===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/64.html,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -r1.49 -r1.50
--- www/64.html 2018/10/14 15:53:25 1.49
+++ www/64.html 2018/10/14 15:55:39 1.50
@@ -324,30 +324,33 @@
- New features:
- - In most places in ssh(1)
- and sshd(8) where port
- numbers are used, service names (from /etc/services) can now be used.
-
- The ssh(1) IdentityAgent
- configuration directive now accepts environment variable names. This
- supports the use of multiple agent sockets without needing to use
- fixed paths.
+
- In most places
+ in ssh(1)
+ and sshd(8) where
+ port numbers are used, service names (from /etc/services) can
+ now be used.
+
- The ssh(1)
+ IdentityAgent configuration directive now accepts environment
+ variable names. This supports the use of multiple agent
+ sockets without needing to use fixed paths.
- Support signalling sessions via the SSH protocol in
sshd(8).
-
- "ssh -Q sig" can be used to list supported signature options.
- Also "ssh -Q help" will show the full set of supported queries.
-
- The new CASignatureAlgorithms option in ssh(1) and sshd(8) controlls the allowed
- signature formats for CAs to sign certificates with. For example, this
- allows banning CAs that sign certificates using the RSA-SHA1 signature
- algorithm.
-
- Key revocation lists (KRLs) can now contain keys specified by SHA256
- hash. These lists are managed by ssh-keygen(8). In
+
- "ssh -Q sig" can be used to list supported signature
+ options. Also "ssh -Q help" will show the full set of
+ supported queries.
+
- The new CASignatureAlgorithms option
+ in ssh(1)
+ and sshd(8)
+ controlls the allowed signature formats for CAs to sign
+ certificates with. For example, this allows banning CAs that
+ sign certificates using the RSA-SHA1 signature algorithm.
+
- Key revocation lists (KRLs) can now contain keys specified
+ by SHA256 hash. These lists are managed
+ by ssh-keygen(8). In
addition, KRLs can now be created from base64-encoded SHA256
- fingerprints, i.e. from only the information contained in sshd(8) authentication log
- messages.
+ fingerprints, i.e. from only the information contained
+ in sshd(8)
+ authentication log messages.