Adjust various OpenBSD-specific references in manual pages

No single bug reference for this patch, but history includes: https://bugs.debian.org/154434 (login.conf(5)) https://bugs.debian.org/513417 (/etc/rc) https://bugs.debian.org/530692 (ssl(8)) https://bugs.launchpad.net/bugs/456660 (ssl(8)) https://bugs.debian.org/998069 (rdomain(4)) Forwarded: not-needed Last-Update: 2023-09-02 Patch-Name: openbsd-docs.patch Gbp-Pq: Name openbsd-docs.patch
2014-02-09 16:10:09 +00:00 · 2014-02-09 16:10:09 +00:00 · a6a7a1913b
parent 057eb65d5c
commit a6a7a1913b
5 changed files with 14 additions and 51 deletions
--- a/moduli.5
+++ b/moduli.5
@ -21,7 +21,7 @@
 .Nd Diffie-Hellman moduli
 .Sh DESCRIPTION
 The
-.Pa /etc/moduli
+.Pa /etc/ssh/moduli
 file contains prime numbers and generators for use by
 .Xr sshd 8
 in the Diffie-Hellman Group Exchange key exchange method.
@ -110,7 +110,7 @@ first estimates the size of the modulus required to produce enough
 Diffie-Hellman output to sufficiently key the selected symmetric cipher.
 .Xr sshd 8
 then randomly selects a modulus from
-.Fa /etc/moduli
+.Fa /etc/ssh/moduli
 that best meets the size requirement.
 .Sh SEE ALSO
 .Xr ssh-keygen 1 ,
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@ -212,9 +212,7 @@ key in
 .Pa ~/.ssh/id_ed25519_sk
 or
 .Pa ~/.ssh/id_rsa .
-Additionally, the system administrator may use this to generate host keys,
-as seen in
-.Pa /etc/rc .
+Additionally, the system administrator may use this to generate host keys.
 .Pp
 Normally this program generates the key and asks for a file in which
 to store the private key.
@ -279,9 +277,7 @@ If
 .Fl f
 has also been specified, its argument is used as a prefix to the
 default path for the resulting host key files.
-This is used by
-.Pa /etc/rc
-to generate new host keys.
+This is used by system administration scripts to generate new host keys.
 .It Fl a Ar rounds
 When saving a private key, this option specifies the number of KDF
 (key derivation function, currently
@ -864,7 +860,7 @@ option.
 Valid generator values are 2, 3, and 5.
 .Pp
 Screened DH groups may be installed in
-.Pa /etc/moduli .
+.Pa /etc/ssh/moduli .
 It is important that this file contains moduli of a range of bit lengths.
 .Pp
 A number of options are available for moduli generation and screening via the
@ -1322,7 +1318,7 @@ on all machines
 where the user wishes to log in using public key authentication.
 There is no need to keep the contents of this file secret.
 .Pp
-.It Pa /etc/moduli
+.It Pa /etc/ssh/moduli
 Contains Diffie-Hellman groups used for DH-GEX.
 The file format is described in
 .Xr moduli 5 .
--- a/ssh.1
+++ b/ssh.1
@ -939,6 +939,10 @@ implements public key authentication protocol automatically,
 using one of the DSA, ECDSA, Ed25519 or RSA algorithms.
 The HISTORY section of
 .Xr ssl 8
+(on non-OpenBSD systems, see
+.nh
+http://www.openbsd.org/cgi\-bin/man.cgi?query=ssl&sektion=8#HISTORY)
+.hy
 contains a brief discussion of the DSA and RSA algorithms.
 .Pp
 The file
--- a/sshd.8
+++ b/sshd.8
@ -64,7 +64,7 @@ over an insecure network.
 .Nm
 listens for connections from clients.
 It is normally started at boot from
-.Pa /etc/rc .
+.Pa /etc/init.d/ssh .
 It forks a new
 daemon for each incoming connection.
 The forked daemons handle
@ -935,7 +935,7 @@ This file is for host-based authentication (see
 .Xr ssh 1 ) .
 It should only be writable by root.
 .Pp
-.It Pa /etc/moduli
+.It Pa /etc/ssh/moduli
 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange"
 key exchange method.
 The file format is described in
@ -1033,7 +1033,6 @@ The content of this file is not sensitive; it can be world-readable.
 .Xr ssh-keyscan 1 ,
 .Xr chroot 2 ,
 .Xr hosts_access 5 ,
-.Xr login.conf 5 ,
 .Xr moduli 5 ,
 .Xr sshd_config 5 ,
 .Xr inetd 8 ,
--- a/sshd_config.5
+++ b/sshd_config.5
@ -993,9 +993,6 @@ for interactive sessions and
 for non-interactive sessions.
 .It Cm KbdInteractiveAuthentication
 Specifies whether to allow keyboard-interactive authentication.
-All authentication styles from
-.Xr login.conf 5
-are supported.
 The default is
 .Cm yes .
 The argument to this keyword must be
@ -1099,45 +1096,33 @@ The following forms may be used:
 .Sm off
 .Ar hostname | address
 .Sm on
-.Op Cm rdomain Ar domain
 .It
 .Cm ListenAddress
 .Sm off
 .Ar hostname : port
 .Sm on
-.Op Cm rdomain Ar domain
 .It
 .Cm ListenAddress
 .Sm off
 .Ar IPv4_address : port
 .Sm on
-.Op Cm rdomain Ar domain
 .It
 .Cm ListenAddress
 .Sm off
 .Oo Ar hostname | address Oc : Ar port
 .Sm on
-.Op Cm rdomain Ar domain
 .El
 .Pp
-The optional
-.Cm rdomain
-qualifier requests
-.Xr sshd 8
-listen in an explicit routing domain.
 If
 .Ar port
 is not specified,
 sshd will listen on the address and all
 .Cm Port
 options specified.
-The default is to listen on all local addresses on the current default
-routing domain.
+The default is to listen on all local addresses.
 Multiple
 .Cm ListenAddress
 options are permitted.
-For more information on routing domains, see
-.Xr rdomain 4 .
 .It Cm LoginGraceTime
 The server disconnects after this time if the user has not
 successfully logged in.
@ -1262,14 +1247,8 @@ The available criteria are
 .Cm Host ,
 .Cm LocalAddress ,
 .Cm LocalPort ,
-.Cm RDomain ,
 and
-.Cm Address
-(with
-.Cm RDomain
-representing the
-.Xr rdomain 4
-on which the connection was received).
+.Cm Address .
 .Pp
 The match patterns may consist of single entries or comma-separated
 lists and may use the wildcard and negation operators described in the
@ -1341,7 +1320,6 @@ Available keywords are
 .Cm PubkeyAuthOptions ,
 .Cm RekeyLimit ,
 .Cm RevokedKeys ,
-.Cm RDomain ,
 .Cm SetEnv ,
 .Cm StreamLocalBindMask ,
 .Cm StreamLocalBindUnlink ,
@ -1736,15 +1714,6 @@ an OpenSSH Key Revocation List (KRL) as generated by
 .Xr ssh-keygen 1 .
 For more information on KRLs, see the KEY REVOCATION LISTS section in
 .Xr ssh-keygen 1 .
-.It Cm RDomain
-Specifies an explicit routing domain that is applied after authentication
-has completed.
-The user session, as well as any forwarded or listening IP sockets,
-will be bound to this
-.Xr rdomain 4 .
-If the routing domain is set to
-.Cm \&%D ,
-then the domain in which the incoming connection was received will be applied.
 .It Cm SecurityKeyProvider
 Specifies a path to a library that will be used when loading
 FIDO authenticator-hosted keys, overriding the default of using
@ -2063,8 +2032,6 @@ A literal
 Identifies the connection endpoints, containing
 four space-separated values: client address, client port number,
 server address, and server port number.
-.It \&%D
-The routing domain in which the incoming connection was received.
 .It %F
 The fingerprint of the CA key.
 .It %f
@ -2103,9 +2070,6 @@ accepts the tokens %%, %h, %U, and %u.
 .Pp
 .Cm ChrootDirectory
 accepts the tokens %%, %h, %U, and %u.
-.Pp
-.Cm RoutingDomain
-accepts the token %D.
 .Sh FILES
 .Bl -tag -width Ds
 .It Pa /etc/ssh/sshd_config