summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/ssh-keygen.c
AgeCommit message (Expand)Author
2015-08-19fixed unlink([uninitialised memory]) reported by Mateusz Kocielski;Damien Miller
2015-07-03refuse to generate or accept RSA keys smaller than 1024 bits;Damien Miller
2015-07-03delete support for legacy v00 certificates; "sure" markus@ dtucker@Damien Miller
2015-05-28wrap all moduli-related code in #ifdef WITH_OPENSSL.Damien Miller
2015-05-28make ssh-keygen default to ed25519 keys when compiled withoutDamien Miller
2015-05-21Support "ssh-keygen -lF hostname" to find search known_hosts andDamien Miller
2015-04-27fix compilation with OPENSSL=no; ok dtucker@Damien Miller
2015-04-24rename xrealloc() to xreallocarray() since it follows that form.Theo de Raadt
2015-04-17use error/logit/fatal instead of fprintf(stderr, ...) and exit(0),Damien Miller
2015-03-31Comments are only supported for RSA1 keys. If a user tried to add one andTobias Stoeckmann
2015-03-23for ssh-keygen -A, don't try (and fail) to generateDamien Miller
2015-02-26don't printf NULL key comments; reported by Tom ChristensenDamien Miller
2015-02-24add -v (show ASCII art) to -l's synopsis; ok djm@Christian Weisgerber
2015-02-23further silence spurious error message even when -v is specifiedDamien Miller
2015-02-23silence a spurious error message when listing fingerprints forDamien Miller
2015-02-16Refactor hostkeys_foreach() and dependent codeDamien Miller
2015-01-30permit KRLs that revoke certificates by serial number or key IDDamien Miller
2015-01-30missing parentheses after if in do_convert_from() brokeDamien Miller
2015-01-28update to new API (key_fingerprint => sshkey_fingerprint)Damien Miller
2015-01-19djm, your /usr/include tree is oldTheo de Raadt
2015-01-18some feedback from markus@: comment hostkeys_foreach()Damien Miller
2015-01-18make ssh-keygen use hostkeys_foreach(). Removes someDamien Miller
2015-01-18infer key length correctly when user specified a fully-Damien Miller
2015-01-16regression: incorrect error message on otherwise-successfulDamien Miller
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
2015-01-15sync ssh-keysign, ssh-keygen and some dependencies to the newDamien Miller
2014-12-21Add FingerprintHash option to control algorithm used for keyDamien Miller
2014-08-21Free resources on error in mkstemp and fdopendoug
2014-07-03When hashing or removing hosts using ssh-keygen, don't choke onDamien Miller
2014-07-03standardise on NI_MAXHOST for gethostname() string lengths; aboutDamien Miller
2014-06-24New key API: refactor key-related functions to be more library-like,Damien Miller
2014-04-29make compiling against OpenSSL optional (make OPENSSL=no);Markus Friedl
2014-04-28buffer_get_string_ptr's return should be const to remindDamien Miller
2014-04-20Add support for SSHFP DNS records for ED25519 key types.logan
2014-03-15Improve usage() and documentation towards the standard form. In particular,Theo de Raadt
2014-03-12don't count on things that accept arguments by reference to clearDamien Miller
2014-02-05tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@Christian Weisgerber
2014-02-02convert memset of potentially-private data to explicit_bzero()Damien Miller
2014-01-31replace most bzero with explicit_bzero, except a few that cna be memsetTed Unangst
2013-12-06support ed25519 keys (hostkeys and user identities) using the public domainMarkus Friedl
2013-12-06new private key format, bcrypt as KDF by default; details in PROTOCOL.key;Markus Friedl
2013-12-06remove duplicated character ('g') in getopt() string;Damien Miller
2013-10-23Make code match documentation: relative-specified certificate expiry timeDamien Miller
2013-09-02All the instances of arc4random_stir() are bogus, since arc4random()Theo de Raadt
2013-08-28improve batch processing a bit by making use of the quite flag a bitMike Belopuhov
2013-08-13another of the same typoDamien Miller
2013-08-13typo in error message; from Stephan RickauerDamien Miller
2013-07-20More useful error message on missing current user in /etc/passwdDamien Miller
2013-07-12do_print_resource_record() can never be called with a NULL filename, soDamien Miller
2013-07-12fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@Damien Miller