diff options
author | des <des@FreeBSD.org> | 2009-10-01 17:12:52 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2009-10-01 17:12:52 +0000 |
commit | c6a1085feffa5fcd9040272aeae30e7f2466f754 (patch) | |
tree | 927d2417c80c4c448ee45c25269ecab7af8f482e /crypto/openssh/sshd_config.5 | |
parent | 4f56708582006aca1db129a86ef646499265ee9a (diff) | |
parent | 98b8242e22b0fc941b830dcec63d235b01bd46a2 (diff) | |
download | FreeBSD-src-c6a1085feffa5fcd9040272aeae30e7f2466f754.zip FreeBSD-src-c6a1085feffa5fcd9040272aeae30e7f2466f754.tar.gz |
Upgrade to OpenSSH 5.3p1.
Diffstat (limited to 'crypto/openssh/sshd_config.5')
-rw-r--r-- | crypto/openssh/sshd_config.5 | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index 6779f0a..84b0ae8 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -34,9 +34,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.102 2009/02/22 23:59:25 djm Exp $ +.\" $OpenBSD: sshd_config.5,v 1.106 2009/04/21 15:13:17 stevesk Exp $ .\" $FreeBSD$ -.Dd February 22 2009 +.Dd April 21 2009 .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -177,9 +177,9 @@ then no banner is displayed. This option is only available for protocol version 2. By default, no banner is displayed. .It Cm ChallengeResponseAuthentication -Specifies whether challenge-response authentication is allowed. -See also -.Cm UsePAM . +Specifies whether challenge-response authentication is allowed (e.g. via +PAM or though authentication styles supported in +.Xr login.conf 5 ) The default is .Dq yes . .It Cm ChrootDirectory @@ -188,6 +188,9 @@ Specifies a path to to after authentication. This path, and all its components, must be root-owned directories that are not writable by any other user or group. +After the chroot, +.Xr sshd 8 +changes the working directory to the user's home directory. .Pp The path may contain the following tokens that are expanded at runtime once the connecting user has been authenticated: %% is replaced by a literal '%', @@ -197,7 +200,7 @@ the connecting user has been authenticated: %% is replaced by a literal '%', The .Cm ChrootDirectory must contain the necessary files and directories to support the -users' session. +user's session. For an interactive session this requires at least a shell, typically .Xr sh 1 , and basic @@ -215,8 +218,11 @@ devices. For file transfer sessions using .Dq sftp , no additional configuration of the environment is necessary if the -in-process sftp server is used (see -.Cm Subsystem +in-process sftp server is used, +though sessions which use logging do require +.Pa /dev/log +inside the chroot directory (see +.Xr sftp-server 8 for details). .Pp The default is not to @@ -949,7 +955,7 @@ The default is Specifies a string to append to the regular version string to identify OS- or site-specific modifications. The default is -.Dq FreeBSD-20090522 . +.Dq FreeBSD-20091001 . .It Cm X11DisplayOffset Specifies the first display number available for .Xr sshd 8 Ns 's |