summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog519
-rw-r--r--Makefile.in4
-rw-r--r--PROTOCOL.certkeys106
-rw-r--r--PROTOCOL.mux13
-rw-r--r--README4
-rw-r--r--auth-options.c328
-rw-r--r--auth-options.h5
-rw-r--r--auth-rsa.c9
-rw-r--r--auth.c48
-rw-r--r--auth.h4
-rw-r--r--auth1.c4
-rw-r--r--auth2-hostbased.c31
-rw-r--r--auth2-none.c4
-rw-r--r--auth2-pubkey.c145
-rw-r--r--authfd.c6
-rw-r--r--authfile.c62
-rw-r--r--authfile.h4
-rw-r--r--bufaux.c8
-rw-r--r--channels.c99
-rw-r--r--channels.h8
-rw-r--r--clientloop.c89
-rw-r--r--clientloop.h5
-rw-r--r--config.h.in3
-rwxr-xr-xconfigure10
-rw-r--r--configure.ac11
-rwxr-xr-xcontrib/aix/buildbff.sh4
-rw-r--r--contrib/caldera/openssh.spec5
-rw-r--r--contrib/cygwin/README6
-rw-r--r--contrib/redhat/openssh.spec7
-rw-r--r--contrib/ssh-copy-id10
-rw-r--r--contrib/ssh-copy-id.134
-rw-r--r--contrib/suse/openssh.spec2
-rw-r--r--debian/changelog16
-rw-r--r--debian/patches/debian-banner.patch18
-rw-r--r--debian/patches/debian-config.patch8
-rw-r--r--debian/patches/doc-hash-tab-completion.patch2
-rw-r--r--debian/patches/gssapi-autoconf.patch4
-rw-r--r--debian/patches/gssapi-compat.patch2
-rw-r--r--debian/patches/gssapi-dump.patch2
-rw-r--r--debian/patches/gssapi.patch44
-rw-r--r--debian/patches/keepalive-extensions.patch16
-rw-r--r--debian/patches/openbsd-docs.patch12
-rw-r--r--debian/patches/package-versioning.patch2
-rw-r--r--debian/patches/quieter-signals.patch2
-rw-r--r--debian/patches/scp-quoting.patch2
-rw-r--r--debian/patches/series1
-rw-r--r--debian/patches/ssh-argv0.patch2
-rw-r--r--debian/patches/ssh-copy-id-trailing-colons.patch25
-rw-r--r--debian/patches/ssh-vulnkey.patch60
-rw-r--r--debian/patches/ssh1-keepalive.patch33
-rw-r--r--debian/patches/syslog-level-silent.patch2
-rw-r--r--debian/patches/user-group-modes.patch16
-rw-r--r--jpake.c4
-rw-r--r--key.c182
-rw-r--r--key.h11
-rw-r--r--loginrec.h2
-rw-r--r--misc.c19
-rw-r--r--misc.h3
-rw-r--r--moduli.011
-rw-r--r--monitor.c20
-rw-r--r--mux.c181
-rw-r--r--myproposal.h11
-rw-r--r--openbsd-compat/Makefile.in4
-rw-r--r--openbsd-compat/openbsd-compat.h7
-rw-r--r--openbsd-compat/openssl-compat.h13
-rw-r--r--openbsd-compat/port-tun.c8
-rw-r--r--openbsd-compat/port-uw.c2
-rw-r--r--openbsd-compat/strptime.c401
-rw-r--r--packet.c4
-rw-r--r--readconf.c71
-rw-r--r--readconf.h10
-rw-r--r--regress/Makefile9
-rw-r--r--regress/README.regress4
-rw-r--r--regress/cert-hostkey.sh174
-rw-r--r--regress/cert-userkey.sh221
-rw-r--r--regress/login-timeout.sh2
-rw-r--r--regress/reconfigure.sh2
-rw-r--r--regress/reexec.sh6
-rw-r--r--regress/test-exec.sh2
-rw-r--r--scp.020
-rw-r--r--scp.c20
-rw-r--r--servconf.c31
-rw-r--r--servconf.h3
-rw-r--r--session.c46
-rw-r--r--sftp-client.c7
-rw-r--r--sftp-server.031
-rw-r--r--sftp.0101
-rw-r--r--sftp.c6
-rw-r--r--ssh-add.038
-rw-r--r--ssh-add.c50
-rw-r--r--ssh-agent.056
-rw-r--r--ssh-agent.c5
-rw-r--r--ssh-dss.c12
-rw-r--r--ssh-keygen.0254
-rw-r--r--ssh-keygen.189
-rw-r--r--ssh-keygen.c759
-rw-r--r--ssh-keyscan.033
-rw-r--r--ssh-keyscan.c165
-rw-r--r--ssh-keysign.011
-rw-r--r--ssh-keysign.87
-rw-r--r--ssh-keysign.c4
-rw-r--r--ssh-pkcs11-helper.02
-rw-r--r--ssh-pkcs11.c53
-rw-r--r--ssh-rand-helper.06
-rw-r--r--ssh-rsa.c21
-rw-r--r--ssh.0482
-rw-r--r--ssh.176
-rw-r--r--ssh.c199
-rw-r--r--ssh.h5
-rw-r--r--ssh_config.0548
-rw-r--r--ssh_config.575
-rw-r--r--sshconnect.c14
-rw-r--r--sshconnect2.c12
-rw-r--r--sshd.0391
-rw-r--r--sshd.818
-rw-r--r--sshd.c15
-rw-r--r--sshd_config.0451
-rw-r--r--sshd_config.553
-rw-r--r--version.h4
119 files changed, 5000 insertions, 2423 deletions
diff --git a/ChangeLog b/ChangeLog
index 39e0ba45d..e3ac6a925 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,522 @@
120100823
2 - (djm) Release OpenSSH-5.6p1
3
420100816
5 - (dtucker) [configure.ac openbsd-compat/Makefile.in
6 openbsd-compat/openbsd-compat.h openbsd-compat/strptime.c] Add strptime to
7 the compat library which helps on platforms like old IRIX. Based on work
8 by djm, tested by Tom Christensen.
9 - OpenBSD CVS Sync
10 - djm@cvs.openbsd.org 2010/08/12 21:49:44
11 [ssh.c]
12 close any extra file descriptors inherited from parent at start and
13 reopen stdin/stdout to /dev/null when forking for ControlPersist.
14
15 prevents tools that fork and run a captive ssh for communication from
16 failing to exit when the ssh completes while they wait for these fds to
17 close. The inherited fds may persist arbitrarily long if a background
18 mux master has been started by ControlPersist. cvs and scp were effected
19 by this.
20
21 "please commit" markus@
22 - (djm) [regress/README.regress] typo
23
2420100812
25 - (tim) [regress/login-timeout.sh regress/reconfigure.sh regress/reexec.sh
26 regress/test-exec.sh] Under certain conditions when testing with sudo
27 tests would fail because the pidfile could not be read by a regular user.
28 "cat: cannot open ...../regress/pidfile: Permission denied (error 13)"
29 Make sure cat is run by $SUDO. no objection from me. djm@
30 - (tim) [auth.c] add cast to quiet compiler. Change only affects SVR5 systems.
31
3220100809
33 - (djm) bz#1561: don't bother setting IFF_UP on tun(4) device if it is
34 already set. Makes FreeBSD user openable tunnels useful; patch from
35 richard.burakowski+ossh AT mrburak.net, ok dtucker@
36 - (dtucker) bug #1530: strip trailing ":" from hostname in ssh-copy-id.
37 based in part on a patch from Colin Watson, ok djm@
38
3920100809
40 - OpenBSD CVS Sync
41 - djm@cvs.openbsd.org 2010/08/08 16:26:42
42 [version.h]
43 crank to 5.6
44 - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
45 [contrib/suse/openssh.spec] Crank version numbers
46
4720100805
48 - OpenBSD CVS Sync
49 - djm@cvs.openbsd.org 2010/08/04 05:37:01
50 [ssh.1 ssh_config.5 sshd.8]
51 Remove mentions of weird "addr/port" alternate address format for IPv6
52 addresses combinations. It hasn't worked for ages and we have supported
53 the more commen "[addr]:port" format for a long time. ok jmc@ markus@
54 - djm@cvs.openbsd.org 2010/08/04 05:40:39
55 [PROTOCOL.certkeys ssh-keygen.c]
56 tighten the rules for certificate encoding by requiring that options
57 appear in lexical order and make our ssh-keygen comply. ok markus@
58 - djm@cvs.openbsd.org 2010/08/04 05:42:47
59 [auth.c auth2-hostbased.c authfile.c authfile.h ssh-keysign.8]
60 [ssh-keysign.c ssh.c]
61 enable certificates for hostbased authentication, from Iain Morgan;
62 "looks ok" markus@
63 - djm@cvs.openbsd.org 2010/08/04 05:49:22
64 [authfile.c]
65 commited the wrong version of the hostbased certificate diff; this
66 version replaces some strlc{py,at} verbosity with xasprintf() at
67 the request of markus@
68 - djm@cvs.openbsd.org 2010/08/04 06:07:11
69 [ssh-keygen.1 ssh-keygen.c]
70 Support CA keys in PKCS#11 tokens; feedback and ok markus@
71 - djm@cvs.openbsd.org 2010/08/04 06:08:40
72 [ssh-keysign.c]
73 clean for -Wuninitialized (Id sync only; portable had this change)
74 - djm@cvs.openbsd.org 2010/08/05 13:08:42
75 [channels.c]
76 Fix a trio of bugs in the local/remote window calculation for datagram
77 data channels (i.e. TunnelForward):
78
79 Calculate local_consumed correctly in channel_handle_wfd() by measuring
80 the delta to buffer_len(c->output) from when we start to when we finish.
81 The proximal problem here is that the output_filter we use in portable
82 modified the length of the dequeued datagram (to futz with the headers
83 for !OpenBSD).
84
85 In channel_output_poll(), don't enqueue datagrams that won't fit in the
86 peer's advertised packet size (highly unlikely to ever occur) or which
87 won't fit in the peer's remaining window (more likely).
88
89 In channel_input_data(), account for the 4-byte string header in
90 datagram packets that we accept from the peer and enqueue in c->output.
91
92 report, analysis and testing 2/3 cases from wierbows AT us.ibm.com;
93 "looks good" markus@
94
9520100803
96 - (dtucker) [monitor.c] Bug #1795: Initialize the values to be returned from
97 PAM to sane values in case the PAM method doesn't write to them. Spotted by
98 Bitman Zhou, ok djm@.
99 - OpenBSD CVS Sync
100 - djm@cvs.openbsd.org 2010/07/16 04:45:30
101 [ssh-keygen.c]
102 avoid bogus compiler warning
103 - djm@cvs.openbsd.org 2010/07/16 14:07:35
104 [ssh-rsa.c]
105 more timing paranoia - compare all parts of the expected decrypted
106 data before returning. AFAIK not exploitable in the SSH protocol.
107 "groovy" deraadt@
108 - djm@cvs.openbsd.org 2010/07/19 03:16:33
109 [sftp-client.c]
110 bz#1797: fix swapped args in upload_dir_internal(), breaking recursive
111 upload depth checks and causing verbose printing of transfers to always
112 be turned on; patch from imorgan AT nas.nasa.gov
113 - djm@cvs.openbsd.org 2010/07/19 09:15:12
114 [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
115 add a "ControlPersist" option that automatically starts a background
116 ssh(1) multiplex master when connecting. This connection can stay alive
117 indefinitely, or can be set to automatically close after a user-specified
118 duration of inactivity. bz#1330 - patch by dwmw2 AT infradead.org, but
119 further hacked on by wmertens AT cisco.com, apb AT cequrux.com,
120 martin-mindrot-bugzilla AT earth.li and myself; "looks ok" markus@
121 - djm@cvs.openbsd.org 2010/07/21 02:10:58
122 [misc.c]
123 sync timingsafe_bcmp() with the one dempsky@ committed to sys/lib/libkern
124 - dtucker@cvs.openbsd.org 2010/07/23 08:49:25
125 [ssh.1]
126 Ciphers is documented in ssh_config(5) these days
127
12820100819
129 - (dtucker) [contrib/ssh-copy-ud.1] Bug #1786: update ssh-copy-id.1 with more
130 details about its behaviour WRT existing directories. Patch from
131 asguthrie at gmail com, ok djm.
132
13320100716
134 - (djm) OpenBSD CVS Sync
135 - djm@cvs.openbsd.org 2010/07/02 04:32:44
136 [misc.c]
137 unbreak strdelim() skipping past quoted strings, e.g.
138 AllowUsers "blah blah" blah
139 was broken; report and fix in bz#1757 from bitman.zhou AT centrify.com
140 ok dtucker;
141 - djm@cvs.openbsd.org 2010/07/12 22:38:52
142 [ssh.c]
143 Make ExitOnForwardFailure work with fork-after-authentication ("ssh -f")
144 for protocol 2. ok markus@
145 - djm@cvs.openbsd.org 2010/07/12 22:41:13
146 [ssh.c ssh_config.5]
147 expand %h to the hostname in ssh_config Hostname options. While this
148 sounds useless, it is actually handy for working with unqualified
149 hostnames:
150
151 Host *.*
152 Hostname %h
153 Host *
154 Hostname %h.example.org
155
156 "I like it" markus@
157 - djm@cvs.openbsd.org 2010/07/13 11:52:06
158 [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c]
159 [packet.c ssh-rsa.c]
160 implement a timing_safe_cmp() function to compare memory without leaking
161 timing information by short-circuiting like memcmp() and use it for
162 some of the more sensitive comparisons (though nothing high-value was
163 readily attackable anyway); "looks ok" markus@
164 - djm@cvs.openbsd.org 2010/07/13 23:13:16
165 [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c packet.c]
166 [ssh-rsa.c]
167 s/timing_safe_cmp/timingsafe_bcmp/g
168 - jmc@cvs.openbsd.org 2010/07/14 17:06:58
169 [ssh.1]
170 finally ssh synopsis looks nice again! this commit just removes a ton of
171 hacks we had in place to make it work with old groff;
172 - schwarze@cvs.openbsd.org 2010/07/15 21:20:38
173 [ssh-keygen.1]
174 repair incorrect block nesting, which screwed up indentation;
175 problem reported and fix OK by jmc@
176
17720100714
178 - (tim) [contrib/redhat/openssh.spec] Bug 1796: Test for skip_x11_askpass
179 (line 77) should have been for no_x11_askpass.
180
18120100702
182 - (djm) OpenBSD CVS Sync
183 - jmc@cvs.openbsd.org 2010/06/26 00:57:07
184 [ssh_config.5]
185 tweak previous;
186 - djm@cvs.openbsd.org 2010/06/26 23:04:04
187 [ssh.c]
188 oops, forgot to #include <canohost.h>; spotted and patch from chl@
189 - djm@cvs.openbsd.org 2010/06/29 23:15:30
190 [ssh-keygen.1 ssh-keygen.c]
191 allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
192 bz#1749; ok markus@
193 - djm@cvs.openbsd.org 2010/06/29 23:16:46
194 [auth2-pubkey.c sshd_config.5]
195 allow key options (command="..." and friends) in AuthorizedPrincipals;
196 ok markus@
197 - jmc@cvs.openbsd.org 2010/06/30 07:24:25
198 [ssh-keygen.1]
199 tweak previous;
200 - jmc@cvs.openbsd.org 2010/06/30 07:26:03
201 [ssh-keygen.c]
202 sort usage();
203 - jmc@cvs.openbsd.org 2010/06/30 07:28:34
204 [sshd_config.5]
205 tweak previous;
206 - millert@cvs.openbsd.org 2010/07/01 13:06:59
207 [scp.c]
208 Fix a longstanding problem where if you suspend scp at the
209 password/passphrase prompt the terminal mode is not restored.
210 OK djm@
211 - phessler@cvs.openbsd.org 2010/06/27 19:19:56
212 [regress/Makefile]
213 fix how we run the tests so we can successfully use SUDO='sudo -E'
214 in our env
215 - djm@cvs.openbsd.org 2010/06/29 23:59:54
216 [cert-userkey.sh]
217 regress tests for key options in AuthorizedPrincipals
218
21920100627
220 - (tim) [openbsd-compat/port-uw.c] Reorder includes. auth-options.h now needs
221 key.h.
222
22320100626
224 - (djm) OpenBSD CVS Sync
225 - djm@cvs.openbsd.org 2010/05/21 05:00:36
226 [misc.c]
227 colon() returns char*, so s/return (0)/return NULL/
228 - markus@cvs.openbsd.org 2010/06/08 21:32:19
229 [ssh-pkcs11.c]
230 check length of value returned C_GetAttributValue for != 0
231 from mdrtbugzilla@codefive.co.uk; bugzilla #1773; ok dtucker@
232 - djm@cvs.openbsd.org 2010/06/17 07:07:30
233 [mux.c]
234 Correct sizing of object to be allocated by calloc(), replacing
235 sizeof(state) with sizeof(*state). This worked by accident since
236 the struct contained a single int at present, but could have broken
237 in the future. patch from hyc AT symas.com
238 - djm@cvs.openbsd.org 2010/06/18 00:58:39
239 [sftp.c]
240 unbreak ls in working directories that contains globbing characters in
241 their pathnames. bz#1655 reported by vgiffin AT apple.com
242 - djm@cvs.openbsd.org 2010/06/18 03:16:03
243 [session.c]
244 Missing check for chroot_director == "none" (we already checked against
245 NULL); bz#1564 from Jan.Pechanec AT Sun.COM
246 - djm@cvs.openbsd.org 2010/06/18 04:43:08
247 [sftp-client.c]
248 fix memory leak in do_realpath() error path; bz#1771, patch from
249 anicka AT suse.cz
250 - djm@cvs.openbsd.org 2010/06/22 04:22:59
251 [servconf.c sshd_config.5]
252 expose some more sshd_config options inside Match blocks:
253 AuthorizedKeysFile AuthorizedPrincipalsFile
254 HostbasedUsesNameFromPacketOnly PermitTunnel
255 bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@
256 - djm@cvs.openbsd.org 2010/06/22 04:32:06
257 [ssh-keygen.c]
258 standardise error messages when attempting to open private key
259 files to include "progname: filename: error reason"
260 bz#1783; ok dtucker@
261 - djm@cvs.openbsd.org 2010/06/22 04:49:47
262 [auth.c]
263 queue auth debug messages for bad ownership or permissions on the user's
264 keyfiles. These messages will be sent after the user has successfully
265 authenticated (where our client will display them with LogLevel=debug).
266 bz#1554; ok dtucker@
267 - djm@cvs.openbsd.org 2010/06/22 04:54:30
268 [ssh-keyscan.c]
269 replace verbose and overflow-prone Linebuf code with read_keyfile_line()
270 based on patch from joachim AT joachimschipper.nl; bz#1565; ok dtucker@
271 - djm@cvs.openbsd.org 2010/06/22 04:59:12
272 [session.c]
273 include the user name on "subsystem request for ..." log messages;
274 bz#1571; ok dtucker@
275 - djm@cvs.openbsd.org 2010/06/23 02:59:02
276 [ssh-keygen.c]
277 fix printing of extensions in v01 certificates that I broke in r1.190
278 - djm@cvs.openbsd.org 2010/06/25 07:14:46
279 [channels.c mux.c readconf.c readconf.h ssh.h]
280 bz#1327: remove hardcoded limit of 100 permitopen clauses and port
281 forwards per direction; ok markus@ stevesk@
282 - djm@cvs.openbsd.org 2010/06/25 07:20:04
283 [channels.c session.c]
284 bz#1750: fix requirement for /dev/null inside ChrootDirectory for
285 internal-sftp accidentally introduced in r1.253 by removing the code
286 that opens and dup /dev/null to stderr and modifying the channels code
287 to read stderr but discard it instead; ok markus@
288 - djm@cvs.openbsd.org 2010/06/25 08:46:17
289 [auth1.c auth2-none.c]
290 skip the initial check for access with an empty password when
291 PermitEmptyPasswords=no; bz#1638; ok markus@
292 - djm@cvs.openbsd.org 2010/06/25 23:10:30
293 [ssh.c]
294 log the hostname and address that we connected to at LogLevel=verbose
295 after authentication is successful to mitigate "phishing" attacks by
296 servers with trusted keys that accept authentication silently and
297 automatically before presenting fake password/passphrase prompts;
298 "nice!" markus@
299 - djm@cvs.openbsd.org 2010/06/25 23:10:30
300 [ssh.c]
301 log the hostname and address that we connected to at LogLevel=verbose
302 after authentication is successful to mitigate "phishing" attacks by
303 servers with trusted keys that accept authentication silently and
304 automatically before presenting fake password/passphrase prompts;
305 "nice!" markus@
306
30720100622
308 - (djm) [loginrec.c] crank LINFO_NAMESIZE (username length) to 512
309 bz#1579; ok dtucker
310
31120100618
312 - (djm) [contrib/ssh-copy-id] Update key file explicitly under ~
313 rather than assuming that $CWD == $HOME. bz#1500, patch from
314 timothy AT gelter.com
315
31620100617
317 - (tim) [contrib/cygwin/README] Remove a reference to the obsolete
318 minires-devel package, and to add the reference to the libedit-devel
319 package since CYgwin now provides libedit. Patch from Corinna Vinschen.
320
32120100521
322 - (djm) OpenBSD CVS Sync
323 - djm@cvs.openbsd.org 2010/05/07 11:31:26
324 [regress/Makefile regress/cert-userkey.sh]
325 regress tests for AuthorizedPrincipalsFile and "principals=" key option.
326 feedback and ok markus@
327 - djm@cvs.openbsd.org 2010/05/11 02:58:04
328 [auth-rsa.c]
329 don't accept certificates marked as "cert-authority" here; ok markus@
330 - djm@cvs.openbsd.org 2010/05/14 00:47:22
331 [ssh-add.c]
332 check that the certificate matches the corresponding private key before
333 grafting it on
334 - djm@cvs.openbsd.org 2010/05/14 23:29:23
335 [channels.c channels.h mux.c ssh.c]
336 Pause the mux channel while waiting for reply from aynch callbacks.
337 Prevents misordering of replies if new requests arrive while waiting.
338
339 Extend channel open confirm callback to allow signalling failure
340 conditions as well as success. Use this to 1) fix a memory leak, 2)
341 start using the above pause mechanism and 3) delay sending a success/
342 failure message on mux slave session open until we receive a reply from
343 the server.
344
345 motivated by and with feedback from markus@
346 - markus@cvs.openbsd.org 2010/05/16 12:55:51
347 [PROTOCOL.mux clientloop.h mux.c readconf.c readconf.h ssh.1 ssh.c]
348 mux support for remote forwarding with dynamic port allocation,
349 use with
350 LPORT=`ssh -S muxsocket -R0:localhost:25 -O forward somehost`
351 feedback and ok djm@
352 - djm@cvs.openbsd.org 2010/05/20 11:25:26
353 [auth2-pubkey.c]
354 fix logspam when key options (from="..." especially) deny non-matching
355 keys; reported by henning@ also bz#1765; ok markus@ dtucker@
356 - djm@cvs.openbsd.org 2010/05/20 23:46:02
357 [PROTOCOL.certkeys auth-options.c ssh-keygen.c]
358 Move the permit-* options to the non-critical "extensions" field for v01
359 certificates. The logic is that if another implementation fails to
360 implement them then the connection just loses features rather than fails
361 outright.
362
363 ok markus@
364
36520100511
366 - (dtucker) [Makefile.in] Bug #1770: Link libopenbsd-compat twice to solve
367 circular dependency problem on old or odd platforms. From Tom Lane, ok
368 djm@.
369 - (djm) [openbsd-compat/openssl-compat.h] Fix build breakage on older
370 libcrypto by defining OPENSSL_[DR]SA_MAX_MODULUS_BITS if they aren't
371 already. ok dtucker@
372
37320100510
374 - OpenBSD CVS Sync
375 - djm@cvs.openbsd.org 2010/04/23 01:47:41
376 [ssh-keygen.c]
377 bz#1740: display a more helpful error message when $HOME is
378 inaccessible while trying to create .ssh directory. Based on patch
379 from jchadima AT redhat.com; ok dtucker@
380 - djm@cvs.openbsd.org 2010/04/23 22:27:38
381 [mux.c]
382 set "detach_close" flag when registering channel cleanup callbacks.
383 This causes the channel to close normally when its fds close and
384 hangs when terminating a mux slave using ~. bz#1758; ok markus@
385 - djm@cvs.openbsd.org 2010/04/23 22:42:05
386 [session.c]
387 set stderr to /dev/null for subsystems rather than just closing it.
388 avoids hangs if a subsystem or shell initialisation writes to stderr.
389 bz#1750; ok markus@
390 - djm@cvs.openbsd.org 2010/04/23 22:48:31
391 [ssh-keygen.c]
392 refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,
393 since we would refuse to use them anyway. bz#1516; ok dtucker@
394 - djm@cvs.openbsd.org 2010/04/26 22:28:24
395 [sshconnect2.c]
396 bz#1502: authctxt.success is declared as an int, but passed by
397 reference to function that accepts sig_atomic_t*. Convert it to
398 the latter; ok markus@ dtucker@
399 - djm@cvs.openbsd.org 2010/05/01 02:50:50
400 [PROTOCOL.certkeys]
401 typo; jmeltzer@
402 - dtucker@cvs.openbsd.org 2010/05/05 04:22:09
403 [sftp.c]
404 restore mput and mget which got lost in the tab-completion changes.
405 found by Kenneth Whitaker, ok djm@
406 - djm@cvs.openbsd.org 2010/05/07 11:30:30
407 [auth-options.c auth-options.h auth.c auth.h auth2-pubkey.c]
408 [key.c servconf.c servconf.h sshd.8 sshd_config.5]
409 add some optional indirection to matching of principal names listed
410 in certificates. Currently, a certificate must include the a user's name
411 to be accepted for authentication. This change adds the ability to
412 specify a list of certificate principal names that are acceptable.
413
414 When authenticating using a CA trusted through ~/.ssh/authorized_keys,
415 this adds a new principals="name1[,name2,...]" key option.
416
417 For CAs listed through sshd_config's TrustedCAKeys option, a new config
418 option "AuthorizedPrincipalsFile" specifies a per-user file containing
419 the list of acceptable names.
420
421 If either option is absent, the current behaviour of requiring the
422 username to appear in principals continues to apply.
423
424 These options are useful for role accounts, disjoint account namespaces
425 and "user@realm"-style naming policies in certificates.
426
427 feedback and ok markus@
428 - jmc@cvs.openbsd.org 2010/05/07 12:49:17
429 [sshd_config.5]
430 tweak previous;
431
43220100423
433 - (dtucker) [configure.ac] Bug #1756: Check for the existence of a lib64 dir
434 in the openssl install directory (some newer openssl versions do this on at
435 least some amd64 platforms).
436
43720100418
438 - OpenBSD CVS Sync
439 - jmc@cvs.openbsd.org 2010/04/16 06:45:01
440 [ssh_config.5]
441 tweak previous; ok djm
442 - jmc@cvs.openbsd.org 2010/04/16 06:47:04
443 [ssh-keygen.1 ssh-keygen.c]
444 tweak previous; ok djm
445 - djm@cvs.openbsd.org 2010/04/16 21:14:27
446 [sshconnect.c]
447 oops, %r => remote username, not %u
448 - djm@cvs.openbsd.org 2010/04/16 01:58:45
449 [regress/cert-hostkey.sh regress/cert-userkey.sh]
450 regression tests for v01 certificate format
451 includes interop tests for v00 certs
452 - (dtucker) [contrib/aix/buildbff.sh] Fix creation of ssh_prng_cmds.default
453 file.
454
45520100416
456 - (djm) Release openssh-5.5p1
457 - OpenBSD CVS Sync
458 - djm@cvs.openbsd.org 2010/03/26 03:13:17
459 [bufaux.c]
460 allow buffer_get_int_ret/buffer_get_int64_ret to take a NULL pointer
461 argument to allow skipping past values in a buffer
462 - jmc@cvs.openbsd.org 2010/03/26 06:54:36
463 [ssh.1]
464 tweak previous;
465 - jmc@cvs.openbsd.org 2010/03/27 14:26:55
466 [ssh_config.5]
467 tweak previous; ok dtucker
468 - djm@cvs.openbsd.org 2010/04/10 00:00:16
469 [ssh.c]
470 bz#1746 - suppress spurious tty warning when using -O and stdin
471 is not a tty; ok dtucker@ markus@
472 - djm@cvs.openbsd.org 2010/04/10 00:04:30
473 [sshconnect.c]
474 fix terminology: we didn't find a certificate in known_hosts, we found
475 a CA key
476 - djm@cvs.openbsd.org 2010/04/10 02:08:44
477 [clientloop.c]
478 bz#1698: kill channel when pty allocation requests fail. Fixed
479 stuck client if the server refuses pty allocation.
480 ok dtucker@ "think so" markus@
481 - djm@cvs.openbsd.org 2010/04/10 02:10:56
482 [sshconnect2.c]
483 show the key type that we are offering in debug(), helps distinguish
484 between certs and plain keys as the path to the private key is usually
485 the same.
486 - djm@cvs.openbsd.org 2010/04/10 05:48:16
487 [mux.c]
488 fix NULL dereference; from matthew.haub AT alumni.adelaide.edu.au
489 - djm@cvs.openbsd.org 2010/04/14 22:27:42
490 [ssh_config.5 sshconnect.c]
491 expand %r => remote username in ssh_config:ProxyCommand;
492 ok deraadt markus
493 - markus@cvs.openbsd.org 2010/04/15 20:32:55
494 [ssh-pkcs11.c]
495 retry lookup for private key if there's no matching key with CKA_SIGN
496 attribute enabled; this fixes fixes MuscleCard support (bugzilla #1736)
497 ok djm@
498 - djm@cvs.openbsd.org 2010/04/16 01:47:26
499 [PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
500 [auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
501 [ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
502 [sshconnect.c sshconnect2.c sshd.c]
503 revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
504 following changes:
505
506 move the nonce field to the beginning of the certificate where it can
507 better protect against chosen-prefix attacks on the signature hash
508
509 Rename "constraints" field to "critical options"
510
511 Add a new non-critical "extensions" field
512
513 Add a serial number
514
515 The older format is still support for authentication and cert generation
516 (use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
517
518 ok markus@
519
120100410 52020100410
2 - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo 521 - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo
3 back so we disable the IPv6 tests if we don't have it. 522 back so we disable the IPv6 tests if we don't have it.
diff --git a/Makefile.in b/Makefile.in
index debebe448..35f3e5e35 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,4 +1,4 @@
1# $Id: Makefile.in,v 1.309 2010/03/13 21:41:34 djm Exp $ 1# $Id: Makefile.in,v 1.310 2010/05/12 06:51:39 dtucker Exp $
2 2
3# uncomment if you run a non bourne compatable shell. Ie. csh 3# uncomment if you run a non bourne compatable shell. Ie. csh
4#SHELL = @SH@ 4#SHELL = @SH@
@@ -162,7 +162,7 @@ ssh-keysign$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keysign.o roaming_dummy.o readco
162 $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS) 162 $(LD) -o $@ ssh-keysign.o readconf.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
163 163
164ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o 164ssh-pkcs11-helper$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-pkcs11-helper.o ssh-pkcs11.o
165 $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) 165 $(LD) -o $@ ssh-pkcs11-helper.o ssh-pkcs11.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh -lopenbsd-compat $(LIBS)
166 166
167ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o 167ssh-keyscan$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-keyscan.o roaming_dummy.o
168 $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS) 168 $(LD) -o $@ ssh-keyscan.o roaming_dummy.o $(LDFLAGS) -lssh -lopenbsd-compat -lssh $(LIBS)
diff --git a/PROTOCOL.certkeys b/PROTOCOL.certkeys
index 1ed9e2064..1d1be13da 100644
--- a/PROTOCOL.certkeys
+++ b/PROTOCOL.certkeys
@@ -16,7 +16,7 @@ These protocol extensions build on the simple public key authentication
16system already in SSH to allow certificate-based authentication. 16system already in SSH to allow certificate-based authentication.
17The certificates used are not traditional X.509 certificates, with 17The certificates used are not traditional X.509 certificates, with
18numerous options and complex encoding rules, but something rather 18numerous options and complex encoding rules, but something rather
19more minimal: a key, some identity information and usage constraints 19more minimal: a key, some identity information and usage options
20that have been signed with some other trusted key. 20that have been signed with some other trusted key.
21 21
22A sshd server may be configured to allow authentication via certified 22A sshd server may be configured to allow authentication via certified
@@ -27,7 +27,7 @@ of acceptance of certified host keys, by adding a similar ability
27to specify CA keys in ~/.ssh/known_hosts. 27to specify CA keys in ~/.ssh/known_hosts.
28 28
29Certified keys are represented using two new key types: 29Certified keys are represented using two new key types:
30ssh-rsa-cert-v00@openssh.com and ssh-dss-cert-v00@openssh.com that 30ssh-rsa-cert-v01@openssh.com and ssh-dss-cert-v01@openssh.com that
31include certification information along with the public key that is used 31include certification information along with the public key that is used
32to sign challenges. ssh-keygen performs the CA signing operation. 32to sign challenges. ssh-keygen performs the CA signing operation.
33 33
@@ -47,7 +47,7 @@ in RFC4252 section 7.
47New public key formats 47New public key formats
48---------------------- 48----------------------
49 49
50The ssh-rsa-cert-v00@openssh.com and ssh-dss-cert-v00@openssh.com key 50The ssh-rsa-cert-v01@openssh.com and ssh-dss-cert-v01@openssh.com key
51types take a similar high-level format (note: data types and 51types take a similar high-level format (note: data types and
52encoding are as per RFC4251 section 5). The serialised wire encoding of 52encoding are as per RFC4251 section 5). The serialised wire encoding of
53these certificates is also used for storing them on disk. 53these certificates is also used for storing them on disk.
@@ -57,42 +57,55 @@ these certificates is also used for storing them on disk.
57 57
58RSA certificate 58RSA certificate
59 59
60 string "ssh-rsa-cert-v00@openssh.com" 60 string "ssh-rsa-cert-v01@openssh.com"
61 string nonce
61 mpint e 62 mpint e
62 mpint n 63 mpint n
64 uint64 serial
63 uint32 type 65 uint32 type
64 string key id 66 string key id
65 string valid principals 67 string valid principals
66 uint64 valid after 68 uint64 valid after
67 uint64 valid before 69 uint64 valid before
68 string constraints 70 string critical options
69 string nonce 71 string extensions
70 string reserved 72 string reserved
71 string signature key 73 string signature key
72 string signature 74 string signature
73 75
74DSA certificate 76DSA certificate
75 77
76 string "ssh-dss-cert-v00@openssh.com" 78 string "ssh-dss-cert-v01@openssh.com"
79 string nonce
77 mpint p 80 mpint p
78 mpint q 81 mpint q
79 mpint g 82 mpint g
80 mpint y 83 mpint y
84 uint64 serial
81 uint32 type 85 uint32 type
82 string key id 86 string key id
83 string valid principals 87 string valid principals
84 uint64 valid after 88 uint64 valid after
85 uint64 valid before 89 uint64 valid before
86 string constraints 90 string critical options
87 string nonce 91 string extensions
88 string reserved 92 string reserved
89 string signature key 93 string signature key
90 string signature 94 string signature
91 95
96The nonce field is a CA-provided random bitstring of arbitrary length
97(but typically 16 or 32 bytes) included to make attacks that depend on
98inducing collisions in the signature hash infeasible.
99
92e and n are the RSA exponent and public modulus respectively. 100e and n are the RSA exponent and public modulus respectively.
93 101
94p, q, g, y are the DSA parameters as described in FIPS-186-2. 102p, q, g, y are the DSA parameters as described in FIPS-186-2.
95 103
104serial is an optional certificate serial number set by the CA to
105provide an abbreviated way to refer to certificates from that CA.
106If a CA does not wish to number its certificates it must set this
107field to zero.
108
96type specifies whether this certificate is for identification of a user 109type specifies whether this certificate is for identification of a user
97or a host using a SSH_CERT_TYPE_... value. 110or a host using a SSH_CERT_TYPE_... value.
98 111
@@ -112,13 +125,15 @@ certificate. Each represents a time in seconds since 1970-01-01
11200:00:00. A certificate is considered valid if: 12500:00:00. A certificate is considered valid if:
113 valid after <= current time < valid before 126 valid after <= current time < valid before
114 127
115constraints is a set of zero or more key constraints encoded as below. 128criticial options is a set of zero or more key options encoded as
129below. All such options are "critical" in the sense that an implementation
130must refuse to authorise a key that has an unrecognised option.
116 131
117The nonce field is a CA-provided random bitstring of arbitrary length 132extensions is a set of zero or more optional extensions. These extensions
118(but typically 16 or 32 bytes) included to make attacks that depend on 133are not critical, and an implementation that encounters one that it does
119inducing collisions in the signature hash infeasible. 134not recognise may safely ignore it.
120 135
121The reserved field is current unused and is ignored in this version of 136The reserved field is currently unused and is ignored in this version of
122the protocol. 137the protocol.
123 138
124signature key contains the CA key used to sign the certificate. 139signature key contains the CA key used to sign the certificate.
@@ -132,22 +147,25 @@ up to, and including the signature key. Signatures are computed and
132encoded according to the rules defined for the CA's public key algorithm 147encoded according to the rules defined for the CA's public key algorithm
133(RFC4253 section 6.6 for ssh-rsa and ssh-dss). 148(RFC4253 section 6.6 for ssh-rsa and ssh-dss).
134 149
135Constraints 150Critical options
136----------- 151----------------
137 152
138The constraints section of the certificate specifies zero or more 153The critical options section of the certificate specifies zero or more
139constraints on the certificates validity. The format of this field 154options on the certificates validity. The format of this field
140is a sequence of zero or more tuples: 155is a sequence of zero or more tuples:
141 156
142 string name 157 string name
143 string data 158 string data
144 159
145The name field identifies the constraint and the data field encodes 160Options must be lexically ordered by "name" if they appear in the
146constraint-specific information (see below). All constraints are 161sequence.
147"critical", if an implementation does not recognise a constraint 162
163The name field identifies the option and the data field encodes
164option-specific information (see below). All options are
165"critical", if an implementation does not recognise a option
148then the validating party should refuse to accept the certificate. 166then the validating party should refuse to accept the certificate.
149 167
150The supported constraints and the contents and structure of their 168The supported options and the contents and structure of their
151data fields are: 169data fields are:
152 170
153Name Format Description 171Name Format Description
@@ -157,37 +175,51 @@ force-command string Specifies a command that is executed
157 ssh command-line) whenever this key is 175 ssh command-line) whenever this key is
158 used for authentication. 176 used for authentication.
159 177
178source-address string Comma-separated list of source addresses
179 from which this certificate is accepted
180 for authentication. Addresses are
181 specified in CIDR format (nn.nn.nn.nn/nn
182 or hhhh::hhhh/nn).
183 If this option is not present then
184 certificates may be presented from any
185 source address.
186
187Extensions
188----------
189
190The extensions section of the certificate specifies zero or more
191non-critical certificate extensions. The encoding and ordering of
192extensions in this field is identical to that of the critical options.
193If an implementation does not recognise an extension, then it should
194ignore it.
195
196The supported extensions and the contents and structure of their data
197fields are:
198
199Name Format Description
200-----------------------------------------------------------------------------
160permit-X11-forwarding empty Flag indicating that X11 forwarding 201permit-X11-forwarding empty Flag indicating that X11 forwarding
161 should be permitted. X11 forwarding will 202 should be permitted. X11 forwarding will
162 be refused if this constraint is absent. 203 be refused if this option is absent.
163 204
164permit-agent-forwarding empty Flag indicating that agent forwarding 205permit-agent-forwarding empty Flag indicating that agent forwarding
165 should be allowed. Agent forwarding 206 should be allowed. Agent forwarding
166 must not be permitted unless this 207 must not be permitted unless this
167 constraint is present. 208 option is present.
168 209
169permit-port-forwarding empty Flag indicating that port-forwarding 210permit-port-forwarding empty Flag indicating that port-forwarding
170 should be allowed. If this constraint is 211 should be allowed. If this option is
171 not present then no port forwarding will 212 not present then no port forwarding will
172 be allowed. 213 be allowed.
173 214
174permit-pty empty Flag indicating that PTY allocation 215permit-pty empty Flag indicating that PTY allocation
175 should be permitted. In the absence of 216 should be permitted. In the absence of
176 this constraint PTY allocation will be 217 this option PTY allocation will be
177 disabled. 218 disabled.
178 219
179permit-user-rc empty Flag indicating that execution of 220permit-user-rc empty Flag indicating that execution of
180 ~/.ssh/rc should be permitted. Execution 221 ~/.ssh/rc should be permitted. Execution
181 of this script will not be permitted if 222 of this script will not be permitted if
182 this constraint is not present. 223 this option is not present.
183
184source-address string Comma-separated list of source addresses
185 from which this certificate is accepted
186 for authentication. Addresses are
187 specified in CIDR format (nn.nn.nn.nn/nn
188 or hhhh::hhhh/nn).
189 If this constraint is not present then
190 certificates may be presented from any
191 source address.
192 224
193$OpenBSD: PROTOCOL.certkeys,v 1.3 2010/03/03 22:50:40 djm Exp $ 225$OpenBSD: PROTOCOL.certkeys,v 1.7 2010/08/04 05:40:39 djm Exp $
diff --git a/PROTOCOL.mux b/PROTOCOL.mux
index d22f7379c..1d8c463a7 100644
--- a/PROTOCOL.mux
+++ b/PROTOCOL.mux
@@ -109,8 +109,14 @@ A client may request the master to establish a port forward:
109 109
110forwarding type may be MUX_FWD_LOCAL, MUX_FWD_REMOTE, MUX_FWD_DYNAMIC. 110forwarding type may be MUX_FWD_LOCAL, MUX_FWD_REMOTE, MUX_FWD_DYNAMIC.
111 111
112A server may reply with a MUX_S_OK, a MUX_S_PERMISSION_DENIED or a 112A server may reply with a MUX_S_OK, a MUX_S_REMOTE_PORT, a
113MUX_S_FAILURE. 113MUX_S_PERMISSION_DENIED or a MUX_S_FAILURE.
114
115For dynamically allocated listen port the server replies with
116
117 uint32 MUX_S_REMOTE_PORT
118 uint32 client request id
119 uint32 allocated remote listen port
114 120
1155. Requesting closure of port forwards 1215. Requesting closure of port forwards
116 122
@@ -178,6 +184,7 @@ The MUX_S_PERMISSION_DENIED and MUX_S_FAILURE include a reason:
178#define MUX_S_EXIT_MESSAGE 0x80000004 184#define MUX_S_EXIT_MESSAGE 0x80000004
179#define MUX_S_ALIVE 0x80000005 185#define MUX_S_ALIVE 0x80000005
180#define MUX_S_SESSION_OPENED 0x80000006 186#define MUX_S_SESSION_OPENED 0x80000006
187#define MUX_S_REMOTE_PORT 0x80000007
181 188
182#define MUX_FWD_LOCAL 1 189#define MUX_FWD_LOCAL 1
183#define MUX_FWD_REMOTE 2 190#define MUX_FWD_REMOTE 2
@@ -193,4 +200,4 @@ XXX server->client error/warning notifications
193XXX port0 rfwd (need custom response message) 200XXX port0 rfwd (need custom response message)
194XXX send signals via mux 201XXX send signals via mux
195 202
196$OpenBSD: PROTOCOL.mux,v 1.1 2010/01/26 01:28:35 djm Exp $ 203$OpenBSD: PROTOCOL.mux,v 1.2 2010/05/16 12:55:51 markus Exp $
diff --git a/README b/README
index a29f2007d..4eaa54588 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
1See http://www.openssh.com/txt/release-5.5 for the release notes. 1See http://www.openssh.com/txt/release-5.6 for the release notes.
2 2
3- A Japanese translation of this document and of the OpenSSH FAQ is 3- A Japanese translation of this document and of the OpenSSH FAQ is
4- available at http://www.unixuser.org/~haruyama/security/openssh/index.html 4- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
@@ -62,4 +62,4 @@ References -
62[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9 62[6] http://www.openbsd.org/cgi-bin/man.cgi?query=style&sektion=9
63[7] http://www.openssh.com/faq.html 63[7] http://www.openssh.com/faq.html
64 64
65$Id: README,v 1.73 2010/03/21 19:11:55 djm Exp $ 65$Id: README,v 1.74 2010/08/08 16:32:06 djm Exp $
diff --git a/auth-options.c b/auth-options.c
index 69b314fbd..a7040247f 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-options.c,v 1.49 2010/03/16 15:46:52 stevesk Exp $ */ 1/* $OpenBSD: auth-options.c,v 1.52 2010/05/20 23:46:02 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -27,10 +27,10 @@
27#include "canohost.h" 27#include "canohost.h"
28#include "buffer.h" 28#include "buffer.h"
29#include "channels.h" 29#include "channels.h"
30#include "auth-options.h"
31#include "servconf.h" 30#include "servconf.h"
32#include "misc.h" 31#include "misc.h"
33#include "key.h" 32#include "key.h"
33#include "auth-options.h"
34#include "hostfile.h" 34#include "hostfile.h"
35#include "auth.h" 35#include "auth.h"
36#ifdef GSSAPI 36#ifdef GSSAPI
@@ -55,6 +55,9 @@ struct envstring *custom_environment = NULL;
55/* "tunnel=" option. */ 55/* "tunnel=" option. */
56int forced_tun_device = -1; 56int forced_tun_device = -1;
57 57
58/* "principals=" option. */
59char *authorized_principals = NULL;
60
58extern ServerOptions options; 61extern ServerOptions options;
59 62
60void 63void
@@ -76,6 +79,10 @@ auth_clear_options(void)
76 xfree(forced_command); 79 xfree(forced_command);
77 forced_command = NULL; 80 forced_command = NULL;
78 } 81 }
82 if (authorized_principals) {
83 xfree(authorized_principals);
84 authorized_principals = NULL;
85 }
79 forced_tun_device = -1; 86 forced_tun_device = -1;
80 channel_clear_permitted_opens(); 87 channel_clear_permitted_opens();
81} 88}
@@ -141,6 +148,8 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
141 cp = "command=\""; 148 cp = "command=\"";
142 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 149 if (strncasecmp(opts, cp, strlen(cp)) == 0) {
143 opts += strlen(cp); 150 opts += strlen(cp);
151 if (forced_command != NULL)
152 xfree(forced_command);
144 forced_command = xmalloc(strlen(opts) + 1); 153 forced_command = xmalloc(strlen(opts) + 1);
145 i = 0; 154 i = 0;
146 while (*opts) { 155 while (*opts) {
@@ -167,6 +176,38 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
167 opts++; 176 opts++;
168 goto next_option; 177 goto next_option;
169 } 178 }
179 cp = "principals=\"";
180 if (strncasecmp(opts, cp, strlen(cp)) == 0) {
181 opts += strlen(cp);
182 if (authorized_principals != NULL)
183 xfree(authorized_principals);
184 authorized_principals = xmalloc(strlen(opts) + 1);
185 i = 0;
186 while (*opts) {
187 if (*opts == '"')
188 break;
189 if (*opts == '\\' && opts[1] == '"') {
190 opts += 2;
191 authorized_principals[i++] = '"';
192 continue;
193 }
194 authorized_principals[i++] = *opts++;
195 }
196 if (!*opts) {
197 debug("%.100s, line %lu: missing end quote",
198 file, linenum);
199 auth_debug_add("%.100s, line %lu: missing end quote",
200 file, linenum);
201 xfree(authorized_principals);
202 authorized_principals = NULL;
203 goto bad_option;
204 }
205 authorized_principals[i] = '\0';
206 auth_debug_add("principals: %.900s",
207 authorized_principals);
208 opts++;
209 goto next_option;
210 }
170 cp = "environment=\""; 211 cp = "environment=\"";
171 if (options.permit_user_env && 212 if (options.permit_user_env &&
172 strncasecmp(opts, cp, strlen(cp)) == 0) { 213 strncasecmp(opts, cp, strlen(cp)) == 0) {
@@ -376,123 +417,147 @@ bad_option:
376 return 0; 417 return 0;
377} 418}
378 419
379/* 420#define OPTIONS_CRITICAL 1
380 * Set options from certificate constraints. These supersede user key options 421#define OPTIONS_EXTENSIONS 2
381 * so this must be called after auth_parse_options(). 422static int
382 */ 423parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw,
383int 424 u_int which, int crit,
384auth_cert_constraints(Buffer *c_orig, struct passwd *pw) 425 int *cert_no_port_forwarding_flag,
426 int *cert_no_agent_forwarding_flag,
427 int *cert_no_x11_forwarding_flag,
428 int *cert_no_pty_flag,
429 int *cert_no_user_rc,
430 char **cert_forced_command,
431 int *cert_source_address_done)
385{ 432{
433 char *command, *allowed;
434 const char *remote_ip;
386 u_char *name = NULL, *data_blob = NULL; 435 u_char *name = NULL, *data_blob = NULL;
387 u_int nlen, dlen, clen; 436 u_int nlen, dlen, clen;
388 Buffer c, data; 437 Buffer c, data;
389 int ret = -1; 438 int ret = -1, found;
390
391 int cert_no_port_forwarding_flag = 1;
392 int cert_no_agent_forwarding_flag = 1;
393 int cert_no_x11_forwarding_flag = 1;
394 int cert_no_pty_flag = 1;
395 int cert_no_user_rc = 1;
396 char *cert_forced_command = NULL;
397 int cert_source_address_done = 0;
398 439
399 buffer_init(&data); 440 buffer_init(&data);
400 441
401 /* Make copy to avoid altering original */ 442 /* Make copy to avoid altering original */
402 buffer_init(&c); 443 buffer_init(&c);
403 buffer_append(&c, buffer_ptr(c_orig), buffer_len(c_orig)); 444 buffer_append(&c, optblob, optblob_len);
404 445
405 while (buffer_len(&c) > 0) { 446 while (buffer_len(&c) > 0) {
406 if ((name = buffer_get_string_ret(&c, &nlen)) == NULL || 447 if ((name = buffer_get_string_ret(&c, &nlen)) == NULL ||
407 (data_blob = buffer_get_string_ret(&c, &dlen)) == NULL) { 448 (data_blob = buffer_get_string_ret(&c, &dlen)) == NULL) {
408 error("Certificate constraints corrupt"); 449 error("Certificate options corrupt");
409 goto out; 450 goto out;
410 } 451 }
411 buffer_append(&data, data_blob, dlen); 452 buffer_append(&data, data_blob, dlen);
412 debug3("found certificate constraint \"%.100s\" len %u", 453 debug3("found certificate option \"%.100s\" len %u",
413 name, dlen); 454 name, dlen);
414 if (strlen(name) != nlen) { 455 if (strlen(name) != nlen) {
415 error("Certificate constraint name contains \\0"); 456 error("Certificate constraint name contains \\0");
416 goto out; 457 goto out;
417 } 458 }
418 if (strcmp(name, "permit-X11-forwarding") == 0) 459 found = 0;
419 cert_no_x11_forwarding_flag = 0; 460 if ((which & OPTIONS_EXTENSIONS) != 0) {
420 else if (strcmp(name, "permit-agent-forwarding") == 0) 461 if (strcmp(name, "permit-X11-forwarding") == 0) {
421 cert_no_agent_forwarding_flag = 0; 462 *cert_no_x11_forwarding_flag = 0;
422 else if (strcmp(name, "permit-port-forwarding") == 0) 463 found = 1;
423 cert_no_port_forwarding_flag = 0; 464 } else if (strcmp(name,
424 else if (strcmp(name, "permit-pty") == 0) 465 "permit-agent-forwarding") == 0) {
425 cert_no_pty_flag = 0; 466 *cert_no_agent_forwarding_flag = 0;
426 else if (strcmp(name, "permit-user-rc") == 0) 467 found = 1;
427 cert_no_user_rc = 0; 468 } else if (strcmp(name,
428 else if (strcmp(name, "force-command") == 0) { 469 "permit-port-forwarding") == 0) {
429 char *command = buffer_get_string_ret(&data, &clen); 470 *cert_no_port_forwarding_flag = 0;
430 471 found = 1;
431 if (command == NULL) { 472 } else if (strcmp(name, "permit-pty") == 0) {
432 error("Certificate constraint \"%s\" corrupt", 473 *cert_no_pty_flag = 0;
433 name); 474 found = 1;
434 goto out; 475 } else if (strcmp(name, "permit-user-rc") == 0) {
476 *cert_no_user_rc = 0;
477 found = 1;
435 } 478 }
436 if (strlen(command) != clen) { 479 }
437 error("force-command constraint contains \\0"); 480 if (!found && (which & OPTIONS_CRITICAL) != 0) {
438 goto out; 481 if (strcmp(name, "force-command") == 0) {
439 } 482 if ((command = buffer_get_string_ret(&data,
440 if (cert_forced_command != NULL) { 483 &clen)) == NULL) {
441 error("Certificate has multiple " 484 error("Certificate constraint \"%s\" "
442 "force-command constraints"); 485 "corrupt", name);
443 xfree(command); 486 goto out;
444 goto out; 487 }
445 } 488 if (strlen(command) != clen) {
446 cert_forced_command = command; 489 error("force-command constraint "
447 } else if (strcmp(name, "source-address") == 0) { 490 "contains \\0");
448 char *allowed = buffer_get_string_ret(&data, &clen); 491 goto out;
449 const char *remote_ip = get_remote_ipaddr(); 492 }
450 493 if (*cert_forced_command != NULL) {
451 if (allowed == NULL) { 494 error("Certificate has multiple "
452 error("Certificate constraint \"%s\" corrupt", 495 "force-command options");
453 name); 496 xfree(command);
454 goto out; 497 goto out;
455 } 498 }
456 if (strlen(allowed) != clen) { 499 *cert_forced_command = command;
457 error("source-address constraint contains \\0"); 500 found = 1;
458 goto out;
459 }
460 if (cert_source_address_done++) {
461 error("Certificate has multiple "
462 "source-address constraints");
463 xfree(allowed);
464 goto out;
465 } 501 }
466 switch (addr_match_cidr_list(remote_ip, allowed)) { 502 if (strcmp(name, "source-address") == 0) {
467 case 1: 503 if ((allowed = buffer_get_string_ret(&data,
468 /* accepted */ 504 &clen)) == NULL) {
469 xfree(allowed); 505 error("Certificate constraint "
470 break; 506 "\"%s\" corrupt", name);
471 case 0: 507 goto out;
472 /* no match */ 508 }
473 logit("Authentication tried for %.100s with " 509 if (strlen(allowed) != clen) {
474 "valid certificate but not from a " 510 error("source-address constraint "
475 "permitted host (ip=%.200s).", 511 "contains \\0");
476 pw->pw_name, remote_ip); 512 goto out;
477 auth_debug_add("Your address '%.200s' is not " 513 }
478 "permitted to use this certificate for " 514 if ((*cert_source_address_done)++) {
479 "login.", remote_ip); 515 error("Certificate has multiple "
480 xfree(allowed); 516 "source-address options");
481 goto out; 517 xfree(allowed);
482 case -1: 518 goto out;
483 error("Certificate source-address contents " 519 }
484 "invalid"); 520 remote_ip = get_remote_ipaddr();
485 xfree(allowed); 521 switch (addr_match_cidr_list(remote_ip,
486 goto out; 522 allowed)) {
523 case 1:
524 /* accepted */
525 xfree(allowed);
526 break;
527 case 0:
528 /* no match */
529 logit("Authentication tried for %.100s "
530 "with valid certificate but not "
531 "from a permitted host "
532 "(ip=%.200s).", pw->pw_name,
533 remote_ip);
534 auth_debug_add("Your address '%.200s' "
535 "is not permitted to use this "
536 "certificate for login.",
537 remote_ip);
538 xfree(allowed);
539 goto out;
540 case -1:
541 error("Certificate source-address "
542 "contents invalid");
543 xfree(allowed);
544 goto out;
545 }
546 found = 1;
487 } 547 }
488 } else {
489 error("Certificate constraint \"%s\" is not supported",
490 name);
491 goto out;
492 } 548 }
493 549
494 if (buffer_len(&data) != 0) { 550 if (!found) {
495 error("Certificate constraint \"%s\" corrupt " 551 if (crit) {
552 error("Certificate critical option \"%s\" "
553 "is not supported", name);
554 goto out;
555 } else {
556 logit("Certificate extension \"%s\" "
557 "is not supported", name);
558 }
559 } else if (buffer_len(&data) != 0) {
560 error("Certificate option \"%s\" corrupt "
496 "(extra data)", name); 561 "(extra data)", name);
497 goto out; 562 goto out;
498 } 563 }
@@ -501,10 +566,73 @@ auth_cert_constraints(Buffer *c_orig, struct passwd *pw)
501 xfree(data_blob); 566 xfree(data_blob);
502 name = data_blob = NULL; 567 name = data_blob = NULL;
503 } 568 }
504 569 /* successfully parsed all options */
505 /* successfully parsed all constraints */
506 ret = 0; 570 ret = 0;
507 571
572 out:
573 if (ret != 0 &&
574 cert_forced_command != NULL &&
575 *cert_forced_command != NULL) {
576 xfree(*cert_forced_command);
577 *cert_forced_command = NULL;
578 }
579 if (name != NULL)
580 xfree(name);
581 if (data_blob != NULL)
582 xfree(data_blob);
583 buffer_free(&data);
584 buffer_free(&c);
585 return ret;
586}
587
588/*
589 * Set options from critical certificate options. These supersede user key
590 * options so this must be called after auth_parse_options().
591 */
592int
593auth_cert_options(Key *k, struct passwd *pw)
594{
595 int cert_no_port_forwarding_flag = 1;
596 int cert_no_agent_forwarding_flag = 1;
597 int cert_no_x11_forwarding_flag = 1;
598 int cert_no_pty_flag = 1;
599 int cert_no_user_rc = 1;
600 char *cert_forced_command = NULL;
601 int cert_source_address_done = 0;
602
603 if (key_cert_is_legacy(k)) {
604 /* All options are in the one field for v00 certs */
605 if (parse_option_list(buffer_ptr(&k->cert->critical),
606 buffer_len(&k->cert->critical), pw,
607 OPTIONS_CRITICAL|OPTIONS_EXTENSIONS, 1,
608 &cert_no_port_forwarding_flag,
609 &cert_no_agent_forwarding_flag,
610 &cert_no_x11_forwarding_flag,
611 &cert_no_pty_flag,
612 &cert_no_user_rc,
613 &cert_forced_command,
614 &cert_source_address_done) == -1)
615 return -1;
616 } else {
617 /* Separate options and extensions for v01 certs */
618 if (parse_option_list(buffer_ptr(&k->cert->critical),
619 buffer_len(&k->cert->critical), pw,
620 OPTIONS_CRITICAL, 1, NULL, NULL, NULL, NULL, NULL,
621 &cert_forced_command,
622 &cert_source_address_done) == -1)
623 return -1;
624 if (parse_option_list(buffer_ptr(&k->cert->extensions),
625 buffer_len(&k->cert->extensions), pw,
626 OPTIONS_EXTENSIONS, 1,
627 &cert_no_port_forwarding_flag,
628 &cert_no_agent_forwarding_flag,
629 &cert_no_x11_forwarding_flag,
630 &cert_no_pty_flag,
631 &cert_no_user_rc,
632 NULL, NULL) == -1)
633 return -1;
634 }
635
508 no_port_forwarding_flag |= cert_no_port_forwarding_flag; 636 no_port_forwarding_flag |= cert_no_port_forwarding_flag;
509 no_agent_forwarding_flag |= cert_no_agent_forwarding_flag; 637 no_agent_forwarding_flag |= cert_no_agent_forwarding_flag;
510 no_x11_forwarding_flag |= cert_no_x11_forwarding_flag; 638 no_x11_forwarding_flag |= cert_no_x11_forwarding_flag;
@@ -516,14 +644,6 @@ auth_cert_constraints(Buffer *c_orig, struct passwd *pw)
516 xfree(forced_command); 644 xfree(forced_command);
517 forced_command = cert_forced_command; 645 forced_command = cert_forced_command;
518 } 646 }
519 647 return 0;
520 out:
521 if (name != NULL)
522 xfree(name);
523 if (data_blob != NULL)
524 xfree(data_blob);
525 buffer_free(&data);
526 buffer_free(&c);
527 return ret;
528} 648}
529 649
diff --git a/auth-options.h b/auth-options.h
index 694edc842..7455c9454 100644
--- a/auth-options.h
+++ b/auth-options.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-options.h,v 1.18 2010/02/26 20:29:54 djm Exp $ */ 1/* $OpenBSD: auth-options.h,v 1.20 2010/05/07 11:30:29 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -31,9 +31,10 @@ extern char *forced_command;
31extern struct envstring *custom_environment; 31extern struct envstring *custom_environment;
32extern int forced_tun_device; 32extern int forced_tun_device;
33extern int key_is_cert_authority; 33extern int key_is_cert_authority;
34extern char *authorized_principals;
34 35
35int auth_parse_options(struct passwd *, char *, char *, u_long); 36int auth_parse_options(struct passwd *, char *, char *, u_long);
36void auth_clear_options(void); 37void auth_clear_options(void);
37int auth_cert_constraints(Buffer *, struct passwd *); 38int auth_cert_options(Key *, struct passwd *);
38 39
39#endif 40#endif
diff --git a/auth-rsa.c b/auth-rsa.c
index 250e9cf78..7afcaee31 100644
--- a/auth-rsa.c
+++ b/auth-rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth-rsa.c,v 1.74 2010/03/04 10:36:03 djm Exp $ */ 1/* $OpenBSD: auth-rsa.c,v 1.78 2010/07/13 23:13:16 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -34,11 +34,11 @@
34#include "uidswap.h" 34#include "uidswap.h"
35#include "match.h" 35#include "match.h"
36#include "buffer.h" 36#include "buffer.h"
37#include "auth-options.h"
38#include "pathnames.h" 37#include "pathnames.h"
39#include "log.h" 38#include "log.h"
40#include "servconf.h" 39#include "servconf.h"
41#include "key.h" 40#include "key.h"
41#include "auth-options.h"
42#include "hostfile.h" 42#include "hostfile.h"
43#include "auth.h" 43#include "auth.h"
44#ifdef GSSAPI 44#ifdef GSSAPI
@@ -116,7 +116,7 @@ auth_rsa_verify_response(Key *key, BIGNUM *challenge, u_char response[16])
116 MD5_Final(mdbuf, &md); 116 MD5_Final(mdbuf, &md);
117 117
118 /* Verify that the response is the original challenge. */ 118 /* Verify that the response is the original challenge. */
119 if (memcmp(response, mdbuf, 16) != 0) { 119 if (timingsafe_bcmp(response, mdbuf, 16) != 0) {
120 /* Wrong answer. */ 120 /* Wrong answer. */
121 return (0); 121 return (0);
122 } 122 }
@@ -256,7 +256,8 @@ auth_rsa_key_allowed(struct passwd *pw, BIGNUM *client_n, Key **rkey)
256 */ 256 */
257 if (!auth_parse_options(pw, key_options, file, linenum)) 257 if (!auth_parse_options(pw, key_options, file, linenum))
258 continue; 258 continue;
259 259 if (key_is_cert_authority)
260 continue;
260 /* break out, this key is allowed */ 261 /* break out, this key is allowed */
261 allowed = 1; 262 allowed = 1;
262 break; 263 break;
diff --git a/auth.c b/auth.c
index a188b891e..669bfc740 100644
--- a/auth.c
+++ b/auth.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth.c,v 1.86 2010/03/05 02:58:11 djm Exp $ */ 1/* $OpenBSD: auth.c,v 1.89 2010/08/04 05:42:47 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -144,7 +144,7 @@ allowed_user(struct passwd * pw)
144 locked = 1; 144 locked = 1;
145#endif 145#endif
146#ifdef USE_LIBIAF 146#ifdef USE_LIBIAF
147 free(passwd); 147 free((void *) passwd);
148#endif /* USE_LIBIAF */ 148#endif /* USE_LIBIAF */
149 if (locked) { 149 if (locked) {
150 logit("User %.100s not allowed because account is locked", 150 logit("User %.100s not allowed because account is locked",
@@ -367,6 +367,14 @@ authorized_keys_file2(struct passwd *pw)
367 return expand_authorized_keys(options.authorized_keys_file2, pw); 367 return expand_authorized_keys(options.authorized_keys_file2, pw);
368} 368}
369 369
370char *
371authorized_principals_file(struct passwd *pw)
372{
373 if (options.authorized_principals_file == NULL)
374 return NULL;
375 return expand_authorized_keys(options.authorized_principals_file, pw);
376}
377
370/* return ok if key exists in sysfile or userfile */ 378/* return ok if key exists in sysfile or userfile */
371HostStatus 379HostStatus
372check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, 380check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
@@ -378,7 +386,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
378 HostStatus host_status; 386 HostStatus host_status;
379 387
380 /* Check if we know the host and its host key. */ 388 /* Check if we know the host and its host key. */
381 found = key_new(key->type); 389 found = key_new(key_is_cert(key) ? KEY_UNSPEC : key->type);
382 host_status = check_host_in_hostfile(sysfile, host, key, found, NULL); 390 host_status = check_host_in_hostfile(sysfile, host, key, found, NULL);
383 391
384 if (host_status != HOST_OK && userfile != NULL) { 392 if (host_status != HOST_OK && userfile != NULL) {
@@ -389,6 +397,8 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host,
389 logit("Authentication refused for %.100s: " 397 logit("Authentication refused for %.100s: "
390 "bad owner or modes for %.200s", 398 "bad owner or modes for %.200s",
391 pw->pw_name, user_hostfile); 399 pw->pw_name, user_hostfile);
400 auth_debug_add("Ignored %.200s: bad ownership or modes",
401 user_hostfile);
392 } else { 402 } else {
393 temporarily_use_uid(pw); 403 temporarily_use_uid(pw);
394 host_status = check_host_in_hostfile(user_hostfile, 404 host_status = check_host_in_hostfile(user_hostfile,
@@ -475,21 +485,18 @@ secure_filename(FILE *f, const char *file, struct passwd *pw,
475 return 0; 485 return 0;
476} 486}
477 487
478FILE * 488static FILE *
479auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes) 489auth_openfile(const char *file, struct passwd *pw, int strict_modes,
490 int log_missing, char *file_type)
480{ 491{
481 char line[1024]; 492 char line[1024];
482 struct stat st; 493 struct stat st;
483 int fd; 494 int fd;
484 FILE *f; 495 FILE *f;
485 496
486 /*
487 * Open the file containing the authorized keys
488 * Fail quietly if file does not exist
489 */
490 if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) { 497 if ((fd = open(file, O_RDONLY|O_NONBLOCK)) == -1) {
491 if (errno != ENOENT) 498 if (log_missing || errno != ENOENT)
492 debug("Could not open keyfile '%s': %s", file, 499 debug("Could not open %s '%s': %s", file_type, file,
493 strerror(errno)); 500 strerror(errno));
494 return NULL; 501 return NULL;
495 } 502 }
@@ -499,8 +506,8 @@ auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes)
499 return NULL; 506 return NULL;
500 } 507 }
501 if (!S_ISREG(st.st_mode)) { 508 if (!S_ISREG(st.st_mode)) {
502 logit("User %s authorized keys %s is not a regular file", 509 logit("User %s %s %s is not a regular file",
503 pw->pw_name, file); 510 pw->pw_name, file_type, file);
504 close(fd); 511 close(fd);
505 return NULL; 512 return NULL;
506 } 513 }
@@ -513,12 +520,27 @@ auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes)
513 secure_filename(f, file, pw, line, sizeof(line)) != 0) { 520 secure_filename(f, file, pw, line, sizeof(line)) != 0) {
514 fclose(f); 521 fclose(f);
515 logit("Authentication refused: %s", line); 522 logit("Authentication refused: %s", line);
523 auth_debug_add("Ignored %s: %s", file_type, line);
516 return NULL; 524 return NULL;
517 } 525 }
518 526
519 return f; 527 return f;
520} 528}
521 529
530
531FILE *
532auth_openkeyfile(const char *file, struct passwd *pw, int strict_modes)
533{
534 return auth_openfile(file, pw, strict_modes, 1, "authorized keys");
535}
536
537FILE *
538auth_openprincipals(const char *file, struct passwd *pw, int strict_modes)
539{
540 return auth_openfile(file, pw, strict_modes, 0,
541 "authorized principals");
542}
543
522struct passwd * 544struct passwd *
523getpwnamallow(const char *user) 545getpwnamallow(const char *user)
524{ 546{
diff --git a/auth.h b/auth.h
index 9cd7c53de..6e20cd446 100644
--- a/auth.h
+++ b/auth.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth.h,v 1.65 2010/03/04 10:36:03 djm Exp $ */ 1/* $OpenBSD: auth.h,v 1.66 2010/05/07 11:30:29 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -171,8 +171,10 @@ void abandon_challenge_response(Authctxt *);
171 171
172char *authorized_keys_file(struct passwd *); 172char *authorized_keys_file(struct passwd *);
173char *authorized_keys_file2(struct passwd *); 173char *authorized_keys_file2(struct passwd *);
174char *authorized_principals_file(struct passwd *);
174 175
175FILE *auth_openkeyfile(const char *, struct passwd *, int); 176FILE *auth_openkeyfile(const char *, struct passwd *, int);
177FILE *auth_openprincipals(const char *, struct passwd *, int);
176int auth_key_is_revoked(Key *, int); 178int auth_key_is_revoked(Key *, int);
177 179
178HostStatus 180HostStatus
diff --git a/auth1.c b/auth1.c
index 184ee0545..8b99a6371 100644
--- a/auth1.c
+++ b/auth1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth1.c,v 1.73 2008/07/04 23:30:16 djm Exp $ */ 1/* $OpenBSD: auth1.c,v 1.74 2010/06/25 08:46:17 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -244,7 +244,7 @@ do_authloop(Authctxt *authctxt)
244 authctxt->valid ? "" : "invalid user ", authctxt->user); 244 authctxt->valid ? "" : "invalid user ", authctxt->user);
245 245
246 /* If the user has no password, accept authentication immediately. */ 246 /* If the user has no password, accept authentication immediately. */
247 if (options.password_authentication && 247 if (options.permit_empty_passwd && options.password_authentication &&
248#ifdef KRB5 248#ifdef KRB5
249 (!options.kerberos_authentication || options.kerberos_or_local_passwd) && 249 (!options.kerberos_authentication || options.kerberos_or_local_passwd) &&
250#endif 250#endif
diff --git a/auth2-hostbased.c b/auth2-hostbased.c
index 32c06bbdc..700631558 100644
--- a/auth2-hostbased.c
+++ b/auth2-hostbased.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-hostbased.c,v 1.13 2010/03/04 10:36:03 djm Exp $ */ 1/* $OpenBSD: auth2-hostbased.c,v 1.14 2010/08/04 05:42:47 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -141,9 +141,10 @@ int
141hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost, 141hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
142 Key *key) 142 Key *key)
143{ 143{
144 const char *resolvedname, *ipaddr, *lookup; 144 const char *resolvedname, *ipaddr, *lookup, *reason;
145 HostStatus host_status; 145 HostStatus host_status;
146 int len; 146 int len;
147 char *fp;
147 148
148 if (auth_key_is_revoked(key, 0)) 149 if (auth_key_is_revoked(key, 0))
149 return 0; 150 return 0;
@@ -174,16 +175,40 @@ hostbased_key_allowed(struct passwd *pw, const char *cuser, char *chost,
174 } 175 }
175 debug2("userauth_hostbased: access allowed by auth_rhosts2"); 176 debug2("userauth_hostbased: access allowed by auth_rhosts2");
176 177
178 if (key_is_cert(key) &&
179 key_cert_check_authority(key, 1, 0, lookup, &reason)) {
180 error("%s", reason);
181 auth_debug_add("%s", reason);
182 return 0;
183 }
184
177 host_status = check_key_in_hostfiles(pw, key, lookup, 185 host_status = check_key_in_hostfiles(pw, key, lookup,
178 _PATH_SSH_SYSTEM_HOSTFILE, 186 _PATH_SSH_SYSTEM_HOSTFILE,
179 options.ignore_user_known_hosts ? NULL : _PATH_SSH_USER_HOSTFILE); 187 options.ignore_user_known_hosts ? NULL : _PATH_SSH_USER_HOSTFILE);
180 188
181 /* backward compat if no key has been found. */ 189 /* backward compat if no key has been found. */
182 if (host_status == HOST_NEW) 190 if (host_status == HOST_NEW) {
183 host_status = check_key_in_hostfiles(pw, key, lookup, 191 host_status = check_key_in_hostfiles(pw, key, lookup,
184 _PATH_SSH_SYSTEM_HOSTFILE2, 192 _PATH_SSH_SYSTEM_HOSTFILE2,
185 options.ignore_user_known_hosts ? NULL : 193 options.ignore_user_known_hosts ? NULL :
186 _PATH_SSH_USER_HOSTFILE2); 194 _PATH_SSH_USER_HOSTFILE2);
195 }
196
197 if (host_status == HOST_OK) {
198 if (key_is_cert(key)) {
199 fp = key_fingerprint(key->cert->signature_key,
200 SSH_FP_MD5, SSH_FP_HEX);
201 verbose("Accepted certificate ID \"%s\" signed by "
202 "%s CA %s from %s@%s", key->cert->key_id,
203 key_type(key->cert->signature_key), fp,
204 cuser, lookup);
205 } else {
206 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
207 verbose("Accepted %s public key %s from %s@%s",
208 key_type(key), fp, cuser, lookup);
209 }
210 xfree(fp);
211 }
187 212
188 return (host_status == HOST_OK); 213 return (host_status == HOST_OK);
189} 214}
diff --git a/auth2-none.c b/auth2-none.c
index 08f2f935f..c8c6c74a9 100644
--- a/auth2-none.c
+++ b/auth2-none.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-none.c,v 1.15 2008/07/02 12:36:39 djm Exp $ */ 1/* $OpenBSD: auth2-none.c,v 1.16 2010/06/25 08:46:17 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -61,7 +61,7 @@ userauth_none(Authctxt *authctxt)
61{ 61{
62 none_enabled = 0; 62 none_enabled = 0;
63 packet_check_eom(); 63 packet_check_eom();
64 if (options.password_authentication) 64 if (options.permit_empty_passwd && options.password_authentication)
65 return (PRIVSEP(auth_password(authctxt, ""))); 65 return (PRIVSEP(auth_password(authctxt, "")));
66 return (0); 66 return (0);
67} 67}
diff --git a/auth2-pubkey.c b/auth2-pubkey.c
index 49bb062af..2e15424e1 100644
--- a/auth2-pubkey.c
+++ b/auth2-pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: auth2-pubkey.c,v 1.22 2010/03/10 23:27:17 djm Exp $ */ 1/* $OpenBSD: auth2-pubkey.c,v 1.26 2010/06/29 23:16:46 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -57,6 +57,7 @@
57#include "monitor_wrap.h" 57#include "monitor_wrap.h"
58#include "misc.h" 58#include "misc.h"
59#include "authfile.h" 59#include "authfile.h"
60#include "match.h"
60 61
61/* import */ 62/* import */
62extern ServerOptions options; 63extern ServerOptions options;
@@ -176,6 +177,83 @@ done:
176 return authenticated; 177 return authenticated;
177} 178}
178 179
180static int
181match_principals_option(const char *principal_list, struct KeyCert *cert)
182{
183 char *result;
184 u_int i;
185
186 /* XXX percent_expand() sequences for authorized_principals? */
187
188 for (i = 0; i < cert->nprincipals; i++) {
189 if ((result = match_list(cert->principals[i],
190 principal_list, NULL)) != NULL) {
191 debug3("matched principal from key options \"%.100s\"",
192 result);
193 xfree(result);
194 return 1;
195 }
196 }
197 return 0;
198}
199
200static int
201match_principals_file(char *file, struct passwd *pw, struct KeyCert *cert)
202{
203 FILE *f;
204 char line[SSH_MAX_PUBKEY_BYTES], *cp, *ep, *line_opts;
205 u_long linenum = 0;
206 u_int i;
207
208 temporarily_use_uid(pw);
209 debug("trying authorized principals file %s", file);
210 if ((f = auth_openprincipals(file, pw, options.strict_modes)) == NULL) {
211 restore_uid();
212 return 0;
213 }
214 while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) {
215 /* Skip leading whitespace. */
216 for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
217 ;
218 /* Skip blank and comment lines. */
219 if ((ep = strchr(cp, '#')) != NULL)
220 *ep = '\0';
221 if (!*cp || *cp == '\n')
222 continue;
223 /* Trim trailing whitespace. */
224 ep = cp + strlen(cp) - 1;
225 while (ep > cp && (*ep == '\n' || *ep == ' ' || *ep == '\t'))
226 *ep-- = '\0';
227 /*
228 * If the line has internal whitespace then assume it has
229 * key options.
230 */
231 line_opts = NULL;
232 if ((ep = strrchr(cp, ' ')) != NULL ||
233 (ep = strrchr(cp, '\t')) != NULL) {
234 for (; *ep == ' ' || *ep == '\t'; ep++)
235 ;;
236 line_opts = cp;
237 cp = ep;
238 }
239 for (i = 0; i < cert->nprincipals; i++) {
240 if (strcmp(cp, cert->principals[i]) == 0) {
241 debug3("matched principal from file \"%.100s\"",
242 cert->principals[i]);
243 if (auth_parse_options(pw, line_opts,
244 file, linenum) != 1)
245 continue;
246 fclose(f);
247 restore_uid();
248 return 1;
249 }
250 }
251 }
252 fclose(f);
253 restore_uid();
254 return 0;
255}
256
179/* return 1 if user allows given key */ 257/* return 1 if user allows given key */
180static int 258static int
181user_key_allowed2(struct passwd *pw, Key *key, char *file) 259user_key_allowed2(struct passwd *pw, Key *key, char *file)
@@ -233,26 +311,39 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
233 continue; 311 continue;
234 } 312 }
235 } 313 }
236 if (auth_parse_options(pw, key_options, file, linenum) != 1) 314 if (key_is_cert(key)) {
237 continue;
238 if (key->type == KEY_RSA_CERT || key->type == KEY_DSA_CERT) {
239 if (!key_is_cert_authority)
240 continue;
241 if (!key_equal(found, key->cert->signature_key)) 315 if (!key_equal(found, key->cert->signature_key))
242 continue; 316 continue;
317 if (auth_parse_options(pw, key_options, file,
318 linenum) != 1)
319 continue;
320 if (!key_is_cert_authority)
321 continue;
243 fp = key_fingerprint(found, SSH_FP_MD5, 322 fp = key_fingerprint(found, SSH_FP_MD5,
244 SSH_FP_HEX); 323 SSH_FP_HEX);
245 debug("matching CA found: file %s, line %lu, %s %s", 324 debug("matching CA found: file %s, line %lu, %s %s",
246 file, linenum, key_type(found), fp); 325 file, linenum, key_type(found), fp);
247 if (key_cert_check_authority(key, 0, 0, pw->pw_name, 326 /*
248 &reason) != 0) { 327 * If the user has specified a list of principals as
328 * a key option, then prefer that list to matching
329 * their username in the certificate principals list.
330 */
331 if (authorized_principals != NULL &&
332 !match_principals_option(authorized_principals,
333 key->cert)) {
334 reason = "Certificate does not contain an "
335 "authorized principal";
336 fail_reason:
249 xfree(fp); 337 xfree(fp);
250 error("%s", reason); 338 error("%s", reason);
251 auth_debug_add("%s", reason); 339 auth_debug_add("%s", reason);
252 continue; 340 continue;
253 } 341 }
254 if (auth_cert_constraints(&key->cert->constraints, 342 if (key_cert_check_authority(key, 0, 0,
255 pw) != 0) { 343 authorized_principals == NULL ? pw->pw_name : NULL,
344 &reason) != 0)
345 goto fail_reason;
346 if (auth_cert_options(key, pw) != 0) {
256 xfree(fp); 347 xfree(fp);
257 continue; 348 continue;
258 } 349 }
@@ -262,7 +353,12 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
262 xfree(fp); 353 xfree(fp);
263 found_key = 1; 354 found_key = 1;
264 break; 355 break;
265 } else if (!key_is_cert_authority && key_equal(found, key)) { 356 } else if (key_equal(found, key)) {
357 if (auth_parse_options(pw, key_options, file,
358 linenum) != 1)
359 continue;
360 if (key_is_cert_authority)
361 continue;
266 found_key = 1; 362 found_key = 1;
267 debug("matching key found: file %s, line %lu", 363 debug("matching key found: file %s, line %lu",
268 file, linenum); 364 file, linenum);
@@ -285,7 +381,7 @@ user_key_allowed2(struct passwd *pw, Key *key, char *file)
285static int 381static int
286user_cert_trusted_ca(struct passwd *pw, Key *key) 382user_cert_trusted_ca(struct passwd *pw, Key *key)
287{ 383{
288 char *ca_fp; 384 char *ca_fp, *principals_file = NULL;
289 const char *reason; 385 const char *reason;
290 int ret = 0; 386 int ret = 0;
291 387
@@ -302,12 +398,25 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
302 options.trusted_user_ca_keys); 398 options.trusted_user_ca_keys);
303 goto out; 399 goto out;
304 } 400 }
305 if (key_cert_check_authority(key, 0, 1, pw->pw_name, &reason) != 0) { 401 /*
306 error("%s", reason); 402 * If AuthorizedPrincipals is in use, then compare the certificate
307 auth_debug_add("%s", reason); 403 * principals against the names in that file rather than matching
308 goto out; 404 * against the username.
405 */
406 if ((principals_file = authorized_principals_file(pw)) != NULL) {
407 if (!match_principals_file(principals_file, pw, key->cert)) {
408 reason = "Certificate does not contain an "
409 "authorized principal";
410 fail_reason:
411 error("%s", reason);
412 auth_debug_add("%s", reason);
413 goto out;
414 }
309 } 415 }
310 if (auth_cert_constraints(&key->cert->constraints, pw) != 0) 416 if (key_cert_check_authority(key, 0, 1,
417 principals_file == NULL ? pw->pw_name : NULL, &reason) != 0)
418 goto fail_reason;
419 if (auth_cert_options(key, pw) != 0)
311 goto out; 420 goto out;
312 421
313 verbose("Accepted certificate ID \"%s\" signed by %s CA %s via %s", 422 verbose("Accepted certificate ID \"%s\" signed by %s CA %s via %s",
@@ -316,6 +425,8 @@ user_cert_trusted_ca(struct passwd *pw, Key *key)
316 ret = 1; 425 ret = 1;
317 426
318 out: 427 out:
428 if (principals_file != NULL)
429 xfree(principals_file);
319 if (ca_fp != NULL) 430 if (ca_fp != NULL)
320 xfree(ca_fp); 431 xfree(ca_fp);
321 return ret; 432 return ret;
diff --git a/authfd.c b/authfd.c
index 28a8cf2d7..739722fbf 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfd.c,v 1.82 2010/02/26 20:29:54 djm Exp $ */ 1/* $OpenBSD: authfd.c,v 1.83 2010/04/16 01:47:26 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -483,6 +483,7 @@ ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
483 buffer_put_bignum2(b, key->rsa->p); 483 buffer_put_bignum2(b, key->rsa->p);
484 buffer_put_bignum2(b, key->rsa->q); 484 buffer_put_bignum2(b, key->rsa->q);
485 break; 485 break;
486 case KEY_RSA_CERT_V00:
486 case KEY_RSA_CERT: 487 case KEY_RSA_CERT:
487 if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0) 488 if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0)
488 fatal("%s: no cert/certblob", __func__); 489 fatal("%s: no cert/certblob", __func__);
@@ -500,6 +501,7 @@ ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
500 buffer_put_bignum2(b, key->dsa->pub_key); 501 buffer_put_bignum2(b, key->dsa->pub_key);
501 buffer_put_bignum2(b, key->dsa->priv_key); 502 buffer_put_bignum2(b, key->dsa->priv_key);
502 break; 503 break;
504 case KEY_DSA_CERT_V00:
503 case KEY_DSA_CERT: 505 case KEY_DSA_CERT:
504 if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0) 506 if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0)
505 fatal("%s: no cert/certblob", __func__); 507 fatal("%s: no cert/certblob", __func__);
@@ -535,8 +537,10 @@ ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key,
535 break; 537 break;
536 case KEY_RSA: 538 case KEY_RSA:
537 case KEY_RSA_CERT: 539 case KEY_RSA_CERT:
540 case KEY_RSA_CERT_V00:
538 case KEY_DSA: 541 case KEY_DSA:
539 case KEY_DSA_CERT: 542 case KEY_DSA_CERT:
543 case KEY_DSA_CERT_V00:
540 type = constrained ? 544 type = constrained ?
541 SSH2_AGENTC_ADD_ID_CONSTRAINED : 545 SSH2_AGENTC_ADD_ID_CONSTRAINED :
542 SSH2_AGENTC_ADD_IDENTITY; 546 SSH2_AGENTC_ADD_IDENTITY;
diff --git a/authfile.c b/authfile.c
index 4d0823209..deac28f6a 100644
--- a/authfile.c
+++ b/authfile.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfile.c,v 1.80 2010/03/04 10:36:03 djm Exp $ */ 1/* $OpenBSD: authfile.c,v 1.82 2010/08/04 05:49:22 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -694,6 +694,66 @@ key_load_public(const char *filename, char **commentp)
694 return NULL; 694 return NULL;
695} 695}
696 696
697/* Load the certificate associated with the named private key */
698Key *
699key_load_cert(const char *filename)
700{
701 Key *pub;
702 char *file;
703
704 pub = key_new(KEY_UNSPEC);
705 xasprintf(&file, "%s-cert.pub", filename);
706 if (key_try_load_public(pub, file, NULL) == 1) {
707 xfree(file);
708 return pub;
709 }
710 xfree(file);
711 key_free(pub);
712 return NULL;
713}
714
715/* Load private key and certificate */
716Key *
717key_load_private_cert(int type, const char *filename, const char *passphrase,
718 int *perm_ok)
719{
720 Key *key, *pub;
721
722 switch (type) {
723 case KEY_RSA:
724 case KEY_DSA:
725 break;
726 default:
727 error("%s: unsupported key type", __func__);
728 return NULL;
729 }
730
731 if ((key = key_load_private_type(type, filename,
732 passphrase, NULL, perm_ok)) == NULL)
733 return NULL;
734
735 if ((pub = key_load_cert(filename)) == NULL) {
736 key_free(key);
737 return NULL;
738 }
739
740 /* Make sure the private key matches the certificate */
741 if (key_equal_public(key, pub) == 0) {
742 error("%s: certificate does not match private key %s",
743 __func__, filename);
744 } else if (key_to_certified(key, key_cert_is_legacy(pub)) != 0) {
745 error("%s: key_to_certified failed", __func__);
746 } else {
747 key_cert_copy(pub, key);
748 key_free(pub);
749 return key;
750 }
751
752 key_free(key);
753 key_free(pub);
754 return NULL;
755}
756
697/* 757/*
698 * Returns 1 if the specified "key" is listed in the file "filename", 758 * Returns 1 if the specified "key" is listed in the file "filename",
699 * 0 if the key is not listed or -1 on error. 759 * 0 if the key is not listed or -1 on error.
diff --git a/authfile.h b/authfile.h
index 674fc939f..094b855bd 100644
--- a/authfile.h
+++ b/authfile.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfile.h,v 1.14 2010/03/04 10:36:03 djm Exp $ */ 1/* $OpenBSD: authfile.h,v 1.15 2010/08/04 05:42:47 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -16,9 +16,11 @@
16#define AUTHFILE_H 16#define AUTHFILE_H
17 17
18int key_save_private(Key *, const char *, const char *, const char *); 18int key_save_private(Key *, const char *, const char *, const char *);
19Key *key_load_cert(const char *);
19Key *key_load_public(const char *, char **); 20Key *key_load_public(const char *, char **);
20Key *key_load_public_type(int, const char *, char **); 21Key *key_load_public_type(int, const char *, char **);
21Key *key_load_private(const char *, const char *, char **); 22Key *key_load_private(const char *, const char *, char **);
23Key *key_load_private_cert(int, const char *, const char *, int *);
22Key *key_load_private_type(int, const char *, const char *, char **, int *); 24Key *key_load_private_type(int, const char *, const char *, char **, int *);
23Key *key_load_private_pem(int, int, const char *, char **); 25Key *key_load_private_pem(int, int, const char *, char **);
24int key_perm_ok(int, const char *); 26int key_perm_ok(int, const char *);
diff --git a/bufaux.c b/bufaux.c
index 4ef19c454..854fd510a 100644
--- a/bufaux.c
+++ b/bufaux.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: bufaux.c,v 1.48 2010/02/02 22:49:34 djm Exp $ */ 1/* $OpenBSD: bufaux.c,v 1.49 2010/03/26 03:13:17 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -84,7 +84,8 @@ buffer_get_int_ret(u_int *ret, Buffer *buffer)
84 84
85 if (buffer_get_ret(buffer, (char *) buf, 4) == -1) 85 if (buffer_get_ret(buffer, (char *) buf, 4) == -1)
86 return (-1); 86 return (-1);
87 *ret = get_u32(buf); 87 if (ret != NULL)
88 *ret = get_u32(buf);
88 return (0); 89 return (0);
89} 90}
90 91
@@ -106,7 +107,8 @@ buffer_get_int64_ret(u_int64_t *ret, Buffer *buffer)
106 107
107 if (buffer_get_ret(buffer, (char *) buf, 8) == -1) 108 if (buffer_get_ret(buffer, (char *) buf, 8) == -1)
108 return (-1); 109 return (-1);
109 *ret = get_u64(buf); 110 if (ret != NULL)
111 *ret = get_u64(buf);
110 return (0); 112 return (0);
111} 113}
112 114
diff --git a/channels.c b/channels.c
index a55d27817..1cd5004c4 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: channels.c,v 1.303 2010/01/30 21:12:08 djm Exp $ */ 1/* $OpenBSD: channels.c,v 1.309 2010/08/05 13:08:42 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -114,10 +114,10 @@ typedef struct {
114} ForwardPermission; 114} ForwardPermission;
115 115
116/* List of all permitted host/port pairs to connect by the user. */ 116/* List of all permitted host/port pairs to connect by the user. */
117static ForwardPermission permitted_opens[SSH_MAX_FORWARDS_PER_DIRECTION]; 117static ForwardPermission *permitted_opens = NULL;
118 118
119/* List of all permitted host/port pairs to connect by the admin. */ 119/* List of all permitted host/port pairs to connect by the admin. */
120static ForwardPermission permitted_adm_opens[SSH_MAX_FORWARDS_PER_DIRECTION]; 120static ForwardPermission *permitted_adm_opens = NULL;
121 121
122/* Number of permitted host/port pairs in the array permitted by the user. */ 122/* Number of permitted host/port pairs in the array permitted by the user. */
123static int num_permitted_opens = 0; 123static int num_permitted_opens = 0;
@@ -330,6 +330,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
330 c->ctl_chan = -1; 330 c->ctl_chan = -1;
331 c->mux_rcb = NULL; 331 c->mux_rcb = NULL;
332 c->mux_ctx = NULL; 332 c->mux_ctx = NULL;
333 c->mux_pause = 0;
333 c->delayed = 1; /* prevent call to channel_post handler */ 334 c->delayed = 1; /* prevent call to channel_post handler */
334 TAILQ_INIT(&c->status_confirms); 335 TAILQ_INIT(&c->status_confirms);
335 debug("channel %d: new [%s]", found, remote_name); 336 debug("channel %d: new [%s]", found, remote_name);
@@ -703,7 +704,7 @@ channel_register_status_confirm(int id, channel_confirm_cb *cb,
703} 704}
704 705
705void 706void
706channel_register_open_confirm(int id, channel_callback_fn *fn, void *ctx) 707channel_register_open_confirm(int id, channel_open_fn *fn, void *ctx)
707{ 708{
708 Channel *c = channel_lookup(id); 709 Channel *c = channel_lookup(id);
709 710
@@ -838,8 +839,9 @@ channel_pre_open(Channel *c, fd_set *readset, fd_set *writeset)
838 if (c->extended_usage == CHAN_EXTENDED_WRITE && 839 if (c->extended_usage == CHAN_EXTENDED_WRITE &&
839 buffer_len(&c->extended) > 0) 840 buffer_len(&c->extended) > 0)
840 FD_SET(c->efd, writeset); 841 FD_SET(c->efd, writeset);
841 else if (!(c->flags & CHAN_EOF_SENT) && 842 else if (c->efd != -1 && !(c->flags & CHAN_EOF_SENT) &&
842 c->extended_usage == CHAN_EXTENDED_READ && 843 (c->extended_usage == CHAN_EXTENDED_READ ||
844 c->extended_usage == CHAN_EXTENDED_IGNORE) &&
843 buffer_len(&c->extended) < c->remote_window) 845 buffer_len(&c->extended) < c->remote_window)
844 FD_SET(c->efd, readset); 846 FD_SET(c->efd, readset);
845 } 847 }
@@ -915,7 +917,7 @@ x11_open_helper(Buffer *b)
915 } 917 }
916 /* Check if authentication data matches our fake data. */ 918 /* Check if authentication data matches our fake data. */
917 if (data_len != x11_fake_data_len || 919 if (data_len != x11_fake_data_len ||
918 memcmp(ucp + 12 + ((proto_len + 3) & ~3), 920 timingsafe_bcmp(ucp + 12 + ((proto_len + 3) & ~3),
919 x11_fake_data, x11_fake_data_len) != 0) { 921 x11_fake_data, x11_fake_data_len) != 0) {
920 debug2("X11 auth data does not match fake data."); 922 debug2("X11 auth data does not match fake data.");
921 return -1; 923 return -1;
@@ -991,7 +993,7 @@ channel_pre_x11_open(Channel *c, fd_set *readset, fd_set *writeset)
991static void 993static void
992channel_pre_mux_client(Channel *c, fd_set *readset, fd_set *writeset) 994channel_pre_mux_client(Channel *c, fd_set *readset, fd_set *writeset)
993{ 995{
994 if (c->istate == CHAN_INPUT_OPEN && 996 if (c->istate == CHAN_INPUT_OPEN && !c->mux_pause &&
995 buffer_check_alloc(&c->input, CHAN_RBUF)) 997 buffer_check_alloc(&c->input, CHAN_RBUF))
996 FD_SET(c->rfd, readset); 998 FD_SET(c->rfd, readset);
997 if (c->istate == CHAN_INPUT_WAIT_DRAIN) { 999 if (c->istate == CHAN_INPUT_WAIT_DRAIN) {
@@ -1642,13 +1644,14 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset)
1642{ 1644{
1643 struct termios tio; 1645 struct termios tio;
1644 u_char *data = NULL, *buf; 1646 u_char *data = NULL, *buf;
1645 u_int dlen; 1647 u_int dlen, olen = 0;
1646 int len; 1648 int len;
1647 1649
1648 /* Send buffered output data to the socket. */ 1650 /* Send buffered output data to the socket. */
1649 if (c->wfd != -1 && 1651 if (c->wfd != -1 &&
1650 FD_ISSET(c->wfd, writeset) && 1652 FD_ISSET(c->wfd, writeset) &&
1651 buffer_len(&c->output) > 0) { 1653 buffer_len(&c->output) > 0) {
1654 olen = buffer_len(&c->output);
1652 if (c->output_filter != NULL) { 1655 if (c->output_filter != NULL) {
1653 if ((buf = c->output_filter(c, &data, &dlen)) == NULL) { 1656 if ((buf = c->output_filter(c, &data, &dlen)) == NULL) {
1654 debug2("channel %d: filter stops", c->self); 1657 debug2("channel %d: filter stops", c->self);
@@ -1667,7 +1670,6 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset)
1667 1670
1668 if (c->datagram) { 1671 if (c->datagram) {
1669 /* ignore truncated writes, datagrams might get lost */ 1672 /* ignore truncated writes, datagrams might get lost */
1670 c->local_consumed += dlen + 4;
1671 len = write(c->wfd, buf, dlen); 1673 len = write(c->wfd, buf, dlen);
1672 xfree(data); 1674 xfree(data);
1673 if (len < 0 && (errno == EINTR || errno == EAGAIN || 1675 if (len < 0 && (errno == EINTR || errno == EAGAIN ||
@@ -1680,7 +1682,7 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset)
1680 chan_write_failed(c); 1682 chan_write_failed(c);
1681 return -1; 1683 return -1;
1682 } 1684 }
1683 return 1; 1685 goto out;
1684 } 1686 }
1685#ifdef _AIX 1687#ifdef _AIX
1686 /* XXX: Later AIX versions can't push as much data to tty */ 1688 /* XXX: Later AIX versions can't push as much data to tty */
@@ -1722,10 +1724,10 @@ channel_handle_wfd(Channel *c, fd_set *readset, fd_set *writeset)
1722 } 1724 }
1723#endif 1725#endif
1724 buffer_consume(&c->output, len); 1726 buffer_consume(&c->output, len);
1725 if (compat20 && len > 0) {
1726 c->local_consumed += len;
1727 }
1728 } 1727 }
1728 out:
1729 if (compat20 && olen > 0)
1730 c->local_consumed += olen - buffer_len(&c->output);
1729 return 1; 1731 return 1;
1730} 1732}
1731 1733
@@ -1755,7 +1757,9 @@ channel_handle_efd(Channel *c, fd_set *readset, fd_set *writeset)
1755 buffer_consume(&c->extended, len); 1757 buffer_consume(&c->extended, len);
1756 c->local_consumed += len; 1758 c->local_consumed += len;
1757 } 1759 }
1758 } else if (c->extended_usage == CHAN_EXTENDED_READ && 1760 } else if (c->efd != -1 &&
1761 (c->extended_usage == CHAN_EXTENDED_READ ||
1762 c->extended_usage == CHAN_EXTENDED_IGNORE) &&
1759 (c->detach_close || FD_ISSET(c->efd, readset))) { 1763 (c->detach_close || FD_ISSET(c->efd, readset))) {
1760 len = read(c->efd, buf, sizeof(buf)); 1764 len = read(c->efd, buf, sizeof(buf));
1761 debug2("channel %d: read %d from efd %d", 1765 debug2("channel %d: read %d from efd %d",
@@ -1768,7 +1772,11 @@ channel_handle_efd(Channel *c, fd_set *readset, fd_set *writeset)
1768 c->self, c->efd); 1772 c->self, c->efd);
1769 channel_close_fd(&c->efd); 1773 channel_close_fd(&c->efd);
1770 } else { 1774 } else {
1771 buffer_append(&c->extended, buf, len); 1775 if (c->extended_usage == CHAN_EXTENDED_IGNORE) {
1776 debug3("channel %d: discard efd",
1777 c->self);
1778 } else
1779 buffer_append(&c->extended, buf, len);
1772 } 1780 }
1773 } 1781 }
1774 } 1782 }
@@ -1840,7 +1848,7 @@ channel_post_mux_client(Channel *c, fd_set *readset, fd_set *writeset)
1840 if (!compat20) 1848 if (!compat20)
1841 fatal("%s: entered with !compat20", __func__); 1849 fatal("%s: entered with !compat20", __func__);
1842 1850
1843 if (c->rfd != -1 && FD_ISSET(c->rfd, readset) && 1851 if (c->rfd != -1 && !c->mux_pause && FD_ISSET(c->rfd, readset) &&
1844 (c->istate == CHAN_INPUT_OPEN || 1852 (c->istate == CHAN_INPUT_OPEN ||
1845 c->istate == CHAN_INPUT_WAIT_DRAIN)) { 1853 c->istate == CHAN_INPUT_WAIT_DRAIN)) {
1846 /* 1854 /*
@@ -2164,6 +2172,14 @@ channel_output_poll(void)
2164 2172
2165 data = buffer_get_string(&c->input, 2173 data = buffer_get_string(&c->input,
2166 &dlen); 2174 &dlen);
2175 if (dlen > c->remote_window ||
2176 dlen > c->remote_maxpacket) {
2177 debug("channel %d: datagram "
2178 "too big for channel",
2179 c->self);
2180 xfree(data);
2181 continue;
2182 }
2167 packet_start(SSH2_MSG_CHANNEL_DATA); 2183 packet_start(SSH2_MSG_CHANNEL_DATA);
2168 packet_put_int(c->remote_id); 2184 packet_put_int(c->remote_id);
2169 packet_put_string(data, dlen); 2185 packet_put_string(data, dlen);
@@ -2249,7 +2265,7 @@ channel_input_data(int type, u_int32_t seq, void *ctxt)
2249{ 2265{
2250 int id; 2266 int id;
2251 char *data; 2267 char *data;
2252 u_int data_len; 2268 u_int data_len, win_len;
2253 Channel *c; 2269 Channel *c;
2254 2270
2255 /* Get the channel number and verify it. */ 2271 /* Get the channel number and verify it. */
@@ -2265,6 +2281,9 @@ channel_input_data(int type, u_int32_t seq, void *ctxt)
2265 2281
2266 /* Get the data. */ 2282 /* Get the data. */
2267 data = packet_get_string_ptr(&data_len); 2283 data = packet_get_string_ptr(&data_len);
2284 win_len = data_len;
2285 if (c->datagram)
2286 win_len += 4; /* string length header */
2268 2287
2269 /* 2288 /*
2270 * Ignore data for protocol > 1.3 if output end is no longer open. 2289 * Ignore data for protocol > 1.3 if output end is no longer open.
@@ -2275,23 +2294,23 @@ channel_input_data(int type, u_int32_t seq, void *ctxt)
2275 */ 2294 */
2276 if (!compat13 && c->ostate != CHAN_OUTPUT_OPEN) { 2295 if (!compat13 && c->ostate != CHAN_OUTPUT_OPEN) {
2277 if (compat20) { 2296 if (compat20) {
2278 c->local_window -= data_len; 2297 c->local_window -= win_len;
2279 c->local_consumed += data_len; 2298 c->local_consumed += win_len;
2280 } 2299 }
2281 return; 2300 return;
2282 } 2301 }
2283 2302
2284 if (compat20) { 2303 if (compat20) {
2285 if (data_len > c->local_maxpacket) { 2304 if (win_len > c->local_maxpacket) {
2286 logit("channel %d: rcvd big packet %d, maxpack %d", 2305 logit("channel %d: rcvd big packet %d, maxpack %d",
2287 c->self, data_len, c->local_maxpacket); 2306 c->self, win_len, c->local_maxpacket);
2288 } 2307 }
2289 if (data_len > c->local_window) { 2308 if (win_len > c->local_window) {
2290 logit("channel %d: rcvd too much data %d, win %d", 2309 logit("channel %d: rcvd too much data %d, win %d",
2291 c->self, data_len, c->local_window); 2310 c->self, win_len, c->local_window);
2292 return; 2311 return;
2293 } 2312 }
2294 c->local_window -= data_len; 2313 c->local_window -= win_len;
2295 } 2314 }
2296 if (c->datagram) 2315 if (c->datagram)
2297 buffer_put_string(&c->output, data, data_len); 2316 buffer_put_string(&c->output, data, data_len);
@@ -2463,7 +2482,7 @@ channel_input_open_confirmation(int type, u_int32_t seq, void *ctxt)
2463 c->remote_maxpacket = packet_get_int(); 2482 c->remote_maxpacket = packet_get_int();
2464 if (c->open_confirm) { 2483 if (c->open_confirm) {
2465 debug2("callback start"); 2484 debug2("callback start");
2466 c->open_confirm(c->self, c->open_confirm_ctx); 2485 c->open_confirm(c->self, 1, c->open_confirm_ctx);
2467 debug2("callback done"); 2486 debug2("callback done");
2468 } 2487 }
2469 debug2("channel %d: open confirm rwindow %u rmax %u", c->self, 2488 debug2("channel %d: open confirm rwindow %u rmax %u", c->self,
@@ -2514,6 +2533,11 @@ channel_input_open_failure(int type, u_int32_t seq, void *ctxt)
2514 xfree(msg); 2533 xfree(msg);
2515 if (lang != NULL) 2534 if (lang != NULL)
2516 xfree(lang); 2535 xfree(lang);
2536 if (c->open_confirm) {
2537 debug2("callback start");
2538 c->open_confirm(c->self, 0, c->open_confirm_ctx);
2539 debug2("callback done");
2540 }
2517 } 2541 }
2518 packet_check_eom(); 2542 packet_check_eom();
2519 /* Schedule the channel for cleanup/deletion. */ 2543 /* Schedule the channel for cleanup/deletion. */
@@ -2832,10 +2856,6 @@ channel_request_remote_forwarding(const char *listen_host, u_short listen_port,
2832{ 2856{
2833 int type, success = 0; 2857 int type, success = 0;
2834 2858
2835 /* Record locally that connection to this host/port is permitted. */
2836 if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
2837 fatal("channel_request_remote_forwarding: too many forwards");
2838
2839 /* Send the forward request to the remote side. */ 2859 /* Send the forward request to the remote side. */
2840 if (compat20) { 2860 if (compat20) {
2841 const char *address_to_bind; 2861 const char *address_to_bind;
@@ -2885,6 +2905,9 @@ channel_request_remote_forwarding(const char *listen_host, u_short listen_port,
2885 } 2905 }
2886 } 2906 }
2887 if (success) { 2907 if (success) {
2908 /* Record that connection to this host/port is permitted. */
2909 permitted_opens = xrealloc(permitted_opens,
2910 num_permitted_opens + 1, sizeof(*permitted_opens));
2888 permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host_to_connect); 2911 permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host_to_connect);
2889 permitted_opens[num_permitted_opens].port_to_connect = port_to_connect; 2912 permitted_opens[num_permitted_opens].port_to_connect = port_to_connect;
2890 permitted_opens[num_permitted_opens].listen_port = listen_port; 2913 permitted_opens[num_permitted_opens].listen_port = listen_port;
@@ -2982,10 +3005,10 @@ channel_permit_all_opens(void)
2982void 3005void
2983channel_add_permitted_opens(char *host, int port) 3006channel_add_permitted_opens(char *host, int port)
2984{ 3007{
2985 if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
2986 fatal("channel_add_permitted_opens: too many forwards");
2987 debug("allow port forwarding to host %s port %d", host, port); 3008 debug("allow port forwarding to host %s port %d", host, port);
2988 3009
3010 permitted_opens = xrealloc(permitted_opens,
3011 num_permitted_opens + 1, sizeof(*permitted_opens));
2989 permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host); 3012 permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host);
2990 permitted_opens[num_permitted_opens].port_to_connect = port; 3013 permitted_opens[num_permitted_opens].port_to_connect = port;
2991 num_permitted_opens++; 3014 num_permitted_opens++;
@@ -2996,10 +3019,10 @@ channel_add_permitted_opens(char *host, int port)
2996int 3019int
2997channel_add_adm_permitted_opens(char *host, int port) 3020channel_add_adm_permitted_opens(char *host, int port)
2998{ 3021{
2999 if (num_adm_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
3000 fatal("channel_add_adm_permitted_opens: too many forwards");
3001 debug("config allows port forwarding to host %s port %d", host, port); 3022 debug("config allows port forwarding to host %s port %d", host, port);
3002 3023
3024 permitted_adm_opens = xrealloc(permitted_adm_opens,
3025 num_adm_permitted_opens + 1, sizeof(*permitted_adm_opens));
3003 permitted_adm_opens[num_adm_permitted_opens].host_to_connect 3026 permitted_adm_opens[num_adm_permitted_opens].host_to_connect
3004 = xstrdup(host); 3027 = xstrdup(host);
3005 permitted_adm_opens[num_adm_permitted_opens].port_to_connect = port; 3028 permitted_adm_opens[num_adm_permitted_opens].port_to_connect = port;
@@ -3014,6 +3037,10 @@ channel_clear_permitted_opens(void)
3014 for (i = 0; i < num_permitted_opens; i++) 3037 for (i = 0; i < num_permitted_opens; i++)
3015 if (permitted_opens[i].host_to_connect != NULL) 3038 if (permitted_opens[i].host_to_connect != NULL)
3016 xfree(permitted_opens[i].host_to_connect); 3039 xfree(permitted_opens[i].host_to_connect);
3040 if (num_permitted_opens > 0) {
3041 xfree(permitted_opens);
3042 permitted_opens = NULL;
3043 }
3017 num_permitted_opens = 0; 3044 num_permitted_opens = 0;
3018} 3045}
3019 3046
@@ -3025,6 +3052,10 @@ channel_clear_adm_permitted_opens(void)
3025 for (i = 0; i < num_adm_permitted_opens; i++) 3052 for (i = 0; i < num_adm_permitted_opens; i++)
3026 if (permitted_adm_opens[i].host_to_connect != NULL) 3053 if (permitted_adm_opens[i].host_to_connect != NULL)
3027 xfree(permitted_adm_opens[i].host_to_connect); 3054 xfree(permitted_adm_opens[i].host_to_connect);
3055 if (num_adm_permitted_opens > 0) {
3056 xfree(permitted_adm_opens);
3057 permitted_adm_opens = NULL;
3058 }
3028 num_adm_permitted_opens = 0; 3059 num_adm_permitted_opens = 0;
3029} 3060}
3030 3061
diff --git a/channels.h b/channels.h
index cc71885f4..0680ed00e 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: channels.h,v 1.103 2010/01/26 01:28:35 djm Exp $ */ 1/* $OpenBSD: channels.h,v 1.104 2010/05/14 23:29:23 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -60,6 +60,7 @@
60struct Channel; 60struct Channel;
61typedef struct Channel Channel; 61typedef struct Channel Channel;
62 62
63typedef void channel_open_fn(int, int, void *);
63typedef void channel_callback_fn(int, void *); 64typedef void channel_callback_fn(int, void *);
64typedef int channel_infilter_fn(struct Channel *, char *, int); 65typedef int channel_infilter_fn(struct Channel *, char *, int);
65typedef void channel_filter_cleanup_fn(int, void *); 66typedef void channel_filter_cleanup_fn(int, void *);
@@ -130,7 +131,7 @@ struct Channel {
130 char *ctype; /* type */ 131 char *ctype; /* type */
131 132
132 /* callback */ 133 /* callback */
133 channel_callback_fn *open_confirm; 134 channel_open_fn *open_confirm;
134 void *open_confirm_ctx; 135 void *open_confirm_ctx;
135 channel_callback_fn *detach_user; 136 channel_callback_fn *detach_user;
136 int detach_close; 137 int detach_close;
@@ -151,6 +152,7 @@ struct Channel {
151 /* multiplexing protocol hook, called for each packet received */ 152 /* multiplexing protocol hook, called for each packet received */
152 mux_callback_fn *mux_rcb; 153 mux_callback_fn *mux_rcb;
153 void *mux_ctx; 154 void *mux_ctx;
155 int mux_pause;
154}; 156};
155 157
156#define CHAN_EXTENDED_IGNORE 0 158#define CHAN_EXTENDED_IGNORE 0
@@ -208,7 +210,7 @@ void channel_stop_listening(void);
208void channel_send_open(int); 210void channel_send_open(int);
209void channel_request_start(int, char *, int); 211void channel_request_start(int, char *, int);
210void channel_register_cleanup(int, channel_callback_fn *, int); 212void channel_register_cleanup(int, channel_callback_fn *, int);
211void channel_register_open_confirm(int, channel_callback_fn *, void *); 213void channel_register_open_confirm(int, channel_open_fn *, void *);
212void channel_register_filter(int, channel_infilter_fn *, 214void channel_register_filter(int, channel_infilter_fn *,
213 channel_outfilter_fn *, channel_filter_cleanup_fn *, void *); 215 channel_outfilter_fn *, channel_filter_cleanup_fn *, void *);
214void channel_register_status_confirm(int, channel_confirm_cb *, 216void channel_register_status_confirm(int, channel_confirm_cb *,
diff --git a/clientloop.c b/clientloop.c
index 05e7de067..337f47c09 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.c,v 1.219 2010/03/13 21:10:38 djm Exp $ */ 1/* $OpenBSD: clientloop.c,v 1.222 2010/07/19 09:15:12 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -149,6 +149,9 @@ static volatile sig_atomic_t received_signal = 0;
149/* Flag indicating whether the user's terminal is in non-blocking mode. */ 149/* Flag indicating whether the user's terminal is in non-blocking mode. */
150static int in_non_blocking_mode = 0; 150static int in_non_blocking_mode = 0;
151 151
152/* Time when backgrounded control master using ControlPersist should exit */
153static time_t control_persist_exit_time = 0;
154
152/* Common data for the client loop code. */ 155/* Common data for the client loop code. */
153volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */ 156volatile sig_atomic_t quit_pending; /* Set non-zero to quit the loop. */
154static int escape_char1; /* Escape character. (proto1 only) */ 157static int escape_char1; /* Escape character. (proto1 only) */
@@ -159,11 +162,12 @@ static int stdin_eof; /* EOF has been encountered on stderr. */
159static Buffer stdin_buffer; /* Buffer for stdin data. */ 162static Buffer stdin_buffer; /* Buffer for stdin data. */
160static Buffer stdout_buffer; /* Buffer for stdout data. */ 163static Buffer stdout_buffer; /* Buffer for stdout data. */
161static Buffer stderr_buffer; /* Buffer for stderr data. */ 164static Buffer stderr_buffer; /* Buffer for stderr data. */
162static u_int buffer_high;/* Soft max buffer size. */ 165static u_int buffer_high; /* Soft max buffer size. */
163static int connection_in; /* Connection to server (input). */ 166static int connection_in; /* Connection to server (input). */
164static int connection_out; /* Connection to server (output). */ 167static int connection_out; /* Connection to server (output). */
165static int need_rekeying; /* Set to non-zero if rekeying is requested. */ 168static int need_rekeying; /* Set to non-zero if rekeying is requested. */
166static int session_closed = 0; /* In SSH2: login session closed. */ 169static int session_closed; /* In SSH2: login session closed. */
170static int x11_refuse_time; /* If >0, refuse x11 opens after this time. */
167 171
168static void client_init_dispatch(void); 172static void client_init_dispatch(void);
169int session_ident = -1; 173int session_ident = -1;
@@ -255,10 +259,38 @@ get_current_time(void)
255 return (double) tv.tv_sec + (double) tv.tv_usec / 1000000.0; 259 return (double) tv.tv_sec + (double) tv.tv_usec / 1000000.0;
256} 260}
257 261
262/*
263 * Sets control_persist_exit_time to the absolute time when the
264 * backgrounded control master should exit due to expiry of the
265 * ControlPersist timeout. Sets it to 0 if we are not a backgrounded
266 * control master process, or if there is no ControlPersist timeout.
267 */
268static void
269set_control_persist_exit_time(void)
270{
271 if (muxserver_sock == -1 || !options.control_persist
272 || options.control_persist_timeout == 0)
273 /* not using a ControlPersist timeout */
274 control_persist_exit_time = 0;
275 else if (channel_still_open()) {
276 /* some client connections are still open */
277 if (control_persist_exit_time > 0)
278 debug2("%s: cancel scheduled exit", __func__);
279 control_persist_exit_time = 0;
280 } else if (control_persist_exit_time <= 0) {
281 /* a client connection has recently closed */
282 control_persist_exit_time = time(NULL) +
283 (time_t)options.control_persist_timeout;
284 debug2("%s: schedule exit in %d seconds", __func__,
285 options.control_persist_timeout);
286 }
287 /* else we are already counting down to the timeout */
288}
289
258#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" 290#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1"
259void 291void
260client_x11_get_proto(const char *display, const char *xauth_path, 292client_x11_get_proto(const char *display, const char *xauth_path,
261 u_int trusted, char **_proto, char **_data) 293 u_int trusted, u_int timeout, char **_proto, char **_data)
262{ 294{
263 char cmd[1024]; 295 char cmd[1024];
264 char line[512]; 296 char line[512];
@@ -268,6 +300,7 @@ client_x11_get_proto(const char *display, const char *xauth_path,
268 int got_data = 0, generated = 0, do_unlink = 0, i; 300 int got_data = 0, generated = 0, do_unlink = 0, i;
269 char *xauthdir, *xauthfile; 301 char *xauthdir, *xauthfile;
270 struct stat st; 302 struct stat st;
303 u_int now;
271 304
272 xauthdir = xauthfile = NULL; 305 xauthdir = xauthfile = NULL;
273 *_proto = proto; 306 *_proto = proto;
@@ -303,11 +336,18 @@ client_x11_get_proto(const char *display, const char *xauth_path,
303 xauthdir); 336 xauthdir);
304 snprintf(cmd, sizeof(cmd), 337 snprintf(cmd, sizeof(cmd),
305 "%s -f %s generate %s " SSH_X11_PROTO 338 "%s -f %s generate %s " SSH_X11_PROTO
306 " untrusted timeout 1200 2>" _PATH_DEVNULL, 339 " untrusted timeout %u 2>" _PATH_DEVNULL,
307 xauth_path, xauthfile, display); 340 xauth_path, xauthfile, display, timeout);
308 debug2("x11_get_proto: %s", cmd); 341 debug2("x11_get_proto: %s", cmd);
309 if (system(cmd) == 0) 342 if (system(cmd) == 0)
310 generated = 1; 343 generated = 1;
344 if (x11_refuse_time == 0) {
345 now = time(NULL) + 1;
346 if (UINT_MAX - timeout < now)
347 x11_refuse_time = UINT_MAX;
348 else
349 x11_refuse_time = now + timeout;
350 }
311 } 351 }
312 } 352 }
313 353
@@ -533,6 +573,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
533 int *maxfdp, u_int *nallocp, int rekeying) 573 int *maxfdp, u_int *nallocp, int rekeying)
534{ 574{
535 struct timeval tv, *tvp; 575 struct timeval tv, *tvp;
576 int timeout_secs;
536 int ret; 577 int ret;
537 578
538 /* Add any selections by the channel mechanism. */ 579 /* Add any selections by the channel mechanism. */
@@ -576,16 +617,27 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp,
576 /* 617 /*
577 * Wait for something to happen. This will suspend the process until 618 * Wait for something to happen. This will suspend the process until
578 * some selected descriptor can be read, written, or has some other 619 * some selected descriptor can be read, written, or has some other
579 * event pending. 620 * event pending, or a timeout expires.
580 */ 621 */
581 622
582 if (options.server_alive_interval == 0) 623 timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */
624 if (options.server_alive_interval > 0)
625 timeout_secs = options.server_alive_interval;
626 set_control_persist_exit_time();
627 if (control_persist_exit_time > 0) {
628 timeout_secs = MIN(timeout_secs,
629 control_persist_exit_time - time(NULL));
630 if (timeout_secs < 0)
631 timeout_secs = 0;
632 }
633 if (timeout_secs == INT_MAX)
583 tvp = NULL; 634 tvp = NULL;
584 else { 635 else {
585 tv.tv_sec = options.server_alive_interval; 636 tv.tv_sec = timeout_secs;
586 tv.tv_usec = 0; 637 tv.tv_usec = 0;
587 tvp = &tv; 638 tvp = &tv;
588 } 639 }
640
589 ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp); 641 ret = select((*maxfdp)+1, *readsetp, *writesetp, NULL, tvp);
590 if (ret < 0) { 642 if (ret < 0) {
591 char buf[100]; 643 char buf[100];
@@ -1487,6 +1539,18 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id)
1487 */ 1539 */
1488 if (FD_ISSET(connection_out, writeset)) 1540 if (FD_ISSET(connection_out, writeset))
1489 packet_write_poll(); 1541 packet_write_poll();
1542
1543 /*
1544 * If we are a backgrounded control master, and the
1545 * timeout has expired without any active client
1546 * connections, then quit.
1547 */
1548 if (control_persist_exit_time > 0) {
1549 if (time(NULL) >= control_persist_exit_time) {
1550 debug("ControlPersist timeout expired");
1551 break;
1552 }
1553 }
1490 } 1554 }
1491 if (readset) 1555 if (readset)
1492 xfree(readset); 1556 xfree(readset);
@@ -1706,6 +1770,11 @@ client_request_x11(const char *request_type, int rchan)
1706 "malicious server."); 1770 "malicious server.");
1707 return NULL; 1771 return NULL;
1708 } 1772 }
1773 if (x11_refuse_time != 0 && time(NULL) >= x11_refuse_time) {
1774 verbose("Rejected X11 connection after ForwardX11Timeout "
1775 "expired");
1776 return NULL;
1777 }
1709 originator = packet_get_string(NULL); 1778 originator = packet_get_string(NULL);
1710 if (datafellows & SSH_BUG_X11FWD) { 1779 if (datafellows & SSH_BUG_X11FWD) {
1711 debug2("buggy server: x11 request w/o originator_port"); 1780 debug2("buggy server: x11 request w/o originator_port");
@@ -1932,7 +2001,7 @@ client_session2_setup(int id, int want_tty, int want_subsystem,
1932 memset(&ws, 0, sizeof(ws)); 2001 memset(&ws, 0, sizeof(ws));
1933 2002
1934 channel_request_start(id, "pty-req", 1); 2003 channel_request_start(id, "pty-req", 1);
1935 client_expect_confirm(id, "PTY allocation", 0); 2004 client_expect_confirm(id, "PTY allocation", 1);
1936 packet_put_cstring(term != NULL ? term : ""); 2005 packet_put_cstring(term != NULL ? term : "");
1937 packet_put_int((u_int)ws.ws_col); 2006 packet_put_int((u_int)ws.ws_col);
1938 packet_put_int((u_int)ws.ws_row); 2007 packet_put_int((u_int)ws.ws_row);
diff --git a/clientloop.h b/clientloop.h
index 0b8257b99..52115db6e 100644
--- a/clientloop.h
+++ b/clientloop.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: clientloop.h,v 1.23 2010/01/26 01:28:35 djm Exp $ */ 1/* $OpenBSD: clientloop.h,v 1.25 2010/06/25 23:15:36 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -39,7 +39,7 @@
39 39
40/* Client side main loop for the interactive session. */ 40/* Client side main loop for the interactive session. */
41int client_loop(int, int, int); 41int client_loop(int, int, int);
42void client_x11_get_proto(const char *, const char *, u_int, 42void client_x11_get_proto(const char *, const char *, u_int, u_int,
43 char **, char **); 43 char **, char **);
44void client_global_request_reply_fwd(int, u_int32_t, void *); 44void client_global_request_reply_fwd(int, u_int32_t, void *);
45void client_session2_setup(int, int, int, const char *, struct termios *, 45void client_session2_setup(int, int, int, const char *, struct termios *,
@@ -63,6 +63,7 @@ void client_register_global_confirm(global_confirm_cb *, void *);
63#define SSHMUX_COMMAND_ALIVE_CHECK 2 /* Check master is alive */ 63#define SSHMUX_COMMAND_ALIVE_CHECK 2 /* Check master is alive */
64#define SSHMUX_COMMAND_TERMINATE 3 /* Ask master to exit */ 64#define SSHMUX_COMMAND_TERMINATE 3 /* Ask master to exit */
65#define SSHMUX_COMMAND_STDIO_FWD 4 /* Open stdio fwd (ssh -W) */ 65#define SSHMUX_COMMAND_STDIO_FWD 4 /* Open stdio fwd (ssh -W) */
66#define SSHMUX_COMMAND_FORWARD 5 /* Forward only, no command */
66 67
67void muxserver_listen(void); 68void muxserver_listen(void);
68void muxclient(const char *); 69void muxclient(const char *);
diff --git a/config.h.in b/config.h.in
index a609d72ba..8c2ddc7ed 100644
--- a/config.h.in
+++ b/config.h.in
@@ -900,6 +900,9 @@
900/* Define to 1 if you have the `strnvis' function. */ 900/* Define to 1 if you have the `strnvis' function. */
901#undef HAVE_STRNVIS 901#undef HAVE_STRNVIS
902 902
903/* Define to 1 if you have the `strptime' function. */
904#undef HAVE_STRPTIME
905
903/* Define to 1 if you have the `strsep' function. */ 906/* Define to 1 if you have the `strsep' function. */
904#undef HAVE_STRSEP 907#undef HAVE_STRSEP
905 908
diff --git a/configure b/configure
index 5ebdb15c6..ef3bb0f0f 100755
--- a/configure
+++ b/configure
@@ -1,5 +1,5 @@
1#! /bin/sh 1#! /bin/sh
2# From configure.ac Revision: 1.449 . 2# From configure.ac Revision: 1.451 .
3# Guess values for system-dependent variables and create Makefiles. 3# Guess values for system-dependent variables and create Makefiles.
4# Generated by GNU Autoconf 2.61 for OpenSSH Portable. 4# Generated by GNU Autoconf 2.61 for OpenSSH Portable.
5# 5#
@@ -13078,6 +13078,7 @@ fi
13078 13078
13079 13079
13080 13080
13081
13081for ac_func in \ 13082for ac_func in \
13082 arc4random \ 13083 arc4random \
13083 arc4random_buf \ 13084 arc4random_buf \
@@ -13158,6 +13159,7 @@ for ac_func in \
13158 strlcpy \ 13159 strlcpy \
13159 strmode \ 13160 strmode \
13160 strnvis \ 13161 strnvis \
13162 strptime \
13161 strtonum \ 13163 strtonum \
13162 strtoll \ 13164 strtoll \
13163 strtoul \ 13165 strtoul \
@@ -16492,6 +16494,12 @@ if test "${with_ssl_dir+set}" = set; then
16492 else 16494 else
16493 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 16495 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
16494 fi 16496 fi
16497 elif test -d "$withval/lib64"; then
16498 if test -n "${need_dash_r}"; then
16499 LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}"
16500 else
16501 LDFLAGS="-L${withval}/lib64 ${LDFLAGS}"
16502 fi
16495 else 16503 else
16496 if test -n "${need_dash_r}"; then 16504 if test -n "${need_dash_r}"; then
16497 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 16505 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
diff --git a/configure.ac b/configure.ac
index b82d48356..510b803b4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,4 +1,4 @@
1# $Id: configure.ac,v 1.449 2010/04/10 12:58:01 dtucker Exp $ 1# $Id: configure.ac,v 1.451 2010/08/16 03:15:23 dtucker Exp $
2# 2#
3# Copyright (c) 1999-2004 Damien Miller 3# Copyright (c) 1999-2004 Damien Miller
4# 4#
@@ -15,7 +15,7 @@
15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 16
17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org) 17AC_INIT(OpenSSH, Portable, openssh-unix-dev@mindrot.org)
18AC_REVISION($Revision: 1.449 $) 18AC_REVISION($Revision: 1.451 $)
19AC_CONFIG_SRCDIR([ssh.c]) 19AC_CONFIG_SRCDIR([ssh.c])
20 20
21AC_CONFIG_HEADER(config.h) 21AC_CONFIG_HEADER(config.h)
@@ -1451,6 +1451,7 @@ AC_CHECK_FUNCS( \
1451 strlcpy \ 1451 strlcpy \
1452 strmode \ 1452 strmode \
1453 strnvis \ 1453 strnvis \
1454 strptime \
1454 strtonum \ 1455 strtonum \
1455 strtoll \ 1456 strtoll \
1456 strtoul \ 1457 strtoul \
@@ -1930,6 +1931,12 @@ AC_ARG_WITH(ssl-dir,
1930 else 1931 else
1931 LDFLAGS="-L${withval}/lib ${LDFLAGS}" 1932 LDFLAGS="-L${withval}/lib ${LDFLAGS}"
1932 fi 1933 fi
1934 elif test -d "$withval/lib64"; then
1935 if test -n "${need_dash_r}"; then
1936 LDFLAGS="-L${withval}/lib64 -R${withval}/lib64 ${LDFLAGS}"
1937 else
1938 LDFLAGS="-L${withval}/lib64 ${LDFLAGS}"
1939 fi
1933 else 1940 else
1934 if test -n "${need_dash_r}"; then 1941 if test -n "${need_dash_r}"; then
1935 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" 1942 LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}"
diff --git a/contrib/aix/buildbff.sh b/contrib/aix/buildbff.sh
index 6648e8e65..ca4bf0210 100755
--- a/contrib/aix/buildbff.sh
+++ b/contrib/aix/buildbff.sh
@@ -1,7 +1,7 @@
1#!/bin/sh 1#!/bin/sh
2# 2#
3# buildbff.sh: Create AIX SMIT-installable OpenSSH packages 3# buildbff.sh: Create AIX SMIT-installable OpenSSH packages
4# $Id: buildbff.sh,v 1.11 2009/03/06 23:22:10 dtucker Exp $ 4# $Id: buildbff.sh,v 1.12 2010/04/18 03:35:00 dtucker Exp $
5# 5#
6# Author: Darren Tucker (dtucker at zip dot com dot au) 6# Author: Darren Tucker (dtucker at zip dot com dot au)
7# This file is placed in the public domain and comes with absolutely 7# This file is placed in the public domain and comes with absolutely
@@ -159,7 +159,7 @@ done
159# AIX 5.3 and newer have /dev/random and don't create ssh_prng_cmds 159# AIX 5.3 and newer have /dev/random and don't create ssh_prng_cmds
160if [ -f $FAKE_ROOT/$sysconfdir/ssh_prng_cmds ] 160if [ -f $FAKE_ROOT/$sysconfdir/ssh_prng_cmds ]
161then 161then
162 mv FAKE_ROOT/$sysconfdir/ssh_prng_cmds \ 162 mv $FAKE_ROOT/$sysconfdir/ssh_prng_cmds \
163 $FAKE_ROOT/$sysconfdir/ssh_prng_cmds.default 163 $FAKE_ROOT/$sysconfdir/ssh_prng_cmds.default
164fi 164fi
165 165
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec
index 6bea9a40f..515fe334d 100644
--- a/contrib/caldera/openssh.spec
+++ b/contrib/caldera/openssh.spec
@@ -16,12 +16,11 @@
16 16
17#old cvs stuff. please update before use. may be deprecated. 17#old cvs stuff. please update before use. may be deprecated.
18%define use_stable 1 18%define use_stable 1
19%define version 5.6p1
19%if %{use_stable} 20%if %{use_stable}
20 %define version 5.5p1
21 %define cvs %{nil} 21 %define cvs %{nil}
22 %define release 1 22 %define release 1
23%else 23%else
24 %define version 5.5p1
25 %define cvs cvs20050315 24 %define cvs cvs20050315
26 %define release 0r1 25 %define release 0r1
27%endif 26%endif
@@ -360,4 +359,4 @@ fi
360* Mon Jan 01 1998 ... 359* Mon Jan 01 1998 ...
361Template Version: 1.31 360Template Version: 1.31
362 361
363$Id: openssh.spec,v 1.70 2010/03/21 19:11:58 djm Exp $ 362$Id: openssh.spec,v 1.71 2010/08/08 16:32:09 djm Exp $
diff --git a/contrib/cygwin/README b/contrib/cygwin/README
index 3dd45014a..5f911e924 100644
--- a/contrib/cygwin/README
+++ b/contrib/cygwin/README
@@ -201,6 +201,7 @@ configure are used for the Cygwin binary distribution:
201 --mandir='${datadir}/man' \ 201 --mandir='${datadir}/man' \
202 --infodir='${datadir}/info' 202 --infodir='${datadir}/info'
203 --with-tcp-wrappers 203 --with-tcp-wrappers
204 --with-libedit
204 205
205If you want to create a Cygwin package, equivalent to the one 206If you want to create a Cygwin package, equivalent to the one
206in the Cygwin binary distribution, install like this: 207in the Cygwin binary distribution, install like this:
@@ -217,12 +218,15 @@ You must have installed the following packages to be able to build OpenSSH:
217 218
218- zlib 219- zlib
219- openssl-devel 220- openssl-devel
220- minires-devel
221 221
222If you want to build with --with-tcp-wrappers, you also need the package 222If you want to build with --with-tcp-wrappers, you also need the package
223 223
224- tcp_wrappers 224- tcp_wrappers
225 225
226If you want to build with --with-libedit, you also need the package
227
228- libedit-devel
229
226Please send requests, error reports etc. to cygwin@cygwin.com. 230Please send requests, error reports etc. to cygwin@cygwin.com.
227 231
228 232
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index c13cfe60d..77e66252e 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
1%define ver 5.5p1 1%define ver 5.6p1
2%define rel 1 2%define rel 1
3 3
4# OpenSSH privilege separation requires a user & group ID 4# OpenSSH privilege separation requires a user & group ID
@@ -74,7 +74,7 @@ Release: %{rel}
74%endif 74%endif
75URL: http://www.openssh.com/portable.html 75URL: http://www.openssh.com/portable.html
76Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz 76Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz
77%if ! %{skip_x11_askpass} 77%if ! %{no_x11_askpass}
78Source1: http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz 78Source1: http://www.jmknoble.net/software/x11-ssh-askpass/x11-ssh-askpass-%{aversion}.tar.gz
79%endif 79%endif
80License: BSD 80License: BSD
@@ -407,6 +407,9 @@ fi
407%endif 407%endif
408 408
409%changelog 409%changelog
410* Wed Jul 14 2010 Tim Rice <tim@multitalents.net>
411- test for skip_x11_askpass (line 77) should have been for no_x11_askpass
412
410* Mon Jun 2 2003 Damien Miller <djm@mindrot.org> 413* Mon Jun 2 2003 Damien Miller <djm@mindrot.org>
411- Remove noip6 option. This may be controlled at run-time in client config 414- Remove noip6 option. This may be controlled at run-time in client config
412 file using new AddressFamily directive 415 file using new AddressFamily directive
diff --git a/contrib/ssh-copy-id b/contrib/ssh-copy-id
index 2f757de4b..368645cb4 100644
--- a/contrib/ssh-copy-id
+++ b/contrib/ssh-copy-id
@@ -38,13 +38,17 @@ if [ "$#" -lt 1 ] || [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
38 exit 1 38 exit 1
39fi 39fi
40 40
41{ eval "$GET_ID" ; } | ssh ${1%:} "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1 41# strip any trailing colon
42host=`echo $1 | sed 's/:$//'`
43
44{ eval "$GET_ID" ; } | ssh $host "umask 077; test -d ~/.ssh || mkdir ~/.ssh ; cat >> ~/.ssh/authorized_keys" || exit 1
42 45
43cat <<EOF 46cat <<EOF
44Now try logging into the machine, with "ssh '${1%:}'", and check in: 47Now try logging into the machine, with "ssh '$host'", and check in:
45 48
46 .ssh/authorized_keys 49 ~/.ssh/authorized_keys
47 50
48to make sure we haven't added extra keys that you weren't expecting. 51to make sure we haven't added extra keys that you weren't expecting.
49 52
50EOF 53EOF
54
diff --git a/contrib/ssh-copy-id.1 b/contrib/ssh-copy-id.1
index f25ed01f2..cb15ab24d 100644
--- a/contrib/ssh-copy-id.1
+++ b/contrib/ssh-copy-id.1
@@ -25,19 +25,10 @@ ssh-copy-id \- install your public key in a remote machine's authorized_keys
25.br 25.br
26.SH DESCRIPTION 26.SH DESCRIPTION
27.BR ssh-copy-id 27.BR ssh-copy-id
28is a script that uses ssh to log into a remote machine (presumably 28is a script that uses ssh to log into a remote machine and
29using a login password, so password authentication should be enabled, 29append the indicated identity file to that machine's
30unless you've done some clever use of multiple identities)
31.PP
32It also changes the permissions of the remote user's home,
33.BR ~/.ssh ,
34and
35.B ~/.ssh/authorized_keys 30.B ~/.ssh/authorized_keys
36to remove group writability (which would otherwise prevent you from logging in, if the remote 31file.
37.B sshd
38has
39.B StrictModes
40set in its configuration).
41.PP 32.PP
42If the 33If the
43.B -i 34.B -i
@@ -59,7 +50,24 @@ produced no output, then it uses the contents of the identity
59file. Once it has one or more fingerprints (by whatever means) it 50file. Once it has one or more fingerprints (by whatever means) it
60uses ssh to append them to 51uses ssh to append them to
61.B ~/.ssh/authorized_keys 52.B ~/.ssh/authorized_keys
62on the remote machine (creating the file, and directory, if necessary) 53on the remote machine (creating the file, and directory, if necessary.)
54
55.SH NOTES
56This program does not modify the permissions of any
57pre-existing files or directories. Therefore, if the remote
58.B sshd
59has
60.B StrictModes
61set in its
62configuration, then the user's home,
63.B ~/.ssh
64folder, and
65.B ~/.ssh/authorized_keys
66file may need to have group writability disabled manually, e.g. via
67
68.B " chmod go-w ~ ~/.ssh ~/.ssh/authorized_keys"
69
70on the remote machine.
63 71
64.SH "SEE ALSO" 72.SH "SEE ALSO"
65.BR ssh (1), 73.BR ssh (1),
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index 52ed915dc..f099746f2 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -13,7 +13,7 @@
13 13
14Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation 14Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
15Name: openssh 15Name: openssh
16Version: 5.5p1 16Version: 5.6p1
17URL: http://www.openssh.com/ 17URL: http://www.openssh.com/
18Release: 1 18Release: 1
19Source0: openssh-%{version}.tar.gz 19Source0: openssh-%{version}.tar.gz
diff --git a/debian/changelog b/debian/changelog
index 47aee318f..4a72d01e4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,19 @@
1openssh (1:5.6p1-1) UNRELEASED; urgency=low
2
3 * New upstream release (http://www.openssh.com/txt/release-5.6):
4 - Added a ControlPersist option to ssh_config(5) that automatically
5 starts a background ssh(1) multiplex master when connecting. This
6 connection can stay alive indefinitely, or can be set to automatically
7 close after a user-specified duration of inactivity (closes: #335697,
8 #350898, #454787, #500573, #550262).
9 - Support AuthorizedKeysFile, AuthorizedPrincipalsFile,
10 HostbasedUsesNameFromPacketOnly, and PermitTunnel in sshd_config(5)
11 Match blocks (closes: #549858).
12 - sftp(1): fix ls in working directories that contain globbing
13 characters in their pathnames (LP: #530714).
14
15 -- Colin Watson <cjwatson@debian.org> Mon, 23 Aug 2010 23:22:10 +0100
16
1openssh (1:5.5p1-5) unstable; urgency=low 17openssh (1:5.5p1-5) unstable; urgency=low
2 18
3 * Use an architecture wildcard for libselinux1-dev (closes: #591740). 19 * Use an architecture wildcard for libselinux1-dev (closes: #591740).
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index e608bd20d..b0761420e 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -10,15 +10,15 @@ Index: b/servconf.c
10=================================================================== 10===================================================================
11--- a/servconf.c 11--- a/servconf.c
12+++ b/servconf.c 12+++ b/servconf.c
13@@ -135,6 +135,7 @@ 13@@ -136,6 +136,7 @@
14 options->zero_knowledge_password_authentication = -1;
15 options->revoked_keys_file = NULL; 14 options->revoked_keys_file = NULL;
16 options->trusted_user_ca_keys = NULL; 15 options->trusted_user_ca_keys = NULL;
16 options->authorized_principals_file = NULL;
17+ options->debian_banner = -1; 17+ options->debian_banner = -1;
18 } 18 }
19 19
20 void 20 void
21@@ -277,6 +278,8 @@ 21@@ -278,6 +279,8 @@
22 options->permit_tun = SSH_TUNMODE_NO; 22 options->permit_tun = SSH_TUNMODE_NO;
23 if (options->zero_knowledge_password_authentication == -1) 23 if (options->zero_knowledge_password_authentication == -1)
24 options->zero_knowledge_password_authentication = 0; 24 options->zero_knowledge_password_authentication = 0;
@@ -27,23 +27,23 @@ Index: b/servconf.c
27 27
28 /* Turn privilege separation on by default */ 28 /* Turn privilege separation on by default */
29 if (use_privsep == -1) 29 if (use_privsep == -1)
30@@ -325,6 +328,7 @@ 30@@ -326,6 +329,7 @@
31 sUsePrivilegeSeparation, sAllowAgentForwarding, 31 sUsePrivilegeSeparation, sAllowAgentForwarding,
32 sZeroKnowledgePasswordAuthentication, sHostCertificate, 32 sZeroKnowledgePasswordAuthentication, sHostCertificate,
33 sRevokedKeys, sTrustedUserCAKeys, 33 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
34+ sDebianBanner, 34+ sDebianBanner,
35 sDeprecated, sUnsupported 35 sDeprecated, sUnsupported
36 } ServerOpCodes; 36 } ServerOpCodes;
37 37
38@@ -457,6 +461,7 @@ 38@@ -459,6 +463,7 @@
39 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
40 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 39 { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
41 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 40 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
41 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
42+ { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, 42+ { "debianbanner", sDebianBanner, SSHCFG_GLOBAL },
43 { NULL, sBadOption, 0 } 43 { NULL, sBadOption, 0 }
44 }; 44 };
45 45
46@@ -1386,6 +1391,10 @@ 46@@ -1392,6 +1397,10 @@
47 charptr = &options->revoked_keys_file; 47 charptr = &options->revoked_keys_file;
48 goto parse_filename; 48 goto parse_filename;
49 49
@@ -85,7 +85,7 @@ Index: b/sshd_config.5
85=================================================================== 85===================================================================
86--- a/sshd_config.5 86--- a/sshd_config.5
87+++ b/sshd_config.5 87+++ b/sshd_config.5
88@@ -295,6 +295,11 @@ 88@@ -340,6 +340,11 @@
89 .Dq no . 89 .Dq no .
90 The default is 90 The default is
91 .Dq delayed . 91 .Dq delayed .
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index ac77919e6..2fe365639 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -24,15 +24,15 @@ Index: b/readconf.c
24=================================================================== 24===================================================================
25--- a/readconf.c 25--- a/readconf.c
26+++ b/readconf.c 26+++ b/readconf.c
27@@ -1132,7 +1132,7 @@ 27@@ -1179,7 +1179,7 @@
28 if (options->forward_x11 == -1) 28 if (options->forward_x11 == -1)
29 options->forward_x11 = 0; 29 options->forward_x11 = 0;
30 if (options->forward_x11_trusted == -1) 30 if (options->forward_x11_trusted == -1)
31- options->forward_x11_trusted = 0; 31- options->forward_x11_trusted = 0;
32+ options->forward_x11_trusted = 1; 32+ options->forward_x11_trusted = 1;
33 if (options->forward_x11_timeout == -1)
34 options->forward_x11_timeout = 1200;
33 if (options->exit_on_forward_failure == -1) 35 if (options->exit_on_forward_failure == -1)
34 options->exit_on_forward_failure = 0;
35 if (options->xauth_location == NULL)
36Index: b/ssh_config 36Index: b/ssh_config
37=================================================================== 37===================================================================
38--- a/ssh_config 38--- a/ssh_config
@@ -84,7 +84,7 @@ Index: b/ssh_config.5
84 The configuration file has the following format: 84 The configuration file has the following format:
85 .Pp 85 .Pp
86 Empty lines and lines starting with 86 Empty lines and lines starting with
87@@ -452,7 +468,8 @@ 87@@ -483,7 +499,8 @@
88 Remote clients will be refused access after this time. 88 Remote clients will be refused access after this time.
89 .Pp 89 .Pp
90 The default is 90 The default is
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch
index 4c555799f..fb522013c 100644
--- a/debian/patches/doc-hash-tab-completion.patch
+++ b/debian/patches/doc-hash-tab-completion.patch
@@ -8,7 +8,7 @@ Index: b/ssh_config.5
8=================================================================== 8===================================================================
9--- a/ssh_config.5 9--- a/ssh_config.5
10+++ b/ssh_config.5 10+++ b/ssh_config.5
11@@ -531,6 +531,9 @@ 11@@ -562,6 +562,9 @@
12 will not be converted automatically, 12 will not be converted automatically,
13 but may be manually hashed using 13 but may be manually hashed using
14 .Xr ssh-keygen 1 . 14 .Xr ssh-keygen 1 .
diff --git a/debian/patches/gssapi-autoconf.patch b/debian/patches/gssapi-autoconf.patch
index 3ea221834..d88382dcb 100644
--- a/debian/patches/gssapi-autoconf.patch
+++ b/debian/patches/gssapi-autoconf.patch
@@ -7,7 +7,7 @@ Index: b/config.h.in
7=================================================================== 7===================================================================
8--- a/config.h.in 8--- a/config.h.in
9+++ b/config.h.in 9+++ b/config.h.in
10@@ -1384,6 +1384,9 @@ 10@@ -1387,6 +1387,9 @@
11 /* Use btmp to log bad logins */ 11 /* Use btmp to log bad logins */
12 #undef USE_BTMP 12 #undef USE_BTMP
13 13
@@ -17,7 +17,7 @@ Index: b/config.h.in
17 /* Use libedit for sftp */ 17 /* Use libedit for sftp */
18 #undef USE_LIBEDIT 18 #undef USE_LIBEDIT
19 19
20@@ -1396,6 +1399,9 @@ 20@@ -1399,6 +1402,9 @@
21 /* Use PIPES instead of a socketpair() */ 21 /* Use PIPES instead of a socketpair() */
22 #undef USE_PIPES 22 #undef USE_PIPES
23 23
diff --git a/debian/patches/gssapi-compat.patch b/debian/patches/gssapi-compat.patch
index 369a23360..b93134933 100644
--- a/debian/patches/gssapi-compat.patch
+++ b/debian/patches/gssapi-compat.patch
@@ -10,7 +10,7 @@ Index: b/servconf.c
10=================================================================== 10===================================================================
11--- a/servconf.c 11--- a/servconf.c
12+++ b/servconf.c 12+++ b/servconf.c
13@@ -380,16 +380,20 @@ 13@@ -381,16 +381,20 @@
14 #ifdef GSSAPI 14 #ifdef GSSAPI
15 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 15 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
16 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 16 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
diff --git a/debian/patches/gssapi-dump.patch b/debian/patches/gssapi-dump.patch
index 6e09df484..0969c59b4 100644
--- a/debian/patches/gssapi-dump.patch
+++ b/debian/patches/gssapi-dump.patch
@@ -11,7 +11,7 @@ Index: b/servconf.c
11=================================================================== 11===================================================================
12--- a/servconf.c 12--- a/servconf.c
13+++ b/servconf.c 13+++ b/servconf.c
14@@ -1677,7 +1677,10 @@ 14@@ -1688,7 +1688,10 @@
15 #endif 15 #endif
16 #ifdef GSSAPI 16 #ifdef GSSAPI
17 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); 17 dump_cfg_fmtint(sGssAuthentication, o->gss_authentication);
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index e39239fbd..778c23023 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -364,7 +364,7 @@ Index: b/clientloop.c
364 /* import options */ 364 /* import options */
365 extern Options options; 365 extern Options options;
366 366
367@@ -1431,6 +1435,15 @@ 367@@ -1483,6 +1487,15 @@
368 /* Do channel operations unless rekeying in progress. */ 368 /* Do channel operations unless rekeying in progress. */
369 if (!rekeying) { 369 if (!rekeying) {
370 channel_after_select(readset, writeset); 370 channel_after_select(readset, writeset);
@@ -1918,9 +1918,9 @@ Index: b/key.c
1918=================================================================== 1918===================================================================
1919--- a/key.c 1919--- a/key.c
1920+++ b/key.c 1920+++ b/key.c
1921@@ -982,6 +982,8 @@ 1921@@ -1020,6 +1020,8 @@
1922 return KEY_RSA_CERT; 1922 return KEY_RSA_CERT;
1923 } else if (strcmp(name, "ssh-dss-cert-v00@openssh.com") == 0) { 1923 } else if (strcmp(name, "ssh-dss-cert-v01@openssh.com") == 0) {
1924 return KEY_DSA_CERT; 1924 return KEY_DSA_CERT;
1925+ } else if (strcmp(name, "null") == 0) { 1925+ } else if (strcmp(name, "null") == 0) {
1926+ return KEY_NULL; 1926+ return KEY_NULL;
@@ -1931,10 +1931,10 @@ Index: b/key.h
1931=================================================================== 1931===================================================================
1932--- a/key.h 1932--- a/key.h
1933+++ b/key.h 1933+++ b/key.h
1934@@ -37,6 +37,7 @@ 1934@@ -39,6 +39,7 @@
1935 KEY_DSA,
1936 KEY_RSA_CERT,
1937 KEY_DSA_CERT, 1935 KEY_DSA_CERT,
1936 KEY_RSA_CERT_V00,
1937 KEY_DSA_CERT_V00,
1938+ KEY_NULL, 1938+ KEY_NULL,
1939 KEY_UNSPEC 1939 KEY_UNSPEC
1940 }; 1940 };
@@ -2239,9 +2239,9 @@ Index: b/readconf.c
2239 oAddressFamily, oGssAuthentication, oGssDelegateCreds, 2239 oAddressFamily, oGssAuthentication, oGssDelegateCreds,
2240+ oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, 2240+ oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
2241 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, 2241 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
2242 oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, 2242 oSendEnv, oControlPath, oControlMaster, oControlPersist,
2243 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, 2243 oHashKnownHosts,
2244@@ -164,10 +165,18 @@ 2244@@ -166,10 +167,18 @@
2245 { "afstokenpassing", oUnsupported }, 2245 { "afstokenpassing", oUnsupported },
2246 #if defined(GSSAPI) 2246 #if defined(GSSAPI)
2247 { "gssapiauthentication", oGssAuthentication }, 2247 { "gssapiauthentication", oGssAuthentication },
@@ -2260,7 +2260,7 @@ Index: b/readconf.c
2260 #endif 2260 #endif
2261 { "fallbacktorsh", oDeprecated }, 2261 { "fallbacktorsh", oDeprecated },
2262 { "usersh", oDeprecated }, 2262 { "usersh", oDeprecated },
2263@@ -456,10 +465,26 @@ 2263@@ -474,10 +483,26 @@
2264 intptr = &options->gss_authentication; 2264 intptr = &options->gss_authentication;
2265 goto parse_flag; 2265 goto parse_flag;
2266 2266
@@ -2287,7 +2287,7 @@ Index: b/readconf.c
2287 case oBatchMode: 2287 case oBatchMode:
2288 intptr = &options->batch_mode; 2288 intptr = &options->batch_mode;
2289 goto parse_flag; 2289 goto parse_flag;
2290@@ -1015,7 +1040,11 @@ 2290@@ -1058,7 +1083,11 @@
2291 options->pubkey_authentication = -1; 2291 options->pubkey_authentication = -1;
2292 options->challenge_response_authentication = -1; 2292 options->challenge_response_authentication = -1;
2293 options->gss_authentication = -1; 2293 options->gss_authentication = -1;
@@ -2299,7 +2299,7 @@ Index: b/readconf.c
2299 options->password_authentication = -1; 2299 options->password_authentication = -1;
2300 options->kbd_interactive_authentication = -1; 2300 options->kbd_interactive_authentication = -1;
2301 options->kbd_interactive_devices = NULL; 2301 options->kbd_interactive_devices = NULL;
2302@@ -1107,8 +1136,14 @@ 2302@@ -1156,8 +1185,14 @@
2303 options->challenge_response_authentication = 1; 2303 options->challenge_response_authentication = 1;
2304 if (options->gss_authentication == -1) 2304 if (options->gss_authentication == -1)
2305 options->gss_authentication = 0; 2305 options->gss_authentication = 0;
@@ -2318,7 +2318,7 @@ Index: b/readconf.h
2318=================================================================== 2318===================================================================
2319--- a/readconf.h 2319--- a/readconf.h
2320+++ b/readconf.h 2320+++ b/readconf.h
2321@@ -44,7 +44,11 @@ 2321@@ -46,7 +46,11 @@
2322 int challenge_response_authentication; 2322 int challenge_response_authentication;
2323 /* Try S/Key or TIS, authentication. */ 2323 /* Try S/Key or TIS, authentication. */
2324 int gss_authentication; /* Try GSS authentication */ 2324 int gss_authentication; /* Try GSS authentication */
@@ -2345,7 +2345,7 @@ Index: b/servconf.c
2345 options->password_authentication = -1; 2345 options->password_authentication = -1;
2346 options->kbd_interactive_authentication = -1; 2346 options->kbd_interactive_authentication = -1;
2347 options->challenge_response_authentication = -1; 2347 options->challenge_response_authentication = -1;
2348@@ -214,8 +217,14 @@ 2348@@ -215,8 +218,14 @@
2349 options->kerberos_get_afs_token = 0; 2349 options->kerberos_get_afs_token = 0;
2350 if (options->gss_authentication == -1) 2350 if (options->gss_authentication == -1)
2351 options->gss_authentication = 0; 2351 options->gss_authentication = 0;
@@ -2360,7 +2360,7 @@ Index: b/servconf.c
2360 if (options->password_authentication == -1) 2360 if (options->password_authentication == -1)
2361 options->password_authentication = 1; 2361 options->password_authentication = 1;
2362 if (options->kbd_interactive_authentication == -1) 2362 if (options->kbd_interactive_authentication == -1)
2363@@ -306,7 +315,9 @@ 2363@@ -307,7 +316,9 @@
2364 sBanner, sUseDNS, sHostbasedAuthentication, 2364 sBanner, sUseDNS, sHostbasedAuthentication,
2365 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, 2365 sHostbasedUsesNameFromPacketOnly, sClientAliveInterval,
2366 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2, 2366 sClientAliveCountMax, sAuthorizedKeysFile, sAuthorizedKeysFile2,
@@ -2371,7 +2371,7 @@ Index: b/servconf.c
2371 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 2371 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
2372 sUsePrivilegeSeparation, sAllowAgentForwarding, 2372 sUsePrivilegeSeparation, sAllowAgentForwarding,
2373 sZeroKnowledgePasswordAuthentication, sHostCertificate, 2373 sZeroKnowledgePasswordAuthentication, sHostCertificate,
2374@@ -369,9 +380,15 @@ 2374@@ -370,9 +381,15 @@
2375 #ifdef GSSAPI 2375 #ifdef GSSAPI
2376 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, 2376 { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL },
2377 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, 2377 { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL },
@@ -2387,7 +2387,7 @@ Index: b/servconf.c
2387 #endif 2387 #endif
2388 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, 2388 { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL },
2389 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, 2389 { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL },
2390@@ -924,10 +941,22 @@ 2390@@ -926,10 +943,22 @@
2391 intptr = &options->gss_authentication; 2391 intptr = &options->gss_authentication;
2392 goto parse_flag; 2392 goto parse_flag;
2393 2393
@@ -2543,7 +2543,7 @@ Index: b/ssh_config.5
2543=================================================================== 2543===================================================================
2544--- a/ssh_config.5 2544--- a/ssh_config.5
2545+++ b/ssh_config.5 2545+++ b/ssh_config.5
2546@@ -478,11 +478,38 @@ 2546@@ -509,11 +509,38 @@
2547 The default is 2547 The default is
2548 .Dq no . 2548 .Dq no .
2549 Note that this option applies to protocol version 2 only. 2549 Note that this option applies to protocol version 2 only.
@@ -2794,7 +2794,7 @@ Index: b/sshd.c
2794 #ifdef LIBWRAP 2794 #ifdef LIBWRAP
2795 #include <tcpd.h> 2795 #include <tcpd.h>
2796 #include <syslog.h> 2796 #include <syslog.h>
2797@@ -1577,10 +1581,13 @@ 2797@@ -1586,10 +1590,13 @@
2798 logit("Disabling protocol version 1. Could not load host key"); 2798 logit("Disabling protocol version 1. Could not load host key");
2799 options.protocol &= ~SSH_PROTO_1; 2799 options.protocol &= ~SSH_PROTO_1;
2800 } 2800 }
@@ -2808,7 +2808,7 @@ Index: b/sshd.c
2808 if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { 2808 if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) {
2809 logit("sshd: no hostkeys available -- exiting."); 2809 logit("sshd: no hostkeys available -- exiting.");
2810 exit(1); 2810 exit(1);
2811@@ -1909,6 +1916,60 @@ 2811@@ -1918,6 +1925,60 @@
2812 /* Log the connection. */ 2812 /* Log the connection. */
2813 verbose("Connection from %.500s port %d", remote_ip, remote_port); 2813 verbose("Connection from %.500s port %d", remote_ip, remote_port);
2814 2814
@@ -2869,7 +2869,7 @@ Index: b/sshd.c
2869 /* 2869 /*
2870 * We don't want to listen forever unless the other side 2870 * We don't want to listen forever unless the other side
2871 * successfully authenticates itself. So we set up an alarm which is 2871 * successfully authenticates itself. So we set up an alarm which is
2872@@ -2287,12 +2348,61 @@ 2872@@ -2296,12 +2357,61 @@
2873 2873
2874 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types(); 2874 myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = list_hostkey_types();
2875 2875
@@ -2948,7 +2948,7 @@ Index: b/sshd_config.5
2948=================================================================== 2948===================================================================
2949--- a/sshd_config.5 2949--- a/sshd_config.5
2950+++ b/sshd_config.5 2950+++ b/sshd_config.5
2951@@ -379,12 +379,40 @@ 2951@@ -424,12 +424,40 @@
2952 The default is 2952 The default is
2953 .Dq no . 2953 .Dq no .
2954 Note that this option applies to protocol version 2 only. 2954 Note that this option applies to protocol version 2 only.
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index 36335f475..9e1705719 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -18,15 +18,15 @@ Index: b/readconf.c
18=================================================================== 18===================================================================
19--- a/readconf.c 19--- a/readconf.c
20+++ b/readconf.c 20+++ b/readconf.c
21@@ -133,6 +133,7 @@ 21@@ -134,6 +134,7 @@
22 oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, 22 oHashKnownHosts,
23 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, 23 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
24 oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, 24 oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
25+ oProtocolKeepAlives, oSetupTimeOut, 25+ oProtocolKeepAlives, oSetupTimeOut,
26 oDeprecated, oUnsupported 26 oDeprecated, oUnsupported
27 } OpCodes; 27 } OpCodes;
28 28
29@@ -248,6 +249,8 @@ 29@@ -251,6 +252,8 @@
30 #else 30 #else
31 { "zeroknowledgepasswordauthentication", oUnsupported }, 31 { "zeroknowledgepasswordauthentication", oUnsupported },
32 #endif 32 #endif
@@ -35,7 +35,7 @@ Index: b/readconf.c
35 35
36 { NULL, oBadOption } 36 { NULL, oBadOption }
37 }; 37 };
38@@ -847,6 +850,8 @@ 38@@ -865,6 +868,8 @@
39 goto parse_flag; 39 goto parse_flag;
40 40
41 case oServerAliveInterval: 41 case oServerAliveInterval:
@@ -44,7 +44,7 @@ Index: b/readconf.c
44 intptr = &options->server_alive_interval; 44 intptr = &options->server_alive_interval;
45 goto parse_time; 45 goto parse_time;
46 46
47@@ -1235,8 +1240,13 @@ 47@@ -1284,8 +1289,13 @@
48 options->rekey_limit = 0; 48 options->rekey_limit = 0;
49 if (options->verify_host_key_dns == -1) 49 if (options->verify_host_key_dns == -1)
50 options->verify_host_key_dns = 0; 50 options->verify_host_key_dns = 0;
@@ -78,7 +78,7 @@ Index: b/ssh_config.5
78 The argument must be 78 The argument must be
79 .Dq yes 79 .Dq yes
80 or 80 or
81@@ -963,8 +967,15 @@ 81@@ -994,8 +998,15 @@
82 will send a message through the encrypted 82 will send a message through the encrypted
83 channel to request a response from the server. 83 channel to request a response from the server.
84 The default 84 The default
@@ -95,7 +95,7 @@ Index: b/ssh_config.5
95 .It Cm StrictHostKeyChecking 95 .It Cm StrictHostKeyChecking
96 If this flag is set to 96 If this flag is set to
97 .Dq yes , 97 .Dq yes ,
98@@ -1003,6 +1014,12 @@ 98@@ -1034,6 +1045,12 @@
99 other side. 99 other side.
100 If they are sent, death of the connection or crash of one 100 If they are sent, death of the connection or crash of one
101 of the machines will be properly noticed. 101 of the machines will be properly noticed.
@@ -112,7 +112,7 @@ Index: b/sshd_config.5
112=================================================================== 112===================================================================
113--- a/sshd_config.5 113--- a/sshd_config.5
114+++ b/sshd_config.5 114+++ b/sshd_config.5
115@@ -936,6 +936,9 @@ 115@@ -985,6 +985,9 @@
116 .Pp 116 .Pp
117 To disable TCP keepalive messages, the value should be set to 117 To disable TCP keepalive messages, the value should be set to
118 .Dq no . 118 .Dq no .
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
index dea370a1b..de63e46f8 100644
--- a/debian/patches/openbsd-docs.patch
+++ b/debian/patches/openbsd-docs.patch
@@ -34,7 +34,7 @@ Index: b/ssh-keygen.1
34=================================================================== 34===================================================================
35--- a/ssh-keygen.1 35--- a/ssh-keygen.1
36+++ b/ssh-keygen.1 36+++ b/ssh-keygen.1
37@@ -145,9 +145,7 @@ 37@@ -148,9 +148,7 @@
38 .Pa ~/.ssh/id_dsa 38 .Pa ~/.ssh/id_dsa
39 or 39 or
40 .Pa ~/.ssh/id_rsa . 40 .Pa ~/.ssh/id_rsa .
@@ -45,7 +45,7 @@ Index: b/ssh-keygen.1
45 .Pp 45 .Pp
46 Normally this program generates the key and asks for a file in which 46 Normally this program generates the key and asks for a file in which
47 to store the private key. 47 to store the private key.
48@@ -367,9 +365,7 @@ 48@@ -394,9 +392,7 @@
49 .It Fl q 49 .It Fl q
50 Silence 50 Silence
51 .Nm ssh-keygen . 51 .Nm ssh-keygen .
@@ -60,7 +60,7 @@ Index: b/ssh.1
60=================================================================== 60===================================================================
61--- a/ssh.1 61--- a/ssh.1
62+++ b/ssh.1 62+++ b/ssh.1
63@@ -762,6 +762,10 @@ 63@@ -728,6 +728,10 @@
64 .Sx HISTORY 64 .Sx HISTORY
65 section of 65 section of
66 .Xr ssl 8 66 .Xr ssl 8
@@ -84,7 +84,7 @@ Index: b/sshd.8
84 It forks a new 84 It forks a new
85 daemon for each incoming connection. 85 daemon for each incoming connection.
86 The forked daemons handle 86 The forked daemons handle
87@@ -835,7 +835,7 @@ 87@@ -845,7 +845,7 @@
88 .Xr ssh 1 ) . 88 .Xr ssh 1 ) .
89 It should only be writable by root. 89 It should only be writable by root.
90 .Pp 90 .Pp
@@ -93,7 +93,7 @@ Index: b/sshd.8
93 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". 93 Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange".
94 The file format is described in 94 The file format is described in
95 .Xr moduli 5 . 95 .Xr moduli 5 .
96@@ -931,7 +931,6 @@ 96@@ -941,7 +941,6 @@
97 .Xr ssh-vulnkey 1 , 97 .Xr ssh-vulnkey 1 ,
98 .Xr chroot 2 , 98 .Xr chroot 2 ,
99 .Xr hosts_access 5 , 99 .Xr hosts_access 5 ,
@@ -105,7 +105,7 @@ Index: b/sshd_config.5
105=================================================================== 105===================================================================
106--- a/sshd_config.5 106--- a/sshd_config.5
107+++ b/sshd_config.5 107+++ b/sshd_config.5
108@@ -177,8 +177,7 @@ 108@@ -222,8 +222,7 @@
109 By default, no banner is displayed. 109 By default, no banner is displayed.
110 .It Cm ChallengeResponseAuthentication 110 .It Cm ChallengeResponseAuthentication
111 Specifies whether challenge-response authentication is allowed (e.g. via 111 Specifies whether challenge-response authentication is allowed (e.g. via
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index f45cc6968..67e014002 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -38,7 +38,7 @@ Index: b/version.h
38--- a/version.h 38--- a/version.h
39+++ b/version.h 39+++ b/version.h
40@@ -3,4 +3,9 @@ 40@@ -3,4 +3,9 @@
41 #define SSH_VERSION "OpenSSH_5.5" 41 #define SSH_VERSION "OpenSSH_5.6"
42 42
43 #define SSH_PORTABLE "p1" 43 #define SSH_PORTABLE "p1"
44-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE 44-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
diff --git a/debian/patches/quieter-signals.patch b/debian/patches/quieter-signals.patch
index 96a26cf7e..f8bc5fd4e 100644
--- a/debian/patches/quieter-signals.patch
+++ b/debian/patches/quieter-signals.patch
@@ -16,7 +16,7 @@ Index: b/clientloop.c
16=================================================================== 16===================================================================
17--- a/clientloop.c 17--- a/clientloop.c
18+++ b/clientloop.c 18+++ b/clientloop.c
19@@ -1530,8 +1530,10 @@ 19@@ -1594,8 +1594,10 @@
20 exit_status = 0; 20 exit_status = 0;
21 } 21 }
22 22
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch
index 99702c317..3f06225ad 100644
--- a/debian/patches/scp-quoting.patch
+++ b/debian/patches/scp-quoting.patch
@@ -11,7 +11,7 @@ Index: b/scp.c
11=================================================================== 11===================================================================
12--- a/scp.c 12--- a/scp.c
13+++ b/scp.c 13+++ b/scp.c
14@@ -168,8 +168,16 @@ 14@@ -182,8 +182,16 @@
15 15
16 if (verbose_mode) { 16 if (verbose_mode) {
17 fprintf(stderr, "Executing:"); 17 fprintf(stderr, "Executing:");
diff --git a/debian/patches/series b/debian/patches/series
index 699dbaa98..fe14d7a8d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -23,7 +23,6 @@ helpful-wait-terminate.patch
23user-group-modes.patch 23user-group-modes.patch
24scp-quoting.patch 24scp-quoting.patch
25shell-path.patch 25shell-path.patch
26ssh-copy-id-trailing-colons.patch
27dnssec-sshfp.patch 26dnssec-sshfp.patch
28 27
29# Versioning 28# Versioning
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch
index 851687dfd..4a651bfa1 100644
--- a/debian/patches/ssh-argv0.patch
+++ b/debian/patches/ssh-argv0.patch
@@ -11,7 +11,7 @@ Index: b/ssh.1
11=================================================================== 11===================================================================
12--- a/ssh.1 12--- a/ssh.1
13+++ b/ssh.1 13+++ b/ssh.1
14@@ -1430,6 +1430,7 @@ 14@@ -1396,6 +1396,7 @@
15 .Xr sftp 1 , 15 .Xr sftp 1 ,
16 .Xr ssh-add 1 , 16 .Xr ssh-add 1 ,
17 .Xr ssh-agent 1 , 17 .Xr ssh-agent 1 ,
diff --git a/debian/patches/ssh-copy-id-trailing-colons.patch b/debian/patches/ssh-copy-id-trailing-colons.patch
deleted file mode 100644
index 1063fc6bb..000000000
--- a/debian/patches/ssh-copy-id-trailing-colons.patch
+++ /dev/null
@@ -1,25 +0,0 @@
1Description: ssh-copy-id: Strip trailing colons from hostname
2Author: Karl Goetz <karl@kgoetz.id.au>
3Author: Colin Watson <cjwatson@debian.org>
4Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1530
5Bug-Debian: http://bugs.debian.org/226172
6Bug-Ubuntu: https://bugs.launchpad.net/bugs/249706
7Last-Update: 2010-02-27
8
9Index: b/contrib/ssh-copy-id
10===================================================================
11--- a/contrib/ssh-copy-id
12+++ b/contrib/ssh-copy-id
13@@ -38,10 +38,10 @@
14 exit 1
15 fi
16
17-{ eval "$GET_ID" ; } | ssh $1 "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1
18+{ eval "$GET_ID" ; } | ssh ${1%:} "umask 077; test -d .ssh || mkdir .ssh ; cat >> .ssh/authorized_keys" || exit 1
19
20 cat <<EOF
21-Now try logging into the machine, with "ssh '$1'", and check in:
22+Now try logging into the machine, with "ssh '${1%:}'", and check in:
23
24 .ssh/authorized_keys
25
diff --git a/debian/patches/ssh-vulnkey.patch b/debian/patches/ssh-vulnkey.patch
index af56dc031..ecb6e0c64 100644
--- a/debian/patches/ssh-vulnkey.patch
+++ b/debian/patches/ssh-vulnkey.patch
@@ -132,7 +132,7 @@ Index: b/auth.c
132 #include "auth.h" 132 #include "auth.h"
133 #include "auth-options.h" 133 #include "auth-options.h"
134 #include "canohost.h" 134 #include "canohost.h"
135@@ -593,10 +594,34 @@ 135@@ -615,10 +616,34 @@
136 136
137 /* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */ 137 /* Returns 1 if key is revoked by revoked_keys_file, 0 otherwise */
138 int 138 int
@@ -172,10 +172,10 @@ Index: b/auth.h
172=================================================================== 172===================================================================
173--- a/auth.h 173--- a/auth.h
174+++ b/auth.h 174+++ b/auth.h
175@@ -173,7 +173,7 @@ 175@@ -175,7 +175,7 @@
176 char *authorized_keys_file2(struct passwd *);
177 176
178 FILE *auth_openkeyfile(const char *, struct passwd *, int); 177 FILE *auth_openkeyfile(const char *, struct passwd *, int);
178 FILE *auth_openprincipals(const char *, struct passwd *, int);
179-int auth_key_is_revoked(Key *); 179-int auth_key_is_revoked(Key *);
180+int auth_key_is_revoked(Key *, int); 180+int auth_key_is_revoked(Key *, int);
181 181
@@ -185,9 +185,9 @@ Index: b/auth2-hostbased.c
185=================================================================== 185===================================================================
186--- a/auth2-hostbased.c 186--- a/auth2-hostbased.c
187+++ b/auth2-hostbased.c 187+++ b/auth2-hostbased.c
188@@ -145,7 +145,7 @@ 188@@ -146,7 +146,7 @@
189 HostStatus host_status;
190 int len; 189 int len;
190 char *fp;
191 191
192- if (auth_key_is_revoked(key)) 192- if (auth_key_is_revoked(key))
193+ if (auth_key_is_revoked(key, 0)) 193+ if (auth_key_is_revoked(key, 0))
@@ -198,7 +198,7 @@ Index: b/auth2-pubkey.c
198=================================================================== 198===================================================================
199--- a/auth2-pubkey.c 199--- a/auth2-pubkey.c
200+++ b/auth2-pubkey.c 200+++ b/auth2-pubkey.c
201@@ -328,9 +328,10 @@ 201@@ -439,9 +439,10 @@
202 int success; 202 int success;
203 char *file; 203 char *file;
204 204
@@ -223,7 +223,7 @@ Index: b/authfile.c
223 223
224 /* Version identification string for SSH v1 identity files. */ 224 /* Version identification string for SSH v1 identity files. */
225 static const char authfile_id_string[] = 225 static const char authfile_id_string[] =
226@@ -754,3 +755,140 @@ 226@@ -814,3 +815,140 @@
227 return ret; 227 return ret;
228 } 228 }
229 229
@@ -368,7 +368,7 @@ Index: b/authfile.h
368=================================================================== 368===================================================================
369--- a/authfile.h 369--- a/authfile.h
370+++ b/authfile.h 370+++ b/authfile.h
371@@ -24,4 +24,6 @@ 371@@ -26,4 +26,6 @@
372 int key_perm_ok(int, const char *); 372 int key_perm_ok(int, const char *);
373 int key_in_file(Key *, const char *, int); 373 int key_in_file(Key *, const char *, int);
374 374
@@ -412,7 +412,7 @@ Index: b/readconf.c
412 oHostKeyAlgorithms, oBindAddress, oPKCS11Provider, 412 oHostKeyAlgorithms, oBindAddress, oPKCS11Provider,
413 oClearAllForwardings, oNoHostAuthenticationForLocalhost, 413 oClearAllForwardings, oNoHostAuthenticationForLocalhost,
414 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, 414 oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
415@@ -152,6 +153,7 @@ 415@@ -154,6 +155,7 @@
416 { "passwordauthentication", oPasswordAuthentication }, 416 { "passwordauthentication", oPasswordAuthentication },
417 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, 417 { "kbdinteractiveauthentication", oKbdInteractiveAuthentication },
418 { "kbdinteractivedevices", oKbdInteractiveDevices }, 418 { "kbdinteractivedevices", oKbdInteractiveDevices },
@@ -420,7 +420,7 @@ Index: b/readconf.c
420 { "rsaauthentication", oRSAAuthentication }, 420 { "rsaauthentication", oRSAAuthentication },
421 { "pubkeyauthentication", oPubkeyAuthentication }, 421 { "pubkeyauthentication", oPubkeyAuthentication },
422 { "dsaauthentication", oPubkeyAuthentication }, /* alias */ 422 { "dsaauthentication", oPubkeyAuthentication }, /* alias */
423@@ -461,6 +463,10 @@ 423@@ -479,6 +481,10 @@
424 intptr = &options->challenge_response_authentication; 424 intptr = &options->challenge_response_authentication;
425 goto parse_flag; 425 goto parse_flag;
426 426
@@ -431,7 +431,7 @@ Index: b/readconf.c
431 case oGssAuthentication: 431 case oGssAuthentication:
432 intptr = &options->gss_authentication; 432 intptr = &options->gss_authentication;
433 goto parse_flag; 433 goto parse_flag;
434@@ -1050,6 +1056,7 @@ 434@@ -1093,6 +1099,7 @@
435 options->kbd_interactive_devices = NULL; 435 options->kbd_interactive_devices = NULL;
436 options->rhosts_rsa_authentication = -1; 436 options->rhosts_rsa_authentication = -1;
437 options->hostbased_authentication = -1; 437 options->hostbased_authentication = -1;
@@ -439,7 +439,7 @@ Index: b/readconf.c
439 options->batch_mode = -1; 439 options->batch_mode = -1;
440 options->check_host_ip = -1; 440 options->check_host_ip = -1;
441 options->strict_host_key_checking = -1; 441 options->strict_host_key_checking = -1;
442@@ -1152,6 +1159,8 @@ 442@@ -1201,6 +1208,8 @@
443 options->rhosts_rsa_authentication = 0; 443 options->rhosts_rsa_authentication = 0;
444 if (options->hostbased_authentication == -1) 444 if (options->hostbased_authentication == -1)
445 options->hostbased_authentication = 0; 445 options->hostbased_authentication = 0;
@@ -452,7 +452,7 @@ Index: b/readconf.h
452=================================================================== 452===================================================================
453--- a/readconf.h 453--- a/readconf.h
454+++ b/readconf.h 454+++ b/readconf.h
455@@ -54,6 +54,7 @@ 455@@ -56,6 +56,7 @@
456 int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ 456 int kbd_interactive_authentication; /* Try keyboard-interactive auth. */
457 char *kbd_interactive_devices; /* Keyboard-interactive auth devices. */ 457 char *kbd_interactive_devices; /* Keyboard-interactive auth devices. */
458 int zero_knowledge_password_authentication; /* Try jpake */ 458 int zero_knowledge_password_authentication; /* Try jpake */
@@ -472,7 +472,7 @@ Index: b/servconf.c
472 options->permit_empty_passwd = -1; 472 options->permit_empty_passwd = -1;
473 options->permit_user_env = -1; 473 options->permit_user_env = -1;
474 options->use_login = -1; 474 options->use_login = -1;
475@@ -231,6 +232,8 @@ 475@@ -232,6 +233,8 @@
476 options->kbd_interactive_authentication = 0; 476 options->kbd_interactive_authentication = 0;
477 if (options->challenge_response_authentication == -1) 477 if (options->challenge_response_authentication == -1)
478 options->challenge_response_authentication = 1; 478 options->challenge_response_authentication = 1;
@@ -481,7 +481,7 @@ Index: b/servconf.c
481 if (options->permit_empty_passwd == -1) 481 if (options->permit_empty_passwd == -1)
482 options->permit_empty_passwd = 0; 482 options->permit_empty_passwd = 0;
483 if (options->permit_user_env == -1) 483 if (options->permit_user_env == -1)
484@@ -306,7 +309,7 @@ 484@@ -307,7 +310,7 @@
485 sListenAddress, sAddressFamily, 485 sListenAddress, sAddressFamily,
486 sPrintMotd, sPrintLastLog, sIgnoreRhosts, 486 sPrintMotd, sPrintLastLog, sIgnoreRhosts,
487 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost, 487 sX11Forwarding, sX11DisplayOffset, sX11UseLocalhost,
@@ -490,7 +490,7 @@ Index: b/servconf.c
490 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression, 490 sPermitUserEnvironment, sUseLogin, sAllowTcpForwarding, sCompression,
491 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups, 491 sAllowUsers, sDenyUsers, sAllowGroups, sDenyGroups,
492 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile, 492 sIgnoreUserKnownHosts, sCiphers, sMacs, sProtocol, sPidFile,
493@@ -415,6 +418,7 @@ 493@@ -416,6 +419,7 @@
494 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, 494 { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL },
495 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, 495 { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL },
496 { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, 496 { "strictmodes", sStrictModes, SSHCFG_GLOBAL },
@@ -498,7 +498,7 @@ Index: b/servconf.c
498 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, 498 { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL },
499 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, 499 { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL },
500 { "uselogin", sUseLogin, SSHCFG_GLOBAL }, 500 { "uselogin", sUseLogin, SSHCFG_GLOBAL },
501@@ -1009,6 +1013,10 @@ 501@@ -1011,6 +1015,10 @@
502 intptr = &options->tcp_keep_alive; 502 intptr = &options->tcp_keep_alive;
503 goto parse_flag; 503 goto parse_flag;
504 504
@@ -509,7 +509,7 @@ Index: b/servconf.c
509 case sEmptyPasswd: 509 case sEmptyPasswd:
510 intptr = &options->permit_empty_passwd; 510 intptr = &options->permit_empty_passwd;
511 goto parse_flag; 511 goto parse_flag;
512@@ -1697,6 +1705,7 @@ 512@@ -1708,6 +1716,7 @@
513 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost); 513 dump_cfg_fmtint(sX11UseLocalhost, o->x11_use_localhost);
514 dump_cfg_fmtint(sStrictModes, o->strict_modes); 514 dump_cfg_fmtint(sStrictModes, o->strict_modes);
515 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive); 515 dump_cfg_fmtint(sTCPKeepAlive, o->tcp_keep_alive);
@@ -584,7 +584,7 @@ Index: b/ssh-keygen.1
584=================================================================== 584===================================================================
585--- a/ssh-keygen.1 585--- a/ssh-keygen.1
586+++ b/ssh-keygen.1 586+++ b/ssh-keygen.1
587@@ -628,6 +628,7 @@ 587@@ -669,6 +669,7 @@
588 .Xr ssh 1 , 588 .Xr ssh 1 ,
589 .Xr ssh-add 1 , 589 .Xr ssh-add 1 ,
590 .Xr ssh-agent 1 , 590 .Xr ssh-agent 1 ,
@@ -1236,7 +1236,7 @@ Index: b/ssh.1
1236=================================================================== 1236===================================================================
1237--- a/ssh.1 1237--- a/ssh.1
1238+++ b/ssh.1 1238+++ b/ssh.1
1239@@ -1426,6 +1426,7 @@ 1239@@ -1392,6 +1392,7 @@
1240 .Xr ssh-agent 1 , 1240 .Xr ssh-agent 1 ,
1241 .Xr ssh-keygen 1 , 1241 .Xr ssh-keygen 1 ,
1242 .Xr ssh-keyscan 1 , 1242 .Xr ssh-keyscan 1 ,
@@ -1248,7 +1248,7 @@ Index: b/ssh.c
1248=================================================================== 1248===================================================================
1249--- a/ssh.c 1249--- a/ssh.c
1250+++ b/ssh.c 1250+++ b/ssh.c
1251@@ -1301,7 +1301,7 @@ 1251@@ -1422,7 +1422,7 @@
1252 static void 1252 static void
1253 load_public_identity_files(void) 1253 load_public_identity_files(void)
1254 { 1254 {
@@ -1257,7 +1257,7 @@ Index: b/ssh.c
1257 char *pwdir = NULL, *pwname = NULL; 1257 char *pwdir = NULL, *pwname = NULL;
1258 int i = 0; 1258 int i = 0;
1259 Key *public; 1259 Key *public;
1260@@ -1358,6 +1358,22 @@ 1260@@ -1479,6 +1479,22 @@
1261 public = key_load_public(filename, NULL); 1261 public = key_load_public(filename, NULL);
1262 debug("identity file %s type %d", filename, 1262 debug("identity file %s type %d", filename,
1263 public ? public->type : -1); 1263 public ? public->type : -1);
@@ -1284,7 +1284,7 @@ Index: b/ssh_config.5
1284=================================================================== 1284===================================================================
1285--- a/ssh_config.5 1285--- a/ssh_config.5
1286+++ b/ssh_config.5 1286+++ b/ssh_config.5
1287@@ -1051,6 +1051,23 @@ 1287@@ -1082,6 +1082,23 @@
1288 .Dq any . 1288 .Dq any .
1289 The default is 1289 The default is
1290 .Dq any:any . 1290 .Dq any:any .
@@ -1312,7 +1312,7 @@ Index: b/sshconnect2.c
1312=================================================================== 1312===================================================================
1313--- a/sshconnect2.c 1313--- a/sshconnect2.c
1314+++ b/sshconnect2.c 1314+++ b/sshconnect2.c
1315@@ -1418,6 +1418,8 @@ 1315@@ -1421,6 +1421,8 @@
1316 1316
1317 /* list of keys stored in the filesystem */ 1317 /* list of keys stored in the filesystem */
1318 for (i = 0; i < options.num_identity_files; i++) { 1318 for (i = 0; i < options.num_identity_files; i++) {
@@ -1321,9 +1321,9 @@ Index: b/sshconnect2.c
1321 key = options.identity_keys[i]; 1321 key = options.identity_keys[i];
1322 if (key && key->type == KEY_RSA1) 1322 if (key && key->type == KEY_RSA1)
1323 continue; 1323 continue;
1324@@ -1510,7 +1512,7 @@ 1324@@ -1514,7 +1516,7 @@
1325 if (id->key && id->key->type != KEY_RSA1) { 1325 debug("Offering %s public key: %s", key_type(id->key),
1326 debug("Offering public key: %s", id->filename); 1326 id->filename);
1327 sent = send_pubkey_test(authctxt, id); 1327 sent = send_pubkey_test(authctxt, id);
1328- } else if (id->key == NULL) { 1328- } else if (id->key == NULL) {
1329+ } else if (id->key == NULL && id->filename) { 1329+ } else if (id->key == NULL && id->filename) {
@@ -1334,7 +1334,7 @@ Index: b/sshd.8
1334=================================================================== 1334===================================================================
1335--- a/sshd.8 1335--- a/sshd.8
1336+++ b/sshd.8 1336+++ b/sshd.8
1337@@ -928,6 +928,7 @@ 1337@@ -938,6 +938,7 @@
1338 .Xr ssh-agent 1 , 1338 .Xr ssh-agent 1 ,
1339 .Xr ssh-keygen 1 , 1339 .Xr ssh-keygen 1 ,
1340 .Xr ssh-keyscan 1 , 1340 .Xr ssh-keyscan 1 ,
@@ -1346,7 +1346,7 @@ Index: b/sshd.c
1346=================================================================== 1346===================================================================
1347--- a/sshd.c 1347--- a/sshd.c
1348+++ b/sshd.c 1348+++ b/sshd.c
1349@@ -1564,6 +1564,11 @@ 1349@@ -1573,6 +1573,11 @@
1350 sensitive_data.host_keys[i] = NULL; 1350 sensitive_data.host_keys[i] = NULL;
1351 continue; 1351 continue;
1352 } 1352 }
@@ -1362,7 +1362,7 @@ Index: b/sshd_config.5
1362=================================================================== 1362===================================================================
1363--- a/sshd_config.5 1363--- a/sshd_config.5
1364+++ b/sshd_config.5 1364+++ b/sshd_config.5
1365@@ -694,6 +694,20 @@ 1365@@ -743,6 +743,20 @@
1366 Specifies whether password authentication is allowed. 1366 Specifies whether password authentication is allowed.
1367 The default is 1367 The default is
1368 .Dq yes . 1368 .Dq yes .
diff --git a/debian/patches/ssh1-keepalive.patch b/debian/patches/ssh1-keepalive.patch
index 7682c0761..dac1ca1cc 100644
--- a/debian/patches/ssh1-keepalive.patch
+++ b/debian/patches/ssh1-keepalive.patch
@@ -7,20 +7,13 @@ Index: b/clientloop.c
7=================================================================== 7===================================================================
8--- a/clientloop.c 8--- a/clientloop.c
9+++ b/clientloop.c 9+++ b/clientloop.c
10@@ -507,16 +507,21 @@ 10@@ -547,16 +547,21 @@
11 static void 11 static void
12 server_alive_check(void) 12 server_alive_check(void)
13 { 13 {
14- if (packet_inc_alive_timeouts() > options.server_alive_count_max) { 14- if (packet_inc_alive_timeouts() > options.server_alive_count_max) {
15- logit("Timeout, server not responding."); 15- logit("Timeout, server not responding.");
16- cleanup_exit(255); 16- cleanup_exit(255);
17- }
18- packet_start(SSH2_MSG_GLOBAL_REQUEST);
19- packet_put_cstring("keepalive@openssh.com");
20- packet_put_char(1); /* boolean: want reply */
21- packet_send();
22- /* Insert an empty placeholder to maintain ordering */
23- client_register_global_confirm(NULL, NULL);
24+ if (compat20) { 17+ if (compat20) {
25+ if (packet_inc_alive_timeouts() > options.server_alive_count_max) { 18+ if (packet_inc_alive_timeouts() > options.server_alive_count_max) {
26+ logit("Timeout, server not responding."); 19+ logit("Timeout, server not responding.");
@@ -35,24 +28,30 @@ Index: b/clientloop.c
35+ } else { 28+ } else {
36+ packet_send_ignore(0); 29+ packet_send_ignore(0);
37+ packet_send(); 30+ packet_send();
38+ } 31 }
32- packet_start(SSH2_MSG_GLOBAL_REQUEST);
33- packet_put_cstring("keepalive@openssh.com");
34- packet_put_char(1); /* boolean: want reply */
35- packet_send();
36- /* Insert an empty placeholder to maintain ordering */
37- client_register_global_confirm(NULL, NULL);
39 } 38 }
40 39
41 /* 40 /*
42@@ -574,7 +579,7 @@ 41@@ -616,7 +621,7 @@
43 * event pending.
44 */ 42 */
45 43
46- if (options.server_alive_interval == 0 || !compat20) 44 timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */
47+ if (options.server_alive_interval == 0) 45- if (options.server_alive_interval > 0 && compat20)
48 tvp = NULL; 46+ if (options.server_alive_interval > 0)
49 else { 47 timeout_secs = options.server_alive_interval;
50 tv.tv_sec = options.server_alive_interval; 48 set_control_persist_exit_time();
49 if (control_persist_exit_time > 0) {
51Index: b/ssh_config.5 50Index: b/ssh_config.5
52=================================================================== 51===================================================================
53--- a/ssh_config.5 52--- a/ssh_config.5
54+++ b/ssh_config.5 53+++ b/ssh_config.5
55@@ -952,7 +952,10 @@ 54@@ -983,7 +983,10 @@
56 .Cm ServerAliveCountMax 55 .Cm ServerAliveCountMax
57 is left at the default, if the server becomes unresponsive, 56 is left at the default, if the server becomes unresponsive,
58 ssh will disconnect after approximately 45 seconds. 57 ssh will disconnect after approximately 45 seconds.
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 2dc912b8e..3cb9fdc65 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -26,7 +26,7 @@ Index: b/ssh.c
26=================================================================== 26===================================================================
27--- a/ssh.c 27--- a/ssh.c
28+++ b/ssh.c 28+++ b/ssh.c
29@@ -624,7 +624,7 @@ 29@@ -642,7 +642,7 @@
30 tty_flag = 0; 30 tty_flag = 0;
31 /* Do not allocate a tty if stdin is not a tty. */ 31 /* Do not allocate a tty if stdin is not a tty. */
32 if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) { 32 if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) {
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 164b8ec81..69700e592 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -24,7 +24,7 @@ Index: b/readconf.c
24 24
25 #include "xmalloc.h" 25 #include "xmalloc.h"
26 #include "ssh.h" 26 #include "ssh.h"
27@@ -1003,8 +1005,7 @@ 27@@ -1045,8 +1047,7 @@
28 28
29 if (fstat(fileno(f), &sb) == -1) 29 if (fstat(fileno(f), &sb) == -1)
30 fatal("fstat %s: %s", filename, strerror(errno)); 30 fatal("fstat %s: %s", filename, strerror(errno));
@@ -38,7 +38,7 @@ Index: b/ssh.1
38=================================================================== 38===================================================================
39--- a/ssh.1 39--- a/ssh.1
40+++ b/ssh.1 40+++ b/ssh.1
41@@ -1324,6 +1324,8 @@ 41@@ -1290,6 +1290,8 @@
42 .Xr ssh_config 5 . 42 .Xr ssh_config 5 .
43 Because of the potential for abuse, this file must have strict permissions: 43 Because of the potential for abuse, this file must have strict permissions:
44 read/write for the user, and not accessible by others. 44 read/write for the user, and not accessible by others.
@@ -51,7 +51,7 @@ Index: b/ssh_config.5
51=================================================================== 51===================================================================
52--- a/ssh_config.5 52--- a/ssh_config.5
53+++ b/ssh_config.5 53+++ b/ssh_config.5
54@@ -1204,6 +1204,8 @@ 54@@ -1235,6 +1235,8 @@
55 This file is used by the SSH client. 55 This file is used by the SSH client.
56 Because of the potential for abuse, this file must have strict permissions: 56 Because of the potential for abuse, this file must have strict permissions:
57 read/write for the user, and not accessible by others. 57 read/write for the user, and not accessible by others.
@@ -64,7 +64,7 @@ Index: b/auth.c
64=================================================================== 64===================================================================
65--- a/auth.c 65--- a/auth.c
66+++ b/auth.c 66+++ b/auth.c
67@@ -385,8 +385,7 @@ 67@@ -393,8 +393,7 @@
68 user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); 68 user_hostfile = tilde_expand_filename(userfile, pw->pw_uid);
69 if (options.strict_modes && 69 if (options.strict_modes &&
70 (stat(user_hostfile, &st) == 0) && 70 (stat(user_hostfile, &st) == 0) &&
@@ -74,7 +74,7 @@ Index: b/auth.c
74 logit("Authentication refused for %.100s: " 74 logit("Authentication refused for %.100s: "
75 "bad owner or modes for %.200s", 75 "bad owner or modes for %.200s",
76 pw->pw_name, user_hostfile); 76 pw->pw_name, user_hostfile);
77@@ -438,8 +437,7 @@ 77@@ -448,8 +447,7 @@
78 78
79 /* check the open file to avoid races */ 79 /* check the open file to avoid races */
80 if (fstat(fileno(f), &st) < 0 || 80 if (fstat(fileno(f), &st) < 0 ||
@@ -84,7 +84,7 @@ Index: b/auth.c
84 snprintf(err, errlen, "bad ownership or modes for file %s", 84 snprintf(err, errlen, "bad ownership or modes for file %s",
85 buf); 85 buf);
86 return -1; 86 return -1;
87@@ -455,8 +453,7 @@ 87@@ -465,8 +463,7 @@
88 88
89 debug3("secure_filename: checking '%s'", buf); 89 debug3("secure_filename: checking '%s'", buf);
90 if (stat(buf, &st) < 0 || 90 if (stat(buf, &st) < 0 ||
@@ -109,7 +109,7 @@ Index: b/misc.c
109 #ifdef SSH_TUN_OPENBSD 109 #ifdef SSH_TUN_OPENBSD
110 #include <net/if.h> 110 #include <net/if.h>
111 #endif 111 #endif
112@@ -638,6 +639,55 @@ 112@@ -639,6 +640,55 @@
113 } 113 }
114 114
115 int 115 int
@@ -169,7 +169,7 @@ Index: b/misc.h
169=================================================================== 169===================================================================
170--- a/misc.h 170--- a/misc.h
171+++ b/misc.h 171+++ b/misc.h
172@@ -91,4 +91,6 @@ 172@@ -92,4 +92,6 @@
173 int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); 173 int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
174 int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); 174 int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
175 175
diff --git a/jpake.c b/jpake.c
index 130661069..cdf65f509 100644
--- a/jpake.c
+++ b/jpake.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: jpake.c,v 1.2 2009/03/05 07:18:19 djm Exp $ */ 1/* $OpenBSD: jpake.c,v 1.4 2010/07/13 23:13:16 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2008 Damien Miller. All rights reserved. 3 * Copyright (c) 2008 Damien Miller. All rights reserved.
4 * 4 *
@@ -434,7 +434,7 @@ jpake_check_confirm(const BIGNUM *k,
434 if (peer_confirm_hash_len != expected_confirm_hash_len) 434 if (peer_confirm_hash_len != expected_confirm_hash_len)
435 error("%s: confirmation length mismatch (my %u them %u)", 435 error("%s: confirmation length mismatch (my %u them %u)",
436 __func__, expected_confirm_hash_len, peer_confirm_hash_len); 436 __func__, expected_confirm_hash_len, peer_confirm_hash_len);
437 else if (memcmp(peer_confirm_hash, expected_confirm_hash, 437 else if (timingsafe_bcmp(peer_confirm_hash, expected_confirm_hash,
438 expected_confirm_hash_len) == 0) 438 expected_confirm_hash_len) == 0)
439 success = 1; 439 success = 1;
440 bzero(expected_confirm_hash, expected_confirm_hash_len); 440 bzero(expected_confirm_hash, expected_confirm_hash_len);
diff --git a/key.c b/key.c
index 768c55549..57ad9fd02 100644
--- a/key.c
+++ b/key.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: key.c,v 1.86 2010/03/15 19:40:02 stevesk Exp $ */ 1/* $OpenBSD: key.c,v 1.90 2010/07/13 23:13:16 djm Exp $ */
2/* 2/*
3 * read_bignum(): 3 * read_bignum():
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -52,6 +52,7 @@
52#include "uuencode.h" 52#include "uuencode.h"
53#include "buffer.h" 53#include "buffer.h"
54#include "log.h" 54#include "log.h"
55#include "misc.h"
55#include "ssh2.h" 56#include "ssh2.h"
56 57
57static struct KeyCert * 58static struct KeyCert *
@@ -61,7 +62,8 @@ cert_new(void)
61 62
62 cert = xcalloc(1, sizeof(*cert)); 63 cert = xcalloc(1, sizeof(*cert));
63 buffer_init(&cert->certblob); 64 buffer_init(&cert->certblob);
64 buffer_init(&cert->constraints); 65 buffer_init(&cert->critical);
66 buffer_init(&cert->extensions);
65 cert->key_id = NULL; 67 cert->key_id = NULL;
66 cert->principals = NULL; 68 cert->principals = NULL;
67 cert->signature_key = NULL; 69 cert->signature_key = NULL;
@@ -82,6 +84,7 @@ key_new(int type)
82 switch (k->type) { 84 switch (k->type) {
83 case KEY_RSA1: 85 case KEY_RSA1:
84 case KEY_RSA: 86 case KEY_RSA:
87 case KEY_RSA_CERT_V00:
85 case KEY_RSA_CERT: 88 case KEY_RSA_CERT:
86 if ((rsa = RSA_new()) == NULL) 89 if ((rsa = RSA_new()) == NULL)
87 fatal("key_new: RSA_new failed"); 90 fatal("key_new: RSA_new failed");
@@ -92,6 +95,7 @@ key_new(int type)
92 k->rsa = rsa; 95 k->rsa = rsa;
93 break; 96 break;
94 case KEY_DSA: 97 case KEY_DSA:
98 case KEY_DSA_CERT_V00:
95 case KEY_DSA_CERT: 99 case KEY_DSA_CERT:
96 if ((dsa = DSA_new()) == NULL) 100 if ((dsa = DSA_new()) == NULL)
97 fatal("key_new: DSA_new failed"); 101 fatal("key_new: DSA_new failed");
@@ -124,6 +128,7 @@ key_add_private(Key *k)
124 switch (k->type) { 128 switch (k->type) {
125 case KEY_RSA1: 129 case KEY_RSA1:
126 case KEY_RSA: 130 case KEY_RSA:
131 case KEY_RSA_CERT_V00:
127 case KEY_RSA_CERT: 132 case KEY_RSA_CERT:
128 if ((k->rsa->d = BN_new()) == NULL) 133 if ((k->rsa->d = BN_new()) == NULL)
129 fatal("key_new_private: BN_new failed"); 134 fatal("key_new_private: BN_new failed");
@@ -139,6 +144,7 @@ key_add_private(Key *k)
139 fatal("key_new_private: BN_new failed"); 144 fatal("key_new_private: BN_new failed");
140 break; 145 break;
141 case KEY_DSA: 146 case KEY_DSA:
147 case KEY_DSA_CERT_V00:
142 case KEY_DSA_CERT: 148 case KEY_DSA_CERT:
143 if ((k->dsa->priv_key = BN_new()) == NULL) 149 if ((k->dsa->priv_key = BN_new()) == NULL)
144 fatal("key_new_private: BN_new failed"); 150 fatal("key_new_private: BN_new failed");
@@ -165,7 +171,8 @@ cert_free(struct KeyCert *cert)
165 u_int i; 171 u_int i;
166 172
167 buffer_free(&cert->certblob); 173 buffer_free(&cert->certblob);
168 buffer_free(&cert->constraints); 174 buffer_free(&cert->critical);
175 buffer_free(&cert->extensions);
169 if (cert->key_id != NULL) 176 if (cert->key_id != NULL)
170 xfree(cert->key_id); 177 xfree(cert->key_id);
171 for (i = 0; i < cert->nprincipals; i++) 178 for (i = 0; i < cert->nprincipals; i++)
@@ -184,12 +191,14 @@ key_free(Key *k)
184 switch (k->type) { 191 switch (k->type) {
185 case KEY_RSA1: 192 case KEY_RSA1:
186 case KEY_RSA: 193 case KEY_RSA:
194 case KEY_RSA_CERT_V00:
187 case KEY_RSA_CERT: 195 case KEY_RSA_CERT:
188 if (k->rsa != NULL) 196 if (k->rsa != NULL)
189 RSA_free(k->rsa); 197 RSA_free(k->rsa);
190 k->rsa = NULL; 198 k->rsa = NULL;
191 break; 199 break;
192 case KEY_DSA: 200 case KEY_DSA:
201 case KEY_DSA_CERT_V00:
193 case KEY_DSA_CERT: 202 case KEY_DSA_CERT:
194 if (k->dsa != NULL) 203 if (k->dsa != NULL)
195 DSA_free(k->dsa); 204 DSA_free(k->dsa);
@@ -219,7 +228,7 @@ cert_compare(struct KeyCert *a, struct KeyCert *b)
219 return 0; 228 return 0;
220 if (buffer_len(&a->certblob) != buffer_len(&b->certblob)) 229 if (buffer_len(&a->certblob) != buffer_len(&b->certblob))
221 return 0; 230 return 0;
222 if (memcmp(buffer_ptr(&a->certblob), buffer_ptr(&b->certblob), 231 if (timingsafe_bcmp(buffer_ptr(&a->certblob), buffer_ptr(&b->certblob),
223 buffer_len(&a->certblob)) != 0) 232 buffer_len(&a->certblob)) != 0)
224 return 0; 233 return 0;
225 return 1; 234 return 1;
@@ -238,11 +247,13 @@ key_equal_public(const Key *a, const Key *b)
238 247
239 switch (a->type) { 248 switch (a->type) {
240 case KEY_RSA1: 249 case KEY_RSA1:
250 case KEY_RSA_CERT_V00:
241 case KEY_RSA_CERT: 251 case KEY_RSA_CERT:
242 case KEY_RSA: 252 case KEY_RSA:
243 return a->rsa != NULL && b->rsa != NULL && 253 return a->rsa != NULL && b->rsa != NULL &&
244 BN_cmp(a->rsa->e, b->rsa->e) == 0 && 254 BN_cmp(a->rsa->e, b->rsa->e) == 0 &&
245 BN_cmp(a->rsa->n, b->rsa->n) == 0; 255 BN_cmp(a->rsa->n, b->rsa->n) == 0;
256 case KEY_DSA_CERT_V00:
246 case KEY_DSA_CERT: 257 case KEY_DSA_CERT:
247 case KEY_DSA: 258 case KEY_DSA:
248 return a->dsa != NULL && b->dsa != NULL && 259 return a->dsa != NULL && b->dsa != NULL &&
@@ -304,6 +315,8 @@ key_fingerprint_raw(Key *k, enum fp_type dgst_type, u_int *dgst_raw_length)
304 case KEY_RSA: 315 case KEY_RSA:
305 key_to_blob(k, &blob, &len); 316 key_to_blob(k, &blob, &len);
306 break; 317 break;
318 case KEY_DSA_CERT_V00:
319 case KEY_RSA_CERT_V00:
307 case KEY_DSA_CERT: 320 case KEY_DSA_CERT:
308 case KEY_RSA_CERT: 321 case KEY_RSA_CERT:
309 /* We want a fingerprint of the _key_ not of the cert */ 322 /* We want a fingerprint of the _key_ not of the cert */
@@ -631,6 +644,8 @@ key_read(Key *ret, char **cpp)
631 case KEY_UNSPEC: 644 case KEY_UNSPEC:
632 case KEY_RSA: 645 case KEY_RSA:
633 case KEY_DSA: 646 case KEY_DSA:
647 case KEY_DSA_CERT_V00:
648 case KEY_RSA_CERT_V00:
634 case KEY_DSA_CERT: 649 case KEY_DSA_CERT:
635 case KEY_RSA_CERT: 650 case KEY_RSA_CERT:
636 space = strchr(cp, ' '); 651 space = strchr(cp, ' ');
@@ -757,11 +772,13 @@ key_write(const Key *key, FILE *f)
757 error("key_write: failed for RSA key"); 772 error("key_write: failed for RSA key");
758 return 0; 773 return 0;
759 case KEY_DSA: 774 case KEY_DSA:
775 case KEY_DSA_CERT_V00:
760 case KEY_DSA_CERT: 776 case KEY_DSA_CERT:
761 if (key->dsa == NULL) 777 if (key->dsa == NULL)
762 return 0; 778 return 0;
763 break; 779 break;
764 case KEY_RSA: 780 case KEY_RSA:
781 case KEY_RSA_CERT_V00:
765 case KEY_RSA_CERT: 782 case KEY_RSA_CERT:
766 if (key->rsa == NULL) 783 if (key->rsa == NULL)
767 return 0; 784 return 0;
@@ -793,6 +810,10 @@ key_type(const Key *k)
793 return "RSA"; 810 return "RSA";
794 case KEY_DSA: 811 case KEY_DSA:
795 return "DSA"; 812 return "DSA";
813 case KEY_RSA_CERT_V00:
814 return "RSA-CERT-V00";
815 case KEY_DSA_CERT_V00:
816 return "DSA-CERT-V00";
796 case KEY_RSA_CERT: 817 case KEY_RSA_CERT:
797 return "RSA-CERT"; 818 return "RSA-CERT";
798 case KEY_DSA_CERT: 819 case KEY_DSA_CERT:
@@ -822,10 +843,14 @@ key_ssh_name(const Key *k)
822 return "ssh-rsa"; 843 return "ssh-rsa";
823 case KEY_DSA: 844 case KEY_DSA:
824 return "ssh-dss"; 845 return "ssh-dss";
825 case KEY_RSA_CERT: 846 case KEY_RSA_CERT_V00:
826 return "ssh-rsa-cert-v00@openssh.com"; 847 return "ssh-rsa-cert-v00@openssh.com";
827 case KEY_DSA_CERT: 848 case KEY_DSA_CERT_V00:
828 return "ssh-dss-cert-v00@openssh.com"; 849 return "ssh-dss-cert-v00@openssh.com";
850 case KEY_RSA_CERT:
851 return "ssh-rsa-cert-v01@openssh.com";
852 case KEY_DSA_CERT:
853 return "ssh-dss-cert-v01@openssh.com";
829 } 854 }
830 return "ssh-unknown"; 855 return "ssh-unknown";
831} 856}
@@ -836,9 +861,11 @@ key_size(const Key *k)
836 switch (k->type) { 861 switch (k->type) {
837 case KEY_RSA1: 862 case KEY_RSA1:
838 case KEY_RSA: 863 case KEY_RSA:
864 case KEY_RSA_CERT_V00:
839 case KEY_RSA_CERT: 865 case KEY_RSA_CERT:
840 return BN_num_bits(k->rsa->n); 866 return BN_num_bits(k->rsa->n);
841 case KEY_DSA: 867 case KEY_DSA:
868 case KEY_DSA_CERT_V00:
842 case KEY_DSA_CERT: 869 case KEY_DSA_CERT:
843 return BN_num_bits(k->dsa->p); 870 return BN_num_bits(k->dsa->p);
844 } 871 }
@@ -882,6 +909,8 @@ key_generate(int type, u_int bits)
882 case KEY_RSA1: 909 case KEY_RSA1:
883 k->rsa = rsa_generate_private_key(bits); 910 k->rsa = rsa_generate_private_key(bits);
884 break; 911 break;
912 case KEY_RSA_CERT_V00:
913 case KEY_DSA_CERT_V00:
885 case KEY_RSA_CERT: 914 case KEY_RSA_CERT:
886 case KEY_DSA_CERT: 915 case KEY_DSA_CERT:
887 fatal("key_generate: cert keys cannot be generated directly"); 916 fatal("key_generate: cert keys cannot be generated directly");
@@ -912,9 +941,12 @@ key_cert_copy(const Key *from_key, struct Key *to_key)
912 buffer_append(&to->certblob, buffer_ptr(&from->certblob), 941 buffer_append(&to->certblob, buffer_ptr(&from->certblob),
913 buffer_len(&from->certblob)); 942 buffer_len(&from->certblob));
914 943
915 buffer_append(&to->constraints, buffer_ptr(&from->constraints), 944 buffer_append(&to->critical,
916 buffer_len(&from->constraints)); 945 buffer_ptr(&from->critical), buffer_len(&from->critical));
946 buffer_append(&to->extensions,
947 buffer_ptr(&from->extensions), buffer_len(&from->extensions));
917 948
949 to->serial = from->serial;
918 to->type = from->type; 950 to->type = from->type;
919 to->key_id = from->key_id == NULL ? NULL : xstrdup(from->key_id); 951 to->key_id = from->key_id == NULL ? NULL : xstrdup(from->key_id);
920 to->valid_after = from->valid_after; 952 to->valid_after = from->valid_after;
@@ -940,6 +972,7 @@ key_from_private(const Key *k)
940 Key *n = NULL; 972 Key *n = NULL;
941 switch (k->type) { 973 switch (k->type) {
942 case KEY_DSA: 974 case KEY_DSA:
975 case KEY_DSA_CERT_V00:
943 case KEY_DSA_CERT: 976 case KEY_DSA_CERT:
944 n = key_new(k->type); 977 n = key_new(k->type);
945 if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) || 978 if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) ||
@@ -950,6 +983,7 @@ key_from_private(const Key *k)
950 break; 983 break;
951 case KEY_RSA: 984 case KEY_RSA:
952 case KEY_RSA1: 985 case KEY_RSA1:
986 case KEY_RSA_CERT_V00:
953 case KEY_RSA_CERT: 987 case KEY_RSA_CERT:
954 n = key_new(k->type); 988 n = key_new(k->type);
955 if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) || 989 if ((BN_copy(n->rsa->n, k->rsa->n) == NULL) ||
@@ -979,8 +1013,12 @@ key_type_from_name(char *name)
979 } else if (strcmp(name, "ssh-dss") == 0) { 1013 } else if (strcmp(name, "ssh-dss") == 0) {
980 return KEY_DSA; 1014 return KEY_DSA;
981 } else if (strcmp(name, "ssh-rsa-cert-v00@openssh.com") == 0) { 1015 } else if (strcmp(name, "ssh-rsa-cert-v00@openssh.com") == 0) {
982 return KEY_RSA_CERT; 1016 return KEY_RSA_CERT_V00;
983 } else if (strcmp(name, "ssh-dss-cert-v00@openssh.com") == 0) { 1017 } else if (strcmp(name, "ssh-dss-cert-v00@openssh.com") == 0) {
1018 return KEY_DSA_CERT_V00;
1019 } else if (strcmp(name, "ssh-rsa-cert-v01@openssh.com") == 0) {
1020 return KEY_RSA_CERT;
1021 } else if (strcmp(name, "ssh-dss-cert-v01@openssh.com") == 0) {
984 return KEY_DSA_CERT; 1022 return KEY_DSA_CERT;
985 } else if (strcmp(name, "null") == 0) { 1023 } else if (strcmp(name, "null") == 0) {
986 return KEY_NULL; 1024 return KEY_NULL;
@@ -1014,26 +1052,31 @@ key_names_valid2(const char *names)
1014static int 1052static int
1015cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen) 1053cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen)
1016{ 1054{
1017 u_char *principals, *constraints, *sig_key, *sig; 1055 u_char *principals, *critical, *exts, *sig_key, *sig;
1018 u_int signed_len, plen, clen, sklen, slen, kidlen; 1056 u_int signed_len, plen, clen, sklen, slen, kidlen, elen;
1019 Buffer tmp; 1057 Buffer tmp;
1020 char *principal; 1058 char *principal;
1021 int ret = -1; 1059 int ret = -1;
1060 int v00 = key->type == KEY_DSA_CERT_V00 ||
1061 key->type == KEY_RSA_CERT_V00;
1022 1062
1023 buffer_init(&tmp); 1063 buffer_init(&tmp);
1024 1064
1025 /* Copy the entire key blob for verification and later serialisation */ 1065 /* Copy the entire key blob for verification and later serialisation */
1026 buffer_append(&key->cert->certblob, blob, blen); 1066 buffer_append(&key->cert->certblob, blob, blen);
1027 1067
1028 principals = constraints = sig_key = sig = NULL; 1068 elen = 0; /* Not touched for v00 certs */
1029 if (buffer_get_int_ret(&key->cert->type, b) != 0 || 1069 principals = exts = critical = sig_key = sig = NULL;
1070 if ((!v00 && buffer_get_int64_ret(&key->cert->serial, b) != 0) ||
1071 buffer_get_int_ret(&key->cert->type, b) != 0 ||
1030 (key->cert->key_id = buffer_get_string_ret(b, &kidlen)) == NULL || 1072 (key->cert->key_id = buffer_get_string_ret(b, &kidlen)) == NULL ||
1031 (principals = buffer_get_string_ret(b, &plen)) == NULL || 1073 (principals = buffer_get_string_ret(b, &plen)) == NULL ||
1032 buffer_get_int64_ret(&key->cert->valid_after, b) != 0 || 1074 buffer_get_int64_ret(&key->cert->valid_after, b) != 0 ||
1033 buffer_get_int64_ret(&key->cert->valid_before, b) != 0 || 1075 buffer_get_int64_ret(&key->cert->valid_before, b) != 0 ||
1034 (constraints = buffer_get_string_ret(b, &clen)) == NULL || 1076 (critical = buffer_get_string_ret(b, &clen)) == NULL ||
1035 /* skip nonce */ buffer_get_string_ptr_ret(b, NULL) == NULL || 1077 (!v00 && (exts = buffer_get_string_ret(b, &elen)) == NULL) ||
1036 /* skip reserved */ buffer_get_string_ptr_ret(b, NULL) == NULL || 1078 (v00 && buffer_get_string_ptr_ret(b, NULL) == NULL) || /* nonce */
1079 buffer_get_string_ptr_ret(b, NULL) == NULL || /* reserved */
1037 (sig_key = buffer_get_string_ret(b, &sklen)) == NULL) { 1080 (sig_key = buffer_get_string_ret(b, &sklen)) == NULL) {
1038 error("%s: parse error", __func__); 1081 error("%s: parse error", __func__);
1039 goto out; 1082 goto out;
@@ -1080,13 +1123,25 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen)
1080 1123
1081 buffer_clear(&tmp); 1124 buffer_clear(&tmp);
1082 1125
1083 buffer_append(&key->cert->constraints, constraints, clen); 1126 buffer_append(&key->cert->critical, critical, clen);
1084 buffer_append(&tmp, constraints, clen); 1127 buffer_append(&tmp, critical, clen);
1085 /* validate structure */ 1128 /* validate structure */
1086 while (buffer_len(&tmp) != 0) { 1129 while (buffer_len(&tmp) != 0) {
1087 if (buffer_get_string_ptr_ret(&tmp, NULL) == NULL || 1130 if (buffer_get_string_ptr_ret(&tmp, NULL) == NULL ||
1088 buffer_get_string_ptr_ret(&tmp, NULL) == NULL) { 1131 buffer_get_string_ptr_ret(&tmp, NULL) == NULL) {
1089 error("%s: Constraints data invalid", __func__); 1132 error("%s: critical option data invalid", __func__);
1133 goto out;
1134 }
1135 }
1136 buffer_clear(&tmp);
1137
1138 buffer_append(&key->cert->extensions, exts, elen);
1139 buffer_append(&tmp, exts, elen);
1140 /* validate structure */
1141 while (buffer_len(&tmp) != 0) {
1142 if (buffer_get_string_ptr_ret(&tmp, NULL) == NULL ||
1143 buffer_get_string_ptr_ret(&tmp, NULL) == NULL) {
1144 error("%s: extension data invalid", __func__);
1090 goto out; 1145 goto out;
1091 } 1146 }
1092 } 1147 }
@@ -1123,8 +1178,10 @@ cert_parse(Buffer *b, Key *key, const u_char *blob, u_int blen)
1123 buffer_free(&tmp); 1178 buffer_free(&tmp);
1124 if (principals != NULL) 1179 if (principals != NULL)
1125 xfree(principals); 1180 xfree(principals);
1126 if (constraints != NULL) 1181 if (critical != NULL)
1127 xfree(constraints); 1182 xfree(critical);
1183 if (exts != NULL)
1184 xfree(exts);
1128 if (sig_key != NULL) 1185 if (sig_key != NULL)
1129 xfree(sig_key); 1186 xfree(sig_key);
1130 if (sig != NULL) 1187 if (sig != NULL)
@@ -1153,8 +1210,11 @@ key_from_blob(const u_char *blob, u_int blen)
1153 type = key_type_from_name(ktype); 1210 type = key_type_from_name(ktype);
1154 1211
1155 switch (type) { 1212 switch (type) {
1156 case KEY_RSA:
1157 case KEY_RSA_CERT: 1213 case KEY_RSA_CERT:
1214 (void)buffer_get_string_ptr_ret(&b, NULL); /* Skip nonce */
1215 /* FALLTHROUGH */
1216 case KEY_RSA:
1217 case KEY_RSA_CERT_V00:
1158 key = key_new(type); 1218 key = key_new(type);
1159 if (buffer_get_bignum2_ret(&b, key->rsa->e) == -1 || 1219 if (buffer_get_bignum2_ret(&b, key->rsa->e) == -1 ||
1160 buffer_get_bignum2_ret(&b, key->rsa->n) == -1) { 1220 buffer_get_bignum2_ret(&b, key->rsa->n) == -1) {
@@ -1168,8 +1228,11 @@ key_from_blob(const u_char *blob, u_int blen)
1168 RSA_print_fp(stderr, key->rsa, 8); 1228 RSA_print_fp(stderr, key->rsa, 8);
1169#endif 1229#endif
1170 break; 1230 break;
1171 case KEY_DSA:
1172 case KEY_DSA_CERT: 1231 case KEY_DSA_CERT:
1232 (void)buffer_get_string_ptr_ret(&b, NULL); /* Skip nonce */
1233 /* FALLTHROUGH */
1234 case KEY_DSA:
1235 case KEY_DSA_CERT_V00:
1173 key = key_new(type); 1236 key = key_new(type);
1174 if (buffer_get_bignum2_ret(&b, key->dsa->p) == -1 || 1237 if (buffer_get_bignum2_ret(&b, key->dsa->p) == -1 ||
1175 buffer_get_bignum2_ret(&b, key->dsa->q) == -1 || 1238 buffer_get_bignum2_ret(&b, key->dsa->q) == -1 ||
@@ -1215,6 +1278,8 @@ key_to_blob(const Key *key, u_char **blobp, u_int *lenp)
1215 } 1278 }
1216 buffer_init(&b); 1279 buffer_init(&b);
1217 switch (key->type) { 1280 switch (key->type) {
1281 case KEY_DSA_CERT_V00:
1282 case KEY_RSA_CERT_V00:
1218 case KEY_DSA_CERT: 1283 case KEY_DSA_CERT:
1219 case KEY_RSA_CERT: 1284 case KEY_RSA_CERT:
1220 /* Use the existing blob */ 1285 /* Use the existing blob */
@@ -1257,9 +1322,11 @@ key_sign(
1257 const u_char *data, u_int datalen) 1322 const u_char *data, u_int datalen)
1258{ 1323{
1259 switch (key->type) { 1324 switch (key->type) {
1325 case KEY_DSA_CERT_V00:
1260 case KEY_DSA_CERT: 1326 case KEY_DSA_CERT:
1261 case KEY_DSA: 1327 case KEY_DSA:
1262 return ssh_dss_sign(key, sigp, lenp, data, datalen); 1328 return ssh_dss_sign(key, sigp, lenp, data, datalen);
1329 case KEY_RSA_CERT_V00:
1263 case KEY_RSA_CERT: 1330 case KEY_RSA_CERT:
1264 case KEY_RSA: 1331 case KEY_RSA:
1265 return ssh_rsa_sign(key, sigp, lenp, data, datalen); 1332 return ssh_rsa_sign(key, sigp, lenp, data, datalen);
@@ -1283,9 +1350,11 @@ key_verify(
1283 return -1; 1350 return -1;
1284 1351
1285 switch (key->type) { 1352 switch (key->type) {
1353 case KEY_DSA_CERT_V00:
1286 case KEY_DSA_CERT: 1354 case KEY_DSA_CERT:
1287 case KEY_DSA: 1355 case KEY_DSA:
1288 return ssh_dss_verify(key, signature, signaturelen, data, datalen); 1356 return ssh_dss_verify(key, signature, signaturelen, data, datalen);
1357 case KEY_RSA_CERT_V00:
1289 case KEY_RSA_CERT: 1358 case KEY_RSA_CERT:
1290 case KEY_RSA: 1359 case KEY_RSA:
1291 return ssh_rsa_verify(key, signature, signaturelen, data, datalen); 1360 return ssh_rsa_verify(key, signature, signaturelen, data, datalen);
@@ -1308,6 +1377,7 @@ key_demote(const Key *k)
1308 pk->rsa = NULL; 1377 pk->rsa = NULL;
1309 1378
1310 switch (k->type) { 1379 switch (k->type) {
1380 case KEY_RSA_CERT_V00:
1311 case KEY_RSA_CERT: 1381 case KEY_RSA_CERT:
1312 key_cert_copy(k, pk); 1382 key_cert_copy(k, pk);
1313 /* FALLTHROUGH */ 1383 /* FALLTHROUGH */
@@ -1320,6 +1390,7 @@ key_demote(const Key *k)
1320 if ((pk->rsa->n = BN_dup(k->rsa->n)) == NULL) 1390 if ((pk->rsa->n = BN_dup(k->rsa->n)) == NULL)
1321 fatal("key_demote: BN_dup failed"); 1391 fatal("key_demote: BN_dup failed");
1322 break; 1392 break;
1393 case KEY_DSA_CERT_V00:
1323 case KEY_DSA_CERT: 1394 case KEY_DSA_CERT:
1324 key_cert_copy(k, pk); 1395 key_cert_copy(k, pk);
1325 /* FALLTHROUGH */ 1396 /* FALLTHROUGH */
@@ -1346,8 +1417,17 @@ key_demote(const Key *k)
1346int 1417int
1347key_is_cert(const Key *k) 1418key_is_cert(const Key *k)
1348{ 1419{
1349 return k != NULL && 1420 if (k == NULL)
1350 (k->type == KEY_RSA_CERT || k->type == KEY_DSA_CERT); 1421 return 0;
1422 switch (k->type) {
1423 case KEY_RSA_CERT_V00:
1424 case KEY_DSA_CERT_V00:
1425 case KEY_RSA_CERT:
1426 case KEY_DSA_CERT:
1427 return 1;
1428 default:
1429 return 0;
1430 }
1351} 1431}
1352 1432
1353/* Return the cert-less equivalent to a certified key type */ 1433/* Return the cert-less equivalent to a certified key type */
@@ -1355,8 +1435,10 @@ int
1355key_type_plain(int type) 1435key_type_plain(int type)
1356{ 1436{
1357 switch (type) { 1437 switch (type) {
1438 case KEY_RSA_CERT_V00:
1358 case KEY_RSA_CERT: 1439 case KEY_RSA_CERT:
1359 return KEY_RSA; 1440 return KEY_RSA;
1441 case KEY_DSA_CERT_V00:
1360 case KEY_DSA_CERT: 1442 case KEY_DSA_CERT:
1361 return KEY_DSA; 1443 return KEY_DSA;
1362 default: 1444 default:
@@ -1366,16 +1448,16 @@ key_type_plain(int type)
1366 1448
1367/* Convert a KEY_RSA or KEY_DSA to their _CERT equivalent */ 1449/* Convert a KEY_RSA or KEY_DSA to their _CERT equivalent */
1368int 1450int
1369key_to_certified(Key *k) 1451key_to_certified(Key *k, int legacy)
1370{ 1452{
1371 switch (k->type) { 1453 switch (k->type) {
1372 case KEY_RSA: 1454 case KEY_RSA:
1373 k->cert = cert_new(); 1455 k->cert = cert_new();
1374 k->type = KEY_RSA_CERT; 1456 k->type = legacy ? KEY_RSA_CERT_V00 : KEY_RSA_CERT;
1375 return 0; 1457 return 0;
1376 case KEY_DSA: 1458 case KEY_DSA:
1377 k->cert = cert_new(); 1459 k->cert = cert_new();
1378 k->type = KEY_DSA_CERT; 1460 k->type = legacy ? KEY_DSA_CERT_V00 : KEY_DSA_CERT;
1379 return 0; 1461 return 0;
1380 default: 1462 default:
1381 error("%s: key has incorrect type %s", __func__, key_type(k)); 1463 error("%s: key has incorrect type %s", __func__, key_type(k));
@@ -1388,10 +1470,12 @@ int
1388key_drop_cert(Key *k) 1470key_drop_cert(Key *k)
1389{ 1471{
1390 switch (k->type) { 1472 switch (k->type) {
1473 case KEY_RSA_CERT_V00:
1391 case KEY_RSA_CERT: 1474 case KEY_RSA_CERT:
1392 cert_free(k->cert); 1475 cert_free(k->cert);
1393 k->type = KEY_RSA; 1476 k->type = KEY_RSA;
1394 return 0; 1477 return 0;
1478 case KEY_DSA_CERT_V00:
1395 case KEY_DSA_CERT: 1479 case KEY_DSA_CERT:
1396 cert_free(k->cert); 1480 cert_free(k->cert);
1397 k->type = KEY_DSA; 1481 k->type = KEY_DSA;
@@ -1432,13 +1516,21 @@ key_certify(Key *k, Key *ca)
1432 buffer_clear(&k->cert->certblob); 1516 buffer_clear(&k->cert->certblob);
1433 buffer_put_cstring(&k->cert->certblob, key_ssh_name(k)); 1517 buffer_put_cstring(&k->cert->certblob, key_ssh_name(k));
1434 1518
1519 /* -v01 certs put nonce first */
1520 if (k->type == KEY_DSA_CERT || k->type == KEY_RSA_CERT) {
1521 arc4random_buf(&nonce, sizeof(nonce));
1522 buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce));
1523 }
1524
1435 switch (k->type) { 1525 switch (k->type) {
1526 case KEY_DSA_CERT_V00:
1436 case KEY_DSA_CERT: 1527 case KEY_DSA_CERT:
1437 buffer_put_bignum2(&k->cert->certblob, k->dsa->p); 1528 buffer_put_bignum2(&k->cert->certblob, k->dsa->p);
1438 buffer_put_bignum2(&k->cert->certblob, k->dsa->q); 1529 buffer_put_bignum2(&k->cert->certblob, k->dsa->q);
1439 buffer_put_bignum2(&k->cert->certblob, k->dsa->g); 1530 buffer_put_bignum2(&k->cert->certblob, k->dsa->g);
1440 buffer_put_bignum2(&k->cert->certblob, k->dsa->pub_key); 1531 buffer_put_bignum2(&k->cert->certblob, k->dsa->pub_key);
1441 break; 1532 break;
1533 case KEY_RSA_CERT_V00:
1442 case KEY_RSA_CERT: 1534 case KEY_RSA_CERT:
1443 buffer_put_bignum2(&k->cert->certblob, k->rsa->e); 1535 buffer_put_bignum2(&k->cert->certblob, k->rsa->e);
1444 buffer_put_bignum2(&k->cert->certblob, k->rsa->n); 1536 buffer_put_bignum2(&k->cert->certblob, k->rsa->n);
@@ -1450,6 +1542,10 @@ key_certify(Key *k, Key *ca)
1450 return -1; 1542 return -1;
1451 } 1543 }
1452 1544
1545 /* -v01 certs have a serial number next */
1546 if (k->type == KEY_DSA_CERT || k->type == KEY_RSA_CERT)
1547 buffer_put_int64(&k->cert->certblob, k->cert->serial);
1548
1453 buffer_put_int(&k->cert->certblob, k->cert->type); 1549 buffer_put_int(&k->cert->certblob, k->cert->type);
1454 buffer_put_cstring(&k->cert->certblob, k->cert->key_id); 1550 buffer_put_cstring(&k->cert->certblob, k->cert->key_id);
1455 1551
@@ -1463,11 +1559,19 @@ key_certify(Key *k, Key *ca)
1463 buffer_put_int64(&k->cert->certblob, k->cert->valid_after); 1559 buffer_put_int64(&k->cert->certblob, k->cert->valid_after);
1464 buffer_put_int64(&k->cert->certblob, k->cert->valid_before); 1560 buffer_put_int64(&k->cert->certblob, k->cert->valid_before);
1465 buffer_put_string(&k->cert->certblob, 1561 buffer_put_string(&k->cert->certblob,
1466 buffer_ptr(&k->cert->constraints), 1562 buffer_ptr(&k->cert->critical), buffer_len(&k->cert->critical));
1467 buffer_len(&k->cert->constraints)); 1563
1564 /* -v01 certs have non-critical options here */
1565 if (k->type == KEY_DSA_CERT || k->type == KEY_RSA_CERT) {
1566 buffer_put_string(&k->cert->certblob,
1567 buffer_ptr(&k->cert->extensions),
1568 buffer_len(&k->cert->extensions));
1569 }
1570
1571 /* -v00 certs put the nonce at the end */
1572 if (k->type == KEY_DSA_CERT_V00 || k->type == KEY_RSA_CERT_V00)
1573 buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce));
1468 1574
1469 arc4random_buf(&nonce, sizeof(nonce));
1470 buffer_put_string(&k->cert->certblob, nonce, sizeof(nonce));
1471 buffer_put_string(&k->cert->certblob, NULL, 0); /* reserved */ 1575 buffer_put_string(&k->cert->certblob, NULL, 0); /* reserved */
1472 buffer_put_string(&k->cert->certblob, ca_blob, ca_len); 1576 buffer_put_string(&k->cert->certblob, ca_blob, ca_len);
1473 xfree(ca_blob); 1577 xfree(ca_blob);
@@ -1522,7 +1626,7 @@ key_cert_check_authority(const Key *k, int want_host, int require_principal,
1522 *reason = "Certificate lacks principal list"; 1626 *reason = "Certificate lacks principal list";
1523 return -1; 1627 return -1;
1524 } 1628 }
1525 } else { 1629 } else if (name != NULL) {
1526 principal_matches = 0; 1630 principal_matches = 0;
1527 for (i = 0; i < k->cert->nprincipals; i++) { 1631 for (i = 0; i < k->cert->nprincipals; i++) {
1528 if (strcmp(name, k->cert->principals[i]) == 0) { 1632 if (strcmp(name, k->cert->principals[i]) == 0) {
@@ -1538,3 +1642,15 @@ key_cert_check_authority(const Key *k, int want_host, int require_principal,
1538 } 1642 }
1539 return 0; 1643 return 0;
1540} 1644}
1645
1646int
1647key_cert_is_legacy(Key *k)
1648{
1649 switch (k->type) {
1650 case KEY_DSA_CERT_V00:
1651 case KEY_RSA_CERT_V00:
1652 return 1;
1653 default:
1654 return 0;
1655 }
1656}
diff --git a/key.h b/key.h
index 69254cf12..810f2aaae 100644
--- a/key.h
+++ b/key.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: key.h,v 1.29 2010/03/15 19:40:02 stevesk Exp $ */ 1/* $OpenBSD: key.h,v 1.30 2010/04/16 01:47:26 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
@@ -37,6 +37,8 @@ enum types {
37 KEY_DSA, 37 KEY_DSA,
38 KEY_RSA_CERT, 38 KEY_RSA_CERT,
39 KEY_DSA_CERT, 39 KEY_DSA_CERT,
40 KEY_RSA_CERT_V00,
41 KEY_DSA_CERT_V00,
40 KEY_NULL, 42 KEY_NULL,
41 KEY_UNSPEC 43 KEY_UNSPEC
42}; 44};
@@ -57,11 +59,13 @@ enum fp_rep {
57struct KeyCert { 59struct KeyCert {
58 Buffer certblob; /* Kept around for use on wire */ 60 Buffer certblob; /* Kept around for use on wire */
59 u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */ 61 u_int type; /* SSH2_CERT_TYPE_USER or SSH2_CERT_TYPE_HOST */
62 u_int64_t serial;
60 char *key_id; 63 char *key_id;
61 u_int nprincipals; 64 u_int nprincipals;
62 char **principals; 65 char **principals;
63 u_int64_t valid_after, valid_before; 66 u_int64_t valid_after, valid_before;
64 Buffer constraints; 67 Buffer critical;
68 Buffer extensions;
65 Key *signature_key; 69 Key *signature_key;
66}; 70};
67 71
@@ -93,12 +97,13 @@ Key *key_from_private(const Key *);
93int key_type_from_name(char *); 97int key_type_from_name(char *);
94int key_is_cert(const Key *); 98int key_is_cert(const Key *);
95int key_type_plain(int); 99int key_type_plain(int);
96int key_to_certified(Key *); 100int key_to_certified(Key *, int);
97int key_drop_cert(Key *); 101int key_drop_cert(Key *);
98int key_certify(Key *, Key *); 102int key_certify(Key *, Key *);
99void key_cert_copy(const Key *, struct Key *); 103void key_cert_copy(const Key *, struct Key *);
100int key_cert_check_authority(const Key *, int, int, const char *, 104int key_cert_check_authority(const Key *, int, int, const char *,
101 const char **); 105 const char **);
106int key_cert_is_legacy(Key *);
102 107
103Key *key_from_blob(const u_char *, u_int); 108Key *key_from_blob(const u_char *, u_int);
104int key_to_blob(const Key *, u_char **, u_int *); 109int key_to_blob(const Key *, u_char **, u_int *);
diff --git a/loginrec.h b/loginrec.h
index 859e1a630..84b486590 100644
--- a/loginrec.h
+++ b/loginrec.h
@@ -56,7 +56,7 @@ union login_netinfo {
56/* string lengths - set very long */ 56/* string lengths - set very long */
57#define LINFO_PROGSIZE 64 57#define LINFO_PROGSIZE 64
58#define LINFO_LINESIZE 64 58#define LINFO_LINESIZE 64
59#define LINFO_NAMESIZE 128 59#define LINFO_NAMESIZE 512
60#define LINFO_HOSTSIZE 256 60#define LINFO_HOSTSIZE 256
61 61
62struct logininfo { 62struct logininfo {
diff --git a/misc.c b/misc.c
index f9da621d6..20d4300d9 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: misc.c,v 1.75 2010/01/09 23:04:13 dtucker Exp $ */ 1/* $OpenBSD: misc.c,v 1.80 2010/07/21 02:10:58 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved. 4 * Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@@ -179,6 +179,7 @@ strdelim(char **s)
179 return (NULL); /* no matching quote */ 179 return (NULL); /* no matching quote */
180 } else { 180 } else {
181 *s[0] = '\0'; 181 *s[0] = '\0';
182 *s += strspn(*s + 1, WHITESPACE) + 1;
182 return (old); 183 return (old);
183 } 184 }
184 } 185 }
@@ -426,7 +427,7 @@ colon(char *cp)
426 int flag = 0; 427 int flag = 0;
427 428
428 if (*cp == ':') /* Leading colon is part of file name. */ 429 if (*cp == ':') /* Leading colon is part of file name. */
429 return (0); 430 return NULL;
430 if (*cp == '[') 431 if (*cp == '[')
431 flag = 1; 432 flag = 1;
432 433
@@ -438,9 +439,9 @@ colon(char *cp)
438 if (*cp == ':' && !flag) 439 if (*cp == ':' && !flag)
439 return (cp); 440 return (cp);
440 if (*cp == '/') 441 if (*cp == '/')
441 return (0); 442 return NULL;
442 } 443 }
443 return (0); 444 return NULL;
444} 445}
445 446
446/* function to assist building execv() arguments */ 447/* function to assist building execv() arguments */
@@ -899,6 +900,16 @@ ms_to_timeval(struct timeval *tv, int ms)
899 tv->tv_usec = (ms % 1000) * 1000; 900 tv->tv_usec = (ms % 1000) * 1000;
900} 901}
901 902
903int
904timingsafe_bcmp(const void *b1, const void *b2, size_t n)
905{
906 const unsigned char *p1 = b1, *p2 = b2;
907 int ret = 0;
908
909 for (; n > 0; n--)
910 ret |= *p1++ ^ *p2++;
911 return (ret != 0);
912}
902void 913void
903sock_set_v6only(int s) 914sock_set_v6only(int s)
904{ 915{
diff --git a/misc.h b/misc.h
index 8fbfc7985..8fc9b9f94 100644
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: misc.h,v 1.41 2010/01/09 23:04:13 dtucker Exp $ */ 1/* $OpenBSD: misc.h,v 1.43 2010/07/13 23:13:16 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -36,6 +36,7 @@ void sanitise_stdfd(void);
36void ms_subtract_diff(struct timeval *, int *); 36void ms_subtract_diff(struct timeval *, int *);
37void ms_to_timeval(struct timeval *, int); 37void ms_to_timeval(struct timeval *, int);
38void sock_set_v6only(int); 38void sock_set_v6only(int);
39int timingsafe_bcmp(const void *, const void *, size_t);
39 40
40struct passwd *pwcopy(struct passwd *); 41struct passwd *pwcopy(struct passwd *);
41const char *ssh_gai_strerror(int); 42const char *ssh_gai_strerror(int);
diff --git a/moduli.0 b/moduli.0
index e3fea22a9..6d707ff82 100644
--- a/moduli.0
+++ b/moduli.0
@@ -14,11 +14,12 @@ DESCRIPTION
14 are prime and are safe for use in Diffie Hellman operations by sshd(8). 14 are prime and are safe for use in Diffie Hellman operations by sshd(8).
15 This moduli format is used as the output from each pass. 15 This moduli format is used as the output from each pass.
16 16
17 The file consists of newline-separated records, one per modulus, contain- 17 The file consists of newline-separated records, one per modulus,
18 ing seven space separated fields. These fields are as follows: 18 containing seven space separated fields. These fields are as follows:
19 19
20 timestamp The time that the modulus was last processed as YYYYM- 20
21 MDDHHMMSS. 21 timestamp The time that the modulus was last processed as
22 YYYYMMDDHHMMSS.
22 23
23 type Decimal number specifying the internal structure of 24 type Decimal number specifying the internal structure of
24 the prime modulus. Supported types are: 25 the prime modulus. Supported types are:
@@ -69,4 +70,4 @@ SEE ALSO
69 Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer 70 Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer
70 Protocol, RFC 4419, 2006. 71 Protocol, RFC 4419, 2006.
71 72
72OpenBSD 4.7 June 26, 2008 2 73OpenBSD 4.8 June 26, 2008 OpenBSD 4.8
diff --git a/monitor.c b/monitor.c
index a1f4a2e05..f30f7d591 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: monitor.c,v 1.106 2010/03/07 11:57:13 dtucker Exp $ */ 1/* $OpenBSD: monitor.c,v 1.108 2010/07/13 23:13:16 djm Exp $ */
2/* 2/*
3 * Copyright 2002 Niels Provos <provos@citi.umich.edu> 3 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
4 * Copyright 2002 Markus Friedl <markus@openbsd.org> 4 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -537,7 +537,7 @@ monitor_allowed_key(u_char *blob, u_int bloblen)
537{ 537{
538 /* make sure key is allowed */ 538 /* make sure key is allowed */
539 if (key_blob == NULL || key_bloblen != bloblen || 539 if (key_blob == NULL || key_bloblen != bloblen ||
540 memcmp(key_blob, blob, key_bloblen)) 540 timingsafe_bcmp(key_blob, blob, key_bloblen))
541 return (0); 541 return (0);
542 return (1); 542 return (1);
543} 543}
@@ -965,8 +965,8 @@ mm_answer_pam_init_ctx(int sock, Buffer *m)
965int 965int
966mm_answer_pam_query(int sock, Buffer *m) 966mm_answer_pam_query(int sock, Buffer *m)
967{ 967{
968 char *name, *info, **prompts; 968 char *name = NULL, *info = NULL, **prompts = NULL;
969 u_int i, num, *echo_on; 969 u_int i, num = 0, *echo_on = 0;
970 int ret; 970 int ret;
971 971
972 debug3("%s", __func__); 972 debug3("%s", __func__);
@@ -1146,14 +1146,14 @@ monitor_valid_userblob(u_char *data, u_int datalen)
1146 len = buffer_len(&b); 1146 len = buffer_len(&b);
1147 if ((session_id2 == NULL) || 1147 if ((session_id2 == NULL) ||
1148 (len < session_id2_len) || 1148 (len < session_id2_len) ||
1149 (memcmp(p, session_id2, session_id2_len) != 0)) 1149 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1150 fail++; 1150 fail++;
1151 buffer_consume(&b, session_id2_len); 1151 buffer_consume(&b, session_id2_len);
1152 } else { 1152 } else {
1153 p = buffer_get_string(&b, &len); 1153 p = buffer_get_string(&b, &len);
1154 if ((session_id2 == NULL) || 1154 if ((session_id2 == NULL) ||
1155 (len != session_id2_len) || 1155 (len != session_id2_len) ||
1156 (memcmp(p, session_id2, session_id2_len) != 0)) 1156 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1157 fail++; 1157 fail++;
1158 xfree(p); 1158 xfree(p);
1159 } 1159 }
@@ -1201,7 +1201,7 @@ monitor_valid_hostbasedblob(u_char *data, u_int datalen, char *cuser,
1201 p = buffer_get_string(&b, &len); 1201 p = buffer_get_string(&b, &len);
1202 if ((session_id2 == NULL) || 1202 if ((session_id2 == NULL) ||
1203 (len != session_id2_len) || 1203 (len != session_id2_len) ||
1204 (memcmp(p, session_id2, session_id2_len) != 0)) 1204 (timingsafe_bcmp(p, session_id2, session_id2_len) != 0))
1205 fail++; 1205 fail++;
1206 xfree(p); 1206 xfree(p);
1207 1207
@@ -1725,9 +1725,9 @@ mm_get_kex(Buffer *m)
1725 1725
1726 kex = xcalloc(1, sizeof(*kex)); 1726 kex = xcalloc(1, sizeof(*kex));
1727 kex->session_id = buffer_get_string(m, &kex->session_id_len); 1727 kex->session_id = buffer_get_string(m, &kex->session_id_len);
1728 if ((session_id2 == NULL) || 1728 if (session_id2 == NULL ||
1729 (kex->session_id_len != session_id2_len) || 1729 kex->session_id_len != session_id2_len ||
1730 (memcmp(kex->session_id, session_id2, session_id2_len) != 0)) 1730 timingsafe_bcmp(kex->session_id, session_id2, session_id2_len) != 0)
1731 fatal("mm_get_get: internal error: bad session id"); 1731 fatal("mm_get_get: internal error: bad session id");
1732 kex->we_need = buffer_get_int(m); 1732 kex->we_need = buffer_get_int(m);
1733 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; 1733 kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server;
diff --git a/mux.c b/mux.c
index 825fb7a9a..5c3857ee8 100644
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mux.c,v 1.14 2010/01/30 02:54:53 djm Exp $ */ 1/* $OpenBSD: mux.c,v 1.21 2010/06/25 23:15:36 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
4 * 4 *
@@ -71,6 +71,7 @@
71#include "xmalloc.h" 71#include "xmalloc.h"
72#include "log.h" 72#include "log.h"
73#include "ssh.h" 73#include "ssh.h"
74#include "ssh2.h"
74#include "pathnames.h" 75#include "pathnames.h"
75#include "misc.h" 76#include "misc.h"
76#include "match.h" 77#include "match.h"
@@ -106,6 +107,14 @@ struct mux_session_confirm_ctx {
106 char *term; 107 char *term;
107 struct termios tio; 108 struct termios tio;
108 char **env; 109 char **env;
110 u_int rid;
111};
112
113/* Context for global channel callback */
114struct mux_channel_confirm_ctx {
115 u_int cid; /* channel id */
116 u_int rid; /* request id */
117 int fid; /* forward id */
109}; 118};
110 119
111/* fd to control socket */ 120/* fd to control socket */
@@ -143,13 +152,14 @@ struct mux_master_state {
143#define MUX_S_EXIT_MESSAGE 0x80000004 152#define MUX_S_EXIT_MESSAGE 0x80000004
144#define MUX_S_ALIVE 0x80000005 153#define MUX_S_ALIVE 0x80000005
145#define MUX_S_SESSION_OPENED 0x80000006 154#define MUX_S_SESSION_OPENED 0x80000006
155#define MUX_S_REMOTE_PORT 0x80000007
146 156
147/* type codes for MUX_C_OPEN_FWD and MUX_C_CLOSE_FWD */ 157/* type codes for MUX_C_OPEN_FWD and MUX_C_CLOSE_FWD */
148#define MUX_FWD_LOCAL 1 158#define MUX_FWD_LOCAL 1
149#define MUX_FWD_REMOTE 2 159#define MUX_FWD_REMOTE 2
150#define MUX_FWD_DYNAMIC 3 160#define MUX_FWD_DYNAMIC 3
151 161
152static void mux_session_confirm(int, void *); 162static void mux_session_confirm(int, int, void *);
153 163
154static int process_mux_master_hello(u_int, Channel *, Buffer *, Buffer *); 164static int process_mux_master_hello(u_int, Channel *, Buffer *, Buffer *);
155static int process_mux_new_session(u_int, Channel *, Buffer *, Buffer *); 165static int process_mux_new_session(u_int, Channel *, Buffer *, Buffer *);
@@ -206,7 +216,7 @@ mux_master_control_cleanup_cb(int cid, void *unused)
206 fatal("%s: channel_by_id(%i) == NULL", __func__, cid); 216 fatal("%s: channel_by_id(%i) == NULL", __func__, cid);
207 if (c->remote_id != -1) { 217 if (c->remote_id != -1) {
208 if ((sc = channel_by_id(c->remote_id)) == NULL) 218 if ((sc = channel_by_id(c->remote_id)) == NULL)
209 debug2("%s: channel %d n session channel %d", 219 fatal("%s: channel %d missing session channel %d",
210 __func__, c->self, c->remote_id); 220 __func__, c->self, c->remote_id);
211 c->remote_id = -1; 221 c->remote_id = -1;
212 sc->ctl_chan = -1; 222 sc->ctl_chan = -1;
@@ -301,6 +311,7 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r)
301 /* Reply for SSHMUX_COMMAND_OPEN */ 311 /* Reply for SSHMUX_COMMAND_OPEN */
302 cctx = xcalloc(1, sizeof(*cctx)); 312 cctx = xcalloc(1, sizeof(*cctx));
303 cctx->term = NULL; 313 cctx->term = NULL;
314 cctx->rid = rid;
304 cmd = reserved = NULL; 315 cmd = reserved = NULL;
305 if ((reserved = buffer_get_string_ret(m, NULL)) == NULL || 316 if ((reserved = buffer_get_string_ret(m, NULL)) == NULL ||
306 buffer_get_int_ret(&cctx->want_tty, m) != 0 || 317 buffer_get_int_ret(&cctx->want_tty, m) != 0 ||
@@ -454,14 +465,10 @@ process_mux_new_session(u_int rid, Channel *c, Buffer *m, Buffer *r)
454 465
455 channel_send_open(nc->self); 466 channel_send_open(nc->self);
456 channel_register_open_confirm(nc->self, mux_session_confirm, cctx); 467 channel_register_open_confirm(nc->self, mux_session_confirm, cctx);
457 channel_register_cleanup(nc->self, mux_master_session_cleanup_cb, 0); 468 c->mux_pause = 1; /* stop handling messages until open_confirm done */
458 469 channel_register_cleanup(nc->self, mux_master_session_cleanup_cb, 1);
459 /* prepare reply */
460 /* XXX defer until mux_session_confirm() fires */
461 buffer_put_int(r, MUX_S_SESSION_OPENED);
462 buffer_put_int(r, rid);
463 buffer_put_int(r, nc->self);
464 470
471 /* reply is deferred, sent by mux_session_confirm */
465 return 0; 472 return 0;
466} 473}
467 474
@@ -559,6 +566,61 @@ compare_forward(Forward *a, Forward *b)
559 return 1; 566 return 1;
560} 567}
561 568
569static void
570mux_confirm_remote_forward(int type, u_int32_t seq, void *ctxt)
571{
572 struct mux_channel_confirm_ctx *fctx = ctxt;
573 char *failmsg = NULL;
574 Forward *rfwd;
575 Channel *c;
576 Buffer out;
577
578 if ((c = channel_by_id(fctx->cid)) == NULL) {
579 /* no channel for reply */
580 error("%s: unknown channel", __func__);
581 return;
582 }
583 buffer_init(&out);
584 if (fctx->fid >= options.num_remote_forwards) {
585 xasprintf(&failmsg, "unknown forwarding id %d", fctx->fid);
586 goto fail;
587 }
588 rfwd = &options.remote_forwards[fctx->fid];
589 debug("%s: %s for: listen %d, connect %s:%d", __func__,
590 type == SSH2_MSG_REQUEST_SUCCESS ? "success" : "failure",
591 rfwd->listen_port, rfwd->connect_host, rfwd->connect_port);
592 if (type == SSH2_MSG_REQUEST_SUCCESS) {
593 if (rfwd->listen_port == 0) {
594 rfwd->allocated_port = packet_get_int();
595 logit("Allocated port %u for mux remote forward"
596 " to %s:%d", rfwd->allocated_port,
597 rfwd->connect_host, rfwd->connect_port);
598 buffer_put_int(&out, MUX_S_REMOTE_PORT);
599 buffer_put_int(&out, fctx->rid);
600 buffer_put_int(&out, rfwd->allocated_port);
601 } else {
602 buffer_put_int(&out, MUX_S_OK);
603 buffer_put_int(&out, fctx->rid);
604 }
605 goto out;
606 } else {
607 xasprintf(&failmsg, "remote port forwarding failed for "
608 "listen port %d", rfwd->listen_port);
609 }
610 fail:
611 error("%s: %s", __func__, failmsg);
612 buffer_put_int(&out, MUX_S_FAILURE);
613 buffer_put_int(&out, fctx->rid);
614 buffer_put_cstring(&out, failmsg);
615 xfree(failmsg);
616 out:
617 buffer_put_string(&c->output, buffer_ptr(&out), buffer_len(&out));
618 buffer_free(&out);
619 if (c->mux_pause <= 0)
620 fatal("%s: mux_pause %d", __func__, c->mux_pause);
621 c->mux_pause = 0; /* start processing messages again */
622}
623
562static int 624static int
563process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) 625process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
564{ 626{
@@ -594,15 +656,16 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
594 ftype != MUX_FWD_DYNAMIC) { 656 ftype != MUX_FWD_DYNAMIC) {
595 logit("%s: invalid forwarding type %u", __func__, ftype); 657 logit("%s: invalid forwarding type %u", __func__, ftype);
596 invalid: 658 invalid:
597 xfree(fwd.listen_host); 659 if (fwd.listen_host)
598 xfree(fwd.connect_host); 660 xfree(fwd.listen_host);
661 if (fwd.connect_host)
662 xfree(fwd.connect_host);
599 buffer_put_int(r, MUX_S_FAILURE); 663 buffer_put_int(r, MUX_S_FAILURE);
600 buffer_put_int(r, rid); 664 buffer_put_int(r, rid);
601 buffer_put_cstring(r, "Invalid forwarding request"); 665 buffer_put_cstring(r, "Invalid forwarding request");
602 return 0; 666 return 0;
603 } 667 }
604 /* XXX support rport0 forwarding with reply of port assigned */ 668 if (fwd.listen_port >= 65536) {
605 if (fwd.listen_port == 0 || fwd.listen_port >= 65536) {
606 logit("%s: invalid listen port %u", __func__, 669 logit("%s: invalid listen port %u", __func__,
607 fwd.listen_port); 670 fwd.listen_port);
608 goto invalid; 671 goto invalid;
@@ -637,8 +700,17 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
637 case MUX_FWD_REMOTE: 700 case MUX_FWD_REMOTE:
638 for (i = 0; i < options.num_remote_forwards; i++) { 701 for (i = 0; i < options.num_remote_forwards; i++) {
639 if (compare_forward(&fwd, 702 if (compare_forward(&fwd,
640 options.remote_forwards + i)) 703 options.remote_forwards + i)) {
641 goto exists; 704 if (fwd.listen_port != 0)
705 goto exists;
706 debug2("%s: found allocated port",
707 __func__);
708 buffer_put_int(r, MUX_S_REMOTE_PORT);
709 buffer_put_int(r, rid);
710 buffer_put_int(r,
711 options.remote_forwards[i].allocated_port);
712 goto out;
713 }
642 } 714 }
643 break; 715 break;
644 } 716 }
@@ -655,9 +727,7 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
655 } 727 }
656 728
657 if (ftype == MUX_FWD_LOCAL || ftype == MUX_FWD_DYNAMIC) { 729 if (ftype == MUX_FWD_LOCAL || ftype == MUX_FWD_DYNAMIC) {
658 if (options.num_local_forwards + 1 >= 730 if (channel_setup_local_fwd_listener(fwd.listen_host,
659 SSH_MAX_FORWARDS_PER_DIRECTION ||
660 channel_setup_local_fwd_listener(fwd.listen_host,
661 fwd.listen_port, fwd.connect_host, fwd.connect_port, 731 fwd.listen_port, fwd.connect_host, fwd.connect_port,
662 options.gateway_ports) < 0) { 732 options.gateway_ports) < 0) {
663 fail: 733 fail:
@@ -670,14 +740,22 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
670 add_local_forward(&options, &fwd); 740 add_local_forward(&options, &fwd);
671 freefwd = 0; 741 freefwd = 0;
672 } else { 742 } else {
673 /* XXX wait for remote to confirm */ 743 struct mux_channel_confirm_ctx *fctx;
674 if (options.num_remote_forwards + 1 >= 744
675 SSH_MAX_FORWARDS_PER_DIRECTION || 745 if (channel_request_remote_forwarding(fwd.listen_host,
676 channel_request_remote_forwarding(fwd.listen_host,
677 fwd.listen_port, fwd.connect_host, fwd.connect_port) < 0) 746 fwd.listen_port, fwd.connect_host, fwd.connect_port) < 0)
678 goto fail; 747 goto fail;
679 add_remote_forward(&options, &fwd); 748 add_remote_forward(&options, &fwd);
749 fctx = xcalloc(1, sizeof(*fctx));
750 fctx->cid = c->self;
751 fctx->rid = rid;
752 fctx->fid = options.num_remote_forwards - 1;
753 client_register_global_confirm(mux_confirm_remote_forward,
754 fctx);
680 freefwd = 0; 755 freefwd = 0;
756 c->mux_pause = 1; /* wait for mux_confirm_remote_forward */
757 /* delayed reply in mux_confirm_remote_forward */
758 goto out;
681 } 759 }
682 buffer_put_int(r, MUX_S_OK); 760 buffer_put_int(r, MUX_S_OK);
683 buffer_put_int(r, rid); 761 buffer_put_int(r, rid);
@@ -826,7 +904,7 @@ process_mux_stdio_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r)
826 debug2("%s: channel_new: %d linked to control channel %d", 904 debug2("%s: channel_new: %d linked to control channel %d",
827 __func__, nc->self, nc->ctl_chan); 905 __func__, nc->self, nc->ctl_chan);
828 906
829 channel_register_cleanup(nc->self, mux_master_session_cleanup_cb, 0); 907 channel_register_cleanup(nc->self, mux_master_session_cleanup_cb, 1);
830 908
831 /* prepare reply */ 909 /* prepare reply */
832 /* XXX defer until channel confirmed */ 910 /* XXX defer until channel confirmed */
@@ -849,7 +927,7 @@ mux_master_read_cb(Channel *c)
849 927
850 /* Setup ctx and */ 928 /* Setup ctx and */
851 if (c->mux_ctx == NULL) { 929 if (c->mux_ctx == NULL) {
852 state = xcalloc(1, sizeof(state)); 930 state = xcalloc(1, sizeof(*state));
853 c->mux_ctx = state; 931 c->mux_ctx = state;
854 channel_register_cleanup(c->self, 932 channel_register_cleanup(c->self,
855 mux_master_control_cleanup_cb, 0); 933 mux_master_control_cleanup_cb, 0);
@@ -1000,26 +1078,43 @@ muxserver_listen(void)
1000 1078
1001/* Callback on open confirmation in mux master for a mux client session. */ 1079/* Callback on open confirmation in mux master for a mux client session. */
1002static void 1080static void
1003mux_session_confirm(int id, void *arg) 1081mux_session_confirm(int id, int success, void *arg)
1004{ 1082{
1005 struct mux_session_confirm_ctx *cctx = arg; 1083 struct mux_session_confirm_ctx *cctx = arg;
1006 const char *display; 1084 const char *display;
1007 Channel *c; 1085 Channel *c, *cc;
1008 int i; 1086 int i;
1087 Buffer reply;
1009 1088
1010 if (cctx == NULL) 1089 if (cctx == NULL)
1011 fatal("%s: cctx == NULL", __func__); 1090 fatal("%s: cctx == NULL", __func__);
1012 if ((c = channel_by_id(id)) == NULL) 1091 if ((c = channel_by_id(id)) == NULL)
1013 fatal("%s: no channel for id %d", __func__, id); 1092 fatal("%s: no channel for id %d", __func__, id);
1093 if ((cc = channel_by_id(c->ctl_chan)) == NULL)
1094 fatal("%s: channel %d lacks control channel %d", __func__,
1095 id, c->ctl_chan);
1096
1097 if (!success) {
1098 debug3("%s: sending failure reply", __func__);
1099 /* prepare reply */
1100 buffer_init(&reply);
1101 buffer_put_int(&reply, MUX_S_FAILURE);
1102 buffer_put_int(&reply, cctx->rid);
1103 buffer_put_cstring(&reply, "Session open refused by peer");
1104 goto done;
1105 }
1014 1106
1015 display = getenv("DISPLAY"); 1107 display = getenv("DISPLAY");
1016 if (cctx->want_x_fwd && options.forward_x11 && display != NULL) { 1108 if (cctx->want_x_fwd && options.forward_x11 && display != NULL) {
1017 char *proto, *data; 1109 char *proto, *data;
1110
1018 /* Get reasonable local authentication information. */ 1111 /* Get reasonable local authentication information. */
1019 client_x11_get_proto(display, options.xauth_location, 1112 client_x11_get_proto(display, options.xauth_location,
1020 options.forward_x11_trusted, &proto, &data); 1113 options.forward_x11_trusted, options.forward_x11_timeout,
1114 &proto, &data);
1021 /* Request forwarding with authentication spoofing. */ 1115 /* Request forwarding with authentication spoofing. */
1022 debug("Requesting X11 forwarding with authentication spoofing."); 1116 debug("Requesting X11 forwarding with authentication "
1117 "spoofing.");
1023 x11_request_forwarding_with_spoofing(id, display, proto, data); 1118 x11_request_forwarding_with_spoofing(id, display, proto, data);
1024 /* XXX wait for reply */ 1119 /* XXX wait for reply */
1025 } 1120 }
@@ -1033,6 +1128,21 @@ mux_session_confirm(int id, void *arg)
1033 client_session2_setup(id, cctx->want_tty, cctx->want_subsys, 1128 client_session2_setup(id, cctx->want_tty, cctx->want_subsys,
1034 cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env); 1129 cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env);
1035 1130
1131 debug3("%s: sending success reply", __func__);
1132 /* prepare reply */
1133 buffer_init(&reply);
1134 buffer_put_int(&reply, MUX_S_SESSION_OPENED);
1135 buffer_put_int(&reply, cctx->rid);
1136 buffer_put_int(&reply, c->self);
1137
1138 done:
1139 /* Send reply */
1140 buffer_put_string(&cc->output, buffer_ptr(&reply), buffer_len(&reply));
1141 buffer_free(&reply);
1142
1143 if (cc->mux_pause <= 0)
1144 fatal("%s: mux_pause %d", __func__, cc->mux_pause);
1145 cc->mux_pause = 0; /* start processing messages again */
1036 c->open_confirm_ctx = NULL; 1146 c->open_confirm_ctx = NULL;
1037 buffer_free(&cctx->cmd); 1147 buffer_free(&cctx->cmd);
1038 xfree(cctx->term); 1148 xfree(cctx->term);
@@ -1365,6 +1475,15 @@ mux_client_request_forward(int fd, u_int ftype, Forward *fwd)
1365 switch (type) { 1475 switch (type) {
1366 case MUX_S_OK: 1476 case MUX_S_OK:
1367 break; 1477 break;
1478 case MUX_S_REMOTE_PORT:
1479 fwd->allocated_port = buffer_get_int(&m);
1480 logit("Allocated port %u for remote forward to %s:%d",
1481 fwd->allocated_port,
1482 fwd->connect_host ? fwd->connect_host : "",
1483 fwd->connect_port);
1484 if (muxclient_command == SSHMUX_COMMAND_FORWARD)
1485 fprintf(stdout, "%u\n", fwd->allocated_port);
1486 break;
1368 case MUX_S_PERMISSION_DENIED: 1487 case MUX_S_PERMISSION_DENIED:
1369 e = buffer_get_string(&m, NULL); 1488 e = buffer_get_string(&m, NULL);
1370 buffer_free(&m); 1489 buffer_free(&m);
@@ -1731,6 +1850,10 @@ muxclient(const char *path)
1731 mux_client_request_terminate(sock); 1850 mux_client_request_terminate(sock);
1732 fprintf(stderr, "Exit request sent.\r\n"); 1851 fprintf(stderr, "Exit request sent.\r\n");
1733 exit(0); 1852 exit(0);
1853 case SSHMUX_COMMAND_FORWARD:
1854 if (mux_client_request_forwards(sock) != 0)
1855 fatal("%s: master forward request failed", __func__);
1856 exit(0);
1734 case SSHMUX_COMMAND_OPEN: 1857 case SSHMUX_COMMAND_OPEN:
1735 if (mux_client_request_forwards(sock) != 0) { 1858 if (mux_client_request_forwards(sock) != 0) {
1736 error("%s: master forward request failed", __func__); 1859 error("%s: master forward request failed", __func__);
diff --git a/myproposal.h b/myproposal.h
index 98f27fd15..7bedfab0a 100644
--- a/myproposal.h
+++ b/myproposal.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: myproposal.h,v 1.24 2010/02/26 20:29:54 djm Exp $ */ 1/* $OpenBSD: myproposal.h,v 1.25 2010/04/16 01:47:26 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2000 Markus Friedl. All rights reserved. 4 * Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -40,9 +40,12 @@
40 "diffie-hellman-group1-sha1" 40 "diffie-hellman-group1-sha1"
41#endif 41#endif
42 42
43#define KEX_DEFAULT_PK_ALG "ssh-rsa-cert-v00@openssh.com," \ 43#define KEX_DEFAULT_PK_ALG \
44 "ssh-dss-cert-v00@openssh.com," \ 44 "ssh-rsa-cert-v01@openssh.com," \
45 "ssh-rsa,ssh-dss" 45 "ssh-dss-cert-v01@openssh.com," \
46 "ssh-rsa-cert-v00@openssh.com," \
47 "ssh-dss-cert-v00@openssh.com," \
48 "ssh-rsa,ssh-dss"
46 49
47#define KEX_DEFAULT_ENCRYPT \ 50#define KEX_DEFAULT_ENCRYPT \
48 "aes128-ctr,aes192-ctr,aes256-ctr," \ 51 "aes128-ctr,aes192-ctr,aes256-ctr," \
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in
index d65b77b5b..d22efd66c 100644
--- a/openbsd-compat/Makefile.in
+++ b/openbsd-compat/Makefile.in
@@ -1,4 +1,4 @@
1# $Id: Makefile.in,v 1.44 2010/01/15 01:38:30 dtucker Exp $ 1# $Id: Makefile.in,v 1.45 2010/08/16 03:15:23 dtucker Exp $
2 2
3sysconfdir=@sysconfdir@ 3sysconfdir=@sysconfdir@
4piddir=@piddir@ 4piddir=@piddir@
@@ -16,7 +16,7 @@ RANLIB=@RANLIB@
16INSTALL=@INSTALL@ 16INSTALL=@INSTALL@
17LDFLAGS=-L. @LDFLAGS@ 17LDFLAGS=-L. @LDFLAGS@
18 18
19OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strsep.o strtonum.o strtoll.o strtoul.o vis.o 19OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o vis.o
20 20
21COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o 21COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o
22 22
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h
index cad2408d6..e15d2bd96 100644
--- a/openbsd-compat/openbsd-compat.h
+++ b/openbsd-compat/openbsd-compat.h
@@ -1,4 +1,4 @@
1/* $Id: openbsd-compat.h,v 1.49 2010/01/16 12:58:37 dtucker Exp $ */ 1/* $Id: openbsd-compat.h,v 1.50 2010/08/16 03:15:23 dtucker Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1999-2003 Damien Miller. All rights reserved. 4 * Copyright (c) 1999-2003 Damien Miller. All rights reserved.
@@ -87,6 +87,11 @@ int setenv(register const char *name, register const char *value, int rewrite);
87void strmode(int mode, char *p); 87void strmode(int mode, char *p);
88#endif 88#endif
89 89
90#ifndef HAVE_STRPTIME
91#include <time.h>
92char *strptime(const char *buf, const char *fmt, struct tm *tm);
93#endif
94
90#if !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP) 95#if !defined(HAVE_MKDTEMP) || defined(HAVE_STRICT_MKSTEMP)
91int mkstemps(char *path, int slen); 96int mkstemps(char *path, int slen);
92int mkstemp(char *path); 97int mkstemp(char *path);
diff --git a/openbsd-compat/openssl-compat.h b/openbsd-compat/openssl-compat.h
index fcc762867..b7caa650c 100644
--- a/openbsd-compat/openssl-compat.h
+++ b/openbsd-compat/openssl-compat.h
@@ -1,4 +1,4 @@
1/* $Id: openssl-compat.h,v 1.14 2009/03/07 11:22:35 dtucker Exp $ */ 1/* $Id: openssl-compat.h,v 1.15 2010/05/12 07:50:02 djm Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au> 4 * Copyright (c) 2005 Darren Tucker <dtucker@zip.com.au>
@@ -18,6 +18,16 @@
18 18
19#include "includes.h" 19#include "includes.h"
20#include <openssl/evp.h> 20#include <openssl/evp.h>
21#include <openssl/rsa.h>
22#include <openssl/dsa.h>
23
24/* Only in 0.9.8 */
25#ifndef OPENSSL_DSA_MAX_MODULUS_BITS
26# define OPENSSL_DSA_MAX_MODULUS_BITS 10000
27#endif
28#ifndef OPENSSL_RSA_MAX_MODULUS_BITS
29# define OPENSSL_RSA_MAX_MODULUS_BITS 16384
30#endif
21 31
22/* OPENSSL_free() is Free() in versions before OpenSSL 0.9.6 */ 32/* OPENSSL_free() is Free() in versions before OpenSSL 0.9.6 */
23#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090600f) 33#if !defined(OPENSSL_VERSION_NUMBER) || (OPENSSL_VERSION_NUMBER < 0x0090600f)
@@ -97,3 +107,4 @@ int ssh_EVP_Cipher(EVP_CIPHER_CTX *, char *, char *, int);
97int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); 107int ssh_EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
98void ssh_SSLeay_add_all_algorithms(void); 108void ssh_SSLeay_add_all_algorithms(void);
99#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */ 109#endif /* SSH_DONT_OVERLOAD_OPENSSL_FUNCS */
110
diff --git a/openbsd-compat/port-tun.c b/openbsd-compat/port-tun.c
index ddc92d0f3..0d756f74f 100644
--- a/openbsd-compat/port-tun.c
+++ b/openbsd-compat/port-tun.c
@@ -173,9 +173,11 @@ sys_tun_open(int tun, int mode)
173 173
174 if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1) 174 if (ioctl(sock, SIOCGIFFLAGS, &ifr) == -1)
175 goto failed; 175 goto failed;
176 ifr.ifr_flags |= IFF_UP; 176 if ((ifr.ifr_flags & IFF_UP) == 0) {
177 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1) 177 ifr.ifr_flags |= IFF_UP;
178 goto failed; 178 if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
179 goto failed;
180 }
179 181
180 close(sock); 182 close(sock);
181 return (fd); 183 return (fd);
diff --git a/openbsd-compat/port-uw.c b/openbsd-compat/port-uw.c
index be9905a6a..b1fbfa208 100644
--- a/openbsd-compat/port-uw.c
+++ b/openbsd-compat/port-uw.c
@@ -39,10 +39,10 @@
39#include "xmalloc.h" 39#include "xmalloc.h"
40#include "packet.h" 40#include "packet.h"
41#include "buffer.h" 41#include "buffer.h"
42#include "key.h"
42#include "auth-options.h" 43#include "auth-options.h"
43#include "log.h" 44#include "log.h"
44#include "servconf.h" 45#include "servconf.h"
45#include "key.h"
46#include "hostfile.h" 46#include "hostfile.h"
47#include "auth.h" 47#include "auth.h"
48#include "ssh.h" 48#include "ssh.h"
diff --git a/openbsd-compat/strptime.c b/openbsd-compat/strptime.c
new file mode 100644
index 000000000..d8d83d907
--- /dev/null
+++ b/openbsd-compat/strptime.c
@@ -0,0 +1,401 @@
1/* $OpenBSD: strptime.c,v 1.12 2008/06/26 05:42:05 ray Exp $ */
2/* $NetBSD: strptime.c,v 1.12 1998/01/20 21:39:40 mycroft Exp $ */
3
4/*-
5 * Copyright (c) 1997, 1998 The NetBSD Foundation, Inc.
6 * All rights reserved.
7 *
8 * This code was contributed to The NetBSD Foundation by Klaus Klein.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
31
32/* OPENBSD ORIGINAL: lib/libc/time/strptime.c */
33
34#include "includes.h"
35
36#ifndef HAVE_STRPTIME
37
38#define TM_YEAR_BASE 1900 /* from tzfile.h */
39
40#include <ctype.h>
41#include <locale.h>
42#include <string.h>
43#include <time.h>
44
45/* #define _ctloc(x) (_CurrentTimeLocale->x) */
46
47/*
48 * We do not implement alternate representations. However, we always
49 * check whether a given modifier is allowed for a certain conversion.
50 */
51#define _ALT_E 0x01
52#define _ALT_O 0x02
53#define _LEGAL_ALT(x) { if (alt_format & ~(x)) return (0); }
54
55
56static int _conv_num(const unsigned char **, int *, int, int);
57static char *_strptime(const char *, const char *, struct tm *, int);
58
59
60char *
61strptime(const char *buf, const char *fmt, struct tm *tm)
62{
63 return(_strptime(buf, fmt, tm, 1));
64}
65
66static char *
67_strptime(const char *buf, const char *fmt, struct tm *tm, int initialize)
68{
69 unsigned char c;
70 const unsigned char *bp;
71 size_t len;
72 int alt_format, i;
73 static int century, relyear;
74
75 if (initialize) {
76 century = TM_YEAR_BASE;
77 relyear = -1;
78 }
79
80 bp = (unsigned char *)buf;
81 while ((c = *fmt) != '\0') {
82 /* Clear `alternate' modifier prior to new conversion. */
83 alt_format = 0;
84
85 /* Eat up white-space. */
86 if (isspace(c)) {
87 while (isspace(*bp))
88 bp++;
89
90 fmt++;
91 continue;
92 }
93
94 if ((c = *fmt++) != '%')
95 goto literal;
96
97
98again: switch (c = *fmt++) {
99 case '%': /* "%%" is converted to "%". */
100literal:
101 if (c != *bp++)
102 return (NULL);
103
104 break;
105
106 /*
107 * "Alternative" modifiers. Just set the appropriate flag
108 * and start over again.
109 */
110 case 'E': /* "%E?" alternative conversion modifier. */
111 _LEGAL_ALT(0);
112 alt_format |= _ALT_E;
113 goto again;
114
115 case 'O': /* "%O?" alternative conversion modifier. */
116 _LEGAL_ALT(0);
117 alt_format |= _ALT_O;
118 goto again;
119
120 /*
121 * "Complex" conversion rules, implemented through recursion.
122 */
123#if 0
124 case 'c': /* Date and time, using the locale's format. */
125 _LEGAL_ALT(_ALT_E);
126 if (!(bp = _strptime(bp, _ctloc(d_t_fmt), tm, 0)))
127 return (NULL);
128 break;
129#endif
130 case 'D': /* The date as "%m/%d/%y". */
131 _LEGAL_ALT(0);
132 if (!(bp = _strptime(bp, "%m/%d/%y", tm, 0)))
133 return (NULL);
134 break;
135
136 case 'R': /* The time as "%H:%M". */
137 _LEGAL_ALT(0);
138 if (!(bp = _strptime(bp, "%H:%M", tm, 0)))
139 return (NULL);
140 break;
141
142 case 'r': /* The time as "%I:%M:%S %p". */
143 _LEGAL_ALT(0);
144 if (!(bp = _strptime(bp, "%I:%M:%S %p", tm, 0)))
145 return (NULL);
146 break;
147
148 case 'T': /* The time as "%H:%M:%S". */
149 _LEGAL_ALT(0);
150 if (!(bp = _strptime(bp, "%H:%M:%S", tm, 0)))
151 return (NULL);
152 break;
153#if 0
154 case 'X': /* The time, using the locale's format. */
155 _LEGAL_ALT(_ALT_E);
156 if (!(bp = _strptime(bp, _ctloc(t_fmt), tm, 0)))
157 return (NULL);
158 break;
159
160 case 'x': /* The date, using the locale's format. */
161 _LEGAL_ALT(_ALT_E);
162 if (!(bp = _strptime(bp, _ctloc(d_fmt), tm, 0)))
163 return (NULL);
164 break;
165#endif
166 /*
167 * "Elementary" conversion rules.
168 */
169#if 0
170 case 'A': /* The day of week, using the locale's form. */
171 case 'a':
172 _LEGAL_ALT(0);
173 for (i = 0; i < 7; i++) {
174 /* Full name. */
175 len = strlen(_ctloc(day[i]));
176 if (strncasecmp(_ctloc(day[i]), bp, len) == 0)
177 break;
178
179 /* Abbreviated name. */
180 len = strlen(_ctloc(abday[i]));
181 if (strncasecmp(_ctloc(abday[i]), bp, len) == 0)
182 break;
183 }
184
185 /* Nothing matched. */
186 if (i == 7)
187 return (NULL);
188
189 tm->tm_wday = i;
190 bp += len;
191 break;
192
193 case 'B': /* The month, using the locale's form. */
194 case 'b':
195 case 'h':
196 _LEGAL_ALT(0);
197 for (i = 0; i < 12; i++) {
198 /* Full name. */
199 len = strlen(_ctloc(mon[i]));
200 if (strncasecmp(_ctloc(mon[i]), bp, len) == 0)
201 break;
202
203 /* Abbreviated name. */
204 len = strlen(_ctloc(abmon[i]));
205 if (strncasecmp(_ctloc(abmon[i]), bp, len) == 0)
206 break;
207 }
208
209 /* Nothing matched. */
210 if (i == 12)
211 return (NULL);
212
213 tm->tm_mon = i;
214 bp += len;
215 break;
216#endif
217
218 case 'C': /* The century number. */
219 _LEGAL_ALT(_ALT_E);
220 if (!(_conv_num(&bp, &i, 0, 99)))
221 return (NULL);
222
223 century = i * 100;
224 break;
225
226 case 'd': /* The day of month. */
227 case 'e':
228 _LEGAL_ALT(_ALT_O);
229 if (!(_conv_num(&bp, &tm->tm_mday, 1, 31)))
230 return (NULL);
231 break;
232
233 case 'k': /* The hour (24-hour clock representation). */
234 _LEGAL_ALT(0);
235 /* FALLTHROUGH */
236 case 'H':
237 _LEGAL_ALT(_ALT_O);
238 if (!(_conv_num(&bp, &tm->tm_hour, 0, 23)))
239 return (NULL);
240 break;
241
242 case 'l': /* The hour (12-hour clock representation). */
243 _LEGAL_ALT(0);
244 /* FALLTHROUGH */
245 case 'I':
246 _LEGAL_ALT(_ALT_O);
247 if (!(_conv_num(&bp, &tm->tm_hour, 1, 12)))
248 return (NULL);
249 break;
250
251 case 'j': /* The day of year. */
252 _LEGAL_ALT(0);
253 if (!(_conv_num(&bp, &tm->tm_yday, 1, 366)))
254 return (NULL);
255 tm->tm_yday--;
256 break;
257
258 case 'M': /* The minute. */
259 _LEGAL_ALT(_ALT_O);
260 if (!(_conv_num(&bp, &tm->tm_min, 0, 59)))
261 return (NULL);
262 break;
263
264 case 'm': /* The month. */
265 _LEGAL_ALT(_ALT_O);
266 if (!(_conv_num(&bp, &tm->tm_mon, 1, 12)))
267 return (NULL);
268 tm->tm_mon--;
269 break;
270
271#if 0
272 case 'p': /* The locale's equivalent of AM/PM. */
273 _LEGAL_ALT(0);
274 /* AM? */
275 len = strlen(_ctloc(am_pm[0]));
276 if (strncasecmp(_ctloc(am_pm[0]), bp, len) == 0) {
277 if (tm->tm_hour > 12) /* i.e., 13:00 AM ?! */
278 return (NULL);
279 else if (tm->tm_hour == 12)
280 tm->tm_hour = 0;
281
282 bp += len;
283 break;
284 }
285 /* PM? */
286 len = strlen(_ctloc(am_pm[1]));
287 if (strncasecmp(_ctloc(am_pm[1]), bp, len) == 0) {
288 if (tm->tm_hour > 12) /* i.e., 13:00 PM ?! */
289 return (NULL);
290 else if (tm->tm_hour < 12)
291 tm->tm_hour += 12;
292
293 bp += len;
294 break;
295 }
296
297 /* Nothing matched. */
298 return (NULL);
299#endif
300 case 'S': /* The seconds. */
301 _LEGAL_ALT(_ALT_O);
302 if (!(_conv_num(&bp, &tm->tm_sec, 0, 61)))
303 return (NULL);
304 break;
305
306 case 'U': /* The week of year, beginning on sunday. */
307 case 'W': /* The week of year, beginning on monday. */
308 _LEGAL_ALT(_ALT_O);
309 /*
310 * XXX This is bogus, as we can not assume any valid
311 * information present in the tm structure at this
312 * point to calculate a real value, so just check the
313 * range for now.
314 */
315 if (!(_conv_num(&bp, &i, 0, 53)))
316 return (NULL);
317 break;
318
319 case 'w': /* The day of week, beginning on sunday. */
320 _LEGAL_ALT(_ALT_O);
321 if (!(_conv_num(&bp, &tm->tm_wday, 0, 6)))
322 return (NULL);
323 break;
324
325 case 'Y': /* The year. */
326 _LEGAL_ALT(_ALT_E);
327 if (!(_conv_num(&bp, &i, 0, 9999)))
328 return (NULL);
329
330 relyear = -1;
331 tm->tm_year = i - TM_YEAR_BASE;
332 break;
333
334 case 'y': /* The year within the century (2 digits). */
335 _LEGAL_ALT(_ALT_E | _ALT_O);
336 if (!(_conv_num(&bp, &relyear, 0, 99)))
337 return (NULL);
338 break;
339
340 /*
341 * Miscellaneous conversions.
342 */
343 case 'n': /* Any kind of white-space. */
344 case 't':
345 _LEGAL_ALT(0);
346 while (isspace(*bp))
347 bp++;
348 break;
349
350
351 default: /* Unknown/unsupported conversion. */
352 return (NULL);
353 }
354
355
356 }
357
358 /*
359 * We need to evaluate the two digit year spec (%y)
360 * last as we can get a century spec (%C) at any time.
361 */
362 if (relyear != -1) {
363 if (century == TM_YEAR_BASE) {
364 if (relyear <= 68)
365 tm->tm_year = relyear + 2000 - TM_YEAR_BASE;
366 else
367 tm->tm_year = relyear + 1900 - TM_YEAR_BASE;
368 } else {
369 tm->tm_year = relyear + century - TM_YEAR_BASE;
370 }
371 }
372
373 return ((char *)bp);
374}
375
376
377static int
378_conv_num(const unsigned char **buf, int *dest, int llim, int ulim)
379{
380 int result = 0;
381 int rulim = ulim;
382
383 if (**buf < '0' || **buf > '9')
384 return (0);
385
386 /* we use rulim to break out of the loop when we run out of digits */
387 do {
388 result *= 10;
389 result += *(*buf)++ - '0';
390 rulim /= 10;
391 } while ((result * 10 <= ulim) && rulim && **buf >= '0' && **buf <= '9');
392
393 if (result < llim || result > ulim)
394 return (0);
395
396 *dest = result;
397 return (1);
398}
399
400#endif /* HAVE_STRPTIME */
401
diff --git a/packet.c b/packet.c
index 994e35b6d..48f7fe613 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: packet.c,v 1.166 2009/06/27 09:29:06 andreas Exp $ */ 1/* $OpenBSD: packet.c,v 1.168 2010/07/13 23:13:16 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1307,7 +1307,7 @@ packet_read_poll2(u_int32_t *seqnr_p)
1307 macbuf = mac_compute(mac, active_state->p_read.seqnr, 1307 macbuf = mac_compute(mac, active_state->p_read.seqnr,
1308 buffer_ptr(&active_state->incoming_packet), 1308 buffer_ptr(&active_state->incoming_packet),
1309 buffer_len(&active_state->incoming_packet)); 1309 buffer_len(&active_state->incoming_packet));
1310 if (memcmp(macbuf, buffer_ptr(&active_state->input), 1310 if (timingsafe_bcmp(macbuf, buffer_ptr(&active_state->input),
1311 mac->mac_len) != 0) { 1311 mac->mac_len) != 0) {
1312 logit("Corrupted MAC on input."); 1312 logit("Corrupted MAC on input.");
1313 if (need > PACKET_MAX_SIZE) 1313 if (need > PACKET_MAX_SIZE)
diff --git a/readconf.c b/readconf.c
index 2a5a706ab..0e83f5809 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.c,v 1.183 2010/02/08 10:50:20 markus Exp $ */ 1/* $OpenBSD: readconf.c,v 1.187 2010/07/19 09:15:12 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -112,8 +112,8 @@
112 112
113typedef enum { 113typedef enum {
114 oBadOption, 114 oBadOption,
115 oForwardAgent, oForwardX11, oForwardX11Trusted, oGatewayPorts, 115 oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout,
116 oExitOnForwardFailure, 116 oGatewayPorts, oExitOnForwardFailure,
117 oPasswordAuthentication, oRSAAuthentication, 117 oPasswordAuthentication, oRSAAuthentication,
118 oChallengeResponseAuthentication, oXAuthLocation, 118 oChallengeResponseAuthentication, oXAuthLocation,
119 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, 119 oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward,
@@ -132,7 +132,8 @@ typedef enum {
132 oAddressFamily, oGssAuthentication, oGssDelegateCreds, 132 oAddressFamily, oGssAuthentication, oGssDelegateCreds,
133 oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, 133 oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey,
134 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, 134 oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
135 oSendEnv, oControlPath, oControlMaster, oHashKnownHosts, 135 oSendEnv, oControlPath, oControlMaster, oControlPersist,
136 oHashKnownHosts,
136 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand, 137 oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
137 oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication, 138 oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
138 oProtocolKeepAlives, oSetupTimeOut, 139 oProtocolKeepAlives, oSetupTimeOut,
@@ -148,6 +149,7 @@ static struct {
148 { "forwardagent", oForwardAgent }, 149 { "forwardagent", oForwardAgent },
149 { "forwardx11", oForwardX11 }, 150 { "forwardx11", oForwardX11 },
150 { "forwardx11trusted", oForwardX11Trusted }, 151 { "forwardx11trusted", oForwardX11Trusted },
152 { "forwardx11timeout", oForwardX11Timeout },
151 { "exitonforwardfailure", oExitOnForwardFailure }, 153 { "exitonforwardfailure", oExitOnForwardFailure },
152 { "xauthlocation", oXAuthLocation }, 154 { "xauthlocation", oXAuthLocation },
153 { "gatewayports", oGatewayPorts }, 155 { "gatewayports", oGatewayPorts },
@@ -238,6 +240,7 @@ static struct {
238 { "sendenv", oSendEnv }, 240 { "sendenv", oSendEnv },
239 { "controlpath", oControlPath }, 241 { "controlpath", oControlPath },
240 { "controlmaster", oControlMaster }, 242 { "controlmaster", oControlMaster },
243 { "controlpersist", oControlPersist },
241 { "hashknownhosts", oHashKnownHosts }, 244 { "hashknownhosts", oHashKnownHosts },
242 { "tunnel", oTunnel }, 245 { "tunnel", oTunnel },
243 { "tunneldevice", oTunnelDevice }, 246 { "tunneldevice", oTunnelDevice },
@@ -271,8 +274,9 @@ add_local_forward(Options *options, const Forward *newfwd)
271 if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0) 274 if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0)
272 fatal("Privileged ports can only be forwarded by root."); 275 fatal("Privileged ports can only be forwarded by root.");
273#endif 276#endif
274 if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) 277 options->local_forwards = xrealloc(options->local_forwards,
275 fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); 278 options->num_local_forwards + 1,
279 sizeof(*options->local_forwards));
276 fwd = &options->local_forwards[options->num_local_forwards++]; 280 fwd = &options->local_forwards[options->num_local_forwards++];
277 281
278 fwd->listen_host = newfwd->listen_host; 282 fwd->listen_host = newfwd->listen_host;
@@ -290,15 +294,17 @@ void
290add_remote_forward(Options *options, const Forward *newfwd) 294add_remote_forward(Options *options, const Forward *newfwd)
291{ 295{
292 Forward *fwd; 296 Forward *fwd;
293 if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) 297
294 fatal("Too many remote forwards (max %d).", 298 options->remote_forwards = xrealloc(options->remote_forwards,
295 SSH_MAX_FORWARDS_PER_DIRECTION); 299 options->num_remote_forwards + 1,
300 sizeof(*options->remote_forwards));
296 fwd = &options->remote_forwards[options->num_remote_forwards++]; 301 fwd = &options->remote_forwards[options->num_remote_forwards++];
297 302
298 fwd->listen_host = newfwd->listen_host; 303 fwd->listen_host = newfwd->listen_host;
299 fwd->listen_port = newfwd->listen_port; 304 fwd->listen_port = newfwd->listen_port;
300 fwd->connect_host = newfwd->connect_host; 305 fwd->connect_host = newfwd->connect_host;
301 fwd->connect_port = newfwd->connect_port; 306 fwd->connect_port = newfwd->connect_port;
307 fwd->allocated_port = 0;
302} 308}
303 309
304static void 310static void
@@ -311,12 +317,20 @@ clear_forwardings(Options *options)
311 xfree(options->local_forwards[i].listen_host); 317 xfree(options->local_forwards[i].listen_host);
312 xfree(options->local_forwards[i].connect_host); 318 xfree(options->local_forwards[i].connect_host);
313 } 319 }
320 if (options->num_local_forwards > 0) {
321 xfree(options->local_forwards);
322 options->local_forwards = NULL;
323 }
314 options->num_local_forwards = 0; 324 options->num_local_forwards = 0;
315 for (i = 0; i < options->num_remote_forwards; i++) { 325 for (i = 0; i < options->num_remote_forwards; i++) {
316 if (options->remote_forwards[i].listen_host != NULL) 326 if (options->remote_forwards[i].listen_host != NULL)
317 xfree(options->remote_forwards[i].listen_host); 327 xfree(options->remote_forwards[i].listen_host);
318 xfree(options->remote_forwards[i].connect_host); 328 xfree(options->remote_forwards[i].connect_host);
319 } 329 }
330 if (options->num_remote_forwards > 0) {
331 xfree(options->remote_forwards);
332 options->remote_forwards = NULL;
333 }
320 options->num_remote_forwards = 0; 334 options->num_remote_forwards = 0;
321 options->tun_open = SSH_TUNMODE_NO; 335 options->tun_open = SSH_TUNMODE_NO;
322} 336}
@@ -419,6 +433,10 @@ parse_flag:
419 case oForwardX11Trusted: 433 case oForwardX11Trusted:
420 intptr = &options->forward_x11_trusted; 434 intptr = &options->forward_x11_trusted;
421 goto parse_flag; 435 goto parse_flag;
436
437 case oForwardX11Timeout:
438 intptr = &options->forward_x11_timeout;
439 goto parse_time;
422 440
423 case oGatewayPorts: 441 case oGatewayPorts:
424 intptr = &options->gateway_ports; 442 intptr = &options->gateway_ports;
@@ -904,6 +922,30 @@ parse_int:
904 *intptr = value; 922 *intptr = value;
905 break; 923 break;
906 924
925 case oControlPersist:
926 /* no/false/yes/true, or a time spec */
927 intptr = &options->control_persist;
928 arg = strdelim(&s);
929 if (!arg || *arg == '\0')
930 fatal("%.200s line %d: Missing ControlPersist"
931 " argument.", filename, linenum);
932 value = 0;
933 value2 = 0; /* timeout */
934 if (strcmp(arg, "no") == 0 || strcmp(arg, "false") == 0)
935 value = 0;
936 else if (strcmp(arg, "yes") == 0 || strcmp(arg, "true") == 0)
937 value = 1;
938 else if ((value2 = convtime(arg)) >= 0)
939 value = 1;
940 else
941 fatal("%.200s line %d: Bad ControlPersist argument.",
942 filename, linenum);
943 if (*activep && *intptr == -1) {
944 *intptr = value;
945 options->control_persist_timeout = value2;
946 }
947 break;
948
907 case oHashKnownHosts: 949 case oHashKnownHosts:
908 intptr = &options->hash_known_hosts; 950 intptr = &options->hash_known_hosts;
909 goto parse_flag; 951 goto parse_flag;
@@ -1044,6 +1086,7 @@ initialize_options(Options * options)
1044 options->forward_agent = -1; 1086 options->forward_agent = -1;
1045 options->forward_x11 = -1; 1087 options->forward_x11 = -1;
1046 options->forward_x11_trusted = -1; 1088 options->forward_x11_trusted = -1;
1089 options->forward_x11_timeout = -1;
1047 options->exit_on_forward_failure = -1; 1090 options->exit_on_forward_failure = -1;
1048 options->xauth_location = NULL; 1091 options->xauth_location = NULL;
1049 options->gateway_ports = -1; 1092 options->gateway_ports = -1;
@@ -1089,7 +1132,9 @@ initialize_options(Options * options)
1089 options->user_hostfile = NULL; 1132 options->user_hostfile = NULL;
1090 options->system_hostfile2 = NULL; 1133 options->system_hostfile2 = NULL;
1091 options->user_hostfile2 = NULL; 1134 options->user_hostfile2 = NULL;
1135 options->local_forwards = NULL;
1092 options->num_local_forwards = 0; 1136 options->num_local_forwards = 0;
1137 options->remote_forwards = NULL;
1093 options->num_remote_forwards = 0; 1138 options->num_remote_forwards = 0;
1094 options->clear_forwardings = -1; 1139 options->clear_forwardings = -1;
1095 options->log_level = SYSLOG_LEVEL_NOT_SET; 1140 options->log_level = SYSLOG_LEVEL_NOT_SET;
@@ -1106,6 +1151,8 @@ initialize_options(Options * options)
1106 options->num_send_env = 0; 1151 options->num_send_env = 0;
1107 options->control_path = NULL; 1152 options->control_path = NULL;
1108 options->control_master = -1; 1153 options->control_master = -1;
1154 options->control_persist = -1;
1155 options->control_persist_timeout = 0;
1109 options->hash_known_hosts = -1; 1156 options->hash_known_hosts = -1;
1110 options->tun_open = -1; 1157 options->tun_open = -1;
1111 options->tun_local = -1; 1158 options->tun_local = -1;
@@ -1133,6 +1180,8 @@ fill_default_options(Options * options)
1133 options->forward_x11 = 0; 1180 options->forward_x11 = 0;
1134 if (options->forward_x11_trusted == -1) 1181 if (options->forward_x11_trusted == -1)
1135 options->forward_x11_trusted = 1; 1182 options->forward_x11_trusted = 1;
1183 if (options->forward_x11_timeout == -1)
1184 options->forward_x11_timeout = 1200;
1136 if (options->exit_on_forward_failure == -1) 1185 if (options->exit_on_forward_failure == -1)
1137 options->exit_on_forward_failure = 0; 1186 options->exit_on_forward_failure = 0;
1138 if (options->xauth_location == NULL) 1187 if (options->xauth_location == NULL)
@@ -1252,6 +1301,10 @@ fill_default_options(Options * options)
1252 options->server_alive_count_max = 3; 1301 options->server_alive_count_max = 3;
1253 if (options->control_master == -1) 1302 if (options->control_master == -1)
1254 options->control_master = 0; 1303 options->control_master = 0;
1304 if (options->control_persist == -1) {
1305 options->control_persist = 0;
1306 options->control_persist_timeout = 0;
1307 }
1255 if (options->hash_known_hosts == -1) 1308 if (options->hash_known_hosts == -1)
1256 options->hash_known_hosts = 0; 1309 options->hash_known_hosts = 0;
1257 if (options->tun_open == -1) 1310 if (options->tun_open == -1)
diff --git a/readconf.h b/readconf.h
index 24762e71c..cc341c9ba 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: readconf.h,v 1.82 2010/02/08 10:50:20 markus Exp $ */ 1/* $OpenBSD: readconf.h,v 1.86 2010/07/19 09:15:12 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -23,6 +23,7 @@ typedef struct {
23 int listen_port; /* Port to forward. */ 23 int listen_port; /* Port to forward. */
24 char *connect_host; /* Host to connect. */ 24 char *connect_host; /* Host to connect. */
25 int connect_port; /* Port to connect on connect_host. */ 25 int connect_port; /* Port to connect on connect_host. */
26 int allocated_port; /* Dynamically allocated listen port */
26} Forward; 27} Forward;
27/* Data structure for representing option data. */ 28/* Data structure for representing option data. */
28 29
@@ -31,6 +32,7 @@ typedef struct {
31typedef struct { 32typedef struct {
32 int forward_agent; /* Forward authentication agent. */ 33 int forward_agent; /* Forward authentication agent. */
33 int forward_x11; /* Forward X11 display. */ 34 int forward_x11; /* Forward X11 display. */
35 int forward_x11_timeout; /* Expiration for Cookies */
34 int forward_x11_trusted; /* Trust Forward X11 display. */ 36 int forward_x11_trusted; /* Trust Forward X11 display. */
35 int exit_on_forward_failure; /* Exit if bind(2) fails for -L/-R */ 37 int exit_on_forward_failure; /* Exit if bind(2) fails for -L/-R */
36 char *xauth_location; /* Location for xauth program */ 38 char *xauth_location; /* Location for xauth program */
@@ -98,11 +100,11 @@ typedef struct {
98 100
99 /* Local TCP/IP forward requests. */ 101 /* Local TCP/IP forward requests. */
100 int num_local_forwards; 102 int num_local_forwards;
101 Forward local_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; 103 Forward *local_forwards;
102 104
103 /* Remote TCP/IP forward requests. */ 105 /* Remote TCP/IP forward requests. */
104 int num_remote_forwards; 106 int num_remote_forwards;
105 Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; 107 Forward *remote_forwards;
106 int clear_forwardings; 108 int clear_forwardings;
107 109
108 int enable_ssh_keysign; 110 int enable_ssh_keysign;
@@ -117,6 +119,8 @@ typedef struct {
117 119
118 char *control_path; 120 char *control_path;
119 int control_master; 121 int control_master;
122 int control_persist; /* ControlPersist flag */
123 int control_persist_timeout; /* ControlPersist timeout (seconds) */
120 124
121 int hash_known_hosts; 125 int hash_known_hosts;
122 126
diff --git a/regress/Makefile b/regress/Makefile
index d25a64555..9762ab204 100644
--- a/regress/Makefile
+++ b/regress/Makefile
@@ -1,4 +1,4 @@
1# $OpenBSD: Makefile,v 1.52 2010/02/26 20:33:21 djm Exp $ 1# $OpenBSD: Makefile,v 1.54 2010/06/27 19:19:56 phessler Exp $
2 2
3REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec 3REGRESS_TARGETS= t1 t2 t3 t4 t5 t6 t7 t-exec
4tests: $(REGRESS_TARGETS) 4tests: $(REGRESS_TARGETS)
@@ -69,7 +69,8 @@ CLEANFILES= t2.out t6.out1 t6.out2 t7.out t7.out.pub copy.1 copy.2 \
69 scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \ 69 scp-ssh-wrapper.scp ssh_proxy_envpass remote_pid \
70 sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \ 70 sshd_proxy_bak rsa_ssh2_cr.prv rsa_ssh2_crnl.prv \
71 known_hosts-cert host_ca_key* cert_host_key* \ 71 known_hosts-cert host_ca_key* cert_host_key* \
72 putty.rsa2 sshd_proxy_orig 72 putty.rsa2 sshd_proxy_orig \
73 authorized_principals_${USER}
73 74
74# Enable all malloc(3) randomisations and checks 75# Enable all malloc(3) randomisations and checks
75TEST_ENV= "MALLOC_OPTIONS=AFGJPRX" 76TEST_ENV= "MALLOC_OPTIONS=AFGJPRX"
@@ -112,13 +113,13 @@ t-exec: ${LTESTS:=.sh}
112 @if [ "x$?" = "x" ]; then exit 0; fi; \ 113 @if [ "x$?" = "x" ]; then exit 0; fi; \
113 for TEST in ""$?; do \ 114 for TEST in ""$?; do \
114 echo "run test $${TEST}" ... 1>&2; \ 115 echo "run test $${TEST}" ... 1>&2; \
115 (env SUDO=${SUDO} TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ 116 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
116 done 117 done
117 118
118t-exec-interop: ${INTEROP_TESTS:=.sh} 119t-exec-interop: ${INTEROP_TESTS:=.sh}
119 @if [ "x$?" = "x" ]; then exit 0; fi; \ 120 @if [ "x$?" = "x" ]; then exit 0; fi; \
120 for TEST in ""$?; do \ 121 for TEST in ""$?; do \
121 echo "run test $${TEST}" ... 1>&2; \ 122 echo "run test $${TEST}" ... 1>&2; \
122 (env SUDO=${SUDO} TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \ 123 (env SUDO="${SUDO}" TEST_ENV=${TEST_ENV} sh ${.CURDIR}/test-exec.sh ${.OBJDIR} ${.CURDIR}/$${TEST}) || exit $$?; \
123 done 124 done
124 125
diff --git a/regress/README.regress b/regress/README.regress
index 5aaf734bd..da9bb6a99 100644
--- a/regress/README.regress
+++ b/regress/README.regress
@@ -29,7 +29,7 @@ TEST_SSH_x: path to "ssh" command under test, where x=SSH,SSHD,SSHAGENT,SSHADD
29OBJ: used by test scripts to access build dir. 29OBJ: used by test scripts to access build dir.
30TEST_SHELL: shell used for running the test scripts. 30TEST_SHELL: shell used for running the test scripts.
31TEST_SSH_PORT: TCP port to be used for the listening tests. 31TEST_SSH_PORT: TCP port to be used for the listening tests.
32TEST_SSH_SSH_CONFOTPS: Configuration directives to be added to ssh_config 32TEST_SSH_SSH_CONFOPTS: Configuration directives to be added to ssh_config
33 before running each test. 33 before running each test.
34TEST_SSH_SSHD_CONFOTPS: Configuration directives to be added to sshd_config 34TEST_SSH_SSHD_CONFOTPS: Configuration directives to be added to sshd_config
35 before running each test. 35 before running each test.
@@ -105,4 +105,4 @@ Known Issues.
105 test to fail. The old behaviour can be restored by setting (and 105 test to fail. The old behaviour can be restored by setting (and
106 exporting) _POSIX2_VERSION=199209 before running the tests. 106 exporting) _POSIX2_VERSION=199209 before running the tests.
107 107
108$Id: README.regress,v 1.10 2005/10/03 10:14:18 dtucker Exp $ 108$Id: README.regress,v 1.11 2010/08/16 21:04:29 djm Exp $
diff --git a/regress/cert-hostkey.sh b/regress/cert-hostkey.sh
index 3fda667cb..0265e8f6b 100644
--- a/regress/cert-hostkey.sh
+++ b/regress/cert-hostkey.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: cert-hostkey.sh,v 1.3 2010/03/04 10:38:23 djm Exp $ 1# $OpenBSD: cert-hostkey.sh,v 1.4 2010/04/16 01:58:45 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="certified host keys" 4tid="certified host keys"
@@ -28,11 +28,17 @@ for ktype in rsa dsa ; do
28 -I "regress host key for $USER" \ 28 -I "regress host key for $USER" \
29 -n $HOSTS $OBJ/cert_host_key_${ktype} || 29 -n $HOSTS $OBJ/cert_host_key_${ktype} ||
30 fail "couldn't sign cert_host_key_${ktype}" 30 fail "couldn't sign cert_host_key_${ktype}"
31 cp $OBJ/cert_host_key_${ktype} $OBJ/cert_host_key_${ktype}_v00
32 cp $OBJ/cert_host_key_${ktype}.pub $OBJ/cert_host_key_${ktype}_v00.pub
33 ${SSHKEYGEN} -t v00 -h -q -s $OBJ/host_ca_key \
34 -I "regress host key for $USER" \
35 -n $HOSTS $OBJ/cert_host_key_${ktype}_v00 ||
36 fail "couldn't sign cert_host_key_${ktype}_v00"
31done 37done
32 38
33# Basic connect tests 39# Basic connect tests
34for privsep in yes no ; do 40for privsep in yes no ; do
35 for ktype in rsa dsa ; do 41 for ktype in rsa dsa rsa_v00 dsa_v00; do
36 verbose "$tid: host ${ktype} cert connect privsep $privsep" 42 verbose "$tid: host ${ktype} cert connect privsep $privsep"
37 ( 43 (
38 cat $OBJ/sshd_proxy_bak 44 cat $OBJ/sshd_proxy_bak
@@ -61,9 +67,15 @@ done
61 echon '@revoked ' 67 echon '@revoked '
62 echon "* " 68 echon "* "
63 cat $OBJ/cert_host_key_dsa.pub 69 cat $OBJ/cert_host_key_dsa.pub
70 echon '@revoked '
71 echon "* "
72 cat $OBJ/cert_host_key_rsa_v00.pub
73 echon '@revoked '
74 echon "* "
75 cat $OBJ/cert_host_key_dsa_v00.pub
64) > $OBJ/known_hosts-cert 76) > $OBJ/known_hosts-cert
65for privsep in yes no ; do 77for privsep in yes no ; do
66 for ktype in rsa dsa ; do 78 for ktype in rsa dsa rsa_v00 dsa_v00; do
67 verbose "$tid: host ${ktype} revoked cert privsep $privsep" 79 verbose "$tid: host ${ktype} revoked cert privsep $privsep"
68 ( 80 (
69 cat $OBJ/sshd_proxy_bak 81 cat $OBJ/sshd_proxy_bak
@@ -90,7 +102,7 @@ done
90 echon "* " 102 echon "* "
91 cat $OBJ/host_ca_key.pub 103 cat $OBJ/host_ca_key.pub
92) > $OBJ/known_hosts-cert 104) > $OBJ/known_hosts-cert
93for ktype in rsa dsa ; do 105for ktype in rsa dsa rsa_v00 dsa_v00 ; do
94 verbose "$tid: host ${ktype} revoked cert" 106 verbose "$tid: host ${ktype} revoked cert"
95 ( 107 (
96 cat $OBJ/sshd_proxy_bak 108 cat $OBJ/sshd_proxy_bak
@@ -116,32 +128,39 @@ test_one() {
116 ident=$1 128 ident=$1
117 result=$2 129 result=$2
118 sign_opts=$3 130 sign_opts=$3
119
120 verbose "$tid: test host cert connect $ident expect $result"
121
122 ${SSHKEYGEN} -q -s $OBJ/host_ca_key -I "regress host key for $USER" \
123 $sign_opts \
124 $OBJ/cert_host_key_rsa ||
125 fail "couldn't sign cert_host_key_rsa"
126 (
127 cat $OBJ/sshd_proxy_bak
128 echo HostKey $OBJ/cert_host_key_rsa
129 echo HostCertificate $OBJ/cert_host_key_rsa-cert.pub
130 ) > $OBJ/sshd_proxy
131 131
132 ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ 132 for kt in rsa rsa_v00 ; do
133 -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ 133 case $kt in
134 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1 134 *_v00) args="-t v00" ;;
135 rc=$? 135 *) args="" ;;
136 if [ "x$result" = "xsuccess" ] ; then 136 esac
137 if [ $rc -ne 0 ]; then 137
138 fail "ssh cert connect $ident failed unexpectedly" 138 verbose "$tid: host cert connect $ident $kt expect $result"
139 fi 139 ${SSHKEYGEN} -q -s $OBJ/host_ca_key \
140 else 140 -I "regress host key for $USER" \
141 if [ $rc -eq 0 ]; then 141 $sign_opts $args \
142 fail "ssh cert connect $ident succeeded unexpectedly" 142 $OBJ/cert_host_key_${kt} ||
143 fail "couldn't sign cert_host_key_${kt}"
144 (
145 cat $OBJ/sshd_proxy_bak
146 echo HostKey $OBJ/cert_host_key_${kt}
147 echo HostCertificate $OBJ/cert_host_key_${kt}-cert.pub
148 ) > $OBJ/sshd_proxy
149
150 ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
151 -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
152 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
153 rc=$?
154 if [ "x$result" = "xsuccess" ] ; then
155 if [ $rc -ne 0 ]; then
156 fail "ssh cert connect $ident failed unexpectedly"
157 fi
158 else
159 if [ $rc -eq 0 ]; then
160 fail "ssh cert connect $ident succeeded unexpectedly"
161 fi
143 fi 162 fi
144 fi 163 done
145} 164}
146 165
147test_one "user-certificate" failure "-n $HOSTS" 166test_one "user-certificate" failure "-n $HOSTS"
@@ -153,32 +172,35 @@ test_one "cert valid interval" success "-h -V-1w:+2w"
153test_one "cert has constraints" failure "-h -Oforce-command=false" 172test_one "cert has constraints" failure "-h -Oforce-command=false"
154 173
155# Check downgrade of cert to raw key when no CA found 174# Check downgrade of cert to raw key when no CA found
156rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key* 175for v in v01 v00 ; do
157for ktype in rsa dsa ; do 176 for ktype in rsa dsa ; do
158 verbose "$tid: host ${ktype} cert downgrade to raw key" 177 rm -f $OBJ/known_hosts-cert $OBJ/cert_host_key*
159 # Generate and sign a host key 178 verbose "$tid: host ${ktype} ${v} cert downgrade to raw key"
160 ${SSHKEYGEN} -q -N '' -t ${ktype} \ 179 # Generate and sign a host key
161 -f $OBJ/cert_host_key_${ktype} || \ 180 ${SSHKEYGEN} -q -N '' -t ${ktype} \
162 fail "ssh-keygen of cert_host_key_${ktype} failed" 181 -f $OBJ/cert_host_key_${ktype} || \
163 ${SSHKEYGEN} -h -q -s $OBJ/host_ca_key -I "regress host key for $USER" \ 182 fail "ssh-keygen of cert_host_key_${ktype} failed"
164 -n $HOSTS $OBJ/cert_host_key_${ktype} || 183 ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/host_ca_key \
165 fail "couldn't sign cert_host_key_${ktype}" 184 -I "regress host key for $USER" \
166 ( 185 -n $HOSTS $OBJ/cert_host_key_${ktype} ||
167 echon "$HOSTS " 186 fail "couldn't sign cert_host_key_${ktype}"
168 cat $OBJ/cert_host_key_${ktype}.pub 187 (
169 ) > $OBJ/known_hosts-cert 188 echon "$HOSTS "
170 ( 189 cat $OBJ/cert_host_key_${ktype}.pub
171 cat $OBJ/sshd_proxy_bak 190 ) > $OBJ/known_hosts-cert
172 echo HostKey $OBJ/cert_host_key_${ktype} 191 (
173 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub 192 cat $OBJ/sshd_proxy_bak
174 ) > $OBJ/sshd_proxy 193 echo HostKey $OBJ/cert_host_key_${ktype}
175 194 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub
176 ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ 195 ) > $OBJ/sshd_proxy
177 -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ 196
178 -F $OBJ/ssh_proxy somehost true 197 ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
179 if [ $? -ne 0 ]; then 198 -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
180 fail "ssh cert connect failed" 199 -F $OBJ/ssh_proxy somehost true
181 fi 200 if [ $? -ne 0 ]; then
201 fail "ssh cert connect failed"
202 fi
203 done
182done 204done
183 205
184# Wrong certificate 206# Wrong certificate
@@ -187,25 +209,31 @@ done
187 echon "$HOSTS " 209 echon "$HOSTS "
188 cat $OBJ/host_ca_key.pub 210 cat $OBJ/host_ca_key.pub
189) > $OBJ/known_hosts-cert 211) > $OBJ/known_hosts-cert
190for ktype in rsa dsa ; do 212for v in v01 v00 ; do
191 # Self-sign key 213 for kt in rsa dsa ; do
192 ${SSHKEYGEN} -h -q -s $OBJ/cert_host_key_${ktype} \ 214 rm -f $OBJ/cert_host_key*
193 -I "regress host key for $USER" \ 215 # Self-sign key
194 -n $HOSTS $OBJ/cert_host_key_${ktype} || 216 ${SSHKEYGEN} -q -N '' -t ${kt} \
195 fail "couldn't sign cert_host_key_${ktype}" 217 -f $OBJ/cert_host_key_${kt} || \
196 verbose "$tid: host ${ktype} connect wrong cert" 218 fail "ssh-keygen of cert_host_key_${kt} failed"
197 ( 219 ${SSHKEYGEN} -t ${v} -h -q -s $OBJ/cert_host_key_${kt} \
198 cat $OBJ/sshd_proxy_bak 220 -I "regress host key for $USER" \
199 echo HostKey $OBJ/cert_host_key_${ktype} 221 -n $HOSTS $OBJ/cert_host_key_${kt} ||
200 echo HostCertificate $OBJ/cert_host_key_${ktype}-cert.pub 222 fail "couldn't sign cert_host_key_${kt}"
201 ) > $OBJ/sshd_proxy 223 verbose "$tid: host ${kt} connect wrong cert"
202 224 (
203 ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \ 225 cat $OBJ/sshd_proxy_bak
204 -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \ 226 echo HostKey $OBJ/cert_host_key_${kt}
205 -F $OBJ/ssh_proxy -q somehost true >/dev/null 2>&1 227 echo HostCertificate $OBJ/cert_host_key_${kt}-cert.pub
206 if [ $? -eq 0 ]; then 228 ) > $OBJ/sshd_proxy
207 fail "ssh cert connect $ident succeeded unexpectedly" 229
208 fi 230 ${SSH} -2 -oUserKnownHostsFile=$OBJ/known_hosts-cert \
231 -oGlobalKnownHostsFile=$OBJ/known_hosts-cert \
232 -F $OBJ/ssh_proxy -q somehost true >/dev/null 2>&1
233 if [ $? -eq 0 ]; then
234 fail "ssh cert connect $ident succeeded unexpectedly"
235 fi
236 done
209done 237done
210 238
211rm -f $OBJ/known_hosts-cert $OBJ/host_ca_key* $OBJ/cert_host_key* 239rm -f $OBJ/known_hosts-cert $OBJ/host_ca_key* $OBJ/cert_host_key*
diff --git a/regress/cert-userkey.sh b/regress/cert-userkey.sh
index 7a58e7b75..a41a9a9c0 100644
--- a/regress/cert-userkey.sh
+++ b/regress/cert-userkey.sh
@@ -1,4 +1,4 @@
1# $OpenBSD: cert-userkey.sh,v 1.3 2010/03/04 10:38:23 djm Exp $ 1# $OpenBSD: cert-userkey.sh,v 1.6 2010/06/29 23:59:54 djm Exp $
2# Placed in the Public Domain. 2# Placed in the Public Domain.
3 3
4tid="certified user keys" 4tid="certified user keys"
@@ -18,8 +18,128 @@ for ktype in rsa dsa ; do
18 fail "ssh-keygen of cert_user_key_${ktype} failed" 18 fail "ssh-keygen of cert_user_key_${ktype} failed"
19 ${SSHKEYGEN} -q -s $OBJ/user_ca_key -I \ 19 ${SSHKEYGEN} -q -s $OBJ/user_ca_key -I \
20 "regress user key for $USER" \ 20 "regress user key for $USER" \
21 -n $USER $OBJ/cert_user_key_${ktype} || 21 -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype} ||
22 fail "couldn't sign cert_user_key_${ktype}" 22 fail "couldn't sign cert_user_key_${ktype}"
23 cp $OBJ/cert_user_key_${ktype} $OBJ/cert_user_key_${ktype}_v00
24 cp $OBJ/cert_user_key_${ktype}.pub $OBJ/cert_user_key_${ktype}_v00.pub
25 ${SSHKEYGEN} -q -t v00 -s $OBJ/user_ca_key -I \
26 "regress user key for $USER" \
27 -n ${USER},mekmitasdigoat $OBJ/cert_user_key_${ktype}_v00 ||
28 fail "couldn't sign cert_user_key_${ktype}_v00"
29done
30
31# Test explicitly-specified principals
32for ktype in rsa dsa rsa_v00 dsa_v00 ; do
33 for privsep in yes no ; do
34 _prefix="${ktype} privsep $privsep"
35
36 # Setup for AuthorizedPrincipalsFile
37 rm -f $OBJ/authorized_keys_$USER
38 (
39 cat $OBJ/sshd_proxy_bak
40 echo "UsePrivilegeSeparation $privsep"
41 echo "AuthorizedPrincipalsFile " \
42 "$OBJ/authorized_principals_%u"
43 echo "TrustedUserCAKeys $OBJ/user_ca_key.pub"
44 ) > $OBJ/sshd_proxy
45
46 # Missing authorized_principals
47 verbose "$tid: ${_prefix} missing authorized_principals"
48 rm -f $OBJ/authorized_principals_$USER
49 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
50 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
51 if [ $? -eq 0 ]; then
52 fail "ssh cert connect succeeded unexpectedly"
53 fi
54
55 # Empty authorized_principals
56 verbose "$tid: ${_prefix} empty authorized_principals"
57 echo > $OBJ/authorized_principals_$USER
58 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
59 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
60 if [ $? -eq 0 ]; then
61 fail "ssh cert connect succeeded unexpectedly"
62 fi
63
64 # Wrong authorized_principals
65 verbose "$tid: ${_prefix} wrong authorized_principals"
66 echo gregorsamsa > $OBJ/authorized_principals_$USER
67 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
68 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
69 if [ $? -eq 0 ]; then
70 fail "ssh cert connect succeeded unexpectedly"
71 fi
72
73 # Correct authorized_principals
74 verbose "$tid: ${_prefix} correct authorized_principals"
75 echo mekmitasdigoat > $OBJ/authorized_principals_$USER
76 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
77 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
78 if [ $? -ne 0 ]; then
79 fail "ssh cert connect failed"
80 fi
81
82 # authorized_principals with bad key option
83 verbose "$tid: ${_prefix} authorized_principals bad key opt"
84 echo 'blah mekmitasdigoat' > $OBJ/authorized_principals_$USER
85 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
86 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
87 if [ $? -eq 0 ]; then
88 fail "ssh cert connect succeeded unexpectedly"
89 fi
90
91 # authorized_principals with command=false
92 verbose "$tid: ${_prefix} authorized_principals command=false"
93 echo 'command="false" mekmitasdigoat' > \
94 $OBJ/authorized_principals_$USER
95 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
96 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
97 if [ $? -eq 0 ]; then
98 fail "ssh cert connect succeeded unexpectedly"
99 fi
100
101
102 # authorized_principals with command=true
103 verbose "$tid: ${_prefix} authorized_principals command=true"
104 echo 'command="true" mekmitasdigoat' > \
105 $OBJ/authorized_principals_$USER
106 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
107 -F $OBJ/ssh_proxy somehost false >/dev/null 2>&1
108 if [ $? -ne 0 ]; then
109 fail "ssh cert connect failed"
110 fi
111
112 # Setup for principals= key option
113 rm -f $OBJ/authorized_principals_$USER
114 (
115 cat $OBJ/sshd_proxy_bak
116 echo "UsePrivilegeSeparation $privsep"
117 ) > $OBJ/sshd_proxy
118
119 # Wrong principals list
120 verbose "$tid: ${_prefix} wrong principals key option"
121 (
122 echon 'cert-authority,principals="gregorsamsa" '
123 cat $OBJ/user_ca_key.pub
124 ) > $OBJ/authorized_keys_$USER
125 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
126 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
127 if [ $? -eq 0 ]; then
128 fail "ssh cert connect succeeded unexpectedly"
129 fi
130
131 # Correct principals list
132 verbose "$tid: ${_prefix} correct principals key option"
133 (
134 echon 'cert-authority,principals="mekmitasdigoat" '
135 cat $OBJ/user_ca_key.pub
136 ) > $OBJ/authorized_keys_$USER
137 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
138 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
139 if [ $? -ne 0 ]; then
140 fail "ssh cert connect failed"
141 fi
142 done
23done 143done
24 144
25basic_tests() { 145basic_tests() {
@@ -35,7 +155,7 @@ basic_tests() {
35 extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub" 155 extra_sshd="TrustedUserCAKeys $OBJ/user_ca_key.pub"
36 fi 156 fi
37 157
38 for ktype in rsa dsa ; do 158 for ktype in rsa dsa rsa_v00 dsa_v00 ; do
39 for privsep in yes no ; do 159 for privsep in yes no ; do
40 _prefix="${ktype} privsep $privsep $auth" 160 _prefix="${ktype} privsep $privsep $auth"
41 # Simple connect 161 # Simple connect
@@ -102,45 +222,50 @@ test_one() {
102 result=$2 222 result=$2
103 sign_opts=$3 223 sign_opts=$3
104 auth_choice=$4 224 auth_choice=$4
225 auth_opt=$5
105 226
106 if test "x$auth_choice" = "x" ; then 227 if test "x$auth_choice" = "x" ; then
107 auth_choice="authorized_keys TrustedUserCAKeys" 228 auth_choice="authorized_keys TrustedUserCAKeys"
108 fi 229 fi
109 230
110 for auth in $auth_choice ; do 231 for auth in $auth_choice ; do
111 cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy 232 for ktype in rsa rsa_v00 ; do
112 if test "x$auth" = "xauthorized_keys" ; then 233 cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
113 # Add CA to authorized_keys 234 if test "x$auth" = "xauthorized_keys" ; then
114 ( 235 # Add CA to authorized_keys
115 echon 'cert-authority ' 236 (
116 cat $OBJ/user_ca_key.pub 237 echon "cert-authority${auth_opt} "
117 ) > $OBJ/authorized_keys_$USER 238 cat $OBJ/user_ca_key.pub
118 else 239 ) > $OBJ/authorized_keys_$USER
119 echo > $OBJ/authorized_keys_$USER 240 else
120 echo "TrustedUserCAKeys $OBJ/user_ca_key.pub" >> \ 241 echo > $OBJ/authorized_keys_$USER
121 $OBJ/sshd_proxy 242 echo "TrustedUserCAKeys $OBJ/user_ca_key.pub" \
122 243 >> $OBJ/sshd_proxy
123 fi 244 if test "x$auth_opt" != "x" ; then
124 245 echo $auth_opt >> $OBJ/sshd_proxy
125 verbose "$tid: $ident auth $auth expect $result" 246 fi
126 ${SSHKEYGEN} -q -s $OBJ/user_ca_key \
127 -I "regress user key for $USER" \
128 $sign_opts \
129 $OBJ/cert_user_key_rsa ||
130 fail "couldn't sign cert_user_key_rsa"
131
132 ${SSH} -2i $OBJ/cert_user_key_rsa -F $OBJ/ssh_proxy \
133 somehost true >/dev/null 2>&1
134 rc=$?
135 if [ "x$result" = "xsuccess" ] ; then
136 if [ $rc -ne 0 ]; then
137 fail "$ident failed unexpectedly"
138 fi 247 fi
139 else 248
140 if [ $rc -eq 0 ]; then 249 verbose "$tid: $ident auth $auth expect $result $ktype"
141 fail "$ident succeeded unexpectedly" 250 ${SSHKEYGEN} -q -s $OBJ/user_ca_key \
251 -I "regress user key for $USER" \
252 $sign_opts \
253 $OBJ/cert_user_key_${ktype} ||
254 fail "couldn't sign cert_user_key_${ktype}"
255
256 ${SSH} -2i $OBJ/cert_user_key_${ktype} \
257 -F $OBJ/ssh_proxy somehost true >/dev/null 2>&1
258 rc=$?
259 if [ "x$result" = "xsuccess" ] ; then
260 if [ $rc -ne 0 ]; then
261 fail "$ident failed unexpectedly"
262 fi
263 else
264 if [ $rc -eq 0 ]; then
265 fail "$ident succeeded unexpectedly"
266 fi
142 fi 267 fi
143 fi 268 done
144 done 269 done
145} 270}
146 271
@@ -157,10 +282,33 @@ test_one "force-command" failure "-n ${USER} -Oforce-command=false"
157test_one "empty principals" success "" authorized_keys 282test_one "empty principals" success "" authorized_keys
158test_one "empty principals" failure "" TrustedUserCAKeys 283test_one "empty principals" failure "" TrustedUserCAKeys
159 284
285# Check explicitly-specified principals: an empty principals list in the cert
286# should always be refused.
287
288# AuthorizedPrincipalsFile
289rm -f $OBJ/authorized_keys_$USER
290echo mekmitasdigoat > $OBJ/authorized_principals_$USER
291test_one "AuthorizedPrincipalsFile principals" success "-n mekmitasdigoat" \
292 TrustedUserCAKeys "AuthorizedPrincipalsFile $OBJ/authorized_principals_%u"
293test_one "AuthorizedPrincipalsFile no principals" failure "" \
294 TrustedUserCAKeys "AuthorizedPrincipalsFile $OBJ/authorized_principals_%u"
295
296# principals= key option
297rm -f $OBJ/authorized_principals_$USER
298test_one "principals key option principals" success "-n mekmitasdigoat" \
299 authorized_keys ',principals="mekmitasdigoat"'
300test_one "principals key option no principals" failure "" \
301 authorized_keys ',principals="mekmitasdigoat"'
302
160# Wrong certificate 303# Wrong certificate
161for ktype in rsa dsa ; do 304cat $OBJ/sshd_proxy_bak > $OBJ/sshd_proxy
305for ktype in rsa dsa rsa_v00 dsa_v00 ; do
306 case $ktype in
307 *_v00) args="-t v00" ;;
308 *) args="" ;;
309 esac
162 # Self-sign 310 # Self-sign
163 ${SSHKEYGEN} -q -s $OBJ/cert_user_key_${ktype} -I \ 311 ${SSHKEYGEN} $args -q -s $OBJ/cert_user_key_${ktype} -I \
164 "regress user key for $USER" \ 312 "regress user key for $USER" \
165 -n $USER $OBJ/cert_user_key_${ktype} || 313 -n $USER $OBJ/cert_user_key_${ktype} ||
166 fail "couldn't sign cert_user_key_${ktype}" 314 fail "couldn't sign cert_user_key_${ktype}"
@@ -173,4 +321,5 @@ for ktype in rsa dsa ; do
173done 321done
174 322
175rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key* 323rm -f $OBJ/authorized_keys_$USER $OBJ/user_ca_key* $OBJ/cert_user_key*
324rm -f $OBJ/authorized_principals_$USER
176 325
diff --git a/regress/login-timeout.sh b/regress/login-timeout.sh
index 15a887f74..55fbb324d 100644
--- a/regress/login-timeout.sh
+++ b/regress/login-timeout.sh
@@ -15,7 +15,7 @@ if [ $? -ne 0 ]; then
15 fail "ssh connect after login grace timeout failed with privsep" 15 fail "ssh connect after login grace timeout failed with privsep"
16fi 16fi
17 17
18$SUDO kill `cat $PIDFILE` 18$SUDO kill `$SUDO cat $PIDFILE`
19 19
20trace "test login grace without privsep" 20trace "test login grace without privsep"
21echo "UsePrivilegeSeparation no" >> $OBJ/sshd_config 21echo "UsePrivilegeSeparation no" >> $OBJ/sshd_config
diff --git a/regress/reconfigure.sh b/regress/reconfigure.sh
index 1daf29f9a..9fd289531 100644
--- a/regress/reconfigure.sh
+++ b/regress/reconfigure.sh
@@ -15,7 +15,7 @@ esac
15 15
16start_sshd 16start_sshd
17 17
18PID=`cat $PIDFILE` 18PID=`$SUDO cat $PIDFILE`
19rm -f $PIDFILE 19rm -f $PIDFILE
20$SUDO kill -HUP $PID 20$SUDO kill -HUP $PID
21 21
diff --git a/regress/reexec.sh b/regress/reexec.sh
index 4f824a31d..6edfc318e 100644
--- a/regress/reexec.sh
+++ b/regress/reexec.sh
@@ -41,7 +41,7 @@ echo "InvalidXXX=no" >> $OBJ/sshd_config
41 41
42copy_tests 42copy_tests
43 43
44$SUDO kill `cat $PIDFILE` 44$SUDO kill `$SUDO cat $PIDFILE`
45rm -f $PIDFILE 45rm -f $PIDFILE
46 46
47cp $OBJ/sshd_config.orig $OBJ/sshd_config 47cp $OBJ/sshd_config.orig $OBJ/sshd_config
@@ -53,7 +53,7 @@ rm -f $SSHD_COPY
53 53
54copy_tests 54copy_tests
55 55
56$SUDO kill `cat $PIDFILE` 56$SUDO kill `$SUDO cat $PIDFILE`
57rm -f $PIDFILE 57rm -f $PIDFILE
58 58
59verbose "test reexec fallback without privsep" 59verbose "test reexec fallback without privsep"
@@ -66,7 +66,7 @@ rm -f $SSHD_COPY
66 66
67copy_tests 67copy_tests
68 68
69$SUDO kill `cat $PIDFILE` 69$SUDO kill `$SUDO cat $PIDFILE`
70rm -f $PIDFILE 70rm -f $PIDFILE
71 71
72 72
diff --git a/regress/test-exec.sh b/regress/test-exec.sh
index b3a19389d..b64dcdbcf 100644
--- a/regress/test-exec.sh
+++ b/regress/test-exec.sh
@@ -167,7 +167,7 @@ have_prog()
167cleanup () 167cleanup ()
168{ 168{
169 if [ -f $PIDFILE ]; then 169 if [ -f $PIDFILE ]; then
170 pid=`cat $PIDFILE` 170 pid=`$SUDO cat $PIDFILE`
171 if [ "X$pid" = "X" ]; then 171 if [ "X$pid" = "X" ]; then
172 echo no sshd running 172 echo no sshd running
173 else 173 else
diff --git a/scp.0 b/scp.0
index fc9f75594..f5af8ccd5 100644
--- a/scp.0
+++ b/scp.0
@@ -6,7 +6,7 @@ NAME
6SYNOPSIS 6SYNOPSIS
7 scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file] 7 scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]
8 [-l limit] [-o ssh_option] [-P port] [-S program] 8 [-l limit] [-o ssh_option] [-P port] [-S program]
9 [[user@]host1:]file1 ... [[user@]host2:]file2 9 [[user@]host1:]file1 ... [[user@]host2:]file2
10 10
11DESCRIPTION 11DESCRIPTION
12 scp copies files between hosts on a network. It uses ssh(1) for data 12 scp copies files between hosts on a network. It uses ssh(1) for data
@@ -15,8 +15,8 @@ DESCRIPTION
15 they are needed for authentication. 15 they are needed for authentication.
16 16
17 File names may contain a user and host specification to indicate that the 17 File names may contain a user and host specification to indicate that the
18 file is to be copied to/from that host. Local file names can be made ex- 18 file is to be copied to/from that host. Local file names can be made
19 plicit using absolute or relative pathnames to avoid scp treating file 19 explicit using absolute or relative pathnames to avoid scp treating file
20 names containing `:' as host specifiers. Copies between two remote hosts 20 names containing `:' as host specifiers. Copies between two remote hosts
21 are also permitted. 21 are also permitted.
22 22
@@ -30,11 +30,11 @@ DESCRIPTION
30 30
31 -6 Forces scp to use IPv6 addresses only. 31 -6 Forces scp to use IPv6 addresses only.
32 32
33 -B Selects batch mode (prevents asking for passwords or passphras- 33 -B Selects batch mode (prevents asking for passwords or
34 es). 34 passphrases).
35 35
36 -C Compression enable. Passes the -C flag to ssh(1) to enable com- 36 -C Compression enable. Passes the -C flag to ssh(1) to enable
37 pression. 37 compression.
38 38
39 -c cipher 39 -c cipher
40 Selects the cipher to use for encrypting the data transfer. This 40 Selects the cipher to use for encrypting the data transfer. This
@@ -120,8 +120,8 @@ DESCRIPTION
120 -q Quiet mode: disables the progress meter as well as warning and 120 -q Quiet mode: disables the progress meter as well as warning and
121 diagnostic messages from ssh(1). 121 diagnostic messages from ssh(1).
122 122
123 -r Recursively copy entire directories. Note that scp follows sym- 123 -r Recursively copy entire directories. Note that scp follows
124 bolic links encountered in the tree traversal. 124 symbolic links encountered in the tree traversal.
125 125
126 -S program 126 -S program
127 Name of program to use for the encrypted connection. The program 127 Name of program to use for the encrypted connection. The program
@@ -145,4 +145,4 @@ AUTHORS
145 Timo Rinne <tri@iki.fi> 145 Timo Rinne <tri@iki.fi>
146 Tatu Ylonen <ylo@cs.hut.fi> 146 Tatu Ylonen <ylo@cs.hut.fi>
147 147
148OpenBSD 4.7 February 8, 2010 3 148OpenBSD 4.8 February 8, 2010 OpenBSD 4.8
diff --git a/scp.c b/scp.c
index 0b483df99..b28d75eba 100644
--- a/scp.c
+++ b/scp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: scp.c,v 1.165 2009/12/20 07:28:36 guenther Exp $ */ 1/* $OpenBSD: scp.c,v 1.166 2010/07/01 13:06:59 millert Exp $ */
2/* 2/*
3 * scp - secure remote copy. This is basically patched BSD rcp which 3 * scp - secure remote copy. This is basically patched BSD rcp which
4 * uses ssh to do the data transfer (instead of using rcmd). 4 * uses ssh to do the data transfer (instead of using rcmd).
@@ -156,6 +156,20 @@ killchild(int signo)
156 exit(1); 156 exit(1);
157} 157}
158 158
159static void
160suspchild(int signo)
161{
162 int status;
163
164 if (do_cmd_pid > 1) {
165 kill(do_cmd_pid, signo);
166 while (waitpid(do_cmd_pid, &status, WUNTRACED) == -1 &&
167 errno == EINTR)
168 ;
169 kill(getpid(), SIGSTOP);
170 }
171}
172
159static int 173static int
160do_local_cmd(arglist *a) 174do_local_cmd(arglist *a)
161{ 175{
@@ -240,6 +254,10 @@ do_cmd(char *host, char *remuser, char *cmd, int *fdin, int *fdout)
240 close(reserved[0]); 254 close(reserved[0]);
241 close(reserved[1]); 255 close(reserved[1]);
242 256
257 signal(SIGTSTP, suspchild);
258 signal(SIGTTIN, suspchild);
259 signal(SIGTTOU, suspchild);
260
243 /* Fork a child to execute the command on the remote host using ssh. */ 261 /* Fork a child to execute the command on the remote host using ssh. */
244 do_cmd_pid = fork(); 262 do_cmd_pid = fork();
245 if (do_cmd_pid == 0) { 263 if (do_cmd_pid == 0) {
diff --git a/servconf.c b/servconf.c
index d42dd527b..c843c97c5 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.c,v 1.207 2010/03/25 23:38:28 djm Exp $ */ 1/* $OpenBSD: servconf.c,v 1.209 2010/06/22 04:22:59 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -135,6 +135,7 @@ initialize_server_options(ServerOptions *options)
135 options->zero_knowledge_password_authentication = -1; 135 options->zero_knowledge_password_authentication = -1;
136 options->revoked_keys_file = NULL; 136 options->revoked_keys_file = NULL;
137 options->trusted_user_ca_keys = NULL; 137 options->trusted_user_ca_keys = NULL;
138 options->authorized_principals_file = NULL;
138 options->debian_banner = -1; 139 options->debian_banner = -1;
139} 140}
140 141
@@ -327,7 +328,7 @@ typedef enum {
327 sMatch, sPermitOpen, sForceCommand, sChrootDirectory, 328 sMatch, sPermitOpen, sForceCommand, sChrootDirectory,
328 sUsePrivilegeSeparation, sAllowAgentForwarding, 329 sUsePrivilegeSeparation, sAllowAgentForwarding,
329 sZeroKnowledgePasswordAuthentication, sHostCertificate, 330 sZeroKnowledgePasswordAuthentication, sHostCertificate,
330 sRevokedKeys, sTrustedUserCAKeys, 331 sRevokedKeys, sTrustedUserCAKeys, sAuthorizedPrincipalsFile,
331 sDebianBanner, 332 sDebianBanner,
332 sDeprecated, sUnsupported 333 sDeprecated, sUnsupported
333} ServerOpCodes; 334} ServerOpCodes;
@@ -363,7 +364,7 @@ static struct {
363 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, 364 { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL },
364 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL }, 365 { "rhostsrsaauthentication", sRhostsRSAAuthentication, SSHCFG_ALL },
365 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL }, 366 { "hostbasedauthentication", sHostbasedAuthentication, SSHCFG_ALL },
366 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_GLOBAL }, 367 { "hostbasedusesnamefrompacketonly", sHostbasedUsesNameFromPacketOnly, SSHCFG_ALL },
367 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL }, 368 { "rsaauthentication", sRSAAuthentication, SSHCFG_ALL },
368 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL }, 369 { "pubkeyauthentication", sPubkeyAuthentication, SSHCFG_ALL },
369 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */ 370 { "dsaauthentication", sPubkeyAuthentication, SSHCFG_GLOBAL }, /* alias */
@@ -449,11 +450,11 @@ static struct {
449 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL }, 450 { "reversemappingcheck", sDeprecated, SSHCFG_GLOBAL },
450 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL }, 451 { "clientaliveinterval", sClientAliveInterval, SSHCFG_GLOBAL },
451 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL }, 452 { "clientalivecountmax", sClientAliveCountMax, SSHCFG_GLOBAL },
452 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_GLOBAL }, 453 { "authorizedkeysfile", sAuthorizedKeysFile, SSHCFG_ALL },
453 { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_GLOBAL }, 454 { "authorizedkeysfile2", sAuthorizedKeysFile2, SSHCFG_ALL },
454 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL}, 455 { "useprivilegeseparation", sUsePrivilegeSeparation, SSHCFG_GLOBAL},
455 { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL }, 456 { "acceptenv", sAcceptEnv, SSHCFG_GLOBAL },
456 { "permittunnel", sPermitTunnel, SSHCFG_GLOBAL }, 457 { "permittunnel", sPermitTunnel, SSHCFG_ALL },
457 { "match", sMatch, SSHCFG_ALL }, 458 { "match", sMatch, SSHCFG_ALL },
458 { "permitopen", sPermitOpen, SSHCFG_ALL }, 459 { "permitopen", sPermitOpen, SSHCFG_ALL },
459 { "forcecommand", sForceCommand, SSHCFG_ALL }, 460 { "forcecommand", sForceCommand, SSHCFG_ALL },
@@ -461,6 +462,7 @@ static struct {
461 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL }, 462 { "hostcertificate", sHostCertificate, SSHCFG_GLOBAL },
462 { "revokedkeys", sRevokedKeys, SSHCFG_ALL }, 463 { "revokedkeys", sRevokedKeys, SSHCFG_ALL },
463 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL }, 464 { "trustedusercakeys", sTrustedUserCAKeys, SSHCFG_ALL },
465 { "authorizedprincipalsfile", sAuthorizedPrincipalsFile, SSHCFG_ALL },
464 { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, 466 { "debianbanner", sDebianBanner, SSHCFG_GLOBAL },
465 { NULL, sBadOption, 0 } 467 { NULL, sBadOption, 0 }
466}; 468};
@@ -1264,10 +1266,14 @@ process_server_config_line(ServerOptions *options, char *line,
1264 * AuthorizedKeysFile /etc/ssh_keys/%u 1266 * AuthorizedKeysFile /etc/ssh_keys/%u
1265 */ 1267 */
1266 case sAuthorizedKeysFile: 1268 case sAuthorizedKeysFile:
1269 charptr = &options->authorized_keys_file;
1270 goto parse_tilde_filename;
1267 case sAuthorizedKeysFile2: 1271 case sAuthorizedKeysFile2:
1268 charptr = (opcode == sAuthorizedKeysFile) ? 1272 charptr = &options->authorized_keys_file2;
1269 &options->authorized_keys_file : 1273 goto parse_tilde_filename;
1270 &options->authorized_keys_file2; 1274 case sAuthorizedPrincipalsFile:
1275 charptr = &options->authorized_principals_file;
1276 parse_tilde_filename:
1271 arg = strdelim(&cp); 1277 arg = strdelim(&cp);
1272 if (!arg || *arg == '\0') 1278 if (!arg || *arg == '\0')
1273 fatal("%s line %d: missing file name.", 1279 fatal("%s line %d: missing file name.",
@@ -1490,6 +1496,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1490 M_CP_INTOPT(pubkey_authentication); 1496 M_CP_INTOPT(pubkey_authentication);
1491 M_CP_INTOPT(kerberos_authentication); 1497 M_CP_INTOPT(kerberos_authentication);
1492 M_CP_INTOPT(hostbased_authentication); 1498 M_CP_INTOPT(hostbased_authentication);
1499 M_CP_INTOPT(hostbased_uses_name_from_packet_only);
1493 M_CP_INTOPT(kbd_interactive_authentication); 1500 M_CP_INTOPT(kbd_interactive_authentication);
1494 M_CP_INTOPT(zero_knowledge_password_authentication); 1501 M_CP_INTOPT(zero_knowledge_password_authentication);
1495 M_CP_INTOPT(permit_root_login); 1502 M_CP_INTOPT(permit_root_login);
@@ -1497,6 +1504,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1497 1504
1498 M_CP_INTOPT(allow_tcp_forwarding); 1505 M_CP_INTOPT(allow_tcp_forwarding);
1499 M_CP_INTOPT(allow_agent_forwarding); 1506 M_CP_INTOPT(allow_agent_forwarding);
1507 M_CP_INTOPT(permit_tun);
1500 M_CP_INTOPT(gateway_ports); 1508 M_CP_INTOPT(gateway_ports);
1501 M_CP_INTOPT(x11_display_offset); 1509 M_CP_INTOPT(x11_display_offset);
1502 M_CP_INTOPT(x11_forwarding); 1510 M_CP_INTOPT(x11_forwarding);
@@ -1511,6 +1519,9 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth)
1511 M_CP_STROPT(chroot_directory); 1519 M_CP_STROPT(chroot_directory);
1512 M_CP_STROPT(trusted_user_ca_keys); 1520 M_CP_STROPT(trusted_user_ca_keys);
1513 M_CP_STROPT(revoked_keys_file); 1521 M_CP_STROPT(revoked_keys_file);
1522 M_CP_STROPT(authorized_keys_file);
1523 M_CP_STROPT(authorized_keys_file2);
1524 M_CP_STROPT(authorized_principals_file);
1514} 1525}
1515 1526
1516#undef M_CP_INTOPT 1527#undef M_CP_INTOPT
@@ -1736,6 +1747,8 @@ dump_config(ServerOptions *o)
1736 dump_cfg_string(sChrootDirectory, o->chroot_directory); 1747 dump_cfg_string(sChrootDirectory, o->chroot_directory);
1737 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys); 1748 dump_cfg_string(sTrustedUserCAKeys, o->trusted_user_ca_keys);
1738 dump_cfg_string(sRevokedKeys, o->revoked_keys_file); 1749 dump_cfg_string(sRevokedKeys, o->revoked_keys_file);
1750 dump_cfg_string(sAuthorizedPrincipalsFile,
1751 o->authorized_principals_file);
1739 1752
1740 /* string arguments requiring a lookup */ 1753 /* string arguments requiring a lookup */
1741 dump_cfg_string(sLogLevel, log_level_name(o->log_level)); 1754 dump_cfg_string(sLogLevel, log_level_name(o->log_level));
diff --git a/servconf.h b/servconf.h
index 4f20ad595..1250d23d6 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: servconf.h,v 1.92 2010/03/04 10:36:03 djm Exp $ */ 1/* $OpenBSD: servconf.h,v 1.93 2010/05/07 11:30:30 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -162,6 +162,7 @@ typedef struct {
162 char *chroot_directory; 162 char *chroot_directory;
163 char *revoked_keys_file; 163 char *revoked_keys_file;
164 char *trusted_user_ca_keys; 164 char *trusted_user_ca_keys;
165 char *authorized_principals_file;
165} ServerOptions; 166} ServerOptions;
166 167
167void initialize_server_options(ServerOptions *); 168void initialize_server_options(ServerOptions *);
diff --git a/session.c b/session.c
index e032de692..71e4fbe7c 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: session.c,v 1.252 2010/03/07 11:57:13 dtucker Exp $ */ 1/* $OpenBSD: session.c,v 1.256 2010/06/25 07:20:04 djm Exp $ */
2/* 2/*
3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 3 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
4 * All rights reserved 4 * All rights reserved
@@ -47,6 +47,7 @@
47#include <arpa/inet.h> 47#include <arpa/inet.h>
48 48
49#include <errno.h> 49#include <errno.h>
50#include <fcntl.h>
50#include <grp.h> 51#include <grp.h>
51#ifdef HAVE_PATHS_H 52#ifdef HAVE_PATHS_H
52#include <paths.h> 53#include <paths.h>
@@ -104,7 +105,7 @@
104/* func */ 105/* func */
105 106
106Session *session_new(void); 107Session *session_new(void);
107void session_set_fds(Session *, int, int, int, int); 108void session_set_fds(Session *, int, int, int, int, int);
108void session_pty_cleanup(Session *); 109void session_pty_cleanup(Session *);
109void session_proctitle(Session *); 110void session_proctitle(Session *);
110int session_setup_x11fwd(Session *); 111int session_setup_x11fwd(Session *);
@@ -447,6 +448,9 @@ do_exec_no_pty(Session *s, const char *command)
447#ifdef USE_PIPES 448#ifdef USE_PIPES
448 int pin[2], pout[2], perr[2]; 449 int pin[2], pout[2], perr[2];
449 450
451 if (s == NULL)
452 fatal("do_exec_no_pty: no session");
453
450 /* Allocate pipes for communicating with the program. */ 454 /* Allocate pipes for communicating with the program. */
451 if (pipe(pin) < 0) { 455 if (pipe(pin) < 0) {
452 error("%s: pipe in: %.100s", __func__, strerror(errno)); 456 error("%s: pipe in: %.100s", __func__, strerror(errno));
@@ -459,7 +463,8 @@ do_exec_no_pty(Session *s, const char *command)
459 return -1; 463 return -1;
460 } 464 }
461 if (pipe(perr) < 0) { 465 if (pipe(perr) < 0) {
462 error("%s: pipe err: %.100s", __func__, strerror(errno)); 466 error("%s: pipe err: %.100s", __func__,
467 strerror(errno));
463 close(pin[0]); 468 close(pin[0]);
464 close(pin[1]); 469 close(pin[1]);
465 close(pout[0]); 470 close(pout[0]);
@@ -469,22 +474,23 @@ do_exec_no_pty(Session *s, const char *command)
469#else 474#else
470 int inout[2], err[2]; 475 int inout[2], err[2];
471 476
477 if (s == NULL)
478 fatal("do_exec_no_pty: no session");
479
472 /* Uses socket pairs to communicate with the program. */ 480 /* Uses socket pairs to communicate with the program. */
473 if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0) { 481 if (socketpair(AF_UNIX, SOCK_STREAM, 0, inout) < 0) {
474 error("%s: socketpair #1: %.100s", __func__, strerror(errno)); 482 error("%s: socketpair #1: %.100s", __func__, strerror(errno));
475 return -1; 483 return -1;
476 } 484 }
477 if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) { 485 if (socketpair(AF_UNIX, SOCK_STREAM, 0, err) < 0) {
478 error("%s: socketpair #2: %.100s", __func__, strerror(errno)); 486 error("%s: socketpair #2: %.100s", __func__,
487 strerror(errno));
479 close(inout[0]); 488 close(inout[0]);
480 close(inout[1]); 489 close(inout[1]);
481 return -1; 490 return -1;
482 } 491 }
483#endif 492#endif
484 493
485 if (s == NULL)
486 fatal("do_exec_no_pty: no session");
487
488 session_proctitle(s); 494 session_proctitle(s);
489 495
490 /* Fork the child. */ 496 /* Fork the child. */
@@ -595,11 +601,8 @@ do_exec_no_pty(Session *s, const char *command)
595 close(perr[1]); 601 close(perr[1]);
596 602
597 if (compat20) { 603 if (compat20) {
598 if (s->is_subsystem) { 604 session_set_fds(s, pin[1], pout[0], perr[0],
599 close(perr[0]); 605 s->is_subsystem, 0);
600 perr[0] = -1;
601 }
602 session_set_fds(s, pin[1], pout[0], perr[0], 0);
603 } else { 606 } else {
604 /* Enter the interactive session. */ 607 /* Enter the interactive session. */
605 server_loop(pid, pin[1], pout[0], perr[0]); 608 server_loop(pid, pin[1], pout[0], perr[0]);
@@ -615,10 +618,8 @@ do_exec_no_pty(Session *s, const char *command)
615 * handle the case that fdin and fdout are the same. 618 * handle the case that fdin and fdout are the same.
616 */ 619 */
617 if (compat20) { 620 if (compat20) {
618 session_set_fds(s, inout[1], inout[1], 621 session_set_fds(s, inout[1], inout[1], err[1],
619 s->is_subsystem ? -1 : err[1], 0); 622 s->is_subsystem, 0);
620 if (s->is_subsystem)
621 close(err[1]);
622 } else { 623 } else {
623 server_loop(pid, inout[1], inout[1], err[1]); 624 server_loop(pid, inout[1], inout[1], err[1]);
624 /* server_loop has closed inout[1] and err[1]. */ 625 /* server_loop has closed inout[1] and err[1]. */
@@ -740,7 +741,7 @@ do_exec_pty(Session *s, const char *command)
740 s->ptymaster = ptymaster; 741 s->ptymaster = ptymaster;
741 packet_set_interactive(1); 742 packet_set_interactive(1);
742 if (compat20) { 743 if (compat20) {
743 session_set_fds(s, ptyfd, fdout, -1, 1); 744 session_set_fds(s, ptyfd, fdout, -1, 1, 1);
744 } else { 745 } else {
745 server_loop(pid, ptyfd, fdout, -1); 746 server_loop(pid, ptyfd, fdout, -1);
746 /* server_loop _has_ closed ptyfd and fdout. */ 747 /* server_loop _has_ closed ptyfd and fdout. */
@@ -1792,7 +1793,8 @@ do_child(Session *s, const char *command)
1792#ifdef HAVE_LOGIN_CAP 1793#ifdef HAVE_LOGIN_CAP
1793 r = login_getcapbool(lc, "requirehome", 0); 1794 r = login_getcapbool(lc, "requirehome", 0);
1794#endif 1795#endif
1795 if (r || options.chroot_directory == NULL) 1796 if (r || options.chroot_directory == NULL ||
1797 strcasecmp(options.chroot_directory, "none") == 0)
1796 fprintf(stderr, "Could not chdir to home " 1798 fprintf(stderr, "Could not chdir to home "
1797 "directory %s: %s\n", pw->pw_dir, 1799 "directory %s: %s\n", pw->pw_dir,
1798 strerror(errno)); 1800 strerror(errno));
@@ -2137,7 +2139,8 @@ session_subsystem_req(Session *s)
2137 u_int i; 2139 u_int i;
2138 2140
2139 packet_check_eom(); 2141 packet_check_eom();
2140 logit("subsystem request for %.100s", subsys); 2142 logit("subsystem request for %.100s by user %s", subsys,
2143 s->pw->pw_name);
2141 2144
2142 for (i = 0; i < options.num_subsystems; i++) { 2145 for (i = 0; i < options.num_subsystems; i++) {
2143 if (strcmp(subsys, options.subsystem_name[i]) == 0) { 2146 if (strcmp(subsys, options.subsystem_name[i]) == 0) {
@@ -2319,7 +2322,8 @@ session_input_channel_req(Channel *c, const char *rtype)
2319} 2322}
2320 2323
2321void 2324void
2322session_set_fds(Session *s, int fdin, int fdout, int fderr, int is_tty) 2325session_set_fds(Session *s, int fdin, int fdout, int fderr, int ignore_fderr,
2326 int is_tty)
2323{ 2327{
2324 if (!compat20) 2328 if (!compat20)
2325 fatal("session_set_fds: called for proto != 2.0"); 2329 fatal("session_set_fds: called for proto != 2.0");
@@ -2331,7 +2335,7 @@ session_set_fds(Session *s, int fdin, int fdout, int fderr, int is_tty)
2331 fatal("no channel for session %d", s->self); 2335 fatal("no channel for session %d", s->self);
2332 channel_set_fds(s->chanid, 2336 channel_set_fds(s->chanid,
2333 fdout, fdin, fderr, 2337 fdout, fdin, fderr,
2334 fderr == -1 ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ, 2338 ignore_fderr ? CHAN_EXTENDED_IGNORE : CHAN_EXTENDED_READ,
2335 1, is_tty, CHAN_SES_WINDOW_DEFAULT); 2339 1, is_tty, CHAN_SES_WINDOW_DEFAULT);
2336} 2340}
2337 2341
diff --git a/sftp-client.c b/sftp-client.c
index 6124c0f40..9dab47780 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp-client.c,v 1.90 2009/10/11 10:41:26 dtucker Exp $ */ 1/* $OpenBSD: sftp-client.c,v 1.92 2010/07/19 03:16:33 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
4 * 4 *
@@ -713,7 +713,8 @@ do_realpath(struct sftp_conn *conn, char *path)
713 u_int status = buffer_get_int(&msg); 713 u_int status = buffer_get_int(&msg);
714 714
715 error("Couldn't canonicalise: %s", fx2txt(status)); 715 error("Couldn't canonicalise: %s", fx2txt(status));
716 return(NULL); 716 buffer_free(&msg);
717 return NULL;
717 } else if (type != SSH2_FXP_NAME) 718 } else if (type != SSH2_FXP_NAME)
718 fatal("Expected SSH2_FXP_NAME(%u) packet, got %u", 719 fatal("Expected SSH2_FXP_NAME(%u) packet, got %u",
719 SSH2_FXP_NAME, type); 720 SSH2_FXP_NAME, type);
@@ -1522,7 +1523,7 @@ upload_dir_internal(struct sftp_conn *conn, char *src, char *dst,
1522 continue; 1523 continue;
1523 1524
1524 if (upload_dir_internal(conn, new_src, new_dst, 1525 if (upload_dir_internal(conn, new_src, new_dst,
1525 pflag, depth + 1, printflag) == -1) 1526 pflag, printflag, depth + 1) == -1)
1526 ret = -1; 1527 ret = -1;
1527 } else if (S_ISREG(sb.st_mode)) { 1528 } else if (S_ISREG(sb.st_mode)) {
1528 if (do_upload(conn, new_src, new_dst, pflag) == -1) { 1529 if (do_upload(conn, new_src, new_dst, pflag) == -1) {
diff --git a/sftp-server.0 b/sftp-server.0
index 0c2654c8d..05b9ddc9c 100644
--- a/sftp-server.0
+++ b/sftp-server.0
@@ -8,9 +8,9 @@ SYNOPSIS
8 8
9DESCRIPTION 9DESCRIPTION
10 sftp-server is a program that speaks the server side of SFTP protocol to 10 sftp-server is a program that speaks the server side of SFTP protocol to
11 stdout and expects client requests from stdin. sftp-server is not in- 11 stdout and expects client requests from stdin. sftp-server is not
12 tended to be called directly, but from sshd(8) using the Subsystem op- 12 intended to be called directly, but from sshd(8) using the Subsystem
13 tion. 13 option.
14 14
15 Command-line flags to sftp-server should be specified in the Subsystem 15 Command-line flags to sftp-server should be specified in the Subsystem
16 declaration. See sshd_config(5) for more information. 16 declaration. See sshd_config(5) for more information.
@@ -29,15 +29,15 @@ DESCRIPTION
29 -h Displays sftp-server usage information. 29 -h Displays sftp-server usage information.
30 30
31 -l log_level 31 -l log_level
32 Specifies which messages will be logged by sftp-server. The pos- 32 Specifies which messages will be logged by sftp-server. The
33 sible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DE- 33 possible values are: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG,
34 BUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions that 34 DEBUG1, DEBUG2, and DEBUG3. INFO and VERBOSE log transactions
35 sftp-server performs on behalf of the client. DEBUG and DEBUG1 35 that sftp-server performs on behalf of the client. DEBUG and
36 are equivalent. DEBUG2 and DEBUG3 each specify higher levels of 36 DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify higher
37 debugging output. The default is ERROR. 37 levels of debugging output. The default is ERROR.
38 38
39 -R Places this instance of sftp-server into a read-only mode. At- 39 -R Places this instance of sftp-server into a read-only mode.
40 tempts to open files for writing, as well as other operations 40 Attempts to open files for writing, as well as other operations
41 that change the state of the filesystem, will be denied. 41 that change the state of the filesystem, will be denied.
42 42
43 -u umask 43 -u umask
@@ -51,8 +51,9 @@ DESCRIPTION
51SEE ALSO 51SEE ALSO
52 sftp(1), ssh(1), sshd_config(5), sshd(8) 52 sftp(1), ssh(1), sshd_config(5), sshd(8)
53 53
54 T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- 54 T. Ylonen, S. Lehtinen, SSH File Transfer Protocol,
55 filexfer-00.txt, January 2001, work in progress material. 55 draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress
56 material.
56 57
57HISTORY 58HISTORY
58 sftp-server first appeared in OpenBSD 2.8. 59 sftp-server first appeared in OpenBSD 2.8.
@@ -60,4 +61,4 @@ HISTORY
60AUTHORS 61AUTHORS
61 Markus Friedl <markus@openbsd.org> 62 Markus Friedl <markus@openbsd.org>
62 63
63OpenBSD 4.7 January 9, 2010 1 64OpenBSD 4.8 January 9, 2010 OpenBSD 4.8
diff --git a/sftp.0 b/sftp.0
index 488548a6e..40de1a0cd 100644
--- a/sftp.0
+++ b/sftp.0
@@ -15,20 +15,20 @@ SYNOPSIS
15DESCRIPTION 15DESCRIPTION
16 sftp is an interactive file transfer program, similar to ftp(1), which 16 sftp is an interactive file transfer program, similar to ftp(1), which
17 performs all operations over an encrypted ssh(1) transport. It may also 17 performs all operations over an encrypted ssh(1) transport. It may also
18 use many features of ssh, such as public key authentication and compres- 18 use many features of ssh, such as public key authentication and
19 sion. sftp connects and logs into the specified host, then enters an in- 19 compression. sftp connects and logs into the specified host, then enters
20 teractive command mode. 20 an interactive command mode.
21 21
22 The second usage format will retrieve files automatically if a non-inter- 22 The second usage format will retrieve files automatically if a non-
23 active authentication method is used; otherwise it will do so after suc- 23 interactive authentication method is used; otherwise it will do so after
24 cessful interactive authentication. 24 successful interactive authentication.
25 25
26 The third usage format allows sftp to start in a remote directory. 26 The third usage format allows sftp to start in a remote directory.
27 27
28 The final usage format allows for automated sessions using the -b option. 28 The final usage format allows for automated sessions using the -b option.
29 In such cases, it is necessary to configure non-interactive authentica- 29 In such cases, it is necessary to configure non-interactive
30 tion to obviate the need to enter a password at connection time (see 30 authentication to obviate the need to enter a password at connection time
31 sshd(8) and ssh-keygen(1) for details). The options are as follows: 31 (see sshd(8) and ssh-keygen(1) for details). The options are as follows:
32 32
33 -1 Specify the use of protocol version 1. 33 -1 Specify the use of protocol version 1.
34 34
@@ -44,8 +44,8 @@ DESCRIPTION
44 higher memory consumption. The default is 32768 bytes. 44 higher memory consumption. The default is 32768 bytes.
45 45
46 -b batchfile 46 -b batchfile
47 Batch mode reads a series of commands from an input batchfile in- 47 Batch mode reads a series of commands from an input batchfile
48 stead of stdin. Since it lacks user interaction it should be 48 instead of stdin. Since it lacks user interaction it should be
49 used in conjunction with non-interactive authentication. A 49 used in conjunction with non-interactive authentication. A
50 batchfile of `-' may be used to indicate standard input. sftp 50 batchfile of `-' may be used to indicate standard input. sftp
51 will abort if any of the following commands fail: get, put, 51 will abort if any of the following commands fail: get, put,
@@ -144,9 +144,9 @@ DESCRIPTION
144 Increasing this may slightly improve file transfer speed but will 144 Increasing this may slightly improve file transfer speed but will
145 increase memory usage. The default is 64 outstanding requests. 145 increase memory usage. The default is 64 outstanding requests.
146 146
147 -r Recursively copy entire directories when uploading and download- 147 -r Recursively copy entire directories when uploading and
148 ing. Note that sftp does not follow symbolic links encountered 148 downloading. Note that sftp does not follow symbolic links
149 in the tree traversal. 149 encountered in the tree traversal.
150 150
151 -S program 151 -S program
152 Name of the program to use for the encrypted connection. The 152 Name of the program to use for the encrypted connection. The
@@ -155,8 +155,8 @@ DESCRIPTION
155 -s subsystem | sftp_server 155 -s subsystem | sftp_server
156 Specifies the SSH2 subsystem or the path for an sftp server on 156 Specifies the SSH2 subsystem or the path for an sftp server on
157 the remote host. A path is useful for using sftp over protocol 157 the remote host. A path is useful for using sftp over protocol
158 version 1, or when the remote sshd(8) does not have an sftp sub- 158 version 1, or when the remote sshd(8) does not have an sftp
159 system configured. 159 subsystem configured.
160 160
161 -v Raise logging level. This option is also passed to ssh. 161 -v Raise logging level. This option is also passed to ssh.
162 162
@@ -173,16 +173,18 @@ INTERACTIVE COMMANDS
173 Change remote directory to path. 173 Change remote directory to path.
174 174
175 chgrp grp path 175 chgrp grp path
176 Change group of file path to grp. path may contain glob(3) char- 176 Change group of file path to grp. path may contain glob(3)
177 acters and may match multiple files. grp must be a numeric GID. 177 characters and may match multiple files. grp must be a numeric
178 GID.
178 179
179 chmod mode path 180 chmod mode path
180 Change permissions of file path to mode. path may contain 181 Change permissions of file path to mode. path may contain
181 glob(3) characters and may match multiple files. 182 glob(3) characters and may match multiple files.
182 183
183 chown own path 184 chown own path
184 Change owner of file path to own. path may contain glob(3) char- 185 Change owner of file path to own. path may contain glob(3)
185 acters and may match multiple files. own must be a numeric UID. 186 characters and may match multiple files. own must be a numeric
187 UID.
186 188
187 df [-hi] [path] 189 df [-hi] [path]
188 Display usage information for the filesystem holding the current 190 Display usage information for the filesystem holding the current
@@ -198,14 +200,15 @@ INTERACTIVE COMMANDS
198 Retrieve the remote-path and store it on the local machine. If 200 Retrieve the remote-path and store it on the local machine. If
199 the local path name is not specified, it is given the same name 201 the local path name is not specified, it is given the same name
200 it has on the remote machine. remote-path may contain glob(3) 202 it has on the remote machine. remote-path may contain glob(3)
201 characters and may match multiple files. If it does and local- 203 characters and may match multiple files. If it does and
202 path is specified, then local-path must specify a directory. 204 local-path is specified, then local-path must specify a
205 directory.
203 206
204 If either the -P or -p flag is specified, then full file permis- 207 If either the -P or -p flag is specified, then full file
205 sions and access times are copied too. 208 permissions and access times are copied too.
206 209
207 If the -r flag is specified then directories will be copied re- 210 If the -r flag is specified then directories will be copied
208 cursively. Note that sftp does not follow symbolic links when 211 recursively. Note that sftp does not follow symbolic links when
209 performing recursive transfers. 212 performing recursive transfers.
210 213
211 help Display help text. 214 help Display help text.
@@ -214,10 +217,10 @@ INTERACTIVE COMMANDS
214 Change local directory to path. 217 Change local directory to path.
215 218
216 lls [ls-options [path]] 219 lls [ls-options [path]]
217 Display local directory listing of either path or current direc- 220 Display local directory listing of either path or current
218 tory if path is not specified. ls-options may contain any flags 221 directory if path is not specified. ls-options may contain any
219 supported by the local system's ls(1) command. path may contain 222 flags supported by the local system's ls(1) command. path may
220 glob(3) characters and may match multiple files. 223 contain glob(3) characters and may match multiple files.
221 224
222 lmkdir path 225 lmkdir path
223 Create local directory specified by path. 226 Create local directory specified by path.
@@ -239,8 +242,8 @@ INTERACTIVE COMMANDS
239 242
240 -a List files beginning with a dot (`.'). 243 -a List files beginning with a dot (`.').
241 244
242 -f Do not sort the listing. The default sort order is lexi- 245 -f Do not sort the listing. The default sort order is
243 cographical. 246 lexicographical.
244 247
245 -h When used with a long format option, use unit suffixes: 248 -h When used with a long format option, use unit suffixes:
246 Byte, Kilobyte, Megabyte, Gigabyte, Terabyte, Petabyte, 249 Byte, Kilobyte, Megabyte, Gigabyte, Terabyte, Petabyte,
@@ -248,8 +251,8 @@ INTERACTIVE COMMANDS
248 four or fewer using powers of 2 for sizes (K=1024, 251 four or fewer using powers of 2 for sizes (K=1024,
249 M=1048576, etc.). 252 M=1048576, etc.).
250 253
251 -l Display additional details including permissions and own- 254 -l Display additional details including permissions and
252 ership information. 255 ownership information.
253 256
254 -n Produce a long listing with user and group information 257 -n Produce a long listing with user and group information
255 presented numerically. 258 presented numerically.
@@ -270,17 +273,18 @@ INTERACTIVE COMMANDS
270 Toggle display of progress meter. 273 Toggle display of progress meter.
271 274
272 put [-Ppr] local-path [remote-path] 275 put [-Ppr] local-path [remote-path]
273 Upload local-path and store it on the remote machine. If the re- 276 Upload local-path and store it on the remote machine. If the
274 mote path name is not specified, it is given the same name it has 277 remote path name is not specified, it is given the same name it
275 on the local machine. local-path may contain glob(3) characters 278 has on the local machine. local-path may contain glob(3)
276 and may match multiple files. If it does and remote-path is 279 characters and may match multiple files. If it does and
277 specified, then remote-path must specify a directory. 280 remote-path is specified, then remote-path must specify a
278 281 directory.
279 If ether the -P or -p flag is specified, then full file permis- 282
280 sions and access times are copied too. 283 If ether the -P or -p flag is specified, then full file
281 284 permissions and access times are copied too.
282 If the -r flag is specified then directories will be copied re- 285
283 cursively. Note that sftp does not follow symbolic links when 286 If the -r flag is specified then directories will be copied
287 recursively. Note that sftp does not follow symbolic links when
284 performing recursive transfers. 288 performing recursive transfers.
285 289
286 pwd Display remote working directory. 290 pwd Display remote working directory.
@@ -313,7 +317,8 @@ SEE ALSO
313 ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3), 317 ftp(1), ls(1), scp(1), ssh(1), ssh-add(1), ssh-keygen(1), glob(3),
314 ssh_config(5), sftp-server(8), sshd(8) 318 ssh_config(5), sftp-server(8), sshd(8)
315 319
316 T. Ylonen and S. Lehtinen, SSH File Transfer Protocol, draft-ietf-secsh- 320 T. Ylonen, S. Lehtinen, SSH File Transfer Protocol,
317 filexfer-00.txt, January 2001, work in progress material. 321 draft-ietf-secsh-filexfer-00.txt, January 2001, work in progress
322 material.
318 323
319OpenBSD 4.7 February 8, 2010 5 324OpenBSD 4.8 February 8, 2010 OpenBSD 4.8
diff --git a/sftp.c b/sftp.c
index d65d4ec62..229f12987 100644
--- a/sftp.c
+++ b/sftp.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sftp.c,v 1.123 2010/01/27 19:21:39 djm Exp $ */ 1/* $OpenBSD: sftp.c,v 1.125 2010/06/18 00:58:39 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org> 3 * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
4 * 4 *
@@ -181,6 +181,8 @@ static const struct CMD cmds[] = {
181 { "ls", I_LS, REMOTE }, 181 { "ls", I_LS, REMOTE },
182 { "lumask", I_LUMASK, NOARGS }, 182 { "lumask", I_LUMASK, NOARGS },
183 { "mkdir", I_MKDIR, REMOTE }, 183 { "mkdir", I_MKDIR, REMOTE },
184 { "mget", I_GET, REMOTE },
185 { "mput", I_PUT, LOCAL },
184 { "progress", I_PROGRESS, NOARGS }, 186 { "progress", I_PROGRESS, NOARGS },
185 { "put", I_PUT, LOCAL }, 187 { "put", I_PUT, LOCAL },
186 { "pwd", I_PWD, REMOTE }, 188 { "pwd", I_PWD, REMOTE },
@@ -1366,7 +1368,7 @@ parse_dispatch_command(struct sftp_conn *conn, const char *cmd, char **pwd,
1366 break; 1368 break;
1367 case I_LS: 1369 case I_LS:
1368 if (!path1) { 1370 if (!path1) {
1369 do_globbed_ls(conn, *pwd, *pwd, lflag); 1371 do_ls_dir(conn, *pwd, *pwd, lflag);
1370 break; 1372 break;
1371 } 1373 }
1372 1374
diff --git a/ssh-add.0 b/ssh-add.0
index 0d49c5ea3..86f3994c4 100644
--- a/ssh-add.0
+++ b/ssh-add.0
@@ -11,31 +11,33 @@ SYNOPSIS
11DESCRIPTION 11DESCRIPTION
12 ssh-add adds RSA or DSA identities to the authentication agent, 12 ssh-add adds RSA or DSA identities to the authentication agent,
13 ssh-agent(1). When run without arguments, it adds the files 13 ssh-agent(1). When run without arguments, it adds the files
14 ~/.ssh/id_rsa, ~/.ssh/id_dsa and ~/.ssh/identity. After loading a pri- 14 ~/.ssh/id_rsa, ~/.ssh/id_dsa and ~/.ssh/identity. After loading a
15 vate key, ssh-add will try to load corresponding certificate information 15 private key, ssh-add will try to load corresponding certificate
16 from the filename obtained by appending -cert.pub to the name of the pri- 16 information from the filename obtained by appending -cert.pub to the name
17 vate key file. Alternative file names can be given on the command line. 17 of the private key file. Alternative file names can be given on the
18 command line.
18 19
19 If any file requires a passphrase, ssh-add asks for the passphrase from 20 If any file requires a passphrase, ssh-add asks for the passphrase from
20 the user. The passphrase is read from the user's tty. ssh-add retries 21 the user. The passphrase is read from the user's tty. ssh-add retries
21 the last passphrase if multiple identity files are given. 22 the last passphrase if multiple identity files are given.
22 23
23 The authentication agent must be running and the SSH_AUTH_SOCK environ- 24 The authentication agent must be running and the SSH_AUTH_SOCK
24 ment variable must contain the name of its socket for ssh-add to work. 25 environment variable must contain the name of its socket for ssh-add to
26 work.
25 27
26 The options are as follows: 28 The options are as follows:
27 29
28 -c Indicates that added identities should be subject to confirmation 30 -c Indicates that added identities should be subject to confirmation
29 before being used for authentication. Confirmation is performed 31 before being used for authentication. Confirmation is performed
30 by the SSH_ASKPASS program mentioned below. Successful confirma- 32 by the SSH_ASKPASS program mentioned below. Successful
31 tion is signaled by a zero exit status from the SSH_ASKPASS pro- 33 confirmation is signaled by a zero exit status from the
32 gram, rather than text entered into the requester. 34 SSH_ASKPASS program, rather than text entered into the requester.
33 35
34 -D Deletes all identities from the agent. 36 -D Deletes all identities from the agent.
35 37
36 -d Instead of adding identities, removes identities from the agent. 38 -d Instead of adding identities, removes identities from the agent.
37 If ssh-add has been run without arguments, the keys for the de- 39 If ssh-add has been run without arguments, the keys for the
38 fault identities will be removed. Otherwise, the argument list 40 default identities will be removed. Otherwise, the argument list
39 will be interpreted as a list of paths to public key files and 41 will be interpreted as a list of paths to public key files and
40 matching keys will be removed from the agent. If no public key 42 matching keys will be removed from the agent. If no public key
41 is found at a given path, ssh-add will append .pub and retry. 43 is found at a given path, ssh-add will append .pub and retry.
@@ -43,8 +45,8 @@ DESCRIPTION
43 -e pkcs11 45 -e pkcs11
44 Remove keys provided by the PKCS#11 shared library pkcs11. 46 Remove keys provided by the PKCS#11 shared library pkcs11.
45 47
46 -L Lists public key parameters of all identities currently repre- 48 -L Lists public key parameters of all identities currently
47 sented by the agent. 49 represented by the agent.
48 50
49 -l Lists fingerprints of all identities currently represented by the 51 -l Lists fingerprints of all identities currently represented by the
50 agent. 52 agent.
@@ -54,8 +56,8 @@ DESCRIPTION
54 56
55 -t life 57 -t life
56 Set a maximum lifetime when adding identities to an agent. The 58 Set a maximum lifetime when adding identities to an agent. The
57 lifetime may be specified in seconds or in a time format speci- 59 lifetime may be specified in seconds or in a time format
58 fied in sshd_config(5). 60 specified in sshd_config(5).
59 61
60 -X Unlock the agent. 62 -X Unlock the agent.
61 63
@@ -102,8 +104,8 @@ SEE ALSO
102AUTHORS 104AUTHORS
103 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 105 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
104 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 106 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
105 de Raadt and Dug Song removed many bugs, re-added newer features and cre- 107 de Raadt and Dug Song removed many bugs, re-added newer features and
106 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 108 created OpenSSH. Markus Friedl contributed the support for SSH protocol
107 versions 1.5 and 2.0. 109 versions 1.5 and 2.0.
108 110
109OpenBSD 4.7 March 5, 2010 2 111OpenBSD 4.8 March 5, 2010 OpenBSD 4.8
diff --git a/ssh-add.c b/ssh-add.c
index 7249f0da6..9c118b228 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-add.c,v 1.94 2010/03/01 11:07:06 otto Exp $ */ 1/* $OpenBSD: ssh-add.c,v 1.96 2010/05/14 00:47:22 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -202,7 +202,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
202 "Lifetime set to %d seconds\n", lifetime); 202 "Lifetime set to %d seconds\n", lifetime);
203 if (confirm != 0) 203 if (confirm != 0)
204 fprintf(stderr, 204 fprintf(stderr,
205 "The user has to confirm each use of the key\n"); 205 "The user must confirm each use of the key\n");
206 } else { 206 } else {
207 fprintf(stderr, "Could not add identity: %s\n", filename); 207 fprintf(stderr, "Could not add identity: %s\n", filename);
208 } 208 }
@@ -210,29 +210,37 @@ add_file(AuthenticationConnection *ac, const char *filename)
210 210
211 /* Now try to add the certificate flavour too */ 211 /* Now try to add the certificate flavour too */
212 xasprintf(&certpath, "%s-cert.pub", filename); 212 xasprintf(&certpath, "%s-cert.pub", filename);
213 if ((cert = key_load_public(certpath, NULL)) != NULL) { 213 if ((cert = key_load_public(certpath, NULL)) == NULL)
214 /* Graft with private bits */ 214 goto out;
215 if (key_to_certified(private) != 0) 215
216 fatal("%s: key_to_certified failed", __func__); 216 if (!key_equal_public(cert, private)) {
217 key_cert_copy(cert, private); 217 error("Certificate %s does not match private key %s",
218 certpath, filename);
218 key_free(cert); 219 key_free(cert);
220 goto out;
221 }
219 222
220 if (ssh_add_identity_constrained(ac, private, comment, 223 /* Graft with private bits */
221 lifetime, confirm)) { 224 if (key_to_certified(private, key_cert_is_legacy(cert)) != 0) {
222 fprintf(stderr, "Certificate added: %s (%s)\n", 225 error("%s: key_to_certified failed", __func__);
223 certpath, private->cert->key_id); 226 key_free(cert);
224 if (lifetime != 0) 227 goto out;
225 fprintf(stderr, "Lifetime set to %d seconds\n",
226 lifetime);
227 if (confirm != 0)
228 fprintf(stderr, "The user has to confirm each "
229 "use of the key\n");
230 } else {
231 error("Certificate %s (%s) add failed", certpath,
232 private->cert->key_id);
233 }
234 } 228 }
229 key_cert_copy(cert, private);
230 key_free(cert);
235 231
232 if (!ssh_add_identity_constrained(ac, private, comment,
233 lifetime, confirm)) {
234 error("Certificate %s (%s) add failed", certpath,
235 private->cert->key_id);
236 }
237 fprintf(stderr, "Certificate added: %s (%s)\n", certpath,
238 private->cert->key_id);
239 if (lifetime != 0)
240 fprintf(stderr, "Lifetime set to %d seconds\n", lifetime);
241 if (confirm != 0)
242 fprintf(stderr, "The user must confirm each use of the key\n");
243 out:
236 xfree(certpath); 244 xfree(certpath);
237 xfree(comment); 245 xfree(comment);
238 key_free(private); 246 key_free(private);
diff --git a/ssh-agent.0 b/ssh-agent.0
index 536eac756..dfc82a966 100644
--- a/ssh-agent.0
+++ b/ssh-agent.0
@@ -8,18 +8,18 @@ SYNOPSIS
8 ssh-agent [-c | -s] -k 8 ssh-agent [-c | -s] -k
9 9
10DESCRIPTION 10DESCRIPTION
11 ssh-agent is a program to hold private keys used for public key authenti- 11 ssh-agent is a program to hold private keys used for public key
12 cation (RSA, DSA). The idea is that ssh-agent is started in the begin- 12 authentication (RSA, DSA). The idea is that ssh-agent is started in the
13 ning of an X-session or a login session, and all other windows or pro- 13 beginning of an X-session or a login session, and all other windows or
14 grams are started as clients to the ssh-agent program. Through use of 14 programs are started as clients to the ssh-agent program. Through use of
15 environment variables the agent can be located and automatically used for 15 environment variables the agent can be located and automatically used for
16 authentication when logging in to other machines using ssh(1). 16 authentication when logging in to other machines using ssh(1).
17 17
18 The options are as follows: 18 The options are as follows:
19 19
20 -a bind_address 20 -a bind_address
21 Bind the agent to the UNIX-domain socket bind_address. The de- 21 Bind the agent to the UNIX-domain socket bind_address. The
22 fault is /tmp/ssh-XXXXXXXXXX/agent.<ppid>. 22 default is /tmp/ssh-XXXXXXXXXX/agent.<ppid>.
23 23
24 -c Generate C-shell commands on stdout. This is the default if 24 -c Generate C-shell commands on stdout. This is the default if
25 SHELL looks like it's a csh style of shell. 25 SHELL looks like it's a csh style of shell.
@@ -50,15 +50,15 @@ DESCRIPTION
50 one or from a small X11 program if running under X11. If neither of 50 one or from a small X11 program if running under X11. If neither of
51 these is the case then the authentication will fail. It then sends the 51 these is the case then the authentication will fail. It then sends the
52 identity to the agent. Several identities can be stored in the agent; 52 identity to the agent. Several identities can be stored in the agent;
53 the agent can automatically use any of these identities. ssh-add -l dis- 53 the agent can automatically use any of these identities. ssh-add -l
54 plays the identities currently held by the agent. 54 displays the identities currently held by the agent.
55 55
56 The idea is that the agent is run in the user's local PC, laptop, or ter- 56 The idea is that the agent is run in the user's local PC, laptop, or
57 minal. Authentication data need not be stored on any other machine, and 57 terminal. Authentication data need not be stored on any other machine,
58 authentication passphrases never go over the network. However, the con- 58 and authentication passphrases never go over the network. However, the
59 nection to the agent is forwarded over SSH remote logins, and the user 59 connection to the agent is forwarded over SSH remote logins, and the user
60 can thus use the privileges given by the identities anywhere in the net- 60 can thus use the privileges given by the identities anywhere in the
61 work in a secure way. 61 network in a secure way.
62 62
63 There are two main ways to get an agent set up: The first is that the 63 There are two main ways to get an agent set up: The first is that the
64 agent starts a new subcommand into which some environment variables are 64 agent starts a new subcommand into which some environment variables are
@@ -68,18 +68,18 @@ DESCRIPTION
68 Bourne-type shells such as sh(1) or ksh(1) and eval `ssh-agent -c` for 68 Bourne-type shells such as sh(1) or ksh(1) and eval `ssh-agent -c` for
69 csh(1) and derivatives. 69 csh(1) and derivatives.
70 70
71 Later ssh(1) looks at these variables and uses them to establish a con- 71 Later ssh(1) looks at these variables and uses them to establish a
72 nection to the agent. 72 connection to the agent.
73 73
74 The agent will never send a private key over its request channel. In- 74 The agent will never send a private key over its request channel.
75 stead, operations that require a private key will be performed by the 75 Instead, operations that require a private key will be performed by the
76 agent, and the result will be returned to the requester. This way, pri- 76 agent, and the result will be returned to the requester. This way,
77 vate keys are not exposed to clients using the agent. 77 private keys are not exposed to clients using the agent.
78 78
79 A UNIX-domain socket is created and the name of this socket is stored in 79 A UNIX-domain socket is created and the name of this socket is stored in
80 the SSH_AUTH_SOCK environment variable. The socket is made accessible 80 the SSH_AUTH_SOCK environment variable. The socket is made accessible
81 only to the current user. This method is easily abused by root or anoth- 81 only to the current user. This method is easily abused by root or
82 er instance of the same user. 82 another instance of the same user.
83 83
84 The SSH_AGENT_PID environment variable holds the agent's process ID. 84 The SSH_AGENT_PID environment variable holds the agent's process ID.
85 85
@@ -100,9 +100,9 @@ FILES
100 the user. 100 the user.
101 101
102 /tmp/ssh-XXXXXXXXXX/agent.<ppid> 102 /tmp/ssh-XXXXXXXXXX/agent.<ppid>
103 UNIX-domain sockets used to contain the connection to the authen- 103 UNIX-domain sockets used to contain the connection to the
104 tication agent. These sockets should only be readable by the 104 authentication agent. These sockets should only be readable by
105 owner. The sockets should get automatically removed when the 105 the owner. The sockets should get automatically removed when the
106 agent exits. 106 agent exits.
107 107
108SEE ALSO 108SEE ALSO
@@ -111,8 +111,8 @@ SEE ALSO
111AUTHORS 111AUTHORS
112 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 112 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
113 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 113 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
114 de Raadt and Dug Song removed many bugs, re-added newer features and cre- 114 de Raadt and Dug Song removed many bugs, re-added newer features and
115 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 115 created OpenSSH. Markus Friedl contributed the support for SSH protocol
116 versions 1.5 and 2.0. 116 versions 1.5 and 2.0.
117 117
118OpenBSD 4.7 January 17, 2010 2 118OpenBSD 4.8 January 17, 2010 OpenBSD 4.8
diff --git a/ssh-agent.c b/ssh-agent.c
index b5c565271..2c0e28696 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-agent.c,v 1.165 2010/02/26 20:29:54 djm Exp $ */ 1/* $OpenBSD: ssh-agent.c,v 1.166 2010/04/16 01:47:26 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -500,6 +500,7 @@ process_add_identity(SocketEntry *e, int version)
500 buffer_get_bignum2(&e->request, k->dsa->pub_key); 500 buffer_get_bignum2(&e->request, k->dsa->pub_key);
501 buffer_get_bignum2(&e->request, k->dsa->priv_key); 501 buffer_get_bignum2(&e->request, k->dsa->priv_key);
502 break; 502 break;
503 case KEY_DSA_CERT_V00:
503 case KEY_DSA_CERT: 504 case KEY_DSA_CERT:
504 cert = buffer_get_string(&e->request, &len); 505 cert = buffer_get_string(&e->request, &len);
505 if ((k = key_from_blob(cert, len)) == NULL) 506 if ((k = key_from_blob(cert, len)) == NULL)
@@ -520,6 +521,7 @@ process_add_identity(SocketEntry *e, int version)
520 /* Generate additional parameters */ 521 /* Generate additional parameters */
521 rsa_generate_additional_parameters(k->rsa); 522 rsa_generate_additional_parameters(k->rsa);
522 break; 523 break;
524 case KEY_RSA_CERT_V00:
523 case KEY_RSA_CERT: 525 case KEY_RSA_CERT:
524 cert = buffer_get_string(&e->request, &len); 526 cert = buffer_get_string(&e->request, &len);
525 if ((k = key_from_blob(cert, len)) == NULL) 527 if ((k = key_from_blob(cert, len)) == NULL)
@@ -540,6 +542,7 @@ process_add_identity(SocketEntry *e, int version)
540 /* enable blinding */ 542 /* enable blinding */
541 switch (k->type) { 543 switch (k->type) {
542 case KEY_RSA: 544 case KEY_RSA:
545 case KEY_RSA_CERT_V00:
543 case KEY_RSA_CERT: 546 case KEY_RSA_CERT:
544 case KEY_RSA1: 547 case KEY_RSA1:
545 if (RSA_blinding_on(k->rsa, NULL) != 1) { 548 if (RSA_blinding_on(k->rsa, NULL) != 1) {
diff --git a/ssh-dss.c b/ssh-dss.c
index 449f493b4..175e4d030 100644
--- a/ssh-dss.c
+++ b/ssh-dss.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-dss.c,v 1.25 2010/02/26 20:29:54 djm Exp $ */ 1/* $OpenBSD: ssh-dss.c,v 1.26 2010/04/16 01:47:26 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * 4 *
@@ -53,9 +53,8 @@ ssh_dss_sign(const Key *key, u_char **sigp, u_int *lenp,
53 u_int rlen, slen, len, dlen; 53 u_int rlen, slen, len, dlen;
54 Buffer b; 54 Buffer b;
55 55
56 if (key == NULL || 56 if (key == NULL || key->dsa == NULL || (key->type != KEY_DSA &&
57 (key->type != KEY_DSA && key->type != KEY_DSA_CERT) || 57 key->type != KEY_DSA_CERT && key->type != KEY_DSA_CERT_V00)) {
58 key->dsa == NULL) {
59 error("ssh_dss_sign: no DSA key"); 58 error("ssh_dss_sign: no DSA key");
60 return -1; 59 return -1;
61 } 60 }
@@ -118,9 +117,8 @@ ssh_dss_verify(const Key *key, const u_char *signature, u_int signaturelen,
118 int rlen, ret; 117 int rlen, ret;
119 Buffer b; 118 Buffer b;
120 119
121 if (key == NULL || 120 if (key == NULL || key->dsa == NULL || (key->type != KEY_DSA &&
122 (key->type != KEY_DSA && key->type != KEY_DSA_CERT) || 121 key->type != KEY_DSA_CERT && key->type != KEY_DSA_CERT_V00)) {
123 key->dsa == NULL) {
124 error("ssh_dss_verify: no DSA key"); 122 error("ssh_dss_verify: no DSA key");
125 return -1; 123 return -1;
126 } 124 }
diff --git a/ssh-keygen.0 b/ssh-keygen.0
index aed4a14ad..fb7838724 100644
--- a/ssh-keygen.0
+++ b/ssh-keygen.0
@@ -7,8 +7,8 @@ SYNOPSIS
7 ssh-keygen [-q] [-b bits] -t type [-N new_passphrase] [-C comment] 7 ssh-keygen [-q] [-b bits] -t type [-N new_passphrase] [-C comment]
8 [-f output_keyfile] 8 [-f output_keyfile]
9 ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile] 9 ssh-keygen -p [-P old_passphrase] [-N new_passphrase] [-f keyfile]
10 ssh-keygen -i [-f input_keyfile] 10 ssh-keygen -i [-m key_format] [-f input_keyfile]
11 ssh-keygen -e [-f input_keyfile] 11 ssh-keygen -e [-m key_format] [-f input_keyfile]
12 ssh-keygen -y [-f input_keyfile] 12 ssh-keygen -y [-f input_keyfile]
13 ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile] 13 ssh-keygen -c [-P passphrase] [-C comment] [-f keyfile]
14 ssh-keygen -l [-f input_keyfile] 14 ssh-keygen -l [-f input_keyfile]
@@ -22,7 +22,7 @@ SYNOPSIS
22 ssh-keygen -T output_file -f input_file [-v] [-a num_trials] 22 ssh-keygen -T output_file -f input_file [-v] [-a num_trials]
23 [-W generator] 23 [-W generator]
24 ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals] 24 ssh-keygen -s ca_key -I certificate_identity [-h] [-n principals]
25 [-O constraint] [-V validity_interval] file ... 25 [-O option] [-V validity_interval] [-z serial_number] file ...
26 ssh-keygen -L [-f input_keyfile] 26 ssh-keygen -L [-f input_keyfile]
27 27
28DESCRIPTION 28DESCRIPTION
@@ -46,14 +46,14 @@ DESCRIPTION
46 name but ``.pub'' appended. The program also asks for a passphrase. The 46 name but ``.pub'' appended. The program also asks for a passphrase. The
47 passphrase may be empty to indicate no passphrase (host keys must have an 47 passphrase may be empty to indicate no passphrase (host keys must have an
48 empty passphrase), or it may be a string of arbitrary length. A 48 empty passphrase), or it may be a string of arbitrary length. A
49 passphrase is similar to a password, except it can be a phrase with a se- 49 passphrase is similar to a password, except it can be a phrase with a
50 ries of words, punctuation, numbers, whitespace, or any string of charac- 50 series of words, punctuation, numbers, whitespace, or any string of
51 ters you want. Good passphrases are 10-30 characters long, are not sim- 51 characters you want. Good passphrases are 10-30 characters long, are not
52 ple sentences or otherwise easily guessable (English prose has only 1-2 52 simple sentences or otherwise easily guessable (English prose has only 1-
53 bits of entropy per character, and provides very bad passphrases), and 53 2 bits of entropy per character, and provides very bad passphrases), and
54 contain a mix of upper and lowercase letters, numbers, and non-alphanu- 54 contain a mix of upper and lowercase letters, numbers, and non-
55 meric characters. The passphrase can be changed later by using the -p 55 alphanumeric characters. The passphrase can be changed later by using
56 option. 56 the -p option.
57 57
58 There is no way to recover a lost passphrase. If the passphrase is lost 58 There is no way to recover a lost passphrase. If the passphrase is lost
59 or forgotten, a new key must be generated and copied to the corresponding 59 or forgotten, a new key must be generated and copied to the corresponding
@@ -61,9 +61,9 @@ DESCRIPTION
61 61
62 For RSA1 keys, there is also a comment field in the key file that is only 62 For RSA1 keys, there is also a comment field in the key file that is only
63 for convenience to the user to help identify the key. The comment can 63 for convenience to the user to help identify the key. The comment can
64 tell what the key is for, or whatever is useful. The comment is initial- 64 tell what the key is for, or whatever is useful. The comment is
65 ized to ``user@host'' when the key is created, but can be changed using 65 initialized to ``user@host'' when the key is created, but can be changed
66 the -c option. 66 using the -c option.
67 67
68 After a key is generated, instructions below detail where the keys should 68 After a key is generated, instructions below detail where the keys should
69 be placed to be activated. 69 be placed to be activated.
@@ -79,26 +79,29 @@ DESCRIPTION
79 79
80 -b bits 80 -b bits
81 Specifies the number of bits in the key to create. For RSA keys, 81 Specifies the number of bits in the key to create. For RSA keys,
82 the minimum size is 768 bits and the default is 2048 bits. Gen- 82 the minimum size is 768 bits and the default is 2048 bits.
83 erally, 2048 bits is considered sufficient. DSA keys must be ex- 83 Generally, 2048 bits is considered sufficient. DSA keys must be
84 actly 1024 bits as specified by FIPS 186-2. 84 exactly 1024 bits as specified by FIPS 186-2.
85 85
86 -C comment 86 -C comment
87 Provides a new comment. 87 Provides a new comment.
88 88
89 -c Requests changing the comment in the private and public key 89 -c Requests changing the comment in the private and public key
90 files. This operation is only supported for RSA1 keys. The pro- 90 files. This operation is only supported for RSA1 keys. The
91 gram will prompt for the file containing the private keys, for 91 program will prompt for the file containing the private keys, for
92 the passphrase if the key has one, and for the new comment. 92 the passphrase if the key has one, and for the new comment.
93 93
94 -D pkcs11 94 -D pkcs11
95 Download the RSA public keys provided by the PKCS#11 shared li- 95 Download the RSA public keys provided by the PKCS#11 shared
96 brary pkcs11. 96 library pkcs11. When used in combination with -s, this option
97 indicates that a CA key resides in a PKCS#11 token (see the
98 CERTIFICATES section for details).
97 99
98 -e This option will read a private or public OpenSSH key file and 100 -e This option will read a private or public OpenSSH key file and
99 print the key in RFC 4716 SSH Public Key File Format to stdout. 101 print to stdout the key in one of the formats specified by the -m
100 This option allows exporting keys for use by several commercial 102 option. The default export format is ``RFC4716''. This option
101 SSH implementations. 103 allows exporting OpenSSH keys for use by other programs,
104 including several commercial SSH implementations.
102 105
103 -F hostname 106 -F hostname
104 Search for the specified hostname in a known_hosts file, listing 107 Search for the specified hostname in a known_hosts file, listing
@@ -116,8 +119,8 @@ DESCRIPTION
116 -g Use generic DNS format when printing fingerprint resource records 119 -g Use generic DNS format when printing fingerprint resource records
117 using the -r command. 120 using the -r command.
118 121
119 -H Hash a known_hosts file. This replaces all hostnames and ad- 122 -H Hash a known_hosts file. This replaces all hostnames and
120 dresses with hashed representations within the specified file; 123 addresses with hashed representations within the specified file;
121 the original content is moved to a file with a .old suffix. 124 the original content is moved to a file with a .old suffix.
122 These hashes may be used normally by ssh and sshd, but they do 125 These hashes may be used normally by ssh and sshd, but they do
123 not reveal identifying information should the file's contents be 126 not reveal identifying information should the file's contents be
@@ -133,41 +136,48 @@ DESCRIPTION
133 the CERTIFICATES section for details. 136 the CERTIFICATES section for details.
134 137
135 -i This option will read an unencrypted private (or public) key file 138 -i This option will read an unencrypted private (or public) key file
136 in SSH2-compatible format and print an OpenSSH compatible private 139 in the format specified by the -m option and print an OpenSSH
137 (or public) key to stdout. ssh-keygen also reads the RFC 4716 140 compatible private (or public) key to stdout. This option allows
138 SSH Public Key File Format. This option allows importing keys 141 importing keys from other software, including several commercial
139 from several commercial SSH implementations. 142 SSH implementations. The default import format is ``RFC4716''.
140 143
141 -L Prints the contents of a certificate. 144 -L Prints the contents of a certificate.
142 145
143 -l Show fingerprint of specified public key file. Private RSA1 keys 146 -l Show fingerprint of specified public key file. Private RSA1 keys
144 are also supported. For RSA and DSA keys ssh-keygen tries to 147 are also supported. For RSA and DSA keys ssh-keygen tries to
145 find the matching public key file and prints its fingerprint. If 148 find the matching public key file and prints its fingerprint. If
146 combined with -v, an ASCII art representation of the key is sup- 149 combined with -v, an ASCII art representation of the key is
147 plied with the fingerprint. 150 supplied with the fingerprint.
148 151
149 -M memory 152 -M memory
150 Specify the amount of memory to use (in megabytes) when generat- 153 Specify the amount of memory to use (in megabytes) when
151 ing candidate moduli for DH-GEX. 154 generating candidate moduli for DH-GEX.
155
156 -m key_format
157 Specify a key format for the -i (import) or -e (export)
158 conversion options. The supported key formats are: ``RFC4716''
159 (RFC 4716/SSH2 public or private key), ``PKCS8'' (PEM PKCS8
160 public key) or ``PEM'' (PEM public key). The default conversion
161 format is ``RFC4716''.
152 162
153 -N new_passphrase 163 -N new_passphrase
154 Provides the new passphrase. 164 Provides the new passphrase.
155 165
156 -n principals 166 -n principals
157 Specify one or more principals (user or host names) to be includ- 167 Specify one or more principals (user or host names) to be
158 ed in a certificate when signing a key. Multiple principals may 168 included in a certificate when signing a key. Multiple
159 be specified, separated by commas. Please see the CERTIFICATES 169 principals may be specified, separated by commas. Please see the
160 section for details. 170 CERTIFICATES section for details.
161 171
162 -O constraint 172 -O option
163 Specify a certificate constraint when signing a key. This option 173 Specify a certificate option when signing a key. This option may
164 may be specified multiple times. Please see the CERTIFICATES 174 be specified multiple times. Please see the CERTIFICATES section
165 section for details. The constraints that are valid for user 175 for details. The options that are valid for user certificates
166 certificates are: 176 are:
167 177
168 clear Clear all enabled permissions. This is useful for clear- 178 clear Clear all enabled permissions. This is useful for
169 ing the default set of permissions so permissions may be 179 clearing the default set of permissions so permissions
170 added individually. 180 may be added individually.
171 181
172 force-command=command 182 force-command=command
173 Forces the execution of command instead of any shell or 183 Forces the execution of command instead of any shell or
@@ -206,11 +216,11 @@ DESCRIPTION
206 216
207 source-address=address_list 217 source-address=address_list
208 Restrict the source addresses from which the certificate 218 Restrict the source addresses from which the certificate
209 is considered valid. The address_list is a comma-sepa- 219 is considered valid. The address_list is a comma-
210 rated list of one or more address/netmask pairs in CIDR 220 separated list of one or more address/netmask pairs in
211 format. 221 CIDR format.
212 222
213 At present, no constraints are valid for host keys. 223 At present, no options are valid for host keys.
214 224
215 -P passphrase 225 -P passphrase
216 Provides the (old) passphrase. 226 Provides the (old) passphrase.
@@ -245,21 +255,21 @@ DESCRIPTION
245 255
246 -t type 256 -t type
247 Specifies the type of key to create. The possible values are 257 Specifies the type of key to create. The possible values are
248 ``rsa1'' for protocol version 1 and ``rsa'' or ``dsa'' for proto- 258 ``rsa1'' for protocol version 1 and ``rsa'' or ``dsa'' for
249 col version 2. 259 protocol version 2.
250 260
251 -V validity_interval 261 -V validity_interval
252 Specify a validity interval when signing a certificate. A valid- 262 Specify a validity interval when signing a certificate. A
253 ity interval may consist of a single time, indicating that the 263 validity interval may consist of a single time, indicating that
254 certificate is valid beginning now and expiring at that time, or 264 the certificate is valid beginning now and expiring at that time,
255 may consist of two times separated by a colon to indicate an ex- 265 or may consist of two times separated by a colon to indicate an
256 plicit time interval. The start time may be specified as a date 266 explicit time interval. The start time may be specified as a
257 in YYYYMMDD format, a time in YYYYMMDDHHMMSS format or a relative 267 date in YYYYMMDD format, a time in YYYYMMDDHHMMSS format or a
258 time (to the current time) consisting of a minus sign followed by 268 relative time (to the current time) consisting of a minus sign
259 a relative time in the format described in the TIME FORMATS sec- 269 followed by a relative time in the format described in the TIME
260 tion of sshd_config(5). The end time may be specified as a 270 FORMATS section of sshd_config(5). The end time may be specified
261 YYYYMMDD date, a YYYYMMDDHHMMSS time or a relative time starting 271 as a YYYYMMDD date, a YYYYMMDDHHMMSS time or a relative time
262 with a plus character. 272 starting with a plus character.
263 273
264 For example: ``+52w1d'' (valid from now to 52 weeks and one day 274 For example: ``+52w1d'' (valid from now to 52 weeks and one day
265 from now), ``-4w:+4w'' (valid from four weeks ago to four weeks 275 from now), ``-4w:+4w'' (valid from four weeks ago to four weeks
@@ -269,9 +279,9 @@ DESCRIPTION
269 2011). 279 2011).
270 280
271 -v Verbose mode. Causes ssh-keygen to print debugging messages 281 -v Verbose mode. Causes ssh-keygen to print debugging messages
272 about its progress. This is helpful for debugging moduli genera- 282 about its progress. This is helpful for debugging moduli
273 tion. Multiple -v options increase the verbosity. The maximum 283 generation. Multiple -v options increase the verbosity. The
274 is 3. 284 maximum is 3.
275 285
276 -W generator 286 -W generator
277 Specify desired generator when testing candidate moduli for DH- 287 Specify desired generator when testing candidate moduli for DH-
@@ -280,12 +290,17 @@ DESCRIPTION
280 -y This option will read a private OpenSSH format file and print an 290 -y This option will read a private OpenSSH format file and print an
281 OpenSSH public key to stdout. 291 OpenSSH public key to stdout.
282 292
293 -z serial_number
294 Specifies a serial number to be embedded in the certificate to
295 distinguish this certificate from others from the same CA. The
296 default serial number is zero.
297
283MODULI GENERATION 298MODULI GENERATION
284 ssh-keygen may be used to generate groups for the Diffie-Hellman Group 299 ssh-keygen may be used to generate groups for the Diffie-Hellman Group
285 Exchange (DH-GEX) protocol. Generating these groups is a two-step pro- 300 Exchange (DH-GEX) protocol. Generating these groups is a two-step
286 cess: first, candidate primes are generated using a fast, but memory in- 301 process: first, candidate primes are generated using a fast, but memory
287 tensive process. These candidate primes are then tested for suitability 302 intensive process. These candidate primes are then tested for
288 (a CPU-intensive process). 303 suitability (a CPU-intensive process).
289 304
290 Generation of primes is performed using the -G option. The desired 305 Generation of primes is performed using the -G option. The desired
291 length of the primes may be specified by the -b option. For example: 306 length of the primes may be specified by the -b option. For example:
@@ -293,8 +308,8 @@ MODULI GENERATION
293 # ssh-keygen -G moduli-2048.candidates -b 2048 308 # ssh-keygen -G moduli-2048.candidates -b 2048
294 309
295 By default, the search for primes begins at a random point in the desired 310 By default, the search for primes begins at a random point in the desired
296 length range. This may be overridden using the -S option, which speci- 311 length range. This may be overridden using the -S option, which
297 fies a different start point (in hex). 312 specifies a different start point (in hex).
298 313
299 Once a set of candidates have been generated, they must be tested for 314 Once a set of candidates have been generated, they must be tested for
300 suitability. This may be performed using the -T option. In this mode 315 suitability. This may be performed using the -T option. In this mode
@@ -317,15 +332,15 @@ CERTIFICATES
317 ssh-keygen supports signing of keys to produce certificates that may be 332 ssh-keygen supports signing of keys to produce certificates that may be
318 used for user or host authentication. Certificates consist of a public 333 used for user or host authentication. Certificates consist of a public
319 key, some identity information, zero or more principal (user or host) 334 key, some identity information, zero or more principal (user or host)
320 names and an optional set of constraints that are signed by a Certifica- 335 names and a set of options that are signed by a Certification Authority
321 tion Authority (CA) key. Clients or servers may then trust only the CA 336 (CA) key. Clients or servers may then trust only the CA key and verify
322 key and verify its signature on a certificate rather than trusting many 337 its signature on a certificate rather than trusting many user/host keys.
323 user/host keys. Note that OpenSSH certificates are a different, and much 338 Note that OpenSSH certificates are a different, and much simpler, format
324 simpler, format to the X.509 certificates used in ssl(8). 339 to the X.509 certificates used in ssl(8).
325 340
326 ssh-keygen supports two types of certificates: user and host. User cer- 341 ssh-keygen supports two types of certificates: user and host. User
327 tificates authenticate users to servers, whereas host certificates au- 342 certificates authenticate users to servers, whereas host certificates
328 thenticate server hosts to users. To generate a user certificate: 343 authenticate server hosts to users. To generate a user certificate:
329 344
330 $ ssh-keygen -s /path/to/ca_key -I key_id /path/to/user_key.pub 345 $ ssh-keygen -s /path/to/ca_key -I key_id /path/to/user_key.pub
331 346
@@ -334,83 +349,90 @@ CERTIFICATES
334 349
335 $ ssh-keygen -s /path/to/ca_key -I key_id -h /path/to/host_key.pub 350 $ ssh-keygen -s /path/to/ca_key -I key_id -h /path/to/host_key.pub
336 351
337 The host certificate will be output to /path/to/host_key-cert.pub. In 352 The host certificate will be output to /path/to/host_key-cert.pub.
338 both cases, key_id is a "key identifier" that is logged by the server 353
354 It is possible to sign using a CA key stored in a PKCS#11 token by
355 providing the token library using -D and identifying the CA key by
356 providing its public half as an argument to -s:
357
358 $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub
359
360 In all cases, key_id is a "key identifier" that is logged by the server
339 when the certificate is used for authentication. 361 when the certificate is used for authentication.
340 362
341 Certificates may be limited to be valid for a set of principal (us- 363 Certificates may be limited to be valid for a set of principal
342 er/host) names. By default, generated certificates are valid for all 364 (user/host) names. By default, generated certificates are valid for all
343 users or hosts. To generate a certificate for a specified set of princi- 365 users or hosts. To generate a certificate for a specified set of
344 pals: 366 principals:
345 367
346 $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub 368 $ ssh-keygen -s ca_key -I key_id -n user1,user2 user_key.pub
347 $ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub 369 $ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub
348 370
349 Additional limitations on the validity and use of user certificates may 371 Additional limitations on the validity and use of user certificates may
350 be specified through certificate constraints. A constrained certificate 372 be specified through certificate options. A certificate option may
351 may disable features of the SSH session, may be valid only when presented 373 disable features of the SSH session, may be valid only when presented
352 from particular source addresses or may force the use of a specific com- 374 from particular source addresses or may force the use of a specific
353 mand. For a list of valid certificate constraints, see the documentation 375 command. For a list of valid certificate options, see the documentation
354 for the -O option above. 376 for the -O option above.
355 377
356 Finally, certificates may be defined with a validity lifetime. The -V 378 Finally, certificates may be defined with a validity lifetime. The -V
357 option allows specification of certificate start and end times. A cer- 379 option allows specification of certificate start and end times. A
358 tificate that is presented at a time outside this range will not be con- 380 certificate that is presented at a time outside this range will not be
359 sidered valid. By default, certificates have a maximum validity inter- 381 considered valid. By default, certificates have a maximum validity
360 val. 382 interval.
361 383
362 For certificates to be used for user or host authentication, the CA pub- 384 For certificates to be used for user or host authentication, the CA
363 lic key must be trusted by sshd(8) or ssh(1). Please refer to those man- 385 public key must be trusted by sshd(8) or ssh(1). Please refer to those
364 ual pages for details. 386 manual pages for details.
365 387
366FILES 388FILES
367 ~/.ssh/identity 389 ~/.ssh/identity
368 Contains the protocol version 1 RSA authentication identity of 390 Contains the protocol version 1 RSA authentication identity of
369 the user. This file should not be readable by anyone but the us- 391 the user. This file should not be readable by anyone but the
370 er. It is possible to specify a passphrase when generating the 392 user. It is possible to specify a passphrase when generating the
371 key; that passphrase will be used to encrypt the private part of 393 key; that passphrase will be used to encrypt the private part of
372 this file using 128-bit AES. This file is not automatically ac- 394 this file using 128-bit AES. This file is not automatically
373 cessed by ssh-keygen but it is offered as the default file for 395 accessed by ssh-keygen but it is offered as the default file for
374 the private key. ssh(1) will read this file when a login attempt 396 the private key. ssh(1) will read this file when a login attempt
375 is made. 397 is made.
376 398
377 ~/.ssh/identity.pub 399 ~/.ssh/identity.pub
378 Contains the protocol version 1 RSA public key for authentica- 400 Contains the protocol version 1 RSA public key for
379 tion. The contents of this file should be added to 401 authentication. The contents of this file should be added to
380 ~/.ssh/authorized_keys on all machines where the user wishes to 402 ~/.ssh/authorized_keys on all machines where the user wishes to
381 log in using RSA authentication. There is no need to keep the 403 log in using RSA authentication. There is no need to keep the
382 contents of this file secret. 404 contents of this file secret.
383 405
384 ~/.ssh/id_dsa 406 ~/.ssh/id_dsa
385 Contains the protocol version 2 DSA authentication identity of 407 Contains the protocol version 2 DSA authentication identity of
386 the user. This file should not be readable by anyone but the us- 408 the user. This file should not be readable by anyone but the
387 er. It is possible to specify a passphrase when generating the 409 user. It is possible to specify a passphrase when generating the
388 key; that passphrase will be used to encrypt the private part of 410 key; that passphrase will be used to encrypt the private part of
389 this file using 128-bit AES. This file is not automatically ac- 411 this file using 128-bit AES. This file is not automatically
390 cessed by ssh-keygen but it is offered as the default file for 412 accessed by ssh-keygen but it is offered as the default file for
391 the private key. ssh(1) will read this file when a login attempt 413 the private key. ssh(1) will read this file when a login attempt
392 is made. 414 is made.
393 415
394 ~/.ssh/id_dsa.pub 416 ~/.ssh/id_dsa.pub
395 Contains the protocol version 2 DSA public key for authentica- 417 Contains the protocol version 2 DSA public key for
396 tion. The contents of this file should be added to 418 authentication. The contents of this file should be added to
397 ~/.ssh/authorized_keys on all machines where the user wishes to 419 ~/.ssh/authorized_keys on all machines where the user wishes to
398 log in using public key authentication. There is no need to keep 420 log in using public key authentication. There is no need to keep
399 the contents of this file secret. 421 the contents of this file secret.
400 422
401 ~/.ssh/id_rsa 423 ~/.ssh/id_rsa
402 Contains the protocol version 2 RSA authentication identity of 424 Contains the protocol version 2 RSA authentication identity of
403 the user. This file should not be readable by anyone but the us- 425 the user. This file should not be readable by anyone but the
404 er. It is possible to specify a passphrase when generating the 426 user. It is possible to specify a passphrase when generating the
405 key; that passphrase will be used to encrypt the private part of 427 key; that passphrase will be used to encrypt the private part of
406 this file using 128-bit AES. This file is not automatically ac- 428 this file using 128-bit AES. This file is not automatically
407 cessed by ssh-keygen but it is offered as the default file for 429 accessed by ssh-keygen but it is offered as the default file for
408 the private key. ssh(1) will read this file when a login attempt 430 the private key. ssh(1) will read this file when a login attempt
409 is made. 431 is made.
410 432
411 ~/.ssh/id_rsa.pub 433 ~/.ssh/id_rsa.pub
412 Contains the protocol version 2 RSA public key for authentica- 434 Contains the protocol version 2 RSA public key for
413 tion. The contents of this file should be added to 435 authentication. The contents of this file should be added to
414 ~/.ssh/authorized_keys on all machines where the user wishes to 436 ~/.ssh/authorized_keys on all machines where the user wishes to
415 log in using public key authentication. There is no need to keep 437 log in using public key authentication. There is no need to keep
416 the contents of this file secret. 438 the contents of this file secret.
@@ -431,4 +453,4 @@ AUTHORS
431 created OpenSSH. Markus Friedl contributed the support for SSH protocol 453 created OpenSSH. Markus Friedl contributed the support for SSH protocol
432 versions 1.5 and 2.0. 454 versions 1.5 and 2.0.
433 455
434OpenBSD 4.7 March 13, 2010 7 456OpenBSD 4.8 August 4, 2010 OpenBSD 4.8
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 64638aa9c..0845b4066 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keygen.1,v 1.92 2010/03/13 23:38:13 jmc Exp $ 1.\" $OpenBSD: ssh-keygen.1,v 1.98 2010/08/04 06:07:11 djm Exp $
2.\" 2.\"
3.\" -*- nroff -*- 3.\" -*- nroff -*-
4.\" 4.\"
@@ -37,15 +37,15 @@
37.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 37.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
38.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 38.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39.\" 39.\"
40.Dd $Mdocdate: March 13 2010 $ 40.Dd $Mdocdate: August 4 2010 $
41.Dt SSH-KEYGEN 1 41.Dt SSH-KEYGEN 1
42.Os 42.Os
43.Sh NAME 43.Sh NAME
44.Nm ssh-keygen 44.Nm ssh-keygen
45.Nd authentication key generation, management and conversion 45.Nd authentication key generation, management and conversion
46.Sh SYNOPSIS 46.Sh SYNOPSIS
47.Nm ssh-keygen
48.Bk -words 47.Bk -words
48.Nm ssh-keygen
49.Op Fl q 49.Op Fl q
50.Op Fl b Ar bits 50.Op Fl b Ar bits
51.Fl t Ar type 51.Fl t Ar type
@@ -59,9 +59,11 @@
59.Op Fl f Ar keyfile 59.Op Fl f Ar keyfile
60.Nm ssh-keygen 60.Nm ssh-keygen
61.Fl i 61.Fl i
62.Op Fl m Ar key_format
62.Op Fl f Ar input_keyfile 63.Op Fl f Ar input_keyfile
63.Nm ssh-keygen 64.Nm ssh-keygen
64.Fl e 65.Fl e
66.Op Fl m Ar key_format
65.Op Fl f Ar input_keyfile 67.Op Fl f Ar input_keyfile
66.Nm ssh-keygen 68.Nm ssh-keygen
67.Fl y 69.Fl y
@@ -110,8 +112,9 @@
110.Fl I Ar certificate_identity 112.Fl I Ar certificate_identity
111.Op Fl h 113.Op Fl h
112.Op Fl n Ar principals 114.Op Fl n Ar principals
113.Op Fl O Ar constraint 115.Op Fl O Ar option
114.Op Fl V Ar validity_interval 116.Op Fl V Ar validity_interval
117.Op Fl z Ar serial_number
115.Ar 118.Ar
116.Nm ssh-keygen 119.Nm ssh-keygen
117.Fl L 120.Fl L
@@ -210,13 +213,20 @@ the passphrase if the key has one, and for the new comment.
210.It Fl D Ar pkcs11 213.It Fl D Ar pkcs11
211Download the RSA public keys provided by the PKCS#11 shared library 214Download the RSA public keys provided by the PKCS#11 shared library
212.Ar pkcs11 . 215.Ar pkcs11 .
216When used in combination with
217.Fl s ,
218this option indicates that a CA key resides in a PKCS#11 token (see the
219.Sx CERTIFICATES
220section for details).
213.It Fl e 221.It Fl e
214This option will read a private or public OpenSSH key file and 222This option will read a private or public OpenSSH key file and
215print the key in 223print to stdout the key in one of the formats specified by the
216RFC 4716 SSH Public Key File Format 224.Fl m
217to stdout. 225option.
218This option allows exporting keys for use by several commercial 226The default export format is
219SSH implementations. 227.Dq RFC4716 .
228This option allows exporting OpenSSH keys for use by other programs, including
229several commercial SSH implementations.
220.It Fl F Ar hostname 230.It Fl F Ar hostname
221Search for the specified 231Search for the specified
222.Ar hostname 232.Ar hostname
@@ -267,13 +277,14 @@ Please see the
267section for details. 277section for details.
268.It Fl i 278.It Fl i
269This option will read an unencrypted private (or public) key file 279This option will read an unencrypted private (or public) key file
270in SSH2-compatible format and print an OpenSSH compatible private 280in the format specified by the
281.Fl m
282option and print an OpenSSH compatible private
271(or public) key to stdout. 283(or public) key to stdout.
272.Nm 284This option allows importing keys from other software, including several
273also reads the 285commercial SSH implementations.
274RFC 4716 SSH Public Key File Format. 286The default import format is
275This option allows importing keys from several commercial 287.Dq RFC4716 .
276SSH implementations.
277.It Fl L 288.It Fl L
278Prints the contents of a certificate. 289Prints the contents of a certificate.
279.It Fl l 290.It Fl l
@@ -288,6 +299,22 @@ an ASCII art representation of the key is supplied with the fingerprint.
288.It Fl M Ar memory 299.It Fl M Ar memory
289Specify the amount of memory to use (in megabytes) when generating 300Specify the amount of memory to use (in megabytes) when generating
290candidate moduli for DH-GEX. 301candidate moduli for DH-GEX.
302.It Fl m Ar key_format
303Specify a key format for the
304.Fl i
305(import) or
306.Fl e
307(export) conversion options.
308The supported key formats are:
309.Dq RFC4716
310(RFC 4716/SSH2 public or private key),
311.Dq PKCS8
312(PEM PKCS8 public key)
313or
314.Dq PEM
315(PEM public key).
316The default conversion format is
317.Dq RFC4716 .
291.It Fl N Ar new_passphrase 318.It Fl N Ar new_passphrase
292Provides the new passphrase. 319Provides the new passphrase.
293.It Fl n Ar principals 320.It Fl n Ar principals
@@ -297,13 +324,13 @@ Multiple principals may be specified, separated by commas.
297Please see the 324Please see the
298.Sx CERTIFICATES 325.Sx CERTIFICATES
299section for details. 326section for details.
300.It Fl O Ar constraint 327.It Fl O Ar option
301Specify a certificate constraint when signing a key. 328Specify a certificate option when signing a key.
302This option may be specified multiple times. 329This option may be specified multiple times.
303Please see the 330Please see the
304.Sx CERTIFICATES 331.Sx CERTIFICATES
305section for details. 332section for details.
306The constraints that are valid for user certificates are: 333The options that are valid for user certificates are:
307.Bl -tag -width Ds 334.Bl -tag -width Ds
308.It Ic clear 335.It Ic clear
309Clear all enabled permissions. 336Clear all enabled permissions.
@@ -353,7 +380,7 @@ is a comma-separated list of one or more address/netmask pairs in CIDR
353format. 380format.
354.El 381.El
355.Pp 382.Pp
356At present, no constraints are valid for host keys. 383At present, no options are valid for host keys.
357.It Fl P Ar passphrase 384.It Fl P Ar passphrase
358Provides the (old) passphrase. 385Provides the (old) passphrase.
359.It Fl p 386.It Fl p
@@ -437,6 +464,10 @@ Specify desired generator when testing candidate moduli for DH-GEX.
437.It Fl y 464.It Fl y
438This option will read a private 465This option will read a private
439OpenSSH format file and print an OpenSSH public key to stdout. 466OpenSSH format file and print an OpenSSH public key to stdout.
467.It Fl z Ar serial_number
468Specifies a serial number to be embedded in the certificate to distinguish
469this certificate from others from the same CA.
470The default serial number is zero.
440.El 471.El
441.Sh MODULI GENERATION 472.Sh MODULI GENERATION
442.Nm 473.Nm
@@ -497,7 +528,7 @@ that both ends of a connection share common moduli.
497supports signing of keys to produce certificates that may be used for 528supports signing of keys to produce certificates that may be used for
498user or host authentication. 529user or host authentication.
499Certificates consist of a public key, some identity information, zero or 530Certificates consist of a public key, some identity information, zero or
500more principal (user or host) names and an optional set of constraints that 531more principal (user or host) names and a set of options that
501are signed by a Certification Authority (CA) key. 532are signed by a Certification Authority (CA) key.
502Clients or servers may then trust only the CA key and verify its signature 533Clients or servers may then trust only the CA key and verify its signature
503on a certificate rather than trusting many user/host keys. 534on a certificate rather than trusting many user/host keys.
@@ -523,7 +554,17 @@ option:
523.Pp 554.Pp
524The host certificate will be output to 555The host certificate will be output to
525.Pa /path/to/host_key-cert.pub . 556.Pa /path/to/host_key-cert.pub .
526In both cases, 557.Pp
558It is possible to sign using a CA key stored in a PKCS#11 token by
559providing the token library using
560.Fl D
561and identifying the CA key by providing its public half as an argument
562to
563.Fl s :
564.Pp
565.Dl $ ssh-keygen -s ca_key.pub -D libpkcs11.so -I key_id host_key.pub
566.Pp
567In all cases,
527.Ar key_id 568.Ar key_id
528is a "key identifier" that is logged by the server when the certificate 569is a "key identifier" that is logged by the server when the certificate
529is used for authentication. 570is used for authentication.
@@ -537,11 +578,11 @@ To generate a certificate for a specified set of principals:
537.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub" 578.Dl "$ ssh-keygen -s ca_key -I key_id -h -n host.domain user_key.pub"
538.Pp 579.Pp
539Additional limitations on the validity and use of user certificates may 580Additional limitations on the validity and use of user certificates may
540be specified through certificate constraints. 581be specified through certificate options.
541A constrained certificate may disable features of the SSH session, may be 582A certificate option may disable features of the SSH session, may be
542valid only when presented from particular source addresses or may 583valid only when presented from particular source addresses or may
543force the use of a specific command. 584force the use of a specific command.
544For a list of valid certificate constraints, see the documentation for the 585For a list of valid certificate options, see the documentation for the
545.Fl O 586.Fl O
546option above. 587option above.
547.Pp 588.Pp
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 37e516ff2..d90b1dfdd 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.185 2010/03/15 19:40:02 stevesk Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.197 2010/08/04 06:07:11 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -105,6 +105,9 @@ char *identity_comment = NULL;
105/* Path to CA key when certifying keys. */ 105/* Path to CA key when certifying keys. */
106char *ca_key_path = NULL; 106char *ca_key_path = NULL;
107 107
108/* Certificate serial number */
109long long cert_serial = 0;
110
108/* Key type when certifying */ 111/* Key type when certifying */
109u_int cert_key_type = SSH2_CERT_TYPE_USER; 112u_int cert_key_type = SSH2_CERT_TYPE_USER;
110 113
@@ -118,27 +121,34 @@ char *cert_principals = NULL;
118u_int64_t cert_valid_from = 0; 121u_int64_t cert_valid_from = 0;
119u_int64_t cert_valid_to = ~0ULL; 122u_int64_t cert_valid_to = ~0ULL;
120 123
121/* Certificate constraints */ 124/* Certificate options */
122#define CONSTRAINT_X_FWD (1) 125#define CERTOPT_X_FWD (1)
123#define CONSTRAINT_AGENT_FWD (1<<1) 126#define CERTOPT_AGENT_FWD (1<<1)
124#define CONSTRAINT_PORT_FWD (1<<2) 127#define CERTOPT_PORT_FWD (1<<2)
125#define CONSTRAINT_PTY (1<<3) 128#define CERTOPT_PTY (1<<3)
126#define CONSTRAINT_USER_RC (1<<4) 129#define CERTOPT_USER_RC (1<<4)
127#define CONSTRAINT_DEFAULT (CONSTRAINT_X_FWD|CONSTRAINT_AGENT_FWD| \ 130#define CERTOPT_DEFAULT (CERTOPT_X_FWD|CERTOPT_AGENT_FWD| \
128 CONSTRAINT_PORT_FWD|CONSTRAINT_PTY| \ 131 CERTOPT_PORT_FWD|CERTOPT_PTY|CERTOPT_USER_RC)
129 CONSTRAINT_USER_RC) 132u_int32_t certflags_flags = CERTOPT_DEFAULT;
130u_int32_t constraint_flags = CONSTRAINT_DEFAULT; 133char *certflags_command = NULL;
131char *constraint_command = NULL; 134char *certflags_src_addr = NULL;
132char *constraint_src_addr = NULL; 135
133 136/* Conversion to/from various formats */
134/* Dump public key file in format used by real and the original SSH 2 */ 137int convert_to = 0;
135int convert_to_ssh2 = 0; 138int convert_from = 0;
136int convert_from_ssh2 = 0; 139enum {
140 FMT_RFC4716,
141 FMT_PKCS8,
142 FMT_PEM
143} convert_format = FMT_RFC4716;
137int print_public = 0; 144int print_public = 0;
138int print_generic = 0; 145int print_generic = 0;
139 146
140char *key_type_name = NULL; 147char *key_type_name = NULL;
141 148
149/* Load key from this PKCS#11 provider */
150char *pkcs11provider = NULL;
151
142/* argv0 */ 152/* argv0 */
143extern char *__progname; 153extern char *__progname;
144 154
@@ -161,9 +171,13 @@ ask_filename(struct passwd *pw, const char *prompt)
161 case KEY_RSA1: 171 case KEY_RSA1:
162 name = _PATH_SSH_CLIENT_IDENTITY; 172 name = _PATH_SSH_CLIENT_IDENTITY;
163 break; 173 break;
174 case KEY_DSA_CERT:
175 case KEY_DSA_CERT_V00:
164 case KEY_DSA: 176 case KEY_DSA:
165 name = _PATH_SSH_CLIENT_ID_DSA; 177 name = _PATH_SSH_CLIENT_ID_DSA;
166 break; 178 break;
179 case KEY_RSA_CERT:
180 case KEY_RSA_CERT_V00:
167 case KEY_RSA: 181 case KEY_RSA:
168 name = _PATH_SSH_CLIENT_ID_RSA; 182 name = _PATH_SSH_CLIENT_ID_RSA;
169 break; 183 break;
@@ -209,30 +223,12 @@ load_identity(char *filename)
209#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb 223#define SSH_COM_PRIVATE_KEY_MAGIC 0x3f6ff9eb
210 224
211static void 225static void
212do_convert_to_ssh2(struct passwd *pw) 226do_convert_to_ssh2(struct passwd *pw, Key *k)
213{ 227{
214 Key *k;
215 u_int len; 228 u_int len;
216 u_char *blob; 229 u_char *blob;
217 char comment[61]; 230 char comment[61];
218 struct stat st;
219 231
220 if (!have_identity)
221 ask_filename(pw, "Enter file in which the key is");
222 if (stat(identity_file, &st) < 0) {
223 perror(identity_file);
224 exit(1);
225 }
226 if ((k = key_load_public(identity_file, NULL)) == NULL) {
227 if ((k = load_identity(identity_file)) == NULL) {
228 fprintf(stderr, "load failed\n");
229 exit(1);
230 }
231 }
232 if (k->type == KEY_RSA1) {
233 fprintf(stderr, "version 1 keys are not supported\n");
234 exit(1);
235 }
236 if (key_to_blob(k, &blob, &len) <= 0) { 232 if (key_to_blob(k, &blob, &len) <= 0) {
237 fprintf(stderr, "key_to_blob failed\n"); 233 fprintf(stderr, "key_to_blob failed\n");
238 exit(1); 234 exit(1);
@@ -253,6 +249,81 @@ do_convert_to_ssh2(struct passwd *pw)
253} 249}
254 250
255static void 251static void
252do_convert_to_pkcs8(Key *k)
253{
254 switch (key_type_plain(k->type)) {
255 case KEY_RSA:
256 if (!PEM_write_RSA_PUBKEY(stdout, k->rsa))
257 fatal("PEM_write_RSA_PUBKEY failed");
258 break;
259 case KEY_DSA:
260 if (!PEM_write_DSA_PUBKEY(stdout, k->dsa))
261 fatal("PEM_write_DSA_PUBKEY failed");
262 break;
263 default:
264 fatal("%s: unsupported key type %s", __func__, key_type(k));
265 }
266 exit(0);
267}
268
269static void
270do_convert_to_pem(Key *k)
271{
272 switch (key_type_plain(k->type)) {
273 case KEY_RSA:
274 if (!PEM_write_RSAPublicKey(stdout, k->rsa))
275 fatal("PEM_write_RSAPublicKey failed");
276 break;
277#if notyet /* OpenSSH 0.9.8 lacks this function */
278 case KEY_DSA:
279 if (!PEM_write_DSAPublicKey(stdout, k->dsa))
280 fatal("PEM_write_DSAPublicKey failed");
281 break;
282#endif
283 default:
284 fatal("%s: unsupported key type %s", __func__, key_type(k));
285 }
286 exit(0);
287}
288
289static void
290do_convert_to(struct passwd *pw)
291{
292 Key *k;
293 struct stat st;
294
295 if (!have_identity)
296 ask_filename(pw, "Enter file in which the key is");
297 if (stat(identity_file, &st) < 0)
298 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
299 if ((k = key_load_public(identity_file, NULL)) == NULL) {
300 if ((k = load_identity(identity_file)) == NULL) {
301 fprintf(stderr, "load failed\n");
302 exit(1);
303 }
304 }
305 if (k->type == KEY_RSA1) {
306 fprintf(stderr, "version 1 keys are not supported\n");
307 exit(1);
308 }
309
310 switch (convert_format) {
311 case FMT_RFC4716:
312 do_convert_to_ssh2(pw, k);
313 break;
314 case FMT_PKCS8:
315 do_convert_to_pkcs8(k);
316 break;
317 case FMT_PEM:
318 do_convert_to_pem(k);
319 break;
320 default:
321 fatal("%s: unknown key format %d", __func__, convert_format);
322 }
323 exit(0);
324}
325
326static void
256buffer_get_bignum_bits(Buffer *b, BIGNUM *value) 327buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
257{ 328{
258 u_int bignum_bits = buffer_get_int(b); 329 u_int bignum_bits = buffer_get_int(b);
@@ -390,29 +461,18 @@ get_line(FILE *fp, char *line, size_t len)
390} 461}
391 462
392static void 463static void
393do_convert_from_ssh2(struct passwd *pw) 464do_convert_from_ssh2(struct passwd *pw, Key **k, int *private)
394{ 465{
395 Key *k;
396 int blen; 466 int blen;
397 u_int len; 467 u_int len;
398 char line[1024]; 468 char line[1024];
399 u_char blob[8096]; 469 u_char blob[8096];
400 char encoded[8096]; 470 char encoded[8096];
401 struct stat st; 471 int escaped = 0;
402 int escaped = 0, private = 0, ok;
403 FILE *fp; 472 FILE *fp;
404 473
405 if (!have_identity) 474 if ((fp = fopen(identity_file, "r")) == NULL)
406 ask_filename(pw, "Enter file in which the key is"); 475 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
407 if (stat(identity_file, &st) < 0) {
408 perror(identity_file);
409 exit(1);
410 }
411 fp = fopen(identity_file, "r");
412 if (fp == NULL) {
413 perror(identity_file);
414 exit(1);
415 }
416 encoded[0] = '\0'; 476 encoded[0] = '\0';
417 while ((blen = get_line(fp, line, sizeof(line))) != -1) { 477 while ((blen = get_line(fp, line, sizeof(line))) != -1) {
418 if (line[blen - 1] == '\\') 478 if (line[blen - 1] == '\\')
@@ -420,7 +480,7 @@ do_convert_from_ssh2(struct passwd *pw)
420 if (strncmp(line, "----", 4) == 0 || 480 if (strncmp(line, "----", 4) == 0 ||
421 strstr(line, ": ") != NULL) { 481 strstr(line, ": ") != NULL) {
422 if (strstr(line, SSH_COM_PRIVATE_BEGIN) != NULL) 482 if (strstr(line, SSH_COM_PRIVATE_BEGIN) != NULL)
423 private = 1; 483 *private = 1;
424 if (strstr(line, " END ") != NULL) { 484 if (strstr(line, " END ") != NULL) {
425 break; 485 break;
426 } 486 }
@@ -445,26 +505,130 @@ do_convert_from_ssh2(struct passwd *pw)
445 fprintf(stderr, "uudecode failed.\n"); 505 fprintf(stderr, "uudecode failed.\n");
446 exit(1); 506 exit(1);
447 } 507 }
448 k = private ? 508 *k = *private ?
449 do_convert_private_ssh2_from_blob(blob, blen) : 509 do_convert_private_ssh2_from_blob(blob, blen) :
450 key_from_blob(blob, blen); 510 key_from_blob(blob, blen);
451 if (k == NULL) { 511 if (*k == NULL) {
452 fprintf(stderr, "decode blob failed.\n"); 512 fprintf(stderr, "decode blob failed.\n");
453 exit(1); 513 exit(1);
454 } 514 }
455 ok = private ? 515 fclose(fp);
456 (k->type == KEY_DSA ? 516}
457 PEM_write_DSAPrivateKey(stdout, k->dsa, NULL, NULL, 0, NULL, NULL) : 517
458 PEM_write_RSAPrivateKey(stdout, k->rsa, NULL, NULL, 0, NULL, NULL)) : 518static void
459 key_write(k, stdout); 519do_convert_from_pkcs8(Key **k, int *private)
520{
521 EVP_PKEY *pubkey;
522 FILE *fp;
523
524 if ((fp = fopen(identity_file, "r")) == NULL)
525 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
526 if ((pubkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL)) == NULL) {
527 fatal("%s: %s is not a recognised public key format", __func__,
528 identity_file);
529 }
530 fclose(fp);
531 switch (EVP_PKEY_type(pubkey->type)) {
532 case EVP_PKEY_RSA:
533 *k = key_new(KEY_UNSPEC);
534 (*k)->type = KEY_RSA;
535 (*k)->rsa = EVP_PKEY_get1_RSA(pubkey);
536 break;
537 case EVP_PKEY_DSA:
538 *k = key_new(KEY_UNSPEC);
539 (*k)->type = KEY_DSA;
540 (*k)->dsa = EVP_PKEY_get1_DSA(pubkey);
541 break;
542 default:
543 fatal("%s: unsupported pubkey type %d", __func__,
544 EVP_PKEY_type(pubkey->type));
545 }
546 EVP_PKEY_free(pubkey);
547 return;
548}
549
550static void
551do_convert_from_pem(Key **k, int *private)
552{
553 FILE *fp;
554 RSA *rsa;
555#ifdef notyet
556 DSA *dsa;
557#endif
558
559 if ((fp = fopen(identity_file, "r")) == NULL)
560 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
561 if ((rsa = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL)) != NULL) {
562 *k = key_new(KEY_UNSPEC);
563 (*k)->type = KEY_RSA;
564 (*k)->rsa = rsa;
565 fclose(fp);
566 return;
567 }
568#if notyet /* OpenSSH 0.9.8 lacks this function */
569 rewind(fp);
570 if ((dsa = PEM_read_DSAPublicKey(fp, NULL, NULL, NULL)) != NULL) {
571 *k = key_new(KEY_UNSPEC);
572 (*k)->type = KEY_DSA;
573 (*k)->dsa = dsa;
574 fclose(fp);
575 return;
576 }
577#endif
578 fatal("%s: unrecognised raw private key format", __func__);
579}
580
581static void
582do_convert_from(struct passwd *pw)
583{
584 Key *k = NULL;
585 int private = 0, ok = 0;
586 struct stat st;
587
588 if (!have_identity)
589 ask_filename(pw, "Enter file in which the key is");
590 if (stat(identity_file, &st) < 0)
591 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
592
593 switch (convert_format) {
594 case FMT_RFC4716:
595 do_convert_from_ssh2(pw, &k, &private);
596 break;
597 case FMT_PKCS8:
598 do_convert_from_pkcs8(&k, &private);
599 break;
600 case FMT_PEM:
601 do_convert_from_pem(&k, &private);
602 break;
603 default:
604 fatal("%s: unknown key format %d", __func__, convert_format);
605 }
606
607 if (!private)
608 ok = key_write(k, stdout);
609 if (ok)
610 fprintf(stdout, "\n");
611 else {
612 switch (k->type) {
613 case KEY_DSA:
614 ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL,
615 NULL, 0, NULL, NULL);
616 break;
617 case KEY_RSA:
618 ok = PEM_write_RSAPrivateKey(stdout, k->rsa, NULL,
619 NULL, 0, NULL, NULL);
620 break;
621 default:
622 fatal("%s: unsupported key type %s", __func__,
623 key_type(k));
624 }
625 }
626
460 if (!ok) { 627 if (!ok) {
461 fprintf(stderr, "key write failed\n"); 628 fprintf(stderr, "key write failed\n");
462 exit(1); 629 exit(1);
463 } 630 }
464 key_free(k); 631 key_free(k);
465 if (!private)
466 fprintf(stdout, "\n");
467 fclose(fp);
468 exit(0); 632 exit(0);
469} 633}
470 634
@@ -493,7 +657,7 @@ do_print_public(struct passwd *pw)
493} 657}
494 658
495static void 659static void
496do_download(struct passwd *pw, char *pkcs11provider) 660do_download(struct passwd *pw)
497{ 661{
498#ifdef ENABLE_PKCS11 662#ifdef ENABLE_PKCS11
499 Key **keys = NULL; 663 Key **keys = NULL;
@@ -555,67 +719,68 @@ do_fingerprint(struct passwd *pw)
555 comment = NULL; 719 comment = NULL;
556 } 720 }
557 721
558 f = fopen(identity_file, "r"); 722 if ((f = fopen(identity_file, "r")) == NULL)
559 if (f != NULL) { 723 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
560 while (fgets(line, sizeof(line), f)) {
561 if ((cp = strchr(line, '\n')) == NULL) {
562 error("line %d too long: %.40s...",
563 num + 1, line);
564 skip = 1;
565 continue;
566 }
567 num++;
568 if (skip) {
569 skip = 0;
570 continue;
571 }
572 *cp = '\0';
573 724
574 /* Skip leading whitespace, empty and comment lines. */ 725 while (fgets(line, sizeof(line), f)) {
575 for (cp = line; *cp == ' ' || *cp == '\t'; cp++) 726 if ((cp = strchr(line, '\n')) == NULL) {
576 ; 727 error("line %d too long: %.40s...",
577 if (!*cp || *cp == '\n' || *cp == '#') 728 num + 1, line);
578 continue; 729 skip = 1;
579 i = strtol(cp, &ep, 10); 730 continue;
580 if (i == 0 || ep == NULL || (*ep != ' ' && *ep != '\t')) { 731 }
581 int quoted = 0; 732 num++;
582 comment = cp; 733 if (skip) {
583 for (; *cp && (quoted || (*cp != ' ' && 734 skip = 0;
584 *cp != '\t')); cp++) { 735 continue;
585 if (*cp == '\\' && cp[1] == '"') 736 }
586 cp++; /* Skip both */ 737 *cp = '\0';
587 else if (*cp == '"') 738
588 quoted = !quoted; 739 /* Skip leading whitespace, empty and comment lines. */
589 } 740 for (cp = line; *cp == ' ' || *cp == '\t'; cp++)
590 if (!*cp) 741 ;
591 continue; 742 if (!*cp || *cp == '\n' || *cp == '#')
592 *cp++ = '\0'; 743 continue;
744 i = strtol(cp, &ep, 10);
745 if (i == 0 || ep == NULL || (*ep != ' ' && *ep != '\t')) {
746 int quoted = 0;
747 comment = cp;
748 for (; *cp && (quoted || (*cp != ' ' &&
749 *cp != '\t')); cp++) {
750 if (*cp == '\\' && cp[1] == '"')
751 cp++; /* Skip both */
752 else if (*cp == '"')
753 quoted = !quoted;
593 } 754 }
594 ep = cp; 755 if (!*cp)
595 public = key_new(KEY_RSA1); 756 continue;
757 *cp++ = '\0';
758 }
759 ep = cp;
760 public = key_new(KEY_RSA1);
761 if (key_read(public, &cp) != 1) {
762 cp = ep;
763 key_free(public);
764 public = key_new(KEY_UNSPEC);
596 if (key_read(public, &cp) != 1) { 765 if (key_read(public, &cp) != 1) {
597 cp = ep;
598 key_free(public); 766 key_free(public);
599 public = key_new(KEY_UNSPEC); 767 continue;
600 if (key_read(public, &cp) != 1) {
601 key_free(public);
602 continue;
603 }
604 } 768 }
605 comment = *cp ? cp : comment;
606 fp = key_fingerprint(public, fptype, rep);
607 ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART);
608 printf("%u %s %s (%s)\n", key_size(public), fp,
609 comment ? comment : "no comment", key_type(public));
610 if (log_level >= SYSLOG_LEVEL_VERBOSE)
611 printf("%s\n", ra);
612 xfree(ra);
613 xfree(fp);
614 key_free(public);
615 invalid = 0;
616 } 769 }
617 fclose(f); 770 comment = *cp ? cp : comment;
771 fp = key_fingerprint(public, fptype, rep);
772 ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART);
773 printf("%u %s %s (%s)\n", key_size(public), fp,
774 comment ? comment : "no comment", key_type(public));
775 if (log_level >= SYSLOG_LEVEL_VERBOSE)
776 printf("%s\n", ra);
777 xfree(ra);
778 xfree(fp);
779 key_free(public);
780 invalid = 0;
618 } 781 }
782 fclose(f);
783
619 if (invalid) { 784 if (invalid) {
620 printf("%s is not a public key file.\n", identity_file); 785 printf("%s is not a public key file.\n", identity_file);
621 exit(1); 786 exit(1);
@@ -670,7 +835,7 @@ do_known_hosts(struct passwd *pw, const char *name)
670 have_identity = 1; 835 have_identity = 1;
671 } 836 }
672 if ((in = fopen(identity_file, "r")) == NULL) 837 if ((in = fopen(identity_file, "r")) == NULL)
673 fatal("fopen: %s", strerror(errno)); 838 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
674 839
675 /* 840 /*
676 * Find hosts goes to stdout, hash and deletions happen in-place 841 * Find hosts goes to stdout, hash and deletions happen in-place
@@ -1104,7 +1269,7 @@ fmt_validity(u_int64_t valid_from, u_int64_t valid_to)
1104} 1269}
1105 1270
1106static void 1271static void
1107add_flag_constraint(Buffer *c, const char *name) 1272add_flag_option(Buffer *c, const char *name)
1108{ 1273{
1109 debug3("%s: %s", __func__, name); 1274 debug3("%s: %s", __func__, name);
1110 buffer_put_cstring(c, name); 1275 buffer_put_cstring(c, name);
@@ -1112,7 +1277,7 @@ add_flag_constraint(Buffer *c, const char *name)
1112} 1277}
1113 1278
1114static void 1279static void
1115add_string_constraint(Buffer *c, const char *name, const char *value) 1280add_string_option(Buffer *c, const char *name, const char *value)
1116{ 1281{
1117 Buffer b; 1282 Buffer b;
1118 1283
@@ -1126,25 +1291,62 @@ add_string_constraint(Buffer *c, const char *name, const char *value)
1126 buffer_free(&b); 1291 buffer_free(&b);
1127} 1292}
1128 1293
1294#define OPTIONS_CRITICAL 1
1295#define OPTIONS_EXTENSIONS 2
1129static void 1296static void
1130prepare_constraint_buf(Buffer *c) 1297prepare_options_buf(Buffer *c, int which)
1131{ 1298{
1132
1133 buffer_clear(c); 1299 buffer_clear(c);
1134 if ((constraint_flags & CONSTRAINT_X_FWD) != 0) 1300 if ((which & OPTIONS_CRITICAL) != 0 &&
1135 add_flag_constraint(c, "permit-X11-forwarding"); 1301 certflags_command != NULL)
1136 if ((constraint_flags & CONSTRAINT_AGENT_FWD) != 0) 1302 add_string_option(c, "force-command", certflags_command);
1137 add_flag_constraint(c, "permit-agent-forwarding"); 1303 if ((which & OPTIONS_EXTENSIONS) != 0 &&
1138 if ((constraint_flags & CONSTRAINT_PORT_FWD) != 0) 1304 (certflags_flags & CERTOPT_AGENT_FWD) != 0)
1139 add_flag_constraint(c, "permit-port-forwarding"); 1305 add_flag_option(c, "permit-agent-forwarding");
1140 if ((constraint_flags & CONSTRAINT_PTY) != 0) 1306 if ((which & OPTIONS_EXTENSIONS) != 0 &&
1141 add_flag_constraint(c, "permit-pty"); 1307 (certflags_flags & CERTOPT_PORT_FWD) != 0)
1142 if ((constraint_flags & CONSTRAINT_USER_RC) != 0) 1308 add_flag_option(c, "permit-port-forwarding");
1143 add_flag_constraint(c, "permit-user-rc"); 1309 if ((which & OPTIONS_EXTENSIONS) != 0 &&
1144 if (constraint_command != NULL) 1310 (certflags_flags & CERTOPT_PTY) != 0)
1145 add_string_constraint(c, "force-command", constraint_command); 1311 add_flag_option(c, "permit-pty");
1146 if (constraint_src_addr != NULL) 1312 if ((which & OPTIONS_EXTENSIONS) != 0 &&
1147 add_string_constraint(c, "source-address", constraint_src_addr); 1313 (certflags_flags & CERTOPT_USER_RC) != 0)
1314 add_flag_option(c, "permit-user-rc");
1315 if ((which & OPTIONS_EXTENSIONS) != 0 &&
1316 (certflags_flags & CERTOPT_X_FWD) != 0)
1317 add_flag_option(c, "permit-X11-forwarding");
1318 if ((which & OPTIONS_CRITICAL) != 0 &&
1319 certflags_src_addr != NULL)
1320 add_string_option(c, "source-address", certflags_src_addr);
1321}
1322
1323static Key *
1324load_pkcs11_key(char *path)
1325{
1326#ifdef ENABLE_PKCS11
1327 Key **keys = NULL, *public, *private = NULL;
1328 int i, nkeys;
1329
1330 if ((public = key_load_public(path, NULL)) == NULL)
1331 fatal("Couldn't load CA public key \"%s\"", path);
1332
1333 nkeys = pkcs11_add_provider(pkcs11provider, identity_passphrase, &keys);
1334 debug3("%s: %d keys", __func__, nkeys);
1335 if (nkeys <= 0)
1336 fatal("cannot read public key from pkcs11");
1337 for (i = 0; i < nkeys; i++) {
1338 if (key_equal_public(public, keys[i])) {
1339 private = keys[i];
1340 continue;
1341 }
1342 key_free(keys[i]);
1343 }
1344 xfree(keys);
1345 key_free(public);
1346 return private;
1347#else
1348 fatal("no pkcs11 support");
1349#endif /* ENABLE_PKCS11 */
1148} 1350}
1149 1351
1150static void 1352static void
@@ -1155,9 +1357,33 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1155 Key *ca, *public; 1357 Key *ca, *public;
1156 char *otmp, *tmp, *cp, *out, *comment, **plist = NULL; 1358 char *otmp, *tmp, *cp, *out, *comment, **plist = NULL;
1157 FILE *f; 1359 FILE *f;
1360 int v00 = 0; /* legacy keys */
1361
1362 if (key_type_name != NULL) {
1363 switch (key_type_from_name(key_type_name)) {
1364 case KEY_RSA_CERT_V00:
1365 case KEY_DSA_CERT_V00:
1366 v00 = 1;
1367 break;
1368 case KEY_UNSPEC:
1369 if (strcasecmp(key_type_name, "v00") == 0) {
1370 v00 = 1;
1371 break;
1372 } else if (strcasecmp(key_type_name, "v01") == 0)
1373 break;
1374 /* FALLTHROUGH */
1375 default:
1376 fprintf(stderr, "unknown key type %s\n", key_type_name);
1377 exit(1);
1378 }
1379 }
1158 1380
1381 pkcs11_init(1);
1159 tmp = tilde_expand_filename(ca_key_path, pw->pw_uid); 1382 tmp = tilde_expand_filename(ca_key_path, pw->pw_uid);
1160 if ((ca = load_identity(tmp)) == NULL) 1383 if (pkcs11provider != NULL) {
1384 if ((ca = load_pkcs11_key(tmp)) == NULL)
1385 fatal("No PKCS#11 key matching %s found", ca_key_path);
1386 } else if ((ca = load_identity(tmp)) == NULL)
1161 fatal("Couldn't load CA key \"%s\"", tmp); 1387 fatal("Couldn't load CA key \"%s\"", tmp);
1162 xfree(tmp); 1388 xfree(tmp);
1163 1389
@@ -1183,15 +1409,24 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1183 __func__, tmp, key_type(public)); 1409 __func__, tmp, key_type(public));
1184 1410
1185 /* Prepare certificate to sign */ 1411 /* Prepare certificate to sign */
1186 if (key_to_certified(public) != 0) 1412 if (key_to_certified(public, v00) != 0)
1187 fatal("Could not upgrade key %s to certificate", tmp); 1413 fatal("Could not upgrade key %s to certificate", tmp);
1188 public->cert->type = cert_key_type; 1414 public->cert->type = cert_key_type;
1415 public->cert->serial = (u_int64_t)cert_serial;
1189 public->cert->key_id = xstrdup(cert_key_id); 1416 public->cert->key_id = xstrdup(cert_key_id);
1190 public->cert->nprincipals = n; 1417 public->cert->nprincipals = n;
1191 public->cert->principals = plist; 1418 public->cert->principals = plist;
1192 public->cert->valid_after = cert_valid_from; 1419 public->cert->valid_after = cert_valid_from;
1193 public->cert->valid_before = cert_valid_to; 1420 public->cert->valid_before = cert_valid_to;
1194 prepare_constraint_buf(&public->cert->constraints); 1421 if (v00) {
1422 prepare_options_buf(&public->cert->critical,
1423 OPTIONS_CRITICAL|OPTIONS_EXTENSIONS);
1424 } else {
1425 prepare_options_buf(&public->cert->critical,
1426 OPTIONS_CRITICAL);
1427 prepare_options_buf(&public->cert->extensions,
1428 OPTIONS_EXTENSIONS);
1429 }
1195 public->cert->signature_key = key_from_private(ca); 1430 public->cert->signature_key = key_from_private(ca);
1196 1431
1197 if (key_certify(public, ca) != 0) 1432 if (key_certify(public, ca) != 0)
@@ -1212,17 +1447,19 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1212 fprintf(f, " %s\n", comment); 1447 fprintf(f, " %s\n", comment);
1213 fclose(f); 1448 fclose(f);
1214 1449
1215 if (!quiet) 1450 if (!quiet) {
1216 logit("Signed %s key %s: id \"%s\"%s%s valid %s", 1451 logit("Signed %s key %s: id \"%s\" serial %llu%s%s "
1217 cert_key_type == SSH2_CERT_TYPE_USER?"user":"host", 1452 "valid %s", key_cert_type(public),
1218 out, cert_key_id, 1453 out, public->cert->key_id, public->cert->serial,
1219 cert_principals != NULL ? " for " : "", 1454 cert_principals != NULL ? " for " : "",
1220 cert_principals != NULL ? cert_principals : "", 1455 cert_principals != NULL ? cert_principals : "",
1221 fmt_validity(cert_valid_from, cert_valid_to)); 1456 fmt_validity(cert_valid_from, cert_valid_to));
1457 }
1222 1458
1223 key_free(public); 1459 key_free(public);
1224 xfree(out); 1460 xfree(out);
1225 } 1461 }
1462 pkcs11_terminate();
1226 exit(0); 1463 exit(0);
1227} 1464}
1228 1465
@@ -1321,50 +1558,92 @@ parse_cert_times(char *timespec)
1321} 1558}
1322 1559
1323static void 1560static void
1324add_cert_constraint(char *opt) 1561add_cert_option(char *opt)
1325{ 1562{
1326 char *val; 1563 char *val;
1327 1564
1328 if (strcmp(opt, "clear") == 0) 1565 if (strcmp(opt, "clear") == 0)
1329 constraint_flags = 0; 1566 certflags_flags = 0;
1330 else if (strcasecmp(opt, "no-x11-forwarding") == 0) 1567 else if (strcasecmp(opt, "no-x11-forwarding") == 0)
1331 constraint_flags &= ~CONSTRAINT_X_FWD; 1568 certflags_flags &= ~CERTOPT_X_FWD;
1332 else if (strcasecmp(opt, "permit-x11-forwarding") == 0) 1569 else if (strcasecmp(opt, "permit-x11-forwarding") == 0)
1333 constraint_flags |= CONSTRAINT_X_FWD; 1570 certflags_flags |= CERTOPT_X_FWD;
1334 else if (strcasecmp(opt, "no-agent-forwarding") == 0) 1571 else if (strcasecmp(opt, "no-agent-forwarding") == 0)
1335 constraint_flags &= ~CONSTRAINT_AGENT_FWD; 1572 certflags_flags &= ~CERTOPT_AGENT_FWD;
1336 else if (strcasecmp(opt, "permit-agent-forwarding") == 0) 1573 else if (strcasecmp(opt, "permit-agent-forwarding") == 0)
1337 constraint_flags |= CONSTRAINT_AGENT_FWD; 1574 certflags_flags |= CERTOPT_AGENT_FWD;
1338 else if (strcasecmp(opt, "no-port-forwarding") == 0) 1575 else if (strcasecmp(opt, "no-port-forwarding") == 0)
1339 constraint_flags &= ~CONSTRAINT_PORT_FWD; 1576 certflags_flags &= ~CERTOPT_PORT_FWD;
1340 else if (strcasecmp(opt, "permit-port-forwarding") == 0) 1577 else if (strcasecmp(opt, "permit-port-forwarding") == 0)
1341 constraint_flags |= CONSTRAINT_PORT_FWD; 1578 certflags_flags |= CERTOPT_PORT_FWD;
1342 else if (strcasecmp(opt, "no-pty") == 0) 1579 else if (strcasecmp(opt, "no-pty") == 0)
1343 constraint_flags &= ~CONSTRAINT_PTY; 1580 certflags_flags &= ~CERTOPT_PTY;
1344 else if (strcasecmp(opt, "permit-pty") == 0) 1581 else if (strcasecmp(opt, "permit-pty") == 0)
1345 constraint_flags |= CONSTRAINT_PTY; 1582 certflags_flags |= CERTOPT_PTY;
1346 else if (strcasecmp(opt, "no-user-rc") == 0) 1583 else if (strcasecmp(opt, "no-user-rc") == 0)
1347 constraint_flags &= ~CONSTRAINT_USER_RC; 1584 certflags_flags &= ~CERTOPT_USER_RC;
1348 else if (strcasecmp(opt, "permit-user-rc") == 0) 1585 else if (strcasecmp(opt, "permit-user-rc") == 0)
1349 constraint_flags |= CONSTRAINT_USER_RC; 1586 certflags_flags |= CERTOPT_USER_RC;
1350 else if (strncasecmp(opt, "force-command=", 14) == 0) { 1587 else if (strncasecmp(opt, "force-command=", 14) == 0) {
1351 val = opt + 14; 1588 val = opt + 14;
1352 if (*val == '\0') 1589 if (*val == '\0')
1353 fatal("Empty force-command constraint"); 1590 fatal("Empty force-command option");
1354 if (constraint_command != NULL) 1591 if (certflags_command != NULL)
1355 fatal("force-command already specified"); 1592 fatal("force-command already specified");
1356 constraint_command = xstrdup(val); 1593 certflags_command = xstrdup(val);
1357 } else if (strncasecmp(opt, "source-address=", 15) == 0) { 1594 } else if (strncasecmp(opt, "source-address=", 15) == 0) {
1358 val = opt + 15; 1595 val = opt + 15;
1359 if (*val == '\0') 1596 if (*val == '\0')
1360 fatal("Empty source-address constraint"); 1597 fatal("Empty source-address option");
1361 if (constraint_src_addr != NULL) 1598 if (certflags_src_addr != NULL)
1362 fatal("source-address already specified"); 1599 fatal("source-address already specified");
1363 if (addr_match_cidr_list(NULL, val) != 0) 1600 if (addr_match_cidr_list(NULL, val) != 0)
1364 fatal("Invalid source-address list"); 1601 fatal("Invalid source-address list");
1365 constraint_src_addr = xstrdup(val); 1602 certflags_src_addr = xstrdup(val);
1366 } else 1603 } else
1367 fatal("Unsupported certificate constraint \"%s\"", opt); 1604 fatal("Unsupported certificate option \"%s\"", opt);
1605}
1606
1607static void
1608show_options(const Buffer *optbuf, int v00, int in_critical)
1609{
1610 u_char *name, *data;
1611 u_int dlen;
1612 Buffer options, option;
1613
1614 buffer_init(&options);
1615 buffer_append(&options, buffer_ptr(optbuf), buffer_len(optbuf));
1616
1617 buffer_init(&option);
1618 while (buffer_len(&options) != 0) {
1619 name = buffer_get_string(&options, NULL);
1620 data = buffer_get_string_ptr(&options, &dlen);
1621 buffer_append(&option, data, dlen);
1622 printf(" %s", name);
1623 if ((v00 || !in_critical) &&
1624 (strcmp(name, "permit-X11-forwarding") == 0 ||
1625 strcmp(name, "permit-agent-forwarding") == 0 ||
1626 strcmp(name, "permit-port-forwarding") == 0 ||
1627 strcmp(name, "permit-pty") == 0 ||
1628 strcmp(name, "permit-user-rc") == 0))
1629 printf("\n");
1630 else if ((v00 || in_critical) &&
1631 (strcmp(name, "force-command") == 0 ||
1632 strcmp(name, "source-address") == 0)) {
1633 data = buffer_get_string(&option, NULL);
1634 printf(" %s\n", data);
1635 xfree(data);
1636 } else {
1637 printf(" UNKNOWN OPTION (len %u)\n",
1638 buffer_len(&option));
1639 buffer_clear(&option);
1640 }
1641 xfree(name);
1642 if (buffer_len(&option) != 0)
1643 fatal("Option corrupt: extra data at end");
1644 }
1645 buffer_free(&option);
1646 buffer_free(&options);
1368} 1647}
1369 1648
1370static void 1649static void
@@ -1373,31 +1652,31 @@ do_show_cert(struct passwd *pw)
1373 Key *key; 1652 Key *key;
1374 struct stat st; 1653 struct stat st;
1375 char *key_fp, *ca_fp; 1654 char *key_fp, *ca_fp;
1376 Buffer constraints, constraint; 1655 u_int i, v00;
1377 u_char *name, *data;
1378 u_int i, dlen;
1379 1656
1380 if (!have_identity) 1657 if (!have_identity)
1381 ask_filename(pw, "Enter file in which the key is"); 1658 ask_filename(pw, "Enter file in which the key is");
1382 if (stat(identity_file, &st) < 0) { 1659 if (stat(identity_file, &st) < 0)
1383 perror(identity_file); 1660 fatal("%s: %s: %s", __progname, identity_file, strerror(errno));
1384 exit(1);
1385 }
1386 if ((key = key_load_public(identity_file, NULL)) == NULL) 1661 if ((key = key_load_public(identity_file, NULL)) == NULL)
1387 fatal("%s is not a public key", identity_file); 1662 fatal("%s is not a public key", identity_file);
1388 if (!key_is_cert(key)) 1663 if (!key_is_cert(key))
1389 fatal("%s is not a certificate", identity_file); 1664 fatal("%s is not a certificate", identity_file);
1390 1665 v00 = key->type == KEY_RSA_CERT_V00 || key->type == KEY_DSA_CERT_V00;
1666
1391 key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); 1667 key_fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
1392 ca_fp = key_fingerprint(key->cert->signature_key, 1668 ca_fp = key_fingerprint(key->cert->signature_key,
1393 SSH_FP_MD5, SSH_FP_HEX); 1669 SSH_FP_MD5, SSH_FP_HEX);
1394 1670
1395 printf("%s:\n", identity_file); 1671 printf("%s:\n", identity_file);
1396 printf(" %s %s certificate %s\n", key_type(key), 1672 printf(" Type: %s %s certificate\n", key_ssh_name(key),
1397 key_cert_type(key), key_fp); 1673 key_cert_type(key));
1398 printf(" Signed by %s CA %s\n", 1674 printf(" Public key: %s %s\n", key_type(key), key_fp);
1675 printf(" Signing CA: %s %s\n",
1399 key_type(key->cert->signature_key), ca_fp); 1676 key_type(key->cert->signature_key), ca_fp);
1400 printf(" Key ID \"%s\"\n", key->cert->key_id); 1677 printf(" Key ID: \"%s\"\n", key->cert->key_id);
1678 if (!v00)
1679 printf(" Serial: %llu\n", key->cert->serial);
1401 printf(" Valid: %s\n", 1680 printf(" Valid: %s\n",
1402 fmt_validity(key->cert->valid_after, key->cert->valid_before)); 1681 fmt_validity(key->cert->valid_after, key->cert->valid_before));
1403 printf(" Principals: "); 1682 printf(" Principals: ");
@@ -1409,45 +1688,22 @@ do_show_cert(struct passwd *pw)
1409 key->cert->principals[i]); 1688 key->cert->principals[i]);
1410 printf("\n"); 1689 printf("\n");
1411 } 1690 }
1412 printf(" Constraints: "); 1691 printf(" Critical Options: ");
1413 if (buffer_len(&key->cert->constraints) == 0) 1692 if (buffer_len(&key->cert->critical) == 0)
1414 printf("(none)\n"); 1693 printf("(none)\n");
1415 else { 1694 else {
1416 printf("\n"); 1695 printf("\n");
1417 buffer_init(&constraints); 1696 show_options(&key->cert->critical, v00, 1);
1418 buffer_append(&constraints, 1697 }
1419 buffer_ptr(&key->cert->constraints), 1698 if (!v00) {
1420 buffer_len(&key->cert->constraints)); 1699 printf(" Extensions: ");
1421 buffer_init(&constraint); 1700 if (buffer_len(&key->cert->extensions) == 0)
1422 while (buffer_len(&constraints) != 0) { 1701 printf("(none)\n");
1423 name = buffer_get_string(&constraints, NULL); 1702 else {
1424 data = buffer_get_string_ptr(&constraints, &dlen); 1703 printf("\n");
1425 buffer_append(&constraint, data, dlen); 1704 show_options(&key->cert->extensions, v00, 0);
1426 printf(" %s", name);
1427 if (strcmp(name, "permit-X11-forwarding") == 0 ||
1428 strcmp(name, "permit-agent-forwarding") == 0 ||
1429 strcmp(name, "permit-port-forwarding") == 0 ||
1430 strcmp(name, "permit-pty") == 0 ||
1431 strcmp(name, "permit-user-rc") == 0)
1432 printf("\n");
1433 else if (strcmp(name, "force-command") == 0 ||
1434 strcmp(name, "source-address") == 0) {
1435 data = buffer_get_string(&constraint, NULL);
1436 printf(" %s\n", data);
1437 xfree(data);
1438 } else {
1439 printf(" UNKNOWN CONSTRAINT (len %u)\n",
1440 buffer_len(&constraint));
1441 buffer_clear(&constraint);
1442 }
1443 xfree(name);
1444 if (buffer_len(&constraint) != 0)
1445 fatal("Constraint corrupt: extra data at end");
1446 } 1705 }
1447 buffer_free(&constraint);
1448 buffer_free(&constraints);
1449 } 1706 }
1450
1451 exit(0); 1707 exit(0);
1452} 1708}
1453 1709
@@ -1464,7 +1720,7 @@ usage(void)
1464#ifdef ENABLE_PKCS11 1720#ifdef ENABLE_PKCS11
1465 fprintf(stderr, " -D pkcs11 Download public key from pkcs11 token.\n"); 1721 fprintf(stderr, " -D pkcs11 Download public key from pkcs11 token.\n");
1466#endif 1722#endif
1467 fprintf(stderr, " -e Convert OpenSSH to RFC 4716 key file.\n"); 1723 fprintf(stderr, " -e Export OpenSSH to foreign format key file.\n");
1468 fprintf(stderr, " -F hostname Find hostname in known hosts file.\n"); 1724 fprintf(stderr, " -F hostname Find hostname in known hosts file.\n");
1469 fprintf(stderr, " -f filename Filename of the key file.\n"); 1725 fprintf(stderr, " -f filename Filename of the key file.\n");
1470 fprintf(stderr, " -G file Generate candidates for DH-GEX moduli.\n"); 1726 fprintf(stderr, " -G file Generate candidates for DH-GEX moduli.\n");
@@ -1472,26 +1728,28 @@ usage(void)
1472 fprintf(stderr, " -H Hash names in known_hosts file.\n"); 1728 fprintf(stderr, " -H Hash names in known_hosts file.\n");
1473 fprintf(stderr, " -h Generate host certificate instead of a user certificate.\n"); 1729 fprintf(stderr, " -h Generate host certificate instead of a user certificate.\n");
1474 fprintf(stderr, " -I key_id Key identifier to include in certificate.\n"); 1730 fprintf(stderr, " -I key_id Key identifier to include in certificate.\n");
1475 fprintf(stderr, " -i Convert RFC 4716 to OpenSSH key file.\n"); 1731 fprintf(stderr, " -i Import foreign format to OpenSSH key file.\n");
1476 fprintf(stderr, " -L Print the contents of a certificate.\n"); 1732 fprintf(stderr, " -L Print the contents of a certificate.\n");
1477 fprintf(stderr, " -l Show fingerprint of key file.\n"); 1733 fprintf(stderr, " -l Show fingerprint of key file.\n");
1478 fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n"); 1734 fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n");
1479 fprintf(stderr, " -n name,... User/host principal names to include in certificate\n"); 1735 fprintf(stderr, " -m key_fmt Conversion format for -e/-i (PEM|PKCS8|RFC4716).\n");
1480 fprintf(stderr, " -N phrase Provide new passphrase.\n"); 1736 fprintf(stderr, " -N phrase Provide new passphrase.\n");
1481 fprintf(stderr, " -O cnstr Specify a certificate constraint.\n"); 1737 fprintf(stderr, " -n name,... User/host principal names to include in certificate\n");
1738 fprintf(stderr, " -O option Specify a certificate option.\n");
1482 fprintf(stderr, " -P phrase Provide old passphrase.\n"); 1739 fprintf(stderr, " -P phrase Provide old passphrase.\n");
1483 fprintf(stderr, " -p Change passphrase of private key file.\n"); 1740 fprintf(stderr, " -p Change passphrase of private key file.\n");
1484 fprintf(stderr, " -q Quiet.\n"); 1741 fprintf(stderr, " -q Quiet.\n");
1485 fprintf(stderr, " -R hostname Remove host from known_hosts file.\n"); 1742 fprintf(stderr, " -R hostname Remove host from known_hosts file.\n");
1486 fprintf(stderr, " -r hostname Print DNS resource record.\n"); 1743 fprintf(stderr, " -r hostname Print DNS resource record.\n");
1487 fprintf(stderr, " -s ca_key Certify keys with CA key.\n");
1488 fprintf(stderr, " -S start Start point (hex) for generating DH-GEX moduli.\n"); 1744 fprintf(stderr, " -S start Start point (hex) for generating DH-GEX moduli.\n");
1745 fprintf(stderr, " -s ca_key Certify keys with CA key.\n");
1489 fprintf(stderr, " -T file Screen candidates for DH-GEX moduli.\n"); 1746 fprintf(stderr, " -T file Screen candidates for DH-GEX moduli.\n");
1490 fprintf(stderr, " -t type Specify type of key to create.\n"); 1747 fprintf(stderr, " -t type Specify type of key to create.\n");
1491 fprintf(stderr, " -V from:to Specify certificate validity interval.\n"); 1748 fprintf(stderr, " -V from:to Specify certificate validity interval.\n");
1492 fprintf(stderr, " -v Verbose.\n"); 1749 fprintf(stderr, " -v Verbose.\n");
1493 fprintf(stderr, " -W gen Generator to use for generating DH-GEX moduli.\n"); 1750 fprintf(stderr, " -W gen Generator to use for generating DH-GEX moduli.\n");
1494 fprintf(stderr, " -y Read private key file and print public key.\n"); 1751 fprintf(stderr, " -y Read private key file and print public key.\n");
1752 fprintf(stderr, " -z serial Specify a serial number.\n");
1495 1753
1496 exit(1); 1754 exit(1);
1497} 1755}
@@ -1503,12 +1761,12 @@ int
1503main(int argc, char **argv) 1761main(int argc, char **argv)
1504{ 1762{
1505 char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; 1763 char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2;
1506 char out_file[MAXPATHLEN], *pkcs11provider = NULL; 1764 char out_file[MAXPATHLEN], *rr_hostname = NULL;
1507 char *rr_hostname = NULL;
1508 Key *private, *public; 1765 Key *private, *public;
1509 struct passwd *pw; 1766 struct passwd *pw;
1510 struct stat st; 1767 struct stat st;
1511 int opt, type, fd; 1768 int opt, type, fd;
1769 u_int maxbits;
1512 u_int32_t memory = 0, generator_wanted = 0, trials = 100; 1770 u_int32_t memory = 0, generator_wanted = 0, trials = 100;
1513 int do_gen_candidates = 0, do_screen_candidates = 0; 1771 int do_gen_candidates = 0, do_screen_candidates = 0;
1514 BIGNUM *start = NULL; 1772 BIGNUM *start = NULL;
@@ -1540,8 +1798,8 @@ main(int argc, char **argv)
1540 exit(1); 1798 exit(1);
1541 } 1799 }
1542 1800
1543 while ((opt = getopt(argc, argv, "degiqpclBHLhvxXyF:b:f:t:D:I:P:N:n:" 1801 while ((opt = getopt(argc, argv, "degiqpclBHLhvxXyF:b:f:t:D:I:P:m:N:n:"
1544 "O:C:r:g:R:T:G:M:S:s:a:V:W:")) != -1) { 1802 "O:C:r:g:R:T:G:M:S:s:a:V:W:z:")) != -1) {
1545 switch (opt) { 1803 switch (opt) {
1546 case 'b': 1804 case 'b':
1547 bits = (u_int32_t)strtonum(optarg, 768, 32768, &errstr); 1805 bits = (u_int32_t)strtonum(optarg, 768, 32768, &errstr);
@@ -1572,6 +1830,21 @@ main(int argc, char **argv)
1572 case 'B': 1830 case 'B':
1573 print_bubblebabble = 1; 1831 print_bubblebabble = 1;
1574 break; 1832 break;
1833 case 'm':
1834 if (strcasecmp(optarg, "RFC4716") == 0 ||
1835 strcasecmp(optarg, "ssh2") == 0) {
1836 convert_format = FMT_RFC4716;
1837 break;
1838 }
1839 if (strcasecmp(optarg, "PKCS8") == 0) {
1840 convert_format = FMT_PKCS8;
1841 break;
1842 }
1843 if (strcasecmp(optarg, "PEM") == 0) {
1844 convert_format = FMT_PEM;
1845 break;
1846 }
1847 fatal("Unsupported conversion format \"%s\"", optarg);
1575 case 'n': 1848 case 'n':
1576 cert_principals = optarg; 1849 cert_principals = optarg;
1577 break; 1850 break;
@@ -1597,7 +1870,7 @@ main(int argc, char **argv)
1597 identity_new_passphrase = optarg; 1870 identity_new_passphrase = optarg;
1598 break; 1871 break;
1599 case 'O': 1872 case 'O':
1600 add_cert_constraint(optarg); 1873 add_cert_option(optarg);
1601 break; 1874 break;
1602 case 'C': 1875 case 'C':
1603 identity_comment = optarg; 1876 identity_comment = optarg;
@@ -1608,16 +1881,16 @@ main(int argc, char **argv)
1608 case 'e': 1881 case 'e':
1609 case 'x': 1882 case 'x':
1610 /* export key */ 1883 /* export key */
1611 convert_to_ssh2 = 1; 1884 convert_to = 1;
1612 break; 1885 break;
1613 case 'h': 1886 case 'h':
1614 cert_key_type = SSH2_CERT_TYPE_HOST; 1887 cert_key_type = SSH2_CERT_TYPE_HOST;
1615 constraint_flags = 0; 1888 certflags_flags = 0;
1616 break; 1889 break;
1617 case 'i': 1890 case 'i':
1618 case 'X': 1891 case 'X':
1619 /* import key */ 1892 /* import key */
1620 convert_from_ssh2 = 1; 1893 convert_from = 1;
1621 break; 1894 break;
1622 case 'y': 1895 case 'y':
1623 print_public = 1; 1896 print_public = 1;
@@ -1661,9 +1934,8 @@ main(int argc, char **argv)
1661 break; 1934 break;
1662 case 'M': 1935 case 'M':
1663 memory = (u_int32_t)strtonum(optarg, 1, UINT_MAX, &errstr); 1936 memory = (u_int32_t)strtonum(optarg, 1, UINT_MAX, &errstr);
1664 if (errstr) { 1937 if (errstr)
1665 fatal("Memory limit is %s: %s", errstr, optarg); 1938 fatal("Memory limit is %s: %s", errstr, optarg);
1666 }
1667 break; 1939 break;
1668 case 'G': 1940 case 'G':
1669 do_gen_candidates = 1; 1941 do_gen_candidates = 1;
@@ -1685,6 +1957,11 @@ main(int argc, char **argv)
1685 case 'V': 1957 case 'V':
1686 parse_cert_times(optarg); 1958 parse_cert_times(optarg);
1687 break; 1959 break;
1960 case 'z':
1961 cert_serial = strtonum(optarg, 0, LLONG_MAX, &errstr);
1962 if (errstr)
1963 fatal("Invalid serial number: %s", errstr);
1964 break;
1688 case '?': 1965 case '?':
1689 default: 1966 default:
1690 usage(); 1967 usage();
@@ -1729,10 +2006,10 @@ main(int argc, char **argv)
1729 do_change_passphrase(pw); 2006 do_change_passphrase(pw);
1730 if (change_comment) 2007 if (change_comment)
1731 do_change_comment(pw); 2008 do_change_comment(pw);
1732 if (convert_to_ssh2) 2009 if (convert_to)
1733 do_convert_to_ssh2(pw); 2010 do_convert_to(pw);
1734 if (convert_from_ssh2) 2011 if (convert_from)
1735 do_convert_from_ssh2(pw); 2012 do_convert_from(pw);
1736 if (print_public) 2013 if (print_public)
1737 do_print_public(pw); 2014 do_print_public(pw);
1738 if (rr_hostname != NULL) { 2015 if (rr_hostname != NULL) {
@@ -1759,7 +2036,7 @@ main(int argc, char **argv)
1759 } 2036 }
1760 } 2037 }
1761 if (pkcs11provider != NULL) 2038 if (pkcs11provider != NULL)
1762 do_download(pw, pkcs11provider); 2039 do_download(pw);
1763 2040
1764 if (do_gen_candidates) { 2041 if (do_gen_candidates) {
1765 FILE *out = fopen(out_file, "w"); 2042 FILE *out = fopen(out_file, "w");
@@ -1811,6 +2088,12 @@ main(int argc, char **argv)
1811 } 2088 }
1812 if (bits == 0) 2089 if (bits == 0)
1813 bits = (type == KEY_DSA) ? DEFAULT_BITS_DSA : DEFAULT_BITS; 2090 bits = (type == KEY_DSA) ? DEFAULT_BITS_DSA : DEFAULT_BITS;
2091 maxbits = (type == KEY_DSA) ?
2092 OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS;
2093 if (bits > maxbits) {
2094 fprintf(stderr, "key bits exceeds maximum %d\n", maxbits);
2095 exit(1);
2096 }
1814 if (type == KEY_DSA && bits != 1024) 2097 if (type == KEY_DSA && bits != 1024)
1815 fatal("DSA keys must be 1024 bits"); 2098 fatal("DSA keys must be 1024 bits");
1816 if (!quiet) 2099 if (!quiet)
@@ -1826,13 +2109,19 @@ main(int argc, char **argv)
1826 ask_filename(pw, "Enter file in which to save the key"); 2109 ask_filename(pw, "Enter file in which to save the key");
1827 2110
1828 /* Create ~/.ssh directory if it doesn't already exist. */ 2111 /* Create ~/.ssh directory if it doesn't already exist. */
1829 snprintf(dotsshdir, sizeof dotsshdir, "%s/%s", pw->pw_dir, _PATH_SSH_USER_DIR); 2112 snprintf(dotsshdir, sizeof dotsshdir, "%s/%s",
1830 if (strstr(identity_file, dotsshdir) != NULL && 2113 pw->pw_dir, _PATH_SSH_USER_DIR);
1831 stat(dotsshdir, &st) < 0) { 2114 if (strstr(identity_file, dotsshdir) != NULL) {
1832 if (mkdir(dotsshdir, 0700) < 0) 2115 if (stat(dotsshdir, &st) < 0) {
1833 error("Could not create directory '%s'.", dotsshdir); 2116 if (errno != ENOENT) {
1834 else if (!quiet) 2117 error("Could not stat %s: %s", dotsshdir,
1835 printf("Created directory '%s'.\n", dotsshdir); 2118 strerror(errno));
2119 } else if (mkdir(dotsshdir, 0700) < 0) {
2120 error("Could not create directory '%s': %s",
2121 dotsshdir, strerror(errno));
2122 } else if (!quiet)
2123 printf("Created directory '%s'.\n", dotsshdir);
2124 }
1836 } 2125 }
1837 /* If the file already exists, ask the user to confirm. */ 2126 /* If the file already exists, ask the user to confirm. */
1838 if (stat(identity_file, &st) >= 0) { 2127 if (stat(identity_file, &st) >= 0) {
diff --git a/ssh-keyscan.0 b/ssh-keyscan.0
index 8a0ef60e4..9bf4cc252 100644
--- a/ssh-keyscan.0
+++ b/ssh-keyscan.0
@@ -8,17 +8,17 @@ SYNOPSIS
8 [host | addrlist namelist] ... 8 [host | addrlist namelist] ...
9 9
10DESCRIPTION 10DESCRIPTION
11 ssh-keyscan is a utility for gathering the public ssh host keys of a num- 11 ssh-keyscan is a utility for gathering the public ssh host keys of a
12 ber of hosts. It was designed to aid in building and verifying 12 number of hosts. It was designed to aid in building and verifying
13 ssh_known_hosts files. ssh-keyscan provides a minimal interface suitable 13 ssh_known_hosts files. ssh-keyscan provides a minimal interface suitable
14 for use by shell and perl scripts. 14 for use by shell and perl scripts.
15 15
16 ssh-keyscan uses non-blocking socket I/O to contact as many hosts as pos- 16 ssh-keyscan uses non-blocking socket I/O to contact as many hosts as
17 sible in parallel, so it is very efficient. The keys from a domain of 17 possible in parallel, so it is very efficient. The keys from a domain of
18 1,000 hosts can be collected in tens of seconds, even when some of those 18 1,000 hosts can be collected in tens of seconds, even when some of those
19 hosts are down or do not run ssh. For scanning, one does not need login 19 hosts are down or do not run ssh. For scanning, one does not need login
20 access to the machines that are being scanned, nor does the scanning pro- 20 access to the machines that are being scanned, nor does the scanning
21 cess involve any encryption. 21 process involve any encryption.
22 22
23 The options are as follows: 23 The options are as follows:
24 24
@@ -32,8 +32,8 @@ DESCRIPTION
32 read hosts or addrlist namelist pairs from the standard input. 32 read hosts or addrlist namelist pairs from the standard input.
33 33
34 -H Hash all hostnames and addresses in the output. Hashed names may 34 -H Hash all hostnames and addresses in the output. Hashed names may
35 be used normally by ssh and sshd, but they do not reveal identi- 35 be used normally by ssh and sshd, but they do not reveal
36 fying information should the file's contents be disclosed. 36 identifying information should the file's contents be disclosed.
37 37
38 -p port 38 -p port
39 Port to connect to on the remote host. 39 Port to connect to on the remote host.
@@ -42,8 +42,8 @@ DESCRIPTION
42 Set the timeout for connection attempts. If timeout seconds have 42 Set the timeout for connection attempts. If timeout seconds have
43 elapsed since a connection was initiated to a host or since the 43 elapsed since a connection was initiated to a host or since the
44 last time anything was read from that host, then the connection 44 last time anything was read from that host, then the connection
45 is closed and the host in question considered unavailable. De- 45 is closed and the host in question considered unavailable.
46 fault is 5 seconds. 46 Default is 5 seconds.
47 47
48 -t type 48 -t type
49 Specifies the type of the key to fetch from the scanned hosts. 49 Specifies the type of the key to fetch from the scanned hosts.
@@ -56,11 +56,12 @@ DESCRIPTION
56 about its progress. 56 about its progress.
57 57
58SECURITY 58SECURITY
59 If an ssh_known_hosts file is constructed using ssh-keyscan without veri- 59 If an ssh_known_hosts file is constructed using ssh-keyscan without
60 fying the keys, users will be vulnerable to man in the middle attacks. 60 verifying the keys, users will be vulnerable to man in the middle
61 On the other hand, if the security model allows such a risk, ssh-keyscan 61 attacks. On the other hand, if the security model allows such a risk,
62 can help in the detection of tampered keyfiles or man in the middle at- 62 ssh-keyscan can help in the detection of tampered keyfiles or man in the
63 tacks which have begun after the ssh_known_hosts file was created. 63 middle attacks which have begun after the ssh_known_hosts file was
64 created.
64 65
65FILES 66FILES
66 Input format: 67 Input format:
@@ -104,4 +105,4 @@ BUGS
104 This is because it opens a connection to the ssh port, reads the public 105 This is because it opens a connection to the ssh port, reads the public
105 key, and drops the connection as soon as it gets the key. 106 key, and drops the connection as soon as it gets the key.
106 107
107OpenBSD 4.7 January 9, 2010 2 108OpenBSD 4.8 January 9, 2010 OpenBSD 4.8
diff --git a/ssh-keyscan.c b/ssh-keyscan.c
index 7afe446ae..b6cf427cd 100644
--- a/ssh-keyscan.c
+++ b/ssh-keyscan.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keyscan.c,v 1.81 2010/01/09 23:04:13 dtucker Exp $ */ 1/* $OpenBSD: ssh-keyscan.c,v 1.82 2010/06/22 04:54:30 djm Exp $ */
2/* 2/*
3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>. 3 * Copyright 1995, 1996 by David Mazieres <dm@lcs.mit.edu>.
4 * 4 *
@@ -104,122 +104,6 @@ typedef struct Connection {
104TAILQ_HEAD(conlist, Connection) tq; /* Timeout Queue */ 104TAILQ_HEAD(conlist, Connection) tq; /* Timeout Queue */
105con *fdcon; 105con *fdcon;
106 106
107/*
108 * This is just a wrapper around fgets() to make it usable.
109 */
110
111/* Stress-test. Increase this later. */
112#define LINEBUF_SIZE 16
113
114typedef struct {
115 char *buf;
116 u_int size;
117 int lineno;
118 const char *filename;
119 FILE *stream;
120 void (*errfun) (const char *,...);
121} Linebuf;
122
123static Linebuf *
124Linebuf_alloc(const char *filename, void (*errfun) (const char *,...))
125{
126 Linebuf *lb;
127
128 if (!(lb = malloc(sizeof(*lb)))) {
129 if (errfun)
130 (*errfun) ("linebuf (%s): malloc failed\n",
131 filename ? filename : "(stdin)");
132 return (NULL);
133 }
134 if (filename) {
135 lb->filename = filename;
136 if (!(lb->stream = fopen(filename, "r"))) {
137 xfree(lb);
138 if (errfun)
139 (*errfun) ("%s: %s\n", filename, strerror(errno));
140 return (NULL);
141 }
142 } else {
143 lb->filename = "(stdin)";
144 lb->stream = stdin;
145 }
146
147 if (!(lb->buf = malloc((lb->size = LINEBUF_SIZE)))) {
148 if (errfun)
149 (*errfun) ("linebuf (%s): malloc failed\n", lb->filename);
150 xfree(lb);
151 return (NULL);
152 }
153 lb->errfun = errfun;
154 lb->lineno = 0;
155 return (lb);
156}
157
158static void
159Linebuf_free(Linebuf * lb)
160{
161 fclose(lb->stream);
162 xfree(lb->buf);
163 xfree(lb);
164}
165
166#if 0
167static void
168Linebuf_restart(Linebuf * lb)
169{
170 clearerr(lb->stream);
171 rewind(lb->stream);
172 lb->lineno = 0;
173}
174
175static int
176Linebuf_lineno(Linebuf * lb)
177{
178 return (lb->lineno);
179}
180#endif
181
182static char *
183Linebuf_getline(Linebuf * lb)
184{
185 size_t n = 0;
186 void *p;
187
188 lb->lineno++;
189 for (;;) {
190 /* Read a line */
191 if (!fgets(&lb->buf[n], lb->size - n, lb->stream)) {
192 if (ferror(lb->stream) && lb->errfun)
193 (*lb->errfun)("%s: %s\n", lb->filename,
194 strerror(errno));
195 return (NULL);
196 }
197 n = strlen(lb->buf);
198
199 /* Return it or an error if it fits */
200 if (n > 0 && lb->buf[n - 1] == '\n') {
201 lb->buf[n - 1] = '\0';
202 return (lb->buf);
203 }
204 if (n != lb->size - 1) {
205 if (lb->errfun)
206 (*lb->errfun)("%s: skipping incomplete last line\n",
207 lb->filename);
208 return (NULL);
209 }
210 /* Double the buffer if we need more space */
211 lb->size *= 2;
212 if ((p = realloc(lb->buf, lb->size)) == NULL) {
213 lb->size /= 2;
214 if (lb->errfun)
215 (*lb->errfun)("linebuf (%s): realloc failed\n",
216 lb->filename);
217 return (NULL);
218 }
219 lb->buf = p;
220 }
221}
222
223static int 107static int
224fdlim_get(int hard) 108fdlim_get(int hard)
225{ 109{
@@ -724,8 +608,10 @@ int
724main(int argc, char **argv) 608main(int argc, char **argv)
725{ 609{
726 int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO; 610 int debug_flag = 0, log_level = SYSLOG_LEVEL_INFO;
727 int opt, fopt_count = 0; 611 int opt, fopt_count = 0, j;
728 char *tname; 612 char *tname, *cp, line[NI_MAXHOST];
613 FILE *fp;
614 u_long linenum;
729 615
730 extern int optind; 616 extern int optind;
731 extern char *optarg; 617 extern char *optarg;
@@ -826,19 +712,40 @@ main(int argc, char **argv)
826 read_wait_nfdset = howmany(maxfd, NFDBITS); 712 read_wait_nfdset = howmany(maxfd, NFDBITS);
827 read_wait = xcalloc(read_wait_nfdset, sizeof(fd_mask)); 713 read_wait = xcalloc(read_wait_nfdset, sizeof(fd_mask));
828 714
829 if (fopt_count) { 715 for (j = 0; j < fopt_count; j++) {
830 Linebuf *lb; 716 if (argv[j] == NULL)
831 char *line; 717 fp = stdin;
832 int j; 718 else if ((fp = fopen(argv[j], "r")) == NULL)
719 fatal("%s: %s: %s", __progname, argv[j],
720 strerror(errno));
721 linenum = 0;
722
723 while (read_keyfile_line(fp,
724 argv[j] == NULL ? "(stdin)" : argv[j], line, sizeof(line),
725 &linenum) != -1) {
726 /* Chomp off trailing whitespace and comments */
727 if ((cp = strchr(line, '#')) == NULL)
728 cp = line + strlen(line) - 1;
729 while (cp >= line) {
730 if (*cp == ' ' || *cp == '\t' ||
731 *cp == '\n' || *cp == '#')
732 *cp-- = '\0';
733 else
734 break;
735 }
833 736
834 for (j = 0; j < fopt_count; j++) { 737 /* Skip empty lines */
835 lb = Linebuf_alloc(argv[j], error); 738 if (*line == '\0')
836 if (!lb)
837 continue; 739 continue;
838 while ((line = Linebuf_getline(lb)) != NULL) 740
839 do_host(line); 741 do_host(line);
840 Linebuf_free(lb);
841 } 742 }
743
744 if (ferror(fp))
745 fatal("%s: %s: %s", __progname, argv[j],
746 strerror(errno));
747
748 fclose(fp);
842 } 749 }
843 750
844 while (optind < argc) 751 while (optind < argc)
diff --git a/ssh-keysign.0 b/ssh-keysign.0
index 20a8eaa87..cd119139f 100644
--- a/ssh-keysign.0
+++ b/ssh-keysign.0
@@ -16,8 +16,8 @@ DESCRIPTION
16 to ``yes''. 16 to ``yes''.
17 17
18 ssh-keysign is not intended to be invoked by the user, but from ssh(1). 18 ssh-keysign is not intended to be invoked by the user, but from ssh(1).
19 See ssh(1) and sshd(8) for more information about host-based authentica- 19 See ssh(1) and sshd(8) for more information about host-based
20 tion. 20 authentication.
21 21
22FILES 22FILES
23 /etc/ssh/ssh_config 23 /etc/ssh/ssh_config
@@ -30,6 +30,11 @@ FILES
30 are readable only by root, ssh-keysign must be set-uid root if 30 are readable only by root, ssh-keysign must be set-uid root if
31 host-based authentication is used. 31 host-based authentication is used.
32 32
33 /etc/ssh/ssh_host_dsa_key-cert.pub, /etc/ssh/ssh_host_rsa_key-cert.pub
34 If these files exist they are assumed to contain public
35 certificate information corresponding with the private keys
36 above.
37
33SEE ALSO 38SEE ALSO
34 ssh(1), ssh-keygen(1), ssh_config(5), sshd(8) 39 ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
35 40
@@ -39,4 +44,4 @@ HISTORY
39AUTHORS 44AUTHORS
40 Markus Friedl <markus@openbsd.org> 45 Markus Friedl <markus@openbsd.org>
41 46
42OpenBSD 4.7 May 31, 2007 1 47OpenBSD 4.8 August 4, 2010 OpenBSD 4.8
diff --git a/ssh-keysign.8 b/ssh-keysign.8
index 3ba54b935..46c0ee9cd 100644
--- a/ssh-keysign.8
+++ b/ssh-keysign.8
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ssh-keysign.8,v 1.9 2007/05/31 19:20:16 jmc Exp $ 1.\" $OpenBSD: ssh-keysign.8,v 1.10 2010/08/04 05:42:47 djm Exp $
2.\" 2.\"
3.\" Copyright (c) 2002 Markus Friedl. All rights reserved. 3.\" Copyright (c) 2002 Markus Friedl. All rights reserved.
4.\" 4.\"
@@ -22,7 +22,7 @@
22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 22.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 23.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24.\" 24.\"
25.Dd $Mdocdate: May 31 2007 $ 25.Dd $Mdocdate: August 4 2010 $
26.Dt SSH-KEYSIGN 8 26.Dt SSH-KEYSIGN 8
27.Os 27.Os
28.Sh NAME 28.Sh NAME
@@ -68,6 +68,9 @@ accessible to others.
68Since they are readable only by root, 68Since they are readable only by root,
69.Nm 69.Nm
70must be set-uid root if host-based authentication is used. 70must be set-uid root if host-based authentication is used.
71.It Pa /etc/ssh/ssh_host_dsa_key-cert.pub, /etc/ssh/ssh_host_rsa_key-cert.pub
72If these files exist they are assumed to contain public certificate
73information corresponding with the private keys above.
71.El 74.El
72.Sh SEE ALSO 75.Sh SEE ALSO
73.Xr ssh 1 , 76.Xr ssh 1 ,
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 0fdcebbd2..0c7077050 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keysign.c,v 1.30 2010/01/13 01:20:20 dtucker Exp $ */ 1/* $OpenBSD: ssh-keysign.c,v 1.32 2010/08/04 06:08:40 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -232,7 +232,7 @@ main(int argc, char **argv)
232 found = 0; 232 found = 0;
233 for (i = 0; i < 2; i++) { 233 for (i = 0; i < 2; i++) {
234 if (keys[i] != NULL && 234 if (keys[i] != NULL &&
235 key_equal(key, keys[i])) { 235 key_equal_public(key, keys[i])) {
236 found = 1; 236 found = 1;
237 break; 237 break;
238 } 238 }
diff --git a/ssh-pkcs11-helper.0 b/ssh-pkcs11-helper.0
index 9eb2bc96a..664ec971f 100644
--- a/ssh-pkcs11-helper.0
+++ b/ssh-pkcs11-helper.0
@@ -22,4 +22,4 @@ HISTORY
22AUTHORS 22AUTHORS
23 Markus Friedl <markus@openbsd.org> 23 Markus Friedl <markus@openbsd.org>
24 24
25OpenBSD 4.7 February 10, 2010 1 25OpenBSD 4.8 February 10, 2010 OpenBSD 4.8
diff --git a/ssh-pkcs11.c b/ssh-pkcs11.c
index f0192dcf1..286c232c7 100644
--- a/ssh-pkcs11.c
+++ b/ssh-pkcs11.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-pkcs11.c,v 1.4 2010/02/24 06:12:53 djm Exp $ */ 1/* $OpenBSD: ssh-pkcs11.c,v 1.6 2010/06/08 21:32:19 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2010 Markus Friedl. All rights reserved. 3 * Copyright (c) 2010 Markus Friedl. All rights reserved.
4 * 4 *
@@ -187,6 +187,34 @@ pkcs11_rsa_finish(RSA *rsa)
187 return (rv); 187 return (rv);
188} 188}
189 189
190/* find a single 'obj' for given attributes */
191static int
192pkcs11_find(struct pkcs11_provider *p, CK_ULONG slotidx, CK_ATTRIBUTE *attr,
193 CK_ULONG nattr, CK_OBJECT_HANDLE *obj)
194{
195 CK_FUNCTION_LIST *f;
196 CK_SESSION_HANDLE session;
197 CK_ULONG nfound = 0;
198 CK_RV rv;
199 int ret = -1;
200
201 f = p->function_list;
202 session = p->slotinfo[slotidx].session;
203 if ((rv = f->C_FindObjectsInit(session, attr, nattr)) != CKR_OK) {
204 error("C_FindObjectsInit failed (nattr %lu): %lu", nattr, rv);
205 return (-1);
206 }
207 if ((rv = f->C_FindObjects(session, obj, 1, &nfound)) != CKR_OK ||
208 nfound != 1) {
209 debug("C_FindObjects failed (nfound %lu nattr %lu): %lu",
210 nfound, nattr, rv);
211 } else
212 ret = 0;
213 if ((rv = f->C_FindObjectsFinal(session)) != CKR_OK)
214 error("C_FindObjectsFinal failed: %lu", rv);
215 return (ret);
216}
217
190/* openssl callback doing the actual signing operation */ 218/* openssl callback doing the actual signing operation */
191static int 219static int
192pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa, 220pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
@@ -196,7 +224,7 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
196 struct pkcs11_slotinfo *si; 224 struct pkcs11_slotinfo *si;
197 CK_FUNCTION_LIST *f; 225 CK_FUNCTION_LIST *f;
198 CK_OBJECT_HANDLE obj; 226 CK_OBJECT_HANDLE obj;
199 CK_ULONG tlen = 0, nfound = 0; 227 CK_ULONG tlen = 0;
200 CK_RV rv; 228 CK_RV rv;
201 CK_OBJECT_CLASS private_key_class = CKO_PRIVATE_KEY; 229 CK_OBJECT_CLASS private_key_class = CKO_PRIVATE_KEY;
202 CK_BBOOL true_val = CK_TRUE; 230 CK_BBOOL true_val = CK_TRUE;
@@ -247,13 +275,10 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
247 } 275 }
248 key_filter[1].pValue = k11->keyid; 276 key_filter[1].pValue = k11->keyid;
249 key_filter[1].ulValueLen = k11->keyid_len; 277 key_filter[1].ulValueLen = k11->keyid_len;
250 if ((rv = f->C_FindObjectsInit(si->session, key_filter, 3)) != CKR_OK) { 278 /* try to find object w/CKA_SIGN first, retry w/o */
251 error("C_FindObjectsInit failed: %lu", rv); 279 if (pkcs11_find(k11->provider, k11->slotidx, key_filter, 3, &obj) < 0 &&
252 return (-1); 280 pkcs11_find(k11->provider, k11->slotidx, key_filter, 2, &obj) < 0) {
253 } 281 error("cannot find private key");
254 if ((rv = f->C_FindObjects(si->session, &obj, 1, &nfound)) != CKR_OK ||
255 nfound != 1) {
256 error("C_FindObjects failed (%lu nfound): %lu", nfound, rv);
257 } else if ((rv = f->C_SignInit(si->session, &mech, obj)) != CKR_OK) { 282 } else if ((rv = f->C_SignInit(si->session, &mech, obj)) != CKR_OK) {
258 error("C_SignInit failed: %lu", rv); 283 error("C_SignInit failed: %lu", rv);
259 } else { 284 } else {
@@ -265,8 +290,6 @@ pkcs11_rsa_private_encrypt(int flen, const u_char *from, u_char *to, RSA *rsa,
265 else 290 else
266 error("C_Sign failed: %lu", rv); 291 error("C_Sign failed: %lu", rv);
267 } 292 }
268 if ((rv = f->C_FindObjectsFinal(si->session)) != CKR_OK)
269 error("C_FindObjectsFinal failed: %lu", rv);
270 return (rval); 293 return (rval);
271} 294}
272 295
@@ -410,7 +433,13 @@ pkcs11_fetch_keys(struct pkcs11_provider *p, CK_ULONG slotidx, Key ***keysp,
410 error("C_GetAttributeValue failed: %lu", rv); 433 error("C_GetAttributeValue failed: %lu", rv);
411 continue; 434 continue;
412 } 435 }
413 /* allocate buffers for attributes, XXX check ulValueLen? */ 436 /* check that none of the attributes are zero length */
437 if (attribs[0].ulValueLen == 0 ||
438 attribs[1].ulValueLen == 0 ||
439 attribs[2].ulValueLen == 0) {
440 continue;
441 }
442 /* allocate buffers for attributes */
414 for (i = 0; i < 3; i++) 443 for (i = 0; i < 3; i++)
415 attribs[i].pValue = xmalloc(attribs[i].ulValueLen); 444 attribs[i].pValue = xmalloc(attribs[i].ulValueLen);
416 /* retrieve ID, modulus and public exponent of RSA key */ 445 /* retrieve ID, modulus and public exponent of RSA key */
diff --git a/ssh-rand-helper.0 b/ssh-rand-helper.0
index 51b6f5571..5bc19e8a7 100644
--- a/ssh-rand-helper.0
+++ b/ssh-rand-helper.0
@@ -27,8 +27,8 @@ DESCRIPTION
27 random numbers from a EGD/PRNGd server via a unix domain or localhost tcp 27 random numbers from a EGD/PRNGd server via a unix domain or localhost tcp
28 socket. 28 socket.
29 29
30 This program is not intended to be run by the end-user, so the few com- 30 This program is not intended to be run by the end-user, so the few
31 mandline options are for debugging purposes only. 31 commandline options are for debugging purposes only.
32 32
33 -b bytes 33 -b bytes
34 Specify the number of random bytes to include in the output. 34 Specify the number of random bytes to include in the output.
@@ -48,4 +48,4 @@ AUTHORS
48SEE ALSO 48SEE ALSO
49 ssh(1), ssh-add(1), ssh-keygen(1), sshd(8) 49 ssh(1), ssh-add(1), ssh-keygen(1), sshd(8)
50 50
51OpenBSD 4.7 April 14, 2002 1 51OpenBSD 4.8 April 14, 2002 OpenBSD 4.8
diff --git a/ssh-rsa.c b/ssh-rsa.c
index 842857fee..c471ff323 100644
--- a/ssh-rsa.c
+++ b/ssh-rsa.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-rsa.c,v 1.40 2010/02/26 20:29:54 djm Exp $ */ 1/* $OpenBSD: ssh-rsa.c,v 1.44 2010/07/16 14:07:35 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org> 3 * Copyright (c) 2000, 2003 Markus Friedl <markus@openbsd.org>
4 * 4 *
@@ -30,6 +30,7 @@
30#include "buffer.h" 30#include "buffer.h"
31#include "key.h" 31#include "key.h"
32#include "compat.h" 32#include "compat.h"
33#include "misc.h"
33#include "ssh.h" 34#include "ssh.h"
34 35
35static int openssh_RSA_verify(int, u_char *, u_int, u_char *, u_int, RSA *); 36static int openssh_RSA_verify(int, u_char *, u_int, u_char *, u_int, RSA *);
@@ -46,9 +47,8 @@ ssh_rsa_sign(const Key *key, u_char **sigp, u_int *lenp,
46 int ok, nid; 47 int ok, nid;
47 Buffer b; 48 Buffer b;
48 49
49 if (key == NULL || 50 if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA &&
50 (key->type != KEY_RSA && key->type != KEY_RSA_CERT) || 51 key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) {
51 key->rsa == NULL) {
52 error("ssh_rsa_sign: no RSA key"); 52 error("ssh_rsa_sign: no RSA key");
53 return -1; 53 return -1;
54 } 54 }
@@ -115,9 +115,8 @@ ssh_rsa_verify(const Key *key, const u_char *signature, u_int signaturelen,
115 u_int len, dlen, modlen; 115 u_int len, dlen, modlen;
116 int rlen, ret, nid; 116 int rlen, ret, nid;
117 117
118 if (key == NULL || 118 if (key == NULL || key->rsa == NULL || (key->type != KEY_RSA &&
119 (key->type != KEY_RSA && key->type != KEY_RSA_CERT) || 119 key->type != KEY_RSA_CERT && key->type != KEY_RSA_CERT_V00)) {
120 key->rsa == NULL) {
121 error("ssh_rsa_verify: no RSA key"); 120 error("ssh_rsa_verify: no RSA key");
122 return -1; 121 return -1;
123 } 122 }
@@ -212,7 +211,7 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen,
212 u_char *sigbuf, u_int siglen, RSA *rsa) 211 u_char *sigbuf, u_int siglen, RSA *rsa)
213{ 212{
214 u_int ret, rsasize, oidlen = 0, hlen = 0; 213 u_int ret, rsasize, oidlen = 0, hlen = 0;
215 int len; 214 int len, oidmatch, hashmatch;
216 const u_char *oid = NULL; 215 const u_char *oid = NULL;
217 u_char *decrypted = NULL; 216 u_char *decrypted = NULL;
218 217
@@ -251,11 +250,13 @@ openssh_RSA_verify(int type, u_char *hash, u_int hashlen,
251 error("bad decrypted len: %d != %d + %d", len, hlen, oidlen); 250 error("bad decrypted len: %d != %d + %d", len, hlen, oidlen);
252 goto done; 251 goto done;
253 } 252 }
254 if (memcmp(decrypted, oid, oidlen) != 0) { 253 oidmatch = timingsafe_bcmp(decrypted, oid, oidlen) == 0;
254 hashmatch = timingsafe_bcmp(decrypted + oidlen, hash, hlen) == 0;
255 if (!oidmatch) {
255 error("oid mismatch"); 256 error("oid mismatch");
256 goto done; 257 goto done;
257 } 258 }
258 if (memcmp(decrypted + oidlen, hash, hlen) != 0) { 259 if (!hashmatch) {
259 error("hash mismatch"); 260 error("hash mismatch");
260 goto done; 261 goto done;
261 } 262 }
diff --git a/ssh.0 b/ssh.0
index 9c793b843..8d53ad289 100644
--- a/ssh.0
+++ b/ssh.0
@@ -14,14 +14,14 @@ SYNOPSIS
14DESCRIPTION 14DESCRIPTION
15 ssh (SSH client) is a program for logging into a remote machine and for 15 ssh (SSH client) is a program for logging into a remote machine and for
16 executing commands on a remote machine. It is intended to replace rlogin 16 executing commands on a remote machine. It is intended to replace rlogin
17 and rsh, and provide secure encrypted communications between two untrust- 17 and rsh, and provide secure encrypted communications between two
18 ed hosts over an insecure network. X11 connections and arbitrary TCP 18 untrusted hosts over an insecure network. X11 connections and arbitrary
19 ports can also be forwarded over the secure channel. 19 TCP ports can also be forwarded over the secure channel.
20 20
21 ssh connects and logs into the specified hostname (with optional user 21 ssh connects and logs into the specified hostname (with optional user
22 name). The user must prove his/her identity to the remote machine using 22 name). The user must prove his/her identity to the remote machine using
23 one of several methods depending on the protocol version used (see be- 23 one of several methods depending on the protocol version used (see
24 low). 24 below).
25 25
26 If command is specified, it is executed on the remote host instead of a 26 If command is specified, it is executed on the remote host instead of a
27 login shell. 27 login shell.
@@ -52,8 +52,8 @@ DESCRIPTION
52 52
53 -b bind_address 53 -b bind_address
54 Use bind_address on the local machine as the source address of 54 Use bind_address on the local machine as the source address of
55 the connection. Only useful on systems with more than one ad- 55 the connection. Only useful on systems with more than one
56 dress. 56 address.
57 57
58 -C Requests compression of all data (including stdin, stdout, 58 -C Requests compression of all data (including stdin, stdout,
59 stderr, and data for forwarded X11 and TCP connections). The 59 stderr, and data for forwarded X11 and TCP connections). The
@@ -69,17 +69,17 @@ DESCRIPTION
69 69
70 Protocol version 1 allows specification of a single cipher. The 70 Protocol version 1 allows specification of a single cipher. The
71 supported values are ``3des'', ``blowfish'', and ``des''. 3des 71 supported values are ``3des'', ``blowfish'', and ``des''. 3des
72 (triple-des) is an encrypt-decrypt-encrypt triple with three dif- 72 (triple-des) is an encrypt-decrypt-encrypt triple with three
73 ferent keys. It is believed to be secure. blowfish is a fast 73 different keys. It is believed to be secure. blowfish is a fast
74 block cipher; it appears very secure and is much faster than 74 block cipher; it appears very secure and is much faster than
75 3des. des is only supported in the ssh client for interoperabil- 75 3des. des is only supported in the ssh client for
76 ity with legacy protocol 1 implementations that do not support 76 interoperability with legacy protocol 1 implementations that do
77 the 3des cipher. Its use is strongly discouraged due to crypto- 77 not support the 3des cipher. Its use is strongly discouraged due
78 graphic weaknesses. The default is ``3des''. 78 to cryptographic weaknesses. The default is ``3des''.
79 79
80 For protocol version 2, cipher_spec is a comma-separated list of 80 For protocol version 2, cipher_spec is a comma-separated list of
81 ciphers listed in order of preference. See the Ciphers keyword 81 ciphers listed in order of preference. See the Ciphers keyword
82 for more information. 82 in ssh_config(5) for more information.
83 83
84 -D [bind_address:]port 84 -D [bind_address:]port
85 Specifies a local ``dynamic'' application-level port forwarding. 85 Specifies a local ``dynamic'' application-level port forwarding.
@@ -89,19 +89,18 @@ DESCRIPTION
89 the secure channel, and the application protocol is then used to 89 the secure channel, and the application protocol is then used to
90 determine where to connect to from the remote machine. Currently 90 determine where to connect to from the remote machine. Currently
91 the SOCKS4 and SOCKS5 protocols are supported, and ssh will act 91 the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
92 as a SOCKS server. Only root can forward privileged ports. Dy- 92 as a SOCKS server. Only root can forward privileged ports.
93 namic port forwardings can also be specified in the configuration 93 Dynamic port forwardings can also be specified in the
94 file. 94 configuration file.
95 95
96 IPv6 addresses can be specified with an alternative syntax: 96 IPv6 addresses can be specified by enclosing the address in
97 [bind_address/]port or by enclosing the address in square brack- 97 square brackets. Only the superuser can forward privileged
98 ets. Only the superuser can forward privileged ports. By de- 98 ports. By default, the local port is bound in accordance with
99 fault, the local port is bound in accordance with the 99 the GatewayPorts setting. However, an explicit bind_address may
100 GatewayPorts setting. However, an explicit bind_address may be 100 be used to bind the connection to a specific address. The
101 used to bind the connection to a specific address. The
102 bind_address of ``localhost'' indicates that the listening port 101 bind_address of ``localhost'' indicates that the listening port
103 be bound for local use only, while an empty address or `*' indi- 102 be bound for local use only, while an empty address or `*'
104 cates that the port should be available from all interfaces. 103 indicates that the port should be available from all interfaces.
105 104
106 -e escape_char 105 -e escape_char
107 Sets the escape character for sessions with a pty (default: `~'). 106 Sets the escape character for sessions with a pty (default: `~').
@@ -113,21 +112,21 @@ DESCRIPTION
113 fully transparent. 112 fully transparent.
114 113
115 -F configfile 114 -F configfile
116 Specifies an alternative per-user configuration file. If a con- 115 Specifies an alternative per-user configuration file. If a
117 figuration file is given on the command line, the system-wide 116 configuration file is given on the command line, the system-wide
118 configuration file (/etc/ssh/ssh_config) will be ignored. The 117 configuration file (/etc/ssh/ssh_config) will be ignored. The
119 default for the per-user configuration file is ~/.ssh/config. 118 default for the per-user configuration file is ~/.ssh/config.
120 119
121 -f Requests ssh to go to background just before command execution. 120 -f Requests ssh to go to background just before command execution.
122 This is useful if ssh is going to ask for passwords or passphras- 121 This is useful if ssh is going to ask for passwords or
123 es, but the user wants it in the background. This implies -n. 122 passphrases, but the user wants it in the background. This
124 The recommended way to start X11 programs at a remote site is 123 implies -n. The recommended way to start X11 programs at a
125 with something like ssh -f host xterm. 124 remote site is with something like ssh -f host xterm.
126 125
127 If the ExitOnForwardFailure configuration option is set to 126 If the ExitOnForwardFailure configuration option is set to
128 ``yes'', then a client started with -f will wait for all remote 127 ``yes'', then a client started with -f will wait for all remote
129 port forwards to be successfully established before placing it- 128 port forwards to be successfully established before placing
130 self in the background. 129 itself in the background.
131 130
132 -g Allows remote hosts to connect to local forwarded ports. 131 -g Allows remote hosts to connect to local forwarded ports.
133 132
@@ -138,13 +137,13 @@ DESCRIPTION
138 -i identity_file 137 -i identity_file
139 Selects a file from which the identity (private key) for RSA or 138 Selects a file from which the identity (private key) for RSA or
140 DSA authentication is read. The default is ~/.ssh/identity for 139 DSA authentication is read. The default is ~/.ssh/identity for
141 protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for pro- 140 protocol version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for
142 tocol version 2. Identity files may also be specified on a per- 141 protocol version 2. Identity files may also be specified on a
143 host basis in the configuration file. It is possible to have 142 per-host basis in the configuration file. It is possible to have
144 multiple -i options (and multiple identities specified in config- 143 multiple -i options (and multiple identities specified in
145 uration files). ssh will also try to load certificate informa- 144 configuration files). ssh will also try to load certificate
146 tion from the filename obtained by appending -cert.pub to identi- 145 information from the filename obtained by appending -cert.pub to
147 ty filenames. 146 identity filenames.
148 147
149 -K Enables GSSAPI-based authentication and forwarding (delegation) 148 -K Enables GSSAPI-based authentication and forwarding (delegation)
150 of GSSAPI credentials to the server. 149 of GSSAPI credentials to the server.
@@ -156,60 +155,62 @@ DESCRIPTION
156 Specifies that the given port on the local (client) host is to be 155 Specifies that the given port on the local (client) host is to be
157 forwarded to the given host and port on the remote side. This 156 forwarded to the given host and port on the remote side. This
158 works by allocating a socket to listen to port on the local side, 157 works by allocating a socket to listen to port on the local side,
159 optionally bound to the specified bind_address. Whenever a con- 158 optionally bound to the specified bind_address. Whenever a
160 nection is made to this port, the connection is forwarded over 159 connection is made to this port, the connection is forwarded over
161 the secure channel, and a connection is made to host port 160 the secure channel, and a connection is made to host port
162 hostport from the remote machine. Port forwardings can also be 161 hostport from the remote machine. Port forwardings can also be
163 specified in the configuration file. IPv6 addresses can be spec- 162 specified in the configuration file. IPv6 addresses can be
164 ified with an alternative syntax: [bind_address/]port/host/host- 163 specified by enclosing the address in square brackets. Only the
165 port or by enclosing the address in square brackets. Only the
166 superuser can forward privileged ports. By default, the local 164 superuser can forward privileged ports. By default, the local
167 port is bound in accordance with the GatewayPorts setting. How- 165 port is bound in accordance with the GatewayPorts setting.
168 ever, an explicit bind_address may be used to bind the connection 166 However, an explicit bind_address may be used to bind the
169 to a specific address. The bind_address of ``localhost'' indi- 167 connection to a specific address. The bind_address of
170 cates that the listening port be bound for local use only, while 168 ``localhost'' indicates that the listening port be bound for
171 an empty address or `*' indicates that the port should be avail- 169 local use only, while an empty address or `*' indicates that the
172 able from all interfaces. 170 port should be available from all interfaces.
173 171
174 -l login_name 172 -l login_name
175 Specifies the user to log in as on the remote machine. This also 173 Specifies the user to log in as on the remote machine. This also
176 may be specified on a per-host basis in the configuration file. 174 may be specified on a per-host basis in the configuration file.
177 175
178 -M Places the ssh client into ``master'' mode for connection shar- 176 -M Places the ssh client into ``master'' mode for connection
179 ing. Multiple -M options places ssh into ``master'' mode with 177 sharing. Multiple -M options places ssh into ``master'' mode
180 confirmation required before slave connections are accepted. Re- 178 with confirmation required before slave connections are accepted.
181 fer to the description of ControlMaster in ssh_config(5) for de- 179 Refer to the description of ControlMaster in ssh_config(5) for
182 tails. 180 details.
183 181
184 -m mac_spec 182 -m mac_spec
185 Additionally, for protocol version 2 a comma-separated list of 183 Additionally, for protocol version 2 a comma-separated list of
186 MAC (message authentication code) algorithms can be specified in 184 MAC (message authentication code) algorithms can be specified in
187 order of preference. See the MACs keyword for more information. 185 order of preference. See the MACs keyword for more information.
188 186
189 -N Do not execute a remote command. This is useful for just for- 187 -N Do not execute a remote command. This is useful for just
190 warding ports (protocol version 2 only). 188 forwarding ports (protocol version 2 only).
191 189
192 -n Redirects stdin from /dev/null (actually, prevents reading from 190 -n Redirects stdin from /dev/null (actually, prevents reading from
193 stdin). This must be used when ssh is run in the background. A 191 stdin). This must be used when ssh is run in the background. A
194 common trick is to use this to run X11 programs on a remote ma- 192 common trick is to use this to run X11 programs on a remote
195 chine. For example, ssh -n shadows.cs.hut.fi emacs & will start 193 machine. For example, ssh -n shadows.cs.hut.fi emacs & will
196 an emacs on shadows.cs.hut.fi, and the X11 connection will be au- 194 start an emacs on shadows.cs.hut.fi, and the X11 connection will
197 tomatically forwarded over an encrypted channel. The ssh program 195 be automatically forwarded over an encrypted channel. The ssh
198 will be put in the background. (This does not work if ssh needs 196 program will be put in the background. (This does not work if
199 to ask for a password or passphrase; see also the -f option.) 197 ssh needs to ask for a password or passphrase; see also the -f
198 option.)
200 199
201 -O ctl_cmd 200 -O ctl_cmd
202 Control an active connection multiplexing master process. When 201 Control an active connection multiplexing master process. When
203 the -O option is specified, the ctl_cmd argument is interpreted 202 the -O option is specified, the ctl_cmd argument is interpreted
204 and passed to the master process. Valid commands are: ``check'' 203 and passed to the master process. Valid commands are: ``check''
205 (check that the master process is running) and ``exit'' (request 204 (check that the master process is running), ``forward'' (request
206 the master to exit). 205 forwardings without command execution) and ``exit'' (request the
206 master to exit).
207 207
208 -o option 208 -o option
209 Can be used to give options in the format used in the configura- 209 Can be used to give options in the format used in the
210 tion file. This is useful for specifying options for which there 210 configuration file. This is useful for specifying options for
211 is no separate command-line flag. For full details of the op- 211 which there is no separate command-line flag. For full details
212 tions listed below, and their possible values, see ssh_config(5). 212 of the options listed below, and their possible values, see
213 ssh_config(5).
213 214
214 AddressFamily 215 AddressFamily
215 BatchMode 216 BatchMode
@@ -287,61 +288,64 @@ DESCRIPTION
287 Specifies that the given port on the remote (server) host is to 288 Specifies that the given port on the remote (server) host is to
288 be forwarded to the given host and port on the local side. This 289 be forwarded to the given host and port on the local side. This
289 works by allocating a socket to listen to port on the remote 290 works by allocating a socket to listen to port on the remote
290 side, and whenever a connection is made to this port, the connec- 291 side, and whenever a connection is made to this port, the
291 tion is forwarded over the secure channel, and a connection is 292 connection is forwarded over the secure channel, and a connection
292 made to host port hostport from the local machine. 293 is made to host port hostport from the local machine.
293 294
294 Port forwardings can also be specified in the configuration file. 295 Port forwardings can also be specified in the configuration file.
295 Privileged ports can be forwarded only when logging in as root on 296 Privileged ports can be forwarded only when logging in as root on
296 the remote machine. IPv6 addresses can be specified by enclosing 297 the remote machine. IPv6 addresses can be specified by enclosing
297 the address in square braces or using an alternative syntax: 298 the address in square braces.
298 [bind_address/]host/port/hostport.
299 299
300 By default, the listening socket on the server will be bound to 300 By default, the listening socket on the server will be bound to
301 the loopback interface only. This may be overridden by specify- 301 the loopback interface only. This may be overridden by
302 ing a bind_address. An empty bind_address, or the address `*', 302 specifying a bind_address. An empty bind_address, or the address
303 indicates that the remote socket should listen on all interfaces. 303 `*', indicates that the remote socket should listen on all
304 Specifying a remote bind_address will only succeed if the serv- 304 interfaces. Specifying a remote bind_address will only succeed
305 er's GatewayPorts option is enabled (see sshd_config(5)). 305 if the server's GatewayPorts option is enabled (see
306 sshd_config(5)).
306 307
307 If the port argument is `0', the listen port will be dynamically 308 If the port argument is `0', the listen port will be dynamically
308 allocated on the server and reported to the client at run time. 309 allocated on the server and reported to the client at run time.
310 When used together with -O forward the allocated port will be
311 printed to the standard output.
309 312
310 -S ctl_path 313 -S ctl_path
311 Specifies the location of a control socket for connection sharing 314 Specifies the location of a control socket for connection
312 or the string ``none'' to disable connection sharing. Refer to 315 sharing, or the string ``none'' to disable connection sharing.
313 the description of ControlPath and ControlMaster in ssh_config(5) 316 Refer to the description of ControlPath and ControlMaster in
314 for details. 317 ssh_config(5) for details.
315 318
316 -s May be used to request invocation of a subsystem on the remote 319 -s May be used to request invocation of a subsystem on the remote
317 system. Subsystems are a feature of the SSH2 protocol which fa- 320 system. Subsystems are a feature of the SSH2 protocol which
318 cilitate the use of SSH as a secure transport for other applica- 321 facilitate the use of SSH as a secure transport for other
319 tions (eg. sftp(1)). The subsystem is specified as the remote 322 applications (eg. sftp(1)). The subsystem is specified as the
320 command. 323 remote command.
321 324
322 -T Disable pseudo-tty allocation. 325 -T Disable pseudo-tty allocation.
323 326
324 -t Force pseudo-tty allocation. This can be used to execute arbi- 327 -t Force pseudo-tty allocation. This can be used to execute
325 trary screen-based programs on a remote machine, which can be 328 arbitrary screen-based programs on a remote machine, which can be
326 very useful, e.g. when implementing menu services. Multiple -t 329 very useful, e.g. when implementing menu services. Multiple -t
327 options force tty allocation, even if ssh has no local tty. 330 options force tty allocation, even if ssh has no local tty.
328 331
329 -V Display the version number and exit. 332 -V Display the version number and exit.
330 333
331 -v Verbose mode. Causes ssh to print debugging messages about its 334 -v Verbose mode. Causes ssh to print debugging messages about its
332 progress. This is helpful in debugging connection, authentica- 335 progress. This is helpful in debugging connection,
333 tion, and configuration problems. Multiple -v options increase 336 authentication, and configuration problems. Multiple -v options
334 the verbosity. The maximum is 3. 337 increase the verbosity. The maximum is 3.
335 338
336 -W host:port 339 -W host:port
337 Requests that standard input and output on the client be forward- 340 Requests that standard input and output on the client be
338 ed to host on port over the secure channel. Implies -N, -T, 341 forwarded to host on port over the secure channel. Implies -N,
339 ExitOnForwardFailure and ClearAllForwardings and works with Pro- 342 -T, ExitOnForwardFailure and ClearAllForwardings and works with
340 tocol version 2 only. 343 Protocol version 2 only.
341 344
342 -w local_tun[:remote_tun] 345 -w local_tun[:remote_tun]
343 Requests tunnel device forwarding with the specified tun(4) de- 346 Requests tunnel device forwarding with the specified tun(4)
344 vices between the client (local_tun) and the server (remote_tun). 347 devices between the client (local_tun) and the server
348 (remote_tun).
345 349
346 The devices may be specified by numerical ID or the keyword 350 The devices may be specified by numerical ID or the keyword
347 ``any'', which uses the next available tunnel device. If 351 ``any'', which uses the next available tunnel device. If
@@ -359,9 +363,9 @@ DESCRIPTION
359 through the forwarded connection. An attacker may then be able 363 through the forwarded connection. An attacker may then be able
360 to perform activities such as keystroke monitoring. 364 to perform activities such as keystroke monitoring.
361 365
362 For this reason, X11 forwarding is subjected to X11 SECURITY ex- 366 For this reason, X11 forwarding is subjected to X11 SECURITY
363 tension restrictions by default. Please refer to the ssh -Y op- 367 extension restrictions by default. Please refer to the ssh -Y
364 tion and the ForwardX11Trusted directive in ssh_config(5) for 368 option and the ForwardX11Trusted directive in ssh_config(5) for
365 more information. 369 more information.
366 370
367 -x Disables X11 forwarding. 371 -x Disables X11 forwarding.
@@ -369,12 +373,12 @@ DESCRIPTION
369 -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not 373 -Y Enables trusted X11 forwarding. Trusted X11 forwardings are not
370 subjected to the X11 SECURITY extension controls. 374 subjected to the X11 SECURITY extension controls.
371 375
372 -y Send log information using the syslog(3) system module. By de- 376 -y Send log information using the syslog(3) system module. By
373 fault this information is sent to stderr. 377 default this information is sent to stderr.
374 378
375 ssh may additionally obtain configuration data from a per-user configura- 379 ssh may additionally obtain configuration data from a per-user
376 tion file and a system-wide configuration file. The file format and con- 380 configuration file and a system-wide configuration file. The file format
377 figuration options are described in ssh_config(5). 381 and configuration options are described in ssh_config(5).
378 382
379 ssh exits with the exit status of the remote command or with 255 if an 383 ssh exits with the exit status of the remote command or with 255 if an
380 error occurred. 384 error occurred.
@@ -385,15 +389,16 @@ AUTHENTICATION
385 in ssh_config(5) or the -1 and -2 options (see above). Both protocols 389 in ssh_config(5) or the -1 and -2 options (see above). Both protocols
386 support similar authentication methods, but protocol 2 is the default 390 support similar authentication methods, but protocol 2 is the default
387 since it provides additional mechanisms for confidentiality (the traffic 391 since it provides additional mechanisms for confidentiality (the traffic
388 is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and integri- 392 is encrypted using AES, 3DES, Blowfish, CAST128, or Arcfour) and
389 ty (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160). Protocol 1 lacks a 393 integrity (hmac-md5, hmac-sha1, umac-64, hmac-ripemd160). Protocol 1
390 strong mechanism for ensuring the integrity of the connection. 394 lacks a strong mechanism for ensuring the integrity of the connection.
391 395
392 The methods available for authentication are: GSSAPI-based authentica- 396 The methods available for authentication are: GSSAPI-based
393 tion, host-based authentication, public key authentication, challenge-re- 397 authentication, host-based authentication, public key authentication,
394 sponse authentication, and password authentication. Authentication meth- 398 challenge-response authentication, and password authentication.
395 ods are tried in the order specified above, though protocol 2 has a con- 399 Authentication methods are tried in the order specified above, though
396 figuration option to change the default order: PreferredAuthentications. 400 protocol 2 has a configuration option to change the default order:
401 PreferredAuthentications.
397 402
398 Host-based authentication works as follows: If the machine the user logs 403 Host-based authentication works as follows: If the machine the user logs
399 in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote 404 in from is listed in /etc/hosts.equiv or /etc/shosts.equiv on the remote
@@ -403,22 +408,22 @@ AUTHENTICATION
403 the name of the user on that machine, the user is considered for login. 408 the name of the user on that machine, the user is considered for login.
404 Additionally, the server must be able to verify the client's host key 409 Additionally, the server must be able to verify the client's host key
405 (see the description of /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts, 410 (see the description of /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts,
406 below) for login to be permitted. This authentication method closes se- 411 below) for login to be permitted. This authentication method closes
407 curity holes due to IP spoofing, DNS spoofing, and routing spoofing. 412 security holes due to IP spoofing, DNS spoofing, and routing spoofing.
408 [Note to the administrator: /etc/hosts.equiv, ~/.rhosts, and the 413 [Note to the administrator: /etc/hosts.equiv, ~/.rhosts, and the
409 rlogin/rsh protocol in general, are inherently insecure and should be 414 rlogin/rsh protocol in general, are inherently insecure and should be
410 disabled if security is desired.] 415 disabled if security is desired.]
411 416
412 Public key authentication works as follows: The scheme is based on pub- 417 Public key authentication works as follows: The scheme is based on
413 lic-key cryptography, using cryptosystems where encryption and decryption 418 public-key cryptography, using cryptosystems where encryption and
414 are done using separate keys, and it is unfeasible to derive the decryp- 419 decryption are done using separate keys, and it is unfeasible to derive
415 tion key from the encryption key. The idea is that each user creates a 420 the decryption key from the encryption key. The idea is that each user
416 public/private key pair for authentication purposes. The server knows 421 creates a public/private key pair for authentication purposes. The
417 the public key, and only the user knows the private key. ssh implements 422 server knows the public key, and only the user knows the private key.
418 public key authentication protocol automatically, using either the RSA or 423 ssh implements public key authentication protocol automatically, using
419 DSA algorithms. Protocol 1 is restricted to using only RSA keys, but 424 either the RSA or DSA algorithms. Protocol 1 is restricted to using only
420 protocol 2 may use either. The HISTORY section of ssl(8) contains a 425 RSA keys, but protocol 2 may use either. The HISTORY section of ssl(8)
421 brief discussion of the two algorithms. 426 contains a brief discussion of the two algorithms.
422 427
423 The file ~/.ssh/authorized_keys lists the public keys that are permitted 428 The file ~/.ssh/authorized_keys lists the public keys that are permitted
424 for logging in. When the user logs in, the ssh program tells the server 429 for logging in. When the user logs in, the ssh program tells the server
@@ -430,48 +435,49 @@ AUTHENTICATION
430 the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol 435 the private key in ~/.ssh/identity (protocol 1), ~/.ssh/id_dsa (protocol
431 2 DSA), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in 436 2 DSA), or ~/.ssh/id_rsa (protocol 2 RSA) and stores the public key in
432 ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), or 437 ~/.ssh/identity.pub (protocol 1), ~/.ssh/id_dsa.pub (protocol 2 DSA), or
433 ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home directory. The us- 438 ~/.ssh/id_rsa.pub (protocol 2 RSA) in the user's home directory. The
434 er should then copy the public key to ~/.ssh/authorized_keys in his/her 439 user should then copy the public key to ~/.ssh/authorized_keys in his/her
435 home directory on the remote machine. The authorized_keys file corre- 440 home directory on the remote machine. The authorized_keys file
436 sponds to the conventional ~/.rhosts file, and has one key per line, 441 corresponds to the conventional ~/.rhosts file, and has one key per line,
437 though the lines can be very long. After this, the user can log in with- 442 though the lines can be very long. After this, the user can log in
438 out giving the password. 443 without giving the password.
439 444
440 A variation on public key authentication is available in the form of cer- 445 A variation on public key authentication is available in the form of
441 tificate authentication: instead of a set of public/private keys, signed 446 certificate authentication: instead of a set of public/private keys,
442 certificates are used. This has the advantage that a single trusted cer- 447 signed certificates are used. This has the advantage that a single
443 tification authority can be used in place of many public/private keys. 448 trusted certification authority can be used in place of many
444 See the CERTIFICATES section of ssh-keygen(1) for more information. 449 public/private keys. See the CERTIFICATES section of ssh-keygen(1) for
450 more information.
445 451
446 The most convenient way to use public key or certificate authentication 452 The most convenient way to use public key or certificate authentication
447 may be with an authentication agent. See ssh-agent(1) for more informa- 453 may be with an authentication agent. See ssh-agent(1) for more
448 tion. 454 information.
449 455
450 Challenge-response authentication works as follows: The server sends an 456 Challenge-response authentication works as follows: The server sends an
451 arbitrary "challenge" text, and prompts for a response. Protocol 2 al- 457 arbitrary "challenge" text, and prompts for a response. Protocol 2
452 lows multiple challenges and responses; protocol 1 is restricted to just 458 allows multiple challenges and responses; protocol 1 is restricted to
453 one challenge/response. Examples of challenge-response authentication 459 just one challenge/response. Examples of challenge-response
454 include BSD Authentication (see login.conf(5)) and PAM (some non-OpenBSD 460 authentication include BSD Authentication (see login.conf(5)) and PAM
455 systems). 461 (some non-OpenBSD systems).
456 462
457 Finally, if other authentication methods fail, ssh prompts the user for a 463 Finally, if other authentication methods fail, ssh prompts the user for a
458 password. The password is sent to the remote host for checking; however, 464 password. The password is sent to the remote host for checking; however,
459 since all communications are encrypted, the password cannot be seen by 465 since all communications are encrypted, the password cannot be seen by
460 someone listening on the network. 466 someone listening on the network.
461 467
462 ssh automatically maintains and checks a database containing identifica- 468 ssh automatically maintains and checks a database containing
463 tion for all hosts it has ever been used with. Host keys are stored in 469 identification for all hosts it has ever been used with. Host keys are
464 ~/.ssh/known_hosts in the user's home directory. Additionally, the file 470 stored in ~/.ssh/known_hosts in the user's home directory. Additionally,
465 /etc/ssh/ssh_known_hosts is automatically checked for known hosts. Any 471 the file /etc/ssh/ssh_known_hosts is automatically checked for known
466 new hosts are automatically added to the user's file. If a host's iden- 472 hosts. Any new hosts are automatically added to the user's file. If a
467 tification ever changes, ssh warns about this and disables password au- 473 host's identification ever changes, ssh warns about this and disables
468 thentication to prevent server spoofing or man-in-the-middle attacks, 474 password authentication to prevent server spoofing or man-in-the-middle
469 which could otherwise be used to circumvent the encryption. The 475 attacks, which could otherwise be used to circumvent the encryption. The
470 StrictHostKeyChecking option can be used to control logins to machines 476 StrictHostKeyChecking option can be used to control logins to machines
471 whose host key is not known or has changed. 477 whose host key is not known or has changed.
472 478
473 When the user's identity has been accepted by the server, the server ei- 479 When the user's identity has been accepted by the server, the server
474 ther executes the given command, or logs into the machine and gives the 480 either executes the given command, or logs into the machine and gives the
475 user a normal shell on the remote machine. All communication with the 481 user a normal shell on the remote machine. All communication with the
476 remote command or shell will be automatically encrypted. 482 remote command or shell will be automatically encrypted.
477 483
@@ -487,14 +493,14 @@ AUTHENTICATION
487 exits and all X11 and TCP connections have been closed. 493 exits and all X11 and TCP connections have been closed.
488 494
489ESCAPE CHARACTERS 495ESCAPE CHARACTERS
490 When a pseudo-terminal has been requested, ssh supports a number of func- 496 When a pseudo-terminal has been requested, ssh supports a number of
491 tions through the use of an escape character. 497 functions through the use of an escape character.
492 498
493 A single tilde character can be sent as ~~ or by following the tilde by a 499 A single tilde character can be sent as ~~ or by following the tilde by a
494 character other than those described below. The escape character must 500 character other than those described below. The escape character must
495 always follow a newline to be interpreted as special. The escape charac- 501 always follow a newline to be interpreted as special. The escape
496 ter can be changed in configuration files using the EscapeChar configura- 502 character can be changed in configuration files using the EscapeChar
497 tion directive or on the command line by the -e option. 503 configuration directive or on the command line by the -e option.
498 504
499 The supported escapes (assuming the default `~') are: 505 The supported escapes (assuming the default `~') are:
500 506
@@ -531,8 +537,8 @@ TCP FORWARDING
531 In the example below, we look at encrypting communication between an IRC 537 In the example below, we look at encrypting communication between an IRC
532 client and server, even though the IRC server does not directly support 538 client and server, even though the IRC server does not directly support
533 encrypted communications. This works as follows: the user connects to 539 encrypted communications. This works as follows: the user connects to
534 the remote host using ssh, specifying a port to be used to forward con- 540 the remote host using ssh, specifying a port to be used to forward
535 nections to the remote server. After that it is possible to start the 541 connections to the remote server. After that it is possible to start the
536 service which is to be encrypted on the client machine, connecting to the 542 service which is to be encrypted on the client machine, connecting to the
537 same local port, and ssh will encrypt and forward the connection. 543 same local port, and ssh will encrypt and forward the connection.
538 544
@@ -543,11 +549,11 @@ TCP FORWARDING
543 $ irc -c '#users' -p 1234 pinky 127.0.0.1 549 $ irc -c '#users' -p 1234 pinky 127.0.0.1
544 550
545 This tunnels a connection to IRC server ``server.example.com'', joining 551 This tunnels a connection to IRC server ``server.example.com'', joining
546 channel ``#users'', nickname ``pinky'', using port 1234. It doesn't mat- 552 channel ``#users'', nickname ``pinky'', using port 1234. It doesn't
547 ter which port is used, as long as it's greater than 1023 (remember, only 553 matter which port is used, as long as it's greater than 1023 (remember,
548 root can open sockets on privileged ports) and doesn't conflict with any 554 only root can open sockets on privileged ports) and doesn't conflict with
549 ports already in use. The connection is forwarded to port 6667 on the 555 any ports already in use. The connection is forwarded to port 6667 on
550 remote server, since that's the standard port for IRC services. 556 the remote server, since that's the standard port for IRC services.
551 557
552 The -f option backgrounds ssh and the remote command ``sleep 10'' is 558 The -f option backgrounds ssh and the remote command ``sleep 10'' is
553 specified to allow an amount of time (10 seconds, in the example) to 559 specified to allow an amount of time (10 seconds, in the example) to
@@ -557,13 +563,13 @@ TCP FORWARDING
557X11 FORWARDING 563X11 FORWARDING
558 If the ForwardX11 variable is set to ``yes'' (or see the description of 564 If the ForwardX11 variable is set to ``yes'' (or see the description of
559 the -X, -x, and -Y options above) and the user is using X11 (the DISPLAY 565 the -X, -x, and -Y options above) and the user is using X11 (the DISPLAY
560 environment variable is set), the connection to the X11 display is auto- 566 environment variable is set), the connection to the X11 display is
561 matically forwarded to the remote side in such a way that any X11 pro- 567 automatically forwarded to the remote side in such a way that any X11
562 grams started from the shell (or command) will go through the encrypted 568 programs started from the shell (or command) will go through the
563 channel, and the connection to the real X server will be made from the 569 encrypted channel, and the connection to the real X server will be made
564 local machine. The user should not manually set DISPLAY. Forwarding of 570 from the local machine. The user should not manually set DISPLAY.
565 X11 connections can be configured on the command line or in configuration 571 Forwarding of X11 connections can be configured on the command line or in
566 files. 572 configuration files.
567 573
568 The DISPLAY value set by ssh will point to the server machine, but with a 574 The DISPLAY value set by ssh will point to the server machine, but with a
569 display number greater than zero. This is normal, and happens because 575 display number greater than zero. This is normal, and happens because
@@ -579,8 +585,8 @@ X11 FORWARDING
579 585
580 If the ForwardAgent variable is set to ``yes'' (or see the description of 586 If the ForwardAgent variable is set to ``yes'' (or see the description of
581 the -A and -a options above) and the user is using an authentication 587 the -A and -a options above) and the user is using an authentication
582 agent, the connection to the agent is automatically forwarded to the re- 588 agent, the connection to the agent is automatically forwarded to the
583 mote side. 589 remote side.
584 590
585VERIFYING HOST KEYS 591VERIFYING HOST KEYS
586 When connecting to a server for the first time, a fingerprint of the 592 When connecting to a server for the first time, a fingerprint of the
@@ -597,8 +603,8 @@ VERIFYING HOST KEYS
597 ``yes'', a small ASCII graphic gets displayed on every login to a server, 603 ``yes'', a small ASCII graphic gets displayed on every login to a server,
598 no matter if the session itself is interactive or not. By learning the 604 no matter if the session itself is interactive or not. By learning the
599 pattern a known server produces, a user can easily find out that the host 605 pattern a known server produces, a user can easily find out that the host
600 key has changed when a completely different pattern is displayed. Be- 606 key has changed when a completely different pattern is displayed.
601 cause these patterns are not unambiguous however, a pattern that looks 607 Because these patterns are not unambiguous however, a pattern that looks
602 similar to the pattern remembered only gives a good probability that the 608 similar to the pattern remembered only gives a good probability that the
603 host key is the same, not guaranteed proof. 609 host key is the same, not guaranteed proof.
604 610
@@ -634,15 +640,15 @@ VERIFYING HOST KEYS
634 640
635SSH-BASED VIRTUAL PRIVATE NETWORKS 641SSH-BASED VIRTUAL PRIVATE NETWORKS
636 ssh contains support for Virtual Private Network (VPN) tunnelling using 642 ssh contains support for Virtual Private Network (VPN) tunnelling using
637 the tun(4) network pseudo-device, allowing two networks to be joined se- 643 the tun(4) network pseudo-device, allowing two networks to be joined
638 curely. The sshd_config(5) configuration option PermitTunnel controls 644 securely. The sshd_config(5) configuration option PermitTunnel controls
639 whether the server supports this, and at what level (layer 2 or 3 traf- 645 whether the server supports this, and at what level (layer 2 or 3
640 fic). 646 traffic).
641 647
642 The following example would connect client network 10.0.50.0/24 with re- 648 The following example would connect client network 10.0.50.0/24 with
643 mote network 10.0.99.0/24 using a point-to-point connection from 10.1.1.1 649 remote network 10.0.99.0/24 using a point-to-point connection from
644 to 10.1.1.2, provided that the SSH server running on the gateway to the 650 10.1.1.1 to 10.1.1.2, provided that the SSH server running on the gateway
645 remote network, at 192.168.1.15, allows it. 651 to the remote network, at 192.168.1.15, allows it.
646 652
647 On the client: 653 On the client:
648 654
@@ -665,8 +671,8 @@ SSH-BASED VIRTUAL PRIVATE NETWORKS
665 tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john 671 tunnel="2",command="sh /etc/netstart tun2" ssh-rsa ... john
666 672
667 Since an SSH-based setup entails a fair amount of overhead, it may be 673 Since an SSH-based setup entails a fair amount of overhead, it may be
668 more suited to temporary setups, such as for wireless VPNs. More perma- 674 more suited to temporary setups, such as for wireless VPNs. More
669 nent VPNs are better provided by tools such as ipsecctl(8) and 675 permanent VPNs are better provided by tools such as ipsecctl(8) and
670 isakmpd(8). 676 isakmpd(8).
671 677
672ENVIRONMENT 678ENVIRONMENT
@@ -685,13 +691,13 @@ ENVIRONMENT
685 691
686 HOME Set to the path of the user's home directory. 692 HOME Set to the path of the user's home directory.
687 693
688 LOGNAME Synonym for USER; set for compatibility with sys- 694 LOGNAME Synonym for USER; set for compatibility with
689 tems that use this variable. 695 systems that use this variable.
690 696
691 MAIL Set to the path of the user's mailbox. 697 MAIL Set to the path of the user's mailbox.
692 698
693 PATH Set to the default PATH, as specified when compil- 699 PATH Set to the default PATH, as specified when
694 ing ssh. 700 compiling ssh.
695 701
696 SSH_ASKPASS If ssh needs a passphrase, it will read the 702 SSH_ASKPASS If ssh needs a passphrase, it will read the
697 passphrase from the current terminal if it was run 703 passphrase from the current terminal if it was run
@@ -699,49 +705,50 @@ ENVIRONMENT
699 associated with it but DISPLAY and SSH_ASKPASS are 705 associated with it but DISPLAY and SSH_ASKPASS are
700 set, it will execute the program specified by 706 set, it will execute the program specified by
701 SSH_ASKPASS and open an X11 window to read the 707 SSH_ASKPASS and open an X11 window to read the
702 passphrase. This is particularly useful when call- 708 passphrase. This is particularly useful when
703 ing ssh from a .xsession or related script. (Note 709 calling ssh from a .xsession or related script.
704 that on some machines it may be necessary to redi- 710 (Note that on some machines it may be necessary to
705 rect the input from /dev/null to make this work.) 711 redirect the input from /dev/null to make this
712 work.)
706 713
707 SSH_AUTH_SOCK Identifies the path of a UNIX-domain socket used to 714 SSH_AUTH_SOCK Identifies the path of a UNIX-domain socket used to
708 communicate with the agent. 715 communicate with the agent.
709 716
710 SSH_CONNECTION Identifies the client and server ends of the con- 717 SSH_CONNECTION Identifies the client and server ends of the
711 nection. The variable contains four space-separat- 718 connection. The variable contains four space-
712 ed values: client IP address, client port number, 719 separated values: client IP address, client port
713 server IP address, and server port number. 720 number, server IP address, and server port number.
714 721
715 SSH_ORIGINAL_COMMAND This variable contains the original command line if 722 SSH_ORIGINAL_COMMAND This variable contains the original command line if
716 a forced command is executed. It can be used to 723 a forced command is executed. It can be used to
717 extract the original arguments. 724 extract the original arguments.
718 725
719 SSH_TTY This is set to the name of the tty (path to the de- 726 SSH_TTY This is set to the name of the tty (path to the
720 vice) associated with the current shell or command. 727 device) associated with the current shell or
721 If the current session has no tty, this variable is 728 command. If the current session has no tty, this
722 not set. 729 variable is not set.
723 730
724 TZ This variable is set to indicate the present time 731 TZ This variable is set to indicate the present time
725 zone if it was set when the daemon was started 732 zone if it was set when the daemon was started
726 (i.e. the daemon passes the value on to new connec- 733 (i.e. the daemon passes the value on to new
727 tions). 734 connections).
728 735
729 USER Set to the name of the user logging in. 736 USER Set to the name of the user logging in.
730 737
731 Additionally, ssh reads ~/.ssh/environment, and adds lines of the format 738 Additionally, ssh reads ~/.ssh/environment, and adds lines of the format
732 ``VARNAME=value'' to the environment if the file exists and users are al- 739 ``VARNAME=value'' to the environment if the file exists and users are
733 lowed to change their environment. For more information, see the 740 allowed to change their environment. For more information, see the
734 PermitUserEnvironment option in sshd_config(5). 741 PermitUserEnvironment option in sshd_config(5).
735 742
736FILES 743FILES
737 ~/.rhosts 744 ~/.rhosts
738 This file is used for host-based authentication (see above). On 745 This file is used for host-based authentication (see above). On
739 some machines this file may need to be world-readable if the us- 746 some machines this file may need to be world-readable if the
740 er's home directory is on an NFS partition, because sshd(8) reads 747 user's home directory is on an NFS partition, because sshd(8)
741 it as root. Additionally, this file must be owned by the user, 748 reads it as root. Additionally, this file must be owned by the
742 and must not have write permissions for anyone else. The recom- 749 user, and must not have write permissions for anyone else. The
743 mended permission for most machines is read/write for the user, 750 recommended permission for most machines is read/write for the
744 and not accessible by others. 751 user, and not accessible by others.
745 752
746 ~/.shosts 753 ~/.shosts
747 This file is used in exactly the same way as .rhosts, but allows 754 This file is used in exactly the same way as .rhosts, but allows
@@ -749,18 +756,18 @@ FILES
749 rlogin/rsh. 756 rlogin/rsh.
750 757
751 ~/.ssh/ 758 ~/.ssh/
752 This directory is the default location for all user-specific con- 759 This directory is the default location for all user-specific
753 figuration and authentication information. There is no general 760 configuration and authentication information. There is no
754 requirement to keep the entire contents of this directory secret, 761 general requirement to keep the entire contents of this directory
755 but the recommended permissions are read/write/execute for the 762 secret, but the recommended permissions are read/write/execute
756 user, and not accessible by others. 763 for the user, and not accessible by others.
757 764
758 ~/.ssh/authorized_keys 765 ~/.ssh/authorized_keys
759 Lists the public keys (RSA/DSA) that can be used for logging in 766 Lists the public keys (RSA/DSA) that can be used for logging in
760 as this user. The format of this file is described in the 767 as this user. The format of this file is described in the
761 sshd(8) manual page. This file is not highly sensitive, but the 768 sshd(8) manual page. This file is not highly sensitive, but the
762 recommended permissions are read/write for the user, and not ac- 769 recommended permissions are read/write for the user, and not
763 cessible by others. 770 accessible by others.
764 771
765 ~/.ssh/config 772 ~/.ssh/config
766 This is the per-user configuration file. The file format and 773 This is the per-user configuration file. The file format and
@@ -776,11 +783,12 @@ FILES
776 ~/.ssh/id_dsa 783 ~/.ssh/id_dsa
777 ~/.ssh/id_rsa 784 ~/.ssh/id_rsa
778 Contains the private key for authentication. These files contain 785 Contains the private key for authentication. These files contain
779 sensitive data and should be readable by the user but not acces- 786 sensitive data and should be readable by the user but not
780 sible by others (read/write/execute). ssh will simply ignore a 787 accessible by others (read/write/execute). ssh will simply
781 private key file if it is accessible by others. It is possible 788 ignore a private key file if it is accessible by others. It is
782 to specify a passphrase when generating the key which will be 789 possible to specify a passphrase when generating the key which
783 used to encrypt the sensitive part of this file using 3DES. 790 will be used to encrypt the sensitive part of this file using
791 3DES.
784 792
785 ~/.ssh/identity.pub 793 ~/.ssh/identity.pub
786 ~/.ssh/id_dsa.pub 794 ~/.ssh/id_dsa.pub
@@ -804,8 +812,8 @@ FILES
804 should only be writable by root. 812 should only be writable by root.
805 813
806 /etc/shosts.equiv 814 /etc/shosts.equiv
807 This file is used in exactly the same way as hosts.equiv, but al- 815 This file is used in exactly the same way as hosts.equiv, but
808 lows host-based authentication without permitting login with 816 allows host-based authentication without permitting login with
809 rlogin/rsh. 817 rlogin/rsh.
810 818
811 /etc/ssh/ssh_config 819 /etc/ssh/ssh_config
@@ -817,11 +825,11 @@ FILES
817 /etc/ssh/ssh_host_rsa_key 825 /etc/ssh/ssh_host_rsa_key
818 These three files contain the private parts of the host keys and 826 These three files contain the private parts of the host keys and
819 are used for host-based authentication. If protocol version 1 is 827 are used for host-based authentication. If protocol version 1 is
820 used, ssh must be setuid root, since the host key is readable on- 828 used, ssh must be setuid root, since the host key is readable
821 ly by root. For protocol version 2, ssh uses ssh-keysign(8) to 829 only by root. For protocol version 2, ssh uses ssh-keysign(8) to
822 access the host keys, eliminating the requirement that ssh be se- 830 access the host keys, eliminating the requirement that ssh be
823 tuid root when host-based authentication is used. By default ssh 831 setuid root when host-based authentication is used. By default
824 is not setuid root. 832 ssh is not setuid root.
825 833
826 /etc/ssh/ssh_known_hosts 834 /etc/ssh/ssh_known_hosts
827 Systemwide list of known host keys. This file should be prepared 835 Systemwide list of known host keys. This file should be prepared
@@ -866,7 +874,7 @@ SEE ALSO
866 874
867 The Secure Shell (SSH) Public Key File Format, RFC 4716, 2006. 875 The Secure Shell (SSH) Public Key File Format, RFC 4716, 2006.
868 876
869 A. Perrig and D. Song, Hash Visualization: a New Technique to improve 877 A. Perrig, D. Song, Hash Visualization: a New Technique to improve
870 Real-World Security, 1999, International Workshop on Cryptographic 878 Real-World Security, 1999, International Workshop on Cryptographic
871 Techniques and E-Commerce (CrypTEC '99). 879 Techniques and E-Commerce (CrypTEC '99).
872 880
@@ -877,4 +885,4 @@ AUTHORS
877 created OpenSSH. Markus Friedl contributed the support for SSH protocol 885 created OpenSSH. Markus Friedl contributed the support for SSH protocol
878 versions 1.5 and 2.0. 886 versions 1.5 and 2.0.
879 887
880OpenBSD 4.7 March 26, 2010 14 888OpenBSD 4.8 August 4, 2010 OpenBSD 4.8
diff --git a/ssh.1 b/ssh.1
index 1581be52f..22ce67530 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,8 +34,8 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh.1,v 1.303 2010/03/26 00:26:58 djm Exp $ 37.\" $OpenBSD: ssh.1,v 1.308 2010/08/04 05:37:01 djm Exp $
38.Dd $Mdocdate: March 26 2010 $ 38.Dd $Mdocdate: August 4 2010 $
39.Dt SSH 1 39.Dt SSH 1
40.Os 40.Os
41.Sh NAME 41.Sh NAME
@@ -43,46 +43,28 @@
43.Nd OpenSSH SSH client (remote login program) 43.Nd OpenSSH SSH client (remote login program)
44.Sh SYNOPSIS 44.Sh SYNOPSIS
45.Nm ssh 45.Nm ssh
46.Bk -words
46.Op Fl 1246AaCfgKkMNnqsTtVvXxYy 47.Op Fl 1246AaCfgKkMNnqsTtVvXxYy
47.Op Fl b Ar bind_address 48.Op Fl b Ar bind_address
48.Op Fl c Ar cipher_spec 49.Op Fl c Ar cipher_spec
49.Oo Fl D\ \& 50.Op Fl D Oo Ar bind_address : Oc Ns Ar port
50.Sm off
51.Oo Ar bind_address : Oc
52.Ar port
53.Sm on
54.Oc
55.Op Fl e Ar escape_char 51.Op Fl e Ar escape_char
56.Op Fl F Ar configfile 52.Op Fl F Ar configfile
57.Op Fl I Ar pkcs11 53.Op Fl I Ar pkcs11
58.Bk -words
59.Op Fl i Ar identity_file 54.Op Fl i Ar identity_file
60.Ek 55.Op Fl L Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
61.Oo Fl L\ \&
62.Sm off
63.Oo Ar bind_address : Oc
64.Ar port : host : hostport
65.Sm on
66.Oc
67.Bk -words
68.Op Fl l Ar login_name 56.Op Fl l Ar login_name
69.Ek
70.Op Fl m Ar mac_spec 57.Op Fl m Ar mac_spec
71.Op Fl O Ar ctl_cmd 58.Op Fl O Ar ctl_cmd
72.Op Fl o Ar option 59.Op Fl o Ar option
73.Op Fl p Ar port 60.Op Fl p Ar port
74.Oo Fl R\ \& 61.Op Fl R Oo Ar bind_address : Oc Ns Ar port : Ns Ar host : Ns Ar hostport
75.Sm off
76.Oo Ar bind_address : Oc
77.Ar port : host : hostport
78.Sm on
79.Oc
80.Op Fl S Ar ctl_path 62.Op Fl S Ar ctl_path
81.Op Fl W Ar host : Ns Ar port 63.Op Fl W Ar host : Ns Ar port
82.Oo Fl w Ar local_tun Ns 64.Op Fl w Ar local_tun Ns Op : Ns Ar remote_tun
83.Op : Ns Ar remote_tun Oc
84.Oo Ar user Ns @ Oc Ns Ar hostname 65.Oo Ar user Ns @ Oc Ns Ar hostname
85.Op Ar command 66.Op Ar command
67.Ek
86.Sh DESCRIPTION 68.Sh DESCRIPTION
87.Nm 69.Nm
88(SSH client) is a program for logging into a remote machine and for 70(SSH client) is a program for logging into a remote machine and for
@@ -194,7 +176,9 @@ is a comma-separated list of ciphers
194listed in order of preference. 176listed in order of preference.
195See the 177See the
196.Cm Ciphers 178.Cm Ciphers
197keyword for more information. 179keyword in
180.Xr ssh_config 5
181for more information.
198.It Fl D Xo 182.It Fl D Xo
199.Sm off 183.Sm off
200.Oo Ar bind_address : Oc 184.Oo Ar bind_address : Oc
@@ -218,14 +202,7 @@ will act as a SOCKS server.
218Only root can forward privileged ports. 202Only root can forward privileged ports.
219Dynamic port forwardings can also be specified in the configuration file. 203Dynamic port forwardings can also be specified in the configuration file.
220.Pp 204.Pp
221IPv6 addresses can be specified with an alternative syntax: 205IPv6 addresses can be specified by enclosing the address in square brackets.
222.Sm off
223.Xo
224.Op Ar bind_address No /
225.Ar port
226.Xc
227.Sm on
228or by enclosing the address in square brackets.
229Only the superuser can forward privileged ports. 206Only the superuser can forward privileged ports.
230By default, the local port is bound in accordance with the 207By default, the local port is bound in accordance with the
231.Cm GatewayPorts 208.Cm GatewayPorts
@@ -336,15 +313,7 @@ port
336.Ar hostport 313.Ar hostport
337from the remote machine. 314from the remote machine.
338Port forwardings can also be specified in the configuration file. 315Port forwardings can also be specified in the configuration file.
339IPv6 addresses can be specified with an alternative syntax: 316IPv6 addresses can be specified by enclosing the address in square brackets.
340.Sm off
341.Xo
342.Op Ar bind_address No /
343.Ar port No / Ar host No /
344.Ar hostport
345.Xc
346.Sm on
347or by enclosing the address in square brackets.
348Only the superuser can forward privileged ports. 317Only the superuser can forward privileged ports.
349By default, the local port is bound in accordance with the 318By default, the local port is bound in accordance with the
350.Cm GatewayPorts 319.Cm GatewayPorts
@@ -421,7 +390,9 @@ option is specified, the
421argument is interpreted and passed to the master process. 390argument is interpreted and passed to the master process.
422Valid commands are: 391Valid commands are:
423.Dq check 392.Dq check
424(check that the master process is running) and 393(check that the master process is running),
394.Dq forward
395(request forwardings without command execution) and
425.Dq exit 396.Dq exit
426(request the master to exit). 397(request the master to exit).
427.It Fl o Ar option 398.It Fl o Ar option
@@ -525,15 +496,7 @@ from the local machine.
525Port forwardings can also be specified in the configuration file. 496Port forwardings can also be specified in the configuration file.
526Privileged ports can be forwarded only when 497Privileged ports can be forwarded only when
527logging in as root on the remote machine. 498logging in as root on the remote machine.
528IPv6 addresses can be specified by enclosing the address in square braces or 499IPv6 addresses can be specified by enclosing the address in square braces.
529using an alternative syntax:
530.Sm off
531.Xo
532.Op Ar bind_address No /
533.Ar host No / Ar port No /
534.Ar hostport
535.Xc .
536.Sm on
537.Pp 500.Pp
538By default, the listening socket on the server will be bound to the loopback 501By default, the listening socket on the server will be bound to the loopback
539interface only. 502interface only.
@@ -557,8 +520,11 @@ argument is
557.Ql 0 , 520.Ql 0 ,
558the listen port will be dynamically allocated on the server and reported 521the listen port will be dynamically allocated on the server and reported
559to the client at run time. 522to the client at run time.
523When used together with
524.Ic -O forward
525the allocated port will be printed to the standard output.
560.It Fl S Ar ctl_path 526.It Fl S Ar ctl_path
561Specifies the location of a control socket for connection sharing 527Specifies the location of a control socket for connection sharing,
562or the string 528or the string
563.Dq none 529.Dq none
564to disable connection sharing. 530to disable connection sharing.
diff --git a/ssh.c b/ssh.c
index 0afeb3b3a..ab3c33d87 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.335 2010/02/26 20:29:54 djm Exp $ */ 1/* $OpenBSD: ssh.c,v 1.346 2010/08/12 21:49:44 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -79,6 +79,7 @@
79#include "ssh.h" 79#include "ssh.h"
80#include "ssh1.h" 80#include "ssh1.h"
81#include "ssh2.h" 81#include "ssh2.h"
82#include "canohost.h"
82#include "compat.h" 83#include "compat.h"
83#include "cipher.h" 84#include "cipher.h"
84#include "packet.h" 85#include "packet.h"
@@ -127,6 +128,15 @@ int no_shell_flag = 0;
127int stdin_null_flag = 0; 128int stdin_null_flag = 0;
128 129
129/* 130/*
131 * Flag indicating that the current process should be backgrounded and
132 * a new slave launched in the foreground for ControlPersist.
133 */
134int need_controlpersist_detach = 0;
135
136/* Copies of flags for ControlPersist foreground slave */
137int ostdin_null_flag, ono_shell_flag, ono_tty_flag, otty_flag;
138
139/*
130 * Flag indicating that ssh should fork after authentication. This is useful 140 * Flag indicating that ssh should fork after authentication. This is useful
131 * so that the passphrase can be entered manually, and then ssh goes to the 141 * so that the passphrase can be entered manually, and then ssh goes to the
132 * background. 142 * background.
@@ -228,6 +238,12 @@ main(int ac, char **av)
228 init_rng(); 238 init_rng();
229 239
230 /* 240 /*
241 * Discard other fds that are hanging around. These can cause problem
242 * with backgrounded ssh processes started by ControlPersist.
243 */
244 closefrom(STDERR_FILENO + 1);
245
246 /*
231 * Save the original real uid. It will be needed later (uid-swapping 247 * Save the original real uid. It will be needed later (uid-swapping
232 * may clobber the real uid). 248 * may clobber the real uid).
233 */ 249 */
@@ -327,6 +343,8 @@ main(int ac, char **av)
327 fatal("Multiplexing command already specified"); 343 fatal("Multiplexing command already specified");
328 if (strcmp(optarg, "check") == 0) 344 if (strcmp(optarg, "check") == 0)
329 muxclient_command = SSHMUX_COMMAND_ALIVE_CHECK; 345 muxclient_command = SSHMUX_COMMAND_ALIVE_CHECK;
346 else if (strcmp(optarg, "forward") == 0)
347 muxclient_command = SSHMUX_COMMAND_FORWARD;
330 else if (strcmp(optarg, "exit") == 0) 348 else if (strcmp(optarg, "exit") == 0)
331 muxclient_command = SSHMUX_COMMAND_TERMINATE; 349 muxclient_command = SSHMUX_COMMAND_TERMINATE;
332 else 350 else
@@ -620,7 +638,7 @@ main(int ac, char **av)
620 tty_flag = 1; 638 tty_flag = 1;
621 639
622 /* Force no tty */ 640 /* Force no tty */
623 if (no_tty_flag) 641 if (no_tty_flag || muxclient_command != 0)
624 tty_flag = 0; 642 tty_flag = 0;
625 /* Do not allocate a tty if stdin is not a tty. */ 643 /* Do not allocate a tty if stdin is not a tty. */
626 if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) { 644 if ((!isatty(fileno(stdin)) || stdin_null_flag) && !force_tty_flag) {
@@ -676,6 +694,11 @@ main(int ac, char **av)
676 options.port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT; 694 options.port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT;
677 } 695 }
678 696
697 if (options.hostname != NULL) {
698 host = percent_expand(options.hostname,
699 "h", host, (char *)NULL);
700 }
701
679 if (options.local_command != NULL) { 702 if (options.local_command != NULL) {
680 char thishost[NI_MAXHOST]; 703 char thishost[NI_MAXHOST];
681 704
@@ -685,16 +708,12 @@ main(int ac, char **av)
685 debug3("expanding LocalCommand: %s", options.local_command); 708 debug3("expanding LocalCommand: %s", options.local_command);
686 cp = options.local_command; 709 cp = options.local_command;
687 options.local_command = percent_expand(cp, "d", pw->pw_dir, 710 options.local_command = percent_expand(cp, "d", pw->pw_dir,
688 "h", options.hostname? options.hostname : host, 711 "h", host, "l", thishost, "n", host, "r", options.user,
689 "l", thishost, "n", host, "r", options.user, "p", buf, 712 "p", buf, "u", pw->pw_name, (char *)NULL);
690 "u", pw->pw_name, (char *)NULL);
691 debug3("expanded LocalCommand: %s", options.local_command); 713 debug3("expanded LocalCommand: %s", options.local_command);
692 xfree(cp); 714 xfree(cp);
693 } 715 }
694 716
695 if (options.hostname != NULL)
696 host = options.hostname;
697
698 /* force lowercase for hostkey matching */ 717 /* force lowercase for hostkey matching */
699 if (options.host_key_alias != NULL) { 718 if (options.host_key_alias != NULL) {
700 for (p = options.host_key_alias; *p; p++) 719 for (p = options.host_key_alias; *p; p++)
@@ -761,26 +780,34 @@ main(int ac, char **av)
761 sensitive_data.external_keysign = 0; 780 sensitive_data.external_keysign = 0;
762 if (options.rhosts_rsa_authentication || 781 if (options.rhosts_rsa_authentication ||
763 options.hostbased_authentication) { 782 options.hostbased_authentication) {
764 sensitive_data.nkeys = 3; 783 sensitive_data.nkeys = 5;
765 sensitive_data.keys = xcalloc(sensitive_data.nkeys, 784 sensitive_data.keys = xcalloc(sensitive_data.nkeys,
766 sizeof(Key)); 785 sizeof(Key));
767 786
768 PRIV_START; 787 PRIV_START;
769 sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, 788 sensitive_data.keys[0] = key_load_private_type(KEY_RSA1,
770 _PATH_HOST_KEY_FILE, "", NULL, NULL); 789 _PATH_HOST_KEY_FILE, "", NULL, NULL);
771 sensitive_data.keys[1] = key_load_private_type(KEY_DSA, 790 sensitive_data.keys[1] = key_load_private_cert(KEY_DSA,
791 _PATH_HOST_DSA_KEY_FILE, "", NULL);
792 sensitive_data.keys[2] = key_load_private_cert(KEY_RSA,
793 _PATH_HOST_RSA_KEY_FILE, "", NULL);
794 sensitive_data.keys[3] = key_load_private_type(KEY_DSA,
772 _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); 795 _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL);
773 sensitive_data.keys[2] = key_load_private_type(KEY_RSA, 796 sensitive_data.keys[4] = key_load_private_type(KEY_RSA,
774 _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); 797 _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL);
775 PRIV_END; 798 PRIV_END;
776 799
777 if (options.hostbased_authentication == 1 && 800 if (options.hostbased_authentication == 1 &&
778 sensitive_data.keys[0] == NULL && 801 sensitive_data.keys[0] == NULL &&
779 sensitive_data.keys[1] == NULL && 802 sensitive_data.keys[3] == NULL &&
780 sensitive_data.keys[2] == NULL) { 803 sensitive_data.keys[4] == NULL) {
781 sensitive_data.keys[1] = key_load_public( 804 sensitive_data.keys[1] = key_load_cert(
805 _PATH_HOST_DSA_KEY_FILE);
806 sensitive_data.keys[2] = key_load_cert(
807 _PATH_HOST_RSA_KEY_FILE);
808 sensitive_data.keys[3] = key_load_public(
782 _PATH_HOST_DSA_KEY_FILE, NULL); 809 _PATH_HOST_DSA_KEY_FILE, NULL);
783 sensitive_data.keys[2] = key_load_public( 810 sensitive_data.keys[4] = key_load_public(
784 _PATH_HOST_RSA_KEY_FILE, NULL); 811 _PATH_HOST_RSA_KEY_FILE, NULL);
785 sensitive_data.external_keysign = 1; 812 sensitive_data.external_keysign = 1;
786 } 813 }
@@ -827,6 +854,13 @@ main(int ac, char **av)
827 ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr, 854 ssh_login(&sensitive_data, host, (struct sockaddr *)&hostaddr,
828 pw, timeout_ms); 855 pw, timeout_ms);
829 856
857 if (packet_connection_is_on_socket()) {
858 verbose("Authenticated to %s ([%s]:%d).", host,
859 get_remote_ipaddr(), get_remote_port());
860 } else {
861 verbose("Authenticated to %s (via proxy).", host);
862 }
863
830 /* We no longer need the private host keys. Clear them now. */ 864 /* We no longer need the private host keys. Clear them now. */
831 if (sensitive_data.nkeys != 0) { 865 if (sensitive_data.nkeys != 0) {
832 for (i = 0; i < sensitive_data.nkeys; i++) { 866 for (i = 0; i < sensitive_data.nkeys; i++) {
@@ -866,6 +900,61 @@ main(int ac, char **av)
866 return exit_status; 900 return exit_status;
867} 901}
868 902
903static void
904control_persist_detach(void)
905{
906 pid_t pid;
907 int devnull;
908
909 debug("%s: backgrounding master process", __func__);
910
911 /*
912 * master (current process) into the background, and make the
913 * foreground process a client of the backgrounded master.
914 */
915 switch ((pid = fork())) {
916 case -1:
917 fatal("%s: fork: %s", __func__, strerror(errno));
918 case 0:
919 /* Child: master process continues mainloop */
920 break;
921 default:
922 /* Parent: set up mux slave to connect to backgrounded master */
923 debug2("%s: background process is %ld", __func__, (long)pid);
924 stdin_null_flag = ostdin_null_flag;
925 no_shell_flag = ono_shell_flag;
926 no_tty_flag = ono_tty_flag;
927 tty_flag = otty_flag;
928 close(muxserver_sock);
929 muxserver_sock = -1;
930 muxclient(options.control_path);
931 /* muxclient() doesn't return on success. */
932 fatal("Failed to connect to new control master");
933 }
934 if ((devnull = open(_PATH_DEVNULL, O_RDWR)) == -1) {
935 error("%s: open(\"/dev/null\"): %s", __func__,
936 strerror(errno));
937 } else {
938 if (dup2(devnull, STDIN_FILENO) == -1 ||
939 dup2(devnull, STDOUT_FILENO) == -1)
940 error("%s: dup2: %s", __func__, strerror(errno));
941 if (devnull > STDERR_FILENO)
942 close(devnull);
943 }
944}
945
946/* Do fork() after authentication. Used by "ssh -f" */
947static void
948fork_postauth(void)
949{
950 if (need_controlpersist_detach)
951 control_persist_detach();
952 debug("forking to background");
953 fork_after_authentication_flag = 0;
954 if (daemon(1, 1) < 0)
955 fatal("daemon() failed: %.200s", strerror(errno));
956}
957
869/* Callback for remote forward global requests */ 958/* Callback for remote forward global requests */
870static void 959static void
871ssh_confirm_remote_forward(int type, u_int32_t seq, void *ctxt) 960ssh_confirm_remote_forward(int type, u_int32_t seq, void *ctxt)
@@ -877,9 +966,10 @@ ssh_confirm_remote_forward(int type, u_int32_t seq, void *ctxt)
877 type == SSH2_MSG_REQUEST_SUCCESS ? "success" : "failure", 966 type == SSH2_MSG_REQUEST_SUCCESS ? "success" : "failure",
878 rfwd->listen_port, rfwd->connect_host, rfwd->connect_port); 967 rfwd->listen_port, rfwd->connect_host, rfwd->connect_port);
879 if (type == SSH2_MSG_REQUEST_SUCCESS && rfwd->listen_port == 0) { 968 if (type == SSH2_MSG_REQUEST_SUCCESS && rfwd->listen_port == 0) {
969 rfwd->allocated_port = packet_get_int();
880 logit("Allocated port %u for remote forward to %s:%d", 970 logit("Allocated port %u for remote forward to %s:%d",
881 packet_get_int(), 971 rfwd->allocated_port,
882 rfwd->connect_host, rfwd->connect_port); 972 rfwd->connect_host, rfwd->connect_port);
883 } 973 }
884 974
885 if (type == SSH2_MSG_REQUEST_FAILURE) { 975 if (type == SSH2_MSG_REQUEST_FAILURE) {
@@ -892,12 +982,8 @@ ssh_confirm_remote_forward(int type, u_int32_t seq, void *ctxt)
892 } 982 }
893 if (++remote_forward_confirms_received == options.num_remote_forwards) { 983 if (++remote_forward_confirms_received == options.num_remote_forwards) {
894 debug("All remote forwarding requests processed"); 984 debug("All remote forwarding requests processed");
895 if (fork_after_authentication_flag) { 985 if (fork_after_authentication_flag)
896 fork_after_authentication_flag = 0; 986 fork_postauth();
897 if (daemon(1, 1) < 0)
898 fatal("daemon() failed: %.200s",
899 strerror(errno));
900 }
901 } 987 }
902} 988}
903 989
@@ -1093,7 +1179,9 @@ ssh_session(void)
1093 char *proto, *data; 1179 char *proto, *data;
1094 /* Get reasonable local authentication information. */ 1180 /* Get reasonable local authentication information. */
1095 client_x11_get_proto(display, options.xauth_location, 1181 client_x11_get_proto(display, options.xauth_location,
1096 options.forward_x11_trusted, &proto, &data); 1182 options.forward_x11_trusted,
1183 options.forward_x11_timeout,
1184 &proto, &data);
1097 /* Request forwarding with authentication spoofing. */ 1185 /* Request forwarding with authentication spoofing. */
1098 debug("Requesting X11 forwarding with authentication " 1186 debug("Requesting X11 forwarding with authentication "
1099 "spoofing."); 1187 "spoofing.");
@@ -1139,12 +1227,13 @@ ssh_session(void)
1139 * If requested and we are not interested in replies to remote 1227 * If requested and we are not interested in replies to remote
1140 * forwarding requests, then let ssh continue in the background. 1228 * forwarding requests, then let ssh continue in the background.
1141 */ 1229 */
1142 if (fork_after_authentication_flag && 1230 if (fork_after_authentication_flag) {
1143 (!options.exit_on_forward_failure || 1231 if (options.exit_on_forward_failure &&
1144 options.num_remote_forwards == 0)) { 1232 options.num_remote_forwards > 0) {
1145 fork_after_authentication_flag = 0; 1233 debug("deferring postauth fork until remote forward "
1146 if (daemon(1, 1) < 0) 1234 "confirmation received");
1147 fatal("daemon() failed: %.200s", strerror(errno)); 1235 } else
1236 fork_postauth();
1148 } 1237 }
1149 1238
1150 /* 1239 /*
@@ -1175,18 +1264,22 @@ ssh_session(void)
1175 1264
1176/* request pty/x11/agent/tcpfwd/shell for channel */ 1265/* request pty/x11/agent/tcpfwd/shell for channel */
1177static void 1266static void
1178ssh_session2_setup(int id, void *arg) 1267ssh_session2_setup(int id, int success, void *arg)
1179{ 1268{
1180 extern char **environ; 1269 extern char **environ;
1181 const char *display; 1270 const char *display;
1182 int interactive = tty_flag; 1271 int interactive = tty_flag;
1183 1272
1273 if (!success)
1274 return; /* No need for error message, channels code sens one */
1275
1184 display = getenv("DISPLAY"); 1276 display = getenv("DISPLAY");
1185 if (options.forward_x11 && display != NULL) { 1277 if (options.forward_x11 && display != NULL) {
1186 char *proto, *data; 1278 char *proto, *data;
1187 /* Get reasonable local authentication information. */ 1279 /* Get reasonable local authentication information. */
1188 client_x11_get_proto(display, options.xauth_location, 1280 client_x11_get_proto(display, options.xauth_location,
1189 options.forward_x11_trusted, &proto, &data); 1281 options.forward_x11_trusted,
1282 options.forward_x11_timeout, &proto, &data);
1190 /* Request forwarding with authentication spoofing. */ 1283 /* Request forwarding with authentication spoofing. */
1191 debug("Requesting X11 forwarding with authentication " 1284 debug("Requesting X11 forwarding with authentication "
1192 "spoofing."); 1285 "spoofing.");
@@ -1263,6 +1356,31 @@ ssh_session2(void)
1263 /* XXX should be pre-session */ 1356 /* XXX should be pre-session */
1264 ssh_init_forwarding(); 1357 ssh_init_forwarding();
1265 1358
1359 /* Start listening for multiplex clients */
1360 muxserver_listen();
1361
1362 /*
1363 * If we are in control persist mode, then prepare to background
1364 * ourselves and have a foreground client attach as a control
1365 * slave. NB. we must save copies of the flags that we override for
1366 * the backgrounding, since we defer attachment of the slave until
1367 * after the connection is fully established (in particular,
1368 * async rfwd replies have been received for ExitOnForwardFailure).
1369 */
1370 if (options.control_persist && muxserver_sock != -1) {
1371 ostdin_null_flag = stdin_null_flag;
1372 ono_shell_flag = no_shell_flag;
1373 ono_tty_flag = no_tty_flag;
1374 otty_flag = tty_flag;
1375 stdin_null_flag = 1;
1376 no_shell_flag = 1;
1377 no_tty_flag = 1;
1378 tty_flag = 0;
1379 if (!fork_after_authentication_flag)
1380 need_controlpersist_detach = 1;
1381 fork_after_authentication_flag = 1;
1382 }
1383
1266 if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN)) 1384 if (!no_shell_flag || (datafellows & SSH_BUG_DUMMYCHAN))
1267 id = ssh_session2_open(); 1385 id = ssh_session2_open();
1268 1386
@@ -1281,14 +1399,17 @@ ssh_session2(void)
1281 options.permit_local_command) 1399 options.permit_local_command)
1282 ssh_local_cmd(options.local_command); 1400 ssh_local_cmd(options.local_command);
1283 1401
1284 /* Start listening for multiplex clients */ 1402 /*
1285 muxserver_listen(); 1403 * If requested and we are not interested in replies to remote
1286 1404 * forwarding requests, then let ssh continue in the background.
1287 /* If requested, let ssh continue in the background. */ 1405 */
1288 if (fork_after_authentication_flag) { 1406 if (fork_after_authentication_flag) {
1289 fork_after_authentication_flag = 0; 1407 if (options.exit_on_forward_failure &&
1290 if (daemon(1, 1) < 0) 1408 options.num_remote_forwards > 0) {
1291 fatal("daemon() failed: %.200s", strerror(errno)); 1409 debug("deferring postauth fork until remote forward "
1410 "confirmation received");
1411 } else
1412 fork_postauth();
1292 } 1413 }
1293 1414
1294 if (options.use_roaming) 1415 if (options.use_roaming)
diff --git a/ssh.h b/ssh.h
index 186cfff96..c94633bdc 100644
--- a/ssh.h
+++ b/ssh.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.h,v 1.78 2006/08/03 03:34:42 deraadt Exp $ */ 1/* $OpenBSD: ssh.h,v 1.79 2010/06/25 07:14:46 djm Exp $ */
2 2
3/* 3/*
4 * Author: Tatu Ylonen <ylo@cs.hut.fi> 4 * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -18,9 +18,6 @@
18/* Default port number. */ 18/* Default port number. */
19#define SSH_DEFAULT_PORT 22 19#define SSH_DEFAULT_PORT 22
20 20
21/* Maximum number of TCP/IP ports forwarded per direction. */
22#define SSH_MAX_FORWARDS_PER_DIRECTION 100
23
24/* 21/*
25 * Maximum number of RSA authentication identity files that can be specified 22 * Maximum number of RSA authentication identity files that can be specified
26 * in configuration files or on the command line. 23 * in configuration files or on the command line.
diff --git a/ssh_config.0 b/ssh_config.0
index 1a2c64ce1..6c19de765 100644
--- a/ssh_config.0
+++ b/ssh_config.0
@@ -8,21 +8,21 @@ SYNOPSIS
8 /etc/ssh/ssh_config 8 /etc/ssh/ssh_config
9 9
10DESCRIPTION 10DESCRIPTION
11 ssh(1) obtains configuration data from the following sources in the fol- 11 ssh(1) obtains configuration data from the following sources in the
12 lowing order: 12 following order:
13 13
14 1. command-line options 14 1. command-line options
15 2. user's configuration file (~/.ssh/config) 15 2. user's configuration file (~/.ssh/config)
16 3. system-wide configuration file (/etc/ssh/ssh_config) 16 3. system-wide configuration file (/etc/ssh/ssh_config)
17 17
18 For each parameter, the first obtained value will be used. The configu- 18 For each parameter, the first obtained value will be used. The
19 ration files contain sections separated by ``Host'' specifications, and 19 configuration files contain sections separated by ``Host''
20 that section is only applied for hosts that match one of the patterns 20 specifications, and that section is only applied for hosts that match one
21 given in the specification. The matched host name is the one given on 21 of the patterns given in the specification. The matched host name is the
22 the command line. 22 one given on the command line.
23 23
24 Since the first obtained value for each parameter is used, more host-spe- 24 Since the first obtained value for each parameter is used, more host-
25 cific declarations should be given near the beginning of the file, and 25 specific declarations should be given near the beginning of the file, and
26 general defaults at the end. 26 general defaults at the end.
27 27
28 The configuration file has the following format: 28 The configuration file has the following format:
@@ -30,29 +30,29 @@ DESCRIPTION
30 Empty lines and lines starting with `#' are comments. Otherwise a line 30 Empty lines and lines starting with `#' are comments. Otherwise a line
31 is of the format ``keyword arguments''. Configuration options may be 31 is of the format ``keyword arguments''. Configuration options may be
32 separated by whitespace or optional whitespace and exactly one `='; the 32 separated by whitespace or optional whitespace and exactly one `='; the
33 latter format is useful to avoid the need to quote whitespace when speci- 33 latter format is useful to avoid the need to quote whitespace when
34 fying configuration options using the ssh, scp, and sftp -o option. Ar- 34 specifying configuration options using the ssh, scp, and sftp -o option.
35 guments may optionally be enclosed in double quotes (") in order to rep- 35 Arguments may optionally be enclosed in double quotes (") in order to
36 resent arguments containing spaces. 36 represent arguments containing spaces.
37 37
38 The possible keywords and their meanings are as follows (note that key- 38 The possible keywords and their meanings are as follows (note that
39 words are case-insensitive and arguments are case-sensitive): 39 keywords are case-insensitive and arguments are case-sensitive):
40 40
41 Host Restricts the following declarations (up to the next Host key- 41 Host Restricts the following declarations (up to the next Host
42 word) to be only for those hosts that match one of the patterns 42 keyword) to be only for those hosts that match one of the
43 given after the keyword. If more than one pattern is provided, 43 patterns given after the keyword. If more than one pattern is
44 they should be separated by whitespace. A single `*' as a pat- 44 provided, they should be separated by whitespace. A single `*'
45 tern can be used to provide global defaults for all hosts. The 45 as a pattern can be used to provide global defaults for all
46 host is the hostname argument given on the command line (i.e. the 46 hosts. The host is the hostname argument given on the command
47 name is not converted to a canonicalized host name before match- 47 line (i.e. the name is not converted to a canonicalized host name
48 ing). 48 before matching).
49 49
50 See PATTERNS for more information on patterns. 50 See PATTERNS for more information on patterns.
51 51
52 AddressFamily 52 AddressFamily
53 Specifies which address family to use when connecting. Valid ar- 53 Specifies which address family to use when connecting. Valid
54 guments are ``any'', ``inet'' (use IPv4 only), or ``inet6'' (use 54 arguments are ``any'', ``inet'' (use IPv4 only), or ``inet6''
55 IPv6 only). 55 (use IPv6 only).
56 56
57 BatchMode 57 BatchMode
58 If set to ``yes'', passphrase/password querying will be disabled. 58 If set to ``yes'', passphrase/password querying will be disabled.
@@ -61,8 +61,8 @@ DESCRIPTION
61 ``yes'' or ``no''. The default is ``no''. 61 ``yes'' or ``no''. The default is ``no''.
62 62
63 BindAddress 63 BindAddress
64 Use the specified address on the local machine as the source ad- 64 Use the specified address on the local machine as the source
65 dress of the connection. Only useful on systems with more than 65 address of the connection. Only useful on systems with more than
66 one address. Note that this option does not work if 66 one address. Note that this option does not work if
67 UsePrivilegedPort is set to ``yes''. 67 UsePrivilegedPort is set to ``yes''.
68 68
@@ -78,20 +78,21 @@ DESCRIPTION
78 is set to ``no'', the check will not be executed. The default is 78 is set to ``no'', the check will not be executed. The default is
79 ``yes''. 79 ``yes''.
80 80
81 Cipher Specifies the cipher to use for encrypting the session in proto- 81 Cipher Specifies the cipher to use for encrypting the session in
82 col version 1. Currently, ``blowfish'', ``3des'', and ``des'' 82 protocol version 1. Currently, ``blowfish'', ``3des'', and
83 are supported. des is only supported in the ssh(1) client for 83 ``des'' are supported. des is only supported in the ssh(1)
84 interoperability with legacy protocol 1 implementations that do 84 client for interoperability with legacy protocol 1
85 not support the 3des cipher. Its use is strongly discouraged due 85 implementations that do not support the 3des cipher. Its use is
86 to cryptographic weaknesses. The default is ``3des''. 86 strongly discouraged due to cryptographic weaknesses. The
87 default is ``3des''.
87 88
88 Ciphers 89 Ciphers
89 Specifies the ciphers allowed for protocol version 2 in order of 90 Specifies the ciphers allowed for protocol version 2 in order of
90 preference. Multiple ciphers must be comma-separated. The sup- 91 preference. Multiple ciphers must be comma-separated. The
91 ported ciphers are ``3des-cbc'', ``aes128-cbc'', ``aes192-cbc'', 92 supported ciphers are ``3des-cbc'', ``aes128-cbc'',
92 ``aes256-cbc'', ``aes128-ctr'', ``aes192-ctr'', ``aes256-ctr'', 93 ``aes192-cbc'', ``aes256-cbc'', ``aes128-ctr'', ``aes192-ctr'',
93 ``arcfour128'', ``arcfour256'', ``arcfour'', ``blowfish-cbc'', 94 ``aes256-ctr'', ``arcfour128'', ``arcfour256'', ``arcfour'',
94 and ``cast128-cbc''. The default is: 95 ``blowfish-cbc'', and ``cast128-cbc''. The default is:
95 96
96 aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, 97 aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,
97 aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc, 98 aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,
@@ -101,9 +102,10 @@ DESCRIPTION
101 Specifies that all local, remote, and dynamic port forwardings 102 Specifies that all local, remote, and dynamic port forwardings
102 specified in the configuration files or on the command line be 103 specified in the configuration files or on the command line be
103 cleared. This option is primarily useful when used from the 104 cleared. This option is primarily useful when used from the
104 ssh(1) command line to clear port forwardings set in configura- 105 ssh(1) command line to clear port forwardings set in
105 tion files, and is automatically set by scp(1) and sftp(1). The 106 configuration files, and is automatically set by scp(1) and
106 argument must be ``yes'' or ``no''. The default is ``no''. 107 sftp(1). The argument must be ``yes'' or ``no''. The default is
108 ``no''.
107 109
108 Compression 110 Compression
109 Specifies whether to use compression. The argument must be 111 Specifies whether to use compression. The argument must be
@@ -117,37 +119,37 @@ DESCRIPTION
117 option applies to protocol version 1 only. 119 option applies to protocol version 1 only.
118 120
119 ConnectionAttempts 121 ConnectionAttempts
120 Specifies the number of tries (one per second) to make before ex- 122 Specifies the number of tries (one per second) to make before
121 iting. The argument must be an integer. This may be useful in 123 exiting. The argument must be an integer. This may be useful in
122 scripts if the connection sometimes fails. The default is 1. 124 scripts if the connection sometimes fails. The default is 1.
123 125
124 ConnectTimeout 126 ConnectTimeout
125 Specifies the timeout (in seconds) used when connecting to the 127 Specifies the timeout (in seconds) used when connecting to the
126 SSH server, instead of using the default system TCP timeout. 128 SSH server, instead of using the default system TCP timeout.
127 This value is used only when the target is down or really un- 129 This value is used only when the target is down or really
128 reachable, not when it refuses the connection. 130 unreachable, not when it refuses the connection.
129 131
130 ControlMaster 132 ControlMaster
131 Enables the sharing of multiple sessions over a single network 133 Enables the sharing of multiple sessions over a single network
132 connection. When set to ``yes'', ssh(1) will listen for connec- 134 connection. When set to ``yes'', ssh(1) will listen for
133 tions on a control socket specified using the ControlPath argu- 135 connections on a control socket specified using the ControlPath
134 ment. Additional sessions can connect to this socket using the 136 argument. Additional sessions can connect to this socket using
135 same ControlPath with ControlMaster set to ``no'' (the default). 137 the same ControlPath with ControlMaster set to ``no'' (the
136 These sessions will try to reuse the master instance's network 138 default). These sessions will try to reuse the master instance's
137 connection rather than initiating new ones, but will fall back to 139 network connection rather than initiating new ones, but will fall
138 connecting normally if the control socket does not exist, or is 140 back to connecting normally if the control socket does not exist,
139 not listening. 141 or is not listening.
140 142
141 Setting this to ``ask'' will cause ssh to listen for control con- 143 Setting this to ``ask'' will cause ssh to listen for control
142 nections, but require confirmation using the SSH_ASKPASS program 144 connections, but require confirmation using the SSH_ASKPASS
143 before they are accepted (see ssh-add(1) for details). If the 145 program before they are accepted (see ssh-add(1) for details).
144 ControlPath cannot be opened, ssh will continue without connect- 146 If the ControlPath cannot be opened, ssh will continue without
145 ing to a master instance. 147 connecting to a master instance.
146 148
147 X11 and ssh-agent(1) forwarding is supported over these multi- 149 X11 and ssh-agent(1) forwarding is supported over these
148 plexed connections, however the display and agent forwarded will 150 multiplexed connections, however the display and agent forwarded
149 be the one belonging to the master connection i.e. it is not pos- 151 will be the one belonging to the master connection i.e. it is not
150 sible to forward multiple displays or agents. 152 possible to forward multiple displays or agents.
151 153
152 Two additional options allow for opportunistic multiplexing: try 154 Two additional options allow for opportunistic multiplexing: try
153 to use a master connection but fall back to creating a new one if 155 to use a master connection but fall back to creating a new one if
@@ -156,14 +158,30 @@ DESCRIPTION
156 option. 158 option.
157 159
158 ControlPath 160 ControlPath
159 Specify the path to the control socket used for connection shar- 161 Specify the path to the control socket used for connection
160 ing as described in the ControlMaster section above or the string 162 sharing as described in the ControlMaster section above or the
161 ``none'' to disable connection sharing. In the path, `%l' will 163 string ``none'' to disable connection sharing. In the path, `%l'
162 be substituted by the local host name, `%h' will be substituted 164 will be substituted by the local host name, `%h' will be
163 by the target host name, `%p' the port, and `%r' by the remote 165 substituted by the target host name, `%p' the port, and `%r' by
164 login username. It is recommended that any ControlPath used for 166 the remote login username. It is recommended that any
165 opportunistic connection sharing include at least %h, %p, and %r. 167 ControlPath used for opportunistic connection sharing include at
166 This ensures that shared connections are uniquely identified. 168 least %h, %p, and %r. This ensures that shared connections are
169 uniquely identified.
170
171 ControlPersist
172 When used in conjunction with ControlMaster, specifies that the
173 master connection should remain open in the background (waiting
174 for future client connections) after the initial client
175 connection has been closed. If set to ``no'', then the master
176 connection will not be placed into the background, and will close
177 as soon as the initial client connection is closed. If set to
178 ``yes'', then the master connection will remain in the background
179 indefinitely (until killed or closed via a mechanism such as the
180 ssh(1) ``-O exit'' option). If set to a time in seconds, or a
181 time in any of the formats documented in sshd_config(5), then the
182 backgrounded master connection will automatically terminate after
183 it has remained idle (with no client connections) for the
184 specified time.
167 185
168 DynamicForward 186 DynamicForward
169 Specifies that a TCP port on the local machine be forwarded over 187 Specifies that a TCP port on the local machine be forwarded over
@@ -171,14 +189,13 @@ DESCRIPTION
171 determine where to connect to from the remote machine. 189 determine where to connect to from the remote machine.
172 190
173 The argument must be [bind_address:]port. IPv6 addresses can be 191 The argument must be [bind_address:]port. IPv6 addresses can be
174 specified by enclosing addresses in square brackets or by using 192 specified by enclosing addresses in square brackets. By default,
175 an alternative syntax: [bind_address/]port. By default, the lo- 193 the local port is bound in accordance with the GatewayPorts
176 cal port is bound in accordance with the GatewayPorts setting. 194 setting. However, an explicit bind_address may be used to bind
177 However, an explicit bind_address may be used to bind the connec- 195 the connection to a specific address. The bind_address of
178 tion to a specific address. The bind_address of ``localhost'' 196 ``localhost'' indicates that the listening port be bound for
179 indicates that the listening port be bound for local use only, 197 local use only, while an empty address or `*' indicates that the
180 while an empty address or `*' indicates that the port should be 198 port should be available from all interfaces.
181 available from all interfaces.
182 199
183 Currently the SOCKS4 and SOCKS5 protocols are supported, and 200 Currently the SOCKS4 and SOCKS5 protocols are supported, and
184 ssh(1) will act as a SOCKS server. Multiple forwardings may be 201 ssh(1) will act as a SOCKS server. Multiple forwardings may be
@@ -196,9 +213,9 @@ DESCRIPTION
196 EscapeChar 213 EscapeChar
197 Sets the escape character (default: `~'). The escape character 214 Sets the escape character (default: `~'). The escape character
198 can also be set on the command line. The argument should be a 215 can also be set on the command line. The argument should be a
199 single character, `^' followed by a letter, or ``none'' to dis- 216 single character, `^' followed by a letter, or ``none'' to
200 able the escape character entirely (making the connection trans- 217 disable the escape character entirely (making the connection
201 parent for binary data). 218 transparent for binary data).
202 219
203 ExitOnForwardFailure 220 ExitOnForwardFailure
204 Specifies whether ssh(1) should terminate the connection if it 221 Specifies whether ssh(1) should terminate the connection if it
@@ -220,26 +237,34 @@ DESCRIPTION
220 the agent. 237 the agent.
221 238
222 ForwardX11 239 ForwardX11
223 Specifies whether X11 connections will be automatically redirect- 240 Specifies whether X11 connections will be automatically
224 ed over the secure channel and DISPLAY set. The argument must be 241 redirected over the secure channel and DISPLAY set. The argument
225 ``yes'' or ``no''. The default is ``no''. 242 must be ``yes'' or ``no''. The default is ``no''.
226 243
227 X11 forwarding should be enabled with caution. Users with the 244 X11 forwarding should be enabled with caution. Users with the
228 ability to bypass file permissions on the remote host (for the 245 ability to bypass file permissions on the remote host (for the
229 user's X11 authorization database) can access the local X11 dis- 246 user's X11 authorization database) can access the local X11
230 play through the forwarded connection. An attacker may then be 247 display through the forwarded connection. An attacker may then
231 able to perform activities such as keystroke monitoring if the 248 be able to perform activities such as keystroke monitoring if the
232 ForwardX11Trusted option is also enabled. 249 ForwardX11Trusted option is also enabled.
233 250
251 ForwardX11Timeout
252 Specify a timeout for untrusted X11 forwarding using the format
253 described in the TIME FORMATS section of sshd_config(5). X11
254 connections received by ssh(1) after this time will be refused.
255 The default is to disable untrusted X11 forwarding after twenty
256 minutes has elapsed.
257
234 ForwardX11Trusted 258 ForwardX11Trusted
235 If this option is set to ``yes'', remote X11 clients will have 259 If this option is set to ``yes'', remote X11 clients will have
236 full access to the original X11 display. 260 full access to the original X11 display.
237 261
238 If this option is set to ``no'', remote X11 clients will be con- 262 If this option is set to ``no'', remote X11 clients will be
239 sidered untrusted and prevented from stealing or tampering with 263 considered untrusted and prevented from stealing or tampering
240 data belonging to trusted X11 clients. Furthermore, the xauth(1) 264 with data belonging to trusted X11 clients. Furthermore, the
241 token used for the session will be set to expire after 20 min- 265 xauth(1) token used for the session will be set to expire after
242 utes. Remote clients will be refused access after this time. 266 20 minutes. Remote clients will be refused access after this
267 time.
243 268
244 The default is ``no''. 269 The default is ``no''.
245 270
@@ -250,11 +275,11 @@ DESCRIPTION
250 Specifies whether remote hosts are allowed to connect to local 275 Specifies whether remote hosts are allowed to connect to local
251 forwarded ports. By default, ssh(1) binds local port forwardings 276 forwarded ports. By default, ssh(1) binds local port forwardings
252 to the loopback address. This prevents other remote hosts from 277 to the loopback address. This prevents other remote hosts from
253 connecting to forwarded ports. GatewayPorts can be used to spec- 278 connecting to forwarded ports. GatewayPorts can be used to
254 ify that ssh should bind local port forwardings to the wildcard 279 specify that ssh should bind local port forwardings to the
255 address, thus allowing remote hosts to connect to forwarded 280 wildcard address, thus allowing remote hosts to connect to
256 ports. The argument must be ``yes'' or ``no''. The default is 281 forwarded ports. The argument must be ``yes'' or ``no''. The
257 ``no''. 282 default is ``no''.
258 283
259 GlobalKnownHostsFile 284 GlobalKnownHostsFile
260 Specifies a file to use for the global host key database instead 285 Specifies a file to use for the global host key database instead
@@ -267,23 +292,23 @@ DESCRIPTION
267 292
268 GSSAPIDelegateCredentials 293 GSSAPIDelegateCredentials
269 Forward (delegate) credentials to the server. The default is 294 Forward (delegate) credentials to the server. The default is
270 ``no''. Note that this option applies to protocol version 2 on- 295 ``no''. Note that this option applies to protocol version 2
271 ly. 296 only.
272 297
273 HashKnownHosts 298 HashKnownHosts
274 Indicates that ssh(1) should hash host names and addresses when 299 Indicates that ssh(1) should hash host names and addresses when
275 they are added to ~/.ssh/known_hosts. These hashed names may be 300 they are added to ~/.ssh/known_hosts. These hashed names may be
276 used normally by ssh(1) and sshd(8), but they do not reveal iden- 301 used normally by ssh(1) and sshd(8), but they do not reveal
277 tifying information should the file's contents be disclosed. The 302 identifying information should the file's contents be disclosed.
278 default is ``no''. Note that existing names and addresses in 303 The default is ``no''. Note that existing names and addresses in
279 known hosts files will not be converted automatically, but may be 304 known hosts files will not be converted automatically, but may be
280 manually hashed using ssh-keygen(1). 305 manually hashed using ssh-keygen(1).
281 306
282 HostbasedAuthentication 307 HostbasedAuthentication
283 Specifies whether to try rhosts based authentication with public 308 Specifies whether to try rhosts based authentication with public
284 key authentication. The argument must be ``yes'' or ``no''. The 309 key authentication. The argument must be ``yes'' or ``no''. The
285 default is ``no''. This option applies to protocol version 2 on- 310 default is ``no''. This option applies to protocol version 2
286 ly and is similar to RhostsRSAAuthentication. 311 only and is similar to RhostsRSAAuthentication.
287 312
288 HostKeyAlgorithms 313 HostKeyAlgorithms
289 Specifies the protocol version 2 host key algorithms that the 314 Specifies the protocol version 2 host key algorithms that the
@@ -293,15 +318,18 @@ DESCRIPTION
293 HostKeyAlias 318 HostKeyAlias
294 Specifies an alias that should be used instead of the real host 319 Specifies an alias that should be used instead of the real host
295 name when looking up or saving the host key in the host key 320 name when looking up or saving the host key in the host key
296 database files. This option is useful for tunneling SSH connec- 321 database files. This option is useful for tunneling SSH
297 tions or for multiple servers running on a single host. 322 connections or for multiple servers running on a single host.
298 323
299 HostName 324 HostName
300 Specifies the real host name to log into. This can be used to 325 Specifies the real host name to log into. This can be used to
301 specify nicknames or abbreviations for hosts. The default is the 326 specify nicknames or abbreviations for hosts. If the hostname
302 name given on the command line. Numeric IP addresses are also 327 contains the character sequence `%h', then this will be replaced
303 permitted (both on the command line and in HostName specifica- 328 with the host name specified on the commandline (this is useful
304 tions). 329 for manipulating unqualified names). The default is the name
330 given on the command line. Numeric IP addresses are also
331 permitted (both on the command line and in HostName
332 specifications).
305 333
306 IdentitiesOnly 334 IdentitiesOnly
307 Specifies that ssh(1) should only use the authentication identity 335 Specifies that ssh(1) should only use the authentication identity
@@ -314,90 +342,91 @@ DESCRIPTION
314 IdentityFile 342 IdentityFile
315 Specifies a file from which the user's RSA or DSA authentication 343 Specifies a file from which the user's RSA or DSA authentication
316 identity is read. The default is ~/.ssh/identity for protocol 344 identity is read. The default is ~/.ssh/identity for protocol
317 version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for protocol ver- 345 version 1, and ~/.ssh/id_rsa and ~/.ssh/id_dsa for protocol
318 sion 2. Additionally, any identities represented by the authen- 346 version 2. Additionally, any identities represented by the
319 tication agent will be used for authentication. ssh(1) will try 347 authentication agent will be used for authentication. ssh(1)
320 to load certificate information from the filename obtained by ap- 348 will try to load certificate information from the filename
321 pending -cert.pub to the path of a specified IdentityFile. 349 obtained by appending -cert.pub to the path of a specified
350 IdentityFile.
322 351
323 The file name may use the tilde syntax to refer to a user's home 352 The file name may use the tilde syntax to refer to a user's home
324 directory or one of the following escape characters: `%d' (local 353 directory or one of the following escape characters: `%d' (local
325 user's home directory), `%u' (local user name), `%l' (local host 354 user's home directory), `%u' (local user name), `%l' (local host
326 name), `%h' (remote host name) or `%r' (remote user name). 355 name), `%h' (remote host name) or `%r' (remote user name).
327 356
328 It is possible to have multiple identity files specified in con- 357 It is possible to have multiple identity files specified in
329 figuration files; all these identities will be tried in sequence. 358 configuration files; all these identities will be tried in
359 sequence.
330 360
331 KbdInteractiveAuthentication 361 KbdInteractiveAuthentication
332 Specifies whether to use keyboard-interactive authentication. 362 Specifies whether to use keyboard-interactive authentication.
333 The argument to this keyword must be ``yes'' or ``no''. The de- 363 The argument to this keyword must be ``yes'' or ``no''. The
334 fault is ``yes''. 364 default is ``yes''.
335 365
336 KbdInteractiveDevices 366 KbdInteractiveDevices
337 Specifies the list of methods to use in keyboard-interactive au- 367 Specifies the list of methods to use in keyboard-interactive
338 thentication. Multiple method names must be comma-separated. 368 authentication. Multiple method names must be comma-separated.
339 The default is to use the server specified list. The methods 369 The default is to use the server specified list. The methods
340 available vary depending on what the server supports. For an 370 available vary depending on what the server supports. For an
341 OpenSSH server, it may be zero or more of: ``bsdauth'', ``pam'', 371 OpenSSH server, it may be zero or more of: ``bsdauth'', ``pam'',
342 and ``skey''. 372 and ``skey''.
343 373
344 LocalCommand 374 LocalCommand
345 Specifies a command to execute on the local machine after suc- 375 Specifies a command to execute on the local machine after
346 cessfully connecting to the server. The command string extends 376 successfully connecting to the server. The command string
347 to the end of the line, and is executed with the user's shell. 377 extends to the end of the line, and is executed with the user's
348 The following escape character substitutions will be performed: 378 shell. The following escape character substitutions will be
349 `%d' (local user's home directory), `%h' (remote host name), `%l' 379 performed: `%d' (local user's home directory), `%h' (remote host
350 (local host name), `%n' (host name as provided on the command 380 name), `%l' (local host name), `%n' (host name as provided on the
351 line), `%p' (remote port), `%r' (remote user name) or `%u' (local 381 command line), `%p' (remote port), `%r' (remote user name) or
352 user name). 382 `%u' (local user name).
353 383
354 The command is run synchronously and does not have access to the 384 The command is run synchronously and does not have access to the
355 session of the ssh(1) that spawned it. It should not be used for 385 session of the ssh(1) that spawned it. It should not be used for
356 interactive commands. 386 interactive commands.
357 387
358 This directive is ignored unless PermitLocalCommand has been en- 388 This directive is ignored unless PermitLocalCommand has been
359 abled. 389 enabled.
360 390
361 LocalForward 391 LocalForward
362 Specifies that a TCP port on the local machine be forwarded over 392 Specifies that a TCP port on the local machine be forwarded over
363 the secure channel to the specified host and port from the remote 393 the secure channel to the specified host and port from the remote
364 machine. The first argument must be [bind_address:]port and the 394 machine. The first argument must be [bind_address:]port and the
365 second argument must be host:hostport. IPv6 addresses can be 395 second argument must be host:hostport. IPv6 addresses can be
366 specified by enclosing addresses in square brackets or by using 396 specified by enclosing addresses in square brackets. Multiple
367 an alternative syntax: [bind_address/]port and host/hostport. 397 forwardings may be specified, and additional forwardings can be
368 Multiple forwardings may be specified, and additional forwardings 398 given on the command line. Only the superuser can forward
369 can be given on the command line. Only the superuser can forward 399 privileged ports. By default, the local port is bound in
370 privileged ports. By default, the local port is bound in accor- 400 accordance with the GatewayPorts setting. However, an explicit
371 dance with the GatewayPorts setting. However, an explicit 401 bind_address may be used to bind the connection to a specific
372 bind_address may be used to bind the connection to a specific ad- 402 address. The bind_address of ``localhost'' indicates that the
373 dress. The bind_address of ``localhost'' indicates that the lis- 403 listening port be bound for local use only, while an empty
374 tening port be bound for local use only, while an empty address 404 address or `*' indicates that the port should be available from
375 or `*' indicates that the port should be available from all in- 405 all interfaces.
376 terfaces.
377 406
378 LogLevel 407 LogLevel
379 Gives the verbosity level that is used when logging messages from 408 Gives the verbosity level that is used when logging messages from
380 ssh(1). The possible values are: QUIET, FATAL, ERROR, INFO, VER- 409 ssh(1). The possible values are: QUIET, FATAL, ERROR, INFO,
381 BOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO. 410 VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. The default is INFO.
382 DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify 411 DEBUG and DEBUG1 are equivalent. DEBUG2 and DEBUG3 each specify
383 higher levels of verbose output. 412 higher levels of verbose output.
384 413
385 MACs Specifies the MAC (message authentication code) algorithms in or- 414 MACs Specifies the MAC (message authentication code) algorithms in
386 der of preference. The MAC algorithm is used in protocol version 415 order of preference. The MAC algorithm is used in protocol
387 2 for data integrity protection. Multiple algorithms must be 416 version 2 for data integrity protection. Multiple algorithms
388 comma-separated. The default is: 417 must be comma-separated. The default is:
389 418
390 hmac-md5,hmac-sha1,umac-64@openssh.com, 419 hmac-md5,hmac-sha1,umac-64@openssh.com,
391 hmac-ripemd160,hmac-sha1-96,hmac-md5-96 420 hmac-ripemd160,hmac-sha1-96,hmac-md5-96
392 421
393 NoHostAuthenticationForLocalhost 422 NoHostAuthenticationForLocalhost
394 This option can be used if the home directory is shared across 423 This option can be used if the home directory is shared across
395 machines. In this case localhost will refer to a different ma- 424 machines. In this case localhost will refer to a different
396 chine on each of the machines and the user will get many warnings 425 machine on each of the machines and the user will get many
397 about changed host keys. However, this option disables host au- 426 warnings about changed host keys. However, this option disables
398 thentication for localhost. The argument to this keyword must be 427 host authentication for localhost. The argument to this keyword
399 ``yes'' or ``no''. The default is to check the host key for lo- 428 must be ``yes'' or ``no''. The default is to check the host key
400 calhost. 429 for localhost.
401 430
402 NumberOfPasswordPrompts 431 NumberOfPasswordPrompts
403 Specifies the number of password prompts before giving up. The 432 Specifies the number of password prompts before giving up. The
@@ -409,43 +438,47 @@ DESCRIPTION
409 ``yes''. 438 ``yes''.
410 439
411 PermitLocalCommand 440 PermitLocalCommand
412 Allow local command execution via the LocalCommand option or us- 441 Allow local command execution via the LocalCommand option or
413 ing the !command escape sequence in ssh(1). The argument must be 442 using the !command escape sequence in ssh(1). The argument must
414 ``yes'' or ``no''. The default is ``no''. 443 be ``yes'' or ``no''. The default is ``no''.
415 444
416 PKCS11Provider 445 PKCS11Provider
417 Specifies which PKCS#11 provider to use. The argument to this 446 Specifies which PKCS#11 provider to use. The argument to this
418 keyword is the PKCS#11 shared libary ssh(1) should use to commu- 447 keyword is the PKCS#11 shared libary ssh(1) should use to
419 nicate with a PKCS#11 token providing the user's private RSA key. 448 communicate with a PKCS#11 token providing the user's private RSA
449 key.
420 450
421 Port Specifies the port number to connect on the remote host. The de- 451 Port Specifies the port number to connect on the remote host. The
422 fault is 22. 452 default is 22.
423 453
424 PreferredAuthentications 454 PreferredAuthentications
425 Specifies the order in which the client should try protocol 2 au- 455 Specifies the order in which the client should try protocol 2
426 thentication methods. This allows a client to prefer one method 456 authentication methods. This allows a client to prefer one
427 (e.g. keyboard-interactive) over another method (e.g. password) 457 method (e.g. keyboard-interactive) over another method (e.g.
428 The default for this option is: ``gssapi-with- 458 password). The default is:
429 mic,hostbased,publickey,keyboard-interactive,password''. 459
460 gssapi-with-mic,hostbased,publickey,
461 keyboard-interactive,password
430 462
431 Protocol 463 Protocol
432 Specifies the protocol versions ssh(1) should support in order of 464 Specifies the protocol versions ssh(1) should support in order of
433 preference. The possible values are `1' and `2'. Multiple ver- 465 preference. The possible values are `1' and `2'. Multiple
434 sions must be comma-separated. When this option is set to 466 versions must be comma-separated. When this option is set to
435 ``2,1'' ssh will try version 2 and fall back to version 1 if ver- 467 ``2,1'' ssh will try version 2 and fall back to version 1 if
436 sion 2 is not available. The default is `2'. 468 version 2 is not available. The default is `2'.
437 469
438 ProxyCommand 470 ProxyCommand
439 Specifies the command to use to connect to the server. The com- 471 Specifies the command to use to connect to the server. The
440 mand string extends to the end of the line, and is executed with 472 command string extends to the end of the line, and is executed
441 the user's shell. In the command string, `%h' will be substitut- 473 with the user's shell. In the command string, any occurrence of
442 ed by the host name to connect and `%p' by the port. The command 474 `%h' will be substituted by the host name to connect, `%p' by the
443 can be basically anything, and should read from its standard in- 475 port, and `%r' by the remote user name. The command can be
444 put and write to its standard output. It should eventually con- 476 basically anything, and should read from its standard input and
445 nect an sshd(8) server running on some machine, or execute sshd 477 write to its standard output. It should eventually connect an
446 -i somewhere. Host key management will be done using the Host- 478 sshd(8) server running on some machine, or execute sshd -i
447 Name of the host being connected (defaulting to the name typed by 479 somewhere. Host key management will be done using the HostName
448 the user). Setting the command to ``none'' disables this option 480 of the host being connected (defaulting to the name typed by the
481 user). Setting the command to ``none'' disables this option
449 entirely. Note that CheckHostIP is not available for connects 482 entirely. Note that CheckHostIP is not available for connects
450 with a proxy command. 483 with a proxy command.
451 484
@@ -461,32 +494,32 @@ DESCRIPTION
461 ``yes''. This option applies to protocol version 2 only. 494 ``yes''. This option applies to protocol version 2 only.
462 495
463 RekeyLimit 496 RekeyLimit
464 Specifies the maximum amount of data that may be transmitted be- 497 Specifies the maximum amount of data that may be transmitted
465 fore the session key is renegotiated. The argument is the number 498 before the session key is renegotiated. The argument is the
466 of bytes, with an optional suffix of `K', `M', or `G' to indicate 499 number of bytes, with an optional suffix of `K', `M', or `G' to
467 Kilobytes, Megabytes, or Gigabytes, respectively. The default is 500 indicate Kilobytes, Megabytes, or Gigabytes, respectively. The
468 between `1G' and `4G', depending on the cipher. This option ap- 501 default is between `1G' and `4G', depending on the cipher. This
469 plies to protocol version 2 only. 502 option applies to protocol version 2 only.
470 503
471 RemoteForward 504 RemoteForward
472 Specifies that a TCP port on the remote machine be forwarded over 505 Specifies that a TCP port on the remote machine be forwarded over
473 the secure channel to the specified host and port from the local 506 the secure channel to the specified host and port from the local
474 machine. The first argument must be [bind_address:]port and the 507 machine. The first argument must be [bind_address:]port and the
475 second argument must be host:hostport. IPv6 addresses can be 508 second argument must be host:hostport. IPv6 addresses can be
476 specified by enclosing addresses in square brackets or by using 509 specified by enclosing addresses in square brackets. Multiple
477 an alternative syntax: [bind_address/]port and host/hostport. 510 forwardings may be specified, and additional forwardings can be
478 Multiple forwardings may be specified, and additional forwardings 511 given on the command line. Privileged ports can be forwarded
479 can be given on the command line. Privileged ports can be for- 512 only when logging in as root on the remote machine.
480 warded only when logging in as root on the remote machine.
481 513
482 If the port argument is `0', the listen port will be dynamically 514 If the port argument is `0', the listen port will be dynamically
483 allocated on the server and reported to the client at run time. 515 allocated on the server and reported to the client at run time.
484 516
485 If the bind_address is not specified, the default is to only bind 517 If the bind_address is not specified, the default is to only bind
486 to loopback addresses. If the bind_address is `*' or an empty 518 to loopback addresses. If the bind_address is `*' or an empty
487 string, then the forwarding is requested to listen on all inter- 519 string, then the forwarding is requested to listen on all
488 faces. Specifying a remote bind_address will only succeed if the 520 interfaces. Specifying a remote bind_address will only succeed
489 server's GatewayPorts option is enabled (see sshd_config(5)). 521 if the server's GatewayPorts option is enabled (see
522 sshd_config(5)).
490 523
491 RhostsRSAAuthentication 524 RhostsRSAAuthentication
492 Specifies whether to try rhosts based authentication with RSA 525 Specifies whether to try rhosts based authentication with RSA
@@ -497,9 +530,9 @@ DESCRIPTION
497 RSAAuthentication 530 RSAAuthentication
498 Specifies whether to try RSA authentication. The argument to 531 Specifies whether to try RSA authentication. The argument to
499 this keyword must be ``yes'' or ``no''. RSA authentication will 532 this keyword must be ``yes'' or ``no''. RSA authentication will
500 only be attempted if the identity file exists, or an authentica- 533 only be attempted if the identity file exists, or an
501 tion agent is running. The default is ``yes''. Note that this 534 authentication agent is running. The default is ``yes''. Note
502 option applies to protocol version 1 only. 535 that this option applies to protocol version 1 only.
503 536
504 SendEnv 537 SendEnv
505 Specifies what variables from the local environ(7) should be sent 538 Specifies what variables from the local environ(7) should be sent
@@ -507,25 +540,25 @@ DESCRIPTION
507 for protocol 2. The server must also support it, and the server 540 for protocol 2. The server must also support it, and the server
508 must be configured to accept these environment variables. Refer 541 must be configured to accept these environment variables. Refer
509 to AcceptEnv in sshd_config(5) for how to configure the server. 542 to AcceptEnv in sshd_config(5) for how to configure the server.
510 Variables are specified by name, which may contain wildcard char- 543 Variables are specified by name, which may contain wildcard
511 acters. Multiple environment variables may be separated by 544 characters. Multiple environment variables may be separated by
512 whitespace or spread across multiple SendEnv directives. The de- 545 whitespace or spread across multiple SendEnv directives. The
513 fault is not to send any environment variables. 546 default is not to send any environment variables.
514 547
515 See PATTERNS for more information on patterns. 548 See PATTERNS for more information on patterns.
516 549
517 ServerAliveCountMax 550 ServerAliveCountMax
518 Sets the number of server alive messages (see below) which may be 551 Sets the number of server alive messages (see below) which may be
519 sent without ssh(1) receiving any messages back from the server. 552 sent without ssh(1) receiving any messages back from the server.
520 If this threshold is reached while server alive messages are be- 553 If this threshold is reached while server alive messages are
521 ing sent, ssh will disconnect from the server, terminating the 554 being sent, ssh will disconnect from the server, terminating the
522 session. It is important to note that the use of server alive 555 session. It is important to note that the use of server alive
523 messages is very different from TCPKeepAlive (below). The server 556 messages is very different from TCPKeepAlive (below). The server
524 alive messages are sent through the encrypted channel and there- 557 alive messages are sent through the encrypted channel and
525 fore will not be spoofable. The TCP keepalive option enabled by 558 therefore will not be spoofable. The TCP keepalive option
526 TCPKeepAlive is spoofable. The server alive mechanism is valu- 559 enabled by TCPKeepAlive is spoofable. The server alive mechanism
527 able when the client or server depend on knowing when a connec- 560 is valuable when the client or server depend on knowing when a
528 tion has become inactive. 561 connection has become inactive.
529 562
530 The default value is 3. If, for example, ServerAliveInterval 563 The default value is 3. If, for example, ServerAliveInterval
531 (see below) is set to 15 and ServerAliveCountMax is left at the 564 (see below) is set to 15 and ServerAliveCountMax is left at the
@@ -542,27 +575,27 @@ DESCRIPTION
542 575
543 StrictHostKeyChecking 576 StrictHostKeyChecking
544 If this flag is set to ``yes'', ssh(1) will never automatically 577 If this flag is set to ``yes'', ssh(1) will never automatically
545 add host keys to the ~/.ssh/known_hosts file, and refuses to con- 578 add host keys to the ~/.ssh/known_hosts file, and refuses to
546 nect to hosts whose host key has changed. This provides maximum 579 connect to hosts whose host key has changed. This provides
547 protection against trojan horse attacks, though it can be annoy- 580 maximum protection against trojan horse attacks, though it can be
548 ing when the /etc/ssh/ssh_known_hosts file is poorly maintained 581 annoying when the /etc/ssh/ssh_known_hosts file is poorly
549 or when connections to new hosts are frequently made. This op- 582 maintained or when connections to new hosts are frequently made.
550 tion forces the user to manually add all new hosts. If this flag 583 This option forces the user to manually add all new hosts. If
551 is set to ``no'', ssh will automatically add new host keys to the 584 this flag is set to ``no'', ssh will automatically add new host
552 user known hosts files. If this flag is set to ``ask'', new host 585 keys to the user known hosts files. If this flag is set to
553 keys will be added to the user known host files only after the 586 ``ask'', new host keys will be added to the user known host files
554 user has confirmed that is what they really want to do, and ssh 587 only after the user has confirmed that is what they really want
555 will refuse to connect to hosts whose host key has changed. The 588 to do, and ssh will refuse to connect to hosts whose host key has
556 host keys of known hosts will be verified automatically in all 589 changed. The host keys of known hosts will be verified
557 cases. The argument must be ``yes'', ``no'', or ``ask''. The 590 automatically in all cases. The argument must be ``yes'',
558 default is ``ask''. 591 ``no'', or ``ask''. The default is ``ask''.
559 592
560 TCPKeepAlive 593 TCPKeepAlive
561 Specifies whether the system should send TCP keepalive messages 594 Specifies whether the system should send TCP keepalive messages
562 to the other side. If they are sent, death of the connection or 595 to the other side. If they are sent, death of the connection or
563 crash of one of the machines will be properly noticed. However, 596 crash of one of the machines will be properly noticed. However,
564 this means that connections will die if the route is down tem- 597 this means that connections will die if the route is down
565 porarily, and some people find it annoying. 598 temporarily, and some people find it annoying.
566 599
567 The default is ``yes'' (to send TCP keepalive messages), and the 600 The default is ``yes'' (to send TCP keepalive messages), and the
568 client will notice if the network goes down or the remote host 601 client will notice if the network goes down or the remote host
@@ -571,32 +604,32 @@ DESCRIPTION
571 To disable TCP keepalive messages, the value should be set to 604 To disable TCP keepalive messages, the value should be set to
572 ``no''. 605 ``no''.
573 606
574 Tunnel Request tun(4) device forwarding between the client and the serv- 607 Tunnel Request tun(4) device forwarding between the client and the
575 er. The argument must be ``yes'', ``point-to-point'' (layer 3), 608 server. The argument must be ``yes'', ``point-to-point'' (layer
576 ``ethernet'' (layer 2), or ``no''. Specifying ``yes'' requests 609 3), ``ethernet'' (layer 2), or ``no''. Specifying ``yes''
577 the default tunnel mode, which is ``point-to-point''. The de- 610 requests the default tunnel mode, which is ``point-to-point''.
578 fault is ``no''. 611 The default is ``no''.
579 612
580 TunnelDevice 613 TunnelDevice
581 Specifies the tun(4) devices to open on the client (local_tun) 614 Specifies the tun(4) devices to open on the client (local_tun)
582 and the server (remote_tun). 615 and the server (remote_tun).
583 616
584 The argument must be local_tun[:remote_tun]. The devices may be 617 The argument must be local_tun [:remote_tun]. The devices may be
585 specified by numerical ID or the keyword ``any'', which uses the 618 specified by numerical ID or the keyword ``any'', which uses the
586 next available tunnel device. If remote_tun is not specified, it 619 next available tunnel device. If remote_tun is not specified, it
587 defaults to ``any''. The default is ``any:any''. 620 defaults to ``any''. The default is ``any:any''.
588 621
589 UsePrivilegedPort 622 UsePrivilegedPort
590 Specifies whether to use a privileged port for outgoing connec- 623 Specifies whether to use a privileged port for outgoing
591 tions. The argument must be ``yes'' or ``no''. The default is 624 connections. The argument must be ``yes'' or ``no''. The
592 ``no''. If set to ``yes'', ssh(1) must be setuid root. Note 625 default is ``no''. If set to ``yes'', ssh(1) must be setuid
593 that this option must be set to ``yes'' for 626 root. Note that this option must be set to ``yes'' for
594 RhostsRSAAuthentication with older servers. 627 RhostsRSAAuthentication with older servers.
595 628
596 User Specifies the user to log in as. This can be useful when a dif- 629 User Specifies the user to log in as. This can be useful when a
597 ferent user name is used on different machines. This saves the 630 different user name is used on different machines. This saves
598 trouble of having to remember to give the user name on the com- 631 the trouble of having to remember to give the user name on the
599 mand line. 632 command line.
600 633
601 UserKnownHostsFile 634 UserKnownHostsFile
602 Specifies a file to use for the user host key database instead of 635 Specifies a file to use for the user host key database instead of
@@ -620,9 +653,9 @@ DESCRIPTION
620 If this flag is set to ``yes'', an ASCII art representation of 653 If this flag is set to ``yes'', an ASCII art representation of
621 the remote host key fingerprint is printed in addition to the hex 654 the remote host key fingerprint is printed in addition to the hex
622 fingerprint string at login and for unknown host keys. If this 655 fingerprint string at login and for unknown host keys. If this
623 flag is set to ``no'', no fingerprint strings are printed at lo- 656 flag is set to ``no'', no fingerprint strings are printed at
624 gin and only the hex fingerprint string will be printed for un- 657 login and only the hex fingerprint string will be printed for
625 known host keys. The default is ``no''. 658 unknown host keys. The default is ``no''.
626 659
627 XAuthLocation 660 XAuthLocation
628 Specifies the full pathname of the xauth(1) program. The default 661 Specifies the full pathname of the xauth(1) program. The default
@@ -631,9 +664,9 @@ DESCRIPTION
631PATTERNS 664PATTERNS
632 A pattern consists of zero or more non-whitespace characters, `*' (a 665 A pattern consists of zero or more non-whitespace characters, `*' (a
633 wildcard that matches zero or more characters), or `?' (a wildcard that 666 wildcard that matches zero or more characters), or `?' (a wildcard that
634 matches exactly one character). For example, to specify a set of decla- 667 matches exactly one character). For example, to specify a set of
635 rations for any host in the ``.co.uk'' set of domains, the following pat- 668 declarations for any host in the ``.co.uk'' set of domains, the following
636 tern could be used: 669 pattern could be used:
637 670
638 Host *.co.uk 671 Host *.co.uk
639 672
@@ -645,17 +678,18 @@ PATTERNS
645 A pattern-list is a comma-separated list of patterns. Patterns within 678 A pattern-list is a comma-separated list of patterns. Patterns within
646 pattern-lists may be negated by preceding them with an exclamation mark 679 pattern-lists may be negated by preceding them with an exclamation mark
647 (`!'). For example, to allow a key to be used from anywhere within an 680 (`!'). For example, to allow a key to be used from anywhere within an
648 organisation except from the ``dialup'' pool, the following entry (in au- 681 organisation except from the ``dialup'' pool, the following entry (in
649 thorized_keys) could be used: 682 authorized_keys) could be used:
650 683
651 from="!*.dialup.example.com,*.example.com" 684 from="!*.dialup.example.com,*.example.com"
652 685
653FILES 686FILES
654 ~/.ssh/config 687 ~/.ssh/config
655 This is the per-user configuration file. The format of this file 688 This is the per-user configuration file. The format of this file
656 is described above. This file is used by the SSH client. Be- 689 is described above. This file is used by the SSH client.
657 cause of the potential for abuse, this file must have strict per- 690 Because of the potential for abuse, this file must have strict
658 missions: read/write for the user, and not accessible by others. 691 permissions: read/write for the user, and not accessible by
692 others.
659 693
660 /etc/ssh/ssh_config 694 /etc/ssh/ssh_config
661 Systemwide configuration file. This file provides defaults for 695 Systemwide configuration file. This file provides defaults for
@@ -669,8 +703,8 @@ SEE ALSO
669AUTHORS 703AUTHORS
670 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 704 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
671 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 705 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
672 de Raadt and Dug Song removed many bugs, re-added newer features and cre- 706 de Raadt and Dug Song removed many bugs, re-added newer features and
673 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 707 created OpenSSH. Markus Friedl contributed the support for SSH protocol
674 versions 1.5 and 2.0. 708 versions 1.5 and 2.0.
675 709
676OpenBSD 4.7 March 26, 2010 11 710OpenBSD 4.8 August 4, 2010 OpenBSD 4.8
diff --git a/ssh_config.5 b/ssh_config.5
index 45496cfbc..2f0cd8c83 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,8 +34,8 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh_config.5,v 1.130 2010/03/26 01:06:13 dtucker Exp $ 37.\" $OpenBSD: ssh_config.5,v 1.138 2010/08/04 05:37:01 djm Exp $
38.Dd $Mdocdate: March 26 2010 $ 38.Dd $Mdocdate: August 4 2010 $
39.Dt SSH_CONFIG 5 39.Dt SSH_CONFIG 5
40.Os 40.Os
41.Sh NAME 41.Sh NAME
@@ -339,6 +339,28 @@ It is recommended that any
339used for opportunistic connection sharing include 339used for opportunistic connection sharing include
340at least %h, %p, and %r. 340at least %h, %p, and %r.
341This ensures that shared connections are uniquely identified. 341This ensures that shared connections are uniquely identified.
342.It Cm ControlPersist
343When used in conjunction with
344.Cm ControlMaster ,
345specifies that the master connection should remain open
346in the background (waiting for future client connections)
347after the initial client connection has been closed.
348If set to
349.Dq no ,
350then the master connection will not be placed into the background,
351and will close as soon as the initial client connection is closed.
352If set to
353.Dq yes ,
354then the master connection will remain in the background indefinitely
355(until killed or closed via a mechanism such as the
356.Xr ssh 1
357.Dq Fl O No exit
358option).
359If set to a time in seconds, or a time in any of the formats documented in
360.Xr sshd_config 5 ,
361then the backgrounded master connection will automatically terminate
362after it has remained idle (with no client connections) for the
363specified time.
342.It Cm DynamicForward 364.It Cm DynamicForward
343Specifies that a TCP port on the local machine be forwarded 365Specifies that a TCP port on the local machine be forwarded
344over the secure channel, and the application 366over the secure channel, and the application
@@ -349,9 +371,7 @@ The argument must be
349.Sm off 371.Sm off
350.Oo Ar bind_address : Oc Ar port . 372.Oo Ar bind_address : Oc Ar port .
351.Sm on 373.Sm on
352IPv6 addresses can be specified by enclosing addresses in square brackets or 374IPv6 addresses can be specified by enclosing addresses in square brackets.
353by using an alternative syntax:
354.Oo Ar bind_address Ns / Oc Ns Ar port .
355By default, the local port is bound in accordance with the 375By default, the local port is bound in accordance with the
356.Cm GatewayPorts 376.Cm GatewayPorts
357setting. 377setting.
@@ -452,6 +472,17 @@ An attacker may then be able to perform activities such as keystroke monitoring
452if the 472if the
453.Cm ForwardX11Trusted 473.Cm ForwardX11Trusted
454option is also enabled. 474option is also enabled.
475.It Cm ForwardX11Timeout
476Specify a timeout for untrusted X11 forwarding
477using the format described in the
478.Sx TIME FORMATS
479section of
480.Xr sshd_config 5 .
481X11 connections received by
482.Xr ssh 1
483after this time will be refused.
484The default is to disable untrusted X11 forwarding after twenty minutes has
485elapsed.
455.It Cm ForwardX11Trusted 486.It Cm ForwardX11Trusted
456If this option is set to 487If this option is set to
457.Dq yes , 488.Dq yes ,
@@ -577,6 +608,10 @@ or for multiple servers running on a single host.
577.It Cm HostName 608.It Cm HostName
578Specifies the real host name to log into. 609Specifies the real host name to log into.
579This can be used to specify nicknames or abbreviations for hosts. 610This can be used to specify nicknames or abbreviations for hosts.
611If the hostname contains the character sequence
612.Ql %h ,
613then this will be replaced with the host name specified on the commandline
614(this is useful for manipulating unqualified names).
580The default is the name given on the command line. 615The default is the name given on the command line.
581Numeric IP addresses are also permitted (both on the command line and in 616Numeric IP addresses are also permitted (both on the command line and in
582.Cm HostName 617.Cm HostName
@@ -692,11 +727,7 @@ The first argument must be
692.Sm on 727.Sm on
693and the second argument must be 728and the second argument must be
694.Ar host : Ns Ar hostport . 729.Ar host : Ns Ar hostport .
695IPv6 addresses can be specified by enclosing addresses in square brackets or 730IPv6 addresses can be specified by enclosing addresses in square brackets.
696by using an alternative syntax:
697.Oo Ar bind_address Ns / Oc Ns Ar port
698and
699.Ar host Ns / Ns Ar hostport .
700Multiple forwardings may be specified, and additional forwardings can be 731Multiple forwardings may be specified, and additional forwardings can be
701given on the command line. 732given on the command line.
702Only the superuser can forward privileged ports. 733Only the superuser can forward privileged ports.
@@ -783,10 +814,12 @@ authentication methods.
783This allows a client to prefer one method (e.g.\& 814This allows a client to prefer one method (e.g.\&
784.Cm keyboard-interactive ) 815.Cm keyboard-interactive )
785over another method (e.g.\& 816over another method (e.g.\&
786.Cm password ) 817.Cm password ) .
787The default for this option is: 818The default is:
788.Do gssapi-with-mic,hostbased,publickey,keyboard-interactive,password 819.Bd -literal -offset indent
789.Dc . 820gssapi-with-mic,hostbased,publickey,
821keyboard-interactive,password
822.Ed
790.It Cm Protocol 823.It Cm Protocol
791Specifies the protocol versions 824Specifies the protocol versions
792.Xr ssh 1 825.Xr ssh 1
@@ -808,12 +841,14 @@ Specifies the command to use to connect to the server.
808The command 841The command
809string extends to the end of the line, and is executed with 842string extends to the end of the line, and is executed with
810the user's shell. 843the user's shell.
811In the command string, 844In the command string, any occurrence of
812.Ql %h 845.Ql %h
813will be substituted by the host name to 846will be substituted by the host name to
814connect and 847connect,
815.Ql %p 848.Ql %p
816by the port. 849by the port, and
850.Ql %r
851by the remote user name.
817The command can be basically anything, 852The command can be basically anything,
818and should read from its standard input and write to its standard output. 853and should read from its standard input and write to its standard output.
819It should eventually connect an 854It should eventually connect an
@@ -872,11 +907,7 @@ The first argument must be
872.Sm on 907.Sm on
873and the second argument must be 908and the second argument must be
874.Ar host : Ns Ar hostport . 909.Ar host : Ns Ar hostport .
875IPv6 addresses can be specified by enclosing addresses in square brackets 910IPv6 addresses can be specified by enclosing addresses in square brackets.
876or by using an alternative syntax:
877.Oo Ar bind_address Ns / Oc Ns Ar port
878and
879.Ar host Ns / Ns Ar hostport .
880Multiple forwardings may be specified, and additional 911Multiple forwardings may be specified, and additional
881forwardings can be given on the command line. 912forwardings can be given on the command line.
882Privileged ports can be forwarded only when 913Privileged ports can be forwarded only when
diff --git a/sshconnect.c b/sshconnect.c
index b6fea4d7e..5b2da9136 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect.c,v 1.220 2010/03/04 10:36:03 djm Exp $ */ 1/* $OpenBSD: sshconnect.c,v 1.224 2010/04/16 21:14:27 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -101,8 +101,8 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command)
101 * (e.g. Solaris) 101 * (e.g. Solaris)
102 */ 102 */
103 xasprintf(&tmp, "exec %s", proxy_command); 103 xasprintf(&tmp, "exec %s", proxy_command);
104 command_string = percent_expand(tmp, "h", host, 104 command_string = percent_expand(tmp, "h", host, "p", strport,
105 "p", strport, (char *)NULL); 105 "r", options.user, (char *)NULL);
106 xfree(tmp); 106 xfree(tmp);
107 107
108 /* Create pipes for communicating with the proxy. */ 108 /* Create pipes for communicating with the proxy. */
@@ -586,9 +586,9 @@ check_host_cert(const char *host, const Key *host_key)
586 error("%s", reason); 586 error("%s", reason);
587 return 0; 587 return 0;
588 } 588 }
589 if (buffer_len(&host_key->cert->constraints) != 0) { 589 if (buffer_len(&host_key->cert->critical) != 0) {
590 error("Certificate for %s contains unsupported constraint(s)", 590 error("Certificate for %s contains unsupported "
591 host); 591 "critical options(s)", host);
592 return 0; 592 return 0;
593 } 593 }
594 return 1; 594 return 1;
@@ -739,7 +739,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port,
739 debug("Host '%.200s' is known and matches the %s host %s.", 739 debug("Host '%.200s' is known and matches the %s host %s.",
740 host, type, want_cert ? "certificate" : "key"); 740 host, type, want_cert ? "certificate" : "key");
741 debug("Found %s in %s:%d", 741 debug("Found %s in %s:%d",
742 want_cert ? "certificate" : "key", host_file, host_line); 742 want_cert ? "CA key" : "key", host_file, host_line);
743 if (want_cert && !check_host_cert(hostname, host_key)) 743 if (want_cert && !check_host_cert(hostname, host_key))
744 goto fail; 744 goto fail;
745 if (options.check_host_ip && ip_status == HOST_NEW) { 745 if (options.check_host_ip && ip_status == HOST_NEW) {
diff --git a/sshconnect2.c b/sshconnect2.c
index f10f6bf8c..8a9887a2e 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshconnect2.c,v 1.180 2010/02/26 20:29:54 djm Exp $ */ 1/* $OpenBSD: sshconnect2.c,v 1.183 2010/04/26 22:28:24 djm Exp $ */
2/* 2/*
3 * Copyright (c) 2000 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Damien Miller. All rights reserved. 4 * Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -247,7 +247,7 @@ struct Authctxt {
247 const char *host; 247 const char *host;
248 const char *service; 248 const char *service;
249 Authmethod *method; 249 Authmethod *method;
250 int success; 250 sig_atomic_t success;
251 char *authlist; 251 char *authlist;
252 /* pubkey */ 252 /* pubkey */
253 Idlist keys; 253 Idlist keys;
@@ -1250,8 +1250,11 @@ sign_and_send_pubkey(Authctxt *authctxt, Identity *id)
1250 u_int skip = 0; 1250 u_int skip = 0;
1251 int ret = -1; 1251 int ret = -1;
1252 int have_sig = 1; 1252 int have_sig = 1;
1253 char *fp;
1253 1254
1254 debug3("sign_and_send_pubkey"); 1255 fp = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX);
1256 debug3("sign_and_send_pubkey: %s %s", key_type(id->key), fp);
1257 xfree(fp);
1255 1258
1256 if (key_to_blob(id->key, &blob, &bloblen) == 0) { 1259 if (key_to_blob(id->key, &blob, &bloblen) == 0) {
1257 /* we cannot handle this key */ 1260 /* we cannot handle this key */
@@ -1510,7 +1513,8 @@ userauth_pubkey(Authctxt *authctxt)
1510 * private key instead 1513 * private key instead
1511 */ 1514 */
1512 if (id->key && id->key->type != KEY_RSA1) { 1515 if (id->key && id->key->type != KEY_RSA1) {
1513 debug("Offering public key: %s", id->filename); 1516 debug("Offering %s public key: %s", key_type(id->key),
1517 id->filename);
1514 sent = send_pubkey_test(authctxt, id); 1518 sent = send_pubkey_test(authctxt, id);
1515 } else if (id->key == NULL && id->filename) { 1519 } else if (id->key == NULL && id->filename) {
1516 debug("Trying private key: %s", id->filename); 1520 debug("Trying private key: %s", id->filename);
diff --git a/sshd.0 b/sshd.0
index 30bf6dede..a5d40c4d8 100644
--- a/sshd.0
+++ b/sshd.0
@@ -10,19 +10,19 @@ SYNOPSIS
10 10
11DESCRIPTION 11DESCRIPTION
12 sshd (OpenSSH Daemon) is the daemon program for ssh(1). Together these 12 sshd (OpenSSH Daemon) is the daemon program for ssh(1). Together these
13 programs replace rlogin(1) and rsh(1), and provide secure encrypted com- 13 programs replace rlogin(1) and rsh(1), and provide secure encrypted
14 munications between two untrusted hosts over an insecure network. 14 communications between two untrusted hosts over an insecure network.
15 15
16 sshd listens for connections from clients. It is normally started at 16 sshd listens for connections from clients. It is normally started at
17 boot from /etc/rc. It forks a new daemon for each incoming connection. 17 boot from /etc/rc. It forks a new daemon for each incoming connection.
18 The forked daemons handle key exchange, encryption, authentication, com- 18 The forked daemons handle key exchange, encryption, authentication,
19 mand execution, and data exchange. 19 command execution, and data exchange.
20 20
21 sshd can be configured using command-line options or a configuration file 21 sshd can be configured using command-line options or a configuration file
22 (by default sshd_config(5)); command-line options override values speci- 22 (by default sshd_config(5)); command-line options override values
23 fied in the configuration file. sshd rereads its configuration file when 23 specified in the configuration file. sshd rereads its configuration file
24 it receives a hangup signal, SIGHUP, by executing itself with the name 24 when it receives a hangup signal, SIGHUP, by executing itself with the
25 and options it was started with, e.g. /usr/sbin/sshd. 25 name and options it was started with, e.g. /usr/sbin/sshd.
26 26
27 The options are as follows: 27 The options are as follows:
28 28
@@ -38,87 +38,89 @@ DESCRIPTION
38 Specify the connection parameters to use for the -T extended test 38 Specify the connection parameters to use for the -T extended test
39 mode. If provided, any Match directives in the configuration 39 mode. If provided, any Match directives in the configuration
40 file that would apply to the specified user, host, and address 40 file that would apply to the specified user, host, and address
41 will be set before the configuration is written to standard out- 41 will be set before the configuration is written to standard
42 put. The connection parameters are supplied as keyword=value 42 output. The connection parameters are supplied as keyword=value
43 pairs. The keywords are ``user'', ``host'', and ``addr''. All 43 pairs. The keywords are ``user'', ``host'', and ``addr''. All
44 are required and may be supplied in any order, either with multi- 44 are required and may be supplied in any order, either with
45 ple -C options or as a comma-separated list. 45 multiple -C options or as a comma-separated list.
46 46
47 -c host_certificate_file 47 -c host_certificate_file
48 Specifies a path to a certificate file to identify sshd during 48 Specifies a path to a certificate file to identify sshd during
49 key exchange. The certificate file must match a host key file 49 key exchange. The certificate file must match a host key file
50 specified using the -h option or the HostKey configuration direc- 50 specified using the -h option or the HostKey configuration
51 tive. 51 directive.
52 52
53 -D When this option is specified, sshd will not detach and does not 53 -D When this option is specified, sshd will not detach and does not
54 become a daemon. This allows easy monitoring of sshd. 54 become a daemon. This allows easy monitoring of sshd.
55 55
56 -d Debug mode. The server sends verbose debug output to standard 56 -d Debug mode. The server sends verbose debug output to standard
57 error, and does not put itself in the background. The server al- 57 error, and does not put itself in the background. The server
58 so will not fork and will only process one connection. This op- 58 also will not fork and will only process one connection. This
59 tion is only intended for debugging for the server. Multiple -d 59 option is only intended for debugging for the server. Multiple
60 options increase the debugging level. Maximum is 3. 60 -d options increase the debugging level. Maximum is 3.
61 61
62 -e When this option is specified, sshd will send the output to the 62 -e When this option is specified, sshd will send the output to the
63 standard error instead of the system log. 63 standard error instead of the system log.
64 64
65 -f config_file 65 -f config_file
66 Specifies the name of the configuration file. The default is 66 Specifies the name of the configuration file. The default is
67 /etc/ssh/sshd_config. sshd refuses to start if there is no con- 67 /etc/ssh/sshd_config. sshd refuses to start if there is no
68 figuration file. 68 configuration file.
69 69
70 -g login_grace_time 70 -g login_grace_time
71 Gives the grace time for clients to authenticate themselves (de- 71 Gives the grace time for clients to authenticate themselves
72 fault 120 seconds). If the client fails to authenticate the user 72 (default 120 seconds). If the client fails to authenticate the
73 within this many seconds, the server disconnects and exits. A 73 user within this many seconds, the server disconnects and exits.
74 value of zero indicates no limit. 74 A value of zero indicates no limit.
75 75
76 -h host_key_file 76 -h host_key_file
77 Specifies a file from which a host key is read. This option must 77 Specifies a file from which a host key is read. This option must
78 be given if sshd is not run as root (as the normal host key files 78 be given if sshd is not run as root (as the normal host key files
79 are normally not readable by anyone but root). The default is 79 are normally not readable by anyone but root). The default is
80 /etc/ssh/ssh_host_key for protocol version 1, and 80 /etc/ssh/ssh_host_key for protocol version 1, and
81 /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro- 81 /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for
82 tocol version 2. It is possible to have multiple host key files 82 protocol version 2. It is possible to have multiple host key
83 for the different protocol versions and host key algorithms. 83 files for the different protocol versions and host key
84 algorithms.
84 85
85 -i Specifies that sshd is being run from inetd(8). sshd is normally 86 -i Specifies that sshd is being run from inetd(8). sshd is normally
86 not run from inetd because it needs to generate the server key 87 not run from inetd because it needs to generate the server key
87 before it can respond to the client, and this may take tens of 88 before it can respond to the client, and this may take tens of
88 seconds. Clients would have to wait too long if the key was re- 89 seconds. Clients would have to wait too long if the key was
89 generated every time. However, with small key sizes (e.g. 512) 90 regenerated every time. However, with small key sizes (e.g. 512)
90 using sshd from inetd may be feasible. 91 using sshd from inetd may be feasible.
91 92
92 -k key_gen_time 93 -k key_gen_time
93 Specifies how often the ephemeral protocol version 1 server key 94 Specifies how often the ephemeral protocol version 1 server key
94 is regenerated (default 3600 seconds, or one hour). The motiva- 95 is regenerated (default 3600 seconds, or one hour). The
95 tion for regenerating the key fairly often is that the key is not 96 motivation for regenerating the key fairly often is that the key
96 stored anywhere, and after about an hour it becomes impossible to 97 is not stored anywhere, and after about an hour it becomes
97 recover the key for decrypting intercepted communications even if 98 impossible to recover the key for decrypting intercepted
98 the machine is cracked into or physically seized. A value of ze- 99 communications even if the machine is cracked into or physically
99 ro indicates that the key will never be regenerated. 100 seized. A value of zero indicates that the key will never be
101 regenerated.
100 102
101 -o option 103 -o option
102 Can be used to give options in the format used in the configura- 104 Can be used to give options in the format used in the
103 tion file. This is useful for specifying options for which there 105 configuration file. This is useful for specifying options for
104 is no separate command-line flag. For full details of the op- 106 which there is no separate command-line flag. For full details
105 tions, and their values, see sshd_config(5). 107 of the options, and their values, see sshd_config(5).
106 108
107 -p port 109 -p port
108 Specifies the port on which the server listens for connections 110 Specifies the port on which the server listens for connections
109 (default 22). Multiple port options are permitted. Ports speci- 111 (default 22). Multiple port options are permitted. Ports
110 fied in the configuration file with the Port option are ignored 112 specified in the configuration file with the Port option are
111 when a command-line port is specified. Ports specified using the 113 ignored when a command-line port is specified. Ports specified
112 ListenAddress option override command-line ports. 114 using the ListenAddress option override command-line ports.
113 115
114 -q Quiet mode. Nothing is sent to the system log. Normally the be- 116 -q Quiet mode. Nothing is sent to the system log. Normally the
115 ginning, authentication, and termination of each connection is 117 beginning, authentication, and termination of each connection is
116 logged. 118 logged.
117 119
118 -T Extended test mode. Check the validity of the configuration 120 -T Extended test mode. Check the validity of the configuration
119 file, output the effective configuration to stdout and then exit. 121 file, output the effective configuration to stdout and then exit.
120 Optionally, Match rules may be applied by specifying the connec- 122 Optionally, Match rules may be applied by specifying the
121 tion parameters using one or more -C options. 123 connection parameters using one or more -C options.
122 124
123 -t Test mode. Only check the validity of the configuration file and 125 -t Test mode. Only check the validity of the configuration file and
124 sanity of the keys. This is useful for updating sshd reliably as 126 sanity of the keys. This is useful for updating sshd reliably as
@@ -127,76 +129,76 @@ DESCRIPTION
127 -u len This option is used to specify the size of the field in the utmp 129 -u len This option is used to specify the size of the field in the utmp
128 structure that holds the remote host name. If the resolved host 130 structure that holds the remote host name. If the resolved host
129 name is longer than len, the dotted decimal value will be used 131 name is longer than len, the dotted decimal value will be used
130 instead. This allows hosts with very long host names that over- 132 instead. This allows hosts with very long host names that
131 flow this field to still be uniquely identified. Specifying -u0 133 overflow this field to still be uniquely identified. Specifying
132 indicates that only dotted decimal addresses should be put into 134 -u0 indicates that only dotted decimal addresses should be put
133 the utmp file. -u0 may also be used to prevent sshd from making 135 into the utmp file. -u0 may also be used to prevent sshd from
134 DNS requests unless the authentication mechanism or configuration 136 making DNS requests unless the authentication mechanism or
135 requires it. Authentication mechanisms that may require DNS in- 137 configuration requires it. Authentication mechanisms that may
136 clude RhostsRSAAuthentication, HostbasedAuthentication, and using 138 require DNS include RhostsRSAAuthentication,
137 a from="pattern-list" option in a key file. Configuration op- 139 HostbasedAuthentication, and using a from="pattern-list" option
138 tions that require DNS include using a USER@HOST pattern in 140 in a key file. Configuration options that require DNS include
139 AllowUsers or DenyUsers. 141 using a USER@HOST pattern in AllowUsers or DenyUsers.
140 142
141AUTHENTICATION 143AUTHENTICATION
142 The OpenSSH SSH daemon supports SSH protocols 1 and 2. The default is to 144 The OpenSSH SSH daemon supports SSH protocols 1 and 2. The default is to
143 use protocol 2 only, though this can be changed via the Protocol option 145 use protocol 2 only, though this can be changed via the Protocol option
144 in sshd_config(5). Protocol 2 supports both RSA and DSA keys; protocol 1 146 in sshd_config(5). Protocol 2 supports both RSA and DSA keys; protocol 1
145 only supports RSA keys. For both protocols, each host has a host-specif- 147 only supports RSA keys. For both protocols, each host has a host-
146 ic key, normally 2048 bits, used to identify the host. 148 specific key, normally 2048 bits, used to identify the host.
147 149
148 Forward security for protocol 1 is provided through an additional server 150 Forward security for protocol 1 is provided through an additional server
149 key, normally 768 bits, generated when the server starts. This key is 151 key, normally 768 bits, generated when the server starts. This key is
150 normally regenerated every hour if it has been used, and is never stored 152 normally regenerated every hour if it has been used, and is never stored
151 on disk. Whenever a client connects, the daemon responds with its public 153 on disk. Whenever a client connects, the daemon responds with its public
152 host and server keys. The client compares the RSA host key against its 154 host and server keys. The client compares the RSA host key against its
153 own database to verify that it has not changed. The client then gener- 155 own database to verify that it has not changed. The client then
154 ates a 256-bit random number. It encrypts this random number using both 156 generates a 256-bit random number. It encrypts this random number using
155 the host key and the server key, and sends the encrypted number to the 157 both the host key and the server key, and sends the encrypted number to
156 server. Both sides then use this random number as a session key which is 158 the server. Both sides then use this random number as a session key
157 used to encrypt all further communications in the session. The rest of 159 which is used to encrypt all further communications in the session. The
158 the session is encrypted using a conventional cipher, currently Blowfish 160 rest of the session is encrypted using a conventional cipher, currently
159 or 3DES, with 3DES being used by default. The client selects the encryp- 161 Blowfish or 3DES, with 3DES being used by default. The client selects
160 tion algorithm to use from those offered by the server. 162 the encryption algorithm to use from those offered by the server.
161 163
162 For protocol 2, forward security is provided through a Diffie-Hellman key 164 For protocol 2, forward security is provided through a Diffie-Hellman key
163 agreement. This key agreement results in a shared session key. The rest 165 agreement. This key agreement results in a shared session key. The rest
164 of the session is encrypted using a symmetric cipher, currently 128-bit 166 of the session is encrypted using a symmetric cipher, currently 128-bit
165 AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. The 167 AES, Blowfish, 3DES, CAST128, Arcfour, 192-bit AES, or 256-bit AES. The
166 client selects the encryption algorithm to use from those offered by the 168 client selects the encryption algorithm to use from those offered by the
167 server. Additionally, session integrity is provided through a crypto- 169 server. Additionally, session integrity is provided through a
168 graphic message authentication code (hmac-md5, hmac-sha1, umac-64 or 170 cryptographic message authentication code (hmac-md5, hmac-sha1, umac-64
169 hmac-ripemd160). 171 or hmac-ripemd160).
170 172
171 Finally, the server and the client enter an authentication dialog. The 173 Finally, the server and the client enter an authentication dialog. The
172 client tries to authenticate itself using host-based authentication, pub- 174 client tries to authenticate itself using host-based authentication,
173 lic key authentication, challenge-response authentication, or password 175 public key authentication, challenge-response authentication, or password
174 authentication. 176 authentication.
175 177
176 Regardless of the authentication type, the account is checked to ensure 178 Regardless of the authentication type, the account is checked to ensure
177 that it is accessible. An account is not accessible if it is locked, 179 that it is accessible. An account is not accessible if it is locked,
178 listed in DenyUsers or its group is listed in DenyGroups . The defini- 180 listed in DenyUsers or its group is listed in DenyGroups . The
179 tion of a locked account is system dependant. Some platforms have their 181 definition of a locked account is system dependant. Some platforms have
180 own account database (eg AIX) and some modify the passwd field ( `*LK*' 182 their own account database (eg AIX) and some modify the passwd field (
181 on Solaris and UnixWare, `*' on HP-UX, containing `Nologin' on Tru64, a 183 `*LK*' on Solaris and UnixWare, `*' on HP-UX, containing `Nologin' on
182 leading `*LOCKED*' on FreeBSD and a leading `!' on most Linuxes). If 184 Tru64, a leading `*LOCKED*' on FreeBSD and a leading `!' on most
183 there is a requirement to disable password authentication for the account 185 Linuxes). If there is a requirement to disable password authentication
184 while allowing still public-key, then the passwd field should be set to 186 for the account while allowing still public-key, then the passwd field
185 something other than these values (eg `NP' or `*NP*' ). 187 should be set to something other than these values (eg `NP' or `*NP*' ).
186 188
187 If the client successfully authenticates itself, a dialog for preparing 189 If the client successfully authenticates itself, a dialog for preparing
188 the session is entered. At this time the client may request things like 190 the session is entered. At this time the client may request things like
189 allocating a pseudo-tty, forwarding X11 connections, forwarding TCP con- 191 allocating a pseudo-tty, forwarding X11 connections, forwarding TCP
190 nections, or forwarding the authentication agent connection over the se- 192 connections, or forwarding the authentication agent connection over the
191 cure channel. 193 secure channel.
192 194
193 After this, the client either requests a shell or execution of a command. 195 After this, the client either requests a shell or execution of a command.
194 The sides then enter session mode. In this mode, either side may send 196 The sides then enter session mode. In this mode, either side may send
195 data at any time, and such data is forwarded to/from the shell or command 197 data at any time, and such data is forwarded to/from the shell or command
196 on the server side, and the user terminal in the client side. 198 on the server side, and the user terminal in the client side.
197 199
198 When the user program terminates and all forwarded X11 and other connec- 200 When the user program terminates and all forwarded X11 and other
199 tions have been closed, the server sends command exit status to the 201 connections have been closed, the server sends command exit status to the
200 client, and both sides exit. 202 client, and both sides exit.
201 203
202LOGIN PROCESS 204LOGIN PROCESS
@@ -230,11 +232,12 @@ LOGIN PROCESS
230 232
231SSHRC 233SSHRC
232 If the file ~/.ssh/rc exists, sh(1) runs it after reading the environment 234 If the file ~/.ssh/rc exists, sh(1) runs it after reading the environment
233 files but before starting the user's shell or command. It must not pro- 235 files but before starting the user's shell or command. It must not
234 duce any output on stdout; stderr must be used instead. If X11 forward- 236 produce any output on stdout; stderr must be used instead. If X11
235 ing is in use, it will receive the "proto cookie" pair in its standard 237 forwarding is in use, it will receive the "proto cookie" pair in its
236 input (and DISPLAY in its environment). The script must call xauth(1) 238 standard input (and DISPLAY in its environment). The script must call
237 because sshd will not run xauth automatically to add X11 cookies. 239 xauth(1) because sshd will not run xauth automatically to add X11
240 cookies.
238 241
239 The primary purpose of this file is to run any initialization routines 242 The primary purpose of this file is to run any initialization routines
240 which may be needed before the user's home directory becomes accessible; 243 which may be needed before the user's home directory becomes accessible;
@@ -263,33 +266,33 @@ AUTHORIZED_KEYS FILE FORMAT
263 ~/.ssh/authorized_keys. Each line of the file contains one key (empty 266 ~/.ssh/authorized_keys. Each line of the file contains one key (empty
264 lines and lines starting with a `#' are ignored as comments). Protocol 1 267 lines and lines starting with a `#' are ignored as comments). Protocol 1
265 public keys consist of the following space-separated fields: options, 268 public keys consist of the following space-separated fields: options,
266 bits, exponent, modulus, comment. Protocol 2 public key consist of: op- 269 bits, exponent, modulus, comment. Protocol 2 public key consist of:
267 tions, keytype, base64-encoded key, comment. The options field is op- 270 options, keytype, base64-encoded key, comment. The options field is
268 tional; its presence is determined by whether the line starts with a num- 271 optional; its presence is determined by whether the line starts with a
269 ber or not (the options field never starts with a number). The bits, ex- 272 number or not (the options field never starts with a number). The bits,
270 ponent, modulus, and comment fields give the RSA key for protocol version 273 exponent, modulus, and comment fields give the RSA key for protocol
271 1; the comment field is not used for anything (but may be convenient for 274 version 1; the comment field is not used for anything (but may be
272 the user to identify the key). For protocol version 2 the keytype is 275 convenient for the user to identify the key). For protocol version 2 the
273 ``ssh-dss'' or ``ssh-rsa''. 276 keytype is ``ssh-dss'' or ``ssh-rsa''.
274 277
275 Note that lines in this file are usually several hundred bytes long (be- 278 Note that lines in this file are usually several hundred bytes long
276 cause of the size of the public key encoding) up to a limit of 8 kilo- 279 (because of the size of the public key encoding) up to a limit of 8
277 bytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16 280 kilobytes, which permits DSA keys up to 8 kilobits and RSA keys up to 16
278 kilobits. You don't want to type them in; instead, copy the 281 kilobits. You don't want to type them in; instead, copy the
279 identity.pub, id_dsa.pub, or the id_rsa.pub file and edit it. 282 identity.pub, id_dsa.pub, or the id_rsa.pub file and edit it.
280 283
281 sshd enforces a minimum RSA key modulus size for protocol 1 and protocol 284 sshd enforces a minimum RSA key modulus size for protocol 1 and protocol
282 2 keys of 768 bits. 285 2 keys of 768 bits.
283 286
284 The options (if present) consist of comma-separated option specifica- 287 The options (if present) consist of comma-separated option
285 tions. No spaces are permitted, except within double quotes. The fol- 288 specifications. No spaces are permitted, except within double quotes.
286 lowing option specifications are supported (note that option keywords are 289 The following option specifications are supported (note that option
287 case-insensitive): 290 keywords are case-insensitive):
288 291
289 cert-authority 292 cert-authority
290 Specifies that the listed key is a certification authority (CA) 293 Specifies that the listed key is a certification authority (CA)
291 that is trusted to validate signed certificates for user authen- 294 that is trusted to validate signed certificates for user
292 tication. 295 authentication.
293 296
294 Certificates may encode access restrictions similar to these key 297 Certificates may encode access restrictions similar to these key
295 options. If both certificate restrictions and key options are 298 options. If both certificate restrictions and key options are
@@ -299,19 +302,19 @@ AUTHORIZED_KEYS FILE FORMAT
299 Specifies that the command is executed whenever this key is used 302 Specifies that the command is executed whenever this key is used
300 for authentication. The command supplied by the user (if any) is 303 for authentication. The command supplied by the user (if any) is
301 ignored. The command is run on a pty if the client requests a 304 ignored. The command is run on a pty if the client requests a
302 pty; otherwise it is run without a tty. If an 8-bit clean chan- 305 pty; otherwise it is run without a tty. If an 8-bit clean
303 nel is required, one must not request a pty or should specify no- 306 channel is required, one must not request a pty or should specify
304 pty. A quote may be included in the command by quoting it with a 307 no-pty. A quote may be included in the command by quoting it
305 backslash. This option might be useful to restrict certain pub- 308 with a backslash. This option might be useful to restrict
306 lic keys to perform just a specific operation. An example might 309 certain public keys to perform just a specific operation. An
307 be a key that permits remote backups but nothing else. Note that 310 example might be a key that permits remote backups but nothing
308 the client may specify TCP and/or X11 forwarding unless they are 311 else. Note that the client may specify TCP and/or X11 forwarding
309 explicitly prohibited. The command originally supplied by the 312 unless they are explicitly prohibited. The command originally
310 client is available in the SSH_ORIGINAL_COMMAND environment vari- 313 supplied by the client is available in the SSH_ORIGINAL_COMMAND
311 able. Note that this option applies to shell, command or subsys- 314 environment variable. Note that this option applies to shell,
312 tem execution. Also note that this command may be superseded by 315 command or subsystem execution. Also note that this command may
313 either a sshd_config(5) ForceCommand directive or a command em- 316 be superseded by either a sshd_config(5) ForceCommand directive
314 bedded in a certificate. 317 or a command embedded in a certificate.
315 318
316 environment="NAME=value" 319 environment="NAME=value"
317 Specifies that the string is to be added to the environment when 320 Specifies that the string is to be added to the environment when
@@ -327,9 +330,9 @@ AUTHORIZED_KEYS FILE FORMAT
327 present in the comma-separated list of patterns. See PATTERNS in 330 present in the comma-separated list of patterns. See PATTERNS in
328 ssh_config(5) for more information on patterns. 331 ssh_config(5) for more information on patterns.
329 332
330 In addition to the wildcard matching that may be applied to host- 333 In addition to the wildcard matching that may be applied to
331 names or addresses, a from stanza may match IP addresses using 334 hostnames or addresses, a from stanza may match IP addresses
332 CIDR address/masklen notation. 335 using CIDR address/masklen notation.
333 336
334 The purpose of this option is to optionally increase security: 337 The purpose of this option is to optionally increase security:
335 public key authentication by itself does not trust the network or 338 public key authentication by itself does not trust the network or
@@ -358,17 +361,25 @@ AUTHORIZED_KEYS FILE FORMAT
358 Any X11 forward requests by the client will return an error. 361 Any X11 forward requests by the client will return an error.
359 362
360 permitopen="host:port" 363 permitopen="host:port"
361 Limit local ``ssh -L'' port forwarding such that it may only con- 364 Limit local ``ssh -L'' port forwarding such that it may only
362 nect to the specified host and port. IPv6 addresses can be spec- 365 connect to the specified host and port. IPv6 addresses can be
363 ified with an alternative syntax: host/port. Multiple permitopen 366 specified by enclosing the address in square brackets. Multiple
364 options may be applied separated by commas. No pattern matching 367 permitopen options may be applied separated by commas. No
365 is performed on the specified hostnames, they must be literal do- 368 pattern matching is performed on the specified hostnames, they
366 mains or addresses. 369 must be literal domains or addresses.
370
371 principals="principals"
372 On a cert-authority line, specifies allowed principals for
373 certificate authentication as a comma-separated list. At least
374 one name from the list must appear in the certificate's list of
375 principals for the certificate to be accepted. This option is
376 ignored for keys that are not marked as trusted certificate
377 signers using the cert-authority option.
367 378
368 tunnel="n" 379 tunnel="n"
369 Force a tun(4) device on the server. Without this option, the 380 Force a tun(4) device on the server. Without this option, the
370 next available device will be used if the client requests a tun- 381 next available device will be used if the client requests a
371 nel. 382 tunnel.
372 383
373 An example authorized_keys file: 384 An example authorized_keys file:
374 385
@@ -386,13 +397,13 @@ AUTHORIZED_KEYS FILE FORMAT
386SSH_KNOWN_HOSTS FILE FORMAT 397SSH_KNOWN_HOSTS FILE FORMAT
387 The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host 398 The /etc/ssh/ssh_known_hosts and ~/.ssh/known_hosts files contain host
388 public keys for all known hosts. The global file should be prepared by 399 public keys for all known hosts. The global file should be prepared by
389 the administrator (optional), and the per-user file is maintained auto- 400 the administrator (optional), and the per-user file is maintained
390 matically: whenever the user connects from an unknown host, its key is 401 automatically: whenever the user connects from an unknown host, its key
391 added to the per-user file. 402 is added to the per-user file.
392 403
393 Each line in these files contains the following fields: markers (option- 404 Each line in these files contains the following fields: markers
394 al), hostnames, bits, exponent, modulus, comment. The fields are sepa- 405 (optional), hostnames, bits, exponent, modulus, comment. The fields are
395 rated by spaces. 406 separated by spaces.
396 407
397 The marker is optional, but if it is present then it must be one of 408 The marker is optional, but if it is present then it must be one of
398 ``@cert-authority'', to indicate that the line contains a certification 409 ``@cert-authority'', to indicate that the line contains a certification
@@ -400,20 +411,20 @@ SSH_KNOWN_HOSTS FILE FORMAT
400 on the line is revoked and must not ever be accepted. Only one marker 411 on the line is revoked and must not ever be accepted. Only one marker
401 should be used on a key line. 412 should be used on a key line.
402 413
403 Hostnames is a comma-separated list of patterns (`*' and `?' act as wild- 414 Hostnames is a comma-separated list of patterns (`*' and `?' act as
404 cards); each pattern in turn is matched against the canonical host name 415 wildcards); each pattern in turn is matched against the canonical host
405 (when authenticating a client) or against the user-supplied name (when 416 name (when authenticating a client) or against the user-supplied name
406 authenticating a server). A pattern may also be preceded by `!' to indi- 417 (when authenticating a server). A pattern may also be preceded by `!' to
407 cate negation: if the host name matches a negated pattern, it is not ac- 418 indicate negation: if the host name matches a negated pattern, it is not
408 cepted (by that line) even if it matched another pattern on the line. A 419 accepted (by that line) even if it matched another pattern on the line.
409 hostname or address may optionally be enclosed within `[' and `]' brack- 420 A hostname or address may optionally be enclosed within `[' and `]'
410 ets then followed by `:' and a non-standard port number. 421 brackets then followed by `:' and a non-standard port number.
411 422
412 Alternately, hostnames may be stored in a hashed form which hides host 423 Alternately, hostnames may be stored in a hashed form which hides host
413 names and addresses should the file's contents be disclosed. Hashed 424 names and addresses should the file's contents be disclosed. Hashed
414 hostnames start with a `|' character. Only one hashed hostname may ap- 425 hostnames start with a `|' character. Only one hashed hostname may
415 pear on a single line and none of the above negation or wildcard opera- 426 appear on a single line and none of the above negation or wildcard
416 tors may be applied. 427 operators may be applied.
417 428
418 Bits, exponent, and modulus are taken directly from the RSA host key; 429 Bits, exponent, and modulus are taken directly from the RSA host key;
419 they can be obtained, for example, from /etc/ssh/ssh_host_key.pub. The 430 they can be obtained, for example, from /etc/ssh/ssh_host_key.pub. The
@@ -431,23 +442,24 @@ SSH_KNOWN_HOSTS FILE FORMAT
431 The known hosts file also provides a facility to mark keys as revoked, 442 The known hosts file also provides a facility to mark keys as revoked,
432 for example when it is known that the associated private key has been 443 for example when it is known that the associated private key has been
433 stolen. Revoked keys are specified by including the ``@revoked'' marker 444 stolen. Revoked keys are specified by including the ``@revoked'' marker
434 at the beginning of the key line, and are never accepted for authentica- 445 at the beginning of the key line, and are never accepted for
435 tion or as certification authorities, but instead will produce a warning 446 authentication or as certification authorities, but instead will produce
436 from ssh(1) when they are encountered. 447 a warning from ssh(1) when they are encountered.
437 448
438 It is permissible (but not recommended) to have several lines or differ- 449 It is permissible (but not recommended) to have several lines or
439 ent host keys for the same names. This will inevitably happen when short 450 different host keys for the same names. This will inevitably happen when
440 forms of host names from different domains are put in the file. It is 451 short forms of host names from different domains are put in the file. It
441 possible that the files contain conflicting information; authentication 452 is possible that the files contain conflicting information;
442 is accepted if valid information can be found from either file. 453 authentication is accepted if valid information can be found from either
454 file.
443 455
444 Note that the lines in these files are typically hundreds of characters 456 Note that the lines in these files are typically hundreds of characters
445 long, and you definitely don't want to type in the host keys by hand. 457 long, and you definitely don't want to type in the host keys by hand.
446 Rather, generate them by a script, ssh-keyscan(1) or by taking 458 Rather, generate them by a script, ssh-keyscan(1) or by taking
447 /etc/ssh/ssh_host_key.pub and adding the host names at the front. 459 /etc/ssh/ssh_host_key.pub and adding the host names at the front.
448 ssh-keygen(1) also offers some basic automated editing for 460 ssh-keygen(1) also offers some basic automated editing for
449 ~/.ssh/known_hosts including removing hosts matching a host name and con- 461 ~/.ssh/known_hosts including removing hosts matching a host name and
450 verting all host names to their hashed representations. 462 converting all host names to their hashed representations.
451 463
452 An example ssh_known_hosts file: 464 An example ssh_known_hosts file:
453 465
@@ -465,18 +477,19 @@ SSH_KNOWN_HOSTS FILE FORMAT
465FILES 477FILES
466 ~/.hushlogin 478 ~/.hushlogin
467 This file is used to suppress printing the last login time and 479 This file is used to suppress printing the last login time and
468 /etc/motd, if PrintLastLog and PrintMotd, respectively, are en- 480 /etc/motd, if PrintLastLog and PrintMotd, respectively, are
469 abled. It does not suppress printing of the banner specified by 481 enabled. It does not suppress printing of the banner specified
470 Banner. 482 by Banner.
471 483
472 ~/.rhosts 484 ~/.rhosts
473 This file is used for host-based authentication (see ssh(1) for 485 This file is used for host-based authentication (see ssh(1) for
474 more information). On some machines this file may need to be 486 more information). On some machines this file may need to be
475 world-readable if the user's home directory is on an NFS parti- 487 world-readable if the user's home directory is on an NFS
476 tion, because sshd reads it as root. Additionally, this file 488 partition, because sshd reads it as root. Additionally, this
477 must be owned by the user, and must not have write permissions 489 file must be owned by the user, and must not have write
478 for anyone else. The recommended permission for most machines is 490 permissions for anyone else. The recommended permission for most
479 read/write for the user, and not accessible by others. 491 machines is read/write for the user, and not accessible by
492 others.
480 493
481 ~/.shosts 494 ~/.shosts
482 This file is used in exactly the same way as .rhosts, but allows 495 This file is used in exactly the same way as .rhosts, but allows
@@ -484,11 +497,11 @@ FILES
484 rlogin/rsh. 497 rlogin/rsh.
485 498
486 ~/.ssh/ 499 ~/.ssh/
487 This directory is the default location for all user-specific con- 500 This directory is the default location for all user-specific
488 figuration and authentication information. There is no general 501 configuration and authentication information. There is no
489 requirement to keep the entire contents of this directory secret, 502 general requirement to keep the entire contents of this directory
490 but the recommended permissions are read/write/execute for the 503 secret, but the recommended permissions are read/write/execute
491 user, and not accessible by others. 504 for the user, and not accessible by others.
492 505
493 ~/.ssh/authorized_keys 506 ~/.ssh/authorized_keys
494 Lists the public keys (RSA/DSA) that can be used for logging in 507 Lists the public keys (RSA/DSA) that can be used for logging in
@@ -499,8 +512,8 @@ FILES
499 512
500 If this file, the ~/.ssh directory, or the user's home directory 513 If this file, the ~/.ssh directory, or the user's home directory
501 are writable by other users, then the file could be modified or 514 are writable by other users, then the file could be modified or
502 replaced by unauthorized users. In this case, sshd will not al- 515 replaced by unauthorized users. In this case, sshd will not
503 low it to be used unless the StrictModes option has been set to 516 allow it to be used unless the StrictModes option has been set to
504 ``no''. 517 ``no''.
505 518
506 ~/.ssh/environment 519 ~/.ssh/environment
@@ -525,8 +538,8 @@ FILES
525 538
526 /etc/hosts.allow 539 /etc/hosts.allow
527 /etc/hosts.deny 540 /etc/hosts.deny
528 Access controls that should be enforced by tcp-wrappers are de- 541 Access controls that should be enforced by tcp-wrappers are
529 fined here. Further details are described in hosts_access(5). 542 defined here. Further details are described in hosts_access(5).
530 543
531 /etc/hosts.equiv 544 /etc/hosts.equiv
532 This file is for host-based authentication (see ssh(1)). It 545 This file is for host-based authentication (see ssh(1)). It
@@ -546,8 +559,8 @@ FILES
546 world-readable. 559 world-readable.
547 560
548 /etc/shosts.equiv 561 /etc/shosts.equiv
549 This file is used in exactly the same way as hosts.equiv, but al- 562 This file is used in exactly the same way as hosts.equiv, but
550 lows host-based authentication without permitting login with 563 allows host-based authentication without permitting login with
551 rlogin/rsh. 564 rlogin/rsh.
552 565
553 /etc/ssh/ssh_host_key 566 /etc/ssh/ssh_host_key
@@ -571,13 +584,13 @@ FILES
571 /etc/ssh/ssh_known_hosts 584 /etc/ssh/ssh_known_hosts
572 Systemwide list of known host keys. This file should be prepared 585 Systemwide list of known host keys. This file should be prepared
573 by the system administrator to contain the public host keys of 586 by the system administrator to contain the public host keys of
574 all machines in the organization. The format of this file is de- 587 all machines in the organization. The format of this file is
575 scribed above. This file should be writable only by root/the 588 described above. This file should be writable only by root/the
576 owner and should be world-readable. 589 owner and should be world-readable.
577 590
578 /etc/ssh/sshd_config 591 /etc/ssh/sshd_config
579 Contains configuration data for sshd. The file format and con- 592 Contains configuration data for sshd. The file format and
580 figuration options are described in sshd_config(5). 593 configuration options are described in sshd_config(5).
581 594
582 /etc/ssh/sshrc 595 /etc/ssh/sshrc
583 Similar to ~/.ssh/rc, it can be used to specify machine-specific 596 Similar to ~/.ssh/rc, it can be used to specify machine-specific
@@ -594,8 +607,8 @@ FILES
594 Contains the process ID of the sshd listening for connections (if 607 Contains the process ID of the sshd listening for connections (if
595 there are several daemons running concurrently for different 608 there are several daemons running concurrently for different
596 ports, this contains the process ID of the one started last). 609 ports, this contains the process ID of the one started last).
597 The content of this file is not sensitive; it can be world-read- 610 The content of this file is not sensitive; it can be world-
598 able. 611 readable.
599 612
600SEE ALSO 613SEE ALSO
601 scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1), 614 scp(1), sftp(1), ssh(1), ssh-add(1), ssh-agent(1), ssh-keygen(1),
@@ -605,13 +618,13 @@ SEE ALSO
605AUTHORS 618AUTHORS
606 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 619 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
607 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 620 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
608 de Raadt and Dug Song removed many bugs, re-added newer features and cre- 621 de Raadt and Dug Song removed many bugs, re-added newer features and
609 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 622 created OpenSSH. Markus Friedl contributed the support for SSH protocol
610 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 623 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
611 for privilege separation. 624 for privilege separation.
612 625
613CAVEATS 626CAVEATS
614 System security is not improved unless rshd, rlogind, and rexecd are dis- 627 System security is not improved unless rshd, rlogind, and rexecd are
615 abled (thus completely disabling rlogin and rsh into the machine). 628 disabled (thus completely disabling rlogin and rsh into the machine).
616 629
617OpenBSD 4.7 March 5, 2010 10 630OpenBSD 4.8 August 4, 2010 OpenBSD 4.8
diff --git a/sshd.8 b/sshd.8
index d784c0630..835a56344 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,8 +34,8 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd.8,v 1.255 2010/03/05 06:50:35 jmc Exp $ 37.\" $OpenBSD: sshd.8,v 1.257 2010/08/04 05:37:01 djm Exp $
38.Dd $Mdocdate: March 5 2010 $ 38.Dd $Mdocdate: August 4 2010 $
39.Dt SSHD 8 39.Dt SSHD 8
40.Os 40.Os
41.Sh NAME 41.Sh NAME
@@ -595,13 +595,23 @@ Limit local
595.Li ``ssh -L'' 595.Li ``ssh -L''
596port forwarding such that it may only connect to the specified host and 596port forwarding such that it may only connect to the specified host and
597port. 597port.
598IPv6 addresses can be specified with an alternative syntax: 598IPv6 addresses can be specified by enclosing the address in square brackets.
599.Ar host Ns / Ns Ar port .
600Multiple 599Multiple
601.Cm permitopen 600.Cm permitopen
602options may be applied separated by commas. 601options may be applied separated by commas.
603No pattern matching is performed on the specified hostnames, 602No pattern matching is performed on the specified hostnames,
604they must be literal domains or addresses. 603they must be literal domains or addresses.
604.It Cm principals="principals"
605On a
606.Cm cert-authority
607line, specifies allowed principals for certificate authentication as a
608comma-separated list.
609At least one name from the list must appear in the certificate's
610list of principals for the certificate to be accepted.
611This option is ignored for keys that are not marked as trusted certificate
612signers using the
613.Cm cert-authority
614option.
605.It Cm tunnel="n" 615.It Cm tunnel="n"
606Force a 616Force a
607.Xr tun 4 617.Xr tun 4
diff --git a/sshd.c b/sshd.c
index 75e267793..b58dd8f37 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshd.c,v 1.374 2010/03/07 11:57:13 dtucker Exp $ */ 1/* $OpenBSD: sshd.c,v 1.375 2010/04/16 01:47:26 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -749,6 +749,8 @@ list_hostkey_types(void)
749 if (key == NULL) 749 if (key == NULL)
750 continue; 750 continue;
751 switch (key->type) { 751 switch (key->type) {
752 case KEY_RSA_CERT_V00:
753 case KEY_DSA_CERT_V00:
752 case KEY_RSA_CERT: 754 case KEY_RSA_CERT:
753 case KEY_DSA_CERT: 755 case KEY_DSA_CERT:
754 if (buffer_len(&b) > 0) 756 if (buffer_len(&b) > 0)
@@ -772,10 +774,17 @@ get_hostkey_by_type(int type, int need_private)
772 Key *key; 774 Key *key;
773 775
774 for (i = 0; i < options.num_host_key_files; i++) { 776 for (i = 0; i < options.num_host_key_files; i++) {
775 if (type == KEY_RSA_CERT || type == KEY_DSA_CERT) 777 switch (type) {
778 case KEY_RSA_CERT_V00:
779 case KEY_DSA_CERT_V00:
780 case KEY_RSA_CERT:
781 case KEY_DSA_CERT:
776 key = sensitive_data.host_certificates[i]; 782 key = sensitive_data.host_certificates[i];
777 else 783 break;
784 default:
778 key = sensitive_data.host_keys[i]; 785 key = sensitive_data.host_keys[i];
786 break;
787 }
779 if (key != NULL && key->type == type) 788 if (key != NULL && key->type == type)
780 return need_private ? 789 return need_private ?
781 sensitive_data.host_keys[i] : key; 790 sensitive_data.host_keys[i] : key;
diff --git a/sshd_config.0 b/sshd_config.0
index 94935c07f..a49953851 100644
--- a/sshd_config.0
+++ b/sshd_config.0
@@ -8,21 +8,21 @@ SYNOPSIS
8 8
9DESCRIPTION 9DESCRIPTION
10 sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file 10 sshd(8) reads configuration data from /etc/ssh/sshd_config (or the file
11 specified with -f on the command line). The file contains keyword-argu- 11 specified with -f on the command line). The file contains keyword-
12 ment pairs, one per line. Lines starting with `#' and empty lines are 12 argument pairs, one per line. Lines starting with `#' and empty lines
13 interpreted as comments. Arguments may optionally be enclosed in double 13 are interpreted as comments. Arguments may optionally be enclosed in
14 quotes (") in order to represent arguments containing spaces. 14 double quotes (") in order to represent arguments containing spaces.
15 15
16 The possible keywords and their meanings are as follows (note that key- 16 The possible keywords and their meanings are as follows (note that
17 words are case-insensitive and arguments are case-sensitive): 17 keywords are case-insensitive and arguments are case-sensitive):
18 18
19 AcceptEnv 19 AcceptEnv
20 Specifies what environment variables sent by the client will be 20 Specifies what environment variables sent by the client will be
21 copied into the session's environ(7). See SendEnv in 21 copied into the session's environ(7). See SendEnv in
22 ssh_config(5) for how to configure the client. Note that envi- 22 ssh_config(5) for how to configure the client. Note that
23 ronment passing is only supported for protocol 2. Variables are 23 environment passing is only supported for protocol 2. Variables
24 specified by name, which may contain the wildcard characters `*' 24 are specified by name, which may contain the wildcard characters
25 and `?'. Multiple environment variables may be separated by 25 `*' and `?'. Multiple environment variables may be separated by
26 whitespace or spread across multiple AcceptEnv directives. Be 26 whitespace or spread across multiple AcceptEnv directives. Be
27 warned that some environment variables could be used to bypass 27 warned that some environment variables could be used to bypass
28 restricted user environments. For this reason, care should be 28 restricted user environments. For this reason, care should be
@@ -35,10 +35,10 @@ DESCRIPTION
35 (use IPv6 only). The default is ``any''. 35 (use IPv6 only). The default is ``any''.
36 36
37 AllowAgentForwarding 37 AllowAgentForwarding
38 Specifies whether ssh-agent(1) forwarding is permitted. The de- 38 Specifies whether ssh-agent(1) forwarding is permitted. The
39 fault is ``yes''. Note that disabling agent forwarding does not 39 default is ``yes''. Note that disabling agent forwarding does
40 improve security unless users are also denied shell access, as 40 not improve security unless users are also denied shell access,
41 they can always install their own forwarders. 41 as they can always install their own forwarders.
42 42
43 AllowGroups 43 AllowGroups
44 This keyword can be followed by a list of group name patterns, 44 This keyword can be followed by a list of group name patterns,
@@ -54,17 +54,17 @@ DESCRIPTION
54 54
55 AllowTcpForwarding 55 AllowTcpForwarding
56 Specifies whether TCP forwarding is permitted. The default is 56 Specifies whether TCP forwarding is permitted. The default is
57 ``yes''. Note that disabling TCP forwarding does not improve se- 57 ``yes''. Note that disabling TCP forwarding does not improve
58 curity unless users are also denied shell access, as they can al- 58 security unless users are also denied shell access, as they can
59 ways install their own forwarders. 59 always install their own forwarders.
60 60
61 AllowUsers 61 AllowUsers
62 This keyword can be followed by a list of user name patterns, 62 This keyword can be followed by a list of user name patterns,
63 separated by spaces. If specified, login is allowed only for us- 63 separated by spaces. If specified, login is allowed only for
64 er names that match one of the patterns. Only user names are 64 user names that match one of the patterns. Only user names are
65 valid; a numerical user ID is not recognized. By default, login 65 valid; a numerical user ID is not recognized. By default, login
66 is allowed for all users. If the pattern takes the form US- 66 is allowed for all users. If the pattern takes the form
67 ER@HOST then USER and HOST are separately checked, restricting 67 USER@HOST then USER and HOST are separately checked, restricting
68 logins to particular users from particular hosts. The allow/deny 68 logins to particular users from particular hosts. The allow/deny
69 directives are processed in the following order: DenyUsers, 69 directives are processed in the following order: DenyUsers,
70 AllowUsers, DenyGroups, and finally AllowGroups. 70 AllowUsers, DenyGroups, and finally AllowGroups.
@@ -73,14 +73,42 @@ DESCRIPTION
73 73
74 AuthorizedKeysFile 74 AuthorizedKeysFile
75 Specifies the file that contains the public keys that can be used 75 Specifies the file that contains the public keys that can be used
76 for user authentication. AuthorizedKeysFile may contain tokens 76 for user authentication. The format is described in the
77 of the form %T which are substituted during connection setup. 77 AUTHORIZED_KEYS FILE FORMAT section of sshd(8).
78 The following tokens are defined: %% is replaced by a literal 78 AuthorizedKeysFile may contain tokens of the form %T which are
79 '%', %h is replaced by the home directory of the user being au- 79 substituted during connection setup. The following tokens are
80 thenticated, and %u is replaced by the username of that user. 80 defined: %% is replaced by a literal '%', %h is replaced by the
81 After expansion, AuthorizedKeysFile is taken to be an absolute 81 home directory of the user being authenticated, and %u is
82 path or one relative to the user's home directory. The default 82 replaced by the username of that user. After expansion,
83 is ``.ssh/authorized_keys''. 83 AuthorizedKeysFile is taken to be an absolute path or one
84 relative to the user's home directory. The default is
85 ``.ssh/authorized_keys''.
86
87 AuthorizedPrincipalsFile
88 Specifies a file that lists principal names that are accepted for
89 certificate authentication. When using certificates signed by a
90 key listed in TrustedUserCAKeys, this file lists names, one of
91 which must appear in the certificate for it to be accepted for
92 authentication. Names are listed one per line preceded by key
93 options (as described in AUTHORIZED_KEYS FILE FORMAT in sshd(8)).
94 Empty lines and comments starting with `#' are ignored.
95
96 AuthorizedPrincipalsFile may contain tokens of the form %T which
97 are substituted during connection setup. The following tokens
98 are defined: %% is replaced by a literal '%', %h is replaced by
99 the home directory of the user being authenticated, and %u is
100 replaced by the username of that user. After expansion,
101 AuthorizedPrincipalsFile is taken to be an absolute path or one
102 relative to the user's home directory.
103
104 The default is not to use a principals file - in this case, the
105 username of the user must appear in a certificate's principals
106 list for it to be accepted. Note that AuthorizedPrincipalsFile
107 is only used when authentication proceeds using a CA listed in
108 TrustedUserCAKeys and is not consulted for certification
109 authorities trusted via ~/.ssh/authorized_keys, though the
110 principals= key option offers a similar facility (see sshd(8) for
111 details).
84 112
85 Banner The contents of the specified file are sent to the remote user 113 Banner The contents of the specified file are sent to the remote user
86 before authentication is allowed. If the argument is ``none'' 114 before authentication is allowed. If the argument is ``none''
@@ -93,27 +121,27 @@ DESCRIPTION
93 login.conf(5)) The default is ``yes''. 121 login.conf(5)) The default is ``yes''.
94 122
95 ChrootDirectory 123 ChrootDirectory
96 Specifies the pathname of a directory to chroot(2) to after au- 124 Specifies the pathname of a directory to chroot(2) to after
97 thentication. All components of the pathname must be root-owned 125 authentication. All components of the pathname must be root-
98 directories that are not writable by any other user or group. 126 owned directories that are not writable by any other user or
99 After the chroot, sshd(8) changes the working directory to the 127 group. After the chroot, sshd(8) changes the working directory
100 user's home directory. 128 to the user's home directory.
101 129
102 The pathname may contain the following tokens that are expanded 130 The pathname may contain the following tokens that are expanded
103 at runtime once the connecting user has been authenticated: %% is 131 at runtime once the connecting user has been authenticated: %% is
104 replaced by a literal '%', %h is replaced by the home directory 132 replaced by a literal '%', %h is replaced by the home directory
105 of the user being authenticated, and %u is replaced by the user- 133 of the user being authenticated, and %u is replaced by the
106 name of that user. 134 username of that user.
107 135
108 The ChrootDirectory must contain the necessary files and directo- 136 The ChrootDirectory must contain the necessary files and
109 ries to support the user's session. For an interactive session 137 directories to support the user's session. For an interactive
110 this requires at least a shell, typically sh(1), and basic /dev 138 session this requires at least a shell, typically sh(1), and
111 nodes such as null(4), zero(4), stdin(4), stdout(4), stderr(4), 139 basic /dev nodes such as null(4), zero(4), stdin(4), stdout(4),
112 arandom(4) and tty(4) devices. For file transfer sessions using 140 stderr(4), arandom(4) and tty(4) devices. For file transfer
113 ``sftp'', no additional configuration of the environment is nec- 141 sessions using ``sftp'', no additional configuration of the
114 essary if the in-process sftp server is used, though sessions 142 environment is necessary if the in-process sftp server is used,
115 which use logging do require /dev/log inside the chroot directory 143 though sessions which use logging do require /dev/log inside the
116 (see sftp-server(8) for details). 144 chroot directory (see sftp-server(8) for details).
117 145
118 The default is not to chroot(2). 146 The default is not to chroot(2).
119 147
@@ -132,28 +160,28 @@ DESCRIPTION
132 ClientAliveCountMax 160 ClientAliveCountMax
133 Sets the number of client alive messages (see below) which may be 161 Sets the number of client alive messages (see below) which may be
134 sent without sshd(8) receiving any messages back from the client. 162 sent without sshd(8) receiving any messages back from the client.
135 If this threshold is reached while client alive messages are be- 163 If this threshold is reached while client alive messages are
136 ing sent, sshd will disconnect the client, terminating the ses- 164 being sent, sshd will disconnect the client, terminating the
137 sion. It is important to note that the use of client alive mes- 165 session. It is important to note that the use of client alive
138 sages is very different from TCPKeepAlive (below). The client 166 messages is very different from TCPKeepAlive (below). The client
139 alive messages are sent through the encrypted channel and there- 167 alive messages are sent through the encrypted channel and
140 fore will not be spoofable. The TCP keepalive option enabled by 168 therefore will not be spoofable. The TCP keepalive option
141 TCPKeepAlive is spoofable. The client alive mechanism is valu- 169 enabled by TCPKeepAlive is spoofable. The client alive mechanism
142 able when the client or server depend on knowing when a connec- 170 is valuable when the client or server depend on knowing when a
143 tion has become inactive. 171 connection has become inactive.
144 172
145 The default value is 3. If ClientAliveInterval (see below) is 173 The default value is 3. If ClientAliveInterval (see below) is
146 set to 15, and ClientAliveCountMax is left at the default, unre- 174 set to 15, and ClientAliveCountMax is left at the default,
147 sponsive SSH clients will be disconnected after approximately 45 175 unresponsive SSH clients will be disconnected after approximately
148 seconds. This option applies to protocol version 2 only. 176 45 seconds. This option applies to protocol version 2 only.
149 177
150 ClientAliveInterval 178 ClientAliveInterval
151 Sets a timeout interval in seconds after which if no data has 179 Sets a timeout interval in seconds after which if no data has
152 been received from the client, sshd(8) will send a message 180 been received from the client, sshd(8) will send a message
153 through the encrypted channel to request a response from the 181 through the encrypted channel to request a response from the
154 client. The default is 0, indicating that these messages will 182 client. The default is 0, indicating that these messages will
155 not be sent to the client. This option applies to protocol ver- 183 not be sent to the client. This option applies to protocol
156 sion 2 only. 184 version 2 only.
157 185
158 Compression 186 Compression
159 Specifies whether compression is allowed, or delayed until the 187 Specifies whether compression is allowed, or delayed until the
@@ -164,9 +192,9 @@ DESCRIPTION
164 This keyword can be followed by a list of group name patterns, 192 This keyword can be followed by a list of group name patterns,
165 separated by spaces. Login is disallowed for users whose primary 193 separated by spaces. Login is disallowed for users whose primary
166 group or supplementary group list matches one of the patterns. 194 group or supplementary group list matches one of the patterns.
167 Only group names are valid; a numerical group ID is not recog- 195 Only group names are valid; a numerical group ID is not
168 nized. By default, login is allowed for all groups. The al- 196 recognized. By default, login is allowed for all groups. The
169 low/deny directives are processed in the following order: 197 allow/deny directives are processed in the following order:
170 DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups. 198 DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups.
171 199
172 See PATTERNS in ssh_config(5) for more information on patterns. 200 See PATTERNS in ssh_config(5) for more information on patterns.
@@ -174,20 +202,20 @@ DESCRIPTION
174 DenyUsers 202 DenyUsers
175 This keyword can be followed by a list of user name patterns, 203 This keyword can be followed by a list of user name patterns,
176 separated by spaces. Login is disallowed for user names that 204 separated by spaces. Login is disallowed for user names that
177 match one of the patterns. Only user names are valid; a numeri- 205 match one of the patterns. Only user names are valid; a
178 cal user ID is not recognized. By default, login is allowed for 206 numerical user ID is not recognized. By default, login is
179 all users. If the pattern takes the form USER@HOST then USER and 207 allowed for all users. If the pattern takes the form USER@HOST
180 HOST are separately checked, restricting logins to particular 208 then USER and HOST are separately checked, restricting logins to
181 users from particular hosts. The allow/deny directives are pro- 209 particular users from particular hosts. The allow/deny
182 cessed in the following order: DenyUsers, AllowUsers, DenyGroups, 210 directives are processed in the following order: DenyUsers,
183 and finally AllowGroups. 211 AllowUsers, DenyGroups, and finally AllowGroups.
184 212
185 See PATTERNS in ssh_config(5) for more information on patterns. 213 See PATTERNS in ssh_config(5) for more information on patterns.
186 214
187 ForceCommand 215 ForceCommand
188 Forces the execution of the command specified by ForceCommand, 216 Forces the execution of the command specified by ForceCommand,
189 ignoring any command supplied by the client and ~/.ssh/rc if pre- 217 ignoring any command supplied by the client and ~/.ssh/rc if
190 sent. The command is invoked by using the user's login shell 218 present. The command is invoked by using the user's login shell
191 with the -c option. This applies to shell, command, or subsystem 219 with the -c option. This applies to shell, command, or subsystem
192 execution. It is most useful inside a Match block. The command 220 execution. It is most useful inside a Match block. The command
193 originally supplied by the client is available in the 221 originally supplied by the client is available in the
@@ -202,10 +230,10 @@ DESCRIPTION
202 forwardings to the loopback address. This prevents other remote 230 forwardings to the loopback address. This prevents other remote
203 hosts from connecting to forwarded ports. GatewayPorts can be 231 hosts from connecting to forwarded ports. GatewayPorts can be
204 used to specify that sshd should allow remote port forwardings to 232 used to specify that sshd should allow remote port forwardings to
205 bind to non-loopback addresses, thus allowing other hosts to con- 233 bind to non-loopback addresses, thus allowing other hosts to
206 nect. The argument may be ``no'' to force remote port forward- 234 connect. The argument may be ``no'' to force remote port
207 ings to be available to the local host only, ``yes'' to force re- 235 forwardings to be available to the local host only, ``yes'' to
208 mote port forwardings to bind to the wildcard address, or 236 force remote port forwardings to bind to the wildcard address, or
209 ``clientspecified'' to allow the client to select the address to 237 ``clientspecified'' to allow the client to select the address to
210 which the forwarding is bound. The default is ``no''. 238 which the forwarding is bound. The default is ``no''.
211 239
@@ -220,15 +248,15 @@ DESCRIPTION
220 applies to protocol version 2 only. 248 applies to protocol version 2 only.
221 249
222 HostbasedAuthentication 250 HostbasedAuthentication
223 Specifies whether rhosts or /etc/hosts.equiv authentication to- 251 Specifies whether rhosts or /etc/hosts.equiv authentication
224 gether with successful public key client host authentication is 252 together with successful public key client host authentication is
225 allowed (host-based authentication). This option is similar to 253 allowed (host-based authentication). This option is similar to
226 RhostsRSAAuthentication and applies to protocol version 2 only. 254 RhostsRSAAuthentication and applies to protocol version 2 only.
227 The default is ``no''. 255 The default is ``no''.
228 256
229 HostbasedUsesNameFromPacketOnly 257 HostbasedUsesNameFromPacketOnly
230 Specifies whether or not the server will attempt to perform a re- 258 Specifies whether or not the server will attempt to perform a
231 verse name lookup when matching the name in the ~/.shosts, 259 reverse name lookup when matching the name in the ~/.shosts,
232 ~/.rhosts, and /etc/hosts.equiv files during 260 ~/.rhosts, and /etc/hosts.equiv files during
233 HostbasedAuthentication. A setting of ``yes'' means that sshd(8) 261 HostbasedAuthentication. A setting of ``yes'' means that sshd(8)
234 uses the name supplied by the client rather than attempting to 262 uses the name supplied by the client rather than attempting to
@@ -236,17 +264,17 @@ DESCRIPTION
236 ``no''. 264 ``no''.
237 265
238 HostCertificate 266 HostCertificate
239 Specifies a file containing a public host certificate. The cer- 267 Specifies a file containing a public host certificate. The
240 tificate's public key must match a private host key already spec- 268 certificate's public key must match a private host key already
241 ified by HostKey. The default behaviour of sshd(8) is not to 269 specified by HostKey. The default behaviour of sshd(8) is not to
242 load any certificates. 270 load any certificates.
243 271
244 HostKey 272 HostKey
245 Specifies a file containing a private host key used by SSH. The 273 Specifies a file containing a private host key used by SSH. The
246 default is /etc/ssh/ssh_host_key for protocol version 1, and 274 default is /etc/ssh/ssh_host_key for protocol version 1, and
247 /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for pro- 275 /etc/ssh/ssh_host_rsa_key and /etc/ssh/ssh_host_dsa_key for
248 tocol version 2. Note that sshd(8) will refuse to use a file if 276 protocol version 2. Note that sshd(8) will refuse to use a file
249 it is group/world-accessible. It is possible to have multiple 277 if it is group/world-accessible. It is possible to have multiple
250 host key files. ``rsa1'' keys are used for version 1 and ``dsa'' 278 host key files. ``rsa1'' keys are used for version 1 and ``dsa''
251 or ``rsa'' are used for version 2 of the SSH protocol. 279 or ``rsa'' are used for version 2 of the SSH protocol.
252 280
@@ -254,8 +282,8 @@ DESCRIPTION
254 Specifies that .rhosts and .shosts files will not be used in 282 Specifies that .rhosts and .shosts files will not be used in
255 RhostsRSAAuthentication or HostbasedAuthentication. 283 RhostsRSAAuthentication or HostbasedAuthentication.
256 284
257 /etc/hosts.equiv and /etc/shosts.equiv are still used. The de- 285 /etc/hosts.equiv and /etc/shosts.equiv are still used. The
258 fault is ``yes''. 286 default is ``yes''.
259 287
260 IgnoreUserKnownHosts 288 IgnoreUserKnownHosts
261 Specifies whether sshd(8) should ignore the user's 289 Specifies whether sshd(8) should ignore the user's
@@ -275,9 +303,9 @@ DESCRIPTION
275 The default is ``no''. 303 The default is ``no''.
276 304
277 KerberosOrLocalPasswd 305 KerberosOrLocalPasswd
278 If password authentication through Kerberos fails then the pass- 306 If password authentication through Kerberos fails then the
279 word will be validated via any additional local mechanism such as 307 password will be validated via any additional local mechanism
280 /etc/passwd. The default is ``yes''. 308 such as /etc/passwd. The default is ``yes''.
281 309
282 KerberosTicketCleanup 310 KerberosTicketCleanup
283 Specifies whether to automatically destroy the user's ticket 311 Specifies whether to automatically destroy the user's ticket
@@ -286,17 +314,17 @@ DESCRIPTION
286 KeyRegenerationInterval 314 KeyRegenerationInterval
287 In protocol version 1, the ephemeral server key is automatically 315 In protocol version 1, the ephemeral server key is automatically
288 regenerated after this many seconds (if it has been used). The 316 regenerated after this many seconds (if it has been used). The
289 purpose of regeneration is to prevent decrypting captured ses- 317 purpose of regeneration is to prevent decrypting captured
290 sions by later breaking into the machine and stealing the keys. 318 sessions by later breaking into the machine and stealing the
291 The key is never stored anywhere. If the value is 0, the key is 319 keys. The key is never stored anywhere. If the value is 0, the
292 never regenerated. The default is 3600 (seconds). 320 key is never regenerated. The default is 3600 (seconds).
293 321
294 ListenAddress 322 ListenAddress
295 Specifies the local addresses sshd(8) should listen on. The fol- 323 Specifies the local addresses sshd(8) should listen on. The
296 lowing forms may be used: 324 following forms may be used:
297 325
298 ListenAddress host|IPv4_addr|IPv6_addr 326 ListenAddress host | IPv4_addr | IPv6_addr
299 ListenAddress host|IPv4_addr:port 327 ListenAddress host | IPv4_addr:port
300 ListenAddress [host|IPv6_addr]:port 328 ListenAddress [host|IPv6_addr]:port
301 329
302 If port is not specified, sshd will listen on the address and all 330 If port is not specified, sshd will listen on the address and all
@@ -306,9 +334,9 @@ DESCRIPTION
306 port qualified addresses. 334 port qualified addresses.
307 335
308 LoginGraceTime 336 LoginGraceTime
309 The server disconnects after this time if the user has not suc- 337 The server disconnects after this time if the user has not
310 cessfully logged in. If the value is 0, there is no time limit. 338 successfully logged in. If the value is 0, there is no time
311 The default is 120 seconds. 339 limit. The default is 120 seconds.
312 340
313 LogLevel 341 LogLevel
314 Gives the verbosity level that is used when logging messages from 342 Gives the verbosity level that is used when logging messages from
@@ -318,18 +346,18 @@ DESCRIPTION
318 higher levels of debugging output. Logging with a DEBUG level 346 higher levels of debugging output. Logging with a DEBUG level
319 violates the privacy of users and is not recommended. 347 violates the privacy of users and is not recommended.
320 348
321 MACs Specifies the available MAC (message authentication code) algo- 349 MACs Specifies the available MAC (message authentication code)
322 rithms. The MAC algorithm is used in protocol version 2 for data 350 algorithms. The MAC algorithm is used in protocol version 2 for
323 integrity protection. Multiple algorithms must be comma-separat- 351 data integrity protection. Multiple algorithms must be comma-
324 ed. The default is: 352 separated. The default is:
325 353
326 hmac-md5,hmac-sha1,umac-64@openssh.com, 354 hmac-md5,hmac-sha1,umac-64@openssh.com,
327 hmac-ripemd160,hmac-sha1-96,hmac-md5-96 355 hmac-ripemd160,hmac-sha1-96,hmac-md5-96
328 356
329 Match Introduces a conditional block. If all of the criteria on the 357 Match Introduces a conditional block. If all of the criteria on the
330 Match line are satisfied, the keywords on the following lines 358 Match line are satisfied, the keywords on the following lines
331 override those set in the global section of the config file, un- 359 override those set in the global section of the config file,
332 til either another Match line or the end of the file. 360 until either another Match line or the end of the file.
333 361
334 The arguments to Match are one or more criteria-pattern pairs. 362 The arguments to Match are one or more criteria-pattern pairs.
335 The available criteria are User, Group, Host, and Address. The 363 The available criteria are User, Group, Host, and Address. The
@@ -337,8 +365,8 @@ DESCRIPTION
337 lists and may use the wildcard and negation operators described 365 lists and may use the wildcard and negation operators described
338 in the PATTERNS section of ssh_config(5). 366 in the PATTERNS section of ssh_config(5).
339 367
340 The patterns in an Address criteria may additionally contain ad- 368 The patterns in an Address criteria may additionally contain
341 dresses to match in CIDR address/masklen format, e.g. 369 addresses to match in CIDR address/masklen format, e.g.
342 ``192.0.2.0/24'' or ``3ffe:ffff::/32''. Note that the mask 370 ``192.0.2.0/24'' or ``3ffe:ffff::/32''. Note that the mask
343 length provided must be consistent with the address - it is an 371 length provided must be consistent with the address - it is an
344 error to specify a mask length that is too long for the address 372 error to specify a mask length that is too long for the address
@@ -347,13 +375,15 @@ DESCRIPTION
347 375
348 Only a subset of keywords may be used on the lines following a 376 Only a subset of keywords may be used on the lines following a
349 Match keyword. Available keywords are AllowAgentForwarding, 377 Match keyword. Available keywords are AllowAgentForwarding,
350 AllowTcpForwarding, Banner, ChrootDirectory, ForceCommand, 378 AllowTcpForwarding, AuthorizedKeysFile, AuthorizedPrincipalsFile,
351 GatewayPorts, GSSAPIAuthentication, HostbasedAuthentication, 379 Banner, ChrootDirectory, ForceCommand, GatewayPorts,
352 KbdInteractiveAuthentication, KerberosAuthentication, 380 GSSAPIAuthentication, HostbasedAuthentication,
353 MaxAuthTries, MaxSessions, PasswordAuthentication, 381 HostbasedUsesNameFromPacketOnly, KbdInteractiveAuthentication,
354 PermitEmptyPasswords, PermitOpen, PermitRootLogin, 382 KerberosAuthentication, MaxAuthTries, MaxSessions,
355 PubkeyAuthentication, RhostsRSAAuthentication, RSAAuthentication, 383 PasswordAuthentication, PermitEmptyPasswords, PermitOpen,
356 X11DisplayOffset, X11Forwarding and X11UseLocalHost. 384 PermitRootLogin, PermitTunnel, PubkeyAuthentication,
385 RhostsRSAAuthentication, RSAAuthentication, X11DisplayOffset,
386 X11Forwarding and X11UseLocalHost.
357 387
358 MaxAuthTries 388 MaxAuthTries
359 Specifies the maximum number of authentication attempts permitted 389 Specifies the maximum number of authentication attempts permitted
@@ -361,26 +391,26 @@ DESCRIPTION
361 value, additional failures are logged. The default is 6. 391 value, additional failures are logged. The default is 6.
362 392
363 MaxSessions 393 MaxSessions
364 Specifies the maximum number of open sessions permitted per net- 394 Specifies the maximum number of open sessions permitted per
365 work connection. The default is 10. 395 network connection. The default is 10.
366 396
367 MaxStartups 397 MaxStartups
368 Specifies the maximum number of concurrent unauthenticated con- 398 Specifies the maximum number of concurrent unauthenticated
369 nections to the SSH daemon. Additional connections will be 399 connections to the SSH daemon. Additional connections will be
370 dropped until authentication succeeds or the LoginGraceTime ex- 400 dropped until authentication succeeds or the LoginGraceTime
371 pires for a connection. The default is 10. 401 expires for a connection. The default is 10.
372 402
373 Alternatively, random early drop can be enabled by specifying the 403 Alternatively, random early drop can be enabled by specifying the
374 three colon separated values ``start:rate:full'' (e.g. 404 three colon separated values ``start:rate:full'' (e.g.
375 "10:30:60"). sshd(8) will refuse connection attempts with a 405 "10:30:60"). sshd(8) will refuse connection attempts with a
376 probability of ``rate/100'' (30%) if there are currently 406 probability of ``rate/100'' (30%) if there are currently
377 ``start'' (10) unauthenticated connections. The probability in- 407 ``start'' (10) unauthenticated connections. The probability
378 creases linearly and all connection attempts are refused if the 408 increases linearly and all connection attempts are refused if the
379 number of unauthenticated connections reaches ``full'' (60). 409 number of unauthenticated connections reaches ``full'' (60).
380 410
381 PasswordAuthentication 411 PasswordAuthentication
382 Specifies whether password authentication is allowed. The de- 412 Specifies whether password authentication is allowed. The
383 fault is ``yes''. 413 default is ``yes''.
384 414
385 PermitEmptyPasswords 415 PermitEmptyPasswords
386 When password authentication is allowed, it specifies whether the 416 When password authentication is allowed, it specifies whether the
@@ -388,17 +418,17 @@ DESCRIPTION
388 default is ``no''. 418 default is ``no''.
389 419
390 PermitOpen 420 PermitOpen
391 Specifies the destinations to which TCP port forwarding is per- 421 Specifies the destinations to which TCP port forwarding is
392 mitted. The forwarding specification must be one of the follow- 422 permitted. The forwarding specification must be one of the
393 ing forms: 423 following forms:
394 424
395 PermitOpen host:port 425 PermitOpen host:port
396 PermitOpen IPv4_addr:port 426 PermitOpen IPv4_addr:port
397 PermitOpen [IPv6_addr]:port 427 PermitOpen [ IPv6_addr ]:port
398 428
399 Multiple forwards may be specified by separating them with 429 Multiple forwards may be specified by separating them with
400 whitespace. An argument of ``any'' can be used to remove all re- 430 whitespace. An argument of ``any'' can be used to remove all
401 strictions and permit any forwarding requests. By default all 431 restrictions and permit any forwarding requests. By default all
402 port forwarding requests are permitted. 432 port forwarding requests are permitted.
403 433
404 PermitRootLogin 434 PermitRootLogin
@@ -406,8 +436,8 @@ DESCRIPTION
406 must be ``yes'', ``without-password'', ``forced-commands-only'', 436 must be ``yes'', ``without-password'', ``forced-commands-only'',
407 or ``no''. The default is ``yes''. 437 or ``no''. The default is ``yes''.
408 438
409 If this option is set to ``without-password'', password authenti- 439 If this option is set to ``without-password'', password
410 cation is disabled for root. 440 authentication is disabled for root.
411 441
412 If this option is set to ``forced-commands-only'', root login 442 If this option is set to ``forced-commands-only'', root login
413 with public key authentication will be allowed, but only if the 443 with public key authentication will be allowed, but only if the
@@ -418,21 +448,21 @@ DESCRIPTION
418 If this option is set to ``no'', root is not allowed to log in. 448 If this option is set to ``no'', root is not allowed to log in.
419 449
420 PermitTunnel 450 PermitTunnel
421 Specifies whether tun(4) device forwarding is allowed. The argu- 451 Specifies whether tun(4) device forwarding is allowed. The
422 ment must be ``yes'', ``point-to-point'' (layer 3), ``ethernet'' 452 argument must be ``yes'', ``point-to-point'' (layer 3),
423 (layer 2), or ``no''. Specifying ``yes'' permits both ``point- 453 ``ethernet'' (layer 2), or ``no''. Specifying ``yes'' permits
424 to-point'' and ``ethernet''. The default is ``no''. 454 both ``point-to-point'' and ``ethernet''. The default is ``no''.
425 455
426 PermitUserEnvironment 456 PermitUserEnvironment
427 Specifies whether ~/.ssh/environment and environment= options in 457 Specifies whether ~/.ssh/environment and environment= options in
428 ~/.ssh/authorized_keys are processed by sshd(8). The default is 458 ~/.ssh/authorized_keys are processed by sshd(8). The default is
429 ``no''. Enabling environment processing may enable users to by- 459 ``no''. Enabling environment processing may enable users to
430 pass access restrictions in some configurations using mechanisms 460 bypass access restrictions in some configurations using
431 such as LD_PRELOAD. 461 mechanisms such as LD_PRELOAD.
432 462
433 PidFile 463 PidFile
434 Specifies the file that contains the process ID of the SSH dae- 464 Specifies the file that contains the process ID of the SSH
435 mon. The default is /var/run/sshd.pid. 465 daemon. The default is /var/run/sshd.pid.
436 466
437 Port Specifies the port number that sshd(8) listens on. The default 467 Port Specifies the port number that sshd(8) listens on. The default
438 is 22. Multiple options of this type are permitted. See also 468 is 22. Multiple options of this type are permitted. See also
@@ -450,16 +480,16 @@ DESCRIPTION
450 480
451 Protocol 481 Protocol
452 Specifies the protocol versions sshd(8) supports. The possible 482 Specifies the protocol versions sshd(8) supports. The possible
453 values are `1' and `2'. Multiple versions must be comma-separat- 483 values are `1' and `2'. Multiple versions must be comma-
454 ed. The default is `2'. Note that the order of the protocol 484 separated. The default is `2'. Note that the order of the
455 list does not indicate preference, because the client selects 485 protocol list does not indicate preference, because the client
456 among multiple protocol versions offered by the server. Specify- 486 selects among multiple protocol versions offered by the server.
457 ing ``2,1'' is identical to ``1,2''. 487 Specifying ``2,1'' is identical to ``1,2''.
458 488
459 PubkeyAuthentication 489 PubkeyAuthentication
460 Specifies whether public key authentication is allowed. The de- 490 Specifies whether public key authentication is allowed. The
461 fault is ``yes''. Note that this option applies to protocol ver- 491 default is ``yes''. Note that this option applies to protocol
462 sion 2 only. 492 version 2 only.
463 493
464 RevokedKeys 494 RevokedKeys
465 Specifies a list of revoked public keys. Keys listed in this 495 Specifies a list of revoked public keys. Keys listed in this
@@ -468,15 +498,15 @@ DESCRIPTION
468 refused for all users. 498 refused for all users.
469 499
470 RhostsRSAAuthentication 500 RhostsRSAAuthentication
471 Specifies whether rhosts or /etc/hosts.equiv authentication to- 501 Specifies whether rhosts or /etc/hosts.equiv authentication
472 gether with successful RSA host authentication is allowed. The 502 together with successful RSA host authentication is allowed. The
473 default is ``no''. This option applies to protocol version 1 on- 503 default is ``no''. This option applies to protocol version 1
474 ly. 504 only.
475 505
476 RSAAuthentication 506 RSAAuthentication
477 Specifies whether pure RSA authentication is allowed. The de- 507 Specifies whether pure RSA authentication is allowed. The
478 fault is ``yes''. This option applies to protocol version 1 on- 508 default is ``yes''. This option applies to protocol version 1
479 ly. 509 only.
480 510
481 ServerKeyBits 511 ServerKeyBits
482 Defines the number of bits in the ephemeral protocol version 1 512 Defines the number of bits in the ephemeral protocol version 1
@@ -502,24 +532,24 @@ DESCRIPTION
502 ``sftp'' server. This may simplify configurations using 532 ``sftp'' server. This may simplify configurations using
503 ChrootDirectory to force a different filesystem root on clients. 533 ChrootDirectory to force a different filesystem root on clients.
504 534
505 By default no subsystems are defined. Note that this option ap- 535 By default no subsystems are defined. Note that this option
506 plies to protocol version 2 only. 536 applies to protocol version 2 only.
507 537
508 SyslogFacility 538 SyslogFacility
509 Gives the facility code that is used when logging messages from 539 Gives the facility code that is used when logging messages from
510 sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0, 540 sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0,
511 LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The de- 541 LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The
512 fault is AUTH. 542 default is AUTH.
513 543
514 TCPKeepAlive 544 TCPKeepAlive
515 Specifies whether the system should send TCP keepalive messages 545 Specifies whether the system should send TCP keepalive messages
516 to the other side. If they are sent, death of the connection or 546 to the other side. If they are sent, death of the connection or
517 crash of one of the machines will be properly noticed. However, 547 crash of one of the machines will be properly noticed. However,
518 this means that connections will die if the route is down tem- 548 this means that connections will die if the route is down
519 porarily, and some people find it annoying. On the other hand, 549 temporarily, and some people find it annoying. On the other
520 if TCP keepalives are not sent, sessions may hang indefinitely on 550 hand, if TCP keepalives are not sent, sessions may hang
521 the server, leaving ``ghost'' users and consuming server re- 551 indefinitely on the server, leaving ``ghost'' users and consuming
522 sources. 552 server resources.
523 553
524 The default is ``yes'' (to send TCP keepalive messages), and the 554 The default is ``yes'' (to send TCP keepalive messages), and the
525 server will notice if the network goes down or the client host 555 server will notice if the network goes down or the client host
@@ -529,34 +559,34 @@ DESCRIPTION
529 ``no''. 559 ``no''.
530 560
531 TrustedUserCAKeys 561 TrustedUserCAKeys
532 Specifies a file containing public keys of certificate authori- 562 Specifies a file containing public keys of certificate
533 ties that are trusted to sign user certificates for authentica- 563 authorities that are trusted to sign user certificates for
534 tion. Keys are listed one per line; empty lines and comments 564 authentication. Keys are listed one per line; empty lines and
535 starting with `#' are allowed. If a certificate is presented for 565 comments starting with `#' are allowed. If a certificate is
536 authentication and has its signing CA key listed in this file, 566 presented for authentication and has its signing CA key listed in
537 then it may be used for authentication for any user listed in the 567 this file, then it may be used for authentication for any user
538 certificate's principals list. Note that certificates that lack 568 listed in the certificate's principals list. Note that
539 a list of principals will not be permitted for authentication us- 569 certificates that lack a list of principals will not be permitted
540 ing TrustedUserCAKeys. For more details on certificates, see the 570 for authentication using TrustedUserCAKeys. For more details on
541 CERTIFICATES section in ssh-keygen(1). 571 certificates, see the CERTIFICATES section in ssh-keygen(1).
542 572
543 UseDNS Specifies whether sshd(8) should look up the remote host name and 573 UseDNS Specifies whether sshd(8) should look up the remote host name and
544 check that the resolved host name for the remote IP address maps 574 check that the resolved host name for the remote IP address maps
545 back to the very same IP address. The default is ``yes''. 575 back to the very same IP address. The default is ``yes''.
546 576
547 UseLogin 577 UseLogin
548 Specifies whether login(1) is used for interactive login ses- 578 Specifies whether login(1) is used for interactive login
549 sions. The default is ``no''. Note that login(1) is never used 579 sessions. The default is ``no''. Note that login(1) is never
550 for remote command execution. Note also, that if this is en- 580 used for remote command execution. Note also, that if this is
551 abled, X11Forwarding will be disabled because login(1) does not 581 enabled, X11Forwarding will be disabled because login(1) does not
552 know how to handle xauth(1) cookies. If UsePrivilegeSeparation 582 know how to handle xauth(1) cookies. If UsePrivilegeSeparation
553 is specified, it will be disabled after authentication. 583 is specified, it will be disabled after authentication.
554 584
555 UsePAM Enables the Pluggable Authentication Module interface. If set to 585 UsePAM Enables the Pluggable Authentication Module interface. If set to
556 ``yes'' this will enable PAM authentication using 586 ``yes'' this will enable PAM authentication using
557 ChallengeResponseAuthentication and PasswordAuthentication in ad- 587 ChallengeResponseAuthentication and PasswordAuthentication in
558 dition to PAM account and session module processing for all au- 588 addition to PAM account and session module processing for all
559 thentication types. 589 authentication types.
560 590
561 Because PAM challenge-response authentication usually serves an 591 Because PAM challenge-response authentication usually serves an
562 equivalent role to password authentication, you should disable 592 equivalent role to password authentication, you should disable
@@ -566,12 +596,12 @@ DESCRIPTION
566 non-root user. The default is ``no''. 596 non-root user. The default is ``no''.
567 597
568 UsePrivilegeSeparation 598 UsePrivilegeSeparation
569 Specifies whether sshd(8) separates privileges by creating an un- 599 Specifies whether sshd(8) separates privileges by creating an
570 privileged child process to deal with incoming network traffic. 600 unprivileged child process to deal with incoming network traffic.
571 After successful authentication, another process will be created 601 After successful authentication, another process will be created
572 that has the privilege of the authenticated user. The goal of 602 that has the privilege of the authenticated user. The goal of
573 privilege separation is to prevent privilege escalation by con- 603 privilege separation is to prevent privilege escalation by
574 taining any corruption within the unprivileged processes. The 604 containing any corruption within the unprivileged processes. The
575 default is ``yes''. 605 default is ``yes''.
576 606
577 X11DisplayOffset 607 X11DisplayOffset
@@ -586,15 +616,16 @@ DESCRIPTION
586 When X11 forwarding is enabled, there may be additional exposure 616 When X11 forwarding is enabled, there may be additional exposure
587 to the server and to client displays if the sshd(8) proxy display 617 to the server and to client displays if the sshd(8) proxy display
588 is configured to listen on the wildcard address (see 618 is configured to listen on the wildcard address (see
589 X11UseLocalhost below), though this is not the default. Addi- 619 X11UseLocalhost below), though this is not the default.
590 tionally, the authentication spoofing and authentication data 620 Additionally, the authentication spoofing and authentication data
591 verification and substitution occur on the client side. The se- 621 verification and substitution occur on the client side. The
592 curity risk of using X11 forwarding is that the client's X11 dis- 622 security risk of using X11 forwarding is that the client's X11
593 play server may be exposed to attack when the SSH client requests 623 display server may be exposed to attack when the SSH client
594 forwarding (see the warnings for ForwardX11 in ssh_config(5)). A 624 requests forwarding (see the warnings for ForwardX11 in
595 system administrator may have a stance in which they want to pro- 625 ssh_config(5)). A system administrator may have a stance in
596 tect clients that may expose themselves to attack by unwittingly 626 which they want to protect clients that may expose themselves to
597 requesting X11 forwarding, which can warrant a ``no'' setting. 627 attack by unwittingly requesting X11 forwarding, which can
628 warrant a ``no'' setting.
598 629
599 Note that disabling X11 forwarding does not prevent users from 630 Note that disabling X11 forwarding does not prevent users from
600 forwarding X11 traffic, as users can always install their own 631 forwarding X11 traffic, as users can always install their own
@@ -609,19 +640,19 @@ DESCRIPTION
609 ``localhost''. This prevents remote hosts from connecting to the 640 ``localhost''. This prevents remote hosts from connecting to the
610 proxy display. However, some older X11 clients may not function 641 proxy display. However, some older X11 clients may not function
611 with this configuration. X11UseLocalhost may be set to ``no'' to 642 with this configuration. X11UseLocalhost may be set to ``no'' to
612 specify that the forwarding server should be bound to the wild- 643 specify that the forwarding server should be bound to the
613 card address. The argument must be ``yes'' or ``no''. The de- 644 wildcard address. The argument must be ``yes'' or ``no''. The
614 fault is ``yes''. 645 default is ``yes''.
615 646
616 XAuthLocation 647 XAuthLocation
617 Specifies the full pathname of the xauth(1) program. The default 648 Specifies the full pathname of the xauth(1) program. The default
618 is /usr/X11R6/bin/xauth. 649 is /usr/X11R6/bin/xauth.
619 650
620TIME FORMATS 651TIME FORMATS
621 sshd(8) command-line arguments and configuration file options that speci- 652 sshd(8) command-line arguments and configuration file options that
622 fy time may be expressed using a sequence of the form: time[qualifier], 653 specify time may be expressed using a sequence of the form: time
623 where time is a positive integer value and qualifier is one of the fol- 654 [qualifier], where time is a positive integer value and qualifier is one
624 lowing: 655 of the following:
625 656
626 <none> seconds 657 <none> seconds
627 s | S seconds 658 s | S seconds
@@ -642,8 +673,8 @@ TIME FORMATS
642FILES 673FILES
643 /etc/ssh/sshd_config 674 /etc/ssh/sshd_config
644 Contains configuration data for sshd(8). This file should be 675 Contains configuration data for sshd(8). This file should be
645 writable by root only, but it is recommended (though not neces- 676 writable by root only, but it is recommended (though not
646 sary) that it be world-readable. 677 necessary) that it be world-readable.
647 678
648SEE ALSO 679SEE ALSO
649 sshd(8) 680 sshd(8)
@@ -651,9 +682,9 @@ SEE ALSO
651AUTHORS 682AUTHORS
652 OpenSSH is a derivative of the original and free ssh 1.2.12 release by 683 OpenSSH is a derivative of the original and free ssh 1.2.12 release by
653 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo 684 Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo
654 de Raadt and Dug Song removed many bugs, re-added newer features and cre- 685 de Raadt and Dug Song removed many bugs, re-added newer features and
655 ated OpenSSH. Markus Friedl contributed the support for SSH protocol 686 created OpenSSH. Markus Friedl contributed the support for SSH protocol
656 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support 687 versions 1.5 and 2.0. Niels Provos and Markus Friedl contributed support
657 for privilege separation. 688 for privilege separation.
658 689
659OpenBSD 4.7 March 4, 2010 10 690OpenBSD 4.8 June 30, 2010 OpenBSD 4.8
diff --git a/sshd_config.5 b/sshd_config.5
index de447bce5..a5e20d1e8 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -34,8 +34,8 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd_config.5,v 1.120 2010/03/04 23:17:25 djm Exp $ 37.\" $OpenBSD: sshd_config.5,v 1.125 2010/06/30 07:28:34 jmc Exp $
38.Dd $Mdocdate: March 4 2010 $ 38.Dd $Mdocdate: June 30 2010 $
39.Dt SSHD_CONFIG 5 39.Dt SSHD_CONFIG 5
40.Os 40.Os
41.Sh NAME 41.Sh NAME
@@ -182,6 +182,10 @@ for more information on patterns.
182.It Cm AuthorizedKeysFile 182.It Cm AuthorizedKeysFile
183Specifies the file that contains the public keys that can be used 183Specifies the file that contains the public keys that can be used
184for user authentication. 184for user authentication.
185The format is described in the
186.Sx AUTHORIZED_KEYS FILE FORMAT
187section of
188.Xr sshd 8 .
185.Cm AuthorizedKeysFile 189.Cm AuthorizedKeysFile
186may contain tokens of the form %T which are substituted during connection 190may contain tokens of the form %T which are substituted during connection
187setup. 191setup.
@@ -194,6 +198,47 @@ is taken to be an absolute path or one relative to the user's home
194directory. 198directory.
195The default is 199The default is
196.Dq .ssh/authorized_keys . 200.Dq .ssh/authorized_keys .
201.It Cm AuthorizedPrincipalsFile
202Specifies a file that lists principal names that are accepted for
203certificate authentication.
204When using certificates signed by a key listed in
205.Cm TrustedUserCAKeys ,
206this file lists names, one of which must appear in the certificate for it
207to be accepted for authentication.
208Names are listed one per line preceded by key options (as described
209in
210.Sx AUTHORIZED_KEYS FILE FORMAT
211in
212.Xr sshd 8 ) .
213Empty lines and comments starting with
214.Ql #
215are ignored.
216.Pp
217.Cm AuthorizedPrincipalsFile
218may contain tokens of the form %T which are substituted during connection
219setup.
220The following tokens are defined: %% is replaced by a literal '%',
221%h is replaced by the home directory of the user being authenticated, and
222%u is replaced by the username of that user.
223After expansion,
224.Cm AuthorizedPrincipalsFile
225is taken to be an absolute path or one relative to the user's home
226directory.
227.Pp
228The default is not to use a principals file \(en in this case, the username
229of the user must appear in a certificate's principals list for it to be
230accepted.
231Note that
232.Cm AuthorizedPrincipalsFile
233is only used when authentication proceeds using a CA listed in
234.Cm TrustedUserCAKeys
235and is not consulted for certification authorities trusted via
236.Pa ~/.ssh/authorized_keys ,
237though the
238.Cm principals=
239key option offers a similar facility (see
240.Xr sshd 8
241for details).
197.It Cm Banner 242.It Cm Banner
198The contents of the specified file are sent to the remote user before 243The contents of the specified file are sent to the remote user before
199authentication is allowed. 244authentication is allowed.
@@ -667,12 +712,15 @@ keyword.
667Available keywords are 712Available keywords are
668.Cm AllowAgentForwarding , 713.Cm AllowAgentForwarding ,
669.Cm AllowTcpForwarding , 714.Cm AllowTcpForwarding ,
715.Cm AuthorizedKeysFile ,
716.Cm AuthorizedPrincipalsFile ,
670.Cm Banner , 717.Cm Banner ,
671.Cm ChrootDirectory , 718.Cm ChrootDirectory ,
672.Cm ForceCommand , 719.Cm ForceCommand ,
673.Cm GatewayPorts , 720.Cm GatewayPorts ,
674.Cm GSSAPIAuthentication , 721.Cm GSSAPIAuthentication ,
675.Cm HostbasedAuthentication , 722.Cm HostbasedAuthentication ,
723.Cm HostbasedUsesNameFromPacketOnly ,
676.Cm KbdInteractiveAuthentication , 724.Cm KbdInteractiveAuthentication ,
677.Cm KerberosAuthentication , 725.Cm KerberosAuthentication ,
678.Cm MaxAuthTries , 726.Cm MaxAuthTries ,
@@ -681,6 +729,7 @@ Available keywords are
681.Cm PermitEmptyPasswords , 729.Cm PermitEmptyPasswords ,
682.Cm PermitOpen , 730.Cm PermitOpen ,
683.Cm PermitRootLogin , 731.Cm PermitRootLogin ,
732.Cm PermitTunnel ,
684.Cm PubkeyAuthentication , 733.Cm PubkeyAuthentication ,
685.Cm RhostsRSAAuthentication , 734.Cm RhostsRSAAuthentication ,
686.Cm RSAAuthentication , 735.Cm RSAAuthentication ,
diff --git a/version.h b/version.h
index 54d82559a..65a155f49 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
1/* $OpenBSD: version.h,v 1.58 2010/03/16 16:36:49 djm Exp $ */ 1/* $OpenBSD: version.h,v 1.59 2010/08/08 16:26:42 djm Exp $ */
2 2
3#define SSH_VERSION "OpenSSH_5.5" 3#define SSH_VERSION "OpenSSH_5.6"
4 4
5#define SSH_PORTABLE "p1" 5#define SSH_PORTABLE "p1"
6#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE 6#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 18:35:53 +0000