Age | Commit message (Collapse) | Author |
|
ssh-pkcs11.c; r1.45 added a forced login as a fallback for cases where the
token returns no objects and this is less disruptive for users of tokens
directly in ssh (rather than via ssh-agent) and in ssh-keygen
bz3006, patch from Jakub Jelen; ok markus
OpenBSD-Commit-ID: 33d6df589b072094384631ff93b1030103b3d02e
|
|
OpenBSD-Commit-ID: e1480e760a2b582f79696cdcff70098e23fc603f
|
|
i added a comma to the first part, for balance...
OpenBSD-Commit-ID: 2c3464e9e82a41e8cdfe8f0a16d94266e43dbb58
|
|
number 1024
OpenBSD-Commit-ID: e775f94ad47ce9ab37bd1410d7cf3b7ea98b11b7
|
|
OpenBSD-Commit-ID: c35ca5ec07be460e95e7406af12eee04a77b6698
|
|
Patch from vapier@gentoo.org.
|
|
|
|
as they confuse tools on some platforms. Re-enable the 3des-cbc test.
OpenBSD-Regress-ID: edf536d4f29fc1ba412889b37247a47f1b49d250
|
|
Since we've added larger fallback groups to dh.c this test will pass
even if there is no moduli file installed on the system.
|
|
|
|
|
|
that a signature came from a trusted signer. To discourage accidental or
unintentional use, this is invoked by the deliberately ugly option name
"check-novalidate"
from Sebastian Kinne
OpenBSD-Commit-ID: cea42c36ab7d6b70890e2d8635c1b5b943adcc0b
|
|
~/.ssh/id_* keys; bz#3062
OpenBSD-Commit-ID: 604be570e04646f0f4a17026f8b2aada6a585dfa
|
|
pr#120 from David Carlier. ok djm@.
OpenBSD-Commit-ID: c57adeb1022a8148fc86e5a88837b3b156dbdb7e
|
|
OpenBSD-Commit-ID: 57a71dd5f4cae8d61e0ac631a862589fb2bfd700
|
|
From Zachary Harmany via github.com/openssh/openssh-portable/pull/118
ok dtucker@
OpenBSD-Commit-ID: 7eebf1b7695f50c66d42053d352a4db9e8fb84b6
|
|
connection and to the protocol handshake/KEX. From Jean-Charles Longuet via
Github PR140
OpenBSD-Commit-ID: ce1766abc6da080f0d88c09c2c5585a32b2256bf
|
|
OpenBSD-Commit-ID: d87b7e3a94ec935e8194e7fce41815e22804c3ff
|
|
coverity report via Ed Maste; ok dtucker@
|
|
Legacy !_POSIX_SAVED_IDS path only; coverity report via Ed Maste
ok dtucker@
|
|
by starting the list with the '^' character, e.g.
HostKeyAlgorithms ^ssh-ed25519
Ciphers ^aes128-gcm@openssh.com,aes256-gcm@openssh.com
ok djm@ dtucker@
OpenBSD-Commit-ID: 1e1996fac0dc8a4b0d0ff58395135848287f6f97
|
|
through to the key generation code
OpenBSD-Commit-ID: b957436adc43c4941e61d61958a193a708bc83c9
|
|
OpenBSD-Commit-ID: 7c3b94110864771a6b80a0d8acaca34037c3c96e
|
|
|
|
|
|
libcrypto when WITH_OPENSSL isn't set
OpenBSD-Commit-ID: 569f08445c27124ec7c7f6c0268d844ec56ac061
|
|
OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
|
|
transitively include various system headers (mostly stdlib.h); include them
explicitly
OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
|
|
refactoring but not since
OpenBSD-Commit-ID: bb28ebda8f7c490b87b37954044a6cdd43a7eb2c
|
|
otherwise use ed25519 which is supported when built without OpenSSL.
OpenBSD-Regress-ID: 3d23ddfe83c5062f00ac845d463f19a2ec78c0f7
|
|
On some platforms (at least OpenBSD) make won't search VPATH for target
files, so building out-of-tree will fail at configure-check. Provide
explicit path. ok djm@
|
|
OpenBSD-Commit-ID: dfc263b6041de7f0ed921a1de0b81ddebfab1e0a
|
|
turns out autoreconf and configure don't touch some files if their content
doesn't change, so the mtime can't be relied upon in a makefile rule
|
|
make it cover config.h.in and config.h separately
|
|
Ensure they are newer than the configure.ac / aclocal.m4 source
|
|
refetch them. Based on patch from Jakub Jelen; bz#2430 ok markus@
OpenBSD-Commit-ID: ab53bd6ddd54dd09e54a8bfbed1a984496f08b43
|
|
percolate all the way up to dispatch_run_fatal() and lose all meaninful
context
to help with bz#3063; ok dtucker@
OpenBSD-Commit-ID: 5b2da83bb1c4a3471444b7910b2120ae36438a0a
|
|
OpenBSD-Commit-ID: 00f5c6062f6863769f5447c6346f78c05d2e4a63
|
|
OpenBSD-Commit-ID: e891dd6c7996114cb32f0924cb7898ab55efde6e
|
|
|
|
|
|
OpenBSD-Commit-ID: 34d44cb0fb5bdb5fcbc6b02b804e71b20a7a5fc7
|
|
fuzzing
rename to make more consistent with philosophically-similar auth
options parsing API.
OpenBSD-Commit-ID: 0c67600ef04187f98e2912ca57b60c22a8025b7c
|
|
Options such as Ciphers take values that may be a list of ciphers; the
complete list, not indiviual elements, may be prefixed with a dash or plus
character to remove from or append to the default list, respectively.
Users might read the current text as if each elment took an optional prefix,
so tweak the wording from "values" to "list" to prevent such ambiguity for
all options supporting these semantics.
Fix instances missed in first commit. ok jmc@ kn@
OpenBSD-Commit-ID: 7112522430a54fb9f15a7a26d26190ed84d5e417
|
|
OpenBSD-Commit-ID: 0abd728aef6b5b35f6db43176aa83b7e3bf3ce27
|
|
OpenBSD-Commit-ID: d125ab720ca71ccf9baf83e08ddc8c12a328597e
|
|
|
|
|
|
|
|
OpenBSD-Regress-ID: 74c0974f2cdae8d9599b9d76a09680bae55d8a8b
|