- mouring@cvs.openbsd.org 2003/04/30 01:16:20

[sshd.8 sshd_config.5]
     Escape ?, * and ! in .Ql for nroff compatibility.  OpenSSH Portable
     Bug #550 and * escaping suggested by jmc@.

ChangeLog

@@ -28,6 +28,10 @@
    - deraadt@cvs.openbsd.org 2003/04/26 04:29:49
      [ssh-keyscan.c]
      -t in usage(); rogier@quaak.org
+   - mouring@cvs.openbsd.org 2003/04/30 01:16:20
+     [sshd.8 sshd_config.5]
+     Escape ?, * and ! in .Ql for nroff compatibility.  OpenSSH Portable 
+     Bug #550 and * escaping suggested by jmc@.
 
 20030512
  - (djm) Redhat spec: Don't install profile.d scripts when not 
@@ -1415,4 +1419,4 @@
      save auth method before monitor_reset_key_state(); bugzilla bug #284;
      ok provos@
 
-$Id: ChangeLog,v 1.2684 2003/05/14 03:43:53 djm Exp $
+$Id: ChangeLog,v 1.2685 2003/05/14 03:44:42 djm Exp $

sshd.8

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.194 2003/01/31 21:54:40 jmc Exp $
+.\" $OpenBSD: sshd.8,v 1.195 2003/04/30 01:16:20 mouring Exp $
 .Dd September 25, 1999
 .Dt SSHD 8
 .Os
@@ -429,13 +429,14 @@ that option keywords are case-insensitive):
 Specifies that in addition to public key authentication, the canonical name
 of the remote host must be present in the comma-separated list of
 patterns
-.Pf ( Ql *
+.Pf ( 
+.Ql \&*
 and
-.Ql ?
+.Ql \&?
 serve as wildcards).
 The list may also contain
 patterns negated by prefixing them with
-.Ql ! ;
+.Ql \&! ;
 if the canonical host name matches a negated pattern, the key is not accepted.
 The purpose
 of this option is to optionally increase security: public key authentication
@@ -524,12 +525,16 @@ Each line in these files contains the following fields: hostnames,
 bits, exponent, modulus, comment.
 The fields are separated by spaces.
 .Pp
-Hostnames is a comma-separated list of patterns ('*' and '?' act as
+Hostnames is a comma-separated list of patterns (
+.Ql \&* 
+and 
+.Ql \&? 
+act as
 wildcards); each pattern in turn is matched against the canonical host
 name (when authenticating a client) or against the user-supplied
 name (when authenticating a server).
 A pattern may also be preceded by
-.Ql !
+.Ql \&!
 to indicate negation: if the host name matches a negated
 pattern, it is not accepted (by that line) even if it matched another
 pattern on the line.

sshd_config.5

@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.15 2003/03/28 10:11:43 jmc Exp $
+.\" $OpenBSD: sshd_config.5,v 1.16 2003/04/30 01:16:20 mouring Exp $
 .Dd September 25, 1999
 .Dt SSHD_CONFIG 5
 .Os
@@ -72,7 +72,7 @@ If specified, login is allowed only for users whose primary
 group or supplementary group list matches one of the patterns.
 .Ql \&*
 and
-.Ql ?
+.Ql \&?
 can be used as
 wildcards in the patterns.
 Only group names are valid; a numerical group ID is not recognized.
@@ -93,7 +93,7 @@ If specified, login is allowed only for user names that
 match one of the patterns.
 .Ql \&*
 and
-.Ql ?
+.Ql \&?
 can be used as
 wildcards in the patterns.
 Only user names are valid; a numerical user ID is not recognized.
@@ -187,7 +187,7 @@ Login is disallowed for users whose primary group or supplementary
 group list matches one of the patterns.
 .Ql \&*
 and
-.Ql ?
+.Ql \&?
 can be used as
 wildcards in the patterns.
 Only group names are valid; a numerical group ID is not recognized.
@@ -199,7 +199,7 @@ by spaces.
 Login is disallowed for user names that match one of the patterns.
 .Ql \&*
 and
-.Ql ?
+.Ql \&?
 can be used as wildcards in the patterns.
 Only user names are valid; a numerical user ID is not recognized.
 By default, login is allowed for all users.