===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/64.html,v
retrieving revision 1.49
retrieving revision 1.50
diff -c -r1.49 -r1.50
*** www/64.html 2018/10/14 15:53:25 1.49
--- www/64.html 2018/10/14 15:55:39 1.50
***************
*** 324,353 ****
- New features:
! - In most places in ssh(1)
! and sshd(8) where port
! numbers are used, service names (from /etc/services) can now be used.
!
- The ssh(1) IdentityAgent
! configuration directive now accepts environment variable names. This
! supports the use of multiple agent sockets without needing to use
! fixed paths.
- Support signalling sessions via the SSH protocol in
sshd(8).
!
- "ssh -Q sig" can be used to list supported signature options.
! Also "ssh -Q help" will show the full set of supported queries.
!
- The new CASignatureAlgorithms option in ssh(1) and sshd(8) controlls the allowed
! signature formats for CAs to sign certificates with. For example, this
! allows banning CAs that sign certificates using the RSA-SHA1 signature
! algorithm.
!
- Key revocation lists (KRLs) can now contain keys specified by SHA256
! hash. These lists are managed by ssh-keygen(8). In
addition, KRLs can now be created from base64-encoded SHA256
! fingerprints, i.e. from only the information contained in sshd(8) authentication log
! messages.
--- 324,356 ----
- New features:
! - In most places
! in ssh(1)
! and sshd(8) where
! port numbers are used, service names (from /etc/services) can
! now be used.
!
- The ssh(1)
! IdentityAgent configuration directive now accepts environment
! variable names. This supports the use of multiple agent
! sockets without needing to use fixed paths.
- Support signalling sessions via the SSH protocol in
sshd(8).
!
- "ssh -Q sig" can be used to list supported signature
! options. Also "ssh -Q help" will show the full set of
! supported queries.
!
- The new CASignatureAlgorithms option
! in ssh(1)
! and sshd(8)
! controlls the allowed signature formats for CAs to sign
! certificates with. For example, this allows banning CAs that
! sign certificates using the RSA-SHA1 signature algorithm.
!
- Key revocation lists (KRLs) can now contain keys specified
! by SHA256 hash. These lists are managed
! by ssh-keygen(8). In
addition, KRLs can now be created from base64-encoded SHA256
! fingerprints, i.e. from only the information contained
! in sshd(8)
! authentication log messages.