[BACK]Return to sshd_config.5 CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / crypto / external / bsd / openssh / dist

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

Diff for /src/crypto/external/bsd/openssh/dist/sshd_config.5 between version 1.1.1.28 and 1.1.1.29

version 1.1.1.28, 2021/04/19 14:38:30 version 1.1.1.29, 2021/09/02 11:22:30
Line 33 
Line 33 
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF  .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.  .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"  .\"
 .\" $OpenBSD: sshd_config.5,v 1.331 2021/04/04 11:36:56 jmc Exp $  .\" $OpenBSD: sshd_config.5,v 1.334 2021/08/12 23:59:25 djm Exp $
 .Dd $Mdocdate: April 4 2021 $  .Dd $Mdocdate: August 12 2021 $
 .Dt SSHD_CONFIG 5  .Dt SSHD_CONFIG 5
 .Os  .Os
 .Sh NAME  .Sh NAME
Line 378  Specifies which algorithms are allowed f
Line 378  Specifies which algorithms are allowed f
 by certificate authorities (CAs).  by certificate authorities (CAs).
 The default is:  The default is:
 .Bd -literal -offset indent  .Bd -literal -offset indent
 ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,  ssh-ed25519,ecdsa-sha2-nistp256,
 sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,  ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
   sk-ssh-ed25519@openssh.com,
   sk-ecdsa-sha2-nistp256@openssh.com,
 rsa-sha2-512,rsa-sha2-256  rsa-sha2-512,rsa-sha2-256
 .Ed  .Ed
 .Pp  .Pp
   If the specified list begins with a
   .Sq +
   character, then the specified algorithms will be appended to the default set
   instead of replacing them.
   If the specified list begins with a
   .Sq -
   character, then the specified algorithms (including wildcards) will be removed
   from the default set instead of replacing them.
   .Pp
 Certificates signed using other algorithms will not be accepted for  Certificates signed using other algorithms will not be accepted for
 public key or host-based authentication.  public key or host-based authentication.
 .It Cm ChallengeResponseAuthentication  
 Specifies whether challenge-response authentication is allowed.  
 All authentication styles from  
 .Xr login.conf 5  
 are supported.  
 The default is  
 .Cm yes .  
 .It Cm ChrootDirectory  .It Cm ChrootDirectory
 Specifies the pathname of a directory to  Specifies the pathname of a directory to
 .Xr chroot 2  .Xr chroot 2
Line 876  for interactive sessions and
Line 880  for interactive sessions and
 for non-interactive sessions.  for non-interactive sessions.
 .It Cm KbdInteractiveAuthentication  .It Cm KbdInteractiveAuthentication
 Specifies whether to allow keyboard-interactive authentication.  Specifies whether to allow keyboard-interactive authentication.
   All authentication styles from
   .Xr login.conf 5
   are supported.
   The default is
   .Cm yes .
 The argument to this keyword must be  The argument to this keyword must be
 .Cm yes  .Cm yes
 or  or
 .Cm no .  .Cm no .
 The default is to use whatever value  
 .Cm ChallengeResponseAuthentication  .Cm ChallengeResponseAuthentication
 is set to  is a deprecated alias for this.
 (by default  
 .Cm yes ) .  
 .It Cm KerberosAuthentication  .It Cm KerberosAuthentication
 Specifies whether the password provided by the user for  Specifies whether the password provided by the user for
 .Cm PasswordAuthentication  .Cm PasswordAuthentication
Line 1605  For more information on KRLs, see the KE
Line 1611  For more information on KRLs, see the KE
 .It Cm RDomain  .It Cm RDomain
 Specifies an explicit routing domain that is applied after authentication  Specifies an explicit routing domain that is applied after authentication
 has completed.  has completed.
 The user session, as well and any forwarded or listening IP sockets,  The user session, as well as any forwarded or listening IP sockets,
 will be bound to this  will be bound to this
 .Xr rdomain 4 .  .Xr rdomain 4 .
 If the routing domain is set to  If the routing domain is set to
Legend:
Removed from v.1.1.1.28  
changed lines
  Added in v.1.1.1.29
CVSweb <webmaster@jp.NetBSD.org>