Portable OpenSSH
Go to file
dtucker@openbsd.org 95d41e90ea upstream: Deprecate UsePrivilegedPort now that support for running
ssh(1) setuid has been removed, remove supporting code and clean up
references to it in the man pages

We have not shipped ssh(1) the setuid bit since 2002.  If ayone
really needs to make connections from a low port number this can
be implemented via a small setuid ProxyCommand.

ok markus@ jmc@ djm@

OpenBSD-Commit-ID: d03364610b7123ae4c6792f5274bd147b6de717e
2018-07-19 21:44:21 +10:00
contrib Use ssh-keygen -A to generate missing host keys. 2018-06-06 16:05:44 +10:00
openbsd-compat Undef a few new macros in sys-queue.h. 2018-07-14 16:49:01 +10:00
regress upstream: memleak in unittest; found by valgrind 2018-07-16 13:12:28 +10:00
.depend upstream: Remove support for running ssh(1) setuid and fatal if 2018-07-19 21:41:42 +10:00
.gitignore Fuzzer harnesses for sig verify and pubkey parsing 2017-09-08 12:44:13 +10:00
.skipped-commit-ids upstream: Import regenerated moduli file. 2018-04-06 14:20:33 +10:00
aclocal.m4 Better detection of unsupported compiler options. 2018-06-08 13:55:59 +10:00
addrmatch.c upstream commit 2016-09-22 03:14:59 +10:00
atomicio.c upstream commit 2016-08-03 15:38:43 +10:00
atomicio.h
audit-bsm.c Remove key.h from portable files too. 2018-07-12 14:57:46 +10:00
audit-linux.c Remove obsolete CVS $Id from source files. 2016-08-17 14:08:42 +10:00
audit.c Include unistd.h for geteuid declaration. 2018-07-13 13:40:20 +10:00
audit.h Remove obsolete CVS $Id from source files. 2016-08-17 14:08:42 +10:00
auth2-chall.c upstream: treat ssh_packet_write_wait() errors as fatal; ok djm@ 2018-07-12 13:18:25 +10:00
auth2-gss.c upstream: kerberos/gssapi fixes for buffer removal 2018-07-10 19:15:35 +10:00
auth2-hostbased.c upstream: sshd: switch authentication to sshbuf API; ok djm@ 2018-07-10 15:27:43 +10:00
auth2-kbdint.c upstream: sshd: switch authentication to sshbuf API; ok djm@ 2018-07-10 15:27:43 +10:00
auth2-none.c upstream: sshd: switch authentication to sshbuf API; ok djm@ 2018-07-10 15:27:43 +10:00
auth2-passwd.c upstream: sshd: switch authentication to sshbuf API; ok djm@ 2018-07-10 15:27:43 +10:00
auth2-pubkey.c upstream: treat ssh_packet_write_wait() errors as fatal; ok djm@ 2018-07-12 13:18:25 +10:00
auth2.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
auth-bsdauth.c upstream: sshd: switch authentication to sshbuf API; ok djm@ 2018-07-10 15:27:43 +10:00
auth-krb5.c upstream: sshd: switch authentication to sshbuf API; ok djm@ 2018-07-10 15:27:43 +10:00
auth-options.c upstream: allow bare port numbers to appear in PermitListen directives, 2018-06-19 13:00:50 +10:00
auth-options.h upstream: permitlisten option for authorized_keys; ok markus@ 2018-06-07 04:27:20 +10:00
auth-pam.c Remove key.h from portable files too. 2018-07-12 14:57:46 +10:00
auth-pam.h upstream: switch over to the new authorized_keys options API and 2018-03-03 14:37:16 +11:00
auth-passwd.c upstream: sshd: switch loginmsg to sshbuf API; ok djm@ 2018-07-10 15:21:58 +10:00
auth-rhosts.c upstream: sshd: switch authentication to sshbuf API; ok djm@ 2018-07-10 15:27:43 +10:00
auth-shadow.c Remove key.h from portable files too. 2018-07-12 14:57:46 +10:00
auth-sia.c Remove key.h from portable files too. 2018-07-12 14:57:46 +10:00
auth-sia.h
auth-skey.c Remove key.h from portable files too. 2018-07-12 14:57:46 +10:00
auth.c upstream: s/wuth/with/ in comment 2018-07-12 11:47:57 +10:00
auth.h upstream: lots of typos in comments/docs. Patch from Karsten Weiss 2018-04-10 10:17:15 +10:00
authfd.c upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@ 2018-07-10 16:44:17 +10:00
authfd.h upstream: remove prototype to long-gone function 2018-07-12 14:36:12 +10:00
authfile.c upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@ 2018-07-10 16:44:17 +10:00
authfile.h
bitmap.c upstream commit 2017-10-20 12:58:35 +11:00
bitmap.h upstream commit 2017-10-20 12:58:35 +11:00
buildpkg.sh.in Update links to https. 2016-10-21 06:55:58 +11:00
canohost.c
canohost.h
chacha.c
chacha.h upstream commit 2016-08-29 11:20:28 +10:00
channels.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
channels.h upstream: Add a PermitListen directive to control which server-side 2018-06-07 04:27:20 +10:00
cipher-aes.c
cipher-aesctr.c
cipher-aesctr.h
cipher-chachapoly.c upstream commit 2016-08-09 09:06:52 +10:00
cipher-chachapoly.h
cipher-ctr.c
cipher.c Omit 3des-cbc if OpenSSL built without DES. 2018-04-19 13:19:35 +10:00
cipher.h upstream commit 2017-05-08 09:21:00 +10:00
cleanup.c
clientloop.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
clientloop.h upstream: client: switch to sshbuf API; ok djm@ 2018-07-10 15:14:26 +10:00
compat.c upstream: client: switch to sshbuf API; ok djm@ 2018-07-10 15:14:26 +10:00
compat.h upstream: Improve strictness and control over RSA-SHA2 signature 2018-07-03 23:26:36 +10:00
config.guess update config.guess and config.sub to current 2016-08-02 10:48:04 +10:00
config.sub update config.guess and config.sub to current 2016-08-02 10:48:04 +10:00
configure.ac Add implementation of getline. 2018-07-02 21:36:31 +10:00
crc32.c
crc32.h
CREDITS Remove now-obsolete CVS $Id tags from text files. 2016-08-17 13:40:58 +10:00
crypto_api.h crypto_api.h needs includes.h 2018-01-24 12:20:44 +11:00
defines.h Remove UNICOS support. 2018-02-15 20:04:02 +11:00
dh.c upstream: Fix "WARNING: line 6 disappeared in /etc/moduli, giving up" 2018-07-03 11:08:29 +10:00
dh.h upstream commit 2016-05-02 20:39:32 +10:00
digest-libc.c upstream commit 2017-05-10 11:41:21 +10:00
digest-openssl.c upstream commit 2017-05-10 11:41:21 +10:00
digest.h upstream commit 2017-05-10 11:41:21 +10:00
dispatch.c upstream commit 2017-06-01 14:53:33 +10:00
dispatch.h upstream commit 2017-06-01 14:53:33 +10:00
dns.c upstream: Add experimental support for PQC XMSS keys (Extended 2018-02-26 11:40:41 +11:00
dns.h upstream: Add experimental support for PQC XMSS keys (Extended 2018-02-26 11:40:41 +11:00
ed25519.c
entropy.c Adapt portable to legacy buffer API removal 2018-07-10 19:39:52 +10:00
entropy.h Adapt portable to legacy buffer API removal 2018-07-10 19:39:52 +10:00
fatal.c
fe25519.c
fe25519.h
fixalgorithms
fixpaths
ge25519_base.data
ge25519.c
ge25519.h
groupaccess.c
groupaccess.h
gss-genr.c upstream: kerberos/gssapi fixes for buffer removal 2018-07-10 19:15:35 +10:00
gss-serv-krb5.c upstream: sshd: switch GSSAPI to sshbuf API; ok djm@ 2018-07-10 15:28:30 +10:00
gss-serv.c upstream: sshd: switch GSSAPI to sshbuf API; ok djm@ 2018-07-10 15:28:30 +10:00
hash.c upstream commit 2018-01-23 16:35:07 +11:00
hmac.c
hmac.h
hostfile.c upstream: memleaks; found by valgrind 2018-07-16 13:12:20 +10:00
hostfile.h
includes.h portability for sftp globbed ls sort by mtime 2017-06-10 23:41:25 +10:00
INSTALL Remove ability to override $LD. 2018-06-08 17:43:36 +10:00
install-sh Pull in newer install-sh from autoconf-2.69. 2017-12-01 17:07:08 +11:00
kex.c upstream: Revert previous two commits 2018-07-10 15:13:41 +10:00
kex.h repair !WITH_OPENSSL build 2018-07-13 11:41:33 +10:00
kexc25519.c
kexc25519c.c upstream commit 2017-12-19 15:21:37 +11:00
kexc25519s.c upstream commit 2017-10-20 12:58:18 +11:00
kexdh.c upstream commit 2016-05-02 20:39:32 +10:00
kexdhc.c upstream commit 2018-02-08 09:26:27 +11:00
kexdhs.c upstream: lots of typos in comments/docs. Patch from Karsten Weiss 2018-04-10 10:17:15 +10:00
kexecdh.c
kexecdhc.c upstream commit 2018-02-08 09:26:27 +11:00
kexecdhs.c upstream commit 2018-02-08 09:26:27 +11:00
kexgex.c
kexgexc.c upstream commit 2018-02-08 09:26:27 +11:00
kexgexs.c upstream: lots of typos in comments/docs. Patch from Karsten Weiss 2018-04-10 10:17:15 +10:00
krl.c upstream commit 2017-12-19 15:21:37 +11:00
krl.h
LICENCE upstream commit 2017-05-01 10:05:04 +10:00
log.c upstream commit 2017-05-17 11:25:22 +10:00
log.h upstream commit 2017-05-17 11:25:22 +10:00
loginrec.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
loginrec.h
logintest.c
mac.c upstream commit 2017-05-10 11:41:21 +10:00
mac.h upstream commit 2016-07-08 13:50:03 +10:00
Makefile.in upstream: Remove support for running ssh(1) setuid and fatal if 2018-07-19 21:41:42 +10:00
match.c upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA 2018-07-04 23:51:52 +10:00
match.h upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA 2018-07-04 23:51:52 +10:00
md5crypt.c Remove assigned-to-but-never-used variable. 2018-02-13 16:27:09 +11:00
md5crypt.h Remove obsolete CVS $Id from source files. 2016-08-17 14:08:42 +10:00
mdoc2man.awk Remove remaining now-obsolete cvs $Ids. 2018-02-15 20:06:19 +11:00
misc.c upstream: Remove support for running ssh(1) setuid and fatal if 2018-07-19 21:41:42 +10:00
misc.h upstream: add a SetEnv directive to ssh_config that allows setting 2018-06-09 13:11:00 +10:00
mkinstalldirs Remove remaining now-obsolete cvs $Ids. 2018-02-15 20:06:19 +11:00
moduli Import regenerated moduli file. 2018-04-03 12:18:00 +10:00
moduli.5
moduli.c upstream commit 2017-12-12 10:32:04 +11:00
monitor_fdpass.c
monitor_fdpass.h
monitor_wrap.c Fallout from buffer conversion in AUDIT_EVENTS. 2018-07-13 13:38:10 +10:00
monitor_wrap.h upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
monitor.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
monitor.h upstream: sshd: switch monitor to sshbuf API; lots of help & ok 2018-07-10 16:40:18 +10:00
msg.c upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@ 2018-07-10 16:44:17 +10:00
msg.h
mux.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
myproposal.h upstream: Improve strictness and control over RSA-SHA2 signature 2018-07-03 23:26:36 +10:00
nchan2.ms
nchan.c upstream commit 2017-09-12 17:37:03 +10:00
nchan.ms
opacket.c missing headers 2018-07-13 11:41:33 +10:00
opacket.h upstream: Remove unused ssh_packet_start_compression() 2018-07-10 15:13:40 +10:00
openssh.xml.in
opensshd.init.in Remove RSA1 host key generation. 2017-12-01 16:55:35 +11:00
OVERVIEW upstream: buffer.[ch] and bufaux.c are no more 2018-07-10 18:07:49 +10:00
packet.c upstream: memleaks; found by valgrind 2018-07-16 13:12:20 +10:00
packet.h upstream: ttymodes: switch to sshbuf API; ok djm@ 2018-07-10 15:19:12 +10:00
pathnames.h upstream: Add experimental support for PQC XMSS keys (Extended 2018-02-26 11:40:41 +11:00
pkcs11.h
platform-misc.c Split platform_sys_dir_uid into its own file 2017-08-25 13:25:01 +10:00
platform-pledge.c
platform-tracing.c Use ptrace(PT_DENY_ATTACH, ..) on OS X. 2016-11-01 08:12:33 +11:00
platform.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
platform.h Remove obsolete CVS $Id from source files. 2016-08-17 14:08:42 +10:00
poly1305.c
poly1305.h
progressmeter.c upstream commit 2016-07-08 13:46:59 +10:00
progressmeter.h
PROTOCOL upstream: emphasise that the hostkey rotation may send key types 2018-02-23 13:37:32 +11:00
PROTOCOL.agent update URL again 2017-10-01 10:32:25 +11:00
PROTOCOL.certkeys upstream: Improve strictness and control over RSA-SHA2 signature 2018-07-03 23:26:36 +10:00
PROTOCOL.chacha20poly1305 upstream: lots of typos in comments/docs. Patch from Karsten Weiss 2018-04-10 10:17:15 +10:00
PROTOCOL.key
PROTOCOL.krl upstream: lots of typos in comments/docs. Patch from Karsten Weiss 2018-04-10 10:17:15 +10:00
PROTOCOL.mux
readconf.c upstream: Deprecate UsePrivilegedPort now that support for running 2018-07-19 21:44:21 +10:00
readconf.h upstream: Deprecate UsePrivilegedPort now that support for running 2018-07-19 21:44:21 +10:00
README update version number 2018-04-02 15:38:20 +10:00
README.dns
README.platform Many typo fixes from Karsten Weiss 2018-04-10 10:19:02 +10:00
README.privsep Remove references to UNICOS. 2018-02-15 22:28:14 +11:00
README.tun
readpass.c upstream: Remove support for running ssh(1) setuid and fatal if 2018-07-19 21:41:42 +10:00
rijndael.c
rijndael.h
sandbox-capsicum.c Switch Capsicum header to sys/capsicum.h. 2017-08-28 16:48:27 +10:00
sandbox-darwin.c Add missing monitor.h include. 2016-12-16 15:02:24 +11:00
sandbox-null.c
sandbox-pledge.c
sandbox-rlimit.c upstream commit 2016-09-12 13:46:29 +10:00
sandbox-seccomp-filter.c Permit getuid()/geteuid() syscalls. 2018-05-25 13:45:01 +10:00
sandbox-solaris.c drop two more privileges in the Solaris sandbox 2017-06-09 14:44:43 +10:00
sandbox-systrace.c Allow nanosleep in preauth privsep child. 2018-04-13 16:23:57 +10:00
sc25519.c
sc25519.h
scp.1 upstream: Deprecate UsePrivilegedPort now that support for running 2018-07-19 21:44:21 +10:00
scp.c upstream: Apply umask to all incoming files and directories not 2018-06-04 14:54:43 +10:00
servconf.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
servconf.h upstream: sshd: switch loginmsg to sshbuf API; ok djm@ 2018-07-10 15:21:58 +10:00
serverloop.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
serverloop.h upstream commit 2017-09-12 17:37:02 +10:00
session.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
session.h upstream commit 2017-09-12 17:37:02 +10:00
sftp-client.c upstream: Fix return value confusion in several functions (readdir, 2018-05-25 14:27:50 +10:00
sftp-client.h
sftp-common.c upstream commit 2017-06-10 16:40:11 +10:00
sftp-common.h
sftp-glob.c
sftp-server-main.c
sftp-server.8
sftp-server.c upstream: make UID available as a %-expansion everywhere that the 2018-06-01 13:35:59 +10:00
sftp.1 upstream: Deprecate UsePrivilegedPort now that support for running 2018-07-19 21:44:21 +10:00
sftp.c upstream: Since the previous commit, ssh regress test sftp-chroot was 2018-05-11 13:10:49 +10:00
sftp.h
smult_curve25519_ref.c
ssh2.h upstream commit 2016-05-19 17:48:34 +10:00
ssh_api.c upstream commit 2017-05-01 09:42:37 +10:00
ssh_api.h upstream: lots of typos in comments/docs. Patch from Karsten Weiss 2018-04-10 10:17:15 +10:00
ssh_config upstream commit 2017-05-08 09:21:00 +10:00
ssh_config.5 upstream: Deprecate UsePrivilegedPort now that support for running 2018-07-19 21:44:21 +10:00
ssh-add.1 upstream commit 2017-09-04 09:38:57 +10:00
ssh-add.c upstream: Add experimental support for PQC XMSS keys (Extended 2018-02-26 11:40:41 +11:00
ssh-agent.1 upstream commit 2016-11-30 19:44:25 +11:00
ssh-agent.c upstream: implement EMFILE mitigation for ssh-agent: remember the 2018-05-11 13:56:42 +10:00
ssh-dss.c upstream commit 2018-02-08 09:26:27 +11:00
ssh-ecdsa.c upstream commit 2018-02-08 09:26:27 +11:00
ssh-ed25519.c
ssh-gss.h upstream: kerberos/gssapi fixes for buffer removal 2018-07-10 19:15:35 +10:00
ssh-keygen.1 upstream: add valid-before="[time]" authorized_keys option. A 2018-03-14 18:55:32 +11:00
ssh-keygen.c missing headers 2018-07-13 11:41:33 +10:00
ssh-keyscan.1 upstream: move the input format details to -f; remove the output 2018-03-12 11:48:15 +11:00
ssh-keyscan.c upstream: switch config file parsing to getline(3) as this avoids 2018-06-07 04:34:05 +10:00
ssh-keysign.8
ssh-keysign.c upstream: Add experimental support for PQC XMSS keys (Extended 2018-02-26 11:40:41 +11:00
ssh-pkcs11-client.c upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@ 2018-07-10 16:44:17 +10:00
ssh-pkcs11-helper.8
ssh-pkcs11-helper.c upstream commit 2018-01-23 16:31:55 +11:00
ssh-pkcs11.c upstream commit 2018-02-08 09:26:27 +11:00
ssh-pkcs11.h
ssh-rsa.c upstream: Improve strictness and control over RSA-SHA2 signature 2018-07-03 23:26:36 +10:00
ssh-sandbox.h
ssh-xmss.c Add WITH_XMSS, move to prevent conflicts. 2018-02-28 19:59:35 +11:00
ssh.1 upstream: Deprecate UsePrivilegedPort now that support for running 2018-07-19 21:44:21 +10:00
ssh.c upstream: Deprecate UsePrivilegedPort now that support for running 2018-07-19 21:44:21 +10:00
ssh.h upstream: switch config file parsing to getline(3) as this avoids 2018-06-07 04:34:05 +10:00
sshbuf-getput-basic.c upstream commit 2017-06-01 14:55:23 +10:00
sshbuf-getput-crypto.c
sshbuf-misc.c
sshbuf.c upstream: remove legacy buffer API emulation layer; ok djm@ 2018-07-10 16:44:17 +10:00
sshbuf.h upstream: remove legacy buffer API emulation layer; ok djm@ 2018-07-10 16:44:17 +10:00
sshconnect2.c upstream: Remove support for running ssh(1) setuid and fatal if 2018-07-19 21:41:42 +10:00
sshconnect.c upstream: Deprecate UsePrivilegedPort now that support for running 2018-07-19 21:44:21 +10:00
sshconnect.h upstream: Deprecate UsePrivilegedPort now that support for running 2018-07-19 21:44:21 +10:00
sshd_config upstream: the UseLogin option was removed, so remove it here too. 2018-04-10 10:16:36 +10:00
sshd_config.5 upstream: repair PubkeyAcceptedKeyTypes (and friends) after RSA 2018-07-04 23:51:52 +10:00
sshd.8 upstream: spelling; 2018-06-26 08:30:43 +10:00
sshd.c upstream: remove legacy key emulation layer; ok djm@ 2018-07-12 13:18:25 +10:00
ssherr.c upstream: Improve strictness and control over RSA-SHA2 signature 2018-07-03 23:26:36 +10:00
ssherr.h upstream: Improve strictness and control over RSA-SHA2 signature 2018-07-03 23:26:36 +10:00
sshkey-xmss.c upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@ 2018-07-10 16:44:17 +10:00
sshkey-xmss.h upstream: Add experimental support for PQC XMSS keys (Extended 2018-02-26 11:40:41 +11:00
sshkey.c upstream: some finesse to fix RSA-SHA2 certificate authentication 2018-07-03 23:26:47 +10:00
sshkey.h upstream: some finesse to fix RSA-SHA2 certificate authentication 2018-07-03 23:26:47 +10:00
sshlogin.c upstream: sshd: switch loginmsg to sshbuf API; ok djm@ 2018-07-10 15:21:58 +10:00
sshlogin.h
sshpty.c Remove UNICOS support. 2018-02-15 20:04:02 +11:00
sshpty.h upstream commit 2016-11-29 16:51:27 +11:00
sshtty.c
survey.sh.in
TODO Many typo fixes from Karsten Weiss 2018-04-10 10:19:02 +10:00
ttymodes.c upstream: ttymodes: switch to sshbuf API; ok djm@ 2018-07-10 15:19:12 +10:00
ttymodes.h upstream commit 2017-05-01 10:05:04 +10:00
uidswap.c upstream: Remove support for running ssh(1) setuid and fatal if 2018-07-19 21:41:42 +10:00
uidswap.h upstream: Remove support for running ssh(1) setuid and fatal if 2018-07-19 21:41:42 +10:00
umac128.c upstream commit 2018-02-09 20:00:18 +11:00
umac.c upstream: lots of typos in comments/docs. Patch from Karsten Weiss 2018-04-10 10:17:15 +10:00
umac.h
utf8.c upstream commit 2017-06-01 14:55:22 +10:00
utf8.h Force Turkish locales back to C/POSIX; bz#2643 2016-12-12 13:58:59 +11:00
uuencode.c
uuencode.h
verify.c
version.h upstream: crank version number to 7.8; needed for new compat flag 2018-07-03 23:26:47 +10:00
xmalloc.c upstream commit 2017-06-01 14:55:22 +10:00
xmalloc.h upstream commit 2017-06-01 14:55:22 +10:00
xmss_commons.c upstream: Add $OpenBSD$ markers to xmss files to help keep synced 2018-03-02 14:29:25 +11:00
xmss_commons.h Remove extra XMSS #endif 2018-03-05 10:22:32 +11:00
xmss_fast.c upstream: ssh/xmss: fix build; ok djm@ 2018-03-23 11:05:39 +11:00
xmss_fast.h upstream: Add $OpenBSD$ markers to xmss files to help keep synced 2018-03-02 14:29:25 +11:00
xmss_hash_address.c upstream: Add $OpenBSD$ markers to xmss files to help keep synced 2018-03-02 14:29:25 +11:00
xmss_hash_address.h upstream: Add $OpenBSD$ markers to xmss files to help keep synced 2018-03-02 14:29:25 +11:00
xmss_hash.c upstream: Add $OpenBSD$ markers to xmss files to help keep synced 2018-03-02 14:29:25 +11:00
xmss_hash.h upstream: Add $OpenBSD$ markers to xmss files to help keep synced 2018-03-02 14:29:25 +11:00
xmss_wots.c upstream: lots of typos in comments/docs. Patch from Karsten Weiss 2018-04-10 10:17:15 +10:00
xmss_wots.h upstream: Remove unneeded (local) include. ok markus@ 2018-03-02 14:30:02 +11:00

See https://www.openssh.com/releasenotes.html#7.7p1 for the release notes.

Please read https://www.openssh.com/report.html for bug reporting
instructions and note that we do not use Github for bug reporting or
patch/pull-request management.

- A Japanese translation of this document and of the release notes is
- available at https://www.unixuser.org/~haruyama/security/openssh/index.html
- Thanks to HARUYAMA Seigo <haruyama@unixuser.org>

This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other
Unices.

OpenSSH is based on the last free version of Tatu Ylonen's sample
implementation with all patent-encumbered algorithms removed (to
external libraries), all known security bugs fixed, new features
reintroduced and many other clean-ups.  OpenSSH has been created by
Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt,
and Dug Song. It has a homepage at https://www.openssh.com/

This port consists of the re-introduction of autoconf support, PAM
support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library
functions that are (regrettably) absent from other unices. This port
has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X,
NetBSD, OpenBSD, OpenServer, Solaris and UnixWare.

This version actively tracks changes in the OpenBSD CVS repository.

The PAM support is now more functional than the popular packages of
commercial ssh-1.2.x. It checks "account" and "session" modules for
all logins, not just when using password authentication.

OpenSSH depends on Zlib[3], OpenSSL[4], and optionally PAM[5] and
libedit[6]

There is now several mailing lists for this port of OpenSSH. Please
refer to https://www.openssh.com/list.html for details on how to join.

Please send bug reports and patches to the mailing list
openssh-unix-dev@mindrot.org. The list is open to posting by unsubscribed
users.  Code contribution are welcomed, but please follow the OpenBSD
style guidelines[7].

Please refer to the INSTALL document for information on how to install
OpenSSH on your system.

Damien Miller <djm@mindrot.org>

Miscellania -

This version of OpenSSH is based upon code retrieved from the OpenBSD
CVS repository which in turn was based on the last free sample
implementation released by Tatu Ylonen.

References -

[0] https://www.openssh.com/
[1] http://www.lothar.com/tech/crypto/
[2] http://prngd.sourceforge.net/
[3] https://www.zlib.net/
[4] https://www.openssl.org/
[5] https://www.openpam.org
    https://www.kernel.org/pub/linux/libs/pam/
    (PAM also is standard on Solaris and HP-UX 11)
[6] https://thrysoee.dk/editline/ (portable version)
[7] https://man.openbsd.org/style.9