ssh: T5878: Allow changing the PubkeyAcceptedAlgorithms option

(cherry picked from commit 06e6e011cdf12e8d10cf1f6d4d848fd5db51720d)
author: khramshinr <khramshinr@gmail.com> 2024-06-25 16:37:16 +0600
committer: Mergify <37929162+mergify[bot]@users.noreply.github.com> 2024-07-03 13:33:52 +0000
commit: 6f67cf62d20ced7c72ca6a856ce66d1e3396e79e (patch)
tree: 992b0c42fa1e039ad52113e1e69fc8ef6812c140 /interface-definitions
parent: c5716358c150eb215804dfb293dcf831a8a07a9f (diff)
download: vyos-1x-6f67cf62d20ced7c72ca6a856ce66d1e3396e79e.tar.gz
vyos-1x-6f67cf62d20ced7c72ca6a856ce66d1e3396e79e.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/interface-definitions/service_ssh.xml.in b/interface-definitions/service_ssh.xml.in
index d9eee1ab8..221e451d1 100644
--- a/interface-definitions/service_ssh.xml.in
+++ b/interface-definitions/service_ssh.xml.in
@@ -146,6 +146,19 @@
               </constraint>
             </properties>
           </leafNode>
+          <leafNode name="pubkey-accepted-algorithm">
+            <properties>
+              <help>Allowed pubkey signature algorithms</help>
+              <completionHelp>
+                <!-- generated by ssh -Q PubkeyAcceptedAlgorithms | tr '\n' ' ' as this will not change dynamically  -->
+                <list>ssh-ed25519 ssh-ed25519-cert-v01@openssh.com sk-ssh-ed25519@openssh.com sk-ssh-ed25519-cert-v01@openssh.com ecdsa-sha2-nistp256 ecdsa-sha2-nistp256-cert-v01@openssh.com ecdsa-sha2-nistp384 ecdsa-sha2-nistp384-cert-v01@openssh.com ecdsa-sha2-nistp521 ecdsa-sha2-nistp521-cert-v01@openssh.com sk-ecdsa-sha2-nistp256@openssh.com sk-ecdsa-sha2-nistp256-cert-v01@openssh.com webauthn-sk-ecdsa-sha2-nistp256@openssh.com ssh-dss ssh-dss-cert-v01@openssh.com ssh-rsa ssh-rsa-cert-v01@openssh.com rsa-sha2-256 rsa-sha2-256-cert-v01@openssh.com rsa-sha2-512 rsa-sha2-512-cert-v01@openssh.com</list>
+              </completionHelp>
+              <multi/>
+              <constraint>
+                <regex>(ssh-ed25519|ssh-ed25519-cert-v01@openssh.com|sk-ssh-ed25519@openssh.com|sk-ssh-ed25519-cert-v01@openssh.com|ecdsa-sha2-nistp256|ecdsa-sha2-nistp256-cert-v01@openssh.com|ecdsa-sha2-nistp384|ecdsa-sha2-nistp384-cert-v01@openssh.com|ecdsa-sha2-nistp521|ecdsa-sha2-nistp521-cert-v01@openssh.com|sk-ecdsa-sha2-nistp256@openssh.com|sk-ecdsa-sha2-nistp256-cert-v01@openssh.com|webauthn-sk-ecdsa-sha2-nistp256@openssh.com|ssh-dss|ssh-dss-cert-v01@openssh.com|ssh-rsa|ssh-rsa-cert-v01@openssh.com|rsa-sha2-256|rsa-sha2-256-cert-v01@openssh.com|rsa-sha2-512|rsa-sha2-512-cert-v01@openssh.com)</regex>
+              </constraint>
+            </properties>
+          </leafNode>
           <leafNode name="key-exchange">
             <properties>
               <help>Allowed key exchange (KEX) algorithms</help>
author	khramshinr <khramshinr@gmail.com>	2024-06-25 16:37:16 +0600
committer	Mergify <37929162+mergify[bot]@users.noreply.github.com>	2024-07-03 13:33:52 +0000
commit	6f67cf62d20ced7c72ca6a856ce66d1e3396e79e (patch)
tree	992b0c42fa1e039ad52113e1e69fc8ef6812c140 /interface-definitions
parent	c5716358c150eb215804dfb293dcf831a8a07a9f (diff)
download	vyos-1x-6f67cf62d20ced7c72ca6a856ce66d1e3396e79e.tar.gz vyos-1x-6f67cf62d20ced7c72ca6a856ce66d1e3396e79e.zip