summaryrefslogtreecommitdiff
path: root/usr.bin
AgeCommit message (Collapse)Author
2001-04-08init pointers with NULL, thanks to danimal@danimal.orgMarkus Friedl
2001-04-08leave_raw_mode if ssh2 "session" is closedMarkus Friedl
2001-04-08KNFMarkus Friedl
2001-04-07Small changes, user-friendly:Marc Espie
- just warn if hints file holds duplicates. So what ? We sure can't use uniq to remove those. - on the other hand, warn in verbose mode if main file holds nodes that are not in hints file. Ok millert@
2001-04-07allow the ssh client act as a SOCKS4 proxy (dynamic local portforwarding).Markus Friedl
work by Dan Kaminsky <dankamin@cisco.com> and me. thanks to Dan for this great patch: use 'ssh -D 1080 host' and make netscape use localhost:1080 as a socks proxy.
2001-04-06in addition to:Kevin Steves
ListenAddress host|ipv4_addr|ipv6_addr permit: ListenAddress [host|ipv4_addr|ipv6_addr]:port ListenAddress host|ipv4_addr:port sshd.8 updates coming. ok markus@
2001-04-06unused; typo in commentKevin Steves
2001-04-06do gid/groups-swap in addition to uid-swap, should help if /home/groupMarkus Friedl
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks to olar@openwall.com is comments. we had many requests for this.
2001-04-06remove trailing / from source paths; fixes pr#1756Theo de Raadt
2001-04-05keep the ssh session even if there is no active channel.Markus Friedl
this is more in line with the protocol spec and makes ssh -N -L 1234:server:110 host more useful. based on discussion with <mats@mindbright.se> long time ago and recent mail from <res@shore.net>
2001-04-05don't request a session for 'ssh -N', pointed out slade@shore.netMarkus Friedl
2001-04-05better error messageMarkus Friedl
2001-04-05for ~R print message if server does not support rekeying. (and fix ~R).Markus Friedl
2001-04-05document RCS $OpenBSD matching; adrian@ubergeeks.comTheo de Raadt
2001-04-05move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@Kevin Steves
2001-04-05ssh defaults to protocol v2; from quisar@quisar.ambre.netMarkus Friedl
2001-04-05add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.Markus Friedl
2001-04-05fix whitespace: unexpand + trailing spaces.Markus Friedl
2001-04-05temporary version 2.5.4 (supports rekeying).Markus Friedl
this is not an official release.
2001-04-05reset compress state per direction when rekeying.Markus Friedl
2001-04-052.3.x does old GEX, too; report jakob@Markus Friedl
2001-04-04clear+free keys,iv for rekeying.Markus Friedl
+ fix DH mem leaks. ok niels@
2001-04-04parse full kexinit packet.Markus Friedl
make server-side more robust, too.
2001-04-04we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@Markus Friedl
2001-04-04more robust rekeyingMarkus Friedl
don't send channel data after rekeying is started.
2001-04-04f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.govMarkus Friedl
2001-04-04enable server side rekeying + some rekey related clientup.Markus Friedl
todo: we should not send any non-KEX messages after we send KEXINIT
2001-04-04don't sent multiple kexinit-requests.Markus Friedl
send newkeys, block while waiting for newkeys. fix comments.
2001-04-04enable client rekeyingMarkus Friedl
(1) force rekeying with ~R, or (2) if the server requests rekeying. works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
2001-04-03undo parts of recent my changes: main part of keyexchange does notMarkus Friedl
need dispatch-callbacks, since application data is delayed until the keyexchange completes (if i understand the drafts correctly). add some infrastructure for re-keying.
2001-04-03id_rsa1/2 -> id_rsa; ok markus@Todd T. Fries
2001-04-03move kex to kex*.c, used dispatch_set() callbacks for kex. shouldMarkus Friedl
make rekeying easier.
2001-04-03free() -> xfree()Kevin Steves
2001-04-02grammar; slade@shore.netTheo de Raadt
2001-04-02correct comment; ok markus@Kevin Steves
2001-04-02typo; ok markus@Kevin Steves
2001-03-31Make this work again, this might be ugly, but it works; bad mickey.Federico G. Schwindt
2001-03-30Use stashed user_gid when checking against exempt gid since sudoTodd C. Miller
sets its gid to SUDOERS_GID, making getgid() return that, not the real gid. FIxes problem with setting exempt group == SUDOERS_GID. Fix from Paul Kranenburg.
2001-03-29Protocol 1 key regeneration log => verbose, some KNF; ok markus@Damien Miller
2001-03-29prepare for rekeying: move DH code to dh.cMarkus Friedl
2001-03-29need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@Kevin Steves
2001-03-29Pretty.Aaron Campbell
2001-03-29use recommended defaultsNiels Provos
2001-03-28check auth_root_allowed for kbd-int auth, too.Markus Friedl
2001-03-28more sanity checking on primes fileNiels Provos
2001-03-28forgot to include min and max params in hash, okay markus@Niels Provos
2001-03-28call refuse() before close(); from olemx@ans.plMarkus Friedl
2001-03-28usage more like rcp and add missing -B to usage; ok markus@Kevin Steves
2001-03-28start to sync scp closer to rcp; ok markus@Kevin Steves
2001-03-27Get rid of bogus .UC macro, likely an artifact of old mdoc conversions.Aaron Campbell