summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/sshconnect2.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add a ssh_config HostbasedKeyType option to control whichdjm2015-01-301-108/+198
| | | | | | | | | host public key types are tried during hostbased authentication. This may be used to prevent too many keys being sent to the server, and blowing past its MaxAuthTries limit. bz#2211 based on patch by Iain Morgan; ok markus@
* update to new API (key_fingerprint => sshkey_fingerprint)djm2015-01-281-3/+7
| | | | | check sshkey_fingerprint return values; ok markus
* kex_setup errors are fatal()markus2015-01-201-2/+4
|
* make this compile with KERBEROS5 enableddjm2015-01-201-8/+12
|
* adapt kex to sshbuf and struct ssh; ok djm@markus2015-01-191-6/+6
|
* move dispatch to struct ssh; ok djm@markus2015-01-191-23/+31
|
* update packet.c & isolate, introduce struct sshmarkus2015-01-191-5/+2
| | | | | | | | a) switch packet.c to buffer api and isolate per-connection info into struct ssh b) (de)serialization of the state is moved from monitor to packet.c c) the old packet.c API is implemented in opacket.[ch] d) compress.c/h is removed and integrated into packet.c with and ok djm@
* avoid trailing ',' in host key algorithmsdjm2015-01-181-2/+3
|
* fix regression reported by brad@ for passworded keys withoutdjm2015-01-151-3/+5
| | | | agent present
* move authfd.c and its tentacles to the new buffer/key API;djm2015-01-141-69/+102
| | | | ok markus@
* deprecate key_load_private_pem() and sshkey_load_private_pem()djm2015-01-081-1/+3
| | | | | | | | | | | | | | | interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
* Add FingerprintHash option to control algorithm used for keydjm2014-12-211-3/+3
| | | | | | | fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* show in debug output which hostkeys are being tried when attemptingdjm2014-12-111-1/+5
| | | | hostbased auth; patch from Iain Morgan
* Add support for Unix domain socket forwarding. A remote TCP portmillert2014-07-151-2/+2
| | | | | | | | may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* New key API: refactor key-related functions to be more library-like,djm2014-06-241-4/+4
| | | | | | | | | existing API is offered as a set of wrappers. with and ok markus@ Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew Dempsky and Ron Bowes for a detailed review a few months ago.
* fix inverted test that caused PKCS#11 keys that were explicitly listeddjm2014-06-051-2/+2
| | | | not to be preferred. Reported by Dirk-Willem van Gulik
* make compiling against OpenSSL optional (make OPENSSL=no);markus2014-04-291-1/+3
| | | | | reduces algorithms to curve25519, aes-ctr, chacha, ed25519; allows us to explore further options; with and ok djm
* OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connectionsdjm2014-04-181-1/+3
| | | | | | | | | | using the curve25519-sha256@libssh.org KEX exchange method to fail when connecting with something that implements the spec properly. Disable this KEX method when speaking to one of the affected versions. reported by Aris Adamantiadis; ok markus@
* disable weak proposals in sshd, but keep them in ssh; ok djm@markus2014-03-271-1/+2
|
* convert memset of potentially-private data to explicit_bzero()djm2014-02-021-9/+9
|
* replace most bzero with explicit_bzero, except a few that cna be memsettedu2014-01-311-2/+2
| | | | ok djm dtucker
* remove experimental, never-enabled JPAKE code; ok markus@djm2014-01-291-292/+1
|
* Introduce digest API and use it to perform all hashing operationsdjm2014-01-091-2/+2
| | | | | | rather than calling OpenSSL EVP_Digest* directly. Will make it easier to build a reduced-feature OpenSSH without OpenSSL in future; feedback, ok markus@
* refuse RSA keys from old proprietary clients/servers that use thedjm2013-12-301-9/+24
| | | | | | obsolete RSA+MD5 signature scheme. it will still be possible to connect with these clients/servers but only DSA keys will be accepted, and we'll deprecate them entirely in a future release. ok markus@
* use curve25519 for default key exchange (curve25519-sha256@libssh.org);markus2013-11-021-1/+2
| | | | initial patch from Aris Adamantiadis; ok djm@
* Fix memory leaks found by Zhenbo Xu and the Melton tool. bz#1967, ok djmdtucker2013-06-051-2/+6
|
* bye, bye xfree(); ok markus@djm2013-05-171-77/+68
|
* Add an optional second argument to RekeyLimit in the client to allowdtucker2013-05-161-3/+4
| | | | | rekeying based on elapsed time in addition to amount of traffic. with djm@ jmc@, ok djm
* fix bzero(ptr_to_struct, sizeof(ptr_to_struct)); bz#2100 fromdjm2013-05-101-2/+2
| | | | Colin Watson
* hush some {unused, printf type} warningsdjm2013-04-051-6/+5
|
* reset pubkey order on partial success; ok djm@markus2013-03-051-2/+6
|
* Keep track of which IndentityFile options were manually supplied and whichdtucker2013-02-171-2/+2
| | | | were default options, and don't warn if the latter are missing. ok markus@
* Warn more loudly if an IdentityFile provided by the user cannot be read.dtucker2013-02-151-7/+12
| | | | bz #1981, ok djm@
* Make IdentitiesOnly apply to keys obtained from a PKCS11Provider.djm2012-12-021-3/+26
| | | | | This allows control of which keys are offered from tokens using IdentityFile. ok markus@
* remove dead code following 'for (;;)' loops.dtucker2012-06-221-3/+1
| | | | From Steve.McClellan at radisys com, ok markus@
* Remove undocumented legacy options UserKnownHostsFile2 anddjm2011-05-241-5/+6
| | | | | | GlobalKnownHostsFile2 by making UserKnownHostsFile/GlobalKnownHostsFile accept multiple paths per line and making their defaults include known_hosts2; ok markus
* fix memory leak; bz#1849 ok dtucker@djm2011-05-061-1/+4
|
* automatically order the hostkeys requested by the client based ondjm2010-11-291-2/+60
| | | | | | which hostkeys are already recorded in known_hosts. This avoids hostkey warnings when connecting to servers with new ECDSA keys that are preferred by default; with markus@
* add a KexAlgorithms knob to the client and server configuration to allowdjm2010-09-221-1/+3
| | | | | | | selection of which key exchange methods are used by ssh(1) and sshd(8) and their order of preference. ok markus@
* Implement Elliptic Curve Cryptography modes for key exchange (ECDH) anddjm2010-08-311-1/+2
| | | | | | | | | | | | | | | | | host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
* bz#1502: authctxt.success is declared as an int, but passed bydjm2010-04-261-2/+2
| | | | | reference to function that accepts sig_atomic_t*. Convert it to the latter; ok markus@ dtucker@
* revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with thedjm2010-04-161-2/+5
| | | | | | | | | | | | | | | | | | following changes: move the nonce field to the beginning of the certificate where it can better protect against chosen-prefix attacks on the signature hash Rename "constraints" field to "critical options" Add a new non-critical "extensions" field Add a serial number The older format is still support for authentication and cert generation (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate) ok markus@
* show the key type that we are offering in debug(), helps distinguishdjm2010-04-101-2/+3
| | | | | between certs and plain keys as the path to the private key is usually the same.
* Add support for certificate key types for users and hosts.djm2010-02-261-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
* Make HostBased authentication work with a ProxyCommand. bz #1569, patchdtucker2010-01-131-13/+4
| | | | from imorgan at nas nasa gov, ok djm@
* Do not prompt for a passphrase if we fail to open a keyfile, and log thedtucker2010-01-111-2/+2
| | | | | reason the open failed to debug. bz #1693, found by tj AT castaglia org, ok djm@
* Don't escape backslashes in the SSH2 banner. bz#1533, patch fromdtucker2010-01-041-2/+2
| | | | Michal Gorny via Gentoo.
* zap unused variable and strlen; from Steve McClellan, ok djmdtucker2009-12-061-3/+2
|
* Use the HostKeyAlias when prompting for passwords. bz#1039, ok djm@dtucker2009-11-201-5/+9
|
* Set close-on-exec on various descriptors so they don't get leaked todtucker2009-11-101-1/+4
| | | | child processes. bz #1643, patch from jchadima at redhat, ok deraadt.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.