1 files changed, 39 insertions, 25 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index b18d340af..a37a3aca3 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $
+.\" $OpenBSD: sshd_config.5,v 1.220 2016/02/17 08:57:34 djm Exp $
-.Dd $Mdocdate: August 14 2015 $
+.Dd $Mdocdate: February 17 2016 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -70,8 +70,7 @@ See
 in
 .Xr ssh_config 5
 for how to configure the client.
-Note that environment passing is only supported for protocol 2, and
+The
-that the
 .Ev TERM
 environment variable is always sent whenever the client
 requests a pseudo-terminal as it is required by the protocol.
@@ -226,7 +225,7 @@ of
 .Dq publickey,publickey
 will require successful authentication using two different public keys.
 .Pp
-This option is only available for SSH protocol 2 and will yield a fatal
+This option will yield a fatal
 error if enabled if protocol 1 is also enabled.
 Note that each authentication method listed should also be explicitly enabled
 in the configuration.
@@ -285,6 +284,9 @@ After expansion,
 is taken to be an absolute path or one relative to the user's home
 directory.
 Multiple files may be listed, separated by whitespace.
+Alternately this option may be set to
+.Dq none
+to skip checking for user keys in files.
 The default is
 .Dq .ssh/authorized_keys .ssh/authorized_keys2 .
 .It Cm AuthorizedPrincipalsCommand
@@ -370,7 +372,6 @@ authentication is allowed.
 If the argument is
 .Dq none
 then no banner is displayed.
-This option is only available for protocol version 2.
 By default, no banner is displayed.
 .It Cm ChallengeResponseAuthentication
 Specifies whether challenge-response authentication is allowed (e.g. via
@@ -429,10 +430,12 @@ Misconfiguration can lead to unsafe environments which
 .Xr sshd 8
 cannot detect.
 .Pp
-The default is not to
+The default is
+.Dq none ,
+indicating not to
 .Xr chroot 2 .
 .It Cm Ciphers
-Specifies the ciphers allowed for protocol version 2.
+Specifies the ciphers allowed.
 Multiple ciphers must be comma-separated.
 If the specified value begins with a
 .Sq +
@@ -513,7 +516,6 @@ If
 .Cm ClientAliveCountMax
 is left at the default, unresponsive SSH clients
 will be disconnected after approximately 45 seconds.
-This option applies to protocol version 2 only.
 .It Cm ClientAliveInterval
 Sets a timeout interval in seconds after which if no data has been received
 from the client,
@@ -522,7 +524,6 @@ will send a message through the encrypted
 channel to request a response from the client.
 The default
 is 0, indicating that these messages will not be sent to the client.
-This option applies to protocol version 2 only.
 .It Cm Compression
 Specifies whether compression is allowed, or delayed until
 the user has authenticated successfully.
@@ -596,6 +597,8 @@ Specifying a command of
 will force the use of an in-process sftp server that requires no support
 files when used with
 .Cm ChrootDirectory .
+The default is
+.Dq none .
 .It Cm GatewayPorts
 Specifies whether remote hosts are allowed to connect to ports
 forwarded for the client.
@@ -620,13 +623,11 @@ The default is
 Specifies whether user authentication based on GSSAPI is allowed.
 The default is
 .Dq no .
-Note that this option applies to protocol version 2 only.
 .It Cm GSSAPICleanupCredentials
 Specifies whether to automatically destroy the user's credentials cache
 on logout.
 The default is
 .Dq yes .
-Note that this option applies to protocol version 2 only.
 .It Cm GSSAPIStrictAcceptorCheck
 Determines whether to be strict about the identity of the GSSAPI acceptor
 a client authenticates against.
@@ -669,9 +670,6 @@ may be used to list supported key types.
 Specifies whether rhosts or /etc/hosts.equiv authentication together
 with successful public key client host authentication is allowed
 (host-based authentication).
-This option is similar to
-.Cm RhostsRSAAuthentication
-and applies to protocol version 2 only.
 The default is
 .Dq no .
 .It Cm HostbasedUsesNameFromPacketOnly
@@ -742,7 +740,7 @@ is specified, the location of the socket will be read from the
 .Ev SSH_AUTH_SOCK
 environment variable.
 .It Cm HostKeyAlgorithms
-Specifies the protocol version 2 host key algorithms
+Specifies the host key algorithms
 that the server offers.
 The default for this option is:
 .Bd -literal -offset 3n
@@ -963,8 +961,7 @@ DEBUG2 and DEBUG3 each specify higher levels of debugging output.
 Logging with a DEBUG level violates the privacy of users and is not recommended.
 .It Cm MACs
 Specifies the available MAC (message authentication code) algorithms.
-The MAC algorithm is used in protocol version 2
+The MAC algorithm is used for data integrity protection.
-for data integrity protection.
 Multiple algorithms must be comma-separated.
 If the specified value begins with a
 .Sq +
@@ -1020,8 +1017,9 @@ The default is:
 .Bd -literal -offset indent
 umac-64-etm@openssh.com,umac-128-etm@openssh.com,
 hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
+hmac-sha1-etm@openssh.com,
 umac-64@openssh.com,umac-128@openssh.com,
-hmac-sha2-256,hmac-sha2-512
+hmac-sha2-256,hmac-sha2-512,hmac-sha1
 .Ed
 .Pp
 The list of available MAC algorithms may also be obtained using the
@@ -1091,6 +1089,8 @@ Available keywords are
 .Cm AuthorizedKeysCommand ,
 .Cm AuthorizedKeysCommandUser ,
 .Cm AuthorizedKeysFile ,
+.Cm AuthorizedPrincipalsCommand ,
+.Cm AuthorizedPrincipalsCommandUser ,
 .Cm AuthorizedPrincipalsFile ,
 .Cm Banner ,
 .Cm ChrootDirectory ,
@@ -1134,7 +1134,15 @@ Once the number of failures reaches half this value,
 additional failures are logged.
 The default is 6.
 .It Cm MaxSessions
-Specifies the maximum number of open sessions permitted per network connection.
+Specifies the maximum number of open shell, login or subsystem (e.g. sftp)
+sessions permitted per network connection.
+Multiple sessions may be established by clients that support connection
+multiplexing.
+Setting
+.Cm MaxSessions
+to 1 will effectively disable session multiplexing, whereas setting it to 0
+will prevent all shell, login and subsystem sessions while still permitting
+forwarding.
 The default is 10.
 .It Cm MaxStartups
 Specifies the maximum number of concurrent unauthenticated connections to the
@@ -1324,6 +1332,10 @@ and
 Multiple versions must be comma-separated.
 The default is
 .Sq 2 .
+Protocol 1 suffers from a number of cryptographic weaknesses and should
+not be used.
+It is only offered to support legacy devices.
+.Pp
 Note that the order of the protocol list does not indicate preference,
 because the client selects among multiple protocol versions offered
 by the server.
@@ -1358,7 +1370,6 @@ may be used to list supported key types.
 Specifies whether public key authentication is allowed.
 The default is
 .Dq yes .
-Note that this option applies to protocol version 2 only.
 .It Cm RekeyLimit
 Specifies the maximum amount of data that may be transmitted before the
 session key is renegotiated, optionally followed a maximum amount of
@@ -1384,7 +1395,6 @@ is
 .Dq default none ,
 which means that rekeying is performed after the cipher's default amount
 of data has been sent or received and no time based rekeying is done.
-This option applies to protocol version 2 only.
 .It Cm RevokedKeys
 Specifies revoked public keys file, or
 .Dq none
@@ -1471,7 +1481,6 @@ This may simplify configurations using
 to force a different filesystem root on clients.
 .Pp
 By default no subsystems are defined.
-Note that this option applies to protocol version 2 only.
 .It Cm SyslogFacility
 Gives the facility code that is used when logging messages from
 .Xr sshd 8 .
@@ -1584,14 +1593,19 @@ After successful authentication, another process will be created that has
 the privilege of the authenticated user.
 The goal of privilege separation is to prevent privilege
 escalation by containing any corruption within the unprivileged processes.
-The default is
+The argument must be
-.Dq yes .
+.Dq yes ,
+.Dq no ,
+or
+.Dq sandbox .
 If
 .Cm UsePrivilegeSeparation
 is set to
 .Dq sandbox
 then the pre-authentication unprivileged process is subject to additional
 restrictions.
+The default is
+.Dq sandbox .
 .It Cm VersionAddendum
 Optionally specifies additional text to append to the SSH protocol banner
 sent by the server upon connection.

diff --git a/sshd_config.5 b/sshd_config.5 index b18d340af..a37a3aca3 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $	36	.\" $OpenBSD: sshd_config.5,v 1.220 2016/02/17 08:57:34 djm Exp $
37	.Dd $Mdocdate: August 14 2015 $	37	.Dd $Mdocdate: February 17 2016 $
38	.Dt SSHD_CONFIG 5	38	.Dt SSHD_CONFIG 5
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -70,8 +70,7 @@ See
70	in	70	in
71	.Xr ssh_config 5	71	.Xr ssh_config 5
72	for how to configure the client.	72	for how to configure the client.
73	Note that environment passing is only supported for protocol 2, and	73	The
74	that the
75	.Ev TERM	74	.Ev TERM
76	environment variable is always sent whenever the client	75	environment variable is always sent whenever the client
77	requests a pseudo-terminal as it is required by the protocol.	76	requests a pseudo-terminal as it is required by the protocol.
@@ -226,7 +225,7 @@ of
226	.Dq publickey,publickey	225	.Dq publickey,publickey
227	will require successful authentication using two different public keys.	226	will require successful authentication using two different public keys.
228	.Pp	227	.Pp
229	This option is only available for SSH protocol 2 and will yield a fatal	228	This option will yield a fatal
230	error if enabled if protocol 1 is also enabled.	229	error if enabled if protocol 1 is also enabled.
231	Note that each authentication method listed should also be explicitly enabled	230	Note that each authentication method listed should also be explicitly enabled
232	in the configuration.	231	in the configuration.
@@ -285,6 +284,9 @@ After expansion,
285	is taken to be an absolute path or one relative to the user's home	284	is taken to be an absolute path or one relative to the user's home
286	directory.	285	directory.
287	Multiple files may be listed, separated by whitespace.	286	Multiple files may be listed, separated by whitespace.
		287	Alternately this option may be set to
		288	.Dq none
		289	to skip checking for user keys in files.
288	The default is	290	The default is
289	.Dq .ssh/authorized_keys .ssh/authorized_keys2 .	291	.Dq .ssh/authorized_keys .ssh/authorized_keys2 .
290	.It Cm AuthorizedPrincipalsCommand	292	.It Cm AuthorizedPrincipalsCommand
@@ -370,7 +372,6 @@ authentication is allowed.
370	If the argument is	372	If the argument is
371	.Dq none	373	.Dq none
372	then no banner is displayed.	374	then no banner is displayed.
373	This option is only available for protocol version 2.
374	By default, no banner is displayed.	375	By default, no banner is displayed.
375	.It Cm ChallengeResponseAuthentication	376	.It Cm ChallengeResponseAuthentication
376	Specifies whether challenge-response authentication is allowed (e.g. via	377	Specifies whether challenge-response authentication is allowed (e.g. via
@@ -429,10 +430,12 @@ Misconfiguration can lead to unsafe environments which
429	.Xr sshd 8	430	.Xr sshd 8
430	cannot detect.	431	cannot detect.
431	.Pp	432	.Pp
432	The default is not to	433	The default is
		434	.Dq none ,
		435	indicating not to
433	.Xr chroot 2 .	436	.Xr chroot 2 .
434	.It Cm Ciphers	437	.It Cm Ciphers
435	Specifies the ciphers allowed for protocol version 2.	438	Specifies the ciphers allowed.
436	Multiple ciphers must be comma-separated.	439	Multiple ciphers must be comma-separated.
437	If the specified value begins with a	440	If the specified value begins with a
438	.Sq +	441	.Sq +
@@ -513,7 +516,6 @@ If
513	.Cm ClientAliveCountMax	516	.Cm ClientAliveCountMax
514	is left at the default, unresponsive SSH clients	517	is left at the default, unresponsive SSH clients
515	will be disconnected after approximately 45 seconds.	518	will be disconnected after approximately 45 seconds.
516	This option applies to protocol version 2 only.
517	.It Cm ClientAliveInterval	519	.It Cm ClientAliveInterval
518	Sets a timeout interval in seconds after which if no data has been received	520	Sets a timeout interval in seconds after which if no data has been received
519	from the client,	521	from the client,
@@ -522,7 +524,6 @@ will send a message through the encrypted
522	channel to request a response from the client.	524	channel to request a response from the client.
523	The default	525	The default
524	is 0, indicating that these messages will not be sent to the client.	526	is 0, indicating that these messages will not be sent to the client.
525	This option applies to protocol version 2 only.
526	.It Cm Compression	527	.It Cm Compression
527	Specifies whether compression is allowed, or delayed until	528	Specifies whether compression is allowed, or delayed until
528	the user has authenticated successfully.	529	the user has authenticated successfully.
@@ -596,6 +597,8 @@ Specifying a command of
596	will force the use of an in-process sftp server that requires no support	597	will force the use of an in-process sftp server that requires no support
597	files when used with	598	files when used with
598	.Cm ChrootDirectory .	599	.Cm ChrootDirectory .
		600	The default is
		601	.Dq none .
599	.It Cm GatewayPorts	602	.It Cm GatewayPorts
600	Specifies whether remote hosts are allowed to connect to ports	603	Specifies whether remote hosts are allowed to connect to ports
601	forwarded for the client.	604	forwarded for the client.
@@ -620,13 +623,11 @@ The default is
620	Specifies whether user authentication based on GSSAPI is allowed.	623	Specifies whether user authentication based on GSSAPI is allowed.
621	The default is	624	The default is
622	.Dq no .	625	.Dq no .
623	Note that this option applies to protocol version 2 only.
624	.It Cm GSSAPICleanupCredentials	626	.It Cm GSSAPICleanupCredentials
625	Specifies whether to automatically destroy the user's credentials cache	627	Specifies whether to automatically destroy the user's credentials cache
626	on logout.	628	on logout.
627	The default is	629	The default is
628	.Dq yes .	630	.Dq yes .
629	Note that this option applies to protocol version 2 only.
630	.It Cm GSSAPIStrictAcceptorCheck	631	.It Cm GSSAPIStrictAcceptorCheck
631	Determines whether to be strict about the identity of the GSSAPI acceptor	632	Determines whether to be strict about the identity of the GSSAPI acceptor
632	a client authenticates against.	633	a client authenticates against.
@@ -669,9 +670,6 @@ may be used to list supported key types.
669	Specifies whether rhosts or /etc/hosts.equiv authentication together	670	Specifies whether rhosts or /etc/hosts.equiv authentication together
670	with successful public key client host authentication is allowed	671	with successful public key client host authentication is allowed
671	(host-based authentication).	672	(host-based authentication).
672	This option is similar to
673	.Cm RhostsRSAAuthentication
674	and applies to protocol version 2 only.
675	The default is	673	The default is
676	.Dq no .	674	.Dq no .
677	.It Cm HostbasedUsesNameFromPacketOnly	675	.It Cm HostbasedUsesNameFromPacketOnly
@@ -742,7 +740,7 @@ is specified, the location of the socket will be read from the
742	.Ev SSH_AUTH_SOCK	740	.Ev SSH_AUTH_SOCK
743	environment variable.	741	environment variable.
744	.It Cm HostKeyAlgorithms	742	.It Cm HostKeyAlgorithms
745	Specifies the protocol version 2 host key algorithms	743	Specifies the host key algorithms
746	that the server offers.	744	that the server offers.
747	The default for this option is:	745	The default for this option is:
748	.Bd -literal -offset 3n	746	.Bd -literal -offset 3n
@@ -963,8 +961,7 @@ DEBUG2 and DEBUG3 each specify higher levels of debugging output.
963	Logging with a DEBUG level violates the privacy of users and is not recommended.	961	Logging with a DEBUG level violates the privacy of users and is not recommended.
964	.It Cm MACs	962	.It Cm MACs
965	Specifies the available MAC (message authentication code) algorithms.	963	Specifies the available MAC (message authentication code) algorithms.
966	The MAC algorithm is used in protocol version 2	964	The MAC algorithm is used for data integrity protection.
967	for data integrity protection.
968	Multiple algorithms must be comma-separated.	965	Multiple algorithms must be comma-separated.
969	If the specified value begins with a	966	If the specified value begins with a
970	.Sq +	967	.Sq +
@@ -1020,8 +1017,9 @@ The default is:
1020	.Bd -literal -offset indent	1017	.Bd -literal -offset indent
1021	umac-64-etm@openssh.com,umac-128-etm@openssh.com,	1018	umac-64-etm@openssh.com,umac-128-etm@openssh.com,
1022	hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,	1019	hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
		1020	hmac-sha1-etm@openssh.com,
1023	umac-64@openssh.com,umac-128@openssh.com,	1021	umac-64@openssh.com,umac-128@openssh.com,
1024	hmac-sha2-256,hmac-sha2-512	1022	hmac-sha2-256,hmac-sha2-512,hmac-sha1
1025	.Ed	1023	.Ed
1026	.Pp	1024	.Pp
1027	The list of available MAC algorithms may also be obtained using the	1025	The list of available MAC algorithms may also be obtained using the
@@ -1091,6 +1089,8 @@ Available keywords are
1091	.Cm AuthorizedKeysCommand ,	1089	.Cm AuthorizedKeysCommand ,
1092	.Cm AuthorizedKeysCommandUser ,	1090	.Cm AuthorizedKeysCommandUser ,
1093	.Cm AuthorizedKeysFile ,	1091	.Cm AuthorizedKeysFile ,
		1092	.Cm AuthorizedPrincipalsCommand ,
		1093	.Cm AuthorizedPrincipalsCommandUser ,
1094	.Cm AuthorizedPrincipalsFile ,	1094	.Cm AuthorizedPrincipalsFile ,
1095	.Cm Banner ,	1095	.Cm Banner ,
1096	.Cm ChrootDirectory ,	1096	.Cm ChrootDirectory ,
@@ -1134,7 +1134,15 @@ Once the number of failures reaches half this value,
1134	additional failures are logged.	1134	additional failures are logged.
1135	The default is 6.	1135	The default is 6.
1136	.It Cm MaxSessions	1136	.It Cm MaxSessions
1137	Specifies the maximum number of open sessions permitted per network connection.	1137	Specifies the maximum number of open shell, login or subsystem (e.g. sftp)
		1138	sessions permitted per network connection.
		1139	Multiple sessions may be established by clients that support connection
		1140	multiplexing.
		1141	Setting
		1142	.Cm MaxSessions
		1143	to 1 will effectively disable session multiplexing, whereas setting it to 0
		1144	will prevent all shell, login and subsystem sessions while still permitting
		1145	forwarding.
1138	The default is 10.	1146	The default is 10.
1139	.It Cm MaxStartups	1147	.It Cm MaxStartups
1140	Specifies the maximum number of concurrent unauthenticated connections to the	1148	Specifies the maximum number of concurrent unauthenticated connections to the
@@ -1324,6 +1332,10 @@ and
1324	Multiple versions must be comma-separated.	1332	Multiple versions must be comma-separated.
1325	The default is	1333	The default is
1326	.Sq 2 .	1334	.Sq 2 .
		1335	Protocol 1 suffers from a number of cryptographic weaknesses and should
		1336	not be used.
		1337	It is only offered to support legacy devices.
		1338	.Pp
1327	Note that the order of the protocol list does not indicate preference,	1339	Note that the order of the protocol list does not indicate preference,
1328	because the client selects among multiple protocol versions offered	1340	because the client selects among multiple protocol versions offered
1329	by the server.	1341	by the server.
@@ -1358,7 +1370,6 @@ may be used to list supported key types.
1358	Specifies whether public key authentication is allowed.	1370	Specifies whether public key authentication is allowed.
1359	The default is	1371	The default is
1360	.Dq yes .	1372	.Dq yes .
1361	Note that this option applies to protocol version 2 only.
1362	.It Cm RekeyLimit	1373	.It Cm RekeyLimit
1363	Specifies the maximum amount of data that may be transmitted before the	1374	Specifies the maximum amount of data that may be transmitted before the
1364	session key is renegotiated, optionally followed a maximum amount of	1375	session key is renegotiated, optionally followed a maximum amount of
@@ -1384,7 +1395,6 @@ is
1384	.Dq default none ,	1395	.Dq default none ,
1385	which means that rekeying is performed after the cipher's default amount	1396	which means that rekeying is performed after the cipher's default amount
1386	of data has been sent or received and no time based rekeying is done.	1397	of data has been sent or received and no time based rekeying is done.
1387	This option applies to protocol version 2 only.
1388	.It Cm RevokedKeys	1398	.It Cm RevokedKeys
1389	Specifies revoked public keys file, or	1399	Specifies revoked public keys file, or
1390	.Dq none	1400	.Dq none
@@ -1471,7 +1481,6 @@ This may simplify configurations using
1471	to force a different filesystem root on clients.	1481	to force a different filesystem root on clients.
1472	.Pp	1482	.Pp
1473	By default no subsystems are defined.	1483	By default no subsystems are defined.
1474	Note that this option applies to protocol version 2 only.
1475	.It Cm SyslogFacility	1484	.It Cm SyslogFacility
1476	Gives the facility code that is used when logging messages from	1485	Gives the facility code that is used when logging messages from
1477	.Xr sshd 8 .	1486	.Xr sshd 8 .
@@ -1584,14 +1593,19 @@ After successful authentication, another process will be created that has
1584	the privilege of the authenticated user.	1593	the privilege of the authenticated user.
1585	The goal of privilege separation is to prevent privilege	1594	The goal of privilege separation is to prevent privilege
1586	escalation by containing any corruption within the unprivileged processes.	1595	escalation by containing any corruption within the unprivileged processes.
1587	The default is	1596	The argument must be
1588	.Dq yes .	1597	.Dq yes ,
		1598	.Dq no ,
		1599	or
		1600	.Dq sandbox .
1589	If	1601	If
1590	.Cm UsePrivilegeSeparation	1602	.Cm UsePrivilegeSeparation
1591	is set to	1603	is set to
1592	.Dq sandbox	1604	.Dq sandbox
1593	then the pre-authentication unprivileged process is subject to additional	1605	then the pre-authentication unprivileged process is subject to additional
1594	restrictions.	1606	restrictions.
		1607	The default is
		1608	.Dq sandbox .
1595	.It Cm VersionAddendum	1609	.It Cm VersionAddendum
1596	Optionally specifies additional text to append to the SSH protocol banner	1610	Optionally specifies additional text to append to the SSH protocol banner
1597	sent by the server upon connection.	1611	sent by the server upon connection.