Commit 96c85e74 authored by Colin Watson's avatar Colin Watson

Adjust various OpenBSD-specific references in manual pages

No single bug reference for this patch, but history includes:
 http://bugs.debian.org/154434 (login.conf(5))
 http://bugs.debian.org/513417 (/etc/rc)
 http://bugs.debian.org/530692 (ssl(8))
 https://bugs.launchpad.net/bugs/456660 (ssl(8))

Forwarded: not-needed
Last-Update: 2017-10-04

Patch-Name: openbsd-docs.patch
parent 67a6cbb2
...@@ -21,7 +21,7 @@ ...@@ -21,7 +21,7 @@
.Nd Diffie-Hellman moduli .Nd Diffie-Hellman moduli
.Sh DESCRIPTION .Sh DESCRIPTION
The The
.Pa /etc/moduli .Pa /etc/ssh/moduli
file contains prime numbers and generators for use by file contains prime numbers and generators for use by
.Xr sshd 8 .Xr sshd 8
in the Diffie-Hellman Group Exchange key exchange method. in the Diffie-Hellman Group Exchange key exchange method.
...@@ -110,7 +110,7 @@ first estimates the size of the modulus required to produce enough ...@@ -110,7 +110,7 @@ first estimates the size of the modulus required to produce enough
Diffie-Hellman output to sufficiently key the selected symmetric cipher. Diffie-Hellman output to sufficiently key the selected symmetric cipher.
.Xr sshd 8 .Xr sshd 8
then randomly selects a modulus from then randomly selects a modulus from
.Fa /etc/moduli .Fa /etc/ssh/moduli
that best meets the size requirement. that best meets the size requirement.
.Sh SEE ALSO .Sh SEE ALSO
.Xr ssh-keygen 1 , .Xr ssh-keygen 1 ,
......
...@@ -176,9 +176,7 @@ key in ...@@ -176,9 +176,7 @@ key in
.Pa ~/.ssh/id_ed25519 .Pa ~/.ssh/id_ed25519
or or
.Pa ~/.ssh/id_rsa . .Pa ~/.ssh/id_rsa .
Additionally, the system administrator may use this to generate host keys, Additionally, the system administrator may use this to generate host keys.
as seen in
.Pa /etc/rc .
.Pp .Pp
Normally this program generates the key and asks for a file in which Normally this program generates the key and asks for a file in which
to store the private key. to store the private key.
...@@ -229,9 +227,7 @@ If ...@@ -229,9 +227,7 @@ If
.Fl f .Fl f
has also been specified, its argument is used as a prefix to the has also been specified, its argument is used as a prefix to the
default path for the resulting host key files. default path for the resulting host key files.
This is used by This is used by system administration scripts to generate new host keys.
.Pa /etc/rc
to generate new host keys.
.It Fl a Ar rounds .It Fl a Ar rounds
When saving a private key this option specifies the number of KDF When saving a private key this option specifies the number of KDF
(key derivation function) rounds used. (key derivation function) rounds used.
...@@ -677,7 +673,7 @@ option. ...@@ -677,7 +673,7 @@ option.
Valid generator values are 2, 3, and 5. Valid generator values are 2, 3, and 5.
.Pp .Pp
Screened DH groups may be installed in Screened DH groups may be installed in
.Pa /etc/moduli . .Pa /etc/ssh/moduli .
It is important that this file contains moduli of a range of bit lengths and It is important that this file contains moduli of a range of bit lengths and
that both ends of a connection share common moduli. that both ends of a connection share common moduli.
.Sh CERTIFICATES .Sh CERTIFICATES
...@@ -877,7 +873,7 @@ on all machines ...@@ -877,7 +873,7 @@ on all machines
where the user wishes to log in using public key authentication. where the user wishes to log in using public key authentication.
There is no need to keep the contents of this file secret. There is no need to keep the contents of this file secret.
.Pp .Pp
.It Pa /etc/moduli .It Pa /etc/ssh/moduli
Contains Diffie-Hellman groups used for DH-GEX. Contains Diffie-Hellman groups used for DH-GEX.
The file format is described in The file format is described in
.Xr moduli 5 . .Xr moduli 5 .
......
...@@ -860,6 +860,10 @@ implements public key authentication protocol automatically, ...@@ -860,6 +860,10 @@ implements public key authentication protocol automatically,
using one of the DSA, ECDSA, Ed25519 or RSA algorithms. using one of the DSA, ECDSA, Ed25519 or RSA algorithms.
The HISTORY section of The HISTORY section of
.Xr ssl 8 .Xr ssl 8
(on non-OpenBSD systems, see
.nh
http://www.openbsd.org/cgi\-bin/man.cgi?query=ssl&sektion=8#HISTORY)
.hy
contains a brief discussion of the DSA and RSA algorithms. contains a brief discussion of the DSA and RSA algorithms.
.Pp .Pp
The file The file
......
...@@ -65,7 +65,7 @@ over an insecure network. ...@@ -65,7 +65,7 @@ over an insecure network.
.Nm .Nm
listens for connections from clients. listens for connections from clients.
It is normally started at boot from It is normally started at boot from
.Pa /etc/rc . .Pa /etc/init.d/ssh .
It forks a new It forks a new
daemon for each incoming connection. daemon for each incoming connection.
The forked daemons handle The forked daemons handle
...@@ -884,7 +884,7 @@ This file is for host-based authentication (see ...@@ -884,7 +884,7 @@ This file is for host-based authentication (see
.Xr ssh 1 ) . .Xr ssh 1 ) .
It should only be writable by root. It should only be writable by root.
.Pp .Pp
.It Pa /etc/moduli .It Pa /etc/ssh/moduli
Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange" Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange"
key exchange method. key exchange method.
The file format is described in The file format is described in
...@@ -982,7 +982,6 @@ The content of this file is not sensitive; it can be world-readable. ...@@ -982,7 +982,6 @@ The content of this file is not sensitive; it can be world-readable.
.Xr ssh-keyscan 1 , .Xr ssh-keyscan 1 ,
.Xr chroot 2 , .Xr chroot 2 ,
.Xr hosts_access 5 , .Xr hosts_access 5 ,
.Xr login.conf 5 ,
.Xr moduli 5 , .Xr moduli 5 ,
.Xr sshd_config 5 , .Xr sshd_config 5 ,
.Xr inetd 8 , .Xr inetd 8 ,
......
...@@ -395,8 +395,7 @@ Certificates signed using other algorithms will not be accepted for ...@@ -395,8 +395,7 @@ Certificates signed using other algorithms will not be accepted for
public key or host-based authentication. public key or host-based authentication.
.It Cm ChallengeResponseAuthentication .It Cm ChallengeResponseAuthentication
Specifies whether challenge-response authentication is allowed (e.g. via Specifies whether challenge-response authentication is allowed (e.g. via
PAM or through authentication styles supported in PAM).
.Xr login.conf 5 )
The default is The default is
.Cm yes . .Cm yes .
.It Cm ChrootDirectory .It Cm ChrootDirectory
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment