upstream commit

mention ssh -Q feature to list supported { MAC, cipher,
 KEX, key } algorithms in more places and include the query string used to
 list the relevant information; bz#2288

2 files changed, 44 insertions, 5 deletions

diff --git a/ssh_config.5 b/ssh_config.5
index 33da983e..7a5dd52c 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.197 2014/12/21 23:12:42 djm Exp $
-.Dd $Mdocdate: December 21 2014 $
+.\" $OpenBSD: ssh_config.5,v 1.198 2014/12/22 09:05:17 djm Exp $
+.Dd $Mdocdate: December 22 2014 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -417,7 +417,9 @@ aes192-cbc,aes256-cbc,arcfour
 The list of available ciphers may also be obtained using the
 .Fl Q
 option of
-.Xr ssh 1 .
+.Xr ssh 1
+with an argument of
+.Dq cipher .
 .It Cm ClearAllForwardings
 Specifies that all local, remote, and dynamic port forwardings
 specified in the configuration files or on the command line be
@@ -793,6 +795,13 @@ ssh-ed25519,ssh-rsa,ssh-dss
 .Pp
 If hostkeys are known for the destination host then this default is modified
 to prefer their algorithms.
+.Pp
+The list of available key types may also be obtained using the
+.Fl Q
+option of
+.Xr ssh 1
+with an argument of
+.Dq key .
 .It Cm HostKeyAlias
 Specifies an alias that should be used instead of the
 real host name when looking up or saving the host key
@@ -963,6 +972,13 @@ diffie-hellman-group14-sha1,
 diffie-hellman-group-exchange-sha1,
 diffie-hellman-group1-sha1
 .Ed
+.Pp
+The list of available key exchange algorithms may also be obtained using the
+.Fl Q
+option of
+.Xr ssh 1
+with an argument of
+.Dq kex .
 .It Cm LocalCommand
 Specifies a command to execute on the local machine after successfully
 connecting to the server.
@@ -1052,6 +1068,13 @@ hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,
 hmac-md5,hmac-sha1,hmac-ripemd160,
 hmac-sha1-96,hmac-md5-96
 .Ed
+.Pp
+The list of available MAC algorithms may also be obtained using the
+.Fl Q
+option of
+.Xr ssh 1
+with an argument of
+.Dq mac .
 .It Cm NoHostAuthenticationForLocalhost
 This option can be used if the home directory is shared across machines.
 In this case localhost will refer to a different machine on each of
diff --git a/sshd_config.5 b/sshd_config.5
index b48088e4..cec2a023 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,7 +33,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.187 2014/12/22 08:24:17 jmc Exp $
+.\" $OpenBSD: sshd_config.5,v 1.188 2014/12/22 09:05:17 djm Exp $
 .Dd $Mdocdate: December 22 2014 $
 .Dt SSHD_CONFIG 5
 .Os
@@ -418,7 +418,9 @@ chacha20-poly1305@openssh.com
 The list of available ciphers may also be obtained using the
 .Fl Q
 option of
-.Xr ssh 1 .
+.Xr ssh 1
+with an argument of
+.Dq cipher .
 .It Cm ClientAliveCountMax
 Sets the number of client alive messages (see below) which may be
 sent without
@@ -760,6 +762,13 @@ ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
 diffie-hellman-group-exchange-sha256,
 diffie-hellman-group14-sha1
 .Ed
+.Pp
+The list of available key exchange algorithms may also be obtained using the
+.Fl Q
+option of
+.Xr ssh 1
+with an argument of
+.Dq kex .
 .It Cm KeyRegenerationInterval
 In protocol version 1, the ephemeral server key is automatically regenerated
 after this many seconds (if it has been used).
@@ -878,6 +887,13 @@ hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
 umac-64@openssh.com,umac-128@openssh.com,
 hmac-sha2-256,hmac-sha2-512
 .Ed
+.Pp
+The list of available MAC algorithms may also be obtained using the
+.Fl Q
+option of
+.Xr ssh 1
+with an argument of
+.Dq mac .
 .It Cm Match
 Introduces a conditional block.
 If all of the criteria on the