summaryrefslogtreecommitdiff
path: root/ssh_config.5
AgeCommit message (Collapse)Author
2005-12-13 - reyk@cvs.openbsd.org 2005/12/06 22:38:28Damien Miller
[auth-options.c auth-options.h channels.c channels.h clientloop.c] [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h] [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c] [sshconnect.h sshd.8 sshd_config sshd_config.5] Add support for tun(4) forwarding over OpenSSH, based on an idea and initial channel code bits by markus@. This is a simple and easy way to use OpenSSH for ad hoc virtual private network connections, e.g. administrative tunnels or secure wireless access. It's based on a new ssh channel and works similar to the existing TCP forwarding support, except that it depends on the tun(4) network interface on both ends of the connection for layer 2 or layer 3 tunneling. This diff also adds support for LocalCommand in the ssh(1) client. ok djm@, markus@, jmc@ (manpages), tested and discussed with others
2005-11-05 - jmc@cvs.openbsd.org 2005/10/30 08:43:47Damien Miller
[ssh_config.5] remove trailing whitespace;
2005-11-05 - djm@cvs.openbsd.org 2005/10/30 01:23:19Damien Miller
[ssh_config.5] mention control socket fallback behaviour, reported by tryponraj AT gmail.com
2005-10-03 - djm@cvs.openbsd.org 2005/09/19 11:37:34Darren Tucker
[ssh_config.5 ssh.1] mention ability to specify bind_address for DynamicForward and -D options; bz#1077 spotted by Haruyama Seigo
2005-07-14 - jmc@cvs.openbsd.org 2005/07/08 12:53:10Darren Tucker
[ssh_config.5] new sentence, new line;
2005-07-14 - dtucker@cvs.openbsd.org 2005/07/08 10:20:41Darren Tucker
[ssh_config.5] change BindAddress to match recent ssh -b change; prompted by markus@
2005-07-06 - jmc@cvs.openbsd.org 2005/07/04 11:29:51Damien Miller
[ssh_config.5] fix Xr and a little grammar;
2005-07-06 - djm@cvs.openbsd.org 2005/07/04 00:58:43Damien Miller
[channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5] implement support for X11 and agent forwarding over multiplex slave connections. Because of protocol limitations, the slave connections inherit the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding their own. ok dtucker@ "put it in" deraadt@
2005-06-26 - djm@cvs.openbsd.org 2005/06/18 04:30:36Damien Miller
[ssh.c ssh_config.5] allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@
2005-06-16 - djm@cvs.openbsd.org 2005/06/08 11:25:09Damien Miller
[clientloop.c readconf.c readconf.h ssh.c ssh_config.5] add ControlMaster=auto/autoask options to support opportunistic multiplexing; tested avsm@ and jakob@, ok markus@
2005-06-16 - djm@cvs.openbsd.org 2005/06/06 11:20:36Damien Miller
[auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c] introduce a generic %foo expansion function. replace existing % expansion and add expansion to ControlPath; ok markus@
2005-05-26 - djm@cvs.openbsd.org 2005/05/23 23:32:46Damien Miller
[cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5] add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes; ok markus@
2005-05-26 - jmc@cvs.openbsd.org 2005/05/20 11:23:32Damien Miller
[ssh_config.5] oops - article and spacing;
2005-05-26 - djm@cvs.openbsd.org 2005/05/20 10:50:55Damien Miller
[ssh_config.5] give a ProxyCommand example using nc(1), with and ok jmc@
2005-05-26 - jakob@cvs.openbsd.org 2005/04/26 13:08:37Damien Miller
[ssh.c ssh_config.5] fallback gracefully if client cannot connect to ControlPath. ok djm@
2005-05-26 - djm@cvs.openbsd.org 2005/04/21 06:17:50Damien Miller
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8] [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment variable, so don't say that we do (bz #623); ok deraadt@
2005-03-31 - jmc@cvs.openbsd.org 2005/03/16 11:10:38Darren Tucker
[ssh_config.5] get the syntax right for {Local,Remote}Forward; based on a diff from markus; problem report from ponraj; ok dtucker@ markus@ deraadt@
2005-03-14 - jmc@cvs.openbsd.org 2005/03/12 11:55:03Darren Tucker
[ssh_config.5] escape `.' at eol to avoid double spacing issues;
2005-03-09 - jmc@cvs.openbsd.org 2005/03/07 23:41:54Damien Miller
[ssh.1 ssh_config.5] more macro simplification;
2005-03-02 - jmc@cvs.openbsd.org 2005/03/01 14:55:23Damien Miller
[ssh_config.5] do not mark up punctuation; whitespace;
2005-03-01 - djm@cvs.openbsd.org 2005/03/01 10:42:49Damien Miller
[ssh-keygen.1 ssh-keygen.c ssh_config.5] add tools for managing known_hosts files with hashed hostnames, including hashing existing files and deleting hosts by name; ok markus@ deraadt@
2005-03-01 - djm@cvs.openbsd.org 2005/03/01 10:40:27Damien Miller
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5] [sshconnect.c sshd.8] add support for hashing host names and addresses added to known_hosts files, to improve privacy of which hosts user have been visiting; ok markus@ deraadt@
2005-03-01 - djm@cvs.openbsd.org 2005/03/01 10:09:52Damien Miller
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h] [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5] [sshd_config.5] bz#413: allow optional specification of bind address for port forwardings. Patch originally by Dan Astorian, but worked on by several people Adds GatewayPorts=clientspecified option on server to allow remote forwards to bind to client-specified ports.
2005-03-01 - djm@cvs.openbsd.org 2005/02/28 00:54:10Damien Miller
[ssh_config.5] bz#849: document timeout on untrusted x11 forwarding sessions. Reported by orion AT cora.nwra.com; ok markus@
2005-02-09 - jmc@cvs.openbsd.org 2005/01/28 18:14:09Darren Tucker
[ssh_config.5] wording; ok markus@
2005-02-09 - jmc@cvs.openbsd.org 2005/01/28 15:05:43Darren Tucker
[ssh_config.5] grammar;
2004-11-05 - djm@cvs.openbsd.org 2004/10/07 10:10:24Darren Tucker
[scp.1 sftp.1 ssh.1 ssh_config.5] document KbdInteractiveDevices; ok markus@
2004-06-30 - jmc@cvs.openbsd.org 2004/06/26 09:11:14Damien Miller
[ssh_config.5] punctuation and grammar fixes. also, keep the options in order.
2004-06-18 - djm@cvs.openbsd.org 2004/06/17 15:10:14Damien Miller
[clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5] Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening shared connections; ok markus@
2004-06-15 - djm@cvs.openbsd.org 2004/06/13 15:03:02Damien Miller
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c] [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5] implement session multiplexing in the client (the server has supported this since 2.0); ok markus@
2004-06-15 - dtucker@cvs.openbsd.org 2004/06/13 14:01:42Damien Miller
[ssh.1 ssh_config.5 sshd_config.5] List supported ciphers in man pages, tidy up ssh -c; "looks fine" jmc@, ok markus@
2004-05-13 - jmc@cvs.openbsd.org 2004/05/06 11:24:23Darren Tucker
[ssh_config.5] typo from John Cosimano (PR 3770);
2004-05-02 - djm@cvs.openbsd.org 2004/04/28 05:17:10Darren Tucker
[ssh_config.5 sshd_config.5] manpage fixes in envpass stuff from Brian Poole (raj AT cerias.purdue.edu)
2004-05-02 - djm@cvs.openbsd.org 2004/04/27 09:46:37Darren Tucker
[readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c ssh_config.5 sshd_config.5] bz #815: implement ability to pass specified environment variables from the client to the server; ok markus@
2004-04-20 - jmc@cvs.openbsd.org 2004/04/19 16:12:14Damien Miller
[ssh_config.5] kill whitespace at eol;
2004-04-20 - djm@cvs.openbsd.org 2004/04/19 13:02:40Damien Miller
[ssh.1 ssh_config.5] document strict permission checks on ~/.ssh/config; prompted by, with & ok jmc@
2004-03-08 - markus@cvs.openbsd.org 2004/03/05 10:53:58Damien Miller
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c] add IdentitiesOnly; ok djm@, pb@
2003-12-17 - markus@cvs.openbsd.org 2003/12/16 15:49:51Damien Miller
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1] [ssh.c ssh_config.5] application layer keep alive (ServerAliveInterval ServerAliveCountMax) for ssh(1), similar to the sshd(8) option; ok beck@; with help from jmc and dtucker@
2003-12-17 - markus@cvs.openbsd.org 2003/12/14 12:37:21Damien Miller
[ssh_config.5] we don't support GSS KEX; from Simon Wilkinson
2003-12-17 - markus@cvs.openbsd.org 2003/12/09 21:53:37Damien Miller
[readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1] [ssh_config.5 sshconnect.c sshd.c sshd_config.5] rename keepalive to tcpkeepalive; the old name causes too much confusion; ok djm, dtucker; with help from jmc@
2003-11-17 - jmc@cvs.openbsd.org 2003/11/12 20:14:51Damien Miller
[ssh_config.5] make verb agree with subject, and kill some whitespace;
2003-11-17 - jakob@cvs.openbsd.org 2003/11/12 16:39:58Damien Miller
[dns.c dns.h readconf.c ssh_config.5 sshconnect.c] update SSHFP validation. ok markus@
2003-10-15 - jmc@cvs.openbsd.org 2003/10/12 13:12:13Darren Tucker
[ssh_config.5] note that EnableSSHKeySign should be in the non-hostspecific section; remove unnecessary .Pp; ok markus@
2003-10-15 - markus@cvs.openbsd.org 2003/10/11 08:24:08Darren Tucker
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5] remote x11 clients are now untrusted by default, uses xauth(8) to generate untrusted cookies; ForwardX11Trusted=yes restores old behaviour. ok deraadt; feedback and ok djm/fries
2003-10-15 - markus@cvs.openbsd.org 2003/10/08 15:21:24Darren Tucker
[readconf.c ssh_config.5] default GSS API to no in client, too; ok jakob, deraadt@
2003-09-03 - jmc@cvs.openbsd.org 2003/09/02 18:50:06Damien Miller
[sftp.1 ssh_config.5] escape punctuation; ok deraadt@
2003-09-02 - markus@cvs.openbsd.org 2003/08/28 12:54:34Damien Miller
[auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c] [monitor_wrap.h readconf.c servconf.c session.c ssh_config.5] [sshconnect1.c sshd.c sshd_config sshd_config.5] remove kerberos support from ssh1, since it has been replaced with GSSAPI; but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
2003-08-26 - markus@cvs.openbsd.org 2003/08/22 10:56:09Darren Tucker
[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c session.h ssh-gss.h ssh_config.5 sshconnect2.c sshd_config sshd_config.5] support GSS API user authentication; patches from Simon Wilkinson, stripped down and tested by Jakob and myself.
2003-08-13 - markus@cvs.openbsd.org 2003/08/13 08:46:31Darren Tucker
[auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5] remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@, fgsch@, miod@, henning@, jakob@ and others
2003-08-02 - (dtucker) OpenBSD CVS SyncDarren Tucker
- markus@cvs.openbsd.org 2003/07/22 13:35:22 [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h] remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1); test+ok henning@ - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support. - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files. I hope I got this right....