summaryrefslogtreecommitdiff
path: root/sshd_config.5
AgeCommit message (Collapse)Author
2014-02-09Various keepalive extensionsRichard Kettlewell
Add compatibility aliases for ProtocolKeepAlives and SetupTimeOut, supported in previous versions of Debian's OpenSSH package but since superseded by ServerAliveInterval. (We're probably stuck with this bit for compatibility.) In batch mode, default ServerAliveInterval to five minutes. Adjust documentation to match and to give some more advice on use of keepalives. Author: Ian Jackson <ian@chiark.greenend.org.uk> Author: Matthew Vernon <matthew@debian.org> Author: Colin Watson <cjwatson@debian.org> Last-Update: 2013-09-14 Patch-Name: keepalive-extensions.patch
2014-02-09Reject vulnerable keys to mitigate Debian OpenSSL flawColin Watson
In 2008, Debian (and derived distributions such as Ubuntu) shipped an OpenSSL package with a flawed random number generator, causing OpenSSH to generate only a very limited set of keys which were subject to private half precomputation. To mitigate this, this patch checks key authentications against a blacklist of known-vulnerable keys, and adds a new ssh-vulnkey program which can be used to explicitly check keys against that blacklist. See CVE-2008-0166. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469 Last-Update: 2013-09-14 Patch-Name: ssh-vulnkey.patch
2014-02-09GSSAPI key exchange supportSimon Wilkinson
This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2013-11-09 Patch-Name: gssapi.patch
2013-07-20 - markus@cvs.openbsd.org 2013/07/19 07:37:48Damien Miller
[auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c] [servconf.h session.c sshd.c sshd_config.5] add ssh-agent(1) support to sshd(8); allows encrypted hostkeys, or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974 ok djm@
2013-07-18 - jmc@cvs.openbsd.org 2013/06/27 14:05:37Damien Miller
[ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] do not use Sx for sections outwith the man page - ingo informs me that stuff like html will render with broken links; issue reported by Eric S. Raymond, via djm
2013-05-16 - jmc@cvs.openbsd.org 2013/05/16 06:30:06Darren Tucker
[sshd_config.5] oops! avoid Xr to self;
2013-05-16 - dtucker@cvs.openbsd.org 2013/05/16 04:09:14Darren Tucker
[sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing rekeying based on traffic volume or time. ok djm@, help & ok jmc@ for the man page.
2013-04-23 - djm@cvs.openbsd.org 2013/04/19 01:00:10Damien Miller
[sshd_config.5] document the requirment that the AuthorizedKeysCommand be owned by root; ok dtucker@ markus@
2013-04-23 - markus@cvs.openbsd.org 2013/03/07 19:27:25Damien Miller
[auth.h auth2-chall.c auth2.c monitor.c sshd_config.5] add submethod support to AuthenticationMethods; ok and freedback djm@
2013-02-12 - dtucker@cvs.openbsd.org 2013/02/06 00:20:42Damien Miller
[servconf.c sshd_config sshd_config.5] Change default of MaxStartups to 10:30:100 to start doing random early drop at 10 connections up to 100 connections. This will make it harder to DoS as CPUs have come a long way since the original value was set back in 2000. Prompted by nion at debian org, ok markus@
2013-01-20 - jmc@cvs.openbsd.org 2013/01/18 08:00:49Damien Miller
[sshd_config.5] tweak previous;
2013-01-18 - djm@cvs.openbsd.org 2013/01/17 23:00:01Damien Miller
[auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5] [krl.c krl.h PROTOCOL.krl] add support for Key Revocation Lists (KRLs). These are a compact way to represent lists of revoked keys and certificates, taking as little as a single bit of incremental cost to revoke a certificate by serial number. KRLs are loaded via the existing RevokedKeys sshd_config option. feedback and ok markus@
2013-01-09 - markus@cvs.openbsd.org 2013/01/08 18:49:04Damien Miller
[PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c] [myproposal.h packet.c ssh_config.5 sshd_config.5] support AES-GCM as defined in RFC 5647 (but with simpler KEX handling) ok and feedback djm@
2012-12-12 - markus@cvs.openbsd.org 2012/12/11 22:31:18Damien Miller
[PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h] [packet.c ssh_config.5 sshd_config.5] add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms that change the packet format and compute the MAC over the encrypted message (including the packet size) instead of the plaintext data; these EtM modes are considered more secure and used by default. feedback and ok djm@
2012-12-07 - jmc@cvs.openbsd.org 2012/12/03 08:33:03Darren Tucker
[ssh-add.1 sshd_config.5] tweak previous;
2012-12-03 - djm@cvs.openbsd.org 2012/12/02 20:46:11Damien Miller
[auth-options.c channels.c servconf.c servconf.h serverloop.c session.c] [sshd_config.5] make AllowTcpForwarding accept "local" and "remote" in addition to its current "yes"/"no" to allow the server to specify whether just local or remote TCP forwarding is enabled. ok markus@
2012-11-04 - djm@cvs.openbsd.org 2012/11/04 11:09:15Damien Miller
[auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c] [sshd_config.5] Support multiple required authentication via an AuthenticationMethods option. This option lists one or more comma-separated lists of authentication method names. Successful completion of all the methods in any list is required for authentication to complete; feedback and ok markus@
2012-11-04 - djm@cvs.openbsd.org 2012/11/04 10:38:43Damien Miller
[auth2-pubkey.c sshd.c sshd_config.5] Remove default of AuthorizedCommandUser. Administrators are now expected to explicitly specify a user. feedback and ok markus@
2012-11-04 - OpenBSD CVS SyncDamien Miller
- jmc@cvs.openbsd.org 2012/10/31 08:04:50 [sshd_config.5] tweak previous;
2012-10-31 - djm@cvs.openbsd.org 2012/10/30 21:29:55Damien Miller
[auth-rsa.c auth.c auth.h auth2-pubkey.c servconf.c servconf.h] [sshd.c sshd_config sshd_config.5] new sshd_config option AuthorizedKeysCommand to support fetching authorized_keys from a command in addition to (or instead of) from the filesystem. The command is run as the target server user unless another specified via a new AuthorizedKeysCommandUser option. patch originally by jchadima AT redhat.com, reworked by me; feedback and ok markus@
2012-10-05 - markus@cvs.openbsd.org 2012/10/04 13:21:50Darren Tucker
[myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c] add umac128 variant; ok djm@ at n2k12 (note: further Makefile work is required)
2012-07-02 - naddy@cvs.openbsd.org 2012/06/29 13:57:25Darren Tucker
[ssh_config.5 sshd_config.5] match the documented MAC order of preference to the actual one; ok dtucker@
2012-06-30 - dtucker@cvs.openbsd.org 2012/06/28 05:07:45Damien Miller
[mac.c myproposal.h ssh_config.5 sshd_config.5] Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs since they were removed from draft6 of the spec and will not be in the RFC when published. Patch from mdb at juniper net via bz#2023, ok markus.
2012-06-20 - jmc@cvs.openbsd.org 2012/06/19 21:35:54Damien Miller
[sshd_config.5] tweak previous; ok markus
2012-06-20 - markus@cvs.openbsd.org 2012/06/19 18:25:28Damien Miller
[servconf.c servconf.h sshd_config.5] sshd_config: extend Match to allow AcceptEnv and {Allow,Deny}{Users,Groups} this allows 'Match LocalPort 1022' combined with 'AllowUser bauer' ok djm@ (back in March)
2012-05-19 - dtucker@cvs.openbsd.org 2012/05/19 06:30:30Darren Tucker
[sshd_config.5] Document PermitOpen none. bz#2001, patch from Loganaden Velvindron
2012-05-19- (dtucker) OpenBSD CVS SyncDarren Tucker
- dtucker@cvs.openbsd.org 2012/05/13 01:42:32 [servconf.h servconf.c sshd.8 sshd.c auth.c sshd_config.5] Add "Match LocalAddress" and "Match LocalPort" to sshd and adjust tests to match. Feedback and ok djm@ markus@.
2012-04-22 - djm@cvs.openbsd.org 2012/04/12 02:43:55Damien Miller
[sshd_config sshd_config.5] mention AuthorizedPrincipalsFile=none default
2012-04-22 - djm@cvs.openbsd.org 2012/04/12 02:42:32Damien Miller
[servconf.c servconf.h sshd.c sshd_config sshd_config.5] VersionAddendum option to allow server operators to append some arbitrary text to the SSH-... banner; ok deraadt@ "don't care" markus@
2011-09-22 - djm@cvs.openbsd.org 2011/09/09 00:43:00Damien Miller
[ssh_config.5 sshd_config.5] fix typo in IPQoS parsing: there is no "AF14" class, but there is an "AF21" class. Spotted by giesen AT snickers.org; ok markus stevesk
2011-08-06 - djm@cvs.openbsd.org 2011/08/02 01:22:11Damien Miller
[mac.c myproposal.h ssh.1 ssh_config.5 sshd.8 sshd_config.5] Add new SHA256 and SHA512 based HMAC modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt Patch from mdb AT juniper.net; feedback and ok markus@
2011-06-23 - djm@cvs.openbsd.org 2011/06/22 21:57:01Damien Miller
[servconf.c servconf.h sshd.c sshd_config.5 sandbox-rlimit.c] [sandbox-systrace.c sandbox.h configure.ac Makefile.in] introduce sandboxing of the pre-auth privsep child using systrace(4). This introduces a new "UsePrivilegeSeparation=sandbox" option for sshd_config that applies mandatory restrictions on the syscalls the privsep child can perform. This prevents a compromised privsep child from being used to attack other hosts (by opening sockets and proxying) or probing local kernel attack surface. The sandbox is implemented using systrace(4) in unsupervised "fast-path" mode, where a list of permitted syscalls is supplied. Any syscall not on the list results in SIGKILL being sent to the privsep child. Note that this requires a kernel with the new SYSTR_POLICY_KILL option. UsePrivilegeSeparation=sandbox will become the default in the future so please start testing it now. feedback dtucker@; ok markus@
2011-05-29 - jmc@cvs.openbsd.org 2011/05/23 07:10:21Damien Miller
[sshd.8 sshd_config.5] tweak previous; ok djm
2011-05-29OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2011/05/23 03:30:07 [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5] allow AuthorizedKeysFile to specify multiple files, separated by spaces. Bring back authorized_keys2 as a default search path (to avoid breaking existing users of this file), but override this in sshd_config so it will be no longer used on fresh installs. Maybe in 2015 we can remove it entierly :) feedback and ok markus@ dtucker@
2010-12-26 - djm@cvs.openbsd.org 2010/12/08 04:02:47Damien Miller
[ssh_config.5 sshd_config.5] explain that IPQoS arguments are separated by whitespace; iirc requested by jmc@ a while back
2010-11-20 - jmc@cvs.openbsd.org 2010/11/18 15:01:00Damien Miller
[scp.1 sftp.1 ssh.1 sshd_config.5] add IPQoS to the various -o lists, and zap some trailing whitespace;
2010-11-20 - djm@cvs.openbsd.org 2010/11/13 23:27:51Damien Miller
[clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h] [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5] allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of hardcoding lowdelay/throughput. bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
2010-11-05 - jmc@cvs.openbsd.org 2010/10/28 18:33:28Damien Miller
[scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5] knock out some "-*- nroff -*-" lines;
2010-09-24 - djm@cvs.openbsd.org 2010/09/22 05:01:30Damien Miller
[kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h] [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5] add a KexAlgorithms knob to the client and server configuration to allow selection of which key exchange methods are used by ssh(1) and sshd(8) and their order of preference. ok markus@
2010-08-31 - djm@cvs.openbsd.org 2010/08/31 11:54:45Damien Miller
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c] [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c] [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c] [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c] [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h] [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5] [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
2010-07-02 - jmc@cvs.openbsd.org 2010/06/30 07:28:34Damien Miller
[sshd_config.5] tweak previous;
2010-07-02 - djm@cvs.openbsd.org 2010/06/29 23:16:46Damien Miller
[auth2-pubkey.c sshd_config.5] allow key options (command="..." and friends) in AuthorizedPrincipals; ok markus@
2010-06-26 - djm@cvs.openbsd.org 2010/06/22 04:22:59Damien Miller
[servconf.c sshd_config.5] expose some more sshd_config options inside Match blocks: AuthorizedKeysFile AuthorizedPrincipalsFile HostbasedUsesNameFromPacketOnly PermitTunnel bz#1764; feedback from imorgan AT nas.nasa.gov; ok dtucker@
2010-05-10 - jmc@cvs.openbsd.org 2010/05/07 12:49:17Damien Miller
[sshd_config.5] tweak previous;
2010-05-10 - djm@cvs.openbsd.org 2010/05/07 11:30:30Damien Miller
[auth-options.c auth-options.h auth.c auth.h auth2-pubkey.c] [key.c servconf.c servconf.h sshd.8 sshd_config.5] add some optional indirection to matching of principal names listed in certificates. Currently, a certificate must include the a user's name to be accepted for authentication. This change adds the ability to specify a list of certificate principal names that are acceptable. When authenticating using a CA trusted through ~/.ssh/authorized_keys, this adds a new principals="name1[,name2,...]" key option. For CAs listed through sshd_config's TrustedCAKeys option, a new config option "AuthorizedPrincipalsFile" specifies a per-user file containing the list of acceptable names. If either option is absent, the current behaviour of requiring the username to appear in principals continues to apply. These options are useful for role accounts, disjoint account namespaces and "user@realm"-style naming policies in certificates. feedback and ok markus@
2010-03-05 - djm@cvs.openbsd.org 2010/03/04 23:17:25Damien Miller
[sshd_config.5] missing word; spotted by jmc@
2010-03-05 - jmc@cvs.openbsd.org 2010/03/04 12:51:25Damien Miller
[ssh.1 sshd_config.5] tweak previous;
2010-03-04 - djm@cvs.openbsd.org 2010/03/04 10:36:03Damien Miller
[auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c] [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h] [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5] Add a TrustedUserCAKeys option to sshd_config to specify CA keys that are trusted to authenticate users (in addition than doing it per-user in authorized_keys). Add a RevokedKeys option to sshd_config and a @revoked marker to known_hosts to allow keys to me revoked and banned for user or host authentication. feedback and ok markus@
2010-02-27 - OpenBSD CVS SyncDamien Miller
- djm@cvs.openbsd.org 2010/02/26 20:29:54 [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c] [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c] [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c] [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c] [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c] [sshconnect2.c sshd.8 sshd.c sshd_config.5] Add support for certificate key types for users and hosts. OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as sh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
2010-01-10 - dtucker@cvs.openbsd.org 2010/01/09 23:04:13Darren Tucker
[channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c readconf.h scp.1 sftp.1 ssh_config.5 misc.h] Remove RoutingDomain from ssh since it's now not needed. It can be replaced with "route exec" or "nc -V" as a proxycommand. "route exec" also ensures that trafic such as DNS lookups stays withing the specified routingdomain. For example (from reyk): # route -T 2 exec /usr/sbin/sshd or inherited from the parent process $ route -T 2 exec sh $ ssh 10.1.2.3 ok deraadt@ markus@ stevesk@ reyk@