===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/65.html,v
retrieving revision 1.101
retrieving revision 1.102
diff -c -r1.101 -r1.102
*** www/65.html 2020/05/06 13:34:47 1.101
--- www/65.html 2021/03/15 10:18:42 1.102
***************
*** 540,546 ****
integrated PIN readers. This would lead to an inability to
retrieve keys from these tokens. bz#2652
ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the
! CKA_ALWAYS_AUTHENTICATE flag by requring a fresh login after the
C_SignInit operation. bz#2638
ssh(1): Improve documentation for ProxyJump/-J, clarifying that
local configuration does not apply to jump hosts.
--- 540,546 ----
integrated PIN readers. This would lead to an inability to
retrieve keys from these tokens. bz#2652
ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the
! CKA_ALWAYS_AUTHENTICATE flag by requiring a fresh login after the
C_SignInit operation. bz#2638
ssh(1): Improve documentation for ProxyJump/-J, clarifying that
local configuration does not apply to jump hosts.
***************
*** 575,581 ****
(leftover from authentication) around for the life of the
connection; bz#2912
sshd(8): Fix bug in HostbasedAcceptedKeyTypes and
! PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types
were specified, then authentication would always fail for RSA keys
as the monitor checks only the base key (not the signature
algorithm) type against *AcceptedKeyTypes. bz#2746
--- 575,581 ----
(leftover from authentication) around for the life of the
connection; bz#2912
sshd(8): Fix bug in HostbasedAcceptedKeyTypes and
! PubkeyAcceptedKeyTypes options. If only RSA-SHA2 signature types
were specified, then authentication would always fail for RSA keys
as the monitor checks only the base key (not the signature
algorithm) type against *AcceptedKeyTypes. bz#2746