Age | Commit message (Collapse) | Author |
|
[regress/agent-getpeereid.sh]
all other scripts in this dir use $SUDO, not 'sudo', so pull this even
ok markus@
|
|
[regress/scp.sh]
allow SUDO=sudo; from Alexander Bluhm
|
|
[regress/try-ciphers.sh]
oops, new arcfour modes here too
|
|
[regress/test-exec.sh]
force addressfamily=inet for tests, unbreaking dynamic-forward regress for
recently committed nc SOCKS5 changes
|
|
- dtucker@cvs.openbsd.org 2005/03/10 10:20:39
[regress/forwarding.sh]
Regress test for ClearAllForwardings (bz #994); ok markus@
|
|
[regress/multiplex.sh]
Don't call cleanup in multiplex as test-exec will cleanup anyway
found by tim@, ok djm@
NB. ID sync only, we already had this
|
|
[regress/forwarding.sh]
Regress test for ClearAllForwardings (bz #994); ok markus@
|
|
[misc.c misc.h scp.c sftp.c]
fix local arbitrary command execution vulnerability on local/local and
remote/remote copies (CVE-2006-0225, bz #1094), patch by
t8m AT centrum.cz, polished by dtucker@ and myself; ok markus@
|
|
[ssh.1]
remove an incorrect sentence;
reported by roumen petrov;
ok djm markus
|
|
[channels.c]
mark channel as write failed or dead instead of read failed on error
of the channel output filter.
ok markus@
|
|
[ssh.1]
add a section on verifying host keys in dns;
written with a lot of help from jakob;
feedback dtucker/markus;
ok markus
|
|
[sshd.8]
move subsections to full sections;
|
|
[sshd.8]
move the options description up the page, and a few additional tweaks
whilst in here;
ok markus
|
|
[ssh_config.5]
- word change, agreed w/ markus
- consistency fixes
|
|
opensshd.init script interpretter if /sbin/sh does not exist. ok tim@
|
|
|
|
[scp.1 ssh.1 ssh_config.5 sftp.1]
Document RekeyLimit. Based on patch from jan.iven at cern.ch from mindrot
#1056 with feedback from jmc, djm and markus; ok jmc@ djm@
|
|
[ssh.1]
add a section on ssh-based vpn, based on reyk's README.tun;
|
|
[ssh.1]
correction from deraadt
|
|
[ssh.1]
back out a sentence - AUTHENTICATION already documents this;
|
|
[ssh_config.5]
refer to TCP forwarding, rather than TCP/IP forwarding;
|
|
[sshd.8]
refer to TCP forwarding, rather than TCP/IP forwarding;
|
|
[ssh.1]
refer to `TCP' rather than `TCP/IP' in the context of connection
forwarding;
ok markus
|
|
[ssh.1]
split sections on tcp and x11 forwarding into two sections.
add an example in the tcp section, based on sth i wrote for ssh faq;
help + ok: djm markus dtucker
|
|
[ssh.1]
final round of whacking FILES for duplicate info, and some consistency
fixes;
ok djm
|
|
- jmc@cvs.openbsd.org 2006/01/06 13:27:32
[ssh.1]
weed out some duplicate info in the known_hosts FILES entries;
ok djm
|
|
tcpip service so it's always started after IP is up. Patch from
vinschen at redhat.com.
|
|
[misc.c]
check that stdio file descriptors are actually closed before clobbering
them in sanitise_stdfd(). problems occurred when a lower numbered fd was
closed, but higher ones weren't. spotted by, and patch tested by
Frédéric Olivié
|
|
[ssh.1]
-.Xr gzip 1 ,
|
|
[ssh.1]
+.Xr ssh-keyscan 1 ,
|
|
[ssh.1]
remove .Xr's to rsh(1) and telnet(1): they are hardly needed;
|
|
[ssh.1]
chop out some duplication in the .{r,s}hosts/{h,sh}osts.equiv FILES
entries;
ok markus
|
|
[ssh.1]
tweak the description of ~/.ssh/environment
|
|
[ssh.1]
put FILES in some sort of order: sort by pathname
|
|
[ssh.1]
use a larger width for the ENVIRONMENT list;
|
|
[ssh.1]
move FILES to a -compact list, and make each files an item in that list.
this avoids nastly line wrap when we have long pathnames, and treats
each file as a separate item;
remove the .Pa too, since it is useless.
|
|
|
|
- jmc@cvs.openbsd.org 2006/01/02 17:09:49
[ssh_config.5 sshd_config.5]
some corrections from michael knudsen;
|
|
[ssh.1]
start to cut some duplicate info from FILES;
help/ok djm
|
|
[misc.c]
clarify tun(4) opening - set the mode and bring the interface up. also
(re)sets the tun(4) layer 2 LINK0 flag for existing tunnel interfaces.
suggested and ok by djm@
|
|
[sftp-client.c sftp-common.h sftp-server.c]
use a common max. packet length, no binary change
|
|
[misc.c]
no trailing "\n" for debug()
|
|
[includes.h misc.c]
move <net/if.h>; ok djm@
|
|
[ssh.1]
.Nm does not require an argument;
|
|
[ssh.1]
clean up ENVIRONMENT a little;
|
|
- jmc@cvs.openbsd.org 2005/12/31 10:46:17
[ssh.1]
merge the "LOGIN SESSION AND REMOTE EXECUTION" and "SERVER
AUTHENTICATION" sections into "AUTHENTICATION";
some rewording done to make the text read better, plus some
improvements from djm;
ok djm
|
|
|
|
|
|
|
|
[openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Add support
for tunnel forwarding for FreeBSD and NetBSD. NetBSD's support is
limited to IPv4 tunnels only, and most versions don't support the
tap(4) device at all.
|