summaryrefslogtreecommitdiff
path: root/sshd.8
diff options
context:
space:
mode:
Diffstat (limited to 'sshd.8')
-rw-r--r--sshd.829
1 files changed, 20 insertions, 9 deletions
diff --git a/sshd.8 b/sshd.8
index eb5c8f1da..63ca7df22 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd.8,v 1.175 2002/03/29 19:16:22 stevesk Exp $ 37.\" $OpenBSD: sshd.8,v 1.176 2002/04/05 20:56:21 stevesk Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSHD 8 39.Dt SSHD 8
40.Os 40.Os
@@ -1324,13 +1324,17 @@ only by the user; it need not be readable by anyone else.
1324.It Pa $HOME/.ssh/rc 1324.It Pa $HOME/.ssh/rc
1325If this file exists, it is run with /bin/sh after reading the 1325If this file exists, it is run with /bin/sh after reading the
1326environment files but before starting the user's shell or command. 1326environment files but before starting the user's shell or command.
1327If X11 spoofing is in use, this will receive the "proto cookie" pair in 1327It must not produce any output on stdout; stderr must be used
1328standard input (and 1328instead.
1329If X11 forwarding is in use, it will receive the "proto cookie" pair in
1330its standard input (and
1329.Ev DISPLAY 1331.Ev DISPLAY
1330in environment). 1332in its environment).
1331This must call 1333The script must call
1332.Xr xauth 1 1334.Xr xauth 1
1333in that case. 1335because
1336.Nm
1337will not run xauth automatically to add X11 cookies.
1334.Pp 1338.Pp
1335The primary purpose of this file is to run any initialization routines 1339The primary purpose of this file is to run any initialization routines
1336which may be needed before the user's home directory becomes 1340which may be needed before the user's home directory becomes
@@ -1339,15 +1343,22 @@ accessible; AFS is a particular example of such an environment.
1339This file will probably contain some initialization code followed by 1343This file will probably contain some initialization code followed by
1340something similar to: 1344something similar to:
1341.Bd -literal 1345.Bd -literal
1342 if read proto cookie; then 1346if read proto cookie && [ -n "$DISPLAY" ]; then
1343 echo add $DISPLAY $proto $cookie | xauth -q - 1347 if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
1348 # X11UseLocalhost=yes
1349 xauth add unix:`echo $DISPLAY |
1350 cut -c11-` $proto $cookie
1351 else
1352 # X11UseLocalhost=no
1353 xauth add $DISPLAY $proto $cookie
1344 fi 1354 fi
1355fi
1345.Ed 1356.Ed
1346.Pp 1357.Pp
1347If this file does not exist, 1358If this file does not exist,
1348.Pa /etc/ssh/sshrc 1359.Pa /etc/ssh/sshrc
1349is run, and if that 1360is run, and if that
1350does not exist either, xauth is used to store the cookie. 1361does not exist either, xauth is used to add the cookie.
1351.Pp 1362.Pp
1352This file should be writable only by the user, and need not be 1363This file should be writable only by the user, and need not be
1353readable by anyone else. 1364readable by anyone else.