| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now |   markus | 2001-04-18 | 1 | -10/+6 |
| | | | | | (however the 2.1.0 server seems to work only if debug is enabled...) | ||||
| * | use FDQN with trailing dot in the hostbased auth packets, ok deraadt@ | markus | 2001-04-18 | 1 | -3/+6 |
| | | |||||
| * | add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@ | markus | 2001-04-17 | 1 | -1/+4 |
| | | |||||
| * | some unused variable and typos; from tomh@po.crl.go.jp | markus | 2001-04-15 | 1 | -3/+3 |
| | | |||||
| * | implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) | markus | 2001-04-12 | 1 | -3/+108 |
| | | | | | | similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :) | ||||
| * | fix whitespace: unexpand + trailing spaces. | markus | 2001-04-05 | 1 | -3/+3 |
| | | |||||
| * | more robust rekeying | markus | 2001-04-04 | 1 | -2/+2 |
| | | | | | don't send channel data after rekeying is started. | ||||
| * | enable server side rekeying + some rekey related clientup. | markus | 2001-04-04 | 1 | -7/+3 |
| | | | | | todo: we should not send any non-KEX messages after we send KEXINIT | ||||
| * | don't sent multiple kexinit-requests. | markus | 2001-04-04 | 1 | -3/+3 |
| | | | | | | send newkeys, block while waiting for newkeys. fix comments. | ||||
| * | enable client rekeying | markus | 2001-04-04 | 1 | -1/+5 |
| | | | | | | | (1) force rekeying with ~R, or (2) if the server requests rekeying. works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0 | ||||
| * | undo parts of recent my changes: main part of keyexchange does not | markus | 2001-04-03 | 1 | -1/+4 |
| | | | | | | | | need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying. | ||||
| * | move kex to kex*.c, used dispatch_set() callbacks for kex. should | markus | 2001-04-03 | 1 | -381/+28 |
| | | | | | make rekeying easier. | ||||
| * | need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@ |   stevesk | 2001-03-29 | 1 | -4/+5 |
| | | |||||
| * | use recommended defaults |   provos | 2001-03-29 | 1 | -2/+2 |
| | | |||||
| * | forgot to include min and max params in hash, okay markus@ | provos | 2001-03-28 | 1 | -2/+9 |
| | | |||||
| * | make dh group exchange more flexible, allow min and max group size, | provos | 2001-03-27 | 1 | -6/+29 |
| | | | | | okay markus@, deraadt@ | ||||
| * | simpler key load/save interface, see authfile.h | markus | 2001-03-26 | 1 | -14/+8 |
| | | |||||
| * | Compat for OpenSSH with broken Rijndael/AES. ok markus@ |   djm | 2001-03-23 | 1 | -1/+4 |
| | | |||||
| * | remove old key_fingerprint interface, s/_ex// | markus | 2001-03-12 | 1 | -4/+5 |
| | | |||||
| * | add PreferredAuthentications | markus | 2001-03-10 | 1 | -77/+55 |
| | | |||||
| * | ignore nonexisting private keys; report rjmooney@mediaone.net | markus | 2001-03-10 | 1 | -1/+6 |
| | | |||||
| * | implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key -> | markus | 2001-03-08 | 1 | -57/+215 |
| | | | | | | no need to do enter passphrase or do expensive sign operations if the server does not accept key). | ||||
| * | generate a 2*need size (~300 instead of 1024/2048) random private | markus | 2001-03-05 | 1 | -4/+4 |
| | | | | | | | | | | | | exponent during the DH key agreement. according to Niels (the great german advisor) this is safe since /etc/primes contains strong primes only. References: P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key agreement with short exponents, In Advances in Cryptology - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343. | ||||
| * | in ssh protocol v2 use ignore messages for padding (instead of trailing \0). | markus | 2001-02-28 | 1 | -3/+5 |
| | | |||||
| * | genericize password padding function for SSH1 and SSH2. | markus | 2001-02-15 | 1 | -3/+3 |
| | | | | | add stylized echo to 2, too. | ||||
| * | 1) clean up the MAC support for SSH-2 | markus | 2001-02-11 | 1 | -3/+7 |
| | | | | | | | | 2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@ | ||||
| * | remove some lines | markus | 2001-02-10 | 1 | -12/+5 |
| | | |||||
| * | partial success: debug->log; "Permission denied" if no more auth methods | markus | 2001-02-09 | 1 | -3/+3 |
| | | |||||
| * | do not free twice, thanks to /etc/malloc.conf | markus | 2001-02-09 | 1 | -2/+2 |
| | | |||||
| * | %.30s is too short for IPv6 numeric address. use %.128s for now. markus ok |   itojun | 2001-02-08 | 1 | -2/+2 |
| | | |||||
| * | do not ask for passphrase in batch mode; report from ejb@ql.org | markus | 2001-02-06 | 1 | -5/+8 |
| | | |||||
| * | unexpand and remove end-of-line whitespace; ok markus@ | stevesk | 2001-02-04 | 1 | -11/+11 |
| | | |||||
| * | unused | markus | 2001-01-31 | 1 | -2/+1 |
| | | |||||
| * | rename skey -> challenge response. | markus | 2001-01-22 | 1 | -1/+4 |
| | | | | | auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled. | ||||
| * | fix memory leaks in SSH2 key exchange; ok markus@ | stevesk | 2001-01-22 | 1 | -1/+7 |
| | | |||||
| * | split ssh.h and try to cleanup the #include mess. remove unnecessary #includes. | markus | 2001-01-21 | 1 | -5/+6 |
| | | | | | rename util.[ch] -> misc.[ch] | ||||
| * | dh_new_group() does not return NULL. ok markus@ | stevesk | 2001-01-20 | 1 | -3/+2 |
| | | |||||
| * | handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server that prints a banner (e.g. /etc/issue.net) | markus | 2001-01-04 | 1 | -2/+16 |
| | | |||||
| * | typo | markus | 2000-12-27 | 1 | -2/+2 |
| | | |||||
| * | fix prototypes; from stevesk@pobox.com | markus | 2000-12-20 | 1 | -3/+3 |
| | | |||||
| * | replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' | markus | 2000-12-19 | 1 | -21/+21 |
| | | | | | with u_char. | ||||
| * | compute diffie-hellman in parallel between server and client. okay markus@ | provos | 2000-12-15 | 1 | -1/+4 |
| | | |||||
| * | support f-secure/ssh.com 2.0.12; ok niels@ | markus | 2000-12-03 | 1 | -7/+14 |
| | | |||||
| * | complain about invalid ciphers for ssh1/ssh2, fall back to reasonable defaults | markus | 2000-11-23 | 1 | -9/+4 |
| | | |||||
| * | add support for RSA to SSH2. please test. | markus | 2000-11-12 | 1 | -34/+43 |
| | | | | | | | | | | | | | | | | there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication. | ||||
| * | don't reference freed memory. okay deraadt@ | provos | 2000-10-19 | 1 | -7/+8 |
| | | |||||
| * | OpenSSH_2.3; note that is is not complete, but the version number needs to be changed for interoperability reasons | markus | 2000-10-14 | 1 | -5/+5 |
| | | |||||
| * | enable DES in SSH-1 clients only | markus | 2000-10-12 | 1 | -1/+3 |
| | | |||||
| * | new cipher framework | markus | 2000-10-11 | 1 | -11/+9 |
| | | |||||
| * | add support for s/key (kbd-interactive) to ssh2, based on work by mkiernan@avantgo.com and me | markus | 2000-10-11 | 1 | -24/+138 |
| | | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |