summaryrefslogtreecommitdiff
path: root/usr.bin
diff options
context:
space:
mode:
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/ssh/sshd_config.59
1 files changed, 1 insertions, 8 deletions
diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5
index f667703523e..c07d5d62559 100644
--- a/usr.bin/ssh/sshd_config.5
+++ b/usr.bin/ssh/sshd_config.5
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.31 2004/04/28 05:17:10 djm Exp $
+.\" $OpenBSD: sshd_config.5,v 1.32 2004/04/28 07:02:56 jmc Exp $
.Dd September 25, 1999
.Dt SSHD_CONFIG 5
.Os
@@ -83,7 +83,6 @@ Be warned that some environment variables could be used to bypass restricted
user environments.
For this reason, care should be taken in the use of this directive.
The default is not to accept any environment variables.
-.Pp
.It Cm AllowGroups
This keyword can be followed by a list of group name patterns, separated
by spaces.
@@ -96,7 +95,6 @@ can be used as
wildcards in the patterns.
Only group names are valid; a numerical group ID is not recognized.
By default, login is allowed for all groups.
-.Pp
.It Cm AllowTcpForwarding
Specifies whether TCP forwarding is permitted.
The default is
@@ -104,7 +102,6 @@ The default is
Note that disabling TCP forwarding does not improve security unless
users are also denied shell access, as they can always install their
own forwarders.
-.Pp
.It Cm AllowUsers
This keyword can be followed by a list of user name patterns, separated
by spaces.
@@ -120,7 +117,6 @@ By default, login is allowed for all users.
If the pattern takes the form USER@HOST then USER and HOST
are separately checked, restricting logins to particular
users from particular hosts.
-.Pp
.It Cm AuthorizedKeysFile
Specifies the file that contains the public keys that can be used
for user authentication.
@@ -143,7 +139,6 @@ The contents of the specified file are sent to the remote user before
authentication is allowed.
This option is only available for protocol version 2.
By default, no banner is displayed.
-.Pp
.It Cm ChallengeResponseAuthentication
Specifies whether challenge response authentication is allowed.
All authentication styles from
@@ -155,7 +150,6 @@ The default is
Specifies the ciphers allowed for protocol version 2.
Multiple ciphers must be comma-separated.
The default is
-.Pp
.Bd -literal
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc,aes128-ctr,aes192-ctr,aes256-ctr''
@@ -216,7 +210,6 @@ can be used as
wildcards in the patterns.
Only group names are valid; a numerical group ID is not recognized.
By default, login is allowed for all groups.
-.Pp
.It Cm DenyUsers
This keyword can be followed by a list of user name patterns, separated
by spaces.