diff options
Diffstat (limited to 'ssh_config.5')
| -rw-r--r-- | ssh_config.5 | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/ssh_config.5 b/ssh_config.5 index 9d4b38aa8..fa852acb1 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
| @@ -33,8 +33,8 @@ | |||
| 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 33 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 34 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 35 | .\" | 35 | .\" |
| 36 | .\" $OpenBSD: ssh_config.5,v 1.157 2012/06/29 13:57:25 naddy Exp $ | 36 | .\" $OpenBSD: ssh_config.5,v 1.161 2013/01/08 18:49:04 markus Exp $ |
| 37 | .Dd $Mdocdate: June 29 2012 $ | 37 | .Dd $Mdocdate: January 8 2013 $ |
| 38 | .Dt SSH_CONFIG 5 | 38 | .Dt SSH_CONFIG 5 |
| 39 | .Os | 39 | .Os |
| 40 | .Sh NAME | 40 | .Sh NAME |
| @@ -224,6 +224,8 @@ The supported ciphers are | |||
| 224 | .Dq aes128-ctr , | 224 | .Dq aes128-ctr , |
| 225 | .Dq aes192-ctr , | 225 | .Dq aes192-ctr , |
| 226 | .Dq aes256-ctr , | 226 | .Dq aes256-ctr , |
| 227 | .Dq aes128-gcm@openssh.com , | ||
| 228 | .Dq aes256-gcm@openssh.com , | ||
| 227 | .Dq arcfour128 , | 229 | .Dq arcfour128 , |
| 228 | .Dq arcfour256 , | 230 | .Dq arcfour256 , |
| 229 | .Dq arcfour , | 231 | .Dq arcfour , |
| @@ -233,6 +235,7 @@ and | |||
| 233 | The default is: | 235 | The default is: |
| 234 | .Bd -literal -offset 3n | 236 | .Bd -literal -offset 3n |
| 235 | aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, | 237 | aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, |
| 238 | aes128-gcm@openssh.com,aes256-gcm@openssh.com, | ||
| 236 | aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, | 239 | aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, |
| 237 | aes256-cbc,arcfour | 240 | aes256-cbc,arcfour |
| 238 | .Ed | 241 | .Ed |
| @@ -658,6 +661,8 @@ should only use the authentication identity files configured in the | |||
| 658 | files, | 661 | files, |
| 659 | even if | 662 | even if |
| 660 | .Xr ssh-agent 1 | 663 | .Xr ssh-agent 1 |
| 664 | or a | ||
| 665 | .Cm PKCS11Provider | ||
| 661 | offers more identities. | 666 | offers more identities. |
| 662 | The argument to this keyword must be | 667 | The argument to this keyword must be |
| 663 | .Dq yes | 668 | .Dq yes |
| @@ -846,9 +851,18 @@ in order of preference. | |||
| 846 | The MAC algorithm is used in protocol version 2 | 851 | The MAC algorithm is used in protocol version 2 |
| 847 | for data integrity protection. | 852 | for data integrity protection. |
| 848 | Multiple algorithms must be comma-separated. | 853 | Multiple algorithms must be comma-separated. |
| 854 | The algorithms that contain | ||
| 855 | .Dq -etm | ||
| 856 | calculate the MAC after encryption (encrypt-then-mac). | ||
| 857 | These are considered safer and their use recommended. | ||
| 849 | The default is: | 858 | The default is: |
| 850 | .Bd -literal -offset indent | 859 | .Bd -literal -offset indent |
| 851 | hmac-md5,hmac-sha1,umac-64@openssh.com, | 860 | hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com, |
| 861 | umac-64-etm@openssh.com,umac-128-etm@openssh.com, | ||
| 862 | hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com, | ||
| 863 | hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com, | ||
| 864 | hmac-md5-96-etm@openssh.com, | ||
| 865 | hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com, | ||
| 852 | hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, | 866 | hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, |
| 853 | hmac-sha1-96,hmac-md5-96 | 867 | hmac-sha1-96,hmac-md5-96 |
| 854 | .Ed | 868 | .Ed |