Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
- Merge in spec changes from seba@iq.pl (Sebastian Pachuta)
- Add new {ssh,sshd}_config.5 manpages
- Add new ssh-keysign program and remove setuid from ssh client
|
|
|
|
useprivilegeseparation=yes and compression=yes
|
|
|
|
[monitor.c]
Don't initialise compression buffers when compression=no in sshd_config;
ok Niels@
|
|
|
|
|
|
[LICENCE]
missed Per Allansson (auth2-chall.c)
|
|
[sshd_config]
add Compression
|
|
[servconf.c servconf.h session.c sshd.c]
allow Compression=yes/no in sshd_config
|
|
[ssh_config sshd_config]
refer to config file man page
|
|
[scp.1 sftp.1]
ssh_config(5)
|
|
[scp.1 sftp.1]
ssh_config(5)
|
|
[ssh.1 sshd.8]
move configuration file options from ssh.1/sshd.8 to
ssh_config.5/sshd_config.5; ok deraadt@ millert@
|
|
[cipher.c monitor.c monitor_wrap.c packet.c packet.h]
make the monitor sync the transfer ssh1 session key;
transfer keycontext only for RC4 (this is still depends on EVP
implementation details and is broken).
|
|
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
xmalloc.h]
KNF done automatically while reading....
|
|
vinschen@redhat.com
|
|
[scp.c]
make usage like man page
|
|
[ssh-keyscan.c]
use TAILQ_xx macro. from lukem@netbsd. markus ok
|
|
[authfd.c authfd.h ssh-add.c ssh-agent.c]
remove the CONSTRAIN_IDENTITY messages and introduce a new
ADD_ID message with contraints instead. contraints can be
only added together with the private key.
|
|
[authfd.c authfd.h ssh-add.c ssh-agent.c]
fix stupid typo
|
|
[authfd.c authfd.h ssh-add.c ssh-agent.c]
break agent key lifetime protocol and allow other contraints for key
usage.
|
|
code. (Bugzilla Bug 261)
|
|
[monitor_wrap.c]
spelling; from Brian Poole <raj@cerias.purdue.edu>
|
|
|
|
|
|
platforms without the setgroups() requirement, you MUST define
SETGROUPS_NOOP in the configure.ac) Based on patch by vinschen@redhat.com
|
|
[ssh.c]
ssh_connect returns 0 on success
|
|
[ssh.c]
remove unused cruft.
|
|
vinschen@redhat.com
|
|
[canohost.c]
use "ntop" only after initialized
|
|
[auth-krb4.c monitor.h serverloop.c session.c ssh-agent.c sshd.c]
pid_t cleanup. Markus need this now to keep hacking.
markus@, millert@ ok
|
|
[ssh.c sshconnect.c sshconnect.h]
no longer use uidswap.[ch] from the ssh client
run less code with euid==0 if ssh is installed setuid root
just switch the euid, don't switch the complete set of groups
(this is only needed by sshd). ok provos@
|
|
[channels.c channels.h session.c]
move creation of agent socket to session.c; no need for uidswapping
in channel.c.
|
|
[ssh_config]
update defaults for RhostsRSAAuthentication and RhostsAuthentication
here too (all options commented out with default value).
|
|
[readconf.c ssh.1]
change RhostsRSAAuthentication and RhostsAuthentication default to no
since ssh is no longer setuid root by default; ok markus@
|
|
[ssh-add.1 ssh-add.c]
use convtime() to parse and validate key lifetime. can now
use '-t 2h' etc. ok markus@ provos@
|
|
[ssh-keysign.8]
merge in stuff from my man page; ok markus@
|
|
[auth-rsa.c ssh-rsa.c]
display minimum RSA modulus in error(); ok markus@
|
|
[sshconnect.c]
pass salen to sockaddr_ntop so that we are happy on linux/solaris
|
|
[ssh.1]
update for no setuid root and ssh-keysign; ok deraadt@
|
|
|
|
sftp-client.c, ssh-agenet.c, ssh-keygen.c and connect.h (we did unexpand
independant of them)
|
|
[sshconnect.c]
abort() - > fatal()
|
|
[sshconnect.c]
always use getnameinfo. (diag message only)
|
|
[readconf.c]
silently ignore deprecated options, since FallBackToRsh might be passed
by remote scp commands.
|
|
[scp.c]
remove FallBackToRsh
|