$DragonFly: src/secure/usr.sbin/sshd/Attic/sshd.8.no_obj.patch,v 1.2 2006/09/28 18:42:50 corecode Exp $ --- sshd.8 2006-08-30 03:07:01.000000000 +0200 +++ sshd.8 2006-09-28 20:06:19.000000000 +0200 @@ -65,7 +65,7 @@ .Nm listens for connections from clients. It is normally started at boot from -.Pa /etc/rc . +.Pa /etc/rc.d/sshd . It forks a new daemon for each incoming connection. The forked daemons handle @@ -138,8 +138,6 @@ The default is .Pa /etc/ssh/ssh_host_key for protocol version 1, and -.Pa /etc/ssh/ssh_host_rsa_key -and .Pa /etc/ssh/ssh_host_dsa_key for protocol version 2. It is possible to have multiple host key files for @@ -342,8 +340,9 @@ If the login is on a tty, records login time. .It Checks -.Pa /etc/nologin ; -if it exists, prints contents and quits +.Pa /etc/nologin and +.Pa /var/run/nologin ; +if one exists, it prints the contents and quits (unless root). .It Changes to run with normal user privileges. @@ -365,11 +364,12 @@ exists, runs it; else if .Pa /etc/ssh/sshrc exists, runs -it; otherwise runs xauth. +it; otherwise runs +.Xr xauth 1 . The .Dq rc files are given the X11 -authentication protocol and cookie in standard input. +authentication protocol and cookie (if applicable) in standard input. See .Sx SSHRC , below. @@ -734,7 +734,7 @@ .Xr ssh 1 ) . It should only be writable by root. .Pp -.It /etc/moduli +.It /etc/ssh/moduli Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". The file format is described in .Xr moduli 5 . @@ -752,7 +752,7 @@ refused. The file should be world-readable. .Pp -.It /etc/shosts.equiv +.It /etc/ssh/shosts.equiv This file is used in exactly the same way as .Pa hosts.equiv , but allows host-based authentication without permitting login with @@ -769,8 +769,7 @@ .Pp .It /etc/ssh/ssh_host_key .It /etc/ssh/ssh_host_dsa_key -.It /etc/ssh/ssh_host_rsa_key -These three files contain the private parts of the host keys. +These two files contain the private parts of the host keys. These files should only be owned by root, readable only by root, and not accessible to others. Note that @@ -779,8 +778,7 @@ .Pp .It /etc/ssh/ssh_host_key.pub .It /etc/ssh/ssh_host_dsa_key.pub -.It /etc/ssh/ssh_host_rsa_key.pub -These three files contain the public parts of the host keys. +These two files contain the public parts of the host keys. These files should be world-readable but writable only by root. Their contents should match the respective private parts.