- markus@cvs.openbsd.org 2001/06/22 21:55:49
[auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config
ssh-keygen.1]
merge authorized_keys2 into authorized_keys.
authorized_keys2 is used for backward compat.
(just append authorized_keys2 to authorized_keys).
diff --git a/sshd.8 b/sshd.8
index ee3f116..b6ac3d4 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: sshd.8,v 1.129 2001/06/22 21:28:53 provos Exp $
+.\" $OpenBSD: sshd.8,v 1.130 2001/06/22 21:55:50 markus Exp $
.Dd September 25, 1999
.Dt SSHD 8
.Os
@@ -345,20 +345,6 @@
directory.
The default is
.Dq .ssh/authorized_keys
-.It Cm AuthorizedKeysFile2
-Specifies the file that contains the public keys that can be used
-for public key authentication in protocol version 2.
-.Cm AuthorizedKeysFile2
-may contain tokens of the form %T which are substituted during connection
-set-up. The following tokens are defined; %% is replaces by a literal '%',
-%h is replaced by the home directory of the user being authenticated and
-%u is replaced by the username of that user.
-After expansion,
-.Cm AuthorizedKeysFile2
-is taken to be an absolute path or one relative to the user's home
-directory.
-The default is
-.Dq .ssh/authorized_keys2
.It Cm Banner
In some jurisdictions, sending a warning message before authentication
may be relevant for getting legal protection.
@@ -921,16 +907,11 @@
.El
.Sh AUTHORIZED_KEYS FILE FORMAT
.Pa $HOME/.ssh/authorized_keys
-is the default file that lists the RSA keys that are
-permitted for RSA authentication in protocol version 1.
-.Cm AuthorizedKeysFile
-may be used to specify an alternative file.
-Similarly,
-.Pa $HOME/.ssh/authorized_keys2
-is the default file that lists the DSA and RSA keys that are
-permitted for public key authentication (PubkeyAuthentication)
+is the default file that lists the public keys that are
+permitted for RSA authentication in protocol version 1
+and for public key authentication (PubkeyAuthentication)
in protocol version 2.
-.Cm AuthorizedKeysFile2
+.Cm AuthorizedKeysFile
may be used to specify an alternative file.
.Pp
Each line of the file contains one
@@ -1133,17 +1114,6 @@
started last).
The content of this file is not sensitive; it can be world-readable.
.It Pa $HOME/.ssh/authorized_keys
-Lists the RSA keys that can be used to log into the user's account.
-This file must be readable by root (which may on some machines imply
-it being world-readable if the user's home directory resides on an NFS
-volume).
-It is recommended that it not be accessible by others.
-The format of this file is described above.
-Users will place the contents of their
-.Pa identity.pub
-files into this file, as described in
-.Xr ssh-keygen 1 .
-.It Pa $HOME/.ssh/authorized_keys2
Lists the public keys (RSA or DSA) that can be used to log into the user's account.
This file must be readable by root (which may on some machines imply
it being world-readable if the user's home directory resides on an NFS
@@ -1151,6 +1121,7 @@
It is recommended that it not be accessible by others.
The format of this file is described above.
Users will place the contents of their
+.Pa identity.pub ,
.Pa id_dsa.pub
and/or
.Pa id_rsa.pub