- jmc@cvs.openbsd.org 2010/08/08 19:36:30
[ssh-keysign.8 ssh.1 sshd.8]
use the same template for all FILES sections; i.e. -compact/.Pp where we
have multiple items, and .Pa for path names;
diff --git a/ssh-keysign.8 b/ssh-keysign.8
index 46c0ee9..2e47f12 100644
--- a/ssh-keysign.8
+++ b/ssh-keysign.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-keysign.8,v 1.10 2010/08/04 05:42:47 djm Exp $
+.\" $OpenBSD: ssh-keysign.8,v 1.11 2010/08/08 19:36:30 jmc Exp $
.\"
.\" Copyright (c) 2002 Markus Friedl. All rights reserved.
.\"
@@ -22,7 +22,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: August 4 2010 $
+.Dd $Mdocdate: August 8 2010 $
.Dt SSH-KEYSIGN 8
.Os
.Sh NAME
@@ -55,12 +55,14 @@
.Xr sshd 8
for more information about host-based authentication.
.Sh FILES
-.Bl -tag -width Ds
+.Bl -tag -width Ds -compact
.It Pa /etc/ssh/ssh_config
Controls whether
.Nm
is enabled.
-.It Pa /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
+.Pp
+.It Pa /etc/ssh/ssh_host_dsa_key
+.It Pa /etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to
generate the digital signature.
They should be owned by root, readable only by root, and not
@@ -68,7 +70,9 @@
Since they are readable only by root,
.Nm
must be set-uid root if host-based authentication is used.
-.It Pa /etc/ssh/ssh_host_dsa_key-cert.pub, /etc/ssh/ssh_host_rsa_key-cert.pub
+.Pp
+.It Pa /etc/ssh/ssh_host_dsa_key-cert.pub
+.It Pa /etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate
information corresponding with the private keys above.
.El