1 files changed, 42 insertions, 22 deletions
diff --git a/sshd.8 b/sshd.8
index fb133c14b..c5f8987d2 100644
--- a/sshd.8
+++ b/sshd.8
@@ -33,13 +33,13 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.304 2018/07/22 12:16:59 dtucker Exp $
+.\" $OpenBSD: sshd.8,v 1.312 2020/01/25 06:03:10 djm Exp $
-.Dd $Mdocdate: July 22 2018 $
+.Dd $Mdocdate: January 25 2020 $
 .Dt SSHD 8
 .Os
 .Sh NAME
 .Nm sshd
-.Nd OpenSSH SSH daemon
+.Nd OpenSSH daemon
 .Sh SYNOPSIS
 .Nm sshd
 .Bk -words
@@ -253,16 +253,13 @@ Whenever a client connects, the daemon responds with its public
 host key.
 The client compares the
 host key against its own database to verify that it has not changed.
-Forward security is provided through a Diffie-Hellman key agreement.
+Forward secrecy is provided through a Diffie-Hellman key agreement.
 This key agreement results in a shared session key.
-The rest of the session is encrypted using a symmetric cipher, currently
+The rest of the session is encrypted using a symmetric cipher.
-128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
 The client selects the encryption algorithm
 to use from those offered by the server.
 Additionally, session integrity is provided
-through a cryptographic message authentication code
+through a cryptographic message authentication code (MAC).
-(hmac-md5, hmac-sha1, umac-64, umac-128,
-hmac-sha2-256 or hmac-sha2-512).
 .Pp
 Finally, the server and the client enter an authentication dialog.
 The client tries to authenticate itself using
@@ -429,25 +426,39 @@ comments).
 Public keys consist of the following space-separated fields:
 options, keytype, base64-encoded key, comment.
 The options field is optional.
-The keytype is
+The supported key types are:
-.Dq ecdsa-sha2-nistp256 ,
+.Pp
-.Dq ecdsa-sha2-nistp384 ,
+.Bl -item -compact -offset indent
-.Dq ecdsa-sha2-nistp521 ,
+.It
-.Dq ssh-ed25519 ,
+sk-ecdsa-sha2-nistp256@openssh.com
-.Dq ssh-dss
+.It
-or
+ecdsa-sha2-nistp256
-.Dq ssh-rsa ;
+.It
-the comment field is not used for anything (but may be convenient for the
+ecdsa-sha2-nistp384
+.It
+ecdsa-sha2-nistp521
+.It
+sk-ssh-ed25519@openssh.com
+.It
+ssh-ed25519
+.It
+ssh-dss
+.It
+ssh-rsa
+.El
+.Pp
+The comment field is not used for anything (but may be convenient for the
 user to identify the key).
 .Pp
 Note that lines in this file can be several hundred bytes long
 (because of the size of the public key encoding) up to a limit of
-8 kilobytes, which permits DSA keys up to 8 kilobits and RSA
+8 kilobytes, which permits RSA keys up to 16 kilobits.
-keys up to 16 kilobits.
 You don't want to type them in; instead, copy the
 .Pa id_dsa.pub ,
 .Pa id_ecdsa.pub ,
+.Pa id_ecdsa_sk.pub ,
 .Pa id_ed25519.pub ,
+.Pa id_ed25519_sk.pub ,
 or the
 .Pa id_rsa.pub
 file and edit it.
@@ -589,8 +600,8 @@ IPv6 addresses can be specified by enclosing the address in square brackets.
 Multiple
 .Cm permitopen
 options may be applied separated by commas.
-No pattern matching is performed on the specified hostnames,
+No pattern matching or name lookup is performed on the
-they must be literal domains or addresses.
+specified hostnames, they must be literal host names and/or addresses.
 A port specification of
 .Cm *
 matches any port.
@@ -613,6 +624,13 @@ option.
 Permits tty allocation previously disabled by the
 .Cm restrict
 option.
+.It Cm no-touch-required
+Do not require demonstration of user presence
+for signatures made using this key.
+This option only makes sense for the FIDO authenticator algorithms
+.Cm ecdsa-sk
+and
+.Cm ed25519-sk .
 .It Cm restrict
 Enable all restrictions, i.e. disable port, agent and X11 forwarding,
 as well as disabling PTY allocation
@@ -656,6 +674,8 @@ restrict,command="uptime" ssh-rsa AAAA1C8...32Tv==
 user@example.net
 restrict,pty,command="nethack" ssh-rsa AAAA1f8...IrrC5==
 user@example.net
+no-touch-required sk-ecdsa-sha2-nistp256@openssh.com AAAAInN...Ko==
+user@example.net
 .Ed
 .Sh SSH_KNOWN_HOSTS FILE FORMAT
 The

diff --git a/sshd.8 b/sshd.8 index fb133c14b..c5f8987d2 100644 --- a/sshd.8 +++ b/sshd.8
@@ -33,13 +33,13 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: sshd.8,v 1.304 2018/07/22 12:16:59 dtucker Exp $	36	.\" $OpenBSD: sshd.8,v 1.312 2020/01/25 06:03:10 djm Exp $
37	.Dd $Mdocdate: July 22 2018 $	37	.Dd $Mdocdate: January 25 2020 $
38	.Dt SSHD 8	38	.Dt SSHD 8
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
41	.Nm sshd	41	.Nm sshd
42	.Nd OpenSSH SSH daemon	42	.Nd OpenSSH daemon
43	.Sh SYNOPSIS	43	.Sh SYNOPSIS
44	.Nm sshd	44	.Nm sshd
45	.Bk -words	45	.Bk -words
@@ -253,16 +253,13 @@ Whenever a client connects, the daemon responds with its public
253	host key.	253	host key.
254	The client compares the	254	The client compares the
255	host key against its own database to verify that it has not changed.	255	host key against its own database to verify that it has not changed.
256	Forward security is provided through a Diffie-Hellman key agreement.	256	Forward secrecy is provided through a Diffie-Hellman key agreement.
257	This key agreement results in a shared session key.	257	This key agreement results in a shared session key.
258	The rest of the session is encrypted using a symmetric cipher, currently	258	The rest of the session is encrypted using a symmetric cipher.
259	128-bit AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES.
260	The client selects the encryption algorithm	259	The client selects the encryption algorithm
261	to use from those offered by the server.	260	to use from those offered by the server.
262	Additionally, session integrity is provided	261	Additionally, session integrity is provided
263	through a cryptographic message authentication code	262	through a cryptographic message authentication code (MAC).
264	(hmac-md5, hmac-sha1, umac-64, umac-128,
265	hmac-sha2-256 or hmac-sha2-512).
266	.Pp	263	.Pp
267	Finally, the server and the client enter an authentication dialog.	264	Finally, the server and the client enter an authentication dialog.
268	The client tries to authenticate itself using	265	The client tries to authenticate itself using
@@ -429,25 +426,39 @@ comments).
429	Public keys consist of the following space-separated fields:	426	Public keys consist of the following space-separated fields:
430	options, keytype, base64-encoded key, comment.	427	options, keytype, base64-encoded key, comment.
431	The options field is optional.	428	The options field is optional.
432	The keytype is	429	The supported key types are:
433	.Dq ecdsa-sha2-nistp256 ,	430	.Pp
434	.Dq ecdsa-sha2-nistp384 ,	431	.Bl -item -compact -offset indent
435	.Dq ecdsa-sha2-nistp521 ,	432	.It
436	.Dq ssh-ed25519 ,	433	sk-ecdsa-sha2-nistp256@openssh.com
437	.Dq ssh-dss	434	.It
438	or	435	ecdsa-sha2-nistp256
439	.Dq ssh-rsa ;	436	.It
440	the comment field is not used for anything (but may be convenient for the	437	ecdsa-sha2-nistp384
		438	.It
		439	ecdsa-sha2-nistp521
		440	.It
		441	sk-ssh-ed25519@openssh.com
		442	.It
		443	ssh-ed25519
		444	.It
		445	ssh-dss
		446	.It
		447	ssh-rsa
		448	.El
		449	.Pp
		450	The comment field is not used for anything (but may be convenient for the
441	user to identify the key).	451	user to identify the key).
442	.Pp	452	.Pp
443	Note that lines in this file can be several hundred bytes long	453	Note that lines in this file can be several hundred bytes long
444	(because of the size of the public key encoding) up to a limit of	454	(because of the size of the public key encoding) up to a limit of
445	8 kilobytes, which permits DSA keys up to 8 kilobits and RSA	455	8 kilobytes, which permits RSA keys up to 16 kilobits.
446	keys up to 16 kilobits.
447	You don't want to type them in; instead, copy the	456	You don't want to type them in; instead, copy the
448	.Pa id_dsa.pub ,	457	.Pa id_dsa.pub ,
449	.Pa id_ecdsa.pub ,	458	.Pa id_ecdsa.pub ,
		459	.Pa id_ecdsa_sk.pub ,
450	.Pa id_ed25519.pub ,	460	.Pa id_ed25519.pub ,
		461	.Pa id_ed25519_sk.pub ,
451	or the	462	or the
452	.Pa id_rsa.pub	463	.Pa id_rsa.pub
453	file and edit it.	464	file and edit it.
@@ -589,8 +600,8 @@ IPv6 addresses can be specified by enclosing the address in square brackets.
589	Multiple	600	Multiple
590	.Cm permitopen	601	.Cm permitopen
591	options may be applied separated by commas.	602	options may be applied separated by commas.
592	No pattern matching is performed on the specified hostnames,	603	No pattern matching or name lookup is performed on the
593	they must be literal domains or addresses.	604	specified hostnames, they must be literal host names and/or addresses.
594	A port specification of	605	A port specification of
595	.Cm *	606	.Cm *
596	matches any port.	607	matches any port.
@@ -613,6 +624,13 @@ option.
613	Permits tty allocation previously disabled by the	624	Permits tty allocation previously disabled by the
614	.Cm restrict	625	.Cm restrict
615	option.	626	option.
		627	.It Cm no-touch-required
		628	Do not require demonstration of user presence
		629	for signatures made using this key.
		630	This option only makes sense for the FIDO authenticator algorithms
		631	.Cm ecdsa-sk
		632	and
		633	.Cm ed25519-sk .
616	.It Cm restrict	634	.It Cm restrict
617	Enable all restrictions, i.e. disable port, agent and X11 forwarding,	635	Enable all restrictions, i.e. disable port, agent and X11 forwarding,
618	as well as disabling PTY allocation	636	as well as disabling PTY allocation
@@ -656,6 +674,8 @@ restrict,command="uptime" ssh-rsa AAAA1C8...32Tv==
656	user@example.net	674	user@example.net
657	restrict,pty,command="nethack" ssh-rsa AAAA1f8...IrrC5==	675	restrict,pty,command="nethack" ssh-rsa AAAA1f8...IrrC5==
658	user@example.net	676	user@example.net
		677	no-touch-required sk-ecdsa-sha2-nistp256@openssh.com AAAAInN...Ko==
		678	user@example.net
659	.Ed	679	.Ed
660	.Sh SSH_KNOWN_HOSTS FILE FORMAT	680	.Sh SSH_KNOWN_HOSTS FILE FORMAT
661	The	681	The