summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-12-30upstream: Replace the term "security key" with "(FIDO)naddy@openbsd.org
authenticator". The polysemous use of "key" was too confusing. Input from markus@. ok jmc@ OpenBSD-Commit-ID: 12eea973a44c8232af89f86e4269d71ae900ca8f
2019-12-21upstream: unit tests for ForwardAgent=/path; from Eric Chiangdjm@openbsd.org
OpenBSD-Regress-ID: 24f693f78290b2c17725dab2c614dffe4a88c8da
2019-12-21upstream: test security key host keys in addition to user keysdjm@openbsd.org
OpenBSD-Regress-ID: 9fb45326106669a27e4bf150575c321806e275b1
2019-12-21upstream: Allow forwarding a different agent socket to the pathdjm@openbsd.org
specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to accepting an explicit path or the name of an environment variable in addition to yes/no. Patch by Eric Chiang, manpage by me; ok markus@ OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265
2019-12-21upstream: SSH U2F keys can now be used as host keys. Fix a gardennaddy@openbsd.org
path sentence. ok markus@ OpenBSD-Commit-ID: 67d7971ca1a020acd6c151426c54bd29d784bd6b
2019-12-20upstream: Move always unsupported keywords to be grouped with the otherdtucker@openbsd.org
ones. Move oSecurityProvider to match the order in the OpCodes enum. Patch from openbsd@academicsolutions.ch, ok djm@ OpenBSD-Commit-ID: 061e4505861ec1e02ba3a63e3d1b3be3cad458ec
2019-12-20upstream: Remove obsolete opcodes from the configuation enum.dtucker@openbsd.org
Patch from openbsd@academicsolutions.ch, ok djm@ OpenBSD-Commit-ID: 395c202228872ce8d9044cc08552ac969f51e01b
2019-12-20upstream: Remove now-obsolete config options from example indtucker@openbsd.org
comment. Patch from openbsd@academicsolutions.ch, ok djm@ OpenBSD-Commit-ID: 35862beb0927b1cb0af476ec23cc07f6e3006101
2019-12-20upstream: Document that security key-hosted keys can act as hostnaddy@openbsd.org
keys. Update the list of default host key algorithms in ssh_config.5 and sshd_config.5. Copy the description of the SecurityKeyProvider option to sshd_config.5. ok jmc@ OpenBSD-Commit-ID: edadf3566ab5e94582df4377fee3b8b702c7eca0
2019-12-20upstream: "Forward security" -> "Forward secrecy" since that's thedtucker@openbsd.org
correct term. Add "MAC" since we use that acronym in other man pages. ok naddy@ OpenBSD-Commit-ID: c35529e511788586725fb63bda3459e10738c5f5
2019-12-20upstream: cut obsolete lists of crypto algorithms from outline ofnaddy@openbsd.org
how SSH works ok markus@ jmc@ OpenBSD-Commit-ID: 8e34973f232ab48c4d4f5d07df48d501708b9160
2019-12-20upstream: strdup may return NULL if memory allocation fails. Usetobhe@openbsd.org
the safer xstrdup which fatals on allocation failures. ok markus@ OpenBSD-Commit-ID: 8b608d387120630753cbcb8110e0b019c0c9a0d0
2019-12-20upstream: sort sk-* methods behind their plain key methods cousinsdjm@openbsd.org
for now OpenBSD-Commit-ID: c97e22c2b28c0d12ee389b8b4ef5f2ada7908828
2019-12-18Mac OS X has PAM too.Darren Tucker
2019-12-18Show portable tarball pattern in example.Darren Tucker
2019-12-18OpenSSL is now optional.Darren Tucker
2019-12-16upstream: adapt to ssh-sk-client changedjm@openbsd.org
OpenBSD-Regress-ID: 40481999a5928d635ab2e5b029e8239c112005ea
2019-12-16upstream: it's no longer possible to disable privilege separationdjm@openbsd.org
in sshd, so don't double the tests' work by trying both off/on OpenBSD-Regress-ID: d366665466dbd09e9b707305da884be3e7619c68
2019-12-16upstream: don't treat HostKeyAgent=none as a path either; avoidsdjm@openbsd.org
spurious warnings from the cfgparse regress test OpenBSD-Commit-ID: ba49ea7a5c92b8a16cb9c2e975dbb163853afc54
2019-12-16upstream: do not attempt to find an absolute path for sshd_configdjm@openbsd.org
SecurityKeyProvider=internal - unbreaks cfgparse regress test OpenBSD-Commit-ID: d2ddcf525c0dc3c8339522360c10b3c70f1fd641
2019-12-16upstream: allow ssh-keyscan to find security key hostkeysdjm@openbsd.org
OpenBSD-Commit-ID: 1fe822a7f714df19a7e7184e3a3bbfbf546811d3
2019-12-16upstream: allow security keys to act as host keys as well as userdjm@openbsd.org
keys. Previously we didn't do this because we didn't want to expose the attack surface presented by USB and FIDO protocol handling, but now that this is insulated behind ssh-sk-helper there is less risk. ok markus@ OpenBSD-Commit-ID: 77b068dd133b8d87e0f010987bd5131e640ee64c
2019-12-16Allow clock_nanosleep_time64 in seccomp sandbox.Darren Tucker
Needed on Linux ARM. bz#3100, patch from jjelen@redhat.com.
2019-12-15Put SK ECDSA bits inside ifdef OPENSSL_HAS_ECC.Darren Tucker
Fixes build when linking against OpenSSLs built with no-ec.
2019-12-14remove a bunch of ENABLE_SK #ifdefsDamien Miller
The ssh-sk-helper client API gives us a nice place to disable security key support when it is wasn't enabled at compile time, so we don't need to check everywere. Also, verification of security key signatures can remain enabled all the time - it has no additional dependencies. So sshd can accept security key pubkeys in authorized_keys, etc regardless of the host's support for dlopen, etc.
2019-12-14ssh-sk-client.c needs includes.hDamien Miller
2019-12-14only link ssh-sk-helper against libfido2Damien Miller
2019-12-14adapt Makefile to ssh-sk-client everywhereDamien Miller
2019-12-14fixupDamien Miller
2019-12-14upstream: actually commit the ssh-sk-helper client code; ok markusdjm@openbsd.org
OpenBSD-Commit-ID: fd2ea776a5bbbf4d452989d3c3054cf25a5e0589
2019-12-14upstream: perform security key enrollment via ssh-sk-helper too.djm@openbsd.org
This means that ssh-keygen no longer needs to link against ssh-sk-helper, and only ssh-sk-helper needs libfido2 and /dev/uhid* access; feedback & ok markus@ OpenBSD-Commit-ID: 9464233fab95708d2ff059f8bee29c0d1f270800
2019-12-14upstream: allow sshbuf_put_stringb(buf, NULL); ok markus@djm@openbsd.org
OpenBSD-Commit-ID: 91482c1ada9adb283165d48dafbb88ae91c657bd
2019-12-14upstream: use ssh-sk-helper for all security key signing operationsdjm@openbsd.org
This extracts and refactors the client interface for ssh-sk-helper from ssh-agent and generalises it for use by the other programs. This means that most OpenSSH tools no longer need to link against libfido2 or directly interact with /dev/uhid* requested by, feedback and ok markus@ OpenBSD-Commit-ID: 1abcd3aea9a7460eccfbf8ca154cdfa62f1dc93f
2019-12-14upstream: add a note about the 'extensions' field in the signeddjm@openbsd.org
object OpenBSD-Commit-ID: 67c01e0565b258e0818c1ccfe1f1aeaf9a0d4c7b
2019-12-11upstream: some more corrections for documentation problems spotteddjm@openbsd.org
by Ron Frederick document certifiate private key format correct flags type for sk-ssh-ed25519@openssh.com keys OpenBSD-Commit-ID: fc4e9a1ed7f9f7f9dd83e2e2c59327912e933e74
2019-12-11upstream: loading security keys into ssh-agent used the extensiondjm@openbsd.org
constraint "sk-provider@openssh.com", not "sk@openssh.com"; spotted by Ron Frederick OpenBSD-Commit-ID: dbfba09edbe023abadd5f59c1492df9073b0e51d
2019-12-11upstream: add security key types to list of keys allowed to act asdjm@openbsd.org
CAs; spotted by Ron Frederick OpenBSD-Commit-ID: 9bb0dfff927b4f7aa70679f983f84c69d45656c3
2019-12-11upstream: when acting as a CA and using a security key as the CAdjm@openbsd.org
key, remind the user to touch they key to authorise the signature. OpenBSD-Commit-ID: fe58733edd367362f9766b526a8b56827cc439c1
2019-12-11upstream: chop some unnecessary and confusing verbiage from thedjm@openbsd.org
security key protocol description; feedback from Ron Frederick OpenBSD-Commit-ID: 048c9483027fbf9c995e5a51b3ac502989085a42
2019-12-11upstream: fix setting of $SSH_ASKPASS_PROMPT - it shouldn't be setdjm@openbsd.org
when asking passphrases, only when confirming the use of a key (i.e. for ssh-agent keys added with "ssh-add -c keyfile") OpenBSD-Commit-ID: 6643c82960d9427d5972eb702c917b3b838ecf89
2019-12-11upstream: bring the __func__djm@openbsd.org
OpenBSD-Commit-ID: 71a3a45b0fe1b8f680ff95cf264aa81f7abbff67
2019-12-11upstream: tweak the Nd lines for a bit of consistency; ok markusjmc@openbsd.org
OpenBSD-Commit-ID: 876651bdde06bc1e72dd4bd7ad599f42a6ce5a16
2019-12-11Check if memmem is declared in system headers.Darren Tucker
If the system (or one of the dependencies) implements memmem but does not define the header, we would not declare it either resulting in compiler warnings. Check for declaration explicitly. bz#3102.
2019-12-11Sort depends.Darren Tucker
2019-12-11Sort .depend when rebuilding.Darren Tucker
This makes diffs more stable between makedepend implementations.
2019-12-11Update depend to include sk files.Darren Tucker
2019-12-09Describe how to build libcrypto as PIC.Darren Tucker
While there, move the OpenSSL 1.1.0g caveat closer to the other version information.
2019-12-09Recommend running LibreSSL or OpenSSL self-tests.Darren Tucker
2019-12-06Wrap ECC specific bits in ifdef.Darren Tucker
Fixes tests when built against an OpenSSL configured with no-ec.
2019-11-29Wrap sha2.h include in ifdef.Darren Tucker
Fixes build --without-openssl on at least Fedora.