summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2019-12-30upstream: remove single-letter flags for moduli optionsdjm@openbsd.org
2019-12-30upstream: prepare for use of ssh-keygen -O flag beyond certsdjm@openbsd.org
2019-12-30upstream: sort -Y internally in the options list, as is alreadyjmc@openbsd.org
2019-12-30upstream: in the options list, sort -Y and -y;jmc@openbsd.org
2019-12-30upstream: Replace the term "security key" with "(FIDO)naddy@openbsd.org
2019-12-21upstream: unit tests for ForwardAgent=/path; from Eric Chiangdjm@openbsd.org
2019-12-21upstream: test security key host keys in addition to user keysdjm@openbsd.org
2019-12-21upstream: Allow forwarding a different agent socket to the pathdjm@openbsd.org
2019-12-21upstream: SSH U2F keys can now be used as host keys. Fix a gardennaddy@openbsd.org
2019-12-20upstream: Move always unsupported keywords to be grouped with the otherdtucker@openbsd.org
2019-12-20upstream: Remove obsolete opcodes from the configuation enum.dtucker@openbsd.org
2019-12-20upstream: Remove now-obsolete config options from example indtucker@openbsd.org
2019-12-20upstream: Document that security key-hosted keys can act as hostnaddy@openbsd.org
2019-12-20upstream: "Forward security" -> "Forward secrecy" since that's thedtucker@openbsd.org
2019-12-20upstream: cut obsolete lists of crypto algorithms from outline ofnaddy@openbsd.org
2019-12-20upstream: strdup may return NULL if memory allocation fails. Usetobhe@openbsd.org
2019-12-20upstream: sort sk-* methods behind their plain key methods cousinsdjm@openbsd.org
2019-12-18Mac OS X has PAM too.Darren Tucker
2019-12-18Show portable tarball pattern in example.Darren Tucker
2019-12-18OpenSSL is now optional.Darren Tucker
2019-12-16upstream: adapt to ssh-sk-client changedjm@openbsd.org
2019-12-16upstream: it's no longer possible to disable privilege separationdjm@openbsd.org
2019-12-16upstream: don't treat HostKeyAgent=none as a path either; avoidsdjm@openbsd.org
2019-12-16upstream: do not attempt to find an absolute path for sshd_configdjm@openbsd.org
2019-12-16upstream: allow ssh-keyscan to find security key hostkeysdjm@openbsd.org
2019-12-16upstream: allow security keys to act as host keys as well as userdjm@openbsd.org
2019-12-16Allow clock_nanosleep_time64 in seccomp sandbox.Darren Tucker
2019-12-15Put SK ECDSA bits inside ifdef OPENSSL_HAS_ECC.Darren Tucker
2019-12-14remove a bunch of ENABLE_SK #ifdefsDamien Miller
2019-12-14ssh-sk-client.c needs includes.hDamien Miller
2019-12-14only link ssh-sk-helper against libfido2Damien Miller
2019-12-14adapt Makefile to ssh-sk-client everywhereDamien Miller
2019-12-14fixupDamien Miller
2019-12-14upstream: actually commit the ssh-sk-helper client code; ok markusdjm@openbsd.org
2019-12-14upstream: perform security key enrollment via ssh-sk-helper too.djm@openbsd.org
2019-12-14upstream: allow sshbuf_put_stringb(buf, NULL); ok markus@djm@openbsd.org
2019-12-14upstream: use ssh-sk-helper for all security key signing operationsdjm@openbsd.org
2019-12-14upstream: add a note about the 'extensions' field in the signeddjm@openbsd.org
2019-12-11upstream: some more corrections for documentation problems spotteddjm@openbsd.org
2019-12-11upstream: loading security keys into ssh-agent used the extensiondjm@openbsd.org
2019-12-11upstream: add security key types to list of keys allowed to act asdjm@openbsd.org
2019-12-11upstream: when acting as a CA and using a security key as the CAdjm@openbsd.org
2019-12-11upstream: chop some unnecessary and confusing verbiage from thedjm@openbsd.org
2019-12-11upstream: fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be setdjm@openbsd.org
2019-12-11upstream: bring the __func__djm@openbsd.org
2019-12-11upstream: tweak the Nd lines for a bit of consistency; ok markusjmc@openbsd.org
2019-12-11Check if memmem is declared in system headers.Darren Tucker
2019-12-11Sort depends.Darren Tucker
2019-12-11Sort .depend when rebuilding.Darren Tucker
2019-12-11Update depend to include sk files.Darren Tucker