diff --git a/ChangeLog b/ChangeLog index b562035ef..b68b88e9a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -19,6 +19,9 @@ refer to `TCP' rather than `TCP/IP' in the context of connection forwarding; ok markus + - jmc@cvs.openbsd.org 2006/01/12 22:20:00 + [sshd.8] + refer to TCP forwarding, rather than TCP/IP forwarding; 20060109 - (dtucker) [contrib/cygwin/ssh-host-config] Make sshd service depend on @@ -3696,4 +3699,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.4087 2006/01/13 23:09:30 djm Exp $ +$Id: ChangeLog,v 1.4088 2006/01/13 23:09:56 djm Exp $ diff --git a/sshd.8 b/sshd.8 index ee6e7d797..241aefd43 100644 --- a/sshd.8 +++ b/sshd.8 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd.8,v 1.210 2005/12/21 22:44:26 stevesk Exp $ +.\" $OpenBSD: sshd.8,v 1.211 2006/01/12 22:20:00 jmc Exp $ .Dd September 25, 1999 .Dt SSHD 8 .Os @@ -169,7 +169,7 @@ If the client successfully authenticates itself, a dialog for preparing the session is entered. At this time the client may request things like allocating a pseudo-tty, forwarding X11 connections, -forwarding TCP/IP connections, or forwarding the authentication agent +forwarding TCP connections, or forwarding the authentication agent connection over the secure channel. .Pp Finally, the client either requests a shell or execution of a command. @@ -480,7 +480,7 @@ A quote may be included in the command by quoting it with a backslash. This option might be useful to restrict certain public keys to perform just a specific operation. An example might be a key that permits remote backups but nothing else. -Note that the client may specify TCP/IP and/or X11 +Note that the client may specify TCP and/or X11 forwarding unless they are explicitly prohibited. Note that this option applies to shell, command or subsystem execution. .It Cm environment="NAME=value" @@ -497,7 +497,7 @@ This option is automatically disabled if .Cm UseLogin is enabled. .It Cm no-port-forwarding -Forbids TCP/IP forwarding when this key is used for authentication. +Forbids TCP forwarding when this key is used for authentication. Any port forward requests by the client will return an error. This might be used, e.g., in connection with the .Cm command