1 files changed, 17 insertions, 13 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index 23ac0e96d..6f38a260a 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.14 2003/01/23 08:58:47 jmc Exp $
+.\" $OpenBSD: sshd_config.5,v 1.15 2003/03/28 10:11:43 jmc Exp $
 .Dd September 25, 1999
 .Dt SSHD_CONFIG 5
 .Os
@@ -211,8 +211,8 @@ Specifies whether remote hosts are allowed to connect to ports
 forwarded for the client.
 By default,
 .Nm sshd
-binds remote port forwardings to the loopback address.  This
+binds remote port forwardings to the loopback address.
-prevents other remote hosts from connecting to forwarded ports.
+This prevents other remote hosts from connecting to forwarded ports.
 .Cm GatewayPorts
 can be used to specify that
 .Nm sshd
@@ -370,7 +370,8 @@ is not specified,
 will listen on the address and all prior
 .Cm Port
 options specified. The default is to listen on all local
-addresses.  Multiple
+addresses.
+Multiple
 .Cm ListenAddress
 options are permitted. Additionally, any
 .Cm Port
@@ -385,10 +386,10 @@ Gives the verbosity level that is used when logging messages from
 .Nm sshd .
 The possible values are:
 QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.
-The default is INFO.  DEBUG and DEBUG1 are equivalent.  DEBUG2
+The default is INFO.
-and DEBUG3 each specify higher levels of debugging output.
+DEBUG and DEBUG1 are equivalent.
-Logging with a DEBUG level violates the privacy of users
+DEBUG2 and DEBUG3 each specify higher levels of debugging output.
-and is not recommended.
+Logging with a DEBUG level violates the privacy of users and is not recommended.
 .It Cm MACs
 Specifies the available MAC (message authentication code) algorithms.
 The MAC algorithm is used in protocol version 2
@@ -599,16 +600,18 @@ will be disabled because
 .Xr login 1
 does not know how to handle
 .Xr xauth 1
-cookies.  If
+cookies.
+If
 .Cm UsePrivilegeSeparation
 is specified, it will be disabled after authentication.
 .It Cm UsePrivilegeSeparation
 Specifies whether
 .Nm sshd
 separates privileges by creating an unprivileged child process
-to deal with incoming network traffic.  After successful authentication,
+to deal with incoming network traffic.
-another process will be created that has the privilege of the authenticated
+After successful authentication, another process will be created that has
-user.  The goal of privilege separation is to prevent privilege
+the privilege of the authenticated user.
+The goal of privilege separation is to prevent privilege
 escalation by containing any corruption within the unprivileged processes.
 The default is
 .Dq yes .
@@ -666,7 +669,8 @@ is enabled.
 Specifies whether
 .Nm sshd
 should bind the X11 forwarding server to the loopback address or to
-the wildcard address.  By default,
+the wildcard address.
+By default,
 .Nm sshd
 binds the forwarding server to the loopback address and sets the
 hostname part of the

diff --git a/sshd_config.5 b/sshd_config.5 index 23ac0e96d..6f38a260a 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd_config.5,v 1.14 2003/01/23 08:58:47 jmc Exp $	37	.\" $OpenBSD: sshd_config.5,v 1.15 2003/03/28 10:11:43 jmc Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD_CONFIG 5	39	.Dt SSHD_CONFIG 5
40	.Os	40	.Os
@@ -211,8 +211,8 @@ Specifies whether remote hosts are allowed to connect to ports
211	forwarded for the client.	211	forwarded for the client.
212	By default,	212	By default,
213	.Nm sshd	213	.Nm sshd
214	binds remote port forwardings to the loopback address. This	214	binds remote port forwardings to the loopback address.
215	prevents other remote hosts from connecting to forwarded ports.	215	This prevents other remote hosts from connecting to forwarded ports.
216	.Cm GatewayPorts	216	.Cm GatewayPorts
217	can be used to specify that	217	can be used to specify that
218	.Nm sshd	218	.Nm sshd
@@ -370,7 +370,8 @@ is not specified,
370	will listen on the address and all prior	370	will listen on the address and all prior
371	.Cm Port	371	.Cm Port
372	options specified. The default is to listen on all local	372	options specified. The default is to listen on all local
373	addresses. Multiple	373	addresses.
		374	Multiple
374	.Cm ListenAddress	375	.Cm ListenAddress
375	options are permitted. Additionally, any	376	options are permitted. Additionally, any
376	.Cm Port	377	.Cm Port
@@ -385,10 +386,10 @@ Gives the verbosity level that is used when logging messages from
385	.Nm sshd .	386	.Nm sshd .
386	The possible values are:	387	The possible values are:
387	QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.	388	QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.
388	The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2	389	The default is INFO.
389	and DEBUG3 each specify higher levels of debugging output.	390	DEBUG and DEBUG1 are equivalent.
390	Logging with a DEBUG level violates the privacy of users	391	DEBUG2 and DEBUG3 each specify higher levels of debugging output.
391	and is not recommended.	392	Logging with a DEBUG level violates the privacy of users and is not recommended.
392	.It Cm MACs	393	.It Cm MACs
393	Specifies the available MAC (message authentication code) algorithms.	394	Specifies the available MAC (message authentication code) algorithms.
394	The MAC algorithm is used in protocol version 2	395	The MAC algorithm is used in protocol version 2
@@ -599,16 +600,18 @@ will be disabled because
599	.Xr login 1	600	.Xr login 1
600	does not know how to handle	601	does not know how to handle
601	.Xr xauth 1	602	.Xr xauth 1
602	cookies. If	603	cookies.
		604	If
603	.Cm UsePrivilegeSeparation	605	.Cm UsePrivilegeSeparation
604	is specified, it will be disabled after authentication.	606	is specified, it will be disabled after authentication.
605	.It Cm UsePrivilegeSeparation	607	.It Cm UsePrivilegeSeparation
606	Specifies whether	608	Specifies whether
607	.Nm sshd	609	.Nm sshd
608	separates privileges by creating an unprivileged child process	610	separates privileges by creating an unprivileged child process
609	to deal with incoming network traffic. After successful authentication,	611	to deal with incoming network traffic.
610	another process will be created that has the privilege of the authenticated	612	After successful authentication, another process will be created that has
611	user. The goal of privilege separation is to prevent privilege	613	the privilege of the authenticated user.
		614	The goal of privilege separation is to prevent privilege
612	escalation by containing any corruption within the unprivileged processes.	615	escalation by containing any corruption within the unprivileged processes.
613	The default is	616	The default is
614	.Dq yes .	617	.Dq yes .
@@ -666,7 +669,8 @@ is enabled.
666	Specifies whether	669	Specifies whether
667	.Nm sshd	670	.Nm sshd
668	should bind the X11 forwarding server to the loopback address or to	671	should bind the X11 forwarding server to the loopback address or to
669	the wildcard address. By default,	672	the wildcard address.
		673	By default,
670	.Nm sshd	674	.Nm sshd
671	binds the forwarding server to the loopback address and sets the	675	binds the forwarding server to the loopback address and sets the
672	hostname part of the	676	hostname part of the