summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Expand)Author
2010-09-06add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste <mattieu.b@gmail.com>Christian Weisgerber
2010-09-06decl before code for compiler compatibilityTheo de Raadt
2010-09-04two more EXIT STATUS sections;Jason McIntyre
2010-09-03add an EXIT STATUS section for /usr/bin;Jason McIntyre
2010-09-02Switch ECDSA default key size to 256 bits, which according to RFC5656Christian Weisgerber
2010-09-02unbreak ControlPersist=yes for ControlMaster=yes; ok djm@Markus Friedl
2010-09-02permit -b 256, 384 or 521 as key size for ECDSA; ok djm@Markus Friedl
2010-09-01prefer ECDH in a 256 bit curve field; prompted by naddy@Damien Miller
2010-09-01pick up ECDSA host key by default; ok djm@Christian Weisgerber
2010-08-31small text tweak to accommodate previous;Jason McIntyre
2010-08-31fix some macro abuse;Jason McIntyre
2010-08-31reintroduce commit from tedu@, which I pulled out for release engineering:Damien Miller
2010-08-31Implement Elliptic Curve Cryptography modes for key exchange (ECDH) andDamien Miller
2010-08-31Add buffer_get_cstring() and related functions that verify that theDamien Miller
2010-08-16backout previous temporarily; discussed with deraadt@Damien Miller
2010-08-12OpenSSL_add_all_algorithms is the name of the function we have a man pageTed Unangst
2010-08-12close any extra file descriptors inherited from parent at start andDamien Miller
2010-08-08use the same template for all FILES sections; i.e. -compact/.Pp where weJason McIntyre
2010-08-08crank to 5.6Damien Miller
2010-08-05Fix a trio of bugs in the local/remote window calculation for datagramDamien Miller
2010-08-04clean for -WuninitializedDamien Miller
2010-08-04Support CA keys in PKCS#11 tokens; feedback and ok markus@Damien Miller
2010-08-04commited the wrong version of the hostbased certificate diff; thisDamien Miller
2010-08-04enable certificates for hostbased authentication, from Iain Morgan;Damien Miller
2010-08-04tighten the rules for certificate encoding by requiring that optionsDamien Miller
2010-08-04Remove mentions of weird "addr/port" alternate address format for IPv6Damien Miller
2010-07-23Ciphers is documented in ssh_config(5) these daysDarren Tucker
2010-07-21sync timingsafe_bcmp() with the one dempsky@ committed to sys/lib/libkernDamien Miller
2010-07-19add a "ControlPersist" option that automatically starts a backgroundDamien Miller
2010-07-19bz#1797: fix swapped args in upload_dir_internal(), breaking recursiveDamien Miller
2010-07-16more timing paranoia - compare all parts of the expected decryptedDamien Miller
2010-07-16avoid bogus compiler warningDamien Miller
2010-07-15repair incorrect block nesting, which screwed up indentation;Ingo Schwarze
2010-07-14finally ssh synopsis looks nice again! this commit just removes a ton ofJason McIntyre
2010-07-13s/timing_safe_cmp/timingsafe_bcmp/gDamien Miller
2010-07-13implement a timing_safe_cmp() function to compare memory without leakingDamien Miller
2010-07-12expand %h to the hostname in ssh_config Hostname options. While thisDamien Miller
2010-07-12Make ExitOnForwardFailure work with fork-after-authentication ("ssh -f")Damien Miller
2010-07-02unbreak strdelim() skipping past quoted strings, e.g.Damien Miller
2010-07-01Fix a longstanding problem where if you suspend scp at theTodd C. Miller
2010-06-30tweak previous;Jason McIntyre
2010-06-30sort usage();Jason McIntyre
2010-06-30tweak previous;Jason McIntyre
2010-06-29allow key options (command="..." and friends) in AuthorizedPrincipals;Damien Miller
2010-06-29allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;Damien Miller
2010-06-26oops, forgot to #include <canohost.h>; spotted and patch from chl@Damien Miller
2010-06-26tweak previous;Jason McIntyre
2010-06-25Add X11ForwardTimeout option to specify timeout for untrusted X11Damien Miller
2010-06-25log the hostname and address that we connected to at LogLevel=verboseDamien Miller
2010-06-25skip the initial check for access with an empty password whenDamien Miller