- jmc@cvs.openbsd.org 2008/05/07 08:00:14
[sshd_config.5]
sort;
diff --git a/sshd_config.5 b/sshd_config.5
index b93c801..99b5621 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,8 +34,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd_config.5,v 1.88 2008/05/07 05:49:37 pyr Exp $
-.Dd $Mdocdate: May 7 2008 $
+.\" $OpenBSD: sshd_config.5,v 1.89 2008/05/07 08:00:14 jmc Exp $
+.Dd $Mdocdate: May 19 2008 $
.Dt SSHD_CONFIG 5
.Os
.Sh NAME
@@ -95,6 +95,15 @@
(use IPv6 only).
The default is
.Dq any .
+.It Cm AllowAgentForwarding
+Specifies whether
+.Xr ssh-agent 1
+forwarding is permitted.
+The default is
+.Dq yes .
+Note that disabling agent forwarding does not improve security
+unless users are also denied shell access, as they can always install
+their own forwarders.
.It Cm AllowGroups
This keyword can be followed by a list of group name patterns, separated
by spaces.
@@ -114,15 +123,6 @@
in
.Xr ssh_config 5
for more information on patterns.
-.It Cm AllowAgentForwarding
-Specifies whether
-.Xr ssh-agent 1
-forwarding is permitted.
-The default is
-.Dq yes .
-Note that disabling Agent forwarding does not improve security
-unless users are also denied shell access, as they can always install
-their own forwarders.
.It Cm AllowTcpForwarding
Specifies whether TCP forwarding is permitted.
The default is