| version 1.49, 2018/10/14 15:53:25 |
version 1.50, 2018/10/14 15:55:39 |
|
|
| <ul> |
<ul> |
| <li>New features: |
<li>New features: |
| <ul> |
<ul> |
| <li>In most places in <a href="http://man.openbsd.org/ssh.1">ssh(1)</a> |
<li>In most places |
| and <a href="http://man.openbsd.org/sshd.8">sshd(8)</a> where port |
in <a href="http://man.openbsd.org/ssh.1">ssh(1)</a> |
| numbers are used, service names (from /etc/services) can now be used. |
and <a href="http://man.openbsd.org/sshd.8">sshd(8)</a> where |
| <li>The <a href="http://man.openbsd.org/ssh.1">ssh(1)</a> IdentityAgent |
port numbers are used, service names (from /etc/services) can |
| configuration directive now accepts environment variable names. This |
now be used. |
| supports the use of multiple agent sockets without needing to use |
<li>The <a href="http://man.openbsd.org/ssh.1">ssh(1)</a> |
| fixed paths. |
IdentityAgent configuration directive now accepts environment |
| |
variable names. This supports the use of multiple agent |
| |
sockets without needing to use fixed paths. |
| <li>Support signalling sessions via the SSH protocol in |
<li>Support signalling sessions via the SSH protocol in |
| <a href="http://man.openbsd.org/sshd.8">sshd(8)</a>. |
<a href="http://man.openbsd.org/sshd.8">sshd(8)</a>. |
| <li>"ssh -Q sig" can be used to list supported signature options. |
<li>"ssh -Q sig" can be used to list supported signature |
| Also "ssh -Q help" will show the full set of supported queries. |
options. Also "ssh -Q help" will show the full set of |
| <li>The new CASignatureAlgorithms option in <a |
supported queries. |
| href="http://man.openbsd.org/ssh.1">ssh(1)</a> and <a |
<li>The new CASignatureAlgorithms option |
| href="http://man.openbsd.org/sshd.8">sshd(8)</a> controlls the allowed |
in <a href="http://man.openbsd.org/ssh.1">ssh(1)</a> |
| signature formats for CAs to sign certificates with. For example, this |
and <a href="http://man.openbsd.org/sshd.8">sshd(8)</a> |
| allows banning CAs that sign certificates using the RSA-SHA1 signature |
controlls the allowed signature formats for CAs to sign |
| algorithm. |
certificates with. For example, this allows banning CAs that |
| <li>Key revocation lists (KRLs) can now contain keys specified by SHA256 |
sign certificates using the RSA-SHA1 signature algorithm. |
| hash. These lists are managed by <a |
<li>Key revocation lists (KRLs) can now contain keys specified |
| href="http://man.openbsd.org/ssh-keygen.8">ssh-keygen(8)</a>. In |
by SHA256 hash. These lists are managed |
| |
by <a href="http://man.openbsd.org/ssh-keygen.8">ssh-keygen(8)</a>. In |
| addition, KRLs can now be created from base64-encoded SHA256 |
addition, KRLs can now be created from base64-encoded SHA256 |
| fingerprints, i.e. from only the information contained in <a |
fingerprints, i.e. from only the information contained |
| href="http://man.openbsd.org/sshd.8">sshd(8)</a> authentication log |
in <a href="http://man.openbsd.org/sshd.8">sshd(8)</a> |
| messages. |
authentication log messages. |
| </ul> |
</ul> |
| </ul> |
</ul> |
| <p> |
<p> |
![[BACK]](/icons/back.gif){kind=icon}
Return to 64.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www