[Bug 3331] Issues with man pages

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Dec 26 20:10:52 AEDT 2024 

https://bugzilla.mindrot.org/show_bug.cgi?id=3331

--- Comment #8 from Helge Kreutzmann <debian at helgefjell.de> ---
Hello OpenSSH maintainers,
below you can find those issues which are currently (as of late
December 2024 in the distros) open. Again, please tell me if I should
file them via Debian as proxy, as stated in my comment about a week
ago.


Man page: sftp-server.8
Issue 1:  -m → E<.Fl m>
Issue 2:  -u → E<.Fl u>

"Sets explicit file permissions to be applied to newly-created files
instead "
"of the default or client requested mode.  Numeric values include: 777,
755, "
"750, 666, 644, 640, etc.  Using both -m and -u switches makes the
umask (-u) "
"effective only for newly created directories and explicit mode (-m) 
for "
"newly created files."

"Sets explicit permissions to be applied to newly-created files and "
"directories instead of the default or client requested mode.  Numeric
values "
"include: 777, 755, 750, 666, 644, 640, etc.  Option -u is ineffective
if -m "
"is set."
--
Man page: ssh_config.5
Issue:    No section TIME FORMATS in this page (but in sshd_config(5))

"The timeout value E<.Dq interval> is specified in seconds or may use
any of "
"the units documented in the E<.Sx TIME FORMATS> section.  For example,
E<.Dq "
"session=5m> would cause interactive sessions to terminate after five
minutes "
"of inactivity.  Specifying a zero value disables the inactivity
timeout."
--
Man page: ssh_config.5
Issue:    Is this enabling the command line or the command line option?
The first sentence states the latter, the last one the former.

"Enables the command line option in the E<.Cm EscapeChar> menu for "
"interactive sessions (default E<.Ql ~C>).  By default, the command
line is "
"disabled."
--
Man page: ssh_config.5
Issue:    known hosts files -> E<.Pa known_hosts> files?

"Indicates that E<.Xr ssh 1> should hash host names and addresses when
they "
"are added to E<.Pa ~/.ssh/known_hosts>.  These hashed names may be
used "
"normally by E<.Xr ssh 1> and E<.Xr sshd 8>, but they do not visually
reveal "
"identifying information if the file's contents are disclosed.  The
default "
"is E<.Cm no>.  Note that existing names and addresses in known hosts
files "
"will not be converted automatically, but may be manually hashed using
E<.Xr "
"ssh-keygen 1>."

"Indicates that E<.Xr ssh 1> should hash host names and addresses when
they "
"are added to E<.Pa ~/.ssh/known_hosts>.  These hashed names may be
used "
"normally by E<.Xr ssh 1> and E<.Xr sshd 8>, but they do not visually
reveal "
"identifying information if the file's contents are disclosed.  The
default "
"is E<.Cm no>.  Note that existing names and addresses in known hosts
files "
"will not be converted automatically, but may be manually hashed using
E<.Xr "
"ssh-keygen 1>.  Use of this option may break facilities such as tab-"
"completion that rely on being able to read unhashed host names from
E<.Pa ~/."
"ssh/known_hosts>."
--
Man page: ssh_config.5
Issue:    TIME FORMATS → E<.Sx TIME FORMATS>

"Specifies the maximum amount of data that may be transmitted or
received "
"before the session key is renegotiated, optionally followed by a
maximum "
"amount of time that may pass before the session key is renegotiated. 
The "
"first argument is specified in bytes and may have a suffix of E<.Sq
K>, E<."
"Sq M>, or E<.Sq G> to indicate Kilobytes, Megabytes, or Gigabytes, "
"respectively.  The default is between E<.Sq 1G> and E<.Sq 4G>,
depending on "
"the cipher.  The optional second value is specified in seconds and may
use "
"any of the units documented in the TIME FORMATS section of E<.Xr
sshd_config "
"5>.  The default value for E<.Cm RekeyLimit> is E<.Cm default none>,
which "
"means that rekeying is performed after the cipher's default amount of
data "
"has been sent or received and no time based rekeying is done."
--
Man page: ssh_config.5
Issue:    openssh → OpenSSH

"Specifies the signature algorithms that will be used for hostbased "
"authentication as a comma-separated list of patterns.  Alternately if
the "
"specified list begins with a E<.Sq +> character, then the specified "
"signature algorithms will be appended to the built-in openssh default
set "
"instead of replacing them.  If the specified list begins with a E<.Sq
-> "
"character, then the specified signature algorithms (including
wildcards)  "
"will be removed from the built-in openssh default set instead of
replacing "
"them.  If the specified list begins with a E<.Sq ^> character, then
the "
"specified signature algorithms will be placed at the head of the
built-in "
"openssh default set."
--
Man page: ssh_config.5
Issue:    E<.Xr crypto_policies 7 can … so> → E<.Xr crypto_policies 7>
can … so

"The proposed E<.Cm HostKeyAlgorithms> during KEX are limited to the
set of "
"algorithms that is defined in E<.Cm PubkeyAcceptedAlgorithms> and
therefore "
"they are indirectly affected by system-wide E<.Xr crypto_policies 7>. 
E<.Xr "
"crypto_policies 7 can not handle the list of host key algorithms
directly as "
"doing so> would break the order given by the E<.Pa known_hosts> file."
--
Man page: ssh_config.5
Issue:    Why does a new paragraph start in the middle of a sentence?

"built-in openssh default set.  The list of supported key exchange
algorithms "
"may also be obtained using E<.Qq ssh -Q kex>."
--
Man page: ssh_config.5
Issue:    Missing full stop

"This option affects also E<.Cm HostKeyAlgorithms>"
--
Man page: ssh_config.5
Issue:    ssh-keysign should → E<.Xr ssh-keysign 8> should

"Setting this option to E<.Cm yes> in the global client configuration
file E<."
"Pa /etc/ssh/ssh_config> enables the use of the helper program E<.Xr
ssh-"
"keysign 8> during E<.Cm HostbasedAuthentication>.  The argument must
be E<."
"Cm yes> or E<.Cm no> (the default).  This option should be placed in
the non-"
"hostspecific section.  See E<.Xr ssh-keysign 8> for more information.
ssh-"
"keysign should be installed explicitly."
--
Man page: ssh_config.5
Issue:    E<.Xr crypto_policies 7 does not handle the list of
algorithms as doing so> → E<.Xr crypto_policies 7> does not handle the
list of algorithms as doing so

"E<.Xr crypto_policies 7 does not handle the list of algorithms as
doing so> "
"would break the order given by the E<.Pa known_hosts> file. Therefore
the "
"list is filtered by E<.Cm PubkeyAcceptedAlgorithms.>"
--
Man page: ssh-copy-id.1
Issue 1:  ssh → B<ssh>(1)
Issue 2:  sftp → B<sftp>(1)

"These options are simply passed through untouched (with their
argument)  to "
"ssh/sftp, allowing one to set an alternative config file, or other
options, "
"respectively."
--
Man page: sshd.8
Issue 1:  E<.Cm DenyGroups> \\&. → E<.Cm DenyGroups>\\&.
Issue 2:  eg → e.g.
Issue 3:  ( E<.Ql → (E<.Ql
Issue 4:  \\&*NP\\&*> ) → \\&*NP\\&*>)

"Regardless of the authentication type, the account is checked to
ensure that "
"it is accessible.  An account is not accessible if it is locked,
listed in "
"E<.Cm DenyUsers> or its group is listed in E<.Cm DenyGroups> \\&.  The
"
"definition of a locked account is system dependent. Some platforms
have "
"their own account database (eg AIX) and some modify the passwd field (
E<.Ql "
"\\&*LK\\&*> on Solaris and UnixWare, E<.Ql \\&*> on HP-UX, containing
E<.Ql "
"Nologin> on Tru64, a leading E<.Ql \\&*LOCKED\\&*> on FreeBSD and a
leading "
"E<.Ql \\&!> on most Linuxes).  If there is a requirement to disable
password "
"authentication for the account while allowing still public-key, then
the "
"passwd field should be set to something other than these values (eg
E<.Ql "
"NP> or E<.Ql \\&*NP\\&*> )."
--
Man page: sshd_config.5
Issue:   Something missing or wrong fullstop after E<.Cm pam>?

"For keyboard interactive authentication it is also possible to
restrict "
"authentication to a specific device by appending a colon followed by
the "
"device identifier E<.Cm bsdauth> or E<.Cm pam>.  depending on the
server "
"configuration.  For example, E<.Qq keyboard-interactive:bsdauth> would
"
"restrict keyboard interactive authentication to the E<.Cm bsdauth>
device."
--
Man page: sshd_config.5
Issue:    No section TIME FORMATS in this page (but in sshd_config(5))

"The timeout value E<.Dq interval> is specified in seconds or may use
any of "
"the units documented in the E<.Sx TIME FORMATS> section.  For example,
E<.Dq "
"session=5m> would cause interactive sessions to terminate after five
minutes "
"of inactivity.  Specifying a zero value disables the inactivity
timeout."
--
Man page: sshd_config.5
Issue:    E<.Xr sshd 8 (default: 90s).> →  E<.Xr sshd 8> (default:
90s).

"Specifies how long to refuse clients that cause a crash of E<.Xr sshd
8 "
"(default: 90s).>"
--
Man page: sshd_config.5
Issue:    Superfluous space before comma in first line

"When set to E<.Dq yes> , the checks whether the account has been
locked with "
"E<.Pa passwd -l> are performed even when PAM authentication is enabled
via "
"E<.Cm UsePAM>.  This is to ensure that it is not possible to log in
with e."
"g. a public key (in such a case PAM is used only to set up the session
and "
"some PAM modules will not check whether the account is locked in this
"
"scenario). The default is E<.Dq no>."

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list