Age | Commit message (Collapse) | Author |
|
Bug-Debian: http://bugs.debian.org/711623
Forwarded: no
Last-Update: 2020-02-21
Patch-Name: ssh-agent-setgid.patch
|
|
authenticator".
The polysemous use of "key" was too confusing. Input from markus@.
ok jmc@
OpenBSD-Commit-ID: 12eea973a44c8232af89f86e4269d71ae900ca8f
|
|
OpenBSD-Commit-ID: 876651bdde06bc1e72dd4bd7ad599f42a6ce5a16
|
|
djmc, and dtucker
OpenBSD-Commit-ID: a0b2aca2b67614dda3d6618ea097bf0610c35013
|
|
happen. rethink needed...
OpenBSD-Commit-ID: fb0fede8123ea7f725fd65e00d49241c40bd3421
|
|
the main synopsis/usage; ok djm
OpenBSD-Commit-ID: f881ba253da015398ae8758d973e3390754869bc
|
|
feedback & ok markus@
OpenBSD-Commit-ID: bb544a44bc32e45d2ec8bf652db2046f38360acb
|
|
tweak previous; while here fix up FILES and AUTHORS;
Upstream-ID: 93f6e54086145a75df8d8ec7d8689bdadbbac8fa
|
|
add a whitelist of paths from which ssh-agent will load
(via ssh-pkcs11-helper) a PKCS#11 module; ok markus@
Upstream-ID: fe79769469d9cd6d26fe0dc15751b83ef2a06e8f
|
|
do not confuse mandoc by presenting "Dd";
Upstream-ID: 1470fce171c47b60bbc7ecd0fc717a442c2cfe65
|
|
Add an AddKeysToAgent client option which can be set to
'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When enabled, a
private key that is used during authentication will be added to ssh-agent if
it is running (with confirmation enabled if set to 'confirm').
Initial version from Joachim Schipper many years ago.
ok markus@
Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4
|
|
"commandline" -> "command line", since there are so few
examples of the former in the pages, so many of the latter, and in some of
these pages we had multiple spellings;
prompted by tj
Upstream-ID: 78459d59bff74223f8139d9001ccd56fc4310659
|
|
combine -Dd onto one line and update usage();
|
|
add ssh-agent -D to leave ssh-agent in foreground
without enabling debug mode; bz#2381 ok dtucker@
|
|
Add FingerprintHash option to control algorithm used for
key fingerprints. Default changes from MD5 to SHA256 and format from hex to
base64.
Feedback and ok naddy@ markus@
|
|
improve capitalization for the Ed25519 public-key
signature system.
ok djm@
|
|
[ssh-agent.1]
remove the identity files from this manpage - ssh-agent doesn't deal
with them at all and the same information is duplicated in ssh-add.1
(which does deal with them); prodded by deraadt@
|
|
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
[ssh_config.5 sshd.8 sshd_config.5]
add missing mentions of ed25519; ok djm@
|
|
[clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
honour $TMPDIR for client xauth and ssh-agent temporary directories;
feedback and ok markus@
|
|
[ssh-agent.1]
fix some macro abuse;
|
|
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
[authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
[monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
[ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
[ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
[ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
[uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
better performance than plain DH and DSA at the same equivalent symmetric
key length, as well as much shorter keys.
Only the mandatory sections of RFC5656 are implemented, specifically the
three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
ECDSA. Point compression (optional in RFC5656 is NOT implemented).
Certificate host and user keys using the new ECDSA key types are supported.
Note that this code has not been tested for interoperability and may be
subject to change.
feedback and ok markus@
|
|
[ssh-agent.1]
Correct and clarify ssh-add's password asking behavior.
Improved text dtucker and ok jmc
|
|
[ssh-agent.1 ssh-add.1 ssh.1]
write UNIX-domain in a more consistent way; while here, replace a
few remaining ".Tn UNIX" macros with ".Ux" ones.
pointed out by ratchov@, thanks!
ok jmc@
|
|
[ssh.1 ssh-agent.1 ssh-add.1]
use the UNIX-related macros (.At and .Ux) where appropriate.
ok jmc@
|
|
[sftp-server.8 sshd.8 ssh-agent.1]
fix a few typographical errors found by spell(1).
ok dtucker@, jmc@
|
|
[ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c]
sort synopsis and options in ssh-agent(1); usage is lowercase
ok jmc@
|
|
[scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1
ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8]
convert to new .Dd format;
(We will need to teach mdoc2man.awk to understand this too.)
|
|
[ssh-agent.1 sshd_config.5]
mark up angle brackets;
|
|
[ssh-agent.1]
Update agent socket path templates to reflect reality, correct xref for
time formats. bz#1121, patch from openssh at roumenpetrov.info, ok djm@
|
|
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
[sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
variable, so don't say that we do (bz #623); ok deraadt@
|
|
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
|
|
[ssh-agent.1]
Add examples to ssh-agent.1, bz#481 from Ralf Hauser; ok deraadt@
|
|
[scp.1 sftp-server.8 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5]
[sshd.8 sshd_config.5 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
- section reorder
- COMPATIBILITY merge
- macro cleanup
- kill whitespace at EOL
- new sentence, new line
ssh pages ok markus@
|
|
- jmc@cvs.openbsd.org 2003/05/14 13:11:56
[ssh-agent.1]
setup -> set up;
from wiz@netbsd
|
|
- jmc@cvs.openbsd.org 2003/03/28 10:11:43
[scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5]
[ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
- killed whitespace
- new sentence new line
- .Bk for arguments
ok markus@
|
|
- marc@cvs.openbsd.org 2003/01/21 18:14:36
[ssh-agent.1 ssh-agent.c]
Add a -t life option to ssh-agent that set the default lifetime.
The default can still be overriden by using -t in ssh-add.
OK markus@
|
|
[ssh-agent.1]
the socket name contains ssh-agent's ppid; via mpech@ from form@
|
|
[ssh-agent.1 sshd.8 sshd_config.5]
use process ID vs. pid/PID/process identifier
|
|
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
xmalloc.h]
KNF done automatically while reading....
|
|
[ssh-agent.1 ssh-agent.c]
'-a bind_address' binds the agent to user-specified unix-domain
socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
|
|
[ssh-agent.1]
more sync for default ssh-add identities; ok markus@
|
|
[ssh-agent.1]
ssh-add also adds $HOME/.ssh/id_rsa and $HOME/.ssh/id_dsa now.
|
|
[ssh-agent.1]
clarify/state that private keys are not exposed to clients using the
agent; ok markus@
|
|
[scp.1 sftp.1 ssh.1 ssh-agent.1 sshd.8 ssh-keygen.1 ssh-keyscan.1]
avoid first person in manual pages
|
|
[ssh-agent.1]
fix usage; ok markus@
|
|
[ssh-agent.1]
-d will not fork; ok markus@
|
|
[ssh-agent.1 ssh-agent.c]
add debug flag
|
|
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
document id_rsa{.pub,}. markus ok
|
|
[ssh-agent.1]
grammar; slade@shore.net
|
|
[atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
make copyright lines the same format
|