OpenBSD/src 0r0rUhh — usr.bin/ssh ssh-keygen.1 sshkey.c
When signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. Certificates signed by RSA keys will therefore be incompatible with OpenSSH < 7.2 unless the default is overridden. Document the ability of the ssh-keygen -t flag to override the signature algorithm when signing certificates, and the new default. ok deraadt@
Version | Delta | File | |
---|---|---|---|
1.159 | +11 | -2 | usr.bin/ssh/ssh-keygen.1 |
1.75 | +8 | -1 | usr.bin/ssh/sshkey.c |
+19 | -3 | 2 files |