Commit Graph

224 Commits

Author SHA1 Message Date
Damien Miller
111431963e - stevesk@cvs.openbsd.org 2011/03/23 16:50:04
[ssh-keygen.c]
     remove -d, documentation removed >10 years ago; ok markus
2011-05-05 14:13:25 +10:00
Damien Miller
58f1bafb3d - stevesk@cvs.openbsd.org 2011/03/23 15:16:22
[ssh-keygen.1 ssh-keygen.c]
     Add -A option.  For each of the key types (rsa1, rsa, dsa and ecdsa)
     for which host keys do not exist, generate the host keys with the
     default key file path, an empty passphrase, default bits for the key
     type, and default comment.  This will be used by /etc/rc to generate
     new host keys.  Idea from deraadt.
     ok deraadt
2011-05-05 14:06:15 +10:00
Damien Miller
f22019bdbf - (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
   [ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
   [ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
   [regress/README.regress] Remove ssh-rand-helper and all its
   tentacles. PRNGd seeding has been rolled into entropy.c directly.
   Thanks to tim@ for testing on affected platforms.
2011-05-05 13:48:37 +10:00
Damien Miller
821de0ad2e - djm@cvs.openbsd.org 2011/01/11 06:13:10
[clientloop.c ssh-keygen.c sshd.c]
     some unsigned long long casts that make things a bit easier for
     portable without resorting to dropping PRIu64 formats everywhere
2011-01-11 17:20:29 +11:00
Damien Miller
dd190ddfd7 - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
platforms that don't support ECC. Fixes some spurious warnings reported
   by tim@
2010-11-11 14:17:02 +11:00
Damien Miller
b472a90d4c - djm@cvs.openbsd.org 2010/10/28 11:22:09
[authfile.c key.c key.h ssh-keygen.c]
     fix a possible NULL deref on loading a corrupt ECDH key

     store ECDH group information in private keys files as "named groups"
     rather than as a set of explicit group parameters (by setting
     the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
     retrieves the group's OpenSSL NID that we need for various things.
2010-11-05 10:19:49 +11:00
Damien Miller
6af914a15c - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
[kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
   [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
   platforms that don't have the requisite OpenSSL support. ok dtucker@
2010-09-10 11:39:26 +10:00
Damien Miller
6e9f680cd2 - naddy@cvs.openbsd.org 2010/09/02 17:21:50
[ssh-keygen.c]
     Switch ECDSA default key size to 256 bits, which according to RFC5656
     should still be better than our current RSA-2048 default.
     ok djm@, markus@
2010-09-10 11:17:38 +10:00
Damien Miller
5773794d55 - markus@cvs.openbsd.org 2010/09/02 16:07:25
[ssh-keygen.c]
     permit -b 256, 384 or 521 as key size for ECDSA; ok djm@
2010-09-10 11:16:37 +10:00
Damien Miller
4314c2b548 - djm@cvs.openbsd.org 2010/08/31 12:33:38
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     reintroduce commit from tedu@, which I pulled out for release
     engineering:
       OpenSSL_add_all_algorithms is the name of the function we have a
       man page for, so use that.  ok djm
2010-09-10 11:12:09 +10:00
Damien Miller
eb8b60e320 - djm@cvs.openbsd.org 2010/08/31 11:54:45
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
     [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
     [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
     [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
     [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
     [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
     [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
     Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
     host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
     better performance than plain DH and DSA at the same equivalent symmetric
     key length, as well as much shorter keys.

     Only the mandatory sections of RFC5656 are implemented, specifically the
     three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
     ECDSA. Point compression (optional in RFC5656 is NOT implemented).

     Certificate host and user keys using the new ECDSA key types are supported.

     Note that this code has not been tested for interoperability and may be
     subject to change.

     feedback and ok markus@
2010-08-31 22:41:14 +10:00
Damien Miller
d96546f5b0 - djm@cvs.openbsd.org 2010/08/16 04:06:06
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     backout previous temporarily; discussed with deraadt@
2010-08-31 22:32:12 +10:00
Damien Miller
9b87e79538 - tedu@cvs.openbsd.org 2010/08/12 23:34:39
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     OpenSSL_add_all_algorithms is the name of the function we have a man page
     for, so use that.  ok djm
2010-08-31 22:31:37 +10:00
Damien Miller
757f34e051 - djm@cvs.openbsd.org 2010/08/04 06:07:11
[ssh-keygen.1 ssh-keygen.c]
     Support CA keys in PKCS#11 tokens; feedback and ok markus@
2010-08-05 13:05:31 +10:00
Damien Miller
1da6388959 - djm@cvs.openbsd.org 2010/08/04 05:40:39
[PROTOCOL.certkeys ssh-keygen.c]
     tighten the rules for certificate encoding by requiring that options
     appear in lexical order and make our ssh-keygen comply. ok markus@
2010-08-05 13:03:51 +10:00
Damien Miller
844cccfc1a - OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/07/16 04:45:30
     [ssh-keygen.c]
     avoid bogus compiler warning
2010-08-03 16:03:29 +10:00
Damien Miller
6022f58e3a - jmc@cvs.openbsd.org 2010/06/30 07:26:03
[ssh-keygen.c]
     sort usage();
2010-07-02 13:37:01 +10:00
Damien Miller
44b2504011 - djm@cvs.openbsd.org 2010/06/29 23:15:30
[ssh-keygen.1 ssh-keygen.c]
     allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
     bz#1749; ok markus@
2010-07-02 13:35:01 +10:00
Damien Miller
d834d35834 - djm@cvs.openbsd.org 2010/06/23 02:59:02
[ssh-keygen.c]
     fix printing of extensions in v01 certificates that I broke in r1.190
2010-06-26 09:48:02 +10:00
Damien Miller
ba3420acd2 - djm@cvs.openbsd.org 2010/06/22 04:32:06
[ssh-keygen.c]
     standardise error messages when attempting to open private key
     files to include "progname: filename: error reason"
     bz#1783; ok dtucker@
2010-06-26 09:39:07 +10:00
Damien Miller
d0e4a8e2e0 - djm@cvs.openbsd.org 2010/05/20 23:46:02
[PROTOCOL.certkeys auth-options.c ssh-keygen.c]
     Move the permit-* options to the non-critical "extensions" field for v01
     certificates. The logic is that if another implementation fails to
     implement them then the connection just loses features rather than fails
     outright.

     ok markus@
2010-05-21 14:58:32 +10:00
Damien Miller
bebbb7e8a5 - djm@cvs.openbsd.org 2010/04/23 22:48:31
[ssh-keygen.c]
     refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,
     since we would refuse to use them anyway. bz#1516; ok dtucker@
2010-05-10 11:54:38 +10:00
Damien Miller
50af79b118 - OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/04/23 01:47:41
     [ssh-keygen.c]
     bz#1740: display a more helpful error message when $HOME is
     inaccessible while trying to create .ssh directory. Based on patch
     from jchadima AT redhat.com; ok dtucker@
2010-05-10 11:52:00 +10:00
Damien Miller
1f181425e9 - jmc@cvs.openbsd.org 2010/04/16 06:47:04
[ssh-keygen.1 ssh-keygen.c]
     tweak previous; ok djm
2010-04-18 08:08:03 +10:00
Damien Miller
4e270b05dd - djm@cvs.openbsd.org 2010/04/16 01:47:26
[PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
     [auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
     [sshconnect.c sshconnect2.c sshd.c]
     revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
     following changes:

     move the nonce field to the beginning of the certificate where it can
     better protect against chosen-prefix attacks on the signature hash

     Rename "constraints" field to "critical options"

     Add a new non-critical "extensions" field

     Add a serial number

     The older format is still support for authentication and cert generation
     (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)

     ok markus@
2010-04-16 15:56:21 +10:00
Damien Miller
1cfbfaf4a0 - stevesk@cvs.openbsd.org 2010/03/15 19:40:02
[key.c key.h ssh-keygen.c]
     also print certificate type (user or host) for ssh-keygen -L
     ok djm kettenis
2010-03-22 05:58:24 +11:00
Damien Miller
3e1ee491f3 - djm@cvs.openbsd.org 2010/03/07 22:16:01
[ssh-keygen.c]
     make internal strptime string match strftime format;
     suggested by vinschen AT redhat.com and markus@
2010-03-08 09:24:11 +11:00
Damien Miller
689b872842 - djm@cvs.openbsd.org 2010/03/04 23:27:25
[auth-options.c ssh-keygen.c]
     "force-command" is not spelled "forced-command"; spotted by
     imorgan AT nas.nasa.gov
2010-03-05 10:42:24 +11:00
Damien Miller
f2b70cad75 - djm@cvs.openbsd.org 2010/03/04 20:35:08
[ssh-keygen.1 ssh-keygen.c]
     Add a -L flag to print the contents of a certificate; ok markus@
2010-03-05 07:39:35 +11:00
Damien Miller
1aed65eb27 - djm@cvs.openbsd.org 2010/03/04 10:36:03
[auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
     [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
     [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
     Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
     are trusted to authenticate users (in addition than doing it per-user
     in authorized_keys).

     Add a RevokedKeys option to sshd_config and a @revoked marker to
     known_hosts to allow keys to me revoked and banned for user or host
     authentication.

     feedback and ok markus@
2010-03-04 21:53:35 +11:00
Damien Miller
910f209c1d - (djm) [ssh-keygen.c] Use correct local variable, instead of
maybe-undefined global "optarg"
2010-03-04 14:17:22 +11:00
Damien Miller
2ca342b84b - djm@cvs.openbsd.org 2010/03/02 23:20:57
[ssh-keygen.c]
     POSIX strptime is stricter than OpenBSD's so do a little dance to
     appease it.
2010-03-03 12:14:15 +11:00
Damien Miller
0a80ca190a - OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/02/26 20:29:54
     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
     [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
     [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
     [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
     [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
     [sshconnect2.c sshd.8 sshd.c sshd_config.5]
     Add support for certificate key types for users and hosts.

     OpenSSH certificate key types are not X.509 certificates, but a much
     simpler format that encodes a public key, identity information and
     some validity constraints and signs it with a CA key. CA keys are
     regular SSH keys. This certificate style avoids the attack surface
     of X.509 certificates and is very easy to deploy.

     Certified host keys allow automatic acceptance of new host keys
     when a CA certificate is marked as sh/known_hosts.
     see VERIFYING HOST KEYS in ssh(1) for details.

     Certified user keys allow authentication of users when the signing
     CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
     FILE FORMAT" in sshd(8) for details.

     Certificates are minted using ssh-keygen(1), documentation is in
     the "CERTIFICATES" section of that manpage.

     Documentation on the format of certificates is in the file
     PROTOCOL.certkeys

     feedback and ok markus@
2010-02-27 07:55:05 +11:00
Damien Miller
86cbb44d47 - djm@cvs.openbsd.org 2010/02/09 00:50:59
[ssh-keygen.c]
     fix -Wall
2010-02-12 09:22:57 +11:00
Damien Miller
7ea845e48d - markus@cvs.openbsd.org 2010/02/08 10:50:20
[pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
     [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
     replace our obsolete smartcard code with PKCS#11.
        ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
     ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
     provider (shared library) while ssh-agent(1) delegates PKCS#11 to
     a forked a ssh-pkcs11-helper process.
     PKCS#11 is currently a compile time option.
     feedback and ok djm@; inspired by patches from Alon Bar-Lev
`
2010-02-12 09:21:02 +11:00
Darren Tucker
d04758dc4c - djm@cvs.openbsd.org 2010/01/11 10:51:07
[ssh-keygen.c]
     when converting keys, truncate key comments at 72 chars as per RFC4716;
     bz#1630 reported by tj AT castaglia.org; ok markus@
2010-01-12 19:41:57 +11:00
Darren Tucker
9bcd25b78b - djm@cvs.openbsd.org 2009/08/27 17:33:49
[ssh-keygen.c]
     force use of correct hash function for random-art signature display
     as it was inheriting the wrong one when bubblebabble signatures were
     activated; bz#1611 report and patch from fwojcik+openssh AT besh.com;
     ok markus@
2009-10-07 08:45:48 +11:00
Darren Tucker
821d3dbe36 - dtucker@cvs.openbsd.org 2009/06/22 05:39:28
[monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
     alphabetize includes; reduces diff vs portable and style(9).
     ok stevesk djm
     (Id sync only; these were already in order in -portable)
2009-06-22 16:11:06 +10:00
Damien Miller
9eab9564d5 - (djm) OpenBSD CVS Sync
- tobias@cvs.openbsd.org 2009/02/21 19:32:04
     [misc.c sftp-server-main.c ssh-keygen.c]
     Added missing newlines in error messages.
     ok dtucker
2009-02-22 08:47:02 +11:00
Darren Tucker
e15fb09847 - stevesk@cvs.openbsd.org 2008/11/07 00:42:12
[ssh-keygen.c]
     spelling/typo in comment
2008-11-11 16:31:43 +11:00
Damien Miller
81dec0589a - sthen@cvs.openbsd.org 2008/07/13 21:22:52
[ssh-keygen.c]
     Change "ssh-keygen -F [host] -l" to not display random art unless
     -v is also specified, making it consistent with the manual and other
     uses of -l.
     ok grunk@
2008-07-14 11:28:29 +10:00
Darren Tucker
b68fb4ad21 - grunk@cvs.openbsd.org 2008/06/12 21:14:46
[ssh-keygen.c]
     make ssh-keygen -lf show the key type just as ssh-add -l would do it
     ok djm@ markus@
2008-06-13 08:57:27 +10:00
Darren Tucker
35c45535ea - grunk@cvs.openbsd.org 2008/06/11 22:20:46
[ssh-keygen.c ssh-keygen.1]
     ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
     that is not how it was envisioned.
     Also correct manpage saying that -v is needed along with -l for it to work.
     spotted by naddy@
2008-06-13 04:43:15 +10:00
Darren Tucker
a376a32e8e - grunk@cvs.openbsd.org 2008/06/11 21:38:25
[ssh-keygen.c]
     ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
     would not display you the random art as intended, spotted by canacar@
2008-06-13 04:42:14 +10:00
Darren Tucker
9c16ac9263 - grunk@cvs.openbsd.org 2008/06/11 21:01:35
[ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
      sshconnect.c]
     Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
     graphical hash visualization schemes known as "random art", and by
     Dan Kaminsky's musings on the subject during a BlackOp talk at the
     23C3 in Berlin.
     Scientific publication (original paper):
     "Hash Visualization: a New Technique to improve Real-World Security",
     Perrig A. and Song D., 1999, International Workshop on Cryptographic
     Techniques and E-Commerce (CrypTEC '99)
     http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
     The algorithm used here is a worm crawling over a discrete plane,
     leaving a trace (augmenting the field) everywhere it goes.
     Movement is taken from dgst_raw 2bit-wise.  Bumping into walls
     makes the respective movement vector be ignored for this turn,
     thus switching to the other color of the chessboard.
     Graphs are not unambiguous for now, because circles in graphs can be
     walked in either direction.
     discussions with several people,
     help, corrections and ok markus@ djm@
2008-06-13 04:40:35 +10:00
Darren Tucker
0f7e910604 - djm@cvs.openbsd.org 2008/05/19 15:46:31
[ssh-keygen.c]
     support -l (print fingerprint) in combination with -F (find host) to
     search for a host in ~/.ssh/known_hosts and display its fingerprint;
     ok markus@
2008-06-08 12:54:29 +10:00
Darren Tucker
bfaaf960a0 - (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
   header to after OpenSSL headers, since some versions of OpenSSL have
   SSLeay_add_all_algorithms as a macro already.
2008-02-28 19:13:52 +11:00
Damien Miller
cb2fbb2407 - djm@cvs.openbsd.org 2008/01/19 22:37:19
[ssh-keygen.c]
     unbreak line numbering (broken in revision 1.164), fix error message
2008-02-10 22:24:55 +11:00
Damien Miller
a8796f3fcc - djm@cvs.openbsd.org 2008/01/19 22:22:58
[ssh-keygen.c]
     when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
     hash just the specified hostname and not the entire hostspec from the
     keyfile. It may be of the form "hostname,ipaddr", which would lead to
     a hash that never matches. report and fix from jp AT devnull.cz
2008-02-10 22:24:30 +11:00
Damien Miller
0f4ed693d6 - chl@cvs.openbsd.org 2007/10/02 17:49:58
[ssh-keygen.c]
     handles zero-sized strings that fgets can return
2007-10-26 14:26:32 +10:00