diff options
Diffstat (limited to 'ssh-keysign.8')
-rw-r--r-- | ssh-keysign.8 | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/ssh-keysign.8 b/ssh-keysign.8 index fccbd7c27..ab2cf21ba 100644 --- a/ssh-keysign.8 +++ b/ssh-keysign.8 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keysign.8,v 1.1 2002/05/25 08:16:59 markus Exp $ | 1 | .\" $OpenBSD: ssh-keysign.8,v 1.2 2002/06/10 16:56:30 stevesk Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2002 Markus Friedl. All rights reserved. | 3 | .\" Copyright (c) 2002 Markus Friedl. All rights reserved. |
4 | .\" | 4 | .\" |
@@ -29,16 +29,13 @@ | |||
29 | .Nm ssh-keysign | 29 | .Nm ssh-keysign |
30 | .Nd ssh helper program for hostbased authentication | 30 | .Nd ssh helper program for hostbased authentication |
31 | .Sh SYNOPSIS | 31 | .Sh SYNOPSIS |
32 | .Nm ssh-keysign | 32 | .Nm |
33 | .Sh DESCRIPTION | 33 | .Sh DESCRIPTION |
34 | .Nm | 34 | .Nm |
35 | is used by | 35 | is used by |
36 | .Xr ssh 1 | 36 | .Xr ssh 1 |
37 | to access the local host keys during hostbased authentication with | 37 | to access the local host keys and generate the digital signature |
38 | SSH protocol version 2. | 38 | required during hostbased authentication with SSH protocol version 2. |
39 | Since the host keys are readable only by root | ||
40 | .Nm | ||
41 | must be setuid root. | ||
42 | .Nm | 39 | .Nm |
43 | is not intended to be invoked by the user, but from | 40 | is not intended to be invoked by the user, but from |
44 | .Xr ssh 1 . | 41 | .Xr ssh 1 . |
@@ -47,8 +44,20 @@ See | |||
47 | and | 44 | and |
48 | .Xr sshd 8 | 45 | .Xr sshd 8 |
49 | for more information about hostbased authentication. | 46 | for more information about hostbased authentication. |
47 | .Sh FILES | ||
48 | .Bl -tag -width Ds | ||
49 | .It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key | ||
50 | These files contain the private parts of the host keys used to | ||
51 | generate the digital signature. They | ||
52 | should be owned by root, readable only by root, and not | ||
53 | accessible to others. | ||
54 | Since they are readable only by root, | ||
55 | .Nm | ||
56 | must be set-uid root if hostbased authentication is used. | ||
57 | .El | ||
50 | .Sh SEE ALSO | 58 | .Sh SEE ALSO |
51 | .Xr ssh 1 , | 59 | .Xr ssh 1 , |
60 | .Xr ssh-keygen 1 , | ||
52 | .Xr sshd 8 | 61 | .Xr sshd 8 |
53 | .Sh AUTHORS | 62 | .Sh AUTHORS |
54 | Markus Friedl <markus@openbsd.org> | 63 | Markus Friedl <markus@openbsd.org> |