From 35d4ccfb55769dbb1d0d84a61a347a1584b8e10a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= Date: Sat, 29 Jun 2002 10:53:57 +0000 Subject: Document FreeBSD defaults and paths. Sponsored by: DARPA, NAI Labs --- crypto/openssh/ssh.1 | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'crypto/openssh/ssh.1') diff --git a/crypto/openssh/ssh.1 b/crypto/openssh/ssh.1 index 8ada41f29723..230e48e1d172 100644 --- a/crypto/openssh/ssh.1 +++ b/crypto/openssh/ssh.1 @@ -35,6 +35,7 @@ .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" $OpenBSD: ssh.1,v 1.158 2002/06/20 19:56:07 stevesk Exp $ +.\" $FreeBSD$ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -99,7 +100,7 @@ depending on the protocol version used: First, if the machine the user logs in from is listed in .Pa /etc/hosts.equiv or -.Pa /etc/shosts.equiv +.Pa /etc/ssh/shosts.equiv on the remote machine, and the user names are the same on both sides, the user is immediately permitted to log in. Second, if @@ -123,7 +124,7 @@ It means that if the login would be permitted by .Pa $HOME/.shosts , .Pa /etc/hosts.equiv , or -.Pa /etc/shosts.equiv , +.Pa /etc/ssh/shosts.equiv , and if additionally the server can verify the client's host key (see .Pa /etc/ssh/ssh_known_hosts @@ -330,6 +331,7 @@ The user should not manually set .Ev DISPLAY . Forwarding of X11 connections can be configured on the command line or in configuration files. +Take note that X11 forwarding can represent a security hazard. .Pp The .Ev DISPLAY @@ -666,7 +668,7 @@ It is automatically set by to point to a value of the form .Dq hostname:n where hostname indicates -the host where the shell runs, and n is an integer >= 1. +the host where the shell runs, and n is an integer \*(>= 1. .Nm uses this special value to forward X11 connections over the secure channel. @@ -893,7 +895,8 @@ or .Xr rsh 1 . .It Pa /etc/hosts.equiv This file is used during -.Pa \&.rhosts authentication. +.Pa \&.rhosts +authentication. It contains canonical hosts names, one per line (the full format is described on the @@ -905,7 +908,7 @@ same. Additionally, successful RSA host authentication is normally required. This file should only be writable by root. -.It Pa /etc/shosts.equiv +.It Pa /etc/ssh/shosts.equiv This file is processed exactly as .Pa /etc/hosts.equiv . This file may be useful to permit logins using -- cgit v1.2.3