diff options
| author | Jason McIntyre <jmc@cvs.openbsd.org> | 2018-09-20 06:58:49 +0000 |
|---|---|---|
| committer | Jason McIntyre <jmc@cvs.openbsd.org> | 2018-09-20 06:58:49 +0000 |
| commit | cfb0766305a7c1c25aef644afe2cca38cac40889 (patch) | |
| tree | 1ab87d16cbc8351f518f81a3b7291ff12634e937 | |
| parent | 41319ca2eb63f4022311cede1763108f5f5bd348 (diff) | |
reorder CASignatureAlgorithms, and add them to the various -o lists;
ok djm
| -rw-r--r-- | usr.bin/ssh/scp.1 | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/sftp.1 | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.1 | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh_config.5 | 26 |
4 files changed, 22 insertions, 19 deletions
diff --git a/usr.bin/ssh/scp.1 b/usr.bin/ssh/scp.1 index 92abcaf075a..0e5cc1b2d67 100644 --- a/usr.bin/ssh/scp.1 +++ b/usr.bin/ssh/scp.1 @@ -8,9 +8,9 @@ .\" .\" Created: Sun May 7 00:14:37 1995 ylo .\" -.\" $OpenBSD: scp.1,v 1.80 2018/07/19 10:28:47 dtucker Exp $ +.\" $OpenBSD: scp.1,v 1.81 2018/09/20 06:58:48 jmc Exp $ .\" -.Dd $Mdocdate: July 19 2018 $ +.Dd $Mdocdate: September 20 2018 $ .Dt SCP 1 .Os .Sh NAME @@ -130,6 +130,7 @@ For full details of the options listed below, and their possible values, see .It CanonicalizeHostname .It CanonicalizeMaxDots .It CanonicalizePermittedCNAMEs +.It CASignatureAlgorithms .It CertificateFile .It ChallengeResponseAuthentication .It CheckHostIP diff --git a/usr.bin/ssh/sftp.1 b/usr.bin/ssh/sftp.1 index a25d3890b46..0fd54cae090 100644 --- a/usr.bin/ssh/sftp.1 +++ b/usr.bin/ssh/sftp.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: sftp.1,v 1.119 2018/07/23 19:53:55 jmc Exp $ +.\" $OpenBSD: sftp.1,v 1.120 2018/09/20 06:58:48 jmc Exp $ .\" .\" Copyright (c) 2001 Damien Miller. All rights reserved. .\" @@ -22,7 +22,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 23 2018 $ +.Dd $Mdocdate: September 20 2018 $ .Dt SFTP 1 .Os .Sh NAME @@ -200,6 +200,7 @@ For full details of the options listed below, and their possible values, see .It CanonicalizeHostname .It CanonicalizeMaxDots .It CanonicalizePermittedCNAMEs +.It CASignatureAlgorithms .It CertificateFile .It ChallengeResponseAuthentication .It CheckHostIP diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index 191f35ad472..7760c307596 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.398 2018/09/12 01:30:10 djm Exp $ -.Dd $Mdocdate: September 12 2018 $ +.\" $OpenBSD: ssh.1,v 1.399 2018/09/20 06:58:48 jmc Exp $ +.Dd $Mdocdate: September 20 2018 $ .Dt SSH 1 .Os .Sh NAME @@ -469,6 +469,7 @@ For full details of the options listed below, and their possible values, see .It CanonicalizeHostname .It CanonicalizeMaxDots .It CanonicalizePermittedCNAMEs +.It CASignatureAlgorithms .It CertificateFile .It ChallengeResponseAuthentication .It CheckHostIP diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index 38f177fa43a..e8d881789d7 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -33,7 +33,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.282 2018/09/20 03:30:44 djm Exp $ +.\" $OpenBSD: ssh_config.5,v 1.283 2018/09/20 06:58:48 jmc Exp $ .Dd $Mdocdate: September 20 2018 $ .Dt SSH_CONFIG 5 .Os @@ -261,18 +261,6 @@ Only useful on systems with more than one address. .It Cm BindInterface Use the address of the specified interface on the local machine as the source address of the connection. -.It Cm CASignatureAlgorithms -Specifies which algorithms are allowed for signing of certificates -by certificate authorities (CAs). -The default is: -.Bd -literal -offset indent -ecdsa-sha2-nistp256.ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa -.Ed -.Pp -.Xr ssh 1 -will not accept host certificates signed using algorithms other than those -specified. .It Cm CanonicalDomains When .Cm CanonicalizeHostname @@ -348,6 +336,18 @@ to be canonicalized to names in the or .Qq *.c.example.com domains. +.It Cm CASignatureAlgorithms +Specifies which algorithms are allowed for signing of certificates +by certificate authorities (CAs). +The default is: +.Bd -literal -offset indent +ecdsa-sha2-nistp256.ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa +.Ed +.Pp +.Xr ssh 1 +will not accept host certificates signed using algorithms other than those +specified. .It Cm CertificateFile Specifies a file from which the user's certificate is read. A corresponding private key must be provided separately in order |