Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 30c3d429306bb4afe71c18db92816b981f7b6d9d^! / . / ssh.1
commit30c3d429306bb4afe71c18db92816b981f7b6d9d[log] [tgz]
authorDamien Miller <djm@mindrot.org>Tue May 09 11:02:59 2000 +1000
committerDamien Miller <djm@mindrot.org>Tue May 09 11:02:59 2000 +1000
treea65f45e0073cb55ad42957a36b4636ff21405108
parent61e50f10c276009bf9472fdd797bf6be60fc2a83 [diff] [blame]
 - OpenBSD CVS update
  - markus@cvs.openbsd.org
    [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c]
    [ssh.h sshconnect1.c sshconnect2.c sshd.8]
    - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)
  - hugh@cvs.openbsd.org
    [ssh.1]
    - zap typo
    [ssh-keygen.1]
    - One last nit fix. (markus approved)
    [sshd.8]
    - some markus certified spelling adjustments
  - markus@cvs.openbsd.org
    [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c]
    [sshconnect2.c ]
    - bug compat w/ ssh-2.0.13 x11, split out bugs
    [nchan.c]
    - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
    [ssh-keygen.c]
    - handle escapes in real and original key format, ok millert@
    [version.h]
    - OpenSSH-2.1

diff --git a/ssh.1 b/ssh.1
index a4738e6..48040c4 100644
--- a/ssh.1
+++ b/ssh.1

@@ -9,7 +9,7 @@
 .\"
 .\" Created: Sat Apr 22 21:55:14 1995 ylo
 .\"
-.\" $Id: ssh.1,v 1.24 2000/05/07 02:03:19 damien Exp $
+.\" $Id: ssh.1,v 1.25 2000/05/09 01:03:02 damien Exp $
 .\"
 .Dd September 25, 1999
 .Dt SSH 1
@@ -25,7 +25,7 @@
 .Pp
 .Nm ssh
 .Op Fl afgknqtvxCPX246
-.Op Fl c Ar blowfish | 3des
+.Op Fl c Ar cipher_spec
 .Op Fl e Ar escape_char
 .Op Fl i Ar identity_file
 .Op Fl l Ar login_name
@@ -202,7 +202,7 @@
 S/Key authentication.
 .Pp
 Protocol 2 provides additional mechanisms for confidentiality
-(the traffic is encrypted using 3DES, blowfish, cast128 or arcfour)
+(the traffic is encrypted using 3DES, Blowfish, CAST128 or Arcfour)
 and integrity (hmac-sha1, hmac-md5).
 Note that protocol 1 lacks a strong mechanism for ensuring the
 integrity of the connection.
@@ -342,10 +342,15 @@
 (triple-des) is an encrypt-decrypt-encrypt triple with three different keys.
 It is presumably more secure than the
 .Ar des
-cipher which is no longer supported in ssh.
+cipher which is no longer supported in
+.Nm ssh .
 .Ar blowfish
 is a fast block cipher, it appears very secure and is much faster than
 .Ar 3des .
+.It Fl c Ar "3des-cbc,blowfish-cbc,arcfour,cast128-cbc"
+Additionally, for protocol version 2 a comma-separated list of ciphers can
+be specified in order of preference. Protocol version 2 supports
+3DES, Blowfish and CAST128 in CBC mode and Arcfour.
 .It Fl e Ar ch|^ch|none
 Sets the escape character for sessions with a pty (default:
 .Ql ~ ) .
@@ -601,7 +606,7 @@
 in order of preference.
 Multiple ciphers must be comma-separated.
 The default is
-.Dq blowfish-cbc,3des-cbc,arcfour,cast128-cbc .
+.Dq 3des-cbc,blowfish-cbc,arcfour,cast128-cbc .
 .It Cm Compression
 Specifies whether to use compression.
 The argument must be
@@ -785,7 +790,7 @@
 This means that
 .Nm
 tries version 1 and falls back to version 2
-if version 1 is no available.
+if version 1 is not available.
 .It Cm ProxyCommand
 Specifies the command to use to connect to the server.
 The command