Clarify crypto policies documentation in manual pages

* All the options that are affected by crypto policies will mention that + and - work with built-in defaults and not the crypto-policies ones. * The line mentioning crypto policies will be the first one in the option description.
2020-03-26 14:53:18 +01:00 · 2020-03-26 14:53:18 +01:00 · a848054c8a
parent eb546ec1a7
commit a848054c8a
1 changed files with 287 additions and 62 deletions
--- a/openssh-8.0p1-crypto-policies.patch
+++ b/openssh-8.0p1-crypto-policies.patch
@ -1,8 +1,15 @@
-diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
+diff -up openssh-8.2p1/ssh_config.5.crypto-policies openssh-8.2p1/ssh_config.5
--- openssh/ssh_config.5.crypto-policies	2020-02-07 15:05:55.665451715 +0100
+--- openssh-8.2p1/ssh_config.5.crypto-policies	2020-03-26 14:40:44.546775605 +0100
-+++ openssh/ssh_config.5	2020-02-07 15:07:11.632641922 +0100
+++ openssh-8.2p1/ssh_config.5	2020-03-26 14:52:20.700649727 +0100
-@@ -361,15 +361,15 @@ domains.
+@@ -359,17 +359,17 @@ or
 .Qq *.c.example.com
 domains.
 .It Cm CASignatureAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
 +.Pp
 Specifies which algorithms are allowed for signing of certificates
 by certificate authorities (CAs).
 -The default is:
@ -15,15 +22,39 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
 will not accept host certificates signed using algorithms other than those
 specified.
 +.Pp
 .It Cm CertificateFile
 Specifies a file from which the user's certificate is read.
 A corresponding private key must be provided separately in order
@@ -424,20 +424,25 @@ If the option is set to
 .Cm no ,
 the check will not be executed.
 .It Cm Ciphers
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
 +.Pp
- .It Cm CertificateFile
+ Specifies the ciphers allowed and their order of preference.
- Specifies a file from which the user's certificate is read.
+ Multiple ciphers must be comma-separated.
- A corresponding private key must be provided separately in order
+ If the specified list begins with a
-@@ -453,12 +453,10 @@ aes256-gcm@openssh.com
+ .Sq +
 -character, then the specified ciphers will be appended to the default set
 +character, then the specified ciphers will be appended to the built-in default set
 instead of replacing them.
 If the specified list begins with a
 .Sq -
 character, then the specified ciphers (including wildcards) will be removed
 -from the default set instead of replacing them.
 +from the built-in default set instead of replacing them.
 If the specified list begins with a
 .Sq ^
 character, then the specified ciphers will be placed at the head of the
 -default set.
 +built-in default set.
 .Pp
 The supported ciphers are:
 .Bd -literal -offset indent
@@ -453,13 +458,6 @@ aes256-gcm@openssh.com
 chacha20-poly1305@openssh.com
 .Ed
 .Pp
@ -33,31 +64,59 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
 -aes128-ctr,aes192-ctr,aes256-ctr,
 -aes128-gcm@openssh.com,aes256-gcm@openssh.com
 -.Ed
 -.Pp
 The list of available ciphers may also be obtained using
 .Qq ssh -Q cipher .
 .It Cm ClearAllForwardings
@@ -812,6 +810,11 @@ command line will be passed untouched to
 The default is
 .Dq no .
 .It Cm GSSAPIKexAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- .Pp
+.Pp
- The list of available ciphers may also be obtained using
+ The list of key exchange algorithms that are offered for GSSAPI
- .Qq ssh -Q cipher .
+ key exchange. Possible values are
-@@ -824,9 +822,10 @@ gss-nistp256-sha256-,
+ .Bd -literal -offset 3n
@@ -824,10 +827,8 @@ gss-nistp256-sha256-,
 gss-curve25519-sha256-
 .Ed
 .Pp
 -The default is
 -.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,
 -gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
 This option only applies to connections using GSSAPI.
 +.Pp
 .It Cm HashKnownHosts
 Indicates that
 .Xr ssh 1
@@ -1149,29 +1150,25 @@ it may be zero or more of:
 and
 .Cm pam .
 .It Cm KexAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- This option only applies to connections using GSSAPI.
+.Pp
- .It Cm HashKnownHosts
+ Specifies the available KEX (Key Exchange) algorithms.
- Indicates that
+ Multiple algorithms must be comma-separated.
-@@ -1162,15 +1162,10 @@ If the specified list begins with a
+ If the specified list begins with a
 .Sq +
 -character, then the specified methods will be appended to the default set
 +character, then the specified methods will be appended to the built-in default set
 instead of replacing them.
 If the specified list begins with a
 .Sq -
 character, then the specified methods (including wildcards) will be removed
 -from the default set instead of replacing them.
 +from the built-in default set instead of replacing them.
 If the specified list begins with a
 .Sq ^
 character, then the specified methods will be placed at the head of the
- default set.
+-default set.
 -The default is:
 -.Bd -literal -offset indent
 -curve25519-sha256,curve25519-sha256@libssh.org,
@ -67,14 +126,41 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
 -diffie-hellman-group18-sha512,
 -diffie-hellman-group14-sha256
 -.Ed
 +built-in default set.
 .Pp
 The list of available key exchange algorithms may also be obtained using
 .Qq ssh -Q kex .
@@ -1231,37 +1228,33 @@ The default is INFO.
 DEBUG and DEBUG1 are equivalent.
 DEBUG2 and DEBUG3 each specify higher levels of verbose output.
 .It Cm MACs
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
 +.Pp
 Specifies the MAC (message authentication code) algorithms
 in order of preference.
 The MAC algorithm is used for data integrity protection.
 Multiple algorithms must be comma-separated.
 If the specified list begins with a
 .Sq +
 -character, then the specified algorithms will be appended to the default set
 +character, then the specified algorithms will be appended to the built-in default set
 instead of replacing them.
 If the specified list begins with a
 .Sq -
 character, then the specified algorithms (including wildcards) will be removed
 -from the default set instead of replacing them.
 +from the built-in default set instead of replacing them.
 If the specified list begins with a
 .Sq ^
 character, then the specified algorithms will be placed at the head of the
 -default set.
 +built-in default set.
 .Pp
- The list of available key exchange algorithms may also be obtained using
+ The algorithms that contain
- .Qq ssh -Q kex .
+ .Qq -etm
@@ -1252,14 +1247,10 @@ The algorithms that contain
 calculate the MAC after encryption (encrypt-then-mac).
 These are considered safer and their use recommended.
 .Pp
@ -86,17 +172,35 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
 -umac-64@openssh.com,umac-128@openssh.com,
 -hmac-sha2-256,hmac-sha2-512,hmac-sha1
 -.Ed
 -.Pp
 The list of available MAC algorithms may also be obtained using
 .Qq ssh -Q mac .
 .It Cm NoHostAuthenticationForLocalhost
@@ -1394,36 +1387,25 @@ instead of continuing to execute and pas
 The default is
 .Cm no .
 .It Cm PubkeyAcceptedKeyTypes
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- .Pp
+.Pp
- The list of available MAC algorithms may also be obtained using
+ Specifies the key types that will be used for public key authentication
- .Qq ssh -Q mac .
+ as a comma-separated list of patterns.
-@@ -1407,22 +1398,10 @@ If the specified list begins with a
+ If the specified list begins with a
 .Sq +
 -character, then the key types after it will be appended to the default
 +character, then the key types after it will be appended to the built-in default
 instead of replacing it.
 If the specified list begins with a
 .Sq -
 character, then the specified key types (including wildcards) will be removed
 -from the default set instead of replacing them.
 +from the built-in default set instead of replacing them.
 If the specified list begins with a
 .Sq ^
 character, then the specified key types will be placed at the head of the
- default set.
+-default set.
 -The default for this option is:
 -.Bd -literal -offset 3n
 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
@ -113,18 +217,22 @@ diff -up openssh/ssh_config.5.crypto-policies openssh/ssh_config.5
 -ssh-ed25519,sk-ssh-ed25519@openssh.com,
 -rsa-sha2-512,rsa-sha2-256,ssh-rsa
 -.Ed
 +built-in default set.
 .Pp
 The list of available key types may also be obtained using
 .Qq ssh -Q PubkeyAcceptedKeyTypes .
 diff -up openssh-8.2p1/sshd_config.5.crypto-policies openssh-8.2p1/sshd_config.5
 --- openssh-8.2p1/sshd_config.5.crypto-policies	2020-03-26 14:40:44.530775355 +0100
 +++ openssh-8.2p1/sshd_config.5	2020-03-26 14:48:56.732468099 +0100
@@ -375,16 +375,16 @@ If the argument is
 then no banner is displayed.
 By default, no banner is displayed.
 .It Cm CASignatureAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- .Pp
+.Pp
 The list of available key types may also be obtained using
 .Qq ssh -Q PubkeyAcceptedKeyTypes .
 diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 --- openssh/sshd_config.5.crypto-policies	2020-02-07 15:05:55.639451308 +0100
 +++ openssh/sshd_config.5	2020-02-07 15:05:55.672451825 +0100
@@ -377,14 +377,14 @@ By default, no banner is displayed.
 .It Cm CASignatureAlgorithms
 Specifies which algorithms are allowed for signing of certificates
 by certificate authorities (CAs).
 -The default is:
@ -136,15 +244,39 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 Certificates signed using other algorithms will not be accepted for
 public key or host-based authentication.
 +.Pp
 .It Cm ChallengeResponseAuthentication
 Specifies whether challenge-response authentication is allowed (e.g. via
 PAM or through authentication styles supported in
@@ -446,20 +446,25 @@ The default is
 indicating not to
 .Xr chroot 2 .
 .It Cm Ciphers
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
 +.Pp
- .It Cm ChallengeResponseAuthentication
+ Specifies the ciphers allowed.
- Specifies whether challenge-response authentication is allowed (e.g. via
+ Multiple ciphers must be comma-separated.
- PAM or through authentication styles supported in
+ If the specified list begins with a
-@@ -486,12 +486,10 @@ aes256-gcm@openssh.com
+ .Sq +
 -character, then the specified ciphers will be appended to the default set
 +character, then the specified ciphers will be appended to the built-in default set
 instead of replacing them.
 If the specified list begins with a
 .Sq -
 character, then the specified ciphers (including wildcards) will be removed
 -from the default set instead of replacing them.
 +from the built-in default set instead of replacing them.
 If the specified list begins with a
 .Sq ^
 character, then the specified ciphers will be placed at the head of the
 -default set.
 +built-in default set.
 .Pp
 The supported ciphers are:
 .Pp
@@ -486,13 +491,6 @@ aes256-gcm@openssh.com
 chacha20-poly1305@openssh.com
 .El
 .Pp
@ -154,29 +286,54 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -aes128-ctr,aes192-ctr,aes256-ctr,
 -aes128-gcm@openssh.com,aes256-gcm@openssh.com
 -.Ed
 -.Pp
 The list of available ciphers may also be obtained using
 .Qq ssh -Q cipher .
 .It Cm ClientAliveCountMax
@@ -681,22 +679,24 @@ For this to work
 .Cm GSSAPIKeyExchange
 needs to be enabled in the server and also used by the client.
 .It Cm GSSAPIKexAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- .Pp
+.Pp
- The list of available ciphers may also be obtained using
+ The list of key exchange algorithms that are accepted by GSSAPI
- .Qq ssh -Q cipher .
+ key exchange. Possible values are
-@@ -693,9 +691,10 @@ gss-nistp256-sha256-,
+ .Bd -literal -offset 3n
 -gss-gex-sha1-,
 -gss-group1-sha1-,
 -gss-group14-sha1-,
 -gss-group14-sha256-,
 -gss-group16-sha512-,
 -gss-nistp256-sha256-,
 +gss-gex-sha1-
 +gss-group1-sha1-
 +gss-group14-sha1-
 +gss-group14-sha256-
 +gss-group16-sha512-
 +gss-nistp256-sha256-
 gss-curve25519-sha256-
 .Ed
- .Pp
+-.Pp
 -The default is
 -.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,
 -gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .
 This option only applies to connections using GSSAPI.
 +.Pp
 .It Cm HostbasedAcceptedKeyTypes
 Specifies the key types that will be accepted for hostbased authentication
 as a list of comma-separated patterns.
@@ -793,25 +793,13 @@ is specified, the location of the socket
 .Ev SSH_AUTH_SOCK
 environment variable.
 .It Cm HostKeyAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- This option only applies to connections using GSSAPI.
+.Pp
 .It Cm HostbasedAcceptedKeyTypes
 Specifies the key types that will be accepted for hostbased authentication
@@ -794,22 +794,10 @@ environment variable.
 .It Cm HostKeyAlgorithms
 Specifies the host key algorithms
 that the server offers.
 -The default for this option is:
@ -195,14 +352,40 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -ssh-ed25519,sk-ssh-ed25519@openssh.com,
 -rsa-sha2-512,rsa-sha2-256,ssh-rsa
 -.Ed
 -.Pp
 The list of available key types may also be obtained using
 .Qq ssh -Q HostKeyAlgorithms .
 .It Cm IgnoreRhosts
@@ -943,20 +931,25 @@ Specifies whether to look at .k5login fi
 The default is
 .Cm yes .
 .It Cm KexAlgorithms
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
 +.Pp
 Specifies the available KEX (Key Exchange) algorithms.
 Multiple algorithms must be comma-separated.
 Alternately if the specified list begins with a
 .Sq +
 -character, then the specified methods will be appended to the default set
 +character, then the specified methods will be appended to the built-in default set
 instead of replacing them.
 If the specified list begins with a
 .Sq -
 character, then the specified methods (including wildcards) will be removed
 -from the default set instead of replacing them.
 +from the built-in default set instead of replacing them.
 If the specified list begins with a
 .Sq ^
 character, then the specified methods will be placed at the head of the
 -default set.
 +built-in default set.
 The supported algorithms are:
 .Pp
- The list of available key types may also be obtained using
+ .Bl -item -compact -offset indent
- .Qq ssh -Q HostKeyAlgorithms .
+@@ -988,15 +981,6 @@ ecdh-sha2-nistp521
@@ -987,14 +975,10 @@ ecdh-sha2-nistp521
 sntrup4591761x25519-sha512@tinyssh.org
 .El
 .Pp
@ -214,14 +397,41 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,
 -diffie-hellman-group14-sha256
 -.Ed
 -.Pp
 The list of available key exchange algorithms may also be obtained using
 .Qq ssh -Q KexAlgorithms .
 .It Cm ListenAddress
@@ -1065,21 +1049,26 @@ DEBUG and DEBUG1 are equivalent.
 DEBUG2 and DEBUG3 each specify higher levels of debugging output.
 Logging with a DEBUG level violates the privacy of users and is not recommended.
 .It Cm MACs
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
 +.Pp
 Specifies the available MAC (message authentication code) algorithms.
 The MAC algorithm is used for data integrity protection.
 Multiple algorithms must be comma-separated.
 If the specified list begins with a
 .Sq +
 -character, then the specified algorithms will be appended to the default set
 +character, then the specified algorithms will be appended to the built-in default set
 instead of replacing them.
 If the specified list begins with a
 .Sq -
 character, then the specified algorithms (including wildcards) will be removed
 -from the default set instead of replacing them.
 +from the built-in default set instead of replacing them.
 If the specified list begins with a
 .Sq ^
 character, then the specified algorithms will be placed at the head of the
 -default set.
 +built-in default set.
 .Pp
- The list of available key exchange algorithms may also be obtained using
+ The algorithms that contain
- .Qq ssh -Q KexAlgorithms .
+ .Qq -etm
-@@ -1121,14 +1105,10 @@ umac-64-etm@openssh.com
+@@ -1122,15 +1111,6 @@ umac-64-etm@openssh.com
 umac-128-etm@openssh.com
 .El
 .Pp
@ -233,17 +443,35 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -umac-64@openssh.com,umac-128@openssh.com,
 -hmac-sha2-256,hmac-sha2-512,hmac-sha1
 -.Ed
 -.Pp
 The list of available MAC algorithms may also be obtained using
 .Qq ssh -Q mac .
 .It Cm Match
@@ -1480,36 +1460,25 @@ or equivalent.)
 The default is
 .Cm yes .
 .It Cm PubkeyAcceptedKeyTypes
 +The default is handled system-wide by
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
- .Pp
+.Pp
- The list of available MAC algorithms may also be obtained using
+ Specifies the key types that will be accepted for public key authentication
- .Qq ssh -Q mac .
+ as a list of comma-separated patterns.
-@@ -1492,22 +1472,10 @@ If the specified list begins with a
+ Alternately if the specified list begins with a
 .Sq +
 -character, then the specified key types will be appended to the default set
 +character, then the specified key types will be appended to the built-in default set
 instead of replacing them.
 If the specified list begins with a
 .Sq -
 character, then the specified key types (including wildcards) will be removed
 -from the default set instead of replacing them.
 +from the built-in default set instead of replacing them.
 If the specified list begins with a
 .Sq ^
 character, then the specified key types will be placed at the head of the
- default set.
+-default set.
 -The default for this option is:
 -.Bd -literal -offset 3n
 -ecdsa-sha2-nistp256-cert-v01@openssh.com,
@ -260,10 +488,7 @@ diff -up openssh/sshd_config.5.crypto-policies openssh/sshd_config.5
 -ssh-ed25519,sk-ssh-ed25519@openssh.com,
 -rsa-sha2-512,rsa-sha2-256,ssh-rsa
 -.Ed
-+The default is handled system-wide by
+built-in default set.
 +.Xr crypto-policies 7 .
 +To see the defaults and how to modify this default, see manual page
 +.Xr update-crypto-policies 8 .
 .Pp
 The list of available key types may also be obtained using
 .Qq ssh -Q PubkeyAcceptedKeyTypes .