From d595e52be6d2cec07e910628b86f09c0734d6b26 Mon Sep 17 00:00:00 2001 From: khramshinr Date: Wed, 26 Jun 2024 15:13:26 +0600 Subject: ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option --- docs/configuration/service/ssh.rst | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/docs/configuration/service/ssh.rst b/docs/configuration/service/ssh.rst index efdbc651..d3ca51b5 100644 --- a/docs/configuration/service/ssh.rst +++ b/docs/configuration/service/ssh.rst @@ -109,6 +109,25 @@ Configuration Specify name of the :abbr:`VRF (Virtual Routing and Forwarding)` instance. +.. cfgcmd:: set service ssh pubkey-accepted-algorithm + + Specifies the signature algorithms that will be accepted for public key + authentication + + List of supported algorithms: ``ssh-ed25519``, + ``ssh-ed25519-cert-v01@openssh.com``, ``sk-ssh-ed25519@openssh.com``, + ``sk-ssh-ed25519-cert-v01@openssh.com``, ``ecdsa-sha2-nistp256``, + ``ecdsa-sha2-nistp256-cert-v01@openssh.com``, ``ecdsa-sha2-nistp384``, + ``ecdsa-sha2-nistp384-cert-v01@openssh.com``, ``ecdsa-sha2-nistp521``, + ``ecdsa-sha2-nistp521-cert-v01@openssh.com``, + ``sk-ecdsa-sha2-nistp256@openssh.com``, + ``sk-ecdsa-sha2-nistp256-cert-v01@openssh.com``, + ``webauthn-sk-ecdsa-sha2-nistp256@openssh.com``, + ``ssh-dss``, ``ssh-dss-cert-v01@openssh.com``, ``ssh-rsa``, + ``ssh-rsa-cert-v01@openssh.com``, ``rsa-sha2-256``, + ``rsa-sha2-256-cert-v01@openssh.com``, ``rsa-sha2-512``, + ``rsa-sha2-512-cert-v01@openssh.com`` + Dynamic-protection ================== Protects host from brute-force attacks against -- cgit v1.2.3