- jmc@cvs.openbsd.org 2006/02/19 19:52:10
[sshd.8]
move the sshrc stuff out of FILES, and into its own section:
FILES is not a good place to document how stuff works;
This commit is contained in:
Damien Miller
parent
adc35b9583
commit
fd725cf585
|
|
@ -119,6 +119,10 @@
|
|||
- jmc@cvs.openbsd.org 2006/02/16 09:05:34
|
||||
[sshd.8]
|
||||
sync some of the FILES entries w/ ssh.1;
|
||||
- jmc@cvs.openbsd.org 2006/02/19 19:52:10
|
||||
[sshd.8]
|
||||
move the sshrc stuff out of FILES, and into its own section:
|
||||
FILES is not a good place to document how stuff works;
|
||||
|
||||
20060313
|
||||
- (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
|
||||
|
|
@ -4020,4 +4024,4 @@
|
|||
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
|
||||
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
|
||||
|
||||
$Id: ChangeLog,v 1.4173 2006/03/15 00:35:27 djm Exp $
|
||||
$Id: ChangeLog,v 1.4174 2006/03/15 00:35:54 djm Exp $
|
||||
|
|
|
|||
95
sshd.8
95
sshd.8
|
|
@ -34,7 +34,7 @@
|
|||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: sshd.8,v 1.225 2006/02/16 09:05:34 jmc Exp $
|
||||
.\" $OpenBSD: sshd.8,v 1.226 2006/02/19 19:52:10 jmc Exp $
|
||||
.Dd September 25, 1999
|
||||
.Dt SSHD 8
|
||||
.Os
|
||||
|
|
@ -370,9 +370,54 @@ The
|
|||
.Dq rc
|
||||
files are given the X11
|
||||
authentication protocol and cookie in standard input.
|
||||
See
|
||||
.Sx SSHRC ,
|
||||
below.
|
||||
.It
|
||||
Runs user's shell or command.
|
||||
.El
|
||||
.Sh SSHRC
|
||||
If the file
|
||||
.Pa ~/.ssh/rc
|
||||
exists,
|
||||
.Xr sh 1
|
||||
runs it after reading the
|
||||
environment files but before starting the user's shell or command.
|
||||
It must not produce any output on stdout; stderr must be used
|
||||
instead.
|
||||
If X11 forwarding is in use, it will receive the "proto cookie" pair in
|
||||
its standard input (and
|
||||
.Ev DISPLAY
|
||||
in its environment).
|
||||
The script must call
|
||||
.Xr xauth 1
|
||||
because
|
||||
.Nm
|
||||
will not run xauth automatically to add X11 cookies.
|
||||
.Pp
|
||||
The primary purpose of this file is to run any initialization routines
|
||||
which may be needed before the user's home directory becomes
|
||||
accessible; AFS is a particular example of such an environment.
|
||||
.Pp
|
||||
This file will probably contain some initialization code followed by
|
||||
something similar to:
|
||||
.Bd -literal -offset 3n
|
||||
if read proto cookie && [ -n "$DISPLAY" ]; then
|
||||
if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
|
||||
# X11UseLocalhost=yes
|
||||
echo add unix:`echo $DISPLAY |
|
||||
cut -c11-` $proto $cookie
|
||||
else
|
||||
# X11UseLocalhost=no
|
||||
echo add $DISPLAY $proto $cookie
|
||||
fi | xauth -q -
|
||||
fi
|
||||
.Ed
|
||||
.Pp
|
||||
If this file does not exist,
|
||||
.Pa /etc/ssh/sshrc
|
||||
is run, and if that
|
||||
does not exist either, xauth is used to add the cookie.
|
||||
.Sh AUTHORIZED_KEYS FILE FORMAT
|
||||
.Cm AuthorizedKeysFile
|
||||
specifies the file containing public keys for
|
||||
|
|
@ -651,46 +696,8 @@ This file should be writable only by root/the owner and
|
|||
can, but need not be, world-readable.
|
||||
.Pp
|
||||
.It ~/.ssh/rc
|
||||
If this file exists, it is run with
|
||||
.Pa /bin/sh
|
||||
after reading the
|
||||
environment files but before starting the user's shell or command.
|
||||
It must not produce any output on stdout; stderr must be used
|
||||
instead.
|
||||
If X11 forwarding is in use, it will receive the "proto cookie" pair in
|
||||
its standard input (and
|
||||
.Ev DISPLAY
|
||||
in its environment).
|
||||
The script must call
|
||||
.Xr xauth 1
|
||||
because
|
||||
.Nm
|
||||
will not run xauth automatically to add X11 cookies.
|
||||
.Pp
|
||||
The primary purpose of this file is to run any initialization routines
|
||||
which may be needed before the user's home directory becomes
|
||||
accessible; AFS is a particular example of such an environment.
|
||||
.Pp
|
||||
This file will probably contain some initialization code followed by
|
||||
something similar to:
|
||||
.Bd -literal
|
||||
if read proto cookie && [ -n "$DISPLAY" ]; then
|
||||
if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
|
||||
# X11UseLocalhost=yes
|
||||
echo add unix:`echo $DISPLAY |
|
||||
cut -c11-` $proto $cookie
|
||||
else
|
||||
# X11UseLocalhost=no
|
||||
echo add $DISPLAY $proto $cookie
|
||||
fi | xauth -q -
|
||||
fi
|
||||
.Ed
|
||||
.Pp
|
||||
If this file does not exist,
|
||||
.Pa /etc/ssh/sshrc
|
||||
is run, and if that
|
||||
does not exist either, xauth is used to add the cookie.
|
||||
.Pp
|
||||
Contains initialization routines to be run before
|
||||
the user's home directory becomes accessible.
|
||||
This file should be writable only by the user, and need not be
|
||||
readable by anyone else.
|
||||
.Pp
|
||||
|
|
@ -802,9 +809,9 @@ The file format and configuration options are described in
|
|||
.Xr sshd_config 5 .
|
||||
.Pp
|
||||
.It /etc/ssh/sshrc
|
||||
Like
|
||||
.Pa ~/.ssh/rc .
|
||||
This can be used to specify
|
||||
Similar to
|
||||
.Pa ~/.ssh/rc ,
|
||||
it can be used to specify
|
||||
machine-specific login-time initializations globally.
|
||||
This file should be writable only by root, and should be world-readable.
|
||||
.Pp
|
||||
|
|
|
|||
Loading…
Reference in New Issue