From 788ac799a6efa40517f2ac0d895a610394298ffc Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 30 Apr 2017 23:18:22 +0000 Subject: upstream commit remove SSHv1 configuration options and man pages bits ok markus@ Upstream-ID: 84638c23546c056727b7a7d653c72574e0f19424 --- ssh.1 | 57 +++++---------------------------------------------------- 1 file changed, 5 insertions(+), 52 deletions(-) (limited to 'ssh.1') diff --git a/ssh.1 b/ssh.1 index 4011c65aa..325742f98 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.376 2016/07/16 06:57:55 jmc Exp $ -.Dd $Mdocdate: July 16 2016 $ +.\" $OpenBSD: ssh.1,v 1.377 2017/04/30 23:18:22 djm Exp $ +.Dd $Mdocdate: April 30 2017 $ .Dt SSH 1 .Os .Sh NAME @@ -43,7 +43,7 @@ .Sh SYNOPSIS .Nm ssh .Bk -words -.Op Fl 1246AaCfGgKkMNnqsTtVvXxYy +.Op Fl 46AaCfGgKkMNnqsTtVvXxYy .Op Fl b Ar bind_address .Op Fl c Ar cipher_spec .Op Fl D Oo Ar bind_address : Oc Ns Ar port @@ -95,16 +95,6 @@ it is executed on the remote host instead of a login shell. The options are as follows: .Pp .Bl -tag -width Ds -compact -.It Fl 1 -Forces -.Nm -to try protocol version 1 only. -.Pp -.It Fl 2 -Forces -.Nm -to try protocol version 2 only. -.Pp .It Fl 4 Forces .Nm @@ -144,12 +134,7 @@ data for forwarded X11, TCP and .Ux Ns -domain connections). The compression algorithm is the same used by -.Xr gzip 1 , -and the -.Dq level -can be controlled by the -.Cm CompressionLevel -option for protocol version 1. +.Xr gzip 1 . Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks. The default value can be set on a host-by-host basis in the @@ -159,14 +144,6 @@ option. .Pp .It Fl c Ar cipher_spec Selects the cipher specification for encrypting the session. -.Pp -Protocol version 1 allows specification of a single cipher. -The supported values are -.Dq 3des , -.Dq blowfish , -and -.Dq des . -For protocol version 2, .Ar cipher_spec is a comma-separated list of ciphers listed in order of preference. @@ -290,8 +267,6 @@ private RSA key. Selects a file from which the identity (private key) for public key authentication is read. The default is -.Pa ~/.ssh/identity -for protocol version 1, and .Pa ~/.ssh/id_dsa , .Pa ~/.ssh/id_ecdsa , .Pa ~/.ssh/id_ed25519 @@ -495,7 +470,6 @@ For full details of the options listed below, and their possible values, see .It Ciphers .It ClearAllForwardings .It Compression -.It CompressionLevel .It ConnectionAttempts .It ConnectTimeout .It ControlMaster @@ -540,7 +514,6 @@ For full details of the options listed below, and their possible values, see .It PKCS11Provider .It Port .It PreferredAuthentications -.It Protocol .It ProxyCommand .It ProxyJump .It ProxyUseFdpass @@ -549,8 +522,6 @@ For full details of the options listed below, and their possible values, see .It RekeyLimit .It RemoteForward .It RequestTTY -.It RhostsRSAAuthentication -.It RSAAuthentication .It SendEnv .It ServerAliveInterval .It ServerAliveCountMax @@ -806,21 +777,7 @@ a per-user configuration file and a system-wide configuration file. The file format and configuration options are described in .Xr ssh_config 5 . .Sh AUTHENTICATION -The OpenSSH SSH client supports SSH protocols 1 and 2. -The default is to use protocol 2 only, -though this can be changed via the -.Cm Protocol -option in -.Xr ssh_config 5 -or the -.Fl 1 -and -.Fl 2 -options (see above). -Protocol 1 should not be used -and is only offered to support legacy devices. -It suffers from a number of cryptographic weaknesses -and doesn't support many of the advanced features available for protocol 2. +The OpenSSH SSH client supports SSH protocol 2. .Pp The methods available for authentication are: GSSAPI-based authentication, @@ -893,8 +850,6 @@ is authorized to accept the account. The user creates his/her key pair by running .Xr ssh-keygen 1 . This stores the private key in -.Pa ~/.ssh/identity -(protocol 1), .Pa ~/.ssh/id_dsa (DSA), .Pa ~/.ssh/id_ecdsa @@ -905,8 +860,6 @@ or .Pa ~/.ssh/id_rsa (RSA) and stores the public key in -.Pa ~/.ssh/identity.pub -(protocol 1), .Pa ~/.ssh/id_dsa.pub (DSA), .Pa ~/.ssh/id_ecdsa.pub -- cgit v1.2.3