Commit Graph

184 Commits

Author SHA1 Message Date
Damien Miller
81dec0589a - sthen@cvs.openbsd.org 2008/07/13 21:22:52
[ssh-keygen.c]
     Change "ssh-keygen -F [host] -l" to not display random art unless
     -v is also specified, making it consistent with the manual and other
     uses of -l.
     ok grunk@
2008-07-14 11:28:29 +10:00
Darren Tucker
b68fb4ad21 - grunk@cvs.openbsd.org 2008/06/12 21:14:46
[ssh-keygen.c]
     make ssh-keygen -lf show the key type just as ssh-add -l would do it
     ok djm@ markus@
2008-06-13 08:57:27 +10:00
Darren Tucker
35c45535ea - grunk@cvs.openbsd.org 2008/06/11 22:20:46
[ssh-keygen.c ssh-keygen.1]
     ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
     that is not how it was envisioned.
     Also correct manpage saying that -v is needed along with -l for it to work.
     spotted by naddy@
2008-06-13 04:43:15 +10:00
Darren Tucker
a376a32e8e - grunk@cvs.openbsd.org 2008/06/11 21:38:25
[ssh-keygen.c]
     ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
     would not display you the random art as intended, spotted by canacar@
2008-06-13 04:42:14 +10:00
Darren Tucker
9c16ac9263 - grunk@cvs.openbsd.org 2008/06/11 21:01:35
[ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
      sshconnect.c]
     Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
     graphical hash visualization schemes known as "random art", and by
     Dan Kaminsky's musings on the subject during a BlackOp talk at the
     23C3 in Berlin.
     Scientific publication (original paper):
     "Hash Visualization: a New Technique to improve Real-World Security",
     Perrig A. and Song D., 1999, International Workshop on Cryptographic
     Techniques and E-Commerce (CrypTEC '99)
     http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
     The algorithm used here is a worm crawling over a discrete plane,
     leaving a trace (augmenting the field) everywhere it goes.
     Movement is taken from dgst_raw 2bit-wise.  Bumping into walls
     makes the respective movement vector be ignored for this turn,
     thus switching to the other color of the chessboard.
     Graphs are not unambiguous for now, because circles in graphs can be
     walked in either direction.
     discussions with several people,
     help, corrections and ok markus@ djm@
2008-06-13 04:40:35 +10:00
Darren Tucker
0f7e910604 - djm@cvs.openbsd.org 2008/05/19 15:46:31
[ssh-keygen.c]
     support -l (print fingerprint) in combination with -F (find host) to
     search for a host in ~/.ssh/known_hosts and display its fingerprint;
     ok markus@
2008-06-08 12:54:29 +10:00
Darren Tucker
bfaaf960a0 - (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
   header to after OpenSSL headers, since some versions of OpenSSL have
   SSLeay_add_all_algorithms as a macro already.
2008-02-28 19:13:52 +11:00
Damien Miller
cb2fbb2407 - djm@cvs.openbsd.org 2008/01/19 22:37:19
[ssh-keygen.c]
     unbreak line numbering (broken in revision 1.164), fix error message
2008-02-10 22:24:55 +11:00
Damien Miller
a8796f3fcc - djm@cvs.openbsd.org 2008/01/19 22:22:58
[ssh-keygen.c]
     when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
     hash just the specified hostname and not the entire hostspec from the
     keyfile. It may be of the form "hostname,ipaddr", which would lead to
     a hash that never matches. report and fix from jp AT devnull.cz
2008-02-10 22:24:30 +11:00
Damien Miller
0f4ed693d6 - chl@cvs.openbsd.org 2007/10/02 17:49:58
[ssh-keygen.c]
     handles zero-sized strings that fgets can return
2007-10-26 14:26:32 +10:00
Damien Miller
14b017d6f2 - gilles@cvs.openbsd.org 2007/09/11 15:47:17
[session.c ssh-keygen.c sshlogin.c]
     use strcspn to properly overwrite '\n' in fgets returned buffer
     ok pyr@, ray@, millert@, moritz@, chl@
2007-09-17 16:09:15 +10:00
Damien Miller
5cbe7ca18d - sobrado@cvs.openbsd.org 2007/09/09 11:38:01
[ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c]
     sort synopsis and options in ssh-agent(1); usage is lowercase
     ok jmc@
2007-09-17 16:05:50 +10:00
Darren Tucker
82a3d2bc6f - stevesk@cvs.openbsd.org 2007/01/21 01:41:54
[auth-skey.c kex.c ssh-keygen.c session.c clientloop.c]
     spaces
2007-02-19 22:10:25 +11:00
Darren Tucker
26dc3e656a - jmc@cvs.openbsd.org 2007/01/12 20:20:41
[ssh-keygen.1 ssh-keygen.c]
     more secsh -> rfc 4716 updates;
     spotted by wiz@netbsd
     ok markus
2007-02-19 22:09:06 +11:00
Darren Tucker
9ac56e945b - (dtucker) [ssh-keygen.c] ac -> argv to match earlier sync. 2007-01-14 10:19:59 +11:00
Damien Miller
80163907ed - stevesk@cvs.openbsd.org 2007/01/03 03:01:40
[auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c]
     spaces
2007-01-05 16:30:16 +11:00
Damien Miller
6c7439f963 - stevesk@cvs.openbsd.org 2007/01/03 00:53:38
[ssh-keygen.c]
     remove small dead code; arnaud.lacombe.1@ulaval.ca via Coverity scan
2007-01-05 16:29:55 +11:00
Damien Miller
df8b7db16e - (djm) OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2006/11/14 19:41:04
     [ssh-keygen.c]
     use argc and argv not some made up short form
2007-01-05 16:22:57 +11:00
Darren Tucker
0bc85579a9 - markus@cvs.openbsd.org 2006/11/06 21:25:28
[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
     ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
     add missing checks for openssl return codes; with & ok djm@
2006-11-07 23:14:41 +11:00
Damien Miller
ded319cca2 - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
   [auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
   [cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
   [dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
   [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
   [md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
   [scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
   [ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
   [sshconnect1.c sshconnect2.c sshd.c rc4.diff]
   [openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
   [openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
   [openbsd-compat/port-uw.c]
   Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
   compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
Damien Miller
d783435315 - deraadt@cvs.openbsd.org 2006/08/03 03:34:42
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
     almost entirely get rid of the culture of ".h files that include .h files"
     ok djm, sort of ok stevesk
     makes the pain stop in one easy step
     NB. portable commit contains everything *except* removing includes.h, as
     that will take a fair bit more work as we move headers that are required
     for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
Damien Miller
a7a73ee35d - stevesk@cvs.openbsd.org 2006/08/01 23:22:48
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
     [uuencode.h xmalloc.c]
     move #include <stdio.h> out of includes.h
2006-08-05 11:37:59 +10:00
Damien Miller
e7a1e5cf63 - stevesk@cvs.openbsd.org 2006/07/26 13:57:17
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
     [sshconnect1.c sshd.c xmalloc.c]
     move #include <stdlib.h> out of includes.h
2006-08-05 11:34:19 +10:00
Damien Miller
8dbffe7904 - stevesk@cvs.openbsd.org 2006/07/26 02:35:17
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
     [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
     [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
     [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
     [uidswap.c xmalloc.c]
     move #include <sys/param.h> out of includes.h
2006-08-05 11:02:17 +10:00
Damien Miller
b8fe89c4d9 - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]
[canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
   [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
   [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
   [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
   [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
   [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
   [openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
   [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
   make the portable tree compile again - sprinkle unistd.h and string.h
   back in. Don't redefine __unused, as it turned out to be used in
   headers on Linux, and replace its use in auth-pam.c with ARGSUSED
2006-07-24 14:51:00 +10:00
Damien Miller
e3476ed03b - stevesk@cvs.openbsd.org 2006/07/22 20:48:23
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
     move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
Damien Miller
e6b3b610ec - stevesk@cvs.openbsd.org 2006/07/17 01:31:10
[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
     [includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
     [readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
     [sshconnect.c sshlogin.c sshpty.c uidswap.c]
     move #include <unistd.h> out of includes.h
2006-07-24 14:01:23 +10:00
Damien Miller
be43ebf975 - stevesk@cvs.openbsd.org 2006/07/12 22:28:52
[auth-options.c canohost.c channels.c includes.h readconf.c servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c]
     move #include <netdb.h> out of includes.h; ok djm@
2006-07-24 13:51:51 +10:00
Darren Tucker
3997249346 - stevesk@cvs.openbsd.org 2006/07/11 20:07:25
[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
     sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
     includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
     sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
     ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
     move #include <errno.h> out of includes.h; ok markus@
2006-07-12 22:22:46 +10:00
Darren Tucker
2ee50c5cce - (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c
openbsd-compat/daemon.c] Add includes needed by open(2).  Conditionally
   include paths.h.  Fixes build error on Solaris.
2006-07-11 18:55:05 +10:00
Damien Miller
57cf638577 - stevesk@cvs.openbsd.org 2006/07/09 15:15:11
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
     [readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
     [sshlogin.c sshpty.c]
     move #include <fcntl.h> out of includes.h
2006-07-10 21:13:46 +10:00
Damien Miller
e3b60b524e - stevesk@cvs.openbsd.org 2006/07/08 21:47:12
[authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
     [monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
     [ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
     move #include <sys/socket.h> out of includes.h
2006-07-10 21:08:03 +10:00
Damien Miller
69996104fe - stevesk@cvs.openbsd.org 2006/07/06 16:22:39
[ssh-keygen.c]
     move #include "dns.h" up
2006-07-10 20:53:31 +10:00
Damien Miller
9f2abc47eb - stevesk@cvs.openbsd.org 2006/07/06 16:03:53
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
     [auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
     [auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
     [monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
     [session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
     [ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
     [uidswap.h]
     move #include <pwd.h> out of includes.h; ok markus@
2006-07-10 20:53:08 +10:00
Damien Miller
40b5985fe0 - markus@cvs.openbsd.org 2006/05/17 12:43:34
[scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
     fix leak; coverity via Kylene Jo Hall
2006-06-13 13:00:25 +10:00
Damien Miller
e23209f434 - dtucker@cvs.openbsd.org 2006/03/30 11:05:17
[ssh-keygen.c]
     Correctly handle truncated files while converting keys; ok djm@
2006-03-31 23:13:35 +11:00
Damien Miller
5f340065fc - deraadt@cvs.openbsd.org 2006/03/25 18:40:14
[ssh-keygen.c]
     cast strtonum() result to right type
2006-03-26 14:27:57 +11:00
Damien Miller
57c30117c1 - djm@cvs.openbsd.org 2006/03/25 13:17:03
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
     [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
     [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
     [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
     [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
     [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
     [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
     [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
     [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
     [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c]
     Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
     Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
Damien Miller
9096740f6c - deraadt@cvs.openbsd.org 2006/03/20 18:26:55
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
     [ssh-rsa.c ssh.c sshlogin.c]
     annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
Damien Miller
cb314828eb - OpenBSD CVS Sync
- jakob@cvs.openbsd.org 2006/03/15 08:46:44
     [ssh-keygen.c]
     if no key file are given when printing the DNS host record, use the
     host key file(s) as default. ok djm@
2006-03-26 13:48:01 +11:00
Damien Miller
b0fb6872ed - deraadt@cvs.openbsd.org 2006/03/19 18:51:18
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
     [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
     [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
     [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
     [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
     [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
     [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
     [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
     [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
     [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
     [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
     [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
     [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
     [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
     [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
     [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
     [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
     [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
     [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
     [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
     [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
     RCSID() can die
2006-03-26 00:03:21 +11:00
Damien Miller
8056a9d46a - dtucker@cvs.openbsd.org 2006/03/13 08:43:16
[ssh-keygen.c]
     Make ssh-keygen handle CR and CRLF line termination when converting IETF
     format keys, in adition to vanilla LF.  mindrot #1157, tested by Chris
     Pepper, ok djm@
2006-03-15 12:05:40 +11:00
Damien Miller
f17883e6a0 - stevesk@cvs.openbsd.org 2006/02/20 17:02:44
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
     [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
     move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
Darren Tucker
3af2ac56a2 - dtucker@cvs.openbsd.org 2005/11/29 02:04:55
[ssh-keygen.c]
     Populate default key sizes before checking them; from & ok tim@
2005-11-29 13:10:24 +11:00
Tim Rice
660c3405f9 - (tim) [ssh-keygen.c] Move DSA length test after setting default when
bits == 0.
2005-11-28 17:45:32 -08:00
Darren Tucker
9f647335d2 [ssh-keygen.1 ssh-keygen.c]
Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2,
     increase minumum RSA key size to 768 bits and update man page to reflect
     these.  Patch originally bz#1119 (senthilkumar_sen at hotpop.com),
     ok djm@, grudging ok deraadt@.
2005-11-28 16:41:46 +11:00
Damien Miller
f14be5ce03 - djm@cvs.openbsd.org 2005/10/31 11:12:49
[ssh-keygen.1 ssh-keygen.c]
     generate a protocol 2 RSA key by default
2005-11-05 15:15:49 +11:00
Damien Miller
788f212aed - djm@cvs.openbsd.org 2005/10/30 08:52:18
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
     [ssh.c sshconnect.c sshconnect1.c sshd.c]
     no need to escape single quotes in comments, no binary change
2005-11-05 15:14:59 +11:00
Damien Miller
15d72a00a3 - stevesk@cvs.openbsd.org 2005/10/14 02:17:59
[ssh-keygen.c ssh.c sshconnect2.c]
     no trailing "\n" for log functions; ok djm@
2005-11-05 15:07:33 +11:00
Damien Miller
3f54a9f5b7 - (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2005/10/07 11:13:57
     [ssh-keygen.c]
     change DSA default back to 1024, as it's defined for 1024 bits only
     and this causes interop problems with other clients.  moreover,
     in order to improve the security of DSA you need to change more
     components of DSA key generation (e.g. the internal SHA1 hash);
     ok deraadt
2005-11-05 14:52:18 +11:00