summaryrefslogtreecommitdiff
path: root/ssh_config.5
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2013-05-07 11:47:26 +0100
committerColin Watson <cjwatson@debian.org>2013-05-07 11:47:26 +0100
commit2ea3f720daeb1ca9f765365fce3a9546961fe624 (patch)
treec4fb7d1f51fa51e7677232de806aae150e29e2ac /ssh_config.5
parentf5efcd3450bbf8261915e0c4a6f851229dddaa79 (diff)
parentecebda56da46a03dafff923d91c382f31faa9eec (diff)
* New upstream release (http://www.openssh.com/txt/release-6.2).
- Add support for multiple required authentication in SSH protocol 2 via an AuthenticationMethods option (closes: #195716). - Fix Sophie Germain formula in moduli(5) (closes: #698612). - Update ssh-copy-id to Phil Hands' greatly revised version (closes: #99785, #322228, #620428; LP: #518883, #835901, #1074798).
Diffstat (limited to 'ssh_config.5')
-rw-r--r--ssh_config.520
1 files changed, 17 insertions, 3 deletions
diff --git a/ssh_config.5 b/ssh_config.5
index 9d4b38aa8..fa852acb1 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 33.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 34.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35.\" 35.\"
36.\" $OpenBSD: ssh_config.5,v 1.157 2012/06/29 13:57:25 naddy Exp $ 36.\" $OpenBSD: ssh_config.5,v 1.161 2013/01/08 18:49:04 markus Exp $
37.Dd $Mdocdate: June 29 2012 $ 37.Dd $Mdocdate: January 8 2013 $
38.Dt SSH_CONFIG 5 38.Dt SSH_CONFIG 5
39.Os 39.Os
40.Sh NAME 40.Sh NAME
@@ -224,6 +224,8 @@ The supported ciphers are
224.Dq aes128-ctr , 224.Dq aes128-ctr ,
225.Dq aes192-ctr , 225.Dq aes192-ctr ,
226.Dq aes256-ctr , 226.Dq aes256-ctr ,
227.Dq aes128-gcm@openssh.com ,
228.Dq aes256-gcm@openssh.com ,
227.Dq arcfour128 , 229.Dq arcfour128 ,
228.Dq arcfour256 , 230.Dq arcfour256 ,
229.Dq arcfour , 231.Dq arcfour ,
@@ -233,6 +235,7 @@ and
233The default is: 235The default is:
234.Bd -literal -offset 3n 236.Bd -literal -offset 3n
235aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, 237aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
238aes128-gcm@openssh.com,aes256-gcm@openssh.com,
236aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, 239aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
237aes256-cbc,arcfour 240aes256-cbc,arcfour
238.Ed 241.Ed
@@ -658,6 +661,8 @@ should only use the authentication identity files configured in the
658files, 661files,
659even if 662even if
660.Xr ssh-agent 1 663.Xr ssh-agent 1
664or a
665.Cm PKCS11Provider
661offers more identities. 666offers more identities.
662The argument to this keyword must be 667The argument to this keyword must be
663.Dq yes 668.Dq yes
@@ -846,9 +851,18 @@ in order of preference.
846The MAC algorithm is used in protocol version 2 851The MAC algorithm is used in protocol version 2
847for data integrity protection. 852for data integrity protection.
848Multiple algorithms must be comma-separated. 853Multiple algorithms must be comma-separated.
854The algorithms that contain
855.Dq -etm
856calculate the MAC after encryption (encrypt-then-mac).
857These are considered safer and their use recommended.
849The default is: 858The default is:
850.Bd -literal -offset indent 859.Bd -literal -offset indent
851hmac-md5,hmac-sha1,umac-64@openssh.com, 860hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,
861umac-64-etm@openssh.com,umac-128-etm@openssh.com,
862hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
863hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,
864hmac-md5-96-etm@openssh.com,
865hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,
852hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, 866hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,
853hmac-sha1-96,hmac-md5-96 867hmac-sha1-96,hmac-md5-96
854.Ed 868.Ed