summaryrefslogtreecommitdiff
path: root/docs/configuration/service/ssh.rst
diff options
context:
space:
mode:
authorkhramshinr <khramshinr@gmail.com>2024-06-26 15:13:26 +0600
committerkhramshinr <khramshinr@gmail.com>2024-06-28 13:56:38 +0600
commitd595e52be6d2cec07e910628b86f09c0734d6b26 (patch)
tree5490e2a1f0969eb809614d06e17500e8240f3b7a /docs/configuration/service/ssh.rst
parent411850b9076e5a6638c15e980e094f5f97f74329 (diff)
downloadvyos-documentation-d595e52be6d2cec07e910628b86f09c0734d6b26.tar.gz
vyos-documentation-d595e52be6d2cec07e910628b86f09c0734d6b26.zip
ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option
Diffstat (limited to 'docs/configuration/service/ssh.rst')
-rw-r--r--docs/configuration/service/ssh.rst19
1 files changed, 19 insertions, 0 deletions
diff --git a/docs/configuration/service/ssh.rst b/docs/configuration/service/ssh.rst
index efdbc651..d3ca51b5 100644
--- a/docs/configuration/service/ssh.rst
+++ b/docs/configuration/service/ssh.rst
@@ -109,6 +109,25 @@ Configuration
Specify name of the :abbr:`VRF (Virtual Routing and Forwarding)` instance.
+.. cfgcmd:: set service ssh pubkey-accepted-algorithm <name>
+
+ Specifies the signature algorithms that will be accepted for public key
+ authentication
+
+ List of supported algorithms: ``ssh-ed25519``,
+ ``ssh-ed25519-cert-v01@openssh.com``, ``sk-ssh-ed25519@openssh.com``,
+ ``sk-ssh-ed25519-cert-v01@openssh.com``, ``ecdsa-sha2-nistp256``,
+ ``ecdsa-sha2-nistp256-cert-v01@openssh.com``, ``ecdsa-sha2-nistp384``,
+ ``ecdsa-sha2-nistp384-cert-v01@openssh.com``, ``ecdsa-sha2-nistp521``,
+ ``ecdsa-sha2-nistp521-cert-v01@openssh.com``,
+ ``sk-ecdsa-sha2-nistp256@openssh.com``,
+ ``sk-ecdsa-sha2-nistp256-cert-v01@openssh.com``,
+ ``webauthn-sk-ecdsa-sha2-nistp256@openssh.com``,
+ ``ssh-dss``, ``ssh-dss-cert-v01@openssh.com``, ``ssh-rsa``,
+ ``ssh-rsa-cert-v01@openssh.com``, ``rsa-sha2-256``,
+ ``rsa-sha2-256-cert-v01@openssh.com``, ``rsa-sha2-512``,
+ ``rsa-sha2-512-cert-v01@openssh.com``
+
Dynamic-protection
==================
Protects host from brute-force attacks against