summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-07-22Determine appropriate salt for invalid users.Darren Tucker
When sshd is processing a non-PAM login for a non-existent user it uses the string from the fakepw structure as the salt for crypt(3)ing the password supplied by the client. That string has a Blowfish prefix, so on systems that don't understand that crypt will fail fast due to an invalid salt, and even on those that do it may have significantly different timing from the hash methods used for real accounts (eg sha512). This allows user enumeration by, eg, sending large password strings. This was noted by EddieEzra.Harari at verint.com (CVE-2016-6210). To mitigate, use the same hash algorithm that root uses for hashing passwords for users that do not exist on the system. ok djm@ Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=9286875a73b2de7736b5e50692739d314cd8d9dc Bug-Debian: https://bugs.debian.org/831902 Last-Update: 2016-07-22 Patch-Name: CVE-2016-6210-1.patch
2016-04-28upstream commitdjm@openbsd.org
unbreak authentication using lone certificate keys in ssh-agent: when attempting pubkey auth with a certificate, if no separate private key is found among the keys then try with the certificate key itself. bz#2550 reported by Peter Moody Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966 Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=c38905ba391434834da86abfc988a2b8b9b62477 Bug-Ubuntu: https://bugs.launchpad.net/bugs/1575961 Last-Update: 2016-04-28 Patch-Name: unbreak-certificate-auth.patch
2016-04-13ignore PAM environment vars when UseLogin=yesDamien Miller
If PAM is configured to read user-specified environment variables and UseLogin=yes in sshd_config, then a hostile local user may attack /bin/login via LD_PRELOAD or similar environment variables set via PAM. CVE-2015-8325, found by Shayan Sadigh, via Colin Watson Origin: upstream, https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755 Last-Update: 2016-04-13 Patch-Name: CVE-2015-8325.patch
2016-03-21Various Debian-specific configuration changesColin Watson
ssh: Enable ForwardX11Trusted, returning to earlier semantics which cause fewer problems with existing setups (http://bugs.debian.org/237021). ssh: Set 'SendEnv LANG LC_*' by default (http://bugs.debian.org/264024). ssh: Enable HashKnownHosts by default to try to limit the spread of ssh worms. ssh: Enable GSSAPIAuthentication and disable GSSAPIDelegateCredentials by default. Document all of this, along with several sshd defaults set in debian/openssh-server.postinst. Author: Russ Allbery <rra@debian.org> Forwarded: not-needed Last-Update: 2015-12-07 Patch-Name: debian-config.patch
2016-03-21Add systemd readiness notification supportMichael Biebl
Bug-Debian: https://bugs.debian.org/778913 Forwarded: no Last-Update: 2016-01-04 Patch-Name: systemd-readiness.patch
2016-03-21Support synchronisation with service supervisor using SIGSTOPColin Watson
Author: Robie Basak <robie.basak@ubuntu.com> Forwarded: no Last-Update: 2014-04-14 Patch-Name: sigstop.patch
2016-03-21Give the ssh-askpass-gnome window a default iconVincent Untz
Bug-Ubuntu: https://bugs.launchpad.net/bugs/27152 Last-Update: 2010-02-28 Patch-Name: gnome-ssh-askpass2-icon.patch
2016-03-21Don't check the status field of the OpenSSL versionKurt Roeckx
There is no reason to check the version of OpenSSL (in Debian). If it's not compatible the soname will change. OpenSSH seems to want to do a check for the soname based on the version number, but wants to keep the status of the release the same. Remove that check on the status since it doesn't tell you anything about how compatible that version is. Author: Colin Watson <cjwatson@debian.org> Bug-Debian: https://bugs.debian.org/93581 Bug-Debian: https://bugs.debian.org/664383 Bug-Debian: https://bugs.debian.org/732940 Forwarded: not-needed Last-Update: 2014-10-07 Patch-Name: no-openssl-version-status.patch
2016-03-21Document consequences of ssh-agent being setgid in ssh-agent(1)Colin Watson
Bug-Debian: http://bugs.debian.org/711623 Forwarded: no Last-Update: 2013-06-08 Patch-Name: ssh-agent-setgid.patch
2016-03-21Refer to ssh's Upstart job as well as its init scriptColin Watson
Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: doc-upstart.patch
2016-03-21Document that HashKnownHosts may break tab-completionColin Watson
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1727 Bug-Debian: http://bugs.debian.org/430154 Last-Update: 2013-09-14 Patch-Name: doc-hash-tab-completion.patch
2016-03-21ssh(1): Refer to ssh-argv0(1)Colin Watson
Old versions of OpenSSH (up to 2.5 or thereabouts) allowed creating symlinks to ssh with the name of the host you want to connect to. Debian ships an ssh-argv0 script restoring this feature; this patch refers to its manual page from ssh(1). Bug-Debian: http://bugs.debian.org/111341 Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: ssh-argv0.patch
2016-03-21Adjust various OpenBSD-specific references in manual pagesColin Watson
No single bug reference for this patch, but history includes: http://bugs.debian.org/154434 (login.conf(5)) http://bugs.debian.org/513417 (/etc/rc) http://bugs.debian.org/530692 (ssl(8)) https://bugs.launchpad.net/bugs/456660 (ssl(8)) Forwarded: not-needed Last-Update: 2014-10-07 Patch-Name: openbsd-docs.patch
2016-03-21Install authorized_keys(5) as a symlink to sshd(8)Tomas Pospisek
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1720 Bug-Debian: http://bugs.debian.org/441817 Last-Update: 2013-09-14 Patch-Name: authorized-keys-man-symlink.patch
2016-03-21Add DebianBanner server configuration optionKees Cook
Setting this to "no" causes sshd to omit the Debian revision from its initial protocol handshake, for those scared by package-versioning.patch. Bug-Debian: http://bugs.debian.org/562048 Forwarded: not-needed Last-Update: 2015-11-29 Patch-Name: debian-banner.patch
2016-03-21Include the Debian version in our identificationMatthew Vernon
This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch
2016-03-21Mention ssh-keygen in ssh fingerprint changed warningScott Moser
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843 Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607 Last-Update: 2015-09-08 Patch-Name: mention-ssh-keygen-on-keychange.patch
2016-03-21Quieten logs when multiple from= restrictions are usedColin Watson
Bug-Debian: http://bugs.debian.org/630606 Forwarded: no Last-Update: 2013-09-14 Patch-Name: auth-log-verbosity.patch
2016-03-21Force use of DNSSEC even if "options edns0" isn't in resolv.confColin Watson
This allows SSHFP DNS records to be verified if glibc 2.11 is installed. Origin: vendor, https://cvs.fedoraproject.org/viewvc/F-12/openssh/openssh-5.2p1-edns.patch?revision=1.1&view=markup Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Last-Update: 2010-04-06 Patch-Name: dnssec-sshfp.patch
2016-03-21Look for $SHELL on the path for ProxyCommand/LocalCommandColin Watson
There's some debate on the upstream bug about whether POSIX requires this. I (Colin Watson) agree with Vincent and think it does. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494 Bug-Debian: http://bugs.debian.org/492728 Last-Update: 2013-09-14 Patch-Name: shell-path.patch
2016-03-21Adjust scp quoting in verbose modeNicolas Valcárcel
Tweak scp's reporting of filenames in verbose mode to be a bit less confusing with spaces. This should be revised to mimic real shell quoting. Bug-Ubuntu: https://bugs.launchpad.net/bugs/89945 Last-Update: 2010-02-27 Patch-Name: scp-quoting.patch
2016-03-21Allow harmless group-writabilityColin Watson
Allow secure files (~/.ssh/config, ~/.ssh/authorized_keys, etc.) to be group-writable, provided that the group in question contains only the file's owner. Rejected upstream for IMO incorrect reasons (e.g. a misunderstanding about the contents of gr->gr_mem). Given that per-user groups and umask 002 are the default setup in Debian (for good reasons - this makes operating in setgid directories with other groups much easier), we need to permit this by default. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 Last-Update: 2013-09-14 Patch-Name: user-group-modes.patch
2016-03-21Mention ~& when waiting for forwarded connections to terminateMatthew Vernon
Bug-Debian: http://bugs.debian.org/50308 Last-Update: 2010-02-27 Patch-Name: helpful-wait-terminate.patch
2016-03-21Reduce severity of "Killed by signal %d"Peter Samuelson
This produces irritating messages when using ProxyCommand or other programs that use ssh under the covers (e.g. Subversion). These messages are more normally printed by the calling program, such as the shell. According to the upstream bug, the right way to avoid this is to use the -q option, so we may drop this patch after further investigation into whether any software in Debian is still relying on it. Author: Colin Watson <cjwatson@debian.org> Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1118 Bug-Debian: http://bugs.debian.org/313371 Last-Update: 2013-09-14 Patch-Name: quieter-signals.patch
2016-03-21"LogLevel SILENT" compatibilityJonathan David Amery
"LogLevel SILENT" (-qq) was introduced in Debian openssh 1:3.0.1p1-1 to match the behaviour of non-free SSH, in which -q does not suppress fatal errors. However, this was unintentionally broken in 1:4.6p1-2 and nobody complained, so we've dropped most of it. The parts that remain are basic configuration file compatibility, and an adjustment to "Pseudo-terminal will not be allocated ..." which should be split out into a separate patch. Author: Matthew Vernon <matthew@debian.org> Author: Colin Watson <cjwatson@debian.org> Last-Update: 2013-09-14 Patch-Name: syslog-level-silent.patch
2016-03-21Various keepalive extensionsRichard Kettlewell
Add compatibility aliases for ProtocolKeepAlives and SetupTimeOut, supported in previous versions of Debian's OpenSSH package but since superseded by ServerAliveInterval. (We're probably stuck with this bit for compatibility.) In batch mode, default ServerAliveInterval to five minutes. Adjust documentation to match and to give some more advice on use of keepalives. Author: Ian Jackson <ian@chiark.greenend.org.uk> Author: Matthew Vernon <matthew@debian.org> Author: Colin Watson <cjwatson@debian.org> Last-Update: 2015-11-29 Patch-Name: keepalive-extensions.patch
2016-03-21Accept obsolete ssh-vulnkey configuration optionsColin Watson
These options were used as part of Debian's response to CVE-2008-0166. Nearly six years later, we no longer need to continue carrying the bulk of that patch, but we do need to avoid failing when the associated configuration options are still present. Last-Update: 2014-02-09 Patch-Name: ssh-vulnkey-compat.patch
2016-03-21Handle SELinux authorisation rolesManoj Srivastava
Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2015-08-19 Patch-Name: selinux-role.patch
2016-03-21Restore TCP wrappers supportColin Watson
Support for TCP wrappers was dropped in OpenSSH 6.7. See this message and thread: https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032497.html It is true that this reduces preauth attack surface in sshd. On the other hand, this support seems to be quite widely used, and abruptly dropping it (from the perspective of users who don't read openssh-unix-dev) could easily cause more serious problems in practice. It's not entirely clear what the right long-term answer for Debian is, but it at least probably doesn't involve dropping this feature shortly before a freeze. Forwarded: not-needed Last-Update: 2014-10-07 Patch-Name: restore-tcp-wrappers.patch
2016-03-21GSSAPI key exchange supportSimon Wilkinson
This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2016-03-21 Patch-Name: gssapi.patch
2016-03-10Import openssh_7.2p2.orig.tar.gzColin Watson
2016-03-10update versions for releaseDamien Miller
2016-03-10sanitise characters destined for xauth(1)Damien Miller
reported by github.com/tintinweb
2016-02-29Import openssh_7.2p1.orig.tar.gzColin Watson
2016-02-26Add a note about using xlc on AIX.Darren Tucker
2016-02-24Skip PrintLastLog in config dump mode.Darren Tucker
When DISABLE_LASTLOG is set, do not try to include PrintLastLog in the config dump since it'll be reported as UNKNOWN.
2016-02-23update spec/README versions ahead of releaseDamien Miller
2016-02-23put back portable patchlevel to p1Damien Miller
2016-02-23upstream commitdjm@openbsd.org
openssh-7.2 Upstream-ID: 9db776b26014147fc907ece8460ef2bcb0f11e78
2016-02-23Disable tests where fs perms are incorrectDamien Miller
Some tests have strict requirements on the filesystem permissions for certain files and directories. This adds a regress/check-perm tool that copies the relevant logic from sshd to exactly test the paths in question. This lets us skip tests when the local filesystem doesn't conform to our expectations rather than continuing and failing the test run. ok dtucker@
2016-02-23fix sandbox on OSX LionDamien Miller
sshd was failing with: ssh_sandbox_child: sandbox_init: dlopen(/usr/lib/libsandbox.1.dylib, 261):cw image not found [preauth] caused by chroot before sandboxing. Avoid by explicitly linking libsandbox to sshd. Spotted by Darren.
2016-02-23upstream commitdjm@openbsd.org
fix spurious error message when incorrect passphrase entered for keys; reported by espie@ ok deraadt@ Upstream-ID: 58b2e46e63ed6912ed1ee780bd3bd8560f9a5899
2016-02-23upstream commitsobrado@openbsd.org
set ssh(1) protocol version to 2 only. ok djm@ Upstream-ID: e168daf9d27d7e392e3c9923826bd8e87b2b3a10
2016-02-23upstream commitsobrado@openbsd.org
add missing ~/.ssh/id_ecdsa and ~/.ssh/id_ed25519 to IdentityFile. ok djm@ Upstream-ID: 6ce99466312e4ae7708017c3665e3edb976f70cf
2016-02-23upstream commitsobrado@openbsd.org
AddressFamily defaults to any. ok djm@ Upstream-ID: 0d94aa06a4b889bf57a7f631c45ba36d24c13e0c
2016-02-19Make Solaris privs code build on older systems.Darren Tucker
Not all systems with Solaris privs have priv_basicset so factor that out and provide backward compatibility code. Similarly, not all have PRIV_NET_ACCESS so wrap that in #ifdef. Based on code from alex at cooperi.net and djm@ with help from carson at taltos.org and wieland at purdue.edu.
2016-02-18upstream commitdjm@openbsd.org
rekey refactor broke SSH1; spotted by Tom G. Christensen Upstream-ID: 43f0d57928cc077c949af0bfa71ef574dcb58243
2016-02-18upstream commitdjm@openbsd.org
rsa-sha2-512,rsa-sha2-256 cannot be selected explicitly in *KeyTypes options yet. Remove them from the lists of algorithms for now. committing on behalf of markus@ ok djm@ Upstream-ID: c6e8820eb8e610ac21551832c0c89684a9a51bb7
2016-02-18upstream commitjmc@openbsd.org
since these pages now clearly tell folks to avoid v1, normalise the docs from a v2 perspective (i.e. stop pointing out which bits are v2 only); ok/tweaks djm ok markus Upstream-ID: eb474f8c36fb6a532dc05c282f7965e38dcfa129
2016-02-17upstream commitdjm@openbsd.org
make sandboxed privilege separation the default, not just for new installs; "absolutely" deraadt@ Upstream-ID: 5221ef3b927d2df044e9aa3f5db74ae91743f69b