| Age | Commit message (Collapse) | Author |
|---|
|
This splits the user authentication code from the sshd-session
binary into a separate sshd-auth binary. This will be executed by
sshd-session to complete the user authentication phase of the
protocol only.
Splitting this code into a separate binary ensures that the crucial
pre-authentication attack surface has an entirely disjoint address
space from the code used for the rest of the connection. It also
yields a small runtime memory saving as the authentication code will
be unloaded after thhe authentication phase completes.
Joint work with markus@ feedback deraadt@
Tested in snaps since last week
|
|
to a more shell-like one. Apparently the old tokeniser (accidentally?)
allowed "Match criteria=argument" as well as the "Match criteria argument"
syntax that we tested for.
People were using this syntax so this adds back support for
"Match criteria=argument"
bz3739 ok dtucker
|
|
|
|
This allows writing Match conditions that trigger for invalid username.
E.g.
PerSourcePenalties refuseconnection:90s
Match invalid-user
RefuseConnection yes
Will effectively penalise bots try to guess passwords for bogus accounts,
at the cost of implicitly revealing which accounts are invalid.
feedback markus@
|
|
PerSourcePenalties
This allows penalising connection sources that have had connections
dropped by the RefuseConnection option. ok markus@
|
|
If set, this will terminate the connection at the first authentication
request (this is the earliest we can evaluate sshd_config Match blocks)
ok markus@
|
|
ok markus@
|
|
from Antonio Larrosa via GHPR515
|
|
A single forgotton login that times out should be below the penalty
threshold.
ok deraadt/claudio
|
|
shared table and overflow policy for IPv4 and IPv6 addresses, now
it will use separate tables and optionally different overflow
policies.
This prevents misbehaviour from IPv6 addresses (which are vastly easier
to obtain many of) from affecting IPv4 connections and may allow for
stricter overflow policies.
ok deraadt@
|
|
|
|
ok markus
NB. if you run a sshd that accepts connections from behind large NAT
blocks, proxies or anything else that aggregates many possible users
behind few IP addresses, then this change may cause legitimate traffic
to be denied.
Please read the PerSourcePenalties, PerSourcePenaltyExemptList and
PerSourceNetBlockSize options in sshd_config(5) for how to tune your
sshd(8) for your specific circumstances.
|
|
behaviours, controlled by two new sshd_config(5) options:
PerSourcePenalties and PerSourcePenaltyExemptList.
When PerSourcePenalties are enabled, sshd(8) will monitor the exit
status of its child pre-auth session processes. Through the exit
status, it can observe situations where the session did not
authenticate as expected. These conditions include when the client
repeatedly attempted authentication unsucessfully (possibly indicating
an attack against one or more accounts, e.g. password guessing), or
when client behaviour caused sshd to crash (possibly indicating
attempts to exploit sshd).
When such a condition is observed, sshd will record a penalty of some
duration (e.g. 30 seconds) against the client's address. If this time
is above a minimum threshold specified by the PerSourcePenalties, then
connections from the client address will be refused (along with any
others in the same PerSourceNetBlockSize CIDR range).
Repeated offenses by the same client address will accrue greater
penalties, up to a configurable maximum. A PerSourcePenaltyExemptList
option allows certain address ranges to be exempt from all penalties.
We hope these options will make it significantly more difficult for
attackers to find accounts with weak/guessable passwords or exploit
bugs in sshd(8) itself.
PerSourcePenalties is off by default, but we expect to enable it
automatically in the near future.
much feedback markus@ and others, ok markus@
|
|
|
|
splits sshd into a listener and a session binary. More splits are
planned.
After this changes, the listener binary will validate the configuration,
load the hostkeys, listen on port 22 and manage MaxStartups only. All
session handling will be performed by a new sshd-session binary that the
listener fork+execs.
This reduces the listener process to the minimum necessary and sets us
up for future work on the sshd-session binary.
feedback/ok markus@ deraadt@
NB. if you're updating via source, please restart sshd after installing,
otherwise you run the risk of locking yourself out.
|
|
active configuration. This fixes the config parser from erroneously
rejecting cases like:
AuthenticationMethods password
Match User ivy
AuthenticationMethods any
bz3657 ok markus@
|
|
bz3667
|
|
in the server. ok markus@
|
|
char**, so harmless); spotted in CID 416964
|
|
|
|
subsystems. Saves a few kb of memory in the server and makes it more like
the other options.
|
|
behaviour of exotic configurations, but the most common subsystem
configuration (sftp-server) is unlikely to be affected.
|
|
to being a debug message to match behaviour with just about all other
directives.
|
|
|
|
no code change
|
|
Previously this directive would accept certificate algorithm names, but
these were unusable in practice as OpenSSH does not support CA chains.
part of bz3577; ok dtucker@
|
|
Fixes sign compare warnings systems with 32-bit time_t due to type
promotion. OK djm@
|
|
previously in configuration. Reported by John Meyers in bz3574
ok dtucker@
|
|
of the really old compatibility code, and with it went the need to
include compat.h in most of the files that have it.
|
|
spotted via Coverity CID 405022
|
|
client connections that have no open channels for some length
of time. This complements the recently-added ChannelTimeout
option that terminates inactive channels after a timeout.
ok markus@
|
|
This adds a sshd_config ChannelTimeouts directive that allows channels that
have not seen traffic in a configurable interval to be automatically closed.
Different timeouts may be applied to session, X11, agent and TCP forwarding
channels.
Note: this only affects channels over an opened SSH connection and not
the connection itself. Most clients close the connection when their channels
go away, with a notable exception being ssh(1) in multiplexing mode.
ok markus dtucker
|
|
clang 16's -Wunused-but-set-variable. ok djm@
|
|
during config parsing, rather than faling later at runtime. bz#3489,
ok djm@
|
|
will be ignored for user and host-based authentication.
Feedback deraadt@ ok markus@
|
|
sshd_config; previously if the same name was reused then the last
would win (which is the opposite to how the config is supposed to
work).
While there, make the ssh_config parsing more like sshd_config.
bz3438, ok dtucker
|
|
path - we're never going to use the result and if the operation fails
then it can prevent connections from being accepted. Reported by
Aaron Poffenberger; with / ok dtucker@
|
|
Historicallly, hpdelim accepted ":" or "/" as a port delimiter between
hosts (or addresses) and ports. These days most of the uses for "/"
are no longer accepted, so there are several places where it checks the
delimiter to disallow it. Make hpdelim accept only ":" and use hpdelim2
in the other cases. ok djm@
|
|
from the enum. Noticed by christos@zoulas.com. OK dtucker@
|
|
KbdInteractiveAuthentication. The former is what was in SSHv1, the
latter is what is in SSHv2 (RFC4256) and they were treated as somewhat
but not entirely equivalent. We retain the old name as deprecated alias
so config files continue to work and a reference in the man page for
people looking for it.
Prompted by bz#3303 which pointed out the discrepancy between the two
when used with Match. Man page help & ok jmc@, with & ok djm@
|
|
similar to the previous commit, this switches sshd_config parsing to
the newer tokeniser. Config parsing will be a little stricter wrt
quote correctness and directives appearing without arguments.
feedback and ok markus@
tested in snaps for the last five or so days - thanks Theo and those who
caught bugs
|
|
indentation on continuation lines. Prompted by GHPR#185
|
|
"moduli" file containing the groups for DH-GEX. This will allow us to
run tests against arbitrary moduli files without having to install them.
ok djm@
|
|
after their current names so that the config-dump mode finds and uses
the current names. Spotted by Phil Pennock.
|
|
|
|
HostbasedAcceptedAlgorithms, which more accurately reflects its effect.
This matches a previous change to PubkeyAcceptedAlgorithms. The previous
names are retained as aliases. ok djm@
|
|
While the two were originally equivalent, this actually specifies the
signature algorithms that are accepted. Some key types (eg RSA) can be
used by multiple algorithms (eg ssh-rsa, rsa-sha2-512) so the old name is
becoming increasingly misleading. The old name is retained as an alias.
Prompted by bz#3253, help & ok djm@, man page help jmc@
|
|
|
|
more fine grained MaxStartups limits. Man page help jmc@, feedback &
ok djm@
|
|
appending ssh_err(r) manually; ok markus@
|
