tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-25 14:54:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

- stevesk@cvs.openbsd.org 2002/01/18 20:46:34

Browse Source 
[sshd.8]
     clarify Allow(Groups|Users) and Deny(Groups|Users); suggestion from
     allard@oceanpark.com; ok markus@
This commit is contained in:
Damien Miller 2002-01-22 23:33:45 +11:00
parent 4a8ed54361
commit df64a682f1
2 changed files with 16 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -207,6 +207,10 @@
- stevesk@cvs.openbsd.org 2002/01/18 18:14:17 - stevesk@cvs.openbsd.org 2002/01/18 18:14:17
[authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c] [authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c]
unneeded cast cleanup; ok markus@ unneeded cast cleanup; ok markus@
- stevesk@cvs.openbsd.org 2002/01/18 20:46:34
[sshd.8]
clarify Allow(Groups|Users) and Deny(Groups|Users); suggestion from
allard@oceanpark.com; ok markus@
20020121 20020121
- (djm) Rework ssh-rand-helper: - (djm) Rework ssh-rand-helper:
@ -7354,4 +7358,4 @@
- Wrote replacements for strlcpy and mkdtemp - Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1 - Released 1.0pre1
$Id: ChangeLog,v 1.1781 2002/01/22 12:33:31 djm Exp $ $Id: ChangeLog,v 1.1782 2002/01/22 12:33:45 djm Exp $

22
sshd.8
View File

@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd.8,v 1.162 2002/01/18 17:14:16 stevesk Exp $ .\" $OpenBSD: sshd.8,v 1.163 2002/01/18 20:46:34 stevesk Exp $
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSHD 8 .Dt SSHD 8
.Os .Os
@ -329,7 +329,7 @@ Specifies whether an AFS token may be forwarded to the server.
Default is Default is
.Dq yes . .Dq yes .
.It Cm AllowGroups .It Cm AllowGroups
This keyword can be followed by a list of group names, separated This keyword can be followed by a list of group name patterns, separated
by spaces. by spaces.
If specified, login is allowed only for users whose primary If specified, login is allowed only for users whose primary
group or supplementary group list matches one of the patterns. group or supplementary group list matches one of the patterns.
@ -339,7 +339,7 @@ and
can be used as can be used as
wildcards in the patterns. wildcards in the patterns.
Only group names are valid; a numerical group ID is not recognized. Only group names are valid; a numerical group ID is not recognized.
By default login is allowed regardless of the group list. By default, login is allowed for all groups.
.Pp .Pp
.It Cm AllowTcpForwarding .It Cm AllowTcpForwarding
Specifies whether TCP forwarding is permitted. Specifies whether TCP forwarding is permitted.
@ -350,7 +350,7 @@ users are also denied shell access, as they can always install their
own forwarders. own forwarders.
.Pp .Pp
.It Cm AllowUsers .It Cm AllowUsers
This keyword can be followed by a list of user names, separated This keyword can be followed by a list of user name patterns, separated
by spaces. by spaces.
If specified, login is allowed only for users names that If specified, login is allowed only for users names that
match one of the patterns. match one of the patterns.
@ -360,7 +360,7 @@ and
can be used as can be used as
wildcards in the patterns. wildcards in the patterns.
Only user names are valid; a numerical user ID is not recognized. Only user names are valid; a numerical user ID is not recognized.
By default login is allowed regardless of the user name. By default, login is allowed for all users.
If the pattern takes the form USER@HOST then USER and HOST If the pattern takes the form USER@HOST then USER and HOST
are separately checked, restricting logins to particular are separately checked, restricting logins to particular
users from particular hosts. users from particular hosts.
@ -435,20 +435,20 @@ The default value is 3. If
is left at the default, unresponsive ssh clients is left at the default, unresponsive ssh clients
will be disconnected after approximately 45 seconds. will be disconnected after approximately 45 seconds.
.It Cm DenyGroups .It Cm DenyGroups
This keyword can be followed by a number of group names, separated This keyword can be followed by a list of group name patterns, separated
by spaces. by spaces.
Users whose primary group or supplementary group list matches Login is disallowed for users whose primary group or supplementary
one of the patterns aren't allowed to log in. group list matches one of the patterns.
.Ql \&* .Ql \&*
and and
.Ql ? .Ql ?
can be used as can be used as
wildcards in the patterns. wildcards in the patterns.
Only group names are valid; a numerical group ID is not recognized. Only group names are valid; a numerical group ID is not recognized.
By default login is allowed regardless of the group list. By default, login is allowed for all groups.
.Pp .Pp
.It Cm DenyUsers .It Cm DenyUsers
This keyword can be followed by a number of user names, separated This keyword can be followed by a list of user name patterns, separated
by spaces. by spaces.
Login is disallowed for user names that match one of the patterns. Login is disallowed for user names that match one of the patterns.
.Ql \&* .Ql \&*
@ -456,7 +456,7 @@ and
.Ql ? .Ql ?
can be used as wildcards in the patterns. can be used as wildcards in the patterns.
Only user names are valid; a numerical user ID is not recognized. Only user names are valid; a numerical user ID is not recognized.
By default login is allowed regardless of the user name. By default, login is allowed for all users.
.It Cm GatewayPorts .It Cm GatewayPorts
Specifies whether remote hosts are allowed to connect to ports Specifies whether remote hosts are allowed to connect to ports
forwarded for the client. forwarded for the client.