summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2019-12-30upstream: Remove the -x option currently used fordjm@openbsd.org
2019-12-30upstream: document SK API changes in PROTOCOL.u2fdjm@openbsd.org
2019-12-30upstream: translate and return error codes; retry on bad PINdjm@openbsd.org
2019-12-30upstream: improve some error messages; ok markus@djm@openbsd.org
2019-12-30upstream: SK API and sk-helper error/PIN passingdjm@openbsd.org
2019-12-30upstream: implement loading resident keys in ssh-adddjm@openbsd.org
2019-12-30upstream: implement loading of resident keys in ssh-sk-helperdjm@openbsd.org
2019-12-30upstream: resident keys support in SK APIdjm@openbsd.org
2019-12-30upstream: Factor out parsing of struct sk_enroll_responsedjm@openbsd.org
2019-12-30upstream: basic support for generating FIDO2 resident keysdjm@openbsd.org
2019-12-30upstream: remove single-letter flags for moduli optionsdjm@openbsd.org
2019-12-30upstream: prepare for use of ssh-keygen -O flag beyond certsdjm@openbsd.org
2019-12-30upstream: sort -Y internally in the options list, as is alreadyjmc@openbsd.org
2019-12-30upstream: in the options list, sort -Y and -y;jmc@openbsd.org
2019-12-30upstream: Replace the term "security key" with "(FIDO)naddy@openbsd.org
2019-12-21upstream: unit tests for ForwardAgent=/path; from Eric Chiangdjm@openbsd.org
2019-12-21upstream: test security key host keys in addition to user keysdjm@openbsd.org
2019-12-21upstream: Allow forwarding a different agent socket to the pathdjm@openbsd.org
2019-12-21upstream: SSH U2F keys can now be used as host keys. Fix a gardennaddy@openbsd.org
2019-12-20upstream: Move always unsupported keywords to be grouped with the otherdtucker@openbsd.org
2019-12-20upstream: Remove obsolete opcodes from the configuation enum.dtucker@openbsd.org
2019-12-20upstream: Remove now-obsolete config options from example indtucker@openbsd.org
2019-12-20upstream: Document that security key-hosted keys can act as hostnaddy@openbsd.org
2019-12-20upstream: "Forward security" -> "Forward secrecy" since that's thedtucker@openbsd.org
2019-12-20upstream: cut obsolete lists of crypto algorithms from outline ofnaddy@openbsd.org
2019-12-20upstream: strdup may return NULL if memory allocation fails. Usetobhe@openbsd.org
2019-12-20upstream: sort sk-* methods behind their plain key methods cousinsdjm@openbsd.org
2019-12-18Mac OS X has PAM too.Darren Tucker
2019-12-18Show portable tarball pattern in example.Darren Tucker
2019-12-18OpenSSL is now optional.Darren Tucker
2019-12-16upstream: adapt to ssh-sk-client changedjm@openbsd.org
2019-12-16upstream: it's no longer possible to disable privilege separationdjm@openbsd.org
2019-12-16upstream: don't treat HostKeyAgent=none as a path either; avoidsdjm@openbsd.org
2019-12-16upstream: do not attempt to find an absolute path for sshd_configdjm@openbsd.org
2019-12-16upstream: allow ssh-keyscan to find security key hostkeysdjm@openbsd.org
2019-12-16upstream: allow security keys to act as host keys as well as userdjm@openbsd.org
2019-12-16Allow clock_nanosleep_time64 in seccomp sandbox.Darren Tucker
2019-12-15Put SK ECDSA bits inside ifdef OPENSSL_HAS_ECC.Darren Tucker
2019-12-14remove a bunch of ENABLE_SK #ifdefsDamien Miller
2019-12-14ssh-sk-client.c needs includes.hDamien Miller
2019-12-14only link ssh-sk-helper against libfido2Damien Miller
2019-12-14adapt Makefile to ssh-sk-client everywhereDamien Miller
2019-12-14fixupDamien Miller
2019-12-14upstream: actually commit the ssh-sk-helper client code; ok markusdjm@openbsd.org
2019-12-14upstream: perform security key enrollment via ssh-sk-helper too.djm@openbsd.org
2019-12-14upstream: allow sshbuf_put_stringb(buf, NULL); ok markus@djm@openbsd.org
2019-12-14upstream: use ssh-sk-helper for all security key signing operationsdjm@openbsd.org
2019-12-14upstream: add a note about the 'extensions' field in the signeddjm@openbsd.org
2019-12-11upstream: some more corrections for documentation problems spotteddjm@openbsd.org
2019-12-11upstream: loading security keys into ssh-agent used the extensiondjm@openbsd.org