jonathancammack / rpms / openssh

Forked from rpms/openssh 8 months ago
Clone
Source Code
GIT

Blame SOURCES/openssh-8.0p1-crypto-policy-doc.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   b3b6ef1618d0ad937e3c301a15a6a06f7238731f
  2.   SOURCES
  3.   openssh-8.0p1-crypto-policy-doc.patch
Blob History Raw
58886c 
diff --color -ru a/sshd.8 b/sshd.8
58886c 
--- a/sshd.8	2022-05-31 13:39:10.231843926 +0200
58886c 
+++ b/sshd.8	2022-05-31 14:34:01.460815420 +0200
58886c 
@@ -78,6 +78,7 @@
58886c 
 .Xr sshd_config 5 ) ;
58886c 
 command-line options override values specified in the
58886c 
 configuration file.
58886c 
+This mechanism is used by systemd to apply system-wide crypto-policies to ssh server.
58886c 
 .Nm
58886c 
 rereads its configuration file when it receives a hangup signal,
58886c 
 .Dv SIGHUP ,
58886c 
@@ -207,6 +208,13 @@
58886c 
 rules may be applied by specifying the connection parameters using one or more
58886c 
 .Fl C
58886c 
 options.
58886c 
+The configuration does not contain the system-wide crypto-policy configuration.
58886c 
+To show the most accurate runtime configuration, use:
58886c 
+.Bd -literal -offset 3n
58886c 
+source /etc/crypto-policies/back-ends/opensshserver.config
58886c 
+source /etc/sysconfig/sshd
58886c 
+sshd -T $OPTIONS $CRYPTO_POLICY
58886c 
+.Ed
58886c 
 .It Fl t
58886c 
 Test mode.
58886c 
 Only check the validity of the configuration file and sanity of the keys.

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation