openssh-014 Old build/openssh/patches/man-sections.patch

   1 diff -ru openssh-6.7p1-orig/Makefile.in openssh-6.7p1/Makefile.in
   2 --- openssh-6.7p1-orig/Makefile.in      Sat Aug 30 02:23:07 2014
   3 +++ openssh-6.7p1/Makefile.in   Fri Feb 27 15:50:37 2015
   4 @@ -282,8 +282,8 @@
   5         $(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir)
   6         $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)
   7         $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
   8 -       $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5
   9 -       $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
  10 +       $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1m
  11 +       $(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)4
  12         $(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir)
  13         (umask 022 ; $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH))
  14         $(INSTALL) -m 0755 $(STRIP_OPT) ssh$(EXEEXT) $(DESTDIR)$(bindir)/ssh$(EXEEXT)
  15 @@ -303,14 +303,14 @@
  16         $(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
  17         $(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
  18         $(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
  19 -       $(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/moduli.5
  20 -       $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
  21 -       $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
  22 -       $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
  23 +       $(INSTALL) -m 644 moduli.5.out $(DESTDIR)$(mandir)/$(mansubdir)4/moduli.4
  24 +       $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)4/sshd_config.4
  25 +       $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)4/ssh_config.4
  26 +       $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)1m/sshd.1m
  27         $(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
  28 -       $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
  29 -       $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
  30 -       $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8
  31 +       $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)1m/sftp-server.1m
  32 +       $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)1m/ssh-keysign.1m
  33 +       $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)1m/ssh-pkcs11-helper.1m
  34         -rm -f $(DESTDIR)$(bindir)/slogin
  35         ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
  36         -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
  37 Only in openssh-6.7p1: Makefile.in.orig
  38 Common subdirectories: openssh-6.7p1-orig/contrib and openssh-6.7p1/contrib
  39 diff -ru openssh-6.7p1-orig/moduli.5 openssh-6.7p1/moduli.5
  40 --- openssh-6.7p1-orig/moduli.5 Tue Nov  6 16:36:01 2012
  41 +++ openssh-6.7p1/moduli.5      Fri Feb 27 15:50:37 2015
  42 @@ -14,7 +14,7 @@
  43  .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  44  .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  45  .Dd $Mdocdate: September 26 2012 $
  46 -.Dt MODULI 5
  47 +.Dt MODULI 4
  48  .Os
  49  .Sh NAME
  50  .Nm moduli
  51 @@ -23,7 +23,7 @@
  52  The
  53  .Pa /etc/moduli
  54  file contains prime numbers and generators for use by
  55 -.Xr sshd 8
  56 +.Xr sshd 1M
  57  in the Diffie-Hellman Group Exchange key exchange method.
  58  .Pp
  59  New moduli may be generated with
  60 @@ -40,7 +40,7 @@
  61  .Ic ssh-keygen -T ,
  62  provides a high degree of assurance that the numbers are prime and are
  63  safe for use in Diffie-Hellman operations by
  64 -.Xr sshd 8 .
  65 +.Xr sshd 1M .
  66  This
  67  .Nm
  68  format is used as the output from each pass.
  69 @@ -70,7 +70,7 @@
  70  Further primality testing with
  71  .Xr ssh-keygen 1
  72  produces safe prime moduli (type 2) that are ready for use in
  73 -.Xr sshd 8 .
  74 +.Xr sshd 1M .
  75  Other types are not used by OpenSSH.
  76  .It tests
  77  Decimal number indicating the type of primality tests that the number
  78 @@ -105,16 +105,16 @@
  79  .El
  80  .Pp
  81  When performing Diffie-Hellman Group Exchange,
  82 -.Xr sshd 8
  83 +.Xr sshd 1M
  84  first estimates the size of the modulus required to produce enough
  85  Diffie-Hellman output to sufficiently key the selected symmetric cipher.
  86 -.Xr sshd 8
  87 +.Xr sshd 1M
  88  then randomly selects a modulus from
  89  .Fa /etc/moduli
  90  that best meets the size requirement.
  91  .Sh SEE ALSO
  92  .Xr ssh-keygen 1 ,
  93 -.Xr sshd 8
  94 +.Xr sshd 1M
  95  .Sh STANDARDS
  96  .Rs
  97  .%A M. Friedl
  98 Common subdirectories: openssh-6.7p1-orig/openbsd-compat and openssh-6.7p1/openbsd-compat
  99 Common subdirectories: openssh-6.7p1-orig/regress and openssh-6.7p1/regress
 100 Common subdirectories: openssh-6.7p1-orig/scard and openssh-6.7p1/scard
 101 diff -ru openssh-6.7p1-orig/scp.1 openssh-6.7p1/scp.1
 102 --- openssh-6.7p1-orig/scp.1    Sat Apr 19 23:02:58 2014
 103 +++ openssh-6.7p1/scp.1 Fri Feb 27 15:50:37 2015
 104 @@ -116,13 +116,13 @@
 105  Can be used to pass options to
 106  .Nm ssh
 107  in the format used in
 108 -.Xr ssh_config 5 .
 109 +.Xr ssh_config 4 .
 110  This is useful for specifying options
 111  for which there is no separate
 112  .Nm scp
 113  command-line flag.
 114  For full details of the options listed below, and their possible values, see
 115 -.Xr ssh_config 5 .
 116 +.Xr ssh_config 4 .
 117  .Pp
 118  .Bl -tag -width Ds -offset indent -compact
 119  .It AddressFamily
 120 @@ -227,8 +227,8 @@
 121  .Xr ssh-add 1 ,
 122  .Xr ssh-agent 1 ,
 123  .Xr ssh-keygen 1 ,
 124 -.Xr ssh_config 5 ,
 125 -.Xr sshd 8
 126 +.Xr ssh_config 4 ,
 127 +.Xr sshd 1M
 128  .Sh HISTORY
 129  .Nm
 130  is based on the rcp program in
 131 Only in openssh-6.7p1: scp.1.orig
 132 diff -ru openssh-6.7p1-orig/sftp-server.8 openssh-6.7p1/sftp-server.8
 133 --- openssh-6.7p1-orig/sftp-server.8    Tue Jul 29 22:33:21 2014
 134 +++ openssh-6.7p1/sftp-server.8 Fri Feb 27 15:51:27 2015
 135 @@ -23,7 +23,7 @@
 136  .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 137  .\"
 138  .Dd $Mdocdate: July 28 2014 $
 139 -.Dt SFTP-SERVER 8
 140 +.Dt SFTP-SERVER 1M
 141  .Os
 142  .Sh NAME
 143  .Nm sftp-server
 144 @@ -47,7 +47,7 @@
 145  to stdout and expects client requests from stdin.
 146  .Nm
 147  is not intended to be called directly, but from
 148 -.Xr sshd 8
 149 +.Xr sshd 1M
 150  using the
 151  .Cm Subsystem
 152  option.
 153 @@ -58,7 +58,7 @@
 154  .Cm Subsystem
 155  declaration.
 156  See
 157 -.Xr sshd_config 5
 158 +.Xr sshd_config 4
 159  for more information.
 160  .Pp
 161  Valid options are:
 162 @@ -147,13 +147,13 @@
 163  for logging to work, and use of
 164  .Nm
 165  in a chroot configuration therefore requires that
 166 -.Xr syslogd 8
 167 +.Xr syslogd 1M
 168  establish a logging socket inside the chroot directory.
 169  .Sh SEE ALSO
 170  .Xr sftp 1 ,
 171  .Xr ssh 1 ,
 172 -.Xr sshd_config 5 ,
 173 -.Xr sshd 8
 174 +.Xr sshd_config 4 ,
 175 +.Xr sshd 1M
 176  .Rs
 177  .%A T. Ylonen
 178  .%A S. Lehtinen
 179 diff -ru openssh-6.7p1-orig/sftp.1 openssh-6.7p1/sftp.1
 180 --- openssh-6.7p1-orig/sftp.1   Wed May 14 23:47:37 2014
 181 +++ openssh-6.7p1/sftp.1        Fri Feb 27 15:50:37 2015
 182 @@ -85,7 +85,7 @@
 183  option.
 184  In such cases, it is necessary to configure non-interactive authentication
 185  to obviate the need to enter a password at connection time (see
 186 -.Xr sshd 8
 187 +.Xr sshd 1M
 188  and
 189  .Xr ssh-keygen 1
 190  for details).
 191 @@ -179,7 +179,7 @@
 192  Can be used to pass options to
 193  .Nm ssh
 194  in the format used in
 195 -.Xr ssh_config 5 .
 196 +.Xr ssh_config 4 .
 197  This is useful for specifying options
 198  for which there is no separate
 199  .Nm sftp
 200 @@ -187,7 +187,7 @@
 201  For example, to specify an alternate port use:
 202  .Ic sftp -oPort=24 .
 203  For full details of the options listed below, and their possible values, see
 204 -.Xr ssh_config 5 .
 205 +.Xr ssh_config 4 .
 206  .Pp
 207  .Bl -tag -width Ds -offset indent -compact
 208  .It AddressFamily
 209 @@ -280,7 +280,7 @@
 210  A path is useful for using
 211  .Nm
 212  over protocol version 1, or when the remote
 213 -.Xr sshd 8
 214 +.Xr sshd 1M
 215  does not have an sftp subsystem configured.
 216  .It Fl v
 217  Raise logging level.
 218 @@ -610,9 +610,9 @@
 219  .Xr ssh-add 1 ,
 220  .Xr ssh-keygen 1 ,
 221  .Xr glob 3 ,
 222 -.Xr ssh_config 5 ,
 223 -.Xr sftp-server 8 ,
 224 -.Xr sshd 8
 225 +.Xr ssh_config 4 ,
 226 +.Xr sftp-server 1M ,
 227 +.Xr sshd 1M
 228  .Rs
 229  .%A T. Ylonen
 230  .%A S. Lehtinen
 231 Only in openssh-6.7p1: sftp.1.orig
 232 diff -ru openssh-6.7p1-orig/ssh-add.1 openssh-6.7p1/ssh-add.1
 233 --- openssh-6.7p1-orig/ssh-add.1        Wed Dec 18 01:46:28 2013
 234 +++ openssh-6.7p1/ssh-add.1     Fri Feb 27 15:50:37 2015
 235 @@ -126,7 +126,7 @@
 236  Set a maximum lifetime when adding identities to an agent.
 237  The lifetime may be specified in seconds or in a time format
 238  specified in
 239 -.Xr sshd_config 5 .
 240 +.Xr sshd_config 4 .
 241  .It Fl X
 242  Unlock the agent.
 243  .It Fl x
 244 @@ -189,7 +189,7 @@
 245  .Xr ssh 1 ,
 246  .Xr ssh-agent 1 ,
 247  .Xr ssh-keygen 1 ,
 248 -.Xr sshd 8
 249 +.Xr sshd 1M
 250  .Sh AUTHORS
 251  OpenSSH is a derivative of the original and free
 252  ssh 1.2.12 release by Tatu Ylonen.
 253 diff -ru openssh-6.7p1-orig/ssh-keygen.1 openssh-6.7p1/ssh-keygen.1
 254 --- openssh-6.7p1-orig/ssh-keygen.1     Sat Apr 19 23:23:04 2014
 255 +++ openssh-6.7p1/ssh-keygen.1  Fri Feb 27 15:50:37 2015
 256 @@ -433,7 +433,7 @@
 257  Disable execution of
 258  .Pa ~/.ssh/rc
 259  by
 260 -.Xr sshd 8
 261 +.Xr sshd 1M
 262  (permitted by default).
 263  .It Ic no-x11-forwarding
 264  Disable X11 forwarding (permitted by default).
 265 @@ -449,7 +449,7 @@
 266  Allows execution of
 267  .Pa ~/.ssh/rc
 268  by
 269 -.Xr sshd 8 .
 270 +.Xr sshd 1M .
 271  .It Ic permit-x11-forwarding
 272  Allows X11 forwarding.
 273  .It Ic source-address Ns = Ns Ar address_list
 274 @@ -540,7 +540,7 @@
 275  in YYYYMMDDHHMMSS format or a relative time (to the current time) consisting
 276  of a minus sign followed by a relative time in the format described in the
 277  TIME FORMATS section of
 278 -.Xr sshd_config 5 .
 279 +.Xr sshd_config 4 .
 280  The end time may be specified as a YYYYMMDD date, a YYYYMMDDHHMMSS time or
 281  a relative time starting with a plus character.
 282  .Pp
 283 @@ -642,7 +642,7 @@
 284  on a certificate rather than trusting many user/host keys.
 285  Note that OpenSSH certificates are a different, and much simpler, format to
 286  the X.509 certificates used in
 287 -.Xr ssl 8 .
 288 +.Xr ssl 1M .
 289  .Pp
 290  .Nm
 291  supports two types of certificates: user and host.
 292 @@ -706,7 +706,7 @@
 293  .Pp
 294  For certificates to be used for user or host authentication, the CA
 295  public key must be trusted by
 296 -.Xr sshd 8
 297 +.Xr sshd 1M
 298  or
 299  .Xr ssh 1 .
 300  Please refer to those manual pages for details.
 301 @@ -830,14 +830,14 @@
 302  .It Pa /etc/moduli
 303  Contains Diffie-Hellman groups used for DH-GEX.
 304  The file format is described in
 305 -.Xr moduli 5 .
 306 +.Xr moduli 4 .
 307  .El
 308  .Sh SEE ALSO
 309  .Xr ssh 1 ,
 310  .Xr ssh-add 1 ,
 311  .Xr ssh-agent 1 ,
 312 -.Xr moduli 5 ,
 313 -.Xr sshd 8
 314 +.Xr moduli 4 ,
 315 +.Xr sshd 1M
 316  .Rs
 317  .%R RFC 4716
 318  .%T "The Secure Shell (SSH) Public Key File Format"
 319 diff -ru openssh-6.7p1-orig/ssh-keysign.8 openssh-6.7p1/ssh-keysign.8
 320 --- openssh-6.7p1-orig/ssh-keysign.8    Wed Dec 18 01:46:28 2013
 321 +++ openssh-6.7p1/ssh-keysign.8 Fri Feb 27 15:50:37 2015
 322 @@ -23,7 +23,7 @@
 323  .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 324  .\"
 325  .Dd $Mdocdate: December 7 2013 $
 326 -.Dt SSH-KEYSIGN 8
 327 +.Dt SSH-KEYSIGN 1M
 328  .Os
 329  .Sh NAME
 330  .Nm ssh-keysign
 331 @@ -52,7 +52,7 @@
 332  See
 333  .Xr ssh 1
 334  and
 335 -.Xr sshd 8
 336 +.Xr sshd 1M
 337  for more information about host-based authentication.
 338  .Sh FILES
 339  .Bl -tag -width Ds -compact
 340 @@ -83,8 +83,8 @@
 341  .Sh SEE ALSO
 342  .Xr ssh 1 ,
 343  .Xr ssh-keygen 1 ,
 344 -.Xr ssh_config 5 ,
 345 -.Xr sshd 8
 346 +.Xr ssh_config 4 ,
 347 +.Xr sshd 1M
 348  .Sh HISTORY
 349  .Nm
 350  first appeared in
 351 diff -ru openssh-6.7p1-orig/ssh-pkcs11-helper.8 openssh-6.7p1/ssh-pkcs11-helper.8
 352 --- openssh-6.7p1-orig/ssh-pkcs11-helper.8      Thu Jul 18 02:14:14 2013
 353 +++ openssh-6.7p1/ssh-pkcs11-helper.8   Fri Feb 27 15:50:37 2015
 354 @@ -15,7 +15,7 @@
 355  .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 356  .\"
 357  .Dd $Mdocdate: July 16 2013 $
 358 -.Dt SSH-PKCS11-HELPER 8
 359 +.Dt SSH-PKCS11-HELPER 1M
 360  .Os
 361  .Sh NAME
 362  .Nm ssh-pkcs11-helper
 363 diff -ru openssh-6.7p1-orig/ssh.1 openssh-6.7p1/ssh.1
 364 --- openssh-6.7p1-orig/ssh.1    Tue Jul 29 22:32:28 2014
 365 +++ openssh-6.7p1/ssh.1 Fri Feb 27 15:52:48 2015
 366 @@ -164,7 +164,7 @@
 367  See the
 368  .Cm Ciphers
 369  keyword in
 370 -.Xr ssh_config 5
 371 +.Xr ssh_config 4
 372  for more information.
 373  .It Fl D Xo
 374  .Sm off
 375 @@ -343,7 +343,7 @@
 376  Refer to the description of
 377  .Cm ControlMaster
 378  in
 379 -.Xr ssh_config 5
 380 +.Xr ssh_config 4
 381  for details.
 382  .It Fl m Ar mac_spec
 383  Additionally, for protocol version 2 a comma-separated list of MAC
 384 @@ -399,7 +399,7 @@
 385  This is useful for specifying options for which there is no separate
 386  command-line flag.
 387  For full details of the options listed below, and their possible values, see
 388 -.Xr ssh_config 5 .
 389 +.Xr ssh_config 4 .
 390  .Pp
 391  .Bl -tag -width Ds -offset indent -compact
 392  .It AddressFamily
 393 @@ -541,7 +541,7 @@
 394  will only succeed if the server's
 395  .Cm GatewayPorts
 396  option is enabled (see
 397 -.Xr sshd_config 5 ) .
 398 +.Xr sshd_config 4 ) .
 399  .Pp
 400  If the
 401  .Ar port
 402 @@ -562,7 +562,7 @@
 403  and
 404  .Cm ControlMaster
 405  in
 406 -.Xr ssh_config 5
 407 +.Xr ssh_config 4
 408  for details.
 409  .It Fl s
 410  May be used to request invocation of a subsystem on the remote system.
 411 @@ -632,7 +632,7 @@
 412  and
 413  .Cm TunnelDevice
 414  directives in
 415 -.Xr ssh_config 5 .
 416 +.Xr ssh_config 4 .
 417  If the
 418  .Cm Tunnel
 419  directive is unset, it is set to the default tunnel mode, which is
 420 @@ -655,7 +655,7 @@
 421  option and the
 422  .Cm ForwardX11Trusted
 423  directive in
 424 -.Xr ssh_config 5
 425 +.Xr ssh_config 4
 426  for more information.
 427  .It Fl x
 428  Disables X11 forwarding.
 429 @@ -674,7 +674,7 @@
 430  may additionally obtain configuration data from
 431  a per-user configuration file and a system-wide configuration file.
 432  The file format and configuration options are described in
 433 -.Xr ssh_config 5 .
 434 +.Xr ssh_config 4 .
 435  .Sh AUTHENTICATION
 436  The OpenSSH SSH client supports SSH protocols 1 and 2.
 437  The default is to use protocol 2 only,
 438 @@ -681,7 +681,7 @@
 439  though this can be changed via the
 440  .Cm Protocol
 441  option in
 442 -.Xr ssh_config 5
 443 +.Xr ssh_config 4
 444  or the
 445  .Fl 1
 446  and
 447 @@ -941,7 +941,7 @@
 448  allows the user to execute a local command if the
 449  .Ic PermitLocalCommand
 450  option is enabled in
 451 -.Xr ssh_config 5 .
 452 +.Xr ssh_config 4 .
 453  Basic help is available, using the
 454  .Fl h
 455  option.
 456 @@ -1138,7 +1138,7 @@
 457  See the
 458  .Cm VerifyHostKeyDNS
 459  option in
 460 -.Xr ssh_config 5
 461 +.Xr ssh_config 4
 462  for more information.
 463  .Sh SSH-BASED VIRTUAL PRIVATE NETWORKS
 464  .Nm
 465 @@ -1148,7 +1148,7 @@
 466  network pseudo-device,
 467  allowing two networks to be joined securely.
 468  The
 469 -.Xr sshd_config 5
 470 +.Xr sshd_config 4
 471  configuration option
 472  .Cm PermitTunnel
 473  controls whether the server supports this,
 474 @@ -1298,7 +1298,7 @@
 475  For more information, see the
 476  .Cm PermitUserEnvironment
 477  option in
 478 -.Xr sshd_config 5 .
 479 +.Xr sshd_config 4 .
 480  .Sh FILES
 481  .Bl -tag -width Ds -compact
 482  .It Pa ~/.rhosts
 483 @@ -1306,7 +1306,7 @@
 484  On some machines this file may need to be
 485  world-readable if the user's home directory is on an NFS partition,
 486  because
 487 -.Xr sshd 8
 488 +.Xr sshd 1M
 489  reads it as root.
 490  Additionally, this file must be owned by the user,
 491  and must not have write permissions for anyone else.
 492 @@ -1331,7 +1331,7 @@
 493  Lists the public keys (DSA, ECDSA, ED25519, RSA)
 494  that can be used for logging in as this user.
 495  The format of this file is described in the
 496 -.Xr sshd 8
 497 +.Xr sshd 1M
 498  manual page.
 499  This file is not highly sensitive, but the recommended
 500  permissions are read/write for the user, and not accessible by others.
 501 @@ -1339,7 +1339,7 @@
 502  .It Pa ~/.ssh/config
 503  This is the per-user configuration file.
 504  The file format and configuration options are described in
 505 -.Xr ssh_config 5 .
 506 +.Xr ssh_config 4 .
 507  Because of the potential for abuse, this file must have strict permissions:
 508  read/write for the user, and not writable by others.
 509  .Pp
 510 @@ -1376,7 +1376,7 @@
 511  Contains a list of host keys for all hosts the user has logged into
 512  that are not already in the systemwide list of known host keys.
 513  See
 514 -.Xr sshd 8
 515 +.Xr sshd 1M
 516  for further details of the format of this file.
 517  .Pp
 518  .It Pa ~/.ssh/rc
 519 @@ -1385,7 +1385,7 @@
 520  when the user logs in, just before the user's shell (or command) is
 521  started.
 522  See the
 523 -.Xr sshd 8
 524 +.Xr sshd 1M
 525  manual page for more information.
 526  .Pp
 527  .It Pa /etc/hosts.equiv
 528 @@ -1401,7 +1401,7 @@
 529  .It Pa /etc/ssh/ssh_config
 530  Systemwide configuration file.
 531  The file format and configuration options are described in
 532 -.Xr ssh_config 5 .
 533 +.Xr ssh_config 4 .
 534  .Pp
 535  .It Pa /etc/ssh/ssh_host_key
 536  .It Pa /etc/ssh/ssh_host_dsa_key
 537 @@ -1416,7 +1416,7 @@
 538  For protocol version 2,
 539  .Nm
 540  uses
 541 -.Xr ssh-keysign 8
 542 +.Xr ssh-keysign 1M
 543  to access the host keys,
 544  eliminating the requirement that
 545  .Nm
 546 @@ -1432,7 +1432,7 @@
 547  organization.
 548  It should be world-readable.
 549  See
 550 -.Xr sshd 8
 551 +.Xr sshd 1M
 552  for further details of the format of this file.
 553  .Pp
 554  .It Pa /etc/ssh/sshrc
 555 @@ -1440,7 +1440,7 @@
 556  .Nm
 557  when the user logs in, just before the user's shell (or command) is started.
 558  See the
 559 -.Xr sshd 8
 560 +.Xr sshd 1M
 561  manual page for more information.
 562  .El
 563  .Sh EXIT STATUS
 564 @@ -1455,9 +1455,9 @@
 565  .Xr ssh-keygen 1 ,
 566  .Xr ssh-keyscan 1 ,
 567  .Xr tun 4 ,
 568 -.Xr ssh_config 5 ,
 569 -.Xr ssh-keysign 8 ,
 570 -.Xr sshd 8
 571 +.Xr ssh_config 4 ,
 572 +.Xr ssh-keysign 1M ,
 573 +.Xr sshd 1M
 574  .Sh STANDARDS
 575  .Rs
 576  .%A S. Lehtinen
 577 diff -ru openssh-6.7p1-orig/sshd.8 openssh-6.7p1/sshd.8
 578 --- openssh-6.7p1-orig/sshd.8   Thu Jul  3 19:00:04 2014
 579 +++ openssh-6.7p1/sshd.8        Fri Feb 27 15:54:50 2015
 580 @@ -35,7 +35,7 @@
 581  .\"
 582  .\" $OpenBSD: sshd.8,v 1.276 2014/07/03 22:40:43 djm Exp $
 583  .Dd $Mdocdate: July 3 2014 $
 584 -.Dt SSHD 8
 585 +.Dt SSHD 1M
 586  .Os
 587  .Sh NAME
 588  .Nm sshd
 589 @@ -77,7 +77,7 @@
 590  .Nm
 591  can be configured using command-line options or a configuration file
 592  (by default
 593 -.Xr sshd_config 5 ) ;
 594 +.Xr sshd_config 4 ) ;
 595  command-line options override values specified in the
 596  configuration file.
 597  .Nm
 598 @@ -183,7 +183,7 @@
 599  Specifies that
 600  .Nm
 601  is being run from
 602 -.Xr inetd 8 .
 603 +.Xr inetd 1M .
 604  .Nm
 605  is normally not run
 606  from inetd because it needs to generate the server key before it can
 607 @@ -207,7 +207,7 @@
 608  This is useful for specifying options for which there is no separate
 609  command-line flag.
 610  For full details of the options, and their values, see
 611 -.Xr sshd_config 5 .
 612 +.Xr sshd_config 4 .
 613  .It Fl p Ar port
 614  Specifies the port on which the server listens for connections
 615  (default 22).
 616 @@ -277,7 +277,7 @@
 617  though this can be changed via the
 618  .Cm Protocol
 619  option in
 620 -.Xr sshd_config 5 .
 621 +.Xr sshd_config 4 .
 622  Protocol 2 supports DSA, ECDSA, ED25519 and RSA keys;
 623  protocol 1 only supports RSA keys.
 624  For both protocols,
 625 @@ -402,7 +402,7 @@
 626  See the
 627  .Cm PermitUserEnvironment
 628  option in
 629 -.Xr sshd_config 5 .
 630 +.Xr sshd_config 4 .
 631  .It
 632  Changes to user's home directory.
 633  .It
 634 @@ -550,7 +550,7 @@
 635  environment variable.
 636  Note that this option applies to shell, command or subsystem execution.
 637  Also note that this command may be superseded by either a
 638 -.Xr sshd_config 5
 639 +.Xr sshd_config 4
 640  .Cm ForceCommand
 641  directive or a command embedded in a certificate.
 642  .It Cm environment="NAME=value"
 643 @@ -571,7 +571,7 @@
 644  name of the remote host or its IP address must be present in the
 645  comma-separated list of patterns.
 646  See PATTERNS in
 647 -.Xr ssh_config 5
 648 +.Xr ssh_config 4
 649  for more information on patterns.
 650  .Pp
 651  In addition to the wildcard matching that may be applied to hostnames or
 652 @@ -859,11 +859,11 @@
 653  .It Pa /etc/moduli
 654  Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
 655  The file format is described in
 656 -.Xr moduli 5 .
 657 +.Xr moduli 4 .
 658  .Pp
 659  .It Pa /etc/motd
 660  See
 661 -.Xr motd 5 .
 662 +.Xr motd 4 .
 663  .Pp
 664  .It Pa /etc/nologin
 665  If this file exists,
 666 @@ -920,7 +920,7 @@
 667  Contains configuration data for
 668  .Nm sshd .
 669  The file format and configuration options are described in
 670 -.Xr sshd_config 5 .
 671 +.Xr sshd_config 4 .
 672  .Pp
 673  .It Pa /etc/ssh/sshrc
 674  Similar to
 675 @@ -954,11 +954,11 @@
 676  .Xr ssh-keygen 1 ,
 677  .Xr ssh-keyscan 1 ,
 678  .Xr chroot 2 ,
 679 -.Xr login.conf 5 ,
 680 -.Xr moduli 5 ,
 681 -.Xr sshd_config 5 ,
 682 -.Xr inetd 8 ,
 683 -.Xr sftp-server 8
 684 +.Xr login.conf 4 ,
 685 +.Xr moduli 4 ,
 686 +.Xr sshd_config 4 ,
 687 +.Xr inetd 1M ,
 688 +.Xr sftp-server 1M
 689  .Sh AUTHORS
 690  OpenSSH is a derivative of the original and free
 691  ssh 1.2.12 release by Tatu Ylonen.
 692 diff -ru openssh-6.7p1-orig/sshd_config.5 openssh-6.7p1/sshd_config.5
 693 --- openssh-6.7p1-orig/sshd_config.5    Thu Oct  2 19:24:57 2014
 694 +++ openssh-6.7p1/sshd_config.5 Fri Feb 27 15:56:01 2015
 695 @@ -35,7 +35,7 @@
 696  .\"
 697  .\" $OpenBSD: sshd_config.5,v 1.176 2014/07/28 15:40:08 schwarze Exp $
 698  .Dd $Mdocdate: July 28 2014 $
 699 -.Dt SSHD_CONFIG 5
 700 +.Dt SSHD_CONFIG 4
 701  .Os
 702  .Sh NAME
 703  .Nm sshd_config
 704 @@ -43,7 +43,7 @@
 705  .Sh SYNOPSIS
 706  .Nm /etc/ssh/sshd_config
 707  .Sh DESCRIPTION
 708 -.Xr sshd 8
 709 +.Xr sshd 1M
 710  reads configuration data from
 711  .Pa /etc/ssh/sshd_config
 712  (or the file specified with
 713 @@ -68,7 +68,7 @@
 714  See
 715  .Cm SendEnv
 716  in
 717 -.Xr ssh_config 5
 718 +.Xr ssh_config 4
 719  for how to configure the client.
 720  Note that environment passing is only supported for protocol 2.
 721  Variables are specified by name, which may contain the wildcard characters
 722 @@ -85,7 +85,7 @@
 723  The default is not to accept any environment variables.
 724  .It Cm AddressFamily
 725  Specifies which address family should be used by
 726 -.Xr sshd 8 .
 727 +.Xr sshd 1M .
 728  Valid arguments are
 729  .Dq any ,
 730  .Dq inet
 731 @@ -118,7 +118,7 @@
 732  .Cm AllowGroups .
 733  .Pp
 734  See PATTERNS in
 735 -.Xr ssh_config 5
 736 +.Xr ssh_config 4
 737  for more information on patterns.
 738  .It Cm AllowTcpForwarding
 739  Specifies whether TCP forwarding is permitted.
 740 @@ -178,7 +178,7 @@
 741  .Cm AllowGroups .
 742  .Pp
 743  See PATTERNS in
 744 -.Xr ssh_config 5
 745 +.Xr ssh_config 4
 746  for more information on patterns.
 747  .It Cm AuthenticationMethods
 748  Specifies the authentication methods that must be successfully completed
 749 @@ -222,7 +222,7 @@
 750  It will be invoked with a single argument of the username
 751  being authenticated, and should produce on standard output zero or
 752  more lines of authorized_keys output (see AUTHORIZED_KEYS in
 753 -.Xr sshd 8 ) .
 754 +.Xr sshd 1M ) .
 755  If a key supplied by AuthorizedKeysCommand does not successfully authenticate
 756  and authorize the user then public key authentication continues using the usual
 757  .Cm AuthorizedKeysFile
 758 @@ -238,7 +238,7 @@
 759  The format is described in the
 760  AUTHORIZED_KEYS FILE FORMAT
 761  section of
 762 -.Xr sshd 8 .
 763 +.Xr sshd 1M .
 764  .Cm AuthorizedKeysFile
 765  may contain tokens of the form %T which are substituted during connection
 766  setup.
 767 @@ -261,7 +261,7 @@
 768  to be accepted for authentication.
 769  Names are listed one per line preceded by key options (as described
 770  in AUTHORIZED_KEYS FILE FORMAT in
 771 -.Xr sshd 8 ) .
 772 +.Xr sshd 1M ) .
 773  Empty lines and comments starting with
 774  .Ql #
 775  are ignored.
 776 @@ -291,7 +291,7 @@
 777  though the
 778  .Cm principals=
 779  key option offers a similar facility (see
 780 -.Xr sshd 8
 781 +.Xr sshd 1M
 782  for details).
 783  .It Cm Banner
 784  The contents of the specified file are sent to the remote user before
 785 @@ -304,7 +304,7 @@
 786  .It Cm ChallengeResponseAuthentication
 787  Specifies whether challenge-response authentication is allowed (e.g. via
 788  PAM or through authentication styles supported in
 789 -.Xr login.conf 5 )
 790 +.Xr login.conf 4 )
 791  The default is
 792  .Dq yes .
 793  .It Cm ChrootDirectory
 794 @@ -314,7 +314,7 @@
 795  All components of the pathname must be root-owned directories that are
 796  not writable by any other user or group.
 797  After the chroot,
 798 -.Xr sshd 8
 799 +.Xr sshd 1M
 800  changes the working directory to the user's home directory.
 801  .Pp
 802  The pathname may contain the following tokens that are expanded at runtime once
 803 @@ -347,7 +347,7 @@
 804  though sessions which use logging may require
 805  .Pa /dev/log
 806  inside the chroot directory on some operating systems (see
 807 -.Xr sftp-server 8
 808 +.Xr sftp-server 1M
 809  for details).
 810  .Pp
 811  The default is not to
 812 @@ -404,7 +404,7 @@
 813  .It Cm ClientAliveCountMax
 814  Sets the number of client alive messages (see below) which may be
 815  sent without
 816 -.Xr sshd 8
 817 +.Xr sshd 1M
 818  receiving any messages back from the client.
 819  If this threshold is reached while client alive messages are being sent,
 820  sshd will disconnect the client, terminating the session.
 821 @@ -431,7 +431,7 @@
 822  .It Cm ClientAliveInterval
 823  Sets a timeout interval in seconds after which if no data has been received
 824  from the client,
 825 -.Xr sshd 8
 826 +.Xr sshd 1M
 827  will send a message through the encrypted
 828  channel to request a response from the client.
 829  The default
 830 @@ -462,7 +462,7 @@
 831  .Cm AllowGroups .
 832  .Pp
 833  See PATTERNS in
 834 -.Xr ssh_config 5
 835 +.Xr ssh_config 4
 836  for more information on patterns.
 837  .It Cm DenyUsers
 838  This keyword can be followed by a list of user name patterns, separated
 839 @@ -481,7 +481,7 @@
 840  .Cm AllowGroups .
 841  .Pp
 842  See PATTERNS in
 843 -.Xr ssh_config 5
 844 +.Xr ssh_config 4
 845  for more information on patterns.
 846  .It Cm ForceCommand
 847  Forces the execution of the command specified by
 848 @@ -506,7 +506,7 @@
 849  Specifies whether remote hosts are allowed to connect to ports
 850  forwarded for the client.
 851  By default,
 852 -.Xr sshd 8
 853 +.Xr sshd 1M
 854  binds remote port forwardings to the loopback address.
 855  This prevents other remote hosts from connecting to forwarded ports.
 856  .Cm GatewayPorts
 857 @@ -554,7 +554,7 @@
 858  A setting of
 859  .Dq yes
 860  means that
 861 -.Xr sshd 8
 862 +.Xr sshd 1M
 863  uses the name supplied by the client rather than
 864  attempting to resolve the name from the TCP connection itself.
 865  The default is
 866 @@ -565,7 +565,7 @@
 867  by
 868  .Cm HostKey .
 869  The default behaviour of
 870 -.Xr sshd 8
 871 +.Xr sshd 1M
 872  is not to load any certificates.
 873  .It Cm HostKey
 874  Specifies a file containing a private host key
 875 @@ -580,7 +580,7 @@
 876  .Pa /etc/ssh/ssh_host_rsa_key
 877  for protocol version 2.
 878  Note that
 879 -.Xr sshd 8
 880 +.Xr sshd 1M
 881  will refuse to use a file if it is group/world-accessible.
 882  It is possible to have multiple host key files.
 883  .Dq rsa1
 884 @@ -621,7 +621,7 @@
 885  .Dq yes .
 886  .It Cm IgnoreUserKnownHosts
 887  Specifies whether
 888 -.Xr sshd 8
 889 +.Xr sshd 1M
 890  should ignore the user's
 891  .Pa ~/.ssh/known_hosts
 892  during
 893 @@ -745,7 +745,7 @@
 894  The default is 3600 (seconds).
 895  .It Cm ListenAddress
 896  Specifies the local addresses
 897 -.Xr sshd 8
 898 +.Xr sshd 1M
 899  should listen on.
 900  The following forms may be used:
 901  .Pp
 902 @@ -788,7 +788,7 @@
 903  The default is 120 seconds.
 904  .It Cm LogLevel
 905  Gives the verbosity level that is used when logging messages from
 906 -.Xr sshd 8 .
 907 +.Xr sshd 1M .
 908  The possible values are:
 909  QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3.
 910  The default is INFO.
 911 @@ -881,7 +881,7 @@
 912  The match patterns may consist of single entries or comma-separated
 913  lists and may use the wildcard and negation operators described in the
 914  PATTERNS section of
 915 -.Xr ssh_config 5 .
 916 +.Xr ssh_config 4 .
 917  .Pp
 918  The patterns in an
 919  .Cm Address
 920 @@ -962,7 +962,7 @@
 921  the three colon separated values
 922  .Dq start:rate:full
 923  (e.g. "10:30:60").
 924 -.Xr sshd 8
 925 +.Xr sshd 1M
 926  will refuse connection attempts with a probability of
 927  .Dq rate/100
 928  (30%)
 929 @@ -1075,7 +1075,7 @@
 930  options in
 931  .Pa ~/.ssh/authorized_keys
 932  are processed by
 933 -.Xr sshd 8 .
 934 +.Xr sshd 1M .
 935  The default is
 936  .Dq no .
 937  Enabling environment processing may enable users to bypass access
 938 @@ -1094,7 +1094,7 @@
 939  .Pa /var/run/sshd.pid .
 940  .It Cm Port
 941  Specifies the port number that
 942 -.Xr sshd 8
 943 +.Xr sshd 1M
 944  listens on.
 945  The default is 22.
 946  Multiple options of this type are permitted.
 947 @@ -1102,7 +1102,7 @@
 948  .Cm ListenAddress .
 949  .It Cm PrintLastLog
 950  Specifies whether
 951 -.Xr sshd 8
 952 +.Xr sshd 1M
 953  should print the date and time of the last user login when a user logs
 954  in interactively.
 955  The default is
 956 @@ -1109,7 +1109,7 @@
 957  .Dq yes .
 958  .It Cm PrintMotd
 959  Specifies whether
 960 -.Xr sshd 8
 961 +.Xr sshd 1M
 962  should print
 963  .Pa /etc/motd
 964  when a user logs in interactively.
 965 @@ -1120,7 +1120,7 @@
 966  .Dq yes .
 967  .It Cm Protocol
 968  Specifies the protocol versions
 969 -.Xr sshd 8
 970 +.Xr sshd 1M
 971  supports.
 972  The possible values are
 973  .Sq 1
 974 @@ -1220,7 +1220,7 @@
 975  .Dq no .
 976  .It Cm StrictModes
 977  Specifies whether
 978 -.Xr sshd 8
 979 +.Xr sshd 1M
 980  should check file modes and ownership of the
 981  user's files and home directory before accepting login.
 982  This is normally desirable because novices sometimes accidentally leave their
 983 @@ -1236,7 +1236,7 @@
 984  to execute upon subsystem request.
 985  .Pp
 986  The command
 987 -.Xr sftp-server 8
 988 +.Xr sftp-server 1M
 989  implements the
 990  .Dq sftp
 991  file transfer subsystem.
 992 @@ -1254,7 +1254,7 @@
 993  Note that this option applies to protocol version 2 only.
 994  .It Cm SyslogFacility
 995  Gives the facility code that is used when logging messages from
 996 -.Xr sshd 8 .
 997 +.Xr sshd 1M .
 998  The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
 999  LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
1000  The default is AUTH.
1001 @@ -1295,7 +1295,7 @@
1002  .Xr ssh-keygen 1 .
1003  .It Cm UseDNS
1004  Specifies whether
1005 -.Xr sshd 8
1006 +.Xr sshd 1M
1007  should look up the remote host name and check that
1008  the resolved host name for the remote IP address maps back to the
1009  very same IP address.
1010 @@ -1340,13 +1340,13 @@
1011  If
1012  .Cm UsePAM
1013  is enabled, you will not be able to run
1014 -.Xr sshd 8
1015 +.Xr sshd 1M
1016  as a non-root user.
1017  The default is
1018  .Dq no .
1019  .It Cm UsePrivilegeSeparation
1020  Specifies whether
1021 -.Xr sshd 8
1022 +.Xr sshd 1M
1023  separates privileges by creating an unprivileged child process
1024  to deal with incoming network traffic.
1025  After successful authentication, another process will be created that has
1026 @@ -1368,7 +1368,7 @@
1027  .Dq none .
1028  .It Cm X11DisplayOffset
1029  Specifies the first display number available for
1030 -.Xr sshd 8 Ns 's
1031 +.Xr sshd 1M Ns 's
1032  X11 forwarding.
1033  This prevents sshd from interfering with real X11 servers.
1034  The default is 10.
1035 @@ -1383,7 +1383,7 @@
1036  .Pp
1037  When X11 forwarding is enabled, there may be additional exposure to
1038  the server and to client displays if the
1039 -.Xr sshd 8
1040 +.Xr sshd 1M
1041  proxy display is configured to listen on the wildcard address (see
1042  .Cm X11UseLocalhost
1043  below), though this is not the default.
1044 @@ -1394,7 +1394,7 @@
1045  forwarding (see the warnings for
1046  .Cm ForwardX11
1047  in
1048 -.Xr ssh_config 5 ) .
1049 +.Xr ssh_config 4 ) .
1050  A system administrator may have a stance in which they want to
1051  protect clients that may expose themselves to attack by unwittingly
1052  requesting X11 forwarding, which can warrant a
1053 @@ -1408,7 +1408,7 @@
1054  is enabled.
1055  .It Cm X11UseLocalhost
1056  Specifies whether
1057 -.Xr sshd 8
1058 +.Xr sshd 1M
1059  should bind the X11 forwarding server to the loopback address or to
1060  the wildcard address.
1061  By default,
1062 @@ -1439,7 +1439,7 @@
1063  .Pa /usr/X11R6/bin/xauth .
1064  .El
1065  .Sh TIME FORMATS
1066 -.Xr sshd 8
1067 +.Xr sshd 1M
1068  command-line arguments and configuration file options that specify time
1069  may be expressed using a sequence of the form:
1070  .Sm off
1071 @@ -1483,12 +1483,12 @@
1072  .Bl -tag -width Ds
1073  .It Pa /etc/ssh/sshd_config
1074  Contains configuration data for
1075 -.Xr sshd 8 .
1076 +.Xr sshd 1M .
1077  This file should be writable by root only, but it is recommended
1078  (though not necessary) that it be world-readable.
1079  .El
1080  .Sh SEE ALSO
1081 -.Xr sshd 8
1082 +.Xr sshd 1M
1083  .Sh AUTHORS
1084  OpenSSH is a derivative of the original and free
1085  ssh 1.2.12 release by Tatu Ylonen.
1086 Common subdirectories: openssh-6.7p1-orig/contrib/aix and openssh-6.7p1/contrib/aix
1087 Common subdirectories: openssh-6.7p1-orig/contrib/caldera and openssh-6.7p1/contrib/caldera
1088 Common subdirectories: openssh-6.7p1-orig/contrib/cygwin and openssh-6.7p1/contrib/cygwin
1089 Common subdirectories: openssh-6.7p1-orig/contrib/hpux and openssh-6.7p1/contrib/hpux
1090 Common subdirectories: openssh-6.7p1-orig/contrib/redhat and openssh-6.7p1/contrib/redhat
1091 Common subdirectories: openssh-6.7p1-orig/contrib/solaris and openssh-6.7p1/contrib/solaris
1092 Common subdirectories: openssh-6.7p1-orig/contrib/suse and openssh-6.7p1/contrib/suse
1093 Common subdirectories: openssh-6.7p1-orig/openbsd-compat/regress and openssh-6.7p1/openbsd-compat/regress
1094 Common subdirectories: openssh-6.7p1-orig/regress/unittests and openssh-6.7p1/regress/unittests
1095 Common subdirectories: openssh-6.7p1-orig/regress/unittests/sshbuf and openssh-6.7p1/regress/unittests/sshbuf
1096 Common subdirectories: openssh-6.7p1-orig/regress/unittests/sshkey and openssh-6.7p1/regress/unittests/sshkey
1097 Common subdirectories: openssh-6.7p1-orig/regress/unittests/test_helper and openssh-6.7p1/regress/unittests/test_helper
1098 Common subdirectories: openssh-6.7p1-orig/regress/unittests/sshkey/testdata and openssh-6.7p1/regress/unittests/sshkey/testdata