===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/myproposal.h,v
retrieving revision 1.56
retrieving revision 1.57
diff -u -r1.56 -r1.57
--- src/usr.bin/ssh/myproposal.h	2018/07/03 11:39:54	1.56
+++ src/usr.bin/ssh/myproposal.h	2018/09/12 01:34:02	1.57
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.56 2018/07/03 11:39:54 djm Exp $ */
+/* $OpenBSD: myproposal.h,v 1.57 2018/09/12 01:34:02 djm Exp $ */
 
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
@@ -82,6 +82,16 @@
 
 #define KEX_CLIENT_MAC KEX_SERVER_MAC
 
+/* Not a KEX value, but here so all the algorithm defaults are together */
+#define	SSH_ALLOWED_CA_SIGALGS	\
+	"ecdsa-sha2-nistp256," \
+	"ecdsa-sha2-nistp384," \
+	"ecdsa-sha2-nistp521," \
+	"ssh-ed25519," \
+	"rsa-sha2-512," \
+	"rsa-sha2-256," \
+	"ssh-rsa"
+
 #else /* WITH_OPENSSL */
 
 #define KEX_SERVER_KEX		\
@@ -108,6 +118,8 @@
 #define KEX_CLIENT_KEX KEX_SERVER_KEX
 #define	KEX_CLIENT_ENCRYPT KEX_SERVER_ENCRYPT
 #define KEX_CLIENT_MAC KEX_SERVER_MAC
+
+#define	SSH_ALLOWED_CA_SIGALGS	"ssh-ed25519"
 
 #endif /* WITH_OPENSSL */