fixed limit of subsystems. Saves a few kb of memory in the server and makes
it more like the other options.
OpenBSD-Commit-ID: e683dfca6bdcbc3cc339bb6c6517c0c4736a547f
This may change behaviour of exotic configurations, but the most common
subsystem configuration (sftp-server) is unlikely to be affected.
OpenBSD-Commit-ID: 8ffa296aeca981de5b0945242ce75aa6dee479bf
fatal error to being a debug message to match behaviour with just about all
other directives.
OpenBSD-Commit-ID: fc90ed2cc0c18d4eb8e33d2c5e98d25f282588ce
Ed25519 public keys are very convenient due to their small size.
OpenSSH has supported Ed25519 since version 6.5 (January 2014).
OK djm@ markus@ sthen@ deraadt@
OpenBSD-Commit-ID: f498beaad19c8cdcc357381a60df4a9c69858b3f
layer enqueud some data in the last poll() cycle; this avoids triggering the
obfuscatior for non-channels data like ClientAlive probes and also fixes a
related problem were the obfucations would be triggered on fully quiescent
connections.
Based on / tested by naddy@
OpenBSD-Commit-ID: d98f32dc62d7663ff4660e4556e184032a0db123
whether channel data was enqueued. Will be used to improve keystroke timing
obfuscation. Problem spotted by / tested by naddy@
OpenBSD-Commit-ID: f9776c7b0065ba7c3bbe50431fd3b629f44314d0
originally requested a tty; enables keystroke timing obfuscation for most
ControlPersist sessions. Spotted by naddy@
OpenBSD-Commit-ID: 72783a26254202e2f3f41a2818a19956fe49a772
* bump platform toolset to v143
* add updated proj files for testing
* add _CRT_DECLARE_NONSTDC_NAMES=0 to projects with posix functions
* revert onecore changes
* fix typo
* use latest sdk in build script
* update build toolset in config proj
* update build script to use latest toolsets
* update paths.targets
* update to win11 sdk in paths.targets
* make build script more robust with VSwhere
* change validity check from count check to null-check
* remove static keyword from auth_debug declaration
* change to ifndef for diff checking
* update string compare
* change msbuild tool search from manual check instead of using vswhere
* update wixproj to work with wix install on new build image
* update 2022 build image and zlib version
If we don't have LLONG_MAX, configure will figure out that it can get it
by setting -std=gnu99, at which point we won't be testing C89 any more.
To avoid this, feed it in via CFLAGS.
and don't delay at all for the "none" authentication mechanism. Patch by
Dmitry Belyavskiy in bz3602 with polish/ok dtucker@
OpenBSD-Commit-ID: 85b364676dd84cf1de0e98fc2fbdcb1a844ce515
This attempts to hide inter-keystroke timings by sending interactive
traffic at fixed intervals (default: every 20ms) when there is only a
small amount of data being sent. It also sends fake "chaff" keystrokes
for a random interval after the last real keystroke. These are
controlled by a new ssh_config ObscureKeystrokeTiming keyword/
feedback/ok markus@
OpenBSD-Commit-ID: 02231ddd4f442212820976068c34a36e3c1b15be
This adds a pair of SSH transport protocol messages SSH2_MSG_PING/PONG
to implement a ping capability. These messages use numbers in the "local
extensions" number space and are advertised using a "ping@openssh.com"
ext-info message with a string version number of "0".
ok markus@
OpenBSD-Commit-ID: b6b3c4cb2084c62f85a8dc67cf74954015eb547f
verbose instead of error to reduce preauth log spam. All of those get logged
with a more generic error message by sshpkt_fatal().
feedback from sthen@
ok djm@
OpenBSD-Commit-ID: bd47dab4695b134a44c379f0e9a39eed33047809
multiplexed sessions to ignore SIGINT under some circumstances. Reported by /
feedback naddy@, ok dtucker@
OpenBSD-Commit-ID: 4d5c6c894664f50149153fd4764f21f43e7d7e5a
multiplexed sessions to ignore SIGINT under some circumstances. Reported by /
feedback naddy@, ok dtucker@
OpenBSD-Commit-ID: 4d5c6c894664f50149153fd4764f21f43e7d7e5a
