version 1.101, 2020/05/06 13:34:47 |
version 1.102, 2021/03/15 10:18:42 |
|
|
integrated PIN readers. This would lead to an inability to |
integrated PIN readers. This would lead to an inability to |
retrieve keys from these tokens. bz#2652 |
retrieve keys from these tokens. bz#2652 |
<li>ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the |
<li>ssh(1), ssh-add(1): Support keys on PKCS#11 tokens that set the |
CKA_ALWAYS_AUTHENTICATE flag by requring a fresh login after the |
CKA_ALWAYS_AUTHENTICATE flag by requiring a fresh login after the |
C_SignInit operation. bz#2638 |
C_SignInit operation. bz#2638 |
<li>ssh(1): Improve documentation for ProxyJump/-J, clarifying that |
<li>ssh(1): Improve documentation for ProxyJump/-J, clarifying that |
local configuration does not apply to jump hosts. |
local configuration does not apply to jump hosts. |
|
|
(leftover from authentication) around for the life of the |
(leftover from authentication) around for the life of the |
connection; bz#2912 |
connection; bz#2912 |
<li>sshd(8): Fix bug in HostbasedAcceptedKeyTypes and |
<li>sshd(8): Fix bug in HostbasedAcceptedKeyTypes and |
PubkeyAcceptedKeyTypes options. If only RSA-SHA2 siganture types |
PubkeyAcceptedKeyTypes options. If only RSA-SHA2 signature types |
were specified, then authentication would always fail for RSA keys |
were specified, then authentication would always fail for RSA keys |
as the monitor checks only the base key (not the signature |
as the monitor checks only the base key (not the signature |
algorithm) type against *AcceptedKeyTypes. bz#2746 |
algorithm) type against *AcceptedKeyTypes. bz#2746 |