| Age | Commit message (Collapse) | Author |
|---|
|
set ssh(1) protocol version to 2 only.
ok djm@
Upstream-ID: e168daf9d27d7e392e3c9923826bd8e87b2b3a10
|
|
add missing ~/.ssh/id_ecdsa and ~/.ssh/id_ed25519 to
IdentityFile.
ok djm@
Upstream-ID: 6ce99466312e4ae7708017c3665e3edb976f70cf
|
|
AddressFamily defaults to any.
ok djm@
Upstream-ID: 0d94aa06a4b889bf57a7f631c45ba36d24c13e0c
|
|
Not all systems with Solaris privs have priv_basicset so factor that
out and provide backward compatibility code. Similarly, not all have
PRIV_NET_ACCESS so wrap that in #ifdef. Based on code from
alex at cooperi.net and djm@ with help from carson at taltos.org and
wieland at purdue.edu.
|
|
rekey refactor broke SSH1; spotted by Tom G. Christensen
Upstream-ID: 43f0d57928cc077c949af0bfa71ef574dcb58243
|
|
rsa-sha2-512,rsa-sha2-256 cannot be selected explicitly
in *KeyTypes options yet. Remove them from the lists of algorithms for now.
committing on behalf of markus@ ok djm@
Upstream-ID: c6e8820eb8e610ac21551832c0c89684a9a51bb7
|
|
since these pages now clearly tell folks to avoid v1,
normalise the docs from a v2 perspective (i.e. stop pointing out which bits
are v2 only);
ok/tweaks djm ok markus
Upstream-ID: eb474f8c36fb6a532dc05c282f7965e38dcfa129
|
|
make sandboxed privilege separation the default, not just
for new installs; "absolutely" deraadt@
Upstream-ID: 5221ef3b927d2df044e9aa3f5db74ae91743f69b
|
|
no need to state that protocol 2 is the default twice;
Upstream-ID: b1e4c36b0c2e12e338e5b66e2978f2ac953b95eb
|
|
Replace list of ciphers and MACs adjacent to -1/-2 flag
descriptions in ssh(1) with a strong recommendation not to use protocol 1.
Add a similar warning to the Protocol option descriptions in ssh_config(5)
and sshd_config(5);
prompted by and ok mmcc@
Upstream-ID: 961f99e5437d50e636feca023978950a232ead5e
|
|
add a "Close session" log entry (at loglevel=verbose) to
correspond to the existing "Starting session" one. Also include the session
id number to make multiplexed sessions more apparent.
feedback and ok dtucker@
Upstream-ID: e72d2ac080e02774376325136e532cb24c2e617c
|
|
include bad $SSH_CONNECTION in failure output
Upstream-Regress-ID: b22d72edfde78c403aaec2b9c9753ef633cc0529
|
|
va_start was added in 0f754e29dd3760fc0b172c1220f18b753fb0957e, however
it has the wrong number of args and it's not usable in non-variadic
functions anyway so it breaks things (for example Solaris 2.6 as
reported by Tom G. Christensen).i ok djm@
|
|
Should fix build problem on Solaris 2.6 reported by Tom G. Christensen.
|
|
|
|
memleak of algorithm name in mm_answer_sign; reported by
Jakub Jelen
Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08
|
|
Add a function to enable security-related malloc_options.
With and ok deraadt@, something similar has been in the snaps for a while.
Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
|
|
|
|
avoid fatal() for PKCS11 tokens that present empty key IDs
bz#1773, ok markus@
Upstream-ID: 044a764fee526f2c4a9d530bd10695422d01fc54
|
|
sync crypto algorithm lists in ssh_config(5) and
sshd_config(5) with current reality. bz#2527
Upstream-ID: d7fd1b6c1ed848d866236bcb1d7049d2bb9b2ff6
|
|
fix regression in openssh-6.8 sftp client: existing
destination directories would incorrectly terminate recursive uploads;
bz#2528
Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18
|
|
turn off more old crypto in the client: hmac-md5, ripemd,
truncated HMACs, RC4, blowfish. ok markus@ dtucker@
Upstream-ID: 96aa11c2c082be45267a690c12f1d2aae6acd46e
|
|
don't attempt to percent_expand() already-canonicalised
addresses, avoiding unnecessary failures when attempting to connect to scoped
IPv6 addresses (that naturally contain '%' characters)
Upstream-ID: f24569cffa1a7cbde5f08dc739a72f4d78aa5c6a
|
|
refactor activation of rekeying
This makes automatic rekeying internal to the packet code (previously
the server and client loops needed to assist). In doing to it makes
application of rekey limits more accurate by accounting for packets
about to be sent as well as packets queued during rekeying events
themselves.
Based on a patch from dtucker@ which was in turn based on a patch
Aleksander Adamowski in bz#2521; ok markus@
Upstream-ID: a441227fd64f9739850ca97b4cf794202860fcd8
|
|
Only check errno if read() has returned an error. EOF is
not an error. This fixes a problem where the mux master would sporadically
fail to notice that the client had exited. ok mikeb@ djm@
Upstream-ID: 3c2dadc21fac6ef64665688aac8a75fffd57ae53
|
|
avoid an uninitialised value when NumberOfPasswordPrompts
is 0 ok markus@ djm@
Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b
|
|
mention internal DH-GEX fallback groups; bz#2302
Upstream-ID: e7b395fcca3122cd825515f45a2e41c9a157e09e
|
|
better description for MaxSessions; bz#2531
Upstream-ID: e2c0d74ee185cd1a3e9d4ca1f1b939b745b354da
|
|
Change old $FreeBSD version string in comment so it doesn't
become an RCS ident downstream; requested by des AT des.no
|
|
printf argument casts to avoid warnings on strict
compilers
Upstream-ID: 7b9f6712cef01865ad29070262d366cf13587c9c
|
|
Avoid ugly "DISPLAY "(null)" invalid; disabling X11
forwarding" message when DISPLAY is not set. This could also result in a
crash on systems with a printf that doesn't handle NULL. OK djm@
Upstream-ID: 20ee0cfbda678a247264c20ed75362042b90b412
|
|
Add regression test for RekeyLimit parsing of >32bit values
(4G and 8G).
Upstream-Regress-ID: 548390350c62747b6234f522a99c319eee401328
|
|
Remove leftover roaming dead code. ok djm markus.
Upstream-ID: 13d1f9c8b65a5109756bcfd3b74df949d53615be
|
|
include packet type of non-data packets in debug3 output;
ok markus dtucker
Upstream-ID: 034eaf639acc96459b9c5ce782db9fcd8bd02d41
|
|
Revert "account for packets buffered but not yet
processed" change as it breaks for very small RekeyLimit values due to
continuous rekeying. ok djm@
Upstream-ID: 7e03f636cb45ab60db18850236ccf19079182a19
|
|
Allow RekeyLimits in excess of 4G up to 2**63 bits
(limited by the return type of scan_scaled). Part of bz#2521, ok djm.
Upstream-ID: 13bea82be566b9704821b1ea05bf7804335c7979
|
|
Account for packets buffered but not yet processed when
computing whether or not it is time to perform rekeying. bz#2521, based
loosely on a patch from olo at fb.com, ok djm@
Upstream-ID: 67e268b547f990ed220f3cb70a5624d9bda12b8c
|
|
change old $FreeBSD version string in comment so it doesn't
become an RCS ident downstream; requested by des AT des.no
Upstream-ID: 8ca558c01f184e596b45e4fc8885534b2c864722
|
|
make the debug messages a bit more useful here
Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64
|
|
Zero a stack buffer with explicit_bzero() instead of
memset() when returning from client_loop() for consistency with
buffer_free()/sshbuf_free().
ok dtucker@ deraadt@ djm@
Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66
|
|
Include sys/time.h for gettimeofday. From sortie at
maxsi.org.
Upstream-ID: 6ed0c33b836d9de0a664cd091e86523ecaa2fb3b
|
|
fd leaks; report Qualys Security Advisory team; ok
deraadt@
Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
|
|
remove roaming support; ok djm@
Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
|
|
Disable experimental client-side roaming support. Server
side was disabled/gutted for years already, but this aspect was surprisingly
forgotten. Thanks for report from Qualys
Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df
|
|
|
|
|
|
|
|
eliminate fallback from untrusted X11 forwarding to trusted
forwarding when the X server disables the SECURITY extension; Reported by
Thomas Hoger; ok deraadt@
Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938
|
|
use explicit_bzero() more liberally in the buffer code; ok
deraadt
Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
|
|
Includes a pre-auth privsep sandbox and several pledge()
emulations. bz#2511, patch by Alex Wilson.
ok dtucker@
|
