1 files changed, 25 insertions, 12 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index 09532fb8d..8d291e61d 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.35 2004/06/26 09:14:40 jmc Exp $
+.\" $OpenBSD: sshd_config.5,v 1.39 2005/03/01 10:09:52 djm Exp $
 .Dd September 25, 1999
 .Dt SSHD_CONFIG 5
 .Os
@@ -83,6 +83,17 @@ Be warned that some environment variables could be used to bypass restricted
 user environments.
 For this reason, care should be taken in the use of this directive.
 The default is not to accept any environment variables.
+.It Cm AddressFamily
+Specifies which address family should be used by
+.Nm sshd .
+Valid arguments are
+.Dq any ,
+.Dq inet
+(use IPv4 only) or
+.Dq inet6
+(use IPv6 only).
+The default is
+.Dq any .
 .It Cm AllowGroups
 This keyword can be followed by a list of group name patterns, separated
 by spaces.
@@ -245,12 +256,15 @@ This prevents other remote hosts from connecting to forwarded ports.
 .Cm GatewayPorts
 can be used to specify that
 .Nm sshd
-should bind remote port forwardings to the wildcard address,
+should allow remote port forwardings to bind to non-loopback addresses, thus
-thus allowing remote hosts to connect to forwarded ports.
+allowing other hosts to connect.
-The argument must be
+The argument may be
+.Dq no
+to force remote port forwardings to be available to the local host only,
 .Dq yes
-or
+to force remote port forwardings to bind to the wildcard address, or
-.Dq no .
+.Dq clientspecified
+to allow the client to select the address to which the forwarding is bound.
 The default is
 .Dq no .
 .It Cm GSSAPIAuthentication
@@ -455,7 +469,7 @@ server allows login to accounts with empty password strings.
 The default is
 .Dq no .
 .It Cm PermitRootLogin
-Specifies whether root can login using
+Specifies whether root can log in using
 .Xr ssh 1 .
 The argument must be
 .Dq yes ,
@@ -468,9 +482,7 @@ The default is
 .Pp
 If this option is set to
 .Dq without-password
-password authentication is disabled for root.  Note that other authentication
+password authentication is disabled for root.
-methods (e.g., keyboard-interactive/PAM) may still allow root to login using
-a password.
 .Pp
 If this option is set to
 .Dq forced-commands-only
@@ -484,7 +496,7 @@ All other authentication methods are disabled for root.
 .Pp
 If this option is set to
 .Dq no
-root is not allowed to login.
+root is not allowed to log in.
 .It Cm PermitUserEnvironment
 Specifies whether
 .Pa ~/.ssh/environment
@@ -516,7 +528,8 @@ See also
 .It Cm PrintLastLog
 Specifies whether
 .Nm sshd
-should print the date and time when the user last logged in.
+should print the date and time of the last user login when a user logs
+in interactively.
 The default is
 .Dq yes .
 .It Cm PrintMotd

diff --git a/sshd_config.5 b/sshd_config.5 index 09532fb8d..8d291e61d 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -34,7 +34,7 @@
34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	34	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	35	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36	.\"	36	.\"
37	.\" $OpenBSD: sshd_config.5,v 1.35 2004/06/26 09:14:40 jmc Exp $	37	.\" $OpenBSD: sshd_config.5,v 1.39 2005/03/01 10:09:52 djm Exp $
38	.Dd September 25, 1999	38	.Dd September 25, 1999
39	.Dt SSHD_CONFIG 5	39	.Dt SSHD_CONFIG 5
40	.Os	40	.Os
@@ -83,6 +83,17 @@ Be warned that some environment variables could be used to bypass restricted
83	user environments.	83	user environments.
84	For this reason, care should be taken in the use of this directive.	84	For this reason, care should be taken in the use of this directive.
85	The default is not to accept any environment variables.	85	The default is not to accept any environment variables.
		86	.It Cm AddressFamily
		87	Specifies which address family should be used by
		88	.Nm sshd .
		89	Valid arguments are
		90	.Dq any ,
		91	.Dq inet
		92	(use IPv4 only) or
		93	.Dq inet6
		94	(use IPv6 only).
		95	The default is
		96	.Dq any .
86	.It Cm AllowGroups	97	.It Cm AllowGroups
87	This keyword can be followed by a list of group name patterns, separated	98	This keyword can be followed by a list of group name patterns, separated
88	by spaces.	99	by spaces.
@@ -245,12 +256,15 @@ This prevents other remote hosts from connecting to forwarded ports.
245	.Cm GatewayPorts	256	.Cm GatewayPorts
246	can be used to specify that	257	can be used to specify that
247	.Nm sshd	258	.Nm sshd
248	should bind remote port forwardings to the wildcard address,	259	should allow remote port forwardings to bind to non-loopback addresses, thus
249	thus allowing remote hosts to connect to forwarded ports.	260	allowing other hosts to connect.
250	The argument must be	261	The argument may be
		262	.Dq no
		263	to force remote port forwardings to be available to the local host only,
251	.Dq yes	264	.Dq yes
252	or	265	to force remote port forwardings to bind to the wildcard address, or
253	.Dq no .	266	.Dq clientspecified
		267	to allow the client to select the address to which the forwarding is bound.
254	The default is	268	The default is
255	.Dq no .	269	.Dq no .
256	.It Cm GSSAPIAuthentication	270	.It Cm GSSAPIAuthentication
@@ -455,7 +469,7 @@ server allows login to accounts with empty password strings.
455	The default is	469	The default is
456	.Dq no .	470	.Dq no .
457	.It Cm PermitRootLogin	471	.It Cm PermitRootLogin
458	Specifies whether root can login using	472	Specifies whether root can log in using
459	.Xr ssh 1 .	473	.Xr ssh 1 .
460	The argument must be	474	The argument must be
461	.Dq yes ,	475	.Dq yes ,
@@ -468,9 +482,7 @@ The default is
468	.Pp	482	.Pp
469	If this option is set to	483	If this option is set to
470	.Dq without-password	484	.Dq without-password
471	password authentication is disabled for root. Note that other authentication	485	password authentication is disabled for root.
472	methods (e.g., keyboard-interactive/PAM) may still allow root to login using
473	a password.
474	.Pp	486	.Pp
475	If this option is set to	487	If this option is set to
476	.Dq forced-commands-only	488	.Dq forced-commands-only
@@ -484,7 +496,7 @@ All other authentication methods are disabled for root.
484	.Pp	496	.Pp
485	If this option is set to	497	If this option is set to
486	.Dq no	498	.Dq no
487	root is not allowed to login.	499	root is not allowed to log in.
488	.It Cm PermitUserEnvironment	500	.It Cm PermitUserEnvironment
489	Specifies whether	501	Specifies whether
490	.Pa ~/.ssh/environment	502	.Pa ~/.ssh/environment
@@ -516,7 +528,8 @@ See also
516	.It Cm PrintLastLog	528	.It Cm PrintLastLog
517	Specifies whether	529	Specifies whether
518	.Nm sshd	530	.Nm sshd
519	should print the date and time when the user last logged in.	531	should print the date and time of the last user login when a user logs
		532	in interactively.
520	The default is	533	The default is
521	.Dq yes .	534	.Dq yes .
522	.It Cm PrintMotd	535	.It Cm PrintMotd