1
0
mirror of git://anongit.mindrot.org/openssh.git synced 2024-12-29 21:52:06 +00:00
Commit Graph

221 Commits

Author SHA1 Message Date
sobrado@openbsd.org
bdcb73fb76 upstream commit
UsePrivilegeSeparation defaults to sandbox now.

ok djm@

Upstream-ID: bff136c38bcae89df82e044d2f42de21e1ad914f
2015-10-08 04:01:05 +11:00
djm@openbsd.org
2bca8a43e7 upstream commit
more clarity on what AuthorizedKeysFile=none does; based
 on diff by Thiebaud Weksteen

Upstream-ID: 78ab87f069080f0cc3bc353bb04eddd9e8ad3704
2015-09-11 13:28:01 +10:00
jmc@openbsd.org
1f8d3d629c upstream commit
match myproposal.h order; from brian conway (i snuck in a
 tweak while here)

ok dtucker

Upstream-ID: 35174a19b5237ea36aa3798f042bf5933b772c67
2015-08-19 10:47:16 +10:00
deraadt@openbsd.org
1dc8d93ce6 upstream commit
add prohibit-password as a synonymn for without-password,
 since the without-password is causing too many questions.  Harden it to ban
 all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from
 djm, ok markus

Upstream-ID: d53317d7b28942153e6236d3fd6e12ceb482db7a
2015-08-11 18:57:29 +10:00
deraadt@openbsd.org
f4373ed1e8 upstream commit
change default: PermitRootLogin without-password matching
 install script changes coming as well ok djm markus

Upstream-ID: 0e2a6c4441daf5498b47a61767382bead5eb8ea6
2015-08-02 19:59:25 +10:00
djm@openbsd.org
f9eca249d4 upstream commit
Allow ssh_config and sshd_config kex parameters options be
 prefixed by a '+' to indicate that the specified items be appended to the
 default rather than replacing it.

approach suggested by dtucker@, feedback dlg@, ok markus@

Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a
2015-07-30 12:32:16 +10:00
djm@openbsd.org
c63c9a691d upstream commit
mention that the default of UseDNS=no implies that
 hostnames cannot be used for host matching in sshd_config and
 authorized_keys; bz#2045, ok dtucker@

Upstream-ID: 0812705d5f2dfa59aab01f2764ee800b1741c4e1
2015-07-20 10:32:25 +10:00
markus@openbsd.org
3a1638dda1 upstream commit
Turn off DSA by default; add HostKeyAlgorithms to the
 server and PubkeyAcceptedKeyTypes to the client side, so it still can be
 tested or turned back on; feedback and ok djm@

Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21
2015-07-15 15:38:02 +10:00
djm@openbsd.org
933935ce8d upstream commit
refuse to generate or accept RSA keys smaller than 1024
 bits; feedback and ok dtucker@

Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba
2015-07-15 15:36:02 +10:00
djm@openbsd.org
732d61f417 upstream commit
typo: accidental repetition; bz#2386

Upstream-ID: 45e620d99f6bc301e5949d34a54027374991c88b
2015-06-05 15:18:02 +10:00
djm@openbsd.org
d7c31da4d4 upstream commit
add knob to relax GSSAPI host credential check for
 multihomed hosts bz#928, patch by Simon Wilkinson; ok dtucker
 (kerberos/GSSAPI is not compiled by default on OpenBSD)

Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d
2015-05-22 20:02:17 +10:00
djm@openbsd.org
bcc50d8161 upstream commit
add AuthorizedPrincipalsCommand that allows getting
 authorized_principals from a subprocess rather than a file, which is quite
 useful in deployments with large userbases

feedback and ok markus@

Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
2015-05-21 16:45:46 +10:00
djm@openbsd.org
24232a3e5a upstream commit
support arguments to AuthorizedKeysCommand

bz#2081 loosely based on patch by Sami Hartikainen
feedback and ok markus@

Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7
2015-05-21 16:44:56 +10:00
dtucker@openbsd.org
531a57a389 upstream commit
Allow ListenAddress, Port and AddressFamily in any
 order.  bz#68, ok djm@, jmc@ (for the man page bit).
2015-04-29 18:20:32 +10:00
jmc@openbsd.org
c1d5bcf1aa upstream commit
enviroment -> environment: apologies to darren for not
 spotting that first time round...
2015-04-29 18:20:14 +10:00
dtucker@openbsd.org
43beea053d upstream commit
Fix typo in previous
2015-04-29 18:20:13 +10:00
dtucker@openbsd.org
85b96ef413 upstream commit
Document that the TERM environment variable is not
 subject to SendEnv and AcceptEnv.  bz#2386, based loosely on a patch from
 jjelen at redhat, help and ok jmc@
2015-04-29 18:20:13 +10:00
djm@openbsd.org
88a7c598a9 upstream commit
Make sshd default to PermitRootLogin=no; ok deraadt@
 rpe@
2015-04-29 18:20:12 +10:00
dtucker@openbsd.org
6cc7cfa936 upstream commit
Document "none" for PidFile XAuthLocation
 TrustedUserCAKeys and RevokedKeys. bz#2382, feedback from jmc@, ok djm@
2015-04-29 18:13:34 +10:00
djm@openbsd.org
bd49da2ef1 upstream commit
sort options useable under Match case-insensitively; prodded
 jmc@
2015-02-22 07:58:24 +11:00
djm@openbsd.org
18a208d6a4 upstream commit
more options that are available under Match; bz#2353 reported
 by calestyo AT scientia.net
2015-02-21 09:50:46 +11:00
deraadt@openbsd.org
3cd5103c1e upstream commit
increasing encounters with difficult DNS setups in
 darknets has convinced me UseDNS off by default is better ok djm
2015-02-03 11:06:15 +11:00
jmc@openbsd.org
a5a3e3328d upstream commit
heirarchy -> hierarchy;
2015-01-26 23:58:54 +11:00
deraadt@openbsd.org
dcff5810a1 upstream commit
Provide a warning about chroot misuses (which sadly, seem
 to have become quite popular because shiny).  sshd cannot detect/manage/do
 anything about these cases, best we can do is warn in the right spot in the
 man page. ok markus
2015-01-26 23:58:53 +11:00
djm@openbsd.org
1f729f0614 upstream commit
add sshd_config HostbasedAcceptedKeyTypes and
 PubkeyAcceptedKeyTypes options to allow sshd to control what public key types
 will be accepted. Currently defaults to all. Feedback & ok markus@
2015-01-13 19:27:18 +11:00
djm@openbsd.org
8f6784f0cb upstream commit
mention ssh -Q feature to list supported { MAC, cipher,
 KEX, key } algorithms in more places and include the query string used to
 list the relevant information; bz#2288
2014-12-22 20:05:41 +11:00
jmc@openbsd.org
449e11b4d7 upstream commit
tweak previous;
2014-12-22 20:05:40 +11:00
djm@openbsd.org
f1c4d8ec52 upstream commit
correct description of what will happen when a
 AuthorizedKeysCommand is specified but AuthorizedKeysCommandUser is not (sshd
 will refuse to start)
2014-12-22 19:08:12 +11:00
djm@openbsd.org
f69b69b862 upstream commit
remember which public keys have been used for
 authentication and refuse to accept previously-used keys.

This allows AuthenticationMethods=publickey,publickey to require
that users authenticate using two _different_ pubkeys.

ok markus@
2014-12-22 19:06:52 +11:00
jmc@openbsd.org
a5375ccb97 upstream commit
tweak previous;
2014-12-22 13:16:58 +11:00
djm@openbsd.org
56d1c83cdd upstream commit
Add FingerprintHash option to control algorithm used for
 key fingerprints. Default changes from MD5 to SHA256 and format from hex to
 base64.

Feedback and ok naddy@ markus@
2014-12-22 09:32:29 +11:00
djm@openbsd.org
c7219f4f54 upstream commit
revert chunk I didn't mean to commit yet; via jmc@
2014-12-18 11:46:15 +11:00
djm@openbsd.org
d663bea30a upstream commit
mention AuthorizedKeysCommandUser must be set for
 AuthorizedKeysCommand to be run; bz#2287
2014-12-11 19:17:25 +11:00
jmc@openbsd.org
08c0eebf55 upstream commit
restore word zapped in previous, and remove some useless
 "No" macros;
2014-11-24 10:15:48 +11:00
deraadt@openbsd.org
a1418a0033 upstream commit
/dev/random has created the same effect as /dev/arandom
 (and /dev/urandom) for quite some time.  Mop up the last few, by using
 /dev/random where we actually want it, or not even mentioning arandom where
 it is irrelevant.
2014-11-24 10:15:47 +11:00
djm@openbsd.org
48dffd5beb upstream commit
mention permissions on tun(4) devices in PermitTunnel
 documentation; bz#2273
2014-10-13 11:38:46 +11:00
sobrado@openbsd.org
180bcb406b upstream commit
typo.
2014-10-13 11:37:56 +11:00
Damien Miller
e8c9f2602c - (djm) [sshd_config.5] typo; from Iain Morgan 2014-10-03 09:24:56 +10:00
Damien Miller
426117b2e9 - schwarze@cvs.openbsd.org 2014/07/28 15:40:08
[sftp-server.8 sshd_config.5]
     some systems no longer need /dev/log;
     issue noticed by jirib;
     ok deraadt
2014-07-30 12:33:20 +10:00
Damien Miller
7acefbbcbe - millert@cvs.openbsd.org 2014/07/15 15:54:14
[PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
     [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
     [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
     [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     [sshd_config.5 sshlogin.c]
     Add support for Unix domain socket forwarding.  A remote TCP port
     may be forwarded to a local Unix domain socket and vice versa or
     both ends may be a Unix domain socket.  This is a reimplementation
     of the streamlocal patches by William Ahern from:
         http://www.25thandclement.com/~william/projects/streamlocal.html
     OK djm@ markus@
2014-07-18 14:11:24 +10:00
Damien Miller
72e6b5c9ed - djm@cvs.openbsd.org 2014/07/03 22:40:43
[servconf.c servconf.h session.c sshd.8 sshd_config.5]
     Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is
     executed, mirroring the no-user-rc authorized_keys option;
     bz#2160; ok markus@
2014-07-04 09:00:04 +10:00
Damien Miller
c1621c84f2 - naddy@cvs.openbsd.org 2014/03/28 05:17:11
[ssh_config.5 sshd_config.5]
     sync available and default algorithms, improve algorithm list formatting
     help from jmc@ and schwarze@, ok deraadt@
2014-04-20 13:22:46 +10:00
Damien Miller
fc5d6759ab - djm@cvs.openbsd.org 2014/02/27 22:47:07
[sshd_config.5]
     bz#2184 clarify behaviour of a keyword that appears in multiple
     matching Match blocks; ok dtucker@
2014-02-28 10:01:28 +11:00
Damien Miller
e1e480aee8 - jmc@cvs.openbsd.org 2014/01/29 14:04:51
[sshd_config.5]
     document kbdinteractiveauthentication;
     requested From: Ross L Richardson

     dtucker/markus helped explain its workings;
2014-02-04 11:13:17 +11:00
Damien Miller
6575c3acf3 - dtucker@cvs.openbsd.org 2013/12/08 09:53:27
[sshd_config.5]
     Use a literal for the default value of KEXAlgorithms.  ok deraadt jmc
2013-12-18 17:47:02 +11:00
Damien Miller
8ba0ead698 - naddy@cvs.openbsd.org 2013/12/07 11:58:46
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
     [ssh_config.5 sshd.8 sshd_config.5]
     add missing mentions of ed25519; ok djm@
2013-12-18 17:46:27 +11:00
Damien Miller
dec0393f7e - jmc@cvs.openbsd.org 2013/11/21 08:05:09
[ssh_config.5 sshd_config.5]
     no need for .Pp before displays;
2013-12-05 10:18:43 +11:00
Damien Miller
0fde8acdad - djm@cvs.openbsd.org 2013/11/21 00:45:44
[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
     [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
     [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
     [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
     cipher "chacha20-poly1305@openssh.com" that combines Daniel
     Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
     authenticated encryption mode.

     Inspired by and similar to Adam Langley's proposal for TLS:
     http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
     but differs in layout used for the MAC calculation and the use of a
     second ChaCha20 instance to separately encrypt packet lengths.
     Details are in the PROTOCOL.chacha20poly1305 file.

     Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
     ok markus@ naddy@
2013-11-21 14:12:23 +11:00
Damien Miller
0bd8f1519d - markus@cvs.openbsd.org 2013/11/02 22:39:19
[ssh_config.5 sshd_config.5]
     the default kex is now curve25519-sha256@libssh.org
2013-11-04 08:55:43 +11:00
Damien Miller
63857c9340 - jmc@cvs.openbsd.org 2013/10/29 18:49:32
[sshd_config.5]
     pty(4), not pty(7);
2013-10-30 22:31:06 +11:00