On Thu, Mar 12, 2015 at 07:19:25PM +0000, Stuart Henderson wrote: > On 2015-03-12, John Long <codeb...@inbox.lv> wrote: > > On Thu, Mar 12, 2015 at 04:20:47PM +0000, Christian Weisgerber wrote: > >> On 2015-03-12, John Long <codeb...@inbox.lv> wrote: > >> > >> >> You can simply configure HostKey in /etc/ssh/sshd_config. > >> > > >> > With that done a client can still do pubkey auth with a DSA key. (How) > >> > can I > >> > stop sshd from accepting client keys a user might include in > >> > ~/.ssh/authorized_keys other than RSA keys? > >> > >> By setting PubkeyAcceptedKeyTypes accordingly in sshd_config. > > > > Thanks, I looked and looked and could not find it in the man page. It > > appears to be only in -current? Is this possible in prior versions > > (i.e. undocumented but works) or is it totally new? > > By looking with "cvs blame sshd_config.5 | grep PubkeyAcceptedKeyTypes" > and examine the cvs log, you can see that it was added on 2015/01/13.
Thanks for the info and tip! /jl -- ASCII ribbon campaign ( ) Powered by Lemote Fuloong against HTML e-mail X Loongson MIPS and OpenBSD and proprietary / \ http://www.mutt.org attachments / \ Code Blue or Go Home! Encrypted email preferred PGP Key 2048R/DA65BC04
