From 312d2f2861a2598ed08587cb6c45c0e98a85408f Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 4 Jul 2018 13:49:31 +0000 Subject: upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA signature work - returns ability to add/remove/specify algorithms by wildcard. Algorithm lists are now fully expanded when the server/client configs are finalised, so errors are reported early and the config dumps (e.g. "ssh -G ...") now list the actual algorithms selected. Clarify that, while wildcards are accepted in algorithm lists, they aren't full pattern-lists that support negation. (lots of) feedback, ok markus@ OpenBSD-Commit-ID: a8894c5c81f399a002f02ff4fe6b4fa46b1f3207 --- sshd_config.5 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'sshd_config.5') diff --git a/sshd_config.5 b/sshd_config.5 index cc019ec7d..aa888796e 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.279 2018/07/03 11:39:54 djm Exp $ -.Dd $Mdocdate: July 3 2018 $ +.\" $OpenBSD: sshd_config.5,v 1.280 2018/07/04 13:49:31 djm Exp $ +.Dd $Mdocdate: July 4 2018 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -659,7 +659,7 @@ The default is .Cm yes . .It Cm HostbasedAcceptedKeyTypes Specifies the key types that will be accepted for hostbased authentication -as a comma-separated pattern list. +as a list of comma-separated patterns. Alternately if the specified value begins with a .Sq + character, then the specified key types will be appended to the default set @@ -1386,7 +1386,7 @@ The default is .Cm yes . .It Cm PubkeyAcceptedKeyTypes Specifies the key types that will be accepted for public key authentication -as a comma-separated pattern list. +as a list of comma-separated patterns. Alternately if the specified value begins with a .Sq + character, then the specified key types will be appended to the default set -- cgit v1.2.3