diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2019-12-10 22:43:20 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2019-12-10 22:43:20 +0000 |
| commit | 81cf4ad0d3392f4378860219aac1a2a6377e81c5 (patch) | |
| tree | 9ff9db77d330bc32152404826a45ce08b895e0ae /usr.bin/ssh/myproposal.h | |
| parent | 03acfdc30cfec502853e20e11d317e6896820bb7 (diff) | |
add security key types to list of keys allowed to act as CAs;
spotted by Ron Frederick
Diffstat (limited to 'usr.bin/ssh/myproposal.h')
| -rw-r--r-- | usr.bin/ssh/myproposal.h | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/usr.bin/ssh/myproposal.h b/usr.bin/ssh/myproposal.h index 4cbb401d3d6..f1c0eb7454c 100644 --- a/usr.bin/ssh/myproposal.h +++ b/usr.bin/ssh/myproposal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: myproposal.h,v 1.61 2019/11/12 19:33:08 markus Exp $ */ +/* $OpenBSD: myproposal.h,v 1.62 2019/12/10 22:43:19 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -82,7 +82,9 @@ "ecdsa-sha2-nistp256," \ "ecdsa-sha2-nistp384," \ "ecdsa-sha2-nistp521," \ + "sk-ecdsa-sha2-nistp256@openssh.com," \ "ssh-ed25519," \ + "sk-ssh-ed25519@openssh.com," \ "rsa-sha2-512," \ "rsa-sha2-256," \ "ssh-rsa" @@ -135,7 +137,7 @@ #define KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT #define KEX_CLIENT_MAC KEX_SERVER_MAC -#define SSH_ALLOWED_CA_SIGALGS "ssh-ed25519" +#define SSH_ALLOWED_CA_SIGALGS "ssh-ed25519,sk-ssh-ed25519@openssh.com" #endif /* WITH_OPENSSL */ |