Vendor import of OpenSSH 4.0p1.

1 files changed, 25 insertions, 12 deletions

diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5
index 09532fb..8d291e6 100644
--- a/crypto/openssh/sshd_config.5
+++ b/crypto/openssh/sshd_config.5
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.35 2004/06/26 09:14:40 jmc Exp $
+.\" $OpenBSD: sshd_config.5,v 1.39 2005/03/01 10:09:52 djm Exp $
 .Dd September 25, 1999
 .Dt SSHD_CONFIG 5
 .Os
@@ -83,6 +83,17 @@ Be warned that some environment variables could be used to bypass restricted
 user environments.
 For this reason, care should be taken in the use of this directive.
 The default is not to accept any environment variables.
+.It Cm AddressFamily
+Specifies which address family should be used by
+.Nm sshd .
+Valid arguments are
+.Dq any ,
+.Dq inet
+(use IPv4 only) or
+.Dq inet6
+(use IPv6 only).
+The default is
+.Dq any .
 .It Cm AllowGroups
 This keyword can be followed by a list of group name patterns, separated
 by spaces.
@@ -245,12 +256,15 @@ This prevents other remote hosts from connecting to forwarded ports.
 .Cm GatewayPorts
 can be used to specify that
 .Nm sshd
-should bind remote port forwardings to the wildcard address,
-thus allowing remote hosts to connect to forwarded ports.
-The argument must be
+should allow remote port forwardings to bind to non-loopback addresses, thus
+allowing other hosts to connect.
+The argument may be
+.Dq no
+to force remote port forwardings to be available to the local host only,
 .Dq yes
-or
-.Dq no .
+to force remote port forwardings to bind to the wildcard address, or
+.Dq clientspecified
+to allow the client to select the address to which the forwarding is bound.
 The default is
 .Dq no .
 .It Cm GSSAPIAuthentication
@@ -455,7 +469,7 @@ server allows login to accounts with empty password strings.
 The default is
 .Dq no .
 .It Cm PermitRootLogin
-Specifies whether root can login using
+Specifies whether root can log in using
 .Xr ssh 1 .
 The argument must be
 .Dq yes ,
@@ -468,9 +482,7 @@ The default is
 .Pp
 If this option is set to
 .Dq without-password
-password authentication is disabled for root.  Note that other authentication
-methods (e.g., keyboard-interactive/PAM) may still allow root to login using
-a password.
+password authentication is disabled for root.
 .Pp
 If this option is set to
 .Dq forced-commands-only
@@ -484,7 +496,7 @@ All other authentication methods are disabled for root.
 .Pp
 If this option is set to
 .Dq no
-root is not allowed to login.
+root is not allowed to log in.
 .It Cm PermitUserEnvironment
 Specifies whether
 .Pa ~/.ssh/environment
@@ -516,7 +528,8 @@ See also
 .It Cm PrintLastLog
 Specifies whether
 .Nm sshd
-should print the date and time when the user last logged in.
+should print the date and time of the last user login when a user logs
+in interactively.
 The default is
 .Dq yes .
 .It Cm PrintMotd