CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 14:55:23
Modified files:
usr.bin/ssh: kex.c kex.h serverloop.c
Log message:
Fix signature algorithm selection logic for UpdateHostkeys on the
server side. The previous code tried to prefer
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 14:48:38
Modified files:
usr.bin/ssh: channels.c channels.h clientloop.c serverloop.c
Log message:
convert ssh, sshd mainloops from select() to poll();
feedback & ok deraadt@ and markus@
has
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/06 14:46:23
Modified files:
usr.bin/ssh: channels.c channels.h
Log message:
prepare for conversion of ssh, sshd mainloop from select() to poll()
by moving FD_SET construction out of channel
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/05 14:54:37
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
add a comment so I don't make this mistake again
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/05 14:50:00
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
fix cut-and-pasto in error message
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/05 01:25:05
Modified files:
regress/usr.bin/ssh: hostkey-rotate.sh
Log message:
select all RSA hostkey algorithms for UpdateHostkeys tests, not just
RSA-SHA1
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:56:15
Modified files:
regress/usr.bin/ssh: sshsig.sh
Log message:
regress test both sshsig message hash algorithms, possible now because
the algorithm is controllable via the CLI
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:50:11
Modified files:
usr.bin/ssh: ssh-keygen.1 ssh-keygen.c
Log message:
allow selection of hash at sshsig signing time; code already supported
either sha512 (default) or sha256, but
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:27:54
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
add missing -O option to usage() for ssh-keygen -Y sign;
from Linus Nordberg
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:27:01
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
move sig_process_opts() to before sig_sign(); no functional code change
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:10:39
Modified files:
regress/usr.bin/ssh: sshsig.sh
Log message:
regression test for find-principals NULL deref; from Fabian Stelzer
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 21:02:42
Modified files:
usr.bin/ssh: sshsig.c
Log message:
NULL deref when using find-principals when matching an allowed_signers
line that contains a namespace restriction, but no
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2022/01/04 00:20:33
Modified files:
regress/usr.bin/ssh: agent-restrict.sh
Log message:
unbreak test: was picking up system ssh-add instead of the one supposedly
being tested. Spotted by dtucker and using
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/31 21:18:06
Modified files:
usr.bin/ssh: ssh-agent.c
Log message:
fix memleak in process_extension(); oss-fuzz issue #42719
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/26 16:34:41
Modified files:
usr.bin/ssh: auth2.c
Log message:
split method list search functionality from authmethod_lookup() into
a separate authmethod_byname(), for cases where we don't need
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/12/19 16:06:02
Modified files:
openssh: agent-restrict.html
Log message:
replace unicode quotes with ASCII ones
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/12/19 16:03:53
Modified files:
openssh: agent-restrict.html
Log message:
more missing markup
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/12/19 16:01:29
Modified files:
openssh: agent-restrict.html
Log message:
missing tag
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/12/19 15:29:21
Modified files:
openssh: features.html
Log message:
typo in link
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:20:12
Modified files:
regress/usr.bin/ssh: Makefile
Added files:
regress/usr.bin/ssh: agent-restrict.sh
Log message:
regression test for destination restrictions in ssh-agent
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/12/19 15:16:34
Modified files:
openssh: features.html
Added files:
openssh: agent-restrict.html
Log message:
introductory documentation for destination-restricted keys in
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:15:42
Modified files:
usr.bin/ssh: PROTOCOL
Log message:
document host-bound publickey authentication
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:15:21
Modified files:
usr.bin/ssh: PROTOCOL.agent
Log message:
document agent protocol extensions
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:14:47
Modified files:
usr.bin/ssh: readconf.c readconf.h sshconnect2.c
Log message:
PubkeyAuthentication=yes|no|unbound|host-bound
Allow control over which pubkey methods are used. Added
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:14:12
Modified files:
usr.bin/ssh: ssh-add.1
Log message:
document destination-constrained keys
feedback / ok markus@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:13:55
Modified files:
usr.bin/ssh: ssh-agent.c
Log message:
Use hostkey parsed from hostbound userauth request
Require host-bound userauth requests for forwarded SSH connections.
The
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:13:34
Modified files:
usr.bin/ssh: ssh-agent.c
Log message:
agent support for parsing hostkey-bound signatures
Allow parse_userauth_request() to work with blobs from
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:13:12
Modified files:
usr.bin/ssh: kex.c
Log message:
EXT_INFO negotiation of hostbound pubkey auth
the EXT_INFO packet gets a new publickey-hostbo...@openssh.com to
advertise the
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:12:54
Modified files:
usr.bin/ssh: kex.h sshconnect2.c
Log message:
client side of host-bound pubkey authentication
Add kex->flags member to enable the publickey-hostbound-...@openssh.com
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:12:30
Modified files:
usr.bin/ssh: auth2-pubkey.c monitor.c
Log message:
sshd side of hostbound public key auth
This is identical to the standard "publickey" method, but it also includes
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:12:07
Modified files:
usr.bin/ssh: auth.h auth2-gss.c auth2-hostbased.c
auth2-kbdint.c auth2-none.c auth2-passwd.c
auth2-pubkey.c auth2.c
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:11:39
Modified files:
usr.bin/ssh: ssh-agent.c
Log message:
ssh-agent side of destination constraints
Gives ssh-agent the ability to parse restrict-destination-...@openssh.com
constraints
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:11:06
Modified files:
usr.bin/ssh/ssh-add: Makefile
Log message:
ssh-add side of destination constraints
Have ssh-add accept a list of "destination constraints" that allow
restricting where
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:10:24
Modified files:
usr.bin/ssh: authfd.c authfd.h ssh-add.c sshconnect.c
Log message:
ssh-add side of destination constraints
Have ssh-add accept a list of "destination constraints"
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:09:23
Modified files:
usr.bin/ssh: ssh-agent.c
Log message:
ssh-agent side of binding
record session ID/hostkey/forwarding status for each active socket.
Attempt to parse
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:08:48
Modified files:
usr.bin/ssh: authfd.c authfd.h clientloop.c sshconnect2.c
Log message:
ssh client side of binding
send session ID, hostkey, signature and a flag indicating whether
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/19 15:08:06
Modified files:
usr.bin/ssh: kex.c kex.h kexgen.c kexgexc.c kexgexs.c
Log message:
Record session ID, host key and sig at intital KEX
These will be used later for agent session ID /
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/07 15:06:45
Modified files:
usr.bin/ssh: sk-usbhid.c
Log message:
better error message for FIDO keys when we can't match them to a token
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/02 16:45:36
Modified files:
usr.bin/ssh: ssh-keyscan.c
Log message:
hash full host:port when asked to hash output, fixes hashes for non-
default ports. bz3367 ok dtucker@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/02 16:23:13
Modified files:
usr.bin/ssh: sk-usbhid.c
Log message:
improve the testing of credentials against inserted FIDO keys a little
more: ask the token whether a particular key belongs to
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/02 15:40:05
Modified files:
usr.bin/ssh: sk-usbhid.c
Log message:
move check_sk_options() up so we can use it earlier
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/12/01 19:44:44
Modified files:
usr.bin/ssh: ssh.c
Log message:
don't put the tty into raw mode when SessionType=none, avoids ^c being
unable to kill such a session. bz3360; ok dtucker@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/28 18:04:45
Modified files:
sys/lib/libsa : blowfish.h blowfish.c
sys/crypto : blf.h blf.c
lib/libc/crypt : blowfish.c blowfish.3
include: blf.h
Log message:
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/28 00:21:26
Modified files:
usr.bin/ssh: sshsig.c
Log message:
sshsig: return "key not found" when searching empty files rather than
"internal error"
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/28 00:15:10
Modified files:
usr.bin/ssh: ssh-keygen.1
Log message:
ssh-keygen -Y match-principals doesn't accept any -O options
at present, so don't say otherwise in SYNOPSIS; spotted jmc@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/28 00:14:29
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
fix indenting in last commit
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/28 00:10:18
Modified files:
usr.bin/ssh: sshsig.c
Log message:
missing initialisation for oerrno
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/27 00:23:35
Modified files:
regress/usr.bin/ssh: sshsig.sh
Log message:
whitespac e
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/27 00:20:59
Modified files:
regress/usr.bin/ssh: sshsig.sh
Log message:
regression test for match-principals. Mostly by Fabian Stelzer
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/27 00:14:46
Modified files:
usr.bin/ssh: ssh-keygen.1 ssh-keygen.c sshsig.c sshsig.h
Log message:
Add ssh-keygen -Y match-principals operation to perform matching of
principals names against an
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/25 16:02:24
Modified files:
usr.bin/ssh: packet.c
Log message:
debug("func: ...") -> debug_f("...")
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/18 14:32:11
Modified files:
usr.bin/ssh: clientloop.c
Log message:
less confusing debug message; bz#3365
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/18 14:11:01
Modified files:
usr.bin/ssh: ssh-pkcs11.c
Log message:
avoid xmalloc(0) for PKCS#11 keyid for ECDSA keys (we already did this
for RSA keys). Avoids fatal errors for PKCS#11 libraries
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/17 20:53:48
Modified files:
regress/usr.bin/ssh: sshsig.sh
Log message:
regression test for ssh-keygen -Y find-principals fix;
from Fabian Stelzer ok djm markus
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/17 20:50:41
Modified files:
usr.bin/ssh: sshsig.c
Log message:
ssh-keygen -Y find-principals was verifying key validity when using
ca certs but not with simple key lifetimes within the allowed
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/17 20:31:44
Modified files:
usr.bin/ssh: ssh-agent.c ssh-keyscan.c ssh-pkcs11-helper.c
Log message:
check for POLLHUP wherever we check for POLLIN
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/17 20:08:00
Modified files:
usr.bin/ssh: sshd.c
Log message:
fd leak in sshd listen loop error path; from Gleb Smirnoff
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/17 20:07:21
Modified files:
usr.bin/ssh: sshd.c
Log message:
check for POLLHUP as well as POLLIN in sshd listen loop;
ok deraadt millert
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/17 20:06:04
Modified files:
usr.bin/ssh: sftp-server.c
Log message:
check for POLLHUP as well as POLLIN, handle transient IO errors as well
as half-close on the output side; ok deraadt millert
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/17 14:06:39
Modified files:
usr.bin/ssh: sshd.c
Log message:
set num_listen_socks to 0 on close-all instead of -1, which
interferes with the new poll()-based listen loop; spotted and
debugged by
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/09 23:29:25
Modified files:
usr.bin/ssh: myproposal.h ssh_config.5 sshd_config.5
Log message:
add the sntrup761x25519-sha...@openssh.com hybrid ECDH/x25519 +
Streamlined NTRU Prime post-quantum
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/09 23:25:09
Modified files:
usr.bin/ssh: ssh-keysign.c
Log message:
fix ssh-keysign for KEX algorithms that use SHA384/512 exchange hashes;
feedback/ok markus@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/08 14:32:49
Modified files:
usr.bin/ssh: sftp-server.c
Log message:
improve error message when trying to expand a ~user path for a
user that doesn't exist; better matches what the shell does
ok
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/04 21:10:58
Modified files:
usr.bin/ssh: sshsig.c
Log message:
move cert_filter_principals() to earlier in the file for reuse;
no code change
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/02 16:57:27
Modified files:
regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c
Log message:
crank SSH_SK_VERSION_MAJOR to match recent change in usr/bin/ssh
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/11/02 16:56:40
Modified files:
usr.bin/ssh: sk-api.h sk-usbhid.c ssh-sk.c
Log message:
Better handle FIDO keys on tokens that provide user verification (UV)
on the device itself, including
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/10/28 21:20:46
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
ssh-keygen: make verify-time argument parsing optional
>From Fabian Stelzer
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/10/28 21:03:06
Modified files:
regress/usr.bin/ssh: sshsig.sh
Log message:
sshsig: add tests for signing key validity and find-principals
- adds generic find-principals tests (this command had none
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/10/28 20:48:20
Modified files:
regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c
Log message:
avoid signedness warning; spotted in -portable
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/10/27 20:55:30
Modified files:
regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c
Log message:
increment SSH_SK_VERSION_MAJOR to match last change
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/10/27 20:54:18
Modified files:
usr.bin/ssh: sk-api.h sk-usbhid.c ssh-add.c ssh-keygen.c
ssh-sk-client.c ssh-sk-helper.c ssh-sk.c
ssh-sk.h
Log
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/10/26 15:36:24
Modified files:
lib/libfido2 : LICENSE Makefile README.openbsd shlib_version
lib/libfido2/man: fido_assert_new.3 fido_assert_set_authdata.3
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/10/05 21:35:13
Modified files:
regress/usr.bin/ssh/misc/sk-dummy: sk-dummy.c
Log message:
use libc SHA256 functions; make this work when compiled !WITH_OPENSSL
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/30 22:50:36
Modified files:
usr.bin/ssh: sk-usbhid.c
Log message:
unbreak FIDO sk-ed25519 key enrollment for OPENSSL=no builds;
ok dtucker@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/28 19:33:32
Modified files:
usr.bin/ssh: auth2-pubkey.c
Log message:
add some debug output showing how many key file/command lines
were processed. Useful to see whether a file or command
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/28 19:32:21
Modified files:
regress/usr.bin/ssh: hostkey-agent.sh
Log message:
Test certificate hostkeys held in ssh-agent too. Would have caught
regression fixed in sshd r1.575
ok markus@
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/09/26 08:44:18
Modified files:
build : Makefile
build/mirrors : openssh-ftp.html.head
openssh: ftp.html index.html openbsd.html
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/09/26 08:41:10
Added files:
openssh/txt: release-8.8
Log message:
release notes for openssh-8.8
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/26 08:01:03
Modified files:
usr.bin/ssh: misc.c
Log message:
need initgroups() before setresgid(); reported by anton@, ok deraadt@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/26 08:01:12
Modified files:
usr.bin/ssh: version.h
Log message:
openssh-8.8
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/20 00:53:57
Modified files:
usr.bin/ssh: scp.1 scp.c
Log message:
fix missing -s in SYNOPSYS and usage() as well as a capitalisation
mistake; spotted by jmc@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/19 19:55:42
Modified files:
usr.bin/ssh: scp.c scp.1
Log message:
Switch scp back to use the old protocol by default, ahead of release.
We'll wait a little longer for people to pick up
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/17 20:03:25
Modified files:
usr.bin/ssh: scp.c
Log message:
better error message for ~user failures when the sftp-server
lacks the expand-path extension; ok deraadt@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/16 09:22:23
Modified files:
usr.bin/ssh: scp.c
Log message:
make some more scp-in-SFTP mode better match Unix idioms
suggested by deraadt@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/16 09:11:19
Modified files:
usr.bin/ssh: log.c scp.c
Log message:
allow log_stderr==2 to prefix log messages with argv[0]
use this to make scp's SFTP mode error messages more scp-like
prompted
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/15 23:36:03
Modified files:
usr.bin/ssh: readconf.c
Log message:
missing space character in ssh -G output broke the t-sshcfgparse
regression test; spotted by anton@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/15 00:56:01
Modified files:
usr.bin/ssh: readconf.c readconf.h ssh.c ssh_config.5
Log message:
allow CanonicalizePermittedCNAMEs=none in ssh_config; ok markus@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/10 18:40:24
Modified files:
usr.bin/ssh: scp.c
Log message:
when using SFTP protocol, continue transferring files after a
transfer error occurs. This matches original scp/rcp behaviour.
ok
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/09 23:46:09
Modified files:
usr.bin/ssh: compat.c
Log message:
openssh-7.4 was incorrectly listed twice; spotted by Dmitry
Belyavskiy, ok dtucker@
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/08 17:31:39
Modified files:
usr.bin/ssh: scp.1 scp.c
Log message:
Use the SFTP protocol by default. The original scp/rcp protocol remains
available via the -O flag.
Note that ~user/ prefixed
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/07 21:23:45
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
correct my mistake in previous fix; spotted by halex
gt;
> >+if (print_pubkey == NULL)
> >+*print_pubkey = 0;
> >
> >That looks like a terrible fix to me. No?
> >
> >/Alexander
> >
> >On September 7, 2021 8:03:51 AM GMT+02:00, Damien Miller
> > wrote:
> >>CVSROOT:/cvs
> >>
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/09/07 00:03:51
Modified files:
usr.bin/ssh: ssh-keygen.c
Log message:
avoid NULL deref in -Y find-principals. Report and fix from
Carlo Marcelo Arenas Belón
this breaks xterm on freshly-installed systems:
keroppi$ env DISPLAY=:0 xterm
xterm: unveil
from ktrace, it looks like it is failing when trying to unveil a
nonexistent directory:
93248 xtermNAMI "/home/djm/.cache/fontconfig"
93248 xtermRET unveil -1 errno 2 No such file or
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/08/29 19:15:45
Modified files:
regress/usr.bin/ssh: knownhosts-command.sh
Log message:
adapt to RSA/SHA1 deprectation
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/08/29 17:53:10
Modified files:
usr.bin/ssh: myproposal.h
Log message:
After years of forewarning, disable the RSA/SHA-1 signature algorithm
by default. It is feasible to create colliding SHA1
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2021/08/29 17:44:07
Modified files:
usr.bin/ssh: clientloop.c
Log message:
wrap at 80 columns
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/08/19 23:09:09
Modified files:
build : Makefile
build/mirrors : openssh-ftp.html.head
openssh: ftp.html index.html openbsd.html
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/08/19 22:46:19
Modified files:
openssh/txt: release-8.7
Log message:
whitespace
CVSROOT:/cvs
Module name:www
Changes by: d...@cvs.openbsd.org2021/08/19 22:38:35
Added files:
openssh/txt: release-8.7
Log message:
openssh-8.7 release notes
401 - 500 of 2899 matches
Mail list logo