- remove all trailing whitespace

     * except when it is escaped with a `\' at the end of the line
- fix remaining .Nm usage as well
- this is from a patch I received from kwesterback@home.com, who has been
  working on some scripts for fixing formatting errors in mdoc'd man pages

Ok, so there could be a cost/benefit debate with this commit, but since I have
the patch we might as well commit it...

18 files changed, 95 insertions, 95 deletions

diff --git a/share/man/man8/afterboot.8 b/share/man/man8/afterboot.8
index a5724164ceb..9c1fdd09204 100644
--- a/share/man/man8/afterboot.8
+++ b/share/man/man8/afterboot.8
@@ -18,7 +18,7 @@ For example, to view the manual page on the
 .Xr ls 1
 command, type:
 .Ic man 1 ls .
-.\" 
+.\"
 .\" XXX This should be an enumerated list
 .\"
 .Ss Login
@@ -467,7 +467,7 @@ Check what is running by typing
 as root
 and see if anything unexpected is present.
 Do you need anything else?  Do you wish to change things?  e.g. if you do not
-like root getting standard output of the daily scripts, and want only 
+like root getting standard output of the daily scripts, and want only
 the security scripts that are mailed internally, you can type
 .Ic crontab -e
 and change some of the lines to read:
@@ -648,7 +648,7 @@ etc.
 .Xr route 8 ,
 .Xr umount 8 ,
 .Xr vipw 8 ,
-.Xr ypbind 8 
+.Xr ypbind 8
 .Sh HISTORY
 This document first appeared in
 .Ox 2.2 .
diff --git a/share/man/man8/boot_config.8 b/share/man/man8/boot_config.8
index 80c578549a1..f4c4694409d 100644
--- a/share/man/man8/boot_config.8
+++ b/share/man/man8/boot_config.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: boot_config.8,v 1.8 1999/05/23 14:11:24 aaron Exp $
+.\"	$OpenBSD: boot_config.8,v 1.9 1999/07/09 13:35:36 aaron Exp $
 .\"
 .\" Copyright (c) 1996 Mats O Jansson
 .\" All rights reserved.
@@ -50,7 +50,7 @@ option when OpenBSD prompts for a kernel to boot:
 use ? for file list, or carriage return for defaults
 use hd(1,a)/bsd to boot sd0 when sd0 is also installed
 .No "Boot: [[[wd(0,a)]/bsd][-abcdrs]] :" Ic -c
-Booting... 
+Booting...
 avail mem = 28188672
 using 430 buffers containing 1761280 bytes of memory
 User Kernel Config
@@ -163,7 +163,7 @@ an attribute.
 UKC>
 .Ed
 .Pp
-It is possible to add new devices, but only devices that were linked into the 
+It is possible to add new devices, but only devices that were linked into the
 kernel. If a new device is added, following devices will be renumbered.
 .Pp
 .Bd -literal
diff --git a/share/man/man8/compat_freebsd.8 b/share/man/man8/compat_freebsd.8
index 47fcaa10c05..f663b34c6c1 100644
--- a/share/man/man8/compat_freebsd.8
+++ b/share/man/man8/compat_freebsd.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: compat_freebsd.8,v 1.5 1998/09/13 03:50:23 aaron Exp $
+.\"	$OpenBSD: compat_freebsd.8,v 1.6 1999/07/09 13:35:36 aaron Exp $
 .\"	$NetBSD: compat_linux.8,v 1.1 1995/03/05 23:30:36 fvdl Exp $
 .\"
 .\" Copyright (c) 1995 Frank van der Linden
@@ -39,9 +39,9 @@
 .Sh DESCRIPTION
 OpenBSD supports running FreeBSD binaries. Most binaries should work,
 except programs that use FreeBSD-specific features. These include
-i386-specific calls, such as syscons utilities, and audio devices. 
+i386-specific calls, such as syscons utilities, and audio devices.
 .Pp
-The FreeBSD compatibility feature is active for kernels compiled 
+The FreeBSD compatibility feature is active for kernels compiled
 with the
 .Nm COMPAT_FREEBSD
 option enabled.
@@ -165,8 +165,8 @@ they don't conflict with their OpenBSD counterparts. A good idea
 would be to install them in /usr/local/bin as ldconfig-freebsd and
 ldd-freebsd.
 .Pp
-Run the FreeBSD ldconfig program with directory arguments in 
-which the FreeBSD runtime linker should look for shared libs. 
+Run the FreeBSD ldconfig program with directory arguments in
+which the FreeBSD runtime linker should look for shared libs.
 /usr/lib are standard, you could run like the following:
 .Pp
 .Bl -tag -width 123 -compact -offset indent
@@ -175,10 +175,10 @@ which the FreeBSD runtime linker should look for shared libs.
 .It me@openbsd% ldconfig-freebsd /usr/X11R6/lib /usr/local/lib
 .El
 .Pp
-Note that argument directories of ldconfig are 
+Note that argument directories of ldconfig are
 mapped to /emul/freebsd/XXXX by
 OpenBSD's compat code, and should exist as such on your system.
-Make sure /emul/freebsd/var/run/ld.so.hints exists when you run 
+Make sure /emul/freebsd/var/run/ld.so.hints exists when you run
 FreeBSD's ldconfig, if not, you may lose OpenBSD's /var/run/ld.so.hints.
 
 FreeBSD ldconfig should be statically
@@ -264,7 +264,7 @@ libXt.so.6.0           XFree86-3.1.1/X311bin.tgz
 .\" libXt.so.3             oldlibs
 .Ed
 .Pp
-The Files called ``bindist.??'' are tar-ed, gzipped and split, 
+The Files called ``bindist.??'' are tar-ed, gzipped and split,
 so you can extract contents by ``cat bindist.?? | tar zpxf -''.
 .Pp
 Extract the files from these gzipped tarfiles in your /emul/freebsd directory
diff --git a/share/man/man8/compat_svr4.8 b/share/man/man8/compat_svr4.8
index a43dd6de7ba..e946c32a223 100644
--- a/share/man/man8/compat_svr4.8
+++ b/share/man/man8/compat_svr4.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: compat_svr4.8,v 1.6 1999/05/23 14:11:24 aaron Exp $
+.\"	$OpenBSD: compat_svr4.8,v 1.7 1999/07/09 13:35:36 aaron Exp $
 .\"	$NetBSD: compat_svr4.8,v 1.1 1996/07/06 17:14:50 christos Exp $
 .\"
 .\" Copyright (c) 1996 Christos Zoulas
@@ -30,7 +30,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\"	Stolen from compat_linux.8,v 1.2 1995/10/16 20:17:59 fvdl 
+.\"	Stolen from compat_linux.8,v 1.2 1995/10/16 20:17:59 fvdl
 .\"
 .Dd July 6, 1996
 .Dt compat_svr4 8
diff --git a/share/man/man8/compat_ultrix.8 b/share/man/man8/compat_ultrix.8
index 9740e811d0c..d3a987f00aa 100644
--- a/share/man/man8/compat_ultrix.8
+++ b/share/man/man8/compat_ultrix.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: compat_ultrix.8,v 1.5 1999/05/23 14:11:27 aaron Exp $
+.\"	$OpenBSD: compat_ultrix.8,v 1.6 1999/07/09 13:35:36 aaron Exp $
 .\"
 .\" Copyright (c) 1997 Jonathan Stone
 .\" All rights reserved.
@@ -46,11 +46,11 @@ Most executables will work.  The exceptions include programs that use
 proprietary, Ultrix-specific features (LAT, CI support, DECnet
 support) and various system calls, ioctl()'s, or Ultrix kernel
 semantics that are difficult to emulate (e.g., Ultrix packetfilter) or
-buggy (e.g., Ultrix YP). 
+buggy (e.g., Ultrix YP).
 .Pp
 All Ultrix executables are static, so no shared libraries are required
 for Ultrix compatiblity. However, Ultrix is based on a
-.Bx 4.3 
+.Bx 4.3
 alpha
 release.  Ultrix commands and libraries are often much older than
 their OpenBSD or even SunOS 4.x equivalents, and may require incompatible
@@ -88,7 +88,7 @@ lookups for all Ultrix name services.
 .Sh BUGS
 RISC Ultrix YP(NIS) is known to not work.  The Ultrix YP libraries have
 a consistent endian-ness bug. Ultrix YP client will not inter-operate
-with the OpenBSD 
+with the OpenBSD
 .Xr ypbind 8
 process.  The only workaround is to use
 /etc/svc.conf to disable YP(NIS).
@@ -96,7 +96,7 @@ process.  The only workaround is to use
 The ndbm hashed-password file used by Ultrix are incompatible with the
 db hashed-password file used by OpenBSD. There is no good solution for
 this. (YP would be a good one, if Ultrix YP worked.)
-.Pp 
+.Pp
 The API used by Xservers to talk to the kernel is currently compatible
 with Ultrix 4.1.  An implementation of the Ultrix 4.2 Xws interface
 (used by X11R6) is in progress.
diff --git a/share/man/man8/diskless.8 b/share/man/man8/diskless.8
index 98f3105c8ed..bdd68df3ea2 100644
--- a/share/man/man8/diskless.8
+++ b/share/man/man8/diskless.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: diskless.8,v 1.8 1999/05/07 22:03:09 jason Exp $
+.\"	$OpenBSD: diskless.8,v 1.9 1999/07/09 13:35:36 aaron Exp $
 .\"	$NetBSD: diskless.8,v 1.7.4.1 1996/05/30 18:58:10 cgd Exp $
 .\"
 .\"
@@ -152,7 +152,7 @@ Assuming the client's hostname is to be
 .Pp
 .Bl -tag -width 2.1 -compact
 .It 1.
-Add an entry to 
+Add an entry to
 .Pa /etc/ethers
 corresponding to the client's ethernet address:
 .Bd -literal -offset indent -compact
diff --git a/share/man/man8/makedev.8 b/share/man/man8/makedev.8
index f490ee79d05..cba183047a9 100644
--- a/share/man/man8/makedev.8
+++ b/share/man/man8/makedev.8
@@ -45,10 +45,10 @@
 .Sh DESCRIPTION
 .Nm MAKEDEV
 is a shell script normally used to install
-special files.  It resides in the 
+special files.  It resides in the
 .Pa /dev
 directory, as this is the normal location of special files.
-Arguments to 
+Arguments to
 .Nm MAKEDEV
 are usually of the form
 .Ar device-name Ns Sy \&?
@@ -83,7 +83,7 @@ console cassette device(s),
 devices would be made for the appropriate system.
 .It Sy local
 Create those devices specific to the local site.  This
-request causes the shell file 
+request causes the shell file
 .Pa /dev/MAKEDEV.local
 to be executed.  Site specific commands, such as those
 used to setup dialup lines as
@@ -92,7 +92,7 @@ should be included
 in this file.
 .El
 .Pp
-Since all devices are created using 
+Since all devices are created using
 .Xr mknod 8 ,
 this shell script is useful only to the super-user.
 .Sh DIAGNOSTICS
diff --git a/share/man/man8/man8.atari/MAKEDEV.8 b/share/man/man8/man8.atari/MAKEDEV.8
index f6c172e8b87..7ef92d8e5fb 100644
--- a/share/man/man8/man8.atari/MAKEDEV.8
+++ b/share/man/man8/man8.atari/MAKEDEV.8
@@ -145,5 +145,5 @@ The special file directory.
 .Sh SEE ALSO
 .Xr intro 4 ,
 .Xr config 8 ,
-.Xr mknod 8 , 
+.Xr mknod 8 ,
 .Xr special 8
diff --git a/share/man/man8/man8.hp300/MAKEDEV.8 b/share/man/man8/man8.hp300/MAKEDEV.8
index 31e94a32bba..52fc332d4d7 100644
--- a/share/man/man8/man8.hp300/MAKEDEV.8
+++ b/share/man/man8/man8.hp300/MAKEDEV.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: MAKEDEV.8,v 1.6 1999/05/23 14:11:23 aaron Exp $
+.\"	$OpenBSD: MAKEDEV.8,v 1.7 1999/07/09 13:35:35 aaron Exp $
 .\"
 .\" Copyright (c) 1997, Jason Downs.  All rights reserved.
 .\"
@@ -76,7 +76,7 @@
 .Sh DESCRIPTION
 The shell script
 .Nm MAKEDEV ,
-found in the 
+found in the
 .Pa /dev
 directory, is used to create the common special files.
 See
@@ -161,5 +161,5 @@ The special file directory.
 .Sh SEE ALSO
 .Xr intro 4 ,
 .Xr config 8 ,
-.Xr mknod 8 , 
+.Xr mknod 8 ,
 .Xr special 8
diff --git a/share/man/man8/man8.hp300/crash.8 b/share/man/man8/man8.hp300/crash.8
index d72ec57e986..c9968efe239 100644
--- a/share/man/man8/man8.hp300/crash.8
+++ b/share/man/man8/man8.hp300/crash.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: crash.8,v 1.3 1999/06/05 04:16:07 aaron Exp $
+.\"	$OpenBSD: crash.8,v 1.4 1999/07/09 13:35:35 aaron Exp $
 .\"
 .\" Copyright (c) 1990, 1991 Regents of the University of California.
 .\" All rights reserved.
@@ -197,7 +197,7 @@ for details.
 .Pp
 To analyze a dump you should begin by running
 .Xr adb 1
-with the 
+with the
 .Fl k
 flag on the system load image and core dump.
 If the core image is the result of a panic,
diff --git a/share/man/man8/man8.i386/MAKEDEV.8 b/share/man/man8/man8.i386/MAKEDEV.8
index e04049aee75..69e61df9b07 100644
--- a/share/man/man8/man8.i386/MAKEDEV.8
+++ b/share/man/man8/man8.i386/MAKEDEV.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: MAKEDEV.8,v 1.9 1999/05/23 14:11:23 aaron Exp $
+.\"	$OpenBSD: MAKEDEV.8,v 1.10 1999/07/09 13:35:36 aaron Exp $
 .\"
 .\" Copyright (c) 1997, Jason Downs.  All rights reserved.
 .\"
@@ -186,5 +186,5 @@ The special file directory.
 .Sh SEE ALSO
 .Xr intro 4 ,
 .Xr config 8 ,
-.Xr mknod 8 , 
+.Xr mknod 8 ,
 .Xr special 8
diff --git a/share/man/man8/man8.i386/boot.com.8 b/share/man/man8/man8.i386/boot.com.8
index ccc926fd996..5a6c514f767 100644
--- a/share/man/man8/man8.i386/boot.com.8
+++ b/share/man/man8/man8.i386/boot.com.8
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: boot.com.8,v 1.3 1999/05/23 14:11:23 aaron Exp $
+.\"     $OpenBSD: boot.com.8,v 1.4 1999/07/09 13:35:36 aaron Exp $
 .\"
 .\" Copyright (c) 1989, 1990, 1993
 .\"     The Regents of the University of California.  All rights reserved.
@@ -59,7 +59,7 @@ that time, the default kernel
 .Em bsd
 is loaded from the root directory of the DOS C: partition.
 .Sh CAVEATS
-The file 
+The file
 .Pa /usr/mdec/boot.com
 and a valid kernel file must be copied to the root directory
 of the DOS C: partition.
diff --git a/share/man/man8/man8.sun3/MAKEDEV.8 b/share/man/man8/man8.sun3/MAKEDEV.8
index b0359ccb25f..be3e7626ead 100644
--- a/share/man/man8/man8.sun3/MAKEDEV.8
+++ b/share/man/man8/man8.sun3/MAKEDEV.8
@@ -132,5 +132,5 @@ The special file directory.
 .Sh SEE ALSO
 .Xr intro 4 ,
 .Xr config 8 ,
-.Xr mknod 8 , 
+.Xr mknod 8 ,
 .Xr special 8
diff --git a/share/man/man8/man8.vax/drtest.8 b/share/man/man8/man8.vax/drtest.8
index 72af19331ef..fc930e032e8 100644
--- a/share/man/man8/man8.vax/drtest.8
+++ b/share/man/man8/man8.vax/drtest.8
@@ -30,7 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     from: @(#)drtest.8	6.3 (Berkeley) 3/16/91
-.\"	$Id: drtest.8,v 1.3 1999/05/23 14:11:22 aaron Exp $
+.\"	$Id: drtest.8,v 1.4 1999/07/09 13:35:35 aaron Exp $
 .\"
 .Dd March 16, 1991
 .Dt DRTEST 8
@@ -40,19 +40,19 @@
 .Nd standalone disk test program
 .Sh DESCRIPTION
 .Nm Drtest
-is a standalone program used to read a disk 
-track by track. 
-It was primarily intended as a test program 
+is a standalone program used to read a disk
+track by track.
+It was primarily intended as a test program
 for new standalone drivers, but has shown
-useful in other contexts as well, such as 
+useful in other contexts as well, such as
 verifying disks and running speed
 tests. For example, when a disk has been formatted
 (by
 .Xr format 8 ) ,
 you can check that
-hard errors has been taken care of by running 
+hard errors has been taken care of by running
 .Nm drtest .
-No hard errors should be found, but in many cases 
+No hard errors should be found, but in many cases
 quite a few soft
 .Tn ECC
 errors will be reported.
@@ -62,10 +62,10 @@ While
 is running, the cylinder number is printed on
 the console for every 10th cylinder read.
 .Sh EXAMPLE
-A sample run of 
+A sample run of
 .Xr drtest
-is shown below.  
-In this example (using a 750), 
+is shown below.
+In this example (using a 750),
 .Nm drtest
 is loaded from the root file system;
 usually it
@@ -76,7 +76,7 @@ As usual, ``#'' and ``@'' may be used to edit input.
 .Bd -unfilled -offset indent -compact
 .Li \&>>> Ns Sy B/3
 .Li \&%%
-.Li \&loading hk(0,0)boot 
+.Li \&loading hk(0,0)boot
 .Li \&Boot
 .Li \&: Sy \&hk(0,0)drtest
 .Li Test program for stand-alone up and hp driver
@@ -94,11 +94,11 @@ As usual, ``#'' and ``@'' may be used to edit input.
 .Em (...to abort halt machine with \&^P)
 .Ed
 .Sh DIAGNOSTICS
-The diagnostics are intended to be self explanatory. Note, however, that 
+The diagnostics are intended to be self explanatory. Note, however, that
 the device number
 in the diagnostic messages is identified as
 .Em typeX
-instead of 
+instead of
 .Em type(a,u)
 where
 .Ar X
diff --git a/share/man/man8/rc.8 b/share/man/man8/rc.8
index 497c401faba..90377593691 100644
--- a/share/man/man8/rc.8
+++ b/share/man/man8/rc.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: rc.8,v 1.5 1999/05/23 14:11:23 aaron Exp $
+.\"	$OpenBSD: rc.8,v 1.6 1999/07/09 13:35:36 aaron Exp $
 .\"
 .\" Copyright (c) 1980, 1991, 1993
 .\"	The Regents of the University of California.  All rights reserved.
@@ -50,7 +50,7 @@ is the command script that is invoked by
 .Xr init 8
 during an automatic reboot and after single user mode is exited;
 it performs system housekeeping chores and starts up system daemons.
-.Nm rc.local 
+.Nm rc.local
 is the script holding commands which are pertinent only
 to a specific site.
 .Nm rc.securelevel
diff --git a/share/man/man8/rc.conf.8 b/share/man/man8/rc.conf.8
index 70a0e3c565b..04d3c96f543 100644
--- a/share/man/man8/rc.conf.8
+++ b/share/man/man8/rc.conf.8
@@ -42,7 +42,7 @@ series in order to set shell variables used therein
 to control the behaviour of the scripts.
 .Pp
 There are three sections in this file. The first is used to turn features
-on or off. For example, whether the system runs the 
+on or off. For example, whether the system runs the
 .Nm sendmail
 daemon is determined by the line in this section
 .Bd -literal -indent xxx
@@ -82,7 +82,7 @@ nfsd_flags="-tun 4"
 .Ed
 provides command-line arguments for the nfs server.
 .Pp
-This particular line instructs 
+This particular line instructs
 .Xr nfsd 8
 to start four copies of the server.
 On a busy file server, 8 (or more) copies are recommended.
@@ -93,7 +93,7 @@ On a busy file server, 8 (or more) copies are recommended.
 and the detailed documentation given for each server that is
 configurable in this fashion.
 .Sh HISTORY
-The file 
+The file
 .Nm rc.conf
 first appeared in
 .Ox 2.2 .
diff --git a/share/man/man8/ssl.8 b/share/man/man8/ssl.8
index b8d08b88cbf..cc47fc20b8a 100644
--- a/share/man/man8/ssl.8
+++ b/share/man/man8/ssl.8
@@ -5,9 +5,9 @@
 .Nm ssl
 .Nd details for libssl and libcrypto
 .Sh DESCRIPTION
-This document describes some of the issues relating to the use of 
+This document describes some of the issues relating to the use of
 Eric Young's libssl and libcrypto libraries. This document
-is intended as an overview of what the libraries do, what uses them, 
+is intended as an overview of what the libraries do, what uses them,
 and the slightly unorthodox way of upgrading the library.
 .Pp
 The SSL libraries (libssl and libcrypto) implement the
@@ -23,7 +23,7 @@ are most
 commonly used by the
 .Ar https
 protocol for encrypted web transactions.
-Due to patent issues in the United States, there are 
+Due to patent issues in the United States, there are
 problems with shipping a fully functional implementation of these
 protocols anywhere in the world, as such shipment would include shipping
 .Ar into
@@ -69,7 +69,7 @@ is
 .Pp
 The
 .Ar https
-protocol used by web browsers (in modern incarnations), 
+protocol used by web browsers (in modern incarnations),
 allows for the use of
 .Ar SSL version 3
 and
@@ -115,8 +115,8 @@ The most common uses of
 will require you to generate a server certificate, which is provided by your
 host as evidence of its identity when clients make new connections. The
 certificates reside in the
-.Pa /etc/ssl 
-directory, with the keys in the 
+.Pa /etc/ssl
+directory, with the keys in the
 .Pa /etc/ssl/private
 directory.
 .Pp
@@ -124,7 +124,7 @@ Private keys can be encrypted using
 .Ar 3DES
 and a passphrase to protect their integrity should the encrypted file
 be disclosed, However it is
-important to note that encrypted server keys mean that the passphrase 
+important to note that encrypted server keys mean that the passphrase
 needs to be typed in every time the server is started. If a passphrase
 is not used, you will need to be absolutely sure your key file
 is kept secure.
@@ -170,11 +170,11 @@ shared libraries to support
 as described above. Once that is done,
 you can generate
 .Ar RSA
-certificates that will be usable by 
+certificates that will be usable by
 .Xr httpd 8
 for
 .Ar https
-transactions. 
+transactions.
 .Bd -literal -offset indent
 # ssleay genrsa -out /etc/ssl/private/server.key 1024
 .Ed
@@ -184,7 +184,7 @@ have to type in when starting servers
 .Bd -literal -offset indent
 # ssleay genrsa -des3 -out /etc/ssl/private/server.key 1024
 .Ed
-.Pp 
+.Pp
 The next step is to generate a
 .Ar Certificate Signing Request
 which is used
@@ -201,7 +201,7 @@ This
 .Pa server.csr
 file can then be given to
 .Ar Certifying Authority
-who will sign the key. One such CA is 
+who will sign the key. One such CA is
 .Ar Thawte Certification
 which you can reach at
 .Ar http://www.thawte.com/.
@@ -214,11 +214,11 @@ You can also sign the key yourself, using the command:
   -signkey /etc/ssl/private/server.key -out /etc/ssl/server.crt
 .Ed
 .Pp
-With 
+With
 .Pa /etc/ssl/server.crt
-and 
+and
 .Pa /etc/ssl/private/server.key
-in place, you should be able to start 
+in place, you should be able to start
 .Xr httpd 8
 with the
 .Ar -DSSL
@@ -228,13 +228,13 @@ transactions with your machine on port 443.
 .Sh BUGS
 .Pp
 .Nm ssleay
-and 
+and
 .Nm libssl
 have nearly nonexistent documentation.
 Most documentation consists of examples and README files in
 the sources.  Mail beck@openbsd.org to assist or
 encourage him to finish the job.
-.Pp 
+.Pp
 The world needs more
 .Ar DSA
 capable
diff --git a/share/man/man8/vpn.8 b/share/man/man8/vpn.8
index 25438d045fe..fc41f1da160 100644
--- a/share/man/man8/vpn.8
+++ b/share/man/man8/vpn.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: vpn.8,v 1.22 1999/07/07 20:04:31 kjell Exp $
+.\" $OpenBSD: vpn.8,v 1.23 1999/07/09 13:35:36 aaron Exp $
 .\" Copyright 1998 Niels Provos <provos@physnet.uni-hamburg.de>
 .\" All rights reserved.
 .\"
@@ -42,19 +42,19 @@ linked via a cryptographically secured tunnel to the security gateway of
 the other subnet.
 .Xr ipsec 4
 is used to provide the necessary network-layer cryptographic services.
-This document describes the configuration process for setting up a 
+This document describes the configuration process for setting up a
 .Nm VPN .
 .Pp
 Briefly, creating a VPN consists of the following steps
 .Bl -enum -compact
 .It
-Choose a key exchange method: manual keyed or 
+Choose a key exchange method: manual keyed or
 .Xr photurisd 8
 .It
 Create a Security Association (SA) for each endpoint
 .It
 Create the appropriate IPSec flows
-.It 
+.It
 Configure your firewall rules appropriately
 .El
 .Ss Choosing a key exchange method
@@ -68,7 +68,7 @@ manual (symmetric shared secret)
 .El
 .Pp
 At present VPNs between private (RFC 1918) networks must use
-manual keying, as  
+manual keying, as
 .Xr photurisd 8
 can only be used if the IP address of the security gateway actually
 falls within the range of addresses being tunnelled to.
@@ -76,11 +76,11 @@ This can clearly never occur if the addresses being tunnelled to
 are non-routable private networks.
 .Ss Generating Manual Keys
 The shared secret symmetric keys used to create a VPN can
-be any hexadecimal value, so long as both sides of the connection use 
-the same values. Since the security of the VPN is based on these keys 
+be any hexadecimal value, so long as both sides of the connection use
+the same values. Since the security of the VPN is based on these keys
 being unguessable, it is very important that the keys be chosen using a
 strong random source. One practical method of generating them
-is by using the 
+is by using the
 .Xr random 4
 device. To produce 160 bits of randomness, for example, do a:
 .Bd -literal
@@ -129,7 +129,7 @@ ipsecadm new esp -spi SPI_OUT -src A_EXTERNAL_IP
          -dst B_EXTERNAL_IP -forcetunnel
          -enc 3des -auth sha1
          -key ENCRYPTION_KEY -authkey AUTHENTICATION_KEY
-   
+
 ipsecadm new esp -spi SPI_IN -src B_EXTERNAL_IP
          -dst A_EXTERNAL_IP -forcetunnel
          -enc 3des -auth sha1
@@ -139,7 +139,7 @@ ipsecadm new esp -spi SPI_IN -src B_EXTERNAL_IP
 .Ss Creating IPSec Flows
 Both IPsec gateways need to configure
 .Xr ipsec 4
-routes with the 
+routes with the
 .Xr ipsecadm 8
 tool:
 .Pp
@@ -175,28 +175,28 @@ ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_OUT -proto esp
                A_EXTERNAL_IP 255.255.255.255
 .Ed
 .Pp
-Furthermore, unless manual keying is used, 
+Furthermore, unless manual keying is used,
 both security gateways need to start the
 .Xr photurisd 8
 key management daemon with the
 .Fl v
-flag and make sure it is configured properly on both sides to 
+flag and make sure it is configured properly on both sides to
 provide the required security services (typically, encryption and
 authentication).
 .Ss Configuring Firewall Rules
 .Xr ipf 8
 needs to be configured such that all packets from the outside are blocked
-by default. Only successfully IPSec-processed packets (from the 
-.Nm enc0 
-interface), or 
-key management packets (for 
-.Xr photurisd 8 , 
+by default. Only successfully IPSec-processed packets (from the
+.Nm enc0
+interface), or
+key management packets (for
+.Xr photurisd 8 ,
 .Tn UDP
 packets with source and destination ports of 468) should be allowed to pass.
-.Pp 
+.Pp
 The
 .Xr ipf 5
-rules for a tunnel which uses encryption (the ESP IPsec protocol) and 
+rules for a tunnel which uses encryption (the ESP IPsec protocol) and
 .Xr photurisd 8
 on security gateway A might look like this:
 .Bd -literal
@@ -221,12 +221,12 @@ If there are no other
 .Xr ipf 5
 rules, the "quick" clause can be added to the last three rules.
 .Sh EXAMPLES
-To create a manual keyed VPN between two class C networks using 
+To create a manual keyed VPN between two class C networks using
 3DES encryption and the following IP addresses:
 .Pp
 .Bd -literal
  A_INTERNAL_IP = 10.0.50.1
- A_EXTERNAL_IP = 192.168.1.254 
+ A_EXTERNAL_IP = 192.168.1.254
  B_EXTERNAL_IP = 192.168.2.1
  B_INTERNAL_IP = 10.0.99.1
 .Ed
@@ -338,9 +338,9 @@ Firewall configuration file
 .El
 .Sh BUGS
 .Xr photurisd 8
-can not be used in VPN mode unless both of the security gateway IP addresses 
+can not be used in VPN mode unless both of the security gateway IP addresses
 lie within the network ranges being tunnelled to.
-In situations where the gateway IP is outside the desired netrange, such 
+In situations where the gateway IP is outside the desired netrange, such
 as with private (RFC 1918) networks, manual keying must be used.
 This should be fixed in the next release.
 .Sh SEE ALSO