| Age | Commit message (Expand) | Author |
|---|
| 2013-05-17 | bye, bye xfree(); ok markus@ | Damien Miller |
| 2013-04-19 | fix some memory leaks; bz#2088 ok dtucker@ | Damien Miller |
| 2013-02-10 | append to moduli file when screening candidates rather than overwriting. | Damien Miller |
| 2013-01-18 | -u before -V in usage(); | Jason McIntyre |
| 2013-01-17 | add support for Key Revocation Lists (KRLs). These are a compact way to | Damien Miller |
| 2013-01-09 | correctly initialise fingerprint type for fingerprinting PKCS#11 keys | Damien Miller |
| 2013-01-03 | allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ... | Damien Miller |
| 2012-12-03 | Fix compilation with -Wall -Werror (trivial type fixes) | Damien Miller |
| 2012-11-14 | allow the full range of unsigned serial numbers; 'fine' deraadt@ | Damien Miller |
| 2012-10-02 | fix -z option, broken in revision 1.215 | Damien Miller |
| 2012-08-17 | print details of which host lines were deleted when using | Damien Miller |
| 2012-07-06 | missing full stop in usage(); | Jason McIntyre |
| 2012-07-06 | Add options to specify starting line number and number of lines to process | Darren Tucker |
| 2012-05-23 | add support for RFC6594 SSHFP DNS records for ECDSA key types. | Damien Miller |
| 2012-02-29 | allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@ | Damien Miller |
| 2011-10-16 | put -K in the right place (usage()); | Jason McIntyre |
| 2011-10-16 | Add optional checkpoints for moduli screening. feedback & ok deraadt | Darren Tucker |
| 2011-04-18 | certificate options are supposed to be packed in lexical order of option | Damien Miller |
| 2011-04-12 | fix -Wshadow | Damien Miller |
| 2011-03-24 | use strcasecmp() for "clear" cert permission option also; ok djm | Kevin Steves |
| 2011-03-23 | remove -d, documentation removed >10 years ago; ok markus | Kevin Steves |
| 2011-03-23 | Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa) | Kevin Steves |
| 2011-01-11 | some unsigned long long casts that make things a bit easier for | Damien Miller |
| 2010-10-28 | fix a possible NULL deref on loading a corrupt ECDH key | Damien Miller |
| 2010-09-02 | Switch ECDSA default key size to 256 bits, which according to RFC5656 | Christian Weisgerber |
| 2010-09-02 | permit -b 256, 384 or 521 as key size for ECDSA; ok djm@ | Markus Friedl |
| 2010-08-31 | reintroduce commit from tedu@, which I pulled out for release engineering: | Damien Miller |
| 2010-08-31 | Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and | Damien Miller |
| 2010-08-16 | backout previous temporarily; discussed with deraadt@ | Damien Miller |
| 2010-08-12 | OpenSSL_add_all_algorithms is the name of the function we have a man page | Ted Unangst |
| 2010-08-04 | Support CA keys in PKCS#11 tokens; feedback and ok markus@ | Damien Miller |
| 2010-08-04 | tighten the rules for certificate encoding by requiring that options | Damien Miller |
| 2010-07-16 | avoid bogus compiler warning | Damien Miller |
| 2010-06-30 | sort usage(); | Jason McIntyre |
| 2010-06-29 | allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys; | Damien Miller |
| 2010-06-23 | fix printing of extensions in v01 certificates that I broke in r1.190 | Damien Miller |
| 2010-06-22 | standardise error messages when attempting to open private key | Damien Miller |
| 2010-05-20 | Move the permit-* options to the non-critical "extensions" field for v01 | Damien Miller |
| 2010-04-23 | refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS, | Damien Miller |
| 2010-04-23 | bz#1740: display a more helpful error message when $HOME is | Damien Miller |
| 2010-04-16 | tweak previous; ok djm | Jason McIntyre |
| 2010-04-16 | revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the | Damien Miller |
| 2010-03-15 | also print certificate type (user or host) for ssh-keygen -L | Kevin Steves |
| 2010-03-07 | make internal strptime string match strftime format; | Damien Miller |
| 2010-03-04 | "force-command" is not spelled "forced-command"; spotted by | Damien Miller |
| 2010-03-04 | Add a -L flag to print the contents of a certificate; ok markus@ | Damien Miller |
| 2010-03-04 | Add a TrustedUserCAKeys option to sshd_config to specify CA keys that | Damien Miller |
| 2010-03-02 | POSIX strptime is stricter than OpenBSD's so do a little dance to | Damien Miller |
| 2010-02-26 | Add support for certificate key types for users and hosts. | Damien Miller |
| 2010-02-09 | fix -Wall | Damien Miller |
