Import openssh_7.0p1.orig.tar.gz

author: Colin Watson <cjwatson@debian.org> 2015-08-22 10:05:45 +0100
committer: Colin Watson <cjwatson@debian.org> 2015-08-22 10:05:45 +0100
commit: 58ddb8ad21f21f5358db0204c4ba9abf94a1ca11 (patch)
tree: c55df1f23e6fa0fb87a96d8ec4c06a68c3a82b45 /ssh_config.0
parent: 544df7a04ae5b5c1fc30be7c445ad685d7a02dc9 (diff)
parent: 1dc8d93ce69d6565747eb44446ed117187621b26 (diff)
1 files changed, 58 insertions, 17 deletions
diff --git a/ssh_config.0 b/ssh_config.0
index b0a614b8a..654807779 100644
--- a/ssh_config.0
+++ b/ssh_config.0
@@ -180,8 +180,12 @@ DESCRIPTION
     Ciphers
             Specifies the ciphers allowed for protocol version 2 in order of
-             preference.  Multiple ciphers must be comma-separated.  The
+             preference.  Multiple ciphers must be comma-separated.  If the
-             supported ciphers are:
+             specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified
+             ciphers will be appended to the default set instead of replacing
+             them.
+             The supported ciphers are:
                   3des-cbc
                   aes128-cbc
@@ -435,23 +439,35 @@ DESCRIPTION
     HostbasedKeyTypes
             Specifies the key types that will be used for hostbased
-             authentication as a comma-separated pattern list.  The default
+             authentication as a comma-separated pattern list.  Alternately if
-             M-bM-^@M-^\*M-bM-^@M-^] will allow all key types.  The -Q option of ssh(1) may be
+             the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the
-             used to list supported key types.
+             specified key types will be appended to the default set instead
+             of replacing them.  The default for this option is:
+                ecdsa-sha2-nistp256-cert-v01@openssh.com,
+                ecdsa-sha2-nistp384-cert-v01@openssh.com,
+                ecdsa-sha2-nistp521-cert-v01@openssh.com,
+                ssh-ed25519-cert-v01@openssh.com,
+                ssh-rsa-cert-v01@openssh.com,
+                ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
+                ssh-ed25519,ssh-rsa
+             The -Q option of ssh(1) may be used to list supported key types.
     HostKeyAlgorithms
             Specifies the protocol version 2 host key algorithms that the
-             client wants to use in order of preference.  The default for this
+             client wants to use in order of preference.  Alternately if the
-             option is:
+             specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified
+             key types will be appended to the default set instead of
+             replacing them.  The default for this option is:
                ecdsa-sha2-nistp256-cert-v01@openssh.com,
                ecdsa-sha2-nistp384-cert-v01@openssh.com,
                ecdsa-sha2-nistp521-cert-v01@openssh.com,
                ssh-ed25519-cert-v01@openssh.com,
-                ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,
+                ssh-rsa-cert-v01@openssh.com,
-                ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,
                ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
-                ssh-ed25519,ssh-rsa,ssh-dss
+                ssh-ed25519,ssh-rsa
             If hostkeys are known for the destination host then this default
             is modified to prefer their algorithms.
@@ -548,14 +564,16 @@ DESCRIPTION
     KexAlgorithms
             Specifies the available KEX (Key Exchange) algorithms.  Multiple
-             algorithms must be comma-separated.  The default is:
+             algorithms must be comma-separated.  Alternately if the specified
+             value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified methods
+             will be appended to the default set instead of replacing them.
+             The default is:
                   curve25519-sha256@libssh.org,
                   ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
                   diffie-hellman-group-exchange-sha256,
                   diffie-hellman-group-exchange-sha1,
-                   diffie-hellman-group14-sha1,
+                   diffie-hellman-group14-sha1
-                   diffie-hellman-group1-sha1
             The list of available key exchange algorithms may also be
             obtained using the -Q option of ssh(1) with an argument of M-bM-^@M-^\kexM-bM-^@M-^].
@@ -604,9 +622,15 @@ DESCRIPTION
     MACs    Specifies the MAC (message authentication code) algorithms in
             order of preference.  The MAC algorithm is used in protocol
             version 2 for data integrity protection.  Multiple algorithms
-             must be comma-separated.  The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^]
+             must be comma-separated.  If the specified value begins with a
-             calculate the MAC after encryption (encrypt-then-mac).  These are
+             M-bM-^@M-^X+M-bM-^@M-^Y character, then the specified algorithms will be appended to
-             considered safer and their use recommended.  The default is:
+             the default set instead of replacing them.
+             The algorithms that contain M-bM-^@M-^\-etmM-bM-^@M-^] calculate the MAC after
+             encryption (encrypt-then-mac).  These are considered safer and
+             their use recommended.
+             The default is:
                   umac-64-etm@openssh.com,umac-128-etm@openssh.com,
                   hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
@@ -696,6 +720,23 @@ DESCRIPTION
             back to ssh(1) instead of continuing to execute and pass data.
             The default is M-bM-^@M-^\noM-bM-^@M-^].
+     PubkeyAcceptedKeyTypes
+             Specifies the key types that will be used for public key
+             authentication as a comma-separated pattern list.  Alternately if
+             the specified value begins with a M-bM-^@M-^X+M-bM-^@M-^Y character, then the key
+             types after it will be appended to the default instead of
+             replacing it.  The default for this option is:
+                ecdsa-sha2-nistp256-cert-v01@openssh.com,
+                ecdsa-sha2-nistp384-cert-v01@openssh.com,
+                ecdsa-sha2-nistp521-cert-v01@openssh.com,
+                ssh-ed25519-cert-v01@openssh.com,
+                ssh-rsa-cert-v01@openssh.com,
+                ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
+                ssh-ed25519,ssh-rsa
+             The -Q option of ssh(1) may be used to list supported key types.
     PubkeyAuthentication
             Specifies whether to try public key authentication.  The argument
             to this keyword must be M-bM-^@M-^\yesM-bM-^@M-^] or M-bM-^@M-^\noM-bM-^@M-^].  The default is M-bM-^@M-^\yesM-bM-^@M-^].
@@ -982,4 +1023,4 @@ AUTHORS
     created OpenSSH.  Markus Friedl contributed the support for SSH protocol
     versions 1.5 and 2.0.
-OpenBSD 5.7                      June 2, 2015                      OpenBSD 5.7
+OpenBSD 5.8                      July 30, 2015                     OpenBSD 5.8
author	Colin Watson <cjwatson@debian.org>	2015-08-22 10:05:45 +0100
committer	Colin Watson <cjwatson@debian.org>	2015-08-22 10:05:45 +0100
commit	58ddb8ad21f21f5358db0204c4ba9abf94a1ca11 (patch)
tree	c55df1f23e6fa0fb87a96d8ec4c06a68c3a82b45 /ssh_config.0
parent	544df7a04ae5b5c1fc30be7c445ad685d7a02dc9 (diff)
parent	1dc8d93ce69d6565747eb44446ed117187621b26 (diff)