mirror of git://anongit.mindrot.org/openssh.git
- markus@cvs.openbsd.org 2001/06/23 02:34:33
[kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1 sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8] get rid of known_hosts2, use it for hostkey lookup, but do not modify.
This commit is contained in:
parent
b710f788f1
commit
d6481ea49a
|
@ -46,6 +46,11 @@
|
||||||
- deraadt@cvs.openbsd.org 2001/06/23 02:33:05
|
- deraadt@cvs.openbsd.org 2001/06/23 02:33:05
|
||||||
[sftp.1 sftp-server.8 ssh-keygen.1]
|
[sftp.1 sftp-server.8 ssh-keygen.1]
|
||||||
join .%A entries; most by bk@rt.fm
|
join .%A entries; most by bk@rt.fm
|
||||||
|
- markus@cvs.openbsd.org 2001/06/23 02:34:33
|
||||||
|
[kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1
|
||||||
|
sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8]
|
||||||
|
get rid of known_hosts2, use it for hostkey lookup, but do not
|
||||||
|
modify.
|
||||||
|
|
||||||
20010622
|
20010622
|
||||||
- (stevesk) handle systems without pw_expire and pw_change.
|
- (stevesk) handle systems without pw_expire and pw_change.
|
||||||
|
@ -5730,4 +5735,4 @@
|
||||||
- Wrote replacements for strlcpy and mkdtemp
|
- Wrote replacements for strlcpy and mkdtemp
|
||||||
- Released 1.0pre1
|
- Released 1.0pre1
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.1308 2001/06/25 04:32:38 mouring Exp $
|
$Id: ChangeLog,v 1.1309 2001/06/25 04:37:41 mouring Exp $
|
||||||
|
|
4
kex.h
4
kex.h
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: kex.h,v 1.22 2001/04/04 20:25:37 markus Exp $ */
|
/* $OpenBSD: kex.h,v 1.23 2001/06/23 02:34:28 markus Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||||
|
@ -107,7 +107,7 @@ struct Kex {
|
||||||
int flags;
|
int flags;
|
||||||
char *client_version_string;
|
char *client_version_string;
|
||||||
char *server_version_string;
|
char *server_version_string;
|
||||||
int (*check_host_key)(Key *hostkey);
|
int (*verify_host_key)(Key *hostkey);
|
||||||
Key *(*load_host_key)(int type);
|
Key *(*load_host_key)(int type);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
9
kexdh.c
9
kexdh.c
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: kexdh.c,v 1.4 2001/06/07 20:23:04 markus Exp $");
|
RCSID("$OpenBSD: kexdh.c,v 1.5 2001/06/23 02:34:29 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/crypto.h>
|
#include <openssl/crypto.h>
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
@ -123,9 +123,10 @@ kexdh_client(Kex *kex)
|
||||||
if (server_host_key == NULL)
|
if (server_host_key == NULL)
|
||||||
fatal("cannot decode server_host_key_blob");
|
fatal("cannot decode server_host_key_blob");
|
||||||
|
|
||||||
if (kex->check_host_key == NULL)
|
if (kex->verify_host_key == NULL)
|
||||||
fatal("cannot check server_host_key");
|
fatal("cannot verify server_host_key");
|
||||||
kex->check_host_key(server_host_key);
|
if (kex->verify_host_key(server_host_key) == -1)
|
||||||
|
fatal("server_host_key verification failed");
|
||||||
|
|
||||||
/* DH paramter f, server public DH key */
|
/* DH paramter f, server public DH key */
|
||||||
dh_server_pub = BN_new();
|
dh_server_pub = BN_new();
|
||||||
|
|
9
kexgex.c
9
kexgex.c
|
@ -24,7 +24,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: kexgex.c,v 1.6 2001/06/07 20:23:04 markus Exp $");
|
RCSID("$OpenBSD: kexgex.c,v 1.7 2001/06/23 02:34:29 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
|
||||||
|
@ -177,9 +177,10 @@ kexgex_client(Kex *kex)
|
||||||
if (server_host_key == NULL)
|
if (server_host_key == NULL)
|
||||||
fatal("cannot decode server_host_key_blob");
|
fatal("cannot decode server_host_key_blob");
|
||||||
|
|
||||||
if (kex->check_host_key == NULL)
|
if (kex->verify_host_key == NULL)
|
||||||
fatal("cannot check server_host_key");
|
fatal("cannot verify server_host_key");
|
||||||
kex->check_host_key(server_host_key);
|
if (kex->verify_host_key(server_host_key) == -1)
|
||||||
|
fatal("server_host_key verification failed");
|
||||||
|
|
||||||
/* DH paramter f, server public DH key */
|
/* DH paramter f, server public DH key */
|
||||||
dh_server_pub = BN_new();
|
dh_server_pub = BN_new();
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: pathnames.h,v 1.8 2001/06/22 21:55:49 markus Exp $ */
|
/* $OpenBSD: pathnames.h,v 1.9 2001/06/23 02:34:30 markus Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
|
@ -25,6 +25,7 @@
|
||||||
* world-readable.
|
* world-readable.
|
||||||
*/
|
*/
|
||||||
#define _PATH_SSH_SYSTEM_HOSTFILE ETCDIR "/ssh_known_hosts"
|
#define _PATH_SSH_SYSTEM_HOSTFILE ETCDIR "/ssh_known_hosts"
|
||||||
|
/* backward compat for protocol 2 */
|
||||||
#define _PATH_SSH_SYSTEM_HOSTFILE2 ETCDIR "/ssh_known_hosts2"
|
#define _PATH_SSH_SYSTEM_HOSTFILE2 ETCDIR "/ssh_known_hosts2"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -62,6 +63,7 @@
|
||||||
* contain anything particularly secret.
|
* contain anything particularly secret.
|
||||||
*/
|
*/
|
||||||
#define _PATH_SSH_USER_HOSTFILE "~/.ssh/known_hosts"
|
#define _PATH_SSH_USER_HOSTFILE "~/.ssh/known_hosts"
|
||||||
|
/* backward compat for protocol 2 */
|
||||||
#define _PATH_SSH_USER_HOSTFILE2 "~/.ssh/known_hosts2"
|
#define _PATH_SSH_USER_HOSTFILE2 "~/.ssh/known_hosts2"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: readconf.c,v 1.80 2001/06/08 15:25:40 markus Exp $");
|
RCSID("$OpenBSD: readconf.c,v 1.81 2001/06/23 02:34:30 markus Exp $");
|
||||||
|
|
||||||
#include "ssh.h"
|
#include "ssh.h"
|
||||||
#include "xmalloc.h"
|
#include "xmalloc.h"
|
||||||
|
@ -162,9 +162,9 @@ static struct {
|
||||||
{ "host", oHost },
|
{ "host", oHost },
|
||||||
{ "escapechar", oEscapeChar },
|
{ "escapechar", oEscapeChar },
|
||||||
{ "globalknownhostsfile", oGlobalKnownHostsFile },
|
{ "globalknownhostsfile", oGlobalKnownHostsFile },
|
||||||
{ "userknownhostsfile", oUserKnownHostsFile },
|
{ "userknownhostsfile", oUserKnownHostsFile }, /* obsolete */
|
||||||
{ "globalknownhostsfile2", oGlobalKnownHostsFile2 },
|
{ "globalknownhostsfile2", oGlobalKnownHostsFile2 },
|
||||||
{ "userknownhostsfile2", oUserKnownHostsFile2 },
|
{ "userknownhostsfile2", oUserKnownHostsFile2 }, /* obsolete */
|
||||||
{ "connectionattempts", oConnectionAttempts },
|
{ "connectionattempts", oConnectionAttempts },
|
||||||
{ "batchmode", oBatchMode },
|
{ "batchmode", oBatchMode },
|
||||||
{ "checkhostip", oCheckHostIP },
|
{ "checkhostip", oCheckHostIP },
|
||||||
|
|
|
@ -11,7 +11,7 @@
|
||||||
* called by a name other than "ssh" or "Secure Shell".
|
* called by a name other than "ssh" or "Secure Shell".
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* RCSID("$OpenBSD: servconf.h,v 1.43 2001/05/20 17:20:35 markus Exp $"); */
|
/* RCSID("$OpenBSD: servconf.h,v 1.44 2001/06/23 02:34:31 markus Exp $"); */
|
||||||
|
|
||||||
#ifndef SERVCONF_H
|
#ifndef SERVCONF_H
|
||||||
#define SERVCONF_H
|
#define SERVCONF_H
|
||||||
|
|
51
ssh.1
51
ssh.1
|
@ -34,7 +34,7 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $OpenBSD: ssh.1,v 1.115 2001/06/22 21:55:49 markus Exp $
|
.\" $OpenBSD: ssh.1,v 1.116 2001/06/23 02:34:31 markus Exp $
|
||||||
.Dd September 25, 1999
|
.Dd September 25, 1999
|
||||||
.Dt SSH 1
|
.Dt SSH 1
|
||||||
.Os
|
.Os
|
||||||
|
@ -361,17 +361,12 @@ electronic purse; another is going through firewalls.
|
||||||
.Nm
|
.Nm
|
||||||
automatically maintains and checks a database containing
|
automatically maintains and checks a database containing
|
||||||
identifications for all hosts it has ever been used with.
|
identifications for all hosts it has ever been used with.
|
||||||
RSA host keys are stored in
|
Host keys are stored in
|
||||||
.Pa $HOME/.ssh/known_hosts
|
.Pa $HOME/.ssh/known_hosts
|
||||||
and
|
|
||||||
host keys used in the protocol version 2 are stored in
|
|
||||||
.Pa $HOME/.ssh/known_hosts2
|
|
||||||
in the user's home directory.
|
in the user's home directory.
|
||||||
Additionally, the files
|
Additionally, the file
|
||||||
.Pa /etc/ssh_known_hosts
|
.Pa /etc/ssh_known_hosts
|
||||||
and
|
is automatically checked for known hosts.
|
||||||
.Pa /etc/ssh_known_hosts2
|
|
||||||
are automatically checked for known hosts.
|
|
||||||
Any new hosts are automatically added to the user's file.
|
Any new hosts are automatically added to the user's file.
|
||||||
If a host's identification
|
If a host's identification
|
||||||
ever changes,
|
ever changes,
|
||||||
|
@ -797,13 +792,9 @@ or
|
||||||
The default is
|
The default is
|
||||||
.Dq no .
|
.Dq no .
|
||||||
.It Cm GlobalKnownHostsFile
|
.It Cm GlobalKnownHostsFile
|
||||||
Specifies a file to use for the protocol version 1 global
|
Specifies a file to use for the global
|
||||||
host key database instead of
|
host key database instead of
|
||||||
.Pa /etc/ssh_known_hosts .
|
.Pa /etc/ssh_known_hosts .
|
||||||
.It Cm GlobalKnownHostsFile2
|
|
||||||
Specifies a file to use for the protocol version 2 global
|
|
||||||
host key database instead of
|
|
||||||
.Pa /etc/ssh_known_hosts2 .
|
|
||||||
.It Cm HostbasedAuthentication
|
.It Cm HostbasedAuthentication
|
||||||
Specifies whether to try rhosts based authentication with public key
|
Specifies whether to try rhosts based authentication with public key
|
||||||
authentication.
|
authentication.
|
||||||
|
@ -1036,14 +1027,10 @@ If this flag is set to
|
||||||
.Nm
|
.Nm
|
||||||
will never automatically add host keys to the
|
will never automatically add host keys to the
|
||||||
.Pa $HOME/.ssh/known_hosts
|
.Pa $HOME/.ssh/known_hosts
|
||||||
and
|
file, and refuses to connect to hosts whose host key has changed.
|
||||||
.Pa $HOME/.ssh/known_hosts2
|
|
||||||
files, and refuses to connect to hosts whose host key has changed.
|
|
||||||
This provides maximum protection against trojan horse attacks.
|
This provides maximum protection against trojan horse attacks.
|
||||||
However, it can be somewhat annoying if you don't have good
|
However, it can be somewhat annoying if you don't have good
|
||||||
.Pa /etc/ssh_known_hosts
|
.Pa /etc/ssh_known_hosts
|
||||||
and
|
|
||||||
.Pa /etc/ssh_known_hosts2
|
|
||||||
files installed and frequently
|
files installed and frequently
|
||||||
connect to new hosts.
|
connect to new hosts.
|
||||||
This option forces the user to manually
|
This option forces the user to manually
|
||||||
|
@ -1090,13 +1077,9 @@ This can be useful if you have a different user name on different machines.
|
||||||
This saves the trouble of
|
This saves the trouble of
|
||||||
having to remember to give the user name on the command line.
|
having to remember to give the user name on the command line.
|
||||||
.It Cm UserKnownHostsFile
|
.It Cm UserKnownHostsFile
|
||||||
Specifies a file to use for the protocol version 1 user
|
Specifies a file to use for the user
|
||||||
host key database instead of
|
host key database instead of
|
||||||
.Pa $HOME/.ssh/known_hosts .
|
.Pa $HOME/.ssh/known_hosts .
|
||||||
.It Cm UserKnownHostsFile2
|
|
||||||
Specifies a file to use for the protocol version 2 user
|
|
||||||
host key database instead of
|
|
||||||
.Pa $HOME/.ssh/known_hosts2 .
|
|
||||||
.It Cm UseRsh
|
.It Cm UseRsh
|
||||||
Specifies that rlogin/rsh should be used for this host.
|
Specifies that rlogin/rsh should be used for this host.
|
||||||
It is possible that the host does not at all support the
|
It is possible that the host does not at all support the
|
||||||
|
@ -1189,13 +1172,10 @@ and adds lines of the format
|
||||||
to the environment.
|
to the environment.
|
||||||
.Sh FILES
|
.Sh FILES
|
||||||
.Bl -tag -width Ds
|
.Bl -tag -width Ds
|
||||||
.It Pa $HOME/.ssh/known_hosts, $HOME/.ssh/known_hosts2
|
.It Pa $HOME/.ssh/known_hosts
|
||||||
Records host keys for all hosts the user has logged into (that are not
|
Records host keys for all hosts the user has logged into (that are not
|
||||||
in
|
in
|
||||||
.Pa /etc/ssh_known_hosts
|
.Pa /etc/ssh_known_hosts .
|
||||||
for protocol version 1 or
|
|
||||||
.Pa /etc/ssh_known_hosts2
|
|
||||||
for protocol version 2).
|
|
||||||
See
|
See
|
||||||
.Xr sshd 8 .
|
.Xr sshd 8 .
|
||||||
.It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa
|
.It Pa $HOME/.ssh/identity, $HOME/.ssh/id_dsa, $HOME/.ssh/id_rsa
|
||||||
|
@ -1246,22 +1226,19 @@ Lists the public keys (RSA/DSA) that can be used for logging in as this user.
|
||||||
The format of this file is described in the
|
The format of this file is described in the
|
||||||
.Xr sshd 8
|
.Xr sshd 8
|
||||||
manual page.
|
manual page.
|
||||||
|
In the simplest form the format is the same as the .pub
|
||||||
|
identity files.
|
||||||
This file is not highly sensitive, but the recommended
|
This file is not highly sensitive, but the recommended
|
||||||
permissions are read/write for the user, and not accessible by others.
|
permissions are read/write for the user, and not accessible by others.
|
||||||
.It Pa /etc/ssh_known_hosts, /etc/ssh_known_hosts2
|
.It Pa /etc/ssh_known_hosts
|
||||||
Systemwide list of known host keys.
|
Systemwide list of known host keys.
|
||||||
.Pa /etc/ssh_known_hosts
|
This file should be prepared by the
|
||||||
contains RSA and
|
|
||||||
.Pa /etc/ssh_known_hosts2
|
|
||||||
contains RSA or DSA keys for protocol version 2.
|
|
||||||
These files should be prepared by the
|
|
||||||
system administrator to contain the public host keys of all machines in the
|
system administrator to contain the public host keys of all machines in the
|
||||||
organization.
|
organization.
|
||||||
This file should be world-readable.
|
This file should be world-readable.
|
||||||
This file contains
|
This file contains
|
||||||
public keys, one per line, in the following format (fields separated
|
public keys, one per line, in the following format (fields separated
|
||||||
by spaces): system name, number of bits in modulus, public exponent,
|
by spaces): system name, public key and optional comment field.
|
||||||
modulus, and optional comment field.
|
|
||||||
When different names are used
|
When different names are used
|
||||||
for the same machine, all such names should be listed, separated by
|
for the same machine, all such names should be listed, separated by
|
||||||
commas.
|
commas.
|
||||||
|
|
147
sshconnect.c
147
sshconnect.c
|
@ -13,7 +13,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshconnect.c,v 1.107 2001/06/07 20:23:05 markus Exp $");
|
RCSID("$OpenBSD: sshconnect.c,v 1.108 2001/06/23 02:34:31 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
|
|
||||||
|
@ -467,7 +467,10 @@ read_yes_or_no(const char *prompt, int defval)
|
||||||
while (1) {
|
while (1) {
|
||||||
fprintf(stderr, "%s", prompt);
|
fprintf(stderr, "%s", prompt);
|
||||||
if (fgets(buf, sizeof(buf), f) == NULL) {
|
if (fgets(buf, sizeof(buf), f) == NULL) {
|
||||||
/* Print a newline (the prompt probably didn\'t have one). */
|
/*
|
||||||
|
* Print a newline (the prompt probably didn\'t have
|
||||||
|
* one).
|
||||||
|
*/
|
||||||
fprintf(stderr, "\n");
|
fprintf(stderr, "\n");
|
||||||
strlcpy(buf, "no", sizeof buf);
|
strlcpy(buf, "no", sizeof buf);
|
||||||
}
|
}
|
||||||
|
@ -493,12 +496,13 @@ read_yes_or_no(const char *prompt, int defval)
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* check whether the supplied host key is valid, return only if ok.
|
* check whether the supplied host key is valid, return -1 if the key
|
||||||
|
* is not valid. the user_hostfile will not be updated if 'readonly' is true.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
void
|
int
|
||||||
check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
const char *user_hostfile, const char *system_hostfile)
|
int readonly, const char *user_hostfile, const char *system_hostfile)
|
||||||
{
|
{
|
||||||
Key *file_key;
|
Key *file_key;
|
||||||
char *type = key_type(host_key);
|
char *type = key_type(host_key);
|
||||||
|
@ -523,11 +527,13 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
/** hostaddr == 0! */
|
/** hostaddr == 0! */
|
||||||
switch (hostaddr->sa_family) {
|
switch (hostaddr->sa_family) {
|
||||||
case AF_INET:
|
case AF_INET:
|
||||||
local = (ntohl(((struct sockaddr_in *)hostaddr)->sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
|
local = (ntohl(((struct sockaddr_in *)hostaddr)->
|
||||||
|
sin_addr.s_addr) >> 24) == IN_LOOPBACKNET;
|
||||||
salen = sizeof(struct sockaddr_in);
|
salen = sizeof(struct sockaddr_in);
|
||||||
break;
|
break;
|
||||||
case AF_INET6:
|
case AF_INET6:
|
||||||
local = IN6_IS_ADDR_LOOPBACK(&(((struct sockaddr_in6 *)hostaddr)->sin6_addr));
|
local = IN6_IS_ADDR_LOOPBACK(
|
||||||
|
&(((struct sockaddr_in6 *)hostaddr)->sin6_addr));
|
||||||
salen = sizeof(struct sockaddr_in6);
|
salen = sizeof(struct sockaddr_in6);
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
|
@ -538,7 +544,7 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
if (local && options.host_key_alias == NULL) {
|
if (local && options.host_key_alias == NULL) {
|
||||||
debug("Forcing accepting of host key for "
|
debug("Forcing accepting of host key for "
|
||||||
"loopback/localhost.");
|
"loopback/localhost.");
|
||||||
return;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -582,10 +588,12 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
* hosts or in the systemwide list.
|
* hosts or in the systemwide list.
|
||||||
*/
|
*/
|
||||||
host_file = user_hostfile;
|
host_file = user_hostfile;
|
||||||
host_status = check_host_in_hostfile(host_file, host, host_key, file_key, &host_line);
|
host_status = check_host_in_hostfile(host_file, host, host_key,
|
||||||
|
file_key, &host_line);
|
||||||
if (host_status == HOST_NEW) {
|
if (host_status == HOST_NEW) {
|
||||||
host_file = system_hostfile;
|
host_file = system_hostfile;
|
||||||
host_status = check_host_in_hostfile(host_file, host, host_key, file_key, &host_line);
|
host_status = check_host_in_hostfile(host_file, host, host_key,
|
||||||
|
file_key, &host_line);
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
* Also perform check for the ip address, skip the check if we are
|
* Also perform check for the ip address, skip the check if we are
|
||||||
|
@ -595,10 +603,12 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
Key *ip_key = key_new(host_key->type);
|
Key *ip_key = key_new(host_key->type);
|
||||||
|
|
||||||
ip_file = user_hostfile;
|
ip_file = user_hostfile;
|
||||||
ip_status = check_host_in_hostfile(ip_file, ip, host_key, ip_key, &ip_line);
|
ip_status = check_host_in_hostfile(ip_file, ip, host_key,
|
||||||
|
ip_key, &ip_line);
|
||||||
if (ip_status == HOST_NEW) {
|
if (ip_status == HOST_NEW) {
|
||||||
ip_file = system_hostfile;
|
ip_file = system_hostfile;
|
||||||
ip_status = check_host_in_hostfile(ip_file, ip, host_key, ip_key, &ip_line);
|
ip_status = check_host_in_hostfile(ip_file, ip,
|
||||||
|
host_key, ip_key, &ip_line);
|
||||||
}
|
}
|
||||||
if (host_status == HOST_CHANGED &&
|
if (host_status == HOST_CHANGED &&
|
||||||
(ip_status != HOST_CHANGED || !key_equal(ip_key, file_key)))
|
(ip_status != HOST_CHANGED || !key_equal(ip_key, file_key)))
|
||||||
|
@ -617,32 +627,49 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
host, type);
|
host, type);
|
||||||
debug("Found key in %s:%d", host_file, host_line);
|
debug("Found key in %s:%d", host_file, host_line);
|
||||||
if (options.check_host_ip && ip_status == HOST_NEW) {
|
if (options.check_host_ip && ip_status == HOST_NEW) {
|
||||||
if (!add_host_to_hostfile(user_hostfile, ip, host_key))
|
if (readonly)
|
||||||
log("Failed to add the %s host key for IP address '%.128s' to the list of known hosts (%.30s).",
|
log("%s host key for IP address "
|
||||||
type, ip, user_hostfile);
|
"'%.128s' not in list of known hosts.",
|
||||||
else
|
|
||||||
log("Warning: Permanently added the %s host key for IP address '%.128s' to the list of known hosts.",
|
|
||||||
type, ip);
|
type, ip);
|
||||||
|
else if (!add_host_to_hostfile(user_hostfile, ip,
|
||||||
|
host_key))
|
||||||
|
log("Failed to add the %s host key for IP "
|
||||||
|
"address '%.128s' to the list of known "
|
||||||
|
"hosts (%.30s).", type, ip, user_hostfile);
|
||||||
|
else
|
||||||
|
log("Warning: Permanently added the %s host "
|
||||||
|
"key for IP address '%.128s' to the list "
|
||||||
|
"of known hosts.", type, ip);
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case HOST_NEW:
|
case HOST_NEW:
|
||||||
|
if (readonly)
|
||||||
|
goto fail;
|
||||||
/* The host is new. */
|
/* The host is new. */
|
||||||
if (options.strict_host_key_checking == 1) {
|
if (options.strict_host_key_checking == 1) {
|
||||||
/* User has requested strict host key checking. We will not add the host key
|
/*
|
||||||
automatically. The only alternative left is to abort. */
|
* User has requested strict host key checking. We
|
||||||
fatal("No %s host key is known for %.200s and you have requested strict checking.", type, host);
|
* will not add the host key automatically. The only
|
||||||
|
* alternative left is to abort.
|
||||||
|
*/
|
||||||
|
error("No %s host key is known for %.200s and you "
|
||||||
|
"have requested strict checking.", type, host);
|
||||||
|
goto fail;
|
||||||
} else if (options.strict_host_key_checking == 2) {
|
} else if (options.strict_host_key_checking == 2) {
|
||||||
/* The default */
|
/* The default */
|
||||||
char prompt[1024];
|
char prompt[1024];
|
||||||
fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
|
fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX);
|
||||||
snprintf(prompt, sizeof(prompt),
|
snprintf(prompt, sizeof(prompt),
|
||||||
"The authenticity of host '%.200s (%s)' can't be established.\n"
|
"The authenticity of host '%.200s (%s)' can't be "
|
||||||
|
"established.\n"
|
||||||
"%s key fingerprint is %s.\n"
|
"%s key fingerprint is %s.\n"
|
||||||
"Are you sure you want to continue connecting (yes/no)? ",
|
"Are you sure you want to continue connecting "
|
||||||
host, ip, type, fp);
|
"(yes/no)? ", host, ip, type, fp);
|
||||||
xfree(fp);
|
xfree(fp);
|
||||||
if (!read_yes_or_no(prompt, -1))
|
if (!read_yes_or_no(prompt, -1)) {
|
||||||
fatal("Aborted by user!");
|
log("Aborted by user!");
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (options.check_host_ip && ip_status == HOST_NEW) {
|
if (options.check_host_ip && ip_status == HOST_NEW) {
|
||||||
snprintf(hostline, sizeof(hostline), "%s,%s", host, ip);
|
snprintf(hostline, sizeof(hostline), "%s,%s", host, ip);
|
||||||
|
@ -650,13 +677,16 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
} else
|
} else
|
||||||
hostp = host;
|
hostp = host;
|
||||||
|
|
||||||
/* If not in strict mode, add the key automatically to the local known_hosts file. */
|
/*
|
||||||
|
* If not in strict mode, add the key automatically to the
|
||||||
|
* local known_hosts file.
|
||||||
|
*/
|
||||||
if (!add_host_to_hostfile(user_hostfile, hostp, host_key))
|
if (!add_host_to_hostfile(user_hostfile, hostp, host_key))
|
||||||
log("Failed to add the host to the list of known hosts (%.500s).",
|
log("Failed to add the host to the list of known "
|
||||||
user_hostfile);
|
"hosts (%.500s).", user_hostfile);
|
||||||
else
|
else
|
||||||
log("Warning: Permanently added '%.200s' (%s) to the list of known hosts.",
|
log("Warning: Permanently added '%.200s' (%s) to the "
|
||||||
hostp, type);
|
"list of known hosts.", hostp, type);
|
||||||
break;
|
break;
|
||||||
case HOST_CHANGED:
|
case HOST_CHANGED:
|
||||||
if (options.check_host_ip && host_ip_differ) {
|
if (options.check_host_ip && host_ip_differ) {
|
||||||
|
@ -698,8 +728,11 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
* If strict host key checking is in use, the user will have
|
* If strict host key checking is in use, the user will have
|
||||||
* to edit the key manually and we can only abort.
|
* to edit the key manually and we can only abort.
|
||||||
*/
|
*/
|
||||||
if (options.strict_host_key_checking)
|
if (options.strict_host_key_checking) {
|
||||||
fatal("%s host key for %.200s has changed and you have requested strict checking.", type, host);
|
error("%s host key for %.200s has changed and you have "
|
||||||
|
"requested strict checking.", type, host);
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* If strict host key checking has not been requested, allow
|
* If strict host key checking has not been requested, allow
|
||||||
|
@ -707,20 +740,26 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
* agent forwarding.
|
* agent forwarding.
|
||||||
*/
|
*/
|
||||||
if (options.password_authentication) {
|
if (options.password_authentication) {
|
||||||
error("Password authentication is disabled to avoid trojan horses.");
|
error("Password authentication is disabled to avoid "
|
||||||
|
"man-in-the-middle attacks.");
|
||||||
options.password_authentication = 0;
|
options.password_authentication = 0;
|
||||||
}
|
}
|
||||||
if (options.forward_agent) {
|
if (options.forward_agent) {
|
||||||
error("Agent forwarding is disabled to avoid trojan horses.");
|
error("Agent forwarding is disabled to avoid "
|
||||||
|
"man-in-the-middle attacks.");
|
||||||
options.forward_agent = 0;
|
options.forward_agent = 0;
|
||||||
}
|
}
|
||||||
if (options.forward_x11) {
|
if (options.forward_x11) {
|
||||||
error("X11 forwarding is disabled to avoid trojan horses.");
|
error("X11 forwarding is disabled to avoid "
|
||||||
|
"man-in-the-middle attacks.");
|
||||||
options.forward_x11 = 0;
|
options.forward_x11 = 0;
|
||||||
}
|
}
|
||||||
if (options.num_local_forwards > 0 || options.num_remote_forwards > 0) {
|
if (options.num_local_forwards > 0 ||
|
||||||
error("Port forwarding is disabled to avoid trojan horses.");
|
options.num_remote_forwards > 0) {
|
||||||
options.num_local_forwards = options.num_remote_forwards = 0;
|
error("Port forwarding is disabled to avoid "
|
||||||
|
"man-in-the-middle attacks.");
|
||||||
|
options.num_local_forwards =
|
||||||
|
options.num_remote_forwards = 0;
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
* XXX Should permit the user to change to use the new id.
|
* XXX Should permit the user to change to use the new id.
|
||||||
|
@ -741,15 +780,39 @@ check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
||||||
log("Matching host key in %s:%d", host_file, host_line);
|
log("Matching host key in %s:%d", host_file, host_line);
|
||||||
log("Offending key for IP in %s:%d", ip_file, ip_line);
|
log("Offending key for IP in %s:%d", ip_file, ip_line);
|
||||||
if (options.strict_host_key_checking == 1) {
|
if (options.strict_host_key_checking == 1) {
|
||||||
fatal("Exiting, you have requested strict checking.");
|
error("Exiting, you have requested strict checking.");
|
||||||
|
goto fail;
|
||||||
} else if (options.strict_host_key_checking == 2) {
|
} else if (options.strict_host_key_checking == 2) {
|
||||||
if (!read_yes_or_no("Are you sure you want " \
|
if (!read_yes_or_no("Are you sure you want "
|
||||||
"to continue connecting (yes/no)? ", -1))
|
"to continue connecting (yes/no)? ", -1)) {
|
||||||
fatal("Aborted by user!");
|
log("Aborted by user!");
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
xfree(ip);
|
xfree(ip);
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
fail:
|
||||||
|
xfree(ip);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
int
|
||||||
|
verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key)
|
||||||
|
{
|
||||||
|
struct stat st;
|
||||||
|
|
||||||
|
/* return ok if the key can be found in an old keyfile */
|
||||||
|
if (stat(options.system_hostfile2, &st) == 0 ||
|
||||||
|
stat(options.user_hostfile2, &st) == 0) {
|
||||||
|
if (check_host_key(host, hostaddr, host_key, /*readonly*/ 1,
|
||||||
|
options.user_hostfile2, options.system_hostfile2) == 0)
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
return check_host_key(host, hostaddr, host_key, /*readonly*/ 0,
|
||||||
|
options.user_hostfile, options.system_hostfile);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: sshconnect.h,v 1.9 2001/04/12 19:15:25 markus Exp $ */
|
/* $OpenBSD: sshconnect.h,v 1.10 2001/06/23 02:34:32 markus Exp $ */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
* Copyright (c) 2000 Markus Friedl. All rights reserved.
|
||||||
|
@ -36,9 +36,7 @@ void
|
||||||
ssh_login(Key **keys, int nkeys, const char *orighost,
|
ssh_login(Key **keys, int nkeys, const char *orighost,
|
||||||
struct sockaddr *hostaddr, struct passwd *pw);
|
struct sockaddr *hostaddr, struct passwd *pw);
|
||||||
|
|
||||||
void
|
int verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key);
|
||||||
check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key,
|
|
||||||
const char *user_hostfile, const char *system_hostfile);
|
|
||||||
|
|
||||||
void ssh_kex(char *host, struct sockaddr *hostaddr);
|
void ssh_kex(char *host, struct sockaddr *hostaddr);
|
||||||
void ssh_kex2(char *host, struct sockaddr *hostaddr);
|
void ssh_kex2(char *host, struct sockaddr *hostaddr);
|
||||||
|
|
|
@ -13,7 +13,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshconnect1.c,v 1.33 2001/06/07 20:23:05 markus Exp $");
|
RCSID("$OpenBSD: sshconnect1.c,v 1.34 2001/06/23 02:34:32 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
|
@ -784,8 +784,8 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
|
||||||
SSH_SMSG_PUBLIC_KEY);
|
SSH_SMSG_PUBLIC_KEY);
|
||||||
k.type = KEY_RSA1;
|
k.type = KEY_RSA1;
|
||||||
k.rsa = host_key;
|
k.rsa = host_key;
|
||||||
check_host_key(host, hostaddr, &k,
|
if (verify_host_key(host, hostaddr, &k) == -1)
|
||||||
options.user_hostfile, options.system_hostfile);
|
fatal("host_key verification failed");
|
||||||
|
|
||||||
client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN;
|
client_flags = SSH_PROTOFLAG_SCREEN_NUMBER | SSH_PROTOFLAG_HOST_IN_FWD_OPEN;
|
||||||
|
|
||||||
|
|
|
@ -23,7 +23,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: sshconnect2.c,v 1.74 2001/05/19 16:32:16 markus Exp $");
|
RCSID("$OpenBSD: sshconnect2.c,v 1.75 2001/06/23 02:34:33 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/bn.h>
|
#include <openssl/bn.h>
|
||||||
#include <openssl/md5.h>
|
#include <openssl/md5.h>
|
||||||
|
@ -73,10 +73,10 @@ struct sockaddr *xxx_hostaddr;
|
||||||
Kex *xxx_kex = NULL;
|
Kex *xxx_kex = NULL;
|
||||||
|
|
||||||
int
|
int
|
||||||
check_host_key_callback(Key *hostkey)
|
verify_host_key_callback(Key *hostkey)
|
||||||
{
|
{
|
||||||
check_host_key(xxx_host, xxx_hostaddr, hostkey,
|
if (verify_host_key(xxx_host, xxx_hostaddr, hostkey) == -1)
|
||||||
options.user_hostfile2, options.system_hostfile2);
|
fatal("verify_host_key failed");
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -119,7 +119,7 @@ ssh_kex2(char *host, struct sockaddr *hostaddr)
|
||||||
kex = kex_setup(myproposal);
|
kex = kex_setup(myproposal);
|
||||||
kex->client_version_string=client_version_string;
|
kex->client_version_string=client_version_string;
|
||||||
kex->server_version_string=server_version_string;
|
kex->server_version_string=server_version_string;
|
||||||
kex->check_host_key=&check_host_key_callback;
|
kex->verify_host_key=&verify_host_key_callback;
|
||||||
|
|
||||||
xxx_kex = kex;
|
xxx_kex = kex;
|
||||||
|
|
||||||
|
|
20
sshd.8
20
sshd.8
|
@ -34,7 +34,7 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $OpenBSD: sshd.8,v 1.130 2001/06/22 21:55:50 markus Exp $
|
.\" $OpenBSD: sshd.8,v 1.131 2001/06/23 02:34:33 markus Exp $
|
||||||
.Dd September 25, 1999
|
.Dd September 25, 1999
|
||||||
.Dt SSHD 8
|
.Dt SSHD 8
|
||||||
.Os
|
.Os
|
||||||
|
@ -1025,10 +1025,8 @@ permitopen="10.2.1.55:80",permitopen="10.2.1.56:25" 1024 33 23.\|.\|.\|2323
|
||||||
.Sh SSH_KNOWN_HOSTS FILE FORMAT
|
.Sh SSH_KNOWN_HOSTS FILE FORMAT
|
||||||
The
|
The
|
||||||
.Pa /etc/ssh_known_hosts ,
|
.Pa /etc/ssh_known_hosts ,
|
||||||
.Pa /etc/ssh_known_hosts2 ,
|
|
||||||
.Pa $HOME/.ssh/known_hosts ,
|
|
||||||
and
|
and
|
||||||
.Pa $HOME/.ssh/known_hosts2
|
.Pa $HOME/.ssh/known_hosts
|
||||||
files contain host public keys for all known hosts.
|
files contain host public keys for all known hosts.
|
||||||
The global file should
|
The global file should
|
||||||
be prepared by the administrator (optional), and the per-user file is
|
be prepared by the administrator (optional), and the per-user file is
|
||||||
|
@ -1129,7 +1127,8 @@ files into this file, as described in
|
||||||
.Xr ssh-keygen 1 .
|
.Xr ssh-keygen 1 .
|
||||||
.It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts"
|
.It Pa "/etc/ssh_known_hosts" and "$HOME/.ssh/known_hosts"
|
||||||
These files are consulted when using rhosts with RSA host
|
These files are consulted when using rhosts with RSA host
|
||||||
authentication to check the public key of the host.
|
authentication or protocol version 2 hostbased authentication
|
||||||
|
to check the public key of the host.
|
||||||
The key must be listed in one of these files to be accepted.
|
The key must be listed in one of these files to be accepted.
|
||||||
The client uses the same files
|
The client uses the same files
|
||||||
to verify that it is connecting to the correct remote host.
|
to verify that it is connecting to the correct remote host.
|
||||||
|
@ -1138,17 +1137,6 @@ These files should be writable only by root/the owner.
|
||||||
should be world-readable, and
|
should be world-readable, and
|
||||||
.Pa $HOME/.ssh/known_hosts
|
.Pa $HOME/.ssh/known_hosts
|
||||||
can but need not be world-readable.
|
can but need not be world-readable.
|
||||||
.It Pa "/etc/ssh_known_hosts2" and "$HOME/.ssh/known_hosts2"
|
|
||||||
These files are consulted when using protocol version 2 hostbased
|
|
||||||
authentication to check the public key of the host.
|
|
||||||
The key must be listed in one of these files to be accepted.
|
|
||||||
The client uses the same files
|
|
||||||
to verify that it is connecting to the correct remote host.
|
|
||||||
These files should be writable only by root/the owner.
|
|
||||||
.Pa /etc/ssh_known_hosts2
|
|
||||||
should be world-readable, and
|
|
||||||
.Pa $HOME/.ssh/known_hosts2
|
|
||||||
can but need not be world-readable.
|
|
||||||
.It Pa /etc/nologin
|
.It Pa /etc/nologin
|
||||||
If this file exists,
|
If this file exists,
|
||||||
.Nm
|
.Nm
|
||||||
|
|
Loading…
Reference in New Issue