diff options
author | jmc <jmc@openbsd.org> | 2016-09-21 16:42:09 +0000 |
---|---|---|
committer | jmc <jmc@openbsd.org> | 2016-09-21 16:42:09 +0000 |
commit | f1728b28bb0747290034dfb005ab2e762585c076 (patch) | |
tree | 287330818276c6695e149972676f12c34c92ec79 /usr.sbin/syslogd | |
parent | Fix bad indentation. One already existed in 1.20, one introduced in 1.21; (diff) | |
download | wireguard-openbsd-f1728b28bb0747290034dfb005ab2e762585c076.tar.xz wireguard-openbsd-f1728b28bb0747290034dfb005ab2e762585c076.zip |
tweak previous;
Diffstat (limited to 'usr.sbin/syslogd')
-rw-r--r-- | usr.sbin/syslogd/syslogd.8 | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/usr.sbin/syslogd/syslogd.8 b/usr.sbin/syslogd/syslogd.8 index da9716b9afc..12b3a9d0fe7 100644 --- a/usr.sbin/syslogd/syslogd.8 +++ b/usr.sbin/syslogd/syslogd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: syslogd.8,v 1.43 2016/09/21 11:54:57 bluhm Exp $ +.\" $OpenBSD: syslogd.8,v 1.44 2016/09/21 16:42:09 jmc Exp $ .\" .\" Copyright (c) 1983, 1986, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -80,15 +80,14 @@ of various chroot filespaces, though the need for these is less urgent after the introduction of .Xr sendsyslog 2 . .It Fl C Ar CAfile -PEM encoded file containing CA certificates used for certificate -validation; +PEM encoded file containing CA certificates used for certificate validation; the default is .Pa /etc/ssl/cert.pem . -Validate remote server certificates and their hostnames with this -CA to prevent that malicious servers read messages. -This validation can be explicitly turned off using the +Remote server certificates and their hostnames are validated with this +CA to prevent malicious servers from reading messages. +Validation can be explicitly turned off using the .Fl V -switch. +option. .It Fl c Ar cert_file PEM encoded file containing the client certificate for TLS connections to a remote host. @@ -110,10 +109,10 @@ the default is Include the hostname when forwarding messages to a remote host. .It Fl K Ar server_CAfile PEM encoded file containing CA certificates used for certificate -valitation on the local server socket. -By default incomming connections from any TLS server are allowed. +validation on the local server socket. +By default incoming connections from any TLS server are allowed. Enforce client certificates and validate them with this CA to prevent -that malicious clients send fake messages. +malicious clients from sending fake messages. .It Fl k Ar key_file PEM encoded file containing the client private key for TLS connections to a remote host. |