1 files changed, 54 insertions, 8 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index aa7b7c7d4..0944ba076 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.4 2002/06/22 16:45:29 stevesk Exp $
+.\" $OpenBSD: sshd_config.5,v 1.13 2002/09/16 20:12:11 stevesk Exp $
 .Dd September 25, 1999
 .Dt SSHD_CONFIG 5
 .Os
@@ -379,7 +379,7 @@ options must precede this option for non port qualified addresses.
 The server disconnects after this time if the user has not
 successfully logged in.
 If the value is 0, there is no time limit.
-The default is 600 (seconds).
+The default is 120 seconds.
 .It Cm LogLevel
 Gives the verbosity level that is used when logging messages from
 .Nm sshd .
@@ -465,6 +465,20 @@ for root.
 If this option is set to
 .Dq no
 root is not allowed to login.
+.It Cm PermitUserEnvironment
+Specifies whether
+.Pa ~/.ssh/environment
+and
+.Cm environment=
+options in
+.Pa ~/.ssh/authorized_keys
+are processed by
+.Nm sshd .
+The default is
+.Dq no .
+Enabling environment processing may enable users to bypass access
+restrictions in some configurations using mechanisms such as
+.Ev LD_PRELOAD .
 .It Cm PidFile
 Specifies the file that contains the process ID of the
 .Nm sshd
@@ -499,7 +513,7 @@ The default is
 .It Cm Protocol
 Specifies the protocol versions
 .Nm sshd
-should support.
+supports.
 The possible values are
 .Dq 1
 and
@@ -507,6 +521,13 @@ and
 Multiple versions must be comma-separated.
 The default is
 .Dq 2,1 .
+Note that the order of the protocol list does not indicate preference,
+because the client selects among multiple protocol versions offered
+by the server.
+Specifying
+.Dq 2,1
+is identical to
+.Dq 1,2 .
 .It Cm PubkeyAuthentication
 Specifies whether public key authentication is allowed.
 The default is
@@ -609,10 +630,35 @@ from interfering with real X11 servers.
 The default is 10.
 .It Cm X11Forwarding
 Specifies whether X11 forwarding is permitted.
+The argument must be
+.Dq yes
+or
+.Dq no .
 The default is
 .Dq no .
-Note that disabling X11 forwarding does not improve security in any
+.Pp
-way, as users can always install their own forwarders.
+When X11 forwarding is enabled, there may be additional exposure to
+the server and to client displays if the
+.Nm sshd
+proxy display is configured to listen on the wildcard address (see
+.Cm X11UseLocalhost
+below), however this is not the default.
+Additionally, the authentication spoofing and authentication data
+verification and substitution occur on the client side.
+The security risk of using X11 forwarding is that the client's X11
+display server may be exposed to attack when the ssh client requests
+forwarding (see the warnings for
+.Cm ForwardX11
+in
+.Xr ssh_config 5 ).
+A system administrator may have a stance in which they want to
+protect clients that may expose themselves to attack by unwittingly
+requesting X11 forwarding, which can warrant a
+.Dq no
+setting.
+.Pp
+Note that disabling X11 forwarding does not prevent users from
+forwarding X11 traffic, as users can always install their own forwarders.
 X11 forwarding is automatically disabled if
 .Cm UseLogin
 is enabled.
@@ -627,7 +673,7 @@ hostname part of the
 .Ev DISPLAY
 environment variable to
 .Dq localhost .
-This prevents remote hosts from connecting to the fake display.
+This prevents remote hosts from connecting to the proxy display.
 However, some older X11 clients may not function with this
 configuration.
 .Cm X11UseLocalhost
@@ -642,7 +688,7 @@ or
 The default is
 .Dq yes .
 .It Cm XAuthLocation
-Specifies the location of the
+Specifies the full pathname of the
 .Xr xauth 1
 program.
 The default is
@@ -654,7 +700,7 @@ The default is
 command-line arguments and configuration file options that specify time
 may be expressed using a sequence of the form:
 .Sm off
-.Ar time Oo Ar qualifier Oc ,
+.Ar time Op Ar qualifier ,
 .Sm on
 where
 .Ar time

diff --git a/sshd_config.5 b/sshd_config.5 index aa7b7c7d4..0944ba076 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd_config.5,v 1.4 2002/06/22 16:45:29 stevesk Exp $	37	.\" $OpenBSD: sshd_config.5,v 1.13 2002/09/16 20:12:11 stevesk Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD_CONFIG 5	39	.Dt SSHD_CONFIG 5
40	.Os	40	.Os
@@ -379,7 +379,7 @@ options must precede this option for non port qualified addresses.
379	The server disconnects after this time if the user has not	379	The server disconnects after this time if the user has not
380	successfully logged in.	380	successfully logged in.
381	If the value is 0, there is no time limit.	381	If the value is 0, there is no time limit.
382	The default is 600 (seconds).	382	The default is 120 seconds.
383	.It Cm LogLevel	383	.It Cm LogLevel
384	Gives the verbosity level that is used when logging messages from	384	Gives the verbosity level that is used when logging messages from
385	.Nm sshd .	385	.Nm sshd .
@@ -465,6 +465,20 @@ for root.
465	If this option is set to	465	If this option is set to
466	.Dq no	466	.Dq no
467	root is not allowed to login.	467	root is not allowed to login.
		468	.It Cm PermitUserEnvironment
		469	Specifies whether
		470	.Pa ~/.ssh/environment
		471	and
		472	.Cm environment=
		473	options in
		474	.Pa ~/.ssh/authorized_keys
		475	are processed by
		476	.Nm sshd .
		477	The default is
		478	.Dq no .
		479	Enabling environment processing may enable users to bypass access
		480	restrictions in some configurations using mechanisms such as
		481	.Ev LD_PRELOAD .
468	.It Cm PidFile	482	.It Cm PidFile
469	Specifies the file that contains the process ID of the	483	Specifies the file that contains the process ID of the
470	.Nm sshd	484	.Nm sshd
@@ -499,7 +513,7 @@ The default is
499	.It Cm Protocol	513	.It Cm Protocol
500	Specifies the protocol versions	514	Specifies the protocol versions
501	.Nm sshd	515	.Nm sshd
502	should support.	516	supports.
503	The possible values are	517	The possible values are
504	.Dq 1	518	.Dq 1
505	and	519	and
@@ -507,6 +521,13 @@ and
507	Multiple versions must be comma-separated.	521	Multiple versions must be comma-separated.
508	The default is	522	The default is
509	.Dq 2,1 .	523	.Dq 2,1 .
		524	Note that the order of the protocol list does not indicate preference,
		525	because the client selects among multiple protocol versions offered
		526	by the server.
		527	Specifying
		528	.Dq 2,1
		529	is identical to
		530	.Dq 1,2 .
510	.It Cm PubkeyAuthentication	531	.It Cm PubkeyAuthentication
511	Specifies whether public key authentication is allowed.	532	Specifies whether public key authentication is allowed.
512	The default is	533	The default is
@@ -609,10 +630,35 @@ from interfering with real X11 servers.
609	The default is 10.	630	The default is 10.
610	.It Cm X11Forwarding	631	.It Cm X11Forwarding
611	Specifies whether X11 forwarding is permitted.	632	Specifies whether X11 forwarding is permitted.
		633	The argument must be
		634	.Dq yes
		635	or
		636	.Dq no .
612	The default is	637	The default is
613	.Dq no .	638	.Dq no .
614	Note that disabling X11 forwarding does not improve security in any	639	.Pp
615	way, as users can always install their own forwarders.	640	When X11 forwarding is enabled, there may be additional exposure to
		641	the server and to client displays if the
		642	.Nm sshd
		643	proxy display is configured to listen on the wildcard address (see
		644	.Cm X11UseLocalhost
		645	below), however this is not the default.
		646	Additionally, the authentication spoofing and authentication data
		647	verification and substitution occur on the client side.
		648	The security risk of using X11 forwarding is that the client's X11
		649	display server may be exposed to attack when the ssh client requests
		650	forwarding (see the warnings for
		651	.Cm ForwardX11
		652	in
		653	.Xr ssh_config 5 ).
		654	A system administrator may have a stance in which they want to
		655	protect clients that may expose themselves to attack by unwittingly
		656	requesting X11 forwarding, which can warrant a
		657	.Dq no
		658	setting.
		659	.Pp
		660	Note that disabling X11 forwarding does not prevent users from
		661	forwarding X11 traffic, as users can always install their own forwarders.
616	X11 forwarding is automatically disabled if	662	X11 forwarding is automatically disabled if
617	.Cm UseLogin	663	.Cm UseLogin
618	is enabled.	664	is enabled.
@@ -627,7 +673,7 @@ hostname part of the
627	.Ev DISPLAY	673	.Ev DISPLAY
628	environment variable to	674	environment variable to
629	.Dq localhost .	675	.Dq localhost .
630	This prevents remote hosts from connecting to the fake display.	676	This prevents remote hosts from connecting to the proxy display.
631	However, some older X11 clients may not function with this	677	However, some older X11 clients may not function with this
632	configuration.	678	configuration.
633	.Cm X11UseLocalhost	679	.Cm X11UseLocalhost
@@ -642,7 +688,7 @@ or
642	The default is	688	The default is
643	.Dq yes .	689	.Dq yes .
644	.It Cm XAuthLocation	690	.It Cm XAuthLocation
645	Specifies the location of the	691	Specifies the full pathname of the
646	.Xr xauth 1	692	.Xr xauth 1
647	program.	693	program.
648	The default is	694	The default is
@@ -654,7 +700,7 @@ The default is
654	command-line arguments and configuration file options that specify time	700	command-line arguments and configuration file options that specify time
655	may be expressed using a sequence of the form:	701	may be expressed using a sequence of the form:
656	.Sm off	702	.Sm off
657	.Ar time Oo Ar qualifier Oc ,	703	.Ar time Op Ar qualifier ,
658	.Sm on	704	.Sm on
659	where	705	where
660	.Ar time	706	.Ar time