diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2020-10-03 04:15:07 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2020-10-03 04:15:07 +0000 |
| commit | f03459d60436903aa8aa853f80c9050fd4c57b18 (patch) | |
| tree | 11586da85b407a22c4987cb65a600b0c693e2254 /usr.bin/ssh/ssh_config.5 | |
| parent | e30d8da4c83eb920858fa02926ceb22ceca9c3c2 (diff) | |
prefer ed25519 signature algorithm variants to ECDSA; ok markus@
Diffstat (limited to 'usr.bin/ssh/ssh_config.5')
| -rw-r--r-- | usr.bin/ssh/ssh_config.5 | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index 768520c9066..6157d6872b4 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.332 2020/08/11 09:49:57 djm Exp $ -.Dd $Mdocdate: August 11 2020 $ +.\" $OpenBSD: ssh_config.5,v 1.333 2020/10/03 04:15:06 djm Exp $ +.Dd $Mdocdate: October 3 2020 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -372,8 +372,8 @@ Specifies which algorithms are allowed for signing of certificates by certificate authorities (CAs). The default is: .Bd -literal -offset indent -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa +ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, +ecdsa-sha2-nistp521,rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp .Xr ssh 1 @@ -825,18 +825,19 @@ character, then the specified key types will be placed at the head of the default set. The default for this option is: .Bd -literal -offset 3n +ssh-ed25519-cert-v01@openssh.com, ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, -sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, -ssh-ed25519-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, +sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, +ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, -ssh-ed25519,sk-ssh-ed25519@openssh.com, rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp @@ -862,18 +863,19 @@ character, then the specified key types will be placed at the head of the default set. The default for this option is: .Bd -literal -offset 3n +ssh-ed25519-cert-v01@openssh.com, ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, -sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, -ssh-ed25519-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, +sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, +ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ecdsa-sha2-nistp256@openssh.com, -ssh-ed25519,sk-ssh-ed25519@openssh.com, +sk-ssh-ed25519@openssh.com, rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp @@ -1362,18 +1364,19 @@ character, then the specified key types will be placed at the head of the default set. The default for this option is: .Bd -literal -offset 3n +ssh-ed25519-cert-v01@openssh.com, ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, -sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, -ssh-ed25519-cert-v01@openssh.com, sk-ssh-ed25519-cert-v01@openssh.com, +sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, +ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, +sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, -ssh-ed25519,sk-ssh-ed25519@openssh.com, rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp |