| Age | Commit message (Collapse) | Author |
|---|
|
The polysemous use of "key" was too confusing. Input from markus@.
ok jmc@
|
|
$SSH_AUTH_SOCK, by extending the existing ForwardAgent option to
accepting an explicit path or the name of an environment variable
in addition to yes/no.
Patch by Eric Chiang, manpage by me; ok markus@
|
|
Update the list of default host key algorithms in ssh_config.5 and
sshd_config.5. Copy the description of the SecurityKeyProvider
option to sshd_config.5.
ok jmc@
|
|
ok markus
|
|
|
|
|
|
|
|
against the (previously external) USB HID middleware. The dlopen()
capability still exists for alternate middlewares, e.g. for
Bluetooth, NFC and test/debugging.
|
|
Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's
SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable,
and ssh-keygen's new -w and -x options.
Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal
substitutions.
ok djm@
|
|
keys; bz#3062
|
|
From Zachary Harmany via github.com/openssh/openssh-portable/pull/118
ok dtucker@
|
|
the protocol handshake/KEX. From Jean-Charles Longuet via Github PR140
|
|
the list with the '^' character, e.g.
HostKeyAlgorithms ^ssh-ed25519
Ciphers ^aes128-gcm@openssh.com,aes256-gcm@openssh.com
ok djm@ dtucker@
|
|
Options such as Ciphers take values that may be a list of ciphers; the
complete list, not indiviual elements, may be prefixed with a dash or plus
character to remove from or append to the default list, respectively.
Users might read the current text as if each elment took an optional prefix,
so tweak the wording from "values" to "list" to prevent such ambiguity for
all options supporting these semantics.
Fix instances missed in first commit. ok jmc@ kn@
|
|
Options such as Ciphers take values that may be a list of ciphers; the
complete list, not indiviual elements, may be prefixed with a dash or plus
character to remove from or append to the default list respectively.
Users might read the current text as if each elment took an optional prefix,
so tweak the wording from "values" to "list" to prevent such ambiguity for
all options supporting this semantics (those that provide a list of
available elements via "ssh -Q ...").
Input and OK jmc
|
|
to clarify what it checks for. Patch from jblaine at kickflop.net via
github pr#129, ok djm@.
|
|
|
|
ok dtucker
|
|
"X11UseLocalhost" keywords; this makes things consistent (effectively reversing
my commit of yesterday);
ok deraadt markus djm
|
|
|
|
Part of a patch from Stephen Gregoratto <dev at sgregoratto dot me>.
|
|
RSA keys only (since we support ECDSA now and might support others in
the future). Inspired by Jakub Jelen via bz#2974
|
|
client for KEX, ciphers and MACs. The ciphers and MACs were
identical between the client and server, but the error accidentially
disabled the diffie-hellman-group-exchange-sha1 KEX method.
This fixes the client code to use the correct method list, but
because nobody complained, it also disables the
diffie-hellman-group-exchange-sha1 KEX method.
Reported by nuxi AT vault24.org via bz#2697; ok dtucker
|
|
issue pointed out by andreas kahari
ok dtucker djm
|
|
to any ProxyJump/-J hosts. This has confused a few people...
|
|
|
|
Matches in same pass as "Match canonical" but doesn't require
hostname canonicalisation be enabled. bz#2906 ok markus
|
|
names as well as explicit paths. ok dtucker@
|
|
X11 connections in untrusted mode indefinitely. ok dtucker@
|
|
ProxyCommand set with regards to hostname canonicalisation (i.e.
don't try to canonicalise the hostname unless CanonicalizeHostname
is set to 'always').
Patch from Sven Wegener via bz#2896
|
|
ok djm
|
|
which signature algorithms may be used by CAs when signing certificates.
Useful if you want to ban RSA/SHA1; ok markus@
|
|
the C API in section 3.
OK millert jmc nicm, "the right idea" deraadt
|
|
setuid has been removed, remove supporting code and clean up
references to it in the man pages
We have not shipped ssh(1) the setuid bit since 2002. If ayone
really needs to make connections from a low port number this can
be implemented via a small setuid ProxyCommand.
ok markus@ jmc@ djm@
|
|
returns ability to add/remove/specify algorithms by wildcard.
Algorithm lists are now fully expanded when the server/client configs
are finalised, so errors are reported early and the config dumps
(e.g. "ssh -G ...") now list the actual algorithms selected.
Clarify that, while wildcards are accepted in algorithm lists, they
aren't full pattern-lists that support negation.
(lots of) feedback, ok markus@
|
|
In ssh, when an agent fails to return a RSA-SHA2 signature when
requested and falls back to RSA-SHA1 instead, retry the signature to
ensure that the public key algorithm sent in the SSH_MSG_USERAUTH
matches the one in the signature itself.
In sshd, strictly enforce that the public key algorithm sent in the
SSH_MSG_USERAUTH message matches what appears in the signature.
Make the sshd_config PubkeyAcceptedKeyTypes and
HostbasedAcceptedKeyTypes options control accepted signature algorithms
(previously they selected supported key types). This allows these
options to ban RSA-SHA1 in favour of RSA-SHA2.
Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and
"rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures
with certificate keys.
feedback and ok markus@
|
|
|
|
variables for the remote session (subject to the server accepting them)
refactor SendEnv to remove the arbitrary limit of variable names.
ok markus@
|
|
format in sshd_config.5 match that in ssh_config.5;
|
|
available currently. In the client this is via %i, in the server %U
(since %i was already used in the client in some places for this, but
used for something different in the server);
bz#2870, ok dtucker@
|
|
with codespell tool (https://github.com/lucasdemarchi/codespell)
|
|
|
|
labeled for sendind. bz#1285 ok dtucker@
|
|
Allard (via otto@)
|
|
for bulk
AF21 was selected as this is the highest priority within the low-latency
service class (and it is higher than what we have today). SSH is elastic
and time-sensitive data, where a user is waiting for a response via the
network in order to continue with a task at hand. As such, these flows
should be considered foreground traffic, with delays or drops to such
traffic directly impacting user-productivity.
For bulk SSH traffic, the CS1 "Lower Effort" marker was chosen to enable
networks implementing a scavanger/lower-than-best effort class to
discriminate scp(1) below normal activities, such as web surfing. In
general this type of bulk SSH traffic is a background activity.
An advantage of using "AF21" for interactive SSH and "CS1" for bulk SSH
is that they are recognisable values on all common platforms (IANA
https://www.iana.org/assignments/dscp-registry/dscp-registry.xml), and
for AF21 specifically a definition of the intended behavior exists
https://tools.ietf.org/html/rfc4594#section-4.7 in addition to the definition
of the Assured Forwarding PHB group https://tools.ietf.org/html/rfc2597, and
for CS1 (Lower Effort) there is https://tools.ietf.org/html/rfc3662
The first three bits of "AF21" map to the equivalent IEEEE 802.1D PCP, IEEE
802.11e, MPLS EXP/CoS and IP Precedence value of 2 (also known as "Immediate",
or "AC_BE"), and CS1's first 3 bits map to IEEEE 802.1D PCP, IEEE 802.11e,
MPLS/CoS and IP Precedence value 1 ("Background" or "AC_BK").
OK deraadt@, "no objection" djm@
|
|
|
|
to ssh(1) that directs it to bind its outgoing connection to the
address of the specified network interface.
BindInterface prefers to use addresses that aren't loopback or link-
local, but will fall back to those if no other addresses of the
required family are available on that interface.
Based on patch by Mike Manning in bz#2820, ok dtucker@
|
|
diffie-hellman-group14-sha256
diffie-hellman-group16-sha512
diffie-hellman-group18-sha512
From Jakub Jelen via bz#2826
|
|
Christoph Anton Mitterer via github
|
|
without the confusing example. Prompted by Christoph Anton Mitterer
via github and bz#2293.
|
