37,38c37,38
< .\" $OpenBSD: ssh_config.5,v 1.5 2002/08/29 22:54:10 stevesk Exp $
< .\" $FreeBSD: head/crypto/openssh/ssh_config.5 110692 2003-02-11 12:11:15Z des $
---
> .\" $OpenBSD: ssh_config.5,v 1.7 2003/03/28 10:11:43 jmc Exp $
> .\" $FreeBSD: head/crypto/openssh/ssh_config.5 113911 2003-04-23 17:13:13Z des $
180,181c180,181
< cipher. Its use is strongly discouraged due to cryptographic
< weaknesses.
---
> cipher.
> Its use is strongly discouraged due to cryptographic weaknesses.
197c197,198
< cleared. This option is primarily useful when used from the
---
> cleared.
> This option is primarily useful when used from the
234c235,236
< remote machine. The argument must be a port number.
---
> remote machine.
> The argument must be a port number.
239,240c241,242
< additional forwardings can be given on the command line. Only
< the superuser can forward privileged ports.
---
> additional forwardings can be given on the command line.
> Only the superuser can forward privileged ports.
263,266c265,269
< Agent forwarding should be enabled with caution. Users with the
< ability to bypass file permissions on the remote host (for the agent's
< Unix-domain socket) can access the local agent through the forwarded
< connection. An attacker cannot obtain key material from the agent,
---
> Agent forwarding should be enabled with caution.
> Users with the ability to bypass file permissions on the remote host
> (for the agent's Unix-domain socket)
> can access the local agent through the forwarded connection.
> An attacker cannot obtain key material from the agent,
281,285c284,288
< X11 forwarding should be enabled with caution. Users with the ability
< to bypass file permissions on the remote host (for the user's X
< authorization database) can access the local X11 display through the
< forwarded connection. An attacker may then be able to perform
< activities such as keystroke monitoring.
---
> X11 forwarding should be enabled with caution.
> Users with the ability to bypass file permissions on the remote host
> (for the user's X authorization database)
> can access the local X11 display through the forwarded connection.
> An attacker may then be able to perform activities such as keystroke monitoring.
291,292c294,295
< binds local port forwardings to the loopback address. This
< prevents other remote hosts from connecting to forwarded ports.
---
> binds local port forwardings to the loopback address.
> This prevents other remote hosts from connecting to forwarded ports.
399,400c402,404
< The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2
< and DEBUG3 each specify higher levels of verbose output.
---
> The default is INFO.
> DEBUG and DEBUG1 are equivalent.
> DEBUG2 and DEBUG3 each specify higher levels of verbose output.
477a482,484
> Setting the command to
> .Dq none
> disables this option entirely.
619c626
< .Dq FreeBSD-20030201 .
---
> .Dq FreeBSD-20030423 .
< .\" $OpenBSD: ssh_config.5,v 1.5 2002/08/29 22:54:10 stevesk Exp $
< .\" $FreeBSD: head/crypto/openssh/ssh_config.5 110692 2003-02-11 12:11:15Z des $
---
> .\" $OpenBSD: ssh_config.5,v 1.7 2003/03/28 10:11:43 jmc Exp $
> .\" $FreeBSD: head/crypto/openssh/ssh_config.5 113911 2003-04-23 17:13:13Z des $
180,181c180,181
< cipher. Its use is strongly discouraged due to cryptographic
< weaknesses.
---
> cipher.
> Its use is strongly discouraged due to cryptographic weaknesses.
197c197,198
< cleared. This option is primarily useful when used from the
---
> cleared.
> This option is primarily useful when used from the
234c235,236
< remote machine. The argument must be a port number.
---
> remote machine.
> The argument must be a port number.
239,240c241,242
< additional forwardings can be given on the command line. Only
< the superuser can forward privileged ports.
---
> additional forwardings can be given on the command line.
> Only the superuser can forward privileged ports.
263,266c265,269
< Agent forwarding should be enabled with caution. Users with the
< ability to bypass file permissions on the remote host (for the agent's
< Unix-domain socket) can access the local agent through the forwarded
< connection. An attacker cannot obtain key material from the agent,
---
> Agent forwarding should be enabled with caution.
> Users with the ability to bypass file permissions on the remote host
> (for the agent's Unix-domain socket)
> can access the local agent through the forwarded connection.
> An attacker cannot obtain key material from the agent,
281,285c284,288
< X11 forwarding should be enabled with caution. Users with the ability
< to bypass file permissions on the remote host (for the user's X
< authorization database) can access the local X11 display through the
< forwarded connection. An attacker may then be able to perform
< activities such as keystroke monitoring.
---
> X11 forwarding should be enabled with caution.
> Users with the ability to bypass file permissions on the remote host
> (for the user's X authorization database)
> can access the local X11 display through the forwarded connection.
> An attacker may then be able to perform activities such as keystroke monitoring.
291,292c294,295
< binds local port forwardings to the loopback address. This
< prevents other remote hosts from connecting to forwarded ports.
---
> binds local port forwardings to the loopback address.
> This prevents other remote hosts from connecting to forwarded ports.
399,400c402,404
< The default is INFO. DEBUG and DEBUG1 are equivalent. DEBUG2
< and DEBUG3 each specify higher levels of verbose output.
---
> The default is INFO.
> DEBUG and DEBUG1 are equivalent.
> DEBUG2 and DEBUG3 each specify higher levels of verbose output.
477a482,484
> Setting the command to
> .Dq none
> disables this option entirely.
619c626
< .Dq FreeBSD-20030201 .
---
> .Dq FreeBSD-20030423 .