tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: Since they are deprecated, move DSA to the end of the 

default list of public keys so that they will be tried last.  From github
PR#295 from "ProBackup-nl", ok djm@

OpenBSD-Commit-ID: 7e5d575cf4971d4e2de92e0b6d6efaba53598bf0
This commit is contained in:
dtucker@openbsd.org 2022-02-04 02:49:17 +00:00 committed by Damien Miller
parent 253de42753
commit ad16a84e64
5 changed files with 16 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
readconf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.c,v 1.364 2021/12/19 22:14:47 djm Exp $ */ /* $OpenBSD: readconf.c,v 1.365 2022/02/04 02:49:17 dtucker Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -2532,7 +2532,6 @@ fill_default_options(Options * options)
options->add_keys_to_agent_lifespan = 0; options->add_keys_to_agent_lifespan = 0;
} }
if (options->num_identity_files == 0) { if (options->num_identity_files == 0) {
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA, 0);
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DSA, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_DSA, 0);
#ifdef OPENSSL_HAS_ECC #ifdef OPENSSL_HAS_ECC
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_ECDSA, 0);
@ -2544,6 +2543,7 @@ fill_default_options(Options * options)
add_identity_file(options, "~/", add_identity_file(options, "~/",
_PATH_SSH_CLIENT_ID_ED25519_SK, 0); _PATH_SSH_CLIENT_ID_ED25519_SK, 0);
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0); add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_XMSS, 0);
add_identity_file(options, "~/", _PATH_SSH_CLIENT_ID_RSA, 0);
} }
if (options->escape_char == -1) if (options->escape_char == -1)
options->escape_char = '~'; options->escape_char = '~';

8
ssh-add.1
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: ssh-add.1,v 1.83 2021/12/22 06:56:41 jmc Exp $ .\" $OpenBSD: ssh-add.1,v 1.84 2022/02/04 02:49:17 dtucker Exp $
.\" .\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -35,7 +35,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.Dd $Mdocdate: December 22 2021 $ .Dd $Mdocdate: February 4 2022 $
.Dt SSH-ADD 1 .Dt SSH-ADD 1
.Os .Os
.Sh NAME .Sh NAME
@ -63,12 +63,12 @@ adds private key identities to the authentication agent,
.Xr ssh-agent 1 . .Xr ssh-agent 1 .
When run without arguments, it adds the files When run without arguments, it adds the files
.Pa ~/.ssh/id_rsa , .Pa ~/.ssh/id_rsa ,
.Pa ~/.ssh/id_dsa ,
.Pa ~/.ssh/id_ecdsa , .Pa ~/.ssh/id_ecdsa ,
.Pa ~/.ssh/id_ecdsa_sk , .Pa ~/.ssh/id_ecdsa_sk ,
.Pa ~/.ssh/id_ed25519 , .Pa ~/.ssh/id_ed25519 ,
.Pa ~/.ssh/id_ed25519_sk ,
and and
.Pa ~/.ssh/id_ed25519_sk . .Pa ~/.ssh/id_dsa .
After loading a private key, After loading a private key,
.Nm .Nm
will try to load corresponding certificate information from the will try to load corresponding certificate information from the

4
ssh-add.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-add.c,v 1.164 2022/01/14 03:43:48 djm Exp $ */ /* $OpenBSD: ssh-add.c,v 1.165 2022/02/04 02:49:17 dtucker Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -77,7 +77,6 @@ extern char *__progname;
static char *default_files[] = { static char *default_files[] = {
#ifdef WITH_OPENSSL #ifdef WITH_OPENSSL
_PATH_SSH_CLIENT_ID_RSA, _PATH_SSH_CLIENT_ID_RSA,
_PATH_SSH_CLIENT_ID_DSA,
#ifdef OPENSSL_HAS_ECC #ifdef OPENSSL_HAS_ECC
_PATH_SSH_CLIENT_ID_ECDSA, _PATH_SSH_CLIENT_ID_ECDSA,
_PATH_SSH_CLIENT_ID_ECDSA_SK, _PATH_SSH_CLIENT_ID_ECDSA_SK,
@ -86,6 +85,7 @@ static char *default_files[] = {
_PATH_SSH_CLIENT_ID_ED25519, _PATH_SSH_CLIENT_ID_ED25519,
_PATH_SSH_CLIENT_ID_ED25519_SK, _PATH_SSH_CLIENT_ID_ED25519_SK,
_PATH_SSH_CLIENT_ID_XMSS, _PATH_SSH_CLIENT_ID_XMSS,
_PATH_SSH_CLIENT_ID_DSA,
NULL NULL
}; };

8
ssh.1
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: ssh.1,v 1.427 2021/09/10 10:26:02 dtucker Exp $ .\" $OpenBSD: ssh.1,v 1.428 2022/02/04 02:49:17 dtucker Exp $
.Dd $Mdocdate: September 10 2021 $ .Dd $Mdocdate: February 4 2022 $
.Dt SSH 1 .Dt SSH 1
.Os .Os
.Sh NAME .Sh NAME
@ -298,13 +298,13 @@ private key that is loaded in
.Xr ssh-agent 1 .Xr ssh-agent 1
when the private key file is not present locally. when the private key file is not present locally.
The default is The default is
.Pa ~/.ssh/id_dsa , .Pa ~/.ssh/id_rsa ,
.Pa ~/.ssh/id_ecdsa , .Pa ~/.ssh/id_ecdsa ,
.Pa ~/.ssh/id_ecdsa_sk , .Pa ~/.ssh/id_ecdsa_sk ,
.Pa ~/.ssh/id_ed25519 , .Pa ~/.ssh/id_ed25519 ,
.Pa ~/.ssh/id_ed25519_sk .Pa ~/.ssh/id_ed25519_sk
and and
.Pa ~/.ssh/id_rsa . .Pa ~/.ssh/id_dsa .
Identity files may also be specified on Identity files may also be specified on
a per-host basis in the configuration file. a per-host basis in the configuration file.
It is possible to have multiple It is possible to have multiple

8
ssh_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: ssh_config.5,v 1.367 2021/11/10 06:29:25 djm Exp $ .\" $OpenBSD: ssh_config.5,v 1.368 2022/02/04 02:49:17 dtucker Exp $
.Dd $Mdocdate: November 10 2021 $ .Dd $Mdocdate: February 4 2022 $
.Dt SSH_CONFIG 5 .Dt SSH_CONFIG 5
.Os .Os
.Sh NAME .Sh NAME
@ -1012,13 +1012,13 @@ section.
Specifies a file from which the user's DSA, ECDSA, authenticator-hosted ECDSA, Specifies a file from which the user's DSA, ECDSA, authenticator-hosted ECDSA,
Ed25519, authenticator-hosted Ed25519 or RSA authentication identity is read. Ed25519, authenticator-hosted Ed25519 or RSA authentication identity is read.
The default is The default is
.Pa ~/.ssh/id_dsa , .Pa ~/.ssh/id_rsa ,
.Pa ~/.ssh/id_ecdsa , .Pa ~/.ssh/id_ecdsa ,
.Pa ~/.ssh/id_ecdsa_sk , .Pa ~/.ssh/id_ecdsa_sk ,
.Pa ~/.ssh/id_ed25519 , .Pa ~/.ssh/id_ed25519 ,
.Pa ~/.ssh/id_ed25519_sk .Pa ~/.ssh/id_ed25519_sk
and and
.Pa ~/.ssh/id_rsa . .Pa ~/.ssh/id_dsa .
Additionally, any identities represented by the authentication agent Additionally, any identities represented by the authentication agent
will be used for authentication unless will be used for authentication unless
.Cm IdentitiesOnly .Cm IdentitiesOnly