| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
in test for multiple authentication with the same key
|
| |
|
|
|
|
| |
codes being returned due to != having higher precedence than =.
ok deraadt@ markus@
|
| |
|
|
| |
Discussed with tedu, millert, otto.... and ok djm
|
| |
|
|
|
| |
this may have caused the monitor to refuse multiple authentications
that would otherwise have successfully completed; ok markus@
|
| |
|
|
|
|
|
|
|
|
| |
we only ever use it for strlen(pattern).
Prompted by hanno AT hboeck.de pointing an out-of-bound read
error caused by an incorrect pattern length found using AFL
and his own tools.
ok markus@
|
| |
|
|
|
| |
a corresponding private key authentication being applied to other
authentication methods. Reported by halex@, ok markus@
|
| | |
|
| |
|
|
| |
bz#278 reported by drk AT sgi.com; ok dtucker
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
I accidentally changed the format of the hostkeys@openssh.com messages
last week without changing the extension name, and this has been causing
connection failures for people who are running -current. First reported
by sthen@
s/hostkeys@openssh.com/hostkeys-00@openssh.com/
Change the name of the proof message too, and reorder it a little.
Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY
available to read the response) so disable UpdateHostKeys if it is in
ask mode and ControlPersist is active (and document this)
|
| |
|
|
|
|
|
|
|
|
| |
The client will not ask the server to prove ownership of the private
halves of any hitherto-unseen hostkeys it offers to the client.
Allow UpdateHostKeys option to take an 'ask' argument to let the
user manually review keys offered.
ok markus@
|
| | |
|
| |
|
|
| |
obsolete SIZE_T_MAX. OK miod@ beck@
|
| |
|
|
| |
ok djm markus
|
| | |
|
| |
|
|
|
|
|
|
| |
a) switch packet.c to buffer api and isolate per-connection info into struct ssh
b) (de)serialization of the state is moved from monitor to packet.c
c) the old packet.c API is implemented in opacket.[ch]
d) compress.c/h is removed and integrated into packet.c
with and ok djm@
|
| |
|
|
| |
ok markus@
|
| |
|
|
|
| |
options to allow sshd to control what public key types will be
accepted. Currently defaults to all. Feedback & ok markus@
|
| |
|
|
|
|
|
|
|
| |
refuse to accept previously-used keys.
This allows AuthenticationMethods=publickey,publickey to require
that users authenticate using two _different_ pubkeys.
ok markus@
|
| |
|
|
|
|
|
|
| |
may be forwarded to a local Unix domain socket and vice versa or
both ends may be a Unix domain socket. This is a reimplementation
of the streamlocal patches by William Ahern from:
http://www.25thandclement.com/~william/projects/streamlocal.html
OK djm@ markus@
|
| |
|
|
|
|
|
|
|
| |
existing API is offered as a set of wrappers.
with and ok markus@
Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.
|
| |
|
|
|
|
| |
post-auth child. the new buffer code is more strict, and requires
buffer_init() while the old code was happy after a bzero();
originally from djm@
|
| |
|
|
|
| |
reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
allows us to explore further options; with and ok djm
|
| | |
|
| |
|
|
| |
ok djm dtucker
|
| | |
|
| | |
|
| |
|
|
|
| |
or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
ok djm@
|
| |
|
|
| |
the auth success/failure line; bz#2064, ok dtucker@
|
| |
|
|
|
|
|
|
|
|
| |
and ruser is now logged in the auth success/failure message alongside
the local username, remote host/port and protocol in use. Certificates
contents and CA are logged too.
Pushing all logging onto a single line simplifies log analysis as it is
no longer necessary to relate information scattered across multiple log
entries. "I like it" markus@
|
| | |
|
| |
|
|
| |
based on traffic volume or time. ok djm@, help & ok jmc@ for the man page.
|
| | |
|
| |
|
|
|
|
| |
have included a style (e.g. "root:skey") when checking public key
signatures. Fixes public key and hostbased auth when the client specified
a style; ok markus@
|
| |
|
|
| |
child. otherwise it might block while sending. ok djm@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, we recorded "Failed xxx" since we reset authenticated before
calling auth_log() in auth2.c. This adds an explcit "Partial" state.
Add a "submethod" to auth_log() to report which submethod is used
for keyboard-interactive.
Fix multiple authentication when one of the methods is
keyboard-interactive.
ok markus@
|
| |
|
|
|
|
|
| |
option. This option lists one or more comma-separated lists of
authentication method names. Successful completion of all the methods in
any list is required for authentication to complete;
feedback and ok markus@
|
| |
|
|
| |
From Steve.McClellan at radisys com, ok markus@
|
| | |
|
| | |
|
| |
|
|
| |
monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@
|
| |
|
|
|
|
|
|
|
| |
Bring back authorized_keys2 as a default search path (to avoid breaking
existing users of this file), but override this in sshd_config so it will
be no longer used on fresh installs. Maybe in 2015 we can remove it
entierly :)
feedback and ok markus@ dtucker@
|
| |
|
|
|
|
|
| |
for Match. This avoids problems caused by forgetting to keep three
code locations in perfect sync and ordering
"this is at once beautiful and horrible" + ok dtucker@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
(SHA256/384/512) depending on the length of the curve in use. The previous
code incorrectly used SHA256 in all cases.
This fix will cause authentication failure when using 384 or 521-bit curve
keys if one peer hasn't been upgraded and the other has. (256-bit curve
keys work ok). In particular you may need to specify HostkeyAlgorithms
when connecting to a server that has not been upgraded from an upgraded
client.
ok naddy@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
better performance than plain DH and DSA at the same equivalent symmetric
key length, as well as much shorter keys.
Only the mandatory sections of RFC5656 are implemented, specifically the
three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
ECDSA. Point compression (optional in RFC5656 is NOT implemented).
Certificate host and user keys using the new ECDSA key types are supported.
Note that this code has not been tested for interoperability and may be
subject to change.
feedback and ok markus@
|
| | |
|
| |
|
|
|
|
| |
timing information by short-circuiting like memcmp() and use it for
some of the more sensitive comparisons (though nothing high-value was
readily attackable anyway); "looks ok" markus@
|
| |
|
|
|
| |
Fixes an info leak of environment variables specified in authorized_keys,
reported by Jacob Appelbaum. ok djm@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OpenSSH certificate key types are not X.509 certificates, but a much
simpler format that encodes a public key, identity information and
some validity constraints and signs it with a CA key. CA keys are
regular SSH keys. This certificate style avoids the attack surface
of X.509 certificates and is very easy to deploy.
Certified host keys allow automatic acceptance of new host keys
when a CA certificate is marked as trusted in ~/.ssh/known_hosts.
see VERIFYING HOST KEYS in ssh(1) for details.
Certified user keys allow authentication of users when the signing
CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
FILE FORMAT" in sshd(8) for details.
Certificates are minted using ssh-keygen(1), documentation is in
the "CERTIFICATES" section of that manpage.
Documentation on the format of certificates is in the file
PROTOCOL.certkeys
feedback and ok markus@
|
| |
|
|
|
| |
return type to match atomicio's
Diff from djm@, ok markus@
|
djm
jsg
deraadt
markus
millert
tedu
dtucker
andreas