summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Collapse)Author
2008-11-09typo fixed (overriden -> overridden)Tobias Stoeckmann
ok espie, jmc
2008-11-07Move JPAKE define to make life easier for portable. ok djm@Darren Tucker
2008-11-07add space to some log/debug messages for readability; ok djm@ markus@Kevin Steves
2008-11-07spelling/typo in commentKevin Steves
2008-11-05passord -> password;Jason McIntyre
fixes user/5975 from Rene Maroufi
2008-11-05add dynamic forward escape command line; ok djm@Kevin Steves
2008-11-04because parse_forward() is now used to parse all forward types (DLR),Kevin Steves
and it malloc's space for host variables, we don't need to malloc here. fixes small memory leaks. previously dynamic forwards were not parsed in parse_forward() and space was not malloc'd in that case. ok djm@
2008-11-04Add support for an experimental zero-knowledge password authenticationDamien Miller
method using the J-PAKE protocol described in F. Hao, P. Ryan, "Password Authenticated Key Exchange by Juggling", 16th Workshop on Security Protocols, Cambridge, April 2008. This method allows password-based authentication without exposing the password to the server. Instead, the client and server exchange cryptographic proofs to demonstrate of knowledge of the password while revealing nothing useful to an attacker or compromised endpoint. This is experimental, work-in-progress code and is presently compiled-time disabled (turn on -DJPAKE in Makefile.inc). "just commit it. It isn't too intrusive." deraadt@
2008-11-04need unistd.h for close() prototypeDamien Miller
2008-11-03include MaxSessions in sshd -T output; patch from imorgan AT nas.nasa.govDamien Miller
2008-11-03fix commentKevin Steves
2008-11-03remove valueless commentKevin Steves
2008-11-02protocol 2 tty modes support is now 7.5 years old so remove theseKevin Steves
debug3()s; ok deraadt@
2008-11-01merge dynamic forward parsing into parse_forward(); 'i think this is OK' djm@Kevin Steves
2008-11-01the ellipsis is not an optional argument; while here, improve spacing.Igor Sobrado
2008-11-01fix some typos in log messages; ok djm@Kevin Steves
2008-11-01sprinkle ARGSUSED on dispatch handlersDamien Miller
nuke stale unusued prototype
2008-10-31remove unused #define DISPATCH_MIN; ok markus@Kevin Steves
2008-10-30don't need to #include "monitor_fdpass.h"Kevin Steves
2008-10-17correct and clarify VisualHostKey; ok jmc@Kevin Steves
2008-10-14use #define ROQUIET here; no binary change. ok dtucker@Kevin Steves
2008-10-10use 'Privileged ports can be forwarded only when logging in as root onKevin Steves
the remote machine.' for RemoteForward just like ssh.1 -R. ok djm@ jmc@
2008-10-10typo in error message; ok djm@Kevin Steves
2008-10-10spelling in comment; ok djm@Kevin Steves
2008-10-09add -y to usage();Jason McIntyre
2008-10-09support setting PermitEmptyPasswords in a Match blockDamien Miller
requested in PR3891; ok dtucker@
2008-10-08Add -y option to force logging via syslog rather than stderr.Damien Miller
Useful for daemonised ssh connection (ssh -f). Patch originally from and ok'd by markus@
2008-10-03Repair strnvis() buffersize of 4*n+1, with termination gauranteed by theTheo de Raadt
function. spotted by des@freebsd, who commited an incorrect fix to the freebsd tree and (as is fairly typical) did not report the problem to us. But this fix is correct. ok djm
2008-10-03do not give an example of how to chmod files: we can presume the userJason McIntyre
knows that. removes an ambiguity in the permission of authorized_keys; ok deraadt
2008-10-02Convert an unchecked strdup to xstrdup. OK deraadt@Todd C. Miller
2008-09-11only send eow and no-more-sessions requests to openssh 5 and newer;Markus Friedl
fixes interop problems with broken ssh v2 implementations; ok djm@
2008-09-07gc unused file (obseleted by libcrypto update)Damien Miller
2008-09-06OpenSSL 0.9.8h supplies a real EVP_sha256 so we do not need ourDamien Miller
replacement anymore
2008-09-06adapt to sha2(3) API changes; ok millert@Damien Miller
2008-08-21allow ForceCommand internal-sftp with arguments. based on patch fromDamien Miller
michael.barabanov AT gmail.com; ok markus@
2008-08-02whitepsace -> whitespace. From Matthew Clarke via bugs@.Kenneth R Westerback
2008-07-31don't allocate space for empty banners; report t8m at centrum.cz; ok deraadtMarkus Friedl
2008-07-25In random art visualization, make sure to use the end marker only at theAlexander von Gernler
end. Initial diff by Dirk Loss, tweaks and ok djm@
2008-07-25Add VisualHostKey to example file, ok djm@Alexander von Gernler
2008-07-24Add "ssh-keygen -F -l" to synopsis (displays fingerprint fromStuart Henderson
known_hosts). ok djm@
2008-07-23do not try to print options that have been compile-time disabledDamien Miller
in config test mode (sshd -T); report from nix-corp AT esperi.org.uk ok dtucker@
2008-07-21openssh-5.1Damien Miller
2008-07-18no need for .Pp before or after .Sh;Jason McIntyre
2008-07-17strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yesDamien Miller
report and patch from res AT qoxp.net (bz#1200); ok markus@
2008-07-17strnvis preauth banner; pointed out by mpf@ ok markus@Damien Miller
2008-07-16this loop index should be automatic, not staticDamien Miller
2008-07-16rename variable first_gc -> last_gc (since it is actually the lastDamien Miller
in the list).
2008-07-15number of pipelined requests is not 64; prodded by Iain.Morgan AT nasa.govDamien Miller
2008-07-14mention requirement for /dev/log inside chroot when using sftp-serverDamien Miller
with ChrootDirectory
2008-07-13increase number of piplelined requests so they properly fill theDamien Miller
(recently increased) channel window. prompted by rapier AT psc.edu; ok markus@