e.g.
PermitListen 2222 8080
is equivalent to:
PermitListen *:2222 *:8080
Some bonus manpage improvements, mostly from markus@
"looks fine" markus@
OpenBSD-Commit-ID: 6546b0cc5aab7f53d65ad0a348ca0ae591d6dd24
temporarily_use_uid() when the target uid differs; could cause failure to
read authorized_keys under some configurations. patch by Jakub Jelen via
bz2873; ok dtucker, markus
OpenBSD-Commit-ID: 48a345f0ee90f6c465a078eb5e89566b23abd8a1
administrator to explicitly specify environment variables set in sessions
started by sshd. These override the default environment and any variables set
by user configuration (PermitUserEnvironment, etc), but not the SSH_*
variables set by sshd itself.
ok markus@
OpenBSD-Commit-ID: b6a96c0001ccd7dd211df6cae9e961c20fd718c0
environment variables for the remote session (subject to the server accepting
them)
refactor SendEnv to remove the arbitrary limit of variable names.
ok markus@
OpenBSD-Commit-ID: cfbb00d9b0e10c1ffff1d83424351fd961d1f2be
read from ~/.ssh/environment (if enabled) do not override SSH_* variables set
by the server.
OpenBSD-Commit-ID: 59f9d4c213cdcef2ef21f4b4ae006594dcf2aa7a
Since autoconf always uses $CC to link C programs, allowing users to
override LD caused mismatches between what LD_LINK_IFELSE thought worked
and what ld thought worked. If you do need to do this kind of thing you
need to set a compiler flag such as gcc's -fuse-ld in LDFLAGS.
authorized_keys lines that contained permitopen/permitlisten were being
treated as invalid.
OpenBSD-Commit-ID: 7ef41d63a5a477b405d142dc925b67d9e7aaa31b
addresses may be listened on when the client requests remote forwarding (ssh
-R).
This is the converse of the existing PermitOpen directive and this
includes some refactoring to share much of its implementation.
feedback and ok markus@
OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
Updated SSHD user password generation routine to be longer and more complex. This should satisfy systems with password filters that require more character types or very long passwords.
Updated routine to now securely zero memory for the SSHD account password.
Corrected attempt to write to NULL pointer by localtime_s() in localtime_r() and made function return NULL on error per specification.
Addressed various compiler / code analysis warnings.
Added utility to build session process command line - this accounts for restrictions from various shells. With these changes, scp and sftp-server are expected to be machine wide PATH if a custom shell (other than cmd.exe) is defined. Added comprehensive test cases.
Fixed issue with USERNAME env variable containing domain prefix too.
PowerShell/Win32-OpenSSH#1165PowerShell/Win32-OpenSSH#1165PowerShell/Win32-OpenSSH#1171
just files. This makes sure it gets applied to directories too, and prevents
a race where files get chmodded after creation. bz#2839, ok djm@
OpenBSD-Commit-ID: 3168ee6c7c39093adac4fd71039600cfa296203b
- Removed logic that was excluding the group membership SID that matched 'None' on workgroup computers or 'Domain Users' on domain systems.
- Removed test that was checking that AllowGroups failure if user was not in any group at all. This is no longer testable since user will always be a member of at least one group.
https://github.com/PowerShell/Win32-OpenSSH/issues/1167
searching for and hashing known_hosts entries in a single operation
(ssh-keygen -HF ...) Patch from Anton Kremenetsky
OpenBSD-Regress-ID: 519585a4de35c4611285bd6a7272766c229b19dd
known_hosts entries in a single operation (ssh-keygen -HF hostname); bz2772
Report and fix from Anton Kremenetsky
OpenBSD-Commit-ID: ac10ca13eb9bb0bc50fcd42ad11c56c317437b58
username is available currently. In the client this is via %i, in the server
%U (since %i was already used in the client in some places for this, but used
for something different in the server); bz#2870, ok dtucker@
OpenBSD-Commit-ID: c7e912b0213713316cb55db194b3a6415b3d4b95
On certain machines, virtual tokens were not getting generated due to lack of required privileges. Fixed it by assigning them before doing LogonUserExExW. Consolidated runtime dll loading logic.
PowerShell/Win32-OpenSSH#1162
