b129d6336e
Clarify HostkeyAlgorithms and crypto-policies relation on the ssh_config man page Signed-off-by: Norbert Pocs <npocs@redhat.com>
17 lines
792 B
Diff
17 lines
792 B
Diff
diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-8.7p1/ssh_config.5 openssh-8.7p1-patched/ssh_config.5
|
|
--- openssh-8.7p1/ssh_config.5 2023-05-29 13:41:19.731835097 +0200
|
|
+++ openssh-8.7p1-patched/ssh_config.5 2023-05-29 13:40:58.806604144 +0200
|
|
@@ -989,6 +989,12 @@
|
|
.Pp
|
|
The list of available signature algorithms may also be obtained using
|
|
.Qq ssh -Q HostKeyAlgorithms .
|
|
+.Pp
|
|
+.Xr crypto_policies 7 does not handle the list of algorithms as doing so
|
|
+would break the order given by the
|
|
+.Pa known_hosts
|
|
+file. Therefore the list is filtered by
|
|
+.Cm PubkeyAcceptedAlgorithms.
|
|
.It Cm HostKeyAlias
|
|
Specifies an alias that should be used instead of the
|
|
real host name when looking up or saving the host key
|