Changelog closes #911, closes #900

author: Jeff Forcier <jeff@bitprophet.org> 2017-06-05 19:59:28 -0700
committer: Jeff Forcier <jeff@bitprophet.org> 2017-06-05 19:59:28 -0700
commit: 691f6191601366255d55176bcdb103987626cc86 (patch)
tree: 6d3ef6a9857bcc3a560b8f916caea29302f037d6 /sites/www
parent: f499b43cffb855f09b426c7eaa3bcea849700a87 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/sites/www/changelog.rst b/sites/www/changelog.rst
index db2043cf..f8b3d328 100644
--- a/sites/www/changelog.rst
+++ b/sites/www/changelog.rst
@@ -2,6 +2,11 @@
 Changelog
 =========
 
+* :bug:`900` (via :issue:`911`) Prefer newer ``ecdsa-sha2-nistp`` keys over RSA
+  and DSA keys during host key selection. This improves compatibility with
+  OpenSSH, both in terms of general behavior, and also re: ability to properly
+  leverage OpenSSH-modified ``known_hosts`` files. Credit: ``@kasdoe`` for
+  original report/PR and Pierce Lopez for the second draft.
 * :bug:`794` (via :issue:`981`) Prior support for ``ecdsa-sha2-nistp(384|521)``
   algorithms didn't fully extend to covering host keys, preventing connection
   to hosts which only offer these key types and no others. This is now fixed.
author	Jeff Forcier <jeff@bitprophet.org>	2017-06-05 19:59:28 -0700
committer	Jeff Forcier <jeff@bitprophet.org>	2017-06-05 19:59:28 -0700
commit	691f6191601366255d55176bcdb103987626cc86 (patch)
tree	6d3ef6a9857bcc3a560b8f916caea29302f037d6 /sites/www
parent	f499b43cffb855f09b426c7eaa3bcea849700a87 (diff)