| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
indentation on continuation lines. Prompted by GHPR#185
|
| |
|
|
|
| |
use that instead of global variables containing copies of it.
feedback/ok markus@
|
| |
|
|
| |
purpose-built ssh->compat variable instead; feedback/ok markus@
|
| |
|
|
|
|
| |
HostbasedAcceptedAlgorithms, which more accurately reflects its effect.
This matches a previous change to PubkeyAcceptedAlgorithms. The previous
names are retained as aliases. ok djm@
|
| |
|
|
|
|
|
|
| |
its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type.
This make HostbasedAcceptedAlgorithms do what it is supposed to -
filter on signature algorithm and not key type.
spotted with dtucker@ ok markus@
|
| |
|
|
|
|
|
|
| |
While the two were originally equivalent, this actually specifies the
signature algorithms that are accepted. Some key types (eg RSA) can be
used by multiple algorithms (eg ssh-rsa, rsa-sha2-512) so the old name is
becoming increasingly misleading. The old name is retained as an alias.
Prompted by bz#3253, help & ok djm@, man page help jmc@
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
reason and no PIN was initially requested from the user, then request
a PIN and retry the operation.
This smoothes over a few corner cases including FIDO devices that
require PINs for all hosted credentials, biometric FIDO devices that
fall back to requiring PIN when reading the biometric failed, devices
that don't implement reading credProtect status for downloaded keys
and probably a few more cases that I haven't though of yet.
ok dtucker@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
method based on Streamlined NTRU Prime (coupled with X25519).
The previous sntrup4591761x25519-sha512@tinyssh.org method is
replaced with sntrup761x25519-sha512@openssh.com. Per the authors,
sntrup4591761 was replaced almost two years ago by sntrup761.
The sntrup761 implementaion, like sntrup4591761 before it, is public
domain code extracted from the SUPERCOP cryptography benchmark
suite (https://bench.cr.yp.to/supercop.html).
Thanks for Daniel J Bernstein for guidance on algorithm selection.
Patch from Tobias Heider; feedback & ok markus@ and myself
(note this both the updated method and the one that it replaced are
disabled by default)
|
| |
|
|
|
|
|
|
|
|
|
| |
known_hosts data from a command in addition to the usual files.
The command accepts bunch of %-expansions, including details of the
connection and the offered server host key. Note that the command may
be invoked up to three times per connection (see the manpage for
details).
ok markus@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add load_hostkeys_file() and hostkeys_foreach_file() that accept a
FILE* argument instead of opening the file directly.
Original load_hostkeys() and hostkeys_foreach() are implemented using
these new interfaces.
Add a u_int note field to the hostkey_entry and hostkey_foreach_line
structs that is passed directly from the load_hostkeys() and
hostkeys_foreach() call. This is a lightweight way to annotate results
between different invocations of load_hostkeys().
ok markus@
|
| |
|
|
|
| |
server through asmprintf() prior to display;
suggested by and ok dtucker@
|
| |
|
|
|
| |
to determine which connection they are associated with in cases like
scp -3, ProxyJump, etc. bz#3224 ok dtucker
|
| |
|
|
| |
the touch has been recorded; requested by claudio@ ok markus@
|
| | |
|
| | |
|
| |
|
|
| |
appending ssh_err(r) manually; ok markus@
|
| | |
|
| |
|
|
|
|
|
| |
(commitid VtF8vozGOF8DMKVg). We now do this a simpler way that
needs less plumbing.
ok markus@
|
| |
|
|
| |
key subtype; ok markus@
|
| |
|
|
|
|
| |
key to a plain key. This occurs when the user connects to a host with
a certificate host key but no corresponding CA key configured in
known_hosts; feedback and ok markus@
|
| |
|
|
|
|
|
| |
default ordering if the user has a key that matches the best-preference
default algorithm.
feedback and ok markus@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FIDO2 supports a notion of "user verification" where the user is
required to demonstrate their identity to the token before particular
operations (e.g. signing). Typically this is done by authenticating
themselves using a PIN that has been set on the token.
This adds support for generating and using user verified keys where
the verification happens via PIN (other options might be added in the
future, but none are in common use now). Practically, this adds
another key generation option "verify-required" that yields a key that
requires a PIN before each authentication.
feedback markus@ and Pedro Martelletto; ok markus@
|
| |
|
|
| |
OK djm@
|
| | |
|
| |
|
|
|
| |
prefer certificate types if the known_hosts files contain a key
marked as a @cert-authority; bz#3157 ok markus@
|
| |
|
|
| |
loaded from a PKCS11Provider; bz3141, ok dtucker@
|
| |
|
|
|
|
| |
from the default set (i.e. HostkeyAlgorithms=+/-...), retain the
default behaviour of preferring those algorithms that have existing
keys in known_hosts; ok markus
|
| |
|
|
|
|
|
| |
This replaces "security key" in error/usage/verbose messages and
distinguishes between "authenticator" and "authenticator-hosted key".
ok djm@
|
| |
|
|
|
| |
building without zlib compression and associated options. With feedback
from markus@, ok djm@
|
| |
|
|
|
|
| |
This wrapper blocks all other signals during the handler preventing
races between handlers, and sets SA_RESTART which should reduce the
potential for short read/write operations.
|
| |
|
|
|
|
|
|
| |
remove ifdef and distinct settings for OPENSSL=no case.
This will make things much simpler for -portable where the exact set
of algos depends on the configuration of both OpenSSH and the libcrypto
it's linked against (if any). ok djm@
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
a signature operation. Notify the user when this is expected via
the TTY (if available) or $SSH_ASKPASS if we can.
ok markus@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
U2F signatures.
Don't use sshsk_ecdsa_sign() directly, instead make it reachable via
sshkey_sign() like all other signature operations. This means that
we need to add a provider argument to sshkey_sign(), so most of this
change is mechanically adding that.
Suggested by / ok markus@
|
| | |
|
| |
|
|
|
| |
now return SSH_ERR_KEY_BAD_PERMISSIONS in that case. Patch from
jitendra.sharma at intel.com, ok djm@
|
| | |
|
| |
|
|
|
|
| |
value < 0. errno is only updated in this case. Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future.
|
| |
|
|
| |
(STDIN_FILENO vs STDERR_FILENO)
|
| |
|
|
|
| |
into fd3, so as to not mistakenly leak other fd forward accidentally.
ok djm
|
| |
|
|
| |
key from the agent was being attempted for use.
|
| |
|
|
|
|
|
|
| |
authmethod. Move function-static GSSAPI state to the client Authctxt
structure. Make static a bunch of functions that aren't used outside
this file.
Based on patch from Markus Schmidt <markus@blueflash.cc>; ok markus@
|
| |
|
|
| |
from markus@ ok djm@
|
| |
|
|
| |
from markus@ ok djm@
|
| |
|
|
| |
from markus@ ok djm@
|
| | |
|
djm
dtucker
bket
naddy
deraadt
markus