summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/ssh-add.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Replace calls to ssh_malloc_init() by a static init of malloc_options.otto2019-06-061-2/+1
| | | | Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@
* add "-v" flags to ssh-add and ssh-pkcs11-helper to turn up debugdjm2019-01-211-2/+14
| | | | | | | | | | verbosity. Make ssh-agent turn on ssh-pkcs11-helper's verbosity when it is run in debug mode ("ssh-agent -d"), so we get to see errors from the PKCS#11 code. ok markus@
* add option to test whether keys in an agent are usable, by performingdjm2019-01-201-3/+49
| | | | | | a signature and a verification using each key "ssh-add -T pubkey [...]" work by markus@, ok djm@
* Make "ssh-add -q" do what it says on the tin: silence output fromdjm2018-09-191-23/+39
| | | | | | successful operations. Based on patch from Thijs van Dijk; ok dtucker@ deraadt@
* Add experimental support for PQC XMSS keys (Extended Hash-Based Signatures)markus2018-02-231-5/+69
| | | | | | | The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@
* add a -q option to ssh-add to make it quiet on success.dlg2017-08-291-13/+23
| | | | | | | | if you want to silence ssh-add without this you generally redirect the output to /dev/null, but that can hide error output which you should see. ok djm@
* remove post-SSHv1 removal dead code from rsa.c and merge thedjm2017-07-011-2/+1
| | | | remaining bit that it still used into ssh-rsa.c; ok markus
* remove unused wrapper functions from key.[ch]; ok djm@markus2017-05-301-2/+2
|
* more simplification and removal of SSHv1-related code; ok djm@naddy2017-05-051-36/+26
|
* since a couple of people have asked, leave a comment explaining why wedjm2017-05-041-1/+6
| | | | retain SSH v.1 support in the "delete all keys from agent" path.
* unifdef WITH_SSH1djm2017-04-301-8/+1
| | | | ok markus@
* Add a function to enable security-related malloc_options. With and okdtucker2016-02-151-1/+2
| | | | deraadt@, something similar has been in the snaps for a while.
* Remove NULL-checks before sshkey_free().mmcc2015-12-111-5/+3
| | | | ok djm@
* fix some signed/unsigned integer type mismatches in formatdjm2015-10-151-2/+2
| | | | strings; reported by Nicholas Lemonias
* - Fix error message: passphrase needs to be at least 5 characters, not 4.tim2015-09-131-7/+6
| | | | | | | - Remove unused function argument. - Remove two unnecessary variables. OK djm@
* When adding keys to the agent, don't ignore the comment of keys for which thetim2015-09-131-9/+8
| | | | | | user is prompted for a passphrase. Tweak and OK djm@
* delete support for legacy v00 certificates; "sure" markus@ dtucker@djm2015-07-031-3/+2
|
* don't try to load .ssh/identity by default if SSH1 is disabled; ok markus@naddy2015-03-261-1/+3
|
* ignore v1 errors on ssh-add -D; only try v2 keys on -l/-L (unless WITH_SSH1)markus2015-03-251-7/+11
| | | | ok djm@
* make "ssh-add -d" properly remove a corresponding certificate, and alsohalex2015-02-211-4/+10
| | | | | | not whine and fail if there is none ok djm@
* slightly extend the passphrase prompt if running with -c in order tohalex2015-02-031-4/+5
| | | | | | give the user a chance to notice if unintentionally running without it wording tweak and ok djm@
* update to new API (key_fingerprint => sshkey_fingerprint)djm2015-01-281-2/+3
| | | | | check sshkey_fingerprint return values; ok markus
* Replace <sys/param.h> with <limits.h> and other less dirty headers wherederaadt2015-01-161-3/+3
| | | | | | | | | possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
* move authfd.c and its tentacles to the new buffer/key API;djm2015-01-141-108/+151
| | | | ok markus@
* Add FingerprintHash option to control algorithm used for keydjm2014-12-211-13/+41
| | | | | | | fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* Prefer setvbuf() to setlinebuf() for portability; ok deraadt@millert2014-11-261-2/+2
|
* fix ssh-add crash while loading more than one keybenno2014-07-091-3/+3
| | | | ok markus@
* make stdout line-buffered; saves partial output getting lost whendjm2014-07-031-1/+3
| | | | | | ssh-add fatal()s part-way through (e.g. when listing keys from an agent that supports key types that ssh-add doesn't); bz#2234, reported by Phil Pennock
* fix loading of private keysmarkus2014-06-271-5/+5
|
* New key API: refactor key-related functions to be more library-like,djm2014-06-241-7/+17
| | | | | | | | | existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
* convert memset of potentially-private data to explicit_bzero()djm2014-02-021-4/+4
|
* skip requesting smartcard PIN when removing keys from agent; bz#2187djm2013-12-191-6/+9
| | | | patch from jay AT slushpupie.com; ok dtucker
* Make ssh-add also add .ssh/id_ed25519; fixes lie in manual page.pascal2013-12-151-1/+2
| | | | ok markus@
* bye, bye xfree(); ok markus@djm2013-05-171-10/+10
|
* prevent double-free of comment; ok djm@markus2012-12-051-1/+2
|
* make deleting explicit keys "ssh-add -d" symmetric with adding keys -djm2012-12-021-7/+31
| | | | | try to delete the corresponding certificate too and respect the -k option to allow deleting of the key only; feedback and ok markus@
* add -k to usage(); reminded by jmc@djm2011-10-181-3/+4
|
* new "ssh-add -k" option to load plain keys (skipping certificates);djm2011-10-181-10/+17
| | | | "looks ok" markus@
* allow "ssh-add - < key"; feedback and ok markus@djm2011-05-041-8/+25
|
* reintroduce commit from tedu@, which I pulled out for release engineering:djm2010-08-311-2/+2
| | | | | OpenSSL_add_all_algorithms is the name of the function we have a man page for, so use that. ok djm
* Implement Elliptic Curve Cryptography modes for key exchange (ECDH) anddjm2010-08-311-1/+2
| | | | | | | | | | | | | | | | | host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
* backout previous temporarily; discussed with deraadt@djm2010-08-161-2/+2
|
* OpenSSL_add_all_algorithms is the name of the function we have a man pagetedu2010-08-121-2/+2
| | | | for, so use that. ok djm
* check that the certificate matches the corresponding private key beforedjm2010-05-141-21/+29
| | | | grafting it on
* revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with thedjm2010-04-161-2/+2
| | | | | | | | | | | | | | | | | | following changes: move the nonce field to the beginning of the certificate where it can better protect against chosen-prefix attacks on the signature hash Rename "constraints" field to "critical options" Add a new non-critical "extensions" field Add a serial number The older format is still support for authentication and cert generation (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate) ok markus@
* zap what seems to be a left-over debug message; ok markus@otto2010-03-011-3/+2
|
* Add support for certificate key types for users and hosts.djm2010-02-261-3/+31
| | | | | | | | | | | | | | | | | | | | | | | | OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
* replace our obsolete smartcard code with PKCS#11.markus2010-02-081-11/+9
| | | | | | | | | ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 provider (shared library) while ssh-agent(1) delegates PKCS#11 to a forked a ssh-pkcs11-helper process. PKCS#11 is currently a compile time option. feedback and ok djm@; inspired by patches from Alon Bar-Lev
* Do not fall back to adding keys without contraints (ssh-add -c / -t ...)djm2009-08-271-4/+1
| | | | | | | | when the agent refuses the constrained add request. This was a useful migration measure back in 2002 when constraints were new, but just adds risk now. bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
* sort synopsis and options in ssh-agent(1); usage is lowercasesobrado2007-09-091-2/+2
| | | | ok jmc@
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.