- markus@cvs.openbsd.org 2002/01/29 14:32:03
[auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c servconf.c servconf.h session.c sshd.8 sshd_config] s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@
This commit is contained in:
parent
43cba34b64
commit
c5d8635d6a
|
@ -31,6 +31,11 @@
|
||||||
- markus@cvs.openbsd.org 2002/01/29 14:27:57
|
- markus@cvs.openbsd.org 2002/01/29 14:27:57
|
||||||
[ssh-add.c]
|
[ssh-add.c]
|
||||||
exit 2 if no agent, exit 1 if list fails; debian#61078; ok djm@
|
exit 2 if no agent, exit 1 if list fails; debian#61078; ok djm@
|
||||||
|
- markus@cvs.openbsd.org 2002/01/29 14:32:03
|
||||||
|
[auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c]
|
||||||
|
[servconf.c servconf.h session.c sshd.8 sshd_config]
|
||||||
|
s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion;
|
||||||
|
ok stevesk@
|
||||||
|
|
||||||
20020130
|
20020130
|
||||||
- (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@
|
- (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@
|
||||||
|
@ -7433,4 +7438,4 @@
|
||||||
- Wrote replacements for strlcpy and mkdtemp
|
- Wrote replacements for strlcpy and mkdtemp
|
||||||
- Released 1.0pre1
|
- Released 1.0pre1
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.1807 2002/02/05 01:12:49 djm Exp $
|
$Id: ChangeLog,v 1.1808 2002/02/05 01:13:41 djm Exp $
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth-options.c,v 1.20 2001/08/30 20:36:34 stevesk Exp $");
|
RCSID("$OpenBSD: auth-options.c,v 1.21 2002/01/29 14:32:03 markus Exp $");
|
||||||
|
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
|
@ -170,7 +170,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
|
||||||
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
|
if (strncasecmp(opts, cp, strlen(cp)) == 0) {
|
||||||
const char *remote_ip = get_remote_ipaddr();
|
const char *remote_ip = get_remote_ipaddr();
|
||||||
const char *remote_host = get_canonical_hostname(
|
const char *remote_host = get_canonical_hostname(
|
||||||
options.reverse_mapping_check);
|
options.verify_reverse_mapping);
|
||||||
char *patterns = xmalloc(strlen(opts) + 1);
|
char *patterns = xmalloc(strlen(opts) + 1);
|
||||||
|
|
||||||
opts += strlen(cp);
|
opts += strlen(cp);
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth-rh-rsa.c,v 1.27 2001/12/27 19:54:53 markus Exp $");
|
RCSID("$OpenBSD: auth-rh-rsa.c,v 1.28 2002/01/29 14:32:03 markus Exp $");
|
||||||
|
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
|
@ -48,7 +48,7 @@ auth_rhosts_rsa(struct passwd *pw, const char *client_user, Key *client_host_key
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
canonical_hostname = get_canonical_hostname(
|
canonical_hostname = get_canonical_hostname(
|
||||||
options.reverse_mapping_check);
|
options.verify_reverse_mapping);
|
||||||
|
|
||||||
debug("Rhosts RSA authentication: canonical host %.900s", canonical_hostname);
|
debug("Rhosts RSA authentication: canonical host %.900s", canonical_hostname);
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth-rhosts.c,v 1.25 2001/12/19 07:18:56 deraadt Exp $");
|
RCSID("$OpenBSD: auth-rhosts.c,v 1.26 2002/01/29 14:32:03 markus Exp $");
|
||||||
|
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
|
@ -156,7 +156,7 @@ auth_rhosts(struct passwd *pw, const char *client_user)
|
||||||
const char *hostname, *ipaddr;
|
const char *hostname, *ipaddr;
|
||||||
int ret;
|
int ret;
|
||||||
|
|
||||||
hostname = get_canonical_hostname(options.reverse_mapping_check);
|
hostname = get_canonical_hostname(options.verify_reverse_mapping);
|
||||||
ipaddr = get_remote_ipaddr();
|
ipaddr = get_remote_ipaddr();
|
||||||
ret = auth_rhosts2(pw, client_user, hostname, ipaddr);
|
ret = auth_rhosts2(pw, client_user, hostname, ipaddr);
|
||||||
return ret;
|
return ret;
|
||||||
|
|
4
auth.c
4
auth.c
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth.c,v 1.31 2001/12/19 07:18:56 deraadt Exp $");
|
RCSID("$OpenBSD: auth.c,v 1.32 2002/01/29 14:32:03 markus Exp $");
|
||||||
|
|
||||||
#ifdef HAVE_LOGIN_H
|
#ifdef HAVE_LOGIN_H
|
||||||
#include <login.h>
|
#include <login.h>
|
||||||
|
@ -111,7 +111,7 @@ allowed_user(struct passwd * pw)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (options.num_deny_users > 0 || options.num_allow_users > 0) {
|
if (options.num_deny_users > 0 || options.num_allow_users > 0) {
|
||||||
hostname = get_canonical_hostname(options.reverse_mapping_check);
|
hostname = get_canonical_hostname(options.verify_reverse_mapping);
|
||||||
ipaddr = get_remote_ipaddr();
|
ipaddr = get_remote_ipaddr();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
4
auth2.c
4
auth2.c
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: auth2.c,v 1.82 2002/01/13 17:57:37 markus Exp $");
|
RCSID("$OpenBSD: auth2.c,v 1.83 2002/01/29 14:32:03 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
|
||||||
|
@ -743,7 +743,7 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
|
||||||
HostStatus host_status;
|
HostStatus host_status;
|
||||||
int len;
|
int len;
|
||||||
|
|
||||||
resolvedname = get_canonical_hostname(options.reverse_mapping_check);
|
resolvedname = get_canonical_hostname(options.verify_reverse_mapping);
|
||||||
ipaddr = get_remote_ipaddr();
|
ipaddr = get_remote_ipaddr();
|
||||||
|
|
||||||
debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s",
|
debug2("userauth_hostbased: chost %s resolvedname %s ipaddr %s",
|
||||||
|
|
20
canohost.c
20
canohost.c
|
@ -12,7 +12,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: canohost.c,v 1.29 2001/12/19 07:18:56 deraadt Exp $");
|
RCSID("$OpenBSD: canohost.c,v 1.30 2002/01/29 14:32:03 markus Exp $");
|
||||||
|
|
||||||
#include "packet.h"
|
#include "packet.h"
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
|
@ -27,7 +27,7 @@ static void check_ip_options(int, char *);
|
||||||
*/
|
*/
|
||||||
|
|
||||||
static char *
|
static char *
|
||||||
get_remote_hostname(int socket, int reverse_mapping_check)
|
get_remote_hostname(int socket, int verify_reverse_mapping)
|
||||||
{
|
{
|
||||||
struct sockaddr_storage from;
|
struct sockaddr_storage from;
|
||||||
int i;
|
int i;
|
||||||
|
@ -90,7 +90,7 @@ get_remote_hostname(int socket, int reverse_mapping_check)
|
||||||
if (isupper(name[i]))
|
if (isupper(name[i]))
|
||||||
name[i] = tolower(name[i]);
|
name[i] = tolower(name[i]);
|
||||||
|
|
||||||
if (!reverse_mapping_check)
|
if (!verify_reverse_mapping)
|
||||||
return xstrdup(name);
|
return xstrdup(name);
|
||||||
/*
|
/*
|
||||||
* Map it back to an IP address and check that the given
|
* Map it back to an IP address and check that the given
|
||||||
|
@ -174,14 +174,14 @@ check_ip_options(int socket, char *ipaddr)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
const char *
|
const char *
|
||||||
get_canonical_hostname(int reverse_mapping_check)
|
get_canonical_hostname(int verify_reverse_mapping)
|
||||||
{
|
{
|
||||||
static char *canonical_host_name = NULL;
|
static char *canonical_host_name = NULL;
|
||||||
static int reverse_mapping_checked = 0;
|
static int verify_reverse_mapping_done = 0;
|
||||||
|
|
||||||
/* Check if we have previously retrieved name with same option. */
|
/* Check if we have previously retrieved name with same option. */
|
||||||
if (canonical_host_name != NULL) {
|
if (canonical_host_name != NULL) {
|
||||||
if (reverse_mapping_checked != reverse_mapping_check)
|
if (verify_reverse_mapping_done != verify_reverse_mapping)
|
||||||
xfree(canonical_host_name);
|
xfree(canonical_host_name);
|
||||||
else
|
else
|
||||||
return canonical_host_name;
|
return canonical_host_name;
|
||||||
|
@ -190,11 +190,11 @@ get_canonical_hostname(int reverse_mapping_check)
|
||||||
/* Get the real hostname if socket; otherwise return UNKNOWN. */
|
/* Get the real hostname if socket; otherwise return UNKNOWN. */
|
||||||
if (packet_connection_is_on_socket())
|
if (packet_connection_is_on_socket())
|
||||||
canonical_host_name = get_remote_hostname(
|
canonical_host_name = get_remote_hostname(
|
||||||
packet_get_connection_in(), reverse_mapping_check);
|
packet_get_connection_in(), verify_reverse_mapping);
|
||||||
else
|
else
|
||||||
canonical_host_name = xstrdup("UNKNOWN");
|
canonical_host_name = xstrdup("UNKNOWN");
|
||||||
|
|
||||||
reverse_mapping_checked = reverse_mapping_check;
|
verify_reverse_mapping_done = verify_reverse_mapping;
|
||||||
return canonical_host_name;
|
return canonical_host_name;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -281,11 +281,11 @@ get_remote_ipaddr(void)
|
||||||
}
|
}
|
||||||
|
|
||||||
const char *
|
const char *
|
||||||
get_remote_name_or_ip(u_int utmp_len, int reverse_mapping_check)
|
get_remote_name_or_ip(u_int utmp_len, int verify_reverse_mapping)
|
||||||
{
|
{
|
||||||
static const char *remote = "";
|
static const char *remote = "";
|
||||||
if (utmp_len > 0)
|
if (utmp_len > 0)
|
||||||
remote = get_canonical_hostname(reverse_mapping_check);
|
remote = get_canonical_hostname(verify_reverse_mapping);
|
||||||
if (utmp_len == 0 || strlen(remote) > utmp_len)
|
if (utmp_len == 0 || strlen(remote) > utmp_len)
|
||||||
remote = get_remote_ipaddr();
|
remote = get_remote_ipaddr();
|
||||||
return remote;
|
return remote;
|
||||||
|
|
17
servconf.c
17
servconf.c
|
@ -10,7 +10,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: servconf.c,v 1.99 2002/01/27 14:57:46 stevesk Exp $");
|
RCSID("$OpenBSD: servconf.c,v 1.100 2002/01/29 14:32:03 markus Exp $");
|
||||||
|
|
||||||
#if defined(KRB4) || defined(KRB5)
|
#if defined(KRB4) || defined(KRB5)
|
||||||
#include <krb.h>
|
#include <krb.h>
|
||||||
|
@ -105,7 +105,7 @@ initialize_server_options(ServerOptions *options)
|
||||||
options->max_startups_rate = -1;
|
options->max_startups_rate = -1;
|
||||||
options->max_startups = -1;
|
options->max_startups = -1;
|
||||||
options->banner = NULL;
|
options->banner = NULL;
|
||||||
options->reverse_mapping_check = -1;
|
options->verify_reverse_mapping = -1;
|
||||||
options->client_alive_interval = -1;
|
options->client_alive_interval = -1;
|
||||||
options->client_alive_count_max = -1;
|
options->client_alive_count_max = -1;
|
||||||
options->authorized_keys_file = NULL;
|
options->authorized_keys_file = NULL;
|
||||||
|
@ -220,8 +220,8 @@ fill_default_server_options(ServerOptions *options)
|
||||||
options->max_startups_rate = 100; /* 100% */
|
options->max_startups_rate = 100; /* 100% */
|
||||||
if (options->max_startups_begin == -1)
|
if (options->max_startups_begin == -1)
|
||||||
options->max_startups_begin = options->max_startups;
|
options->max_startups_begin = options->max_startups;
|
||||||
if (options->reverse_mapping_check == -1)
|
if (options->verify_reverse_mapping == -1)
|
||||||
options->reverse_mapping_check = 0;
|
options->verify_reverse_mapping = 0;
|
||||||
if (options->client_alive_interval == -1)
|
if (options->client_alive_interval == -1)
|
||||||
options->client_alive_interval = 0;
|
options->client_alive_interval = 0;
|
||||||
if (options->client_alive_count_max == -1)
|
if (options->client_alive_count_max == -1)
|
||||||
|
@ -264,7 +264,7 @@ typedef enum {
|
||||||
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
|
sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
|
||||||
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
|
sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
|
||||||
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
|
sGatewayPorts, sPubkeyAuthentication, sXAuthLocation, sSubsystem, sMaxStartups,
|
||||||
sBanner, sReverseMappingCheck, sHostbasedAuthentication,
|
sBanner, sVerifyReverseMapping, sHostbasedAuthentication,
|
||||||
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
|
sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
|
||||||
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
|
sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
|
||||||
sDeprecated
|
sDeprecated
|
||||||
|
@ -336,7 +336,8 @@ static struct {
|
||||||
{ "subsystem", sSubsystem },
|
{ "subsystem", sSubsystem },
|
||||||
{ "maxstartups", sMaxStartups },
|
{ "maxstartups", sMaxStartups },
|
||||||
{ "banner", sBanner },
|
{ "banner", sBanner },
|
||||||
{ "reversemappingcheck", sReverseMappingCheck },
|
{ "verifyreversemapping", sVerifyReverseMapping },
|
||||||
|
{ "reversemappingcheck", sVerifyReverseMapping },
|
||||||
{ "clientaliveinterval", sClientAliveInterval },
|
{ "clientaliveinterval", sClientAliveInterval },
|
||||||
{ "clientalivecountmax", sClientAliveCountMax },
|
{ "clientalivecountmax", sClientAliveCountMax },
|
||||||
{ "authorizedkeysfile", sAuthorizedKeysFile },
|
{ "authorizedkeysfile", sAuthorizedKeysFile },
|
||||||
|
@ -687,8 +688,8 @@ parse_flag:
|
||||||
intptr = &options->gateway_ports;
|
intptr = &options->gateway_ports;
|
||||||
goto parse_flag;
|
goto parse_flag;
|
||||||
|
|
||||||
case sReverseMappingCheck:
|
case sVerifyReverseMapping:
|
||||||
intptr = &options->reverse_mapping_check;
|
intptr = &options->verify_reverse_mapping;
|
||||||
goto parse_flag;
|
goto parse_flag;
|
||||||
|
|
||||||
case sLogFacility:
|
case sLogFacility:
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
* called by a name other than "ssh" or "Secure Shell".
|
* called by a name other than "ssh" or "Secure Shell".
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$OpenBSD: servconf.h,v 1.52 2002/01/27 14:57:46 stevesk Exp $"); */
|
/* RCSID("$OpenBSD: servconf.h,v 1.53 2002/01/29 14:32:03 markus Exp $"); */
|
||||||
|
|
||||||
#ifndef SERVCONF_H
|
#ifndef SERVCONF_H
|
||||||
#define SERVCONF_H
|
#define SERVCONF_H
|
||||||
|
@ -116,7 +116,7 @@ typedef struct {
|
||||||
int max_startups_rate;
|
int max_startups_rate;
|
||||||
int max_startups;
|
int max_startups;
|
||||||
char *banner; /* SSH-2 banner message */
|
char *banner; /* SSH-2 banner message */
|
||||||
int reverse_mapping_check; /* cross-check ip and dns */
|
int verify_reverse_mapping; /* cross-check ip and dns */
|
||||||
int client_alive_interval; /*
|
int client_alive_interval; /*
|
||||||
* poke the client this often to
|
* poke the client this often to
|
||||||
* see if it's still there
|
* see if it's still there
|
||||||
|
|
|
@ -33,7 +33,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: session.c,v 1.119 2002/01/27 14:57:46 stevesk Exp $");
|
RCSID("$OpenBSD: session.c,v 1.120 2002/01/29 14:32:03 markus Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "ssh1.h"
|
#include "ssh1.h"
|
||||||
|
@ -717,7 +717,7 @@ do_login(Session *s, const char *command)
|
||||||
|
|
||||||
/* Record that there was a login on that tty from the remote host. */
|
/* Record that there was a login on that tty from the remote host. */
|
||||||
record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
|
record_login(pid, s->tty, pw->pw_name, pw->pw_uid,
|
||||||
get_remote_name_or_ip(utmp_len, options.reverse_mapping_check),
|
get_remote_name_or_ip(utmp_len, options.verify_reverse_mapping),
|
||||||
(struct sockaddr *)&from);
|
(struct sockaddr *)&from);
|
||||||
|
|
||||||
#ifdef USE_PAM
|
#ifdef USE_PAM
|
||||||
|
@ -1287,7 +1287,7 @@ do_child(Session *s, const char *command)
|
||||||
/* we have to stash the hostname before we close our socket. */
|
/* we have to stash the hostname before we close our socket. */
|
||||||
if (options.use_login)
|
if (options.use_login)
|
||||||
hostname = get_remote_name_or_ip(utmp_len,
|
hostname = get_remote_name_or_ip(utmp_len,
|
||||||
options.reverse_mapping_check);
|
options.verify_reverse_mapping);
|
||||||
/*
|
/*
|
||||||
* Close the connection descriptors; note that this is the child, and
|
* Close the connection descriptors; note that this is the child, and
|
||||||
* the server will still have the socket open, and it is important
|
* the server will still have the socket open, and it is important
|
||||||
|
|
18
sshd.8
18
sshd.8
|
@ -34,7 +34,7 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $OpenBSD: sshd.8,v 1.164 2002/01/27 14:57:46 stevesk Exp $
|
.\" $OpenBSD: sshd.8,v 1.165 2002/01/29 14:32:03 markus Exp $
|
||||||
.Dd September 25, 1999
|
.Dd September 25, 1999
|
||||||
.Dt SSHD 8
|
.Dt SSHD 8
|
||||||
.Os
|
.Os
|
||||||
|
@ -766,14 +766,6 @@ Specifies whether public key authentication is allowed.
|
||||||
The default is
|
The default is
|
||||||
.Dq yes .
|
.Dq yes .
|
||||||
Note that this option applies to protocol version 2 only.
|
Note that this option applies to protocol version 2 only.
|
||||||
.It Cm ReverseMappingCheck
|
|
||||||
Specifies whether
|
|
||||||
.Nm
|
|
||||||
should try to verify the remote host name and check that
|
|
||||||
the resolved host name for the remote IP address maps back to the
|
|
||||||
very same IP address.
|
|
||||||
The default is
|
|
||||||
.Dq no .
|
|
||||||
.It Cm RhostsAuthentication
|
.It Cm RhostsAuthentication
|
||||||
Specifies whether authentication using rhosts or /etc/hosts.equiv
|
Specifies whether authentication using rhosts or /etc/hosts.equiv
|
||||||
files is sufficient.
|
files is sufficient.
|
||||||
|
@ -841,6 +833,14 @@ will be disabled because
|
||||||
does not know how to handle
|
does not know how to handle
|
||||||
.Xr xauth 1
|
.Xr xauth 1
|
||||||
cookies.
|
cookies.
|
||||||
|
.It Cm VerifyReverseMapping
|
||||||
|
Specifies whether
|
||||||
|
.Nm
|
||||||
|
should try to verify the remote host name and check that
|
||||||
|
the resolved host name for the remote IP address maps back to the
|
||||||
|
very same IP address.
|
||||||
|
The default is
|
||||||
|
.Dq no .
|
||||||
.It Cm X11DisplayOffset
|
.It Cm X11DisplayOffset
|
||||||
Specifies the first display number available for
|
Specifies the first display number available for
|
||||||
.Nm sshd Ns 's
|
.Nm sshd Ns 's
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# $OpenBSD: sshd_config,v 1.45 2002/01/27 14:57:46 stevesk Exp $
|
# $OpenBSD: sshd_config,v 1.46 2002/01/29 14:32:03 markus Exp $
|
||||||
|
|
||||||
# This is the sshd server system-wide configuration file. See sshd(8)
|
# This is the sshd server system-wide configuration file. See sshd(8)
|
||||||
# for more information.
|
# for more information.
|
||||||
|
@ -86,7 +86,7 @@
|
||||||
#MaxStartups 10
|
#MaxStartups 10
|
||||||
# no default banner path
|
# no default banner path
|
||||||
#Banner /some/path
|
#Banner /some/path
|
||||||
#ReverseMappingCheck no
|
#VerifyReverseMapping no
|
||||||
|
|
||||||
# override default of no subsystems
|
# override default of no subsystems
|
||||||
Subsystem sftp /usr/libexec/sftp-server
|
Subsystem sftp /usr/libexec/sftp-server
|
||||||
|
|
Loading…
Reference in New Issue