===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/67.html,v
retrieving revision 1.68
retrieving revision 1.69
diff -c -r1.68 -r1.69
*** www/67.html 2020/05/12 14:02:42 1.68
--- www/67.html 2020/05/12 14:15:18 1.69
***************
*** 1181,1186 ****
--- 1181,1204 ----
sftp(1):
reject an argument of "-1" in the same way as ssh(1) and
scp(1) do instead of accepting and silently ignoring it.
+ Removed ssh-rsa (SHA1) from the list of allowed CA signature algorithms.
+ Removed diffie-hellman-group14-sha1 from the default ssh(1) key exchange.
+ ssh-keygen(1):
+ the command-line options related to the generation
+ and screening of safe prime numbers used by the
+ diffie-hellman-group-exchange-* key exchange algorithms have
+ changed. Most options have been folded under the -O flag.
+ sshd(8):
+ the sshd listener process title visible to ps(1) has
+ changed to include information about the number of connections that
+ are currently attempting authentication and the limits configured
+ by MaxStartups.
+ ssh-sk-helper(8):
+ this is a new binary. It is used by the FIDO/U2F
+ support to provide address-space isolation for token middleware
+ libraries (including the internal one). It needs to be installed
+ in the expected path under /usr/libexec.
New Features
***************
*** 1205,1213 ****
- Added an sshd_config(5)
"Include" directive to allow inclusion of files.
-
- Removed ssh-rsa (SHA1) from the list of allowed CA signature algorithms.
-
- Removed diffie-hellman-group14-sha1 from the default ssh(1) key exchange.
- Renamed ssh-add(1)
-O to -K to load resident keys from a FIDO authenticator.
- Added the ability to download FIDO2 resident keys from a token
--- 1223,1228 ----