summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Expand)Author
2020-10-11UpdateHostkeys: check for keys under other namesDamien Miller
2020-10-11UpdateHostkeys: better CheckHostIP handlingDamien Miller
2020-10-11UpdateHostkeys: better detect manual host entriesDamien Miller
2020-10-08don't misdetect comma-separated hostkey names as wildcards;Damien Miller
2020-10-08clarify conditions for UpdateHostkeysDamien Miller
2020-10-07Disable UpdateHostkeys when hostkey checking failsDamien Miller
2020-10-07Fix UpdateHostkeys/HashKnownHosts/CheckHostIP bugDamien Miller
2020-10-07don't UpdateHostkeys when the hostkey is verified by theDamien Miller
2020-10-07revert kex->flags cert hostkey downgrade back to a plain keyDamien Miller
2020-10-07simply disable UpdateHostkeys when a certificate successfullyDamien Miller
2020-10-07disable UpdateHostkeys by default if VerifyHostKeyDNS is enabled;Damien Miller
2020-10-06Agent protocol draft is now at rev 4. ok djm@Darren Tucker
2020-10-04when ordering host key algorithms in the client, consider the ECDSADamien Miller
2020-10-04Allow full range of UIDs and GIDs for sftp chown and chgrp on 32bitDarren Tucker
2020-10-03There are lots of place where we want to redirect stdin, stdoutDamien Miller
2020-10-03enable UpdateHostkeys by default when the configuration has notDamien Miller
2020-10-03disable UpdateHostkeys when a wildcard hostname pattern isDamien Miller
2020-10-03record when the host key checking code downgrades a certificate hostDamien Miller
2020-10-03prefer ed25519 signature algorithm variants to ECDSA; ok markus@Damien Miller
2020-10-03want time.h here tooDamien Miller
2020-10-03split introductory paragraph, and insert ominous words about the globTheo de Raadt
2020-09-30Regen moduli.Darren Tucker
2020-09-27openssh 8.4Damien Miller
2020-09-21close stdin when forking after authentication too; ok markusDamien Miller
2020-09-20close stdout/stderr after "ssh -f ..." forkingDamien Miller
2020-09-20cap channel input buffer size at 16MB; avoids high memory use whenDamien Miller
2020-09-18handle multiple messages in a single read()Damien Miller
2020-09-18tweak the client hostkey preference ordering algorithm to prefer theDamien Miller
2020-09-16Remove unused buf, last user was removed when switching to the sshbuf API.Darren Tucker
2020-09-09For the hostkey confirmation message:Damien Miller
2020-09-09when writing an attestation blob for a FIDO key, record all the dataDamien Miller
2020-08-31refuse to add verify-required (PINful) FIDO keys to ssh-agent untilDamien Miller
2020-08-31Add RCS IDs to the few files that are missing them;Damien Miller
2020-08-28Check that the addresses supplied to Match Address and MatchDarren Tucker
2020-08-27sentence fix; from pedro martellettoJason McIntyre
2020-08-27debug()-print a little info about FIDO-specific key fields viaDamien Miller
2020-08-27skip a bit more FIDO token selection logic when only a single tokenDamien Miller
2020-08-27tweak previous;Jason McIntyre
2020-08-27remove unreachable code I forgot to delete in r1.334Damien Miller
2020-08-27Request PIN ahead of time for certain FIDO actionsDamien Miller
2020-08-27preserve verify-required for resident FIDO keysDamien Miller
2020-08-27major rework of FIDO token selection logicDamien Miller
2020-08-27support for requiring user verified FIDO keys in sshdDamien Miller
2020-08-27support for user-verified FIDO keysDamien Miller
2020-08-12ssh-keyscan(1): simplify conloop() with timercmp(3), timersub(3); ok djm@cheloha
2020-08-11let ssh_config(5)'s AddKeysToAgent keyword accept a time limit forDamien Miller
2020-08-11let the "Confirm user presence for key ..." ssh-askpass notificationDamien Miller
2020-08-03ensure that certificate extensions are lexically sorted. PreviouslyDamien Miller
2020-08-03allow -A to explicitly enable agent forwarding in scp and sftp. TheDamien Miller
2020-08-03clang -Wimplicit-fallthrough does not recognise /* FALLTHROUGH */Theo de Raadt