diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/ssh_config.5 openssh-9.3p1-patched/ssh_config.5

--- openssh-9.3p1/ssh_config.5	2023-06-07 10:26:48.284590156 +0200

+++ openssh-9.3p1-patched/ssh_config.5	2023-06-07 10:26:00.623052194 +0200

@@ -378,17 +378,13 @@

 causes no CNAMEs to be considered for canonicalization.

 This is the default behaviour.

 .It Cm CASignatureAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies which algorithms are allowed for signing of certificates

 by certificate authorities (CAs).

-The default is:

-.Bd -literal -offset indent

-ssh-ed25519,ecdsa-sha2-nistp256,

-ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,

-sk-ssh-ed25519@openssh.com,

-sk-ecdsa-sha2-nistp256@openssh.com,

-rsa-sha2-512,rsa-sha2-256

-.Ed

-.Pp

 If the specified list begins with a

 .Sq +

 character, then the specified algorithms will be appended to the default set

@@ -450,20 +446,25 @@

 (the default),

 the check will not be executed.

 .It Cm Ciphers

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the ciphers allowed and their order of preference.

 Multiple ciphers must be comma-separated.

 If the specified list begins with a

 .Sq +

-character, then the specified ciphers will be appended to the default set

-instead of replacing them.

+character, then the specified ciphers will be appended to the built-in

+openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq -

 character, then the specified ciphers (including wildcards) will be removed

-from the default set instead of replacing them.

+from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified ciphers will be placed at the head of the

-default set.

+built-in openssh default set.

 .Pp

 The supported ciphers are:

 .Bd -literal -offset indent

@@ -479,13 +480,6 @@

 chacha20-poly1305@openssh.com

 .Ed

 .Pp

-The default is:

-.Bd -literal -offset indent

-chacha20-poly1305@openssh.com,

-aes128-ctr,aes192-ctr,aes256-ctr,

-aes128-gcm@openssh.com,aes256-gcm@openssh.com

-.Ed

-.Pp

 The list of available ciphers may also be obtained using

 .Qq ssh -Q cipher .

 .It Cm ClearAllForwardings

@@ -885,6 +879,11 @@

 The default is

 .Dq no .

 .It Cm GSSAPIKexAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 The list of key exchange algorithms that are offered for GSSAPI

 key exchange. Possible values are

 .Bd -literal -offset 3n

@@ -897,10 +896,8 @@

 gss-curve25519-sha256-

 .Ed

 .Pp

-The default is

-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,

-gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .

 This option only applies to connections using GSSAPI.

+.Pp

 .It Cm HashKnownHosts

 Indicates that

 .Xr ssh 1

@@ -919,36 +916,25 @@

 but may be manually hashed using

 .Xr ssh-keygen 1 .

 .It Cm HostbasedAcceptedAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the signature algorithms that will be used for hostbased

 authentication as a comma-separated list of patterns.

 Alternately if the specified list begins with a

 .Sq +

 character, then the specified signature algorithms will be appended

-to the default set instead of replacing them.

+to the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq -

 character, then the specified signature algorithms (including wildcards)

-will be removed from the default set instead of replacing them.

+will be removed from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified signature algorithms will be placed

-at the head of the default set.

-The default for this option is:

-.Bd -literal -offset 3n

-ssh-ed25519-cert-v01@openssh.com,

-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-ecdsa-sha2-nistp384-cert-v01@openssh.com,

-ecdsa-sha2-nistp521-cert-v01@openssh.com,

-sk-ssh-ed25519-cert-v01@openssh.com,

-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-rsa-sha2-512-cert-v01@openssh.com,

-rsa-sha2-256-cert-v01@openssh.com,

-ssh-ed25519,

-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,

-sk-ssh-ed25519@openssh.com,

-sk-ecdsa-sha2-nistp256@openssh.com,

-rsa-sha2-512,rsa-sha2-256

-.Ed

+at the head of the built-in openssh default set.

 .Pp

 The

 .Fl Q

@@ -1001,6 +987,17 @@

 .Pp

 The list of available signature algorithms may also be obtained using

 .Qq ssh -Q HostKeyAlgorithms .

+.Pp

+The proposed

+.Cm HostKeyAlgorithms

+during KEX are limited to the set of algorithms that is defined in

+.Cm PubkeyAcceptedAlgorithms

+and therefore they are indirectly affected by system-wide

+.Xr crypto_policies 7 .

+.Xr crypto_policies 7 can not handle the list of host key algorithms directly as doing so

+would break the order given by the

+.Pa known_hosts

+file.

 .It Cm HostKeyAlias

 Specifies an alias that should be used instead of the

 real host name when looking up or saving the host key

@@ -1232,30 +1229,25 @@

 and

 .Cm pam .

 .It Cm KexAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the available KEX (Key Exchange) algorithms.

 Multiple algorithms must be comma-separated.

 If the specified list begins with a

 .Sq +

-character, then the specified algorithms will be appended to the default set

-instead of replacing them.

+character, then the specified methods will be appended to the built-in

+openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq -

 character, then the specified algorithms (including wildcards) will be removed

-from the default set instead of replacing them.

+from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified algorithms will be placed at the head of the

-default set.

-The default is:

-.Bd -literal -offset indent

-sntrup761x25519-sha512@openssh.com,

-curve25519-sha256,curve25519-sha256@libssh.org,

-ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,

-diffie-hellman-group-exchange-sha256,

-diffie-hellman-group16-sha512,

-diffie-hellman-group18-sha512,

-diffie-hellman-group14-sha256

-.Ed

+built-in openssh default set.

 .Pp

 The list of available key exchange algorithms may also be obtained using

 .Qq ssh -Q kex .

@@ -1365,37 +1357,33 @@

 file.

 This option is intended for debugging and no overrides are enabled by default.

 .It Cm MACs

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the MAC (message authentication code) algorithms

 in order of preference.

 The MAC algorithm is used for data integrity protection.

 Multiple algorithms must be comma-separated.

 If the specified list begins with a

 .Sq +

-character, then the specified algorithms will be appended to the default set

-instead of replacing them.

+character, then the specified algorithms will be appended to the built-in

+openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq -

 character, then the specified algorithms (including wildcards) will be removed

-from the default set instead of replacing them.

+from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified algorithms will be placed at the head of the

-default set.

+built-in openssh default set.

 .Pp

 The algorithms that contain

 .Qq -etm

 calculate the MAC after encryption (encrypt-then-mac).

 These are considered safer and their use recommended.

 .Pp

-The default is:

-.Bd -literal -offset indent

-umac-64-etm@openssh.com,umac-128-etm@openssh.com,

-hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,

-hmac-sha1-etm@openssh.com,

-umac-64@openssh.com,umac-128@openssh.com,

-hmac-sha2-256,hmac-sha2-512,hmac-sha1

-.Ed

-.Pp

 The list of available MAC algorithms may also be obtained using

 .Qq ssh -Q mac .

 .It Cm NoHostAuthenticationForLocalhost

@@ -1567,39 +1555,31 @@

 The default is

 .Cm no .

 .It Cm PubkeyAcceptedAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the signature algorithms that will be used for public key

 authentication as a comma-separated list of patterns.

 If the specified list begins with a

 .Sq +

-character, then the algorithms after it will be appended to the default

-instead of replacing it.

+character, then the algorithms after it will be appended to the built-in

+openssh default instead of replacing it.

 If the specified list begins with a

 .Sq -

 character, then the specified algorithms (including wildcards) will be removed

-from the default set instead of replacing them.

+from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified algorithms will be placed at the head of the

-default set.

-The default for this option is:

-.Bd -literal -offset 3n

-ssh-ed25519-cert-v01@openssh.com,

-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-ecdsa-sha2-nistp384-cert-v01@openssh.com,

-ecdsa-sha2-nistp521-cert-v01@openssh.com,

-sk-ssh-ed25519-cert-v01@openssh.com,

-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-rsa-sha2-512-cert-v01@openssh.com,

-rsa-sha2-256-cert-v01@openssh.com,

-ssh-ed25519,

-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,

-sk-ssh-ed25519@openssh.com,

-sk-ecdsa-sha2-nistp256@openssh.com,

-rsa-sha2-512,rsa-sha2-256

-.Ed

+built-in openssh default set.

 .Pp

 The list of available signature algorithms may also be obtained using

 .Qq ssh -Q PubkeyAcceptedAlgorithms .

+.Pp

+This option affects also

+.Cm HostKeyAlgorithms

 .It Cm PubkeyAuthentication

 Specifies whether to try public key authentication.

 The argument to this keyword must be

@@ -2265,7 +2245,9 @@

 This file must be world-readable.

 .El

 .Sh SEE ALSO

-.Xr ssh 1

+.Xr ssh 1 ,

+.Xr crypto-policies 7 ,

+.Xr update-crypto-policies 8

 .Sh AUTHORS

 .An -nosplit

 OpenSSH is a derivative of the original and free

diff --color -ru -x regress -x autom4te.cache -x '*.o' -x '*.lo' -x Makefile -x config.status -x configure~ -x configure.ac openssh-9.3p1/sshd_config.5 openssh-9.3p1-patched/sshd_config.5

--- openssh-9.3p1/sshd_config.5	2023-06-07 10:26:48.277590077 +0200

+++ openssh-9.3p1-patched/sshd_config.5	2023-06-07 10:26:00.592051845 +0200

@@ -379,17 +379,13 @@

 then no banner is displayed.

 By default, no banner is displayed.

 .It Cm CASignatureAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies which algorithms are allowed for signing of certificates

 by certificate authorities (CAs).

-The default is:

-.Bd -literal -offset indent

-ssh-ed25519,ecdsa-sha2-nistp256,

-ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,

-sk-ssh-ed25519@openssh.com,

-sk-ecdsa-sha2-nistp256@openssh.com,

-rsa-sha2-512,rsa-sha2-256

-.Ed

-.Pp

 If the specified list begins with a

 .Sq +

 character, then the specified algorithms will be appended to the default set

@@ -525,20 +521,25 @@

 indicating not to

 .Xr chroot 2 .

 .It Cm Ciphers

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the ciphers allowed.

 Multiple ciphers must be comma-separated.

 If the specified list begins with a

 .Sq +

-character, then the specified ciphers will be appended to the default set

-instead of replacing them.

+character, then the specified ciphers will be appended to the built-in

+openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq -

 character, then the specified ciphers (including wildcards) will be removed

-from the default set instead of replacing them.

+from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified ciphers will be placed at the head of the

-default set.

+built-in openssh default set.

 .Pp

 The supported ciphers are:

 .Pp

@@ -565,13 +566,6 @@

 chacha20-poly1305@openssh.com

 .El

 .Pp

-The default is:

-.Bd -literal -offset indent

-chacha20-poly1305@openssh.com,

-aes128-ctr,aes192-ctr,aes256-ctr,

-aes128-gcm@openssh.com,aes256-gcm@openssh.com

-.Ed

-.Pp

 The list of available ciphers may also be obtained using

 .Qq ssh -Q cipher .

 .It Cm ClientAliveCountMax

@@ -766,53 +760,43 @@

 .Cm GSSAPIKeyExchange

 needs to be enabled in the server and also used by the client.

 .It Cm GSSAPIKexAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 The list of key exchange algorithms that are accepted by GSSAPI

 key exchange. Possible values are

 .Bd -literal -offset 3n

-gss-gex-sha1-,

-gss-group1-sha1-,

-gss-group14-sha1-,

-gss-group14-sha256-,

-gss-group16-sha512-,

-gss-nistp256-sha256-,

+gss-gex-sha1-

+gss-group1-sha1-

+gss-group14-sha1-

+gss-group14-sha256-

+gss-group16-sha512-

+gss-nistp256-sha256-

 gss-curve25519-sha256-

 .Ed

-.Pp

-The default is

-.Dq gss-group14-sha256-,gss-group16-sha512-,gss-nistp256-sha256-,

-gss-curve25519-sha256-,gss-group14-sha1-,gss-gex-sha1- .

 This option only applies to connections using GSSAPI.

 .It Cm HostbasedAcceptedAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the signature algorithms that will be accepted for hostbased

 authentication as a list of comma-separated patterns.

 Alternately if the specified list begins with a

 .Sq +

 character, then the specified signature algorithms will be appended to

-the default set instead of replacing them.

+the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq -

 character, then the specified signature algorithms (including wildcards)

-will be removed from the default set instead of replacing them.

+will be removed from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified signature algorithms will be placed at

-the head of the default set.

-The default for this option is:

-.Bd -literal -offset 3n

-ssh-ed25519-cert-v01@openssh.com,

-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-ecdsa-sha2-nistp384-cert-v01@openssh.com,

-ecdsa-sha2-nistp521-cert-v01@openssh.com,

-sk-ssh-ed25519-cert-v01@openssh.com,

-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-rsa-sha2-512-cert-v01@openssh.com,

-rsa-sha2-256-cert-v01@openssh.com,

-ssh-ed25519,

-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,

-sk-ssh-ed25519@openssh.com,

-sk-ecdsa-sha2-nistp256@openssh.com,

-rsa-sha2-512,rsa-sha2-256

-.Ed

+the head of the built-in openssh default set.

 .Pp

 The list of available signature algorithms may also be obtained using

 .Qq ssh -Q HostbasedAcceptedAlgorithms .

@@ -879,25 +863,14 @@

 .Ev SSH_AUTH_SOCK

 environment variable.

 .It Cm HostKeyAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the host key signature algorithms

 that the server offers.

 The default for this option is:

-.Bd -literal -offset 3n

-ssh-ed25519-cert-v01@openssh.com,

-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-ecdsa-sha2-nistp384-cert-v01@openssh.com,

-ecdsa-sha2-nistp521-cert-v01@openssh.com,

-sk-ssh-ed25519-cert-v01@openssh.com,

-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-rsa-sha2-512-cert-v01@openssh.com,

-rsa-sha2-256-cert-v01@openssh.com,

-ssh-ed25519,

-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,

-sk-ssh-ed25519@openssh.com,

-sk-ecdsa-sha2-nistp256@openssh.com,

-rsa-sha2-512,rsa-sha2-256

-.Ed

-.Pp

 The list of available signature algorithms may also be obtained using

 .Qq ssh -Q HostKeyAlgorithms .

 .It Cm IgnoreRhosts

@@ -1044,20 +1017,25 @@

 The default is

 .Cm yes .

 .It Cm KexAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the available KEX (Key Exchange) algorithms.

 Multiple algorithms must be comma-separated.

 Alternately if the specified list begins with a

 .Sq +

-character, then the specified algorithms will be appended to the default set

-instead of replacing them.

+character, then the specified methods will be appended to the built-in

+openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq -

 character, then the specified algorithms (including wildcards) will be removed

-from the default set instead of replacing them.

+from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified algorithms will be placed at the head of the

-default set.

+built-in openssh default set.

 The supported algorithms are:

 .Pp

 .Bl -item -compact -offset indent

@@ -1089,16 +1067,6 @@

 sntrup761x25519-sha512@openssh.com

 .El

 .Pp

-The default is:

-.Bd -literal -offset indent

-sntrup761x25519-sha512@openssh.com,

-curve25519-sha256,curve25519-sha256@libssh.org,

-ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,

-diffie-hellman-group-exchange-sha256,

-diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,

-diffie-hellman-group14-sha256

-.Ed

-.Pp

 The list of available key exchange algorithms may also be obtained using

 .Qq ssh -Q KexAlgorithms .

 .It Cm ListenAddress

@@ -1184,21 +1152,26 @@

 file.

 This option is intended for debugging and no overrides are enabled by default.

 .It Cm MACs

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the available MAC (message authentication code) algorithms.

 The MAC algorithm is used for data integrity protection.

 Multiple algorithms must be comma-separated.

 If the specified list begins with a

 .Sq +

-character, then the specified algorithms will be appended to the default set

-instead of replacing them.

+character, then the specified algorithms will be appended to the built-in

+openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq -

 character, then the specified algorithms (including wildcards) will be removed

-from the default set instead of replacing them.

+from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified algorithms will be placed at the head of the

-default set.

+built-in openssh default set.

 .Pp

 The algorithms that contain

 .Qq -etm

@@ -1241,15 +1214,6 @@

 umac-128-etm@openssh.com

 .El

 .Pp

-The default is:

-.Bd -literal -offset indent

-umac-64-etm@openssh.com,umac-128-etm@openssh.com,

-hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,

-hmac-sha1-etm@openssh.com,

-umac-64@openssh.com,umac-128@openssh.com,

-hmac-sha2-256,hmac-sha2-512,hmac-sha1

-.Ed

-.Pp

 The list of available MAC algorithms may also be obtained using

 .Qq ssh -Q mac .

 .It Cm Match

@@ -1633,36 +1597,25 @@

 The default is

 .Cm yes .

 .It Cm PubkeyAcceptedAlgorithms

+The default is handled system-wide by

+.Xr crypto-policies 7 .

+Information about defaults, how to modify the defaults and how to customize existing policies with sub-policies are present in manual page

+.Xr update-crypto-policies 8 .

+.Pp

 Specifies the signature algorithms that will be accepted for public key

 authentication as a list of comma-separated patterns.

 Alternately if the specified list begins with a

 .Sq +

-character, then the specified algorithms will be appended to the default set

-instead of replacing them.

+character, then the specified algorithms will be appended to the built-in

+openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq -

 character, then the specified algorithms (including wildcards) will be removed

-from the default set instead of replacing them.

+from the built-in openssh default set instead of replacing them.

 If the specified list begins with a

 .Sq ^

 character, then the specified algorithms will be placed at the head of the

-default set.

-The default for this option is:

-.Bd -literal -offset 3n

-ssh-ed25519-cert-v01@openssh.com,

-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-ecdsa-sha2-nistp384-cert-v01@openssh.com,

-ecdsa-sha2-nistp521-cert-v01@openssh.com,

-sk-ssh-ed25519-cert-v01@openssh.com,

-sk-ecdsa-sha2-nistp256-cert-v01@openssh.com,

-rsa-sha2-512-cert-v01@openssh.com,

-rsa-sha2-256-cert-v01@openssh.com,

-ssh-ed25519,

-ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,

-sk-ssh-ed25519@openssh.com,

-sk-ecdsa-sha2-nistp256@openssh.com,

-rsa-sha2-512,rsa-sha2-256

-.Ed

+built-in openssh default set.

 .Pp

 The list of available signature algorithms may also be obtained using

 .Qq ssh -Q PubkeyAcceptedAlgorithms .

@@ -2131,7 +2084,9 @@

 .El

 .Sh SEE ALSO

 .Xr sftp-server 8 ,

-.Xr sshd 8

+.Xr sshd 8 ,

+.Xr crypto-policies 7 ,

+.Xr update-crypto-policies 8

 .Sh AUTHORS

 .An -nosplit

 OpenSSH is a derivative of the original and free