summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/auth.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust testsdtucker2012-05-131-3/+4
| | | | to match. Feedback and ok djm@ markus@.
* Support "none" as an argument for AuthorizedPrincipalsFile to indicatedjm2012-04-111-2/+3
| | | | no file should be read.
* make secure_filename() spam debug logs lessdjm2011-05-231-6/+3
|
* allow AuthorizedKeysFile to specify multiple files, separated by spaces.djm2011-05-231-8/+2
| | | | | | | | | Bring back authorized_keys2 as a default search path (to avoid breaking existing users of this file), but override this in sshd_config so it will be no longer used on fresh installs. Maybe in 2015 we can remove it entierly :) feedback and ok markus@ dtucker@
* remove support for authorized_keys2; it is a relic from the early daysdjm2011-05-111-7/+1
| | | | | of protocol v.2 support and has been undocumented for many years; ok markus@
* automatically order the hostkeys requested by the client based ondjm2010-11-291-12/+18
| | | | | | which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys that are preferred by default; with markus@
* use strict_modes already passed as function argument over referencingdjm2010-11-231-2/+2
| | | | global options.strict_modes
* enable certificates for hostbased authentication, from Iain Morgan;djm2010-08-041-2/+2
| | | | "looks ok" markus@
* queue auth debug messages for bad ownership or permissions on the user'sdjm2010-06-221-1/+4
| | | | | | keyfiles. These messages will be sent after the user has successfully authenticated (where our client will display them with LogLevel=debug). bz#1554; ok dtucker@
* add some optional indirection to matching of principal names listeddjm2010-05-071-11/+30
| | | | | | | | | | | | | | | | | | | | | in certificates. Currently, a certificate must include the a user's name to be accepted for authentication. This change adds the ability to specify a list of certificate principal names that are acceptable. When authenticating using a CA trusted through ~/.ssh/authorized_keys, this adds a new principals="name1[,name2,...]" key option. For CAs listed through sshd_config's TrustedCAKeys option, a new config option "AuthorizedPrincipalsFile" specifies a per-user file containing the list of acceptable names. If either option is absent, the current behaviour of requiring the username to appear in principals continues to apply. These options are useful for role accounts, disjoint account namespaces and "user@realm"-style naming policies in certificates. feedback and ok markus@
* make the warning for a revoked key louder and more noticabledjm2010-03-051-2/+3
|
* Add a TrustedUserCAKeys option to sshd_config to specify CA keys thatdjm2010-03-041-1/+30
| | | | | | | | | | | are trusted to authenticate users (in addition than doing it per-user in authorized_keys). Add a RevokedKeys option to sshd_config and a @revoked marker to known_hosts to allow keys to me revoked and banned for user or host authentication. feedback and ok markus@
* unbreak ChrootDirectory+internal-sftp by skipping check for executable shelldjm2010-02-091-36/+21
| | | | when chrooting; reported by danh AT wzrd.com; ok dtucker@
* when using ChrootDirectory, make sure we test for the existence of thedjm2010-01-131-3/+23
| | | | | user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu; ok dtucker
* Fix a couple of typos/mispellings in commentsdtucker2010-01-131-2/+2
|
* Output a debug if we can't open an existing keyfile. bz#1694, ok djm@dtucker2010-01-101-2/+6
|
* need unistd.h for close() prototypedjm2008-11-041-1/+2
|
* Merge duplicate host key file checks, based in part on a patch from Robdtucker2008-07-021-2/+43
| | | | | Holland via bz #1348 . Also checks for non-regular files during protocol 1 RSA auth. ok djm@
* unifdef -DBSD_AUTHdjm2007-09-211-5/+1
| | | | | | | unifdef -USKEY These options have been in use for some years; ok markus@ "no objection" millert@
* missed include bits from last commitdjm2007-08-231-1/+2
|
* unifdef HAVE_LOGIN_CAP; ok deraadt@ millert@djm2007-08-231-5/+1
|
* almost entirely get rid of the culture of ".h files that include .h files"deraadt2006-08-031-6/+7
| | | | | ok djm, sort of ok stevesk makes the pain stop in one easy step
* move #include <stdio.h> out of includes.hstevesk2006-08-011-1/+2
|
* move #include <sys/param.h> out of includes.hstevesk2006-07-261-1/+2
|
* move #include <string.h> out of includes.hstevesk2006-07-221-1/+2
|
* Add support for conditional directives to sshd_config via a "Match" keyword,dtucker2006-07-121-1/+4
| | | | | | | | | | | | | | | | | which works similarly to the "Host" directive in ssh_config. Lines after a Match line override the default set in the main section if the condition on the Match line is true, eg AllowTcpForwarding yes Match User anoncvs AllowTcpForwarding no will allow port forwarding by all users except "anoncvs". Currently only a very small subset of directives are supported. ok djm@
* move #include <errno.h> out of includes.h; ok markus@stevesk2006-07-111-1/+2
|
* move #include <stdarg.h> out of includes.h; ok markus@stevesk2006-07-101-1/+2
|
* move #include <pwd.h> out of includes.h; ok markus@stevesk2006-07-061-1/+2
|
* Prevent duplicate log messages when privsep=yes; ok djm@dtucker2006-03-301-1/+6
|
* Put $OpenBSD$ tags back (as comments) to replace the RCSID()s thatdjm2006-03-251-0/+1
| | | | Theo nuked - our scripts to sync -portable need them in the files
* introduce xcalloc() and xasprintf() failure-checked allocations functionsdjm2006-03-251-7/+5
| | | | | | | | | | and use them throughout openssh xcalloc is particularly important because malloc(nmemb * size) is a dangerous idiom (subject to integer overflow) and it is time for it to die feedback and ok deraadt@
* in a switch (), break after return or goto is stupidderaadt2006-03-201-1/+0
|
* RCSID() can diederaadt2006-03-191-1/+0
|
* move #include <sys/stat.h> out of includes.h; ok markus@stevesk2006-02-201-1/+4
|
* move #include <paths.h> out of includes.h; ok markus@stevesk2006-02-081-1/+2
|
* make this -Wsign-compare clean; ok avsm@ markus@djm2005-06-171-2/+2
|
* introduce a generic %foo expansion function. replace existing % expansion anddjm2005-06-061-41/+18
| | | | add expansion to ControlPath; ok markus@
* Populate host for log message for logins denied by AllowUsers and DenyUsers.dtucker2005-03-141-2/+3
| | | | (bz #999); ok markus@
* Log source of connections denied by AllowUsers, DenyUsers, AllowGroups anddtucker2005-01-221-11/+14
| | | | DenyGroups. bz #909, ok djm@
* more s/illegal/invalid/markus2004-07-281-2/+2
|
* s/Illegal user/Invalid user/; many requests; ok djm, millert, niklas, miod, ...markus2004-07-211-2/+2
|
* Add MaxAuthTries sshd config option; ok markus@dtucker2004-05-231-2/+2
|
* improve some code lint did not like; djm millert okderaadt2004-05-111-3/+3
|
* make two tiny header files go away; djm okderaadt2004-05-081-2/+1
|
* unexpand and delete whitespace at EOL; ok markus@djm2003-11-211-2/+2
|
* replace fatal_cleanup() and linked list of fatal callbacks with staticmarkus2003-09-231-9/+1
| | | | | | cleanup_exit() function. re-refine cleanup_exit() where appropriate, allocate sshd's authctxt eary to allow simpler cleanup in sshd. tested by many, ok deraadt@
* fix passwd auth for 'username leaks via timing'; with djm@, original patches from solarmarkus2003-08-261-1/+20
|
* deprecate VerifyReverseMapping since it's dangerous if combinedmarkus2003-06-021-2/+2
| | | | | | | with IP based access control as noted by Mike Harding; replace with a UseDNS option, UseDNS is on by default and includes the VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ ok deraadt@, djm@
* rename log() into logit() to avoid name conflict. markus ok, from netbsditojun2003-04-081-13/+13
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.