diff options
Diffstat (limited to 'crypto/openssh/sshd.8')
-rw-r--r-- | crypto/openssh/sshd.8 | 34 |
1 files changed, 16 insertions, 18 deletions
diff --git a/crypto/openssh/sshd.8 b/crypto/openssh/sshd.8 index 37a7b58..e6f2410 100644 --- a/crypto/openssh/sshd.8 +++ b/crypto/openssh/sshd.8 @@ -34,7 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.186 2002/06/22 16:45:29 stevesk Exp $ +.\" $OpenBSD: sshd.8,v 1.184 2002/06/20 19:56:07 stevesk Exp $ +.\" $FreeBSD$ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -65,7 +66,7 @@ install and use as possible. .Nm is the daemon that listens for connections from clients. It is normally started at boot from -.Pa /etc/rc . +.Pa /etc/rc.d/sshd . It forks a new daemon for each incoming connection. The forked daemons handle @@ -340,8 +341,9 @@ section). If the login is on a tty, records login time. .It Checks -.Pa /etc/nologin ; -if it exists, prints contents and quits +.Pa /etc/nologin and +.Pa /var/run/nologin ; +if one exists, it prints the contents and quits (unless root). .It Changes to run with normal user privileges. @@ -359,11 +361,12 @@ If exists, runs it; else if .Pa /etc/ssh/sshrc exists, runs -it; otherwise runs xauth. +it; otherwise runs +.Xr xauth 1 . The .Dq rc files are given the X11 -authentication protocol and cookie in standard input. +authentication protocol and cookie (if applicable) in standard input. .It Runs user's shell or command. .El @@ -498,7 +501,7 @@ command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hu permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323 .Sh SSH_KNOWN_HOSTS FILE FORMAT The -.Pa /etc/ssh/ssh_known_hosts , +.Pa /etc/ssh/ssh_known_hosts and .Pa $HOME/.ssh/known_hosts files contain host public keys for all known hosts. @@ -576,20 +579,13 @@ really used for anything; they are provided for the convenience of the user so their contents can be copied to known hosts files. These files are created using .Xr ssh-keygen 1 . -.It Pa /etc/moduli +.It Pa /etc/ssh/moduli Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". -.It Pa /var/empty -.Xr chroot 2 -directory used by -.Nm -during privilege separation in the pre-authentication phase. -The directory should not contain any files and must be owned by root -and not group or world-writable. .It Pa /var/run/sshd.pid Contains the process ID of the .Nm listening for connections (if there are several daemons running -concurrently for different ports, this contains the process ID of the one +concurrently for different ports, this contains the pid of the one started last). The content of this file is not sensitive; it can be world-readable. .It Pa $HOME/.ssh/authorized_keys @@ -686,7 +682,7 @@ The only valid use for user names that I can think of is in negative entries. .Pp Note that this warning also applies to rsh/rlogin. -.It Pa /etc/shosts.equiv +.It Pa /etc/ssh/shosts.equiv This is processed exactly as .Pa /etc/hosts.equiv . However, this file may be useful in environments that want to run both @@ -699,7 +695,9 @@ and assignment lines of the form name=value. The file should be writable only by the user; it need not be readable by anyone else. .It Pa $HOME/.ssh/rc -If this file exists, it is run with /bin/sh after reading the +If this file exists, it is run with +.Pa /bin/sh +after reading the environment files but before starting the user's shell or command. It must not produce any output on stdout; stderr must be used instead. |