=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/sshd.8,v retrieving revision 1.230.2.1 retrieving revision 1.231 diff -u -r1.230.2.1 -r1.231 --- src/usr.bin/ssh/sshd.8 2006/09/30 04:06:51 1.230.2.1 +++ src/usr.bin/ssh/sshd.8 2006/07/10 12:46:52 1.231 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.230.2.1 2006/09/30 04:06:51 brad Exp $ +.\" $OpenBSD: sshd.8,v 1.231 2006/07/10 12:46:52 dtucker Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -455,9 +455,6 @@ An example might be a key that permits remote backups but nothing else. Note that the client may specify TCP and/or X11 forwarding unless they are explicitly prohibited. -The command originally supplied by the client is available in the -.Ev SSH_ORIGINAL_COMMAND -environment variable. Note that this option applies to shell, command or subsystem execution. .It Cm environment="NAME=value" Specifies that the string is to be added to the environment when @@ -571,7 +568,7 @@ .Ql \&] brackets then followed by .Ql \&: -and a non-standard port number. +and and a non-standard port number. .Pp Alternately, hostnames may be stored in a hashed form which hides host names and addresses should the file's contents be disclosed. @@ -655,22 +652,8 @@ .It ~/.ssh/authorized_keys Lists the public keys (RSA/DSA) that can be used for logging in as this user. The format of this file is described above. -The content of the file is not highly sensitive, but the recommended +This file is not highly sensitive, but the recommended permissions are read/write for the user, and not accessible by others. -.Pp -If this file, the -.Pa ~/.ssh -directory, or the user's home directory are writable -by other users, then the file could be modified or replaced by unauthorized -users. -In this case, -.Nm -will not allow it to be used unless the -.Cm StrictModes -option has been set to -.Dq no . -The recommended permissions can be set by executing -.Dq chmod go-w ~/ ~/.ssh ~/.ssh/authorized_keys . .Pp .It ~/.ssh/environment This file is read into the environment at login (if it exists).