Date: Tue, 8 Mar 2022 22:00:51 GMT From: Ed Maste <emaste@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: cea0d3689efe - main - ssh: update sshd_config(5) for RSA/SHA-1 signature removal Message-ID: <202203082200.228M0p7D020938@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=cea0d3689efe459118ed5fd4e3e7538bf85d4642 commit cea0d3689efe459118ed5fd4e3e7538bf85d4642 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2022-03-08 21:56:04 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2022-03-08 21:56:56 +0000 ssh: update sshd_config(5) for RSA/SHA-1 signature removal OpenSSH 8.8p1 removed RSA/SHA-1 signatures by default, but failed to update sshd_config(5). It was updated upstream after the release in b711bc01a7ec and da4035523406. Fixes: 8c22023ca5e1 ("ssh: disable RSA/SHA-1 signatures") Sponsored by: The FreeBSD Foundation --- crypto/openssh/sshd_config.5 | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index 527f3d4bb46e..57edd8dc28ac 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -35,7 +35,7 @@ .\" .\" $OpenBSD: sshd_config.5,v 1.335 2021/09/03 05:25:50 dtucker Exp $ .\" $FreeBSD$ -.Dd $Mdocdate: September 3 2021 $ +.Dd $Mdocdate: December 4 2021 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -690,12 +690,11 @@ sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, -rsa-sha2-512,rsa-sha2-256,ssh-rsa +rsa-sha2-512,rsa-sha2-256 .Ed .Pp The list of available signature algorithms may also be obtained using @@ -775,12 +774,11 @@ sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, -rsa-sha2-512,rsa-sha2-256,ssh-rsa +rsa-sha2-512,rsa-sha2-256 .Ed .Pp The list of available signature algorithms may also be obtained using @@ -1531,12 +1529,11 @@ sk-ssh-ed25519-cert-v01@openssh.com, sk-ecdsa-sha2-nistp256-cert-v01@openssh.com, rsa-sha2-512-cert-v01@openssh.com, rsa-sha2-256-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, ssh-ed25519, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, sk-ssh-ed25519@openssh.com, sk-ecdsa-sha2-nistp256@openssh.com, -rsa-sha2-512,rsa-sha2-256,ssh-rsa +rsa-sha2-512,rsa-sha2-256 .Ed .Pp The list of available signature algorithms may also be obtained using
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202203082200.228M0p7D020938>