Age | Commit message (Collapse) | Author | |
---|---|---|---|
2008-06-12 | make ssh-keygen -lf show the key type just as ssh-add -l would do it | Alexander von Gernler | |
ok djm@ markus@ | |||
2008-06-11 | ssh-keygen would write fingerprints to STDOUT, and random art to STDERR, | Alexander von Gernler | |
that is not how it was envisioned. Also correct manpage saying that -v is needed along with -l for it to work. spotted by naddy@ | |||
2008-06-11 | ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub | Alexander von Gernler | |
would not display you the random art as intended, spotted by canacar@ | |||
2008-06-11 | Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the | Alexander von Gernler | |
graphical hash visualization schemes known as "random art", and by Dan Kaminsky's musings on the subject during a BlackOp talk at the 23C3 in Berlin. Scientific publication (original paper): "Hash Visualization: a New Technique to improve Real-World Security", Perrig A. and Song D., 1999, International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99) http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf The algorithm used here is a worm crawling over a discrete plane, leaving a trace (augmenting the field) everywhere it goes. Movement is taken from dgst_raw 2bit-wise. Bumping into walls makes the respective movement vector be ignored for this turn, thus switching to the other color of the chessboard. Graphs are not unambiguous for now, because circles in graphs can be walked in either direction. discussions with several people, help, corrections and ok markus@ djm@ | |||
2008-05-19 | support -l (print fingerprint) in combination with -F (find host) to | Damien Miller | |
search for a host in ~/.ssh/known_hosts and display its fingerprint; ok markus@ | |||
2008-01-19 | unbreak line numbering (broken in revision 1.164), fix error message | Damien Miller | |
2008-01-19 | when hashing individual hosts (ssh-keygen -Hf hostname), make sure we | Damien Miller | |
hash just the specified hostname and not the entire hostspec from the keyfile. It may be of the form "hostname,ipaddr", which would lead to a hash that never matches. report and fix from jp AT devnull.cz | |||
2007-10-02 | handles zero-sized strings that fgets can return | Charles Longeau | |
properly removes trailing newline removes an unused variable correctly counts line number "looks ok" ray@ markus@ | |||
2007-09-11 | use strcspn to properly overwrite '\n' in fgets returned buffer | Gilles Chehade | |
ok pyr@, ray@, millert@, moritz@, chl@ | |||
2007-09-09 | sort synopsis and options in ssh-agent(1); usage is lowercase | Igor Sobrado | |
ok jmc@ | |||
2007-01-21 | spaces | Kevin Steves | |
2007-01-12 | more secsh -> rfc 4716 updates; | Jason McIntyre | |
spotted by wiz@netbsd ok markus | |||
2007-01-03 | spaces | Kevin Steves | |
2007-01-03 | remove small dead code; arnaud.lacombe.1@ulaval.ca via Coverity scan | Kevin Steves | |
2006-11-14 | use argc and argv not some made up short form | Theo de Raadt | |
2006-11-06 | add missing checks for openssl return codes; with & ok djm@ | Markus Friedl | |
2006-08-03 | almost entirely get rid of the culture of ".h files that include .h files" | Theo de Raadt | |
ok djm, sort of ok stevesk makes the pain stop in one easy step | |||
2006-08-01 | move #include <stdio.h> out of includes.h | Kevin Steves | |
2006-07-26 | move #include <stdlib.h> out of includes.h | Kevin Steves | |
2006-07-26 | move #include <sys/param.h> out of includes.h | Kevin Steves | |
2006-07-22 | move #include <string.h> out of includes.h | Kevin Steves | |
2006-07-17 | move #include <unistd.h> out of includes.h | Kevin Steves | |
2006-07-11 | move #include <errno.h> out of includes.h; ok markus@ | Kevin Steves | |
2006-07-09 | move #include <fcntl.h> out of includes.h | Kevin Steves | |
2006-07-06 | move #include "dns.h" up | Kevin Steves | |
2006-07-06 | move #include <pwd.h> out of includes.h; ok markus@ | Kevin Steves | |
2006-05-17 | fix leak; coverity via Kylene Jo Hall | Markus Friedl | |
2006-03-30 | Correctly handle truncated files while converting keys; ok djm@ | Darren Tucker | |
2006-03-25 | cast strtonum() result to right type | Theo de Raadt | |
2006-03-25 | Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that | Damien Miller | |
Theo nuked - our scripts to sync -portable need them in the files | |||
2006-03-20 | annoying spacing fixes getting in the way of real diffs | Theo de Raadt | |
2006-03-19 | RCSID() can die | Theo de Raadt | |
2006-03-15 | if no key file are given when printing the DNS host record, use the | Jakob Schlyter | |
host key file(s) as default. ok djm@ | |||
2006-03-13 | Make ssh-keygen handle CR and CRLF line termination when converting IETF | Darren Tucker | |
format keys, in adition to vanilla LF. mindrot #1157, tested by Chris Pepper, ok djm@ | |||
2006-02-20 | move #include <sys/stat.h> out of includes.h; ok markus@ | Kevin Steves | |
2005-11-29 | Populate default key sizes before checking them; from & ok tim@ | Darren Tucker | |
2005-11-28 | Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2, | Darren Tucker | |
increase minumum RSA key size to 768 bits and update man page to reflect these. Patch originally bz#1119 (senthilkumar_sen at hotpop.com), ok djm@, grudging ok deraadt@. | |||
2005-10-31 | generate a protocol 2 RSA key by default | Damien Miller | |
2005-10-30 | no need to escape single quotes in comments, no binary change | Damien Miller | |
2005-10-14 | no trailing "\n" for log functions; ok djm@ | Kevin Steves | |
2005-10-07 | change DSA default back to 1024, as it's defined for 1024 bits only | Markus Friedl | |
and this causes interop problems with other clients. moreover, in order to improve the security of DSA you need to change more components of DSA key generation (e.g. the internal SHA1 hash); ok deraadt | |||
2005-09-13 | ensure that stdio fds are attached; ok deraadt@ | Damien Miller | |
2005-07-17 | knf says that a 2nd level indent is four (not three or five) spaces | Damien Miller | |
2005-06-08 | increase default rsa/dsa key length from 1024 to 2048 bits; ok markus@ deraadt@ | Damien Miller | |
2005-05-26 | uint32_t -> u_int32_t for consistency; ok djm@ | Darren Tucker | |
2005-05-24 | some style nits from dmiller@, and use a fatal() instead of a printf()/exit | Anil Madhavapeddy | |
2005-05-23 | - removes signed/unsigned comparisons in moduli generation | Anil Madhavapeddy | |
- use strtonum instead of atoi where its easier - check some strlcpy overflow and fatal instead of truncate | |||
2005-04-05 | sync and sort usage(). ok jmc@ markus@ | Otto Moerbeek | |
2005-03-11 | typo, missing \n; mpech | Markus Friedl | |
2005-03-10 | spacing | Theo de Raadt | |