summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Collapse)Author
2006-08-21Add more detail about what permissions are and aren't accepted forDarren Tucker
authorized_keys files. Corrections jmc@, ok djm@, "looks good" jmc@
2006-08-21Document HostbasedUsesNameFromPacketOnly. Corrections from jmc@, ok jmc@ djm@Darren Tucker
2006-08-18GSSAPI error code should be 0 and not -1; from simon@sxw.org.ukDamien Miller
2006-08-18constify host argument to match the rest of the GSSAPI functions andDamien Miller
unbreak compilation with -Werror
2006-08-18bz #1218 - disable SPNEGO as per RFC4462; diff from simon AT sxw.org.ukDamien Miller
ok markus@
2006-08-18reorder so prototypes are sorted by the files they refer to; noDamien Miller
binary change
2006-08-18delay authentication related cleanups until we're authenticated andMarkus Friedl
all alarms have been cancelled; ok deraadt
2006-08-18make signal handler termination path shorter; risky code pointed out byTheo de Raadt
mark dowd; ok djm markus
2006-08-16factor inetd connection, TCP listen and main TCP accept loop out of main()Damien Miller
into separate functions to improve readability; ok markus@
2006-08-14Add ability to match groups to Match keyword in sshd_config. Feedback djm@,Darren Tucker
stevesk@, ok stevesk@.
2006-08-12Revert previous include file ordering change, for ssh to compile under gcc2Miod Vallat
(or until openssl include files are cleaned of parameter names in function prototypes)
2006-08-06"zlib.h" can be <zlib.h>; ok djm@ markus@Kevin Steves
2006-08-05Typo in commentDarren Tucker
2006-08-05Zap unused variables in -DSKEY code. ok djm@Darren Tucker
2006-08-05Add headers required to build with -DSKEY. ok djm@Darren Tucker
2006-08-05Add headers required to build with KERBEROS5=no. ok djm@Darren Tucker
2006-08-04spacesKevin Steves
2006-08-03almost entirely get rid of the culture of ".h files that include .h files"Theo de Raadt
ok djm, sort of ok stevesk makes the pain stop in one easy step
2006-08-01clean extra spacesKevin Steves
2006-08-01move #include <stdio.h> out of includes.hKevin Steves
2006-08-01Allow fallback to known_hosts entries without port qualifiers forDarren Tucker
non-standard ports too, so that all existing known_hosts entries will be recognised. Requested by, feedback and ok markus@
2006-07-30order includes to KNFKevin Steves
2006-07-27avoid confusing wording in HashKnownHosts:Jason McIntyre
originally spotted by alan amesbury; ok deraadt
2006-07-26move #include <stdlib.h> out of includes.hKevin Steves
2006-07-26move #include <sys/param.h> out of includes.hKevin Steves
2006-07-25move #include <sys/time.h> out of includes.hKevin Steves
2006-07-25need #include <string.h>Kevin Steves
2006-07-24disable tunnel forwarding when no strict host key checkingKevin Steves
and key changed; ok djm@ markus@ dtucker@
2006-07-23#include <signal.h> for sig_atomic_t; need this prior to <sys/param.h>Kevin Steves
move
2006-07-22move #include <string.h> out of includes.hKevin Steves
2006-07-22move #include <time.h> out of includes.hKevin Steves
2006-07-21ARGSUSED for signal handlerKevin Steves
2006-07-21more ARGSUSED (lint) for dispatch table-driven functions; ok djm@Kevin Steves
2006-07-21Make PermitOpen take a list of permitted ports and act more like most otherDarren Tucker
keywords (ie the first match is the effective setting). This also makes it easier to override a previously set PermitOpen. ok djm@
2006-07-20missed some needed #include <unistd.h> when KERBEROS5=no; issue fromKevin Steves
massimo@cedoc.mo.it
2006-07-19Add ForceCommand keyword to sshd_config, equivalent to the "command="Darren Tucker
key option, man page entry and example in sshd_config. Feedback & ok djm@, man page corrections & ok jmc@
2006-07-19Add support for X11Forwaring, X11DisplayOffset and X11UseLocalhost toDarren Tucker
Match. ok djm@
2006-07-18remove unneeded includes; ok djm@Kevin Steves
2006-07-18Clarify description of Match, with minor correction from jmc@Darren Tucker
2006-07-18mark up angle brackets;Jason McIntyre
2006-07-18replace DIAGNOSTICS with .Ex;Jason McIntyre
2006-07-18tweak; ok dtuckerJason McIntyre
2006-07-17Add PermitOpen directive to sshd_config which is equivalent to theDarren Tucker
"permitopen" key option. Allows server admin to allow TCP port forwarding only two specific host/port pairs. Useful when combined with Match. If permitopen is used in both sshd_config and a key option, both must allow a given connection before it will be permitted. Note that users can still use external forwarders such as netcat, so to be those must be controlled too for the limits to be effective. Feedback & ok djm@, man page corrections & ok jmc@.
2006-07-17Use '\0' rather than 0 to terminates strings; ok djm@Darren Tucker
2006-07-17move #include <unistd.h> out of includes.hKevin Steves
2006-07-14don't need incompletely-typed 'struct passwd' now withKevin Steves
#include <pwd.h>; ok markus@
2006-07-12move #include <stddef.h> out of includes.hKevin Steves
2006-07-12move #include <netdb.h> out of includes.h; ok djm@Kevin Steves
2006-07-12 - new sentence, new lineJason McIntyre
- s/The the/The/ - kill a bad comma
2006-07-12Add support for conditional directives to sshd_config via a "Match" keyword,Darren Tucker
which works similarly to the "Host" directive in ssh_config. Lines after a Match line override the default set in the main section if the condition on the Match line is true, eg AllowTcpForwarding yes Match User anoncvs AllowTcpForwarding no will allow port forwarding by all users except "anoncvs". Currently only a very small subset of directives are supported. ok djm@
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-29 18:50:02 +0000