Add OpenSSH blurb and some other minor changes.

2 files changed, 30 insertions, 4 deletions

diff --git a/release/texts/alpha/RELNOTES.TXT b/release/texts/alpha/RELNOTES.TXT
index f7cb0ee..e01ebca 100644
--- a/release/texts/alpha/RELNOTES.TXT
+++ b/release/texts/alpha/RELNOTES.TXT
@@ -115,8 +115,8 @@ Support for probabalistic rule matching has been added to IPFW. [MERGED]
 IPFW logging is now dynamic. IPFW logging counts can be reset, and any
 given rule can be given an arbitrary logging limit. [MERGED]
 
-The top-level category "security" has been added, and IPFW now uses
-syslog(3) to log all messages to /var/log/security.
+The top-level syslog(3) category "security" has been added, and IPFW now
+uses syslog(3) to log all messages to /var/log/security.
 
 Driver support has been added for PCI fast ethernet adapters based on
 the Silicon Integrated Systems SiS 900 and SiS 7016 ethernet controllers.
@@ -170,6 +170,10 @@ adapters. This includes PCMCIA, PCI and ISA models.
 1.2. SECURITY FIXES
 -------------------
 
+Numerous security enhancements and fixes have been applied during the
+course of development of FreeBSD 4.0. Most of these have also been
+backported to the 3.x-STABLE series.
+
 A new jail(2) system call and admin command (jail(8)) have been added for
 additional flexibility in creating secure process execution environments.
 
@@ -177,6 +181,15 @@ OpenSSL v0.9.4 (a general-purpose cryptography and SSL2/3/TLSv1 toolkit)
 has been integrated with the base system. In the future this will be used
 to provide strong cryptography for FreeBSD utilities out-of-the-box.
 
+OpenSSH 1.2 has been integrated with the base system. OpenSSH is a free
+(BSD-licensed), full-featured implementation of the SSH v1 protocol, which
+is completely interoperable with other SSH v1 clients and servers, such as
+the /usr/ports/security/ssh port.  OpenSSH provides all of the features of
+this port - in fact it is based on an older release before the software
+became restrictively licensed.  FreeBSD 4.0 provides SSH client/server
+functionality out-of-the-box if you choose to install the 'DES'
+cryptography distribution in sysinstall.
+
 1.3. USERLAND CHANGES
 ---------------------
 
diff --git a/release/texts/i386/RELNOTES.TXT b/release/texts/i386/RELNOTES.TXT
index 4b0a4f5a..8f60626 100644
--- a/release/texts/i386/RELNOTES.TXT
+++ b/release/texts/i386/RELNOTES.TXT
@@ -122,8 +122,8 @@ of independent queues. [MERGED]
 Several fixes to bridging, which now supports clusters of interfaces
 with bridging being done independently within each cluster. [MERGED]
 
-The top-level category "security" has been added, and IPFW now uses
-syslog(3) to log all messages to /var/log/security.
+The top-level syslog(3) category "security" has been added, and IPFW now
+uses syslog(3) to log all messages to /var/log/security.
 
 Driver support has been added for PCI fast ethernet adapters based on
 the Silicon Integrated Systems SiS 900 and SiS 7016 ethernet controllers.
@@ -178,6 +178,10 @@ adapters. This includes PCMCIA, PCI and ISA models.
 1.2. SECURITY FIXES
 -------------------
 
+Numerous security enhancements and fixes have been applied during the
+course of development of FreeBSD 4.0. Most of these have also been
+backported to the 3.x-STABLE series.
+
 A new jail(2) system call and admin command (jail(8)) have been added for
 additional flexibility in creating secure process execution environments.
 
@@ -185,6 +189,15 @@ OpenSSL v0.9.4 (a general-purpose cryptography and SSL2/3/TLSv1 toolkit)
 has been integrated with the base system. In the future this will be used
 to provide strong cryptography for FreeBSD utilities out-of-the-box.
 
+OpenSSH 1.2 has been integrated with the base system. OpenSSH is a free
+(BSD-licensed), full-featured implementation of the SSH v1 protocol, which
+is completely interoperable with other SSH v1 clients and servers, such as
+the /usr/ports/security/ssh port.  OpenSSH provides all of the features of
+this port - in fact it is based on an older release before the software
+became restrictively licensed.  FreeBSD 4.0 provides SSH client/server
+functionality out-of-the-box if you choose to install the 'DES'
+cryptography distribution in sysinstall.
+
 Telnet has a new encrypted authentication mechanism called SRA. SRA
 uses a Diffie-Hellmen exchange to establish a session key, then uses
 that to DES encrypt the username and password. As a side effect the