RepoMirrors/openssh
1
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2025-04-01 22:58:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

- jmc@cvs.openbsd.org 2006/02/19 19:52:10

Browse Source 
[sshd.8]
     move the sshrc stuff out of FILES, and into its own section:
     FILES is not a good place to document how stuff works;
This commit is contained in:
Damien Miller 2006-03-15 11:35:54 +11:00
parent adc35b9583
commit fd725cf585
2 changed files with 56 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -119,6 +119,10 @@
- jmc@cvs.openbsd.org 2006/02/16 09:05:34 - jmc@cvs.openbsd.org 2006/02/16 09:05:34
[sshd.8] [sshd.8]
sync some of the FILES entries w/ ssh.1; sync some of the FILES entries w/ ssh.1;
- jmc@cvs.openbsd.org 2006/02/19 19:52:10
[sshd.8]
move the sshrc stuff out of FILES, and into its own section:
FILES is not a good place to document how stuff works;
20060313 20060313
- (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong) - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
@ -4020,4 +4024,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.4173 2006/03/15 00:35:27 djm Exp $ $Id: ChangeLog,v 1.4174 2006/03/15 00:35:54 djm Exp $

95
sshd.8
View File

@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: sshd.8,v 1.225 2006/02/16 09:05:34 jmc Exp $ .\" $OpenBSD: sshd.8,v 1.226 2006/02/19 19:52:10 jmc Exp $
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSHD 8 .Dt SSHD 8
.Os .Os
@ -370,9 +370,54 @@ The
.Dq rc .Dq rc
files are given the X11 files are given the X11
authentication protocol and cookie in standard input. authentication protocol and cookie in standard input.
See
.Sx SSHRC ,
below.
.It .It
Runs user's shell or command. Runs user's shell or command.
.El .El
.Sh SSHRC
If the file
.Pa ~/.ssh/rc
exists,
.Xr sh 1
runs it after reading the
environment files but before starting the user's shell or command.
It must not produce any output on stdout; stderr must be used
instead.
If X11 forwarding is in use, it will receive the "proto cookie" pair in
its standard input (and
.Ev DISPLAY
in its environment).
The script must call
.Xr xauth 1
because
.Nm
will not run xauth automatically to add X11 cookies.
.Pp
The primary purpose of this file is to run any initialization routines
which may be needed before the user's home directory becomes
accessible; AFS is a particular example of such an environment.
.Pp
This file will probably contain some initialization code followed by
something similar to:
.Bd -literal -offset 3n
if read proto cookie && [ -n "$DISPLAY" ]; then
if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
# X11UseLocalhost=yes
echo add unix:`echo $DISPLAY |
cut -c11-` $proto $cookie
else
# X11UseLocalhost=no
echo add $DISPLAY $proto $cookie
fi | xauth -q -
fi
.Ed
.Pp
If this file does not exist,
.Pa /etc/ssh/sshrc
is run, and if that
does not exist either, xauth is used to add the cookie.
.Sh AUTHORIZED_KEYS FILE FORMAT .Sh AUTHORIZED_KEYS FILE FORMAT
.Cm AuthorizedKeysFile .Cm AuthorizedKeysFile
specifies the file containing public keys for specifies the file containing public keys for
@ -651,46 +696,8 @@ This file should be writable only by root/the owner and
can, but need not be, world-readable. can, but need not be, world-readable.
.Pp .Pp
.It ~/.ssh/rc .It ~/.ssh/rc
If this file exists, it is run with Contains initialization routines to be run before
.Pa /bin/sh the user's home directory becomes accessible.
after reading the
environment files but before starting the user's shell or command.
It must not produce any output on stdout; stderr must be used
instead.
If X11 forwarding is in use, it will receive the "proto cookie" pair in
its standard input (and
.Ev DISPLAY
in its environment).
The script must call
.Xr xauth 1
because
.Nm
will not run xauth automatically to add X11 cookies.
.Pp
The primary purpose of this file is to run any initialization routines
which may be needed before the user's home directory becomes
accessible; AFS is a particular example of such an environment.
.Pp
This file will probably contain some initialization code followed by
something similar to:
.Bd -literal
if read proto cookie && [ -n "$DISPLAY" ]; then
if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
# X11UseLocalhost=yes
echo add unix:`echo $DISPLAY |
cut -c11-` $proto $cookie
else
# X11UseLocalhost=no
echo add $DISPLAY $proto $cookie
fi | xauth -q -
fi
.Ed
.Pp
If this file does not exist,
.Pa /etc/ssh/sshrc
is run, and if that
does not exist either, xauth is used to add the cookie.
.Pp
This file should be writable only by the user, and need not be This file should be writable only by the user, and need not be
readable by anyone else. readable by anyone else.
.Pp .Pp
@ -802,9 +809,9 @@ The file format and configuration options are described in
.Xr sshd_config 5 . .Xr sshd_config 5 .
.Pp .Pp
.It /etc/ssh/sshrc .It /etc/ssh/sshrc
Like Similar to
.Pa ~/.ssh/rc . .Pa ~/.ssh/rc ,
This can be used to specify it can be used to specify
machine-specific login-time initializations globally. machine-specific login-time initializations globally.
This file should be writable only by root, and should be world-readable. This file should be writable only by root, and should be world-readable.
.Pp .Pp