[openssh-commits] [openssh] 05/08: upstream commit

git+noreply at mindrot.org git+noreply at mindrot.org
Mon Sep 12 13:49:49 AEST 2016


This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit f219fc8f03caca7ac82a38ed74bbd6432a1195e7
Author: jmc at openbsd.org <jmc at openbsd.org>
Date:   Wed Sep 7 18:39:24 2016 +0000

    upstream commit
    
    sort; from matthew martin
    
    Upstream-ID: 73cec7f7ecc82d37a4adffad7745e4684de67ce7
---
 sshd_config.5 | 36 ++++++++++++++++++------------------
 1 file changed, 18 insertions(+), 18 deletions(-)

diff --git a/sshd_config.5 b/sshd_config.5
index fe3b23d..a4d1ca0 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.230 2016/08/19 03:18:07 djm Exp $
-.Dd $Mdocdate: August 19 2016 $
+.\" $OpenBSD: sshd_config.5,v 1.231 2016/09/07 18:39:24 jmc Exp $
+.Dd $Mdocdate: September 7 2016 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -123,15 +123,15 @@ and finally
 See PATTERNS in
 .Xr ssh_config 5
 for more information on patterns.
-.It Cm AllowTcpForwarding
-Specifies whether TCP forwarding is permitted.
+.It Cm AllowStreamLocalForwarding
+Specifies whether StreamLocal (Unix-domain socket) forwarding is permitted.
 The available options are
 .Dq yes
 or
 .Dq all
-to allow TCP forwarding,
+to allow StreamLocal forwarding,
 .Dq no
-to prevent all TCP forwarding,
+to prevent all StreamLocal forwarding,
 .Dq local
 to allow local (from the perspective of
 .Xr ssh 1 )
@@ -140,18 +140,18 @@ forwarding only or
 to allow remote forwarding only.
 The default is
 .Dq yes .
-Note that disabling TCP forwarding does not improve security unless
+Note that disabling StreamLocal forwarding does not improve security unless
 users are also denied shell access, as they can always install their
 own forwarders.
-.It Cm AllowStreamLocalForwarding
-Specifies whether StreamLocal (Unix-domain socket) forwarding is permitted.
+.It Cm AllowTcpForwarding
+Specifies whether TCP forwarding is permitted.
 The available options are
 .Dq yes
 or
 .Dq all
-to allow StreamLocal forwarding,
+to allow TCP forwarding,
 .Dq no
-to prevent all StreamLocal forwarding,
+to prevent all TCP forwarding,
 .Dq local
 to allow local (from the perspective of
 .Xr ssh 1 )
@@ -160,7 +160,7 @@ forwarding only or
 to allow remote forwarding only.
 The default is
 .Dq yes .
-Note that disabling StreamLocal forwarding does not improve security unless
+Note that disabling TCP forwarding does not improve security unless
 users are also denied shell access, as they can always install their
 own forwarders.
 .It Cm AllowUsers
@@ -1223,6 +1223,12 @@ All other authentication methods are disabled for root.
 If this option is set to
 .Dq no ,
 root is not allowed to log in.
+.It Cm PermitTTY
+Specifies whether
+.Xr pty 4
+allocation is permitted.
+The default is
+.Dq yes .
 .It Cm PermitTunnel
 Specifies whether
 .Xr tun 4
@@ -1246,12 +1252,6 @@ The default is
 Independent of this setting, the permissions of the selected
 .Xr tun 4
 device must allow access to the user.
-.It Cm PermitTTY
-Specifies whether
-.Xr pty 4
-allocation is permitted.
-The default is
-.Dq yes .
 .It Cm PermitUserEnvironment
 Specifies whether
 .Pa ~/.ssh/environment

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list