diff options
Diffstat (limited to 'sshd.8')
-rw-r--r-- | sshd.8 | 26 |
1 files changed, 13 insertions, 13 deletions
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd.8,v 1.146 2001/08/30 20:36:34 stevesk Exp $ | 37 | .\" $OpenBSD: sshd.8,v 1.147 2001/09/05 06:23:07 deraadt Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSHD 8 | 39 | .Dt SSHD 8 |
40 | .Os | 40 | .Os |
@@ -325,7 +325,7 @@ and | |||
325 | .Ql ? | 325 | .Ql ? |
326 | can be used as | 326 | can be used as |
327 | wildcards in the patterns. | 327 | wildcards in the patterns. |
328 | Only group names are valid; a numerical group ID isn't recognized. | 328 | Only group names are valid; a numerical group ID is not recognized. |
329 | By default login is allowed regardless of the group list. | 329 | By default login is allowed regardless of the group list. |
330 | .Pp | 330 | .Pp |
331 | .It Cm AllowTcpForwarding | 331 | .It Cm AllowTcpForwarding |
@@ -346,10 +346,10 @@ and | |||
346 | .Ql ? | 346 | .Ql ? |
347 | can be used as | 347 | can be used as |
348 | wildcards in the patterns. | 348 | wildcards in the patterns. |
349 | Only user names are valid; a numerical user ID isn't recognized. | 349 | Only user names are valid; a numerical user ID is not recognized. |
350 | By default login is allowed regardless of the user name. | 350 | By default login is allowed regardless of the user name. |
351 | If the pattern takes the form USER@HOST then USER and HOST | 351 | If the pattern takes the form USER@HOST then USER and HOST |
352 | are separately checked, allowing you to restrict logins to particular | 352 | are separately checked, restricting logins to particular |
353 | users from particular hosts. | 353 | users from particular hosts. |
354 | .Pp | 354 | .Pp |
355 | .It Cm AuthorizedKeysFile | 355 | .It Cm AuthorizedKeysFile |
@@ -408,13 +408,13 @@ to note that the use of client alive messages is very different from | |||
408 | encrypted channel and therefore will not be spoofable. The TCP keepalive | 408 | encrypted channel and therefore will not be spoofable. The TCP keepalive |
409 | option enabled by | 409 | option enabled by |
410 | .Cm Keepalive | 410 | .Cm Keepalive |
411 | is spoofable. You want to use the client | 411 | is spoofable. The client alive mechanism is valuable when the client or |
412 | alive mechanism when you are basing something important on | 412 | server depend on knowing when a connection has become inactive. |
413 | clients having an active connection to the server. | ||
414 | .Pp | 413 | .Pp |
415 | The default value is 3. If you set | 414 | The default value is 3. If |
416 | .Cm ClientAliveInterval | 415 | .Cm ClientAliveInterval |
417 | (above) to 15, and leave this value at the default, unresponsive ssh clients | 416 | (above) is set to 15, and |
417 | .Cm Keepalive is left at the default, unresponsive ssh clients | ||
418 | will be disconnected after approximately 45 seconds. | 418 | will be disconnected after approximately 45 seconds. |
419 | .It Cm DenyGroups | 419 | .It Cm DenyGroups |
420 | This keyword can be followed by a number of group names, separated | 420 | This keyword can be followed by a number of group names, separated |
@@ -426,7 +426,7 @@ and | |||
426 | .Ql ? | 426 | .Ql ? |
427 | can be used as | 427 | can be used as |
428 | wildcards in the patterns. | 428 | wildcards in the patterns. |
429 | Only group names are valid; a numerical group ID isn't recognized. | 429 | Only group names are valid; a numerical group ID is not recognized. |
430 | By default login is allowed regardless of the group list. | 430 | By default login is allowed regardless of the group list. |
431 | .Pp | 431 | .Pp |
432 | .It Cm DenyUsers | 432 | .It Cm DenyUsers |
@@ -437,7 +437,7 @@ Login is disallowed for user names that match one of the patterns. | |||
437 | and | 437 | and |
438 | .Ql ? | 438 | .Ql ? |
439 | can be used as wildcards in the patterns. | 439 | can be used as wildcards in the patterns. |
440 | Only user names are valid; a numerical user ID isn't recognized. | 440 | Only user names are valid; a numerical user ID is not recognized. |
441 | By default login is allowed regardless of the user name. | 441 | By default login is allowed regardless of the user name. |
442 | .It Cm GatewayPorts | 442 | .It Cm GatewayPorts |
443 | Specifies whether remote hosts are allowed to connect to ports | 443 | Specifies whether remote hosts are allowed to connect to ports |
@@ -998,8 +998,8 @@ authentication. | |||
998 | The command supplied by the user (if any) is ignored. | 998 | The command supplied by the user (if any) is ignored. |
999 | The command is run on a pty if the connection requests a pty; | 999 | The command is run on a pty if the connection requests a pty; |
1000 | otherwise it is run without a tty. | 1000 | otherwise it is run without a tty. |
1001 | Note that if you want a 8-bit clean channel, | 1001 | If a 8-bit clean channel is required, |
1002 | you must not request a pty or should specify | 1002 | one must not request a pty or should specify |
1003 | .Cm no-pty . | 1003 | .Cm no-pty . |
1004 | A quote may be included in the command by quoting it with a backslash. | 1004 | A quote may be included in the command by quoting it with a backslash. |
1005 | This option might be useful | 1005 | This option might be useful |