| version 1.213, 2015/07/10 06:21:53 |
version 1.214, 2015/07/30 00:01:34 |
|
|
| Specifies the ciphers allowed for protocol version 2 |
Specifies the ciphers allowed for protocol version 2 |
| in order of preference. |
in order of preference. |
| Multiple ciphers must be comma-separated. |
Multiple ciphers must be comma-separated. |
| |
If the specified value begins with a |
| |
.Sq + |
| |
character, then the specified ciphers will be appended to the default set |
| |
instead of replacing them. |
| |
.Pp |
| The supported ciphers are: |
The supported ciphers are: |
| .Pp |
.Pp |
| .Bl -item -compact -offset indent |
.Bl -item -compact -offset indent |
|
|
| .It Cm HostbasedKeyTypes |
.It Cm HostbasedKeyTypes |
| Specifies the key types that will be used for hostbased authentication |
Specifies the key types that will be used for hostbased authentication |
| as a comma-separated pattern list. |
as a comma-separated pattern list. |
| |
Alternately if the specified value begins with a |
| |
.Sq + |
| |
character, then the specified key types will be appended to the default set |
| |
instead of replacing them. |
| The default for this option is: |
The default for this option is: |
| .Bd -literal -offset 3n |
.Bd -literal -offset 3n |
| ecdsa-sha2-nistp256-cert-v01@openssh.com, |
ecdsa-sha2-nistp256-cert-v01@openssh.com, |
|
|
| .It Cm HostKeyAlgorithms |
.It Cm HostKeyAlgorithms |
| Specifies the protocol version 2 host key algorithms |
Specifies the protocol version 2 host key algorithms |
| that the client wants to use in order of preference. |
that the client wants to use in order of preference. |
| |
Alternately if the specified value begins with a |
| |
.Sq + |
| |
character, then the specified key types will be appended to the default set |
| |
instead of replacing them. |
| The default for this option is: |
The default for this option is: |
| .Bd -literal -offset 3n |
.Bd -literal -offset 3n |
| ecdsa-sha2-nistp256-cert-v01@openssh.com, |
ecdsa-sha2-nistp256-cert-v01@openssh.com, |
|
|
| .It Cm KexAlgorithms |
.It Cm KexAlgorithms |
| Specifies the available KEX (Key Exchange) algorithms. |
Specifies the available KEX (Key Exchange) algorithms. |
| Multiple algorithms must be comma-separated. |
Multiple algorithms must be comma-separated. |
| |
Alternately if the specified value begins with a |
| |
.Sq + |
| |
character, then the specified methods will be appended to the default set |
| |
instead of replacing them. |
| The default is: |
The default is: |
| .Bd -literal -offset indent |
.Bd -literal -offset indent |
| curve25519-sha256@libssh.org, |
curve25519-sha256@libssh.org, |
|
|
| The MAC algorithm is used in protocol version 2 |
The MAC algorithm is used in protocol version 2 |
| for data integrity protection. |
for data integrity protection. |
| Multiple algorithms must be comma-separated. |
Multiple algorithms must be comma-separated. |
| |
If the specified value begins with a |
| |
.Sq + |
| |
character, then the specified algorithms will be appended to the default set |
| |
instead of replacing them. |
| |
.Pp |
| The algorithms that contain |
The algorithms that contain |
| .Dq -etm |
.Dq -etm |
| calculate the MAC after encryption (encrypt-then-mac). |
calculate the MAC after encryption (encrypt-then-mac). |
| These are considered safer and their use recommended. |
These are considered safer and their use recommended. |
| |
.Pp |
| The default is: |
The default is: |
| .Bd -literal -offset indent |
.Bd -literal -offset indent |
| umac-64-etm@openssh.com,umac-128-etm@openssh.com, |
umac-64-etm@openssh.com,umac-128-etm@openssh.com, |
|
|
| .It Cm PubkeyAcceptedKeyTypes |
.It Cm PubkeyAcceptedKeyTypes |
| Specifies the key types that will be used for public key authentication |
Specifies the key types that will be used for public key authentication |
| as a comma-separated pattern list. |
as a comma-separated pattern list. |
| |
Alternately if the specified value begins with a |
| |
.Sq + |
| |
character, then the key types after it will be appended to the default |
| |
instead of replacing it. |
| The default for this option is: |
The default for this option is: |
| .Bd -literal -offset 3n |
.Bd -literal -offset 3n |
| ecdsa-sha2-nistp256-cert-v01@openssh.com, |
ecdsa-sha2-nistp256-cert-v01@openssh.com, |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh_config.5 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh