summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/sshconnect.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* correct function name in error messagesdjm2015-09-041-3/+3
|
* remove extra newline in nethack-mode hostkey;djm2015-09-041-2/+2
| | | | from Christian Hesse bz#2686
* Do not cast result of malloc/calloc/realloc* if stdlib.h is in scopederaadt2015-08-201-2/+2
| | | | ok krw millert
* Increase the allowed length of the known host file name in the logdtucker2015-05-281-2/+2
| | | | message to be consistent with other cases. Part of bz#1993, ok deraadt.
* Output remote username in debug output since with Host and Match it's notdtucker2015-04-141-1/+2
| | | | always obvious what it will be. bz#2368, ok djm@
* fix double-negative error message "ssh1 is not unsupported"djm2015-03-241-2/+2
|
* update to new API (key_fingerprint => sshkey_fingerprint)djm2015-01-281-9/+17
| | | | | check sshkey_fingerprint return values; ok markus
* correctly match ECDSA subtype (== curve) for offered/recevieddjm2015-01-261-2/+3
| | | | | | | | host keys. Fixes connection-killing host key mismatches when a server offers multiple ECDSA keys with different curve type (an extremely unlikely configuration). ok markus, "looks mechanical" deraadt@
* Host key rotation support.djm2015-01-261-1/+10
| | | | | | | | | | | | | Add a hostkeys@openssh.com protocol extension (global request) for a server to inform a client of all its available host key after authentication has completed. The client may record the keys in known_hosts, allowing it to upgrade to better host key algorithms and a server to gracefully rotate its keys. The client side of this is controlled by a UpdateHostkeys config option (default on). ok markus@
* Reduce use of <sys/param.h> and transition to <limits.h> throughout.deraadt2015-01-201-2/+2
| | | | ok djm markus
* store compat flags in struct ssh; ok djm@markus2015-01-191-2/+2
|
* Add FingerprintHash option to control algorithm used for keydjm2014-12-211-11/+16
| | | | | | | fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* explicitly include sys/param.h in files that use the howmany() macro;djm2014-12-111-1/+2
| | | | from portable
* add RevokedHostKeys option for the clientdjm2014-12-041-17/+47
| | | | Allow textfile or KRL-based revocation of hostkeys.
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-2/+2
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* when rekeying, skip file/DNS lookup if it is the same as the key sentdjm2014-07-031-4/+19
| | | | during initial key exchange. bz#2154 patch from Iain Morgan; ok markus@
* New key API: refactor key-related functions to be more library-like,djm2014-06-241-2/+2
| | | | | | | | | existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
* make compiling against OpenSSL optional (make OPENSSL=no);markus2014-04-291-1/+5
| | | | | reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
* When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert anydjm2014-04-011-17/+27
| | | | | | | | | certificate keys to plain keys and attempt SSHFP resolution. Prevents a server from skipping SSHFP lookup and forcing a new-hostkey dialog by offering only certificate keys. Reported by mcv21 AT cam.ac.uk
* in ssh_create_socket(), only do the getaddrinfo for BindAddress whendjm2014-02-061-15/+18
| | | | | BindAddress is actually specified. Fixes regression in 6.5 for UsePrivilegedPort=yes; patch from Corinna Vinschen
* convert memset of potentially-private data to explicit_bzero()djm2014-02-021-2/+2
|
* ban clients/servers that suffer from SSH_BUG_DERIVEKEY, they are ancient,djm2014-01-091-1/+4
| | | | deranged and might make some attacks on KEX easier; ok markus@
* refuse RSA keys from old proprietary clients/servers that use thedjm2013-12-301-1/+4
| | | | | | obsolete RSA+MD5 signature scheme. it will still be possible to connect with these clients/servers but only DSA keys will be accepted, and we'll deprecate them entirely in a future release. ok markus@
* when showing other hostkeys, don't forget Ed25519 keysdjm2013-12-291-2/+9
|
* Implement client-side hostname canonicalisation to allow an explicitdjm2013-10-161-45/+29
| | | | | | | | | | search path of domain suffixes to use to convert unqualified host names to fully-qualified ones for host key matching. This is particularly useful for host certificates, which would otherwise need to list unqualified names alongside fully-qualified ones (and this causes a number of problems). "looks fine" markus@
* bz#1211: make BindAddress work with UsePrivilegedPort=yes; patch fromdjm2013-09-191-25/+26
| | | | swp AT swp.pp.ru; ok dtucker@
* Add a ssh_config ProxyUseFDPass option that supports the use ofdjm2013-08-201-18/+106
| | | | | | | | ProxyCommands that establish a connection and then pass a connected file descriptor back to ssh(1). This allows the ProxyCommand to exit rather than have to shuffle data back and forth and enables ssh to use getpeername, etc. to obtain address information just like it does with regular directly-connected sockets. ok markus@
* bye, bye xfree(); ok markus@djm2013-05-171-21/+20
|
* support ProxyCommand=- (stdin/out already point to the proxy); ok djm@markus2013-02-221-1/+8
|
* remove unused variablemarkus2012-09-141-3/+1
|
* Send client banner immediately, rather than waiting for the server todjm2012-08-171-13/+34
| | | | | move first for SSH protocol 2 connections (the default). Patch based on one in bz#1999 by tls AT panix.com, feedback dtucker@ ok markus@
* Remove undocumented legacy options UserKnownHostsFile2 anddjm2011-05-241-36/+36
| | | | | | GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile accept multiple paths per line and making their defaults include known_hosts2; ok markus
* remove extra newlinedjm2011-05-231-2/+1
|
* reset the SIGPIPE handler when forking to execute child processes;djm2011-01-161-1/+3
| | | | ok dtucker@
* reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;djm2011-01-061-1/+4
| | | | ok markus@
* don't mention key type in key-changed-warning, since we also printmarkus2010-12-141-4/+3
| | | | this warning if a new key type appears. ok djm@
* automatically order the hostkeys requested by the client based ondjm2010-11-291-134/+137
| | | | | | which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys that are preferred by default; with markus@
* swapped args to kill(2)djm2010-10-061-2/+2
|
* kill proxy command on fatal() (we already kill it on clean exit);djm2010-10-061-2/+14
| | | | ok markus@
* use default shell /bin/sh if $SHELL is ""; ok markus@djm2010-10-051-3/+3
|
* Implement Elliptic Curve Cryptography modes for key exchange (ECDH) anddjm2010-08-311-2/+2
| | | | | | | | | | | | | | | | | host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
* oops, %r => remote username, not %udjm2010-04-161-2/+2
|
* revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with thedjm2010-04-161-4/+4
| | | | | | | | | | | | | | | | | | following changes: move the nonce field to the beginning of the certificate where it can better protect against chosen-prefix attacks on the signature hash Rename "constraints" field to "critical options" Add a new non-critical "extensions" field Add a serial number The older format is still support for authentication and cert generation (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate) ok markus@
* expand %r => remote username in ssh_config:ProxyCommand;djm2010-04-141-3/+3
| | | | ok deraadt markus
* fix terminology: we didn't find a certificate in known_hosts, we founddjm2010-04-101-2/+2
| | | | a CA key
* Add a TrustedUserCAKeys option to sshd_config to specify CA keys thatdjm2010-03-041-2/+22
| | | | | | | | | | | are trusted to authenticate users (in addition than doing it per-user in authorized_keys). Add a RevokedKeys option to sshd_config and a @revoked marker to known_hosts to allow keys to me revoked and banned for user or host authentication. feedback and ok markus@
* Add support for certificate key types for users and hosts.djm2010-02-261-13/+65
| | | | | | | | | | | | | | | | | | | | | | | | OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
* Fix a couple of typos/mispellings in commentsdtucker2010-01-131-2/+2
|
* Remove RoutingDomain from ssh since it's now not needed. It can be replaceddtucker2010-01-091-3/+2
| | | | | | | | | | | | | with "route exec" or "nc -V" as a proxycommand. "route exec" also ensures that trafic such as DNS lookups stays withing the specified routingdomain. For example (from reyk): # route -T 2 exec /usr/sbin/sshd or inherited from the parent process $ route -T 2 exec sh $ ssh 10.1.2.3 ok deraadt@ markus@ stevesk@ reyk@
* Set close-on-exec on various descriptors so they don't get leaked todtucker2009-11-101-2/+6
| | | | child processes. bz #1643, patch from jchadima at redhat, ok deraadt.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.