summaryrefslogtreecommitdiff
path: root/usr.bin
AgeCommit message (Expand)Author
2020-01-26for UpdateHostKeys, don't report errors for unsupported key types -Damien Miller
2020-01-26downgrade error() for missing subsequent known_hosts files to debug()Damien Miller
2020-01-25clarify that BatchMode applies to all interactive prompts (e.g. host keyDamien Miller
2020-01-25tidy headers; some junk snuck into sshbuf-misc.c and sshbuf-io.cDamien Miller
2020-01-25improve the error message for u2f enrollment errors by makingDamien Miller
2020-01-25factor out reading/writing sshbufs to dedicated functions;Damien Miller
2020-01-25Minor cleanup, no functional change:Ingo Schwarze
2020-01-25add a comment describing the ranges of channel IDs that we use;Damien Miller
2020-01-25make sshd_config:ClientAliveCountMax=0 disable the connection killingDamien Miller
2020-01-25clarify order of AllowUsers/DenyUsers vs AllowGroups/DenyGroups;Damien Miller
2020-01-25Remove a sleep call that I used for some testing that slipped in duringMartijn van Duren
2020-01-25Mention swap-window -d, GitHub issue 2068.Nicholas Marriott
2020-01-25when AddKeysToAgent=yes is set and the key contains no comment,Damien Miller
2020-01-25group14-sha1 is no longer a default algorithmTed Unangst
2020-01-25reword HashKnownHosts description a little more; some people foundDamien Miller
2020-01-25weaken the language for what HashKnownHosts provides with regardsDamien Miller
2020-01-25the GatewayPorts vs -R listen address selection logic is stillDamien Miller
2020-01-25mention that permitopen=/PermitOpen do no name to addressDamien Miller
2020-01-25add a couple of XXX for future cleanupTheo Buehler
2020-01-25unrevert this:Damien Miller
2020-01-25set UpdateKnownHosts=ask by default; bz#2894; ok markus@Damien Miller
2020-01-25allow UpdateKnownHosts=yes to function when multiple known_hosts filesDamien Miller
2020-01-25process security key provider via realpath() in agent, avoidsDamien Miller
2020-01-25expose PKCS#11 key labels/X.509 subjects as commentsDamien Miller
2020-01-24tweak proctitle to include sshd arguments, as these are frequentlyDamien Miller
2020-01-24add xextendf() to extend a string with a format (reallocating asDamien Miller
2020-01-24Teach openssl s_client a bit about TLSv1.3.Theo Buehler
2020-01-24minor tweaks to ssh-keygen -Y find-principals:Damien Miller
2020-01-24remove ssh-rsa (SHA1) from the list of allowed CA signature algorithmsDamien Miller
2020-01-24when signing a certificate with an RSA key, default to a safe signatureDamien Miller
2020-01-24allow PEM export of DSA and ECDSA keys; bz3091, patch from Jakub JelenDamien Miller
2020-01-23ssh-keygen -Y find-principals fixes based on feedback from Markus:Damien Miller
2020-01-23Remove unused sys/signal.h include.Alexandre Ratchov
2020-01-23Fix typo in comment.Darren Tucker
2020-01-23Make zlib optional. This adds a "ZLIB" build time option that allowsDarren Tucker
2020-01-23remove trailing period characters from pub/priv key pathnames -Damien Miller
2020-01-23new sentence, new line;Jason McIntyre
2020-01-23Replace all calls to signal(2) with a wrapper around sigaction(2).Darren Tucker
2020-01-23When opening a device, loop over the alternate devices list in theAlexandre Ratchov
2020-01-23Accept MIDI clients that don't reset status during sysex messages.Alexandre Ratchov
2020-01-23missing header change from previous; spotted by dtucker@Damien Miller
2020-01-23Make -peekaboo mode also use SSL_pending after peeking, to ensureBob Beck
2020-01-23Remove unsupported algorithms from list of defaults at run time andDarren Tucker
2020-01-23add a new signature operations "find-principal" to look up theDamien Miller
2020-01-22delete wasteful ;;Theo de Raadt
2020-01-22Ignore whitespace when checking explict fingerprint. When confirming a hostDarren Tucker
2020-01-22Simplify the peekaboo code.Joel Sing
2020-01-22remove diffie-hellman-group14-sha1 from default kex to see what happens.Ted Unangst
2020-01-22For ssh-keygen -lF only add a space after key fingerprint when there is aClaudio Jeker
2020-01-22Add -peekaboo option to s_client, to test SSL_peekBob Beck