1 # This change is Solaris-specific and thus is not being contributed back |
|
2 # to the upstream community. Details: |
|
3 # |
|
4 # OpenSSH uses the BSD/Linux man page scheme which is different from the SysV |
|
5 # man page scheme used in Solaris. In order to comply to the Solaris man page |
|
6 # policy and also use the IPS mediator to switch between SunSSH and OpenSSH man |
|
7 # pages, the section numbers of some OpenSSH man pages are changed to be the |
|
8 # same as their corresponding ones in SunSSH. |
|
9 # |
|
10 diff -pur old/moduli.5 new/moduli.5 |
|
11 --- old/moduli.5 |
|
12 +++ new/moduli.5 |
|
13 @@ -14,7 +14,7 @@ |
|
14 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
|
15 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
|
16 .Dd $Mdocdate: September 26 2012 $ |
|
17 -.Dt MODULI 5 |
|
18 +.Dt MODULI 4 |
|
19 .Os |
|
20 .Sh NAME |
|
21 .Nm moduli |
|
22 @@ -23,7 +23,7 @@ |
|
23 The |
|
24 .Pa /etc/moduli |
|
25 file contains prime numbers and generators for use by |
|
26 -.Xr sshd 8 |
|
27 +.Xr sshd 1M |
|
28 in the Diffie-Hellman Group Exchange key exchange method. |
|
29 .Pp |
|
30 New moduli may be generated with |
|
31 @@ -40,7 +40,7 @@ pass, using |
|
32 .Ic ssh-keygen -T , |
|
33 provides a high degree of assurance that the numbers are prime and are |
|
34 safe for use in Diffie-Hellman operations by |
|
35 -.Xr sshd 8 . |
|
36 +.Xr sshd 1M . |
|
37 This |
|
38 .Nm |
|
39 format is used as the output from each pass. |
|
40 @@ -70,7 +70,7 @@ are Sophie Germain primes (type 4). |
|
41 Further primality testing with |
|
42 .Xr ssh-keygen 1 |
|
43 produces safe prime moduli (type 2) that are ready for use in |
|
44 -.Xr sshd 8 . |
|
45 +.Xr sshd 1M . |
|
46 Other types are not used by OpenSSH. |
|
47 .It tests |
|
48 Decimal number indicating the type of primality tests that the number |
|
49 @@ -105,16 +105,16 @@ The modulus itself in hexadecimal. |
|
50 .El |
|
51 .Pp |
|
52 When performing Diffie-Hellman Group Exchange, |
|
53 -.Xr sshd 8 |
|
54 +.Xr sshd 1M |
|
55 first estimates the size of the modulus required to produce enough |
|
56 Diffie-Hellman output to sufficiently key the selected symmetric cipher. |
|
57 -.Xr sshd 8 |
|
58 +.Xr sshd 1M |
|
59 then randomly selects a modulus from |
|
60 .Fa /etc/moduli |
|
61 that best meets the size requirement. |
|
62 .Sh SEE ALSO |
|
63 .Xr ssh-keygen 1 , |
|
64 -.Xr sshd 8 |
|
65 +.Xr sshd 1M |
|
66 .Sh STANDARDS |
|
67 .Rs |
|
68 .%A M. Friedl |
|
69 diff -pur old/sftp-server.8 new/sftp-server.8 |
|
70 --- old/sftp-server.8 |
|
71 +++ new/sftp-server.8 |
|
72 @@ -23,7 +23,7 @@ |
|
73 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
74 .\" |
|
75 .Dd $Mdocdate: December 11 2014 $ |
|
76 -.Dt SFTP-SERVER 8 |
|
77 +.Dt SFTP-SERVER 1M |
|
78 .Os |
|
79 .Sh NAME |
|
80 .Nm sftp-server |
|
81 @@ -47,7 +47,7 @@ is a program that speaks the server side |
|
82 to stdout and expects client requests from stdin. |
|
83 .Nm |
|
84 is not intended to be called directly, but from |
|
85 -.Xr sshd 8 |
|
86 +.Xr sshd 1M |
|
87 using the |
|
88 .Cm Subsystem |
|
89 option. |
|
90 @@ -58,7 +58,7 @@ should be specified in the |
|
91 .Cm Subsystem |
|
92 declaration. |
|
93 See |
|
94 -.Xr sshd_config 5 |
|
95 +.Xr sshd_config 4 |
|
96 for more information. |
|
97 .Pp |
|
98 Valid options are: |
|
99 @@ -71,7 +71,7 @@ The pathname may contain the following t |
|
100 and %u is replaced by the username of that user. |
|
101 The default is to use the user's home directory. |
|
102 This option is useful in conjunction with the |
|
103 -.Xr sshd_config 5 |
|
104 +.Xr sshd_config 4 |
|
105 .Cm ChrootDirectory |
|
106 option. |
|
107 .It Fl e |
|
108 @@ -152,8 +152,8 @@ establish a logging socket inside the ch |
|
109 .Sh SEE ALSO |
|
110 .Xr sftp 1 , |
|
111 .Xr ssh 1 , |
|
112 -.Xr sshd_config 5 , |
|
113 -.Xr sshd 8 |
|
114 +.Xr sshd_config 4 , |
|
115 +.Xr sshd 1M |
|
116 .Rs |
|
117 .%A T. Ylonen |
|
118 .%A S. Lehtinen |
|
119 diff -pur old/ssh-keysign.8 new/ssh-keysign.8 |
|
120 --- old/ssh-keysign.8 |
|
121 +++ new/ssh-keysign.8 |
|
122 @@ -23,7 +23,7 @@ |
|
123 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
|
124 .\" |
|
125 .Dd $Mdocdate: December 7 2013 $ |
|
126 -.Dt SSH-KEYSIGN 8 |
|
127 +.Dt SSH-KEYSIGN 1M |
|
128 .Os |
|
129 .Sh NAME |
|
130 .Nm ssh-keysign |
|
131 @@ -52,7 +52,7 @@ is not intended to be invoked by the use |
|
132 See |
|
133 .Xr ssh 1 |
|
134 and |
|
135 -.Xr sshd 8 |
|
136 +.Xr sshd 1M |
|
137 for more information about host-based authentication. |
|
138 .Sh FILES |
|
139 .Bl -tag -width Ds -compact |
|
140 @@ -83,8 +83,8 @@ information corresponding with the priva |
|
141 .Sh SEE ALSO |
|
142 .Xr ssh 1 , |
|
143 .Xr ssh-keygen 1 , |
|
144 -.Xr ssh_config 5 , |
|
145 -.Xr sshd 8 |
|
146 +.Xr ssh_config 4 , |
|
147 +.Xr sshd 1M |
|
148 .Sh HISTORY |
|
149 .Nm |
|
150 first appeared in |
|
151 diff -pur old/ssh-pkcs11-helper.8 new/ssh-pkcs11-helper.8 |
|
152 --- old/ssh-pkcs11-helper.8 |
|
153 +++ new/ssh-pkcs11-helper.8 |
|
154 @@ -15,7 +15,7 @@ |
|
155 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
|
156 .\" |
|
157 .Dd $Mdocdate: July 16 2013 $ |
|
158 -.Dt SSH-PKCS11-HELPER 8 |
|
159 +.Dt SSH-PKCS11-HELPER 1M |
|
160 .Os |
|
161 .Sh NAME |
|
162 .Nm ssh-pkcs11-helper |
|
163 diff -pur old/ssh_config.5 new/ssh_config.5 |
|
164 --- old/ssh_config.5 |
|
165 +++ new/ssh_config.5 |
|
166 @@ -35,7 +35,7 @@ |
|
167 .\" |
|
168 .\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $ |
|
169 .Dd $Mdocdate: August 14 2015 $ |
|
170 -.Dt SSH_CONFIG 5 |
|
171 +.Dt SSH_CONFIG 4 |
|
172 .Os |
|
173 .Sh NAME |
|
174 .Nm ssh_config |
|
175 @@ -568,7 +568,7 @@ then the master connection will remain i |
|
176 .Dq Fl O No exit |
|
177 option). |
|
178 If set to a time in seconds, or a time in any of the formats documented in |
|
179 -.Xr sshd_config 5 , |
|
180 +.Xr sshd_config 4 , |
|
181 then the backgrounded master connection will automatically terminate |
|
182 after it has remained idle (with no client connections) for the |
|
183 specified time. |
|
184 @@ -695,7 +695,7 @@ option is also enabled. |
|
185 Specify a timeout for untrusted X11 forwarding |
|
186 using the format described in the |
|
187 TIME FORMATS section of |
|
188 -.Xr sshd_config 5 . |
|
189 +.Xr sshd_config 4 . |
|
190 X11 connections received by |
|
191 .Xr ssh 1 |
|
192 after this time will be refused. |
|
193 @@ -762,7 +762,7 @@ should hash host names and addresses whe |
|
194 These hashed names may be used normally by |
|
195 .Xr ssh 1 |
|
196 and |
|
197 -.Xr sshd 8 , |
|
198 +.Xr sshd 1M , |
|
199 but they do not reveal identifying information should the file's contents |
|
200 be disclosed. |
|
201 The default is |
|
202 @@ -1286,7 +1286,7 @@ depending on the cipher. |
|
203 The optional second value is specified in seconds and may use any of the |
|
204 units documented in the |
|
205 TIME FORMATS section of |
|
206 -.Xr sshd_config 5 . |
|
207 +.Xr sshd_config 4 . |
|
208 The default value for |
|
209 .Cm RekeyLimit |
|
210 is |
|
211 @@ -1330,7 +1330,7 @@ Specifying a remote |
|
212 will only succeed if the server's |
|
213 .Cm GatewayPorts |
|
214 option is enabled (see |
|
215 -.Xr sshd_config 5 ) . |
|
216 +.Xr sshd_config 4 ) . |
|
217 .It Cm RequestTTY |
|
218 Specifies whether to request a pseudo-tty for the session. |
|
219 The argument may be one of: |
|
220 @@ -1396,7 +1396,7 @@ pseudo-terminal is requested as it is re |
|
221 Refer to |
|
222 .Cm AcceptEnv |
|
223 in |
|
224 -.Xr sshd_config 5 |
|
225 +.Xr sshd_config 4 |
|
226 for how to configure the server. |
|
227 Variables are specified by name, which may contain wildcard characters. |
|
228 Multiple environment variables may be separated by whitespace or spread |
|
229 diff -pur old/sshd.8 new/sshd.8 |
|
230 --- old/sshd.8 |
|
231 +++ new/sshd.8 |
|
232 @@ -35,7 +35,7 @@ |
|
233 .\" |
|
234 .\" $OpenBSD: sshd.8,v 1.280 2015/07/03 03:49:45 djm Exp $ |
|
235 .Dd $Mdocdate: July 3 2015 $ |
|
236 -.Dt SSHD 8 |
|
237 +.Dt SSHD 1M |
|
238 .Os |
|
239 .Sh NAME |
|
240 .Nm sshd |
|
241 @@ -77,7 +77,7 @@ and data exchange. |
|
242 .Nm |
|
243 can be configured using command-line options or a configuration file |
|
244 (by default |
|
245 -.Xr sshd_config 5 ) ; |
|
246 +.Xr sshd_config 4 ) ; |
|
247 command-line options override values specified in the |
|
248 configuration file. |
|
249 .Nm |
|
250 @@ -204,7 +204,7 @@ Can be used to give options in the forma |
|
251 This is useful for specifying options for which there is no separate |
|
252 command-line flag. |
|
253 For full details of the options, and their values, see |
|
254 -.Xr sshd_config 5 . |
|
255 +.Xr sshd_config 4 . |
|
256 .It Fl p Ar port |
|
257 Specifies the port on which the server listens for connections |
|
258 (default 22). |
|
259 @@ -274,7 +274,7 @@ The default is to use protocol 2 only, |
|
260 though this can be changed via the |
|
261 .Cm Protocol |
|
262 option in |
|
263 -.Xr sshd_config 5 . |
|
264 +.Xr sshd_config 4 . |
|
265 Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; |
|
266 protocol 1 only supports RSA keys. |
|
267 For both protocols, |
|
268 @@ -399,7 +399,7 @@ if it exists, and users are allowed to c |
|
269 See the |
|
270 .Cm PermitUserEnvironment |
|
271 option in |
|
272 -.Xr sshd_config 5 . |
|
273 +.Xr sshd_config 4 . |
|
274 .It |
|
275 Changes to user's home directory. |
|
276 .It |
|
277 @@ -549,7 +549,7 @@ The command originally supplied by the c |
|
278 environment variable. |
|
279 Note that this option applies to shell, command or subsystem execution. |
|
280 Also note that this command may be superseded by either a |
|
281 -.Xr sshd_config 5 |
|
282 +.Xr sshd_config 4 |
|
283 .Cm ForceCommand |
|
284 directive or a command embedded in a certificate. |
|
285 .It Cm environment="NAME=value" |
|
286 @@ -570,7 +570,7 @@ Specifies that in addition to public key |
|
287 name of the remote host or its IP address must be present in the |
|
288 comma-separated list of patterns. |
|
289 See PATTERNS in |
|
290 -.Xr ssh_config 5 |
|
291 +.Xr ssh_config 4 |
|
292 for more information on patterns. |
|
293 .Pp |
|
294 In addition to the wildcard matching that may be applied to hostnames or |
|
295 @@ -858,7 +858,7 @@ It should only be writable by root. |
|
296 .It Pa /etc/moduli |
|
297 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". |
|
298 The file format is described in |
|
299 -.Xr moduli 5 . |
|
300 +.Xr moduli 4 . |
|
301 .Pp |
|
302 .It Pa /etc/motd |
|
303 See |
|
304 @@ -919,7 +919,7 @@ should be world-readable. |
|
305 Contains configuration data for |
|
306 .Nm sshd . |
|
307 The file format and configuration options are described in |
|
308 -.Xr sshd_config 5 . |
|
309 +.Xr sshd_config 4 . |
|
310 .Pp |
|
311 .It Pa /etc/ssh/sshrc |
|
312 Similar to |
|
313 @@ -954,10 +954,10 @@ The content of this file is not sensitiv |
|
314 .Xr ssh-keyscan 1 , |
|
315 .Xr chroot 2 , |
|
316 .Xr login.conf 5 , |
|
317 -.Xr moduli 5 , |
|
318 -.Xr sshd_config 5 , |
|
319 -.Xr inetd 8 , |
|
320 -.Xr sftp-server 8 |
|
321 +.Xr moduli 4 , |
|
322 +.Xr sshd_config 4 , |
|
323 +.Xr inetd 1M , |
|
324 +.Xr sftp-server 1M |
|
325 .Sh AUTHORS |
|
326 OpenSSH is a derivative of the original and free |
|
327 ssh 1.2.12 release by Tatu Ylonen. |
|
328 diff -pur old/sshd_config.5 new/sshd_config.5 |
|
329 --- old/sshd_config.5 |
|
330 +++ new/sshd_config.5 |
|
331 @@ -35,7 +35,7 @@ |
|
332 .\" |
|
333 .\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $ |
|
334 .Dd $Mdocdate: August 14 2015 $ |
|
335 -.Dt SSHD_CONFIG 5 |
|
336 +.Dt SSHD_CONFIG 4 |
|
337 .Os |
|
338 .Sh NAME |
|
339 .Nm sshd_config |
|
340 @@ -43,7 +43,7 @@ |
|
341 .Sh SYNOPSIS |
|
342 .Nm /etc/ssh/sshd_config |
|
343 .Sh DESCRIPTION |
|
344 -.Xr sshd 8 |
|
345 +.Xr sshd 1M |
|
346 reads configuration data from |
|
347 .Pa /etc/ssh/sshd_config |
|
348 (or the file specified with |
|
349 @@ -68,7 +68,7 @@ the session's |
|
350 See |
|
351 .Cm SendEnv |
|
352 in |
|
353 -.Xr ssh_config 5 |
|
354 +.Xr ssh_config 4 |
|
355 for how to configure the client. |
|
356 Note that environment passing is only supported for protocol 2, and |
|
357 that the |
|
358 @@ -89,7 +89,7 @@ For this reason, care should be taken in |
|
359 The default is not to accept any environment variables. |
|
360 .It Cm AddressFamily |
|
361 Specifies which address family should be used by |
|
362 -.Xr sshd 8 . |
|
363 +.Xr sshd 1M . |
|
364 Valid arguments are |
|
365 .Dq any , |
|
366 .Dq inet |
|
367 @@ -122,7 +122,7 @@ and finally |
|
368 .Cm AllowGroups . |
|
369 .Pp |
|
370 See PATTERNS in |
|
371 -.Xr ssh_config 5 |
|
372 +.Xr ssh_config 4 |
|
373 for more information on patterns. |
|
374 .It Cm AllowTcpForwarding |
|
375 Specifies whether TCP forwarding is permitted. |
|
376 @@ -182,7 +182,7 @@ and finally |
|
377 .Cm AllowGroups . |
|
378 .Pp |
|
379 See PATTERNS in |
|
380 -.Xr ssh_config 5 |
|
381 +.Xr ssh_config 4 |
|
382 for more information on patterns. |
|
383 .It Cm AuthenticationMethods |
|
384 Specifies the authentication methods that must be successfully completed |
|
385 @@ -250,7 +250,7 @@ will be supplied. |
|
386 .Pp |
|
387 The program should produce on standard output zero or |
|
388 more lines of authorized_keys output (see AUTHORIZED_KEYS in |
|
389 -.Xr sshd 8 ) . |
|
390 +.Xr sshd 1M ) . |
|
391 If a key supplied by AuthorizedKeysCommand does not successfully authenticate |
|
392 and authorize the user then public key authentication continues using the usual |
|
393 .Cm AuthorizedKeysFile |
|
394 @@ -273,7 +273,7 @@ for user authentication. |
|
395 The format is described in the |
|
396 AUTHORIZED_KEYS FILE FORMAT |
|
397 section of |
|
398 -.Xr sshd 8 . |
|
399 +.Xr sshd 1M . |
|
400 .Cm AuthorizedKeysFile |
|
401 may contain tokens of the form %T which are substituted during connection |
|
402 setup. |
|
403 @@ -332,7 +332,7 @@ this file lists names, one of which must |
|
404 to be accepted for authentication. |
|
405 Names are listed one per line preceded by key options (as described |
|
406 in AUTHORIZED_KEYS FILE FORMAT in |
|
407 -.Xr sshd 8 ) . |
|
408 +.Xr sshd 1M ) . |
|
409 Empty lines and comments starting with |
|
410 .Ql # |
|
411 are ignored. |
|
412 @@ -362,7 +362,7 @@ and is not consulted for certification a |
|
413 though the |
|
414 .Cm principals= |
|
415 key option offers a similar facility (see |
|
416 -.Xr sshd 8 |
|
417 +.Xr sshd 1M |
|
418 for details). |
|
419 .It Cm Banner |
|
420 The contents of the specified file are sent to the remote user before |
|
421 @@ -387,7 +387,7 @@ At session startup |
|
422 checks that all components of the pathname are root-owned directories |
|
423 which are not writable by any other user or group. |
|
424 After the chroot, |
|
425 -.Xr sshd 8 |
|
426 +.Xr sshd 1M |
|
427 changes the working directory to the user's home directory. |
|
428 .Pp |
|
429 The pathname may contain the following tokens that are expanded at runtime once |
|
430 @@ -490,7 +490,7 @@ with an argument of |
|
431 .It Cm ClientAliveCountMax |
|
432 Sets the number of client alive messages (see below) which may be |
|
433 sent without |
|
434 -.Xr sshd 8 |
|
435 +.Xr sshd 1M |
|
436 receiving any messages back from the client. |
|
437 If this threshold is reached while client alive messages are being sent, |
|
438 sshd will disconnect the client, terminating the session. |
|
439 @@ -517,7 +517,7 @@ This option applies to protocol version |
|
440 .It Cm ClientAliveInterval |
|
441 Sets a timeout interval in seconds after which if no data has been received |
|
442 from the client, |
|
443 -.Xr sshd 8 |
|
444 +.Xr sshd 1M |
|
445 will send a message through the encrypted |
|
446 channel to request a response from the client. |
|
447 The default |
|
448 @@ -548,7 +548,7 @@ and finally |
|
449 .Cm AllowGroups . |
|
450 .Pp |
|
451 See PATTERNS in |
|
452 -.Xr ssh_config 5 |
|
453 +.Xr ssh_config 4 |
|
454 for more information on patterns. |
|
455 .It Cm DenyUsers |
|
456 This keyword can be followed by a list of user name patterns, separated |
|
457 @@ -567,7 +567,7 @@ and finally |
|
458 .Cm AllowGroups . |
|
459 .Pp |
|
460 See PATTERNS in |
|
461 -.Xr ssh_config 5 |
|
462 +.Xr ssh_config 4 |
|
463 for more information on patterns. |
|
464 .It Cm FingerprintHash |
|
465 Specifies the hash algorithm used when logging key fingerprints. |
|
466 @@ -600,7 +600,7 @@ files when used with |
|
467 Specifies whether remote hosts are allowed to connect to ports |
|
468 forwarded for the client. |
|
469 By default, |
|
470 -.Xr sshd 8 |
|
471 +.Xr sshd 1M |
|
472 binds remote port forwardings to the loopback address. |
|
473 This prevents other remote hosts from connecting to forwarded ports. |
|
474 .Cm GatewayPorts |
|
475 @@ -686,7 +686,7 @@ files during |
|
476 A setting of |
|
477 .Dq yes |
|
478 means that |
|
479 -.Xr sshd 8 |
|
480 +.Xr sshd 1M |
|
481 uses the name supplied by the client rather than |
|
482 attempting to resolve the name from the TCP connection itself. |
|
483 The default is |
|
484 @@ -697,7 +697,7 @@ The certificate's public key must match |
|
485 by |
|
486 .Cm HostKey . |
|
487 The default behaviour of |
|
488 -.Xr sshd 8 |
|
489 +.Xr sshd 1M |
|
490 is not to load any certificates. |
|
491 .It Cm HostKey |
|
492 Specifies a file containing a private host key |
|
493 @@ -779,7 +779,7 @@ The default is |
|
494 .Dq yes . |
|
495 .It Cm IgnoreUserKnownHosts |
|
496 Specifies whether |
|
497 -.Xr sshd 8 |
|
498 +.Xr sshd 1M |
|
499 should ignore the user's |
|
500 .Pa ~/.ssh/known_hosts |
|
501 during |
|
502 @@ -914,7 +914,7 @@ If the value is 0, the key is never rege |
|
503 The default is 3600 (seconds). |
|
504 .It Cm ListenAddress |
|
505 Specifies the local addresses |
|
506 -.Xr sshd 8 |
|
507 +.Xr sshd 1M |
|
508 should listen on. |
|
509 The following forms may be used: |
|
510 .Pp |
|
511 @@ -954,7 +954,7 @@ If the value is 0, there is no time limi |
|
512 The default is 120 seconds. |
|
513 .It Cm LogLevel |
|
514 Gives the verbosity level that is used when logging messages from |
|
515 -.Xr sshd 8 . |
|
516 +.Xr sshd 1M . |
|
517 The possible values are: |
|
518 QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. |
|
519 The default is INFO. |
|
520 @@ -1059,7 +1059,7 @@ and |
|
521 The match patterns may consist of single entries or comma-separated |
|
522 lists and may use the wildcard and negation operators described in the |
|
523 PATTERNS section of |
|
524 -.Xr ssh_config 5 . |
|
525 +.Xr ssh_config 4 . |
|
526 .Pp |
|
527 The patterns in an |
|
528 .Cm Address |
|
529 @@ -1148,7 +1148,7 @@ Alternatively, random early drop can be |
|
530 the three colon separated values |
|
531 .Dq start:rate:full |
|
532 (e.g. "10:30:60"). |
|
533 -.Xr sshd 8 |
|
534 +.Xr sshd 1M |
|
535 will refuse connection attempts with a probability of |
|
536 .Dq rate/100 |
|
537 (30%) |
|
538 @@ -1268,7 +1268,7 @@ and |
|
539 options in |
|
540 .Pa ~/.ssh/authorized_keys |
|
541 are processed by |
|
542 -.Xr sshd 8 . |
|
543 +.Xr sshd 1M . |
|
544 The default is |
|
545 .Dq no . |
|
546 Enabling environment processing may enable users to bypass access |
|
547 @@ -1289,7 +1289,7 @@ The default is |
|
548 .Pa /var/run/sshd.pid . |
|
549 .It Cm Port |
|
550 Specifies the port number that |
|
551 -.Xr sshd 8 |
|
552 +.Xr sshd 1M |
|
553 listens on. |
|
554 The default is 22. |
|
555 Multiple options of this type are permitted. |
|
556 @@ -1297,14 +1297,14 @@ See also |
|
557 .Cm ListenAddress . |
|
558 .It Cm PrintLastLog |
|
559 Specifies whether |
|
560 -.Xr sshd 8 |
|
561 +.Xr sshd 1M |
|
562 should print the date and time of the last user login when a user logs |
|
563 in interactively. |
|
564 On Solaris this option is always ignored since pam_unix_session(5) |
|
565 reports the last login time. |
|
566 .It Cm PrintMotd |
|
567 Specifies whether |
|
568 -.Xr sshd 8 |
|
569 +.Xr sshd 1M |
|
570 should print |
|
571 .Pa /etc/motd |
|
572 when a user logs in interactively. |
|
573 @@ -1315,7 +1315,7 @@ The default is |
|
574 .Dq yes . |
|
575 .It Cm Protocol |
|
576 Specifies the protocol versions |
|
577 -.Xr sshd 8 |
|
578 +.Xr sshd 1M |
|
579 supports. |
|
580 The possible values are |
|
581 .Sq 1 |
|
582 @@ -1440,7 +1440,7 @@ The default is |
|
583 .Dq no . |
|
584 .It Cm StrictModes |
|
585 Specifies whether |
|
586 -.Xr sshd 8 |
|
587 +.Xr sshd 1M |
|
588 should check file modes and ownership of the |
|
589 user's files and home directory before accepting login. |
|
590 This is normally desirable because novices sometimes accidentally leave their |
|
591 @@ -1474,7 +1474,7 @@ By default no subsystems are defined. |
|
592 Note that this option applies to protocol version 2 only. |
|
593 .It Cm SyslogFacility |
|
594 Gives the facility code that is used when logging messages from |
|
595 -.Xr sshd 8 . |
|
596 +.Xr sshd 1M . |
|
597 The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, |
|
598 LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. |
|
599 The default is AUTH. |
|
600 @@ -1571,13 +1571,13 @@ or |
|
601 If |
|
602 .Cm UsePAM |
|
603 is enabled, you will not be able to run |
|
604 -.Xr sshd 8 |
|
605 +.Xr sshd 1M |
|
606 as a non-root user. |
|
607 The default is |
|
608 .Dq no . |
|
609 .It Cm UsePrivilegeSeparation |
|
610 Specifies whether |
|
611 -.Xr sshd 8 |
|
612 +.Xr sshd 1M |
|
613 separates privileges by creating an unprivileged child process |
|
614 to deal with incoming network traffic. |
|
615 After successful authentication, another process will be created that has |
|
616 @@ -1599,7 +1599,7 @@ The default is |
|
617 .Dq none . |
|
618 .It Cm X11DisplayOffset |
|
619 Specifies the first display number available for |
|
620 -.Xr sshd 8 Ns 's |
|
621 +.Xr sshd 1M Ns 's |
|
622 X11 forwarding. |
|
623 This prevents sshd from interfering with real X11 servers. |
|
624 The default is 10. |
|
625 @@ -1614,7 +1614,7 @@ The default is |
|
626 .Pp |
|
627 When X11 forwarding is enabled, there may be additional exposure to |
|
628 the server and to client displays if the |
|
629 -.Xr sshd 8 |
|
630 +.Xr sshd 1M |
|
631 proxy display is configured to listen on the wildcard address (see |
|
632 .Cm X11UseLocalhost |
|
633 below), though this is not the default. |
|
634 @@ -1625,7 +1625,7 @@ display server may be exposed to attack |
|
635 forwarding (see the warnings for |
|
636 .Cm ForwardX11 |
|
637 in |
|
638 -.Xr ssh_config 5 ) . |
|
639 +.Xr ssh_config 4 ) . |
|
640 A system administrator may have a stance in which they want to |
|
641 protect clients that may expose themselves to attack by unwittingly |
|
642 requesting X11 forwarding, which can warrant a |
|
643 @@ -1639,7 +1639,7 @@ X11 forwarding is automatically disabled |
|
644 is enabled. |
|
645 .It Cm X11UseLocalhost |
|
646 Specifies whether |
|
647 -.Xr sshd 8 |
|
648 +.Xr sshd 1M |
|
649 should bind the X11 forwarding server to the loopback address or to |
|
650 the wildcard address. |
|
651 By default, |
|
652 @@ -1672,7 +1672,7 @@ The default is |
|
653 .Pa /usr/X11R6/bin/xauth . |
|
654 .El |
|
655 .Sh TIME FORMATS |
|
656 -.Xr sshd 8 |
|
657 +.Xr sshd 1M |
|
658 command-line arguments and configuration file options that specify time |
|
659 may be expressed using a sequence of the form: |
|
660 .Sm off |
|
661 @@ -1716,12 +1716,12 @@ Time format examples: |
|
662 .Bl -tag -width Ds |
|
663 .It Pa /etc/ssh/sshd_config |
|
664 Contains configuration data for |
|
665 -.Xr sshd 8 . |
|
666 +.Xr sshd 1M . |
|
667 This file should be writable by root only, but it is recommended |
|
668 (though not necessary) that it be world-readable. |
|
669 .El |
|
670 .Sh SEE ALSO |
|
671 -.Xr sshd 8 , |
|
672 +.Xr sshd 1M , |
|
673 .Xr pam_unix_session 5 |
|
674 .Sh AUTHORS |
|
675 OpenSSH is a derivative of the original and free |
|