upstream: Add sshd_config CASignatureAlgorithms option to allow

control over which signature algorithms a CA may use when signing certificates. In particular, this allows a sshd to ban certificates signed with RSA/SHA1. ok markus@ OpenBSD-Commit-ID: b05c86ef8b52b913ed48d54a9b9c1a7714d96bac
author: djm@openbsd.org <djm@openbsd.org> 2018-09-20 03:28:06 +0000
committer: Damien Miller <djm@mindrot.org> 2018-09-20 14:00:29 +1000
commit: 86e5737c39153af134158f24d0cab5827cbd5852 (patch)
tree: 1add30c99e83b544792233280451f70f03053586
parent: f80e68ea7d62e2dfafc12f1a60ab544ae4033a0f (diff)
5 files changed, 45 insertions, 9 deletions
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 73944bcb7..764ceff74 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-hostbased.c,v 1.37 2018/08/28 12:17:45 mestre Exp $ */
+/* $OpenBSD: auth2-hostbased.c,v 1.38 2018/09/20 03:28:06 djm Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@@ -112,6 +112,13 @@ userauth_hostbased(struct ssh *ssh)
                    __func__, sshkey_type(key));
                goto done;
        }
+        if ((r = sshkey_check_cert_sigtype(key,
+            options.ca_sign_algorithms)) != 0) {
+                logit("%s: certificate signature algorithm %s: %s", __func__,
+                    (key->cert == NULL || key->cert->signature_type == NULL) ?
+                    "(null)" : key->cert->signature_type, ssh_err(r));
+                goto done;
+        }
        if (!authctxt->valid || authctxt->user == NULL) {
                debug2("%s: disabled because of invalid user", __func__);
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index f9e4e2e7f..2fb5950ea 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-pubkey.c,v 1.85 2018/08/28 12:25:53 mestre Exp $ */
+/* $OpenBSD: auth2-pubkey.c,v 1.86 2018/09/20 03:28:06 djm Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 *
@@ -137,7 +137,13 @@ userauth_pubkey(struct ssh *ssh)
                    __func__, sshkey_ssh_name(key));
                goto done;
        }
+        if ((r = sshkey_check_cert_sigtype(key,
+            options.ca_sign_algorithms)) != 0) {
+                logit("%s: certificate signature algorithm %s: %s", __func__,
+                    (key->cert == NULL || key->cert->signature_type == NULL) ?
+                    "(null)" : key->cert->signature_type, ssh_err(r));
+                goto done;
+        }
        key_s = format_key(key);
        if (sshkey_is_cert(key))
                ca_s = format_key(key->cert->signature_key);
diff --git a/servconf.c b/servconf.c
index c0f6af0be..5411640fc 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.340 2018/08/12 20:19:13 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.341 2018/09/20 03:28:06 djm Exp $ */
 /*
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
@@ -145,6 +145,7 @@ initialize_server_options(ServerOptions *options)
        options->ciphers = NULL;
        options->macs = NULL;
        options->kex_algorithms = NULL;
+        options->ca_sign_algorithms = NULL;
        options->fwd_opts.gateway_ports = -1;
        options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;
        options->fwd_opts.streamlocal_bind_unlink = -1;
@@ -191,13 +192,14 @@ option_clear_or_none(const char *o)
 static void
 assemble_algorithms(ServerOptions *o)
 {
-        char *all_cipher, *all_mac, *all_kex, *all_key;
+        char *all_cipher, *all_mac, *all_kex, *all_key, *all_sig;
        int r;
        all_cipher = cipher_alg_list(',', 0);
        all_mac = mac_alg_list(',');
        all_kex = kex_alg_list(',');
        all_key = sshkey_alg_list(0, 0, 1, ',');
+        all_sig = sshkey_alg_list(0, 1, 1, ',');
 #define ASSEMBLE(what, defaults, all) \
        do { \
                if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \
@@ -209,11 +211,13 @@ assemble_algorithms(ServerOptions *o)
        ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key);
        ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
        ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
+        ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig);
 #undef ASSEMBLE
        free(all_cipher);
        free(all_mac);
        free(all_kex);
        free(all_key);
+        free(all_sig);
 }
 static void
@@ -487,7 +491,7 @@ typedef enum {
        sHostCertificate,
        sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
        sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser,
-        sKexAlgorithms, sIPQoS, sVersionAddendum,
+        sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum,
        sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
        sAuthenticationMethods, sHostKeyAgent, sPermitUserRC,
        sStreamLocalBindMask, sStreamLocalBindUnlink,
@@ -1431,6 +1435,10 @@ process_server_config_line(ServerOptions *options, char *line,
                charptr = &options->hostkeyalgorithms;
                goto parse_keytypes;
+        case sCASignatureAlgorithms:
+                charptr = &options->ca_sign_algorithms;
+                goto parse_keytypes;
        case sPubkeyAuthentication:
                intptr = &options->pubkey_authentication;
                goto parse_flag;
@@ -2601,6 +2609,8 @@ dump_config(ServerOptions *o)
        dump_cfg_string(sHostKeyAgent, o->host_key_agent);
        dump_cfg_string(sKexAlgorithms,
            o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX);
+        dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms ?
+            o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS);
        dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ?
            o->hostbased_key_types : KEX_DEFAULT_PK_ALG);
        dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ?
diff --git a/servconf.h b/servconf.h
index 557521d73..0175e00e8 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.136 2018/07/09 21:26:02 markus Exp $ */
+/* $OpenBSD: servconf.h,v 1.137 2018/09/20 03:28:06 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -110,6 +110,7 @@ typedef struct {
        int     hostbased_uses_name_from_packet_only; /* experimental */
        char   *hostbased_key_types;    /* Key types allowed for hostbased */
        char   *hostkeyalgorithms;      /* SSH2 server key types */
+        char   *ca_sign_algorithms;     /* Allowed CA signature algorithms */
        int     pubkey_authentication;  /* If true, permit ssh2 pubkey authentication. */
        char   *pubkey_key_types;       /* Key types allowed for public key */
        int     kerberos_authentication;        /* If true, permit Kerberos
@@ -242,6 +243,7 @@ struct connection_info {
                M_CP_STROPT(authorized_principals_command_user); \
                M_CP_STROPT(hostbased_key_types); \
                M_CP_STROPT(pubkey_key_types); \
+                M_CP_STROPT(ca_sign_algorithms); \
                M_CP_STROPT(routing_domain); \
                M_CP_STROPT(permit_user_env_whitelist); \
                M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \
diff --git a/sshd_config.5 b/sshd_config.5
index e1b54ba20..c6484370b 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.281 2018/07/20 05:01:10 djm Exp $
+.\" $OpenBSD: sshd_config.5,v 1.282 2018/09/20 03:28:06 djm Exp $
-.Dd $Mdocdate: July 20 2018 $
+.Dd $Mdocdate: September 20 2018 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -382,6 +382,17 @@ If the argument is
 .Cm none
 then no banner is displayed.
 By default, no banner is displayed.
+.It Cm CASignatureAlgorithms
+Specifies which algorithms are allowed for signing of certificates
+by certificate authorities (CAs).
+The default is:
+.Bd -literal -offset indent
+ecdsa-sha2-nistp256.ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
+ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
+.Ed
+.Pp
+Certificates signed using other algorithms will not be accepted for
+public key or host-based authentication.
 .It Cm ChallengeResponseAuthentication
 Specifies whether challenge-response authentication is allowed (e.g. via
 PAM or through authentication styles supported in
author	djm@openbsd.org <djm@openbsd.org>	2018-09-20 03:28:06 +0000
committer	Damien Miller <djm@mindrot.org>	2018-09-20 14:00:29 +1000
commit	86e5737c39153af134158f24d0cab5827cbd5852 (patch)
tree	1add30c99e83b544792233280451f70f03053586
parent	f80e68ea7d62e2dfafc12f1a60ab544ae4033a0f (diff)

diff --git a/auth2-hostbased.c b/auth2-hostbased.c index 73944bcb7..764ceff74 100644 --- a/auth2-hostbased.c +++ b/auth2-hostbased.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: auth2-hostbased.c,v 1.37 2018/08/28 12:17:45 mestre Exp $ */	1	/* $OpenBSD: auth2-hostbased.c,v 1.38 2018/09/20 03:28:06 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
4	*	4	*
@@ -112,6 +112,13 @@ userauth_hostbased(struct ssh *ssh)
112	__func__, sshkey_type(key));	112	__func__, sshkey_type(key));
113	goto done;	113	goto done;
114	}	114	}
		115	if ((r = sshkey_check_cert_sigtype(key,
		116	options.ca_sign_algorithms)) != 0) {
		117	logit("%s: certificate signature algorithm %s: %s", __func__,
		118	(key->cert == NULL \|\| key->cert->signature_type == NULL) ?
		119	"(null)" : key->cert->signature_type, ssh_err(r));
		120	goto done;
		121	}
115		122
116	if (!authctxt->valid \|\| authctxt->user == NULL) {	123	if (!authctxt->valid \|\| authctxt->user == NULL) {
117	debug2("%s: disabled because of invalid user", __func__);	124	debug2("%s: disabled because of invalid user", __func__);


diff --git a/auth2-pubkey.c b/auth2-pubkey.c index f9e4e2e7f..2fb5950ea 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: auth2-pubkey.c,v 1.85 2018/08/28 12:25:53 mestre Exp $ */	1	/* $OpenBSD: auth2-pubkey.c,v 1.86 2018/09/20 03:28:06 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
4	*	4	*
@@ -137,7 +137,13 @@ userauth_pubkey(struct ssh *ssh)
137	__func__, sshkey_ssh_name(key));	137	__func__, sshkey_ssh_name(key));
138	goto done;	138	goto done;
139	}	139	}
140		140	if ((r = sshkey_check_cert_sigtype(key,
		141	options.ca_sign_algorithms)) != 0) {
		142	logit("%s: certificate signature algorithm %s: %s", __func__,
		143	(key->cert == NULL \|\| key->cert->signature_type == NULL) ?
		144	"(null)" : key->cert->signature_type, ssh_err(r));
		145	goto done;
		146	}
141	key_s = format_key(key);	147	key_s = format_key(key);
142	if (sshkey_is_cert(key))	148	if (sshkey_is_cert(key))
143	ca_s = format_key(key->cert->signature_key);	149	ca_s = format_key(key->cert->signature_key);


diff --git a/servconf.c b/servconf.c index c0f6af0be..5411640fc 100644 --- a/servconf.c +++ b/servconf.c
@@ -1,5 +1,5 @@
1		1
2	/* $OpenBSD: servconf.c,v 1.340 2018/08/12 20:19:13 djm Exp $ */	2	/* $OpenBSD: servconf.c,v 1.341 2018/09/20 03:28:06 djm Exp $ */
3	/*	3	/*
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
5	* All rights reserved	5	* All rights reserved
@@ -145,6 +145,7 @@ initialize_server_options(ServerOptions *options)
145	options->ciphers = NULL;	145	options->ciphers = NULL;
146	options->macs = NULL;	146	options->macs = NULL;
147	options->kex_algorithms = NULL;	147	options->kex_algorithms = NULL;
		148	options->ca_sign_algorithms = NULL;
148	options->fwd_opts.gateway_ports = -1;	149	options->fwd_opts.gateway_ports = -1;
149	options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;	150	options->fwd_opts.streamlocal_bind_mask = (mode_t)-1;
150	options->fwd_opts.streamlocal_bind_unlink = -1;	151	options->fwd_opts.streamlocal_bind_unlink = -1;
@@ -191,13 +192,14 @@ option_clear_or_none(const char *o)
191	static void	192	static void
192	assemble_algorithms(ServerOptions *o)	193	assemble_algorithms(ServerOptions *o)
193	{	194	{
194	char all_cipher, all_mac, all_kex, all_key;	195	char all_cipher, all_mac, all_kex, all_key, *all_sig;
195	int r;	196	int r;
196		197
197	all_cipher = cipher_alg_list(',', 0);	198	all_cipher = cipher_alg_list(',', 0);
198	all_mac = mac_alg_list(',');	199	all_mac = mac_alg_list(',');
199	all_kex = kex_alg_list(',');	200	all_kex = kex_alg_list(',');
200	all_key = sshkey_alg_list(0, 0, 1, ',');	201	all_key = sshkey_alg_list(0, 0, 1, ',');
		202	all_sig = sshkey_alg_list(0, 1, 1, ',');
201	#define ASSEMBLE(what, defaults, all) \	203	#define ASSEMBLE(what, defaults, all) \
202	do { \	204	do { \
203	if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \	205	if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \
@@ -209,11 +211,13 @@ assemble_algorithms(ServerOptions *o)
209	ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key);	211	ASSEMBLE(hostkeyalgorithms, KEX_DEFAULT_PK_ALG, all_key);
210	ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);	212	ASSEMBLE(hostbased_key_types, KEX_DEFAULT_PK_ALG, all_key);
211	ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);	213	ASSEMBLE(pubkey_key_types, KEX_DEFAULT_PK_ALG, all_key);
		214	ASSEMBLE(ca_sign_algorithms, SSH_ALLOWED_CA_SIGALGS, all_sig);
212	#undef ASSEMBLE	215	#undef ASSEMBLE
213	free(all_cipher);	216	free(all_cipher);
214	free(all_mac);	217	free(all_mac);
215	free(all_kex);	218	free(all_kex);
216	free(all_key);	219	free(all_key);
		220	free(all_sig);
217	}	221	}
218		222
219	static void	223	static void
@@ -487,7 +491,7 @@ typedef enum {
487	sHostCertificate,	491	sHostCertificate,
488	sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,	492	sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
489	sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser,	493	sAuthorizedPrincipalsCommand, sAuthorizedPrincipalsCommandUser,
490	sKexAlgorithms, sIPQoS, sVersionAddendum,	494	sKexAlgorithms, sCASignatureAlgorithms, sIPQoS, sVersionAddendum,
491	sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,	495	sAuthorizedKeysCommand, sAuthorizedKeysCommandUser,
492	sAuthenticationMethods, sHostKeyAgent, sPermitUserRC,	496	sAuthenticationMethods, sHostKeyAgent, sPermitUserRC,
493	sStreamLocalBindMask, sStreamLocalBindUnlink,	497	sStreamLocalBindMask, sStreamLocalBindUnlink,
@@ -1431,6 +1435,10 @@ process_server_config_line(ServerOptions options, char line,
1431	charptr = &options->hostkeyalgorithms;	1435	charptr = &options->hostkeyalgorithms;
1432	goto parse_keytypes;	1436	goto parse_keytypes;
1433		1437
		1438	case sCASignatureAlgorithms:
		1439	charptr = &options->ca_sign_algorithms;
		1440	goto parse_keytypes;
		1441
1434	case sPubkeyAuthentication:	1442	case sPubkeyAuthentication:
1435	intptr = &options->pubkey_authentication;	1443	intptr = &options->pubkey_authentication;
1436	goto parse_flag;	1444	goto parse_flag;
@@ -2601,6 +2609,8 @@ dump_config(ServerOptions *o)
2601	dump_cfg_string(sHostKeyAgent, o->host_key_agent);	2609	dump_cfg_string(sHostKeyAgent, o->host_key_agent);
2602	dump_cfg_string(sKexAlgorithms,	2610	dump_cfg_string(sKexAlgorithms,
2603	o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX);	2611	o->kex_algorithms ? o->kex_algorithms : KEX_SERVER_KEX);
		2612	dump_cfg_string(sCASignatureAlgorithms, o->ca_sign_algorithms ?
		2613	o->ca_sign_algorithms : SSH_ALLOWED_CA_SIGALGS);
2604	dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ?	2614	dump_cfg_string(sHostbasedAcceptedKeyTypes, o->hostbased_key_types ?
2605	o->hostbased_key_types : KEX_DEFAULT_PK_ALG);	2615	o->hostbased_key_types : KEX_DEFAULT_PK_ALG);
2606	dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ?	2616	dump_cfg_string(sHostKeyAlgorithms, o->hostkeyalgorithms ?


diff --git a/servconf.h b/servconf.h index 557521d73..0175e00e8 100644 --- a/servconf.h +++ b/servconf.h
@@ -1,4 +1,4 @@
1	/* $OpenBSD: servconf.h,v 1.136 2018/07/09 21:26:02 markus Exp $ */	1	/* $OpenBSD: servconf.h,v 1.137 2018/09/20 03:28:06 djm Exp $ */
2		2
3	/*	3	/*
4	* Author: Tatu Ylonen <ylo@cs.hut.fi>	4	* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -110,6 +110,7 @@ typedef struct {
110	int hostbased_uses_name_from_packet_only; /* experimental */	110	int hostbased_uses_name_from_packet_only; /* experimental */
111	char hostbased_key_types; / Key types allowed for hostbased */	111	char hostbased_key_types; / Key types allowed for hostbased */
112	char hostkeyalgorithms; / SSH2 server key types */	112	char hostkeyalgorithms; / SSH2 server key types */
		113	char ca_sign_algorithms; / Allowed CA signature algorithms */
113	int pubkey_authentication; /* If true, permit ssh2 pubkey authentication. */	114	int pubkey_authentication; /* If true, permit ssh2 pubkey authentication. */
114	char pubkey_key_types; / Key types allowed for public key */	115	char pubkey_key_types; / Key types allowed for public key */
115	int kerberos_authentication; /* If true, permit Kerberos	116	int kerberos_authentication; /* If true, permit Kerberos
@@ -242,6 +243,7 @@ struct connection_info {
242	M_CP_STROPT(authorized_principals_command_user); \	243	M_CP_STROPT(authorized_principals_command_user); \
243	M_CP_STROPT(hostbased_key_types); \	244	M_CP_STROPT(hostbased_key_types); \
244	M_CP_STROPT(pubkey_key_types); \	245	M_CP_STROPT(pubkey_key_types); \
		246	M_CP_STROPT(ca_sign_algorithms); \
245	M_CP_STROPT(routing_domain); \	247	M_CP_STROPT(routing_domain); \
246	M_CP_STROPT(permit_user_env_whitelist); \	248	M_CP_STROPT(permit_user_env_whitelist); \
247	M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \	249	M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \


diff --git a/sshd_config.5 b/sshd_config.5 index e1b54ba20..c6484370b 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: sshd_config.5,v 1.281 2018/07/20 05:01:10 djm Exp $	36	.\" $OpenBSD: sshd_config.5,v 1.282 2018/09/20 03:28:06 djm Exp $
37	.Dd $Mdocdate: July 20 2018 $	37	.Dd $Mdocdate: September 20 2018 $
38	.Dt SSHD_CONFIG 5	38	.Dt SSHD_CONFIG 5
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -382,6 +382,17 @@ If the argument is
382	.Cm none	382	.Cm none
383	then no banner is displayed.	383	then no banner is displayed.
384	By default, no banner is displayed.	384	By default, no banner is displayed.
		385	.It Cm CASignatureAlgorithms
		386	Specifies which algorithms are allowed for signing of certificates
		387	by certificate authorities (CAs).
		388	The default is:
		389	.Bd -literal -offset indent
		390	ecdsa-sha2-nistp256.ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
		391	ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
		392	.Ed
		393	.Pp
		394	Certificates signed using other algorithms will not be accepted for
		395	public key or host-based authentication.
385	.It Cm ChallengeResponseAuthentication	396	.It Cm ChallengeResponseAuthentication
386	Specifies whether challenge-response authentication is allowed (e.g. via	397	Specifies whether challenge-response authentication is allowed (e.g. via
387	PAM or through authentication styles supported in	398	PAM or through authentication styles supported in