1 files changed, 16 insertions, 16 deletions
diff --git a/sshd.8 b/sshd.8
index ac3bf96cf..fdff4ac91 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.206 2005/03/01 14:59:49 jmc Exp $
+.\" $OpenBSD: sshd.8,v 1.208 2005/06/08 03:50:00 djm Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -80,7 +80,7 @@ supports both SSH protocol version 1 and 2 simultaneously.
 works as follows:
 .Ss SSH protocol version 1
 Each host has a host-specific RSA key
-(normally 1024 bits) used to identify the host.
+(normally 2048 bits) used to identify the host.
 Additionally, when
 the daemon starts, it generates a server RSA key (normally 768 bits).
 This key is normally regenerated every hour if it has been used, and
@@ -350,7 +350,7 @@ If the login is on a tty, and no command has been specified,
 prints last login time and
 .Pa /etc/motd
 (unless prevented in the configuration file or by
-.Pa $HOME/.hushlogin ;
+.Pa ~/.hushlogin ;
 see the
 .Sx FILES
 section).
@@ -367,7 +367,7 @@ Changes to run with normal user privileges.
 Sets up basic environment.
 .It
 Reads the file
-.Pa $HOME/.ssh/environment ,
+.Pa ~/.ssh/environment ,
 if it exists, and users are allowed to change their environment.
 See the
 .Cm PermitUserEnvironment
@@ -377,7 +377,7 @@ option in
 Changes to user's home directory.
 .It
 If
-.Pa $HOME/.ssh/rc
+.Pa ~/.ssh/rc
 exists, runs it; else if
 .Pa /etc/ssh/sshrc
 exists, runs
@@ -390,7 +390,7 @@ authentication protocol and cookie in standard input.
 Runs user's shell or command.
 .El
 .Sh AUTHORIZED_KEYS FILE FORMAT
-.Pa $HOME/.ssh/authorized_keys
+.Pa ~/.ssh/authorized_keys
 is the default file that lists the public keys that are
 permitted for RSA authentication in protocol version 1
 and for public key authentication (PubkeyAuthentication)
@@ -528,7 +528,7 @@ permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323
 The
 .Pa /etc/ssh/ssh_known_hosts
 and
-.Pa $HOME/.ssh/known_hosts
+.Pa ~/.ssh/known_hosts
 files contain host public keys for all known hosts.
 The global file should
 be prepared by the administrator (optional), and the per-user file is
@@ -639,7 +639,7 @@ listening for connections (if there are several daemons running
 concurrently for different ports, this contains the process ID of the one
 started last).
 The content of this file is not sensitive; it can be world-readable.
-.It Pa $HOME/.ssh/authorized_keys
+.It Pa ~/.ssh/authorized_keys
 Lists the public keys (RSA or DSA) that can be used to log into the user's account.
 This file must be readable by root (which may on some machines imply
 it being world-readable if the user's home directory resides on an NFS
@@ -653,7 +653,7 @@ and/or
 .Pa id_rsa.pub
 files into this file, as described in
 .Xr ssh-keygen 1 .
-.It Pa "/etc/ssh/ssh_known_hosts", "$HOME/.ssh/known_hosts"
+.It Pa "/etc/ssh/ssh_known_hosts", "~/.ssh/known_hosts"
 These files are consulted when using rhosts with RSA host
 authentication or protocol version 2 hostbased authentication
 to check the public key of the host.
@@ -663,12 +663,12 @@ to verify that it is connecting to the correct remote host.
 These files should be writable only by root/the owner.
 .Pa /etc/ssh/ssh_known_hosts
 should be world-readable, and
-.Pa $HOME/.ssh/known_hosts
+.Pa ~/.ssh/known_hosts
 can, but need not be, world-readable.
 .It Pa /etc/motd
 See
 .Xr motd 5 .
-.It Pa $HOME/.hushlogin
+.It Pa ~/.hushlogin
 This file is used to suppress printing the last login time and
 .Pa /etc/motd ,
 if
@@ -691,7 +691,7 @@ The file should be world-readable.
 Access controls that should be enforced by tcp-wrappers are defined here.
 Further details are described in
 .Xr hosts_access 5 .
-.It Pa $HOME/.rhosts
+.It Pa ~/.rhosts
 This file is used during
 .Cm RhostsRSAAuthentication
 and
@@ -709,7 +709,7 @@ It is also possible to use netgroups in the file.
 Either host or user
 name may be of the form +@groupname to specify all hosts or all users
 in the group.
-.It Pa $HOME/.shosts
+.It Pa ~/.shosts
 For ssh,
 this file is exactly the same as for
 .Pa .rhosts .
@@ -758,7 +758,7 @@ This is processed exactly as
 .Pa /etc/hosts.equiv .
 However, this file may be useful in environments that want to run both
 rsh/rlogin and ssh.
-.It Pa $HOME/.ssh/environment
+.It Pa ~/.ssh/environment
 This file is read into the environment at login (if it exists).
 It can only contain empty lines, comment lines (that start with
 .Ql # ) ,
@@ -769,7 +769,7 @@ Environment processing is disabled by default and is
 controlled via the
 .Cm PermitUserEnvironment
 option.
-.It Pa $HOME/.ssh/rc
+.It Pa ~/.ssh/rc
 If this file exists, it is run with
 .Pa /bin/sh
 after reading the
@@ -814,7 +814,7 @@ This file should be writable only by the user, and need not be
 readable by anyone else.
 .It Pa /etc/ssh/sshrc
 Like
-.Pa $HOME/.ssh/rc .
+.Pa ~/.ssh/rc .
 This can be used to specify
 machine-specific login-time initializations globally.
 This file should be writable only by root, and should be world-readable.

diff --git a/sshd.8 b/sshd.8 index ac3bf96cf..fdff4ac91 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.206 2005/03/01 14:59:49 jmc Exp $	37	.\" $OpenBSD: sshd.8,v 1.208 2005/06/08 03:50:00 djm Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -80,7 +80,7 @@ supports both SSH protocol version 1 and 2 simultaneously.
80	works as follows:	80	works as follows:
81	.Ss SSH protocol version 1	81	.Ss SSH protocol version 1
82	Each host has a host-specific RSA key	82	Each host has a host-specific RSA key
83	(normally 1024 bits) used to identify the host.	83	(normally 2048 bits) used to identify the host.
84	Additionally, when	84	Additionally, when
85	the daemon starts, it generates a server RSA key (normally 768 bits).	85	the daemon starts, it generates a server RSA key (normally 768 bits).
86	This key is normally regenerated every hour if it has been used, and	86	This key is normally regenerated every hour if it has been used, and
@@ -350,7 +350,7 @@ If the login is on a tty, and no command has been specified,
350	prints last login time and	350	prints last login time and
351	.Pa /etc/motd	351	.Pa /etc/motd
352	(unless prevented in the configuration file or by	352	(unless prevented in the configuration file or by
353	.Pa $HOME/.hushlogin ;	353	.Pa ~/.hushlogin ;
354	see the	354	see the
355	.Sx FILES	355	.Sx FILES
356	section).	356	section).
@@ -367,7 +367,7 @@ Changes to run with normal user privileges.
367	Sets up basic environment.	367	Sets up basic environment.
368	.It	368	.It
369	Reads the file	369	Reads the file
370	.Pa $HOME/.ssh/environment ,	370	.Pa ~/.ssh/environment ,
371	if it exists, and users are allowed to change their environment.	371	if it exists, and users are allowed to change their environment.
372	See the	372	See the
373	.Cm PermitUserEnvironment	373	.Cm PermitUserEnvironment
@@ -377,7 +377,7 @@ option in
377	Changes to user's home directory.	377	Changes to user's home directory.
378	.It	378	.It
379	If	379	If
380	.Pa $HOME/.ssh/rc	380	.Pa ~/.ssh/rc
381	exists, runs it; else if	381	exists, runs it; else if
382	.Pa /etc/ssh/sshrc	382	.Pa /etc/ssh/sshrc
383	exists, runs	383	exists, runs
@@ -390,7 +390,7 @@ authentication protocol and cookie in standard input.
390	Runs user's shell or command.	390	Runs user's shell or command.
391	.El	391	.El
392	.Sh AUTHORIZED_KEYS FILE FORMAT	392	.Sh AUTHORIZED_KEYS FILE FORMAT
393	.Pa $HOME/.ssh/authorized_keys	393	.Pa ~/.ssh/authorized_keys
394	is the default file that lists the public keys that are	394	is the default file that lists the public keys that are
395	permitted for RSA authentication in protocol version 1	395	permitted for RSA authentication in protocol version 1
396	and for public key authentication (PubkeyAuthentication)	396	and for public key authentication (PubkeyAuthentication)
@@ -528,7 +528,7 @@ permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323
528	The	528	The
529	.Pa /etc/ssh/ssh_known_hosts	529	.Pa /etc/ssh/ssh_known_hosts
530	and	530	and
531	.Pa $HOME/.ssh/known_hosts	531	.Pa ~/.ssh/known_hosts
532	files contain host public keys for all known hosts.	532	files contain host public keys for all known hosts.
533	The global file should	533	The global file should
534	be prepared by the administrator (optional), and the per-user file is	534	be prepared by the administrator (optional), and the per-user file is
@@ -639,7 +639,7 @@ listening for connections (if there are several daemons running
639	concurrently for different ports, this contains the process ID of the one	639	concurrently for different ports, this contains the process ID of the one
640	started last).	640	started last).
641	The content of this file is not sensitive; it can be world-readable.	641	The content of this file is not sensitive; it can be world-readable.
642	.It Pa $HOME/.ssh/authorized_keys	642	.It Pa ~/.ssh/authorized_keys
643	Lists the public keys (RSA or DSA) that can be used to log into the user's account.	643	Lists the public keys (RSA or DSA) that can be used to log into the user's account.
644	This file must be readable by root (which may on some machines imply	644	This file must be readable by root (which may on some machines imply
645	it being world-readable if the user's home directory resides on an NFS	645	it being world-readable if the user's home directory resides on an NFS
@@ -653,7 +653,7 @@ and/or
653	.Pa id_rsa.pub	653	.Pa id_rsa.pub
654	files into this file, as described in	654	files into this file, as described in
655	.Xr ssh-keygen 1 .	655	.Xr ssh-keygen 1 .
656	.It Pa "/etc/ssh/ssh_known_hosts", "$HOME/.ssh/known_hosts"	656	.It Pa "/etc/ssh/ssh_known_hosts", "~/.ssh/known_hosts"
657	These files are consulted when using rhosts with RSA host	657	These files are consulted when using rhosts with RSA host
658	authentication or protocol version 2 hostbased authentication	658	authentication or protocol version 2 hostbased authentication
659	to check the public key of the host.	659	to check the public key of the host.
@@ -663,12 +663,12 @@ to verify that it is connecting to the correct remote host.
663	These files should be writable only by root/the owner.	663	These files should be writable only by root/the owner.
664	.Pa /etc/ssh/ssh_known_hosts	664	.Pa /etc/ssh/ssh_known_hosts
665	should be world-readable, and	665	should be world-readable, and
666	.Pa $HOME/.ssh/known_hosts	666	.Pa ~/.ssh/known_hosts
667	can, but need not be, world-readable.	667	can, but need not be, world-readable.
668	.It Pa /etc/motd	668	.It Pa /etc/motd
669	See	669	See
670	.Xr motd 5 .	670	.Xr motd 5 .
671	.It Pa $HOME/.hushlogin	671	.It Pa ~/.hushlogin
672	This file is used to suppress printing the last login time and	672	This file is used to suppress printing the last login time and
673	.Pa /etc/motd ,	673	.Pa /etc/motd ,
674	if	674	if
@@ -691,7 +691,7 @@ The file should be world-readable.
691	Access controls that should be enforced by tcp-wrappers are defined here.	691	Access controls that should be enforced by tcp-wrappers are defined here.
692	Further details are described in	692	Further details are described in
693	.Xr hosts_access 5 .	693	.Xr hosts_access 5 .
694	.It Pa $HOME/.rhosts	694	.It Pa ~/.rhosts
695	This file is used during	695	This file is used during
696	.Cm RhostsRSAAuthentication	696	.Cm RhostsRSAAuthentication
697	and	697	and
@@ -709,7 +709,7 @@ It is also possible to use netgroups in the file.
709	Either host or user	709	Either host or user
710	name may be of the form +@groupname to specify all hosts or all users	710	name may be of the form +@groupname to specify all hosts or all users
711	in the group.	711	in the group.
712	.It Pa $HOME/.shosts	712	.It Pa ~/.shosts
713	For ssh,	713	For ssh,
714	this file is exactly the same as for	714	this file is exactly the same as for
715	.Pa .rhosts .	715	.Pa .rhosts .
@@ -758,7 +758,7 @@ This is processed exactly as
758	.Pa /etc/hosts.equiv .	758	.Pa /etc/hosts.equiv .
759	However, this file may be useful in environments that want to run both	759	However, this file may be useful in environments that want to run both
760	rsh/rlogin and ssh.	760	rsh/rlogin and ssh.
761	.It Pa $HOME/.ssh/environment	761	.It Pa ~/.ssh/environment
762	This file is read into the environment at login (if it exists).	762	This file is read into the environment at login (if it exists).
763	It can only contain empty lines, comment lines (that start with	763	It can only contain empty lines, comment lines (that start with
764	.Ql # ) ,	764	.Ql # ) ,
@@ -769,7 +769,7 @@ Environment processing is disabled by default and is
769	controlled via the	769	controlled via the
770	.Cm PermitUserEnvironment	770	.Cm PermitUserEnvironment
771	option.	771	option.
772	.It Pa $HOME/.ssh/rc	772	.It Pa ~/.ssh/rc
773	If this file exists, it is run with	773	If this file exists, it is run with
774	.Pa /bin/sh	774	.Pa /bin/sh
775	after reading the	775	after reading the
@@ -814,7 +814,7 @@ This file should be writable only by the user, and need not be
814	readable by anyone else.	814	readable by anyone else.
815	.It Pa /etc/ssh/sshrc	815	.It Pa /etc/ssh/sshrc
816	Like	816	Like
817	.Pa $HOME/.ssh/rc .	817	.Pa ~/.ssh/rc .
818	This can be used to specify	818	This can be used to specify
819	machine-specific login-time initializations globally.	819	machine-specific login-time initializations globally.
820	This file should be writable only by root, and should be world-readable.	820	This file should be writable only by root, and should be world-readable.