 @@ first estimates the size of the modulus required to produce enough
+ Diffie-Hellman output to sufficiently key the selected symmetric cipher.
+ .Xr sshd 8
+ then randomly selects a modulus from
+-.Fa /etc/moduli
+.Fa /etc/ssh/moduli
+ that best meets the size requirement.
+ .Sh SEE ALSO
+ .Xr ssh-keygen 1 ,
+diff --git a/ssh-keygen.1 b/ssh-keygen.1
+index 957d2f0f0..143a2349f 100644
+--- a/ssh-keygen.1
+++ b/ssh-keygen.1
+@@ -191,9 +191,7 @@ key in
+ .Pa ~/.ssh/id_ed25519
+ or
+ .Pa ~/.ssh/id_rsa .
+-Additionally, the system administrator may use this to generate host keys,
+-as seen in
+-.Pa /etc/rc .
+Additionally, the system administrator may use this to generate host keys.
+ .Pp
+ Normally this program generates the key and asks for a file in which
+ to store the private key.
+@@ -256,9 +254,7 @@ If
+ .Fl f
+ has also been specified, its argument is used as a prefix to the
+ default path for the resulting host key files.
+-This is used by
+-.Pa /etc/rc
+-to generate new host keys.
+This is used by system administration scripts to generate new host keys.
+ .It Fl a Ar rounds
+ When saving a private key, this option specifies the number of KDF
+ (key derivation function) rounds used.
+@@ -798,7 +794,7 @@ option.
+ Valid generator values are 2, 3, and 5.
+ .Pp
+ Screened DH groups may be installed in
+-.Pa /etc/moduli .
+.Pa /etc/ssh/moduli .
+ It is important that this file contains moduli of a range of bit lengths and
+ that both ends of a connection share common moduli.
+ .Sh CERTIFICATES
+@@ -1049,7 +1045,7 @@ on all machines
+ where the user wishes to log in using public key authentication.
+ There is no need to keep the contents of this file secret.
+ .Pp
+-.It Pa /etc/moduli
+.It Pa /etc/ssh/moduli
+ Contains Diffie-Hellman groups used for DH-GEX.
+ The file format is described in
+ .Xr moduli 5 .
+diff --git a/ssh.1 b/ssh.1
+index 20e4c4efa..4923031f4 100644
+--- a/ssh.1
+++ b/ssh.1
+@@ -873,6 +873,10 @@ implements public key authentication protocol automatically,
+ using one of the DSA, ECDSA, Ed25519 or RSA algorithms.
+ The HISTORY section of
+ .Xr ssl 8
+(on non-OpenBSD systems, see
+.nh
+http://www.openbsd.org/cgi\-bin/man.cgi?query=ssl&sektion=8#HISTORY)
+.hy
+ contains a brief discussion of the DSA and RSA algorithms.
+ .Pp
+ The file
+diff --git a/sshd.8 b/sshd.8
+index 57a7fd66b..4abc01d66 100644
+--- a/sshd.8
+++ b/sshd.8
+@@ -65,7 +65,7 @@ over an insecure network.
+ .Nm
+ listens for connections from clients.
+ It is normally started at boot from
+-.Pa /etc/rc .
+.Pa /etc/init.d/ssh .
+ It forks a new
+ daemon for each incoming connection.
+ The forked daemons handle
+@@ -884,7 +884,7 @@ This file is for host-based authentication (see
+ .Xr ssh 1 ) .
+ It should only be writable by root.
+ .Pp
+-.It Pa /etc/moduli
+.It Pa /etc/ssh/moduli
+ Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange"
+ key exchange method.
+ The file format is described in
+@@ -982,7 +982,6 @@ The content of this file is not sensitive; it can be world-readable.
+ .Xr ssh-keyscan 1 ,
+ .Xr chroot 2 ,
+ .Xr hosts_access 5 ,
+-.Xr login.conf 5 ,
+ .Xr moduli 5 ,
+ .Xr sshd_config 5 ,
+ .Xr inetd 8 ,
+diff --git a/sshd_config.5 b/sshd_config.5
+index 46537f177..270805060 100644
+--- a/sshd_config.5
+++ b/sshd_config.5
+@@ -393,8 +393,7 @@ Certificates signed using other algorithms will not be accepted for
+ public key or host-based authentication.
+ .It Cm ChallengeResponseAuthentication
+ Specifies whether challenge-response authentication is allowed (e.g. via
+-PAM or through authentication styles supported in
+-.Xr login.conf 5 )
+PAM).
+ The default is
+ .Cm yes .
+ .It Cm ChrootDirectory

diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch new file mode 100644 index 000000000..46e1f8712 --- /dev/null +++ b/debian/patches/openbsd-docs.patch
@@ -0,0 +1,148 @@
	1	From 8fb8f70b0534897791c61f2757e97bd13385944e Mon Sep 17 00:00:00 2001
	2	From: Colin Watson <cjwatson@debian.org>
	3	Date: Sun, 9 Feb 2014 16:10:09 +0000
	4	Subject: Adjust various OpenBSD-specific references in manual pages
	5
	6	No single bug reference for this patch, but history includes:
	7	http://bugs.debian.org/154434 (login.conf(5))
	8	http://bugs.debian.org/513417 (/etc/rc)
	9	http://bugs.debian.org/530692 (ssl(8))
	10	https://bugs.launchpad.net/bugs/456660 (ssl(8))
	11
	12	Forwarded: not-needed
	13	Last-Update: 2017-10-04
	14
	15	Patch-Name: openbsd-docs.patch
	16	---
	17	moduli.5 \| 4 ++--
	18	ssh-keygen.1 \| 12 ++++--------
	19	ssh.1 \| 4 ++++
	20	sshd.8 \| 5 ++---
	21	sshd_config.5 \| 3 +--
	22	5 files changed, 13 insertions(+), 15 deletions(-)
	23
	24	diff --git a/moduli.5 b/moduli.5
	25	index ef0de0850..149846c8c 100644
	26	--- a/moduli.5
	27	+++ b/moduli.5
	28	@@ -21,7 +21,7 @@
	29	.Nd Diffie-Hellman moduli
	30	.Sh DESCRIPTION
	31	The
	32	-.Pa /etc/moduli
	33	+.Pa /etc/ssh/moduli
	34	file contains prime numbers and generators for use by
	35	.Xr sshd 8
	36	in the Diffie-Hellman Group Exchange key exchange method.
	37	@@ -110,7 +110,7 @@ first estimates the size of the modulus required to produce enough
	38	Diffie-Hellman output to sufficiently key the selected symmetric cipher.
	39	.Xr sshd 8
	40	then randomly selects a modulus from
	41	-.Fa /etc/moduli
	42	+.Fa /etc/ssh/moduli
	43	that best meets the size requirement.
	44	.Sh SEE ALSO
	45	.Xr ssh-keygen 1 ,
	46	diff --git a/ssh-keygen.1 b/ssh-keygen.1
	47	index 957d2f0f0..143a2349f 100644
	48	--- a/ssh-keygen.1
	49	+++ b/ssh-keygen.1
	50	@@ -191,9 +191,7 @@ key in
	51	.Pa ~/.ssh/id_ed25519
	52	or
	53	.Pa ~/.ssh/id_rsa .
	54	-Additionally, the system administrator may use this to generate host keys,
	55	-as seen in
	56	-.Pa /etc/rc .
	57	+Additionally, the system administrator may use this to generate host keys.
	58	.Pp
	59	Normally this program generates the key and asks for a file in which
	60	to store the private key.
	61	@@ -256,9 +254,7 @@ If
	62	.Fl f
	63	has also been specified, its argument is used as a prefix to the
	64	default path for the resulting host key files.
	65	-This is used by
	66	-.Pa /etc/rc
	67	-to generate new host keys.
	68	+This is used by system administration scripts to generate new host keys.
	69	.It Fl a Ar rounds
	70	When saving a private key, this option specifies the number of KDF
	71	(key derivation function) rounds used.
	72	@@ -798,7 +794,7 @@ option.
	73	Valid generator values are 2, 3, and 5.
	74	.Pp
	75	Screened DH groups may be installed in
	76	-.Pa /etc/moduli .
	77	+.Pa /etc/ssh/moduli .
	78	It is important that this file contains moduli of a range of bit lengths and
	79	that both ends of a connection share common moduli.
	80	.Sh CERTIFICATES
	81	@@ -1049,7 +1045,7 @@ on all machines
	82	where the user wishes to log in using public key authentication.
	83	There is no need to keep the contents of this file secret.
	84	.Pp
	85	-.It Pa /etc/moduli
	86	+.It Pa /etc/ssh/moduli
	87	Contains Diffie-Hellman groups used for DH-GEX.
	88	The file format is described in
	89	.Xr moduli 5 .
	90	diff --git a/ssh.1 b/ssh.1
	91	index 20e4c4efa..4923031f4 100644
	92	--- a/ssh.1
	93	+++ b/ssh.1
	94	@@ -873,6 +873,10 @@ implements public key authentication protocol automatically,
	95	using one of the DSA, ECDSA, Ed25519 or RSA algorithms.
	96	The HISTORY section of
	97	.Xr ssl 8
	98	+(on non-OpenBSD systems, see
	99	+.nh
	100	+http://www.openbsd.org/cgi\-bin/man.cgi?query=ssl&sektion=8#HISTORY)
	101	+.hy
	102	contains a brief discussion of the DSA and RSA algorithms.
	103	.Pp
	104	The file
	105	diff --git a/sshd.8 b/sshd.8
	106	index 57a7fd66b..4abc01d66 100644
	107	--- a/sshd.8
	108	+++ b/sshd.8
	109	@@ -65,7 +65,7 @@ over an insecure network.
	110	.Nm
	111	listens for connections from clients.
	112	It is normally started at boot from
	113	-.Pa /etc/rc .
	114	+.Pa /etc/init.d/ssh .
	115	It forks a new
	116	daemon for each incoming connection.
	117	The forked daemons handle
	118	@@ -884,7 +884,7 @@ This file is for host-based authentication (see
	119	.Xr ssh 1 ) .
	120	It should only be writable by root.
	121	.Pp
	122	-.It Pa /etc/moduli
	123	+.It Pa /etc/ssh/moduli
	124	Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange"
	125	key exchange method.
	126	The file format is described in
	127	@@ -982,7 +982,6 @@ The content of this file is not sensitive; it can be world-readable.
	128	.Xr ssh-keyscan 1 ,
	129	.Xr chroot 2 ,
	130	.Xr hosts_access 5 ,
	131	-.Xr login.conf 5 ,
	132	.Xr moduli 5 ,
	133	.Xr sshd_config 5 ,
	134	.Xr inetd 8 ,
	135	diff --git a/sshd_config.5 b/sshd_config.5
	136	index 46537f177..270805060 100644
	137	--- a/sshd_config.5
	138	+++ b/sshd_config.5
	139	@@ -393,8 +393,7 @@ Certificates signed using other algorithms will not be accepted for
	140	public key or host-based authentication.
	141	.It Cm ChallengeResponseAuthentication
	142	Specifies whether challenge-response authentication is allowed (e.g. via
	143	-PAM or through authentication styles supported in
	144	-.Xr login.conf 5 )
	145	+PAM).
	146	The default is
	147	.Cm yes .
	148	.It Cm ChrootDirectory