diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-10-03 04:15:06 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-10-03 14:34:06 +1000 |
commit | 12ae8f95e2e0c273e9e7ef930b01a028ef796a3f (patch) | |
tree | 20cae31190eb33e9000e178f99824c3340c07e4c /ssh_config.5 | |
parent | e5ed753add7aa8eed6b167e44db6240a76404db2 (diff) | |
download | openssh-git-12ae8f95e2e0c273e9e7ef930b01a028ef796a3f.tar.gz |
upstream: prefer ed25519 signature algorithm variants to ECDSA; ok
markus@
OpenBSD-Commit-ID: 82187926fca96d35a5b5afbc091afa84e0966e5b
Diffstat (limited to 'ssh_config.5')
-rw-r--r-- | ssh_config.5 | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index 6be1f1aa..e769493a 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.332 2020/08/11 09:49:57 djm Exp $ -.Dd $Mdocdate: August 11 2020 $ +.\" $OpenBSD: ssh_config.5,v 1.333 2020/10/03 04:15:06 djm Exp $ +.Dd $Mdocdate: October 3 2020 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -372,8 +372,8 @@ Specifies which algorithms are allowed for signing of certificates by certificate authorities (CAs). The default is: .Bd -literal -offset indent -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa +ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, +ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp .Xr ssh 1 @@ -825,18 +825,19 @@ character, then the specified key types will be placed at the head of the default set. The default for this option is: .Bd -literal -offset 3n +ssh-ed25519-cert-v01@openssh.com, ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, -sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, -ssh-ed25519-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, +sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, +ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, -ssh-ed25519,sk-ssh-ed25519@openssh.com, rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp @@ -862,18 +863,19 @@ character, then the specified key types will be placed at the head of the default set. The default for this option is: .Bd -literal -offset 3n +ssh-ed25519-cert-v01@openssh.com, ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, -sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, -ssh-ed25519-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, +sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, +ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ecdsa-sha2-nistp256@openssh.com, -ssh-ed25519,sk-ssh-ed25519@openssh.com, +sk-ssh-ed25519@openssh.com, rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp @@ -1361,18 +1363,19 @@ character, then the specified key types will be placed at the head of the default set. The default for this option is: .Bd -literal -offset 3n +ssh-ed25519-cert-v01@openssh.com, ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, -sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, -ssh-ed25519-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, +sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, +ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, -ssh-ed25519,sk-ssh-ed25519@openssh.com, rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp |