| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-07-20 | Move .Pp before .Bl, not after to quiet mandoc -Tlint. | Todd C. Miller | |
| Noticed by jmc@ | |||
| 2015-07-20 | Better desciption of Unix domain socket forwarding. | Todd C. Miller | |
| bz#2423; ok jmc@ | |||
| 2015-07-10 | Turn off DSA by default; add HostKeyAlgorithms to the server and | Markus Friedl | |
| PubkeyAcceptedKeyTypes to the client side, so it still can be tested or turned back on; feedback and ok djm@ | |||
| 2015-05-22 | mention ssh-keygen -E for comparing legacy MD5 fingerprints; bz#2332 | Damien Miller | |
| 2015-05-06 | Clarify pseudo-terminal request behaviour and use "pseudo-terminal" | Darren Tucker | |
| consistently. bz#1716, ok jmc@ "I like it" deraadt@. | |||
| 2015-03-03 | Allow "ssh -Q protocol-version" to list supported SSH protocol | Damien Miller | |
| versions. Useful for detecting builds without SSH v.1 support; idea and ok markus@ | |||
| 2015-01-30 | Add a ssh_config HostbasedKeyType option to control which | Damien Miller | |
| host public key types are tried during hostbased authentication. This may be used to prevent too many keys being sent to the server, and blowing past its MaxAuthTries limit. bz#2211 based on patch by Iain Morgan; ok markus@ | |||
| 2015-01-26 | correct description of UpdateHostKeys in ssh_config.5 and | Damien Miller | |
| add it to -o lists for ssh, scp and sftp; pointed out by jmc@ | |||
| 2014-12-22 | add fingerprinthash to the options list; | Jason McIntyre | |
| 2014-12-21 | Add FingerprintHash option to control algorithm used for key | Damien Miller | |
| fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@ | |||
| 2014-10-09 | tweak previous; | Jason McIntyre | |
| 2014-10-08 | Tweak config reparsing with host canonicalisation | Damien Miller | |
| Make the second pass through the config files always run when hostname canonicalisation is enabled. Add a "Match canonical" criteria that allows ssh_config Match blocks to trigger only in the second config pass. Add a -G option to ssh that causes it to parse its configuration and dump the result to stdout, similar to "sshd -T" Allow ssh_config Port options set in the second config parse phase to be applied (they were being ignored). bz#2267 bz#2286; ok markus | |||
| 2014-08-30 | improve capitalization for the Ed25519 public-key signature system. | Igor Sobrado | |
| ok djm@ | |||
| 2014-07-24 | Mention UNIX-domain socket forwarding too. OK jmc@ deraadt@ | Todd C. Miller | |
| 2014-07-16 | add the streamlocal* options to ssh's -o list; millert says they're | Jason McIntyre | |
| irrelevant for scp/sftp; ok markus millert | |||
| 2014-07-03 | document that -g will only work in the multiplexed case if applied to | Damien Miller | |
| the mux master | |||
| 2014-04-19 | delete .xr to hosts.equiv. there's still an unfortunate amount of | Ted Unangst | |
| documentation referring to rhosts equivalency in here. | |||
| 2014-03-17 | old descriptions of des and blowfish are old. maybe ok deraadt | Ted Unangst | |
| 2013-12-07 | add missing mentions of ed25519; ok djm@ | Christian Weisgerber | |
| 2013-11-26 | - put -Q in the right place | Jason McIntyre | |
| - Ar was a poor choice for the arguments to -Q. i've chosen an admittedly equally poor Cm, at least consistent with the rest of the docs. also no need for multiple instances - zap a now redundant Nm - usage() sync | |||
| 2013-11-25 | improve -Q usage and such. One usage change is that the option is now | Theo de Raadt | |
| case-sensitive ok dtucker markus djm | |||
| 2013-11-21 | Add a new protocol 2 transport cipher "chacha20-poly1305@openssh.com" | Damien Miller | |
| that combines Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Inspired by and similar to Adam Langley's proposal for TLS: http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 but differs in layout used for the MAC calculation and the use of a second ChaCha20 instance to separately encrypt packet lengths. Details are in the PROTOCOL.chacha20poly1305 file. Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC ok markus@ naddy@ | |||
| 2013-10-16 | s/canonicalise/canonicalize/ for consistency with existing spelling, | Damien Miller | |
| e.g. authorized_keys; pointed out by naddy@ | |||
| 2013-10-16 | Implement client-side hostname canonicalisation to allow an explicit | Damien Miller | |
| search path of domain suffixes to use to convert unqualified host names to fully-qualified ones for host key matching. This is particularly useful for host certificates, which would otherwise need to list unqualified names alongside fully-qualified ones (and this causes a number of problems). "looks fine" markus@ | |||
| 2013-10-15 | tweak previous; | Jason McIntyre | |
| 2013-08-20 | some proxyusefdpass tweaks; | Jason McIntyre | |
| 2013-08-14 | some Bx/Ox conversion; | Jason McIntyre | |
| From: Jan Stary | |||
| 2013-07-18 | be more exact wrt perms for ~/.ssh/config; bz#2078 | Damien Miller | |
| 2013-06-27 | do not use Sx for sections outwith the man page - ingo informs me that | Jason McIntyre | |
| stuff like html will render with broken links; issue reported by Eric S. Raymond, via djm | |||
| 2013-04-19 | add the ability to query supported ciphers, MACs, key type and KEX | Damien Miller | |
| algorithms to ssh. Includes some refactoring of KEX and key type handling to be table-driven; ok markus@ | |||
| 2013-04-07 | Add -E option to ssh and sshd to append debugging logs to a specified file | Darren Tucker | |
| instead of stderr or syslog. ok markus@, man page help jmc@ | |||
| 2012-10-04 | add umac128 variant; ok djm@ at n2k12 | Markus Friedl | |
| 2012-09-26 | last stage of rfc changes, using consistent Rs/Re blocks, and moving the | Jason McIntyre | |
| references into a STANDARDS section; | |||
| 2012-09-06 | missing letter in previous; | Jason McIntyre | |
| 2012-09-06 | Add ~v and ~V escape sequences to raise and lower the logging level | Darren Tucker | |
| respectively. Man page help from jmc, ok deraadt jmc | |||
| 2012-06-18 | Clarify description of -W. Noted by Steve.McClellan at radisys com, ok jmc | Darren Tucker | |
| 2012-06-18 | Remove mention of 'three' key files since there are now four. From | Darren Tucker | |
| Steve.McClellan at radisys com. | |||
| 2012-04-20 | use "brackets" instead of "braces", for consistency; | Jason McIntyre | |
| 2011-09-11 | document new -O cancel command; ok djm@ | Okan Demirmen | |
| 2011-09-10 | support cancellation of local/dynamic forwardings from ~C commandline; | Markus Friedl | |
| ok & feedback djm@ | |||
| 2011-08-26 | Add some missing ssh_config(5) options that can be used in ssh(1)'s | Damien Miller | |
| -o argument. Patch from duclare AT guu.fi | |||
| 2011-08-02 | Add new SHA256 and SHA512 based HMAC modes from | Damien Miller | |
| http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt feedback and ok markus@ | |||
| 2011-05-07 | +.It RequestTTY | Jason McIntyre | |
| 2011-04-18 | tweak previous; | Jason McIntyre | |
| 2011-04-17 | allow graceful shutdown of multiplexing: request that a mux server removes | Damien Miller | |
| its listener socket and refuse future multiplexing requests; ok markus@ | |||
| 2010-11-18 | add IPQoS to the various -o lists, and zap some trailing whitespace; | Jason McIntyre | |
| 2010-10-28 | knock out some "-*- nroff -*-" lines; | Jason McIntyre | |
| 2010-09-22 | ssh.1: add kexalgorithms to the -o list | Jason McIntyre | |
| ssh_config.5: format the kexalgorithms in a more consistent (prettier!) way ok djm | |||
| 2010-09-11 | mention RFC 5656 for ECC stuff | Damien Miller | |
| 2010-09-04 | two more EXIT STATUS sections; | Jason McIntyre | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |