openssh-portable

Commit Graph

Author	SHA1	Message	Date
Ben Lindstrom	6b0c96ab59	- (bal) if mmap() is substandard, don't allow compression on server side. Post 'event' we will add more options.	2002-06-25 03:22:03 +00:00
Ben Lindstrom	e135363422	- deraadt@cvs.openbsd.org 2002/06/23 09:46:51 [bufaux.c servconf.c] minor KNF. things the fingers do while you read	2002-06-23 21:29:23 +00:00
Damien Miller	4903eb4b74	- (djm) Warn and disable compression on platforms which can't handle both useprivilegeseparation=yes and compression=yes	2002-06-21 16:20:44 +10:00
Ben Lindstrom	23e0f667f8	- markus@cvs.openbsd.org 2002/06/20 23:05:56 [servconf.c servconf.h session.c sshd.c] allow Compression=yes/no in sshd_config	2002-06-21 01:09:47 +00:00
Ben Lindstrom	fb62a69488	- markus@cvs.openbsd.org 2002/05/15 21:56:38 [servconf.c sshd.8 sshd_config] re-enable privsep and disable setuid for post-3.2.2	2002-06-06 19:47:11 +00:00
Ben Lindstrom	c5c15dde32	- markus@cvs.openbsd.org 2002/05/15 21:02:53 [servconf.c sshd.8 sshd_config] disable privsep and enable setuid for the 3.2.2 release	2002-05-15 21:37:34 +00:00
Ben Lindstrom	bb2ce36d4d	- deraadt@cvs.openbsd.org 2002/05/04 02:39:35 [servconf.c sshd.8 sshd_config] enable privsep by default; provos ok (historical)	2002-05-15 21:35:43 +00:00
Damien Miller	d7de14b6ad	- markus@cvs.openbsd.org 2002/04/22 16:16:53 [servconf.c sshd.8 sshd_config] do not auto-enable KerberosAuthentication; ok djm@, provos@, deraadt@	2002-04-23 21:04:51 +10:00
Damien Miller	e4ccf100e0	- (djm) OpenBSD CVS Sync - deraadt@cvs.openbsd.org 2002/04/20 09:02:03 [servconf.c] No, afs requires explicit enabling	2002-04-23 20:40:28 +10:00
Damien Miller	fd4c9eee25	- (djm) Add KrbV support patch from Simon Wilkinson <simon@sxw.org.uk>	2002-04-13 11:04:40 +10:00
Ben Lindstrom	c743134191	- stevesk@cvs.openbsd.org 2002/03/20 19:12:25 [servconf.c servconf.h ssh.h sshd.c] for unprivileged user, group do: pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@	2002-03-22 03:11:49 +00:00
Ben Lindstrom	7a7edf77ed	- stevesk@cvs.openbsd.org 2002/03/19 03:03:43 [pathnames.h servconf.c servconf.h sshd.c] _PATH_PRIVSEP_CHROOT_DIR; ok provos@	2002-03-22 02:42:37 +00:00
Ben Lindstrom	01426a67c8	- stevesk@cvs.openbsd.org 2002/03/18 23:52:51 [servconf.c] UnprivUser/UnprivGroup usable now--specify numeric user/group; ok provos@	2002-03-22 02:40:03 +00:00
Ben Lindstrom	7a2073c50b	- provos@cvs.openbsd.org 2002/03/18 17:50:31 [auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c session.h servconf.h serverloop.c session.c sshd.c] integrate privilege separated openssh; its turned off by default for now. work done by me and markus@ applied, but outside of ensure that smaller code bits migrated with their owners.. no work was tried to 'fix' it to work. =) Later project!	2002-03-22 02:30:41 +00:00
Damien Miller	3a5b023330	Stupid djm commits experimental code to head instead of branch revert	2002-03-13 13:19:42 +11:00
Damien Miller	646e7cf3d7	Import of Niels Provos' 20020312 ssh-complete.diff PAM, Cygwin and OSF SIA will not work for sure	2002-03-13 12:47:54 +11:00
Damien Miller	fcd9320440	- markus@cvs.openbsd.org 2002/02/04 12:15:25 [log.c log.h readconf.c servconf.c] add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1, fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@	2002-02-05 12:26:34 +11:00
Damien Miller	c5d8635d6a	- markus@cvs.openbsd.org 2002/01/29 14:32:03 [auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c servconf.c servconf.h session.c sshd.8 sshd_config] s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion; ok stevesk@	2002-02-05 12:13:41 +11:00
Damien Miller	95c249ff47	- stevesk@cvs.openbsd.org 2002/01/27 14:57:46 [channels.c servconf.c servconf.h session.c sshd.8 sshd_config] add X11UseLocalhost; ok markus@	2002-02-05 12:11:34 +11:00
Damien Miller	4fbf08a8f0	- stevesk@cvs.openbsd.org 2002/01/22 02:52:41 [servconf.c] typo in error message; from djast@cs.toronto.edu	2002-01-22 23:35:09 +11:00
Damien Miller	7fc2373f17	- stevesk@cvs.openbsd.org 2002/01/04 18:14:16 [servconf.c sshd.8] protocol 2 HostKey code default is now /etc/ssh_host_rsa_key and /etc/ssh_host_dsa_key like we have in sshd_config. ok markus@	2002-01-22 23:19:11 +11:00
Damien Miller	f51b0e1a30	- stevesk@cvs.openbsd.org 2002/01/04 17:59:17 [readconf.c servconf.c] remove #ifdef _PATH_XAUTH/#endif; ok markus@	2002-01-22 23:18:49 +11:00
Damien Miller	9f0f5c64bc	- deraadt@cvs.openbsd.org 2001/12/19 07:18:56 [auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h] [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c] [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c] [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c] [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c] [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c] [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config] [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c] basic KNF done while i was looking for something else	2001-12-21 14:45:46 +11:00
Ben Lindstrom	ade03f6bad	- markus@cvs.openbsd.org 2001/12/06 13:30:06 [servconf.c servconf.h sshd.8 sshd.c] add -o to sshd, too. ok deraadt@ - (bal) Minor white space fix up in servconf.c	2001-12-06 18:22:17 +00:00
Ben Lindstrom	1c37c6a518	- deraadt@cvs.openbsd.org 2001/12/05 10:06:12 [authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c] minor KNF	2001-12-06 18:00:18 +00:00
Ben Lindstrom	65366a8c76	- stevesk@cvs.openbsd.org 2001/11/17 19:14:34 [auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c] enum/int type cleanup where it made sense to do so; ok markus@	2001-12-06 16:32:47 +00:00
Damien Miller	527366ccba	- markus@cvs.openbsd.org 2001/11/12 11:17:07 [servconf.c] enable authorized_keys2 again. tested by fries@	2001-11-14 00:03:14 +11:00
Damien Miller	726273e129	- (djm) Reorder portable-specific server options so that they come first. This should help reduce diff collisions for new server options (as they will appear at the end)	2001-11-12 11:40:11 +11:00
Damien Miller	75413ac499	- markus@cvs.openbsd.org 2001/11/11 13:02:31 [servconf.c] make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if AuthorizedKeysFile is specified.	2001-11-12 11:14:35 +11:00
Ben Lindstrom	91e9868e4f	- jakob@cvs.openbsd.org 2001/08/16 19:18:34 [servconf.c servconf.h session.c sshd.8] deprecate CheckMail. ok markus@	2001-09-12 16:32:14 +00:00
Damien Miller	c4b7feabe0	- itojun@cvs.openbsd.org 2001/07/11 00:24:53 [servconf.c] make it compilable in all 4 combination of KRB4/KRB5 settings. dugsong ok XXX isn't it sensitive to the order of -I/usr/include/kerberosIV and -I/usr/include/kerberosV?	2001-07-14 12:20:32 +10:00
Damien Miller	4085785276	- OpenBSD CVS Sync - stevesk@cvs.openbsd.org 2001/07/08 15:23:38 [servconf.c] fix ``MaxStartups max''; ok markus@	2001-07-14 12:17:33 +10:00
Kevin Steves	27fd19291a	whitespace sync	2001-07-04 18:29:14 +00:00
Ben Lindstrom	eb7a84c49e	- dugsong@cvs.openbsd.org 2001/06/26 17:41:49 [servconf.c] #include <kafs.h>	2001-07-04 04:48:36 +00:00
Ben Lindstrom	ec95ed9b4c	- dugsong@cvs.openbsd.org 2001/06/26 16:15:25 [auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h servconf.c servconf.h session.c sshconnect1.c sshd.c] Kerberos v5 support for SSH1, mostly from Assar Westerlund <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok	2001-07-04 04:21:14 +00:00
Ben Lindstrom	bba81213b9	- itojun@cvs.openbsd.org 2001/06/23 15:12:20 [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c canohost.c channels.c cipher.c clientloop.c deattack.c dh.c hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c readpass.c scp.c servconf.c serverloop.c session.c sftp.c sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c ssh-keygen.c ssh-keyscan.c] more strict prototypes. raise warning level in Makefile.inc. markus ok'ed TODO; cleanup headers	2001-06-25 05:01:22 +00:00
Ben Lindstrom	1bf11f6af7	- markus@cvs.openbsd.org 2001/06/08 15:25:40 [includes.h pathnames.h readconf.c servconf.c] move the path for xauth to pathnames.h	2001-06-09 01:48:01 +00:00
Ben Lindstrom	bfb3a0e973	- markus@cvs.openbsd.org 2001/05/20 17:20:36 [auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8 sshd_config] configurable authorized_keys{,2} location; originally from peter@; ok djm@	2001-06-05 20:25:05 +00:00
Ben Lindstrom	1bda4c835e	- stevesk@cvs.openbsd.org 2001/05/19 19:43:57 [misc.c misc.h servconf.c sshd.8 sshd.c] sshd command-line arguments and configuration file options that specify time may be expressed using a sequence of the form: time[qualifier], where time is a positive integer value and qualifier is one of the following: <none>,s,m,h,d,w Examples: 600 600 seconds (10 minutes) 10m 10 minutes 1h30m 1 hour 30 minutes (90 minutes) ok markus@	2001-06-05 19:59:08 +00:00
Ben Lindstrom	551ea37576	- markus@cvs.openbsd.org 2001/05/18 14:13:29 [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] improved kbd-interactive support. work by per@appgate.com and me	2001-06-05 18:56:16 +00:00
Ben Lindstrom	a6218b81ca	- stevesk@cvs.openbsd.org 2001/05/03 21:43:01 [servconf.c] remove "\n" from fatal()	2001-05-03 22:39:11 +00:00
Damien Miller	f815442116	- (djm) Add new server configuration directive 'PAMAuthenticationViaKbdInt' (default: off), implies KbdInteractiveAuthentication. Suggestion from markus@	2001-04-25 22:44:14 +10:00
Ben Lindstrom	b5cdc66438	- stevesk@cvs.openbsd.org 2001/04/15 21:28:35 [readconf.c servconf.c] use fatal() or error() vs. fprintf(); ok markus@	2001-04-16 02:13:26 +00:00
Ben Lindstrom	5744dc421d	- beck@cvs.openbsd.org 2001/04/13 22:46:54 [channels.c channels.h servconf.c servconf.h serverloop.c sshd.8] Add options ClientAliveInterval and ClientAliveCountMax to sshd. This gives the ability to do a "keepalive" via the encrypted channel which can't be spoofed (unlike TCP keepalives). Useful for when you want to use ssh connections to authenticate people for something, and know relatively quickly when they are no longer authenticated. Disabled by default (of course). ok markus@	2001-04-13 23:28:01 +00:00
Ben Lindstrom	19066a112b	- stevesk@cvs.openbsd.org 2001/04/12 20:09:38 [misc.c misc.h readconf.c servconf.c ssh.c sshd.c] robust port validation; ok markus@ jakob@	2001-04-12 23:39:26 +00:00
Ben Lindstrom	5eabda303a	- markus@cvs.openbsd.org 2001/04/12 19:15:26 [auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c sshd_config] implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) similar to RhostRSAAuthentication unless you enable (the experimental) HostbasedUsesNameFromPacketOnly option. please test. :)	2001-04-12 23:34:34 +00:00
Ben Lindstrom	c510af40e3	- stevesk@cvs.openbsd.org 2001/04/06 22:25:25 [servconf.c] in addition to: ListenAddress host\|ipv4_addr\|ipv6_addr permit: ListenAddress [host\|ipv4_addr\|ipv6_addr]:port ListenAddress host\|ipv4_addr:port sshd.8 updates coming. ok markus@	2001-04-07 17:25:48 +00:00
Ben Lindstrom	3704c2612a	- stevesk@cvs.openbsd.org 2001/04/02 14:20:23 [readconf.c servconf.c] correct comment; ok markus@	2001-04-02 18:20:03 +00:00
Ben Lindstrom	7bfff36ca3	- stevesk@cvs.openbsd.org 2001/03/25 13:16:11 [servconf.c servconf.h session.c sshd.8 sshd_config] PrintLastLog option; from chip@valinux.com with some minor changes by me. ok markus@	2001-03-26 05:45:53 +00:00
Ben Lindstrom	35f1f4e2b8	- stevesk@cvs.openbsd.org 2001/03/05 15:44:51 [servconf.c] sync error message; ok markus@	2001-03-06 01:02:41 +00:00

1 2

93 Commits