diff options
author | Alexander von Gernler <grunk@cvs.openbsd.org> | 2008-06-26 11:46:32 +0000 |
---|---|---|
committer | Alexander von Gernler <grunk@cvs.openbsd.org> | 2008-06-26 11:46:32 +0000 |
commit | 8fe473a53d6b9c0830712ec6bfff4f6aea72cb38 (patch) | |
tree | 7ceea5d16068f9f978042b4d7a1ff65c4d6e3b52 /usr.bin | |
parent | 642dd5f0606a6d70841c3fa112840f94b1d66a84 (diff) |
Move SSH Fingerprint Visualization away from sharing the config option
CheckHostIP to an own config option named VisualHostKey.
While there, fix the behaviour that ssh would draw a random art picture
on every newly seen host even when the option was not enabled.
prodded by deraadt@, discussions,
help and ok markus@ djm@ dtucker@
Diffstat (limited to 'usr.bin')
-rw-r--r-- | usr.bin/ssh/readconf.c | 29 | ||||
-rw-r--r-- | usr.bin/ssh/readconf.h | 7 | ||||
-rw-r--r-- | usr.bin/ssh/ssh.1 | 8 | ||||
-rw-r--r-- | usr.bin/ssh/ssh_config.5 | 18 | ||||
-rw-r--r-- | usr.bin/ssh/sshconnect.c | 18 |
5 files changed, 36 insertions, 44 deletions
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index af180a16c28..4a6ceacd8b6 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.166 2008/06/11 21:01:35 grunk Exp $ */ +/* $OpenBSD: readconf.c,v 1.167 2008/06/26 11:46:31 grunk Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -127,6 +127,7 @@ typedef enum { oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, + oVisualHostKey, oDeprecated, oUnsupported } OpCodes; @@ -223,6 +224,7 @@ static struct { { "tunneldevice", oTunnelDevice }, { "localcommand", oLocalCommand }, { "permitlocalcommand", oPermitLocalCommand }, + { "visualhostkey", oVisualHostKey }, { NULL, oBadOption } }; @@ -447,23 +449,7 @@ parse_flag: case oCheckHostIP: intptr = &options->check_host_ip; - arg = strdelim(&s); - if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing CheckHostIP argument.", - filename, linenum); - value = 0; /* To avoid compiler warning... */ - if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0) - value = SSHCTL_CHECKHOSTIP_YES; - else if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0) - value = SSHCTL_CHECKHOSTIP_NO; - else if (strcmp(arg, "fingerprint") == 0) - value = SSHCTL_CHECKHOSTIP_FPR; - else - fatal("%.200s line %d: Bad CheckHostIP argument.", - filename, linenum); - if (*activep && *intptr == -1) - *intptr = value; - break; + goto parse_flag; case oVerifyHostKeyDNS: intptr = &options->verify_host_key_dns; @@ -926,6 +912,10 @@ parse_int: intptr = &options->permit_local_command; goto parse_flag; + case oVisualHostKey: + intptr = &options->visual_host_key; + goto parse_flag; + case oDeprecated: debug("%s line %d: Deprecated option \"%s\"", filename, linenum, keyword); @@ -1076,6 +1066,7 @@ initialize_options(Options * options) options->tun_remote = -1; options->local_command = NULL; options->permit_local_command = -1; + options->visual_host_key = -1; } /* @@ -1210,6 +1201,8 @@ fill_default_options(Options * options) options->tun_remote = SSH_TUNID_ANY; if (options->permit_local_command == -1) options->permit_local_command = 0; + if (options->visual_host_key == -1) + options->visual_host_key = 0; /* options->local_command should not be set by default */ /* options->proxy_command should not be set by default */ /* options->user will be set in the main program if appropriate */ diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h index 5c16a0ba6c8..47c7aef4e04 100644 --- a/usr.bin/ssh/readconf.h +++ b/usr.bin/ssh/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.73 2008/06/11 21:01:35 grunk Exp $ */ +/* $OpenBSD: readconf.h,v 1.74 2008/06/26 11:46:31 grunk Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -120,13 +120,10 @@ typedef struct { char *local_command; int permit_local_command; + int visual_host_key; } Options; -#define SSHCTL_CHECKHOSTIP_NO 0 -#define SSHCTL_CHECKHOSTIP_YES 1 -#define SSHCTL_CHECKHOSTIP_FPR 2 - #define SSHCTL_MASTER_NO 0 #define SSHCTL_MASTER_YES 1 #define SSHCTL_MASTER_AUTO 2 diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index 4c217abc41b..6165e2f736a 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.274 2008/06/13 20:13:26 grunk Exp $ -.Dd $Mdocdate: June 13 2008 $ +.\" $OpenBSD: ssh.1,v 1.275 2008/06/26 11:46:31 grunk Exp $ +.Dd $Mdocdate: June 26 2008 $ .Dt SSH 1 .Os .Sh NAME @@ -1035,9 +1035,9 @@ there is also support to compare host keys visually, using .Em random art . By setting the -.Cm CheckHostIP +.Cm VisualHostKey option to -.Dq fingerprint , +.Dq yes , a small ASCII graphic gets displayed on every login to a server, no matter if the session itself is interactive or not. By learning the pattern a known server produces, a user can easily diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index 53b3b6f1fc2..85e7ba06d7d 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.110 2008/06/12 19:10:09 jmc Exp $ -.Dd $Mdocdate: June 12 2008 $ +.\" $OpenBSD: ssh_config.5,v 1.111 2008/06/26 11:46:31 grunk Exp $ +.Dd $Mdocdate: June 26 2008 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -161,10 +161,6 @@ will additionally check the host IP address in the file. This allows ssh to detect if a host key changed due to DNS spoofing. If the option is set to -.Dq fingerprint , -a fingerprint and an ASCII art representation of the key are printed, -in addition to the host IP address check. -If the option is set to .Dq no , the check will not be executed. The default is @@ -1064,6 +1060,16 @@ See also .Sx VERIFYING HOST KEYS in .Xr ssh 1 . +.It Cm VisualHostKey +If this flag is set to +.Dq yes , +an ASCII art representation of the remote host key fingerprint is +printed additionally to the hex fingerprint string. +If this flag is set to +.Dq no , +only the hex fingerprint string will be printed. +The default is +.Dq no . .It Cm XAuthLocation Specifies the full pathname of the .Xr xauth 1 diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index 63599c5d519..9a070f349f1 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.208 2008/06/12 23:24:58 ian Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.209 2008/06/26 11:46:31 grunk Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -584,7 +584,6 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, char msg[1024]; int len, host_line, ip_line; const char *host_file = NULL, *ip_file = NULL; - int display_randomart; /* * Force accepting of the host key for loopback/localhost. The @@ -629,12 +628,6 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, } /* - * check_host_ip may be set to zero in the next step, so if it - * conveys a request to display the random art, save it away. - */ - display_randomart = (options.check_host_ip == SSHCTL_CHECKHOSTIP_FPR); - - /* * Turn off check_host_ip if the connection is to localhost, via proxy * command or if we don't have a hostname to compare with */ @@ -718,7 +711,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, logit("Warning: Permanently added the %s host " "key for IP address '%.128s' to the list " "of known hosts.", type, ip); - } else if (display_randomart) { + } else if (options.visual_host_key) { fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); ra = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_RANDOMART); @@ -776,10 +769,13 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, snprintf(msg, sizeof(msg), "The authenticity of host '%.200s (%s)' can't be " "established%s\n" - "%s key fingerprint is %s.\n%s\n%s" + "%s key fingerprint is %s.%s%s\n%s" "Are you sure you want to continue connecting " "(yes/no)? ", - host, ip, msg1, type, fp, ra, msg2); + host, ip, msg1, type, fp, + options.visual_host_key ? "\n" : "", + options.visual_host_key ? ra : "", + msg2); xfree(ra); xfree(fp); if (!confirm(msg)) |