diff options
Diffstat (limited to 'PROTOCOL')
-rw-r--r-- | PROTOCOL | 24 |
1 files changed, 23 insertions, 1 deletions
@@ -282,6 +282,28 @@ by the client cancel the forwarding of a Unix domain socket. | |||
282 | boolean FALSE | 282 | boolean FALSE |
283 | string socket path | 283 | string socket path |
284 | 284 | ||
285 | 2.5. connection: hostkey update and rotation "hostkeys@openssh.com" | ||
286 | |||
287 | OpenSSH supports a protocol extension allowing a server to inform | ||
288 | a client of all its protocol v.2 hostkeys after user-authentication | ||
289 | has completed. | ||
290 | |||
291 | byte SSH_MSG_GLOBAL_REQUEST | ||
292 | string "hostkeys@openssh.com" | ||
293 | string[] hostkeys | ||
294 | |||
295 | Upon receiving this message, a client may update its known_hosts | ||
296 | file, adding keys that it has not seen before and deleting keys | ||
297 | for the server host that are no longer offered. | ||
298 | |||
299 | This extension allows a client to learn key types that it had | ||
300 | not previously encountered, thereby allowing it to potentially | ||
301 | upgrade from weaker key algorithms to better ones. It also | ||
302 | supports graceful key rotation: a server may offer multiple keys | ||
303 | of the same type for a period (to give clients an opportunity to | ||
304 | learn them using this extension) before removing the deprecated | ||
305 | key from those offered. | ||
306 | |||
285 | 3. SFTP protocol changes | 307 | 3. SFTP protocol changes |
286 | 308 | ||
287 | 3.1. sftp: Reversal of arguments to SSH_FXP_SYMLINK | 309 | 3.1. sftp: Reversal of arguments to SSH_FXP_SYMLINK |
@@ -406,4 +428,4 @@ respond with a SSH_FXP_STATUS message. | |||
406 | This extension is advertised in the SSH_FXP_VERSION hello with version | 428 | This extension is advertised in the SSH_FXP_VERSION hello with version |
407 | "1". | 429 | "1". |
408 | 430 | ||
409 | $OpenBSD: PROTOCOL,v 1.24 2014/07/15 15:54:14 millert Exp $ | 431 | $OpenBSD: PROTOCOL,v 1.25 2015/01/26 03:04:45 djm Exp $ |