summaryrefslogtreecommitdiff
path: root/myproposal.h
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2020-10-03 04:15:06 +0000
committerDamien Miller <djm@mindrot.org>2020-10-03 14:34:06 +1000
commit12ae8f95e2e0c273e9e7ef930b01a028ef796a3f (patch)
tree20cae31190eb33e9000e178f99824c3340c07e4c /myproposal.h
parente5ed753add7aa8eed6b167e44db6240a76404db2 (diff)
upstream: prefer ed25519 signature algorithm variants to ECDSA; ok
markus@ OpenBSD-Commit-ID: 82187926fca96d35a5b5afbc091afa84e0966e5b
Diffstat (limited to 'myproposal.h')
-rw-r--r--myproposal.h14
1 files changed, 7 insertions, 7 deletions
diff --git a/myproposal.h b/myproposal.h
index 5312e605..f03b7dfd 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: myproposal.h,v 1.67 2020/01/24 00:28:57 djm Exp $ */
+/* $OpenBSD: myproposal.h,v 1.68 2020/10/03 04:15:06 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -38,21 +38,21 @@
#define KEX_CLIENT_KEX KEX_SERVER_KEX
#define KEX_DEFAULT_PK_ALG \
+ "ssh-ed25519-cert-v01@openssh.com," \
"ecdsa-sha2-nistp256-cert-v01@openssh.com," \
"ecdsa-sha2-nistp384-cert-v01@openssh.com," \
"ecdsa-sha2-nistp521-cert-v01@openssh.com," \
- "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," \
- "ssh-ed25519-cert-v01@openssh.com," \
"sk-ssh-ed25519-cert-v01@openssh.com," \
+ "sk-ecdsa-sha2-nistp256-cert-v01@openssh.com," \
"rsa-sha2-512-cert-v01@openssh.com," \
"rsa-sha2-256-cert-v01@openssh.com," \
"ssh-rsa-cert-v01@openssh.com," \
+ "ssh-ed25519," \
"ecdsa-sha2-nistp256," \
"ecdsa-sha2-nistp384," \
"ecdsa-sha2-nistp521," \
- "sk-ecdsa-sha2-nistp256@openssh.com," \
- "ssh-ed25519," \
"sk-ssh-ed25519@openssh.com," \
+ "sk-ecdsa-sha2-nistp256@openssh.com," \
"rsa-sha2-512," \
"rsa-sha2-256," \
"ssh-rsa"
@@ -80,12 +80,12 @@
/* Not a KEX value, but here so all the algorithm defaults are together */
#define SSH_ALLOWED_CA_SIGALGS \
+ "ssh-ed25519," \
"ecdsa-sha2-nistp256," \
"ecdsa-sha2-nistp384," \
"ecdsa-sha2-nistp521," \
- "sk-ecdsa-sha2-nistp256@openssh.com," \
- "ssh-ed25519," \
"sk-ssh-ed25519@openssh.com," \
+ "sk-ecdsa-sha2-nistp256@openssh.com," \
"rsa-sha2-512," \
"rsa-sha2-256"