Attachment 1249 Details for Bug 1295 – Patch

[patch] Patch

transproxy.patch (text/plain), 362.22 KB, created by Luca Barbieri on 2007-03-12 11:24:12 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: Luca Barbieri

Created: 2007-03-12 11:24:12 AEDT

Size: 362.22 KB

patch

obsolete

>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/buildpkg.sh openssh-4.3p2-transproxy/buildpkg.sh
>--- /home/lb/net/src/openssh-4.3p2/buildpkg.sh	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/buildpkg.sh	2007-03-11 23:47:55.000000000 +0100
>@@ -0,0 +1,562 @@
>+#!/bin/sh
>+#
>+# Fake Root Solaris/SVR4/SVR5 Build System - Prototype
>+#
>+# The following code has been provide under Public Domain License.  I really
>+# don't care what you use it for.  Just as long as you don't complain to me
>+# nor my employer if you break it. - Ben Lindstrom (mouring@eviladmin.org)
>+#
>+umask 022
>+#
>+# Options for building the package
>+# You can create a openssh-config.local with your customized options
>+#
>+REMOVE_FAKE_ROOT_WHEN_DONE=yes
>+#
>+# uncommenting TEST_DIR and using
>+# configure --prefix=/var/tmp --with-privsep-path=/var/tmp/empty
>+# and
>+# PKGNAME=tOpenSSH should allow testing a package without interfering
>+# with a real OpenSSH package on a system. This is not needed on systems
>+# that support the -R option to pkgadd.
>+#TEST_DIR=/var/tmp	# leave commented out for production build
>+PKGNAME=OpenSSH
>+# revisions within the same version (REV=a)
>+#REV=
>+SYSVINIT_NAME=opensshd
>+MAKE=${MAKE:="make"}
>+SSHDUID=67	# Default privsep uid
>+SSHDGID=67	# Default privsep gid
>+# uncomment these next three as needed
>+#PERMIT_ROOT_LOGIN=no
>+#X11_FORWARDING=yes
>+#USR_LOCAL_IS_SYMLINK=yes
>+# System V init run levels
>+SYSVINITSTART=S98
>+SYSVINITSTOPT=K30
>+# We will source these if they exist
>+POST_MAKE_INSTALL_FIXES=./pkg_post_make_install_fixes.sh
>+POST_PROTOTYPE_EDITS=./pkg-post-prototype-edit.sh
>+# We'll be one level deeper looking for these
>+PKG_PREINSTALL_LOCAL=../pkg-preinstall.local
>+PKG_POSTINSTALL_LOCAL=../pkg-postinstall.local
>+PKG_PREREMOVE_LOCAL=../pkg-preremove.local
>+PKG_POSTREMOVE_LOCAL=../pkg-postremove.local
>+PKG_REQUEST_LOCAL=../pkg-request.local
>+# end of sourced files
>+#
>+OPENSSHD=opensshd.init
>+
>+PATH_GROUPADD_PROG=/usr/sbin/groupadd
>+PATH_USERADD_PROG=/usr/sbin/useradd
>+PATH_PASSWD_PROG=/usr/bin/passwd
>+#
>+# list of system directories we do NOT want to change owner/group/perms
>+# when installing our package
>+SYSTEM_DIR="/etc	\
>+/etc/init.d		\
>+/etc/rcS.d		\
>+/etc/rc0.d		\
>+/etc/rc1.d		\
>+/etc/rc2.d		\
>+/etc/opt		\
>+/opt			\
>+/opt/bin		\
>+/usr			\
>+/usr/bin		\
>+/usr/lib		\
>+/usr/sbin		\
>+/usr/share		\
>+/usr/share/man		\
>+/usr/share/man/man1	\
>+/usr/share/man/man8	\
>+/usr/local		\
>+/usr/local/bin		\
>+/usr/local/etc		\
>+/usr/local/libexec	\
>+/usr/local/man		\
>+/usr/local/man/man1	\
>+/usr/local/man/man8	\
>+/usr/local/sbin		\
>+/usr/local/share	\
>+/var			\
>+/var/opt		\
>+/var/run		\
>+/var/tmp		\
>+/tmp"
>+
>+# We may need to build as root so we make sure PATH is set up
>+# only set the path if it's not set already
>+[ -d /opt/bin ]  &&  {
>+	echo $PATH | grep ":/opt/bin"  > /dev/null 2>&1
>+	[ $? -ne 0 ] && PATH=$PATH:/opt/bin
>+}
>+[ -d /usr/local/bin ]  &&  {
>+	echo $PATH | grep ":/usr/local/bin"  > /dev/null 2>&1
>+	[ $? -ne 0 ] && PATH=$PATH:/usr/local/bin
>+}
>+[ -d /usr/ccs/bin ]  &&  {
>+	echo $PATH | grep ":/usr/ccs/bin"  > /dev/null 2>&1
>+	[ $? -ne 0 ] && PATH=$PATH:/usr/ccs/bin
>+}
>+export PATH
>+#
>+
>+[ -f Makefile ]  ||  {
>+	echo "Please run this script from your build directory"
>+	exit 1
>+}
>+
>+# we will look for openssh-config.local to override the above options
>+[ -s ./openssh-config.local ]  &&  . ./openssh-config.local
>+
>+START=`pwd`
>+FAKE_ROOT=$START/pkg
>+
>+## Fill in some details, like prefix and sysconfdir
>+for confvar in prefix exec_prefix bindir sbindir libexecdir datadir mandir sysconfdir piddir srcdir
>+do
>+	eval $confvar=`grep "^$confvar=" Makefile | cut -d = -f 2`
>+done
>+
>+
>+## Collect value of privsep user
>+for confvar in SSH_PRIVSEP_USER
>+do
>+	eval $confvar=`awk '/#define[ \t]'$confvar'/{print $3}' config.h`
>+done
>+
>+## Set privsep defaults if not defined
>+if [ -z "$SSH_PRIVSEP_USER" ]
>+then
>+	SSH_PRIVSEP_USER=sshd
>+fi
>+
>+## Extract common info requires for the 'info' part of the package.
>+VERSION=`./ssh -V 2>&1 | sed -e 's/,.*//'`
>+
>+ARCH=`uname -m`
>+DEF_MSG="\n"
>+OS_VER=`uname -v`
>+SCRIPT_SHELL=/sbin/sh
>+UNAME_S=`uname -s`
>+case ${UNAME_S} in
>+	SunOS)	UNAME_S=Solaris
>+		ARCH=`uname -p`
>+		RCS_D=yes
>+		DEF_MSG="(default: n)"
>+		;;
>+	SCO_SV)	UNAME_S=OpenServer
>+		OS_VER=`uname -X | grep Release | sed -e 's/^Rel.*3.2v//'`
>+		SCRIPT_SHELL=/bin/sh
>+		RC1_D=no
>+		DEF_MSG="(default: n)"
>+		;;
>+esac
>+
>+case `basename $0` in
>+	buildpkg.sh)
>+## Start by faking root install
>+echo "Faking root install..."
>+[ -d $FAKE_ROOT ]  &&  rm -fr $FAKE_ROOT
>+mkdir $FAKE_ROOT
>+${MAKE} install-nokeys DESTDIR=$FAKE_ROOT
>+if [ $? -gt 0 ]
>+then
>+	echo "Fake root install failed, stopping."
>+	exit 1
>+fi
>+
>+## Setup our run level stuff while we are at it.
>+mkdir -p $FAKE_ROOT${TEST_DIR}/etc/init.d
>+
>+cp ${OPENSSHD} $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
>+chmod 744 $FAKE_ROOT${TEST_DIR}/etc/init.d/${SYSVINIT_NAME}
>+
>+[ "${PERMIT_ROOT_LOGIN}" = no ]  &&  \
>+	perl -p -i -e "s/#PermitRootLogin yes/PermitRootLogin no/" \
>+		$FAKE_ROOT/${sysconfdir}/sshd_config
>+[ "${X11_FORWARDING}" = yes ]  &&  \
>+	perl -p -i -e "s/#X11Forwarding no/X11Forwarding yes/" \
>+		$FAKE_ROOT/${sysconfdir}/sshd_config
>+# fix PrintMotd
>+perl -p -i -e "s/#PrintMotd yes/PrintMotd no/" \
>+	$FAKE_ROOT/${sysconfdir}/sshd_config
>+
>+# We don't want to overwrite config files on multiple installs
>+mv $FAKE_ROOT/${sysconfdir}/ssh_config $FAKE_ROOT/${sysconfdir}/ssh_config.default
>+mv $FAKE_ROOT/${sysconfdir}/sshd_config $FAKE_ROOT/${sysconfdir}/sshd_config.default
>+[ -f $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds ]  &&  \
>+mv $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds $FAKE_ROOT/${sysconfdir}/ssh_prng_cmds.default
>+
>+# local tweeks here
>+[ -s "${POST_MAKE_INSTALL_FIXES}" ]  &&  . ${POST_MAKE_INSTALL_FIXES}
>+
>+cd $FAKE_ROOT
>+
>+## Ok, this is outright wrong, but it will work.  I'm tired of pkgmk
>+## whining.
>+for i in *; do
>+  PROTO_ARGS="$PROTO_ARGS $i=/$i";
>+done
>+
>+## Build info file
>+echo "Building pkginfo file..."
>+cat > pkginfo << _EOF
>+PKG=$PKGNAME
>+NAME="OpenSSH Portable for ${UNAME_S}"
>+DESC="Secure Shell remote access utility; replaces telnet and rlogin/rsh."
>+VENDOR="OpenSSH Portable Team - http://www.openssh.com/portable.html"
>+ARCH=$ARCH
>+VERSION=$VERSION$REV
>+CATEGORY="Security,application"
>+BASEDIR=/
>+CLASSES="none"
>+PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
>+_EOF
>+
>+## Build empty depend file that may get updated by $POST_PROTOTYPE_EDITS
>+echo "Building depend file..."
>+touch depend
>+
>+## Build space file
>+echo "Building space file..."
>+cat > space << _EOF
>+# extra space required by start/stop links added by installf in postinstall
>+$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1
>+$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME} 0 1
>+_EOF
>+[ "$RC1_D" = no ]  ||  \
>+echo "$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
>+[ "$RCS_D" = yes ]  &&  \
>+echo "$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME} 0 1" >> space
>+
>+## Build preinstall file
>+echo "Building preinstall file..."
>+cat > preinstall << _EOF
>+#! ${SCRIPT_SHELL}
>+#
>+_EOF
>+
>+# local preinstall changes here
>+[ -s "${PKG_PREINSTALL_LOCAL}" ]  &&  . ${PKG_PREINSTALL_LOCAL}
>+
>+cat >> preinstall << _EOF
>+#
>+[ "\${PRE_INS_STOP}" = "yes" ]  &&  ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
>+exit 0
>+_EOF
>+
>+## Build postinstall file
>+echo "Building postinstall file..."
>+cat > postinstall << _EOF
>+#! ${SCRIPT_SHELL}
>+#
>+[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config ]  ||  \\
>+	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config.default \\
>+		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_config
>+[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config ]  ||  \\
>+	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config.default \\
>+		\${PKG_INSTALL_ROOT}${sysconfdir}/sshd_config
>+[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default ]  &&  {
>+	[ -f \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds ]  ||  \\
>+	cp -p \${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds.default \\
>+		\${PKG_INSTALL_ROOT}${sysconfdir}/ssh_prng_cmds
>+}
>+
>+# make rc?.d dirs only if we are doing a test install
>+[ -n "${TEST_DIR}" ]  &&  {
>+	[ "$RCS_D" = yes ]  &&  mkdir -p ${TEST_DIR}/etc/rcS.d
>+	mkdir -p ${TEST_DIR}/etc/rc0.d
>+	[ "$RC1_D" = no ]  ||  mkdir -p ${TEST_DIR}/etc/rc1.d
>+	mkdir -p ${TEST_DIR}/etc/rc2.d
>+}
>+
>+if [ "\${USE_SYM_LINKS}" = yes ]
>+then
>+	[ "$RCS_D" = yes ]  &&  \
>+installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
>+	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
>+	[ "$RC1_D" = no ]  ||  \
>+	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
>+	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=../init.d/${SYSVINIT_NAME} s
>+else
>+	[ "$RCS_D" = yes ]  &&  \
>+installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rcS.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
>+	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc0.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
>+	[ "$RC1_D" = no ]  ||  \
>+	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc1.d/${SYSVINITSTOPT}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
>+	installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR/etc/rc2.d/${SYSVINITSTART}${SYSVINIT_NAME}=\${PKG_INSTALL_ROOT}$TEST_DIR/etc/init.d/${SYSVINIT_NAME} l
>+fi
>+
>+# If piddir doesn't exist we add it. (Ie. --with-pid-dir=/var/opt/ssh)
>+[ -d $piddir ]  ||  installf ${PKGNAME} \${PKG_INSTALL_ROOT}$TEST_DIR$piddir d 0755 root sys
>+
>+_EOF
>+
>+# local postinstall changes here
>+[ -s "${PKG_POSTINSTALL_LOCAL}" ]  &&  . ${PKG_POSTINSTALL_LOCAL}
>+
>+cat >> postinstall << _EOF
>+installf -f ${PKGNAME}
>+
>+# Use chroot to handle PKG_INSTALL_ROOT
>+if [ ! -z "\${PKG_INSTALL_ROOT}" ]
>+then
>+	chroot="chroot \${PKG_INSTALL_ROOT}"
>+fi
>+# If this is a test build, we will skip the groupadd/useradd/passwd commands
>+if [ ! -z "${TEST_DIR}" ]
>+then
>+	chroot=echo
>+fi
>+
>+if egrep '^[ \t]*UsePrivilegeSeparation[ \t]+no' \${PKG_INSTALL_ROOT}/$sysconfdir/sshd_config >/dev/null
>+then
>+	echo "UsePrivilegeSeparation disabled in config, not creating PrivSep user"
>+	echo "or group."
>+else
>+	echo "UsePrivilegeSeparation enabled in config (or defaulting to on)."
>+
>+	# user required?
>+	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSH_PRIVSEP_USER'\$' >/dev/null
>+	then
>+		echo "PrivSep user $SSH_PRIVSEP_USER already exists."
>+		SSH_PRIVSEP_GROUP=\`grep "^$SSH_PRIVSEP_USER:" \${PKG_INSTALL_ROOT}/etc/passwd | awk -F: '{print \$4}'\`
>+		SSH_PRIVSEP_GROUP=\`grep ":\$SSH_PRIVSEP_GROUP:" \${PKG_INSTALL_ROOT}/etc/group | awk -F: '{print \$1}'\`
>+	else
>+		DO_PASSWD=yes
>+	fi
>+	[ -z "\$SSH_PRIVSEP_GROUP" ]  &&  SSH_PRIVSEP_GROUP=$SSH_PRIVSEP_USER
>+
>+	# group required?
>+	if cut -f1 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'\$SSH_PRIVSEP_GROUP'\$' >/dev/null
>+	then
>+		echo "PrivSep group \$SSH_PRIVSEP_GROUP already exists."
>+	else
>+		DO_GROUP=yes
>+	fi
>+
>+	# create group if required
>+	[ "\$DO_GROUP" = yes ]  &&  {
>+		# Use gid of 67 if possible
>+		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/group | egrep '^'$SSHDGID'\$' >/dev/null
>+		then
>+			:
>+		else
>+			sshdgid="-g $SSHDGID"
>+		fi
>+		echo "Creating PrivSep group \$SSH_PRIVSEP_GROUP."
>+		\$chroot ${PATH_GROUPADD_PROG} \$sshdgid \$SSH_PRIVSEP_GROUP
>+	}
>+
>+	# Create user if required
>+	[ "\$DO_PASSWD" = yes ]  &&  {
>+		# Use uid of 67 if possible
>+		if cut -f3 -d: \${PKG_INSTALL_ROOT}/etc/passwd | egrep '^'$SSHDUID'\$' >/dev/null
>+		then
>+			:
>+		else
>+			sshduid="-u $SSHDUID"
>+		fi
>+		echo "Creating PrivSep user $SSH_PRIVSEP_USER."
>+		\$chroot ${PATH_USERADD_PROG} -c 'SSHD PrivSep User' -s /bin/false -g $SSH_PRIVSEP_USER \$sshduid $SSH_PRIVSEP_USER
>+		\$chroot ${PATH_PASSWD_PROG} -l $SSH_PRIVSEP_USER
>+	}
>+fi
>+
>+[ "\${POST_INS_START}" = "yes" ]  &&  ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} start
>+exit 0
>+_EOF
>+
>+## Build preremove file
>+echo "Building preremove file..."
>+cat > preremove << _EOF
>+#! ${SCRIPT_SHELL}
>+#
>+${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} stop
>+_EOF
>+
>+# local preremove changes here
>+[ -s "${PKG_PREREMOVE_LOCAL}" ]  &&  . ${PKG_PREREMOVE_LOCAL}
>+
>+cat >> preremove << _EOF
>+exit 0
>+_EOF
>+
>+## Build postremove file
>+echo "Building postremove file..."
>+cat > postremove << _EOF
>+#! ${SCRIPT_SHELL}
>+#
>+_EOF
>+
>+# local postremove changes here
>+[ -s "${PKG_POSTREMOVE_LOCAL}" ]  &&  . ${PKG_POSTREMOVE_LOCAL}
>+
>+cat >> postremove << _EOF
>+exit 0
>+_EOF
>+
>+## Build request file
>+echo "Building request file..."
>+cat > request << _EOF
>+trap 'exit 3' 15
>+
>+_EOF
>+
>+[ -x /usr/bin/ckyorn ]  ||  cat >> request << _EOF
>+
>+ckyorn() {
>+# for some strange reason OpenServer has no ckyorn
>+# We build a striped down version here
>+
>+DEFAULT=n
>+PROMPT="Yes or No [yes,no,?,quit]"
>+HELP_PROMPT="        Enter y or yes if your answer is yes; n or no if your answer is no."
>+USAGE="usage: ckyorn [options]
>+where options may include:
>+        -d default
>+        -h help
>+        -p prompt
>+"
>+
>+if [ \$# != 0 ]
>+then
>+	while getopts d:p:h: c
>+	do
>+		case \$c in
>+			h)	HELP_PROMPT="\$OPTARG" ;;
>+			d)	DEFAULT=\$OPTARG ;;
>+			p)	PROMPT=\$OPTARG ;;
>+			\\?)	echo "\$USAGE" 1>&2
>+				exit 1 ;;
>+		esac
>+	done
>+	shift \`expr \$OPTIND - 1\`
>+fi
>+
>+while true
>+do
>+	echo "\${PROMPT}\\c " 1>&2
>+	read key
>+	[ -z "\$key" ]  &&  key=\$DEFAULT
>+	case \$key in
>+		[n,N]|[n,N][o,O]|[y,Y]|[y,Y][e,E][s,S])	echo "\${key}\\c"
>+			exit 0 ;;
>+		\\?)	echo \$HELP_PROMPT 1>&2 ;;
>+		q|quit)	echo "q\\c" 1>&2
>+			exit 3 ;;
>+	esac
>+done
>+
>+}
>+
>+_EOF
>+
>+cat >> request << _EOF
>+USE_SYM_LINKS=no
>+PRE_INS_STOP=no
>+POST_INS_START=no
>+# Use symbolic links?
>+ans=\`ckyorn -d n \
>+-p "Do you want symbolic links for the start/stop scripts? ${DEF_MSG}"\` || exit \$?
>+case \$ans in
>+	[y,Y]*)	USE_SYM_LINKS=yes ;;
>+esac
>+
>+# determine if should restart the daemon
>+if [ -s ${piddir}/sshd.pid  -a  -f ${TEST_DIR}/etc/init.d/${SYSVINIT_NAME} ]
>+then
>+	ans=\`ckyorn -d n \
>+-p "Should the running sshd daemon be restarted? ${DEF_MSG}"\` || exit \$?
>+	case \$ans in
>+		[y,Y]*)	PRE_INS_STOP=yes
>+			POST_INS_START=yes
>+			;;
>+	esac
>+
>+else
>+
>+# determine if we should start sshd
>+	ans=\`ckyorn -d n \
>+-p "Start the sshd daemon after installing this package? ${DEF_MSG}"\` || exit \$?
>+	case \$ans in
>+		[y,Y]*)	POST_INS_START=yes ;;
>+	esac
>+fi
>+
>+# make parameters available to installation service,
>+# and so to any other packaging scripts
>+cat >\$1 <<!
>+USE_SYM_LINKS='\$USE_SYM_LINKS'
>+PRE_INS_STOP='\$PRE_INS_STOP'
>+POST_INS_START='\$POST_INS_START'
>+!
>+
>+_EOF
>+
>+# local request changes here
>+[ -s "${PKG_REQUEST_LOCAL}" ]  &&  . ${PKG_REQUEST_LOCAL}
>+
>+cat >> request << _EOF
>+exit 0
>+
>+_EOF
>+
>+## Next Build our prototype
>+echo "Building prototype file..."
>+cat >mk-proto.awk << _EOF
>+	    BEGIN { print "i pkginfo"; print "i depend"; \\
>+		    print "i preinstall"; print "i postinstall"; \\
>+ 		    print "i preremove"; print "i postremove"; \\
>+		    print "i request"; print "i space"; \\
>+		    split("$SYSTEM_DIR",sys_files); }
>+	    {
>+	     for (dir in sys_files) { if ( \$3 != sys_files[dir] )
>+		     { if ( \$1 == "s" )
>+			{ \$5=""; \$6=""; }
>+		     else
>+			{ \$5="root"; \$6="sys"; }
>+		     }
>+		else
>+		     { \$4="?"; \$5="?"; \$6="?"; break;}
>+	    } }
>+	    { print; }
>+_EOF
>+
>+find . | egrep -v "prototype|pkginfo|mk-proto.awk" | sort | \
>+	pkgproto $PROTO_ARGS | nawk -f mk-proto.awk > prototype
>+
>+# /usr/local is a symlink on some systems
>+[ "${USR_LOCAL_IS_SYMLINK}" = yes ]  &&  {
>+	grep -v "^d none /usr/local ? ? ?$" prototype > prototype.new
>+	mv prototype.new prototype
>+}
>+
>+## Step back a directory and now build the package.
>+cd ..
>+# local prototype tweeks here
>+[ -s "${POST_PROTOTYPE_EDITS}" ]  &&  . ${POST_PROTOTYPE_EDITS}
>+
>+echo "Building package.."
>+pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
>+echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
>+	;;
>+
>+	justpkg.sh)
>+rm -fr ${FAKE_ROOT}/${PKGNAME}
>+grep -v "^PSTAMP=" $FAKE_ROOT/pkginfo > $$tmp
>+mv $$tmp $FAKE_ROOT/pkginfo
>+cat >> $FAKE_ROOT/pkginfo << _EOF
>+PSTAMP="${UNAME_S} ${OS_VER} ${ARCH} `date '+%d%b%Y %H:%M'`"
>+_EOF
>+pkgmk -d ${FAKE_ROOT} -f $FAKE_ROOT/prototype -o
>+echo | pkgtrans -os ${FAKE_ROOT} ${START}/$PKGNAME-$VERSION$REV-$UNAME_S-$ARCH.pkg
>+	;;
>+
>+esac
>+
>+[ "${REMOVE_FAKE_ROOT_WHEN_DONE}" = yes ]  &&  rm -rf $FAKE_ROOT
>+exit 0
>+
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/channels.c openssh-4.3p2-transproxy/channels.c
>--- /home/lb/net/src/openssh-4.3p2/channels.c	2007-03-11 23:09:48.000000000 +0100
>+++ openssh-4.3p2-transproxy/channels.c	2007-03-12 01:14:26.000000000 +0100
>@@ -1112,6 +1112,28 @@ channel_pre_dynamic(Channel *c, fd_set *
> 	u_char *p;
> 	u_int have;
> 	int ret;
>+	struct sockaddr_in orig_addr;
>+	socklen_t orig_len;
>+	struct sockaddr_in sock_addr;
>+	socklen_t sock_len;
>+	
>+#ifdef __linux__
>+	orig_len = sizeof(orig_addr);
>+	sock_len = sizeof(sock_addr);
>+	if(!getsockopt(c->sock, SOL_IP, /*SO_ORIGINAL_DST*/ 80, (struct sockaddr *) &orig_addr, &orig_len)
>+			&& orig_addr.sin_addr.s_addr
>+			&& !getsockname(c->sock, (struct sockaddr*)&sock_addr, &sock_len)
>+			&& (orig_addr.sin_family != sock_addr.sin_family || orig_addr.sin_addr.s_addr != sock_addr.sin_addr.s_addr || orig_addr.sin_port != sock_addr.sin_port)  
>+			)
>+	{
>+		c->host_port = ntohs(orig_addr.sin_port);
>+		inet_ntop(orig_addr.sin_family, &orig_addr.sin_addr.s_addr, c->path, sizeof(c->path));
>+		c->delayed = 0;
>+		c->type = SSH_CHANNEL_OPENING;
>+		port_open_helper(c, "direct-tcpip");
>+		return;
>+	}
>+#endif
> 
> 	have = buffer_len(&c->input);
> 	c->delayed = 0;
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/Makefile openssh-4.3p2-transproxy/Makefile
>--- /home/lb/net/src/openssh-4.3p2/Makefile	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/Makefile	2007-03-11 23:47:55.000000000 +0100
>@@ -0,0 +1,432 @@
>+# $Id: Makefile.in,v 1.274 2006/01/01 08:47:05 djm Exp $
>+
>+# uncomment if you run a non bourne compatable shell. Ie. csh
>+#SHELL = /bin/sh
>+
>+AUTORECONF=autoreconf
>+
>+prefix=/usr
>+exec_prefix=${prefix}
>+bindir=${exec_prefix}/bin
>+sbindir=${exec_prefix}/sbin
>+libexecdir=${exec_prefix}/libexec
>+datadir=${prefix}/share
>+mandir=${prefix}/share/man
>+mansubdir=man
>+sysconfdir=${prefix}/etc
>+piddir=/var/run
>+srcdir=.
>+top_srcdir=.
>+
>+DESTDIR=
>+
>+SSH_PROGRAM=${exec_prefix}/bin/ssh
>+ASKPASS_PROGRAM=$(libexecdir)/ssh-askpass
>+SFTP_SERVER=$(libexecdir)/sftp-server
>+SSH_KEYSIGN=$(libexecdir)/ssh-keysign
>+RAND_HELPER=$(libexecdir)/ssh-rand-helper
>+PRIVSEP_PATH=/var/empty
>+SSH_PRIVSEP_USER=sshd
>+STRIP_OPT=-s
>+
>+PATHS= -DSSHDIR=\"$(sysconfdir)\" \
>+	-D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \
>+	-D_PATH_SSH_ASKPASS_DEFAULT=\"$(ASKPASS_PROGRAM)\" \
>+	-D_PATH_SFTP_SERVER=\"$(SFTP_SERVER)\" \
>+	-D_PATH_SSH_KEY_SIGN=\"$(SSH_KEYSIGN)\" \
>+	-D_PATH_SSH_PIDDIR=\"$(piddir)\" \
>+	-D_PATH_PRIVSEP_CHROOT_DIR=\"$(PRIVSEP_PATH)\" \
>+	-DSSH_RAND_HELPER=\"$(RAND_HELPER)\"
>+
>+CC=gcc
>+LD=gcc
>+CFLAGS=-g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wno-pointer-sign -std=gnu99 
>+CPPFLAGS=-I. -I$(srcdir)  $(PATHS) -DHAVE_CONFIG_H
>+LIBS=-lcrypto -lutil -lz -lnsl  -lcrypt -lresolv -lresolv
>+LIBSELINUX=
>+LIBEDIT=
>+LIBPAM=
>+LIBWRAP=
>+AR=/usr/bin/ar
>+AWK=gawk
>+RANLIB=ranlib
>+INSTALL=/usr/bin/install -c
>+PERL=/usr/bin/perl
>+SED=/bin/sed
>+ENT=
>+XAUTH_PATH=/usr/bin/xauth
>+LDFLAGS=-L. -Lopenbsd-compat/ 
>+EXEEXT=
>+
>+INSTALL_SSH_PRNG_CMDS=
>+INSTALL_SSH_RAND_HELPER=
>+
>+TARGETS=ssh$(EXEEXT) sshd$(EXEEXT) ssh-add$(EXEEXT) ssh-keygen$(EXEEXT) ssh-keyscan${EXEEXT} ssh-keysign${EXEEXT} ssh-agent$(EXEEXT) scp$(EXEEXT) ssh-rand-helper${EXEEXT} sftp-server$(EXEEXT) sftp$(EXEEXT)
>+
>+LIBSSH_OBJS=acss.o authfd.o authfile.o bufaux.o buffer.o \
>+	canohost.o channels.o cipher.o cipher-acss.o cipher-aes.o \
>+	cipher-bf1.o cipher-ctr.o cipher-3des1.o cleanup.o \
>+	compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \
>+	log.o match.o moduli.o nchan.o packet.o \
>+	readpass.o rsa.o ttymodes.o xmalloc.o \
>+	atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \
>+	monitor_fdpass.o rijndael.o ssh-dss.o ssh-rsa.o dh.o kexdh.o \
>+	kexgex.o kexdhc.o kexgexc.o scard.o msg.o progressmeter.o dns.o \
>+	entropy.o scard-opensc.o gss-genr.o kexgssc.o
>+
>+SSHOBJS= ssh.o readconf.o clientloop.o sshtty.o \
>+	sshconnect.o sshconnect1.o sshconnect2.o
>+
>+SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \
>+	sshpty.o sshlogin.o servconf.o serverloop.o selinux.o \
>+	auth.o auth1.o auth2.o auth-options.o session.o \
>+	auth-chall.o auth2-chall.o groupaccess.o \
>+	auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \
>+	auth2-none.o auth2-passwd.o auth2-pubkey.o \
>+	monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o \
>+	auth-krb5.o \
>+	auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o\
>+	loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \
>+	audit.o audit-bsm.o
>+
>+MANPAGES	= scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out
>+MANPAGES_IN	= scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-rand-helper.8 ssh-keysign.8 sshd_config.5 ssh_config.5
>+MANTYPE		= doc
>+
>+CONFIGFILES=sshd_config.out ssh_config.out moduli.out
>+CONFIGFILES_IN=sshd_config ssh_config moduli
>+
>+PATHSUBS	= \
>+	-e 's|/etc/ssh/ssh_prng_cmds|$(sysconfdir)/ssh_prng_cmds|g' \
>+	-e 's|/etc/ssh/ssh_config|$(sysconfdir)/ssh_config|g' \
>+	-e 's|/etc/ssh/ssh_known_hosts|$(sysconfdir)/ssh_known_hosts|g' \
>+	-e 's|/etc/ssh/sshd_config|$(sysconfdir)/sshd_config|g' \
>+	-e 's|/usr/libexec|$(libexecdir)|g' \
>+	-e 's|/etc/shosts.equiv|$(sysconfdir)/shosts.equiv|g' \
>+	-e 's|/etc/ssh/ssh_host_key|$(sysconfdir)/ssh_host_key|g' \
>+	-e 's|/etc/ssh/ssh_host_dsa_key|$(sysconfdir)/ssh_host_dsa_key|g' \
>+	-e 's|/etc/ssh/ssh_host_rsa_key|$(sysconfdir)/ssh_host_rsa_key|g' \
>+	-e 's|/var/run/sshd.pid|$(piddir)/sshd.pid|g' \
>+	-e 's|/etc/ssh/moduli|$(sysconfdir)/moduli|g' \
>+	-e 's|/etc/sshrc|$(sysconfdir)/sshrc|g' \
>+	-e 's|/usr/X11R6/bin/xauth|$(XAUTH_PATH)|g' \
>+	-e 's|/var/empty|$(PRIVSEP_PATH)|g' \
>+	-e 's|/usr/bin:/bin:/usr/sbin:/sbin|/usr/bin:/bin:/usr/sbin:/sbin|g'
>+
>+FIXPATHSCMD	= $(SED) $(PATHSUBS)
>+
>+all: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS)
>+
>+$(LIBSSH_OBJS): Makefile.in config.h
>+$(SSHOBJS): Makefile.in config.h
>+$(SSHDOBJS): Makefile.in config.h
>+
>+.c.o:
>+	$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
>+
>+LIBCOMPAT=openbsd-compat/libopenbsd-compat.a
>+$(LIBCOMPAT): always
>+	(cd openbsd-compat && $(MAKE))
>+always:
>+
>+libssh.a: $(LIBSSH_OBJS)
>+	$(AR) rv $@ $(LIBSSH_OBJS)
>+	$(RANLIB) $@
>+
>+ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SSHOBJS)
>+	$(LD) -o $@ $(SSHOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
>+
>+sshd$(EXEEXT): libssh.a	$(LIBCOMPAT) $(SSHDOBJS)
>+	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(LIBWRAP) $(LIBPAM) $(LIBSELINUX) $(LIBS)
>+
>+scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
>+	$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
>+
>+ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
>+	$(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
>+
>+ssh-agent$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-agent.o
>+	$(LD) -o $@ ssh-agent.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
>+
>+ssh-keygen$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keygen.o
>+	$(LD) -o $@ ssh-keygen.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
>+
>+ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o
>+	$(LD) -o $@ ssh-keysign.o readconf.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
>+
>+ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o
>+	$(LD) -o $@ ssh-keyscan.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
>+
>+sftp-server$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-common.o sftp-server.o
>+	$(LD) -o $@ sftp-server.o sftp-common.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
>+
>+sftp$(EXEEXT): $(LIBCOMPAT) libssh.a sftp.o sftp-client.o sftp-common.o sftp-glob.o progressmeter.o
>+	$(LD) -o $@ progressmeter.o sftp.o sftp-client.o sftp-common.o sftp-glob.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) $(LIBEDIT)
>+
>+ssh-rand-helper${EXEEXT}: $(LIBCOMPAT) libssh.a ssh-rand-helper.o
>+	$(LD) -o $@ ssh-rand-helper.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
>+
>+# test driver for the loginrec code - not built by default
>+logintest: logintest.o $(LIBCOMPAT) libssh.a loginrec.o
>+	$(LD) -o $@ logintest.o $(LDFLAGS) loginrec.o -lopenbsd-compat -lssh $(LIBS)
>+
>+$(MANPAGES): $(MANPAGES_IN)
>+	if test "$(MANTYPE)" = "cat"; then \
>+		manpage=$(srcdir)/`echo $@ | sed 's/\.[1-9]\.out$$/\.0/'`; \
>+	else \
>+		manpage=$(srcdir)/`echo $@ | sed 's/\.out$$//'`; \
>+	fi; \
>+	if test "$(MANTYPE)" = "man"; then \
>+		$(FIXPATHSCMD) $${manpage} | $(AWK) -f $(srcdir)/mdoc2man.awk > $@; \
>+	else \
>+		$(FIXPATHSCMD) $${manpage} > $@; \
>+	fi
>+
>+$(CONFIGFILES): $(CONFIGFILES_IN)
>+	conffile=`echo $@ | sed 's/.out$$//'`; \
>+	$(FIXPATHSCMD) $(srcdir)/$${conffile} > $@
>+
>+ssh_prng_cmds.out:	ssh_prng_cmds
>+	if test ! -z "$(INSTALL_SSH_PRNG_CMDS)"; then \
>+		$(PERL) $(srcdir)/fixprogs ssh_prng_cmds $(ENT); \
>+	fi
>+
>+# fake rule to stop make trying to compile moduli.o into a binary "moduli.o"
>+moduli:
>+	echo
>+
>+clean:	regressclean
>+	rm -f *.o *.a $(TARGETS) logintest config.cache config.log
>+	rm -f *.out core survey
>+	(cd openbsd-compat && $(MAKE) clean)
>+
>+distclean:	regressclean
>+	rm -f *.o *.a $(TARGETS) logintest config.cache config.log
>+	rm -f *.out core opensshd.init
>+	rm -f Makefile buildpkg.sh config.h config.status ssh_prng_cmds survey.sh *~
>+	rm -rf autom4te.cache
>+	(cd openbsd-compat && $(MAKE) distclean)
>+	(cd scard && $(MAKE) distclean)
>+	if test -d pkg ; then \
>+		rm -fr pkg ; \
>+	fi
>+
>+veryclean: distclean
>+	rm -f configure config.h.in *.0
>+
>+mrproper: veryclean
>+
>+realclean: veryclean
>+
>+catman-do:
>+	@for f in $(MANPAGES_IN) ; do \
>+		base=`echo $$f | sed 's/\..*$$//'` ; \
>+		echo "$$f -> $$base.0" ; \
>+		nroff -mandoc $$f | cat -v | sed -e 's/.\^H//g' \
>+			>$$base.0 ; \
>+	done
>+
>+distprep: catman-do
>+	$(AUTORECONF)
>+	-rm -rf autom4te.cache
>+	(cd scard && $(MAKE) -f Makefile.in distprep)
>+
>+install: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf host-key check-config
>+install-nokeys: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files install-sysconf
>+install-nosysconf: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS) install-files
>+
>+check-config:
>+	-$(DESTDIR)$(sbindir)/sshd -t -f $(DESTDIR)$(sysconfdir)/sshd_config
>+
>+scard-install:
>+	(cd scard && $(MAKE) DESTDIR=$(DESTDIR) install)
>+
>+install-files: scard-install
>+	$(srcdir)/mkinstalldirs $(DESTDIR)$(bindir)
>+	$(srcdir)/mkinstalldirs $(DESTDIR)$(sbindir)
>+	$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)
>+	$(srcdir)/mkinstalldirs $(DESTDIR)$(datadir)
>+	$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)1
>+	$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)5
>+	$(srcdir)/mkinstalldirs $(DESTDIR)$(mandir)/$(mansubdir)8
>+	$(srcdir)/mkinstalldirs $(DESTDIR)$(libexecdir)
>+	(umask 022 ; $(srcdir)/mkinstalldirs $(DESTDIR)$(PRIVSEP_PATH))
>+	$(INSTALL) -m 0755 $(STRIP_OPT) ssh $(DESTDIR)$(bindir)/ssh
>+	$(INSTALL) -m 0755 $(STRIP_OPT) scp $(DESTDIR)$(bindir)/scp
>+	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-add $(DESTDIR)$(bindir)/ssh-add
>+	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-agent $(DESTDIR)$(bindir)/ssh-agent
>+	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keygen $(DESTDIR)$(bindir)/ssh-keygen
>+	$(INSTALL) -m 0755 $(STRIP_OPT) ssh-keyscan $(DESTDIR)$(bindir)/ssh-keyscan
>+	$(INSTALL) -m 0755 $(STRIP_OPT) sshd $(DESTDIR)$(sbindir)/sshd
>+	if test ! -z "$(INSTALL_SSH_RAND_HELPER)" ; then \
>+		$(INSTALL) -m 0755 $(STRIP_OPT) ssh-rand-helper $(DESTDIR)$(libexecdir)/ssh-rand-helper ; \
>+	fi
>+	$(INSTALL) -m 4711 $(STRIP_OPT) ssh-keysign $(DESTDIR)$(SSH_KEYSIGN)
>+	$(INSTALL) -m 0755 $(STRIP_OPT) sftp $(DESTDIR)$(bindir)/sftp
>+	$(INSTALL) -m 0755 $(STRIP_OPT) sftp-server $(DESTDIR)$(SFTP_SERVER)
>+	$(INSTALL) -m 644 ssh.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
>+	$(INSTALL) -m 644 scp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
>+	$(INSTALL) -m 644 ssh-add.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
>+	$(INSTALL) -m 644 ssh-agent.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
>+	$(INSTALL) -m 644 ssh-keygen.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
>+	$(INSTALL) -m 644 ssh-keyscan.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
>+	$(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5
>+	$(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5
>+	$(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
>+	if [ ! -z "$(INSTALL_SSH_RAND_HELPER)" ]; then \
>+		$(INSTALL) -m 644 ssh-rand-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8 ; \
>+	fi
>+	$(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
>+	$(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
>+	$(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
>+	-rm -f $(DESTDIR)$(bindir)/slogin
>+	ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
>+	ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
>+
>+install-sysconf:
>+	if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \
>+		$(srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir); \
>+	fi
>+	@if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_config ]; then \
>+		$(INSTALL) -m 644 ssh_config.out $(DESTDIR)$(sysconfdir)/ssh_config; \
>+	else \
>+		echo "$(DESTDIR)$(sysconfdir)/ssh_config already exists, install will not overwrite"; \
>+	fi
>+	@if [ ! -f $(DESTDIR)$(sysconfdir)/sshd_config ]; then \
>+		$(INSTALL) -m 644 sshd_config.out $(DESTDIR)$(sysconfdir)/sshd_config; \
>+	else \
>+		echo "$(DESTDIR)$(sysconfdir)/sshd_config already exists, install will not overwrite"; \
>+	fi
>+	@if [ -f ssh_prng_cmds ] && [ ! -z "$(INSTALL_SSH_PRNG_CMDS)" ]; then \
>+		if [ ! -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds ] ; then \
>+			$(INSTALL) -m 644 ssh_prng_cmds.out $(DESTDIR)$(sysconfdir)/ssh_prng_cmds; \
>+		else \
>+			echo "$(DESTDIR)$(sysconfdir)/ssh_prng_cmds already exists, install will not overwrite"; \
>+		fi ; \
>+	fi
>+	@if [ ! -f $(DESTDIR)$(sysconfdir)/moduli ]; then \
>+		if [ -f $(DESTDIR)$(sysconfdir)/primes ]; then \
>+			echo "moving $(DESTDIR)$(sysconfdir)/primes to $(DESTDIR)$(sysconfdir)/moduli"; \
>+			mv "$(DESTDIR)$(sysconfdir)/primes" "$(DESTDIR)$(sysconfdir)/moduli"; \
>+		else \
>+			$(INSTALL) -m 644 moduli.out $(DESTDIR)$(sysconfdir)/moduli; \
>+		fi ; \
>+	else \
>+		echo "$(DESTDIR)$(sysconfdir)/moduli already exists, install will not overwrite"; \
>+	fi
>+
>+host-key: ssh-keygen$(EXEEXT)
>+	@if [ -z "$(DESTDIR)" ] ; then \
>+		if [ -f "$(DESTDIR)$(sysconfdir)/ssh_host_key" ] ; then \
>+			echo "$(DESTDIR)$(sysconfdir)/ssh_host_key already exists, skipping." ; \
>+		else \
>+			./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N "" ; \
>+		fi ; \
>+		if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key ] ; then \
>+			echo "$(DESTDIR)$(sysconfdir)/ssh_host_dsa_key already exists, skipping." ; \
>+		else \
>+			./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" ; \
>+		fi ; \
>+		if [ -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key ] ; then \
>+			echo "$(DESTDIR)$(sysconfdir)/ssh_host_rsa_key already exists, skipping." ; \
>+		else \
>+			./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" ; \
>+		fi ; \
>+	fi ;
>+
>+host-key-force: ssh-keygen$(EXEEXT)
>+	./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N ""
>+	./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N ""
>+	./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N ""
>+
>+uninstallall:	uninstall
>+	-rm -f $(DESTDIR)$(sysconfdir)/ssh_config
>+	-rm -f $(DESTDIR)$(sysconfdir)/sshd_config
>+	-rm -f $(DESTDIR)$(sysconfdir)/ssh_prng_cmds
>+	-rmdir $(DESTDIR)$(sysconfdir)
>+	-rmdir $(DESTDIR)$(bindir)
>+	-rmdir $(DESTDIR)$(sbindir)
>+	-rmdir $(DESTDIR)$(mandir)/$(mansubdir)1
>+	-rmdir $(DESTDIR)$(mandir)/$(mansubdir)8
>+	-rmdir $(DESTDIR)$(mandir)
>+	-rmdir $(DESTDIR)$(libexecdir)
>+
>+uninstall:
>+	-rm -f $(DESTDIR)$(bindir)/slogin
>+	-rm -f $(DESTDIR)$(bindir)/ssh$(EXEEXT)
>+	-rm -f $(DESTDIR)$(bindir)/scp$(EXEEXT)
>+	-rm -f $(DESTDIR)$(bindir)/ssh-add$(EXEEXT)
>+	-rm -f $(DESTDIR)$(bindir)/ssh-agent$(EXEEXT)
>+	-rm -f $(DESTDIR)$(bindir)/ssh-keygen$(EXEEXT)
>+	-rm -f $(DESTDIR)$(bindir)/ssh-keyscan$(EXEEXT)
>+	-rm -f $(DESTDIR)$(bindir)/sftp$(EXEEXT)
>+	-rm -f $(DESTDIR)$(sbindir)/sshd$(EXEEXT)
>+	-rm -r $(DESTDIR)$(SFTP_SERVER)$(EXEEXT)
>+	-rm -f $(DESTDIR)$(SSH_KEYSIGN)$(EXEEXT)
>+	-rm -f $(DESTDIR)$(RAND_HELPER)$(EXEEXT)
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh.1
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/scp.1
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-add.1
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-agent.1
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keygen.1
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/ssh-keyscan.1
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-rand-helper.8
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8
>+	-rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1
>+
>+tests:	$(TARGETS)
>+	BUILDDIR=`pwd`; \
>+	[ -d `pwd`/regress ]  ||  mkdir -p `pwd`/regress; \
>+	[ -f `pwd`/regress/Makefile ]  || \
>+	    ln -s `cd $(srcdir) && pwd`/regress/Makefile `pwd`/regress/Makefile ; \
>+	TEST_SHELL="sh"; \
>+	TEST_SSH_SSH="$${BUILDDIR}/ssh"; \
>+	TEST_SSH_SSHD="$${BUILDDIR}/sshd"; \
>+	TEST_SSH_SSHAGENT="$${BUILDDIR}/ssh-agent"; \
>+	TEST_SSH_SSHADD="$${BUILDDIR}/ssh-add"; \
>+	TEST_SSH_SSHKEYGEN="$${BUILDDIR}/ssh-keygen"; \
>+	TEST_SSH_SSHKEYSCAN="$${BUILDDIR}/ssh-keyscan"; \
>+	TEST_SSH_SFTP="$${BUILDDIR}/sftp"; \
>+	TEST_SSH_SFTPSERVER="$${BUILDDIR}/sftp-server"; \
>+	cd $(srcdir)/regress || exit $$?; \
>+	$(MAKE) \
>+		.OBJDIR="$${BUILDDIR}/regress" \
>+		.CURDIR="`pwd`" \
>+		BUILDDIR="$${BUILDDIR}" \
>+		OBJ="$${BUILDDIR}/regress/" \
>+		PATH="$${BUILDDIR}:$${PATH}" \
>+		TEST_SHELL="$${TEST_SHELL}" \
>+		TEST_SSH_SSH="$${TEST_SSH_SSH}" \
>+		TEST_SSH_SSHD="$${TEST_SSH_SSHD}" \
>+		TEST_SSH_SSHAGENT="$${TEST_SSH_SSHAGENT}" \
>+		TEST_SSH_SSHADD="$${TEST_SSH_SSHADD}" \
>+		TEST_SSH_SSHKEYGEN="$${TEST_SSH_SSHKEYGEN}" \
>+		TEST_SSH_SSHKEYSCAN="$${TEST_SSH_SSHKEYSCAN}" \
>+		TEST_SSH_SFTP="$${TEST_SSH_SFTP}" \
>+		TEST_SSH_SFTPSERVER="$${TEST_SSH_SFTPSERVER}" \
>+		EXEEXT="$(EXEEXT)" \
>+		$@
>+
>+regressclean:
>+	if [ -f regress/Makefile ] && [ -r regress/Makefile ]; then \
>+		(cd regress && $(MAKE) clean) \
>+	fi
>+
>+survey: survey.sh ssh
>+	@$(SHELL) ./survey.sh > survey
>+	@echo 'The survey results have been placed in the file "survey" in the'
>+	@echo 'current directory.  Please review the file then send with'
>+	@echo '"make send-survey".'
>+
>+send-survey:	survey
>+	mail portable-survey@mindrot.org <survey
>+
>+package: $(CONFIGFILES) ssh_prng_cmds.out $(MANPAGES) $(TARGETS)
>+	if [ "no" = yes ]; then \
>+		sh buildpkg.sh; \
>+	fi
>+
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/moduli.out openssh-4.3p2-transproxy/moduli.out
>--- /home/lb/net/src/openssh-4.3p2/moduli.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/moduli.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,200 @@
>+#    $OpenBSD: moduli,v 1.3 2005/01/24 10:29:06 dtucker Exp $
>+# Time Type Tests Tries Size Generator Modulus
>+20040225025212 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7AFFE86A7
>+20040225025304 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B01F83CB
>+20040225025357 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B03F2B73
>+20040225025411 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B041C8C7
>+20040225025444 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0546E93
>+20040225025458 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0573767
>+20040225025522 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0629E73
>+20040225025545 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B06CD95B
>+20040225025616 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B07C93A3
>+20040225025655 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B093C72B
>+20040225025710 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B096450B
>+20040225025750 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0AF2C83
>+20040225025830 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0C7F1FF
>+20040225025845 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0CB565B
>+20040225025858 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0CD8557
>+20040225025915 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0D20473
>+20040225025934 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0D924F7
>+20040225025952 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0DFD8BB
>+20040225030015 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0E8E59F
>+20040225030039 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0F43B0B
>+20040225030104 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B0FEB103
>+20040225030130 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B10AC3DB
>+20040225030149 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1122527
>+20040225030214 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B11E494B
>+20040225030245 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B12E727B
>+20040225030319 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1416743
>+20040225030347 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1507F2B
>+20040225030404 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1560FE3
>+20040225030418 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1591CF7
>+20040225030432 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B15B57FF
>+20040225030455 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B165D0AF
>+20040225030511 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B169C97F
>+20040225030551 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B182715B
>+20040225030621 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1920737
>+20040225030648 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B19FB54B
>+20040225030718 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1AFAE87
>+20040225030736 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1B5A7AF
>+20040225030753 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1BC3C47
>+20040225030815 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1C6AF33
>+20040225030831 2 6 100 1023 2 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1CAD9FB
>+20040225030902 2 6 100 1023 5 CAADDDEC1667FC68B5FA15D53C4E1532DD24561A1A2D47A12C01ABEA1E00731F6921AAC40742311FDF9E634BB7131BEE1AF240261554389A910425E044E88C8359B010F5AD2B80E29CB1A5B027B19D9E01A6F63A6F45E5D7ED2FF6A2A0085050A7D0CF307C3DB51D2490355907B4427C23A98DF1EB8ABEF2BA209BB7B1DC6A8F
>+20040225035226 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844800C47CAB
>+20040225035359 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844800D3866B
>+20040225035635 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844800F43DFF
>+20040225035846 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448010B4D93
>+20040225040147 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448013094F3
>+20040225040301 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448013AA0FB
>+20040225040619 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480163EC83
>+20040225040718 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448016AEB8F
>+20040225041023 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480190871F
>+20040225041328 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844801B5F1B3
>+20040225041740 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844801ED6FBB
>+20040225041921 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844801FEC44F
>+20040225042229 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802245FF7
>+20040225042513 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480246F93B
>+20040225042547 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802473F4F
>+20040225042707 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480253B03B
>+20040225043111 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480287CD9B
>+20040225043513 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802BC32FB
>+20040225043609 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802C2125B
>+20040225043847 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802E1B733
>+20040225043925 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844802E2E963
>+20040225044335 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448031AC423
>+20040225045303 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803A10E07
>+20040225045443 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803B0EF43
>+20040225045518 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803B15033
>+20040225045923 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803E58317
>+20040225050120 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844803F9EB4F
>+20040225050333 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448041304B3
>+20040225050524 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804279B2F
>+20040225050559 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804281047
>+20040225050810 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF8448043F454F
>+20040225051113 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804672F1F
>+20040225051335 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804809CB3
>+20040225051442 2 6 100 1535 5 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF84480489545F
>+20040225052303 2 6 100 1535 2 FC4601920ABD76FF37FDC717EDFFEC0E539D5F7697882432A53085C95B040175503AEBD8A0FDF38D5F4EAA8EB1A22389D2CF2070F4DD47E2E8F89F4DD4ACACE4593F762DB92C479EBF1BBD4EF450A7FFAA15F75FB921B42B62466C29A993E7C7D8FD8412A4869D867E2765C2CBA0BC0F31E625B9BE1FF5421FDC2E097E0EF66F1CC9FF04AEB9341327D3468630C4E049530EF12350D51A71FDF9B6DB3CE56ED8C9FE61148F8098722A43C4F0AE29855BC9E06068D3898146ACFF844804FE918B
>+20040225062215 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6B9F68B3E7
>+20040225063823 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6B9FD47307
>+20040225064402 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6B9FF43C0F
>+20040225065646 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA04740DB
>+20040225065825 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA04B01BF
>+20040225070116 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA056DD47
>+20040225074027 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA172E1B3
>+20040225080343 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA217422F
>+20040225081159 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA24927DB
>+20040225081331 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA24C058B
>+20040225082528 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA2993EBF
>+20040225084537 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA3242BE3
>+20040225085012 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA33EF643
>+20040225085829 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA3729D77
>+20040225090710 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA3AC0143
>+20040225091002 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA3B8AE6B
>+20040225092648 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA42B65D7
>+20040225093120 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA4442793
>+20040225093517 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA459441F
>+20040225094409 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA491BE4B
>+20040225095209 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA4C4E437
>+20040225095548 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA4D5D7AB
>+20040225100531 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA51404EB
>+20040225100644 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5145C87
>+20040225101834 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5609CBB
>+20040225102317 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA57AC86F
>+20040225103220 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5B631A3
>+20040225103355 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5B98D2F
>+20040225103756 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5CEBAFB
>+20040225104020 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5D77CDF
>+20040225104557 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA5F6FD9F
>+20040225110302 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA66A70DF
>+20040225110515 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA6721A43
>+20040225110913 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA6879A53
>+20040225111338 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA69FE2FB
>+20040225111911 2 6 100 2047 5 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA6C04F47
>+20040225112902 2 6 100 2047 2 F8F54DA4E1F232A9D05104B807DCBEA553C1E606FEB1CF149DEBB99243AAA7A354616FD95368EBCC1A58C8BCB87FB993F731400A413E07E35B1ADDD6484973E1734835FEFDC214DACA8C0844285A670D03BB3E1A5B5E14DC6F3B20EAAC8F18EB6C48AA5604F21EBEEA3C867F6CFA010858DFD589DCDEFBE8996A42F5BA00BEDFF6743F4D4E2808806965258C4E17D1B2BF371814696A2CC7C5C6548ED480AA7491A9DE16D2B12F15471B192295AA27F6D047EC2BA7547ED70674F52B4934D846712B1EA87E7FE12C5A210DEF5B3A14DBC8E712AA7192D877B4E6479F3CD69F82127E7352C19191B036A86BCF2D7D7CC687C25C5E4620295F10DCCE6BA7007CD3
>+20040225143208 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8968A91B
>+20040225144922 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8987DF6B
>+20040225150309 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD899E0F8B
>+20040225161716 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8A3A91CF
>+20040225163012 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8A4CED2B
>+20040225175457 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8B02C5DB
>+20040225182539 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8B3E9D13
>+20040225194030 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8BDE269B
>+20040225201420 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8C203553
>+20040225203219 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8C40B747
>+20040225203908 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8C46ED83
>+20040225210230 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8C72586B
>+20040225212746 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8CA15F2F
>+20040225214624 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8CC34833
>+20040225223007 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8D1B23AB
>+20040225234913 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8DC36C9B
>+20040226001353 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8DF174B3
>+20040226004101 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8E24518B
>+20040226010652 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8E543397
>+20040226015415 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8EB6152F
>+20040226022931 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8EFD1773
>+20040226025740 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD8F3376D7
>+20040226053010 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD90786CE3
>+20040226054156 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD908AC36B
>+20040226081600 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD91D61A43
>+20040226083039 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD91ED4AE3
>+20040226092910 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD9265F7DB
>+20040226112913 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD93696533
>+20040226115826 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD93A210A3
>+20040226135326 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD949596D7
>+20040226145128 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD95096CCF
>+20040226153142 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD95582C7B
>+20040226164905 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD95FACE7B
>+20040226171921 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD9633F443
>+20040226182347 2 6 100 3071 5 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD96BAC3A7
>+20040226200555 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD97972EFB
>+20040226202801 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD97C0B5C3
>+20040226214755 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD9868011B
>+20040226215843 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD9876E7FB
>+20040226220422 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD987B4983
>+20040226222346 2 6 100 3071 2 EDDA2E6520E6A915FE821EA06B4E19C95EBA8092F521CDE778B7B6CCA0FD89E935C904E2FA83E37DD49C1C52120C0958B85AAEE0B1A0E36C89836CE6C5509D50ABA58C154289C129B4A12A9249589496A5381CEA2105D818DB8790C4913BAD3C4C5ADB6BE036BD44B8AFB9F607017277FA36C971E5F10D7D062354FAB31BA97B376D723451478D1BA7D2C213A2E377E6826FF2F0695A2EDF9F8107DE4FF78DD0C2EF3A715084592623C58D2B2775FC7C0CF8F745EA1C75BEA8E574B9747207357DE143B0A803829E418B8F4BB44C40481CBB086B8AC6B93CC0E989E1336A010529F5D0FC4E077F778672646C62B7371965D60822C871F97C03913DB5CE080F67A348DD1722DD7BFA0761B2BF16A925FB9FCB6DCD1BC959A8794ACAEA984E1E9AE7BB2276B9C866CC890D8A8C51A17C479DA689DAA065C019CF9B082ED67D9CF1C9753E2A4030CCC27BE34280F042384597CEA223D5FA6631E109D5A23C60312F1D4783C3403D67A0D67665F7C5BEABF0BC30514DB07D7EF2A8E07CDD989D61D3
>+20040227091438 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC5737ECF
>+20040227101541 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC5AE7363
>+20040227160657 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC7295F4F
>+20040227180410 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC7A46573
>+20040227225950 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC8E6D5E3
>+20040227233727 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFC9079B33
>+20040228032633 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFCA006227
>+20040228060859 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFCAAE6E63
>+20040228101703 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFCBBC54FB
>+20040228192850 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFCE191D13
>+20040229084451 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD1804AF3
>+20040229164933 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD3887E07
>+20040229210220 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD49457B7
>+20040229222958 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD4EA3223
>+20040301003324 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD566C79B
>+20040301030228 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD6032D8F
>+20040301040042 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD63B1113
>+20040301073501 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD71C4A67
>+20040301133631 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD8A0BBD3
>+20040301165652 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD96E4053
>+20040301184021 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFD9D662FB
>+20040302045553 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDC5FE8E3
>+20040302112648 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDDFE9D13
>+20040302120026 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDE1A5AD3
>+20040302130757 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDE5E4073
>+20040302142004 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDEA4AA9B
>+20040302145603 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFDEC2C32B
>+20040302212946 2 6 100 4095 5 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFE0652EC7
>+20040303003544 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFE127CF63
>+20040303072925 2 6 100 4095 2 C7FE661FF2675517258B6E893FE81DFC29EDFB28FFE325C4F929BFAF5D0203DF5D75D966B0886A4197CC8F2EE339349DF88E73C54A315C402DF609DA61A237435167524F8EA37E5AB33E8A0C80E36DF4F6B9D6141958CC784CDDB6E2543038C9966D62AC2474786F2E2890E4935AD47BB005A6FC309817807EC9597B69858F1FBD6A1B28E897EFB6219F9FF83BEAFFD448C9F2F8C33CEA7C08242428FD75D218411E41523B688BF3D9311374E43D8963C821611BBBC91CA23968E60FB143FA0B36120657734D5C83C1C58A5A229CCDDC27875E51C358F0C8FEDDE4A11C50E0A154C80127B6FF92F496F7F2FA41D601A3EA88A3A53569AA3F3ABA5761757AC553CF57578800379C5F06082DD6088841D7BA48A58D1422B0DEC088279655C2D6380CF7097CD39565E9998785CBEB300AFFADEACA285201CBB27F48456EF7E49DE75380D0D1B4CCC28ADB8E12903473548D74A8847DAADC34315F157351C4CD507FF9B03CA6DD1C954BB75C9FD3C425FEFA76FC03FB346BE11E61B67A3AD374C1843ECA636CC7454249AB2A08B645DADCBFB48A470B1206ED20020FF0A0F5C2253187BBC2BC7F449AD58D35746E5A47B4A7BB404592C0A1F4E3BA34938C1E3C32464E1A52D3E722FA1165B72E8B438C11CFD0DB42A4081ED09F468A2E17C8D3F2BB689DC0CC831F889D7BAFC39D2A7F6C9A362E9BAE48B12FBACF34F9DFE2D793F3
>+20040305011518 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080E4CE974B
>+20040305043124 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080E5050933
>+20040305084728 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080E54C7783
>+20040306205350 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080E809C413
>+20040309221333 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080ED7F9CFB
>+20040311222059 2 6 100 6143 5 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080F103209F
>+20040312160304 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080F247861B
>+20040312210904 2 6 100 6143 5 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080F29D939F
>+20040316074005 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080F8B1F7DB
>+20040317113309 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080FAAE1F73
>+20040317195246 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080FB3F2B93
>+20040319025848 2 6 100 6143 2 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C7080FD81741B
>+20040323194658 2 6 100 6143 5 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C708105AF04AF
>+20040324041535 2 6 100 6143 5 E95A4131F86234D27EE1E51791599559EEDB618912E4FE36B81B80CDA4D497959DBFAEE929317A66BE64A328BAB6183EA5A5CBB3581490B4B613B225ADD00EFD38540356E0F4716229CDDB260283AF044FDAF1EF9248BB0CE9031C117CF15D3259B3E7B0301CA1AAC91AFA7A57CCDEED2DA4EFC2DBC7A9FC53BB4D3CB2D57D209D5DDEF25DE14F8226404296BD504EC14F6340F0AA2A1A943B9552C4B91D3EB48C08A13671C36EE5042857625DD2CB58965C0975EB775057FF82BC2B8B69D0BF26E2F80115B3E1A984D1D73D9D02AD69C3A1AF90EC915DE6FC9F574BD755B2EF6BBE62F3717E128DC797A06FE35C1C28CED57A0F64F61A4439ACFE7A7B95A1A948417A5B8B69916A32989B00E2C3FB7C74139A4DA9E533C439E59FC7C4F90780D2BBCDF012C499C15A1E0B5C318F84FB17DF97AB3EC356FD0072CFA3884EFBED319009DE6DBF2A5C7C87A93DEB04CCD9147EF8C9BEC2FD713793E4F0BF8C4EFCEBFBF95D555E523AB5D742808C4E425979A1C216C8CB2B42C7715B8CA5907E84E6FBC35DA7BFBFC892870B659C882C6E3697E0DCC6C24771F26D51A890786DA516DBC2D161680B134F1715B32F734E667650398EC2241AF78877BB3D61D83D0158DDE894862EE6E1BEE278724EA7B34C74F0A5D6B7F79F1322E20AD5757E11D9AC31BFE27C56ABB23A275130533433DC41DDBA1081E3A018E0D0B55DF33ECAE104909DC74F1CA2256CFD423A859B0AC2112A0AE684396C0029AD07D0D30AC84FFD2C2E80B74DE29310FCAFE7D0CB8864729B6FD1F86052D7DD9A9CB085A186259A67C175B3F81C5DA19AFED1BF9C5C07F40A29ED47ED4F1C7DE878B8411E3239ED15AC0E4CCC1D7F8842E9FD9C989F301E2689F800C3D14A38810906A36EEA34207014E99C843C599D56FCFBC14278A2A009C13B6E4AC7460B54D2C7EF38D72AC450540097D2AF609D3FFF874D14582FA8FF21027DEC92844BD22A9A7EC14C66BCC8DB1E058B95AF87ACB60A5725767A76C9185744E483BCCD9278ED9FF15A04061D0F6E32D98B6853A39AA498673C7DD012982B1913B3C3CE2C70810643E737
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/openbsd-compat/Makefile openssh-4.3p2-transproxy/openbsd-compat/Makefile
>--- /home/lb/net/src/openssh-4.3p2/openbsd-compat/Makefile	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/openbsd-compat/Makefile	2007-03-11 23:47:55.000000000 +0100
>@@ -0,0 +1,42 @@
>+# $Id: Makefile.in,v 1.37 2005/12/31 05:33:37 djm Exp $
>+
>+sysconfdir=${prefix}/etc
>+piddir=/var/run
>+srcdir=.
>+top_srcdir=..
>+
>+
>+CC=gcc
>+LD=gcc
>+CFLAGS=-g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wno-pointer-sign -std=gnu99 
>+CPPFLAGS=-I. -I.. -I$(srcdir) -I$(srcdir)/..  -DHAVE_CONFIG_H
>+LIBS=-lcrypto -lutil -lz -lnsl  -lcrypt -lresolv -lresolv
>+AR=/usr/bin/ar
>+RANLIB=ranlib
>+INSTALL=/usr/bin/install -c
>+LDFLAGS=-L. 
>+
>+OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtonum.o strtoll.o strtoul.o vis.o
>+
>+COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
>+
>+PORTS=port-irix.o port-aix.o port-uw.o port-tun.o
>+
>+.c.o:
>+	$(CC) $(CFLAGS) $(CPPFLAGS) -c $<
>+
>+all: libopenbsd-compat.a
>+
>+$(COMPAT): ../config.h
>+$(OPENBSD): ../config.h
>+$(PORTS): ../config.h
>+
>+libopenbsd-compat.a:  $(COMPAT) $(OPENBSD) $(PORTS)
>+	$(AR) rv $@ $(COMPAT) $(OPENBSD) $(PORTS)
>+	$(RANLIB) $@
>+
>+clean:
>+	rm -f *.o *.a core 
>+
>+distclean: clean
>+	rm -f Makefile *~
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/opensshd.init openssh-4.3p2-transproxy/opensshd.init
>--- /home/lb/net/src/openssh-4.3p2/opensshd.init	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/opensshd.init	2007-03-11 23:47:55.000000000 +0100
>@@ -0,0 +1,82 @@
>+#!/bin/sh
>+# Donated code that was put under PD license.
>+#
>+# Stripped PRNGd out of it for the time being.
>+
>+umask 022
>+
>+CAT=/bin/cat
>+KILL=/bin/kill
>+
>+prefix=/usr
>+sysconfdir=${prefix}/etc
>+piddir=/var/run
>+
>+SSHD=$prefix/sbin/sshd
>+PIDFILE=$piddir/sshd.pid
>+SSH_KEYGEN=$prefix/bin/ssh-keygen
>+HOST_KEY_RSA1=$sysconfdir/ssh_host_key
>+HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key
>+HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key
>+
>+
>+checkkeys() {
>+    if [ ! -f $HOST_KEY_RSA1 ]; then
>+	${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
>+    fi
>+    if [ ! -f $HOST_KEY_DSA ]; then
>+	${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N ""
>+    fi
>+    if [ ! -f $HOST_KEY_RSA ]; then
>+	${SSH_KEYGEN} -t rsa -f ${HOST_KEY_RSA} -N ""
>+    fi
>+}
>+
>+stop_service() {
>+    if [  -r $PIDFILE  -a  ! -z ${PIDFILE}  ]; then
>+	PID=`${CAT} ${PIDFILE}`
>+    fi
>+    if [  ${PID:=0} -gt 1 -a  ! "X$PID" = "X "  ]; then
>+	${KILL} ${PID}
>+    else
>+	echo "Unable to read PID file"
>+    fi
>+}
>+
>+start_service() {
>+    # XXX We really should check if the service is already going, but
>+    # XXX we will opt out at this time. - Bal
>+
>+    # Check to see if we have keys that need to be made
>+    checkkeys
>+
>+    # Start SSHD
>+    echo "starting $SSHD... \c"         ; $SSHD
>+
>+    sshd_rc=$?
>+    if [ $sshd_rc -ne 0 ]; then
>+	echo "$0: Error ${sshd_rc} starting ${SSHD}... bailing."
>+	exit $sshd_rc
>+    fi
>+    echo done.
>+}
>+
>+case $1 in
>+
>+'start')
>+    start_service
>+    ;;
>+
>+'stop')
>+    stop_service
>+    ;;
>+
>+'restart')
>+    stop_service
>+    start_service
>+    ;;
>+
>+*)
>+    echo "$0:  usage:  $0 {start|stop|restart}"
>+    ;;
>+esac
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/scard/Makefile openssh-4.3p2-transproxy/scard/Makefile
>--- /home/lb/net/src/openssh-4.3p2/scard/Makefile	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/scard/Makefile	2007-03-11 23:47:56.000000000 +0100
>@@ -0,0 +1,28 @@
>+# $Id: Makefile.in,v 1.4 2002/04/26 01:25:41 djm Exp $
>+
>+prefix=/usr
>+datadir=${prefix}/share
>+srcdir=.
>+top_srcdir=..
>+
>+INSTALL=/usr/bin/install -c
>+
>+
>+
>+all:
>+
>+#Ssh.bin:  Ssh.bin.uu
>+#	uudecode Ssh.bin.uu
>+
>+clean:
>+#	rm -rf Ssh.bin
>+
>+distprep:
>+	uudecode Ssh.bin.uu
>+
>+distclean: clean
>+	rm -f Makefile *~
>+
>+install: $(srcdir)/Ssh.bin
>+	$(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir)
>+	$(INSTALL) -m 0644 $(srcdir)/Ssh.bin $(DESTDIR)$(datadir)/Ssh.bin
>Binary files /home/lb/net/src/openssh-4.3p2/scp and openssh-4.3p2-transproxy/scp differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/scp.1.out openssh-4.3p2-transproxy/scp.1.out
>--- /home/lb/net/src/openssh-4.3p2/scp.1.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/scp.1.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,221 @@
>+.\"  -*- nroff -*-
>+.\"
>+.\" scp.1
>+.\"
>+.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
>+.\"
>+.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
>+.\"                    All rights reserved
>+.\"
>+.\" Created: Sun May  7 00:14:37 1995 ylo
>+.\"
>+.\" $OpenBSD: scp.1,v 1.39 2006/01/20 00:14:55 dtucker Exp $
>+.\"
>+.Dd September 25, 1999
>+.Dt SCP 1
>+.Os
>+.Sh NAME
>+.Nm scp
>+.Nd secure copy (remote file copy program)
>+.Sh SYNOPSIS
>+.Nm scp
>+.Bk -words
>+.Op Fl 1246BCpqrv
>+.Op Fl c Ar cipher
>+.Op Fl F Ar ssh_config
>+.Op Fl i Ar identity_file
>+.Op Fl l Ar limit
>+.Op Fl o Ar ssh_option
>+.Op Fl P Ar port
>+.Op Fl S Ar program
>+.Sm off
>+.Oo
>+.Op Ar user No @
>+.Ar host1 No :
>+.Oc Ns Ar file1
>+.Sm on
>+.Op Ar ...
>+.Sm off
>+.Oo
>+.Op Ar user No @
>+.Ar host2 No :
>+.Oc Ar file2
>+.Sm on
>+.Ek
>+.Sh DESCRIPTION
>+.Nm
>+copies files between hosts on a network.
>+It uses
>+.Xr ssh 1
>+for data transfer, and uses the same authentication and provides the
>+same security as
>+.Xr ssh 1 .
>+Unlike
>+.Xr rcp 1 ,
>+.Nm
>+will ask for passwords or passphrases if they are needed for
>+authentication.
>+.Pp
>+Any file name may contain a host and user specification to indicate
>+that the file is to be copied to/from that host.
>+Copies between two remote hosts are permitted.
>+.Pp
>+The options are as follows:
>+.Bl -tag -width Ds
>+.It Fl 1
>+Forces
>+.Nm
>+to use protocol 1.
>+.It Fl 2
>+Forces
>+.Nm
>+to use protocol 2.
>+.It Fl 4
>+Forces
>+.Nm
>+to use IPv4 addresses only.
>+.It Fl 6
>+Forces
>+.Nm
>+to use IPv6 addresses only.
>+.It Fl B
>+Selects batch mode (prevents asking for passwords or passphrases).
>+.It Fl C
>+Compression enable.
>+Passes the
>+.Fl C
>+flag to
>+.Xr ssh 1
>+to enable compression.
>+.It Fl c Ar cipher
>+Selects the cipher to use for encrypting the data transfer.
>+This option is directly passed to
>+.Xr ssh 1 .
>+.It Fl F Ar ssh_config
>+Specifies an alternative
>+per-user configuration file for
>+.Nm ssh .
>+This option is directly passed to
>+.Xr ssh 1 .
>+.It Fl i Ar identity_file
>+Selects the file from which the identity (private key) for RSA
>+authentication is read.
>+This option is directly passed to
>+.Xr ssh 1 .
>+.It Fl l Ar limit
>+Limits the used bandwidth, specified in Kbit/s.
>+.It Fl o Ar ssh_option
>+Can be used to pass options to
>+.Nm ssh
>+in the format used in
>+.Xr ssh_config 5 .
>+This is useful for specifying options
>+for which there is no separate
>+.Nm scp
>+command-line flag.
>+For full details of the options listed below, and their possible values, see
>+.Xr ssh_config 5 .
>+.Pp
>+.Bl -tag -width Ds -offset indent -compact
>+.It AddressFamily
>+.It BatchMode
>+.It BindAddress
>+.It ChallengeResponseAuthentication
>+.It CheckHostIP
>+.It Cipher
>+.It Ciphers
>+.It Compression
>+.It CompressionLevel
>+.It ConnectionAttempts
>+.It ConnectTimeout
>+.It ControlMaster
>+.It ControlPath
>+.It GlobalKnownHostsFile
>+.It GSSAPIAuthentication
>+.It GSSAPIDelegateCredentials
>+.It HashKnownHosts
>+.It Host
>+.It HostbasedAuthentication
>+.It HostKeyAlgorithms
>+.It HostKeyAlias
>+.It HostName
>+.It IdentityFile
>+.It IdentitiesOnly
>+.It KbdInteractiveDevices
>+.It LogLevel
>+.It MACs
>+.It NoHostAuthenticationForLocalhost
>+.It NumberOfPasswordPrompts
>+.It PasswordAuthentication
>+.It Port
>+.It PreferredAuthentications
>+.It Protocol
>+.It ProxyCommand
>+.It PubkeyAuthentication
>+.It RekeyLimit
>+.It RhostsRSAAuthentication
>+.It RSAAuthentication
>+.It SendEnv
>+.It ServerAliveInterval
>+.It ServerAliveCountMax
>+.It SmartcardDevice
>+.It StrictHostKeyChecking
>+.It TCPKeepAlive
>+.It UsePrivilegedPort
>+.It User
>+.It UserKnownHostsFile
>+.It VerifyHostKeyDNS
>+.El
>+.It Fl P Ar port
>+Specifies the port to connect to on the remote host.
>+Note that this option is written with a capital
>+.Sq P ,
>+because
>+.Fl p
>+is already reserved for preserving the times and modes of the file in
>+.Xr rcp 1 .
>+.It Fl p
>+Preserves modification times, access times, and modes from the
>+original file.
>+.It Fl q
>+Disables the progress meter.
>+.It Fl r
>+Recursively copy entire directories.
>+.It Fl S Ar program
>+Name of
>+.Ar program
>+to use for the encrypted connection.
>+The program must understand
>+.Xr ssh 1
>+options.
>+.It Fl v
>+Verbose mode.
>+Causes
>+.Nm
>+and
>+.Xr ssh 1
>+to print debugging messages about their progress.
>+This is helpful in
>+debugging connection, authentication, and configuration problems.
>+.El
>+.Sh DIAGNOSTICS
>+.Nm
>+exits with 0 on success or >0 if an error occurred.
>+.Sh SEE ALSO
>+.Xr rcp 1 ,
>+.Xr sftp 1 ,
>+.Xr ssh 1 ,
>+.Xr ssh-add 1 ,
>+.Xr ssh-agent 1 ,
>+.Xr ssh-keygen 1 ,
>+.Xr ssh_config 5 ,
>+.Xr sshd 8
>+.Sh HISTORY
>+.Nm
>+is based on the
>+.Xr rcp 1
>+program in BSD source code from the Regents of the University of
>+California.
>+.Sh AUTHORS
>+.An Timo Rinne Aq tri@iki.fi
>+.An Tatu Ylonen Aq ylo@cs.hut.fi
>Binary files /home/lb/net/src/openssh-4.3p2/sftp and openssh-4.3p2-transproxy/sftp differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/sftp.1.out openssh-4.3p2-transproxy/sftp.1.out
>--- /home/lb/net/src/openssh-4.3p2/sftp.1.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/sftp.1.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,453 @@
>+.\" $OpenBSD: sftp.1,v 1.63 2006/01/20 00:14:55 dtucker Exp $
>+.\"
>+.\" Copyright (c) 2001 Damien Miller.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.Dd February 4, 2001
>+.Dt SFTP 1
>+.Os
>+.Sh NAME
>+.Nm sftp
>+.Nd secure file transfer program
>+.Sh SYNOPSIS
>+.Nm sftp
>+.Bk -words
>+.Op Fl 1Cv
>+.Op Fl B Ar buffer_size
>+.Op Fl b Ar batchfile
>+.Op Fl F Ar ssh_config
>+.Op Fl o Ar ssh_option
>+.Op Fl P Ar sftp_server_path
>+.Op Fl R Ar num_requests
>+.Op Fl S Ar program
>+.Op Fl s Ar subsystem | sftp_server
>+.Ar host
>+.Ek
>+.Nm sftp
>+.Oo Oo Ar user Ns @ Oc Ns
>+.Ar host Ns Oo : Ns Ar file Oo
>+.Ar file Oc Oc Oc
>+.Nm sftp
>+.Oo Oo Ar user Ns @ Oc Ns
>+.Ar host Ns Oo : Ns Ar dir Ns
>+.Oo Ar / Oc Oc Oc
>+.Nm sftp
>+.Fl b Ar batchfile
>+.Oo Ar user Ns @ Oc Ns Ar host
>+.Sh DESCRIPTION
>+.Nm
>+is an interactive file transfer program, similar to
>+.Xr ftp 1 ,
>+which performs all operations over an encrypted
>+.Xr ssh 1
>+transport.
>+It may also use many features of ssh, such as public key authentication and
>+compression.
>+.Nm
>+connects and logs into the specified
>+.Ar host ,
>+then enters an interactive command mode.
>+.Pp
>+The second usage format will retrieve files automatically if a non-interactive
>+authentication method is used; otherwise it will do so after
>+successful interactive authentication.
>+.Pp
>+The third usage format allows
>+.Nm
>+to start in a remote directory.
>+.Pp
>+The final usage format allows for automated sessions using the
>+.Fl b
>+option.
>+In such cases, it is necessary to configure non-interactive authentication
>+to obviate the need to enter a password at connection time (see
>+.Xr sshd 8
>+and
>+.Xr ssh-keygen 1
>+for details).
>+The options are as follows:
>+.Bl -tag -width Ds
>+.It Fl 1
>+Specify the use of protocol version 1.
>+.It Fl B Ar buffer_size
>+Specify the size of the buffer that
>+.Nm
>+uses when transferring files.
>+Larger buffers require fewer round trips at the cost of higher
>+memory consumption.
>+The default is 32768 bytes.
>+.It Fl b Ar batchfile
>+Batch mode reads a series of commands from an input
>+.Ar batchfile
>+instead of
>+.Em stdin .
>+Since it lacks user interaction it should be used in conjunction with
>+non-interactive authentication.
>+A
>+.Ar batchfile
>+of
>+.Sq \-
>+may be used to indicate standard input.
>+.Nm
>+will abort if any of the following
>+commands fail:
>+.Ic get , put , rename , ln ,
>+.Ic rm , mkdir , chdir , ls ,
>+.Ic lchdir , chmod , chown , chgrp , lpwd
>+and
>+.Ic lmkdir .
>+Termination on error can be suppressed on a command by command basis by
>+prefixing the command with a
>+.Sq \-
>+character (for example,
>+.Ic -rm /tmp/blah* ) .
>+.It Fl C
>+Enables compression (via ssh's
>+.Fl C
>+flag).
>+.It Fl F Ar ssh_config
>+Specifies an alternative
>+per-user configuration file for
>+.Xr ssh 1 .
>+This option is directly passed to
>+.Xr ssh 1 .
>+.It Fl o Ar ssh_option
>+Can be used to pass options to
>+.Nm ssh
>+in the format used in
>+.Xr ssh_config 5 .
>+This is useful for specifying options
>+for which there is no separate
>+.Nm sftp
>+command-line flag.
>+For example, to specify an alternate port use:
>+.Ic sftp -oPort=24 .
>+For full details of the options listed below, and their possible values, see
>+.Xr ssh_config 5 .
>+.Pp
>+.Bl -tag -width Ds -offset indent -compact
>+.It AddressFamily
>+.It BatchMode
>+.It BindAddress
>+.It ChallengeResponseAuthentication
>+.It CheckHostIP
>+.It Cipher
>+.It Ciphers
>+.It Compression
>+.It CompressionLevel
>+.It ConnectionAttempts
>+.It ConnectTimeout
>+.It ControlMaster
>+.It ControlPath
>+.It GlobalKnownHostsFile
>+.It GSSAPIAuthentication
>+.It GSSAPIDelegateCredentials
>+.It HashKnownHosts
>+.It Host
>+.It HostbasedAuthentication
>+.It HostKeyAlgorithms
>+.It HostKeyAlias
>+.It HostName
>+.It IdentityFile
>+.It IdentitiesOnly
>+.It KbdInteractiveDevices
>+.It LogLevel
>+.It MACs
>+.It NoHostAuthenticationForLocalhost
>+.It NumberOfPasswordPrompts
>+.It PasswordAuthentication
>+.It Port
>+.It PreferredAuthentications
>+.It Protocol
>+.It ProxyCommand
>+.It PubkeyAuthentication
>+.It RekeyLimit
>+.It RhostsRSAAuthentication
>+.It RSAAuthentication
>+.It SendEnv
>+.It ServerAliveInterval
>+.It ServerAliveCountMax
>+.It SmartcardDevice
>+.It StrictHostKeyChecking
>+.It TCPKeepAlive
>+.It UsePrivilegedPort
>+.It User
>+.It UserKnownHostsFile
>+.It VerifyHostKeyDNS
>+.El
>+.It Fl P Ar sftp_server_path
>+Connect directly to a local sftp server
>+(rather than via
>+.Xr ssh 1 ) .
>+This option may be useful in debugging the client and server.
>+.It Fl R Ar num_requests
>+Specify how many requests may be outstanding at any one time.
>+Increasing this may slightly improve file transfer speed
>+but will increase memory usage.
>+The default is 16 outstanding requests.
>+.It Fl S Ar program
>+Name of the
>+.Ar program
>+to use for the encrypted connection.
>+The program must understand
>+.Xr ssh 1
>+options.
>+.It Fl s Ar subsystem | sftp_server
>+Specifies the SSH2 subsystem or the path for an sftp server
>+on the remote host.
>+A path is useful for using
>+.Nm
>+over protocol version 1, or when the remote
>+.Xr sshd 8
>+does not have an sftp subsystem configured.
>+.It Fl v
>+Raise logging level.
>+This option is also passed to ssh.
>+.El
>+.Sh INTERACTIVE COMMANDS
>+Once in interactive mode,
>+.Nm
>+understands a set of commands similar to those of
>+.Xr ftp 1 .
>+Commands are case insensitive.
>+Pathnames that contain spaces must be enclosed in quotes.
>+Any special characters contained within pathnames that are recognized by
>+.Xr glob 3
>+must be escaped with backslashes
>+.Pq Sq \e .
>+.Bl -tag -width Ds
>+.It Ic bye
>+Quit
>+.Nm sftp .
>+.It Ic cd Ar path
>+Change remote directory to
>+.Ar path .
>+.It Ic chgrp Ar grp Ar path
>+Change group of file
>+.Ar path
>+to
>+.Ar grp .
>+.Ar path
>+may contain
>+.Xr glob 3
>+characters and may match multiple files.
>+.Ar grp
>+must be a numeric GID.
>+.It Ic chmod Ar mode Ar path
>+Change permissions of file
>+.Ar path
>+to
>+.Ar mode .
>+.Ar path
>+may contain
>+.Xr glob 3
>+characters and may match multiple files.
>+.It Ic chown Ar own Ar path
>+Change owner of file
>+.Ar path
>+to
>+.Ar own .
>+.Ar path
>+may contain
>+.Xr glob 3
>+characters and may match multiple files.
>+.Ar own
>+must be a numeric UID.
>+.It Ic exit
>+Quit
>+.Nm sftp .
>+.It Xo Ic get
>+.Op Fl P
>+.Ar remote-path
>+.Op Ar local-path
>+.Xc
>+Retrieve the
>+.Ar remote-path
>+and store it on the local machine.
>+If the local
>+path name is not specified, it is given the same name it has on the
>+remote machine.
>+.Ar remote-path
>+may contain
>+.Xr glob 3
>+characters and may match multiple files.
>+If it does and
>+.Ar local-path
>+is specified, then
>+.Ar local-path
>+must specify a directory.
>+If the
>+.Fl P
>+flag is specified, then full file permissions and access times are
>+copied too.
>+.It Ic help
>+Display help text.
>+.It Ic lcd Ar path
>+Change local directory to
>+.Ar path .
>+.It Ic lls Op Ar ls-options Op Ar path
>+Display local directory listing of either
>+.Ar path
>+or current directory if
>+.Ar path
>+is not specified.
>+.Ar ls-options
>+may contain any flags supported by the local system's
>+.Xr ls 1
>+command.
>+.Ar path
>+may contain
>+.Xr glob 3
>+characters and may match multiple files.
>+.It Ic lmkdir Ar path
>+Create local directory specified by
>+.Ar path .
>+.It Ic ln Ar oldpath Ar newpath
>+Create a symbolic link from
>+.Ar oldpath
>+to
>+.Ar newpath .
>+.It Ic lpwd
>+Print local working directory.
>+.It Xo Ic ls
>+.Op Fl 1aflnrSt
>+.Op Ar path
>+.Xc
>+Display a remote directory listing of either
>+.Ar path
>+or the current directory if
>+.Ar path
>+is not specified.
>+.Ar path
>+may contain
>+.Xr glob 3
>+characters and may match multiple files.
>+.Pp
>+The following flags are recognized and alter the behaviour of
>+.Ic ls
>+accordingly:
>+.Bl -tag -width Ds
>+.It Fl 1
>+Produce single columnar output.
>+.It Fl a
>+List files beginning with a dot
>+.Pq Sq \&. .
>+.It Fl f
>+Do not sort the listing.
>+The default sort order is lexicographical.
>+.It Fl l
>+Display additional details including permissions
>+and ownership information.
>+.It Fl n
>+Produce a long listing with user and group information presented
>+numerically.
>+.It Fl r
>+Reverse the sort order of the listing.
>+.It Fl S
>+Sort the listing by file size.
>+.It Fl t
>+Sort the listing by last modification time.
>+.El
>+.It Ic lumask Ar umask
>+Set local umask to
>+.Ar umask .
>+.It Ic mkdir Ar path
>+Create remote directory specified by
>+.Ar path .
>+.It Ic progress
>+Toggle display of progress meter.
>+.It Xo Ic put
>+.Op Fl P
>+.Ar local-path
>+.Op Ar remote-path
>+.Xc
>+Upload
>+.Ar local-path
>+and store it on the remote machine.
>+If the remote path name is not specified, it is given the same name it has
>+on the local machine.
>+.Ar local-path
>+may contain
>+.Xr glob 3
>+characters and may match multiple files.
>+If it does and
>+.Ar remote-path
>+is specified, then
>+.Ar remote-path
>+must specify a directory.
>+If the
>+.Fl P
>+flag is specified, then the file's full permission and access time are
>+copied too.
>+.It Ic pwd
>+Display remote working directory.
>+.It Ic quit
>+Quit
>+.Nm sftp .
>+.It Ic rename Ar oldpath Ar newpath
>+Rename remote file from
>+.Ar oldpath
>+to
>+.Ar newpath .
>+.It Ic rm Ar path
>+Delete remote file specified by
>+.Ar path .
>+.It Ic rmdir Ar path
>+Remove remote directory specified by
>+.Ar path .
>+.It Ic symlink Ar oldpath Ar newpath
>+Create a symbolic link from
>+.Ar oldpath
>+to
>+.Ar newpath .
>+.It Ic version
>+Display the
>+.Nm
>+protocol version.
>+.It Ic \&! Ar command
>+Execute
>+.Ar command
>+in local shell.
>+.It Ic \&!
>+Escape to local shell.
>+.It Ic \&?
>+Synonym for help.
>+.El
>+.Sh SEE ALSO
>+.Xr ftp 1 ,
>+.Xr ls 1 ,
>+.Xr scp 1 ,
>+.Xr ssh 1 ,
>+.Xr ssh-add 1 ,
>+.Xr ssh-keygen 1 ,
>+.Xr glob 3 ,
>+.Xr ssh_config 5 ,
>+.Xr sftp-server 8 ,
>+.Xr sshd 8
>+.Rs
>+.%A T. Ylonen
>+.%A S. Lehtinen
>+.%T "SSH File Transfer Protocol"
>+.%N draft-ietf-secsh-filexfer-00.txt
>+.%D January 2001
>+.%O work in progress material
>+.Re
>Binary files /home/lb/net/src/openssh-4.3p2/sftp-server and openssh-4.3p2-transproxy/sftp-server differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/sftp-server.8.out openssh-4.3p2-transproxy/sftp-server.8.out
>--- /home/lb/net/src/openssh-4.3p2/sftp-server.8.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/sftp-server.8.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,63 @@
>+.\" $OpenBSD: sftp-server.8,v 1.10 2003/10/08 08:27:36 jmc Exp $
>+.\"
>+.\" Copyright (c) 2000 Markus Friedl.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.Dd August 30, 2000
>+.Dt SFTP-SERVER 8
>+.Os
>+.Sh NAME
>+.Nm sftp-server
>+.Nd SFTP server subsystem
>+.Sh SYNOPSIS
>+.Nm sftp-server
>+.Sh DESCRIPTION
>+.Nm
>+is a program that speaks the server side of SFTP protocol
>+to stdout and expects client requests from stdin.
>+.Nm
>+is not intended to be called directly, but from
>+.Xr sshd 8
>+using the
>+.Cm Subsystem
>+option.
>+See
>+.Xr sshd_config 5
>+for more information.
>+.Sh SEE ALSO
>+.Xr sftp 1 ,
>+.Xr ssh 1 ,
>+.Xr sshd_config 5 ,
>+.Xr sshd 8
>+.Rs
>+.%A T. Ylonen
>+.%A S. Lehtinen
>+.%T "SSH File Transfer Protocol"
>+.%N draft-ietf-secsh-filexfer-00.txt
>+.%D January 2001
>+.%O work in progress material
>+.Re
>+.Sh AUTHORS
>+.An Markus Friedl Aq markus@openbsd.org
>+.Sh HISTORY
>+.Nm
>+first appeared in OpenBSD 2.8 .
>Binary files /home/lb/net/src/openssh-4.3p2/ssh and openssh-4.3p2-transproxy/ssh differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh.1.out openssh-4.3p2-transproxy/ssh.1.out
>--- /home/lb/net/src/openssh-4.3p2/ssh.1.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh.1.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,1369 @@
>+.\"  -*- nroff -*-
>+.\"
>+.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
>+.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
>+.\"                    All rights reserved
>+.\"
>+.\" As far as I am concerned, the code I have written for this software
>+.\" can be used freely for any purpose.  Any derived versions of this
>+.\" software must be clearly marked as such, and if the derived work is
>+.\" incompatible with the protocol description in the RFC file, it must be
>+.\" called by a name other than "ssh" or "Secure Shell".
>+.\"
>+.\" Copyright (c) 1999,2000 Markus Friedl.  All rights reserved.
>+.\" Copyright (c) 1999 Aaron Campbell.  All rights reserved.
>+.\" Copyright (c) 1999 Theo de Raadt.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.\" $OpenBSD: ssh.1,v 1.253 2006/01/30 13:37:49 jmc Exp $
>+.Dd September 25, 1999
>+.Dt SSH 1
>+.Os
>+.Sh NAME
>+.Nm ssh
>+.Nd OpenSSH SSH client (remote login program)
>+.Sh SYNOPSIS
>+.Nm ssh
>+.Op Fl 1246AaCfgKkMNnqsTtVvXxY
>+.Op Fl b Ar bind_address
>+.Op Fl c Ar cipher_spec
>+.Oo Fl D\ \&
>+.Sm off
>+.Oo Ar bind_address : Oc
>+.Ar port
>+.Sm on
>+.Oc
>+.Op Fl e Ar escape_char
>+.Op Fl F Ar configfile
>+.Bk -words
>+.Op Fl i Ar identity_file
>+.Ek
>+.Oo Fl L\ \&
>+.Sm off
>+.Oo Ar bind_address : Oc
>+.Ar port : host : hostport
>+.Sm on
>+.Oc
>+.Bk -words
>+.Op Fl l Ar login_name
>+.Ek
>+.Op Fl m Ar mac_spec
>+.Op Fl O Ar ctl_cmd
>+.Op Fl o Ar option
>+.Op Fl p Ar port
>+.Oo Fl R\ \&
>+.Sm off
>+.Oo Ar bind_address : Oc
>+.Ar port : host : hostport
>+.Sm on
>+.Oc
>+.Op Fl S Ar ctl_path
>+.Bk -words
>+.Op Fl w Ar tunnel : Ns Ar tunnel
>+.Oo Ar user Ns @ Oc Ns Ar hostname
>+.Op Ar command
>+.Ek
>+.Sh DESCRIPTION
>+.Nm
>+(SSH client) is a program for logging into a remote machine and for
>+executing commands on a remote machine.
>+It is intended to replace rlogin and rsh,
>+and provide secure encrypted communications between
>+two untrusted hosts over an insecure network.
>+X11 connections and arbitrary TCP ports
>+can also be forwarded over the secure channel.
>+.Pp
>+.Nm
>+connects and logs into the specified
>+.Ar hostname
>+(with optional
>+.Ar user
>+name).
>+The user must prove
>+his/her identity to the remote machine using one of several methods
>+depending on the protocol version used (see below).
>+.Pp
>+If
>+.Ar command
>+is specified,
>+it is executed on the remote host instead of a login shell.
>+.Pp
>+The options are as follows:
>+.Bl -tag -width Ds
>+.It Fl 1
>+Forces
>+.Nm
>+to try protocol version 1 only.
>+.It Fl 2
>+Forces
>+.Nm
>+to try protocol version 2 only.
>+.It Fl 4
>+Forces
>+.Nm
>+to use IPv4 addresses only.
>+.It Fl 6
>+Forces
>+.Nm
>+to use IPv6 addresses only.
>+.It Fl A
>+Enables forwarding of the authentication agent connection.
>+This can also be specified on a per-host basis in a configuration file.
>+.Pp
>+Agent forwarding should be enabled with caution.
>+Users with the ability to bypass file permissions on the remote host
>+(for the agent's Unix-domain socket)
>+can access the local agent through the forwarded connection.
>+An attacker cannot obtain key material from the agent,
>+however they can perform operations on the keys that enable them to
>+authenticate using the identities loaded into the agent.
>+.It Fl a
>+Disables forwarding of the authentication agent connection.
>+.It Fl b Ar bind_address
>+Use
>+.Ar bind_address
>+on the local machine as the source address
>+of the connection.
>+Only useful on systems with more than one address.
>+.It Fl C
>+Requests compression of all data (including stdin, stdout, stderr, and
>+data for forwarded X11 and TCP connections).
>+The compression algorithm is the same used by
>+.Xr gzip 1 ,
>+and the
>+.Dq level
>+can be controlled by the
>+.Cm CompressionLevel
>+option for protocol version 1.
>+Compression is desirable on modem lines and other
>+slow connections, but will only slow down things on fast networks.
>+The default value can be set on a host-by-host basis in the
>+configuration files; see the
>+.Cm Compression
>+option.
>+.It Fl c Ar cipher_spec
>+Selects the cipher specification for encrypting the session.
>+.Pp
>+Protocol version 1 allows specification of a single cipher.
>+The supported values are
>+.Dq 3des ,
>+.Dq blowfish ,
>+and
>+.Dq des .
>+.Ar 3des
>+(triple-des) is an encrypt-decrypt-encrypt triple with three different keys.
>+It is believed to be secure.
>+.Ar blowfish
>+is a fast block cipher; it appears very secure and is much faster than
>+.Ar 3des .
>+.Ar des
>+is only supported in the
>+.Nm
>+client for interoperability with legacy protocol 1 implementations
>+that do not support the
>+.Ar 3des
>+cipher.
>+Its use is strongly discouraged due to cryptographic weaknesses.
>+The default is
>+.Dq 3des .
>+.Pp
>+For protocol version 2,
>+.Ar cipher_spec
>+is a comma-separated list of ciphers
>+listed in order of preference.
>+The supported ciphers are:
>+3des-cbc,
>+aes128-cbc,
>+aes192-cbc,
>+aes256-cbc,
>+aes128-ctr,
>+aes192-ctr,
>+aes256-ctr,
>+arcfour128,
>+arcfour256,
>+arcfour,
>+blowfish-cbc,
>+and
>+cast128-cbc.
>+The default is:
>+.Bd -literal -offset indent
>+aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
>+arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
>+aes192-ctr,aes256-ctr
>+.Ed
>+.It Fl D Xo
>+.Sm off
>+.Oo Ar bind_address : Oc
>+.Ar port
>+.Sm on
>+.Xc
>+Specifies a local
>+.Dq dynamic
>+application-level port forwarding.
>+This works by allocating a socket to listen to
>+.Ar port
>+on the local side, optionally bound to the specified
>+.Ar bind_address .
>+Whenever a connection is made to this port, the
>+connection is forwarded over the secure channel, and the application
>+protocol is then used to determine where to connect to from the
>+remote machine.
>+Currently the SOCKS4 and SOCKS5 protocols are supported, and
>+.Nm
>+will act as a SOCKS server.
>+Only root can forward privileged ports.
>+Dynamic port forwardings can also be specified in the configuration file.
>+.Pp
>+IPv6 addresses can be specified with an alternative syntax:
>+.Sm off
>+.Xo
>+.Op Ar bind_address No /
>+.Ar port
>+.Xc
>+.Sm on
>+or by enclosing the address in square brackets.
>+Only the superuser can forward privileged ports.
>+By default, the local port is bound in accordance with the
>+.Cm GatewayPorts
>+setting.
>+However, an explicit
>+.Ar bind_address
>+may be used to bind the connection to a specific address.
>+The
>+.Ar bind_address
>+of
>+.Dq localhost
>+indicates that the listening port be bound for local use only, while an
>+empty address or
>+.Sq *
>+indicates that the port should be available from all interfaces.
>+.It Fl e Ar escape_char
>+Sets the escape character for sessions with a pty (default:
>+.Ql ~ ) .
>+The escape character is only recognized at the beginning of a line.
>+The escape character followed by a dot
>+.Pq Ql \&.
>+closes the connection;
>+followed by control-Z suspends the connection;
>+and followed by itself sends the escape character once.
>+Setting the character to
>+.Dq none
>+disables any escapes and makes the session fully transparent.
>+.It Fl F Ar configfile
>+Specifies an alternative per-user configuration file.
>+If a configuration file is given on the command line,
>+the system-wide configuration file
>+.Pq Pa /usr/etc/ssh_config
>+will be ignored.
>+The default for the per-user configuration file is
>+.Pa ~/.ssh/config .
>+.It Fl f
>+Requests
>+.Nm
>+to go to background just before command execution.
>+This is useful if
>+.Nm
>+is going to ask for passwords or passphrases, but the user
>+wants it in the background.
>+This implies
>+.Fl n .
>+The recommended way to start X11 programs at a remote site is with
>+something like
>+.Ic ssh -f host xterm .
>+.It Fl g
>+Allows remote hosts to connect to local forwarded ports.
>+.It Fl I Ar smartcard_device
>+Specify the device
>+.Nm
>+should use to communicate with a smartcard used for storing the user's
>+private RSA key.
>+This option is only available if support for smartcard devices
>+is compiled in (default is no support).
>+.It Fl i Ar identity_file
>+Selects a file from which the identity (private key) for
>+RSA or DSA authentication is read.
>+The default is
>+.Pa ~/.ssh/identity
>+for protocol version 1, and
>+.Pa ~/.ssh/id_rsa
>+and
>+.Pa ~/.ssh/id_dsa
>+for protocol version 2.
>+Identity files may also be specified on
>+a per-host basis in the configuration file.
>+It is possible to have multiple
>+.Fl i
>+options (and multiple identities specified in
>+configuration files).
>+.It Fl K
>+Enables forwarding (delegation) of GSSAPI credentials to the server.
>+.It Fl k
>+Disables forwarding (delegation) of GSSAPI credentials to the server.
>+.It Fl L Xo
>+.Sm off
>+.Oo Ar bind_address : Oc
>+.Ar port : host : hostport
>+.Sm on
>+.Xc
>+Specifies that the given port on the local (client) host is to be
>+forwarded to the given host and port on the remote side.
>+This works by allocating a socket to listen to
>+.Ar port
>+on the local side, optionally bound to the specified
>+.Ar bind_address .
>+Whenever a connection is made to this port, the
>+connection is forwarded over the secure channel, and a connection is
>+made to
>+.Ar host
>+port
>+.Ar hostport
>+from the remote machine.
>+Port forwardings can also be specified in the configuration file.
>+IPv6 addresses can be specified with an alternative syntax:
>+.Sm off
>+.Xo
>+.Op Ar bind_address No /
>+.Ar port No / Ar host No /
>+.Ar hostport
>+.Xc
>+.Sm on
>+or by enclosing the address in square brackets.
>+Only the superuser can forward privileged ports.
>+By default, the local port is bound in accordance with the
>+.Cm GatewayPorts
>+setting.
>+However, an explicit
>+.Ar bind_address
>+may be used to bind the connection to a specific address.
>+The
>+.Ar bind_address
>+of
>+.Dq localhost
>+indicates that the listening port be bound for local use only, while an
>+empty address or
>+.Sq *
>+indicates that the port should be available from all interfaces.
>+.It Fl l Ar login_name
>+Specifies the user to log in as on the remote machine.
>+This also may be specified on a per-host basis in the configuration file.
>+.It Fl M
>+Places the
>+.Nm
>+client into
>+.Dq master
>+mode for connection sharing.
>+Multiple
>+.Fl M
>+options places
>+.Nm
>+into
>+.Dq master
>+mode with confirmation required before slave connections are accepted.
>+Refer to the description of
>+.Cm ControlMaster
>+in
>+.Xr ssh_config 5
>+for details.
>+.It Fl m Ar mac_spec
>+Additionally, for protocol version 2 a comma-separated list of MAC
>+(message authentication code) algorithms can
>+be specified in order of preference.
>+See the
>+.Cm MACs
>+keyword for more information.
>+.It Fl N
>+Do not execute a remote command.
>+This is useful for just forwarding ports
>+(protocol version 2 only).
>+.It Fl n
>+Redirects stdin from
>+.Pa /dev/null
>+(actually, prevents reading from stdin).
>+This must be used when
>+.Nm
>+is run in the background.
>+A common trick is to use this to run X11 programs on a remote machine.
>+For example,
>+.Ic ssh -n shadows.cs.hut.fi emacs &
>+will start an emacs on shadows.cs.hut.fi, and the X11
>+connection will be automatically forwarded over an encrypted channel.
>+The
>+.Nm
>+program will be put in the background.
>+(This does not work if
>+.Nm
>+needs to ask for a password or passphrase; see also the
>+.Fl f
>+option.)
>+.It Fl O Ar ctl_cmd
>+Control an active connection multiplexing master process.
>+When the
>+.Fl O
>+option is specified, the
>+.Ar ctl_cmd
>+argument is interpreted and passed to the master process.
>+Valid commands are:
>+.Dq check
>+(check that the master process is running) and
>+.Dq exit
>+(request the master to exit).
>+.It Fl o Ar option
>+Can be used to give options in the format used in the configuration file.
>+This is useful for specifying options for which there is no separate
>+command-line flag.
>+For full details of the options listed below, and their possible values, see
>+.Xr ssh_config 5 .
>+.Pp
>+.Bl -tag -width Ds -offset indent -compact
>+.It AddressFamily
>+.It BatchMode
>+.It BindAddress
>+.It ChallengeResponseAuthentication
>+.It CheckHostIP
>+.It Cipher
>+.It Ciphers
>+.It ClearAllForwardings
>+.It Compression
>+.It CompressionLevel
>+.It ConnectionAttempts
>+.It ConnectTimeout
>+.It ControlMaster
>+.It ControlPath
>+.It DynamicForward
>+.It EscapeChar
>+.It ForwardAgent
>+.It ForwardX11
>+.It ForwardX11Trusted
>+.It GatewayPorts
>+.It GlobalKnownHostsFile
>+.It GSSAPIAuthentication
>+.It GSSAPIDelegateCredentials
>+.It HashKnownHosts
>+.It Host
>+.It HostbasedAuthentication
>+.It HostKeyAlgorithms
>+.It HostKeyAlias
>+.It HostName
>+.It IdentityFile
>+.It IdentitiesOnly
>+.It KbdInteractiveDevices
>+.It LocalCommand
>+.It LocalForward
>+.It LogLevel
>+.It MACs
>+.It NoHostAuthenticationForLocalhost
>+.It NumberOfPasswordPrompts
>+.It PasswordAuthentication
>+.It PermitLocalCommand
>+.It Port
>+.It PreferredAuthentications
>+.It Protocol
>+.It ProxyCommand
>+.It PubkeyAuthentication
>+.It RekeyLimit
>+.It RemoteForward
>+.It RhostsRSAAuthentication
>+.It RSAAuthentication
>+.It SendEnv
>+.It ServerAliveInterval
>+.It ServerAliveCountMax
>+.It SmartcardDevice
>+.It StrictHostKeyChecking
>+.It TCPKeepAlive
>+.It Tunnel
>+.It TunnelDevice
>+.It UsePrivilegedPort
>+.It User
>+.It UserKnownHostsFile
>+.It VerifyHostKeyDNS
>+.It XAuthLocation
>+.El
>+.It Fl p Ar port
>+Port to connect to on the remote host.
>+This can be specified on a
>+per-host basis in the configuration file.
>+.It Fl q
>+Quiet mode.
>+Causes all warning and diagnostic messages to be suppressed.
>+Only fatal errors are displayed.
>+If a second
>+.Fl q
>+is given then even fatal errors are suppressed.
>+.It Fl R Xo
>+.Sm off
>+.Oo Ar bind_address : Oc
>+.Ar port : host : hostport
>+.Sm on
>+.Xc
>+Specifies that the given port on the remote (server) host is to be
>+forwarded to the given host and port on the local side.
>+This works by allocating a socket to listen to
>+.Ar port
>+on the remote side, and whenever a connection is made to this port, the
>+connection is forwarded over the secure channel, and a connection is
>+made to
>+.Ar host
>+port
>+.Ar hostport
>+from the local machine.
>+.Pp
>+Port forwardings can also be specified in the configuration file.
>+Privileged ports can be forwarded only when
>+logging in as root on the remote machine.
>+IPv6 addresses can be specified by enclosing the address in square braces or
>+using an alternative syntax:
>+.Sm off
>+.Xo
>+.Op Ar bind_address No /
>+.Ar host No / Ar port No /
>+.Ar hostport
>+.Xc .
>+.Sm on
>+.Pp
>+By default, the listening socket on the server will be bound to the loopback
>+interface only.
>+This may be overriden by specifying a
>+.Ar bind_address .
>+An empty
>+.Ar bind_address ,
>+or the address
>+.Ql * ,
>+indicates that the remote socket should listen on all interfaces.
>+Specifying a remote
>+.Ar bind_address
>+will only succeed if the server's
>+.Cm GatewayPorts
>+option is enabled (see
>+.Xr sshd_config 5 ) .
>+.It Fl S Ar ctl_path
>+Specifies the location of a control socket for connection sharing.
>+Refer to the description of
>+.Cm ControlPath
>+and
>+.Cm ControlMaster
>+in
>+.Xr ssh_config 5
>+for details.
>+.It Fl s
>+May be used to request invocation of a subsystem on the remote system.
>+Subsystems are a feature of the SSH2 protocol which facilitate the use
>+of SSH as a secure transport for other applications (eg.\&
>+.Xr sftp 1 ) .
>+The subsystem is specified as the remote command.
>+.It Fl T
>+Disable pseudo-tty allocation.
>+.It Fl t
>+Force pseudo-tty allocation.
>+This can be used to execute arbitrary
>+screen-based programs on a remote machine, which can be very useful,
>+e.g., when implementing menu services.
>+Multiple
>+.Fl t
>+options force tty allocation, even if
>+.Nm
>+has no local tty.
>+.It Fl V
>+Display the version number and exit.
>+.It Fl v
>+Verbose mode.
>+Causes
>+.Nm
>+to print debugging messages about its progress.
>+This is helpful in
>+debugging connection, authentication, and configuration problems.
>+Multiple
>+.Fl v
>+options increase the verbosity.
>+The maximum is 3.
>+.It Fl w Ar tunnel : Ns Ar tunnel
>+Requests a
>+.Xr tun 4
>+device on the client
>+(first
>+.Ar tunnel
>+arg)
>+and server
>+(second
>+.Ar tunnel
>+arg).
>+The devices may be specified by numerical ID or the keyword
>+.Dq any ,
>+which uses the next available tunnel device.
>+See also the
>+.Cm Tunnel
>+directive in
>+.Xr ssh_config 5 .
>+.It Fl X
>+Enables X11 forwarding.
>+This can also be specified on a per-host basis in a configuration file.
>+.Pp
>+X11 forwarding should be enabled with caution.
>+Users with the ability to bypass file permissions on the remote host
>+(for the user's X authorization database)
>+can access the local X11 display through the forwarded connection.
>+An attacker may then be able to perform activities such as keystroke monitoring.
>+.Pp
>+For this reason, X11 forwarding is subjected to X11 SECURITY extension
>+restrictions by default.
>+Please refer to the
>+.Nm
>+.Fl Y
>+option and the
>+.Cm ForwardX11Trusted
>+directive in
>+.Xr ssh_config 5
>+for more information.
>+.It Fl x
>+Disables X11 forwarding.
>+.It Fl Y
>+Enables trusted X11 forwarding.
>+Trusted X11 forwardings are not subjected to the X11 SECURITY extension
>+controls.
>+.El
>+.Pp
>+.Nm
>+may additionally obtain configuration data from
>+a per-user configuration file and a system-wide configuration file.
>+The file format and configuration options are described in
>+.Xr ssh_config 5 .
>+.Pp
>+.Nm
>+exits with the exit status of the remote command or with 255
>+if an error occurred.
>+.Sh AUTHENTICATION
>+The OpenSSH SSH client supports SSH protocols 1 and 2.
>+Protocol 2 is the default, with
>+.Nm
>+falling back to protocol 1 if it detects protocol 2 is unsupported.
>+These settings may be altered using the
>+.Cm Protocol
>+option in
>+.Xr ssh_config 5 ,
>+or enforced using the
>+.Fl 1
>+and
>+.Fl 2
>+options (see above).
>+Both protocols support similar authentication methods,
>+but protocol 2 is preferred since
>+it provides additional mechanisms for confidentiality
>+(the traffic is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour)
>+and integrity (hmac-md5, hmac-sha1, hmac-ripemd160).
>+Protocol 1 lacks a strong mechanism for ensuring the
>+integrity of the connection.
>+.Pp
>+The methods available for authentication are:
>+host-based authentication,
>+public key authentication,
>+challenge-response authentication,
>+and password authentication.
>+Authentication methods are tried in the order specified above,
>+though protocol 2 has a configuration option to change the default order:
>+.Cm PreferredAuthentications .
>+.Pp
>+Host-based authentication works as follows:
>+If the machine the user logs in from is listed in
>+.Pa /etc/hosts.equiv
>+or
>+.Pa /usr/etc/shosts.equiv
>+on the remote machine, and the user names are
>+the same on both sides, or if the files
>+.Pa ~/.rhosts
>+or
>+.Pa ~/.shosts
>+exist in the user's home directory on the
>+remote machine and contain a line containing the name of the client
>+machine and the name of the user on that machine, the user is
>+considered for login.
>+Additionally, the server
>+.Em must
>+be able to verify the client's
>+host key (see the description of
>+.Pa /usr/etc/ssh_known_hosts
>+and
>+.Pa ~/.ssh/known_hosts ,
>+below)
>+for login to be permitted.
>+This authentication method closes security holes due to IP
>+spoofing, DNS spoofing, and routing spoofing.
>+[Note to the administrator:
>+.Pa /etc/hosts.equiv ,
>+.Pa ~/.rhosts ,
>+and the rlogin/rsh protocol in general, are inherently insecure and should be
>+disabled if security is desired.]
>+.Pp
>+Public key authentication works as follows:
>+The scheme is based on public-key cryptography,
>+using cryptosystems
>+where encryption and decryption are done using separate keys,
>+and it is unfeasible to derive the decryption key from the encryption key.
>+The idea is that each user creates a public/private
>+key pair for authentication purposes.
>+The server knows the public key, and only the user knows the private key.
>+.Nm
>+implements public key authentication protocol automatically,
>+using either the RSA or DSA algorithms.
>+Protocol 1 is restricted to using only RSA keys,
>+but protocol 2 may use either.
>+The
>+.Sx HISTORY
>+section of
>+.Xr ssl 8
>+contains a brief discussion of the two algorithms.
>+.Pp
>+The file
>+.Pa ~/.ssh/authorized_keys
>+lists the public keys that are permitted for logging in.
>+When the user logs in, the
>+.Nm
>+program tells the server which key pair it would like to use for
>+authentication.
>+The client proves that it has access to the private key
>+and the server checks that the corresponding public key
>+is authorized to accept the account.
>+.Pp
>+The user creates his/her key pair by running
>+.Xr ssh-keygen 1 .
>+This stores the private key in
>+.Pa ~/.ssh/identity
>+(protocol 1),
>+.Pa ~/.ssh/id_dsa
>+(protocol 2 DSA),
>+or
>+.Pa ~/.ssh/id_rsa
>+(protocol 2 RSA)
>+and stores the public key in
>+.Pa ~/.ssh/identity.pub
>+(protocol 1),
>+.Pa ~/.ssh/id_dsa.pub
>+(protocol 2 DSA),
>+or
>+.Pa ~/.ssh/id_rsa.pub
>+(protocol 2 RSA)
>+in the user's home directory.
>+The user should then copy the public key
>+to
>+.Pa ~/.ssh/authorized_keys
>+in his/her home directory on the remote machine.
>+The
>+.Pa authorized_keys
>+file corresponds to the conventional
>+.Pa ~/.rhosts
>+file, and has one key
>+per line, though the lines can be very long.
>+After this, the user can log in without giving the password.
>+.Pp
>+The most convenient way to use public key authentication may be with an
>+authentication agent.
>+See
>+.Xr ssh-agent 1
>+for more information.
>+.Pp
>+Challenge-response authentication works as follows:
>+The server sends an arbitrary
>+.Qq challenge
>+text, and prompts for a response.
>+Protocol 2 allows multiple challenges and responses;
>+protocol 1 is restricted to just one challenge/response.
>+Examples of challenge-response authentication include
>+BSD Authentication (see
>+.Xr login.conf 5 )
>+and PAM (some non-OpenBSD systems).
>+.Pp
>+Finally, if other authentication methods fail,
>+.Nm
>+prompts the user for a password.
>+The password is sent to the remote
>+host for checking; however, since all communications are encrypted,
>+the password cannot be seen by someone listening on the network.
>+.Pp
>+.Nm
>+automatically maintains and checks a database containing
>+identification for all hosts it has ever been used with.
>+Host keys are stored in
>+.Pa ~/.ssh/known_hosts
>+in the user's home directory.
>+Additionally, the file
>+.Pa /usr/etc/ssh_known_hosts
>+is automatically checked for known hosts.
>+Any new hosts are automatically added to the user's file.
>+If a host's identification ever changes,
>+.Nm
>+warns about this and disables password authentication to prevent
>+server spoofing or man-in-the-middle attacks,
>+which could otherwise be used to circumvent the encryption.
>+The
>+.Cm StrictHostKeyChecking
>+option can be used to control logins to machines whose
>+host key is not known or has changed.
>+.Pp
>+When the user's identity has been accepted by the server, the server
>+either executes the given command, or logs into the machine and gives
>+the user a normal shell on the remote machine.
>+All communication with
>+the remote command or shell will be automatically encrypted.
>+.Pp
>+If a pseudo-terminal has been allocated (normal login session), the
>+user may use the escape characters noted below.
>+.Pp
>+If no pseudo-tty has been allocated,
>+the session is transparent and can be used to reliably transfer binary data.
>+On most systems, setting the escape character to
>+.Dq none
>+will also make the session transparent even if a tty is used.
>+.Pp
>+The session terminates when the command or shell on the remote
>+machine exits and all X11 and TCP connections have been closed.
>+.Sh ESCAPE CHARACTERS
>+When a pseudo-terminal has been requested,
>+.Nm
>+supports a number of functions through the use of an escape character.
>+.Pp
>+A single tilde character can be sent as
>+.Ic ~~
>+or by following the tilde by a character other than those described below.
>+The escape character must always follow a newline to be interpreted as
>+special.
>+The escape character can be changed in configuration files using the
>+.Cm EscapeChar
>+configuration directive or on the command line by the
>+.Fl e
>+option.
>+.Pp
>+The supported escapes (assuming the default
>+.Ql ~ )
>+are:
>+.Bl -tag -width Ds
>+.It Cm ~.
>+Disconnect.
>+.It Cm ~^Z
>+Background
>+.Nm .
>+.It Cm ~#
>+List forwarded connections.
>+.It Cm ~&
>+Background
>+.Nm
>+at logout when waiting for forwarded connection / X11 sessions to terminate.
>+.It Cm ~?
>+Display a list of escape characters.
>+.It Cm ~B
>+Send a BREAK to the remote system
>+(only useful for SSH protocol version 2 and if the peer supports it).
>+.It Cm ~C
>+Open command line.
>+Currently this allows the addition of port forwardings using the
>+.Fl L
>+and
>+.Fl R
>+options (see above).
>+It also allows the cancellation of existing remote port-forwardings
>+using
>+.Fl KR Ar hostport .
>+.Ic !\& Ns Ar command
>+allows the user to execute a local command if the
>+.Ic PermitLocalCommand
>+option is enabled in
>+.Xr ssh_config 5 .
>+Basic help is available, using the
>+.Fl h
>+option.
>+.It Cm ~R
>+Request rekeying of the connection
>+(only useful for SSH protocol version 2 and if the peer supports it).
>+.El
>+.Sh TCP FORWARDING
>+Forwarding of arbitrary TCP connections over the secure channel can
>+be specified either on the command line or in a configuration file.
>+One possible application of TCP forwarding is a secure connection to a
>+mail server; another is going through firewalls.
>+.Pp
>+In the example below, we look at encrypting communication between
>+an IRC client and server, even though the IRC server does not directly
>+support encrypted communications.
>+This works as follows:
>+the user connects to the remote host using
>+.Nm ,
>+specifying a port to be used to forward connections
>+to the remote server.
>+After that it is possible to start the service which is to be encrypted
>+on the client machine,
>+connecting to the same local port,
>+and
>+.Nm
>+will encrypt and forward the connection.
>+.Pp
>+The following example tunnels an IRC session from client machine
>+.Dq 127.0.0.1
>+(localhost)
>+to remote server
>+.Dq server.example.com :
>+.Bd -literal -offset 4n
>+$ ssh -f -L 1234:localhost:6667 server.example.com sleep 10
>+$ irc -c '#users' -p 1234 pinky 127.0.0.1
>+.Ed
>+.Pp
>+This tunnels a connection to IRC server
>+.Dq server.example.com ,
>+joining channel
>+.Dq #users ,
>+nickname
>+.Dq pinky ,
>+using port 1234.
>+It doesn't matter which port is used,
>+as long as it's greater than 1023
>+(remember, only root can open sockets on privileged ports)
>+and doesn't conflict with any ports already in use.
>+The connection is forwarded to port 6667 on the remote server,
>+since that's the standard port for IRC services.
>+.Pp
>+The
>+.Fl f
>+option backgrounds
>+.Nm
>+and the remote command
>+.Dq sleep 10
>+is specified to allow an amount of time
>+(10 seconds, in the example)
>+to start the service which is to be tunnelled.
>+If no connections are made within the time specified,
>+.Nm
>+will exit.
>+.Sh X11 FORWARDING
>+If the
>+.Cm ForwardX11
>+variable is set to
>+.Dq yes
>+(or see the description of the
>+.Fl X ,
>+.Fl x ,
>+and
>+.Fl Y
>+options above)
>+and the user is using X11 (the
>+.Ev DISPLAY
>+environment variable is set), the connection to the X11 display is
>+automatically forwarded to the remote side in such a way that any X11
>+programs started from the shell (or command) will go through the
>+encrypted channel, and the connection to the real X server will be made
>+from the local machine.
>+The user should not manually set
>+.Ev DISPLAY .
>+Forwarding of X11 connections can be
>+configured on the command line or in configuration files.
>+.Pp
>+The
>+.Ev DISPLAY
>+value set by
>+.Nm
>+will point to the server machine, but with a display number greater than zero.
>+This is normal, and happens because
>+.Nm
>+creates a
>+.Dq proxy
>+X server on the server machine for forwarding the
>+connections over the encrypted channel.
>+.Pp
>+.Nm
>+will also automatically set up Xauthority data on the server machine.
>+For this purpose, it will generate a random authorization cookie,
>+store it in Xauthority on the server, and verify that any forwarded
>+connections carry this cookie and replace it by the real cookie when
>+the connection is opened.
>+The real authentication cookie is never
>+sent to the server machine (and no cookies are sent in the plain).
>+.Pp
>+If the
>+.Cm ForwardAgent
>+variable is set to
>+.Dq yes
>+(or see the description of the
>+.Fl A
>+and
>+.Fl a
>+options above) and
>+the user is using an authentication agent, the connection to the agent
>+is automatically forwarded to the remote side.
>+.Sh VERIFYING HOST KEYS
>+When connecting to a server for the first time,
>+a fingerprint of the server's public key is presented to the user
>+(unless the option
>+.Cm StrictHostKeyChecking
>+has been disabled).
>+Fingerprints can be determined using
>+.Xr ssh-keygen 1 :
>+.Pp
>+.Dl $ ssh-keygen -l -f /usr/etc/ssh_host_rsa_key
>+.Pp
>+If the fingerprint is already known,
>+it can be matched and verified,
>+and the key can be accepted.
>+If the fingerprint is unknown,
>+an alternative method of verification is available:
>+SSH fingerprints verified by DNS.
>+An additional resource record (RR),
>+SSHFP,
>+is added to a zonefile
>+and the connecting client is able to match the fingerprint
>+with that of the key presented.
>+.Pp
>+In this example, we are connecting a client to a server,
>+.Dq host.example.com .
>+The SSHFP resource records should first be added to the zonefile for
>+host.example.com:
>+.Bd -literal -offset indent
>+$ ssh-keygen -f /usr/etc/ssh_host_rsa_key.pub -r host.example.com.
>+$ ssh-keygen -f /usr/etc/ssh_host_dsa_key.pub -r host.example.com.
>+.Ed
>+.Pp
>+The output lines will have to be added to the zonefile.
>+To check that the zone is answering fingerprint queries:
>+.Pp
>+.Dl $ dig -t SSHFP host.example.com
>+.Pp
>+Finally the client connects:
>+.Bd -literal -offset indent
>+$ ssh -o "VerifyHostKeyDNS ask" host.example.com
>+[...]
>+Matching host key fingerprint found in DNS.
>+Are you sure you want to continue connecting (yes/no)?
>+.Ed
>+.Pp
>+See the
>+.Cm VerifyHostKeyDNS
>+option in
>+.Xr ssh_config 5
>+for more information.
>+.Sh SSH-BASED VIRTUAL PRIVATE NETWORKS
>+.Nm
>+contains support for Virtual Private Network (VPN) tunnelling
>+using the
>+.Xr tun 4
>+network pseudo-device,
>+allowing two networks to be joined securely.
>+The
>+.Xr sshd_config 5
>+configuration option
>+.Cm PermitTunnel
>+controls whether the server supports this,
>+and at what level (layer 2 or 3 traffic).
>+.Pp
>+The following example would connect client network 10.0.50.0/24
>+with remote network 10.0.99.0/24, provided that the SSH server
>+running on the gateway to the remote network,
>+at 192.168.1.15, allows it:
>+.Bd -literal -offset indent
>+# ssh -f -w 0:1 192.168.1.15 true
>+# ifconfig tun0 10.0.50.1 10.0.99.1 netmask 255.255.255.252
>+.Ed
>+.Pp
>+Client access may be more finely tuned via the
>+.Pa /root/.ssh/authorized_keys
>+file (see below) and the
>+.Cm PermitRootLogin
>+server option.
>+The following entry would permit connections on the first
>+.Xr tun 4
>+device from user
>+.Dq jane
>+and on the second device from user
>+.Dq john ,
>+if
>+.Cm PermitRootLogin
>+is set to
>+.Dq forced-commands-only :
>+.Bd -literal -offset 2n
>+tunnel="1",command="sh /etc/netstart tun1" ssh-rsa ... jane
>+tunnel="2",command="sh /etc/netstart tun1" ssh-rsa ... john
>+.Ed
>+.Pp
>+Since a SSH-based setup entails a fair amount of overhead,
>+it may be more suited to temporary setups,
>+such as for wireless VPNs.
>+More permanent VPNs are better provided by tools such as
>+.Xr ipsecctl 8
>+and
>+.Xr isakmpd 8 .
>+.Sh ENVIRONMENT
>+.Nm
>+will normally set the following environment variables:
>+.Bl -tag -width "SSH_ORIGINAL_COMMAND"
>+.It Ev DISPLAY
>+The
>+.Ev DISPLAY
>+variable indicates the location of the X11 server.
>+It is automatically set by
>+.Nm
>+to point to a value of the form
>+.Dq hostname:n ,
>+where
>+.Dq hostname
>+indicates the host where the shell runs, and
>+.Sq n
>+is an integer \*(Ge 1.
>+.Nm
>+uses this special value to forward X11 connections over the secure
>+channel.
>+The user should normally not set
>+.Ev DISPLAY
>+explicitly, as that
>+will render the X11 connection insecure (and will require the user to
>+manually copy any required authorization cookies).
>+.It Ev HOME
>+Set to the path of the user's home directory.
>+.It Ev LOGNAME
>+Synonym for
>+.Ev USER ;
>+set for compatibility with systems that use this variable.
>+.It Ev MAIL
>+Set to the path of the user's mailbox.
>+.It Ev PATH
>+Set to the default
>+.Ev PATH ,
>+as specified when compiling
>+.Nm .
>+.It Ev SSH_ASKPASS
>+If
>+.Nm
>+needs a passphrase, it will read the passphrase from the current
>+terminal if it was run from a terminal.
>+If
>+.Nm
>+does not have a terminal associated with it but
>+.Ev DISPLAY
>+and
>+.Ev SSH_ASKPASS
>+are set, it will execute the program specified by
>+.Ev SSH_ASKPASS
>+and open an X11 window to read the passphrase.
>+This is particularly useful when calling
>+.Nm
>+from a
>+.Pa .xsession
>+or related script.
>+(Note that on some machines it
>+may be necessary to redirect the input from
>+.Pa /dev/null
>+to make this work.)
>+.It Ev SSH_AUTH_SOCK
>+Identifies the path of a
>+.Ux Ns -domain
>+socket used to communicate with the agent.
>+.It Ev SSH_CONNECTION
>+Identifies the client and server ends of the connection.
>+The variable contains
>+four space-separated values: client IP address, client port number,
>+server IP address, and server port number.
>+.It Ev SSH_ORIGINAL_COMMAND
>+This variable contains the original command line if a forced command
>+is executed.
>+It can be used to extract the original arguments.
>+.It Ev SSH_TTY
>+This is set to the name of the tty (path to the device) associated
>+with the current shell or command.
>+If the current session has no tty,
>+this variable is not set.
>+.It Ev TZ
>+This variable is set to indicate the present time zone if it
>+was set when the daemon was started (i.e., the daemon passes the value
>+on to new connections).
>+.It Ev USER
>+Set to the name of the user logging in.
>+.El
>+.Pp
>+Additionally,
>+.Nm
>+reads
>+.Pa ~/.ssh/environment ,
>+and adds lines of the format
>+.Dq VARNAME=value
>+to the environment if the file exists and users are allowed to
>+change their environment.
>+For more information, see the
>+.Cm PermitUserEnvironment
>+option in
>+.Xr sshd_config 5 .
>+.Sh FILES
>+.Bl -tag -width Ds -compact
>+.It ~/.rhosts
>+This file is used for host-based authentication (see above).
>+On some machines this file may need to be
>+world-readable if the user's home directory is on an NFS partition,
>+because
>+.Xr sshd 8
>+reads it as root.
>+Additionally, this file must be owned by the user,
>+and must not have write permissions for anyone else.
>+The recommended
>+permission for most machines is read/write for the user, and not
>+accessible by others.
>+.Pp
>+.It ~/.shosts
>+This file is used in exactly the same way as
>+.Pa .rhosts ,
>+but allows host-based authentication without permitting login with
>+rlogin/rsh.
>+.Pp
>+.It ~/.ssh/authorized_keys
>+Lists the public keys (RSA/DSA) that can be used for logging in as this user.
>+The format of this file is described in the
>+.Xr sshd 8
>+manual page.
>+This file is not highly sensitive, but the recommended
>+permissions are read/write for the user, and not accessible by others.
>+.Pp
>+.It ~/.ssh/config
>+This is the per-user configuration file.
>+The file format and configuration options are described in
>+.Xr ssh_config 5 .
>+Because of the potential for abuse, this file must have strict permissions:
>+read/write for the user, and not accessible by others.
>+It may be group-writable provided that the group in question contains only
>+the user.
>+.Pp
>+.It ~/.ssh/environment
>+Contains additional definitions for environment variables; see
>+.Sx ENVIRONMENT ,
>+above.
>+.Pp
>+.It ~/.ssh/identity
>+.It ~/.ssh/id_dsa
>+.It ~/.ssh/id_rsa
>+Contains the private key for authentication.
>+These files
>+contain sensitive data and should be readable by the user but not
>+accessible by others (read/write/execute).
>+.Nm
>+will simply ignore a private key file if it is accessible by others.
>+It is possible to specify a passphrase when
>+generating the key which will be used to encrypt the
>+sensitive part of this file using 3DES.
>+.Pp
>+.It ~/.ssh/identity.pub
>+.It ~/.ssh/id_dsa.pub
>+.It ~/.ssh/id_rsa.pub
>+Contains the public key for authentication.
>+These files are not
>+sensitive and can (but need not) be readable by anyone.
>+.Pp
>+.It ~/.ssh/known_hosts
>+Contains a list of host keys for all hosts the user has logged into
>+that are not already in the systemwide list of known host keys.
>+See
>+.Xr sshd 8
>+for further details of the format of this file.
>+.Pp
>+.It ~/.ssh/rc
>+Commands in this file are executed by
>+.Nm
>+when the user logs in, just before the user's shell (or command) is
>+started.
>+See the
>+.Xr sshd 8
>+manual page for more information.
>+.Pp
>+.It /etc/hosts.equiv
>+This file is for host-based authentication (see above).
>+It should only be writable by root.
>+.Pp
>+.It /usr/etc/shosts.equiv
>+This file is used in exactly the same way as
>+.Pa hosts.equiv ,
>+but allows host-based authentication without permitting login with
>+rlogin/rsh.
>+.Pp
>+.It Pa /usr/etc/ssh_config
>+Systemwide configuration file.
>+The file format and configuration options are described in
>+.Xr ssh_config 5 .
>+.Pp
>+.It /usr/etc/ssh_host_key
>+.It /usr/etc/ssh_host_dsa_key
>+.It /usr/etc/ssh_host_rsa_key
>+These three files contain the private parts of the host keys
>+and are used for host-based authentication.
>+If protocol version 1 is used,
>+.Nm
>+must be setuid root, since the host key is readable only by root.
>+For protocol version 2,
>+.Nm
>+uses
>+.Xr ssh-keysign 8
>+to access the host keys,
>+eliminating the requirement that
>+.Nm
>+be setuid root when host-based authentication is used.
>+By default
>+.Nm
>+is not setuid root.
>+.Pp
>+.It /usr/etc/ssh_known_hosts
>+Systemwide list of known host keys.
>+This file should be prepared by the
>+system administrator to contain the public host keys of all machines in the
>+organization.
>+It should be world-readable.
>+See
>+.Xr sshd 8
>+for further details of the format of this file.
>+.Pp
>+.It /etc/ssh/sshrc
>+Commands in this file are executed by
>+.Nm
>+when the user logs in, just before the user's shell (or command) is started.
>+See the
>+.Xr sshd 8
>+manual page for more information.
>+.El
>+.Sh SEE ALSO
>+.Xr scp 1 ,
>+.Xr sftp 1 ,
>+.Xr ssh-add 1 ,
>+.Xr ssh-agent 1 ,
>+.Xr ssh-argv0 1 ,
>+.Xr ssh-keygen 1 ,
>+.Xr ssh-keyscan 1 ,
>+.Xr tun 4 ,
>+.Xr hosts.equiv 5 ,
>+.Xr ssh_config 5 ,
>+.Xr ssh-keysign 8 ,
>+.Xr sshd 8
>+.Rs
>+.%A T. Ylonen
>+.%A T. Kivinen
>+.%A M. Saarinen
>+.%A T. Rinne
>+.%A S. Lehtinen
>+.%T "SSH Protocol Architecture"
>+.%N draft-ietf-secsh-architecture-12.txt
>+.%D January 2002
>+.%O work in progress material
>+.Re
>+.Sh AUTHORS
>+OpenSSH is a derivative of the original and free
>+ssh 1.2.12 release by Tatu Ylonen.
>+Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
>+Theo de Raadt and Dug Song
>+removed many bugs, re-added newer features and
>+created OpenSSH.
>+Markus Friedl contributed the support for SSH
>+protocol versions 1.5 and 2.0.
>Binary files /home/lb/net/src/openssh-4.3p2/ssh-add and openssh-4.3p2-transproxy/ssh-add differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh-add.1.out openssh-4.3p2-transproxy/ssh-add.1.out
>--- /home/lb/net/src/openssh-4.3p2/ssh-add.1.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh-add.1.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,175 @@
>+.\"	$OpenBSD: ssh-add.1,v 1.43 2005/04/21 06:17:50 djm Exp $
>+.\"
>+.\"  -*- nroff -*-
>+.\"
>+.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
>+.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
>+.\"                    All rights reserved
>+.\"
>+.\" As far as I am concerned, the code I have written for this software
>+.\" can be used freely for any purpose.  Any derived versions of this
>+.\" software must be clearly marked as such, and if the derived work is
>+.\" incompatible with the protocol description in the RFC file, it must be
>+.\" called by a name other than "ssh" or "Secure Shell".
>+.\"
>+.\"
>+.\" Copyright (c) 1999,2000 Markus Friedl.  All rights reserved.
>+.\" Copyright (c) 1999 Aaron Campbell.  All rights reserved.
>+.\" Copyright (c) 1999 Theo de Raadt.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.Dd September 25, 1999
>+.Dt SSH-ADD 1
>+.Os
>+.Sh NAME
>+.Nm ssh-add
>+.Nd adds RSA or DSA identities to the authentication agent
>+.Sh SYNOPSIS
>+.Nm ssh-add
>+.Op Fl cDdLlXx
>+.Op Fl t Ar life
>+.Op Ar
>+.Nm ssh-add
>+.Fl s Ar reader
>+.Nm ssh-add
>+.Fl e Ar reader
>+.Sh DESCRIPTION
>+.Nm
>+adds RSA or DSA identities to the authentication agent,
>+.Xr ssh-agent 1 .
>+When run without arguments, it adds the files
>+.Pa ~/.ssh/id_rsa ,
>+.Pa ~/.ssh/id_dsa
>+and
>+.Pa ~/.ssh/identity .
>+Alternative file names can be given on the command line.
>+If any file requires a passphrase,
>+.Nm
>+asks for the passphrase from the user.
>+The passphrase is read from the user's tty.
>+.Nm
>+retries the last passphrase if multiple identity files are given.
>+.Pp
>+The authentication agent must be running and the
>+.Ev SSH_AUTH_SOCK
>+environment variable must contain the name of its socket for
>+.Nm
>+to work.
>+.Pp
>+The options are as follows:
>+.Bl -tag -width Ds
>+.It Fl c
>+Indicates that added identities should be subject to confirmation before
>+being used for authentication.
>+Confirmation is performed by the
>+.Ev SSH_ASKPASS
>+program mentioned below.
>+Successful confirmation is signaled by a zero exit status from the
>+.Ev SSH_ASKPASS
>+program, rather than text entered into the requester.
>+.It Fl D
>+Deletes all identities from the agent.
>+.It Fl d
>+Instead of adding the identity, removes the identity from the agent.
>+.It Fl e Ar reader
>+Remove key in smartcard
>+.Ar reader .
>+.It Fl L
>+Lists public key parameters of all identities currently represented
>+by the agent.
>+.It Fl l
>+Lists fingerprints of all identities currently represented by the agent.
>+.It Fl s Ar reader
>+Add key in smartcard
>+.Ar reader .
>+.It Fl t Ar life
>+Set a maximum lifetime when adding identities to an agent.
>+The lifetime may be specified in seconds or in a time format
>+specified in
>+.Xr sshd_config 5 .
>+.It Fl X
>+Unlock the agent.
>+.It Fl x
>+Lock the agent with a password.
>+.El
>+.Sh ENVIRONMENT
>+.Bl -tag -width Ds
>+.It Ev "DISPLAY" and "SSH_ASKPASS"
>+If
>+.Nm
>+needs a passphrase, it will read the passphrase from the current
>+terminal if it was run from a terminal.
>+If
>+.Nm
>+does not have a terminal associated with it but
>+.Ev DISPLAY
>+and
>+.Ev SSH_ASKPASS
>+are set, it will execute the program specified by
>+.Ev SSH_ASKPASS
>+and open an X11 window to read the passphrase.
>+This is particularly useful when calling
>+.Nm
>+from a
>+.Pa .xsession
>+or related script.
>+(Note that on some machines it
>+may be necessary to redirect the input from
>+.Pa /dev/null
>+to make this work.)
>+.It Ev SSH_AUTH_SOCK
>+Identifies the path of a unix-domain socket used to communicate with the
>+agent.
>+.El
>+.Sh FILES
>+.Bl -tag -width Ds
>+.It Pa ~/.ssh/identity
>+Contains the protocol version 1 RSA authentication identity of the user.
>+.It Pa ~/.ssh/id_dsa
>+Contains the protocol version 2 DSA authentication identity of the user.
>+.It Pa ~/.ssh/id_rsa
>+Contains the protocol version 2 RSA authentication identity of the user.
>+.El
>+.Pp
>+Identity files should not be readable by anyone but the user.
>+Note that
>+.Nm
>+ignores identity files if they are accessible by others.
>+.Sh DIAGNOSTICS
>+Exit status is 0 on success, 1 if the specified command fails,
>+and 2 if
>+.Nm
>+is unable to contact the authentication agent.
>+.Sh SEE ALSO
>+.Xr ssh 1 ,
>+.Xr ssh-agent 1 ,
>+.Xr ssh-keygen 1 ,
>+.Xr sshd 8
>+.Sh AUTHORS
>+OpenSSH is a derivative of the original and free
>+ssh 1.2.12 release by Tatu Ylonen.
>+Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
>+Theo de Raadt and Dug Song
>+removed many bugs, re-added newer features and
>+created OpenSSH.
>+Markus Friedl contributed the support for SSH
>+protocol versions 1.5 and 2.0.
>Binary files /home/lb/net/src/openssh-4.3p2/ssh-agent and openssh-4.3p2-transproxy/ssh-agent differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh-agent.1.out openssh-4.3p2-transproxy/ssh-agent.1.out
>--- /home/lb/net/src/openssh-4.3p2/ssh-agent.1.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh-agent.1.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,207 @@
>+.\" $OpenBSD: ssh-agent.1,v 1.43 2005/11/28 06:02:56 dtucker Exp $
>+.\"
>+.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
>+.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
>+.\"                    All rights reserved
>+.\"
>+.\" As far as I am concerned, the code I have written for this software
>+.\" can be used freely for any purpose.  Any derived versions of this
>+.\" software must be clearly marked as such, and if the derived work is
>+.\" incompatible with the protocol description in the RFC file, it must be
>+.\" called by a name other than "ssh" or "Secure Shell".
>+.\"
>+.\" Copyright (c) 1999,2000 Markus Friedl.  All rights reserved.
>+.\" Copyright (c) 1999 Aaron Campbell.  All rights reserved.
>+.\" Copyright (c) 1999 Theo de Raadt.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.Dd September 25, 1999
>+.Dt SSH-AGENT 1
>+.Os
>+.Sh NAME
>+.Nm ssh-agent
>+.Nd authentication agent
>+.Sh SYNOPSIS
>+.Nm ssh-agent
>+.Op Fl a Ar bind_address
>+.Op Fl c Li | Fl s
>+.Op Fl t Ar life
>+.Op Fl d
>+.Op Ar command Op Ar args ...
>+.Nm ssh-agent
>+.Op Fl c Li | Fl s
>+.Fl k
>+.Sh DESCRIPTION
>+.Nm
>+is a program to hold private keys used for public key authentication
>+(RSA, DSA).
>+The idea is that
>+.Nm
>+is started in the beginning of an X-session or a login session, and
>+all other windows or programs are started as clients to the ssh-agent
>+program.
>+Through use of environment variables the agent can be located
>+and automatically used for authentication when logging in to other
>+machines using
>+.Xr ssh 1 .
>+.Pp
>+The options are as follows:
>+.Bl -tag -width Ds
>+.It Fl a Ar bind_address
>+Bind the agent to the unix-domain socket
>+.Ar bind_address .
>+The default is
>+.Pa /tmp/ssh-XXXXXXXXXX/agent.<ppid> .
>+.It Fl c
>+Generate C-shell commands on
>+.Dv stdout .
>+This is the default if
>+.Ev SHELL
>+looks like it's a csh style of shell.
>+.It Fl s
>+Generate Bourne shell commands on
>+.Dv stdout .
>+This is the default if
>+.Ev SHELL
>+does not look like it's a csh style of shell.
>+.It Fl k
>+Kill the current agent (given by the
>+.Ev SSH_AGENT_PID
>+environment variable).
>+.It Fl t Ar life
>+Set a default value for the maximum lifetime of identities added to the agent.
>+The lifetime may be specified in seconds or in a time format specified in
>+.Xr sshd_config 5 .
>+A lifetime specified for an identity with
>+.Xr ssh-add 1
>+overrides this value.
>+Without this option the default maximum lifetime is forever.
>+.It Fl d
>+Debug mode.
>+When this option is specified
>+.Nm
>+will not fork.
>+.El
>+.Pp
>+If a commandline is given, this is executed as a subprocess of the agent.
>+When the command dies, so does the agent.
>+.Pp
>+The agent initially does not have any private keys.
>+Keys are added using
>+.Xr ssh-add 1 .
>+When executed without arguments,
>+.Xr ssh-add 1
>+adds the files
>+.Pa ~/.ssh/id_rsa ,
>+.Pa ~/.ssh/id_dsa
>+and
>+.Pa ~/.ssh/identity .
>+If the identity has a passphrase,
>+.Xr ssh-add 1
>+asks for the passphrase (using a small X11 application if running
>+under X11, or from the terminal if running without X).
>+It then sends the identity to the agent.
>+Several identities can be stored in the
>+agent; the agent can automatically use any of these identities.
>+.Ic ssh-add -l
>+displays the identities currently held by the agent.
>+.Pp
>+The idea is that the agent is run in the user's local PC, laptop, or
>+terminal.
>+Authentication data need not be stored on any other
>+machine, and authentication passphrases never go over the network.
>+However, the connection to the agent is forwarded over SSH
>+remote logins, and the user can thus use the privileges given by the
>+identities anywhere in the network in a secure way.
>+.Pp
>+There are two main ways to get an agent set up:
>+The first is that the agent starts a new subcommand into which some environment
>+variables are exported, eg
>+.Cm ssh-agent xterm & .
>+The second is that the agent prints the needed shell commands (either
>+.Xr sh 1
>+or
>+.Xr csh 1
>+syntax can be generated) which can be evalled in the calling shell, eg
>+.Cm eval `ssh-agent -s`
>+for Bourne-type shells such as
>+.Xr sh 1
>+or
>+.Xr ksh 1
>+and
>+.Cm eval `ssh-agent -c`
>+for
>+.Xr csh 1
>+and derivatives.
>+.Pp
>+Later
>+.Xr ssh 1
>+looks at these variables and uses them to establish a connection to the agent.
>+.Pp
>+The agent will never send a private key over its request channel.
>+Instead, operations that require a private key will be performed
>+by the agent, and the result will be returned to the requester.
>+This way, private keys are not exposed to clients using the agent.
>+.Pp
>+A unix-domain socket is created
>+and the name of this socket is stored in the
>+.Ev SSH_AUTH_SOCK
>+environment
>+variable.
>+The socket is made accessible only to the current user.
>+This method is easily abused by root or another instance of the same
>+user.
>+.Pp
>+The
>+.Ev SSH_AGENT_PID
>+environment variable holds the agent's process ID.
>+.Pp
>+The agent exits automatically when the command given on the command
>+line terminates.
>+.Sh FILES
>+.Bl -tag -width Ds
>+.It Pa ~/.ssh/identity
>+Contains the protocol version 1 RSA authentication identity of the user.
>+.It Pa ~/.ssh/id_dsa
>+Contains the protocol version 2 DSA authentication identity of the user.
>+.It Pa ~/.ssh/id_rsa
>+Contains the protocol version 2 RSA authentication identity of the user.
>+.It Pa /tmp/ssh-XXXXXXXXXX/agent.<ppid>
>+Unix-domain sockets used to contain the connection to the
>+authentication agent.
>+These sockets should only be readable by the owner.
>+The sockets should get automatically removed when the agent exits.
>+.El
>+.Sh SEE ALSO
>+.Xr ssh 1 ,
>+.Xr ssh-add 1 ,
>+.Xr ssh-keygen 1 ,
>+.Xr sshd 8
>+.Sh AUTHORS
>+OpenSSH is a derivative of the original and free
>+ssh 1.2.12 release by Tatu Ylonen.
>+Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
>+Theo de Raadt and Dug Song
>+removed many bugs, re-added newer features and
>+created OpenSSH.
>+Markus Friedl contributed the support for SSH
>+protocol versions 1.5 and 2.0.
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh_config.5.out openssh-4.3p2-transproxy/ssh_config.5.out
>--- /home/lb/net/src/openssh-4.3p2/ssh_config.5.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh_config.5.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,1063 @@
>+.\"  -*- nroff -*-
>+.\"
>+.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
>+.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
>+.\"                    All rights reserved
>+.\"
>+.\" As far as I am concerned, the code I have written for this software
>+.\" can be used freely for any purpose.  Any derived versions of this
>+.\" software must be clearly marked as such, and if the derived work is
>+.\" incompatible with the protocol description in the RFC file, it must be
>+.\" called by a name other than "ssh" or "Secure Shell".
>+.\"
>+.\" Copyright (c) 1999,2000 Markus Friedl.  All rights reserved.
>+.\" Copyright (c) 1999 Aaron Campbell.  All rights reserved.
>+.\" Copyright (c) 1999 Theo de Raadt.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.\" $OpenBSD: ssh_config.5,v 1.76 2006/01/20 11:21:45 jmc Exp $
>+.Dd September 25, 1999
>+.Dt SSH_CONFIG 5
>+.Os
>+.Sh NAME
>+.Nm ssh_config
>+.Nd OpenSSH SSH client configuration files
>+.Sh SYNOPSIS
>+.Bl -tag -width Ds -compact
>+.It Pa ~/.ssh/config
>+.It Pa /usr/etc/ssh_config
>+.El
>+.Sh DESCRIPTION
>+.Nm ssh
>+obtains configuration data from the following sources in
>+the following order:
>+.Bl -enum -offset indent -compact
>+.It
>+command-line options
>+.It
>+user's configuration file
>+.Pq Pa ~/.ssh/config
>+.It
>+system-wide configuration file
>+.Pq Pa /usr/etc/ssh_config
>+.El
>+.Pp
>+For each parameter, the first obtained value
>+will be used.
>+The configuration files contain sections separated by
>+.Dq Host
>+specifications, and that section is only applied for hosts that
>+match one of the patterns given in the specification.
>+The matched host name is the one given on the command line.
>+.Pp
>+Since the first obtained value for each parameter is used, more
>+host-specific declarations should be given near the beginning of the
>+file, and general defaults at the end.
>+.Pp
>+The configuration file has the following format:
>+.Pp
>+Empty lines and lines starting with
>+.Ql #
>+are comments.
>+.Pp
>+Otherwise a line is of the format
>+.Dq keyword arguments .
>+Configuration options may be separated by whitespace or
>+optional whitespace and exactly one
>+.Ql = ;
>+the latter format is useful to avoid the need to quote whitespace
>+when specifying configuration options using the
>+.Nm ssh ,
>+.Nm scp
>+and
>+.Nm sftp
>+.Fl o
>+option.
>+.Pp
>+The possible
>+keywords and their meanings are as follows (note that
>+keywords are case-insensitive and arguments are case-sensitive):
>+.Bl -tag -width Ds
>+.It Cm Host
>+Restricts the following declarations (up to the next
>+.Cm Host
>+keyword) to be only for those hosts that match one of the patterns
>+given after the keyword.
>+.Ql \&*
>+and
>+.Ql \&?
>+can be used as wildcards in the
>+patterns.
>+A single
>+.Ql \&*
>+as a pattern can be used to provide global
>+defaults for all hosts.
>+The host is the
>+.Ar hostname
>+argument given on the command line (i.e., the name is not converted to
>+a canonicalized host name before matching).
>+.It Cm AddressFamily
>+Specifies which address family to use when connecting.
>+Valid arguments are
>+.Dq any ,
>+.Dq inet
>+(use IPv4 only) or
>+.Dq inet6
>+(use IPv6 only).
>+.It Cm BatchMode
>+If set to
>+.Dq yes ,
>+passphrase/password querying will be disabled.
>+In addition, the 
>+.Cm ServerAliveInterval 
>+and
>+.Cm SetupTimeOut
>+options will both be set to 300 seconds by default.
>+This option is useful in scripts and other batch jobs where no user
>+is present to supply the password,
>+and where it is desirable to detect a
>+broken network swiftly.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.It Cm BindAddress
>+Use the specified address on the local machine as the source address of
>+the connection.
>+Only useful on systems with more than one address.
>+Note that this option does not work if
>+.Cm UsePrivilegedPort
>+is set to
>+.Dq yes .
>+.It Cm ChallengeResponseAuthentication
>+Specifies whether to use challenge response authentication.
>+The argument to this keyword must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq yes .
>+.It Cm CheckHostIP
>+If this flag is set to
>+.Dq yes ,
>+ssh will additionally check the host IP address in the
>+.Pa known_hosts
>+file.
>+This allows ssh to detect if a host key changed due to DNS spoofing.
>+If the option is set to
>+.Dq no ,
>+the check will not be executed.
>+The default is
>+.Dq yes .
>+.It Cm Cipher
>+Specifies the cipher to use for encrypting the session
>+in protocol version 1.
>+Currently,
>+.Dq blowfish ,
>+.Dq 3des ,
>+and
>+.Dq des
>+are supported.
>+.Ar des
>+is only supported in the
>+.Nm ssh
>+client for interoperability with legacy protocol 1 implementations
>+that do not support the
>+.Ar 3des
>+cipher.
>+Its use is strongly discouraged due to cryptographic weaknesses.
>+The default is
>+.Dq 3des .
>+.It Cm Ciphers
>+Specifies the ciphers allowed for protocol version 2
>+in order of preference.
>+Multiple ciphers must be comma-separated.
>+The supported ciphers are
>+.Dq 3des-cbc ,
>+.Dq aes128-cbc ,
>+.Dq aes192-cbc ,
>+.Dq aes256-cbc ,
>+.Dq aes128-ctr ,
>+.Dq aes192-ctr ,
>+.Dq aes256-ctr ,
>+.Dq arcfour128 ,
>+.Dq arcfour256 ,
>+.Dq arcfour ,
>+.Dq blowfish-cbc ,
>+and
>+.Dq cast128-cbc .
>+The default is
>+.Bd -literal
>+  ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
>+    arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
>+    aes192-ctr,aes256-ctr''
>+.Ed
>+.It Cm ClearAllForwardings
>+Specifies that all local, remote and dynamic port forwardings
>+specified in the configuration files or on the command line be
>+cleared.
>+This option is primarily useful when used from the
>+.Nm ssh
>+command line to clear port forwardings set in
>+configuration files, and is automatically set by
>+.Xr scp 1
>+and
>+.Xr sftp 1 .
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.It Cm Compression
>+Specifies whether to use compression.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.It Cm CompressionLevel
>+Specifies the compression level to use if compression is enabled.
>+The argument must be an integer from 1 (fast) to 9 (slow, best).
>+The default level is 6, which is good for most applications.
>+The meaning of the values is the same as in
>+.Xr gzip 1 .
>+Note that this option applies to protocol version 1 only.
>+.It Cm ConnectionAttempts
>+Specifies the number of tries (one per second) to make before exiting.
>+The argument must be an integer.
>+This may be useful in scripts if the connection sometimes fails.
>+The default is 1.
>+.It Cm ConnectTimeout
>+Specifies the timeout (in seconds) used when connecting to the ssh
>+server, instead of using the default system TCP timeout.
>+This value is used only when the target is down or really unreachable,
>+not when it refuses the connection.
>+.It Cm ControlMaster
>+Enables the sharing of multiple sessions over a single network connection.
>+When set to
>+.Dq yes
>+.Nm ssh
>+will listen for connections on a control socket specified using the
>+.Cm ControlPath
>+argument.
>+Additional sessions can connect to this socket using the same
>+.Cm ControlPath
>+with
>+.Cm ControlMaster
>+set to
>+.Dq no
>+(the default).
>+These sessions will try to reuse the master instance's network connection
>+rather than initiating new ones, but will fall back to connecting normally
>+if the control socket does not exist, or is not listening.
>+.Pp
>+Setting this to
>+.Dq ask
>+will cause
>+.Nm ssh
>+to listen for control connections, but require confirmation using the
>+.Ev SSH_ASKPASS
>+program before they are accepted (see
>+.Xr ssh-add 1
>+for details).
>+If the
>+.Cm ControlPath
>+can not be opened,
>+.Nm ssh
>+will continue without connecting to a master instance.
>+.Pp
>+X11 and
>+.Xr ssh-agent 1
>+forwarding is supported over these multiplexed connections, however the
>+display and agent forwarded will be the one belonging to the master
>+connection i.e. it is not possible to forward multiple displays or agents.
>+.Pp
>+Two additional options allow for opportunistic multiplexing: try to use a
>+master connection but fall back to creating a new one if one does not already
>+exist.
>+These options are:
>+.Dq auto
>+and
>+.Dq autoask .
>+The latter requires confirmation like the
>+.Dq ask
>+option.
>+.It Cm ControlPath
>+Specify the path to the control socket used for connection sharing as described
>+in the
>+.Cm ControlMaster
>+section above or the string
>+.Dq none
>+to disable connection sharing.
>+In the path,
>+.Ql %h
>+will be substituted by the target host name,
>+.Ql %p
>+the port and
>+.Ql %r
>+by the remote login username.
>+It is recommended that any
>+.Cm ControlPath
>+used for opportunistic connection sharing include
>+all three of these escape sequences.
>+This ensures that shared connections are uniquely identified.
>+.It Cm DynamicForward
>+Specifies that a TCP port on the local machine be forwarded
>+over the secure channel, and the application
>+protocol is then used to determine where to connect to from the
>+remote machine.
>+.Pp
>+The argument must be
>+.Sm off
>+.Oo Ar bind_address : Oc Ar port .
>+.Sm on
>+IPv6 addresses can be specified by enclosing addresses in square brackets or
>+by using an alternative syntax:
>+.Oo Ar bind_address Ns / Oc Ns Ar port .
>+By default, the local port is bound in accordance with the
>+.Cm GatewayPorts
>+setting.
>+However, an explicit
>+.Ar bind_address
>+may be used to bind the connection to a specific address.
>+The
>+.Ar bind_address
>+of
>+.Dq localhost
>+indicates that the listening port be bound for local use only, while an
>+empty address or
>+.Sq *
>+indicates that the port should be available from all interfaces.
>+.Pp
>+Currently the SOCKS4 and SOCKS5 protocols are supported, and
>+.Nm ssh
>+will act as a SOCKS server.
>+Multiple forwardings may be specified, and
>+additional forwardings can be given on the command line.
>+Only the superuser can forward privileged ports.
>+.It Cm EnableSSHKeysign
>+Setting this option to
>+.Dq yes
>+in the global client configuration file
>+.Pa /usr/etc/ssh_config
>+enables the use of the helper program
>+.Xr ssh-keysign 8
>+during
>+.Cm HostbasedAuthentication .
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+This option should be placed in the non-hostspecific section.
>+See
>+.Xr ssh-keysign 8
>+for more information.
>+.It Cm EscapeChar
>+Sets the escape character (default:
>+.Ql ~ ) .
>+The escape character can also
>+be set on the command line.
>+The argument should be a single character,
>+.Ql ^
>+followed by a letter, or
>+.Dq none
>+to disable the escape
>+character entirely (making the connection transparent for binary
>+data).
>+.It Cm ForwardAgent
>+Specifies whether the connection to the authentication agent (if any)
>+will be forwarded to the remote machine.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.Pp
>+Agent forwarding should be enabled with caution.
>+Users with the ability to bypass file permissions on the remote host
>+(for the agent's Unix-domain socket)
>+can access the local agent through the forwarded connection.
>+An attacker cannot obtain key material from the agent,
>+however they can perform operations on the keys that enable them to
>+authenticate using the identities loaded into the agent.
>+.It Cm ForwardX11
>+Specifies whether X11 connections will be automatically redirected
>+over the secure channel and
>+.Ev DISPLAY
>+set.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.Pp
>+X11 forwarding should be enabled with caution.
>+Users with the ability to bypass file permissions on the remote host
>+(for the user's X11 authorization database)
>+can access the local X11 display through the forwarded connection.
>+An attacker may then be able to perform activities such as keystroke monitoring
>+if the
>+.Cm ForwardX11Trusted
>+option is also enabled.
>+.It Cm ForwardX11Trusted
>+If this option is set to
>+.Dq yes
>+then remote X11 clients will have full access to the original X11 display.
>+.Pp
>+If this option is set to
>+.Dq no
>+then remote X11 clients will be considered untrusted and prevented
>+from stealing or tampering with data belonging to trusted X11
>+clients.
>+Furthermore, the
>+.Xr xauth 1
>+token used for the session will be set to expire after 20 minutes.
>+Remote clients will be refused access after this time.
>+.Pp
>+The default is
>+.Dq yes
>+(Debian-specific).
>+.Pp
>+See the X11 SECURITY extension specification for full details on
>+the restrictions imposed on untrusted clients.
>+.It Cm GatewayPorts
>+Specifies whether remote hosts are allowed to connect to local
>+forwarded ports.
>+By default,
>+.Nm ssh
>+binds local port forwardings to the loopback address.
>+This prevents other remote hosts from connecting to forwarded ports.
>+.Cm GatewayPorts
>+can be used to specify that
>+.Nm ssh
>+should bind local port forwardings to the wildcard address,
>+thus allowing remote hosts to connect to forwarded ports.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.It Cm GlobalKnownHostsFile
>+Specifies a file to use for the global
>+host key database instead of
>+.Pa /usr/etc/ssh_known_hosts .
>+.It Cm GSSAPIAuthentication
>+Specifies whether user authentication based on GSSAPI is allowed.
>+The default is
>+.Dq no .
>+Note that this option applies to protocol version 2 only.
>+.It Cm GSSAPIDelegateCredentials
>+Forward (delegate) credentials to the server.
>+The default is
>+.Dq no .
>+Note that this option applies to protocol version 2 only.
>+.It Cm GSSAPITrustDns
>+Set to 
>+.Dq yes to indicate that the DNS is trusted to securely canonicalize
>+the name of the host being connected to. If 
>+.Dq no, the hostname entered on the
>+command line will be passed untouched to the GSSAPI library.
>+The default is
>+.Dq no .
>+This option only applies to protocol version 2 connections using GSSAPI 
>+key exchange.
>+.It Cm HashKnownHosts
>+Indicates that
>+.Nm ssh
>+should hash host names and addresses when they are added to
>+.Pa ~/.ssh/known_hosts .
>+These hashed names may be used normally by
>+.Nm ssh
>+and
>+.Nm sshd ,
>+but they do not reveal identifying information should the file's contents
>+be disclosed.
>+The default is
>+.Dq no .
>+Note that hashing of names and addresses will not be retrospectively applied
>+to existing known hosts files, but these may be manually hashed using
>+.Xr ssh-keygen 1 .
>+.It Cm HostbasedAuthentication
>+Specifies whether to try rhosts based authentication with public key
>+authentication.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+This option applies to protocol version 2 only and
>+is similar to
>+.Cm RhostsRSAAuthentication .
>+.It Cm HostKeyAlgorithms
>+Specifies the protocol version 2 host key algorithms
>+that the client wants to use in order of preference.
>+The default for this option is:
>+.Dq ssh-rsa,ssh-dss .
>+.It Cm HostKeyAlias
>+Specifies an alias that should be used instead of the
>+real host name when looking up or saving the host key
>+in the host key database files.
>+This option is useful for tunneling ssh connections
>+or for multiple servers running on a single host.
>+.It Cm HostName
>+Specifies the real host name to log into.
>+This can be used to specify nicknames or abbreviations for hosts.
>+Default is the name given on the command line.
>+Numeric IP addresses are also permitted (both on the command line and in
>+.Cm HostName
>+specifications).
>+.It Cm IdentitiesOnly
>+Specifies that
>+.Nm ssh
>+should only use the authentication identity files configured in the
>+.Nm
>+files,
>+even if the
>+.Nm ssh-agent
>+offers more identities.
>+The argument to this keyword must be
>+.Dq yes
>+or
>+.Dq no .
>+This option is intended for situations where
>+.Nm ssh-agent
>+offers many different identities.
>+The default is
>+.Dq no .
>+.It Cm IdentityFile
>+Specifies a file from which the user's RSA or DSA authentication identity
>+is read.
>+The default is
>+.Pa ~/.ssh/identity
>+for protocol version 1, and
>+.Pa ~/.ssh/id_rsa
>+and
>+.Pa ~/.ssh/id_dsa
>+for protocol version 2.
>+Additionally, any identities represented by the authentication agent
>+will be used for authentication.
>+The file name may use the tilde
>+syntax to refer to a user's home directory.
>+It is possible to have
>+multiple identity files specified in configuration files; all these
>+identities will be tried in sequence.
>+.It Cm KbdInteractiveDevices
>+Specifies the list of methods to use in keyboard-interactive authentication.
>+Multiple method names must be comma-separated.
>+The default is to use the server specified list.
>+.It Cm LocalCommand
>+Specifies a command to execute on the local machine after successfully
>+connecting to the server.
>+The command string extends to the end of the line, and is executed with
>+.Pa /bin/sh .
>+This directive is ignored unless
>+.Cm PermitLocalCommand
>+has been enabled.
>+.It Cm LocalForward
>+Specifies that a TCP port on the local machine be forwarded over
>+the secure channel to the specified host and port from the remote machine.
>+The first argument must be
>+.Sm off
>+.Oo Ar bind_address : Oc Ar port
>+.Sm on
>+and the second argument must be
>+.Ar host : Ns Ar hostport .
>+IPv6 addresses can be specified by enclosing addresses in square brackets or
>+by using an alternative syntax:
>+.Oo Ar bind_address Ns / Oc Ns Ar port
>+and
>+.Ar host Ns / Ns Ar hostport .
>+Multiple forwardings may be specified, and additional forwardings can be
>+given on the command line.
>+Only the superuser can forward privileged ports.
>+By default, the local port is bound in accordance with the
>+.Cm GatewayPorts
>+setting.
>+However, an explicit
>+.Ar bind_address
>+may be used to bind the connection to a specific address.
>+The
>+.Ar bind_address
>+of
>+.Dq localhost
>+indicates that the listening port be bound for local use only, while an
>+empty address or
>+.Sq *
>+indicates that the port should be available from all interfaces.
>+.It Cm LogLevel
>+Gives the verbosity level that is used when logging messages from
>+.Nm ssh .
>+The possible values are:
>+QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.
>+The default is INFO.
>+DEBUG and DEBUG1 are equivalent.
>+DEBUG2 and DEBUG3 each specify higher levels of verbose output.
>+.It Cm MACs
>+Specifies the MAC (message authentication code) algorithms
>+in order of preference.
>+The MAC algorithm is used in protocol version 2
>+for data integrity protection.
>+Multiple algorithms must be comma-separated.
>+The default is
>+.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 .
>+.It Cm NoHostAuthenticationForLocalhost
>+This option can be used if the home directory is shared across machines.
>+In this case localhost will refer to a different machine on each of
>+the machines and the user will get many warnings about changed host keys.
>+However, this option disables host authentication for localhost.
>+The argument to this keyword must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is to check the host key for localhost.
>+.It Cm NumberOfPasswordPrompts
>+Specifies the number of password prompts before giving up.
>+The argument to this keyword must be an integer.
>+Default is 3.
>+.It Cm PasswordAuthentication
>+Specifies whether to use password authentication.
>+The argument to this keyword must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq yes .
>+.It Cm PermitLocalCommand
>+Allow local command execution via the
>+.Ic LocalCommand
>+option or using the
>+.Ic !\& Ns Ar command
>+escape sequence in
>+.Xr ssh 1 .
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.It Cm Port
>+Specifies the port number to connect on the remote host.
>+Default is 22.
>+.It Cm PreferredAuthentications
>+Specifies the order in which the client should try protocol 2
>+authentication methods.
>+This allows a client to prefer one method (e.g.\&
>+.Cm keyboard-interactive )
>+over another method (e.g.\&
>+.Cm password )
>+The default for this option is:
>+.Dq hostbased,publickey,keyboard-interactive,password .
>+.It Cm Protocol
>+Specifies the protocol versions
>+.Nm ssh
>+should support in order of preference.
>+The possible values are
>+.Dq 1
>+and
>+.Dq 2 .
>+Multiple versions must be comma-separated.
>+The default is
>+.Dq 2,1 .
>+This means that
>+.Nm ssh
>+tries version 2 and falls back to version 1
>+if version 2 is not available.
>+.It Cm ProxyCommand
>+Specifies the command to use to connect to the server.
>+The command
>+string extends to the end of the line, and is executed with
>+.Pa /bin/sh .
>+In the command string,
>+.Ql %h
>+will be substituted by the host name to
>+connect and
>+.Ql %p
>+by the port.
>+The command can be basically anything,
>+and should read from its standard input and write to its standard output.
>+It should eventually connect an
>+.Xr sshd 8
>+server running on some machine, or execute
>+.Ic sshd -i
>+somewhere.
>+Host key management will be done using the
>+HostName of the host being connected (defaulting to the name typed by
>+the user).
>+Setting the command to
>+.Dq none
>+disables this option entirely.
>+Note that
>+.Cm CheckHostIP
>+is not available for connects with a proxy command.
>+.Pp
>+This directive is useful in conjunction with
>+.Xr nc 1
>+and its proxy support.
>+For example, the following directive would connect via an HTTP proxy at
>+192.0.2.0:
>+.Bd -literal -offset 3n
>+ProxyCommand /usr/bin/nc -X connect -x 192.0.2.0:8080 %h %p
>+.Ed
>+.It Cm PubkeyAuthentication
>+Specifies whether to try public key authentication.
>+The argument to this keyword must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq yes .
>+This option applies to protocol version 2 only.
>+.It Cm RekeyLimit
>+Specifies the maximum amount of data that may be transmitted before the
>+session key is renegotiated.
>+The argument is the number of bytes, with an optional suffix of
>+.Sq K ,
>+.Sq M ,
>+or
>+.Sq G
>+to indicate Kilobytes, Megabytes, or Gigabytes, respectively.
>+The default is between
>+.Dq 1G
>+and
>+.Dq 4G ,
>+depending on the cipher.
>+This option applies to protocol version 2 only.
>+.It Cm RemoteForward
>+Specifies that a TCP port on the remote machine be forwarded over
>+the secure channel to the specified host and port from the local machine.
>+The first argument must be
>+.Sm off
>+.Oo Ar bind_address : Oc Ar port
>+.Sm on
>+and the second argument must be
>+.Ar host : Ns Ar hostport .
>+IPv6 addresses can be specified by enclosing addresses in square brackets
>+or by using an alternative syntax:
>+.Oo Ar bind_address Ns / Oc Ns Ar port
>+and
>+.Ar host Ns / Ns Ar hostport .
>+Multiple forwardings may be specified, and additional
>+forwardings can be given on the command line.
>+Only the superuser can forward privileged ports.
>+.Pp
>+If the
>+.Ar bind_address
>+is not specified, the default is to only bind to loopback addresses.
>+If the
>+.Ar bind_address
>+is
>+.Ql *
>+or an empty string, then the forwarding is requested to listen on all
>+interfaces.
>+Specifying a remote
>+.Ar bind_address
>+will only succeed if the server's
>+.Cm GatewayPorts
>+option is enabled (see
>+.Xr sshd_config 5 ) .
>+.It Cm RhostsRSAAuthentication
>+Specifies whether to try rhosts based authentication with RSA host
>+authentication.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+This option applies to protocol version 1 only and requires
>+.Nm ssh
>+to be setuid root.
>+.It Cm RSAAuthentication
>+Specifies whether to try RSA authentication.
>+The argument to this keyword must be
>+.Dq yes
>+or
>+.Dq no .
>+RSA authentication will only be
>+attempted if the identity file exists, or an authentication agent is
>+running.
>+The default is
>+.Dq yes .
>+Note that this option applies to protocol version 1 only.
>+.It Cm SendEnv
>+Specifies what variables from the local
>+.Xr environ 7
>+should be sent to the server.
>+Note that environment passing is only supported for protocol 2, the
>+server must also support it, and the server must be configured to
>+accept these environment variables.
>+Refer to
>+.Cm AcceptEnv
>+in
>+.Xr sshd_config 5
>+for how to configure the server.
>+Variables are specified by name, which may contain the wildcard characters
>+.Ql \&*
>+and
>+.Ql \&? .
>+Multiple environment variables may be separated by whitespace or spread
>+across multiple
>+.Cm SendEnv
>+directives.
>+The default is not to send any environment variables.
>+.It Cm ServerAliveCountMax
>+Sets the number of server alive messages (see below) which may be
>+sent without
>+.Nm ssh
>+receiving any messages back from the server.
>+If this threshold is reached while server alive messages are being sent,
>+.Nm ssh
>+will disconnect from the server, terminating the session.
>+It is important to note that the use of server alive messages is very
>+different from
>+.Cm TCPKeepAlive
>+(below).
>+The server alive messages are sent through the encrypted channel
>+and therefore will not be spoofable.
>+The TCP keepalive option enabled by
>+.Cm TCPKeepAlive
>+is spoofable.
>+The server alive mechanism is valuable when the client or
>+server depend on knowing when a connection has become inactive.
>+.Pp
>+The default value is 3.
>+If, for example,
>+.Cm ServerAliveInterval
>+(see below) is set to 15, and
>+.Cm ServerAliveCountMax
>+is left at the default, if the server becomes unresponsive ssh
>+will disconnect after approximately 45 seconds.
>+This option works when using protocol version 2 only; in protocol version
>+1 there is no mechanism to request a response from the server to the
>+server alive messages, so disconnection is the responsibility of the TCP
>+stack.
>+.It Cm ServerAliveInterval
>+Sets a timeout interval in seconds after which if no data has been received
>+from the server,
>+.Nm ssh
>+will send a message through the encrypted
>+channel to request a response from the server.
>+The default
>+is 0, indicating that these messages will not be sent to the server,
>+or 300 if the
>+.Cm BatchMode
>+option is set.
>+This option applies to protocol version 2 only.
>+.Cm ProtocolKeepAlives
>+is a Debian-specific compatibility alias for this option.
>+.It Cm SetupTimeOut
>+Normally,
>+.Nm ssh
>+blocks indefinitely whilst waiting to receive the ssh banner and other
>+setup protocol from the server, during the session setup.
>+This can cause
>+.Nm ssh
>+to hang under certain circumstances.
>+If this option is set,
>+.Nm ssh
>+will give up if no data from the server is received for the specified
>+number of seconds.
>+The argument must be an integer.
>+The default is 0 (disabled), or 300 if
>+.Cm BatchMode
>+is set.
>+This is a Debian-specific option.
>+.It Cm SmartcardDevice
>+Specifies which smartcard device to use.
>+The argument to this keyword is the device
>+.Nm ssh
>+should use to communicate with a smartcard used for storing the user's
>+private RSA key.
>+By default, no device is specified and smartcard support is not activated.
>+.It Cm StrictHostKeyChecking
>+If this flag is set to
>+.Dq yes ,
>+.Nm ssh
>+will never automatically add host keys to the
>+.Pa ~/.ssh/known_hosts
>+file, and refuses to connect to hosts whose host key has changed.
>+This provides maximum protection against trojan horse attacks,
>+however, can be annoying when the
>+.Pa /usr/etc/ssh_known_hosts
>+file is poorly maintained, or connections to new hosts are
>+frequently made.
>+This option forces the user to manually
>+add all new hosts.
>+If this flag is set to
>+.Dq no ,
>+.Nm ssh
>+will automatically add new host keys to the
>+user known hosts files.
>+If this flag is set to
>+.Dq ask ,
>+new host keys
>+will be added to the user known host files only after the user
>+has confirmed that is what they really want to do, and
>+.Nm ssh
>+will refuse to connect to hosts whose host key has changed.
>+The host keys of
>+known hosts will be verified automatically in all cases.
>+The argument must be
>+.Dq yes ,
>+.Dq no
>+or
>+.Dq ask .
>+The default is
>+.Dq ask .
>+.It Cm TCPKeepAlive
>+Specifies whether the system should send TCP keepalive messages to the
>+other side.
>+If they are sent, death of the connection or crash of one
>+of the machines will be properly noticed.
>+This option only uses TCP keepalives (as opposed to using ssh level
>+keepalives), so takes a long time to notice when the connection dies.
>+As such, you probably want
>+the
>+.Cm ServerAliveInterval
>+option as well.
>+However, this means that
>+connections will die if the route is down temporarily, and some people
>+find it annoying.
>+.Pp
>+The default is
>+.Dq yes
>+(to send TCP keepalive messages), and the client will notice
>+if the network goes down or the remote host dies.
>+This is important in scripts, and many users want it too.
>+.Pp
>+To disable TCP keepalive messages, the value should be set to
>+.Dq no .
>+.It Cm Tunnel
>+Request starting
>+.Xr tun 4
>+device forwarding between the client and the server.
>+This option also allows requesting layer 2 (ethernet)
>+instead of layer 3 (point-to-point) tunneling from the server.
>+The argument must be
>+.Dq yes ,
>+.Dq point-to-point ,
>+.Dq ethernet
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.It Cm TunnelDevice
>+Force a specified
>+.Xr tun 4
>+device on the client.
>+Without this option, the next available device will be used.
>+.It Cm UsePrivilegedPort
>+Specifies whether to use a privileged port for outgoing connections.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+If set to
>+.Dq yes
>+.Nm ssh
>+must be setuid root.
>+Note that this option must be set to
>+.Dq yes
>+for
>+.Cm RhostsRSAAuthentication
>+with older servers.
>+.It Cm User
>+Specifies the user to log in as.
>+This can be useful when a different user name is used on different machines.
>+This saves the trouble of
>+having to remember to give the user name on the command line.
>+.It Cm UserKnownHostsFile
>+Specifies a file to use for the user
>+host key database instead of
>+.Pa ~/.ssh/known_hosts .
>+.It Cm VerifyHostKeyDNS
>+Specifies whether to verify the remote key using DNS and SSHFP resource
>+records.
>+If this option is set to
>+.Dq yes ,
>+the client will implicitly trust keys that match a secure fingerprint
>+from DNS.
>+Insecure fingerprints will be handled as if this option was set to
>+.Dq ask .
>+If this option is set to
>+.Dq ask ,
>+information on fingerprint match will be displayed, but the user will still
>+need to confirm new host keys according to the
>+.Cm StrictHostKeyChecking
>+option.
>+The argument must be
>+.Dq yes ,
>+.Dq no
>+or
>+.Dq ask .
>+The default is
>+.Dq no .
>+Note that this option applies to protocol version 2 only.
>+.It Cm XAuthLocation
>+Specifies the full pathname of the
>+.Xr xauth 1
>+program.
>+The default is
>+.Pa /usr/bin/xauth .
>+.El
>+.Sh FILES
>+.Bl -tag -width Ds
>+.It Pa ~/.ssh/config
>+This is the per-user configuration file.
>+The format of this file is described above.
>+This file is used by the
>+.Nm ssh
>+client.
>+Because of the potential for abuse, this file must have strict permissions:
>+read/write for the user, and not accessible by others.
>+It may be group-writable provided that the group in question contains only
>+the user.
>+.It Pa /usr/etc/ssh_config
>+Systemwide configuration file.
>+This file provides defaults for those
>+values that are not specified in the user's configuration file, and
>+for those users who do not have a configuration file.
>+This file must be world-readable.
>+.El
>+.Sh SEE ALSO
>+.Xr ssh 1
>+.Sh AUTHORS
>+OpenSSH is a derivative of the original and free
>+ssh 1.2.12 release by Tatu Ylonen.
>+Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
>+Theo de Raadt and Dug Song
>+removed many bugs, re-added newer features and
>+created OpenSSH.
>+Markus Friedl contributed the support for SSH
>+protocol versions 1.5 and 2.0.
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh_config.out openssh-4.3p2-transproxy/ssh_config.out
>--- /home/lb/net/src/openssh-4.3p2/ssh_config.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh_config.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,47 @@
>+#	$OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $
>+
>+# This is the ssh client system-wide configuration file.  See
>+# ssh_config(5) for more information.  This file provides defaults for
>+# users, and the values can be changed in per-user configuration files
>+# or on the command line.
>+
>+# Configuration data is parsed as follows:
>+#  1. command line options
>+#  2. user-specific file
>+#  3. system-wide file
>+# Any configuration value is only changed the first time it is set.
>+# Thus, host-specific definitions should be at the beginning of the
>+# configuration file, and defaults at the end.
>+
>+# Site-wide defaults for some commonly used options.  For a comprehensive
>+# list of available options, their meanings and defaults, please see the
>+# ssh_config(5) man page.
>+
>+Host *
>+#   ForwardAgent no
>+#   ForwardX11 no
>+#   ForwardX11Trusted yes
>+#   RhostsRSAAuthentication no
>+#   RSAAuthentication yes
>+#   PasswordAuthentication yes
>+#   HostbasedAuthentication no
>+#   BatchMode no
>+#   CheckHostIP yes
>+#   AddressFamily any
>+#   ConnectTimeout 0
>+#   StrictHostKeyChecking ask
>+#   IdentityFile ~/.ssh/identity
>+#   IdentityFile ~/.ssh/id_rsa
>+#   IdentityFile ~/.ssh/id_dsa
>+#   Port 22
>+#   Protocol 2,1
>+#   Cipher 3des
>+#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
>+#   EscapeChar ~
>+#   Tunnel no
>+#   TunnelDevice any:any
>+#   PermitLocalCommand no
>+    SendEnv LANG LC_*
>+    HashKnownHosts yes
>+    GSSAPIAuthentication yes
>+    GSSAPIDelegateCredentials no
>Binary files /home/lb/net/src/openssh-4.3p2/sshd and openssh-4.3p2-transproxy/sshd differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/sshd.8.out openssh-4.3p2-transproxy/sshd.8.out
>--- /home/lb/net/src/openssh-4.3p2/sshd.8.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/sshd.8.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,872 @@
>+.\"  -*- nroff -*-
>+.\"
>+.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
>+.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
>+.\"                    All rights reserved
>+.\"
>+.\" As far as I am concerned, the code I have written for this software
>+.\" can be used freely for any purpose.  Any derived versions of this
>+.\" software must be clearly marked as such, and if the derived work is
>+.\" incompatible with the protocol description in the RFC file, it must be
>+.\" called by a name other than "ssh" or "Secure Shell".
>+.\"
>+.\" Copyright (c) 1999,2000 Markus Friedl.  All rights reserved.
>+.\" Copyright (c) 1999 Aaron Campbell.  All rights reserved.
>+.\" Copyright (c) 1999 Theo de Raadt.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.\" $OpenBSD: sshd.8,v 1.215 2006/02/01 09:11:41 jmc Exp $
>+.Dd September 25, 1999
>+.Dt SSHD 8
>+.Os
>+.Sh NAME
>+.Nm sshd
>+.Nd OpenSSH SSH daemon
>+.Sh SYNOPSIS
>+.Nm sshd
>+.Bk -words
>+.Op Fl 46Ddeiqt
>+.Op Fl b Ar bits
>+.Op Fl f Ar config_file
>+.Op Fl g Ar login_grace_time
>+.Op Fl h Ar host_key_file
>+.Op Fl k Ar key_gen_time
>+.Op Fl o Ar option
>+.Op Fl p Ar port
>+.Op Fl u Ar len
>+.Ek
>+.Sh DESCRIPTION
>+.Nm
>+(OpenSSH Daemon) is the daemon program for
>+.Xr ssh 1 .
>+Together these programs replace rlogin and rsh, and
>+provide secure encrypted communications between two untrusted hosts
>+over an insecure network.
>+.Pp
>+.Nm
>+listens for connections from clients.
>+It is normally started at boot from
>+.Pa /etc/rc .
>+It forks a new
>+daemon for each incoming connection.
>+The forked daemons handle
>+key exchange, encryption, authentication, command execution,
>+and data exchange.
>+.Pp
>+.Nm
>+can be configured using command-line options or a configuration file
>+(by default
>+.Xr sshd_config 5 ) ;
>+command-line options override values specified in the
>+configuration file.
>+.Nm
>+rereads its configuration file when it receives a hangup signal,
>+.Dv SIGHUP ,
>+by executing itself with the name and options it was started with, e.g.,
>+.Pa /usr/sbin/sshd .
>+.Pp
>+The options are as follows:
>+.Bl -tag -width Ds
>+.It Fl 4
>+Forces
>+.Nm
>+to use IPv4 addresses only.
>+.It Fl 6
>+Forces
>+.Nm
>+to use IPv6 addresses only.
>+.It Fl b Ar bits
>+Specifies the number of bits in the ephemeral protocol version 1
>+server key (default 768).
>+.It Fl D
>+When this option is specified,
>+.Nm
>+will not detach and does not become a daemon.
>+This allows easy monitoring of
>+.Nm sshd .
>+.It Fl d
>+Debug mode.
>+The server sends verbose debug output to the system
>+log, and does not put itself in the background.
>+The server also will not fork and will only process one connection.
>+This option is only intended for debugging for the server.
>+Multiple
>+.Fl d
>+options increase the debugging level.
>+Maximum is 3.
>+.It Fl e
>+When this option is specified,
>+.Nm
>+will send the output to the standard error instead of the system log.
>+.It Fl f Ar configuration_file
>+Specifies the name of the configuration file.
>+The default is
>+.Pa /usr/etc/sshd_config .
>+.Nm
>+refuses to start if there is no configuration file.
>+.It Fl g Ar login_grace_time
>+Gives the grace time for clients to authenticate themselves (default
>+120 seconds).
>+If the client fails to authenticate the user within
>+this many seconds, the server disconnects and exits.
>+A value of zero indicates no limit.
>+.It Fl h Ar host_key_file
>+Specifies a file from which a host key is read.
>+This option must be given if
>+.Nm
>+is not run as root (as the normal
>+host key files are normally not readable by anyone but root).
>+The default is
>+.Pa /usr/etc/ssh_host_key
>+for protocol version 1, and
>+.Pa /usr/etc/ssh_host_rsa_key
>+and
>+.Pa /usr/etc/ssh_host_dsa_key
>+for protocol version 2.
>+It is possible to have multiple host key files for
>+the different protocol versions and host key algorithms.
>+.It Fl i
>+Specifies that
>+.Nm
>+is being run from
>+.Xr inetd 8 .
>+.Nm
>+is normally not run
>+from inetd because it needs to generate the server key before it can
>+respond to the client, and this may take tens of seconds.
>+Clients would have to wait too long if the key was regenerated every time.
>+However, with small key sizes (e.g., 512) using
>+.Nm
>+from inetd may
>+be feasible.
>+.It Fl k Ar key_gen_time
>+Specifies how often the ephemeral protocol version 1 server key is
>+regenerated (default 3600 seconds, or one hour).
>+The motivation for regenerating the key fairly
>+often is that the key is not stored anywhere, and after about an hour
>+it becomes impossible to recover the key for decrypting intercepted
>+communications even if the machine is cracked into or physically
>+seized.
>+A value of zero indicates that the key will never be regenerated.
>+.It Fl o Ar option
>+Can be used to give options in the format used in the configuration file.
>+This is useful for specifying options for which there is no separate
>+command-line flag.
>+For full details of the options, and their values, see
>+.Xr sshd_config 5 .
>+.It Fl p Ar port
>+Specifies the port on which the server listens for connections
>+(default 22).
>+Multiple port options are permitted.
>+Ports specified in the configuration file with the
>+.Cm Port
>+option are ignored when a command-line port is specified.
>+Ports specified using the
>+.Cm ListenAddress
>+option override command-line ports.
>+.It Fl q
>+Quiet mode.
>+Only fatal errors are sent to the system log.
>+Normally the beginning,
>+authentication, and termination of each connection is logged.
>+If a second 
>+.Fl q
>+is given then nothing is sent to the system log.
>+.It Fl t
>+Test mode.
>+Only check the validity of the configuration file and sanity of the keys.
>+This is useful for updating
>+.Nm
>+reliably as configuration options may change.
>+.It Fl u Ar len
>+This option is used to specify the size of the field
>+in the
>+.Li utmp
>+structure that holds the remote host name.
>+If the resolved host name is longer than
>+.Ar len ,
>+the dotted decimal value will be used instead.
>+This allows hosts with very long host names that
>+overflow this field to still be uniquely identified.
>+Specifying
>+.Fl u0
>+indicates that only dotted decimal addresses
>+should be put into the
>+.Pa utmp
>+file.
>+.Fl u0
>+may also be used to prevent
>+.Nm
>+from making DNS requests unless the authentication
>+mechanism or configuration requires it.
>+Authentication mechanisms that may require DNS include
>+.Cm RhostsRSAAuthentication ,
>+.Cm HostbasedAuthentication ,
>+and using a
>+.Cm from="pattern-list"
>+option in a key file.
>+Configuration options that require DNS include using a
>+USER@HOST pattern in
>+.Cm AllowUsers
>+or
>+.Cm DenyUsers .
>+.El
>+.Sh AUTHENTICATION
>+The OpenSSH SSH daemon supports SSH protocols 1 and 2.
>+Both protocols are supported by default,
>+though this can be changed via the
>+.Cm Protocol
>+option in
>+.Xr sshd_config 5 .
>+Protocol 2 supports both RSA and DSA keys;
>+protocol 1 only supports RSA keys.
>+For both protocols,
>+each host has a host-specific key,
>+normally 2048 bits,
>+used to identify the host.
>+.Pp
>+Forward security for protocol 1 is provided through
>+an additional server key,
>+normally 768 bits,
>+generated when the server starts.
>+This key is normally regenerated every hour if it has been used, and
>+is never stored on disk.
>+Whenever a client connects, the daemon responds with its public
>+host and server keys.
>+The client compares the
>+RSA host key against its own database to verify that it has not changed.
>+The client then generates a 256-bit random number.
>+It encrypts this
>+random number using both the host key and the server key, and sends
>+the encrypted number to the server.
>+Both sides then use this
>+random number as a session key which is used to encrypt all further
>+communications in the session.
>+The rest of the session is encrypted
>+using a conventional cipher, currently Blowfish or 3DES, with 3DES
>+being used by default.
>+The client selects the encryption algorithm
>+to use from those offered by the server.
>+.Pp
>+For protocol 2,
>+forward security is provided through a Diffie-Hellman key agreement.
>+This key agreement results in a shared session key.
>+The rest of the session is encrypted using a symmetric cipher, currently
>+128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
>+The client selects the encryption algorithm
>+to use from those offered by the server.
>+Additionally, session integrity is provided
>+through a cryptographic message authentication code
>+(hmac-sha1 or hmac-md5).
>+.Pp
>+Finally, the server and the client enter an authentication dialog.
>+The client tries to authenticate itself using
>+host-based authentication,
>+public key authentication,
>+challenge-response authentication,
>+or password authentication.
>+.Pp
>+Regardless of the authentication type, the account is checked to
>+ensure that it is accessible.  An account is not accessible if it is
>+locked, listed in
>+.Cm DenyUsers
>+or its group is listed in
>+.Cm DenyGroups
>+\&.  The definition of a locked account is system dependant. Some platforms
>+have their own account database (eg AIX) and some modify the passwd field (
>+.Ql \&*LK\&*
>+on Solaris and UnixWare,
>+.Ql \&*
>+on HP-UX, containing
>+.Ql Nologin
>+on Tru64,
>+a leading
>+.Ql \&*LOCKED\&*
>+on FreeBSD and a leading
>+.Ql \&!!
>+on Linux).  If there is a requirement to disable password authentication
>+for the account while allowing still public-key, then the passwd field
>+should be set to something other than these values (eg
>+.Ql NP
>+or
>+.Ql \&*NP\&*
>+).
>+.Pp
>+System security is not improved unless
>+.Nm rshd ,
>+.Nm rlogind ,
>+and
>+.Nm rexecd
>+are disabled (thus completely disabling
>+.Xr rlogin
>+and
>+.Xr rsh
>+into the machine).
>+.Sh COMMAND EXECUTION AND DATA FORWARDING
>+If the client successfully authenticates itself, a dialog for
>+preparing the session is entered.
>+At this time the client may request
>+things like allocating a pseudo-tty, forwarding X11 connections,
>+forwarding TCP connections, or forwarding the authentication agent
>+connection over the secure channel.
>+.Pp
>+Finally, the client either requests a shell or execution of a command.
>+The sides then enter session mode.
>+In this mode, either side may send
>+data at any time, and such data is forwarded to/from the shell or
>+command on the server side, and the user terminal in the client side.
>+.Pp
>+When the user program terminates and all forwarded X11 and other
>+connections have been closed, the server sends command exit status to
>+the client, and both sides exit.
>+.Sh LOGIN PROCESS
>+When a user successfully logs in,
>+.Nm
>+does the following:
>+.Bl -enum -offset indent
>+.It
>+If the login is on a tty, and no command has been specified,
>+prints last login time and
>+.Pa /etc/motd
>+(unless prevented in the configuration file or by
>+.Pa ~/.hushlogin ;
>+see the
>+.Sx FILES
>+section).
>+.It
>+If the login is on a tty, records login time.
>+.It
>+Checks
>+.Pa /etc/nologin ;
>+if it exists, prints contents and quits
>+(unless root).
>+.It
>+Changes to run with normal user privileges.
>+.It
>+Sets up basic environment.
>+.It
>+Reads the file
>+.Pa ~/.ssh/environment ,
>+if it exists, and users are allowed to change their environment.
>+See the
>+.Cm PermitUserEnvironment
>+option in
>+.Xr sshd_config 5 .
>+.It
>+Changes to user's home directory.
>+.It
>+If
>+.Pa ~/.ssh/rc
>+exists, runs it; else if
>+.Pa /etc/ssh/sshrc
>+exists, runs
>+it; otherwise runs xauth.
>+The
>+.Dq rc
>+files are given the X11
>+authentication protocol and cookie in standard input.
>+.It
>+Runs user's shell or command.
>+.El
>+.Sh AUTHORIZED_KEYS FILE FORMAT
>+.Pa ~/.ssh/authorized_keys
>+is the default file that lists the public keys that are
>+permitted for RSA authentication in protocol version 1
>+and for public key authentication (PubkeyAuthentication)
>+in protocol version 2.
>+.Cm AuthorizedKeysFile
>+may be used to specify an alternative file.
>+.Pp
>+Each line of the file contains one
>+key (empty lines and lines starting with a
>+.Ql #
>+are ignored as
>+comments).
>+Each RSA public key consists of the following fields, separated by
>+spaces: options, bits, exponent, modulus, comment.
>+Each protocol version 2 public key consists of:
>+options, keytype, base64 encoded key, comment.
>+The options field
>+is optional; its presence is determined by whether the line starts
>+with a number or not (the options field never starts with a number).
>+The bits, exponent, modulus and comment fields give the RSA key for
>+protocol version 1; the
>+comment field is not used for anything (but may be convenient for the
>+user to identify the key).
>+For protocol version 2 the keytype is
>+.Dq ssh-dss
>+or
>+.Dq ssh-rsa .
>+.Pp
>+Note that lines in this file are usually several hundred bytes long
>+(because of the size of the public key encoding) up to a limit of
>+8 kilobytes, which permits DSA keys up to 8 kilobits and RSA
>+keys up to 16 kilobits.
>+You don't want to type them in; instead, copy the
>+.Pa identity.pub ,
>+.Pa id_dsa.pub
>+or the
>+.Pa id_rsa.pub
>+file and edit it.
>+.Pp
>+.Nm
>+enforces a minimum RSA key modulus size for protocol 1
>+and protocol 2 keys of 768 bits.
>+.Pp
>+The options (if present) consist of comma-separated option
>+specifications.
>+No spaces are permitted, except within double quotes.
>+The following option specifications are supported (note
>+that option keywords are case-insensitive):
>+.Bl -tag -width Ds
>+.It Cm from="pattern-list"
>+Specifies that in addition to public key authentication, the canonical name
>+of the remote host must be present in the comma-separated list of
>+patterns
>+.Pf ( Ql \&*
>+and
>+.Ql \&?
>+serve as wildcards).
>+The list may also contain
>+patterns negated by prefixing them with
>+.Ql \&! ;
>+if the canonical host name matches a negated pattern, the key is not accepted.
>+The purpose
>+of this option is to optionally increase security: public key authentication
>+by itself does not trust the network or name servers or anything (but
>+the key); however, if somebody somehow steals the key, the key
>+permits an intruder to log in from anywhere in the world.
>+This additional option makes using a stolen key more difficult (name
>+servers and/or routers would have to be compromised in addition to
>+just the key).
>+.It Cm command="command"
>+Specifies that the command is executed whenever this key is used for
>+authentication.
>+The command supplied by the user (if any) is ignored.
>+The command is run on a pty if the client requests a pty;
>+otherwise it is run without a tty.
>+If an 8-bit clean channel is required,
>+one must not request a pty or should specify
>+.Cm no-pty .
>+A quote may be included in the command by quoting it with a backslash.
>+This option might be useful
>+to restrict certain public keys to perform just a specific operation.
>+An example might be a key that permits remote backups but nothing else.
>+Note that the client may specify TCP and/or X11
>+forwarding unless they are explicitly prohibited.
>+Note that this option applies to shell, command or subsystem execution.
>+.It Cm environment="NAME=value"
>+Specifies that the string is to be added to the environment when
>+logging in using this key.
>+Environment variables set this way
>+override other default environment values.
>+Multiple options of this type are permitted.
>+Environment processing is disabled by default and is
>+controlled via the
>+.Cm PermitUserEnvironment
>+option.
>+This option is automatically disabled if
>+.Cm UseLogin
>+is enabled.
>+.It Cm no-port-forwarding
>+Forbids TCP forwarding when this key is used for authentication.
>+Any port forward requests by the client will return an error.
>+This might be used, e.g., in connection with the
>+.Cm command
>+option.
>+.It Cm no-X11-forwarding
>+Forbids X11 forwarding when this key is used for authentication.
>+Any X11 forward requests by the client will return an error.
>+.It Cm no-agent-forwarding
>+Forbids authentication agent forwarding when this key is used for
>+authentication.
>+.It Cm no-pty
>+Prevents tty allocation (a request to allocate a pty will fail).
>+.It Cm permitopen="host:port"
>+Limit local
>+.Li ``ssh -L''
>+port forwarding such that it may only connect to the specified host and
>+port.
>+IPv6 addresses can be specified with an alternative syntax:
>+.Ar host Ns / Ns Ar port .
>+Multiple
>+.Cm permitopen
>+options may be applied separated by commas.
>+No pattern matching is performed on the specified hostnames,
>+they must be literal domains or addresses.
>+.It Cm tunnel="n"
>+Force a
>+.Xr tun 4
>+device on the server.
>+Without this option, the next available device will be used if
>+the client requests a tunnel.
>+.El
>+.Ss Examples
>+1024 33 12121...312314325 ylo@foo.bar
>+.Pp
>+from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23...2334 ylo@niksula
>+.Pp
>+command="dump /home",no-pty,no-port-forwarding 1024 33 23...2323 backup.hut.fi
>+.Pp
>+permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23...2323
>+.Pp
>+tunnel="0",command="sh /etc/netstart tun0" ssh-rsa AAAA...== reyk@openbsd.org
>+.Sh SSH_KNOWN_HOSTS FILE FORMAT
>+The
>+.Pa /usr/etc/ssh_known_hosts
>+and
>+.Pa ~/.ssh/known_hosts
>+files contain host public keys for all known hosts.
>+The global file should
>+be prepared by the administrator (optional), and the per-user file is
>+maintained automatically: whenever the user connects from an unknown host
>+its key is added to the per-user file.
>+.Pp
>+Each line in these files contains the following fields: hostnames,
>+bits, exponent, modulus, comment.
>+The fields are separated by spaces.
>+.Pp
>+Hostnames is a comma-separated list of patterns
>+.Pf ( Ql \&*
>+and
>+.Ql \&?
>+act as
>+wildcards); each pattern in turn is matched against the canonical host
>+name (when authenticating a client) or against the user-supplied
>+name (when authenticating a server).
>+A pattern may also be preceded by
>+.Ql \&!
>+to indicate negation: if the host name matches a negated
>+pattern, it is not accepted (by that line) even if it matched another
>+pattern on the line.
>+.Pp
>+Alternately, hostnames may be stored in a hashed form which hides host names
>+and addresses should the file's contents be disclosed.
>+Hashed hostnames start with a
>+.Ql |
>+character.
>+Only one hashed hostname may appear on a single line and none of the above
>+negation or wildcard operators may be applied.
>+.Pp
>+Bits, exponent, and modulus are taken directly from the RSA host key; they
>+can be obtained, e.g., from
>+.Pa /usr/etc/ssh_host_key.pub .
>+The optional comment field continues to the end of the line, and is not used.
>+.Pp
>+Lines starting with
>+.Ql #
>+and empty lines are ignored as comments.
>+.Pp
>+When performing host authentication, authentication is accepted if any
>+matching line has the proper key.
>+It is thus permissible (but not
>+recommended) to have several lines or different host keys for the same
>+names.
>+This will inevitably happen when short forms of host names
>+from different domains are put in the file.
>+It is possible
>+that the files contain conflicting information; authentication is
>+accepted if valid information can be found from either file.
>+.Pp
>+Note that the lines in these files are typically hundreds of characters
>+long, and you definitely don't want to type in the host keys by hand.
>+Rather, generate them by a script
>+or by taking
>+.Pa /usr/etc/ssh_host_key.pub
>+and adding the host names at the front.
>+.Ss Examples
>+.Bd -literal
>+closenet,...,130.233.208.41 1024 37 159...93 closenet.hut.fi
>+cvs.openbsd.org,199.185.137.3 ssh-rsa AAAA1234.....=
>+.Ed
>+.Bd -literal
>+# A hashed hostname
>+|1|JfKTdBh7rNbXkVAQCRp4OQoPfmI=|USECr3SWf1JUPsms5AqfD5QfxkM= ssh-rsa
>+AAAA1234.....=
>+.Ed
>+.Sh FILES
>+.Bl -tag -width Ds
>+.It Pa /usr/etc/sshd_config
>+Contains configuration data for
>+.Nm sshd .
>+The file format and configuration options are described in
>+.Xr sshd_config 5 .
>+.It Pa /usr/etc/ssh_host_key, /usr/etc/ssh_host_dsa_key, /usr/etc/ssh_host_rsa_key
>+These three files contain the private parts of the host keys.
>+These files should only be owned by root, readable only by root, and not
>+accessible to others.
>+Note that
>+.Nm
>+does not start if this file is group/world-accessible.
>+.It Pa /usr/etc/ssh_host_key.pub, /usr/etc/ssh_host_dsa_key.pub, /usr/etc/ssh_host_rsa_key.pub
>+These three files contain the public parts of the host keys.
>+These files should be world-readable but writable only by
>+root.
>+Their contents should match the respective private parts.
>+These files are not
>+really used for anything; they are provided for the convenience of
>+the user so their contents can be copied to known hosts files.
>+These files are created using
>+.Xr ssh-keygen 1 .
>+.It Pa /usr/etc/moduli
>+Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
>+The file format is described in
>+.Xr moduli 5 .
>+.It Pa /var/empty
>+.Xr chroot 2
>+directory used by
>+.Nm
>+during privilege separation in the pre-authentication phase.
>+The directory should not contain any files and must be owned by root
>+and not group or world-writable.
>+.It Pa /var/run/sshd.pid
>+Contains the process ID of the
>+.Nm
>+listening for connections (if there are several daemons running
>+concurrently for different ports, this contains the process ID of the one
>+started last).
>+The content of this file is not sensitive; it can be world-readable.
>+.It Pa ~/.ssh/authorized_keys
>+Lists the public keys (RSA or DSA) that can be used to log into the user's account.
>+This file must be readable by root (which may on some machines imply
>+it being world-readable if the user's home directory resides on an NFS
>+volume).
>+It is recommended that it not be accessible by others.
>+The format of this file is described above.
>+Users will place the contents of their
>+.Pa identity.pub ,
>+.Pa id_dsa.pub
>+and/or
>+.Pa id_rsa.pub
>+files into this file, as described in
>+.Xr ssh-keygen 1 .
>+.It Pa "/usr/etc/ssh_known_hosts", "~/.ssh/known_hosts"
>+These files are consulted when using rhosts with RSA host
>+authentication or protocol version 2 hostbased authentication
>+to check the public key of the host.
>+The key must be listed in one of these files to be accepted.
>+The client uses the same files
>+to verify that it is connecting to the correct remote host.
>+These files should be writable only by root/the owner.
>+.Pa /usr/etc/ssh_known_hosts
>+should be world-readable, and
>+.Pa ~/.ssh/known_hosts
>+can, but need not be, world-readable.
>+.It Pa /etc/motd
>+See
>+.Xr motd 5 .
>+.It Pa ~/.hushlogin
>+This file is used to suppress printing the last login time and
>+.Pa /etc/motd ,
>+if
>+.Cm PrintLastLog
>+and
>+.Cm PrintMotd ,
>+respectively,
>+are enabled.
>+It does not suppress printing of the banner specified by
>+.Cm Banner .
>+.It Pa /etc/nologin
>+If this file exists,
>+.Nm
>+refuses to let anyone except root log in.
>+The contents of the file
>+are displayed to anyone trying to log in, and non-root connections are
>+refused.
>+The file should be world-readable.
>+.It Pa /etc/hosts.allow, /etc/hosts.deny
>+Access controls that should be enforced by tcp-wrappers are defined here.
>+Further details are described in
>+.Xr hosts_access 5 .
>+.It Pa ~/.rhosts
>+This file is used during
>+.Cm RhostsRSAAuthentication
>+and
>+.Cm HostbasedAuthentication
>+and contains host-username pairs, separated by a space, one per
>+line.
>+The given user on the corresponding host is permitted to log in
>+without a password.
>+The same file is used by rlogind and rshd.
>+The file must
>+be writable only by the user; it is recommended that it not be
>+accessible by others.
>+.Pp
>+It is also possible to use netgroups in the file.
>+Either host or user
>+name may be of the form +@groupname to specify all hosts or all users
>+in the group.
>+.It Pa ~/.shosts
>+For ssh,
>+this file is exactly the same as for
>+.Pa .rhosts .
>+However, this file is
>+not used by rlogin and rshd, so using this permits access using SSH only.
>+.It Pa /etc/hosts.equiv
>+This file is used during
>+.Cm RhostsRSAAuthentication
>+and
>+.Cm HostbasedAuthentication
>+authentication.
>+In the simplest form, this file contains host names, one per line.
>+Users on
>+those hosts are permitted to log in without a password, provided they
>+have the same user name on both machines.
>+The host name may also be
>+followed by a user name; such users are permitted to log in as
>+.Em any
>+user on this machine (except root).
>+Additionally, the syntax
>+.Dq +@group
>+can be used to specify netgroups.
>+Negated entries start with
>+.Ql \&- .
>+.Pp
>+If the client host/user is successfully matched in this file, login is
>+automatically permitted provided the client and server user names are the
>+same.
>+Additionally, successful client host key authentication is required.
>+This file must be writable only by root; it is recommended
>+that it be world-readable.
>+.Pp
>+.Sy "Warning: It is almost never a good idea to use user names in"
>+.Pa hosts.equiv .
>+Beware that it really means that the named user(s) can log in as
>+.Em anybody ,
>+which includes bin, daemon, adm, and other accounts that own critical
>+binaries and directories.
>+Using a user name practically grants the user root access.
>+The only valid use for user names that I can think
>+of is in negative entries.
>+.Pp
>+Note that this warning also applies to rsh/rlogin.
>+.It Pa /usr/etc/shosts.equiv
>+This is processed exactly as
>+.Pa /etc/hosts.equiv .
>+However, this file may be useful in environments that want to run both
>+rsh/rlogin and ssh.
>+.It Pa ~/.ssh/environment
>+This file is read into the environment at login (if it exists).
>+It can only contain empty lines, comment lines (that start with
>+.Ql # ) ,
>+and assignment lines of the form name=value.
>+The file should be writable
>+only by the user; it need not be readable by anyone else.
>+Environment processing is disabled by default and is
>+controlled via the
>+.Cm PermitUserEnvironment
>+option.
>+.It Pa ~/.ssh/rc
>+If this file exists, it is run with
>+.Pa /bin/sh
>+after reading the
>+environment files but before starting the user's shell or command.
>+It must not produce any output on stdout; stderr must be used
>+instead.
>+If X11 forwarding is in use, it will receive the "proto cookie" pair in
>+its standard input (and
>+.Ev DISPLAY
>+in its environment).
>+The script must call
>+.Xr xauth 1
>+because
>+.Nm
>+will not run xauth automatically to add X11 cookies.
>+.Pp
>+The primary purpose of this file is to run any initialization routines
>+which may be needed before the user's home directory becomes
>+accessible; AFS is a particular example of such an environment.
>+.Pp
>+This file will probably contain some initialization code followed by
>+something similar to:
>+.Bd -literal
>+if read proto cookie && [ -n "$DISPLAY" ]; then
>+	if [ `echo $DISPLAY | cut -c1-10` = 'localhost:' ]; then
>+		# X11UseLocalhost=yes
>+		echo add unix:`echo $DISPLAY |
>+		    cut -c11-` $proto $cookie
>+	else
>+		# X11UseLocalhost=no
>+		echo add $DISPLAY $proto $cookie
>+	fi | xauth -q -
>+fi
>+.Ed
>+.Pp
>+If this file does not exist,
>+.Pa /etc/ssh/sshrc
>+is run, and if that
>+does not exist either, xauth is used to add the cookie.
>+.Pp
>+This file should be writable only by the user, and need not be
>+readable by anyone else.
>+.It Pa /etc/ssh/sshrc
>+Like
>+.Pa ~/.ssh/rc .
>+This can be used to specify
>+machine-specific login-time initializations globally.
>+This file should be writable only by root, and should be world-readable.
>+.El
>+.Sh SEE ALSO
>+.Xr scp 1 ,
>+.Xr sftp 1 ,
>+.Xr ssh 1 ,
>+.Xr ssh-add 1 ,
>+.Xr ssh-agent 1 ,
>+.Xr ssh-keygen 1 ,
>+.Xr chroot 2 ,
>+.Xr hosts_access 5 ,
>+.Xr login.conf 5 ,
>+.Xr moduli 5 ,
>+.Xr sshd_config 5 ,
>+.Xr inetd 8 ,
>+.Xr sftp-server 8
>+.Rs
>+.%A T. Ylonen
>+.%A T. Kivinen
>+.%A M. Saarinen
>+.%A T. Rinne
>+.%A S. Lehtinen
>+.%T "SSH Protocol Architecture"
>+.%N draft-ietf-secsh-architecture-12.txt
>+.%D January 2002
>+.%O work in progress material
>+.Re
>+.Rs
>+.%A M. Friedl
>+.%A N. Provos
>+.%A W. A. Simpson
>+.%T "Diffie-Hellman Group Exchange for the SSH Transport Layer Protocol"
>+.%N draft-ietf-secsh-dh-group-exchange-02.txt
>+.%D January 2002
>+.%O work in progress material
>+.Re
>+.Sh AUTHORS
>+OpenSSH is a derivative of the original and free
>+ssh 1.2.12 release by Tatu Ylonen.
>+Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
>+Theo de Raadt and Dug Song
>+removed many bugs, re-added newer features and
>+created OpenSSH.
>+Markus Friedl contributed the support for SSH
>+protocol versions 1.5 and 2.0.
>+Niels Provos and Markus Friedl contributed support
>+for privilege separation.
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/sshd_config.5.out openssh-4.3p2-transproxy/sshd_config.5.out
>--- /home/lb/net/src/openssh-4.3p2/sshd_config.5.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/sshd_config.5.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,851 @@
>+.\"  -*- nroff -*-
>+.\"
>+.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
>+.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
>+.\"                    All rights reserved
>+.\"
>+.\" As far as I am concerned, the code I have written for this software
>+.\" can be used freely for any purpose.  Any derived versions of this
>+.\" software must be clearly marked as such, and if the derived work is
>+.\" incompatible with the protocol description in the RFC file, it must be
>+.\" called by a name other than "ssh" or "Secure Shell".
>+.\"
>+.\" Copyright (c) 1999,2000 Markus Friedl.  All rights reserved.
>+.\" Copyright (c) 1999 Aaron Campbell.  All rights reserved.
>+.\" Copyright (c) 1999 Theo de Raadt.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.\" $OpenBSD: sshd_config.5,v 1.48 2006/01/02 17:09:49 jmc Exp $
>+.Dd September 25, 1999
>+.Dt SSHD_CONFIG 5
>+.Os
>+.Sh NAME
>+.Nm sshd_config
>+.Nd OpenSSH SSH daemon configuration file
>+.Sh SYNOPSIS
>+.Bl -tag -width Ds -compact
>+.It Pa /usr/etc/sshd_config
>+.El
>+.Sh DESCRIPTION
>+.Nm sshd
>+reads configuration data from
>+.Pa /usr/etc/sshd_config
>+(or the file specified with
>+.Fl f
>+on the command line).
>+The file contains keyword-argument pairs, one per line.
>+Lines starting with
>+.Ql #
>+and empty lines are interpreted as comments.
>+.Pp
>+The possible
>+keywords and their meanings are as follows (note that
>+keywords are case-insensitive and arguments are case-sensitive):
>+.Bl -tag -width Ds
>+.It Cm AcceptEnv
>+Specifies what environment variables sent by the client will be copied into
>+the session's
>+.Xr environ 7 .
>+See
>+.Cm SendEnv
>+in
>+.Xr ssh_config 5
>+for how to configure the client.
>+Note that environment passing is only supported for protocol 2.
>+Variables are specified by name, which may contain the wildcard characters
>+.Ql \&*
>+and
>+.Ql \&? .
>+Multiple environment variables may be separated by whitespace or spread
>+across multiple
>+.Cm AcceptEnv
>+directives.
>+Be warned that some environment variables could be used to bypass restricted
>+user environments.
>+For this reason, care should be taken in the use of this directive.
>+The default is not to accept any environment variables.
>+.It Cm AddressFamily
>+Specifies which address family should be used by
>+.Nm sshd .
>+Valid arguments are
>+.Dq any ,
>+.Dq inet
>+(use IPv4 only) or
>+.Dq inet6
>+(use IPv6 only).
>+The default is
>+.Dq any .
>+.It Cm AllowGroups
>+This keyword can be followed by a list of group name patterns, separated
>+by spaces.
>+If specified, login is allowed only for users whose primary
>+group or supplementary group list matches one of the patterns.
>+.Ql \&*
>+and
>+.Ql \&?
>+can be used as
>+wildcards in the patterns.
>+Only group names are valid; a numerical group ID is not recognized.
>+By default, login is allowed for all groups.
>+.It Cm AllowTcpForwarding
>+Specifies whether TCP forwarding is permitted.
>+The default is
>+.Dq yes .
>+Note that disabling TCP forwarding does not improve security unless
>+users are also denied shell access, as they can always install their
>+own forwarders.
>+.It Cm AllowUsers
>+This keyword can be followed by a list of user name patterns, separated
>+by spaces.
>+If specified, login is allowed only for user names that
>+match one of the patterns.
>+.Ql \&*
>+and
>+.Ql \&?
>+can be used as
>+wildcards in the patterns.
>+Only user names are valid; a numerical user ID is not recognized.
>+By default, login is allowed for all users.
>+If the pattern takes the form USER@HOST then USER and HOST
>+are separately checked, restricting logins to particular
>+users from particular hosts.
>+.It Cm AuthorizedKeysFile
>+Specifies the file that contains the public keys that can be used
>+for user authentication.
>+.Cm AuthorizedKeysFile
>+may contain tokens of the form %T which are substituted during connection
>+set-up.
>+The following tokens are defined: %% is replaced by a literal '%',
>+%h is replaced by the home directory of the user being authenticated and
>+%u is replaced by the username of that user.
>+After expansion,
>+.Cm AuthorizedKeysFile
>+is taken to be an absolute path or one relative to the user's home
>+directory.
>+The default is
>+.Dq .ssh/authorized_keys .
>+.It Cm Banner
>+In some jurisdictions, sending a warning message before authentication
>+may be relevant for getting legal protection.
>+The contents of the specified file are sent to the remote user before
>+authentication is allowed.
>+This option is only available for protocol version 2.
>+By default, no banner is displayed.
>+.It Cm ChallengeResponseAuthentication
>+Specifies whether challenge response authentication is allowed.
>+All authentication styles from
>+.Xr login.conf 5
>+are supported.
>+The default is
>+.Dq yes .
>+.It Cm Ciphers
>+Specifies the ciphers allowed for protocol version 2.
>+Multiple ciphers must be comma-separated.
>+The supported ciphers are
>+.Dq 3des-cbc ,
>+.Dq aes128-cbc ,
>+.Dq aes192-cbc ,
>+.Dq aes256-cbc ,
>+.Dq aes128-ctr ,
>+.Dq aes192-ctr ,
>+.Dq aes256-ctr ,
>+.Dq arcfour128 ,
>+.Dq arcfour256 ,
>+.Dq arcfour ,
>+.Dq blowfish-cbc ,
>+and
>+.Dq cast128-cbc .
>+The default is
>+.Bd -literal
>+  ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,
>+    arcfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,
>+    aes192-ctr,aes256-ctr''
>+.Ed
>+.It Cm ClientAliveCountMax
>+Sets the number of client alive messages (see below) which may be
>+sent without
>+.Nm sshd
>+receiving any messages back from the client.
>+If this threshold is reached while client alive messages are being sent,
>+.Nm sshd
>+will disconnect the client, terminating the session.
>+It is important to note that the use of client alive messages is very
>+different from
>+.Cm TCPKeepAlive
>+(below).
>+The client alive messages are sent through the encrypted channel
>+and therefore will not be spoofable.
>+The TCP keepalive option enabled by
>+.Cm TCPKeepAlive
>+is spoofable.
>+The client alive mechanism is valuable when the client or
>+server depend on knowing when a connection has become inactive.
>+.Pp
>+The default value is 3.
>+If
>+.Cm ClientAliveInterval
>+(see below) is set to 15, and
>+.Cm ClientAliveCountMax
>+is left at the default, unresponsive ssh clients
>+will be disconnected after approximately 45 seconds.
>+.It Cm ClientAliveInterval
>+Sets a timeout interval in seconds after which if no data has been received
>+from the client,
>+.Nm sshd
>+will send a message through the encrypted
>+channel to request a response from the client.
>+The default
>+is 0, indicating that these messages will not be sent to the client.
>+This option applies to protocol version 2 only.
>+.It Cm Compression
>+Specifies whether compression is allowed, or delayed until
>+the user has authenticated successfully.
>+The argument must be
>+.Dq yes ,
>+.Dq delayed ,
>+or
>+.Dq no .
>+The default is
>+.Dq delayed .
>+.It Cm DenyGroups
>+This keyword can be followed by a list of group name patterns, separated
>+by spaces.
>+Login is disallowed for users whose primary group or supplementary
>+group list matches one of the patterns.
>+.Ql \&*
>+and
>+.Ql \&?
>+can be used as
>+wildcards in the patterns.
>+Only group names are valid; a numerical group ID is not recognized.
>+By default, login is allowed for all groups.
>+.It Cm DenyUsers
>+This keyword can be followed by a list of user name patterns, separated
>+by spaces.
>+Login is disallowed for user names that match one of the patterns.
>+.Ql \&*
>+and
>+.Ql \&?
>+can be used as wildcards in the patterns.
>+Only user names are valid; a numerical user ID is not recognized.
>+By default, login is allowed for all users.
>+If the pattern takes the form USER@HOST then USER and HOST
>+are separately checked, restricting logins to particular
>+users from particular hosts.
>+.It Cm GatewayPorts
>+Specifies whether remote hosts are allowed to connect to ports
>+forwarded for the client.
>+By default,
>+.Nm sshd
>+binds remote port forwardings to the loopback address.
>+This prevents other remote hosts from connecting to forwarded ports.
>+.Cm GatewayPorts
>+can be used to specify that
>+.Nm sshd
>+should allow remote port forwardings to bind to non-loopback addresses, thus
>+allowing other hosts to connect.
>+The argument may be
>+.Dq no
>+to force remote port forwardings to be available to the local host only,
>+.Dq yes
>+to force remote port forwardings to bind to the wildcard address, or
>+.Dq clientspecified
>+to allow the client to select the address to which the forwarding is bound.
>+The default is
>+.Dq no .
>+.It Cm GSSAPIAuthentication
>+Specifies whether user authentication based on GSSAPI is allowed.
>+The default is
>+.Dq no .
>+Note that this option applies to protocol version 2 only.
>+.It Cm GSSAPIKeyExchange
>+Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange 
>+doesn't rely on ssh keys to verify host identity.
>+The default is
>+.Dq no .
>+Note that this option applies to protocol version 2 only.
>+.It Cm GSSAPICleanupCredentials
>+Specifies whether to automatically destroy the user's credentials cache
>+on logout.
>+The default is
>+.Dq yes .
>+Note that this option applies to protocol version 2 only.
>+.It Cm HostbasedAuthentication
>+Specifies whether rhosts or /etc/hosts.equiv authentication together
>+with successful public key client host authentication is allowed
>+(hostbased authentication).
>+This option is similar to
>+.Cm RhostsRSAAuthentication
>+and applies to protocol version 2 only.
>+The default is
>+.Dq no .
>+.It Cm HostKey
>+Specifies a file containing a private host key
>+used by SSH.
>+The default is
>+.Pa /usr/etc/ssh_host_key
>+for protocol version 1, and
>+.Pa /usr/etc/ssh_host_rsa_key
>+and
>+.Pa /usr/etc/ssh_host_dsa_key
>+for protocol version 2.
>+Note that
>+.Nm sshd
>+will refuse to use a file if it is group/world-accessible.
>+It is possible to have multiple host key files.
>+.Dq rsa1
>+keys are used for version 1 and
>+.Dq dsa
>+or
>+.Dq rsa
>+are used for version 2 of the SSH protocol.
>+.It Cm IgnoreRhosts
>+Specifies that
>+.Pa .rhosts
>+and
>+.Pa .shosts
>+files will not be used in
>+.Cm RhostsRSAAuthentication
>+or
>+.Cm HostbasedAuthentication .
>+.Pp
>+.Pa /etc/hosts.equiv
>+and
>+.Pa /usr/etc/shosts.equiv
>+are still used.
>+The default is
>+.Dq yes .
>+.It Cm IgnoreUserKnownHosts
>+Specifies whether
>+.Nm sshd
>+should ignore the user's
>+.Pa ~/.ssh/known_hosts
>+during
>+.Cm RhostsRSAAuthentication
>+or
>+.Cm HostbasedAuthentication .
>+The default is
>+.Dq no .
>+.It Cm KerberosAuthentication
>+Specifies whether the password provided by the user for
>+.Cm PasswordAuthentication
>+will be validated through the Kerberos KDC.
>+To use this option, the server needs a
>+Kerberos servtab which allows the verification of the KDC's identity.
>+Default is
>+.Dq no .
>+.It Cm KerberosGetAFSToken
>+If AFS is active and the user has a Kerberos 5 TGT, attempt to acquire
>+an AFS token before accessing the user's home directory.
>+Default is
>+.Dq no .
>+.It Cm KerberosOrLocalPasswd
>+If set then if password authentication through Kerberos fails then
>+the password will be validated via any additional local mechanism
>+such as
>+.Pa /etc/passwd .
>+Default is
>+.Dq yes .
>+.It Cm KerberosTicketCleanup
>+Specifies whether to automatically destroy the user's ticket cache
>+file on logout.
>+Default is
>+.Dq yes .
>+.It Cm KeyRegenerationInterval
>+In protocol version 1, the ephemeral server key is automatically regenerated
>+after this many seconds (if it has been used).
>+The purpose of regeneration is to prevent
>+decrypting captured sessions by later breaking into the machine and
>+stealing the keys.
>+The key is never stored anywhere.
>+If the value is 0, the key is never regenerated.
>+The default is 3600 (seconds).
>+.It Cm ListenAddress
>+Specifies the local addresses
>+.Nm sshd
>+should listen on.
>+The following forms may be used:
>+.Pp
>+.Bl -item -offset indent -compact
>+.It
>+.Cm ListenAddress
>+.Sm off
>+.Ar host No | Ar IPv4_addr No | Ar IPv6_addr
>+.Sm on
>+.It
>+.Cm ListenAddress
>+.Sm off
>+.Ar host No | Ar IPv4_addr No : Ar port
>+.Sm on
>+.It
>+.Cm ListenAddress
>+.Sm off
>+.Oo
>+.Ar host No | Ar IPv6_addr Oc : Ar port
>+.Sm on
>+.El
>+.Pp
>+If
>+.Ar port
>+is not specified,
>+.Nm sshd
>+will listen on the address and all prior
>+.Cm Port
>+options specified.
>+The default is to listen on all local addresses.
>+Multiple
>+.Cm ListenAddress
>+options are permitted.
>+Additionally, any
>+.Cm Port
>+options must precede this option for non port qualified addresses.
>+.It Cm LoginGraceTime
>+The server disconnects after this time if the user has not
>+successfully logged in.
>+If the value is 0, there is no time limit.
>+The default is 120 seconds.
>+.It Cm LogLevel
>+Gives the verbosity level that is used when logging messages from
>+.Nm sshd .
>+The possible values are:
>+QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2 and DEBUG3.
>+The default is INFO.
>+DEBUG and DEBUG1 are equivalent.
>+DEBUG2 and DEBUG3 each specify higher levels of debugging output.
>+Logging with a DEBUG level violates the privacy of users and is not recommended.
>+.It Cm MACs
>+Specifies the available MAC (message authentication code) algorithms.
>+The MAC algorithm is used in protocol version 2
>+for data integrity protection.
>+Multiple algorithms must be comma-separated.
>+The default is
>+.Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 .
>+.It Cm MaxAuthTries
>+Specifies the maximum number of authentication attempts permitted per
>+connection.
>+Once the number of failures reaches half this value,
>+additional failures are logged.
>+The default is 6.
>+.It Cm MaxStartups
>+Specifies the maximum number of concurrent unauthenticated connections to the
>+.Nm sshd
>+daemon.
>+Additional connections will be dropped until authentication succeeds or the
>+.Cm LoginGraceTime
>+expires for a connection.
>+The default is 10.
>+.Pp
>+Alternatively, random early drop can be enabled by specifying
>+the three colon separated values
>+.Dq start:rate:full
>+(e.g., "10:30:60").
>+.Nm sshd
>+will refuse connection attempts with a probability of
>+.Dq rate/100
>+(30%)
>+if there are currently
>+.Dq start
>+(10)
>+unauthenticated connections.
>+The probability increases linearly and all connection attempts
>+are refused if the number of unauthenticated connections reaches
>+.Dq full
>+(60).
>+.It Cm PasswordAuthentication
>+Specifies whether password authentication is allowed.
>+The default is
>+.Dq yes .
>+.It Cm PermitEmptyPasswords
>+When password authentication is allowed, it specifies whether the
>+server allows login to accounts with empty password strings.
>+The default is
>+.Dq no .
>+.It Cm PermitRootLogin
>+Specifies whether root can log in using
>+.Xr ssh 1 .
>+The argument must be
>+.Dq yes ,
>+.Dq without-password ,
>+.Dq forced-commands-only
>+or
>+.Dq no .
>+The default is
>+.Dq yes .
>+.Pp
>+If this option is set to
>+.Dq without-password
>+password authentication is disabled for root.
>+.Pp
>+If this option is set to
>+.Dq forced-commands-only
>+root login with public key authentication will be allowed,
>+but only if the
>+.Ar command
>+option has been specified
>+(which may be useful for taking remote backups even if root login is
>+normally not allowed).
>+All other authentication methods are disabled for root.
>+.Pp
>+If this option is set to
>+.Dq no
>+root is not allowed to log in.
>+.It Cm PermitTunnel
>+Specifies whether
>+.Xr tun 4
>+device forwarding is allowed.
>+The argument must be
>+.Dq yes ,
>+.Dq point-to-point ,
>+.Dq ethernet
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.It Cm PermitUserEnvironment
>+Specifies whether
>+.Pa ~/.ssh/environment
>+and
>+.Cm environment=
>+options in
>+.Pa ~/.ssh/authorized_keys
>+are processed by
>+.Nm sshd .
>+The default is
>+.Dq no .
>+Enabling environment processing may enable users to bypass access
>+restrictions in some configurations using mechanisms such as
>+.Ev LD_PRELOAD .
>+.It Cm PidFile
>+Specifies the file that contains the process ID of the
>+.Nm sshd
>+daemon.
>+The default is
>+.Pa /var/run/sshd.pid .
>+.It Cm Port
>+Specifies the port number that
>+.Nm sshd
>+listens on.
>+The default is 22.
>+Multiple options of this type are permitted.
>+See also
>+.Cm ListenAddress .
>+.It Cm PrintLastLog
>+Specifies whether
>+.Nm sshd
>+should print the date and time of the last user login when a user logs
>+in interactively.
>+The default is
>+.Dq yes .
>+.It Cm PrintMotd
>+Specifies whether
>+.Nm sshd
>+should print
>+.Pa /etc/motd
>+when a user logs in interactively.
>+(On some systems it is also printed by the shell,
>+.Pa /etc/profile ,
>+or equivalent.)
>+The default is
>+.Dq yes .
>+.It Cm Protocol
>+Specifies the protocol versions
>+.Nm sshd
>+supports.
>+The possible values are
>+.Dq 1
>+and
>+.Dq 2 .
>+Multiple versions must be comma-separated.
>+The default is
>+.Dq 2,1 .
>+Note that the order of the protocol list does not indicate preference,
>+because the client selects among multiple protocol versions offered
>+by the server.
>+Specifying
>+.Dq 2,1
>+is identical to
>+.Dq 1,2 .
>+.It Cm PubkeyAuthentication
>+Specifies whether public key authentication is allowed.
>+The default is
>+.Dq yes .
>+Note that this option applies to protocol version 2 only.
>+.It Cm RhostsRSAAuthentication
>+Specifies whether rhosts or /etc/hosts.equiv authentication together
>+with successful RSA host authentication is allowed.
>+The default is
>+.Dq no .
>+This option applies to protocol version 1 only.
>+.It Cm RSAAuthentication
>+Specifies whether pure RSA authentication is allowed.
>+The default is
>+.Dq yes .
>+This option applies to protocol version 1 only.
>+.It Cm ServerKeyBits
>+Defines the number of bits in the ephemeral protocol version 1 server key.
>+The minimum value is 512, and the default is 768.
>+.It Cm StrictModes
>+Specifies whether
>+.Nm sshd
>+should check file modes and ownership of the
>+user's files and home directory before accepting login.
>+This is normally desirable because novices sometimes accidentally leave their
>+directory or files world-writable.
>+The default is
>+.Dq yes .
>+.It Cm Subsystem
>+Configures an external subsystem (e.g., file transfer daemon).
>+Arguments should be a subsystem name and a command to execute upon subsystem
>+request.
>+The command
>+.Xr sftp-server 8
>+implements the
>+.Dq sftp
>+file transfer subsystem.
>+By default no subsystems are defined.
>+Note that this option applies to protocol version 2 only.
>+.It Cm SyslogFacility
>+Gives the facility code that is used when logging messages from
>+.Nm sshd .
>+The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
>+LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
>+The default is AUTH.
>+.It Cm TCPKeepAlive
>+Specifies whether the system should send TCP keepalive messages to the
>+other side.
>+If they are sent, death of the connection or crash of one
>+of the machines will be properly noticed.
>+However, this means that
>+connections will die if the route is down temporarily, and some people
>+find it annoying.
>+On the other hand, if TCP keepalives are not sent,
>+sessions may hang indefinitely on the server, leaving
>+.Dq ghost
>+users and consuming server resources.
>+.Pp
>+The default is
>+.Dq yes
>+(to send TCP keepalive messages), and the server will notice
>+if the network goes down or the client host crashes.
>+This avoids infinitely hanging sessions.
>+.Pp
>+To disable TCP keepalive messages, the value should be set to
>+.Dq no .
>+.Pp
>+This option was formerly called
>+.Cm KeepAlive .
>+.It Cm UseDNS
>+Specifies whether
>+.Nm sshd
>+should look up the remote host name and check that
>+the resolved host name for the remote IP address maps back to the
>+very same IP address.
>+The default is
>+.Dq yes .
>+.It Cm UseLogin
>+Specifies whether
>+.Xr login 1
>+is used for interactive login sessions.
>+The default is
>+.Dq no .
>+Note that
>+.Xr login 1
>+is never used for remote command execution.
>+Note also, that if this is enabled,
>+.Cm X11Forwarding
>+will be disabled because
>+.Xr login 1
>+does not know how to handle
>+.Xr xauth 1
>+cookies.
>+If
>+.Cm UsePrivilegeSeparation
>+is specified, it will be disabled after authentication.
>+.It Cm UsePAM
>+Enables the Pluggable Authentication Module interface.
>+If set to
>+.Dq yes
>+this will enable PAM authentication using
>+.Cm ChallengeResponseAuthentication
>+and PAM account and session module processing for all authentication types.
>+.Pp
>+Because PAM challenge-response authentication usually serves an equivalent
>+role to password authentication, you should disable either
>+.Cm PasswordAuthentication
>+or
>+.Cm ChallengeResponseAuthentication.
>+.Pp
>+If
>+.Cm UsePAM
>+is enabled, you will not be able to run
>+.Xr sshd 8
>+as a non-root user.
>+The default is
>+.Dq no .
>+.It Cm UsePrivilegeSeparation
>+Specifies whether
>+.Nm sshd
>+separates privileges by creating an unprivileged child process
>+to deal with incoming network traffic.
>+After successful authentication, another process will be created that has
>+the privilege of the authenticated user.
>+The goal of privilege separation is to prevent privilege
>+escalation by containing any corruption within the unprivileged processes.
>+The default is
>+.Dq yes .
>+.It Cm X11DisplayOffset
>+Specifies the first display number available for
>+.Nm sshd Ns 's
>+X11 forwarding.
>+This prevents
>+.Nm sshd
>+from interfering with real X11 servers.
>+The default is 10.
>+.It Cm X11Forwarding
>+Specifies whether X11 forwarding is permitted.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq no .
>+.Pp
>+When X11 forwarding is enabled, there may be additional exposure to
>+the server and to client displays if the
>+.Nm sshd
>+proxy display is configured to listen on the wildcard address (see
>+.Cm X11UseLocalhost
>+below), however this is not the default.
>+Additionally, the authentication spoofing and authentication data
>+verification and substitution occur on the client side.
>+The security risk of using X11 forwarding is that the client's X11
>+display server may be exposed to attack when the ssh client requests
>+forwarding (see the warnings for
>+.Cm ForwardX11
>+in
>+.Xr ssh_config 5 ) .
>+A system administrator may have a stance in which they want to
>+protect clients that may expose themselves to attack by unwittingly
>+requesting X11 forwarding, which can warrant a
>+.Dq no
>+setting.
>+.Pp
>+Note that disabling X11 forwarding does not prevent users from
>+forwarding X11 traffic, as users can always install their own forwarders.
>+X11 forwarding is automatically disabled if
>+.Cm UseLogin
>+is enabled.
>+.It Cm X11UseLocalhost
>+Specifies whether
>+.Nm sshd
>+should bind the X11 forwarding server to the loopback address or to
>+the wildcard address.
>+By default,
>+.Nm sshd
>+binds the forwarding server to the loopback address and sets the
>+hostname part of the
>+.Ev DISPLAY
>+environment variable to
>+.Dq localhost .
>+This prevents remote hosts from connecting to the proxy display.
>+However, some older X11 clients may not function with this
>+configuration.
>+.Cm X11UseLocalhost
>+may be set to
>+.Dq no
>+to specify that the forwarding server should be bound to the wildcard
>+address.
>+The argument must be
>+.Dq yes
>+or
>+.Dq no .
>+The default is
>+.Dq yes .
>+.It Cm XAuthLocation
>+Specifies the full pathname of the
>+.Xr xauth 1
>+program.
>+The default is
>+.Pa /usr/bin/xauth .
>+.El
>+.Ss Time Formats
>+.Nm sshd
>+command-line arguments and configuration file options that specify time
>+may be expressed using a sequence of the form:
>+.Sm off
>+.Ar time Op Ar qualifier ,
>+.Sm on
>+where
>+.Ar time
>+is a positive integer value and
>+.Ar qualifier
>+is one of the following:
>+.Pp
>+.Bl -tag -width Ds -compact -offset indent
>+.It Cm <none>
>+seconds
>+.It Cm s | Cm S
>+seconds
>+.It Cm m | Cm M
>+minutes
>+.It Cm h | Cm H
>+hours
>+.It Cm d | Cm D
>+days
>+.It Cm w | Cm W
>+weeks
>+.El
>+.Pp
>+Each member of the sequence is added together to calculate
>+the total time value.
>+.Pp
>+Time format examples:
>+.Pp
>+.Bl -tag -width Ds -compact -offset indent
>+.It 600
>+600 seconds (10 minutes)
>+.It 10m
>+10 minutes
>+.It 1h30m
>+1 hour 30 minutes (90 minutes)
>+.El
>+.Sh FILES
>+.Bl -tag -width Ds
>+.It Pa /usr/etc/sshd_config
>+Contains configuration data for
>+.Nm sshd .
>+This file should be writable by root only, but it is recommended
>+(though not necessary) that it be world-readable.
>+.El
>+.Sh SEE ALSO
>+.Xr sshd 8
>+.Sh AUTHORS
>+OpenSSH is a derivative of the original and free
>+ssh 1.2.12 release by Tatu Ylonen.
>+Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
>+Theo de Raadt and Dug Song
>+removed many bugs, re-added newer features and
>+created OpenSSH.
>+Markus Friedl contributed the support for SSH
>+protocol versions 1.5 and 2.0.
>+Niels Provos and Markus Friedl contributed support
>+for privilege separation.
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/sshd_config.out openssh-4.3p2-transproxy/sshd_config.out
>--- /home/lb/net/src/openssh-4.3p2/sshd_config.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/sshd_config.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,105 @@
>+#	$OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
>+
>+# This is the sshd server system-wide configuration file.  See
>+# sshd_config(5) for more information.
>+
>+# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
>+
>+# The strategy used for options in the default sshd_config shipped with
>+# OpenSSH is to specify options with their default value where
>+# possible, but leave them commented.  Uncommented options change a
>+# default value.
>+
>+#Port 22
>+#Protocol 2,1
>+#AddressFamily any
>+#ListenAddress 0.0.0.0
>+#ListenAddress ::
>+
>+# HostKey for protocol version 1
>+#HostKey /usr/etc/ssh_host_key
>+# HostKeys for protocol version 2
>+#HostKey /usr/etc/ssh_host_rsa_key
>+#HostKey /usr/etc/ssh_host_dsa_key
>+
>+# Lifetime and size of ephemeral version 1 server key
>+#KeyRegenerationInterval 1h
>+#ServerKeyBits 768
>+
>+# Logging
>+# obsoletes QuietMode and FascistLogging
>+#SyslogFacility AUTH
>+#LogLevel INFO
>+
>+# Authentication:
>+
>+#LoginGraceTime 2m
>+#PermitRootLogin yes
>+#StrictModes yes
>+#MaxAuthTries 6
>+
>+#RSAAuthentication yes
>+#PubkeyAuthentication yes
>+#AuthorizedKeysFile	.ssh/authorized_keys
>+
>+# For this to work you will also need host keys in /usr/etc/ssh_known_hosts
>+#RhostsRSAAuthentication no
>+# similar for protocol version 2
>+#HostbasedAuthentication no
>+# Change to yes if you don't trust ~/.ssh/known_hosts for
>+# RhostsRSAAuthentication and HostbasedAuthentication
>+#IgnoreUserKnownHosts no
>+# Don't read the user's ~/.rhosts and ~/.shosts files
>+#IgnoreRhosts yes
>+
>+# To disable tunneled clear text passwords, change to no here!
>+#PasswordAuthentication yes
>+#PermitEmptyPasswords no
>+
>+# Change to no to disable s/key passwords
>+#ChallengeResponseAuthentication yes
>+
>+# Kerberos options
>+#KerberosAuthentication no
>+#KerberosOrLocalPasswd yes
>+#KerberosTicketCleanup yes
>+#KerberosGetAFSToken no
>+
>+# GSSAPI options
>+#GSSAPIAuthentication no
>+#GSSAPICleanupCredentials yes
>+
>+# Set this to 'yes' to enable PAM authentication, account processing, 
>+# and session processing. If this is enabled, PAM authentication will 
>+# be allowed through the ChallengeResponseAuthentication mechanism. 
>+# Depending on your PAM configuration, this may bypass the setting of 
>+# PasswordAuthentication, PermitEmptyPasswords, and 
>+# "PermitRootLogin without-password". If you just want the PAM account and 
>+# session checks to run without PAM authentication, then enable this but set 
>+# ChallengeResponseAuthentication=no
>+#UsePAM no
>+
>+#AllowTcpForwarding yes
>+#GatewayPorts no
>+#X11Forwarding no
>+#X11DisplayOffset 10
>+#X11UseLocalhost yes
>+#PrintMotd yes
>+#PrintLastLog yes
>+#TCPKeepAlive yes
>+#UseLogin no
>+#UsePrivilegeSeparation yes
>+#PermitUserEnvironment no
>+#Compression delayed
>+#ClientAliveInterval 0
>+#ClientAliveCountMax 3
>+#UseDNS yes
>+#PidFile /var/run/sshd.pid
>+#MaxStartups 10
>+#PermitTunnel no
>+
>+# no default banner path
>+#Banner /some/path
>+
>+# override default of no subsystems
>+Subsystem	sftp	/usr/libexec/sftp-server
>Binary files /home/lb/net/src/openssh-4.3p2/ssh-keygen and openssh-4.3p2-transproxy/ssh-keygen differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh-keygen.1.out openssh-4.3p2-transproxy/ssh-keygen.1.out
>--- /home/lb/net/src/openssh-4.3p2/ssh-keygen.1.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh-keygen.1.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,468 @@
>+.\"	$OpenBSD: ssh-keygen.1,v 1.72 2005/11/28 05:16:53 dtucker Exp $
>+.\"
>+.\"  -*- nroff -*-
>+.\"
>+.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
>+.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
>+.\"                    All rights reserved
>+.\"
>+.\" As far as I am concerned, the code I have written for this software
>+.\" can be used freely for any purpose.  Any derived versions of this
>+.\" software must be clearly marked as such, and if the derived work is
>+.\" incompatible with the protocol description in the RFC file, it must be
>+.\" called by a name other than "ssh" or "Secure Shell".
>+.\"
>+.\"
>+.\" Copyright (c) 1999,2000 Markus Friedl.  All rights reserved.
>+.\" Copyright (c) 1999 Aaron Campbell.  All rights reserved.
>+.\" Copyright (c) 1999 Theo de Raadt.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.Dd September 25, 1999
>+.Dt SSH-KEYGEN 1
>+.Os
>+.Sh NAME
>+.Nm ssh-keygen
>+.Nd authentication key generation, management and conversion
>+.Sh SYNOPSIS
>+.Nm ssh-keygen
>+.Bk -words
>+.Op Fl q
>+.Op Fl b Ar bits
>+.Fl t Ar type
>+.Op Fl N Ar new_passphrase
>+.Op Fl C Ar comment
>+.Op Fl f Ar output_keyfile
>+.Ek
>+.Nm ssh-keygen
>+.Fl p
>+.Op Fl P Ar old_passphrase
>+.Op Fl N Ar new_passphrase
>+.Op Fl f Ar keyfile
>+.Nm ssh-keygen
>+.Fl i
>+.Op Fl f Ar input_keyfile
>+.Nm ssh-keygen
>+.Fl e
>+.Op Fl f Ar input_keyfile
>+.Nm ssh-keygen
>+.Fl y
>+.Op Fl f Ar input_keyfile
>+.Nm ssh-keygen
>+.Fl c
>+.Op Fl P Ar passphrase
>+.Op Fl C Ar comment
>+.Op Fl f Ar keyfile
>+.Nm ssh-keygen
>+.Fl l
>+.Op Fl f Ar input_keyfile
>+.Nm ssh-keygen
>+.Fl B
>+.Op Fl f Ar input_keyfile
>+.Nm ssh-keygen
>+.Fl D Ar reader
>+.Nm ssh-keygen
>+.Fl F Ar hostname
>+.Op Fl f Ar known_hosts_file
>+.Nm ssh-keygen
>+.Fl H
>+.Op Fl f Ar known_hosts_file
>+.Nm ssh-keygen
>+.Fl R Ar hostname
>+.Op Fl f Ar known_hosts_file
>+.Nm ssh-keygen
>+.Fl U Ar reader
>+.Op Fl f Ar input_keyfile
>+.Nm ssh-keygen
>+.Fl r Ar hostname
>+.Op Fl f Ar input_keyfile
>+.Op Fl g
>+.Nm ssh-keygen
>+.Fl G Ar output_file
>+.Op Fl v
>+.Op Fl b Ar bits
>+.Op Fl M Ar memory
>+.Op Fl S Ar start_point
>+.Nm ssh-keygen
>+.Fl T Ar output_file
>+.Fl f Ar input_file
>+.Op Fl v
>+.Op Fl a Ar num_trials
>+.Op Fl W Ar generator
>+.Sh DESCRIPTION
>+.Nm
>+generates, manages and converts authentication keys for
>+.Xr ssh 1 .
>+.Nm
>+can create RSA keys for use by SSH protocol version 1 and RSA or DSA
>+keys for use by SSH protocol version 2.
>+The type of key to be generated is specified with the
>+.Fl t
>+option.
>+If invoked without any arguments,
>+.Nm
>+will generate an RSA key for use in SSH protocol 2 connections.
>+.Pp
>+.Nm
>+is also used to generate groups for use in Diffie-Hellman group
>+exchange (DH-GEX).
>+See the
>+.Sx MODULI GENERATION
>+section for details.
>+.Pp
>+Normally each user wishing to use SSH
>+with RSA or DSA authentication runs this once to create the authentication
>+key in
>+.Pa ~/.ssh/identity ,
>+.Pa ~/.ssh/id_dsa
>+or
>+.Pa ~/.ssh/id_rsa .
>+Additionally, the system administrator may use this to generate host keys,
>+as seen in
>+.Pa /etc/rc .
>+.Pp
>+Normally this program generates the key and asks for a file in which
>+to store the private key.
>+The public key is stored in a file with the same name but
>+.Dq .pub
>+appended.
>+The program also asks for a passphrase.
>+The passphrase may be empty to indicate no passphrase
>+(host keys must have an empty passphrase), or it may be a string of
>+arbitrary length.
>+A passphrase is similar to a password, except it can be a phrase with a
>+series of words, punctuation, numbers, whitespace, or any string of
>+characters you want.
>+Good passphrases are 10-30 characters long, are
>+not simple sentences or otherwise easily guessable (English
>+prose has only 1-2 bits of entropy per character, and provides very bad
>+passphrases), and contain a mix of upper and lowercase letters,
>+numbers, and non-alphanumeric characters.
>+The passphrase can be changed later by using the
>+.Fl p
>+option.
>+.Pp
>+There is no way to recover a lost passphrase.
>+If the passphrase is
>+lost or forgotten, a new key must be generated and copied to the
>+corresponding public key to other machines.
>+.Pp
>+For RSA1 keys,
>+there is also a comment field in the key file that is only for
>+convenience to the user to help identify the key.
>+The comment can tell what the key is for, or whatever is useful.
>+The comment is initialized to
>+.Dq user@host
>+when the key is created, but can be changed using the
>+.Fl c
>+option.
>+.Pp
>+After a key is generated, instructions below detail where the keys
>+should be placed to be activated.
>+.Pp
>+The options are as follows:
>+.Bl -tag -width Ds
>+.It Fl a Ar trials
>+Specifies the number of primality tests to perform when screening DH-GEX
>+candidates using the
>+.Fl T
>+command.
>+.It Fl B
>+Show the bubblebabble digest of specified private or public key file.
>+.It Fl b Ar bits
>+Specifies the number of bits in the key to create.
>+For RSA keys, the minimum size is 768 bits and the default is 2048 bits.
>+Generally, 2048 bits is considered sufficient.
>+DSA keys must be exactly 1024 bits as specified by FIPS 186-2.
>+.It Fl C Ar comment
>+Provides a new comment.
>+.It Fl c
>+Requests changing the comment in the private and public key files.
>+This operation is only supported for RSA1 keys.
>+The program will prompt for the file containing the private keys, for
>+the passphrase if the key has one, and for the new comment.
>+.It Fl D Ar reader
>+Download the RSA public key stored in the smartcard in
>+.Ar reader .
>+.It Fl e
>+This option will read a private or public OpenSSH key file and
>+print the key in a
>+.Sq SECSH Public Key File Format
>+to stdout.
>+This option allows exporting keys for use by several commercial
>+SSH implementations.
>+.It Fl F Ar hostname
>+Search for the specified
>+.Ar hostname
>+in a
>+.Pa known_hosts
>+file, listing any occurrences found.
>+This option is useful to find hashed host names or addresses and may also be
>+used in conjunction with the
>+.Fl H
>+option to print found keys in a hashed format.
>+.It Fl f Ar filename
>+Specifies the filename of the key file.
>+.It Fl G Ar output_file
>+Generate candidate primes for DH-GEX.
>+These primes must be screened for
>+safety (using the
>+.Fl T
>+option) before use.
>+.It Fl g
>+Use generic DNS format when printing fingerprint resource records using the
>+.Fl r
>+command.
>+.It Fl H
>+Hash a
>+.Pa known_hosts
>+file.
>+This replaces all hostnames and addresses with hashed representations
>+within the specified file; the original content is moved to a file with
>+a .old suffix.
>+These hashes may be used normally by
>+.Nm ssh
>+and
>+.Nm sshd ,
>+but they do not reveal identifying information should the file's contents
>+be disclosed.
>+This option will not modify existing hashed hostnames and is therefore safe
>+to use on files that mix hashed and non-hashed names.
>+.It Fl i
>+This option will read an unencrypted private (or public) key file
>+in SSH2-compatible format and print an OpenSSH compatible private
>+(or public) key to stdout.
>+.Nm
>+also reads the
>+.Sq SECSH Public Key File Format .
>+This option allows importing keys from several commercial
>+SSH implementations.
>+.It Fl l
>+Show fingerprint of specified public key file.
>+Private RSA1 keys are also supported.
>+For RSA and DSA keys
>+.Nm
>+tries to find the matching public key file and prints its fingerprint.
>+.It Fl M Ar memory
>+Specify the amount of memory to use (in megabytes) when generating
>+candidate moduli for DH-GEX.
>+.It Fl N Ar new_passphrase
>+Provides the new passphrase.
>+.It Fl P Ar passphrase
>+Provides the (old) passphrase.
>+.It Fl p
>+Requests changing the passphrase of a private key file instead of
>+creating a new private key.
>+The program will prompt for the file
>+containing the private key, for the old passphrase, and twice for the
>+new passphrase.
>+.It Fl q
>+Silence
>+.Nm ssh-keygen .
>+Used by
>+.Pa /etc/rc
>+when creating a new key.
>+.It Fl R Ar hostname
>+Removes all keys belonging to
>+.Ar hostname
>+from a
>+.Pa known_hosts
>+file.
>+This option is useful to delete hashed hosts (see the
>+.Fl H
>+option above).
>+.It Fl r Ar hostname
>+Print the SSHFP fingerprint resource record named
>+.Ar hostname
>+for the specified public key file.
>+.It Fl S Ar start
>+Specify start point (in hex) when generating candidate moduli for DH-GEX.
>+.It Fl T Ar output_file
>+Test DH group exchange candidate primes (generated using the
>+.Fl G
>+option) for safety.
>+.It Fl t Ar type
>+Specifies the type of key to create.
>+The possible values are
>+.Dq rsa1
>+for protocol version 1 and
>+.Dq rsa
>+or
>+.Dq dsa
>+for protocol version 2.
>+.It Fl U Ar reader
>+Upload an existing RSA private key into the smartcard in
>+.Ar reader .
>+.It Fl v
>+Verbose mode.
>+Causes
>+.Nm
>+to print debugging messages about its progress.
>+This is helpful for debugging moduli generation.
>+Multiple
>+.Fl v
>+options increase the verbosity.
>+The maximum is 3.
>+.It Fl W Ar generator
>+Specify desired generator when testing candidate moduli for DH-GEX.
>+.It Fl y
>+This option will read a private
>+OpenSSH format file and print an OpenSSH public key to stdout.
>+.El
>+.Sh MODULI GENERATION
>+.Nm
>+may be used to generate groups for the Diffie-Hellman Group Exchange
>+(DH-GEX) protocol.
>+Generating these groups is a two-step process: first, candidate
>+primes are generated using a fast, but memory intensive process.
>+These candidate primes are then tested for suitability (a CPU-intensive
>+process).
>+.Pp
>+Generation of primes is performed using the
>+.Fl G
>+option.
>+The desired length of the primes may be specified by the
>+.Fl b
>+option.
>+For example:
>+.Pp
>+.Dl # ssh-keygen -G moduli-2048.candidates -b 2048
>+.Pp
>+By default, the search for primes begins at a random point in the
>+desired length range.
>+This may be overridden using the
>+.Fl S
>+option, which specifies a different start point (in hex).
>+.Pp
>+Once a set of candidates have been generated, they must be tested for
>+suitability.
>+This may be performed using the
>+.Fl T
>+option.
>+In this mode
>+.Nm
>+will read candidates from standard input (or a file specified using the
>+.Fl f
>+option).
>+For example:
>+.Pp
>+.Dl # ssh-keygen -T moduli-2048 -f moduli-2048.candidates
>+.Pp
>+By default, each candidate will be subjected to 100 primality tests.
>+This may be overridden using the
>+.Fl a
>+option.
>+The DH generator value will be chosen automatically for the
>+prime under consideration.
>+If a specific generator is desired, it may be requested using the
>+.Fl W
>+option.
>+Valid generator values are 2, 3, and 5.
>+.Pp
>+Screened DH groups may be installed in
>+.Pa /etc/moduli .
>+It is important that this file contains moduli of a range of bit lengths and
>+that both ends of a connection share common moduli.
>+.Sh FILES
>+.Bl -tag -width Ds
>+.It Pa ~/.ssh/identity
>+Contains the protocol version 1 RSA authentication identity of the user.
>+This file should not be readable by anyone but the user.
>+It is possible to
>+specify a passphrase when generating the key; that passphrase will be
>+used to encrypt the private part of this file using 3DES.
>+This file is not automatically accessed by
>+.Nm
>+but it is offered as the default file for the private key.
>+.Xr ssh 1
>+will read this file when a login attempt is made.
>+.It Pa ~/.ssh/identity.pub
>+Contains the protocol version 1 RSA public key for authentication.
>+The contents of this file should be added to
>+.Pa ~/.ssh/authorized_keys
>+on all machines
>+where the user wishes to log in using RSA authentication.
>+There is no need to keep the contents of this file secret.
>+.It Pa ~/.ssh/id_dsa
>+Contains the protocol version 2 DSA authentication identity of the user.
>+This file should not be readable by anyone but the user.
>+It is possible to
>+specify a passphrase when generating the key; that passphrase will be
>+used to encrypt the private part of this file using 3DES.
>+This file is not automatically accessed by
>+.Nm
>+but it is offered as the default file for the private key.
>+.Xr ssh 1
>+will read this file when a login attempt is made.
>+.It Pa ~/.ssh/id_dsa.pub
>+Contains the protocol version 2 DSA public key for authentication.
>+The contents of this file should be added to
>+.Pa ~/.ssh/authorized_keys
>+on all machines
>+where the user wishes to log in using public key authentication.
>+There is no need to keep the contents of this file secret.
>+.It Pa ~/.ssh/id_rsa
>+Contains the protocol version 2 RSA authentication identity of the user.
>+This file should not be readable by anyone but the user.
>+It is possible to
>+specify a passphrase when generating the key; that passphrase will be
>+used to encrypt the private part of this file using 3DES.
>+This file is not automatically accessed by
>+.Nm
>+but it is offered as the default file for the private key.
>+.Xr ssh 1
>+will read this file when a login attempt is made.
>+.It Pa ~/.ssh/id_rsa.pub
>+Contains the protocol version 2 RSA public key for authentication.
>+The contents of this file should be added to
>+.Pa ~/.ssh/authorized_keys
>+on all machines
>+where the user wishes to log in using public key authentication.
>+There is no need to keep the contents of this file secret.
>+.It Pa /etc/moduli
>+Contains Diffie-Hellman groups used for DH-GEX.
>+The file format is described in
>+.Xr moduli 5 .
>+.El
>+.Sh SEE ALSO
>+.Xr ssh 1 ,
>+.Xr ssh-add 1 ,
>+.Xr ssh-agent 1 ,
>+.Xr moduli 5 ,
>+.Xr sshd 8
>+.Rs
>+.%A J. Galbraith
>+.%A R. Thayer
>+.%T "SECSH Public Key File Format"
>+.%N draft-ietf-secsh-publickeyfile-01.txt
>+.%D March 2001
>+.%O work in progress material
>+.Re
>+.Sh AUTHORS
>+OpenSSH is a derivative of the original and free
>+ssh 1.2.12 release by Tatu Ylonen.
>+Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
>+Theo de Raadt and Dug Song
>+removed many bugs, re-added newer features and
>+created OpenSSH.
>+Markus Friedl contributed the support for SSH
>+protocol versions 1.5 and 2.0.
>Binary files /home/lb/net/src/openssh-4.3p2/ssh-keyscan and openssh-4.3p2-transproxy/ssh-keyscan differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh-keyscan.1.out openssh-4.3p2-transproxy/ssh-keyscan.1.out
>--- /home/lb/net/src/openssh-4.3p2/ssh-keyscan.1.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh-keyscan.1.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,168 @@
>+.\"	$OpenBSD: ssh-keyscan.1,v 1.21 2005/09/30 20:34:26 jaredy Exp $
>+.\"
>+.\" Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
>+.\"
>+.\" Modification and redistribution in source and binary forms is
>+.\" permitted provided that due credit is given to the author and the
>+.\" OpenBSD project by leaving this copyright notice intact.
>+.\"
>+.Dd January 1, 1996
>+.Dt SSH-KEYSCAN 1
>+.Os
>+.Sh NAME
>+.Nm ssh-keyscan
>+.Nd gather ssh public keys
>+.Sh SYNOPSIS
>+.Nm ssh-keyscan
>+.Bk -words
>+.Op Fl 46Hv
>+.Op Fl f Ar file
>+.Op Fl p Ar port
>+.Op Fl T Ar timeout
>+.Op Fl t Ar type
>+.Op Ar host | addrlist namelist
>+.Op Ar ...
>+.Ek
>+.Sh DESCRIPTION
>+.Nm
>+is a utility for gathering the public ssh host keys of a number of
>+hosts.
>+It was designed to aid in building and verifying
>+.Pa ssh_known_hosts
>+files.
>+.Nm
>+provides a minimal interface suitable for use by shell and perl
>+scripts.
>+.Pp
>+.Nm
>+uses non-blocking socket I/O to contact as many hosts as possible in
>+parallel, so it is very efficient.
>+The keys from a domain of 1,000
>+hosts can be collected in tens of seconds, even when some of those
>+hosts are down or do not run ssh.
>+For scanning, one does not need
>+login access to the machines that are being scanned, nor does the
>+scanning process involve any encryption.
>+.Pp
>+The options are as follows:
>+.Bl -tag -width Ds
>+.It Fl 4
>+Forces
>+.Nm
>+to use IPv4 addresses only.
>+.It Fl 6
>+Forces
>+.Nm
>+to use IPv6 addresses only.
>+.It Fl f Ar file
>+Read hosts or
>+.Pa addrlist namelist
>+pairs from this file, one per line.
>+If
>+.Pa -
>+is supplied instead of a filename,
>+.Nm
>+will read hosts or
>+.Pa addrlist namelist
>+pairs from the standard input.
>+.It Fl H
>+Hash all hostnames and addresses in the output.
>+Hashed names may be used normally by
>+.Nm ssh
>+and
>+.Nm sshd ,
>+but they do not reveal identifying information should the file's contents
>+be disclosed.
>+.It Fl p Ar port
>+Port to connect to on the remote host.
>+.It Fl T Ar timeout
>+Set the timeout for connection attempts.
>+If
>+.Pa timeout
>+seconds have elapsed since a connection was initiated to a host or since the
>+last time anything was read from that host, then the connection is
>+closed and the host in question considered unavailable.
>+Default is 5 seconds.
>+.It Fl t Ar type
>+Specifies the type of the key to fetch from the scanned hosts.
>+The possible values are
>+.Dq rsa1
>+for protocol version 1 and
>+.Dq rsa
>+or
>+.Dq dsa
>+for protocol version 2.
>+Multiple values may be specified by separating them with commas.
>+The default is
>+.Dq rsa1 .
>+.It Fl v
>+Verbose mode.
>+Causes
>+.Nm
>+to print debugging messages about its progress.
>+.El
>+.Sh SECURITY
>+If a ssh_known_hosts file is constructed using
>+.Nm
>+without verifying the keys, users will be vulnerable to
>+.Em man in the middle
>+attacks.
>+On the other hand, if the security model allows such a risk,
>+.Nm
>+can help in the detection of tampered keyfiles or man in the middle
>+attacks which have begun after the ssh_known_hosts file was created.
>+.Sh FILES
>+.Pa Input format:
>+.Bd -literal
>+1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4
>+.Ed
>+.Pp
>+.Pa Output format for rsa1 keys:
>+.Bd -literal
>+host-or-namelist bits exponent modulus
>+.Ed
>+.Pp
>+.Pa Output format for rsa and dsa keys:
>+.Bd -literal
>+host-or-namelist keytype base64-encoded-key
>+.Ed
>+.Pp
>+Where
>+.Pa keytype
>+is either
>+.Dq ssh-rsa
>+or
>+.Dq ssh-dss .
>+.Pp
>+.Pa /usr/etc/ssh_known_hosts
>+.Sh EXAMPLES
>+Print the
>+.Pa rsa1
>+host key for machine
>+.Pa hostname :
>+.Bd -literal
>+$ ssh-keyscan hostname
>+.Ed
>+.Pp
>+Find all hosts from the file
>+.Pa ssh_hosts
>+which have new or different keys from those in the sorted file
>+.Pa ssh_known_hosts :
>+.Bd -literal
>+$ ssh-keyscan -t rsa,dsa -f ssh_hosts | \e
>+	sort -u - ssh_known_hosts | diff ssh_known_hosts -
>+.Ed
>+.Sh SEE ALSO
>+.Xr ssh 1 ,
>+.Xr sshd 8
>+.Sh AUTHORS
>+.An -nosplit
>+.An David Mazieres Aq dm@lcs.mit.edu
>+wrote the initial version, and
>+.An Wayne Davison Aq wayned@users.sourceforge.net
>+added support for protocol version 2.
>+.Sh BUGS
>+It generates "Connection closed by remote host" messages on the consoles
>+of all the machines it scans if the server is older than version 2.9.
>+This is because it opens a connection to the ssh port, reads the public
>+key, and drops the connection as soon as it gets the key.
>Binary files /home/lb/net/src/openssh-4.3p2/ssh-keysign and openssh-4.3p2-transproxy/ssh-keysign differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh-keysign.8.out openssh-4.3p2-transproxy/ssh-keysign.8.out
>--- /home/lb/net/src/openssh-4.3p2/ssh-keysign.8.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh-keysign.8.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,82 @@
>+.\" $OpenBSD: ssh-keysign.8,v 1.7 2003/06/10 09:12:11 jmc Exp $
>+.\"
>+.\" Copyright (c) 2002 Markus Friedl.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.Dd May 24, 2002
>+.Dt SSH-KEYSIGN 8
>+.Os
>+.Sh NAME
>+.Nm ssh-keysign
>+.Nd ssh helper program for hostbased authentication
>+.Sh SYNOPSIS
>+.Nm
>+.Sh DESCRIPTION
>+.Nm
>+is used by
>+.Xr ssh 1
>+to access the local host keys and generate the digital signature
>+required during hostbased authentication with SSH protocol version 2.
>+.Pp
>+.Nm
>+is disabled by default and can only be enabled in the
>+global client configuration file
>+.Pa /usr/etc/ssh_config
>+by setting
>+.Cm EnableSSHKeysign
>+to
>+.Dq yes .
>+.Pp
>+.Nm
>+is not intended to be invoked by the user, but from
>+.Xr ssh 1 .
>+See
>+.Xr ssh 1
>+and
>+.Xr sshd 8
>+for more information about hostbased authentication.
>+.Sh FILES
>+.Bl -tag -width Ds
>+.It Pa /usr/etc/ssh_config
>+Controls whether
>+.Nm
>+is enabled.
>+.It Pa /usr/etc/ssh_host_dsa_key, /usr/etc/ssh_host_rsa_key
>+These files contain the private parts of the host keys used to
>+generate the digital signature.
>+They should be owned by root, readable only by root, and not
>+accessible to others.
>+Since they are readable only by root,
>+.Nm
>+must be set-uid root if hostbased authentication is used.
>+.El
>+.Sh SEE ALSO
>+.Xr ssh 1 ,
>+.Xr ssh-keygen 1 ,
>+.Xr ssh_config 5 ,
>+.Xr sshd 8
>+.Sh HISTORY
>+.Nm
>+first appeared in
>+.Ox 3.2 .
>+.Sh AUTHORS
>+.An Markus Friedl Aq markus@openbsd.org
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh_prng_cmds openssh-4.3p2-transproxy/ssh_prng_cmds
>--- /home/lb/net/src/openssh-4.3p2/ssh_prng_cmds	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh_prng_cmds	2007-03-11 23:47:56.000000000 +0100
>@@ -0,0 +1,75 @@
>+# entropy gathering commands
>+
>+# Format is: "program-name args" path rate
>+
>+# The "rate" represents the number of bits of usuable entropy per
>+# byte of command output. Be conservative.
>+#
>+# $Id: ssh_prng_cmds.in,v 1.9 2003/11/21 12:48:56 djm Exp $
>+
>+"ls -alni /var/log"			/bin/ls	0.02
>+"ls -alni /var/adm"			/bin/ls	0.02
>+"ls -alni /usr/adm"                     /bin/ls       0.02
>+"ls -alni /var/mail"			/bin/ls	0.02
>+"ls -alni /usr/mail"                    /bin/ls       0.02
>+"ls -alni /var/adm/syslog"		/bin/ls	0.02
>+"ls -alni /usr/adm/syslog"		/bin/ls	0.02
>+"ls -alni /var/spool/mail"		/bin/ls	0.02
>+"ls -alni /proc"			/bin/ls	0.02
>+"ls -alni /tmp"				/bin/ls	0.02
>+"ls -alni /var/tmp"			/bin/ls	0.02
>+"ls -alni /usr/tmp"			/bin/ls	0.02
>+"ls -alTi /var/log"			/bin/ls	0.02
>+"ls -alTi /var/adm"			/bin/ls	0.02
>+"ls -alTi /var/mail"			/bin/ls	0.02
>+"ls -alTi /var/adm/syslog"		/bin/ls	0.02
>+"ls -alTi /var/spool/mail"		/bin/ls	0.02
>+"ls -alTi /proc"			/bin/ls	0.02
>+"ls -alTi /tmp"				/bin/ls	0.02
>+"ls -alTi /var/tmp"			/bin/ls	0.02
>+"ls -alTi /usr/tmp"			/bin/ls	0.02
>+
>+"netstat -an"				/bin/netstat	0.05
>+"netstat -in"				/bin/netstat	0.05
>+"netstat -rn"				/bin/netstat	0.02
>+"netstat -pn"				/bin/netstat	0.02
>+"netstat -ia"                           /bin/netstat  0.05
>+"netstat -s"				/bin/netstat	0.02
>+"netstat -is"				/bin/netstat	0.07
>+
>+"arp -n -a"				/usr/sbin/arp	0.02
>+
>+"ifconfig -a"				/sbin/ifconfig	0.02
>+
>+"ps laxww"				/bin/ps	0.03
>+"ps -al"				/bin/ps	0.03
>+"ps -efl"				/bin/ps	0.03
>+"jstat"				        /usr/bin/jstat    0.07
>+
>+"w"					/usr/bin/w	0.05
>+
>+"who -i"				/usr/bin/who	0.01
>+
>+"last"					/usr/bin/last	0.01
>+
>+"lastlog"				/usr/bin/lastlog	0.01
>+
>+"df"					/bin/df	0.01
>+"df -i"					/bin/df	0.01
>+
>+"sar -d"				undef	0.04
>+
>+"vmstat"				/usr/bin/vmstat	0.01
>+"uptime"				/usr/bin/uptime	0.01
>+
>+"ipcs -a"				/usr/bin/ipcs	0.01
>+
>+"tail -200 /var/log/messages"		/usr/bin/tail	0.01
>+"tail -200 /var/log/syslog"		/usr/bin/tail	0.01
>+"tail -200 /var/adm/messages"		/usr/bin/tail	0.01
>+"tail -200 /var/adm/syslog"		/usr/bin/tail	0.01
>+"tail -200 /var/adm/syslog/syslog.log"	/usr/bin/tail	0.01
>+"tail -200 /var/log/maillog"		/usr/bin/tail	0.01
>+"tail -200 /var/adm/maillog"		/usr/bin/tail	0.01
>+"tail -200 /var/adm/syslog/mail.log"	/usr/bin/tail	0.01
>+
>Binary files /home/lb/net/src/openssh-4.3p2/ssh-rand-helper and openssh-4.3p2-transproxy/ssh-rand-helper differ
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/ssh-rand-helper.8.out openssh-4.3p2-transproxy/ssh-rand-helper.8.out
>--- /home/lb/net/src/openssh-4.3p2/ssh-rand-helper.8.out	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/ssh-rand-helper.8.out	2007-03-12 00:21:46.000000000 +0100
>@@ -0,0 +1,94 @@
>+.\" $Id: ssh-rand-helper.8,v 1.2 2003/11/21 12:48:56 djm Exp $
>+.\"
>+.\" Copyright (c) 2002 Damien Miller.  All rights reserved.
>+.\"
>+.\" Redistribution and use in source and binary forms, with or without
>+.\" modification, are permitted provided that the following conditions
>+.\" are met:
>+.\" 1. Redistributions of source code must retain the above copyright
>+.\"    notice, this list of conditions and the following disclaimer.
>+.\" 2. Redistributions in binary form must reproduce the above copyright
>+.\"    notice, this list of conditions and the following disclaimer in the
>+.\"    documentation and/or other materials provided with the distribution.
>+.\"
>+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
>+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
>+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
>+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
>+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
>+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
>+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
>+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
>+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
>+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
>+.\"
>+.Dd April 14, 2002
>+.Dt SSH-RAND-HELPER 8
>+.Os
>+.Sh NAME
>+.Nm ssh-rand-helper
>+.Nd Random number gatherer for OpenSSH
>+.Sh SYNOPSIS
>+.Nm ssh-rand-hlper
>+.Op Fl vxXh
>+.Op Fl b Ar bytes
>+.Sh DESCRIPTION
>+.Nm
>+is a small helper program used by
>+.Xr ssh 1 ,
>+.Xr ssh-add 1 ,
>+.Xr ssh-agent 1 ,
>+.Xr ssh-keygen 1 ,
>+.Xr ssh-keyscan 1
>+and
>+.Xr sshd 8
>+to gather random numbers of cryptographic quality if the
>+.Xr openssl 4
>+library has not been configured to provide them itself.
>+.Pp
>+Normally
>+.Nm
>+will generate a strong random seed and provide it to the calling
>+program via standard output. If standard output is a tty,
>+.Nm
>+will instead print the seed in hexidecimal format unless told otherwise.
>+.Pp
>+.Nm
>+will by default gather random numbers from the system commands listed
>+in
>+.Pa /usr/etc/ssh_prng_cmds .
>+The output of each of the commands listed will be hashed and used to
>+generate a random seed for the calling program.
>+.Nm
>+will also store seed files in
>+.Pa ~/.ssh/prng_seed
>+between executions.
>+.Pp
>+Alternately,
>+.Nm
>+may be configured at build time to collect random numbers from a
>+EGD/PRNGd server via a unix domain or localhost tcp socket.
>+.Pp
>+This program is not intended to be run by the end-user, so the few
>+commandline options are for debugging purposes only.
>+.Bl -tag -width Ds
>+.It Fl b Ar bytes
>+Specify the number of random bytes to include in the output.
>+.It Fl x
>+Output a hexidecimal instead of a binary seed.
>+.It Fl X
>+Force output of a binary seed, even if standard output is a tty
>+.It Fl v
>+Turn on debugging message. Multiple
>+.Fl v
>+options will increase the debugging level.
>+.Fl h
>+Display a summary of options.
>+.El
>+.Sh AUTHORS
>+Damien Miller <djm@mindrot.org>
>+.Sh SEE ALSO
>+.Xr ssh 1 ,
>+.Xr ssh-add 1 ,
>+.Xr ssh-keygen 1 ,
>+.Xr sshd 8
>diff --exclude-from=/home/lb/pers/share/exclude -urNdp /home/lb/net/src/openssh-4.3p2/survey.sh openssh-4.3p2-transproxy/survey.sh
>--- /home/lb/net/src/openssh-4.3p2/survey.sh	1970-01-01 01:00:00.000000000 +0100
>+++ openssh-4.3p2-transproxy/survey.sh	2007-03-11 23:47:56.000000000 +0100
>@@ -0,0 +1,69 @@
>+#!/bin/sh
>+#
>+# Copyright (c) 2004, 2005 Darren Tucker
>+#
>+# Permission to use, copy, modify, and distribute this software for any
>+# purpose with or without fee is hereby granted, provided that the above
>+# copyright notice and this permission notice appear in all copies.
>+#
>+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
>+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
>+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
>+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
>+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
>+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
>+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
>+
>+host="x86_64-unknown-linux-gnu"
>+AWK="gawk"
>+CC="gcc"
>+CPP="gcc -E"
>+CFLAGS="-g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wno-pointer-sign -std=gnu99 "
>+CPPFLAGS=""
>+LDFLAGS=""
>+LIBS="-lcrypto -lutil -lz -lnsl  -lcrypt -lresolv -lresolv"
>+
>+# Note format:
>+# identifier: [data] CRCR
>+
>+echo "openssh-survey-version: 1"
>+echo
>+echo "openssh-version: `./ssh -V 2>&1`"
>+echo
>+configinv=`$AWK '/^  \\\$.*configure/' config.log | sed 's/^  \\\$ //g'`
>+echo "configure-invocation: $configinv"
>+echo
>+echo "host: $host"
>+echo
>+echo "uname: `uname`"
>+echo
>+echo "uname-r: `uname -r`"
>+echo
>+echo "uname-m: `uname -m`"
>+echo
>+echo "uname-p: `uname -p`"
>+echo
>+echo "oslevel: `oslevel 2>/dev/null`"
>+echo
>+echo "oslevel-r: `oslevel -r 2>/dev/null`"
>+echo
>+echo "cc: $CC"
>+echo
>+echo "cflags: $CFLAGS"
>+echo
>+echo "cppflags: $CPPFLAGS"
>+echo
>+echo "ldflags: $LDFLAGS"
>+echo
>+echo "libs: $LIBS"
>+echo
>+echo "ccver-v: `$CC -v 2>&1 | sed '/^[ \t]*$/d'`"
>+echo
>+echo "ccver-V: `$CC -V 2>&1 | sed '/^[ \t]*$/d'`"
>+echo
>+echo "cppdefines:"
>+${CPP} -dM - </dev/null
>+echo
>+echo "config.h:"
>+egrep '#define|#undef' config.h
>+echo

Actions: View | Diff

Attachments on bug 1295: 1249 | 1250 | 1251