=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/ssh_config.5,v retrieving revision 1.347 retrieving revision 1.348 diff -u -r1.347 -r1.348 --- src/usr.bin/ssh/ssh_config.5 2021/02/15 20:43:15 1.347 +++ src/usr.bin/ssh/ssh_config.5 2021/02/23 21:55:08 1.348 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.347 2021/02/15 20:43:15 markus Exp $ -.Dd $Mdocdate: February 15 2021 $ +.\" $OpenBSD: ssh_config.5,v 1.348 2021/02/23 21:55:08 djm Exp $ +.Dd $Mdocdate: February 23 2021 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -801,20 +801,20 @@ but may be manually hashed using .Xr ssh-keygen 1 . .It Cm HostbasedAcceptedAlgorithms -Specifies the key types that will be used for hostbased authentication -as a comma-separated list of patterns. +Specifies the signature algorithms that will be used for hostbased +authentication as a comma-separated list of patterns. Alternately if the specified list begins with a .Sq + -character, then the specified key types will be appended to the default set -instead of replacing them. +character, then the specified signature algorithms will be appended +to the default set instead of replacing them. If the specified list begins with a .Sq - -character, then the specified key types (including wildcards) will be removed -from the default set instead of replacing them. +character, then the specified signature algorithms (including wildcards) +will be removed from the default set instead of replacing them. If the specified list begins with a .Sq ^ -character, then the specified key types will be placed at the head of the -default set. +character, then the specified signature algorithms will be placed +at the head of the default set. The default for this option is: .Bd -literal -offset 3n ssh-ed25519-cert-v01@openssh.com, @@ -837,7 +837,7 @@ .Fl Q option of .Xr ssh 1 -may be used to list supported key types. +may be used to list supported signature algorithms. This was formerly named HostbasedKeyTypes. .It Cm HostbasedAuthentication Specifies whether to try rhosts based authentication with public key @@ -848,20 +848,20 @@ .Cm no (the default). .It Cm HostKeyAlgorithms -Specifies the host key algorithms +Specifies the host key signature algorithms that the client wants to use in order of preference. Alternately if the specified list begins with a .Sq + -character, then the specified key types will be appended to the default set -instead of replacing them. +character, then the specified signature algorithms will be appended to +the default set instead of replacing them. If the specified list begins with a .Sq - -character, then the specified key types (including wildcards) will be removed -from the default set instead of replacing them. +character, then the specified signature algorithms (including wildcards) +will be removed from the default set instead of replacing them. If the specified list begins with a .Sq ^ -character, then the specified key types will be placed at the head of the -default set. +character, then the specified signature algorithms will be placed +at the head of the default set. The default for this option is: .Bd -literal -offset 3n ssh-ed25519-cert-v01@openssh.com, @@ -883,7 +883,7 @@ If hostkeys are known for the destination host then this default is modified to prefer their algorithms. .Pp -The list of available key types may also be obtained using +The list of available signature algorithms may also be obtained using .Qq ssh -Q HostKeyAlgorithms . .It Cm HostKeyAlias Specifies an alias that should be used instead of the @@ -1462,7 +1462,7 @@ rsa-sha2-512,rsa-sha2-256,ssh-rsa .Ed .Pp -The list of available key types may also be obtained using +The list of available signature algorithms may also be obtained using .Qq ssh -Q PubkeyAcceptedAlgorithms . .It Cm PubkeyAuthentication Specifies whether to try public key authentication.