1 files changed, 27 insertions, 9 deletions
diff --git a/ssh.1 b/ssh.1
index a5576edb6..62292cc09 100644
--- a/ssh.1
+++ b/ssh.1
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.330 2012/10/04 13:21:50 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.334 2013/07/18 01:12:26 djm Exp $
-.Dd $Mdocdate: October 4 2012 $
+.Dd $Mdocdate: July 18 2013 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -47,6 +47,7 @@
 .Op Fl b Ar bind_address
 .Op Fl c Ar cipher_spec
 .Op Fl D Oo Ar bind_address : Oc Ns Ar port
+.Op Fl E Ar log_file
 .Op Fl e Ar escape_char
 .Op Fl F Ar configfile
 .Op Fl I Ar pkcs11
@@ -64,6 +65,8 @@
 .Oo Ar user Ns @ Oc Ns Ar hostname
 .Op Ar command
 .Ek
+.Nm
+.Fl Q Ar protocol_feature
 .Sh DESCRIPTION
 .Nm
 (SSH client) is a program for logging into a remote machine and for
@@ -217,6 +220,10 @@ indicates that the listening port be bound for local use only, while an
 empty address or
 .Sq *
 indicates that the port should be available from all interfaces.
+.It Fl E Ar log_file
+Append debug logs to
+.Ar log_file
+instead of standard error.
 .It Fl e Ar escape_char
 Sets the escape character for sessions with a pty (default:
 .Ql ~ ) .
@@ -482,6 +489,21 @@ For full details of the options listed below, and their possible values, see
 Port to connect to on the remote host.
 This can be specified on a
 per-host basis in the configuration file.
+.It Fl Q Ar protocol_feature
+Queries
+.Nm
+for the algorithms supported for the specified version 2
+.Ar protocol_feature .
+The queriable features are:
+.Dq cipher
+(supported symmetric ciphers),
+.Dq MAC
+(supported message integrity codes),
+.Dq KEX
+(key exchange algorithms),
+.Dq key
+(key types).
+Protocol features are treated case-insensitively.
 .It Fl q
 Quiet mode.
 Causes most warning and diagnostic messages to be suppressed.
@@ -732,9 +754,7 @@ implements public key authentication protocol automatically,
 using one of the DSA, ECDSA or RSA algorithms.
 Protocol 1 is restricted to using only RSA keys,
 but protocol 2 may use any.
-The
+The HISTORY section of
-.Sx HISTORY
-section of
 .Xr ssl 8
 contains a brief discussion of the DSA and RSA algorithms.
 .Pp
@@ -790,9 +810,7 @@ instead of a set of public/private keys,
 signed certificates are used.
 This has the advantage that a single trusted certification authority
 can be used in place of many public/private keys.
-See the
+See the CERTIFICATES section of
-.Sx CERTIFICATES
-section of
 .Xr ssh-keygen 1
 for more information.
 .Pp
@@ -1319,7 +1337,7 @@ This is the per-user configuration file.
 The file format and configuration options are described in
 .Xr ssh_config 5 .
 Because of the potential for abuse, this file must have strict permissions:
-read/write for the user, and not accessible by others.
+read/write for the user, and not writable by others.
 .Pp
 .It Pa ~/.ssh/environment
 Contains additional definitions for environment variables; see

diff --git a/ssh.1 b/ssh.1 index a5576edb6..62292cc09 100644 --- a/ssh.1 +++ b/ssh.1
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: ssh.1,v 1.330 2012/10/04 13:21:50 markus Exp $	36	.\" $OpenBSD: ssh.1,v 1.334 2013/07/18 01:12:26 djm Exp $
37	.Dd $Mdocdate: October 4 2012 $	37	.Dd $Mdocdate: July 18 2013 $
38	.Dt SSH 1	38	.Dt SSH 1
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -47,6 +47,7 @@
47	.Op Fl b Ar bind_address	47	.Op Fl b Ar bind_address
48	.Op Fl c Ar cipher_spec	48	.Op Fl c Ar cipher_spec
49	.Op Fl D Oo Ar bind_address : Oc Ns Ar port	49	.Op Fl D Oo Ar bind_address : Oc Ns Ar port
		50	.Op Fl E Ar log_file
50	.Op Fl e Ar escape_char	51	.Op Fl e Ar escape_char
51	.Op Fl F Ar configfile	52	.Op Fl F Ar configfile
52	.Op Fl I Ar pkcs11	53	.Op Fl I Ar pkcs11
@@ -64,6 +65,8 @@
64	.Oo Ar user Ns @ Oc Ns Ar hostname	65	.Oo Ar user Ns @ Oc Ns Ar hostname
65	.Op Ar command	66	.Op Ar command
66	.Ek	67	.Ek
		68	.Nm
		69	.Fl Q Ar protocol_feature
67	.Sh DESCRIPTION	70	.Sh DESCRIPTION
68	.Nm	71	.Nm
69	(SSH client) is a program for logging into a remote machine and for	72	(SSH client) is a program for logging into a remote machine and for
@@ -217,6 +220,10 @@ indicates that the listening port be bound for local use only, while an
217	empty address or	220	empty address or
218	.Sq *	221	.Sq *
219	indicates that the port should be available from all interfaces.	222	indicates that the port should be available from all interfaces.
		223	.It Fl E Ar log_file
		224	Append debug logs to
		225	.Ar log_file
		226	instead of standard error.
220	.It Fl e Ar escape_char	227	.It Fl e Ar escape_char
221	Sets the escape character for sessions with a pty (default:	228	Sets the escape character for sessions with a pty (default:
222	.Ql ~ ) .	229	.Ql ~ ) .
@@ -482,6 +489,21 @@ For full details of the options listed below, and their possible values, see
482	Port to connect to on the remote host.	489	Port to connect to on the remote host.
483	This can be specified on a	490	This can be specified on a
484	per-host basis in the configuration file.	491	per-host basis in the configuration file.
		492	.It Fl Q Ar protocol_feature
		493	Queries
		494	.Nm
		495	for the algorithms supported for the specified version 2
		496	.Ar protocol_feature .
		497	The queriable features are:
		498	.Dq cipher
		499	(supported symmetric ciphers),
		500	.Dq MAC
		501	(supported message integrity codes),
		502	.Dq KEX
		503	(key exchange algorithms),
		504	.Dq key
		505	(key types).
		506	Protocol features are treated case-insensitively.
485	.It Fl q	507	.It Fl q
486	Quiet mode.	508	Quiet mode.
487	Causes most warning and diagnostic messages to be suppressed.	509	Causes most warning and diagnostic messages to be suppressed.
@@ -732,9 +754,7 @@ implements public key authentication protocol automatically,
732	using one of the DSA, ECDSA or RSA algorithms.	754	using one of the DSA, ECDSA or RSA algorithms.
733	Protocol 1 is restricted to using only RSA keys,	755	Protocol 1 is restricted to using only RSA keys,
734	but protocol 2 may use any.	756	but protocol 2 may use any.
735	The	757	The HISTORY section of
736	.Sx HISTORY
737	section of
738	.Xr ssl 8	758	.Xr ssl 8
739	contains a brief discussion of the DSA and RSA algorithms.	759	contains a brief discussion of the DSA and RSA algorithms.
740	.Pp	760	.Pp
@@ -790,9 +810,7 @@ instead of a set of public/private keys,
790	signed certificates are used.	810	signed certificates are used.
791	This has the advantage that a single trusted certification authority	811	This has the advantage that a single trusted certification authority
792	can be used in place of many public/private keys.	812	can be used in place of many public/private keys.
793	See the	813	See the CERTIFICATES section of
794	.Sx CERTIFICATES
795	section of
796	.Xr ssh-keygen 1	814	.Xr ssh-keygen 1
797	for more information.	815	for more information.
798	.Pp	816	.Pp
@@ -1319,7 +1337,7 @@ This is the per-user configuration file.
1319	The file format and configuration options are described in	1337	The file format and configuration options are described in
1320	.Xr ssh_config 5 .	1338	.Xr ssh_config 5 .
1321	Because of the potential for abuse, this file must have strict permissions:	1339	Because of the potential for abuse, this file must have strict permissions:
1322	read/write for the user, and not accessible by others.	1340	read/write for the user, and not writable by others.
1323	.Pp	1341	.Pp
1324	.It Pa ~/.ssh/environment	1342	.It Pa ~/.ssh/environment
1325	Contains additional definitions for environment variables; see	1343	Contains additional definitions for environment variables; see