remove AllowHosts, DenyHosts, SilentDeny server access control cruft - replace with LIBWRAP moved to child. ok markus@ deraat@

1 files changed, 6 insertions, 30 deletions

diff --git a/usr.bin/ssh/sshd.8 b/usr.bin/ssh/sshd.8
index 0cdb11d6497..cdad83a5c5a 100644
--- a/usr.bin/ssh/sshd.8
+++ b/usr.bin/ssh/sshd.8
@@ -9,7 +9,7 @@
 .\"
 .\" Created: Sat Apr 22 21:55:14 1995 ylo
 .\"
-.\" $Id: sshd.8,v 1.18 1999/10/17 20:35:46 aaron Exp $
+.\" $Id: sshd.8,v 1.19 1999/10/17 20:48:07 dugsong Exp $
 .\"
 .Dd September 25, 1999
 .Dt SSHD 8
@@ -190,24 +190,6 @@ wildcards in the patterns.  Only group names are valid, a numerical group
 id isn't recognized.  By default login is allowed regardless of
 the primary group.
 .Pp
-.It Cm AllowHosts
-This keyword can be followed by any number of host name patterns,
-separated by spaces.  If specified, login is allowed only from hosts
-whose name matches one of the patterns.
-.Ql \&*
-and
-.Ql ?
-can be used as
-wildcards in the patterns.  Normal name servers are used to map the
-client's host into a canonical host name.  If the name cannot be
-mapped, its IP-address is used as the host name.  By default all hosts
-are allowed to connect.
-.Pp
-Note that
-.Nm
-can also be configured to use tcp_wrappers using the
-.Sy LIBWARP
-compile-time option.
 .It Cm AllowUsers
 This keyword can be followed by a number of user names, separated
 by spaces.  If specified, login is allowed only for users names that
@@ -238,10 +220,6 @@ wildcards in the patterns.  Only group names are valid, a numerical group
 id isn't recognized.  By default login is allowed regardless of
 the primary group.
 .Pp
-.It Cm DenyHosts
-This keyword can be followed by any number of host name patterns,
-separated by spaces.  If specified, login is disallowed from the hosts
-whose name matches any of the patterns.
 .It Cm DenyUsers
 This keyword can be followed by a number of user names, separated
 by spaces.  Login is allowed disallowed for user names that match
@@ -404,13 +382,6 @@ Specifies whether pure RSA authentication is allowed.  The default is
 .It Cm ServerKeyBits
 Defines the number of bits in the server key.  The minimum value is
 512, and the default is 768.
-.It Cm SilentDeny
-Specifies whether
-.Nm
-should log and complain to denied hosts or close the
-connection silently.
-The default is
-.Dq no .
 .It Cm SkeyAuthentication
 Specifies whether
 .Xr skey 1 
@@ -671,6 +642,11 @@ If this file exists,
 refuses to let anyone except root log in.  The contents of the file
 are displayed to anyone trying to log in, and non-root connections are
 refused.  The file should be world-readable.
+.It Pa /etc/hosts.allow, /etc/hosts.deny
+If compiled with
+.Sy LIBWRAP
+support, tcp-wrappers access controls may be defined here as described in
+.Xr hosts_access 5 .
 .It Pa $HOME/.rhosts
 This file contains host-username pairs, separated by a space, one per
 line.  The given user on the corresponding host is permitted to log in