summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
AgeCommit message (Collapse)Author
2019-11-25upstream: allow "ssh-keygen -x no-touch-required" when generating adjm@openbsd.org
security key keypair to request one that does not require a touch for each authentication attempt. The default remains to require touch. feedback deraadt; ok markus@ OpenBSD-Commit-ID: 887e7084b2e89c0c62d1598ac378aad8e434bcbd
2019-11-25upstream: add a "no-touch-required" option for authorized_keys anddjm@openbsd.org
a similar extension for certificates. This option disables the default requirement that security key signatures attest that the user touched their key to authorize them. feedback deraadt, ok markus OpenBSD-Commit-ID: f1fb56151ba68d55d554d0f6d3d4dba0cf1a452e
2019-11-25upstream: Add new structure for signature optionsdjm@openbsd.org
This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@ OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
2019-11-20upstream: more missing mentions of ed25519-sk; ok djm@naddy@openbsd.org
OpenBSD-Commit-ID: f242e53366f61697dffd53af881bc5daf78230ff
2019-11-20upstream: additional missing stdarg.h includes when built withoutnaddy@openbsd.org
WITH_OPENSSL; ok djm@ OpenBSD-Commit-ID: 881f9a2c4e2239849cee8bbf4faec9bab128f55b
2019-11-18upstream: Fix incorrect error message when key certification failsdjm@openbsd.org
OpenBSD-Commit-ID: 7771bd77ee73f7116df37c734c41192943a73cee
2019-11-18upstream: allow *-sk key types to be turned into certificatesdjm@openbsd.org
OpenBSD-Commit-ID: cd365ee343934862286d0b011aa77fa739d2a945
2019-11-18upstream: missing break in getopt switch; spotted by Sebastian Kinnedjm@openbsd.org
OpenBSD-Commit-ID: f002dbf14dba5586e8407e90f0141148ade8e8fc
2019-11-15upstream: directly support U2F/FIDO2 security keys in OpenSSH bydjm@openbsd.org
linking against the (previously external) USB HID middleware. The dlopen() capability still exists for alternate middlewares, e.g. for Bluetooth, NFC and test/debugging. OpenBSD-Commit-ID: 14446cf170ac0351f0d4792ba0bca53024930069
2019-11-13upstream: security keys typically need to be tapped/touched indjm@openbsd.org
order to perform a signature operation. Notify the user when this is expected via the TTY (if available) or $SSH_ASKPASS if we can. ok markus@ OpenBSD-Commit-ID: 0ef90a99a85d4a2a07217a58efb4df8444818609
2019-11-13Remove leftover if statement from sync.Darren Tucker
2019-11-13upstream: enable ed25519 support; ok djmmarkus@openbsd.org
OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e
2019-11-11upstream: duplicate 'x' character in getopt(3) optstringdjm@openbsd.org
OpenBSD-Commit-ID: 64c81caa0cb5798de3621eca16b7dd22e5d0d8a7
2019-11-08upstream: Fill in missing man page bits for U2F security key support:naddy@openbsd.org
Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable, and ssh-keygen's new -w and -x options. Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal substitutions. ok djm@ OpenBSD-Commit-ID: ef2e8f83d0c0ce11ad9b8c28945747e5ca337ac4
2019-11-01autoconf pieces for U2F supportDamien Miller
Mostly following existing logic for PKCS#11 - turning off support when either libcrypto or dlopen(3) are unavailable.
2019-11-01upstream: fix -Wshadow warningdjm@openbsd.org
OpenBSD-Commit-ID: 3441eb04f872a00c2483c11a5f1570dfe775103c
2019-11-01upstream: Refactor signing - use sshkey_sign for everything,djm@openbsd.org
including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
2019-11-01upstream: ssh-keygen support for generating U2F/FIDO keysdjm@openbsd.org
OpenBSD-Commit-ID: 6ce04f2b497ac9dd8c327f76f1e6c724fb1d1b37
2019-10-16upstream: free buf before return; reported by krishnaiah bommudjm@openbsd.org
OpenBSD-Commit-ID: 091bb23a6e913af5d4f72c50030b53ce1cef4de1
2019-10-09wrap stdint.h include in HAVE_STDINT_HDamien Miller
make the indenting a little more consistent too.. Fixes Solaris 2.6; reported by Tom G. Christensen
2019-10-04upstream: use a more common options order in SYNOPSIS and syncjmc@openbsd.org
usage(); while here, no need for Bk/Ek; ok dtucker OpenBSD-Commit-ID: 38715c3f10b166f599a2283eb7bc14860211bb90
2019-10-02upstream: thinko in previous; spotted by Mantasdjm@openbsd.org
=?UTF-8?q?=20Mikul=C4=97nas?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: ffa3f5a45e09752fc47d9041e2203ee2ec15b24d
2019-10-02upstream: ban empty namespace strings for sdjm@openbsd.org
=?UTF-8?q?shsig;=20spotted=20by=20Mantas=20Mikul=C4=97nas?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OpenBSD-Commit-ID: 7c5bcf40bed8f4e826230176f4aa353c52aeb698
2019-10-01upstream: group and sort single letter options; ok deraadtjmc@openbsd.org
OpenBSD-Commit-ID: e1480e760a2b582f79696cdcff70098e23fc603f
2019-10-01upstream: identity_file[] should be PATH_MAX, not the arbitraryderaadt@openbsd.org
number 1024 OpenBSD-Commit-ID: e775f94ad47ce9ab37bd1410d7cf3b7ea98b11b7
2019-09-16upstream: Allow testing signature syntax and validity without verifyingdjm@openbsd.org
that a signature came from a trusted signer. To discourage accidental or unintentional use, this is invoked by the deliberately ugly option name "check-novalidate" from Sebastian Kinne OpenBSD-Commit-ID: cea42c36ab7d6b70890e2d8635c1b5b943adcc0b
2019-09-08upstream: key conversion should fail for !openssl builds, not falldjm@openbsd.org
through to the key generation code OpenBSD-Commit-ID: b957436adc43c4941e61d61958a193a708bc83c9
2019-09-06upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@djm@openbsd.org
OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
2019-09-06upstream: lots of things were relying on libcrypto headers todjm@openbsd.org
transitively include various system headers (mostly stdlib.h); include them explicitly OpenBSD-Commit-ID: 5b522f4f2d844f78bf1cc4f3f4cc392e177b2080
2019-09-05upstream: repair typo and editing mishapnaddy@openbsd.org
OpenBSD-Commit-ID: d125ab720ca71ccf9baf83e08ddc8c12a328597e
2019-09-03upstream: sshsig tweaks and improvements from and suggested bydjm@openbsd.org
Markus ok markus/me OpenBSD-Commit-ID: ea4f46ad5a16b27af96e08c4877423918c4253e9
2019-09-03upstream: sshsig: lightweight signature and verification abilitydjm@openbsd.org
for OpenSSH This adds a simple manual signature scheme to OpenSSH. Signatures can be made and verified using ssh-keygen -Y sign|verify Signatures embed the key used to make them. At verification time, this is matched via principal name against an authorized_keys-like list of allowed signers. Mostly by Sebastian Kinne w/ some tweaks by me ok markus@ OpenBSD-Commit-ID: 2ab568e7114c933346616392579d72be65a4b8fb
2019-09-03upstream: factor out confirm_overwrite(); ok markus@djm@openbsd.org
OpenBSD-Commit-ID: 304e95381b39c774c8fced7e5328b106a3ff0400
2019-09-03upstream: constify an argumentdjm@openbsd.org
OpenBSD-Commit-ID: 724bafc9f993746ad4303e95bede2c030de6233b
2019-09-02upstream: print comment when printing pubkey from privatedjm@openbsd.org
bz#3052; ok dtucker OpenBSD-Commit-ID: a91b2a8d5f1053d34d7fce44523c53fb534ba914
2019-08-08upstream: Allow the maximimum uint32 value for the argument passed todtucker@openbsd.org
-b which allows better error messages from later validation. bz#3050, ok djm@ OpenBSD-Commit-ID: 10adf6876b2401b3dc02da580ebf67af05861673
2019-08-08upstream: Many key types are supported now, so take care to checknaddy@openbsd.org
the size restrictions and apply the default size only to the matching key type. tweak and ok dtucker@ OpenBSD-Commit-ID: b825de92d79cc4cba19b298c61e99909488ff57e
2019-07-19upstream: Accept the verbose flag when searching for host keys in knowndjm@openbsd.org
hosts (i.e. "ssh-keygen -vF host") to print the matching host's random- art signature too. bz#3003 "amusing, pretty" deraadt@ OpenBSD-Commit-ID: 686221a5447d6507f40a2ffba5393984d889891f
2019-07-16upstream: remove mostly vestigal uuencode.[ch]; moving the only uniquedjm@openbsd.org
functionality there (wrapping of base64-encoded data) to sshbuf functions; feedback and ok markus@ OpenBSD-Commit-ID: 4dba6735d88c57232f6fccec8a08bdcfea44ac4c
2019-07-15upstream: support PKCS8 as an optional format for storage ofdjm@openbsd.org
private keys, enabled via "ssh-keygen -m PKCS8" on operations that save private keys to disk. The OpenSSH native key format remains the default, but PKCS8 is a superior format to PEM if interoperability with non-OpenSSH software is required, as it may use a less terrible KDF (IIRC PEM uses a single round of MD5 as a KDF). adapted from patch by Jakub Jelen via bz3013; ok markus OpenBSD-Commit-ID: 027824e3bc0b1c243dc5188504526d73a55accb1
2019-07-08upstream: revert header removal that snuck into previousdjm@openbsd.org
OpenBSD-Commit-ID: 3919cdd58989786660b8269b325646ef8856428e
2019-07-08upstream: add a local implementation of BSD realpath() fordjm@openbsd.org
sftp-server use ahead of OpenBSD's realpath changing to match POSIX; ok deraadt@ (thanks for snaps testing) OpenBSD-Commit-ID: 4f8cbf7ed8679f6237264301d104ecec64885d55
2019-07-05upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org
some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
2019-06-21upstream: Add protection for private keys at rest in RAM againstdjm@openbsd.org
speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer and Rambleed. This change encrypts private keys when they are not in use with a symmetic key that is derived from a relatively large "prekey" consisting of random data (currently 16KB). Attackers must recover the entire prekey with high accuracy before they can attempt to decrypt the shielded private key, but the current generation of attacks have bit error rates that, when applied cumulatively to the entire prekey, make this unlikely. Implementation-wise, keys are encrypted "shielded" when loaded and then automatically and transparently unshielded when used for signatures or when being saved/serialised. Hopefully we can remove this in a few years time when computer architecture has become less unsafe. been in snaps for a bit already; thanks deraadt@ ok dtucker@ deraadt@ OpenBSD-Commit-ID: 19767213c312e46f94b303a512ef8e9218a39bd4
2019-06-08upstream: Replace calls to ssh_malloc_init() by a static init ofotto@openbsd.org
malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@ OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
2019-06-08upstream: Make the standard output messages of both methods oflum@openbsd.org
changing a key pair's comments (using -c and -C) more applicable to both methods. ok and suggestions djm@ dtucker@ OpenBSD-Commit-ID: b379338118109eb36e14a65bc0a12735205b3de6
2019-03-26upstream: Expand comment to document rationale for default keydtucker@openbsd.org
sizes. "seems worthwhile" deraadt. OpenBSD-Commit-ID: 72e5c0983d7da1fb72f191870f36cb58263a2456
2019-03-26upstream: Increase the default RSA key size to 3072 bits. Based ondtucker@openbsd.org
the estimates from NIST Special Publication 800-57, 3k bits provides security equivalent to 128 bits which is the smallest symmetric cipher we enable by default. ok markus@ deraadt@ OpenBSD-Commit-ID: 461dd32ebe808f88f4fc3ec74749b0e6bef2276b
2019-02-11upstream: ssh-keygen -D pkcs11.so needs to initialize pkcs11benno@openbsd.org
interactive, so it can ask for the smartcards PIN. ok markus@ OpenBSD-Commit-ID: 1be7ccf88f1876e0fc4d7c9b3f96019ac5655bab
2019-01-23upstream: allow auto-incrementing certificate serial number for certsdjm@openbsd.org
signed in a single commandline. OpenBSD-Commit-ID: 39881087641efb8cd83c7ec13b9c98280633f45b
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-18 12:25:55 +0000