From bba89759ed548c0fe718334ceab20fbc1d7d0eb6 Mon Sep 17 00:00:00 2001
From: Jason McIntyre <jmc@cvs.openbsd.org>
Date: Wed, 27 Apr 2016 13:53:49 +0000
Subject: cidr permitted for {allow,deny}users; from lars nooden ok djm

---
 usr.bin/ssh/sshd_config.5 | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'usr.bin')

diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5
index 4f52988f8cd..85a5621aadb 100644
--- a/usr.bin/ssh/sshd_config.5
+++ b/usr.bin/ssh/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.221 2016/03/17 17:19:43 djm Exp $
-.Dd $Mdocdate: March 17 2016 $
+.\" $OpenBSD: sshd_config.5,v 1.222 2016/04/27 13:53:48 jmc Exp $
+.Dd $Mdocdate: April 27 2016 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -173,6 +173,8 @@ By default, login is allowed for all users.
 If the pattern takes the form USER@HOST then USER and HOST
 are separately checked, restricting logins to particular
 users from particular hosts.
+HOST criteria may additionally contain addresses to match in CIDR
+address/masklen format.
 The allow/deny directives are processed in the following order:
 .Cm DenyUsers ,
 .Cm AllowUsers ,
@@ -561,6 +563,8 @@ By default, login is allowed for all users.
 If the pattern takes the form USER@HOST then USER and HOST
 are separately checked, restricting logins to particular
 users from particular hosts.
+HOST criteria may additionally contain addresses to match in CIDR
+address/masklen format.
 The allow/deny directives are processed in the following order:
 .Cm DenyUsers ,
 .Cm AllowUsers ,
-- 
cgit v1.2.3