| Age | Commit message (Collapse) | Author |
|---|
|
original_real_uid and original_effective_uid globals and replace with calls
to plain getuid(). ok djm@
OpenBSD-Commit-ID: 92561c0cd418d34e6841e20ba09160583e27b68c
|
|
load_public_identity_files instead of calling getpwuid() again and discarding
the argument. This prevents a client crash where tilde_expand_filename calls
getpwuid() again before the pwent pointer is used. Issue noticed and reported
by Pierre-Olivier Martel <pom@apple.com> ok djm@ deraadt@
OpenBSD-Commit-ID: a067d74b5b098763736c94cc1368de8ea3f0b157
|
|
ssh(1) setuid has been removed, remove supporting code and clean up
references to it in the man pages
We have not shipped ssh(1) the setuid bit since 2002. If ayone
really needs to make connections from a low port number this can
be implemented via a small setuid ProxyCommand.
ok markus@ jmc@ djm@
OpenBSD-Commit-ID: d03364610b7123ae4c6792f5274bd147b6de717e
|
|
attempted. Do not link uidwap.c into ssh any more. Neuters
UsePrivilegedPort, which will be marked as deprecated shortly. ok markus@
djm@
OpenBSD-Commit-ID: c4ba5bf9c096f57a6ed15b713a1d7e9e2e373c42
|
|
but that is now gone and the slot is unused so remove it. Remove two
now-unused macros, and add an array bounds check to the two remaining ones
(array is statically sized, so mostly a safety check on future changes). ok
markus@
OpenBSD-Commit-ID: 2e4c0ca6cc1d8daeccead2aa56192a3f9d5e1e7a
|
|
directly in ssh(1) and always use ssh-keysign. This removes one of the few
remaining reasons why ssh(1) might be setuid. ok markus@
OpenBSD-Commit-ID: 97f01e1448707129a20d75f86bad5d27c3cf0b7d
|
|
load keys, fixing some spurious error messages; ok markus
OpenBSD-Commit-ID: c63e3d5200ee2cf9e35bda98de847302566c6a00
|
|
OpenBSD-Commit-ID: 2b1f9619259e222bbd4fe9a8d3a0973eafb9dd8d
|
|
OpenBSD-Commit-ID: 60cb0356114acc7625ab85105f6f6a7cd44a8d05
|
|
load_public_identity_files(); reported by Roumen Petrov
OpenBSD-Commit-ID: a827289e77149b5e0850d72a350c8b0300e7ef25
|
|
addresses may be listened on when the client requests remote forwarding (ssh
-R).
This is the converse of the existing PermitOpen directive and this
includes some refactoring to share much of its implementation.
feedback and ok markus@
OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
|
|
username is available currently. In the client this is via %i, in the server
%U (since %i was already used in the client in some places for this, but used
for something different in the server); bz#2870, ok dtucker@
OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
|
|
directive; bz2831, feedback and ok dtucker@
OpenBSD-Commit-ID: 3cec709a131499fbb0c1ea8a0a9e0b0915ce769e
|
|
LocalCommand
OpenBSD-Commit-ID: 857b5cb37b2d856bfdfce61289a415257a487fb1
|
|
after checking with codespell tool
(https://github.com/lucasdemarchi/codespell)
OpenBSD-Commit-ID: 373222f12d7ab606598a2d36840c60be93568528
|
|
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@
OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
|
|
command-line argument to ssh(1) that directs it to bind its outgoing
connection to the address of the specified network interface.
BindInterface prefers to use addresses that aren't loopback or link-
local, but will fall back to those if no other addresses of the
required family are available on that interface.
Based on patch by Mike Manning in bz#2820, ok dtucker@
OpenBSD-Commit-ID: c5064d285c2851f773dd736a2c342aa384fbf713
|
|
OpenBSD-Commit-ID: 674edd214d0a7332dd4623c9cf8117301b012890
|
|
The signal handlers from the original ssh1 code on which OpenSSH
is based assume unreliable signals and reinstall their handlers.
Since OpenBSD (and pretty much every current system) has reliable
signals this is not needed. In the unlikely even that -portable
is still being used on such systems we will deal with it in the
compat layer. ok deraadt@
OpenBSD-Commit-ID: f53a1015cb6908431b92116130d285d71589612c
|
|
Drop compatibility hacks for some ancient SSH
implementations, including ssh.com <=2.* and OpenSSH <= 3.*.
These versions were all released in or before 2001 and predate the
final SSH RFCs. The hacks in question aren't necessary for RFC-
compliant SSH implementations.
ok markus@
OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
|
|
don't attempt to force hostnames that are addresses to
lowercase, but instead canonicalise them through getnameinfo/getaddrinfo to
remove ambiguities (e.g. ::0001 => ::1) before they are matched against
known_hosts; bz#2763, ok dtucker@
OpenBSD-Commit-ID: ba0863ff087e61e5c65efdbe53be3cb92c9aefa0
|
|
fix broken stdout in ControlPersist mode, introduced by me in
r1.467 and reported by Alf Schlichting
OpenBSD-Commit-ID: 3750a16e02108fc25f747e4ebcedb7123c1ef509
|
|
whitespace at EOL
OpenBSD-Commit-ID: c95549cf5a07d56ea11aaff818415118720214f6
|
|
transfer ownership of stdout to the session channel by
dup2'ing /dev/null to fd 1. This allows propagation of remote stdout close to
the local side; reported by David Newall, ok markus@
Upstream-ID: 8d9ac18a11d89e6b0415f0cbf67b928ac67f0e79
|
|
Expose devices allocated for tun/tap forwarding.
At the client, the device may be obtained from a new %T expansion
for LocalCommand.
At the server, the allocated devices will be listed in a
SSH_TUNNEL variable exposed to the environment of any user sessions
started after the tunnel forwarding was established.
ok markus
Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e
|
|
Add URI support to ssh, sftp and scp. For example
ssh://user@host or sftp://user@host/path. The connection parameters
described in draft-ietf-secsh-scp-sftp-ssh-uri-04 are not implemented since
the ssh fingerprint format in the draft uses md5 with no way to specify the
hash function type. OK djm@
Upstream-ID: 4ba3768b662d6722de59e6ecb00abf2d4bf9cacc
|
|
Add 'reverse' dynamic forwarding which combines dynamic
forwarding (-D) with remote forwarding (-R) where the remote-forwarded port
expects SOCKS-requests.
The SSH server code is unchanged and the parsing happens at the SSH
clients side. Thus the full SOCKS-request is sent over the forwarded
channel and the client parses c->output. Parsing happens in
channel_before_prepare_select(), _before_ the select bitmask is
computed in the pre[] handlers, but after network input processing
in the post[] handlers.
help and ok djm@
Upstream-ID: aa25a6a3851064f34fe719e0bf15656ad5a64b89
|
|
refactor channels.c
Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.
Explicitly pass "struct ssh" to all channels functions.
Replace use of the legacy packet APIs in channels.c.
Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.
ok markus@
Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
|
|
make "--" before the hostname terminate command-line
option processing completely; previous behaviour would not prevent further
options appearing after the hostname (ssh has a supported options after the
hostname for >20 years, so that's too late to change).
ok deraadt@
Upstream-ID: ef5ee50571b98ad94dcdf8282204e877ec88ad89
|
|
Add RemoteCommand option to specify a command in the
ssh config file instead of giving it on the client's command line. This
command will be executed on the remote host. The feature allows to automate
tasks using ssh config. OK markus@
Upstream-ID: 5d982fc17adea373a9c68cae1021ce0a0904a5ee
|
|
switch from Key typedef with struct sshkey; ok djm@
Upstream-ID: 3067d33e04efbe5131ce8f70668c47a58e5b7a1f
|
|
remove options -12 from usage();
Upstream-ID: db7ceef25132e63b50ed05289bf447fece1d1270
|
|
obliterate ssh1.h and some dead code that used it
ok markus@
Upstream-ID: 1ca9159a9fb95618f9d51e069ac8e1131a087343
|
|
remove KEY_RSA1
ok markus@
Upstream-ID: 7408517b077c892a86b581e19f82a163069bf133
|
|
remove SSHv1 ciphers; ok markus@
Upstream-ID: e5ebc5e540d7f23a8c1266db1839794d4d177890
|
|
remove compat20/compat13/compat15 variables
ok markus@
Upstream-ID: 43802c035ceb3fef6c50c400e4ecabf12354691c
|
|
remove options.protocol and client Protocol
configuration knob
ok markus@
Upstream-ID: 5a967f5d06e2d004b0235457b6de3a9a314e9366
|
|
unifdef WITH_SSH1 ok markus@
Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
|
|
Add SyslogFacility option to ssh(1) matching the
equivalent option in sshd(8). bz#2705, patch from erahn at arista.com, ok
djm@
Upstream-ID: d5115c2c0193ceb056ed857813b2a7222abda9ed
|
|
fix regression in 7.4 server-sig-algs, where we were
accidentally excluding SHA2 RSA signature methods. bz#2680, patch from Nuno
Goncalves; ok dtucker@
Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
|
|
quote [host]:port in generated ProxyJump commandline; the
[ / ] characters can confuse some shells (e.g. zsh). Reported by Lauri
Tirkkonen via bugs@
Upstream-ID: 65cdd161460e1351c3d778e974c1c2a4fa4bc182
|
|
For ProxyJump/-J, surround host name with brackets to
allow literal IPv6 addresses. From Dick Visser; ok dtucker@
Upstream-ID: 3a5d3b0171250daf6a5235e91bce09c1d5746bf1
|
|
Turkish locales are unique in their handling of the letters 'i' and
'I' (yes, they are different letters) and OpenSSH isn't remotely
prepared to deal with that. For now, the best we can do is to force
OpenSSH to use the C/POSIX locale and try to preserve the UTF-8
encoding if possible.
ok dtucker@
|
|
make IdentityFile successfully load and use certificates that
have no corresponding bare public key. E.g. just a private id_rsa and
certificate id_rsa-cert.pub (and no id_rsa.pub).
bz#2617 ok dtucker@
Upstream-ID: c1e9699b8c0e3b63cc4189e6972e3522b6292604
|
|
ssh proxy mux mode (-O proxy; idea from Simon Tatham): - mux
client speaks the ssh-packet protocol directly over unix-domain socket. - mux
server acts as a proxy, translates channel IDs and relays to the server. - no
filedescriptor passing necessary. - combined with unix-domain forwarding it's
even possible to run mux client and server on different machines. feedback
& ok djm@
Upstream-ID: 666a2fb79f58e5c50e246265fb2b9251e505c25b
|
|
list all supported signature algorithms in the
server-sig-algs Reported by mb AT smartftp.com in bz#2547 and (independantly)
Ron Frederick; ok markus@
Upstream-ID: ddf702d721f54646b11ef2cee6d916666cb685cd
|
|
support UTF-8 characters in ssh(1) banners using
schwarze@'s safe fmprintf printer; bz#2058
feedback schwarze@ ok dtucker@
Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
|
|
- add proxyjump to the options list - formatting fixes -
update usage()
ok djm
Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457
|
|
Add a ProxyJump ssh_config(5) option and corresponding -J
ssh(1) command-line flag to allow simplified indirection through a SSH
bastion or "jump host".
These options construct a proxy command that connects to the
specified jump host(s) (more than one may be specified) and uses
port-forwarding to establish a connection to the next destination.
This codifies the safest way of indirecting connections through SSH
servers and makes it easy to use.
ok markus@
Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397
|
|
Allow ExitOnForwardFailure and ClearAllForwardings to be
overridden when using ssh -W (but still default to yes in that case).
bz#2577, ok djm@.
Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4
|
