diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-11 15:50:13 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-11 15:50:13 +0000 |
| commit | 11d470de348beb5e9f6a2dcc27fdeb1ad8257acd (patch) | |
| tree | 9b0479ba7cf3bc2e207471cd47d6890f2503d2bf | |
| parent | 2779d28a0f96fc4675638d85869dcc4448e83453 (diff) | |
| download | openssh-git-11d470de348beb5e9f6a2dcc27fdeb1ad8257acd.tar.gz | |
- stevesk@cvs.openbsd.org 2002/06/10 16:56:30
[ssh-keysign.8]
merge in stuff from my man page; ok markus@
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | ssh-keysign.8 | 23 |
2 files changed, 20 insertions, 8 deletions
@@ -10,6 +10,9 @@ - stevesk@cvs.openbsd.org 2002/06/10 16:53:06 [auth-rsa.c ssh-rsa.c] display minimum RSA modulus in error(); ok markus@ + - stevesk@cvs.openbsd.org 2002/06/10 16:56:30 + [ssh-keysign.8] + merge in stuff from my man page; ok markus@ 20020609 - (bal) OpenBSD CVS Sync @@ -875,4 +878,4 @@ - (stevesk) entropy.c: typo in debug message - (djm) ssh-keygen -i needs seeded RNG; report from markus@ -$Id: ChangeLog,v 1.2202 2002/06/11 15:47:42 mouring Exp $ +$Id: ChangeLog,v 1.2203 2002/06/11 15:50:13 mouring Exp $ diff --git a/ssh-keysign.8 b/ssh-keysign.8 index fccbd7c2..ab2cf21b 100644 --- a/ssh-keysign.8 +++ b/ssh-keysign.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keysign.8,v 1.1 2002/05/25 08:16:59 markus Exp $ +.\" $OpenBSD: ssh-keysign.8,v 1.2 2002/06/10 16:56:30 stevesk Exp $ .\" .\" Copyright (c) 2002 Markus Friedl. All rights reserved. .\" @@ -29,16 +29,13 @@ .Nm ssh-keysign .Nd ssh helper program for hostbased authentication .Sh SYNOPSIS -.Nm ssh-keysign +.Nm .Sh DESCRIPTION .Nm is used by .Xr ssh 1 -to access the local host keys during hostbased authentication with -SSH protocol version 2. -Since the host keys are readable only by root -.Nm -must be setuid root. +to access the local host keys and generate the digital signature +required during hostbased authentication with SSH protocol version 2. .Nm is not intended to be invoked by the user, but from .Xr ssh 1 . @@ -47,8 +44,20 @@ See and .Xr sshd 8 for more information about hostbased authentication. +.Sh FILES +.Bl -tag -width Ds +.It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key +These files contain the private parts of the host keys used to +generate the digital signature. They +should be owned by root, readable only by root, and not +accessible to others. +Since they are readable only by root, +.Nm +must be set-uid root if hostbased authentication is used. +.El .Sh SEE ALSO .Xr ssh 1 , +.Xr ssh-keygen 1 , .Xr sshd 8 .Sh AUTHORS Markus Friedl <markus@openbsd.org> |