summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/sshd_config.5
AgeCommit message (Expand)Author
2013-04-19document the requirment that the AuthorizedKeysCommand be owned by root;Damien Miller
2013-03-07add submethod support to AuthenticationMethods; ok and freedback djm@Markus Friedl
2013-02-06Change default of MaxStartups to 10:30:100 to start doing random earlyDarren Tucker
2013-01-18tweak previous;Jason McIntyre
2013-01-17add support for Key Revocation Lists (KRLs). These are a compact way toDamien Miller
2013-01-08support AES-GCM as defined in RFC 5647 (but with simpler KEX handling)Markus Friedl
2012-12-11add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithmsMarkus Friedl
2012-12-03tweak previous;Jason McIntyre
2012-12-02make AllowTcpForwarding accept "local" and "remote" in addition to itsDamien Miller
2012-11-04Support multiple required authentication via an AuthenticationMethodsDamien Miller
2012-11-04Remove default of AuthorizedCommandUser. Administrators are now expectedDamien Miller
2012-10-31tweak previous;Jason McIntyre
2012-10-30new sshd_config option AuthorizedKeysCommand to support fetchingDamien Miller
2012-10-04add umac128 variant; ok djm@ at n2k12Markus Friedl
2012-06-29match the documented MAC order of preference to the actual one; ok dtucker@Christian Weisgerber
2012-06-28Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removedDarren Tucker
2012-06-19tweak previous; ok markusJason McIntyre
2012-06-19sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups}Markus Friedl
2012-05-19Document PermitOpen none. bz#2001, patch from Loganaden VelvindronDarren Tucker
2012-05-13Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust testsDarren Tucker
2012-04-12mention AuthorizedPrincipalsFile=none defaultDamien Miller
2012-04-12VersionAddendum option to allow server operators to append some arbitraryDamien Miller
2011-09-09fix typo in IPQoS parsing: there is no "AF14" class, but there isDamien Miller
2011-08-02Add new SHA256 and SHA512 based HMAC modes fromDamien Miller
2011-06-22introduce sandboxing of the pre-auth privsep child using systrace(4).Damien Miller
2011-05-23tweak previous; ok djmJason McIntyre
2011-05-23allow AuthorizedKeysFile to specify multiple files, separated by spaces.Damien Miller
2010-12-08explain that IPQoS arguments are separated by whitespace; iirc requestedDamien Miller
2010-11-18add IPQoS to the various -o lists, and zap some trailing whitespace;Jason McIntyre
2010-11-13allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead ofDamien Miller
2010-10-28knock out some "-*- nroff -*-" lines;Jason McIntyre
2010-09-22add a KexAlgorithms knob to the client and server configuration to allowDamien Miller
2010-08-31Implement Elliptic Curve Cryptography modes for key exchange (ECDH) andDamien Miller
2010-06-30tweak previous;Jason McIntyre
2010-06-29allow key options (command="..." and friends) in AuthorizedPrincipals;Damien Miller
2010-06-22expose some more sshd_config options inside Match blocks:Damien Miller
2010-05-07tweak previous;Jason McIntyre
2010-05-07add some optional indirection to matching of principal names listedDamien Miller
2010-03-04missing word; spotted by jmc@Damien Miller
2010-03-04tweak previous;Jason McIntyre
2010-03-04Add a TrustedUserCAKeys option to sshd_config to specify CA keys thatDamien Miller
2010-02-26Add support for certificate key types for users and hosts.Damien Miller
2010-01-09Remove RoutingDomain from ssh since it's now not needed. It can be replacedDarren Tucker
2009-12-29sort previous;Jason McIntyre
2009-12-29Rename RDomain config option to RoutingDomain to be more clear andKevin Steves
2009-12-19try to clarify ChrootDirectory pathname argument a bit; resulting fromKevin Steves
2009-11-10clarify that StrictModes does not apply to ChrootDirectory. PermissionsDamien Miller
2009-10-28tweak previous;Jason McIntyre
2009-10-28Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan.Reyk Floeter
2009-10-08some tweaks now that protocol 1 is not offered by default; ok markusJason McIntyre
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-24 16:43:15 +0000