| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-04-23 | don't record duplicate IdentityFiles | Damien Miller | |
| 2014-04-22 | zap eol whitespace; | Jason McIntyre | |
| 2014-04-22 | Document sftp upload resume. | Loganaden Velvindron | |
| OK from djm@, with feedback from okan@. | |||
| 2014-04-22 | comment out the .if (${KERBEROS5:L} block for now, breaks the build | Henning Brauer | |
| once the bsd.own.mk KERBEROS5 is removed otherwise. this way suggested by theo. | |||
| 2014-04-22 | Sort the sftp command list. | Loganaden Velvindron | |
| OK from djm@ | |||
| 2014-04-21 | Implement sftp upload resume support. | Loganaden Velvindron | |
| OK from djm@, with input from guenther@, mlarkin@ and okan@ | |||
| 2014-04-20 | Add support for SSHFP DNS records for ED25519 key types. | logan | |
| OK from djm@ | |||
| 2014-04-20 | add a canonical 6.6 + curve25519 bignum fix fake version that I can | Damien Miller | |
| recommend people use ahead of the openssh-6.7 release | |||
| 2014-04-20 | use get/put_u32 to load values rather than *((UINT32 *)p) that breaks on | Damien Miller | |
| strict-alignment architectures; reported by and ok stsp@ | |||
| 2014-04-19 | delete .xr to hosts.equiv. there's still an unfortunate amount of | Ted Unangst | |
| documentation referring to rhosts equivalency in here. | |||
| 2014-04-19 | remove some really old rsh references | Ted Unangst | |
| 2014-04-19 | Delete futile calls to RAND_seed. ok djm | Ted Unangst | |
| 2014-04-19 | missing wildcard; pointed out by naddy@ | Damien Miller | |
| 2014-04-18 | OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections | Damien Miller | |
| using the curve25519-sha256@libssh.org KEX exchange method to fail when connecting with something that implements the spec properly. Disable this KEX method when speaking to one of the affected versions. reported by Aris Adamantiadis; ok markus@ | |||
| 2014-04-16 | remove the identity files from this manpage - ssh-agent doesn't deal | Damien Miller | |
| with them at all and the same information is duplicated in ssh-add.1 (which does deal with them); prodded by deraadt@ | |||
| 2014-04-16 | skip leading zero bytes in buffer_put_bignum2_from_string(); | Damien Miller | |
| reported by jan AT mojzis.com; ok markus@ | |||
| 2014-04-12 | avoid crash at exit: check that pmonitor!=NULL before dereferencing; | Damien Miller | |
| bz#2225, patch from kavi AT juniper.net | |||
| 2014-04-01 | demote a debug3 to PACKET_DEBUG; ok markus@ | Damien Miller | |
| 2014-04-01 | When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any | Damien Miller | |
| certificate keys to plain keys and attempt SSHFP resolution. Prevents a server from skipping SSHFP lookup and forcing a new-hostkey dialog by offering only certificate keys. Reported by mcv21 AT cam.ac.uk | |||
| 2014-04-01 | include fingerprint of key not found | Damien Miller | |
| use arc4random_buf() instead of loop+arc4random() | |||
| 2014-03-31 | ssh has a target painted on it's back, so use -fstack-protector-all | Theo de Raadt | |
| dtucker mentioned that -portable does this | |||
| 2014-03-31 | the text for the -K option was inserted in the wrong place in -r1.108; | Jason McIntyre | |
| fix From: Matthew Clarke | |||
| 2014-03-28 | sync available and default algorithms, improve algorithm list formatting | Christian Weisgerber | |
| help from jmc@ and schwarze@, ok deraadt@ | |||
| 2014-03-27 | disable weak proposals in sshd, but keep them in ssh; ok djm@ | Markus Friedl | |
| 2014-03-26 | remove libwrap support. ok deraadt djm mfriedl | Ted Unangst | |
| 2014-03-26 | The current sharing of myproposal[] between both client and server code | Theo de Raadt | |
| makes the previous diff highly unpallatable. We want to go in that direction for the server, but not for the client. Sigh. Brought up by naddy. | |||
| 2014-03-26 | use __bounded(...) attribute recently added to sys/cdefs.h instead of | Damien Miller | |
| longform __attribute__(__bounded(...)); for brevity and a warning free compilation with llvm/clan | |||
| 2014-03-25 | trimm default proposals. | Markus Friedl | |
| This commit removes the weaker pre-SHA2 hashes, the broken ciphers (arcfour), and the broken modes (CBC) from the default configuration (the patch only changes the default, all the modes are still available for the config files). ok djm@, reminded by tedu@ & naddy@ and discussed with many | |||
| 2014-03-19 | there is no need for rcp anymore | Ted Unangst | |
| ok deraadt millert | |||
| 2014-03-17 | old descriptions of des and blowfish are old. maybe ok deraadt | Ted Unangst | |
| 2014-03-15 | Improve usage() and documentation towards the standard form. In particular, | Theo de Raadt | |
| this line saves a lot of man page reading time. usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1] [-N new_passphrase] [-C comment] [-f output_keyfile] ok schwarze jmc | |||
| 2014-03-12 | scan for Ed25519 keys by default too | Christian Weisgerber | |
| 2014-03-12 | correct test that kdf name is not "none" or "bcrypt" | Damien Miller | |
| 2014-03-12 | don't count on things that accept arguments by reference to clear | Damien Miller | |
| things for us on error; most things do, but it's unsafe form. | |||
| 2014-03-12 | scan for Ed25519 keys by default too | Damien Miller | |
| 2014-03-03 | ignore enviornment variables with embedded '=' or '\0' characters; | Damien Miller | |
| spotted by Jann Horn; ok deraadt@ | |||
| 2014-02-28 | Absolutely do not override base system build features in this file!! | Theo de Raadt | |
| Discovered by miod. | |||
| 2014-02-27 | openssh-6.6 | Damien Miller | |
| 2014-02-27 | bz#2184 clarify behaviour of a keyword that appears in multiple | Damien Miller | |
| matching Match blocks; ok dtucker@ | |||
| 2014-02-27 | off by one in range check | Damien Miller | |
| 2014-02-27 | fix unsigned overflow that could lead to reading a short ssh protocol | Damien Miller | |
| 1 bignum value; found by Ben Hawkes; ok deraadt@ | |||
| 2014-02-26 | ssh_gssapi_prepare_supported_oids needs GSSAPI | Markus Friedl | |
| 2014-02-26 | don't assume that the socks4 username is \0 terminated; | Damien Miller | |
| spotted by Ben Hawkes; ok markus@ | |||
| 2014-02-26 | bz#2107 - cache OIDs of supported GSSAPI mechanisms before privsep | Damien Miller | |
| sandboxing, as running this code in the sandbox can cause violations; ok markus@ | |||
| 2014-02-26 | bz#2205: avoid early hostname lookups unless canonicalisation is enabled; | Damien Miller | |
| ok dtucker@ markus@ | |||
| 2014-02-23 | reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes | Damien Miller | |
| the hostname. This allows users to write configurations that always refer to canonical hostnames, e.g. CanonicalizeHostname yes CanonicalDomains int.example.org example.org CanonicalizeFallbackLocal no Host *.int.example.org Compression off Host *.example.org User djm ok markus@ | |||
| 2014-02-23 | check for unsigned overflow; not reachable in OpenSSH but others might | Damien Miller | |
| copy our code... | |||
| 2014-02-22 | when processing Match blocks, skip 'exec' clauses if previous predicates | Damien Miller | |
| failed to match; ok markus@ | |||
| 2014-02-15 | avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W; | Damien Miller | |
| bz#2200, debian#738692 via Colin Watson; ok dtucker@ | |||
| 2014-02-07 | -Wold-style-declaration is not supported by gcc 3. | Miod Vallat | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |