summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/kex.h (follow)
Commit message (Collapse)AuthorAgeFilesLines
* more robust rekeyingmarkus2001-04-041-3/+3
| | | | don't send channel data after rekeying is started.
* enable server side rekeying + some rekey related clientup.markus2001-04-041-2/+2
| | | | todo: we should not send any non-KEX messages after we send KEXINIT
* don't sent multiple kexinit-requests.markus2001-04-041-3/+4
| | | | | send newkeys, block while waiting for newkeys. fix comments.
* undo parts of recent my changes: main part of keyexchange does notmarkus2001-04-031-35/+40
| | | | | | | need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying.
* move kex to kex*.c, used dispatch_set() callbacks for kex. shouldmarkus2001-04-031-32/+26
| | | | make rekeying easier.
* prepare for rekeying: move DH code to dh.cmarkus2001-03-291-6/+1
|
* forgot to include min and max params in hash, okay markus@provos2001-03-281-2/+3
|
* generate a 2*need size (~300 instead of 1024/2048) random privatemarkus2001-03-051-2/+2
| | | | | | | | | | | exponent during the DH key agreement. according to Niels (the great german advisor) this is safe since /etc/primes contains strong primes only. References: P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key agreement with short exponents, In Advances in Cryptology - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
* 1) clean up the MAC support for SSH-2markus2001-02-111-2/+4
| | | | | | | 2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@
* unexpand and remove end-of-line whitespace; ok markus@stevesk2001-02-041-2/+2
|
* $OpenBSD$niklas2001-01-291-0/+2
|
* fix prototypes; from stevesk@pobox.commarkus2000-12-201-2/+2
|
* replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned'markus2000-12-191-6/+6
| | | | with u_char.
* compute diffie-hellman in parallel between server and client. okay markus@provos2000-12-151-0/+1
|
* add support for RSA to SSH2. please test.markus2000-11-121-1/+1
| | | | | | | | | | | | | | | there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication.
* remove unusedmarkus2000-10-121-1/+0
|
* new cipher frameworkmarkus2000-10-111-6/+4
|
* First rough implementation of the diffie-hellman group exchange. Theprovos2000-10-111-2/+22
| | | | | | client can ask the server for bigger groups to perform the diffie-hellman in, thus increasing the attack complexity when using ciphers with longer keys. University of Windsor provided network, T the company.
* cleanup copyright notices on all files. I have attempted to be accurate withderaadt2000-09-071-5/+0
| | | | | | | the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
* split kexinit/kexdh, factor out common codemarkus2000-05-251-4/+9
|
* check for reasonable public DH valuesmarkus2000-04-121-1/+2
|
* DSA, keyexchange, algorithm agreement for ssh2markus2000-04-031-0/+111
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.