.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.433 2022/11/28 01:37:36 djm Exp $
-.Dd $Mdocdate: November 28 2022 $
+.\" $OpenBSD: ssh.1,v 1.434 2023/06/21 05:08:32 djm Exp $
+.Dd $Mdocdate: June 21 2023 $
.Dt SSH 1
.Os
.Sh NAME
(key exchange algorithms),
.Ar key
(key types),
+.Ar key-ca-sign
+(valid CA signature algorithms for certificates),
.Ar key-cert
(certificate key types),
.Ar key-plain
-/* $OpenBSD: ssh.c,v 1.588 2023/04/26 01:36:03 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.589 2023/06/21 05:08:32 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
cp = sshkey_alg_list(1, 0, 0, '\n');
else if (strcmp(optarg, "key-plain") == 0)
cp = sshkey_alg_list(0, 1, 0, '\n');
+ else if (strcmp(optarg, "key-ca-sign") == 0 ||
+ strcasecmp(optarg, "CASignatureAlgorithms") == 0)
+ cp = sshkey_alg_list(0, 1, 1, '\n');
else if (strcmp(optarg, "key-sig") == 0 ||
- strcasecmp(optarg, "CASignatureAlgorithms") == 0 ||
strcasecmp(optarg, "PubkeyAcceptedKeyTypes") == 0 || /* deprecated name */
strcasecmp(optarg, "PubkeyAcceptedAlgorithms") == 0 ||
strcasecmp(optarg, "HostKeyAlgorithms") == 0 ||
projects / openbsd / commitdiff