From e272a5bb2937f1a8297c412c9312c38133f829c1 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 3 Nov 2008 19:22:37 +1100 Subject: - djm@cvs.openbsd.org 2008/10/08 23:34:03 [ssh.1 ssh.c] Add -y option to force logging via syslog rather than stderr. Useful for daemonised ssh connection (ssh -f). Patch originally from and ok'd by markus@ --- ssh.1 | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'ssh.1') diff --git a/ssh.1 b/ssh.1 index 1883578f2..c8cd2136c 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.277 2008/07/02 13:47:39 djm Exp $ -.Dd $Mdocdate: July 2 2008 $ +.\" $OpenBSD: ssh.1,v 1.278 2008/10/08 23:34:03 djm Exp $ +.Dd $Mdocdate: October 8 2008 $ .Dt SSH 1 .Os .Sh NAME @@ -43,7 +43,7 @@ .Nd OpenSSH SSH client (remote login program) .Sh SYNOPSIS .Nm ssh -.Op Fl 1246AaCfgKkMNnqsTtVvXxY +.Op Fl 1246AaCfgKkMNnqsTtVvXxYy .Op Fl b Ar bind_address .Op Fl c Ar cipher_spec .Oo Fl D\ \& @@ -658,6 +658,11 @@ Disables X11 forwarding. Enables trusted X11 forwarding. Trusted X11 forwardings are not subjected to the X11 SECURITY extension controls. +.It Fl y +Send log information using the +.Xr syslog 3 +system module. +By default this information is sent to stderr. .El .Pp .Nm -- cgit v1.2.3 From 0164cb8a87cf3060f13954ce4e842ecbe8316817 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 5 Nov 2008 16:30:31 +1100 Subject: - stevesk@cvs.openbsd.org 2008/11/05 03:23:09 [clientloop.c ssh.1] add dynamic forward escape command line; ok djm@ --- ChangeLog | 5 ++++- clientloop.c | 25 ++++++++++++++++--------- ssh.1 | 9 +++++---- 3 files changed, 25 insertions(+), 14 deletions(-) (limited to 'ssh.1') diff --git a/ChangeLog b/ChangeLog index d49180e6e..1b4594114 100644 --- a/ChangeLog +++ b/ChangeLog @@ -36,6 +36,9 @@ space was not malloc'd in that case. ok djm@ + - stevesk@cvs.openbsd.org 2008/11/05 03:23:09 + [clientloop.c ssh.1] + add dynamic forward escape command line; ok djm@ 20081103 - OpenBSD CVS Sync @@ -4886,4 +4889,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.5131 2008/11/05 05:30:06 djm Exp $ +$Id: ChangeLog,v 1.5132 2008/11/05 05:30:31 djm Exp $ diff --git a/clientloop.c b/clientloop.c index 0ed4194a6..737807496 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.203 2008/11/01 17:40:33 stevesk Exp $ */ +/* $OpenBSD: clientloop.c,v 1.204 2008/11/05 03:23:09 stevesk Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -764,7 +764,7 @@ process_cmdline(void) void (*handler)(int); char *s, *cmd, *cancel_host; int delete = 0; - int local = 0; + int local = 0, remote = 0, dynamic = 0; u_short cancel_port; Forward fwd; @@ -789,6 +789,8 @@ process_cmdline(void) "Request local forward"); logit(" -R[bind_address:]port:host:hostport " "Request remote forward"); + logit(" -D[bind_address:]port " + "Request dynamic forward"); logit(" -KR[bind_address:]port " "Cancel remote forward"); if (!options.permit_local_command) @@ -808,17 +810,22 @@ process_cmdline(void) delete = 1; s++; } - if (*s != 'L' && *s != 'R') { + if (*s == 'L') + local = 1; + else if (*s == 'R') + remote = 1; + else if (*s == 'D') + dynamic = 1; + else { logit("Invalid command."); goto out; } - if (*s == 'L') - local = 1; - if (local && delete) { + + if ((local || dynamic) && delete) { logit("Not supported."); goto out; } - if ((!local || delete) && !compat20) { + if (remote && delete && !compat20) { logit("Not supported for SSH protocol version 1."); goto out; } @@ -842,11 +849,11 @@ process_cmdline(void) } channel_request_rforward_cancel(cancel_host, cancel_port); } else { - if (!parse_forward(&fwd, s, 0)) { + if (!parse_forward(&fwd, s, dynamic ? 1 : 0)) { logit("Bad forwarding specification."); goto out; } - if (local) { + if (local || dynamic) { if (channel_setup_local_fwd_listener(fwd.listen_host, fwd.listen_port, fwd.connect_host, fwd.connect_port, options.gateway_ports) < 0) { diff --git a/ssh.1 b/ssh.1 index c8cd2136c..5f55dfe9d 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.278 2008/10/08 23:34:03 djm Exp $ -.Dd $Mdocdate: October 8 2008 $ +.\" $OpenBSD: ssh.1,v 1.279 2008/11/05 03:23:09 stevesk Exp $ +.Dd $Mdocdate: November 5 2008 $ .Dt SSH 1 .Os .Sh NAME @@ -898,9 +898,10 @@ Send a BREAK to the remote system .It Cm ~C Open command line. Currently this allows the addition of port forwardings using the -.Fl L -and +.Fl L , .Fl R +and +.Fl D options (see above). It also allows the cancellation of existing remote port-forwardings using -- cgit v1.2.3 From 63917bd0dae6189147dc4cafaeaf6f1d91b14cfe Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Tue, 11 Nov 2008 16:33:48 +1100 Subject: - tobias@cvs.openbsd.org 2008/11/09 12:34:47 [session.c ssh.1] typo fixed (overriden -> overridden) ok espie, jmc --- ChangeLog | 6 +++++- session.c | 4 ++-- ssh.1 | 6 +++--- 3 files changed, 10 insertions(+), 6 deletions(-) (limited to 'ssh.1') diff --git a/ChangeLog b/ChangeLog index 0ee6df733..a167dfea1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,6 +13,10 @@ - dtucker@cvs.openbsd.org 2008/11/07 23:34:48 [auth2-jpake.c] Move JPAKE define to make life easier for portable. ok djm@ + - tobias@cvs.openbsd.org 2008/11/09 12:34:47 + [session.c ssh.1] + typo fixed (overriden -> overridden) + ok espie, jmc 20081105 - OpenBSD CVS Sync @@ -4905,4 +4909,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.5136 2008/11/11 05:33:03 dtucker Exp $ +$Id: ChangeLog,v 1.5137 2008/11/11 05:33:48 dtucker Exp $ diff --git a/session.c b/session.c index 4bed28d7f..c61aeb711 100644 --- a/session.c +++ b/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.243 2008/10/02 14:39:35 millert Exp $ */ +/* $OpenBSD: session.c,v 1.244 2008/11/09 12:34:47 tobias Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -932,7 +932,7 @@ check_quietlogin(Session *s, const char *command) /* * Sets the value of the given variable in the environment. If the variable - * already exists, its value is overriden. + * already exists, its value is overridden. */ void child_set_env(char ***envp, u_int *envsizep, const char *name, diff --git a/ssh.1 b/ssh.1 index 5f55dfe9d..b66a1c342 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.279 2008/11/05 03:23:09 stevesk Exp $ -.Dd $Mdocdate: November 5 2008 $ +.\" $OpenBSD: ssh.1,v 1.280 2008/11/09 12:34:47 tobias Exp $ +.Dd $Mdocdate: November 9 2008 $ .Dt SSH 1 .Os .Sh NAME @@ -550,7 +550,7 @@ using an alternative syntax: .Pp By default, the listening socket on the server will be bound to the loopback interface only. -This may be overriden by specifying a +This may be overridden by specifying a .Ar bind_address . An empty .Ar bind_address , -- cgit v1.2.3 From e2f4cc5016f63a0ccee02056f33b79e12e0fd31b Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 14 Feb 2009 16:33:49 +1100 Subject: - djm@cvs.openbsd.org 2009/02/12 03:42:09 [ssh.1] document -R0:... usage --- ChangeLog | 5 ++++- ssh.1 | 11 +++++++++-- 2 files changed, 13 insertions(+), 3 deletions(-) (limited to 'ssh.1') diff --git a/ChangeLog b/ChangeLog index 5e9a177d9..c93cf06f6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -18,6 +18,9 @@ [monitor.c] some paranoia: check that the serialised key is really KEY_RSA before diddling its internals + - djm@cvs.openbsd.org 2009/02/12 03:42:09 + [ssh.1] + document -R0:... usage 20090212 - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically @@ -5144,5 +5147,5 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.5189 2009/02/14 05:33:31 djm Exp $ +$Id: ChangeLog,v 1.5190 2009/02/14 05:33:49 djm Exp $ diff --git a/ssh.1 b/ssh.1 index b66a1c342..6a7cfbf13 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.280 2008/11/09 12:34:47 tobias Exp $ -.Dd $Mdocdate: November 9 2008 $ +.\" $OpenBSD: ssh.1,v 1.281 2009/02/12 03:42:09 djm Exp $ +.Dd $Mdocdate: February 12 2009 $ .Dt SSH 1 .Os .Sh NAME @@ -563,6 +563,13 @@ will only succeed if the server's .Cm GatewayPorts option is enabled (see .Xr sshd_config 5 ) . +.Pp +If the +.Ar port +argument is +.Dq 0 , +the listen port will be dynamically allocated on the server and reported +to the client at run time. .It Fl S Ar ctl_path Specifies the location of a control socket for connection sharing. Refer to the description of -- cgit v1.2.3 From 65fa4cab4cf8e795bb624866a27794cae2845210 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sat, 14 Feb 2009 16:34:05 +1100 Subject: - djm@cvs.openbsd.org 2009/02/12 03:44:25 [ssh.1] consistency: Dq => Ql --- ChangeLog | 5 ++++- ssh.1 | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) (limited to 'ssh.1') diff --git a/ChangeLog b/ChangeLog index c93cf06f6..dc981f7eb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -21,6 +21,9 @@ - djm@cvs.openbsd.org 2009/02/12 03:42:09 [ssh.1] document -R0:... usage + - djm@cvs.openbsd.org 2009/02/12 03:44:25 + [ssh.1] + consistency: Dq => Ql 20090212 - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically @@ -5147,5 +5150,5 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.5190 2009/02/14 05:33:49 djm Exp $ +$Id: ChangeLog,v 1.5191 2009/02/14 05:34:05 djm Exp $ diff --git a/ssh.1 b/ssh.1 index 6a7cfbf13..421783be3 100644 --- a/ssh.1 +++ b/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.281 2009/02/12 03:42:09 djm Exp $ +.\" $OpenBSD: ssh.1,v 1.282 2009/02/12 03:44:25 djm Exp $ .Dd $Mdocdate: February 12 2009 $ .Dt SSH 1 .Os @@ -567,7 +567,7 @@ option is enabled (see If the .Ar port argument is -.Dq 0 , +.Ql 0 , the listen port will be dynamically allocated on the server and reported to the client at run time. .It Fl S Ar ctl_path -- cgit v1.2.3