diff options
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 26 |
1 files changed, 20 insertions, 6 deletions
@@ -33,8 +33,8 @@ | |||
33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
35 | .\" | 35 | .\" |
36 | .\" $OpenBSD: sshd.8,v 1.288 2017/01/30 23:27:39 dtucker Exp $ | 36 | .\" $OpenBSD: sshd.8,v 1.291 2017/06/24 06:28:50 jmc Exp $ |
37 | .Dd $Mdocdate: January 30 2017 $ | 37 | .Dd $Mdocdate: June 24 2017 $ |
38 | .Dt SSHD 8 | 38 | .Dt SSHD 8 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -260,7 +260,7 @@ The client selects the encryption algorithm | |||
260 | to use from those offered by the server. | 260 | to use from those offered by the server. |
261 | Additionally, session integrity is provided | 261 | Additionally, session integrity is provided |
262 | through a cryptographic message authentication code | 262 | through a cryptographic message authentication code |
263 | (hmac-md5, hmac-sha1, umac-64, umac-128, hmac-ripemd160, | 263 | (hmac-md5, hmac-sha1, umac-64, umac-128, |
264 | hmac-sha2-256 or hmac-sha2-512). | 264 | hmac-sha2-256 or hmac-sha2-512). |
265 | .Pp | 265 | .Pp |
266 | Finally, the server and the client enter an authentication dialog. | 266 | Finally, the server and the client enter an authentication dialog. |
@@ -652,9 +652,23 @@ Hostnames is a comma-separated list of patterns | |||
652 | and | 652 | and |
653 | .Ql \&? | 653 | .Ql \&? |
654 | act as | 654 | act as |
655 | wildcards); each pattern in turn is matched against the canonical host | 655 | wildcards); each pattern in turn is matched against the host name. |
656 | name (when authenticating a client) or against the user-supplied | 656 | When |
657 | name (when authenticating a server). | 657 | .Nm sshd |
658 | is authenticating a client, such as when using | ||
659 | .Cm HostbasedAuthentication , | ||
660 | this will be the canonical client host name. | ||
661 | When | ||
662 | .Xr ssh 1 | ||
663 | is authenticating a server, this will be the host name | ||
664 | given by the user, the value of the | ||
665 | .Xr ssh 1 | ||
666 | .Cm HostkeyAlias | ||
667 | if it was specified, or the canonical server hostname if the | ||
668 | .Xr ssh 1 | ||
669 | .Cm CanonicalizeHostname | ||
670 | option was used. | ||
671 | .Pp | ||
658 | A pattern may also be preceded by | 672 | A pattern may also be preceded by |
659 | .Ql \&! | 673 | .Ql \&! |
660 | to indicate negation: if the host name matches a negated | 674 | to indicate negation: if the host name matches a negated |