tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: Add ssh -Q key-sig for all key and signature types. 

Teach ssh -Q to accept ssh_config(5) and sshd_config(5) algorithm keywords as
an alias for the corresponding query.  Man page help jmc@, ok djm@.

OpenBSD-Commit-ID: 1e110aee3db2fc4bc5bee2d893b7128fd622e0f8
This commit is contained in:
dtucker@openbsd.org 2020-02-07 03:54:44 +00:00 committed by Darren Tucker
parent fd68dc2786
commit d4d9e1d405
4 changed files with 34 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
ssh.1
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: ssh.1,v 1.409 2019/12/21 20:22:34 naddy Exp $
.Dd $Mdocdate: December 21 2019 $
.\" $OpenBSD: ssh.1,v 1.410 2020/02/07 03:54:44 dtucker Exp $
.Dd $Mdocdate: February 7 2020 $
.Dt SSH 1
.Os
.Sh NAME
@ -585,10 +585,18 @@ flag),
(certificate key types),
.Ar key-plain
(non-certificate key types),
.Ar key-sig
(all key types and signature algorithms),
.Ar protocol-version
(supported SSH protocol versions), and
.Ar sig
(supported signature algorithms).
Alternatively, any keyword from
.Xr ssh_config 5
or
.Xr sshd_config 5
that takes an algorithm list may be used as an alias for the corresponding
query_option.
.Pp
.It Fl q
Quiet mode.

19
ssh.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.c,v 1.518 2020/02/06 22:30:54 naddy Exp $ */
/* $OpenBSD: ssh.c,v 1.519 2020/02/07 03:54:44 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -736,13 +736,16 @@ main(int ac, char **av)
break;
case 'Q':
cp = NULL;
if (strcmp(optarg, "cipher") == 0)
if (strcmp(optarg, "cipher") == 0 ||
strcasecmp(optarg, "Ciphers") == 0)
cp = cipher_alg_list('\n', 0);
else if (strcmp(optarg, "cipher-auth") == 0)
cp = cipher_alg_list('\n', 1);
else if (strcmp(optarg, "mac") == 0)
else if (strcmp(optarg, "mac") == 0 ||
strcasecmp(optarg, "MACs") == 0)
cp = mac_alg_list('\n');
else if (strcmp(optarg, "kex") == 0)
else if (strcmp(optarg, "kex") == 0 ||
strcasecmp(optarg, "KexAlgorithms") == 0)
cp = kex_alg_list('\n');
else if (strcmp(optarg, "key") == 0)
cp = sshkey_alg_list(0, 0, 0, '\n');
@ -750,6 +753,12 @@ main(int ac, char **av)
cp = sshkey_alg_list(1, 0, 0, '\n');
else if (strcmp(optarg, "key-plain") == 0)
cp = sshkey_alg_list(0, 1, 0, '\n');
else if (strcmp(optarg, "key-sig") == 0 ||
strcasecmp(optarg, "PubkeyAcceptedKeyTypes") == 0 ||
strcasecmp(optarg, "HostKeyAlgorithms") == 0 ||
strcasecmp(optarg, "HostbasedKeyTypes") == 0 ||
strcasecmp(optarg, "HostbasedAcceptedKeyTypes") == 0)
cp = sshkey_alg_list(0, 0, 1, '\n');
else if (strcmp(optarg, "sig") == 0)
cp = sshkey_alg_list(0, 1, 1, '\n');
else if (strcmp(optarg, "protocol-version") == 0)
@ -763,7 +772,7 @@ main(int ac, char **av)
} else if (strcmp(optarg, "help") == 0) {
cp = xstrdup(
"cipher\ncipher-auth\ncompression\nkex\n"
"key\nkey-cert\nkey-plain\nmac\n"
"key\nkey-cert\nkey-plain\nkey-sig\nmac\n"
"protocol-version\nsig");
}
if (cp == NULL)

8
ssh_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: ssh_config.5,v 1.321 2020/01/31 22:25:59 jmc Exp $
.Dd $Mdocdate: January 31 2020 $
.\" $OpenBSD: ssh_config.5,v 1.322 2020/02/07 03:54:44 dtucker Exp $
.Dd $Mdocdate: February 7 2020 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
@ -868,7 +868,7 @@ If hostkeys are known for the destination host then this default is modified
to prefer their algorithms.
.Pp
The list of available key types may also be obtained using
.Qq ssh -Q key .
.Qq ssh -Q HostKeyAlgorithms .
.It Cm HostKeyAlias
Specifies an alias that should be used instead of the
real host name when looking up or saving the host key
@ -1353,7 +1353,7 @@ rsa-sha2-512,rsa-sha2-256,ssh-rsa
.Ed
.Pp
The list of available key types may also be obtained using
.Qq ssh -Q key .
.Qq ssh -Q PubkeyAcceptedKeyTypes .
.It Cm PubkeyAuthentication
Specifies whether to try public key authentication.
The argument to this keyword must be

12
sshd_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $OpenBSD: sshd_config.5,v 1.306 2020/02/06 22:34:58 naddy Exp $
.Dd $Mdocdate: February 6 2020 $
.\" $OpenBSD: sshd_config.5,v 1.307 2020/02/07 03:54:44 dtucker Exp $
.Dd $Mdocdate: February 7 2020 $
.Dt SSHD_CONFIG 5
.Os
.Sh NAME
@ -693,7 +693,7 @@ rsa-sha2-512,rsa-sha2-256,ssh-rsa
.Ed
.Pp
The list of available key types may also be obtained using
.Qq ssh -Q key .
.Qq ssh -Q HostbasedAcceptedKeyTypes .
.It Cm HostbasedAuthentication
Specifies whether rhosts or /etc/hosts.equiv authentication together
with successful public key client host authentication is allowed
@ -776,7 +776,7 @@ rsa-sha2-512,rsa-sha2-256,ssh-rsa
.Ed
.Pp
The list of available key types may also be obtained using
.Qq ssh -Q key .
.Qq ssh -Q HostKeyAlgorithms .
.It Cm IgnoreRhosts
Specifies that
.Pa .rhosts
@ -949,7 +949,7 @@ diffie-hellman-group14-sha256
.Ed
.Pp
The list of available key exchange algorithms may also be obtained using
.Qq ssh -Q kex .
.Qq ssh -Q KexAlgorithms .
.It Cm ListenAddress
Specifies the local addresses
.Xr sshd 8
@ -1461,7 +1461,7 @@ rsa-sha2-512,rsa-sha2-256,ssh-rsa
.Ed
.Pp
The list of available key types may also be obtained using
.Qq ssh -Q key .
.Qq ssh -Q PubkeyAcceptedKeyTypes .
.It Cm PubkeyAuthOptions
Sets one or more public key authentication options.
Two option keywords are currently supported: