summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/auth.c
AgeCommit message (Expand)Author
2018-06-06permitlisten option for authorized_keys; ok markus@Damien Miller
2018-06-01make UID available as a %-expansion everywhere that the username isDamien Miller
2018-05-25Do not ban PTY allocation when a sshd session is restricted becauseDamien Miller
2018-03-12add valid-before="[time]" authorized_keys option. A simple way ofDamien Miller
2018-03-03switch over to the new authorized_keys options API and remove theDamien Miller
2018-01-08move subprocess() so scp/sftp do not need uidswap.o; ok djm@Markus Friedl
2017-09-12refactor channels.cDamien Miller
2017-08-18Move several subprocess-related functions from various locations toDamien Miller
2017-06-24refactor authentication loggingDamien Miller
2017-05-30switch from Key typedef with struct sshkey; ok djm@Markus Friedl
2017-05-17allow LogLevel in sshd_config Match blocks; ok dtucker bz#2717Damien Miller
2016-12-15Add missing braces in DenyUsers code. Patch from zev at bewilderbeest.net,Darren Tucker
2016-11-08unbreak DenyUsers; reported by henning@Damien Miller
2016-11-06Validate address ranges for AllowUser/DenyUsers at configuration loadDamien Miller
2016-08-13remove ssh1 server code; ok djm@Markus Friedl
2016-06-15Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message about forward andDarren Tucker
2016-03-07refactor canohost.c: move functions that cache results closer to theDamien Miller
2015-08-21fix inverted logic that broke PermitRootLogin;Damien Miller
2015-08-06add prohibit-password as a synonymn for without-password, since theTheo de Raadt
2015-05-01make handling of AuthorizedPrincipalsFile=none more consistentDamien Miller
2015-02-25don't leak validity of user in "too many authentication failures"Damien Miller
2015-01-20Reduce use of <sys/param.h> and transition to <limits.h> throughout.Theo de Raadt
2014-12-21Add FingerprintHash option to control algorithm used for keyDamien Miller
2014-12-04add RevokedHostKeys option for the clientDamien Miller
2014-07-15Add support for Unix domain socket forwarding. A remote TCP portTodd C. Miller
2014-07-03make the "Too many authentication failures" message include theDamien Miller
2014-04-29make compiling against OpenSSL optional (make OPENSSL=no);Markus Friedl
2013-05-19Standardise logging of supplemental information during userauth. KeysDamien Miller
2013-05-17bye, bye xfree(); ok markus@Damien Miller
2013-02-06Fix comment, from jfree.e1 at gmailDarren Tucker
2013-01-17add support for Key Revocation Lists (KRLs). These are a compact way toDamien Miller
2012-12-14use correct string in error message; from rustybsd at gmx.frDarren Tucker
2012-12-02Fixes logging of partial authentication when privsep is enabledDamien Miller
2012-10-30new sshd_config option AuthorizedKeysCommand to support fetchingDamien Miller
2012-05-13Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust testsDarren Tucker
2012-04-11Support "none" as an argument for AuthorizedPrincipalsFile to indicateDamien Miller
2011-05-23make secure_filename() spam debug logs lessDamien Miller
2011-05-23allow AuthorizedKeysFile to specify multiple files, separated by spaces.Damien Miller
2011-05-11remove support for authorized_keys2; it is a relic from the early daysDamien Miller
2010-11-29automatically order the hostkeys requested by the client based onDamien Miller
2010-11-23use strict_modes already passed as function argument over referencingDamien Miller
2010-08-04enable certificates for hostbased authentication, from Iain Morgan;Damien Miller
2010-06-22queue auth debug messages for bad ownership or permissions on the user'sDamien Miller
2010-05-07add some optional indirection to matching of principal names listedDamien Miller
2010-03-05make the warning for a revoked key louder and more noticableDamien Miller
2010-03-04Add a TrustedUserCAKeys option to sshd_config to specify CA keys thatDamien Miller
2010-02-09unbreak ChrootDirectory+internal-sftp by skipping check for executable shellDamien Miller
2010-01-13when using ChrootDirectory, make sure we test for the existence of theDamien Miller
2010-01-13Fix a couple of typos/mispellings in commentsDarren Tucker
2010-01-10Output a debug if we can't open an existing keyfile. bz#1694, ok djm@Darren Tucker
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-30 23:23:55 +0000