wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

	Commit message (Collapse)	Author	Age	Files	Lines
*	support ed25519 keys (hostkeys and user identities) using the public domain	markus	2013-12-06	1	-1/+3
\| \| \| \| \|	ed25519 reference code from SUPERCOP, see http://ed25519.cr.yp.to/software.html feedback, help & ok djm@
*	use the existing _PATH_SSH_USER_RC define to construct the other	djm	2013-04-05	1	-11/+11
\| \| \| \|	pathnames; bz#2077, ok dtucker@ (no binary change)
*	allow AuthorizedKeysFile to specify multiple files, separated by spaces.	djm	2011-05-23	1	-1/+4
\| \| \| \| \| \| \| \| \|	Bring back authorized_keys2 as a default search path (to avoid breaking existing users of this file), but override this in sshd_config so it will be no longer used on fresh installs. Maybe in 2015 we can remove it entierly :) feedback and ok markus@ dtucker@
*	remove support for authorized_keys2; it is a relic from the early days	djm	2011-05-11	1	-4/+1
\| \| \| \| \|	of protocol v.2 support and has been undocumented for many years; ok markus@
*	Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and	djm	2010-08-31	1	-1/+3
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
*	correct comment	djm	2010-02-11	1	-2/+2
\|
*	replace our obsolete smartcard code with PKCS#11.	markus	2010-02-08	1	-1/+4
\| \| \| \| \| \| \| \| \|	ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 provider (shared library) while ssh-agent(1) delegates PKCS#11 to a forked a ssh-pkcs11-helper process. PKCS#11 is currently a compile time option. feedback and ok djm@; inspired by patches from Alon Bar-Lev
*	no need to escape single quotes in comments	stevesk	2008-12-29	1	-5/+5
\|
*	standardise spacing in $OpenBSD$ tags; requested by deraadt@	djm	2006-03-25	1	-1/+1
\|
*	spaces	deraadt	2004-07-11	1	-2/+2
\|
*	support for password change; ok dtucker@	markus	2004-01-30	1	-1/+4
\| \| \| \|	(set password-dead=1w in login.conf to use this).
*	add /usr/libexec/ssh-keysign: a setuid helper program for hostbased authentication	markus	2002-05-23	1	-1/+4
\| \| \| \|	in protocol v2 (needs to access the hostkeys).
*	_PATH_PRIVSEP_CHROOT_DIR; ok provos@	stevesk	2002-03-19	1	-1/+4
\|
*	move ssh config files to /etc/ssh	deraadt	2002-02-09	1	-9/+10
\|
*	use only one path to X11 UNIX domain socket vs. an array of paths	stevesk	2001-12-08	1	-1/+4
\| \| \| \|	to try. report from djast@cs.toronto.edu. ok markus@
*	get rid of known_hosts2, use it for hostkey lookup, but do not modify.	markus	2001-06-23	1	-1/+3
\|
*	merge authorized_keys2 into authorized_keys.	markus	2001-06-22	1	-1/+3
\| \| \| \| \|	authorized_keys2 is used for backward compat. (just append authorized_keys2 to authorized_keys).
*	use /etc/moduli instead of /etc/primes, okay markus@	provos	2001-06-22	1	-1/+3
\|
*	move the path for xauth to pathnames.h	markus	2001-06-08	1	-1/+4
\|
*	implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)	markus	2001-04-12	1	-2/+3
\| \| \| \| \|	similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
*	_PATH_LS; ok markus@	stevesk	2001-02-08	1	-1/+2
\|
*	allow sftp over ssh protocol 1; ok djm@	markus	2001-02-08	1	-1/+4
\|
*	$OpenBSD$	niklas	2001-01-29	1	-0/+2
\|
*	move ssh1 definitions to ssh1.h, pathnames to pathnames.h	markus	2001-01-19	1	-0/+104