diff --git a/ChangeLog b/ChangeLog index 47b1c1652..25c46c1cf 100644 --- a/ChangeLog +++ b/ChangeLog @@ -34,6 +34,10 @@ - dtucker@cvs.openbsd.org 2012/06/18 11:49:58 [ssh_config.5] RSA instead of DSA twice. From Steve.McClellan at radisys com + - dtucker@cvs.openbsd.org 2012/06/18 12:07:07 + [ssh.1 sshd.8] + Remove mention of 'three' key files since there are now four. From + Steve.McClellan at radisys com. 20120519 - (dtucker) [configure.ac] bz#2010: fix non-portable shell construct. Patch diff --git a/ssh.1 b/ssh.1 index 207834039..71beefc15 100644 --- a/ssh.1 +++ b/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.324 2012/04/20 16:26:22 jmc Exp $ -.Dd $Mdocdate: April 20 2012 $ +.\" $OpenBSD: ssh.1,v 1.325 2012/06/18 12:07:07 dtucker Exp $ +.Dd $Mdocdate: June 18 2012 $ .Dt SSH 1 .Os .Sh NAME @@ -1375,7 +1375,7 @@ The file format and configuration options are described in .It Pa /etc/ssh/ssh_host_dsa_key .It Pa /etc/ssh/ssh_host_ecdsa_key .It Pa /etc/ssh/ssh_host_rsa_key -These three files contain the private parts of the host keys +These files contain the private parts of the host keys and are used for host-based authentication. If protocol version 1 is used, .Nm diff --git a/sshd.8 b/sshd.8 index 6d79c7dda..a1a74d86a 100644 --- a/sshd.8 +++ b/sshd.8 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.265 2012/05/13 01:42:32 dtucker Exp $ -.Dd $Mdocdate: May 13 2012 $ +.\" $OpenBSD: sshd.8,v 1.266 2012/06/18 12:07:07 dtucker Exp $ +.Dd $Mdocdate: June 18 2012 $ .Dt SSHD 8 .Os .Sh NAME @@ -886,7 +886,7 @@ rlogin/rsh. .It Pa /etc/ssh/ssh_host_dsa_key .It Pa /etc/ssh/ssh_host_ecdsa_key .It Pa /etc/ssh/ssh_host_rsa_key -These three files contain the private parts of the host keys. +These files contain the private parts of the host keys. These files should only be owned by root, readable only by root, and not accessible to others. Note that @@ -897,7 +897,7 @@ does not start if these files are group/world-accessible. .It Pa /etc/ssh/ssh_host_dsa_key.pub .It Pa /etc/ssh/ssh_host_ecdsa_key.pub .It Pa /etc/ssh/ssh_host_rsa_key.pub -These three files contain the public parts of the host keys. +These files contain the public parts of the host keys. These files should be world-readable but writable only by root. Their contents should match the respective private parts.