Age | Commit message (Collapse) | Author |
|
[ssh_config.5]
new sentence, new line;
|
|
[ssh_config.5]
change BindAddress to match recent ssh -b change; prompted by markus@
|
|
[ssh_config.5]
fix Xr and a little grammar;
|
|
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
implement support for X11 and agent forwarding over multiplex slave
connections. Because of protocol limitations, the slave connections inherit
the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
their own.
ok dtucker@ "put it in" deraadt@
|
|
|
|
[ssh.c ssh_config.5]
allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@
|
|
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
add ControlMaster=auto/autoask options to support opportunistic
multiplexing; tested avsm@ and jakob@, ok markus@
|
|
[auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
introduce a generic %foo expansion function. replace existing % expansion
and add expansion to ControlPath; ok markus@
|
|
|
|
[cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
ok markus@
|
|
[ssh_config.5]
oops - article and spacing;
|
|
[ssh_config.5]
give a ProxyCommand example using nc(1), with and ok jmc@
|
|
[ssh.c ssh_config.5]
fallback gracefully if client cannot connect to ControlPath. ok djm@
|
|
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
[sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
variable, so don't say that we do (bz #623); ok deraadt@
|
|
(closes: #307069).
|
|
|
|
[ssh_config.5]
get the syntax right for {Local,Remote}Forward;
based on a diff from markus;
problem report from ponraj;
ok dtucker@ markus@ deraadt@
|
|
[ssh_config.5]
escape `.' at eol to avoid double spacing issues;
|
|
[ssh.1 ssh_config.5]
more macro simplification;
|
|
[ssh_config.5]
do not mark up punctuation;
whitespace;
|
|
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
add tools for managing known_hosts files with hashed hostnames, including
hashing existing files and deleting hosts by name; ok markus@ deraadt@
|
|
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
[sshconnect.c sshd.8]
add support for hashing host names and addresses added to known_hosts
files, to improve privacy of which hosts user have been visiting; ok
markus@ deraadt@
|
|
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
[misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
[sshd_config.5]
bz#413: allow optional specification of bind address for port forwardings.
Patch originally by Dan Astorian, but worked on by several people
Adds GatewayPorts=clientspecified option on server to allow remote
forwards to bind to client-specified ports.
|
|
[ssh_config.5]
bz#849: document timeout on untrusted x11 forwarding sessions. Reported by
orion AT cora.nwra.com; ok markus@
|
|
[ssh_config.5]
wording;
ok markus@
|
|
[ssh_config.5]
grammar;
|
|
|
|
[scp.1 sftp.1 ssh.1 ssh_config.5]
document KbdInteractiveDevices; ok markus@
|
|
[ssh_config.5]
punctuation and grammar fixes. also, keep the options in order.
|
|
[clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
Add option for confirmation (ControlMaster=ask) via ssh-askpass before
opening shared connections; ok markus@
|
|
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
[readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
implement session multiplexing in the client (the server has supported
this since 2.0); ok markus@
|
|
[ssh.1 ssh_config.5 sshd_config.5]
List supported ciphers in man pages, tidy up ssh -c;
"looks fine" jmc@, ok markus@
|
|
[ssh_config.5]
typo from John Cosimano (PR 3770);
|
|
[ssh_config.5 sshd_config.5]
manpage fixes in envpass stuff from Brian Poole (raj AT cerias.purdue.edu)
|
|
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
ssh_config.5 sshd_config.5]
bz #815: implement ability to pass specified environment variables from
the client to the server; ok markus@
|
|
|
|
[ssh_config.5]
kill whitespace at eol;
|
|
[ssh.1 ssh_config.5]
document strict permission checks on ~/.ssh/config; prompted by,
with & ok jmc@
|
|
of 3.7 and earlier, since it seems immature and causes far too many
problems with existing setups. See README.Debian for details
(closes: #237021).
|
|
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
add IdentitiesOnly; ok djm@, pb@
|
|
documented in ssh_config(5), it's not as good as the SSH2 version.
|
|
extensively yet.
ProtocolKeepAlives is now just a compatibility alias for
ServerAliveInterval.
|
|
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
[ssh.c ssh_config.5]
application layer keep alive (ServerAliveInterval ServerAliveCountMax)
for ssh(1), similar to the sshd(8) option; ok beck@; with help from
jmc and dtucker@
|
|
[ssh_config.5]
we don't support GSS KEX; from Simon Wilkinson
|
|
[readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1]
[ssh_config.5 sshconnect.c sshd.c sshd_config.5]
rename keepalive to tcpkeepalive; the old name causes too much
confusion; ok djm, dtucker; with help from jmc@
|
|
[ssh_config.5]
make verb agree with subject, and kill some whitespace;
|
|
[dns.c dns.h readconf.c ssh_config.5 sshconnect.c]
update SSHFP validation. ok markus@
|
|
[ssh_config.5]
note that EnableSSHKeySign should be in the non-hostspecific section;
remove unnecessary .Pp;
ok markus@
|
|
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
remote x11 clients are now untrusted by default, uses xauth(8) to generate
untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
ok deraadt; feedback and ok djm/fries
|
|
[readconf.c ssh_config.5]
default GSS API to no in client, too; ok jakob, deraadt@
|