From 5d67277c9f27a54d373e683a1d4e1ddf8c16ac25 Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@whonix.org>
Date: Wed, 20 Aug 2025 09:46:43 -0400
Subject: [PATCH] comments

---
 usr/lib/permission-hardener.d/25_default_whitelist_ssh.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/usr/lib/permission-hardener.d/25_default_whitelist_ssh.conf b/usr/lib/permission-hardener.d/25_default_whitelist_ssh.conf
index 7c825e7..3b84548 100644
--- a/usr/lib/permission-hardener.d/25_default_whitelist_ssh.conf
+++ b/usr/lib/permission-hardener.d/25_default_whitelist_ssh.conf
@@ -6,14 +6,14 @@
 ## configuration. When security-misc is updated, this file may be overwritten.
 
 ## Used for SSH client key management
-## https://manpages.debian.org/trixie/openssh-client/ssh-agent.1.en.html
+## https://manpages.debian.org/ssh-agent
 ## Debian installs ssh-agent with setgid permissions (2755) and with
 ## _ssh as the group to help mitigate ptrace attacks that could extract
 ## private keys from the agent's memory.
 ssh-agent matchwhitelist
 
 ## Used only for SSH host-based authentication
-## https://linux.die.net/man/8/ssh-keysign
+## https://manpages.debian.org/ssh-keysign
 ## Needed to allow access to the machine's host key for use in the
 ## authentication process. This is a non-default method of authenticating to
 ## SSH, and is likely rarely used, thus this should be safe to disable.