diff options
author | djm <djm> | 2010-09-24 12:11:14 +0000 |
---|---|---|
committer | djm <djm> | 2010-09-24 12:11:14 +0000 |
commit | b94d6d23e18de0c96fc879a55b0038f3439b6445 (patch) | |
tree | 589d4e7cae3b6a985221bb44594bffd71967a542 /sshd_config.5 | |
parent | 3ce5229f5979266ffc973d85773e27643bd799a3 (diff) | |
download | openssh-b94d6d23e18de0c96fc879a55b0038f3439b6445.tar.gz |
- djm@cvs.openbsd.org 2010/09/22 05:01:30
[kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
[servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
add a KexAlgorithms knob to the client and server configuration to allow
selection of which key exchange methods are used by ssh(1) and sshd(8)
and their order of preference.
ok markus@
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index af3d89b8..d87f6024 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.126 2010/08/31 11:54:45 djm Exp $ -.Dd $Mdocdate: August 31 2010 $ +.\" $OpenBSD: sshd_config.5,v 1.127 2010/09/22 05:01:30 djm Exp $ +.Dd $Mdocdate: September 22 2010 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -538,6 +538,17 @@ Specifies whether to automatically destroy the user's ticket cache file on logout. The default is .Dq yes . +.It Cm KexAlgorithms +Specifies the available KEX (Key Exchange) algorithms. +Multiple algorithms must be comma-separated. +The default is +.Dq ecdh-sha2-nistp256 , +.Dq ecdh-sha2-nistp384 , +.Dq ecdh-sha2-nistp521 , +.Dq diffie-hellman-group-exchange-sha256 , +.Dq diffie-hellman-group-exchange-sha1 , +.Dq diffie-hellman-group14-sha1 , +.Dq diffie-hellman-group1-sha1 . .It Cm KeyRegenerationInterval In protocol version 1, the ephemeral server key is automatically regenerated after this many seconds (if it has been used). |