# HG changeset patch # User Rich Burridge # Date 1446242865 25200 # Node ID 06e4fcc325a1a163af16ab7881dae5f70856a6e9 # Parent 1d0e6cf3884452b3beb95fe1d9b002defd95b031 PSARC 2015/428 Normalization of Solaris man page section numbers 22127326 Normalize openssh man pages diff -r 1d0e6cf38844 -r 06e4fcc325a1 components/openssh/openssh.p5m --- a/components/openssh/openssh.p5m Thu Oct 29 13:35:51 2015 -0700 +++ b/components/openssh/openssh.p5m Fri Oct 30 15:07:45 2015 -0700 @@ -98,33 +98,33 @@ link path=usr/share/man/man1/ssh.1 target=./ssh.openssh.1 mediator=ssh \ mediator-implementation=openssh mediator-priority=vendor file usr/share/man/man1/ssh.1 path=usr/share/man/man1/ssh.openssh.1 mode=0444 -link path=usr/share/man/man1m/sftp-server.1m target=./sftp-server.openssh.1m \ +link path=usr/share/man/man5/moduli.5 target=./moduli.openssh.5 mediator=ssh \ + mediator-implementation=openssh mediator-priority=vendor +file usr/share/man/man5/moduli.5 path=usr/share/man/man5/moduli.openssh.5 +link path=usr/share/man/man5/ssh_config.5 target=./ssh_config.openssh.5 \ + mediator=ssh mediator-implementation=openssh mediator-priority=vendor +file usr/share/man/man5/ssh_config.5 \ + path=usr/share/man/man5/ssh_config.openssh.5 +link path=usr/share/man/man5/sshd_config.5 target=./sshd_config.openssh.5 \ + mediator=ssh mediator-implementation=openssh mediator-priority=vendor +file usr/share/man/man5/sshd_config.5 \ + path=usr/share/man/man5/sshd_config.openssh.5 +link path=usr/share/man/man8/sftp-server.8 target=./sftp-server.openssh.8 \ mediator=ssh mediator-implementation=openssh mediator-priority=vendor file usr/share/man/man8/sftp-server.8 \ - path=usr/share/man/man1m/sftp-server.openssh.1m -link path=usr/share/man/man1m/ssh-keysign.1m target=./ssh-keysign.openssh.1m \ + path=usr/share/man/man8/sftp-server.openssh.8 +link path=usr/share/man/man8/ssh-keysign.8 target=./ssh-keysign.openssh.8 \ mediator=ssh mediator-implementation=openssh mediator-priority=vendor file usr/share/man/man8/ssh-keysign.8 \ - path=usr/share/man/man1m/ssh-keysign.openssh.1m -link path=usr/share/man/man1m/ssh-pkcs11-helper.1m \ - target=./ssh-pkcs11-helper.openssh.1m mediator=ssh \ + path=usr/share/man/man8/ssh-keysign.openssh.8 +link path=usr/share/man/man8/ssh-pkcs11-helper.8 \ + target=./ssh-pkcs11-helper.openssh.8 mediator=ssh \ mediator-implementation=openssh mediator-priority=vendor file usr/share/man/man8/ssh-pkcs11-helper.8 \ - path=usr/share/man/man1m/ssh-pkcs11-helper.openssh.1m -link path=usr/share/man/man1m/sshd.1m target=./sshd.openssh.1m mediator=ssh \ - mediator-implementation=openssh mediator-priority=vendor -file usr/share/man/man8/sshd.8 path=usr/share/man/man1m/sshd.openssh.1m -link path=usr/share/man/man4/moduli.4 target=./moduli.openssh.4 mediator=ssh \ + path=usr/share/man/man8/ssh-pkcs11-helper.openssh.8 +link path=usr/share/man/man8/sshd.8 target=./sshd.openssh.8 mediator=ssh \ mediator-implementation=openssh mediator-priority=vendor -file usr/share/man/man5/moduli.5 path=usr/share/man/man4/moduli.openssh.4 -link path=usr/share/man/man4/ssh_config.4 target=./ssh_config.openssh.4 \ - mediator=ssh mediator-implementation=openssh mediator-priority=vendor -file usr/share/man/man5/ssh_config.5 \ - path=usr/share/man/man4/ssh_config.openssh.4 -link path=usr/share/man/man4/sshd_config.4 target=./sshd_config.openssh.4 \ - mediator=ssh mediator-implementation=openssh mediator-priority=vendor -file usr/share/man/man5/sshd_config.5 \ - path=usr/share/man/man4/sshd_config.openssh.4 +file usr/share/man/man8/sshd.8 path=usr/share/man/man8/sshd.openssh.8 dir path=var/empty owner=root group=sys mode=0755 sysattr=readonly group groupname=sshd gid=22 user username=sshd ftpuser=false gcos-field="sshd privsep" group=sshd \ diff -r 1d0e6cf38844 -r 06e4fcc325a1 components/openssh/patches/007-manpages.patch --- a/components/openssh/patches/007-manpages.patch Thu Oct 29 13:35:51 2015 -0700 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,675 +0,0 @@ -# This change is Solaris-specific and thus is not being contributed back -# to the upstream community. Details: -# -# OpenSSH uses the BSD/Linux man page scheme which is different from the SysV -# man page scheme used in Solaris. In order to comply to the Solaris man page -# policy and also use the IPS mediator to switch between SunSSH and OpenSSH man -# pages, the section numbers of some OpenSSH man pages are changed to be the -# same as their corresponding ones in SunSSH. -# -diff -pur old/moduli.5 new/moduli.5 ---- old/moduli.5 -+++ new/moduli.5 -@@ -14,7 +14,7 @@ - .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF - .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - .Dd $Mdocdate: September 26 2012 $ --.Dt MODULI 5 -+.Dt MODULI 4 - .Os - .Sh NAME - .Nm moduli -@@ -23,7 +23,7 @@ - The - .Pa /etc/moduli - file contains prime numbers and generators for use by --.Xr sshd 8 -+.Xr sshd 1M - in the Diffie-Hellman Group Exchange key exchange method. - .Pp - New moduli may be generated with -@@ -40,7 +40,7 @@ pass, using - .Ic ssh-keygen -T , - provides a high degree of assurance that the numbers are prime and are - safe for use in Diffie-Hellman operations by --.Xr sshd 8 . -+.Xr sshd 1M . - This - .Nm - format is used as the output from each pass. -@@ -70,7 +70,7 @@ are Sophie Germain primes (type 4). - Further primality testing with - .Xr ssh-keygen 1 - produces safe prime moduli (type 2) that are ready for use in --.Xr sshd 8 . -+.Xr sshd 1M . - Other types are not used by OpenSSH. - .It tests - Decimal number indicating the type of primality tests that the number -@@ -105,16 +105,16 @@ The modulus itself in hexadecimal. - .El - .Pp - When performing Diffie-Hellman Group Exchange, --.Xr sshd 8 -+.Xr sshd 1M - first estimates the size of the modulus required to produce enough - Diffie-Hellman output to sufficiently key the selected symmetric cipher. --.Xr sshd 8 -+.Xr sshd 1M - then randomly selects a modulus from - .Fa /etc/moduli - that best meets the size requirement. - .Sh SEE ALSO - .Xr ssh-keygen 1 , --.Xr sshd 8 -+.Xr sshd 1M - .Sh STANDARDS - .Rs - .%A M. Friedl -diff -pur old/sftp-server.8 new/sftp-server.8 ---- old/sftp-server.8 -+++ new/sftp-server.8 -@@ -23,7 +23,7 @@ - .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - .\" - .Dd $Mdocdate: December 11 2014 $ --.Dt SFTP-SERVER 8 -+.Dt SFTP-SERVER 1M - .Os - .Sh NAME - .Nm sftp-server -@@ -47,7 +47,7 @@ is a program that speaks the server side - to stdout and expects client requests from stdin. - .Nm - is not intended to be called directly, but from --.Xr sshd 8 -+.Xr sshd 1M - using the - .Cm Subsystem - option. -@@ -58,7 +58,7 @@ should be specified in the - .Cm Subsystem - declaration. - See --.Xr sshd_config 5 -+.Xr sshd_config 4 - for more information. - .Pp - Valid options are: -@@ -71,7 +71,7 @@ The pathname may contain the following t - and %u is replaced by the username of that user. - The default is to use the user's home directory. - This option is useful in conjunction with the --.Xr sshd_config 5 -+.Xr sshd_config 4 - .Cm ChrootDirectory - option. - .It Fl e -@@ -152,8 +152,8 @@ establish a logging socket inside the ch - .Sh SEE ALSO - .Xr sftp 1 , - .Xr ssh 1 , --.Xr sshd_config 5 , --.Xr sshd 8 -+.Xr sshd_config 4 , -+.Xr sshd 1M - .Rs - .%A T. Ylonen - .%A S. Lehtinen -diff -pur old/ssh-keysign.8 new/ssh-keysign.8 ---- old/ssh-keysign.8 -+++ new/ssh-keysign.8 -@@ -23,7 +23,7 @@ - .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - .\" - .Dd $Mdocdate: December 7 2013 $ --.Dt SSH-KEYSIGN 8 -+.Dt SSH-KEYSIGN 1M - .Os - .Sh NAME - .Nm ssh-keysign -@@ -52,7 +52,7 @@ is not intended to be invoked by the use - See - .Xr ssh 1 - and --.Xr sshd 8 -+.Xr sshd 1M - for more information about host-based authentication. - .Sh FILES - .Bl -tag -width Ds -compact -@@ -83,8 +83,8 @@ information corresponding with the priva - .Sh SEE ALSO - .Xr ssh 1 , - .Xr ssh-keygen 1 , --.Xr ssh_config 5 , --.Xr sshd 8 -+.Xr ssh_config 4 , -+.Xr sshd 1M - .Sh HISTORY - .Nm - first appeared in -diff -pur old/ssh-pkcs11-helper.8 new/ssh-pkcs11-helper.8 ---- old/ssh-pkcs11-helper.8 -+++ new/ssh-pkcs11-helper.8 -@@ -15,7 +15,7 @@ - .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - .\" - .Dd $Mdocdate: July 16 2013 $ --.Dt SSH-PKCS11-HELPER 8 -+.Dt SSH-PKCS11-HELPER 1M - .Os - .Sh NAME - .Nm ssh-pkcs11-helper -diff -pur old/ssh_config.5 new/ssh_config.5 ---- old/ssh_config.5 -+++ new/ssh_config.5 -@@ -35,7 +35,7 @@ - .\" - .\" $OpenBSD: ssh_config.5,v 1.215 2015/08/14 15:32:41 jmc Exp $ - .Dd $Mdocdate: August 14 2015 $ --.Dt SSH_CONFIG 5 -+.Dt SSH_CONFIG 4 - .Os - .Sh NAME - .Nm ssh_config -@@ -568,7 +568,7 @@ then the master connection will remain i - .Dq Fl O No exit - option). - If set to a time in seconds, or a time in any of the formats documented in --.Xr sshd_config 5 , -+.Xr sshd_config 4 , - then the backgrounded master connection will automatically terminate - after it has remained idle (with no client connections) for the - specified time. -@@ -695,7 +695,7 @@ option is also enabled. - Specify a timeout for untrusted X11 forwarding - using the format described in the - TIME FORMATS section of --.Xr sshd_config 5 . -+.Xr sshd_config 4 . - X11 connections received by - .Xr ssh 1 - after this time will be refused. -@@ -762,7 +762,7 @@ should hash host names and addresses whe - These hashed names may be used normally by - .Xr ssh 1 - and --.Xr sshd 8 , -+.Xr sshd 1M , - but they do not reveal identifying information should the file's contents - be disclosed. - The default is -@@ -1286,7 +1286,7 @@ depending on the cipher. - The optional second value is specified in seconds and may use any of the - units documented in the - TIME FORMATS section of --.Xr sshd_config 5 . -+.Xr sshd_config 4 . - The default value for - .Cm RekeyLimit - is -@@ -1330,7 +1330,7 @@ Specifying a remote - will only succeed if the server's - .Cm GatewayPorts - option is enabled (see --.Xr sshd_config 5 ) . -+.Xr sshd_config 4 ) . - .It Cm RequestTTY - Specifies whether to request a pseudo-tty for the session. - The argument may be one of: -@@ -1396,7 +1396,7 @@ pseudo-terminal is requested as it is re - Refer to - .Cm AcceptEnv - in --.Xr sshd_config 5 -+.Xr sshd_config 4 - for how to configure the server. - Variables are specified by name, which may contain wildcard characters. - Multiple environment variables may be separated by whitespace or spread -diff -pur old/sshd.8 new/sshd.8 ---- old/sshd.8 -+++ new/sshd.8 -@@ -35,7 +35,7 @@ - .\" - .\" $OpenBSD: sshd.8,v 1.280 2015/07/03 03:49:45 djm Exp $ - .Dd $Mdocdate: July 3 2015 $ --.Dt SSHD 8 -+.Dt SSHD 1M - .Os - .Sh NAME - .Nm sshd -@@ -77,7 +77,7 @@ and data exchange. - .Nm - can be configured using command-line options or a configuration file - (by default --.Xr sshd_config 5 ) ; -+.Xr sshd_config 4 ) ; - command-line options override values specified in the - configuration file. - .Nm -@@ -204,7 +204,7 @@ Can be used to give options in the forma - This is useful for specifying options for which there is no separate - command-line flag. - For full details of the options, and their values, see --.Xr sshd_config 5 . -+.Xr sshd_config 4 . - .It Fl p Ar port - Specifies the port on which the server listens for connections - (default 22). -@@ -274,7 +274,7 @@ The default is to use protocol 2 only, - though this can be changed via the - .Cm Protocol - option in --.Xr sshd_config 5 . -+.Xr sshd_config 4 . - Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; - protocol 1 only supports RSA keys. - For both protocols, -@@ -399,7 +399,7 @@ if it exists, and users are allowed to c - See the - .Cm PermitUserEnvironment - option in --.Xr sshd_config 5 . -+.Xr sshd_config 4 . - .It - Changes to user's home directory. - .It -@@ -549,7 +549,7 @@ The command originally supplied by the c - environment variable. - Note that this option applies to shell, command or subsystem execution. - Also note that this command may be superseded by either a --.Xr sshd_config 5 -+.Xr sshd_config 4 - .Cm ForceCommand - directive or a command embedded in a certificate. - .It Cm environment="NAME=value" -@@ -570,7 +570,7 @@ Specifies that in addition to public key - name of the remote host or its IP address must be present in the - comma-separated list of patterns. - See PATTERNS in --.Xr ssh_config 5 -+.Xr ssh_config 4 - for more information on patterns. - .Pp - In addition to the wildcard matching that may be applied to hostnames or -@@ -858,7 +858,7 @@ It should only be writable by root. - .It Pa /etc/moduli - Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". - The file format is described in --.Xr moduli 5 . -+.Xr moduli 4 . - .Pp - .It Pa /etc/motd - See -@@ -919,7 +919,7 @@ should be world-readable. - Contains configuration data for - .Nm sshd . - The file format and configuration options are described in --.Xr sshd_config 5 . -+.Xr sshd_config 4 . - .Pp - .It Pa /etc/ssh/sshrc - Similar to -@@ -954,10 +954,10 @@ The content of this file is not sensitiv - .Xr ssh-keyscan 1 , - .Xr chroot 2 , - .Xr login.conf 5 , --.Xr moduli 5 , --.Xr sshd_config 5 , --.Xr inetd 8 , --.Xr sftp-server 8 -+.Xr moduli 4 , -+.Xr sshd_config 4 , -+.Xr inetd 1M , -+.Xr sftp-server 1M - .Sh AUTHORS - OpenSSH is a derivative of the original and free - ssh 1.2.12 release by Tatu Ylonen. -diff -pur old/sshd_config.5 new/sshd_config.5 ---- old/sshd_config.5 -+++ new/sshd_config.5 -@@ -35,7 +35,7 @@ - .\" - .\" $OpenBSD: sshd_config.5,v 1.211 2015/08/14 15:32:41 jmc Exp $ - .Dd $Mdocdate: August 14 2015 $ --.Dt SSHD_CONFIG 5 -+.Dt SSHD_CONFIG 4 - .Os - .Sh NAME - .Nm sshd_config -@@ -43,7 +43,7 @@ - .Sh SYNOPSIS - .Nm /etc/ssh/sshd_config - .Sh DESCRIPTION --.Xr sshd 8 -+.Xr sshd 1M - reads configuration data from - .Pa /etc/ssh/sshd_config - (or the file specified with -@@ -68,7 +68,7 @@ the session's - See - .Cm SendEnv - in --.Xr ssh_config 5 -+.Xr ssh_config 4 - for how to configure the client. - Note that environment passing is only supported for protocol 2, and - that the -@@ -89,7 +89,7 @@ For this reason, care should be taken in - The default is not to accept any environment variables. - .It Cm AddressFamily - Specifies which address family should be used by --.Xr sshd 8 . -+.Xr sshd 1M . - Valid arguments are - .Dq any , - .Dq inet -@@ -122,7 +122,7 @@ and finally - .Cm AllowGroups . - .Pp - See PATTERNS in --.Xr ssh_config 5 -+.Xr ssh_config 4 - for more information on patterns. - .It Cm AllowTcpForwarding - Specifies whether TCP forwarding is permitted. -@@ -182,7 +182,7 @@ and finally - .Cm AllowGroups . - .Pp - See PATTERNS in --.Xr ssh_config 5 -+.Xr ssh_config 4 - for more information on patterns. - .It Cm AuthenticationMethods - Specifies the authentication methods that must be successfully completed -@@ -250,7 +250,7 @@ will be supplied. - .Pp - The program should produce on standard output zero or - more lines of authorized_keys output (see AUTHORIZED_KEYS in --.Xr sshd 8 ) . -+.Xr sshd 1M ) . - If a key supplied by AuthorizedKeysCommand does not successfully authenticate - and authorize the user then public key authentication continues using the usual - .Cm AuthorizedKeysFile -@@ -273,7 +273,7 @@ for user authentication. - The format is described in the - AUTHORIZED_KEYS FILE FORMAT - section of --.Xr sshd 8 . -+.Xr sshd 1M . - .Cm AuthorizedKeysFile - may contain tokens of the form %T which are substituted during connection - setup. -@@ -332,7 +332,7 @@ this file lists names, one of which must - to be accepted for authentication. - Names are listed one per line preceded by key options (as described - in AUTHORIZED_KEYS FILE FORMAT in --.Xr sshd 8 ) . -+.Xr sshd 1M ) . - Empty lines and comments starting with - .Ql # - are ignored. -@@ -362,7 +362,7 @@ and is not consulted for certification a - though the - .Cm principals= - key option offers a similar facility (see --.Xr sshd 8 -+.Xr sshd 1M - for details). - .It Cm Banner - The contents of the specified file are sent to the remote user before -@@ -387,7 +387,7 @@ At session startup - checks that all components of the pathname are root-owned directories - which are not writable by any other user or group. - After the chroot, --.Xr sshd 8 -+.Xr sshd 1M - changes the working directory to the user's home directory. - .Pp - The pathname may contain the following tokens that are expanded at runtime once -@@ -490,7 +490,7 @@ with an argument of - .It Cm ClientAliveCountMax - Sets the number of client alive messages (see below) which may be - sent without --.Xr sshd 8 -+.Xr sshd 1M - receiving any messages back from the client. - If this threshold is reached while client alive messages are being sent, - sshd will disconnect the client, terminating the session. -@@ -517,7 +517,7 @@ This option applies to protocol version - .It Cm ClientAliveInterval - Sets a timeout interval in seconds after which if no data has been received - from the client, --.Xr sshd 8 -+.Xr sshd 1M - will send a message through the encrypted - channel to request a response from the client. - The default -@@ -548,7 +548,7 @@ and finally - .Cm AllowGroups . - .Pp - See PATTERNS in --.Xr ssh_config 5 -+.Xr ssh_config 4 - for more information on patterns. - .It Cm DenyUsers - This keyword can be followed by a list of user name patterns, separated -@@ -567,7 +567,7 @@ and finally - .Cm AllowGroups . - .Pp - See PATTERNS in --.Xr ssh_config 5 -+.Xr ssh_config 4 - for more information on patterns. - .It Cm FingerprintHash - Specifies the hash algorithm used when logging key fingerprints. -@@ -600,7 +600,7 @@ files when used with - Specifies whether remote hosts are allowed to connect to ports - forwarded for the client. - By default, --.Xr sshd 8 -+.Xr sshd 1M - binds remote port forwardings to the loopback address. - This prevents other remote hosts from connecting to forwarded ports. - .Cm GatewayPorts -@@ -686,7 +686,7 @@ files during - A setting of - .Dq yes - means that --.Xr sshd 8 -+.Xr sshd 1M - uses the name supplied by the client rather than - attempting to resolve the name from the TCP connection itself. - The default is -@@ -697,7 +697,7 @@ The certificate's public key must match - by - .Cm HostKey . - The default behaviour of --.Xr sshd 8 -+.Xr sshd 1M - is not to load any certificates. - .It Cm HostKey - Specifies a file containing a private host key -@@ -779,7 +779,7 @@ The default is - .Dq yes . - .It Cm IgnoreUserKnownHosts - Specifies whether --.Xr sshd 8 -+.Xr sshd 1M - should ignore the user's - .Pa ~/.ssh/known_hosts - during -@@ -914,7 +914,7 @@ If the value is 0, the key is never rege - The default is 3600 (seconds). - .It Cm ListenAddress - Specifies the local addresses --.Xr sshd 8 -+.Xr sshd 1M - should listen on. - The following forms may be used: - .Pp -@@ -954,7 +954,7 @@ If the value is 0, there is no time limi - The default is 120 seconds. - .It Cm LogLevel - Gives the verbosity level that is used when logging messages from --.Xr sshd 8 . -+.Xr sshd 1M . - The possible values are: - QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. - The default is INFO. -@@ -1059,7 +1059,7 @@ and - The match patterns may consist of single entries or comma-separated - lists and may use the wildcard and negation operators described in the - PATTERNS section of --.Xr ssh_config 5 . -+.Xr ssh_config 4 . - .Pp - The patterns in an - .Cm Address -@@ -1148,7 +1148,7 @@ Alternatively, random early drop can be - the three colon separated values - .Dq start:rate:full - (e.g. "10:30:60"). --.Xr sshd 8 -+.Xr sshd 1M - will refuse connection attempts with a probability of - .Dq rate/100 - (30%) -@@ -1268,7 +1268,7 @@ and - options in - .Pa ~/.ssh/authorized_keys - are processed by --.Xr sshd 8 . -+.Xr sshd 1M . - The default is - .Dq no . - Enabling environment processing may enable users to bypass access -@@ -1289,7 +1289,7 @@ The default is - .Pa /var/run/sshd.pid . - .It Cm Port - Specifies the port number that --.Xr sshd 8 -+.Xr sshd 1M - listens on. - The default is 22. - Multiple options of this type are permitted. -@@ -1297,14 +1297,14 @@ See also - .Cm ListenAddress . - .It Cm PrintLastLog - Specifies whether --.Xr sshd 8 -+.Xr sshd 1M - should print the date and time of the last user login when a user logs - in interactively. - On Solaris this option is always ignored since pam_unix_session(5) - reports the last login time. - .It Cm PrintMotd - Specifies whether --.Xr sshd 8 -+.Xr sshd 1M - should print - .Pa /etc/motd - when a user logs in interactively. -@@ -1315,7 +1315,7 @@ The default is - .Dq yes . - .It Cm Protocol - Specifies the protocol versions --.Xr sshd 8 -+.Xr sshd 1M - supports. - The possible values are - .Sq 1 -@@ -1440,7 +1440,7 @@ The default is - .Dq no . - .It Cm StrictModes - Specifies whether --.Xr sshd 8 -+.Xr sshd 1M - should check file modes and ownership of the - user's files and home directory before accepting login. - This is normally desirable because novices sometimes accidentally leave their -@@ -1474,7 +1474,7 @@ By default no subsystems are defined. - Note that this option applies to protocol version 2 only. - .It Cm SyslogFacility - Gives the facility code that is used when logging messages from --.Xr sshd 8 . -+.Xr sshd 1M . - The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, - LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. - The default is AUTH. -@@ -1571,13 +1571,13 @@ or - If - .Cm UsePAM - is enabled, you will not be able to run --.Xr sshd 8 -+.Xr sshd 1M - as a non-root user. - The default is - .Dq no . - .It Cm UsePrivilegeSeparation - Specifies whether --.Xr sshd 8 -+.Xr sshd 1M - separates privileges by creating an unprivileged child process - to deal with incoming network traffic. - After successful authentication, another process will be created that has -@@ -1599,7 +1599,7 @@ The default is - .Dq none . - .It Cm X11DisplayOffset - Specifies the first display number available for --.Xr sshd 8 Ns 's -+.Xr sshd 1M Ns 's - X11 forwarding. - This prevents sshd from interfering with real X11 servers. - The default is 10. -@@ -1614,7 +1614,7 @@ The default is - .Pp - When X11 forwarding is enabled, there may be additional exposure to - the server and to client displays if the --.Xr sshd 8 -+.Xr sshd 1M - proxy display is configured to listen on the wildcard address (see - .Cm X11UseLocalhost - below), though this is not the default. -@@ -1625,7 +1625,7 @@ display server may be exposed to attack - forwarding (see the warnings for - .Cm ForwardX11 - in --.Xr ssh_config 5 ) . -+.Xr ssh_config 4 ) . - A system administrator may have a stance in which they want to - protect clients that may expose themselves to attack by unwittingly - requesting X11 forwarding, which can warrant a -@@ -1639,7 +1639,7 @@ X11 forwarding is automatically disabled - is enabled. - .It Cm X11UseLocalhost - Specifies whether --.Xr sshd 8 -+.Xr sshd 1M - should bind the X11 forwarding server to the loopback address or to - the wildcard address. - By default, -@@ -1672,7 +1672,7 @@ The default is - .Pa /usr/X11R6/bin/xauth . - .El - .Sh TIME FORMATS --.Xr sshd 8 -+.Xr sshd 1M - command-line arguments and configuration file options that specify time - may be expressed using a sequence of the form: - .Sm off -@@ -1716,12 +1716,12 @@ Time format examples: - .Bl -tag -width Ds - .It Pa /etc/ssh/sshd_config - Contains configuration data for --.Xr sshd 8 . -+.Xr sshd 1M . - This file should be writable by root only, but it is recommended - (though not necessary) that it be world-readable. - .El - .Sh SEE ALSO --.Xr sshd 8 , -+.Xr sshd 1M , - .Xr pam_unix_session 5 - .Sh AUTHORS - OpenSSH is a derivative of the original and free diff -r 1d0e6cf38844 -r 06e4fcc325a1 components/openssh/patches/016-pam_enhancement.patch --- a/components/openssh/patches/016-pam_enhancement.patch Thu Oct 29 13:35:51 2015 -0700 +++ b/components/openssh/patches/016-pam_enhancement.patch Fri Oct 30 15:07:45 2015 -0700 @@ -633,11 +633,11 @@ The default is @@ -1427,8 +1442,7 @@ If is enabled, you will not be able to run - .Xr sshd 1M + .Xr sshd 8 as a non-root user. -The default is -.Dq no . +On Solaris, the option is always enabled. .It Cm UsePrivilegeSeparation Specifies whether - .Xr sshd 1M + .Xr sshd 8 diff -r 1d0e6cf38844 -r 06e4fcc325a1 components/openssh/patches/024-disable_ed25519.patch --- a/components/openssh/patches/024-disable_ed25519.patch Thu Oct 29 13:35:51 2015 -0700 +++ b/components/openssh/patches/024-disable_ed25519.patch Fri Oct 30 15:07:45 2015 -0700 @@ -1505,7 +1505,7 @@ @@ -275,7 +273,7 @@ though this can be changed via the .Cm Protocol option in - .Xr sshd_config 4 . + .Xr sshd_config 5 . -Protocol 2 supports DSA, ECDSA, Ed25519 and RSA keys; +Protocol 2 supports DSA and RSA keys; protocol 1 only supports RSA keys.