Return to 67.html CVS log | Up to [local] / www |
version 1.68, 2020/05/12 14:02:42 | version 1.69, 2020/05/12 14:15:18 | ||
---|---|---|---|
|
|
||
<li><a href="https://man.openbsd.org/sftp">sftp(1)</a>: | <li><a href="https://man.openbsd.org/sftp">sftp(1)</a>: | ||
reject an argument of "-1" in the same way as ssh(1) and | reject an argument of "-1" in the same way as ssh(1) and | ||
scp(1) do instead of accepting and silently ignoring it. | scp(1) do instead of accepting and silently ignoring it. | ||
<li>Removed ssh-rsa (SHA1) from the list of allowed CA signature algorithms. | |||
<li>Removed diffie-hellman-group14-sha1 from the default <a | |||
href="https://man.openbsd.org/ssh">ssh(1)</a> key exchange. | |||
<li><a href="https://man.openbsd.org/ssh-keygen.a">ssh-keygen(1)</a>: | |||
the command-line options related to the generation | |||
and screening of safe prime numbers used by the | |||
diffie-hellman-group-exchange-* key exchange algorithms have | |||
changed. Most options have been folded under the -O flag. | |||
<li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>: | |||
the sshd listener process title visible to ps(1) has | |||
changed to include information about the number of connections that | |||
are currently attempting authentication and the limits configured | |||
by MaxStartups. | |||
<li><a href="https://man.openbsd.org/ssh-sk-helper.8">ssh-sk-helper(8)</a>: | |||
this is a new binary. It is used by the FIDO/U2F | |||
support to provide address-space isolation for token middleware | |||
libraries (including the internal one). It needs to be installed | |||
in the expected path under /usr/libexec. | |||
</ul> | </ul> | ||
<li>New Features | <li>New Features | ||
<ul> | <ul> | ||
|
|
||
<li>Added an <a | <li>Added an <a | ||
href="https://man.openbsd.org/sshd_config">sshd_config(5)</a> | href="https://man.openbsd.org/sshd_config">sshd_config(5)</a> | ||
"Include" directive to allow inclusion of files. | "Include" directive to allow inclusion of files. | ||
<li>Removed ssh-rsa (SHA1) from the list of allowed CA signature algorithms. | |||
<li>Removed diffie-hellman-group14-sha1 from the default <a | |||
href="https://man.openbsd.org/ssh">ssh(1)</a> key exchange. | |||
<li>Renamed <a href="https://man.openbsd.org/ssh-add">ssh-add(1)</a> | <li>Renamed <a href="https://man.openbsd.org/ssh-add">ssh-add(1)</a> | ||
-O to -K to load resident keys from a FIDO authenticator. | -O to -K to load resident keys from a FIDO authenticator. | ||
<li>Added the ability to download FIDO2 resident keys from a token | <li>Added the ability to download FIDO2 resident keys from a token |