summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Expand)Author
2010-06-26oops, forgot to #include <canohost.h>; spotted and patch from chl@Damien Miller
2010-06-26tweak previous;Jason McIntyre
2010-06-25Add X11ForwardTimeout option to specify timeout for untrusted X11Damien Miller
2010-06-25log the hostname and address that we connected to at LogLevel=verboseDamien Miller
2010-06-25skip the initial check for access with an empty password whenDamien Miller
2010-06-25bz#1750: fix requirement for /dev/null inside ChrootDirectory forDamien Miller
2010-06-25bz#1327: remove hardcoded limit of 100 permitopen clauses and portDamien Miller
2010-06-23fix printing of extensions in v01 certificates that I broke in r1.190Damien Miller
2010-06-22include the user name on "subsystem request for ..." log messages;Damien Miller
2010-06-22replace verbose and overflow-prone Linebuf code with read_keyfile_line()Damien Miller
2010-06-22queue auth debug messages for bad ownership or permissions on the user'sDamien Miller
2010-06-22standardise error messages when attempting to open private keyDamien Miller
2010-06-22expose some more sshd_config options inside Match blocks:Damien Miller
2010-06-18fix memory leak in do_realpath() error path; bz#1771, patch fromDamien Miller
2010-06-18Missing check for chroot_director == "none" (we already checked againstDamien Miller
2010-06-18unbreak ls in working directories that contains globbing characters inDamien Miller
2010-06-17Correct sizing of object to be allocated by calloc(), replacingDamien Miller
2010-06-08check length of value returned C_GetAttributValue for != 0Markus Friedl
2010-05-21colon() returns char*, so s/return (0)/return NULL/Damien Miller
2010-05-20Move the permit-* options to the non-critical "extensions" field for v01Damien Miller
2010-05-20fix logspam when key options (from="..." especially) deny non-matching keys;Damien Miller
2010-05-16mux support for remote forwarding with dynamic port allocation,Markus Friedl
2010-05-14Pause the mux channel while waiting for reply from aynch callbacks.Damien Miller
2010-05-14check that the certificate matches the corresponding private key beforeDamien Miller
2010-05-11don't accept certificates marked as "cert-authority" here; ok markus@Damien Miller
2010-05-07tweak previous;Jason McIntyre
2010-05-07add some optional indirection to matching of principal names listedDamien Miller
2010-05-05restore mput and mget which got lost in the tab-completion changes.Darren Tucker
2010-05-01typo; jmeltzer@Damien Miller
2010-04-26bz#1502: authctxt.success is declared as an int, but passed byDamien Miller
2010-04-23refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,Damien Miller
2010-04-23set stderr to /dev/null for subsystems rather than just closing it.Damien Miller
2010-04-23set "detach_close" flag when registering channel cleanup callbacks.Damien Miller
2010-04-23bz#1740: display a more helpful error message when $HOME isDamien Miller
2010-04-16oops, %r => remote username, not %uDamien Miller
2010-04-16tweak previous; ok djmJason McIntyre
2010-04-16tweak previous; ok djmJason McIntyre
2010-04-16revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with theDamien Miller
2010-04-15retry lookup for private key if there's no matching key with CKA_SIGNMarkus Friedl
2010-04-14expand %r => remote username in ssh_config:ProxyCommand;Damien Miller
2010-04-10fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.auDamien Miller
2010-04-10show the key type that we are offering in debug(), helps distinguishDamien Miller
2010-04-10bz#1698: kill channel when pty allocation requests fail. FixedDamien Miller
2010-04-10fix terminology: we didn't find a certificate in known_hosts, we foundDamien Miller
2010-04-10bz#1746 - suppress spurious tty warning when using -O and stdinDamien Miller
2010-03-27tweak previous; ok dtuckerJason McIntyre
2010-03-26tweak previous;Jason McIntyre
2010-03-26allow buffer_get_int_ret/buffer_get_int64_ret to take a NULL pointerDamien Miller
2010-03-26Reformat default value of PreferredAuthentications entry (current formattingDarren Tucker
2010-03-26mention that -S none disables connection sharing; from Colin WatsonDamien Miller