Commit Graph

63 Commits

Author SHA1 Message Date
jmc@openbsd.org
78de1673c0 upstream commit
ssh-askpass(1) is the default, overridden by SSH_ASKPASS;
 diff originally from jiri b;
2015-04-01 10:00:27 +11:00
djm@openbsd.org
56d1c83cdd upstream commit
Add FingerprintHash option to control algorithm used for
 key fingerprints. Default changes from MD5 to SHA256 and format from hex to
 base64.

Feedback and ok naddy@ markus@
2014-12-22 09:32:29 +11:00
sobrado@openbsd.org
f70b22bcdd upstream commit
improve capitalization for the Ed25519 public-key
 signature system.

ok djm@
2014-10-13 11:37:32 +11:00
Damien Miller
8ba0ead698 - naddy@cvs.openbsd.org 2013/12/07 11:58:46
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
     [ssh_config.5 sshd.8 sshd_config.5]
     add missing mentions of ed25519; ok djm@
2013-12-18 17:46:27 +11:00
Darren Tucker
f9333d5246 - jmc@cvs.openbsd.org 2012/12/03 08:33:03
[ssh-add.1 sshd_config.5]
     tweak previous;
2012-12-07 13:06:13 +11:00
Damien Miller
33a813613a - djm@cvs.openbsd.org 2012/12/02 20:42:15
[ssh-add.1 ssh-add.c]
     make deleting explicit keys "ssh-add -d" symmetric with adding keys -
     try to delete the corresponding certificate too and respect the -k option
     to allow deleting of the key only; feedback and ok markus@
2012-12-03 09:50:24 +11:00
Damien Miller
8f4279e4ab - djm@cvs.openbsd.org 2011/10/18 05:00:48
[ssh-add.1 ssh-add.c]
     new "ssh-add -k" option to load plain keys (skipping certificates);
     "looks ok" markus@
2011-10-18 16:06:33 +11:00
Damien Miller
55fa56505b - jmc@cvs.openbsd.org 2010/10/28 18:33:28
[scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     knock out some "-*- nroff -*-" lines;
2010-11-05 10:20:14 +11:00
Damien Miller
daa7b2254f - jmc@cvs.openbsd.org 2010/09/04 09:38:34
[ssh-add.1 ssh.1]
     two more EXIT STATUS sections;
2010-09-10 11:19:33 +10:00
Damien Miller
eb8b60e320 - djm@cvs.openbsd.org 2010/08/31 11:54:45
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
     [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
     [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
     [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
     [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
     [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
     [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
     Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
     host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
     better performance than plain DH and DSA at the same equivalent symmetric
     key length, as well as much shorter keys.

     Only the mandatory sections of RFC5656 are implemented, specifically the
     three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
     ECDSA. Point compression (optional in RFC5656 is NOT implemented).

     Certificate host and user keys using the new ECDSA key types are supported.

     Note that this code has not been tested for interoperability and may be
     subject to change.

     feedback and ok markus@
2010-08-31 22:41:14 +10:00
Damien Miller
5059d8d7e6 - djm@cvs.openbsd.org 2010/03/05 10:28:21
[ssh-add.1 ssh.1 ssh_config.5]
     mention loading of certificate files from [private]-cert.pub when
     they are present; feedback and ok jmc@
2010-03-05 21:31:11 +11:00
Damien Miller
a761844455 - markus@cvs.openbsd.org 2010/02/10 23:20:38
[ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
     pkcs#11 is no longer optional; improve wording; ok jmc@
2010-02-12 09:26:02 +11:00
Damien Miller
048dc93617 - jmc@cvs.openbsd.org 2010/02/08 22:03:05
[ssh-add.1 ssh-keygen.1 ssh.1 ssh.c]
     tweak previous; ok markus
2010-02-12 09:22:04 +11:00
Damien Miller
7ea845e48d - markus@cvs.openbsd.org 2010/02/08 10:50:20
[pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
     [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
     replace our obsolete smartcard code with PKCS#11.
        ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
     ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
     provider (shared library) while ssh-agent(1) delegates PKCS#11 to
     a forked a ssh-pkcs11-helper process.
     PKCS#11 is currently a compile time option.
     feedback and ok djm@; inspired by patches from Alon Bar-Lev
`
2010-02-12 09:21:02 +11:00
Darren Tucker
98c9aec30e - sobrado@cvs.openbsd.org 2009/10/22 15:02:12
[ssh-agent.1 ssh-add.1 ssh.1]
     write UNIX-domain in a more consistent way; while here, replace a
     few remaining ".Tn UNIX" macros with ".Ux" ones.
     pointed out by ratchov@, thanks!
     ok jmc@
2009-10-24 11:42:44 +11:00
Darren Tucker
ae69e1d010 - sobrado@cvs.openbsd.org 2009/10/22 12:35:53
[ssh.1 ssh-agent.1 ssh-add.1]
     use the UNIX-related macros (.At and .Ux) where appropriate.
     ok jmc@
2009-10-24 11:41:34 +11:00
Darren Tucker
930cb0b718 - jmc@cvs.openbsd.org 2007/06/12 13:41:03
[ssh-add.1]
     identies -> identities;
2007-06-13 00:00:27 +10:00
Darren Tucker
29a5707acc - djm@cvs.openbsd.org 2007/06/12 07:41:00
[ssh-add.1]
     better document ssh-add's -d option (delete identies from agent), bz#1224
     new text based on some provided by andrewmc-debian AT celt.dias.ie;
     ok dtucker@
2007-06-12 23:39:52 +10:00
Darren Tucker
aa4d5eda10 - jmc@cvs.openbsd.org 2007/05/31 19:20:16
[scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1
     ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8]
     convert to new .Dd format;
     (We will need to teach mdoc2man.awk to understand this too.)
2007-06-05 18:27:13 +10:00
Damien Miller
167ea5d026 - djm@cvs.openbsd.org 2005/04/21 06:17:50
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
     [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
     variable, so don't say that we do (bz #623); ok deraadt@
2005-05-26 12:04:02 +10:00
Damien Miller
792c01749a - jmc@cvs.openbsd.org 2005/03/01 17:32:19
[ssh-add.1]
     sort options;
2005-03-02 12:04:50 +11:00
Darren Tucker
4e4fe0052c - jmc@cvs.openbsd.org 2004/08/30 21:22:49
[ssh-add.1 ssh.1]
     .Xsession -> .xsession;
     originally from a pr from f at obiit dot org, but missed by myself;
     ok markus@ matthieu@
2004-11-05 20:01:03 +11:00
Darren Tucker
4c56843e44 - matthieu@cvs.openbsd.org 2003/11/25 23:10:08
[ssh-add.1]
     ssh-add doesn't need to be a descendant of ssh-agent. Ok markus@, jmc@.
2003-12-09 19:01:51 +11:00
Damien Miller
f1ce505daf - jmc@cvs.openbsd.org 2003/06/10 09:12:11
[scp.1 sftp-server.8 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5]
     [sshd.8 sshd_config.5 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
     - section reorder
     - COMPATIBILITY merge
     - macro cleanup
     - kill whitespace at EOL
     - new sentence, new line
     ssh pages ok markus@
2003-06-11 22:04:39 +10:00
Damien Miller
495dca3518 - (djm) OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2003/03/28 10:11:43
     [scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5]
     [ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
     - killed whitespace
     - new sentence new line
     - .Bk for arguments
     ok markus@
2003-04-01 21:42:14 +10:00
Damien Miller
7b406276c4 - markus@cvs.openbsd.org 2003/02/10 11:51:47
[ssh-add.1]
     xref sshd_config.5 (not sshd.8); mark@summersault.com; bug #490
2003-02-24 12:00:16 +11:00
Damien Miller
6c71179f68 - markus@cvs.openbsd.org 2003/01/23 13:50:27
[authfd.c authfd.h readpass.c ssh-add.1 ssh-add.c ssh-agent.c]
     ssh-add -c, prompt user for confirmation (using ssh-askpass) when
     private agent key is used; with djm@; test by dugsong@, djm@;
     ok deraadt@
2003-01-24 11:36:23 +11:00
Ben Lindstrom
cb72e4f6d2 - deraadt@cvs.openbsd.org 2002/06/19 00:27:55
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
      authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
      ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
      ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
      xmalloc.h]
     KNF done automatically while reading....
2002-06-21 00:41:51 +00:00
Ben Lindstrom
1775c9c97a - stevesk@cvs.openbsd.org 2002/06/10 17:36:23
[ssh-add.1 ssh-add.c]
     use convtime() to parse and validate key lifetime.  can now
     use '-t 2h' etc.  ok markus@ provos@
2002-06-11 15:51:54 +00:00
Ben Lindstrom
61d328acf9 - markus@cvs.openbsd.org 2002/06/05 21:55:44
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
     ssh-add -t life,  Set lifetime (in seconds) when adding identities;
     ok provos@
2002-06-06 21:54:57 +00:00
Ben Lindstrom
2f71704b42 - markus@cvs.openbsd.org 2002/06/05 19:57:12
[authfd.c authfd.h ssh-add.1 ssh-add.c ssh-agent.c]
     ssh-add -x for lock and -X for unlocking the agent.
     todo: encrypt private keys with locked...
2002-06-06 21:52:03 +00:00
Ben Lindstrom
b7788f3ebe - markus@cvs.openbsd.org 2002/06/05 16:08:07
[ssh-agent.1 ssh-agent.c]
     '-a bind_address' binds the agent to user-specified unix-domain
     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
2002-06-06 21:46:08 +00:00
Damien Miller
ab57f35114 - stevesk@cvs.openbsd.org 2002/02/04 20:41:16
[ssh-add.1]
     more sync for default ssh-add identities; ok markus@
2002-02-05 12:26:58 +11:00
Damien Miller
c313be2756 - markus@cvs.openbsd.org 2002/01/29 16:41:19
[ssh-add.1]
     add DIAGNOSTICS; ok stevesk@
2002-02-05 12:14:41 +11:00
Damien Miller
6e1057c2d7 - djm@cvs.openbsd.org 2001/12/21 10:06:43
[ssh-add.1 ssh-add.c]
     Try all standard key files (id_rsa, id_dsa, identity) when invoked with
     no arguments; ok markus@
2002-01-22 23:05:59 +11:00
Ben Lindstrom
8d066fb262 - stevesk@cvs.openbsd.org 2001/08/23 18:08:59
[ssh-add.1 ssh-keyscan.1]
     minor cleanup
2001-09-12 17:06:13 +00:00
Ben Lindstrom
e690121f0d - jakob@cvs.openbsd.org 2001/08/03 10:31:19
[ssh-add.1]
     document smartcard options. ok markus@
2001-08-06 22:03:08 +00:00
Ben Lindstrom
aafff9cc76 - stevesk@cvs.openbsd.org 2001/05/05 13:42:52
[sftp.1 ssh-add.1 ssh-keygen.1]
     typos, grammar
2001-05-06 03:01:02 +00:00
Ben Lindstrom
18a82ac029 - itojun@cvs.openbsd.org 2001/04/10 09:13:22
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
     document id_rsa{.pub,}.  markus ok
2001-04-11 15:59:35 +00:00
Ben Lindstrom
12de61680e - markus@cvs.openbsd.org 2001/04/09 15:19:49
[ssh-add.1]
     ssh-add retries the last passphrase...
2001-04-10 02:46:54 +00:00
Ben Lindstrom
92a2e38f8e - deraadt@cvs.openbsd.org 2001/03/02 18:54:31
[atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
      scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
      ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
     make copyright lines the same format
2001-03-05 06:59:27 +00:00
Ben Lindstrom
e5b3fb351e - (bal) A bit more whitespace cleanup 2001-02-10 23:56:35 +00:00
Ben Lindstrom
be80af7c17 Synced w/ OpenBSD 2001-02-10 23:06:02 +00:00
Ben Lindstrom
035782e712 - markus@cvs.openbsd.org 2001/01/28 10:24:04
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1]
     cleanup AUTHORS sections
2001-01-29 08:34:16 +00:00
Ben Lindstrom
36579d3daa - niklas@cvs.openbsd.org 2001/01/2001
[atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h
      groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h
      key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h
      radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1
      ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config
      sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h]
     $OpenBSD$
2001-01-29 07:39:26 +00:00
Damien Miller
0bc1bd814e - (djm) Merge OpenBSD changes:
- markus@cvs.openbsd.org  2000/11/06 16:04:56
     [channels.c channels.h clientloop.c nchan.c serverloop.c]
     [session.c ssh.c]
     agent forwarding and -R for ssh2, based on work from
     jhuuskon@messi.uku.fi
   - markus@cvs.openbsd.org  2000/11/06 16:13:27
     [ssh.c sshconnect.c sshd.c]
     do not disabled rhosts(rsa) if server port > 1024; from
     pekkas@netcore.fi
   - markus@cvs.openbsd.org  2000/11/06 16:16:35
     [sshconnect.c]
     downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
   - markus@cvs.openbsd.org  2000/11/09 18:04:40
     [auth1.c]
     typo; from mouring@pconline.com
   - markus@cvs.openbsd.org  2000/11/12 12:03:28
     [ssh-agent.c]
     off-by-one when removing a key from the agent
   - markus@cvs.openbsd.org  2000/11/12 12:50:39
     [auth-rh-rsa.c auth2.c authfd.c authfd.h]
     [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
     [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
     [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
     [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
     [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
     add support for RSA to SSH2.  please test.
     there are now 3 types of keys: RSA1 is used by ssh-1 only,
     RSA and DSA are used by SSH2.
     you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
     keys for SSH2 and use the RSA keys for hostkeys or for user keys.
     SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
 - (djm) Fix up Makefile and Redhat init script to create RSA host keys
 - (djm) Change to interim version
2000-11-13 22:57:25 +11:00
Damien Miller
e4340be5b3 - (djm) Merge OpenBSD changes:
- markus@cvs.openbsd.org  2000/09/05 02:59:57
     [session.c]
     print hostname (not hushlogin)
   - markus@cvs.openbsd.org  2000/09/05 13:18:48
     [authfile.c ssh-add.c]
     enable ssh-add -d for DSA keys
   - markus@cvs.openbsd.org  2000/09/05 13:20:49
     [sftp-server.c]
     cleanup
   - markus@cvs.openbsd.org  2000/09/06 03:46:41
     [authfile.h]
     prototype
   - deraadt@cvs.openbsd.org 2000/09/07 14:27:56
     [ALL]
     cleanup copyright notices on all files.  I have attempted to be
     accurate with the details.  everything is now under Tatu's licence
     (which I copied from his readme), and/or the core-sdi bsd-ish thing
     for deattack, or various openbsd developers under a 2-term bsd
     licence.  We're not changing any rules, just being accurate.
   - markus@cvs.openbsd.org  2000/09/07 14:40:30
     [channels.c channels.h clientloop.c serverloop.c ssh.c]
     cleanup window and packet sizes for ssh2 flow control; ok niels
   - markus@cvs.openbsd.org  2000/09/07 14:53:00
     [scp.c]
     typo
   - markus@cvs.openbsd.org  2000/09/07 15:13:37
     [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
     [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
     [pty.c readconf.c]
     some more Copyright fixes
   - markus@cvs.openbsd.org  2000/09/08 03:02:51
     [README.openssh2]
     bye bye
   - deraadt@cvs.openbsd.org 2000/09/11 18:38:33
     [LICENCE cipher.c]
     a few more comments about it being ARC4 not RC4
   - markus@cvs.openbsd.org  2000/09/12 14:53:11
     [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
     multiple debug levels
   - markus@cvs.openbsd.org  2000/09/14 14:25:15
     [clientloop.c]
     typo
   - deraadt@cvs.openbsd.org 2000/09/15 01:13:51
     [ssh-agent.c]
     check return value for setenv(3) for failure, and deal appropriately
2000-09-16 13:29:08 +11:00
Damien Miller
7b28dc5eb0 20000905
- (djm) Import OpenBSD CVS changes
   - markus@cvs.openbsd.org  2000/08/31 15:52:24
     [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c]
     implement a SFTP server. interops with sftp2, scp2 and the windows
     client from ssh.com
   - markus@cvs.openbsd.org  2000/08/31 15:56:03
     [README.openssh2]
     sync
   - markus@cvs.openbsd.org  2000/08/31 16:05:42
     [session.c]
     Wall
   - markus@cvs.openbsd.org  2000/08/31 16:09:34
     [authfd.c ssh-agent.c]
     add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions
   - deraadt@cvs.openbsd.org 2000/09/01 09:25:13
     [scp.1 scp.c]
     cleanup and fix -S support; stevesk@sweden.hp.com
   - markus@cvs.openbsd.org  2000/09/01 16:29:32
     [sftp-server.c]
     portability fixes
   - markus@cvs.openbsd.org  2000/09/01 16:32:41
     [sftp-server.c]
     fix cast; mouring@pconline.com
   - itojun@cvs.openbsd.org  2000/09/03 09:23:28
     [ssh-add.1 ssh.1]
     add missing .El against .Bl.
   - markus@cvs.openbsd.org  2000/09/04 13:03:41
     [session.c]
     missing close; ok theo
   - markus@cvs.openbsd.org  2000/09/04 13:07:21
     [session.c]
     fix get_last_login_time order; from andre@van-veen.de
   - markus@cvs.openbsd.org  2000/09/04 13:10:09
     [sftp-server.c]
     more cast fixes; from mouring@pconline.com
   - markus@cvs.openbsd.org  2000/09/04 13:06:04
     [session.c]
     set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
 - (djm) Cleanup after import. Fix sftp-server compilation, Makefile
2000-09-05 13:34:53 +11:00
Damien Miller
caf6dd6d21 - More OpenBSD updates:
- deraadt@cvs.openbsd.org 2000/08/24 15:46:59
     [scp.c]
     off_t in sink, to fix files > 2GB, i think, test is still running ;-)
   - deraadt@cvs.openbsd.org 2000/08/25 10:10:06
     [session.c]
     Wall
   - markus@cvs.openbsd.org  2000/08/26 04:33:43
     [compat.c]
     ssh.com-2.3.0
   - markus@cvs.openbsd.org  2000/08/27 12:18:05
     [compat.c]
     compatibility with future ssh.com versions
   - deraadt@cvs.openbsd.org 2000/08/27 21:50:55
     [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c]
     print uid/gid as unsigned
   - markus@cvs.openbsd.org  2000/08/28 13:51:00
     [ssh.c]
     enable -n and -f for ssh2
   - markus@cvs.openbsd.org  2000/08/28 14:19:53
     [ssh.c]
     allow combination of -N and -f
   - markus@cvs.openbsd.org  2000/08/28 14:20:56
     [util.c]
     util.c
   - markus@cvs.openbsd.org  2000/08/28 14:22:02
     [util.c]
     undo
   - markus@cvs.openbsd.org  2000/08/28 14:23:38
     [util.c]
     don't complain if setting NONBLOCK fails with ENODEV
2000-08-29 11:33:50 +11:00
Damien Miller
ad833b3e65 - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers
- (djm) OpenBSD CVS updates:
   - deraadt@cvs.openbsd.org 2000/08/18 20:07:23
     [ssh.c]
     accept remsh as a valid name as well; roman@buildpoint.com
   - deraadt@cvs.openbsd.org 2000/08/18 20:17:13
     [deattack.c crc32.c packet.c]
     rename crc32() to ssh_crc32() to avoid zlib name clash.  do not move to
     libz crc32 function yet, because it has ugly "long"'s in it;
     oneill@cs.sfu.ca
   - deraadt@cvs.openbsd.org 2000/08/18 20:26:08
     [scp.1 scp.c]
     -S prog support; tv@debian.org
   - deraadt@cvs.openbsd.org 2000/08/18 20:50:07
     [scp.c]
     knf
   - deraadt@cvs.openbsd.org 2000/08/18 20:57:33
     [log-client.c]
     shorten
   - markus@cvs.openbsd.org  2000/08/19 12:48:11
     [channels.c channels.h clientloop.c ssh.c ssh.h]
     support for ~. in ssh2
   - deraadt@cvs.openbsd.org 2000/08/19 15:29:40
     [crc32.h]
     proper prototype
   - markus@cvs.openbsd.org  2000/08/19 15:34:44
     [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1]
     [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile]
     [fingerprint.c fingerprint.h]
     add SSH2/DSA support to the agent and some other DSA related cleanups.
     (note that we cannot talk to ssh.com's ssh2 agents)
   - markus@cvs.openbsd.org  2000/08/19 15:55:52
     [channels.c channels.h clientloop.c]
     more ~ support for ssh2
   - markus@cvs.openbsd.org  2000/08/19 16:21:19
     [clientloop.c]
     oops
   - millert@cvs.openbsd.org 2000/08/20 12:25:53
     [session.c]
     We have to stash the result of get_remote_name_or_ip() before we
     close our socket or getpeername() will get EBADF and the process
     will exit.  Only a problem for "UseLogin yes".
   - millert@cvs.openbsd.org 2000/08/20 12:30:59
     [session.c]
     Only check /etc/nologin if "UseLogin no" since login(1) may have its
     own policy on determining who is allowed to login when /etc/nologin
     is present.  Also use the _PATH_NOLOGIN define.
   - millert@cvs.openbsd.org 2000/08/20 12:42:43
     [auth1.c auth2.c session.c ssh.c]
     Add calls to setusercontext() and login_get*().  We basically call
     setusercontext() in most places where previously we did a setlogin().
     Add default login.conf file and put root in the "daemon" login class.
   - millert@cvs.openbsd.org 2000/08/21 10:23:31
     [session.c]
     Fix incorrect PATH setting; noted by Markus.
2000-08-23 10:46:23 +10:00