tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- jmc@cvs.openbsd.org 2006/02/16 09:05:34 

[sshd.8]
     sync some of the FILES entries w/ ssh.1;
This commit is contained in:
Damien Miller 2006-03-15 11:35:27 +11:00
parent bc1936ad87
commit adc35b9583
2 changed files with 37 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ChangeLog
View File

@ -116,6 +116,9 @@
- jmc@cvs.openbsd.org 2006/02/15 16:55:33 - jmc@cvs.openbsd.org 2006/02/15 16:55:33
[sshd.8] [sshd.8]
remove ietf draft references; RFC list now maintained in ssh.1; remove ietf draft references; RFC list now maintained in ssh.1;
- jmc@cvs.openbsd.org 2006/02/16 09:05:34
[sshd.8]
sync some of the FILES entries w/ ssh.1;
20060313 20060313
- (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong) - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@ -4017,4 +4020,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.4172 2006/03/15 00:35:05 djm Exp $ $Id: ChangeLog,v 1.4173 2006/03/15 00:35:27 djm Exp $

78
sshd.8
View File

@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd.8,v 1.224 2006/02/15 16:55:33 jmc Exp $ .\" $OpenBSD: sshd.8,v 1.225 2006/02/16 09:05:34 jmc Exp $
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSHD 8 .Dt SSHD 8
.Os .Os
@ -605,45 +605,31 @@ It does not suppress printing of the banner specified by
.Cm Banner . .Cm Banner .
.Pp .Pp
.It ~/.rhosts .It ~/.rhosts
This file is used during This file is used for host-based authentication (see
.Cm RhostsRSAAuthentication .Xr ssh 1
and for more information).
.Cm HostbasedAuthentication On some machines this file may need to be
and contains host-username pairs, separated by a space, one per world-readable if the user's home directory is on an NFS partition,
line. because
The given user on the corresponding host is permitted to log in .Nm
without a password. reads it as root.
The same file is used by rlogind and rshd. Additionally, this file must be owned by the user,
The file must and must not have write permissions for anyone else.
be writable only by the user; it is recommended that it not be The recommended
permission for most machines is read/write for the user, and not
accessible by others. accessible by others.
.Pp .Pp
It is also possible to use netgroups in the file.
Either host or user
name may be of the form +@groupname to specify all hosts or all users
in the group.
.Pp
.It ~/.shosts .It ~/.shosts
For ssh, This file is used in exactly the same way as
this file is exactly the same as for .Pa .rhosts ,
.Pa .rhosts . but allows host-based authentication without permitting login with
However, this file is rlogin/rsh.
not used by rlogin and rshd, so using this permits access using SSH only.
.Pp .Pp
.It ~/.ssh/authorized_keys .It ~/.ssh/authorized_keys
Lists the public keys (RSA or DSA) that can be used to log into the user's account. Lists the public keys (RSA/DSA) that can be used for logging in as this user.
This file must be readable by root (which may on some machines imply
it being world-readable if the user's home directory resides on an NFS
volume).
It is recommended that it not be accessible by others.
The format of this file is described above. The format of this file is described above.
Users will place the contents of their This file is not highly sensitive, but the recommended
.Pa identity.pub , permissions are read/write for the user, and not accessible by others.
.Pa id_dsa.pub
and/or
.Pa id_rsa.pub
files into this file, as described in
.Xr ssh-keygen 1 .
.Pp .Pp
.It ~/.ssh/environment .It ~/.ssh/environment
This file is read into the environment at login (if it exists). This file is read into the environment at login (if it exists).
@ -658,17 +644,10 @@ controlled via the
option. option.
.Pp .Pp
.It ~/.ssh/known_hosts .It ~/.ssh/known_hosts
.It /etc/ssh/ssh_known_hosts Contains a list of host keys for all hosts the user has logged into
These files are consulted when using rhosts with RSA host that are not already in the systemwide list of known host keys.
authentication or protocol version 2 hostbased authentication The format of this file is described above.
to check the public key of the host. This file should be writable only by root/the owner and
The key must be listed in one of these files to be accepted.
The client uses the same files
to verify that it is connecting to the correct remote host.
These files should be writable only by root/the owner.
.Pa /etc/ssh/ssh_known_hosts
should be world-readable, and
.Pa ~/.ssh/known_hosts
can, but need not be, world-readable. can, but need not be, world-readable.
.Pp .Pp
.It ~/.ssh/rc .It ~/.ssh/rc
@ -784,6 +763,15 @@ This is processed exactly as
However, this file may be useful in environments that want to run both However, this file may be useful in environments that want to run both
rsh/rlogin and ssh. rsh/rlogin and ssh.
.Pp .Pp
.It /etc/ssh/ssh_known_hosts
Systemwide list of known host keys.
This file should be prepared by the
system administrator to contain the public host keys of all machines in the
organization.
The format of this file is described above.
This file should be writable only by root/the owner and
should be world-readable.
.Pp
.It /etc/ssh/ssh_host_key .It /etc/ssh/ssh_host_key
.It /etc/ssh/ssh_host_dsa_key .It /etc/ssh/ssh_host_dsa_key
.It /etc/ssh/ssh_host_rsa_key .It /etc/ssh/ssh_host_rsa_key