| Age | Commit message (Expand) | Author |
|---|
| 2013-11-02 | use curve25519 for default key exchange (curve25519-sha256@libssh.org); | Markus Friedl |
| 2013-10-23 | include local address and port in "Connection from ..." message (only | Damien Miller |
| 2013-10-17 | include remote port in bad banner message; bz#2162 | Damien Miller |
| 2013-10-10 | bz#2139: fix re-exec fallback by ensuring that startup_pipe is correctly | Damien Miller |
| 2013-09-02 | All the instances of arc4random_stir() are bogus, since arc4random() | Theo de Raadt |
| 2013-08-22 | Stir PRNG after post-accept fork. The child gets a different PRNG state | Damien Miller |
| 2013-07-19 | add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, | Markus Friedl |
| 2013-06-05 | When running sshd -D, close stderr unless we have explicitly requesting | Darren Tucker |
| 2013-05-17 | bye, bye xfree(); ok markus@ | Damien Miller |
| 2013-05-16 | Fix some "unused result" warnings found via clang and -portable. ok markus@ | Darren Tucker |
| 2013-05-16 | Add RekeyLimit to sshd with the same syntax as the client allowing rekeying | Darren Tucker |
| 2013-04-07 | Add -E option to ssh and sshd to append debugging logs to a specified file | Darren Tucker |
| 2013-04-06 | handle ECONNABORTED for accept(); ok deraadt some time ago... | Markus Friedl |
| 2013-02-11 | Add openssl version to debug output similar to the client. ok markus@ | Darren Tucker |
| 2012-11-04 | Support multiple required authentication via an AuthenticationMethods | Damien Miller |
| 2012-11-04 | Remove default of AuthorizedCommandUser. Administrators are now expected | Damien Miller |
| 2012-10-30 | new sshd_config option AuthorizedKeysCommand to support fetching | Damien Miller |
| 2012-07-10 | Turn on systrace sandboxing of pre-auth sshd by default for new installs | Damien Miller |
| 2012-06-30 | fix a during the load of the sandbox policies (child can still make | Markus Friedl |
| 2012-05-13 | Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests | Darren Tucker |
| 2012-04-12 | VersionAddendum option to allow server operators to append some arbitrary | Damien Miller |
| 2012-04-11 | don't spin in accept() when out of fds (ENFILE/ENFILE) - back off for a | Damien Miller |
| 2011-09-30 | fix inverted test that caused logspam; spotted by henning@ | Damien Miller |
| 2011-09-30 | don't attempt privsep cleanup when not using privsep; ok markus@ | Darren Tucker |
| 2011-09-09 | kill the preauth privsep child on fatal errors in the monitor; | Damien Miller |
| 2011-06-23 | rename sandbox.h => ssh-sandbox.h to make things easier for portable | Damien Miller |
| 2011-06-22 | introduce sandboxing of the pre-auth privsep child using systrace(4). | Damien Miller |
| 2011-06-17 | make the pre-auth privsep slave log via a socketpair shared with the | Damien Miller |
| 2011-04-12 | exit with 0 status on SIGTERM; bz#1879 | Damien Miller |
| 2011-01-11 | some unsigned long long casts that make things a bit easier for | Damien Miller |
| 2010-09-22 | add a KexAlgorithms knob to the client and server configuration to allow | Damien Miller |
| 2010-08-31 | reintroduce commit from tedu@, which I pulled out for release engineering: | Damien Miller |
| 2010-08-31 | Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and | Damien Miller |
| 2010-08-16 | backout previous temporarily; discussed with deraadt@ | Damien Miller |
| 2010-08-12 | OpenSSL_add_all_algorithms is the name of the function we have a man page | Ted Unangst |
| 2010-04-16 | revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the | Damien Miller |
| 2010-03-07 | Hold authentication debug messages until after successful authentication. | Darren Tucker |
| 2010-02-26 | Add support for certificate key types for users and hosts. | Damien Miller |
| 2010-01-29 | set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com | Damien Miller |
| 2010-01-13 | avoid run-time failures when specifying hostkeys via a relative | Damien Miller |
| 2010-01-09 | Remove RoutingDomain from ssh since it's now not needed. It can be replaced | Darren Tucker |
| 2010-01-09 | Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs | Darren Tucker |
| 2009-10-28 | Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan. | Reyk Floeter |
| 2009-05-28 | Keep track of number of bytes read and written. Needed for upcoming | Andreas Gunnarsson |
| 2009-01-22 | make a2port() return -1 when it encounters an invalid port number | Damien Miller |
| 2008-10-30 | don't need to #include "monitor_fdpass.h" | Kevin Steves |
| 2008-07-10 | sync v1 and v2 traffic accounting; add it to sshd, too; ok djm@, dtucker@ | Markus Friedl |
| 2008-07-01 | Send CR LF during protocol banner exchanges, but only for Protocol 2 only, | Darren Tucker |
| 2008-06-14 | ensure default umask disallows at least group and world write; ok djm@ | Darren Tucker |
| 2008-06-14 | wrap long line at 80 chars | Darren Tucker |
