From 909fa9fc39bee9d12d35bc9a82049b3d940fdd0c Mon Sep 17 00:00:00 2001 From: Lars Thorsen Date: Thu, 10 Dec 2015 09:28:13 +0100 Subject: [ssh] Align documentation to DTD --- lib/ssh/doc/src/ssh.xml | 28 +++++++++++----------- lib/ssh/doc/src/ssh_app.xml | 43 +++++++++++++++++----------------- lib/ssh/doc/src/ssh_connection.xml | 14 +++++------ lib/ssh/doc/src/ssh_server_key_api.xml | 4 ++-- lib/ssh/doc/src/ssh_sftp.xml | 31 +++++++++++++----------- 5 files changed, 62 insertions(+), 58 deletions(-) (limited to 'lib/ssh/doc') diff --git a/lib/ssh/doc/src/ssh.xml b/lib/ssh/doc/src/ssh.xml index b3f850fc38..850557444d 100644 --- a/lib/ssh/doc/src/ssh.xml +++ b/lib/ssh/doc/src/ssh.xml @@ -4,7 +4,7 @@
- 20042014 + 20042015 Ericsson AB. All Rights Reserved. @@ -418,10 +418,10 @@

- -
where: -
PromptTexts = kb_int_tuple() | fun(Peer::{IP::tuple(),Port::integer()}, User::string(), Service::string()) -> kb_int_tuple() -
kb_int_tuple() = {Name::string(), Instruction::string(), Prompt::string(), Echo::boolean()} + +
where: +
PromptTexts = kb_int_tuple() | fun(Peer::{IP::tuple(),Port::integer()}, User::string(), Service::string()) -> kb_int_tuple() +
kb_int_tuple() = {Name::string(), Instruction::string(), Prompt::string(), Echo::boolean()}

Sets the text strings that the daemon sends to the client for presentation to the user when using keyboar-interactive authentication. If the fun/3 is used, it is called when the actual authentication occurs and may therefore return dynamic data like time, remote ip etc.

@@ -516,29 +516,29 @@

Provides a function for password validation. This could used for calling an external system or if passwords should be stored as a hash. The fun returns: - - true if the user and password is valid and - false otherwise. -

+ + true if the user and password is valid and + false otherwise. +

This fun can also be used to make delays in authentication tries for example by calling timer:sleep/1. To facilitate counting of failed tries the State variable could be used. This state is per connection only. The first time the pwdfun is called for a connection, the State variable has the value undefined. The pwdfun can return - in addition to the values above - a new state as: - - {true, NewState:any()} if the user and password is valid or - {false, NewState:any()} if the user or password is invalid -

+ + {true, NewState:any()} if the user and password is valid or + {false, NewState:any()} if the user or password is invalid +

A third usage is to block login attempts from a missbehaving peer. The State described above can be used for this. In addition to the responses above, the following return value is introduced: +

disconnect if the connection should be closed immediately after sending a SSH_MSG_DISCONNECT message. -

boolean()}]]> diff --git a/lib/ssh/doc/src/ssh_app.xml b/lib/ssh/doc/src/ssh_app.xml index 79dd1e210e..f6ce44c015 100644 --- a/lib/ssh/doc/src/ssh_app.xml +++ b/lib/ssh/doc/src/ssh_app.xml @@ -4,7 +4,7 @@
- 20122013 + 20122015 Ericsson AB. All Rights Reserved. @@ -214,21 +214,21 @@

The following rfc:s are supported:

RFC 4251, The Secure Shell (SSH) Protocol Architecture. -

Except +

Except

9.4.6 Host-Based Authentication 9.5.2 Proxy Forwarding 9.5.3 X11 Forwarding -

+

RFC 4252, The Secure Shell (SSH) Authentication Protocol. -

Except +

Except

9. Host-Based Authentication: "hostbased" -

+

RFC 4253, The Secure Shell (SSH) Transport Layer Protocol. @@ -236,32 +236,32 @@ RFC 4254, The Secure Shell (SSH) Connection Protocol. -

Except +

Except

6.3. X11 Forwarding 7. TCP/IP Port Forwarding -

+

RFC 4256, Generic Message Exchange Authentication for the Secure Shell Protocol (SSH). -

Except +

Except

num-prompts > 1 password changing other identification methods than userid-password -

+

RFC 4419, Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol. -

+

RFC 4716, The Secure Shell (SSH) Public Key File Format. -

+

RFC 5647, AES Galois Counter Mode for @@ -270,34 +270,35 @@ This is resolved by OpenSSH in the ciphers aes128-gcm@openssh.com and aes256-gcm@openssh.com which are implemented. If the explicit ciphers and macs AEAD_AES_128_GCM or AEAD_AES_256_GCM are needed, they could be enabled with the option preferred_algorithms. +

- If the client or the server is not Erlang/OTP, it is the users responsibility to check that - other implementation has the same interpretation of AEAD_AES_*_GCM as the Erlang/OTP SSH before - enabling them. The aes*-gcm@openssh.com variants are always safe to use since they lack the - ambiguity. +

+ If the client or the server is not Erlang/OTP, it is the users responsibility to check that + other implementation has the same interpretation of AEAD_AES_*_GCM as the Erlang/OTP SSH before + enabling them. The aes*-gcm@openssh.com variants are always safe to use since they lack the + ambiguity. +

-

-

The second paragraph in section 5.1 is resolved as: +

The second paragraph in section 5.1 is resolved as:

If the negotiated cipher is AEAD_AES_128_GCM, the mac algorithm is set to AEAD_AES_128_GCM. If the negotiated cipher is AEAD_AES_256_GCM, the mac algorithm is set to AEAD_AES_256_GCM. If the mac algorithm is AEAD_AES_128_GCM, the cipher is set to AEAD_AES_128_GCM. If the mac algorithm is AEAD_AES_256_GCM, the cipher is set to AEAD_AES_256_GCM. - The first rule that matches when read in order from the top is applied -

+

The first rule that matches when read in order from the top is applied

 RFC 5656, Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer. -

Except +

Except

5. ECMQV Key Exchange 6.4. ECMQV Key Exchange and Verification Method Name 7.2. ECMQV Message Numbers 10.2. Recommended Curves -

+

RFC 6668, SHA-2 Data Integrity Verification for diff --git a/lib/ssh/doc/src/ssh_connection.xml b/lib/ssh/doc/src/ssh_connection.xml index 064a623eb6..150d46a9a2 100644 --- a/lib/ssh/doc/src/ssh_connection.xml +++ b/lib/ssh/doc/src/ssh_connection.xml @@ -5,7 +5,7 @@

2008 - 2014 + 2015 Ericsson AB, All Rights Reserved @@ -31,15 +31,15 @@
ssh_connection - This module provides API functions to send - SSH Connection Protocol - events to the other side of an SSH channel. + + This module provides API functions to send SSH Connection Protocol + events to the other side of an SSH channel. -

The SSH Connection Protocol is used by clients and servers, - that is, SSH channels, to communicate over the SSH connection. The - API functions in this module send SSH Connection Protocol events, +

The SSH Connection Protocol + is used by clients and servers, that is, SSH channels, to communicate over the + SSH connection. The API functions in this module send SSH Connection Protocol events, which are received as messages by the remote channel. If the receiving channel is an Erlang process, the messages have the format diff --git a/lib/ssh/doc/src/ssh_server_key_api.xml b/lib/ssh/doc/src/ssh_server_key_api.xml index efb2c436e8..a0694ca8d9 100644 --- a/lib/ssh/doc/src/ssh_server_key_api.xml +++ b/lib/ssh/doc/src/ssh_server_key_api.xml @@ -5,7 +5,7 @@

2012 - 2013 + 2015 Ericsson AB, All Rights Reserved @@ -75,7 +75,7 @@ Host key algorithm. Is to support 'ssh-rsa' | 'ssh-dss', but more algorithms can be handled. DaemonOptions = proplists:proplist() - Options provided to ssh:daemon/[2,3]. + Options provided to ssh:daemon/[2,3]. Key = private_key() Private key of the host matching the Algorithm. Reason = term() diff --git a/lib/ssh/doc/src/ssh_sftp.xml b/lib/ssh/doc/src/ssh_sftp.xml index 17800fac5d..c6ca0f161a 100644 --- a/lib/ssh/doc/src/ssh_sftp.xml +++ b/lib/ssh/doc/src/ssh_sftp.xml @@ -4,7 +4,7 @@
- 20052014 + 20052015 Ericsson AB. All Rights Reserved. @@ -61,20 +61,23 @@ - apread(ChannelPid, Handle, Position, Len) -> {async, N} | {error, Error} - ChannelPid = pid() - Handle = term() - Position = integer() - Len = integer() - N = term() - Reason = term() - -

The function reads from a specified position, - combining the and functions.

+ apread(ChannelPid, Handle, Position, Len) -> {async, N} | {error, Reason} + Reads asynchronously from an open file. + + ChannelPid = pid() + Handle = term() + Position = integer() + Len = integer() + N = term() + Reason = term() + + +

The function reads from a specified position, + combining the and functions.

ssh_sftp:apread/4

 - - - + + + apwrite(ChannelPid, Handle, Position, Data) -> ok | {error, Reason} Writes asynchronously to an open file. -- cgit v1.2.3