forked from pool/openssh
Antonio Larrosa
da2c6cc517
* No changes for askpass, see main package changelog for
details.
- Fix a dbus connection leaked in the logind patch that was
missing a sd_bus_unref call (found by Matthias Gerstner):
* logind_set_tty.patch
- Add a patch that fixes a small memory leak when parsing the
subsystem configuration option:
* fix-memleak-in-process_server_config_line_depth.patch
- Update to openssh 9.8p1:
= Security
* 1) Race condition in sshd(8) (bsc#1226642, CVE-2024-6387).
A critical vulnerability in sshd(8) was present in Portable
OpenSSH versions between 8.5p1 and 9.7p1 (inclusive) that may
allow arbitrary code execution with root privileges.
Successful exploitation has been demonstrated on 32-bit
Linux/glibc systems with ASLR. Under lab conditions, the attack
requires on average 6-8 hours of continuous connections up to
the maximum the server will accept. Exploitation on 64-bit
systems is believed to be possible but has not been
demonstrated at this time. It's likely that these attacks will
be improved upon.
Exploitation on non-glibc systems is conceivable but has not
been examined. Systems that lack ASLR or users of downstream
Linux distributions that have modified OpenSSH to disable
per-connection ASLR re-randomisation (yes - this is a thing, no
- we don't understand why) may potentially have an easier path
to exploitation. OpenBSD is not vulnerable.
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=272
660 lines
23 KiB
Diff
660 lines
23 KiB
Diff
Index: openssh-9.6p1/ssh_config.5
|
|
===================================================================
|
|
--- openssh-9.6p1.orig/ssh_config.5
|
|
+++ openssh-9.6p1/ssh_config.5
|
|
@@ -403,17 +403,14 @@ A single argument of
|
|
causes no CNAMEs to be considered for canonicalization.
|
|
This is the default behaviour.
|
|
.It Cm CASignatureAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies which algorithms are allowed for signing of certificates
|
|
by certificate authorities (CAs).
|
|
-The default is:
|
|
-.Bd -literal -offset indent
|
|
-ssh-ed25519,ecdsa-sha2-nistp256,
|
|
-ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
|
-sk-ssh-ed25519@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256@openssh.com,
|
|
-rsa-sha2-512,rsa-sha2-256
|
|
-.Ed
|
|
-.Pp
|
|
If the specified list begins with a
|
|
.Sq +
|
|
character, then the specified algorithms will be appended to the default set
|
|
@@ -542,20 +539,26 @@ If the option is set to
|
|
(the default),
|
|
the check will not be executed.
|
|
.It Cm Ciphers
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the ciphers allowed and their order of preference.
|
|
Multiple ciphers must be comma-separated.
|
|
If the specified list begins with a
|
|
.Sq +
|
|
-character, then the specified ciphers will be appended to the default set
|
|
-instead of replacing them.
|
|
+character, then the specified ciphers will be appended to the built-in
|
|
+openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified ciphers (including wildcards) will be removed
|
|
-from the default set instead of replacing them.
|
|
+from the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified ciphers will be placed at the head of the
|
|
-default set.
|
|
+built-in openssh default set.
|
|
.Pp
|
|
The supported ciphers are:
|
|
.Bd -literal -offset indent
|
|
@@ -571,13 +574,6 @@ aes256-gcm@openssh.com
|
|
chacha20-poly1305@openssh.com
|
|
.Ed
|
|
.Pp
|
|
-The default is:
|
|
-.Bd -literal -offset indent
|
|
-chacha20-poly1305@openssh.com,
|
|
-aes128-ctr,aes192-ctr,aes256-ctr,
|
|
-aes128-gcm@openssh.com,aes256-gcm@openssh.com
|
|
-.Ed
|
|
-.Pp
|
|
The list of available ciphers may also be obtained using
|
|
.Qq ssh -Q cipher .
|
|
.It Cm ClearAllForwardings
|
|
@@ -979,6 +975,12 @@ command line will be passed untouched to
|
|
The default is
|
|
.Dq no .
|
|
.It Cm GSSAPIKexAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
The list of key exchange algorithms that are offered for GSSAPI
|
|
key exchange. Possible values are
|
|
.Bd -literal -offset 3n
|
|
@@ -991,10 +993,8 @@ gss-nistp256-sha256-,
|
|
gss-curve25519-sha256-
|
|
.Ed
|
|
.Pp
|
|
-The default is
|
|
-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,
|
|
-gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
|
|
This option only applies to connections using GSSAPI.
|
|
+.Pp
|
|
.It Cm HashKnownHosts
|
|
Indicates that
|
|
.Xr ssh 1
|
|
@@ -1012,36 +1013,26 @@ will not be converted automatically,
|
|
but may be manually hashed using
|
|
.Xr ssh-keygen 1 .
|
|
.It Cm HostbasedAcceptedAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the signature algorithms that will be used for hostbased
|
|
authentication as a comma-separated list of patterns.
|
|
Alternately if the specified list begins with a
|
|
.Sq +
|
|
character, then the specified signature algorithms will be appended
|
|
-to the default set instead of replacing them.
|
|
+to the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified signature algorithms (including wildcards)
|
|
-will be removed from the default set instead of replacing them.
|
|
+will be removed from the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified signature algorithms will be placed
|
|
-at the head of the default set.
|
|
-The default for this option is:
|
|
-.Bd -literal -offset 3n
|
|
-ssh-ed25519-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp384-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp521-cert-v01@openssh.com,
|
|
-sk-ssh-ed25519-cert-v01@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-rsa-sha2-512-cert-v01@openssh.com,
|
|
-rsa-sha2-256-cert-v01@openssh.com,
|
|
-ssh-ed25519,
|
|
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
|
-sk-ssh-ed25519@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256@openssh.com,
|
|
-rsa-sha2-512,rsa-sha2-256
|
|
-.Ed
|
|
+at the head of the built-in openssh default set.
|
|
.Pp
|
|
The
|
|
.Fl Q
|
|
@@ -1094,6 +1085,17 @@ to prefer their algorithms.
|
|
.Pp
|
|
The list of available signature algorithms may also be obtained using
|
|
.Qq ssh -Q HostKeyAlgorithms .
|
|
+.Pp
|
|
+The proposed
|
|
+.Cm HostKeyAlgorithms
|
|
+during KEX are limited to the set of algorithms that is defined in
|
|
+.Cm PubkeyAcceptedAlgorithms
|
|
+and therefore they are indirectly affected by system-wide
|
|
+.Xr crypto_policies 7 .
|
|
+.Xr crypto_policies 7 can not handle the list of host key algorithms directly
|
|
+as doing so would break the order given by the
|
|
+.Pa known_hosts
|
|
+file.
|
|
.It Cm HostKeyAlias
|
|
Specifies an alias that should be used instead of the
|
|
real host name when looking up or saving the host key
|
|
@@ -1311,36 +1313,30 @@ it may be zero or more of:
|
|
and
|
|
.Cm pam .
|
|
.It Cm KexAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the permitted KEX (Key Exchange) algorithms that will be used and
|
|
their preference order.
|
|
The selected algorithm will the the first algorithm in this list that
|
|
the server also supports.
|
|
Multiple algorithms must be comma-separated.
|
|
.Pp
|
|
If the specified list begins with a
|
|
.Sq +
|
|
-character, then the specified algorithms will be appended to the default set
|
|
-instead of replacing them.
|
|
+character, then the specified methods will be appended to the built-in
|
|
+openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified algorithms (including wildcards) will be removed
|
|
-from the default set instead of replacing them.
|
|
+from the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified algorithms will be placed at the head of the
|
|
-default set.
|
|
-.Pp
|
|
-The default is:
|
|
-.Bd -literal -offset indent
|
|
-sntrup761x25519-sha512@openssh.com,
|
|
-curve25519-sha256,curve25519-sha256@libssh.org,
|
|
-ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
|
|
-diffie-hellman-group-exchange-sha256,
|
|
-diffie-hellman-group16-sha512,
|
|
-diffie-hellman-group18-sha512,
|
|
-diffie-hellman-group14-sha256,
|
|
-diffie-hellman-group14-sha1
|
|
-.Ed
|
|
+built-in openssh default set.
|
|
.Pp
|
|
The list of supported key exchange algorithms may also be obtained using
|
|
.Qq ssh -Q kex .
|
|
@@ -1445,37 +1442,34 @@ function, and all code in the
|
|
file.
|
|
This option is intended for debugging and no overrides are enabled by default.
|
|
.It Cm MACs
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the MAC (message authentication code) algorithms
|
|
in order of preference.
|
|
The MAC algorithm is used for data integrity protection.
|
|
Multiple algorithms must be comma-separated.
|
|
If the specified list begins with a
|
|
.Sq +
|
|
-character, then the specified algorithms will be appended to the default set
|
|
-instead of replacing them.
|
|
+character, then the specified algorithms will be appended to the built-in
|
|
+openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified algorithms (including wildcards) will be removed
|
|
-from the default set instead of replacing them.
|
|
+from the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified algorithms will be placed at the head of the
|
|
-default set.
|
|
+built-in openssh default set.
|
|
.Pp
|
|
The algorithms that contain
|
|
.Qq -etm
|
|
calculate the MAC after encryption (encrypt-then-mac).
|
|
These are considered safer and their use recommended.
|
|
.Pp
|
|
-The default is:
|
|
-.Bd -literal -offset indent
|
|
-umac-64-etm@openssh.com,umac-128-etm@openssh.com,
|
|
-hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
|
|
-hmac-sha1-etm@openssh.com,
|
|
-umac-64@openssh.com,umac-128@openssh.com,
|
|
-hmac-sha2-256,hmac-sha2-512,hmac-sha1
|
|
-.Ed
|
|
-.Pp
|
|
The list of available MAC algorithms may also be obtained using
|
|
.Qq ssh -Q mac .
|
|
.It Cm NoHostAuthenticationForLocalhost
|
|
@@ -1666,39 +1660,32 @@ instead of continuing to execute and pas
|
|
The default is
|
|
.Cm no .
|
|
.It Cm PubkeyAcceptedAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the signature algorithms that will be used for public key
|
|
authentication as a comma-separated list of patterns.
|
|
If the specified list begins with a
|
|
.Sq +
|
|
-character, then the algorithms after it will be appended to the default
|
|
-instead of replacing it.
|
|
+character, then the algorithms after it will be appended to the built-in
|
|
+openssh default instead of replacing it.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified algorithms (including wildcards) will be removed
|
|
-from the default set instead of replacing them.
|
|
+from the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified algorithms will be placed at the head of the
|
|
-default set.
|
|
-The default for this option is:
|
|
-.Bd -literal -offset 3n
|
|
-ssh-ed25519-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp384-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp521-cert-v01@openssh.com,
|
|
-sk-ssh-ed25519-cert-v01@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-rsa-sha2-512-cert-v01@openssh.com,
|
|
-rsa-sha2-256-cert-v01@openssh.com,
|
|
-ssh-ed25519,
|
|
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
|
-sk-ssh-ed25519@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256@openssh.com,
|
|
-rsa-sha2-512,rsa-sha2-256
|
|
-.Ed
|
|
+built-in openssh default set.
|
|
.Pp
|
|
The list of available signature algorithms may also be obtained using
|
|
.Qq ssh -Q PubkeyAcceptedAlgorithms .
|
|
+.Pp
|
|
+This option affects also
|
|
+.Cm HostKeyAlgorithms
|
|
.It Cm PubkeyAuthentication
|
|
Specifies whether to try public key authentication.
|
|
The argument to this keyword must be
|
|
@@ -2395,7 +2382,9 @@ This file provides the vendor defaults a
|
|
configuration file does not exist.
|
|
.El
|
|
.Sh SEE ALSO
|
|
-.Xr ssh 1
|
|
+.Xr ssh 1 ,
|
|
+.Xr crypto-policies 7 ,
|
|
+.Xr update-crypto-policies 8
|
|
.Sh AUTHORS
|
|
.An -nosplit
|
|
OpenSSH is a derivative of the original and free
|
|
Index: openssh-9.6p1/sshd_config.5
|
|
===================================================================
|
|
--- openssh-9.6p1.orig/sshd_config.5
|
|
+++ openssh-9.6p1/sshd_config.5
|
|
@@ -381,17 +381,14 @@ If the argument is
|
|
then no banner is displayed.
|
|
By default, no banner is displayed.
|
|
.It Cm CASignatureAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies which algorithms are allowed for signing of certificates
|
|
by certificate authorities (CAs).
|
|
-The default is:
|
|
-.Bd -literal -offset indent
|
|
-ssh-ed25519,ecdsa-sha2-nistp256,
|
|
-ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
|
-sk-ssh-ed25519@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256@openssh.com,
|
|
-rsa-sha2-512,rsa-sha2-256
|
|
-.Ed
|
|
-.Pp
|
|
If the specified list begins with a
|
|
.Sq +
|
|
character, then the specified algorithms will be appended to the default set
|
|
@@ -527,20 +524,26 @@ The default is
|
|
indicating not to
|
|
.Xr chroot 2 .
|
|
.It Cm Ciphers
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the ciphers allowed.
|
|
Multiple ciphers must be comma-separated.
|
|
If the specified list begins with a
|
|
.Sq +
|
|
-character, then the specified ciphers will be appended to the default set
|
|
-instead of replacing them.
|
|
+character, then the specified ciphers will be appended to the built-in
|
|
+openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified ciphers (including wildcards) will be removed
|
|
-from the default set instead of replacing them.
|
|
+from the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified ciphers will be placed at the head of the
|
|
-default set.
|
|
+built-in openssh default set.
|
|
.Pp
|
|
The supported ciphers are:
|
|
.Pp
|
|
@@ -567,13 +570,6 @@ aes256-gcm@openssh.com
|
|
chacha20-poly1305@openssh.com
|
|
.El
|
|
.Pp
|
|
-The default is:
|
|
-.Bd -literal -offset indent
|
|
-chacha20-poly1305@openssh.com,
|
|
-aes128-ctr,aes192-ctr,aes256-ctr,
|
|
-aes128-gcm@openssh.com,aes256-gcm@openssh.com
|
|
-.Ed
|
|
-.Pp
|
|
The list of available ciphers may also be obtained using
|
|
.Qq ssh -Q cipher .
|
|
.It Cm ClientAliveCountMax
|
|
@@ -764,53 +760,45 @@ For this to work
|
|
.Cm GSSAPIKeyExchange
|
|
needs to be enabled in the server and also used by the client.
|
|
.It Cm GSSAPIKexAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
The list of key exchange algorithms that are accepted by GSSAPI
|
|
key exchange. Possible values are
|
|
.Bd -literal -offset 3n
|
|
-gss-gex-sha1-,
|
|
-gss-group1-sha1-,
|
|
-gss-group14-sha1-,
|
|
-gss-group14-sha256-,
|
|
-gss-group16-sha512-,
|
|
-gss-nistp256-sha256-,
|
|
+gss-gex-sha1-
|
|
+gss-group1-sha1-
|
|
+gss-group14-sha1-
|
|
+gss-group14-sha256-
|
|
+gss-group16-sha512-
|
|
+gss-nistp256-sha256-
|
|
gss-curve25519-sha256-
|
|
.Ed
|
|
-.Pp
|
|
-The default is
|
|
-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,
|
|
-gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
|
|
This option only applies to connections using GSSAPI.
|
|
.It Cm HostbasedAcceptedAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the signature algorithms that will be accepted for hostbased
|
|
authentication as a list of comma-separated patterns.
|
|
Alternately if the specified list begins with a
|
|
.Sq +
|
|
character, then the specified signature algorithms will be appended to
|
|
-the default set instead of replacing them.
|
|
+the built-in openssh set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified signature algorithms (including wildcards)
|
|
-will be removed from the default set instead of replacing them.
|
|
+will be removed from the built-in openssh set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified signature algorithms will be placed at
|
|
-the head of the default set.
|
|
-The default for this option is:
|
|
-.Bd -literal -offset 3n
|
|
-ssh-ed25519-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp384-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp521-cert-v01@openssh.com,
|
|
-sk-ssh-ed25519-cert-v01@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-rsa-sha2-512-cert-v01@openssh.com,
|
|
-rsa-sha2-256-cert-v01@openssh.com,
|
|
-ssh-ed25519,
|
|
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
|
-sk-ssh-ed25519@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256@openssh.com,
|
|
-rsa-sha2-512,rsa-sha2-256
|
|
-.Ed
|
|
+the head of the built-in openssh default set.
|
|
.Pp
|
|
The list of available signature algorithms may also be obtained using
|
|
.Qq ssh -Q HostbasedAcceptedAlgorithms .
|
|
@@ -876,25 +865,15 @@ is specified, the location of the socket
|
|
.Ev SSH_AUTH_SOCK
|
|
environment variable.
|
|
.It Cm HostKeyAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the host key signature algorithms
|
|
that the server offers.
|
|
The default for this option is:
|
|
-.Bd -literal -offset 3n
|
|
-ssh-ed25519-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp384-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp521-cert-v01@openssh.com,
|
|
-sk-ssh-ed25519-cert-v01@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-rsa-sha2-512-cert-v01@openssh.com,
|
|
-rsa-sha2-256-cert-v01@openssh.com,
|
|
-ssh-ed25519,
|
|
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
|
-sk-ssh-ed25519@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256@openssh.com,
|
|
-rsa-sha2-512,rsa-sha2-256
|
|
-.Ed
|
|
-.Pp
|
|
The list of available signature algorithms may also be obtained using
|
|
.Qq ssh -Q HostKeyAlgorithms .
|
|
.It Cm IgnoreRhosts
|
|
@@ -1027,24 +1006,30 @@ file on logout.
|
|
The default is
|
|
.Cm yes .
|
|
.It Cm KexAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the permitted KEX (Key Exchange) algorithms that the server will
|
|
offer to clients.
|
|
The ordering of this list is not important, as the client specifies the
|
|
preference order.
|
|
Multiple algorithms must be comma-separated.
|
|
.Pp
|
|
If the specified list begins with a
|
|
.Sq +
|
|
-character, then the specified algorithms will be appended to the default set
|
|
-instead of replacing them.
|
|
+character, then the specified methods will be appended to the built-in
|
|
+openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified algorithms (including wildcards) will be removed
|
|
-from the default set instead of replacing them.
|
|
+from the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified algorithms will be placed at the head of the
|
|
-default set.
|
|
+built-in openssh default set.
|
|
.Pp
|
|
The supported algorithms are:
|
|
.Pp
|
|
@@ -1072,16 +1057,6 @@ ecdh-sha2-nistp521
|
|
sntrup761x25519-sha512@openssh.com
|
|
.El
|
|
.Pp
|
|
-The default is:
|
|
-.Bd -literal -offset indent
|
|
-sntrup761x25519-sha512@openssh.com,
|
|
-curve25519-sha256,curve25519-sha256@libssh.org,
|
|
-ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,
|
|
-diffie-hellman-group-exchange-sha256,
|
|
-diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,
|
|
-diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
|
|
-.Ed
|
|
-.Pp
|
|
The list of supported key exchange algorithms may also be obtained using
|
|
.Qq ssh -Q KexAlgorithms .
|
|
.It Cm ListenAddress
|
|
@@ -1167,21 +1142,27 @@ function, and all code in the
|
|
file.
|
|
This option is intended for debugging and no overrides are enabled by default.
|
|
.It Cm MACs
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the available MAC (message authentication code) algorithms.
|
|
The MAC algorithm is used for data integrity protection.
|
|
Multiple algorithms must be comma-separated.
|
|
If the specified list begins with a
|
|
.Sq +
|
|
-character, then the specified algorithms will be appended to the default set
|
|
-instead of replacing them.
|
|
+character, then the specified algorithms will be appended to the built-in
|
|
+openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified algorithms (including wildcards) will be removed
|
|
-from the default set instead of replacing them.
|
|
+from the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified algorithms will be placed at the head of the
|
|
-default set.
|
|
+built-in openssh default set.
|
|
.Pp
|
|
The algorithms that contain
|
|
.Qq -etm
|
|
@@ -1224,15 +1205,6 @@ umac-64-etm@openssh.com
|
|
umac-128-etm@openssh.com
|
|
.El
|
|
.Pp
|
|
-The default is:
|
|
-.Bd -literal -offset indent
|
|
-umac-64-etm@openssh.com,umac-128-etm@openssh.com,
|
|
-hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,
|
|
-hmac-sha1-etm@openssh.com,
|
|
-umac-64@openssh.com,umac-128@openssh.com,
|
|
-hmac-sha2-256,hmac-sha2-512,hmac-sha1
|
|
-.Ed
|
|
-.Pp
|
|
The list of available MAC algorithms may also be obtained using
|
|
.Qq ssh -Q mac .
|
|
.It Cm Match
|
|
@@ -1614,36 +1586,26 @@ or equivalent.)
|
|
The default is
|
|
.Cm yes .
|
|
.It Cm PubkeyAcceptedAlgorithms
|
|
+The default is handled system-wide by
|
|
+.Xr crypto-policies 7 .
|
|
+Information about defaults, how to modify the defaults and how to customize
|
|
+existing policies with sub-policies are present in manual page
|
|
+.Xr update-crypto-policies 8 .
|
|
+.Pp
|
|
Specifies the signature algorithms that will be accepted for public key
|
|
authentication as a list of comma-separated patterns.
|
|
Alternately if the specified list begins with a
|
|
.Sq +
|
|
-character, then the specified algorithms will be appended to the default set
|
|
-instead of replacing them.
|
|
+character, then the specified algorithms will be appended to the built-in
|
|
+openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq -
|
|
character, then the specified algorithms (including wildcards) will be removed
|
|
-from the default set instead of replacing them.
|
|
+from the built-in openssh default set instead of replacing them.
|
|
If the specified list begins with a
|
|
.Sq ^
|
|
character, then the specified algorithms will be placed at the head of the
|
|
-default set.
|
|
-The default for this option is:
|
|
-.Bd -literal -offset 3n
|
|
-ssh-ed25519-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp384-cert-v01@openssh.com,
|
|
-ecdsa-sha2-nistp521-cert-v01@openssh.com,
|
|
-sk-ssh-ed25519-cert-v01@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,
|
|
-rsa-sha2-512-cert-v01@openssh.com,
|
|
-rsa-sha2-256-cert-v01@openssh.com,
|
|
-ssh-ed25519,
|
|
-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
|
|
-sk-ssh-ed25519@openssh.com,
|
|
-sk-ecdsa-sha2-nistp256@openssh.com,
|
|
-rsa-sha2-512,rsa-sha2-256
|
|
-.Ed
|
|
+built-in openssh default set.
|
|
.Pp
|
|
The list of available signature algorithms may also be obtained using
|
|
.Qq ssh -Q PubkeyAcceptedAlgorithms .
|
|
@@ -2122,7 +2084,9 @@ This file should be writable by root onl
|
|
.El
|
|
.Sh SEE ALSO
|
|
.Xr sftp-server 8 ,
|
|
-.Xr sshd 8
|
|
+.Xr sshd 8 ,
|
|
+.Xr crypto-policies 7 ,
|
|
+.Xr update-crypto-policies 8
|
|
.Sh AUTHORS
|
|
.An -nosplit
|
|
OpenSSH is a derivative of the original and free
|