summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/readconf.h
AgeCommit message (Collapse)Author
2001-02-111) clean up the MAC support for SSH-2Markus Friedl
2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@
2001-01-22rename skey -> challenge response.Markus Friedl
auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
2000-12-27new option: HostKeyAlias: allows the user to record the host keyMarkus Friedl
under a different name. This is useful for ssh tunneling over forwarded connections or if you run multiple sshd's on different ports on the same machine.
2000-11-12add support for RSA to SSH2. please test.Markus Friedl
there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication.
2000-10-11add support for s/key (kbd-interactive) to ssh2, based on work by ↵Markus Friedl
mkiernan@avantgo.com and me
2000-09-07cleanup copyright notices on all files. I have attempted to be accurate withTheo de Raadt
the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
2000-06-20OpenBSD tagMarkus Friedl
2000-05-31xauth_location support; pr 1234Markus Friedl
2000-05-08complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)Markus Friedl
2000-05-06add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8Markus Friedl
2000-04-26add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]Markus Friedl
for trading keys with the real and the original SSH, directly from the people who invented the SSH protocol.
2000-04-14whitespace cleanupMarkus Friedl
2000-04-12add Cipher and Protocol options to ssh/sshd, e.g.:Markus Friedl
ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers arcfour,3des-cbc'
1999-12-01ports are u_shortMarkus Friedl
1999-11-24KNF, final part 3Markus Friedl
1999-11-24much more KNFTheo de Raadt
1999-11-22tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGEMarkus Friedl
messages. allows use of s/key in windows (ttssh, securecrt) and ssh-1.2.27 clients without 'ssh -v', ok: niels@
1999-11-14print _all_ bad config-options in ssh(1), tooMarkus Friedl
1999-11-10add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,Markus Friedl
obsoletes QuietMode and FascistLogging in sshd.
1999-10-12-P/UsePrivilegedPort from 1.2.27, it turns of allocation of priv. portMarkus Friedl
and disabled rhosts/rhosts-rsa, ok deraadt@
1999-10-06implement client NumberOfPasswordPrompts optionDug Song
1999-10-03add code to detect DNS spoofing:Niels Provos
the main idea is to not only store the host key for the hostname but also for the according IP address. When we check the host key in the known_hosts file, we also check the key against the according IP address. When the server key changes, host_status = HOST_CHANGED. If check_host_in_hostfile() returns differing status for the IP address that means that either DNS was spoofed or that the IP address for the host and the host key changed at the same time.
1999-09-30cull more ancient garbage from pre-POSIX daysTheo de Raadt
1999-09-29update krb4/AFS support to ssh-1.2.27-afs-kerberos-pl1 level, clean up ↵Dug Song
unused variables, update manpages
1999-09-29GatewayPorts and ssh -g; markus.friedl@informatik.uni-erlangen.deTheo de Raadt
1999-09-26i bet a lot of people didn't know what ssh 1.2.16 had a nice license.Theo de Raadt
well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-21 02:51:15 +0000