Age | Commit message (Collapse) | Author |
|
[ssh.c ssh_config.5]
add percent escape chars to the IdentityFile option, bz #1159 based
on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@
|
|
[ssh_config.5 sshd_config.5]
*AliveCountMax applies to protcol v2 only; ok dtucker, djm
|
|
[misc.c ssh_config.5 sshd_config.5]
Allow config directives to contain whitespace by surrounding them by double
quotes. mindrot #482, man page help from jmc@, ok djm@
|
|
[ssh_config.5]
comma;
|
|
[ssh_config.5]
move PATTERNS to the end of the main body; requested by dtucker
|
|
[ssh_config.5]
document the possible values for KbdInteractiveDevices;
|
|
[ssh_config.5]
some grammar/wording fixes;
|
|
[ssh.1 ssh_config.5 sshd.8 sshd_config.5]
more consistency fixes;
|
|
[ssh-keysign.8 ssh_config.5 sshd_config.5]
some consistency fixes;
|
|
[ssh_config.5]
tidy up the refs to PATTERNS;
|
|
[ssh_config.5]
add section on patterns;
from dtucker + myself
|
|
[ssh_config.5]
add some vertical space;
|
|
[ssh_config.5]
slight rewording; ok djm
|
|
[ssh.c ssh_config.5]
add a %l expansion code to the ControlPath, which is filled in with the
local hostname at runtime. Requested by henning@ to avoid some problems
with /home on NFS; ok dtucker@
|
|
[ssh_config.5]
- word change, agreed w/ markus
- consistency fixes
|
|
[scp.1 ssh.1 ssh_config.5 sftp.1]
Document RekeyLimit. Based on patch from jan.iven at cern.ch from mindrot
#1056 with feedback from jmc, djm and markus; ok jmc@ djm@
|
|
[ssh_config.5]
refer to TCP forwarding, rather than TCP/IP forwarding;
|
|
- jmc@cvs.openbsd.org 2006/01/02 17:09:49
[ssh_config.5 sshd_config.5]
some corrections from michael knudsen;
|
|
[ssh_config.5]
put the description of "UsePrivilegedPort" in the correct place;
|
|
[ssh_config.5]
spelling: intented -> intended
|
|
[ssh_config.5 session.c]
spelling: fowarding, fowarded
|
|
[ssh_config.5]
new sentence, new line;
|
|
[auth-options.c includes.h misc.c misc.h readconf.c servconf.c]
[serverloop.c ssh.c ssh_config.5 sshd_config.5 configure.ac]
two changes to the new ssh tunnel support. this breaks compatibility
with the initial commit but is required for a portable approach.
- make the tunnel id u_int and platform friendly, use predefined types.
- support configuration of layer 2 (ethernet) or layer 3
(point-to-point, default) modes. configuration is done using the
Tunnel (yes|point-to-point|ethernet|no) option is ssh_config(5) and
restricted by the PermitTunnel (yes|point-to-point|ethernet|no) option
in sshd_config(5).
ok djm@, man page bits by jmc@
|
|
[ssh_config.5]
keep options in order;
|
|
[ssh.1 ssh_config.5]
make `!command' a little clearer;
ok reyk
|
|
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
[misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
[serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
[sshconnect.h sshd.8 sshd_config sshd_config.5]
Add support for tun(4) forwarding over OpenSSH, based on an idea and
initial channel code bits by markus@. This is a simple and easy way to
use OpenSSH for ad hoc virtual private network connections, e.g.
administrative tunnels or secure wireless access. It's based on a new
ssh channel and works similar to the existing TCP forwarding support,
except that it depends on the tun(4) network interface on both ends of
the connection for layer 2 or layer 3 tunneling. This diff also adds
support for LocalCommand in the ssh(1) client.
ok djm@, markus@, jmc@ (manpages), tested and discussed with others
|
|
[ssh_config.5]
remove trailing whitespace;
|
|
[ssh_config.5]
mention control socket fallback behaviour, reported by
tryponraj AT gmail.com
|
|
[ssh_config.5 ssh.1]
mention ability to specify bind_address for DynamicForward and -D options;
bz#1077 spotted by Haruyama Seigo
|
|
[ssh_config.5]
new sentence, new line;
|
|
[ssh_config.5]
change BindAddress to match recent ssh -b change; prompted by markus@
|
|
[ssh_config.5]
fix Xr and a little grammar;
|
|
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
implement support for X11 and agent forwarding over multiplex slave
connections. Because of protocol limitations, the slave connections inherit
the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
their own.
ok dtucker@ "put it in" deraadt@
|
|
[ssh.c ssh_config.5]
allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@
|
|
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
add ControlMaster=auto/autoask options to support opportunistic
multiplexing; tested avsm@ and jakob@, ok markus@
|
|
[auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
introduce a generic %foo expansion function. replace existing % expansion
and add expansion to ControlPath; ok markus@
|
|
[cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
ok markus@
|
|
[ssh_config.5]
oops - article and spacing;
|
|
[ssh_config.5]
give a ProxyCommand example using nc(1), with and ok jmc@
|
|
[ssh.c ssh_config.5]
fallback gracefully if client cannot connect to ControlPath. ok djm@
|
|
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
[sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
variable, so don't say that we do (bz #623); ok deraadt@
|
|
[ssh_config.5]
get the syntax right for {Local,Remote}Forward;
based on a diff from markus;
problem report from ponraj;
ok dtucker@ markus@ deraadt@
|
|
[ssh_config.5]
escape `.' at eol to avoid double spacing issues;
|
|
[ssh.1 ssh_config.5]
more macro simplification;
|
|
[ssh_config.5]
do not mark up punctuation;
whitespace;
|
|
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
add tools for managing known_hosts files with hashed hostnames, including
hashing existing files and deleting hosts by name; ok markus@ deraadt@
|
|
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
[sshconnect.c sshd.8]
add support for hashing host names and addresses added to known_hosts
files, to improve privacy of which hosts user have been visiting; ok
markus@ deraadt@
|
|
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
[misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
[sshd_config.5]
bz#413: allow optional specification of bind address for port forwardings.
Patch originally by Dan Astorian, but worked on by several people
Adds GatewayPorts=clientspecified option on server to allow remote
forwards to bind to client-specified ports.
|
|
[ssh_config.5]
bz#849: document timeout on untrusted x11 forwarding sessions. Reported by
orion AT cora.nwra.com; ok markus@
|
|
[ssh_config.5]
wording;
ok markus@
|