summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
AgeCommit message (Expand)Author
2024-10-06Turn off finite field (a.k.a modp) Diffie-Hellman key exchange in sshdDamien Miller
2024-09-26fix previous change to ssh_config Match, which broken on negatedDamien Miller
2024-09-25remove some unused defines; ok djm@Jonathan Gray
2024-09-25remove some unneeded Xo/Xc calls; from evan silbermanJason McIntyre
2024-09-25fix regression introduced when I switched the "Match" criteria tokeniserDamien Miller
2024-09-24some extra paranoia, reminded by jsg@Damien Miller
2024-09-22remove some unused defines; ok djm@Jonathan Gray
2024-09-20remove unneeded semicolons; checked by millert@Jonathan Gray
2024-09-19openssh-9.9Damien Miller
2024-09-16use 64 bit math to avoid signed underflow. upstream code relies onDamien Miller
2024-09-15minor grammar/sort fixes for refuseconnection; ok djmJason McIntyre
2024-09-15bad whitespace in config dump outputDamien Miller
2024-09-15update the Streamlined NTRU Prime code from the "ref" implementationDamien Miller
2024-09-15document Match invalid-userDamien Miller
2024-09-15add a "Match invalid-user" predicate to sshd_config Match options.Damien Miller
2024-09-15Add a "refuseconnection" penalty class to sshd_configDamien Miller
2024-09-15Add a sshd_config "RefuseConnection" optionDamien Miller
2024-09-15switch sshd_config Match processing to the argv tokeniser too;Damien Miller
2024-09-15switch "Match" directive processing over to the argv stringDamien Miller
2024-09-15include pathname in some of the ssh-keygen passphrase prompts. HelpsDamien Miller
2024-09-15Do not apply authorized_keys options when signature verificationDamien Miller
2024-09-12Relax absolute path requirement back to what it was prior to OpenSSH 9.8,Damien Miller
2024-09-09document the mlkem768x25519-sha256 key exchange algorithmChristian Weisgerber
2024-09-09pull post-quantum ML-KEM/x25519 key exchange out from compile-timeDamien Miller
2024-09-06make parsing user@host consistently look for the last '@' in theDamien Miller
2024-09-04be more strict in parsing key type names. Only allow shortnames (e.gDamien Miller
2024-09-04fix RCSID in outputDamien Miller
2024-09-03envrionment -> environment;Jason McIntyre
2024-09-03allow the "Include" directive to expand the same set of %-tokensDamien Miller
2024-09-02missing ifdefDamien Miller
2024-09-02Add experimental support for hybrid post-quantum key exchangeDamien Miller
2024-08-23As defined in the RFC, the SSH protocol has negotiable compression supportTheo de Raadt
2024-08-22sntrup761x25519-sha512 now has an IANA codepoint assigned,Damien Miller
2024-08-21Import regenerated moduli.Darren Tucker
2024-08-20actually use the length parameter that was passed in rather than aDamien Miller
2024-08-20place shielded keys (i.e. keys at rest in RAM) into memory allocatedDamien Miller
2024-08-17mention that ed25519 is the default key type generated andDamien Miller
2024-08-17fix minor memory leak in Subsystem option parsing;Damien Miller
2024-08-17fix swapping of source and destination addresses in some sshd log messagesDamien Miller
2024-08-15Convert RSA and ECDSA key to the libcrypto EVP_PKEY API. DSA remainsDamien Miller
2024-08-14Reorder calloc argumentsTobias Stoeckmann
2024-08-14Extend sshbuf validationTobias Stoeckmann
2024-08-14Use freezero for better readabilityTobias Stoeckmann
2024-08-14Fix typo in commentTobias Stoeckmann
2024-07-31add a random amount of time (up to 4 seconds) to the grace login time.David Gwynne
2024-07-26document the reduced logingrace penaltyChristian Weisgerber
2024-07-25reduce logingrace penalty.Damien Miller
2024-07-25Fix proxy multiplexing (-O proxy) bugDamien Miller
2024-07-18mention mux proxy modeDamien Miller
2024-07-14fix double word; ok dtucker@Jonathan Gray
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 18:11:44 +0000