1 files changed, 21 insertions, 55 deletions
diff --git a/ssh.1 b/ssh.1
index c03771a3e..02d28a00b 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.303 2010/03/26 00:26:58 djm Exp $
+.\" $OpenBSD: ssh.1,v 1.308 2010/08/04 05:37:01 djm Exp $
-.Dd $Mdocdate: March 26 2010 $
+.Dd $Mdocdate: August 4 2010 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -43,46 +43,28 @@
 .Nd OpenSSH SSH client (remote login program)
 .Sh SYNOPSIS
 .Nm ssh
+.Bk -words
 .Op Fl 1246AaCfgKkMNnqsTtVvXxYy
 .Op Fl b Ar bind_address
 .Op Fl c Ar cipher_spec
-.Oo Fl D\ \&
+.Op Fl D Oo Ar bind_address : Oc Ns Ar port
-.Sm off
-.Oo Ar bind_address : Oc
-.Ar port
-.Sm on
-.Oc
 .Op Fl e Ar escape_char
 .Op Fl F Ar configfile
 .Op Fl I Ar pkcs11
-.Bk -words
 .Op Fl i Ar identity_file
-.Ek
+.Op Fl L Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
-.Oo Fl L\ \&
-.Sm off
-.Oo Ar bind_address : Oc
-.Ar port : host : hostport
-.Sm on
-.Oc
-.Bk -words
 .Op Fl l Ar login_name
-.Ek
 .Op Fl m Ar mac_spec
 .Op Fl O Ar ctl_cmd
 .Op Fl o Ar option
 .Op Fl p Ar port
-.Oo Fl R\ \&
+.Op Fl R Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
-.Sm off
-.Oo Ar bind_address : Oc
-.Ar port : host : hostport
-.Sm on
-.Oc
 .Op Fl S Ar ctl_path
 .Op Fl W Ar host : Ns Ar port
-.Oo Fl w Ar local_tun Ns
+.Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun
-.Op : Ns Ar remote_tun Oc
 .Oo Ar user Ns @ Oc Ns Ar hostname
 .Op Ar command
+.Ek
 .Sh DESCRIPTION
 .Nm
 (SSH client) is a program for logging into a remote machine and for
@@ -194,7 +176,9 @@ is a comma-separated list of ciphers
 listed in order of preference.
 See the
 .Cm Ciphers
-keyword for more information.
+keyword in
+.Xr ssh_config 5
+for more information.
 .It Fl D Xo
 .Sm off
 .Oo Ar bind_address : Oc
@@ -218,14 +202,7 @@ will act as a SOCKS server.
 Only root can forward privileged ports.
 Dynamic port forwardings can also be specified in the configuration file.
 .Pp
-IPv6 addresses can be specified with an alternative syntax:
+IPv6 addresses can be specified by enclosing the address in square brackets.
-.Sm off
-.Xo
-.Op Ar bind_address No /
-.Ar port
-.Xc
-.Sm on
-or by enclosing the address in square brackets.
 Only the superuser can forward privileged ports.
 By default, the local port is bound in accordance with the
 .Cm GatewayPorts
@@ -336,15 +313,7 @@ port
 .Ar hostport
 from the remote machine.
 Port forwardings can also be specified in the configuration file.
-IPv6 addresses can be specified with an alternative syntax:
+IPv6 addresses can be specified by enclosing the address in square brackets.
-.Sm off
-.Xo
-.Op Ar bind_address No /
-.Ar port No / Ar host No /
-.Ar hostport
-.Xc
-.Sm on
-or by enclosing the address in square brackets.
 Only the superuser can forward privileged ports.
 By default, the local port is bound in accordance with the
 .Cm GatewayPorts
@@ -421,7 +390,9 @@ option is specified, the
 argument is interpreted and passed to the master process.
 Valid commands are:
 .Dq check
-(check that the master process is running) and
+(check that the master process is running),
+.Dq forward
+(request forwardings without command execution) and
 .Dq exit
 (request the master to exit).
 .It Fl o Ar option
@@ -525,15 +496,7 @@ from the local machine.
 Port forwardings can also be specified in the configuration file.
 Privileged ports can be forwarded only when
 logging in as root on the remote machine.
-IPv6 addresses can be specified by enclosing the address in square braces or
+IPv6 addresses can be specified by enclosing the address in square braces.
-using an alternative syntax:
-.Sm off
-.Xo
-.Op Ar bind_address No /
-.Ar host No / Ar port No /
-.Ar hostport
-.Xc .
-.Sm on
 .Pp
 By default, the listening socket on the server will be bound to the loopback
 interface only.
@@ -557,8 +520,11 @@ argument is
 .Ql 0 ,
 the listen port will be dynamically allocated on the server and reported
 to the client at run time.
+When used together with
+.Ic -O forward
+the allocated port will be printed to the standard output.
 .It Fl S Ar ctl_path
-Specifies the location of a control socket for connection sharing
+Specifies the location of a control socket for connection sharing,
 or the string
 .Dq none
 to disable connection sharing.

diff --git a/ssh.1 b/ssh.1 index c03771a3e..02d28a00b 100644 --- a/ssh.1 +++ b/ssh.1
@@ -34,8 +34,8 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: ssh.1,v 1.303 2010/03/26 00:26:58 djm Exp $	37	.\" $OpenBSD: ssh.1,v 1.308 2010/08/04 05:37:01 djm Exp $
38	.Dd $Mdocdate: March 26 2010 $	38	.Dd $Mdocdate: August 4 2010 $
39	.Dt SSH 1	39	.Dt SSH 1
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -43,46 +43,28 @@
43	.Nd OpenSSH SSH client (remote login program)	43	.Nd OpenSSH SSH client (remote login program)
44	.Sh SYNOPSIS	44	.Sh SYNOPSIS
45	.Nm ssh	45	.Nm ssh
		46	.Bk -words
46	.Op Fl 1246AaCfgKkMNnqsTtVvXxYy	47	.Op Fl 1246AaCfgKkMNnqsTtVvXxYy
47	.Op Fl b Ar bind_address	48	.Op Fl b Ar bind_address
48	.Op Fl c Ar cipher_spec	49	.Op Fl c Ar cipher_spec
49	.Oo Fl D\ \&	50	.Op Fl D Oo Ar bind_address : Oc Ns Ar port
50	.Sm off
51	.Oo Ar bind_address : Oc
52	.Ar port
53	.Sm on
54	.Oc
55	.Op Fl e Ar escape_char	51	.Op Fl e Ar escape_char
56	.Op Fl F Ar configfile	52	.Op Fl F Ar configfile
57	.Op Fl I Ar pkcs11	53	.Op Fl I Ar pkcs11
58	.Bk -words
59	.Op Fl i Ar identity_file	54	.Op Fl i Ar identity_file
60	.Ek	55	.Op Fl L Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
61	.Oo Fl L\ \&
62	.Sm off
63	.Oo Ar bind_address : Oc
64	.Ar port : host : hostport
65	.Sm on
66	.Oc
67	.Bk -words
68	.Op Fl l Ar login_name	56	.Op Fl l Ar login_name
69	.Ek
70	.Op Fl m Ar mac_spec	57	.Op Fl m Ar mac_spec
71	.Op Fl O Ar ctl_cmd	58	.Op Fl O Ar ctl_cmd
72	.Op Fl o Ar option	59	.Op Fl o Ar option
73	.Op Fl p Ar port	60	.Op Fl p Ar port
74	.Oo Fl R\ \&	61	.Op Fl R Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
75	.Sm off
76	.Oo Ar bind_address : Oc
77	.Ar port : host : hostport
78	.Sm on
79	.Oc
80	.Op Fl S Ar ctl_path	62	.Op Fl S Ar ctl_path
81	.Op Fl W Ar host : Ns Ar port	63	.Op Fl W Ar host : Ns Ar port
82	.Oo Fl w Ar local_tun Ns	64	.Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun
83	.Op : Ns Ar remote_tun Oc
84	.Oo Ar user Ns @ Oc Ns Ar hostname	65	.Oo Ar user Ns @ Oc Ns Ar hostname
85	.Op Ar command	66	.Op Ar command
		67	.Ek
86	.Sh DESCRIPTION	68	.Sh DESCRIPTION
87	.Nm	69	.Nm
88	(SSH client) is a program for logging into a remote machine and for	70	(SSH client) is a program for logging into a remote machine and for
@@ -194,7 +176,9 @@ is a comma-separated list of ciphers
194	listed in order of preference.	176	listed in order of preference.
195	See the	177	See the
196	.Cm Ciphers	178	.Cm Ciphers
197	keyword for more information.	179	keyword in
		180	.Xr ssh_config 5
		181	for more information.
198	.It Fl D Xo	182	.It Fl D Xo
199	.Sm off	183	.Sm off
200	.Oo Ar bind_address : Oc	184	.Oo Ar bind_address : Oc
@@ -218,14 +202,7 @@ will act as a SOCKS server.
218	Only root can forward privileged ports.	202	Only root can forward privileged ports.
219	Dynamic port forwardings can also be specified in the configuration file.	203	Dynamic port forwardings can also be specified in the configuration file.
220	.Pp	204	.Pp
221	IPv6 addresses can be specified with an alternative syntax:	205	IPv6 addresses can be specified by enclosing the address in square brackets.
222	.Sm off
223	.Xo
224	.Op Ar bind_address No /
225	.Ar port
226	.Xc
227	.Sm on
228	or by enclosing the address in square brackets.
229	Only the superuser can forward privileged ports.	206	Only the superuser can forward privileged ports.
230	By default, the local port is bound in accordance with the	207	By default, the local port is bound in accordance with the
231	.Cm GatewayPorts	208	.Cm GatewayPorts
@@ -336,15 +313,7 @@ port
336	.Ar hostport	313	.Ar hostport
337	from the remote machine.	314	from the remote machine.
338	Port forwardings can also be specified in the configuration file.	315	Port forwardings can also be specified in the configuration file.
339	IPv6 addresses can be specified with an alternative syntax:	316	IPv6 addresses can be specified by enclosing the address in square brackets.
340	.Sm off
341	.Xo
342	.Op Ar bind_address No /
343	.Ar port No / Ar host No /
344	.Ar hostport
345	.Xc
346	.Sm on
347	or by enclosing the address in square brackets.
348	Only the superuser can forward privileged ports.	317	Only the superuser can forward privileged ports.
349	By default, the local port is bound in accordance with the	318	By default, the local port is bound in accordance with the
350	.Cm GatewayPorts	319	.Cm GatewayPorts
@@ -421,7 +390,9 @@ option is specified, the
421	argument is interpreted and passed to the master process.	390	argument is interpreted and passed to the master process.
422	Valid commands are:	391	Valid commands are:
423	.Dq check	392	.Dq check
424	(check that the master process is running) and	393	(check that the master process is running),
		394	.Dq forward
		395	(request forwardings without command execution) and
425	.Dq exit	396	.Dq exit
426	(request the master to exit).	397	(request the master to exit).
427	.It Fl o Ar option	398	.It Fl o Ar option
@@ -525,15 +496,7 @@ from the local machine.
525	Port forwardings can also be specified in the configuration file.	496	Port forwardings can also be specified in the configuration file.
526	Privileged ports can be forwarded only when	497	Privileged ports can be forwarded only when
527	logging in as root on the remote machine.	498	logging in as root on the remote machine.
528	IPv6 addresses can be specified by enclosing the address in square braces or	499	IPv6 addresses can be specified by enclosing the address in square braces.
529	using an alternative syntax:
530	.Sm off
531	.Xo
532	.Op Ar bind_address No /
533	.Ar host No / Ar port No /
534	.Ar hostport
535	.Xc .
536	.Sm on
537	.Pp	500	.Pp
538	By default, the listening socket on the server will be bound to the loopback	501	By default, the listening socket on the server will be bound to the loopback
539	interface only.	502	interface only.
@@ -557,8 +520,11 @@ argument is
557	.Ql 0 ,	520	.Ql 0 ,
558	the listen port will be dynamically allocated on the server and reported	521	the listen port will be dynamically allocated on the server and reported
559	to the client at run time.	522	to the client at run time.
		523	When used together with
		524	.Ic -O forward
		525	the allocated port will be printed to the standard output.
560	.It Fl S Ar ctl_path	526	.It Fl S Ar ctl_path
561	Specifies the location of a control socket for connection sharing	527	Specifies the location of a control socket for connection sharing,
562	or the string	528	or the string
563	.Dq none	529	.Dq none
564	to disable connection sharing.	530	to disable connection sharing.