sync with sshd_config

2 files changed, 17 insertions, 13 deletions

diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index eb1b20e72d8..d4cfbac4feb 100644
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$Id: servconf.c,v 1.29 2000/01/04 00:07:59 markus Exp $");
+RCSID("$Id: servconf.c,v 1.30 2000/02/24 18:22:16 markus Exp $");
 
 #include "ssh.h"
 #include "servconf.h"
@@ -87,7 +87,7 @@ fill_default_server_options(ServerOptions *options)
 	if (options->permit_root_login == -1)
 		options->permit_root_login = 1;			/* yes */
 	if (options->ignore_rhosts == -1)
-		options->ignore_rhosts = 0;
+		options->ignore_rhosts = 1;
 	if (options->ignore_user_known_hosts == -1)
 		options->ignore_user_known_hosts = 0;
 	if (options->check_mail == -1)
@@ -95,9 +95,9 @@ fill_default_server_options(ServerOptions *options)
 	if (options->print_motd == -1)
 		options->print_motd = 1;
 	if (options->x11_forwarding == -1)
-		options->x11_forwarding = 1;
+		options->x11_forwarding = 0;
 	if (options->x11_display_offset == -1)
-		options->x11_display_offset = 1;
+		options->x11_display_offset = 10;
 	if (options->strict_modes == -1)
 		options->strict_modes = 1;
 	if (options->keepalives == -1)
@@ -109,7 +109,7 @@ fill_default_server_options(ServerOptions *options)
 	if (options->rhosts_authentication == -1)
 		options->rhosts_authentication = 0;
 	if (options->rhosts_rsa_authentication == -1)
-		options->rhosts_rsa_authentication = 1;
+		options->rhosts_rsa_authentication = 0;
 	if (options->rsa_authentication == -1)
 		options->rsa_authentication = 1;
 #ifdef KRB4
@@ -133,7 +133,7 @@ fill_default_server_options(ServerOptions *options)
 		options->skey_authentication = 1;
 #endif
 	if (options->permit_empty_passwd == -1)
-		options->permit_empty_passwd = 1;
+		options->permit_empty_passwd = 0;
 	if (options->use_login == -1)
 		options->use_login = 0;
 }
diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8
index 7aa9cf4b0ce..3f23a6cb478 100644
--- a/usr.bin/ssh/sshd.8
+++ b/usr.bin/ssh/sshd.8
@@ -9,7 +9,7 @@
 .\"
 .\" Created: Sat Apr 22 21:55:14 1995 ylo
 .\"
-.\" $Id: sshd.8,v 1.33 2000/02/21 14:19:09 deraadt Exp $
+.\" $Id: sshd.8,v 1.34 2000/02/24 18:22:16 markus Exp $
 .\"
 .Dd September 25, 1999
 .Dt SSHD 8
@@ -258,13 +258,16 @@ Note that
 .Nm
 does not start if this file is group/world-accessible.
 .It Cm IgnoreRhosts
-Specifies that rhosts and shosts files will not be used in
-authentication.
+Specifies that
+.Pa .rhosts
+and 
+.Pa .shosts
+files will not be used in authentication.
 .Pa /etc/hosts.equiv
 and
 .Pa /etc/shosts.equiv 
 are still used.  The default is 
-.Dq no .
+.Dq yes .
 .It Cm IgnoreUserKnownHosts
 Specifies whether
 .Nm
@@ -352,7 +355,7 @@ The default is
 When password authentication is allowed, it specifies whether the
 server allows login to accounts with empty password strings.  The default
 is
-.Dq yes .
+.Dq no .
 .It Cm PermitRootLogin
 Specifies whether the root can log in using
 .Xr ssh 1 .
@@ -403,7 +406,7 @@ The default is
 .It Cm RhostsRSAAuthentication
 Specifies whether rhosts or /etc/hosts.equiv authentication together
 with successful RSA host authentication is allowed.  The default is
-.Dq yes .
+.Dq no .
 .It Cm RSAAuthentication
 Specifies whether pure RSA authentication is allowed.  The default is
 .Dq yes .
@@ -442,9 +445,10 @@ Specifies the first display number available for
 X11 forwarding.  This prevents
 .Nm
 from interfering with real X11 servers.
+The default is 10.
 .It Cm X11Forwarding
 Specifies whether X11 forwarding is permitted.  The default is
-.Dq yes .
+.Dq no .
 Note that disabling X11 forwarding does not improve security in any
 way, as users can always install their own forwarders.
 .El