Age | Commit message (Collapse) | Author |
|
|
|
[ssh-keygen.1]
document permit-agent-forwarding certificate constraint; patch from
stevesk@
|
|
[ssh-keygen.1]
document permit-agent-forwarding certificate constraint; patch from
stevesk@
|
|
|
|
crank version numbers
|
|
[ssh-keygen.c]
make internal strptime string match strftime format;
suggested by vinschen AT redhat.com and markus@
|
|
- djm@cvs.openbsd.org 2010/03/07 22:01:32
[version.h]
openssh-5.4
|
|
[auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
Hold authentication debug messages until after successful authentication.
Fixes an info leak of environment variables specified in authorized_keys,
reported by Jacob Appelbaum. ok djm@
|
|
setpcred.
|
|
do not set real uid, since that's needed for the chroot, and will be set
by permanently_set_uid.
|
|
it gets the passwd struct from the LAM that knows about the user which is
not necessarily the default. Patch from Alexandre Letourneau.
|
|
[ssh-add.1 ssh.1 ssh_config.5]
mention loading of certificate files from [private]-cert.pub when
they are present; feedback and ok jmc@
|
|
[ssh.1]
document certificate authentication; help/ok djm
|
|
[ssh.1 sshd.8]
tweak previous;
|
|
|
|
[auth.c]
make the warning for a revoked key louder and more noticable
|
|
on some platforms
|
|
[auth-options.c ssh-keygen.c]
"force-command" is not spelled "forced-command"; spotted by
imorgan AT nas.nasa.gov
|
|
[ssh.1 sshd.8]
move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
format section and rework it a bit; requested by jmc@
|
|
[sshd_config.5]
missing word; spotted by jmc@
|
|
[ssh-keygen.1]
fix Bk/Ek;
|
|
compilers. OK djm@
|
|
[ssh-keygen.1 ssh-keygen.c]
Add a -L flag to print the contents of a certificate; ok markus@
|
|
[ssh.1 sshd_config.5]
tweak previous;
|
|
[regress/cert-hostkey.sh regress/cert-userkey.sh]
additional regression tests for revoked keys and TrustedUserCAKeys
|
|
[regress/cert-hostkey.sh regress/cert-userkey.sh]
add an extra test to ensure that authentication with the wrong
certificate fails as it should (and it does)
|
|
[auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
[authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
[ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
are trusted to authenticate users (in addition than doing it per-user
in authorized_keys).
Add a RevokedKeys option to sshd_config and a @revoked marker to
known_hosts to allow keys to me revoked and banned for user or host
authentication.
feedback and ok markus@
|
|
[key.c]
use buffer_get_string_ptr_ret() where we are checking the return
value explicitly instead of the fatal()-causing buffer_get_string_ptr()
|
|
[PROTOCOL.certkeys]
s/similar same/similar/; from imorgan AT nas.nasa.gov
|
|
[sshd.8]
the authorized_keys option for CA keys is "cert-authority", not
"from=cert-authority". spotted by imorgan AT nas.nasa.gov
|
|
- djm@cvs.openbsd.org 2010/03/03 01:44:36
[auth-options.c key.c]
reject strings with embedded ASCII nul chars in certificate key IDs,
principal names and constraints
|
|
|
|
|
|
on XFree86-devel with neutral /usr/include/X11/Xlib.h;
imorgan AT nas.nasa.gov in bz#1731
|
|
maybe-undefined global "optarg"
|
|
|
|
[ssh-keygen.c]
POSIX strptime is stricter than OpenBSD's so do a little dance to
appease it.
|
|
[ssh-keygen.c]
POSIX strptime is stricter than OpenBSD's so do a little dance to
appease it.
|
|
[ssh-add.c]
zap what seems to be a left-over debug message; ok markus@
|
|
[ssh-keygen.1 ssh.1 sshd.8]
tweak previous;
|
|
|
|
http://git.savannah.gnu.org/gitweb/ (2009-12-30 and 2010-01-22
respectively).
|
|
adjust log at verbose only, since according to cjwatson in bug #1470
some virtualization platforms don't allow writes.
|
|
"echo -n" with "echon" for portability.
|
|
to make older compilers (gcc 2.95) happy.
|
|
case from that matched in the system password database. On this
platform, passwords are stored case-insensitively, but sshd requires
exact case matching for Match blocks in sshd_config(5). Based on
a patch from vinschen AT redhat.com.
|
|
variables copied into sshd child processes. From vinschen AT redhat.com
|
|
|
|
[Makefile regress/cert-hostkey.sh regress/cert-userkey.sh]
regression tests for certified keys
|
|
- djm@cvs.openbsd.org 2010/02/26 20:29:54
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
[auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
[hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
[myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
[sshconnect2.c sshd.8 sshd.c sshd_config.5]
Add support for certificate key types for users and hosts.
OpenSSH certificate key types are not X.509 certificates, but a much
simpler format that encodes a public key, identity information and
some validity constraints and signs it with a CA key. CA keys are
regular SSH keys. This certificate style avoids the attack surface
of X.509 certificates and is very easy to deploy.
Certified host keys allow automatic acceptance of new host keys
when a CA certificate is marked as sh/known_hosts.
see VERIFYING HOST KEYS in ssh(1) for details.
Certified user keys allow authentication of users when the signing
CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
FILE FORMAT" in sshd(8) for details.
Certificates are minted using ssh-keygen(1), documentation is in
the "CERTIFICATES" section of that manpage.
Documentation on the format of certificates is in the file
PROTOCOL.certkeys
feedback and ok markus@
|