- jmc@cvs.openbsd.org 2003/05/20 12:09:31

[ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1]
     new sentence, new line

ChangeLog

@@ -8,6 +8,9 @@
      - added .Xr's
      - typos
      ok djm@
+   - jmc@cvs.openbsd.org 2003/05/20 12:09:31
+     [ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1]
+     new sentence, new line
 
 20030520
  - (djm) OpenBSD CVS Sync
@@ -1596,4 +1599,4 @@
      save auth method before monitor_reset_key_state(); bugzilla bug #284;
      ok provos@
 
-$Id: ChangeLog,v 1.2746 2003/05/23 08:44:04 djm Exp $
+$Id: ChangeLog,v 1.2747 2003/05/23 08:44:23 djm Exp $

ssh-keygen.1

@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-keygen.1,v 1.57 2003/05/14 18:16:20 jakob Exp $
+.\"	$OpenBSD: ssh-keygen.1,v 1.58 2003/05/20 12:09:31 jmc Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -93,8 +93,8 @@ generates, manages and converts authentication keys for
 .Xr ssh 1 .
 .Nm
 can create RSA keys for use by SSH protocol version 1 and RSA or DSA
-keys for use by SSH protocol version 2. The type of key to be generated
+keys for use by SSH protocol version 2.
-is specified with the
+The type of key to be generated is specified with the
 .Fl t
 option.
 .Pp

ssh.1

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.171 2003/05/15 04:08:41 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.172 2003/05/20 12:09:31 jmc Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -488,8 +488,8 @@ It is possible to have multiple
 options (and multiple identities specified in
 configuration files).
 .It Fl I Ar smartcard_device
-Specifies which smartcard device to use. The argument is
+Specifies which smartcard device to use.
-the device
+The argument is the device
 .Nm
 should use to communicate with a smartcard used for storing the user's
 private RSA key.
@@ -542,9 +542,10 @@ per-host basis in the configuration file.
 Quiet mode.
 Causes all warning and diagnostic messages to be suppressed.
 .It Fl s
-May be used to request invocation of a subsystem on the remote system. Subsystems are a feature of the SSH2 protocol which facilitate the use
+May be used to request invocation of a subsystem on the remote system.
-of SSH as a secure transport for other applications (eg. sftp). The
+Subsystems are a feature of the SSH2 protocol which facilitate the use
-subsystem is specified as the remote command.
+of SSH as a secure transport for other applications (eg. sftp).
+The subsystem is specified as the remote command.
 .It Fl t
 Force pseudo-tty allocation.
 This can be used to execute arbitrary

ssh_config.5

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.10 2003/05/16 03:27:12 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.11 2003/05/20 12:09:32 jmc Exp $
 .Dd September 25, 1999
 .Dt SSH_CONFIG 5
 .Os
@@ -116,7 +116,8 @@ The host is the
 argument given on the command line (i.e., the name is not converted to
 a canonicalized host name before matching).
 .It Cm AddressFamily
-Specifies which address family to use when connecting. Valid arguments are
+Specifies which address family to use when connecting.
+Valid arguments are
 .Dq any ,
 .Dq inet
 (Use IPv4 only) or
@@ -236,9 +237,9 @@ This may be useful in scripts if the connection sometimes fails.
 The default is 1.
 .It Cm ConnectTimeout
 Specifies the timeout (in seconds) used when connecting to the ssh
-server, instead of using the default system TCP timeout. This value is 
+server, instead of using the default system TCP timeout.
-used only when the target is down or really unreachable, not when it
+This value is used only when the target is down or really unreachable,
-refuses the connection.
+not when it refuses the connection.
 .It Cm DynamicForward
 Specifies that a TCP/IP port on the local machine be forwarded
 over the secure channel, and the application
@@ -351,7 +352,8 @@ Numeric IP addresses are also permitted (both on the command line and in
 specifications).
 .It Cm IdentityFile
 Specifies a file from which the user's RSA or DSA authentication identity
-is read. The default is
+is read.
+The default is
 .Pa $HOME/.ssh/identity
 for protocol version 1, and
 .Pa $HOME/.ssh/id_rsa
@@ -448,7 +450,8 @@ Specifies the port number to connect on the remote host.
 Default is 22.
 .It Cm PreferredAuthentications
 Specifies the order in which the client should try protocol 2
-authentication methods. This allows a client to prefer one method (e.g.
+authentication methods.
+This allows a client to prefer one method (e.g.
 .Cm keyboard-interactive )
 over another method (e.g.
 .Cm password )
@@ -561,12 +564,12 @@ The default is
 .Dq yes .
 Note that this option applies to protocol version 1 only.
 .It Cm SmartcardDevice
-Specifies which smartcard device to use. The argument to this keyword is
+Specifies which smartcard device to use.
-the device
+The argument to this keyword is the device
 .Nm ssh
 should use to communicate with a smartcard used for storing the user's
-private RSA key. By default, no device is specified and smartcard support
+private RSA key.
-is not activated.
+By default, no device is specified and smartcard support is not activated.
 .It Cm StrictHostKeyChecking
 If this flag is set to
 .Dq yes ,

sshd.8

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.196 2003/04/30 20:41:07 david Exp $
+.\" $OpenBSD: sshd.8,v 1.197 2003/05/20 12:09:32 jmc Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -497,9 +497,9 @@ IPv6 addresses can be specified with an alternative syntax:
 .Ar host/port .
 Multiple
 .Cm permitopen
-options may be applied separated by commas. No pattern matching is
+options may be applied separated by commas.
-performed on the specified hostnames, they must be literal domains or
+No pattern matching is performed on the specified hostnames,
-addresses.
+they must be literal domains or addresses.
 .El
 .Ss Examples
 1024 33 12121.\|.\|.\|312314325 ylo@foo.bar
@@ -525,9 +525,9 @@ bits, exponent, modulus, comment.
 The fields are separated by spaces.
 .Pp
 Hostnames is a comma-separated list of patterns
-.Pf ( Ql \&* 
+.Pf ( Ql \&*
-and 
+and
-.Ql \&? 
+.Ql \&?
 act as
 wildcards); each pattern in turn is matched against the canonical host
 name (when authenticating a client) or against the user-supplied

sshd_config.5

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.16 2003/04/30 01:16:20 mouring Exp $
+.\" $OpenBSD: sshd_config.5,v 1.17 2003/05/20 12:09:32 jmc Exp $
 .Dd September 25, 1999
 .Dt SSHD_CONFIG 5
 .Os
@@ -107,7 +107,8 @@ Specifies the file that contains the public keys that can be used
 for user authentication.
 .Cm AuthorizedKeysFile
 may contain tokens of the form %T which are substituted during connection
-set-up. The following tokens are defined: %% is replaced by a literal '%',
+set-up.
+The following tokens are defined: %% is replaced by a literal '%',
 %h is replaced by the home directory of the user being authenticated and
 %u is replaced by the username of that user.
 After expansion,
@@ -153,20 +154,24 @@ This option applies to protocol version 2 only.
 Sets the number of client alive messages (see above) which may be
 sent without
 .Nm sshd
-receiving any messages back from the client. If this threshold is
+receiving any messages back from the client.
-reached while client alive messages are being sent,
+If this threshold is reached while client alive messages are being sent,
 .Nm sshd
-will disconnect the client, terminating the session. It is important
+will disconnect the client, terminating the session.
-to note that the use of client alive messages is very different from
+It is important to note that the use of client alive messages is very
+different from
 .Cm KeepAlive
-(below). The client alive messages are sent through the
+(below).
-encrypted channel and therefore will not be spoofable. The TCP keepalive
+The client alive messages are sent through the encrypted channel
-option enabled by
+and therefore will not be spoofable.
+The TCP keepalive option enabled by
 .Cm KeepAlive
-is spoofable. The client alive mechanism is valuable when the client or
+is spoofable.
+The client alive mechanism is valuable when the client or
 server depend on knowing when a connection has become inactive.
 .Pp
-The default value is 3. If
+The default value is 3.
+If
 .Cm ClientAliveInterval
 (above) is set to 15, and
 .Cm ClientAliveCountMax
@@ -369,11 +374,12 @@ is not specified,
 .Nm sshd
 will listen on the address and all prior
 .Cm Port
-options specified. The default is to listen on all local
+options specified.
-addresses.
+The default is to listen on all local addresses.
 Multiple
 .Cm ListenAddress
-options are permitted. Additionally, any
+options are permitted.
+Additionally, any
 .Cm Port
 options must precede this option for non port qualified addresses.
 .It Cm LoginGraceTime
@@ -454,8 +460,8 @@ but only if the
 .Ar command
 option has been specified
 (which may be useful for taking remote backups even if root login is
-normally not allowed). All other authentication methods are disabled
+normally not allowed).
-for root.
+All other authentication methods are disabled for root.
 .Pp
 If this option is set to
 .Dq no