summaryrefslogtreecommitdiff
path: root/servconf.c
AgeCommit message (Collapse)Author
2002-06-06 - markus@cvs.openbsd.org 2002/05/15 21:56:38Ben Lindstrom
[servconf.c sshd.8 sshd_config] re-enable privsep and disable setuid for post-3.2.2
2002-05-15 - markus@cvs.openbsd.org 2002/05/15 21:02:53Ben Lindstrom
[servconf.c sshd.8 sshd_config] disable privsep and enable setuid for the 3.2.2 release
2002-05-15 - deraadt@cvs.openbsd.org 2002/05/04 02:39:35Ben Lindstrom
[servconf.c sshd.8 sshd_config] enable privsep by default; provos ok (historical)
2002-04-23 - markus@cvs.openbsd.org 2002/04/22 16:16:53Damien Miller
[servconf.c sshd.8 sshd_config] do not auto-enable KerberosAuthentication; ok djm@, provos@, deraadt@
2002-04-23 - (djm) OpenBSD CVS SyncDamien Miller
- deraadt@cvs.openbsd.org 2002/04/20 09:02:03 [servconf.c] No, afs requires explicit enabling
2002-04-13 - (djm) Add KrbV support patch from Simon Wilkinson <simon@sxw.org.uk>Damien Miller
2002-03-22 - stevesk@cvs.openbsd.org 2002/03/20 19:12:25Ben Lindstrom
[servconf.c servconf.h ssh.h sshd.c] for unprivileged user, group do: pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@
2002-03-22 - stevesk@cvs.openbsd.org 2002/03/19 03:03:43Ben Lindstrom
[pathnames.h servconf.c servconf.h sshd.c] _PATH_PRIVSEP_CHROOT_DIR; ok provos@
2002-03-22 - stevesk@cvs.openbsd.org 2002/03/18 23:52:51Ben Lindstrom
[servconf.c] UnprivUser/UnprivGroup usable now--specify numeric user/group; ok provos@
2002-03-22 - provos@cvs.openbsd.org 2002/03/18 17:50:31Ben Lindstrom
[auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c session.h servconf.h serverloop.c session.c sshd.c] integrate privilege separated openssh; its turned off by default for now. work done by me and markus@ applied, but outside of ensure that smaller code bits migrated with their owners.. no work was tried to 'fix' it to work. =) Later project!
2002-03-13Stupid djm commits experimental code to head instead of branchDamien Miller
revert
2002-03-13Import of Niels Provos' 20020312 ssh-complete.diffDamien Miller
PAM, Cygwin and OSF SIA will not work for sure
2002-02-05 - markus@cvs.openbsd.org 2002/02/04 12:15:25Damien Miller
[log.c log.h readconf.c servconf.c] add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1, fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@
2002-02-05 - markus@cvs.openbsd.org 2002/01/29 14:32:03Damien Miller
[auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c servconf.c servconf.h session.c sshd.8 sshd_config] s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@
2002-02-05 - stevesk@cvs.openbsd.org 2002/01/27 14:57:46Damien Miller
[channels.c servconf.c servconf.h session.c sshd.8 sshd_config] add X11UseLocalhost; ok markus@
2002-01-22 - stevesk@cvs.openbsd.org 2002/01/22 02:52:41Damien Miller
[servconf.c] typo in error message; from djast@cs.toronto.edu
2002-01-22 - stevesk@cvs.openbsd.org 2002/01/04 18:14:16Damien Miller
[servconf.c sshd.8] protocol 2 HostKey code default is now /etc/ssh_host_rsa_key and /etc/ssh_host_dsa_key like we have in sshd_config. ok markus@
2002-01-22 - stevesk@cvs.openbsd.org 2002/01/04 17:59:17Damien Miller
[readconf.c servconf.c] remove #ifdef _PATH_XAUTH/#endif; ok markus@
2001-12-21 - deraadt@cvs.openbsd.org 2001/12/19 07:18:56Damien Miller
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else
2001-12-06 - markus@cvs.openbsd.org 2001/12/06 13:30:06Ben Lindstrom
[servconf.c servconf.h sshd.8 sshd.c] add -o to sshd, too. ok deraadt@ - (bal) Minor white space fix up in servconf.c
2001-12-06 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12Ben Lindstrom
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] minor KNF
2001-12-06 - stevesk@cvs.openbsd.org 2001/11/17 19:14:34Ben Lindstrom
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c] enum/int type cleanup where it made sense to do so; ok markus@
2001-11-14 - markus@cvs.openbsd.org 2001/11/12 11:17:07Damien Miller
[servconf.c] enable authorized_keys2 again. tested by fries@
2001-11-12 - (djm) Reorder portable-specific server options so that they come first.Damien Miller
This should help reduce diff collisions for new server options (as they will appear at the end)
2001-11-12 - markus@cvs.openbsd.org 2001/11/11 13:02:31Damien Miller
[servconf.c] make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified.
2001-09-12 - jakob@cvs.openbsd.org 2001/08/16 19:18:34Ben Lindstrom
[servconf.c servconf.h session.c sshd.8] deprecate CheckMail. ok markus@
2001-07-14 - itojun@cvs.openbsd.org 2001/07/11 00:24:53Damien Miller
[servconf.c] make it compilable in all 4 combination of KRB4/KRB5 settings. dugsong ok XXX isn't it sensitive to the order of -I/usr/include/kerberosIV and -I/usr/include/kerberosV?
2001-07-14 - OpenBSD CVS SyncDamien Miller
- stevesk@cvs.openbsd.org 2001/07/08 15:23:38 [servconf.c] fix ``MaxStartups max''; ok markus@
2001-07-04whitespace syncKevin Steves
2001-07-04 - dugsong@cvs.openbsd.org 2001/06/26 17:41:49Ben Lindstrom
[servconf.c] #include <kafs.h>
2001-07-04 - dugsong@cvs.openbsd.org 2001/06/26 16:15:25Ben Lindstrom
[auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h servconf.c servconf.h session.c sshconnect1.c sshd.c] Kerberos v5 support for SSH1, mostly from Assar Westerlund <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
2001-06-25 - itojun@cvs.openbsd.org 2001/06/23 15:12:20Ben Lindstrom
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c canohost.c channels.c cipher.c clientloop.c deattack.c dh.c hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c readpass.c scp.c servconf.c serverloop.c session.c sftp.c sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c ssh-keygen.c ssh-keyscan.c] more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers
2001-06-09 - markus@cvs.openbsd.org 2001/06/08 15:25:40Ben Lindstrom
[includes.h pathnames.h readconf.c servconf.c] move the path for xauth to pathnames.h
2001-06-05 - markus@cvs.openbsd.org 2001/05/20 17:20:36Ben Lindstrom
[auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8 sshd_config] configurable authorized_keys{,2} location; originally from peter@; ok djm@
2001-06-05 - stevesk@cvs.openbsd.org 2001/05/19 19:43:57Ben Lindstrom
[misc.c misc.h servconf.c sshd.8 sshd.c] sshd command-line arguments and configuration file options that specify time may be expressed using a sequence of the form: time[qualifier], where time is a positive integer value and qualifier is one of the following: <none>,s,m,h,d,w Examples: 600 600 seconds (10 minutes) 10m 10 minutes 1h30m 1 hour 30 minutes (90 minutes) ok markus@
2001-06-05 - markus@cvs.openbsd.org 2001/05/18 14:13:29Ben Lindstrom
[auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] improved kbd-interactive support. work by per@appgate.com and me
2001-05-03 - stevesk@cvs.openbsd.org 2001/05/03 21:43:01Ben Lindstrom
[servconf.c] remove "\n" from fatal()
2001-04-25 - (djm) Add new server configuration directive 'PAMAuthenticationViaKbdInt'Damien Miller
(default: off), implies KbdInteractiveAuthentication. Suggestion from markus@
2001-04-16 - stevesk@cvs.openbsd.org 2001/04/15 21:28:35Ben Lindstrom
[readconf.c servconf.c] use fatal() or error() vs. fprintf(); ok markus@
2001-04-13 - beck@cvs.openbsd.org 2001/04/13 22:46:54Ben Lindstrom
[channels.c channels.h servconf.c servconf.h serverloop.c sshd.8] Add options ClientAliveInterval and ClientAliveCountMax to sshd. This gives the ability to do a "keepalive" via the encrypted channel which can't be spoofed (unlike TCP keepalives). Useful for when you want to use ssh connections to authenticate people for something, and know relatively quickly when they are no longer authenticated. Disabled by default (of course). ok markus@
2001-04-12 - stevesk@cvs.openbsd.org 2001/04/12 20:09:38Ben Lindstrom
[misc.c misc.h readconf.c servconf.c ssh.c sshd.c] robust port validation; ok markus@ jakob@
2001-04-12 - markus@cvs.openbsd.org 2001/04/12 19:15:26Ben Lindstrom
[auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd_config] implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)
2001-04-07 - stevesk@cvs.openbsd.org 2001/04/06 22:25:25Ben Lindstrom
[servconf.c] in addition to: ListenAddress host|ipv4_addr|ipv6_addr permit: ListenAddress [host|ipv4_addr|ipv6_addr]:port ListenAddress host|ipv4_addr:port sshd.8 updates coming. ok markus@
2001-04-02 - stevesk@cvs.openbsd.org 2001/04/02 14:20:23Ben Lindstrom
[readconf.c servconf.c] correct comment; ok markus@
2001-03-26 - stevesk@cvs.openbsd.org 2001/03/25 13:16:11Ben Lindstrom
[servconf.c servconf.h session.c sshd.8 sshd_config] PrintLastLog option; from chip@valinux.com with some minor changes by me. ok markus@
2001-03-06 - stevesk@cvs.openbsd.org 2001/03/05 15:44:51Ben Lindstrom
[servconf.c] sync error message; ok markus@
2001-03-05 - millert@cvs.openbsd.org 2001/03/04 17:42:28Ben Lindstrom
[authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c ssh.c sshconnect.c sshd.c] log functions should not be passed strings that end in newline as they get passed on to syslog() and when logging to stderr, do_log() appends its own newline.
2001-03-05 - stevesk@cvs.openbsd.org 2001/03/04 11:16:06Ben Lindstrom
[servconf.c sshd.8] kill obsolete RandomSeed; ok markus@ deraadt@
2001-03-05 - deraadt@cvs.openbsd.org 2001/02/22 04:29:37Ben Lindstrom
[servconf.c] grammar; slade@shore.net
2001-02-15 - markus@cvs.openbsd.org 2001/02/12 16:16:23Ben Lindstrom
[auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h ssh-keygen.c sshd.8] PermitRootLogin={yes,without-password,forced-commands-only,no} (before this change, root could login even if PermitRootLogin==no)