- (djm) OpenBSD CVS Sync

   - jmc@cvs.openbsd.org 2006/01/06 13:27:32
     [ssh.1]
     weed out some duplicate info in the known_hosts FILES entries;
     ok djm

2 files changed, 16 insertions, 23 deletions

diff --git a/ChangeLog b/ChangeLog
index 612612b4..462328c1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+20060114
+ - (djm) OpenBSD CVS Sync
+   - jmc@cvs.openbsd.org 2006/01/06 13:27:32
+     [ssh.1]
+     weed out some duplicate info in the known_hosts FILES entries;
+     ok djm
+
 20060109
  - (dtucker) [contrib/cygwin/ssh-host-config] Make sshd service depend on
    tcpip service so it's always started after IP is up.  Patch from
@@ -3674,4 +3681,4 @@
    - (djm) Trim deprecated options from INSTALL. Mention UsePAM
    - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
 
-$Id: ChangeLog,v 1.4083 2006/01/09 13:02:44 dtucker Exp $
+$Id: ChangeLog,v 1.4084 2006/01/13 23:08:36 djm Exp $
diff --git a/ssh.1 b/ssh.1
index 789e9473..cfe1655e 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.243 2006/01/04 19:50:09 jmc Exp $
+.\" $OpenBSD: ssh.1,v 1.244 2006/01/06 13:27:32 jmc Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -1120,11 +1120,11 @@ never used automatically and are not necessary: they are only provided for
 the convenience of the user.
 .Pp
 .It ~/.ssh/known_hosts
-Records host keys for all hosts the user has logged into that are not
-in
-.Pa /etc/ssh/ssh_known_hosts .
+Contains a list of host keys for all hosts the user has logged into
+that are not already in the systemwide list of known host keys.
 See
-.Xr sshd 8 .
+.Xr sshd 8
+for further details of the format of this file.
 .Pp
 .It ~/.ssh/rc
 Commands in this file are executed by
@@ -1181,24 +1181,10 @@ Systemwide list of known host keys.
 This file should be prepared by the
 system administrator to contain the public host keys of all machines in the
 organization.
-This file should be world-readable.
-This file contains
-public keys, one per line, in the following format (fields separated
-by spaces): system name, public key and optional comment field.
-When different names are used
-for the same machine, all such names should be listed, separated by
-commas.
-The format is described in the
-.Xr sshd 8
-manual page.
-.Pp
-The canonical system name (as returned by name servers) is used by
+It should be world-readable.
+See
 .Xr sshd 8
-to verify the client host when logging in; other names are needed because
-.Nm
-does not convert the user-supplied name to a canonical name before
-checking the key, because someone with access to the name servers
-would then be able to fool host authentication.
+for further details of the format of this file.
 .Pp
 .It /etc/ssh/sshrc
 Commands in this file are executed by