src - OpenBSD base system

Age	Commit message (Collapse)	Author
2002-11-07	we cannot use HostbasedAuthentication for enabling ssh-keysign(8),	Markus Friedl
	because HostbasedAuthentication might be enabled based on the target host and ssh-keysign(8) does not know the remote hostname and not trust ssh(1) about the hostname, so we add a new option EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de
2002-06-19	KNF done automatically while reading....	Theo de Raadt

2002-06-10	change RhostsRSAAuthentication and RhostsAuthentication default to no	Kevin Steves
	since ssh is no longer setuid root by default; ok markus@
2002-06-08	silently ignore deprecated options, since FallBackToRsh might be passed	Markus Friedl
	by remote scp commands.
2002-06-08	just warn about Deprecated options for now	Markus Friedl

2002-06-08	deprecate FallBackToRsh and UseRsh; patch from djm@	Markus Friedl

2002-02-04	add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,	Markus Friedl
	fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@
2002-01-04	remove #ifdef _PATH_XAUTH/#endif; ok markus@	Kevin Steves

2001-12-19	basic KNF done while i was looking for something else	Theo de Raadt

2001-11-17	enum/int type cleanup where it made sense to do so; ok markus@	Kevin Steves

2001-10-01	add NoHostAuthenticationForLocalhost; note that the hostkey is	Markus Friedl
	now check for localhost, too.
2001-09-19	add ClearAllForwardings ssh option and set it in scp and sftp; ok markus@	Kevin Steves

2001-09-03	fatal() for nonexistent -Fssh_config. ok markus@	Kevin Steves

2001-08-30	validate ports for LocalForward/RemoteForward.	Kevin Steves
	add host/port alternative syntax for IPv6 (like -L/-R). ok markus@
2001-08-28	don't set DynamicForward unless Host matches	Markus Friedl

2001-08-01	use strings instead of ints for smartcard reader ids	Markus Friedl

2001-07-31	add 'SmartcardDevice' client option to specify which smartcard device is used	Jakob Schlyter
	to access a smartcard used for storing the user's private RSA key. ok markus@.
2001-07-25	cleanup connect(); connection_attempts 4 -> 1; from eivind@freebsd.org	Markus Friedl

2001-07-22	enable challenge-response auth by default; ok millert@	Markus Friedl

2001-06-26	Kerberos v5 support for SSH1, mostly from Assar Westerlund ↵	Dug Song
	<assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
2001-06-23	get rid of known_hosts2, use it for hostkey lookup, but do not modify.	Markus Friedl

2001-06-08	move the path for xauth to pathnames.h	Markus Friedl

2001-05-24	don't perform escape processing when ``EscapeChar none''; ok markus@	Kevin Steves

2001-05-18	improved kbd-interactive support. work by per@appgate.com and me	Markus Friedl

2001-04-30	implement 'ssh -b bind_address' like 'telnet -b'	Markus Friedl

2001-04-17	add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@	Markus Friedl

2001-04-15	use fatal() or error() vs. fprintf(); ok markus@	Kevin Steves

2001-04-12	robust port validation; ok markus@ jakob@	Kevin Steves

2001-04-12	typo	Markus Friedl

2001-04-12	implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)	Markus Friedl
	similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-07	allow the ssh client act as a SOCKS4 proxy (dynamic local portforwarding).	Markus Friedl
	work by Dan Kaminsky <dankamin@cisco.com> and me. thanks to Dan for this great patch: use 'ssh -D 1080 host' and make netscape use localhost:1080 as a socks proxy.
2001-04-02	correct comment; ok markus@	Kevin Steves

2001-03-20	default to SSH protocol version 2	Markus Friedl

2001-03-19	undo /etc/shell and proto 2,1 change for openssh-2.5.2	Markus Friedl

2001-03-10	add PreferredAuthentications	Markus Friedl

2001-03-10	default to SSH2, now that m68k runs fast	Theo de Raadt

2001-03-08	turn off useprivilegedports by default. only rhost-auth needs	Markus Friedl
	this. older sshd's may need this, too.
2001-03-04	log functions should not be passed strings that end in newline as they	Todd C. Miller
	get passed on to syslog() and when logging to stderr, do_log() appends its own newline.
2001-02-24	look for id_rsa by default, before id_dsa	Theo de Raadt

2001-02-11	1) clean up the MAC support for SSH-2	Markus Friedl
	2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@
2001-02-08	snprintf	Theo de Raadt

2001-01-28	``StrictHostKeyChecking ask'' documentation and small cleanup.	Kevin Steves
	ok markus@
2001-01-22	rename skey -> challenge response.	Markus Friedl
	auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
2001-01-21	split ssh.h and try to cleanup the #include mess. remove unnecessary #includes.	Markus Friedl
	rename util.[ch] -> misc.[ch]
2001-01-20	KNF; ok markus	Damien Miller

2001-01-20	fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com	Theo de Raadt

2001-01-19	move ssh1 definitions to ssh1.h, pathnames to pathnames.h	Markus Friedl

2001-01-18	log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many systems	Markus Friedl

2001-01-07	rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE	Markus Friedl
	syslog priority changes: fatal() LOG_ERR -> LOG_CRIT log() LOG_INFO -> LOG_NOTICE
2000-12-27	new option: HostKeyAlias: allows the user to record the host key	Markus Friedl
	under a different name. This is useful for ssh tunneling over forwarded connections or if you run multiple sshd's on different ports on the same machine.