From c3368a5d5ec368ef6bdf9971d6330ca0e3bdca06 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Fri, 24 Jan 2020 00:28:57 +0000
Subject: upstream: remove ssh-rsa (SHA1) from the list of allowed CA

signature algorithms ok markus

OpenBSD-Commit-ID: da3481fca8c81e6951f319a86b7be67502237f57
---
 myproposal.h | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'myproposal.h')

diff --git a/myproposal.h b/myproposal.h
index dd2499d6..5312e605 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.66 2020/01/23 02:46:49 dtucker Exp $ */
+/* $OpenBSD: myproposal.h,v 1.67 2020/01/24 00:28:57 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -87,8 +87,7 @@
 	"ssh-ed25519," \
 	"sk-ssh-ed25519@openssh.com," \
 	"rsa-sha2-512," \
-	"rsa-sha2-256," \
-	"ssh-rsa"
+	"rsa-sha2-256"
 
 #define	KEX_DEFAULT_COMP	"none,zlib@openssh.com"
 #define	KEX_DEFAULT_LANG	""
-- 
cgit v1.2.1