diff options
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 26 |
1 files changed, 20 insertions, 6 deletions
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd.8,v 1.288 2017/01/30 23:27:39 dtucker Exp $ | 36 | .\" $OpenBSD: sshd.8,v 1.291 2017/06/24 06:28:50 jmc Exp $ |
37 | .Dd $Mdocdate: January 30 2017 $ | 37 | .Dd $Mdocdate: June 24 2017 $ |
38 | .Dt SSHD 8 | 38 | .Dt SSHD 8 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -259,7 +259,7 @@ The client selects the encryption algorithm | |||
259 | to use from those offered by the server. | 259 | to use from those offered by the server. |
260 | Additionally, session integrity is provided | 260 | Additionally, session integrity is provided |
261 | through a cryptographic message authentication code | 261 | through a cryptographic message authentication code |
262 | (hmac-md5, hmac-sha1, umac-64, umac-128, hmac-ripemd160, | 262 | (hmac-md5, hmac-sha1, umac-64, umac-128, |
263 | hmac-sha2-256 or hmac-sha2-512). | 263 | hmac-sha2-256 or hmac-sha2-512). |
264 | .Pp | 264 | .Pp |
265 | Finally, the server and the client enter an authentication dialog. | 265 | Finally, the server and the client enter an authentication dialog. |
@@ -651,9 +651,23 @@ Hostnames is a comma-separated list of patterns | |||
651 | and | 651 | and |
652 | .Ql \&? | 652 | .Ql \&? |
653 | act as | 653 | act as |
654 | wildcards); each pattern in turn is matched against the canonical host | 654 | wildcards); each pattern in turn is matched against the host name. |
655 | name (when authenticating a client) or against the user-supplied | 655 | When |
656 | name (when authenticating a server). | 656 | .Nm sshd |
657 | is authenticating a client, such as when using | ||
658 | .Cm HostbasedAuthentication , | ||
659 | this will be the canonical client host name. | ||
660 | When | ||
661 | .Xr ssh 1 | ||
662 | is authenticating a server, this will be the host name | ||
663 | given by the user, the value of the | ||
664 | .Xr ssh 1 | ||
665 | .Cm HostkeyAlias | ||
666 | if it was specified, or the canonical server hostname if the | ||
667 | .Xr ssh 1 | ||
668 | .Cm CanonicalizeHostname | ||
669 | option was used. | ||
670 | .Pp | ||
657 | A pattern may also be preceded by | 671 | A pattern may also be preceded by |
658 | .Ql \&! | 672 | .Ql \&! |
659 | to indicate negation: if the host name matches a negated | 673 | to indicate negation: if the host name matches a negated |