diff options
Diffstat (limited to 'sshd.0')
-rw-r--r-- | sshd.0 | 15 |
1 files changed, 7 insertions, 8 deletions
@@ -87,12 +87,11 @@ DESCRIPTION | |||
87 | files for the different protocol versions and host key | 87 | files for the different protocol versions and host key |
88 | algorithms. | 88 | algorithms. |
89 | 89 | ||
90 | -i Specifies that sshd is being run from inetd(8). sshd is normally | 90 | -i Specifies that sshd is being run from inetd(8). If SSH protocol |
91 | not run from inetd because it needs to generate the server key | 91 | 1 is enabled, sshd should not normally be run from inetd because |
92 | before it can respond to the client, and this may take tens of | 92 | it needs to generate the server key before it can respond to the |
93 | seconds. Clients would have to wait too long if the key was | 93 | client, and this may take some time. Clients may have to wait |
94 | regenerated every time. However, with small key sizes (e.g. 512) | 94 | too long if the key was regenerated every time. |
95 | using sshd from inetd may be feasible. | ||
96 | 95 | ||
97 | -k key_gen_time | 96 | -k key_gen_time |
98 | Specifies how often the ephemeral protocol version 1 server key | 97 | Specifies how often the ephemeral protocol version 1 server key |
@@ -152,7 +151,7 @@ AUTHENTICATION | |||
152 | host-specific key, normally 2048 bits, used to identify the host. | 151 | host-specific key, normally 2048 bits, used to identify the host. |
153 | 152 | ||
154 | Forward security for protocol 1 is provided through an additional server | 153 | Forward security for protocol 1 is provided through an additional server |
155 | key, normally 768 bits, generated when the server starts. This key is | 154 | key, normally 1024 bits, generated when the server starts. This key is |
156 | normally regenerated every hour if it has been used, and is never stored | 155 | normally regenerated every hour if it has been used, and is never stored |
157 | on disk. Whenever a client connects, the daemon responds with its public | 156 | on disk. Whenever a client connects, the daemon responds with its public |
158 | host and server keys. The client compares the RSA host key against its | 157 | host and server keys. The client compares the RSA host key against its |
@@ -633,4 +632,4 @@ AUTHORS | |||
633 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support | 632 | versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support |
634 | for privilege separation. | 633 | for privilege separation. |
635 | 634 | ||
636 | OpenBSD 5.7 May 1, 2015 OpenBSD 5.7 | 635 | OpenBSD 5.8 July 3, 2015 OpenBSD 5.8 |