1 files changed, 16 insertions, 16 deletions
diff --git a/sshd.8 b/sshd.8
index 99e62173c..92eb7a9da 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.206 2005/03/01 14:59:49 jmc Exp $
+.\" $OpenBSD: sshd.8,v 1.208 2005/06/08 03:50:00 djm Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -80,7 +80,7 @@ supports both SSH protocol version 1 and 2 simultaneously.
 works as follows:
 .Ss SSH protocol version 1
 Each host has a host-specific RSA key
-(normally 1024 bits) used to identify the host.
+(normally 2048 bits) used to identify the host.
 Additionally, when
 the daemon starts, it generates a server RSA key (normally 768 bits).
 This key is normally regenerated every hour if it has been used, and
@@ -353,7 +353,7 @@ If the login is on a tty, and no command has been specified,
 prints last login time and
 .Pa /etc/motd
 (unless prevented in the configuration file or by
-.Pa $HOME/.hushlogin ;
+.Pa ~/.hushlogin ;
 see the
 .Sx FILES
 section).
@@ -370,7 +370,7 @@ Changes to run with normal user privileges.
 Sets up basic environment.
 .It
 Reads the file
-.Pa $HOME/.ssh/environment ,
+.Pa ~/.ssh/environment ,
 if it exists, and users are allowed to change their environment.
 See the
 .Cm PermitUserEnvironment
@@ -380,7 +380,7 @@ option in
 Changes to user's home directory.
 .It
 If
-.Pa $HOME/.ssh/rc
+.Pa ~/.ssh/rc
 exists, runs it; else if
 .Pa /etc/ssh/sshrc
 exists, runs
@@ -393,7 +393,7 @@ authentication protocol and cookie in standard input.
 Runs user's shell or command.
 .El
 .Sh AUTHORIZED_KEYS FILE FORMAT
-.Pa $HOME/.ssh/authorized_keys
+.Pa ~/.ssh/authorized_keys
 is the default file that lists the public keys that are
 permitted for RSA authentication in protocol version 1
 and for public key authentication (PubkeyAuthentication)
@@ -531,7 +531,7 @@ permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323
 The
 .Pa /etc/ssh/ssh_known_hosts
 and
-.Pa $HOME/.ssh/known_hosts
+.Pa ~/.ssh/known_hosts
 files contain host public keys for all known hosts.
 The global file should
 be prepared by the administrator (optional), and the per-user file is
@@ -642,7 +642,7 @@ listening for connections (if there are several daemons running
 concurrently for different ports, this contains the process ID of the one
 started last).
 The content of this file is not sensitive; it can be world-readable.
-.It Pa $HOME/.ssh/authorized_keys
+.It Pa ~/.ssh/authorized_keys
 Lists the public keys (RSA or DSA) that can be used to log into the user's account.
 This file must be readable by root (which may on some machines imply
 it being world-readable if the user's home directory resides on an NFS
@@ -656,7 +656,7 @@ and/or
 .Pa id_rsa.pub
 files into this file, as described in
 .Xr ssh-keygen 1 .
-.It Pa "/etc/ssh/ssh_known_hosts", "$HOME/.ssh/known_hosts"
+.It Pa "/etc/ssh/ssh_known_hosts", "~/.ssh/known_hosts"
 These files are consulted when using rhosts with RSA host
 authentication or protocol version 2 hostbased authentication
 to check the public key of the host.
@@ -666,12 +666,12 @@ to verify that it is connecting to the correct remote host.
 These files should be writable only by root/the owner.
 .Pa /etc/ssh/ssh_known_hosts
 should be world-readable, and
-.Pa $HOME/.ssh/known_hosts
+.Pa ~/.ssh/known_hosts
 can, but need not be, world-readable.
 .It Pa /etc/motd
 See
 .Xr motd 5 .
-.It Pa $HOME/.hushlogin
+.It Pa ~/.hushlogin
 This file is used to suppress printing the last login time and
 .Pa /etc/motd ,
 if
@@ -694,7 +694,7 @@ The file should be world-readable.
 Access controls that should be enforced by tcp-wrappers are defined here.
 Further details are described in
 .Xr hosts_access 5 .
-.It Pa $HOME/.rhosts
+.It Pa ~/.rhosts
 This file is used during
 .Cm RhostsRSAAuthentication
 and
@@ -712,7 +712,7 @@ It is also possible to use netgroups in the file.
 Either host or user
 name may be of the form +@groupname to specify all hosts or all users
 in the group.
-.It Pa $HOME/.shosts
+.It Pa ~/.shosts
 For ssh,
 this file is exactly the same as for
 .Pa .rhosts .
@@ -761,7 +761,7 @@ This is processed exactly as
 .Pa /etc/hosts.equiv .
 However, this file may be useful in environments that want to run both
 rsh/rlogin and ssh.
-.It Pa $HOME/.ssh/environment
+.It Pa ~/.ssh/environment
 This file is read into the environment at login (if it exists).
 It can only contain empty lines, comment lines (that start with
 .Ql # ) ,
@@ -772,7 +772,7 @@ Environment processing is disabled by default and is
 controlled via the
 .Cm PermitUserEnvironment
 option.
-.It Pa $HOME/.ssh/rc
+.It Pa ~/.ssh/rc
 If this file exists, it is run with
 .Pa /bin/sh
 after reading the
@@ -817,7 +817,7 @@ This file should be writable only by the user, and need not be
 readable by anyone else.
 .It Pa /etc/ssh/sshrc
 Like
-.Pa $HOME/.ssh/rc .
+.Pa ~/.ssh/rc .
 This can be used to specify
 machine-specific login-time initializations globally.
 This file should be writable only by root, and should be world-readable.

diff --git a/sshd.8 b/sshd.8 index 99e62173c..92eb7a9da 100644 --- a/sshd.8 +++ b/sshd.8
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd.8,v 1.206 2005/03/01 14:59:49 jmc Exp $	37	.\" $OpenBSD: sshd.8,v 1.208 2005/06/08 03:50:00 djm Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD 8	39	.Dt SSHD 8
40	.Os	40	.Os
@@ -80,7 +80,7 @@ supports both SSH protocol version 1 and 2 simultaneously.
80	works as follows:	80	works as follows:
81	.Ss SSH protocol version 1	81	.Ss SSH protocol version 1
82	Each host has a host-specific RSA key	82	Each host has a host-specific RSA key
83	(normally 1024 bits) used to identify the host.	83	(normally 2048 bits) used to identify the host.
84	Additionally, when	84	Additionally, when
85	the daemon starts, it generates a server RSA key (normally 768 bits).	85	the daemon starts, it generates a server RSA key (normally 768 bits).
86	This key is normally regenerated every hour if it has been used, and	86	This key is normally regenerated every hour if it has been used, and
@@ -353,7 +353,7 @@ If the login is on a tty, and no command has been specified,
353	prints last login time and	353	prints last login time and
354	.Pa /etc/motd	354	.Pa /etc/motd
355	(unless prevented in the configuration file or by	355	(unless prevented in the configuration file or by
356	.Pa $HOME/.hushlogin ;	356	.Pa ~/.hushlogin ;
357	see the	357	see the
358	.Sx FILES	358	.Sx FILES
359	section).	359	section).
@@ -370,7 +370,7 @@ Changes to run with normal user privileges.
370	Sets up basic environment.	370	Sets up basic environment.
371	.It	371	.It
372	Reads the file	372	Reads the file
373	.Pa $HOME/.ssh/environment ,	373	.Pa ~/.ssh/environment ,
374	if it exists, and users are allowed to change their environment.	374	if it exists, and users are allowed to change their environment.
375	See the	375	See the
376	.Cm PermitUserEnvironment	376	.Cm PermitUserEnvironment
@@ -380,7 +380,7 @@ option in
380	Changes to user's home directory.	380	Changes to user's home directory.
381	.It	381	.It
382	If	382	If
383	.Pa $HOME/.ssh/rc	383	.Pa ~/.ssh/rc
384	exists, runs it; else if	384	exists, runs it; else if
385	.Pa /etc/ssh/sshrc	385	.Pa /etc/ssh/sshrc
386	exists, runs	386	exists, runs
@@ -393,7 +393,7 @@ authentication protocol and cookie in standard input.
393	Runs user's shell or command.	393	Runs user's shell or command.
394	.El	394	.El
395	.Sh AUTHORIZED_KEYS FILE FORMAT	395	.Sh AUTHORIZED_KEYS FILE FORMAT
396	.Pa $HOME/.ssh/authorized_keys	396	.Pa ~/.ssh/authorized_keys
397	is the default file that lists the public keys that are	397	is the default file that lists the public keys that are
398	permitted for RSA authentication in protocol version 1	398	permitted for RSA authentication in protocol version 1
399	and for public key authentication (PubkeyAuthentication)	399	and for public key authentication (PubkeyAuthentication)
@@ -531,7 +531,7 @@ permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323
531	The	531	The
532	.Pa /etc/ssh/ssh_known_hosts	532	.Pa /etc/ssh/ssh_known_hosts
533	and	533	and
534	.Pa $HOME/.ssh/known_hosts	534	.Pa ~/.ssh/known_hosts
535	files contain host public keys for all known hosts.	535	files contain host public keys for all known hosts.
536	The global file should	536	The global file should
537	be prepared by the administrator (optional), and the per-user file is	537	be prepared by the administrator (optional), and the per-user file is
@@ -642,7 +642,7 @@ listening for connections (if there are several daemons running
642	concurrently for different ports, this contains the process ID of the one	642	concurrently for different ports, this contains the process ID of the one
643	started last).	643	started last).
644	The content of this file is not sensitive; it can be world-readable.	644	The content of this file is not sensitive; it can be world-readable.
645	.It Pa $HOME/.ssh/authorized_keys	645	.It Pa ~/.ssh/authorized_keys
646	Lists the public keys (RSA or DSA) that can be used to log into the user's account.	646	Lists the public keys (RSA or DSA) that can be used to log into the user's account.
647	This file must be readable by root (which may on some machines imply	647	This file must be readable by root (which may on some machines imply
648	it being world-readable if the user's home directory resides on an NFS	648	it being world-readable if the user's home directory resides on an NFS
@@ -656,7 +656,7 @@ and/or
656	.Pa id_rsa.pub	656	.Pa id_rsa.pub
657	files into this file, as described in	657	files into this file, as described in
658	.Xr ssh-keygen 1 .	658	.Xr ssh-keygen 1 .
659	.It Pa "/etc/ssh/ssh_known_hosts", "$HOME/.ssh/known_hosts"	659	.It Pa "/etc/ssh/ssh_known_hosts", "~/.ssh/known_hosts"
660	These files are consulted when using rhosts with RSA host	660	These files are consulted when using rhosts with RSA host
661	authentication or protocol version 2 hostbased authentication	661	authentication or protocol version 2 hostbased authentication
662	to check the public key of the host.	662	to check the public key of the host.
@@ -666,12 +666,12 @@ to verify that it is connecting to the correct remote host.
666	These files should be writable only by root/the owner.	666	These files should be writable only by root/the owner.
667	.Pa /etc/ssh/ssh_known_hosts	667	.Pa /etc/ssh/ssh_known_hosts
668	should be world-readable, and	668	should be world-readable, and
669	.Pa $HOME/.ssh/known_hosts	669	.Pa ~/.ssh/known_hosts
670	can, but need not be, world-readable.	670	can, but need not be, world-readable.
671	.It Pa /etc/motd	671	.It Pa /etc/motd
672	See	672	See
673	.Xr motd 5 .	673	.Xr motd 5 .
674	.It Pa $HOME/.hushlogin	674	.It Pa ~/.hushlogin
675	This file is used to suppress printing the last login time and	675	This file is used to suppress printing the last login time and
676	.Pa /etc/motd ,	676	.Pa /etc/motd ,
677	if	677	if
@@ -694,7 +694,7 @@ The file should be world-readable.
694	Access controls that should be enforced by tcp-wrappers are defined here.	694	Access controls that should be enforced by tcp-wrappers are defined here.
695	Further details are described in	695	Further details are described in
696	.Xr hosts_access 5 .	696	.Xr hosts_access 5 .
697	.It Pa $HOME/.rhosts	697	.It Pa ~/.rhosts
698	This file is used during	698	This file is used during
699	.Cm RhostsRSAAuthentication	699	.Cm RhostsRSAAuthentication
700	and	700	and
@@ -712,7 +712,7 @@ It is also possible to use netgroups in the file.
712	Either host or user	712	Either host or user
713	name may be of the form +@groupname to specify all hosts or all users	713	name may be of the form +@groupname to specify all hosts or all users
714	in the group.	714	in the group.
715	.It Pa $HOME/.shosts	715	.It Pa ~/.shosts
716	For ssh,	716	For ssh,
717	this file is exactly the same as for	717	this file is exactly the same as for
718	.Pa .rhosts .	718	.Pa .rhosts .
@@ -761,7 +761,7 @@ This is processed exactly as
761	.Pa /etc/hosts.equiv .	761	.Pa /etc/hosts.equiv .
762	However, this file may be useful in environments that want to run both	762	However, this file may be useful in environments that want to run both
763	rsh/rlogin and ssh.	763	rsh/rlogin and ssh.
764	.It Pa $HOME/.ssh/environment	764	.It Pa ~/.ssh/environment
765	This file is read into the environment at login (if it exists).	765	This file is read into the environment at login (if it exists).
766	It can only contain empty lines, comment lines (that start with	766	It can only contain empty lines, comment lines (that start with
767	.Ql # ) ,	767	.Ql # ) ,
@@ -772,7 +772,7 @@ Environment processing is disabled by default and is
772	controlled via the	772	controlled via the
773	.Cm PermitUserEnvironment	773	.Cm PermitUserEnvironment
774	option.	774	option.
775	.It Pa $HOME/.ssh/rc	775	.It Pa ~/.ssh/rc
776	If this file exists, it is run with	776	If this file exists, it is run with
777	.Pa /bin/sh	777	.Pa /bin/sh
778	after reading the	778	after reading the
@@ -817,7 +817,7 @@ This file should be writable only by the user, and need not be
817	readable by anyone else.	817	readable by anyone else.
818	.It Pa /etc/ssh/sshrc	818	.It Pa /etc/ssh/sshrc
819	Like	819	Like
820	.Pa $HOME/.ssh/rc .	820	.Pa ~/.ssh/rc .
821	This can be used to specify	821	This can be used to specify
822	machine-specific login-time initializations globally.	822	machine-specific login-time initializations globally.
823	This file should be writable only by root, and should be world-readable.	823	This file should be writable only by root, and should be world-readable.