mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-12-22 10:00:14 +00:00
upstream: reorder CASignatureAlgorithms, and add them to the
various -o lists; ok djm OpenBSD-Commit-ID: ecb88baecc3c54988b4d1654446ea033da359288
This commit is contained in:
parent
aa083aa962
commit
e6933a2ffa
5
scp.1
5
scp.1
@ -8,9 +8,9 @@
|
||||
.\"
|
||||
.\" Created: Sun May 7 00:14:37 1995 ylo
|
||||
.\"
|
||||
.\" $OpenBSD: scp.1,v 1.80 2018/07/19 10:28:47 dtucker Exp $
|
||||
.\" $OpenBSD: scp.1,v 1.81 2018/09/20 06:58:48 jmc Exp $
|
||||
.\"
|
||||
.Dd $Mdocdate: July 19 2018 $
|
||||
.Dd $Mdocdate: September 20 2018 $
|
||||
.Dt SCP 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -130,6 +130,7 @@ For full details of the options listed below, and their possible values, see
|
||||
.It CanonicalizeHostname
|
||||
.It CanonicalizeMaxDots
|
||||
.It CanonicalizePermittedCNAMEs
|
||||
.It CASignatureAlgorithms
|
||||
.It CertificateFile
|
||||
.It ChallengeResponseAuthentication
|
||||
.It CheckHostIP
|
||||
|
5
sftp.1
5
sftp.1
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: sftp.1,v 1.119 2018/07/23 19:53:55 jmc Exp $
|
||||
.\" $OpenBSD: sftp.1,v 1.120 2018/09/20 06:58:48 jmc Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2001 Damien Miller. All rights reserved.
|
||||
.\"
|
||||
@ -22,7 +22,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd $Mdocdate: July 23 2018 $
|
||||
.Dd $Mdocdate: September 20 2018 $
|
||||
.Dt SFTP 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -200,6 +200,7 @@ For full details of the options listed below, and their possible values, see
|
||||
.It CanonicalizeHostname
|
||||
.It CanonicalizeMaxDots
|
||||
.It CanonicalizePermittedCNAMEs
|
||||
.It CASignatureAlgorithms
|
||||
.It CertificateFile
|
||||
.It ChallengeResponseAuthentication
|
||||
.It CheckHostIP
|
||||
|
5
ssh.1
5
ssh.1
@ -33,8 +33,8 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: ssh.1,v 1.398 2018/09/12 01:30:10 djm Exp $
|
||||
.Dd $Mdocdate: September 12 2018 $
|
||||
.\" $OpenBSD: ssh.1,v 1.399 2018/09/20 06:58:48 jmc Exp $
|
||||
.Dd $Mdocdate: September 20 2018 $
|
||||
.Dt SSH 1
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -469,6 +469,7 @@ For full details of the options listed below, and their possible values, see
|
||||
.It CanonicalizeHostname
|
||||
.It CanonicalizeMaxDots
|
||||
.It CanonicalizePermittedCNAMEs
|
||||
.It CASignatureAlgorithms
|
||||
.It CertificateFile
|
||||
.It ChallengeResponseAuthentication
|
||||
.It CheckHostIP
|
||||
|
26
ssh_config.5
26
ssh_config.5
@ -33,7 +33,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: ssh_config.5,v 1.282 2018/09/20 03:30:44 djm Exp $
|
||||
.\" $OpenBSD: ssh_config.5,v 1.283 2018/09/20 06:58:48 jmc Exp $
|
||||
.Dd $Mdocdate: September 20 2018 $
|
||||
.Dt SSH_CONFIG 5
|
||||
.Os
|
||||
@ -261,18 +261,6 @@ Only useful on systems with more than one address.
|
||||
.It Cm BindInterface
|
||||
Use the address of the specified interface on the local machine as the
|
||||
source address of the connection.
|
||||
.It Cm CASignatureAlgorithms
|
||||
Specifies which algorithms are allowed for signing of certificates
|
||||
by certificate authorities (CAs).
|
||||
The default is:
|
||||
.Bd -literal -offset indent
|
||||
ecdsa-sha2-nistp256.ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
||||
ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
||||
.Ed
|
||||
.Pp
|
||||
.Xr ssh 1
|
||||
will not accept host certificates signed using algorithms other than those
|
||||
specified.
|
||||
.It Cm CanonicalDomains
|
||||
When
|
||||
.Cm CanonicalizeHostname
|
||||
@ -348,6 +336,18 @@ to be canonicalized to names in the
|
||||
or
|
||||
.Qq *.c.example.com
|
||||
domains.
|
||||
.It Cm CASignatureAlgorithms
|
||||
Specifies which algorithms are allowed for signing of certificates
|
||||
by certificate authorities (CAs).
|
||||
The default is:
|
||||
.Bd -literal -offset indent
|
||||
ecdsa-sha2-nistp256.ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
||||
ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
|
||||
.Ed
|
||||
.Pp
|
||||
.Xr ssh 1
|
||||
will not accept host certificates signed using algorithms other than those
|
||||
specified.
|
||||
.It Cm CertificateFile
|
||||
Specifies a file from which the user's certificate is read.
|
||||
A corresponding private key must be provided separately in order
|
||||
|
Loading…
Reference in New Issue
Block a user