summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/sshconnect2.c
AgeCommit message (Collapse)Author
2001-12-05minor KNFTheo de Raadt
2001-12-05make it compile with more strict prototype checkingJun-ichiro itojun Hagino
2001-11-07pad using the padding field from the ssh2 packet instead of sendingMarkus Friedl
extra ignore messages. tested against several other ssh servers.
2001-10-29hostbased: check for client hostkey before building chostMarkus Friedl
2001-10-06unify hostkey check error messages, simplify prompt.Markus Friedl
2001-08-31disable kbd-interactive if we don't get SSH2_MSG_USERAUTH_INFO_REQUEST messagesMarkus Friedl
2001-07-23reorder default sequence of userauth methods to match ssh behaviour:Markus Friedl
hostbased,publickey,keyboard-interactive,password
2001-06-26add smartcard support to the client, too (now you can use bothMarkus Friedl
the agent and the client).
2001-06-25prototype cleanup; ok markus@Kevin Steves
2001-06-24oops, missing format stringMarkus Friedl
2001-06-24switch to readpassphrase(3)Markus Friedl
2.7/8-stable needs readpassphrase.[ch] from libc
2001-06-23more strict prototypes. raise warning level in Makefile.inc. markus ok'edJun-ichiro itojun Hagino
TODO; cleanup headers
2001-06-23get rid of known_hosts2, use it for hostkey lookup, but do not modify.Markus Friedl
2001-05-19change preferredauthentication order toMarkus Friedl
publickey,hostbased,password,keyboard-interactive document that hostbased defaults to no, document order
2001-05-18improved kbd-interactive support. work by per@appgate.com and meMarkus Friedl
2001-04-18more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works nowMarkus Friedl
(however the 2.1.0 server seems to work only if debug is enabled...)
2001-04-18use FDQN with trailing dot in the hostbased auth packets, ok deraadt@Markus Friedl
2001-04-17add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@Markus Friedl
2001-04-15some unused variable and typos; from tomh@po.crl.go.jpMarkus Friedl
2001-04-12implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)Markus Friedl
similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-05fix whitespace: unexpand + trailing spaces.Markus Friedl
2001-04-04more robust rekeyingMarkus Friedl
don't send channel data after rekeying is started.
2001-04-04enable server side rekeying + some rekey related clientup.Markus Friedl
todo: we should not send any non-KEX messages after we send KEXINIT
2001-04-04don't sent multiple kexinit-requests.Markus Friedl
send newkeys, block while waiting for newkeys. fix comments.
2001-04-04enable client rekeyingMarkus Friedl
(1) force rekeying with ~R, or (2) if the server requests rekeying. works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
2001-04-03undo parts of recent my changes: main part of keyexchange does notMarkus Friedl
need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying.
2001-04-03move kex to kex*.c, used dispatch_set() callbacks for kex. shouldMarkus Friedl
make rekeying easier.
2001-03-29need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@Kevin Steves
2001-03-29use recommended defaultsNiels Provos
2001-03-28forgot to include min and max params in hash, okay markus@Niels Provos
2001-03-27make dh group exchange more flexible, allow min and max group size,Niels Provos
okay markus@, deraadt@
2001-03-26simpler key load/save interface, see authfile.hMarkus Friedl
2001-03-23Compat for OpenSSH with broken Rijndael/AES. ok markus@Damien Miller
2001-03-12remove old key_fingerprint interface, s/_ex//Markus Friedl
2001-03-10add PreferredAuthenticationsMarkus Friedl
2001-03-10ignore nonexisting private keys; report rjmooney@mediaone.netMarkus Friedl
2001-03-08implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->Markus Friedl
no need to do enter passphrase or do expensive sign operations if the server does not accept key).
2001-03-05generate a 2*need size (~300 instead of 1024/2048) random privateMarkus Friedl
exponent during the DH key agreement. according to Niels (the great german advisor) this is safe since /etc/primes contains strong primes only. References: P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key agreement with short exponents, In Advances in Cryptology - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
2001-02-28in ssh protocol v2 use ignore messages for padding (instead of trailing \0).Markus Friedl
2001-02-15genericize password padding function for SSH1 and SSH2.Markus Friedl
add stylized echo to 2, too.
2001-02-111) clean up the MAC support for SSH-2Markus Friedl
2) allow you to specify the MAC with 'ssh -m' 3) or the 'MACs' keyword in ssh(d)_config 4) add hmac-{md5,sha1}-96 ok stevesk@, provos@
2001-02-10remove some linesMarkus Friedl
2001-02-09partial success: debug->log; "Permission denied" if no more auth methodsMarkus Friedl
2001-02-09do not free twice, thanks to /etc/malloc.confMarkus Friedl
2001-02-08%.30s is too short for IPv6 numeric address. use %.128s for now. markus okJun-ichiro itojun Hagino
2001-02-06do not ask for passphrase in batch mode; report from ejb@ql.orgMarkus Friedl
2001-02-04unexpand and remove end-of-line whitespace; ok markus@Kevin Steves
2001-01-31unusedMarkus Friedl
2001-01-22rename skey -> challenge response.Markus Friedl
auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
2001-01-22fix memory leaks in SSH2 key exchange; ok markus@Kevin Steves
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-12 20:59:05 +0000