www/64.html - diff

Return to 64.html CVS log

Up to [local] / www

Diff for /www/64.html between version 1.48 and 1.49

-version 1.48, 2018/10/14 15:51:00
+version 1.49, 2018/10/14 15:53:25
 Line 322
 Line 322
 Line 322
  <li>OpenSSH 7.8
      <ul>
-     <li>New/changed features:
+     <li>New features:
        <ul>
-       <li>
+       <li>In most places in <a href="http://man.openbsd.org/ssh.1">ssh(1)</a>
+          and <a href="http://man.openbsd.org/sshd.8">sshd(8)</a> where port
+          numbers are used, service names (from /etc/services) can now be used.
+       <li>The <a href="http://man.openbsd.org/ssh.1">ssh(1)</a> IdentityAgent
+          configuration directive now accepts environment variable names. This
+          supports the use of multiple agent sockets without needing to use
+          fixed paths.
+       <li>Support signalling sessions via the SSH protocol in
+          <a href="http://man.openbsd.org/sshd.8">sshd(8)</a>.
+       <li>"ssh -Q sig" can be used to list supported signature options.
+          Also "ssh -Q help" will show the full set of supported queries.
+       <li>The new CASignatureAlgorithms option in <a
+          href="http://man.openbsd.org/ssh.1">ssh(1)</a> and <a
+          href="http://man.openbsd.org/sshd.8">sshd(8)</a> controlls the allowed
+          signature formats for CAs to sign certificates with. For example, this
+          allows banning CAs that sign certificates using the RSA-SHA1 signature
+          algorithm.
+       <li>Key revocation lists (KRLs) can now contain keys specified by SHA256
+          hash. These lists are managed by <a
+          href="http://man.openbsd.org/ssh-keygen.8">ssh-keygen(8)</a>. In
+          addition, KRLs can now be created from base64-encoded SHA256
+          fingerprints, i.e. from only the information contained in <a
+          href="http://man.openbsd.org/sshd.8">sshd(8)</a> authentication log
+          messages.
        </ul>
      </ul>
  <p>