tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- jmc@cvs.openbsd.org 2003/01/31 21:54:40 

[sshd.8]
     typos; sshd(8): help and ok markus@
     help and ok millert@
This commit is contained in:
Damien Miller 2003-02-24 11:52:26 +11:00
parent 2eb26e89c5
commit ffadc583f6
2 changed files with 24 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -16,6 +16,10 @@
- stevesk@cvs.openbsd.org 2003/01/28 17:24:51 - stevesk@cvs.openbsd.org 2003/01/28 17:24:51
[scp.1] [scp.1]
remove example not pertinent with -1 addition; ok markus@ remove example not pertinent with -1 addition; ok markus@
- jmc@cvs.openbsd.org 2003/01/31 21:54:40
[sshd.8]
typos; sshd(8): help and ok markus@
help and ok millert@
20030211 20030211
- (djm) Cygwin needs libcrypt too. Patch from vinschen@redhat.com - (djm) Cygwin needs libcrypt too. Patch from vinschen@redhat.com
@ -1116,4 +1120,4 @@
save auth method before monitor_reset_key_state(); bugzilla bug #284; save auth method before monitor_reset_key_state(); bugzilla bug #284;
ok provos@ ok provos@
$Id: ChangeLog,v 1.2597 2003/02/24 00:51:32 djm Exp $ $Id: ChangeLog,v 1.2598 2003/02/24 00:52:26 djm Exp $

31
sshd.8
View File

@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd.8,v 1.193 2002/09/24 20:59:44 todd Exp $ .\" $OpenBSD: sshd.8,v 1.194 2003/01/31 21:54:40 jmc Exp $
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSHD 8 .Dt SSHD 8
.Os .Os
@ -43,6 +43,7 @@
.Nd OpenSSH SSH daemon .Nd OpenSSH SSH daemon
.Sh SYNOPSIS .Sh SYNOPSIS
.Nm sshd .Nm sshd
.Bk -words
.Op Fl deiqtD46 .Op Fl deiqtD46
.Op Fl b Ar bits .Op Fl b Ar bits
.Op Fl f Ar config_file .Op Fl f Ar config_file
@ -52,6 +53,7 @@
.Op Fl o Ar option .Op Fl o Ar option
.Op Fl p Ar port .Op Fl p Ar port
.Op Fl u Ar len .Op Fl u Ar len
.Ek
.Sh DESCRIPTION .Sh DESCRIPTION
.Nm .Nm
(SSH Daemon) is the daemon program for (SSH Daemon) is the daemon program for
@ -75,7 +77,7 @@ This implementation of
.Nm .Nm
supports both SSH protocol version 1 and 2 simultaneously. supports both SSH protocol version 1 and 2 simultaneously.
.Nm .Nm
works as follows. works as follows:
.Pp .Pp
.Ss SSH protocol version 1 .Ss SSH protocol version 1
.Pp .Pp
@ -86,7 +88,7 @@ the daemon starts, it generates a server RSA key (normally 768 bits).
This key is normally regenerated every hour if it has been used, and This key is normally regenerated every hour if it has been used, and
is never stored on disk. is never stored on disk.
.Pp .Pp
Whenever a client connects the daemon responds with its public Whenever a client connects, the daemon responds with its public
host and server keys. host and server keys.
The client compares the The client compares the
RSA host key against its own database to verify that it has not changed. RSA host key against its own database to verify that it has not changed.
@ -119,7 +121,7 @@ System security is not improved unless
.Nm rshd , .Nm rshd ,
.Nm rlogind , .Nm rlogind ,
and and
.Xr rexecd .Nm rexecd
are disabled (thus completely disabling are disabled (thus completely disabling
.Xr rlogin .Xr rlogin
and and
@ -189,7 +191,9 @@ The server sends verbose debug output to the system
log, and does not put itself in the background. log, and does not put itself in the background.
The server also will not fork and will only process one connection. The server also will not fork and will only process one connection.
This option is only intended for debugging for the server. This option is only intended for debugging for the server.
Multiple -d options increase the debugging level. Multiple
.Fl d
options increase the debugging level.
Maximum is 3. Maximum is 3.
.It Fl e .It Fl e
When this option is specified, When this option is specified,
@ -225,7 +229,8 @@ the different protocol versions and host key algorithms.
.It Fl i .It Fl i
Specifies that Specifies that
.Nm .Nm
is being run from inetd. is being run from
.Xr inetd 8 .
.Nm .Nm
is normally not run is normally not run
from inetd because it needs to generate the server key before it can from inetd because it needs to generate the server key before it can
@ -282,7 +287,7 @@ should be put into the
.Pa utmp .Pa utmp
file. file.
.Fl u0 .Fl u0
is also be used to prevent may also be used to prevent
.Nm .Nm
from making DNS requests unless the authentication from making DNS requests unless the authentication
mechanism or configuration requires it. mechanism or configuration requires it.
@ -446,7 +451,7 @@ authentication.
The command supplied by the user (if any) is ignored. The command supplied by the user (if any) is ignored.
The command is run on a pty if the client requests a pty; The command is run on a pty if the client requests a pty;
otherwise it is run without a tty. otherwise it is run without a tty.
If a 8-bit clean channel is required, If an 8-bit clean channel is required,
one must not request a pty or should specify one must not request a pty or should specify
.Cm no-pty . .Cm no-pty .
A quote may be included in the command by quoting it with a backslash. A quote may be included in the command by quoting it with a backslash.
@ -506,7 +511,7 @@ command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hu
permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323 permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323
.Sh SSH_KNOWN_HOSTS FILE FORMAT .Sh SSH_KNOWN_HOSTS FILE FORMAT
The The
.Pa /etc/ssh/ssh_known_hosts , .Pa /etc/ssh/ssh_known_hosts
and and
.Pa $HOME/.ssh/known_hosts .Pa $HOME/.ssh/known_hosts
files contain host public keys for all known hosts. files contain host public keys for all known hosts.
@ -627,7 +632,7 @@ These files should be writable only by root/the owner.
.Pa /etc/ssh/ssh_known_hosts .Pa /etc/ssh/ssh_known_hosts
should be world-readable, and should be world-readable, and
.Pa $HOME/.ssh/known_hosts .Pa $HOME/.ssh/known_hosts
can but need not be world-readable. can, but need not be, world-readable.
.It Pa /etc/nologin .It Pa /etc/nologin
If this file exists, If this file exists,
.Nm .Nm
@ -644,7 +649,7 @@ Further details are described in
This file contains host-username pairs, separated by a space, one per This file contains host-username pairs, separated by a space, one per
line. line.
The given user on the corresponding host is permitted to log in The given user on the corresponding host is permitted to log in
without password. without a password.
The same file is used by rlogind and rshd. The same file is used by rlogind and rshd.
The file must The file must
be writable only by the user; it is recommended that it not be be writable only by the user; it is recommended that it not be
@ -713,7 +718,9 @@ controlled via the
.Cm PermitUserEnvironment .Cm PermitUserEnvironment
option. option.
.It Pa $HOME/.ssh/rc .It Pa $HOME/.ssh/rc
If this file exists, it is run with /bin/sh after reading the If this file exists, it is run with
.Pa /bin/sh
after reading the
environment files but before starting the user's shell or command. environment files but before starting the user's shell or command.
It must not produce any output on stdout; stderr must be used It must not produce any output on stdout; stderr must be used
instead. instead.