| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2001-01-07 | rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE | Markus Friedl | |
| syslog priority changes: fatal() LOG_ERR -> LOG_CRIT log() LOG_INFO -> LOG_NOTICE | |||
| 2000-12-19 | replace 'unsigned bla' with 'u_bla' everywhere. also, replace 'char unsigned' | Markus Friedl | |
| with u_char. | |||
| 2000-11-25 | print keytype when generating a key. | Markus Friedl | |
| reasonable defaults for RSA1/RSA/DSA keys. | |||
| 2000-10-11 | new cipher framework | Markus Friedl | |
| 2000-10-11 | add support for s/key (kbd-interactive) to ssh2, based on work by ↵ | Markus Friedl | |
| mkiernan@avantgo.com and me | |||
| 2000-10-11 | First rough implementation of the diffie-hellman group exchange. The | Niels Provos | |
| client can ask the server for bigger groups to perform the diffie-hellman in, thus increasing the attack complexity when using ciphers with longer keys. University of Windsor provided network, T the company. | |||
| 2000-09-12 | multiple debug levels | Markus Friedl | |
| 2000-09-07 | cleanup copyright notices on all files. I have attempted to be accurate with | Theo de Raadt | |
| the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate. | |||
| 2000-08-19 | support for ~. in ssh2 | Markus Friedl | |
| 2000-07-13 | allow multiple whitespace but only one '=' between tokens, bug report from | Niels Provos | |
| Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@ | |||
| 2000-06-20 | OpenBSD tag | Markus Friedl | |
| 2000-05-17 | enable nonblocking IO for sshd w/ proto 1, too; split out common code | Markus Friedl | |
| 2000-05-08 | complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only) | Markus Friedl | |
| 2000-05-04 | replace broken uuencode w/ libc b64_ntop | Markus Friedl | |
| 2000-05-03 | s/DsaKey/HostDSAKey/, document option | Markus Friedl | |
| 2000-05-02 | default DSA key file ~/.ssh/id_dsa | Markus Friedl | |
| 2000-04-26 | host key becomes /etc/ssh_host_dsa_key | Theo de Raadt | |
| 2000-04-26 | add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] | Markus Friedl | |
| for trading keys with the real and the original SSH, directly from the people who invented the SSH protocol. | |||
| 2000-04-19 | pid_t | Theo de Raadt | |
| 2000-04-14 | whitespace cleanup | Markus Friedl | |
| 2000-04-12 | add Cipher and Protocol options to ssh/sshd, e.g.: | Markus Friedl | |
| ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers arcfour,3des-cbc' | |||
| 2000-04-06 | ssh2 server side, see README.openssh2; enable with 'sshd -2' | Markus Friedl | |
| 2000-03-28 | replace big switch() with function tables (prepare for ssh2) | Markus Friedl | |
| 2000-03-23 | initial support for DSA keys. ok deraadt@, niels@ | Markus Friedl | |
| 2000-02-01 | int atomicio -> ssize_t (for alpha). ok deraadt@ | David Leonard | |
| 2000-01-04 | ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new features: | Markus Friedl | |
| sshd allows multiple ListenAddress and Port options. note that libwrap is not IPv6-ready. (based on patches from <kick@kyoto.wide.ad.jp> and fujiwara@rcac.tdi.co.jp) | |||
| 1999-12-12 | type conflict for 'extern Type *options' in channels.c; dot@dotat.at | Markus Friedl | |
| 1999-12-06 | move atomicio into it's own file. wrap all socket write()s which were doing | Theo de Raadt | |
| write(sock, buf, len) != len, with atomicio() calls. | |||
| 1999-12-02 | document $SSH_ASKPASS, reasonable default | Markus Friedl | |
| 1999-12-01 | move skey-auth from auth-passwd.c to auth-skey.c, same for krb4 | Markus Friedl | |
| 1999-12-01 | ports are u_short | Markus Friedl | |
| 1999-11-24 | KNF, final part 3 | Markus Friedl | |
| 1999-11-24 | much more KNF | Theo de Raadt | |
| 1999-11-22 | tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE | Markus Friedl | |
| messages. allows use of s/key in windows (ttssh, securecrt) and ssh-1.2.27 clients without 'ssh -v', ok: niels@ | |||
| 1999-11-22 | syslog changes: | Markus Friedl | |
| * Unified Logmessage for all auth-types, for success and for failed * Standard connections get only ONE line in the LOG when level==LOG: Auth-attempts are logged only, if authentication is: a) successfull or b) with passwd or c) we had more than AUTH_FAIL_LOG failues * many log() became verbose() * old behaviour with level=VERBOSE | |||
| 1999-11-19 | bugfix: loglevels are per host in clientconfig, | Markus Friedl | |
| factor out common log-level parsing code. | |||
| 1999-11-15 | the keysize of rsa-parameter 'n' is passed implizit, | Markus Friedl | |
| a few more checks and warnings about 'pretended' keysizes. | |||
| 1999-11-11 | make all access to options via 'extern Options options' | Markus Friedl | |
| and 'extern ServerOptions options' respectively; options are no longer passed as arguments: * make options handling more consistent * remove #include "readconf.h" from ssh.h * readconf.h is only included if necessary | |||
| 1999-11-11 | IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok deraadt,millert | Markus Friedl | |
| 1999-11-10 | add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, | Markus Friedl | |
| obsoletes QuietMode and FascistLogging in sshd. | |||
| 1999-11-10 | remove x11- and krb-cleanup from fatal() + krb-cleanup cleanup | Markus Friedl | |
| 1999-11-02 | remove unused argument. ok dugsong | Markus Friedl | |
| 1999-10-28 | from niklas: Add -c -s and -k support, Create socket early to avoid race, | Markus Friedl | |
| Don't let child access std{in,out,err} | |||
| 1999-10-25 | remove prototypes for old/removed minfd functions | Markus Friedl | |
| 1999-10-16 | support for SSH protocol 1.5 which is poorly documented, the RFC.troff lies. | Markus Friedl | |
| interops (x11,agent,etc) with 1.2.27 and protocol 1.3 | |||
| 1999-10-16 | -Wall cleanup | Niels Provos | |
| 1999-10-14 | fix old connect() race security-bug for ssh-agent and agent-forwarding | Markus Friedl | |
| by removing the connect() junk, with the following restrictions: 1) change the version to "OpenSSH-1.1": agent-forwarding will work only between OpenSSH-1.1 client and OpenSSH-1.1 server 2) renamed the environment variable of OpenSSH-1.1 to "SSH_AUTH_SOCKET", since useing OpenSSH-1.0 ssh-add against the new ssh-agent does not work | |||
| 1999-10-11 | make sure ~/.ssh/authorized_keys is not writable for group/world (sshd) | Markus Friedl | |
| don't load private keys if they are group/world-{rwx} (ssh,sshd and ssh-add) | |||
| 1999-10-07 | add skey to sshd: | Markus Friedl | |
| 1) pass *pw to auth_password() not user_name, do_authentication already keeps private copy of struct passwd for current user. 2) limit authentication attemps to 5, otherwise ssh -o 'NumberOfPasswordPrompts 100000' host lets you enter 100000 passwds 3) make s/key a run-time option in /etc/sshd_config 4) generate fake skeys, for s/key for nonexisting users, too limit auth-tries for nonexisting users, too. Note that % ssh -l nonexisting-user -o 'NumberOfPasswordPrompts 100000' host has NO limits in ssh-1.2.27 | |||
| 1999-10-05 | move auth-sockets to private dir | Markus Friedl | |
| delete minfd residua | |||
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |