Age | Commit message (Collapse) | Author |
|
[key.c]
better safe than sorry in later mods; yongari@kt-is.co.kr
|
|
|
|
and temporary commneted out catman-do: since it's broken. Patches
for the first two by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
|
|
logins and logins where access was denied by SIA. Patch from Chris Adams
<cmadams@hiwaay.net>
|
|
|
|
[session.c]
Split motd and hushlogin checks into seperate functions, helps for
portable. From Chris Adams <cmadams@hiwaay.net>; ok markus@
|
|
[xmalloc.c]
xrealloc dealing with ptr == nULL; mouring
|
|
- mouring@cvs.openbsd.org 2001/04/16 02:31:44
[scp.c sftp.c]
IPv6 support for sftp (which I bungled in my last patch) which is
borrowed from scp.c. Thanks to Markus@ for pointing it out.
|
|
[readconf.c servconf.c]
use fatal() or error() vs. fprintf(); ok markus@
|
|
|
|
[sshd.8]
some ClientAlive cleanup; ok markus@
|
|
[clientloop.c]
set stdin/out/err to nonblocking in SSH proto 1, too. suggested by ho@
should fix some of the blocking problems for rsync over SSH-1
|
|
[authfile.c ssh-keygen.c sshd.c]
don't use errno for key_{load,save}_private; discussion w/ solar@openwall
|
|
Roth <roth+openssh@feep.net>
|
|
[dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c]
some unused variable and typos; from tomh@po.crl.go.jp
|
|
- stevesk@cvs.openbsd.org 2001/04/15 01:35:22
[ttymodes.c]
fix comments
|
|
|
|
[scp.c]
'T' handling rcp/scp sync; ok markus@
|
|
[clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h]
protocol 2 tty modes support; ok markus@
|
|
[ssh-add.c]
use clear_pass instead of xfree()
|
|
[channels.c]
remove some channels that are not appropriate for keepalive.
|
|
[ssh-add.c]
do not double free
|
|
[channels.c channels.h servconf.c servconf.h serverloop.c sshd.8]
Add options ClientAliveInterval and ClientAliveCountMax to sshd.
This gives the ability to do a "keepalive" via the encrypted channel
which can't be spoofed (unlike TCP keepalives). Useful for when you want
to use ssh connections to authenticate people for something, and know
relatively quickly when they are no longer authenticated. Disabled
by default (of course). ok markus@
|
|
<vinschen@redhat.com>
|
|
|
|
[ssh.c]
missing \n in error message
|
|
[sftp-int.c sftp-int.h sftp.1 sftp.c]
Add support for:
sftp [user@]host[:file [file]] - Fetch remote file(s)
sftp [user@]host[:dir[/]] - Start in remote dir/
OK deraadt@
|
|
[misc.c misc.h readconf.c servconf.c ssh.c sshd.c]
robust port validation; ok markus@ jakob@
|
|
[readconf.c]
typo
|
|
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
sshconnect2.c sshd_config]
implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
similar to RhostRSAAuthentication unless you enable (the experimental)
HostbasedUsesNameFromPacketOnly option. please test. :)
|
|
lack it.
|
|
[ssh.c]
show debug output during option processing, report from
pekkas@netcore.fi
|
|
[sshd.8 sshd.c]
implement the -e option into sshd:
-e When this option is specified, sshd will send the output to the
standard error instead of the system log.
markus@ OK.
|
|
[channels.c ssh.c]
https-connect and socks5 support. i feel so bad.
|
|
[ssh.c]
use strtol() for ports, thanks jakob@
|
|
[sftp-int.c]
'mget' and 'mput' aliases; ok markus@
|
|
[channels.c]
debug cleanup
|
|
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
document id_rsa{.pub,}. markus ok
|
|
[channels.c]
cleanup socks4 handling
|
|
[sshd.8]
ListenAddress mandoc from aaron@
|
|
[ssh-add.1]
ssh-add retries the last passphrase...
|
|
[ssh-add.c]
passphrase caching: ssh-add tries last passphrase, clears passphrase if
not successful and after last try.
based on discussions with espie@, jakob@, ... and code from jakob@ and
wolfgang@wsrcc.com
|
|
[sftp.1]
spelling
|
|
[sshd.8]
spelling
|
|
[sftp.c]
do not modify an actual argv[] entry
|
|
|
|
|
|
[uidswap.c]
KNF
|
|
[buffer.c channels.c channels.h readconf.c ssh.c]
allow the ssh client act as a SOCKS4 proxy (dynamic local
portforwarding). work by Dan Kaminsky <dankamin@cisco.com> and me.
thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
netscape use localhost:1080 as a socks proxy.
|
|
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
do gid/groups-swap in addition to uid-swap, should help if /home/group
is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
to olar@openwall.com is comments. we had many requests for this.
|