summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Collapse)Author
2015-09-13- Fix error message: passphrase needs to be at least 5 characters, not 4.tim
- Remove unused function argument. - Remove two unnecessary variables. OK djm@
2015-09-13When adding keys to the agent, don't ignore the comment of keys for which thetim
user is prompted for a passphrase. Tweak and OK djm@
2015-09-11Use explicit_bzero() when zeroing before free()Philip Guenther
from Michael McConville (mmcconv1 (at) sccs.swarthmore.edu) ok millert@ djm@
2015-09-11sync -Q in usage() to SYNOPSIS; since it's drastically shorter,Jason McIntyre
i've reformatted the block to sync with the man (80 cols) and saved a line;
2015-09-11tweak previous;Jason McIntyre
2015-09-11Update usage to match man page.Darren Tucker
2015-09-11expand %i in ControlPath to UID; bz#2449Damien Miller
patch from Christian Hesse w/ feedback from dtucker@
2015-09-11mention -Q key-plain and -Q key-cert;Damien Miller
bz#2455 pointed out by Jakub Jelen
2015-09-11more clarity on what AuthorizedKeysFile=none does;Damien Miller
based on diff by Thiebaud Weksteen
2015-09-09openssh_RSA_verify return type is int, so don't make it size_t withinDamien Miller
the function itself with only negative numbers or zero assigned to it. bz#2460
2015-09-04Plug minor memory leaks when options are used more than once. bz#2182,Darren Tucker
patch from Tiago Cunha, ok deraadt djm
2015-09-04full stop belongs outside the brackets, not inside;Jason McIntyre
2015-09-04add a debug2() right before DNS resolution; it's a place whereDamien Miller
ssh could previously silently hang for a while. bz#2433
2015-09-04correct function name in error messagesDamien Miller
2015-09-04better document ExitOnForwardFailure; bz#2444, ok dtucker@Damien Miller
2015-09-04don't record hostbased authentication hostkeys as user keysDamien Miller
in test for multiple authentication with the same key
2015-09-04remove extra newline in nethack-mode hostkey;Damien Miller
from Christian Hesse bz#2686
2015-09-02Fix occurrences of "r = func() != 0" which result in the wrong errorJonathan Gray
codes being returned due to != having higher precedence than =. ok deraadt@ markus@
2015-08-21Improve printing of KEX offers and decisionsDamien Miller
The debug output now labels the client and server offers and the negotiated options. ok markus@
2015-08-21Fix printing (ssh -G ...) of HostKeyAlgorithms=+...Damien Miller
Reported by Bryan Drewery
2015-08-21Fix expansion of HostkeyAlgorithms=+...Damien Miller
Reported by Bryan Drewery
2015-08-21Regen moduliDarren Tucker
2015-08-21Improve size == 0, count == 0 checking in mm_zalloc, which is "array" like.Theo de Raadt
Discussed with tedu, millert, otto.... and ok djm
2015-08-21openssh-7.1Damien Miller
2015-08-21fix inverted logic that broke PermitRootLogin;Damien Miller
reported by Mantas Mikulenas; ok markus@
2015-08-20Do not cast result of malloc/calloc/realloc* if stdlib.h is in scopeTheo de Raadt
ok krw millert
2015-08-20In the certificates section, be consistent about using "host_key"Christian Weisgerber
and "user_key" for the respective key types. ok sthen@ deraadt@
2015-08-19Better compat matching for WinSCP, add compat matching forDamien Miller
FuTTY (fork of PuTTY); ok markus@ deraadt@
2015-08-19fix double-free() in error path of DSA key generation reported byDamien Miller
Mateusz Kocielski; ok markus@
2015-08-19fix free() of uninitialised pointer reported by Mateusz Kocielski;Damien Miller
ok markus@
2015-08-19fixed unlink([uninitialised memory]) reported by Mateusz Kocielski;Damien Miller
ok markus@
2015-08-14match myproposal.h order; from brian conwayJason McIntyre
(i snuck in a tweak while here) ok dtucker
2015-08-06add prohibit-password as a synonymn for without-password, since theTheo de Raadt
without-password is causing too many questions. Harden it to ban all but pubkey, hostbased, and GSSAPI auth (when the latter is enabled) from djm, ok markus
2015-08-04backout SSH_RSA_MINIMUM_MODULUS_SIZE increase for this release;Damien Miller
problems spotted by sthen@ ok deraadt@ markus@
2015-08-02openssh 7.0; ok deraadt@Damien Miller
2015-07-31Allow PermitRootLogin to be overridden by configChris Cappuccio
ok markus@ deeradt@
2015-07-30fix pty permissions; patch from Nikolay Edigaryev; ok deraadtDamien Miller
2015-07-30change default: PermitRootLogin without-passwordTheo de Raadt
matching install script changes coming as well ok djm markus
2015-07-30Allow ssh_config and sshd_config kex parameters options be prefixedDamien Miller
by a '+' to indicate that the specified items be appended to the default rather than replacing it. approach suggested by dtucker@, feedback dlg@, ok markus@
2015-07-29fix bug in previous; was printing incorrect string for failedDamien Miller
host key algorithms negotiation
2015-07-29include the peer's offer when logging a failure to negotiate aDamien Miller
mutual set of algorithms (kex, pubkey, ciphers, etc.) ok markus@
2015-07-28add Cisco to the list of clients that choke on the hostkeys updateDamien Miller
extension. Pointed out by Howard Kash
2015-07-27Permit kbind(2) use in the sandbox now, to ease testing of ld.so work using itPhilip Guenther
reminded by miod@, ok deraadt@
2015-07-22Generate new moduli.Darren Tucker
2015-07-20Move .Pp before .Bl, not after to quiet mandoc -Tlint.Todd C. Miller
Noticed by jmc@
2015-07-20Sync usage with SYNOPSISTodd C. Miller
2015-07-20Better desciption of Unix domain socket forwarding.Todd C. Miller
bz#2423; ok jmc@
2015-07-20mention that the default of UseDNS=no implies that hostnames cannotDamien Miller
be used for host matching in sshd_config and authorized_keys; bz#2045, ok dtucker@
2015-07-18don't ignore PKCS#11 hosted keys that return empty CKA_ID;Damien Miller
patch by Jakub Jelen via bz#2429; ok markus
2015-07-18skip uninitialised PKCS#11 slots; patch from Jakub Jelen in bz#2427Damien Miller
ok markus@
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-05 02:16:30 +0000