Age | Commit message (Collapse) | Author |
|
[ssh.1]
Explain the use of SSH fpr visualization using random art, and cite the
original scientific paper inspiring that technique.
Much help with English and nroff by jmc@, thanks.
|
|
[scp.c]
Prevent -Wsign-compare warnings on LP64 systems. bz #1192, ok deraadt@
|
|
[mux.c]
Friendlier error messages for mux fallback. ok djm@
|
|
[auth2-pubkey.c auth-rhosts.c]
Include unistd.h for close(), prevents warnings in -portable
|
|
[monitor.c]
Clear key options in the monitor on failed authentication, prevents
applying additional restrictions to non-pubkey authentications in
the case where pubkey fails but another method subsequently succeeds.
bz #1472, found by Colin Watson, ok markus@ djm
|
|
[packet.c]
compile on older gcc; no decl after code
|
|
compiler warnings on some platforms. Based on a discussion with otto@
|
|
[auth2-pubkey.c auth-rhosts.c]
refuse to read ~/.shosts or ~/.ssh/authorized_keys that are not
regular files; report from Solar Designer via Colin Watson in bz#1471
ok dtucker@ deraadt@
|
|
[misc.c]
upcast uid to long with matching %ld, prevents warnings in portable
|
|
on big endian machines, so ifdef them for little endian only to prevent
unused function warnings.
|
|
systems. Patch from R. Scott Bailey.
|
|
[mac.c]
upcast another size_t to u_long to match format
|
|
[mux.c]
upcast size_t to u_long to match format arg; ok djm@
|
|
from Todd Vierling.
|
|
[mux.c]
fall back to creating a new TCP connection on most multiplexing errors
(socket connect fail, invalid version, refused permittion, corrupted
messages, etc.); bz #1329 ok dtucker@
|
|
[sftp.h log.h]
replace __dead with __attribute__((noreturn)), makes things
a little easier to port. Also, add it to sigdie(). ok djm@
|
|
[sshconnect.c]
tweak wording in message, ok deraadt@ jmc@
|
|
[key.c]
add my copyright, ok djm@
|
|
[ssh-keygen.c]
make ssh-keygen -lf show the key type just as ssh-add -l would do it
ok djm@ markus@
|
|
[clientloop.c]
I was coalescing expected global request confirmation replies at
the wrong end of the queue - fix; prompted by markus@
|
|
[sftp-client.c]
print extension revisions for extensions that we understand
|
|
[sshd.c sshconnect.c packet.h misc.c misc.h packet.c]
Make keepalive timeouts apply while waiting for a packet, particularly
during key renegotiation (bz #1363). With djm and Matt Day, ok djm@
|
|
[ssh_config.5 ssh-keygen.1]
tweak the ascii art text; ok grunk
|
|
takes 2 more args. with djm@
|
|
[ssh_config.5 ssh.c]
keyword expansion for localcommand. ok djm@
|
|
[clientloop.h channels.h clientloop.c channels.c mux.c]
The multiplexing escape char handler commit last night introduced a
small memory leak per session; plug it.
|
|
[key.c]
We already mark the start of the worm, now also mark the end of the worm
in our random art drawings.
ok djm@
|
|
[key.c]
supply the key type (rsa1, rsa, dsa) as a caption in the frame of the
random art. while there, stress the fact that the field base should at
least be 8 characters for the pictures to make sense.
comment and ok djm@
|
|
[mux.c]
some more TODO for me
|
|
[PROTOCOL]
document tun@openssh.com forwarding method
|
|
[ssh.c]
thal shalt not code past the eightieth column
|
|
[clientloop.c]
thall shalt not code past the eightieth column
|
|
[clientloop.h ssh.c clientloop.c]
maintain an ordered queue of outstanding global requests that we
expect replies to, similar to the per-channel confirmation queue.
Use this queue to verify success or failure for remote forward
establishment in a race free way.
ok dtucker@
|
|
[clientloop.h mux.c channels.c clientloop.c channels.h]
Enable ~ escapes for multiplex slave sessions; give each channel
its own escape state and hook the escape filters up to muxed
channels. bz #1331
Mux slaves do not currently support the ~^Z and ~& escapes.
NB. this change cranks the mux protocol version, so a new ssh
mux client will not be able to connect to a running old ssh
mux master.
ok dtucker@
|
|
[key.c]
use an odd number of rows and columns and a separate start marker, looks
better; ok grunk@
|
|
[sshconnect.c]
Make ssh print the random art also when ssh'ing to a host using IP only.
spotted by naddy@, ok and help djm@ dtucker@
|
|
[dns.c canohost.c sshconnect.c]
Do not pass "0" strings as ports to getaddrinfo because the lookups
can slow things down and we never use the service info anyway. bz
#859, patch from YOSHIFUJI Hideaki and John Devitofranceschi. ok
deraadt@ djm@
djm belives that the reason for the "0" strings is to ensure that
it's not possible to call getaddrinfo with both host and port being
NULL. In the case of canohost.c host is a local array. In the
case of sshconnect.c, it's checked for null immediately before use.
In dns.c it ultimately comes from ssh.c:main() and is guaranteed to
be non-null but it's not obvious, so I added a warning message in
case it is ever passed a null.
|
|
[key.c]
#define statements that are not atoms need braces around them, else they
will cause trouble in some cases.
Also do a computation of -1 once, and not in a loop several times.
spotted by otto@
|
|
[ssh_config.5]
CheckHostIP set to ``fingerprint'' will display both hex and random art
spotted by naddy@
|
|
[key.c]
simpler way of computing the augmentations; ok grunk@
|
|
[ssh-keygen.c ssh-keygen.1]
ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
that is not how it was envisioned.
Also correct manpage saying that -v is needed along with -l for it to work.
spotted by naddy@
|
|
[ssh-keygen.c]
ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
would not display you the random art as intended, spotted by canacar@
|
|
[ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
sshconnect.c]
Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
graphical hash visualization schemes known as "random art", and by
Dan Kaminsky's musings on the subject during a BlackOp talk at the
23C3 in Berlin.
Scientific publication (original paper):
"Hash Visualization: a New Technique to improve Real-World Security",
Perrig A. and Song D., 1999, International Workshop on Cryptographic
Techniques and E-Commerce (CrypTEC '99)
http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
The algorithm used here is a worm crawling over a discrete plane,
leaving a trace (augmenting the field) everywhere it goes.
Movement is taken from dgst_raw 2bit-wise. Bumping into walls
makes the respective movement vector be ignored for this turn,
thus switching to the other color of the chessboard.
Graphs are not unambiguous for now, because circles in graphs can be
walked in either direction.
discussions with several people,
help, corrections and ok markus@ djm@
|
|
[sshd.8]
kill trailing whitespace;
|
|
Do not set SO_REUSEADDR on wildcard X11 listeners (X11UseLocalhost=no)
bz#1464; ok dtucker
|
|
|
|
[Makefile regress/key-options.sh]
Add regress test for key options. ok djm@
|
|
[bufaux.c]
Use '\0' for a nul byte rather than unadorned 0. ok djm@
|
|
[auth-options.c match.c servconf.c addrmatch.c sshd.8]
support CIDR address matching in .ssh/authorized_keys from="..." stanzas
ok and extensive testing dtucker@
|
|
[PROTOCOL ssh.c serverloop.c]
Add a no-more-sessions@openssh.com global request extension that the
client sends when it knows that it will never request another session
(i.e. when session multiplexing is disabled). This allows a server to
disallow further session requests and terminate the session.
Why would a non-multiplexing client ever issue additional session
requests? It could have been attacked with something like SSH'jack:
http://www.storm.net.nz/projects/7
feedback & ok markus
|