5bb8833e80
- djm@cvs.openbsd.org 2013/07/12 05:42:03
...
[ssh-keygen.c]
do_print_resource_record() can never be called with a NULL filename, so
don't attempt (and bungle) asking for one if it has not been specified
bz#2127 ok dtucker@
2013-07-18 16:13:37 +10:00
746d1a6c52
- djm@cvs.openbsd.org 2013/07/12 00:20:00
...
[sftp.c ssh-keygen.c ssh-pkcs11.c]
fix pointer-signedness warnings from clang/llvm-3.3; "seems nice" deraadt@
2013-07-18 16:13:02 +10:00
a627d42e51
- djm@cvs.openbsd.org 2013/05/17 00:13:13
...
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
2013-06-02 07:31:17 +10:00
0d6771b464
- djm@cvs.openbsd.org 2013/04/19 01:01:00
...
[ssh-keygen.c]
fix some memory leaks; bz#2088 ok dtucker@
2013-04-23 15:23:24 +10:00
78d22713c7
- djm@cvs.openbsd.org 2013/02/10 23:32:10
...
[ssh-keygen.c]
append to moduli file when screening candidates rather than overwriting.
allows resumption of interrupted screen; patch from Christophe Garault
in bz#1957; ok dtucker@
2013-02-12 11:03:36 +11:00
3d6d68b1e1
- jmc@cvs.openbsd.org 2013/01/18 07:59:46
...
[ssh-keygen.c]
-u before -V in usage();
2013-01-20 22:33:23 +11:00
f3747bf401
- djm@cvs.openbsd.org 2013/01/17 23:00:01
...
[auth.c key.c key.h ssh-keygen.1 ssh-keygen.c sshd_config.5]
[krl.c krl.h PROTOCOL.krl]
add support for Key Revocation Lists (KRLs). These are a compact way to
represent lists of revoked keys and certificates, taking as little as
a single bit of incremental cost to revoke a certificate by serial number.
KRLs are loaded via the existing RevokedKeys sshd_config option.
feedback and ok markus@
2013-01-18 11:44:04 +11:00
1422c0887c
- djm@cvs.openbsd.org 2013/01/09 05:40:17
...
[ssh-keygen.c]
correctly initialise fingerprint type for fingerprinting PKCS#11 keys
2013-01-09 16:44:54 +11:00
ec77c954c8
- djm@cvs.openbsd.org 2013/01/03 23:22:58
...
[ssh-keygen.c]
allow fingerprinting of keys hosted in PKCS#11 tokens: ssh-keygen -lD ...
ok markus@
2013-01-09 15:58:00 +11:00
55aca027ed
- djm@cvs.openbsd.org 2012/12/03 00:14:06
...
[auth2-chall.c ssh-keygen.c]
Fix compilation with -Wall -Werror (trivial type fixes)
2012-12-03 11:25:30 +11:00
6f3b362fa8
- djm@cvs.openbsd.org 2012/11/14 02:32:15
...
[ssh-keygen.c]
allow the full range of unsigned serial numbers; 'fine' deraadt@
2012-11-14 19:04:33 +11:00
0dc283b13a
- djm@cvs.openbsd.org 2012/10/02 07:07:45
...
[ssh-keygen.c]
fix -z option, broken in revision 1.215
2012-10-05 10:52:51 +10:00
f09a8a6c6d
- djm@cvs.openbsd.org 2012/08/17 01:25:58
...
[ssh-keygen.c]
print details of which host lines were deleted when using
"ssh-keygen -R host"; ok markus@
2012-09-06 21:20:39 +10:00
709a1e90d9
- jmc@cvs.openbsd.org 2012/07/06 06:38:03
...
[ssh-keygen.c]
missing full stop in usage();
2012-07-31 12:20:43 +10:00
dfceafe8b1
- dtucker@cvs.openbsd.org 2012/07/06 00:41:59
...
[moduli.c ssh-keygen.1 ssh-keygen.c]
Add options to specify starting line number and number of lines to process
when screening moduli candidates. This allows processing of different
parts of a candidate moduli file in parallel. man page help jmc@, ok djm@
2012-07-06 13:44:19 +10:00
3bde12aeef
- djm@cvs.openbsd.org 2012/05/23 03:28:28
...
[dns.c dns.h key.c key.h ssh-keygen.c]
add support for RFC6594 SSHFP DNS records for ECDSA key types.
patch from bugzilla-m67 AT nulld.me in bz#1978; ok + tweak markus@
2012-06-20 21:51:11 +10:00
a563cced06
- djm@cvs.openbsd.org 2012/02/29 11:21:26
...
[ssh-keygen.c]
allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@
2012-04-22 11:07:28 +10:00
b56e4930ae
- (djm) [ssh-keygen.c] Don't fail in do_gen_all_hostkeys on platforms
...
that don't support ECC. Patch from Phil Oleson
2012-02-06 07:41:27 +11:00
927d82bc6a
- jmc@cvs.openbsd.org 2011/10/16 15:02:41
...
[ssh-keygen.c]
put -K in the right place (usage());
2011-10-18 16:05:38 +11:00
390d0561fc
- dtucker@cvs.openbsd.org 2011/10/16 11:02:46
...
[moduli.c ssh-keygen.1 ssh-keygen.c]
Add optional checkpoints for moduli screening. feedback & ok deraadt
2011-10-18 16:05:19 +11:00
0dd24e02ec
- (dtucker) [ssh-keygen.c ssh-pkcs11.c] Bug #1929 : add null implementations
...
ofsh-pkcs11.cpkcs_init and pkcs_terminate for building without dlopen support.
2011-09-04 19:59:26 +10:00
2ce12ef1ac
- djm@cvs.openbsd.org 2011/05/04 21:15:29
...
[authfile.c authfile.h ssh-add.c]
allow "ssh-add - < key"; feedback and ok markus@
2011-05-05 14:17:18 +10:00
884b63a061
- djm@cvs.openbsd.org 2011/04/12 04:23:50
...
[ssh-keygen.c]
fix -Wshadow
2011-05-05 14:14:52 +10:00
044f4a6cc3
- stevesk@cvs.openbsd.org 2011/03/24 22:14:54
...
[ssh-keygen.c]
use strcasecmp() for "clear" cert permission option also; ok djm
2011-05-05 14:14:08 +10:00
111431963e
- stevesk@cvs.openbsd.org 2011/03/23 16:50:04
...
[ssh-keygen.c]
remove -d, documentation removed >10 years ago; ok markus
2011-05-05 14:13:25 +10:00
58f1bafb3d
- stevesk@cvs.openbsd.org 2011/03/23 15:16:22
...
[ssh-keygen.1 ssh-keygen.c]
Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa)
for which host keys do not exist, generate the host keys with the
default key file path, an empty passphrase, default bits for the key
type, and default comment. This will be used by /etc/rc to generate
new host keys. Idea from deraadt.
ok deraadt
2011-05-05 14:06:15 +10:00
f22019bdbf
- (djm) [Makefile.in WARNING.RNG aclocal.m4 buildpkg.sh.in configure.ac]
...
[entropy.c ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-pkcs11-helper.c ssh-rand-helper.8 ssh-rand-helper.c]
[ssh.c ssh_prng_cmds.in sshd.c contrib/aix/buildbff.sh]
[regress/README.regress] Remove ssh-rand-helper and all its
tentacles. PRNGd seeding has been rolled into entropy.c directly.
Thanks to tim@ for testing on affected platforms.
2011-05-05 13:48:37 +10:00
821de0ad2e
- djm@cvs.openbsd.org 2011/01/11 06:13:10
...
[clientloop.c ssh-keygen.c sshd.c]
some unsigned long long casts that make things a bit easier for
portable without resorting to dropping PRIu64 formats everywhere
2011-01-11 17:20:29 +11:00
dd190ddfd7
- (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
...
platforms that don't support ECC. Fixes some spurious warnings reported
by tim@
2010-11-11 14:17:02 +11:00
b472a90d4c
- djm@cvs.openbsd.org 2010/10/28 11:22:09
...
[authfile.c key.c key.h ssh-keygen.c]
fix a possible NULL deref on loading a corrupt ECDH key
store ECDH group information in private keys files as "named groups"
rather than as a set of explicit group parameters (by setting
the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
retrieves the group's OpenSSL NID that we need for various things.
2010-11-05 10:19:49 +11:00
6af914a15c
- (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
...
[kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
[ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
platforms that don't have the requisite OpenSSL support. ok dtucker@
2010-09-10 11:39:26 +10:00
6e9f680cd2
- naddy@cvs.openbsd.org 2010/09/02 17:21:50
...
[ssh-keygen.c]
Switch ECDSA default key size to 256 bits, which according to RFC5656
should still be better than our current RSA-2048 default.
ok djm@, markus@
2010-09-10 11:17:38 +10:00
5773794d55
- markus@cvs.openbsd.org 2010/09/02 16:07:25
...
[ssh-keygen.c]
permit -b 256, 384 or 521 as key size for ECDSA; ok djm@
2010-09-10 11:16:37 +10:00
4314c2b548
- djm@cvs.openbsd.org 2010/08/31 12:33:38
...
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
reintroduce commit from tedu@, which I pulled out for release
engineering:
OpenSSL_add_all_algorithms is the name of the function we have a
man page for, so use that. ok djm
2010-09-10 11:12:09 +10:00
eb8b60e320
- djm@cvs.openbsd.org 2010/08/31 11:54:45
...
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
[authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
[monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
[ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
[ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
[ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
[uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
better performance than plain DH and DSA at the same equivalent symmetric
key length, as well as much shorter keys.
Only the mandatory sections of RFC5656 are implemented, specifically the
three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
ECDSA. Point compression (optional in RFC5656 is NOT implemented).
Certificate host and user keys using the new ECDSA key types are supported.
Note that this code has not been tested for interoperability and may be
subject to change.
feedback and ok markus@
2010-08-31 22:41:14 +10:00
d96546f5b0
- djm@cvs.openbsd.org 2010/08/16 04:06:06
...
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
backout previous temporarily; discussed with deraadt@
2010-08-31 22:32:12 +10:00
9b87e79538
- tedu@cvs.openbsd.org 2010/08/12 23:34:39
...
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
OpenSSL_add_all_algorithms is the name of the function we have a man page
for, so use that. ok djm
2010-08-31 22:31:37 +10:00
757f34e051
- djm@cvs.openbsd.org 2010/08/04 06:07:11
...
[ssh-keygen.1 ssh-keygen.c]
Support CA keys in PKCS#11 tokens; feedback and ok markus@
2010-08-05 13:05:31 +10:00
1da6388959
- djm@cvs.openbsd.org 2010/08/04 05:40:39
...
[PROTOCOL.certkeys ssh-keygen.c]
tighten the rules for certificate encoding by requiring that options
appear in lexical order and make our ssh-keygen comply. ok markus@
2010-08-05 13:03:51 +10:00
844cccfc1a
- OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2010/07/16 04:45:30
[ssh-keygen.c]
avoid bogus compiler warning
2010-08-03 16:03:29 +10:00
6022f58e3a
- jmc@cvs.openbsd.org 2010/06/30 07:26:03
...
[ssh-keygen.c]
sort usage();
2010-07-02 13:37:01 +10:00
44b2504011
- djm@cvs.openbsd.org 2010/06/29 23:15:30
...
[ssh-keygen.1 ssh-keygen.c]
allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys;
bz#1749; ok markus@
2010-07-02 13:35:01 +10:00
d834d35834
- djm@cvs.openbsd.org 2010/06/23 02:59:02
...
[ssh-keygen.c]
fix printing of extensions in v01 certificates that I broke in r1.190
2010-06-26 09:48:02 +10:00
ba3420acd2
- djm@cvs.openbsd.org 2010/06/22 04:32:06
...
[ssh-keygen.c]
standardise error messages when attempting to open private key
files to include "progname: filename: error reason"
bz#1783; ok dtucker@
2010-06-26 09:39:07 +10:00
d0e4a8e2e0
- djm@cvs.openbsd.org 2010/05/20 23:46:02
...
[PROTOCOL.certkeys auth-options.c ssh-keygen.c]
Move the permit-* options to the non-critical "extensions" field for v01
certificates. The logic is that if another implementation fails to
implement them then the connection just loses features rather than fails
outright.
ok markus@
2010-05-21 14:58:32 +10:00
bebbb7e8a5
- djm@cvs.openbsd.org 2010/04/23 22:48:31
...
[ssh-keygen.c]
refuse to generate keys longer than OPENSSL_[RD]SA_MAX_MODULUS_BITS,
since we would refuse to use them anyway. bz#1516; ok dtucker@
2010-05-10 11:54:38 +10:00
50af79b118
- OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2010/04/23 01:47:41
[ssh-keygen.c]
bz#1740: display a more helpful error message when $HOME is
inaccessible while trying to create .ssh directory. Based on patch
from jchadima AT redhat.com; ok dtucker@
2010-05-10 11:52:00 +10:00
1f181425e9
- jmc@cvs.openbsd.org 2010/04/16 06:47:04
...
[ssh-keygen.1 ssh-keygen.c]
tweak previous; ok djm
2010-04-18 08:08:03 +10:00
4e270b05dd
- djm@cvs.openbsd.org 2010/04/16 01:47:26
...
[PROTOCOL.certkeys auth-options.c auth-options.h auth-rsa.c]
[auth2-pubkey.c authfd.c key.c key.h myproposal.h ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.1 ssh-keygen.c ssh-rsa.c]
[sshconnect.c sshconnect2.c sshd.c]
revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
following changes:
move the nonce field to the beginning of the certificate where it can
better protect against chosen-prefix attacks on the signature hash
Rename "constraints" field to "critical options"
Add a new non-critical "extensions" field
Add a serial number
The older format is still support for authentication and cert generation
(use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
ok markus@
2010-04-16 15:56:21 +10:00
1cfbfaf4a0
- stevesk@cvs.openbsd.org 2010/03/15 19:40:02
...
[key.c key.h ssh-keygen.c]
also print certificate type (user or host) for ssh-keygen -L
ok djm kettenis
2010-03-22 05:58:24 +11:00
3e1ee491f3
- djm@cvs.openbsd.org 2010/03/07 22:16:01
...
[ssh-keygen.c]
make internal strptime string match strftime format;
suggested by vinschen AT redhat.com and markus@
2010-03-08 09:24:11 +11:00
689b872842
- djm@cvs.openbsd.org 2010/03/04 23:27:25
...
[auth-options.c ssh-keygen.c]
"force-command" is not spelled "forced-command"; spotted by
imorgan AT nas.nasa.gov
2010-03-05 10:42:24 +11:00
f2b70cad75
- djm@cvs.openbsd.org 2010/03/04 20:35:08
...
[ssh-keygen.1 ssh-keygen.c]
Add a -L flag to print the contents of a certificate; ok markus@
2010-03-05 07:39:35 +11:00
1aed65eb27
- djm@cvs.openbsd.org 2010/03/04 10:36:03
...
[auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
[authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
[ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
are trusted to authenticate users (in addition than doing it per-user
in authorized_keys).
Add a RevokedKeys option to sshd_config and a @revoked marker to
known_hosts to allow keys to me revoked and banned for user or host
authentication.
feedback and ok markus@
2010-03-04 21:53:35 +11:00
910f209c1d
- (djm) [ssh-keygen.c] Use correct local variable, instead of
...
maybe-undefined global "optarg"
2010-03-04 14:17:22 +11:00
2ca342b84b
- djm@cvs.openbsd.org 2010/03/02 23:20:57
...
[ssh-keygen.c]
POSIX strptime is stricter than OpenBSD's so do a little dance to
appease it.
2010-03-03 12:14:15 +11:00
0a80ca190a
- OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2010/02/26 20:29:54
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
[auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
[hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
[myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
[sshconnect2.c sshd.8 sshd.c sshd_config.5]
Add support for certificate key types for users and hosts.
OpenSSH certificate key types are not X.509 certificates, but a much
simpler format that encodes a public key, identity information and
some validity constraints and signs it with a CA key. CA keys are
regular SSH keys. This certificate style avoids the attack surface
of X.509 certificates and is very easy to deploy.
Certified host keys allow automatic acceptance of new host keys
when a CA certificate is marked as sh/known_hosts.
see VERIFYING HOST KEYS in ssh(1) for details.
Certified user keys allow authentication of users when the signing
CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
FILE FORMAT" in sshd(8) for details.
Certificates are minted using ssh-keygen(1), documentation is in
the "CERTIFICATES" section of that manpage.
Documentation on the format of certificates is in the file
PROTOCOL.certkeys
feedback and ok markus@
2010-02-27 07:55:05 +11:00
86cbb44d47
- djm@cvs.openbsd.org 2010/02/09 00:50:59
...
[ssh-keygen.c]
fix -Wall
2010-02-12 09:22:57 +11:00
7ea845e48d
- markus@cvs.openbsd.org 2010/02/08 10:50:20
...
[pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
[ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
replace our obsolete smartcard code with PKCS#11.
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
provider (shared library) while ssh-agent(1) delegates PKCS#11 to
a forked a ssh-pkcs11-helper process.
PKCS#11 is currently a compile time option.
feedback and ok djm@; inspired by patches from Alon Bar-Lev
`
2010-02-12 09:21:02 +11:00
d04758dc4c
- djm@cvs.openbsd.org 2010/01/11 10:51:07
...
[ssh-keygen.c]
when converting keys, truncate key comments at 72 chars as per RFC4716;
bz#1630 reported by tj AT castaglia.org; ok markus@
2010-01-12 19:41:57 +11:00
9bcd25b78b
- djm@cvs.openbsd.org 2009/08/27 17:33:49
...
[ssh-keygen.c]
force use of correct hash function for random-art signature display
as it was inheriting the wrong one when bubblebabble signatures were
activated; bz#1611 report and patch from fwojcik+openssh AT besh.com;
ok markus@
2009-10-07 08:45:48 +11:00
821d3dbe36
- dtucker@cvs.openbsd.org 2009/06/22 05:39:28
...
[monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
alphabetize includes; reduces diff vs portable and style(9).
ok stevesk djm
(Id sync only; these were already in order in -portable)
2009-06-22 16:11:06 +10:00
9eab9564d5
- (djm) OpenBSD CVS Sync
...
- tobias@cvs.openbsd.org 2009/02/21 19:32:04
[misc.c sftp-server-main.c ssh-keygen.c]
Added missing newlines in error messages.
ok dtucker
2009-02-22 08:47:02 +11:00
e15fb09847
- stevesk@cvs.openbsd.org 2008/11/07 00:42:12
...
[ssh-keygen.c]
spelling/typo in comment
2008-11-11 16:31:43 +11:00
81dec0589a
- sthen@cvs.openbsd.org 2008/07/13 21:22:52
...
[ssh-keygen.c]
Change "ssh-keygen -F [host] -l" to not display random art unless
-v is also specified, making it consistent with the manual and other
uses of -l.
ok grunk@
2008-07-14 11:28:29 +10:00
b68fb4ad21
- grunk@cvs.openbsd.org 2008/06/12 21:14:46
...
[ssh-keygen.c]
make ssh-keygen -lf show the key type just as ssh-add -l would do it
ok djm@ markus@
2008-06-13 08:57:27 +10:00
35c45535ea
- grunk@cvs.openbsd.org 2008/06/11 22:20:46
...
[ssh-keygen.c ssh-keygen.1]
ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
that is not how it was envisioned.
Also correct manpage saying that -v is needed along with -l for it to work.
spotted by naddy@
2008-06-13 04:43:15 +10:00
a376a32e8e
- grunk@cvs.openbsd.org 2008/06/11 21:38:25
...
[ssh-keygen.c]
ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
would not display you the random art as intended, spotted by canacar@
2008-06-13 04:42:14 +10:00
9c16ac9263
- grunk@cvs.openbsd.org 2008/06/11 21:01:35
...
[ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
sshconnect.c]
Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
graphical hash visualization schemes known as "random art", and by
Dan Kaminsky's musings on the subject during a BlackOp talk at the
23C3 in Berlin.
Scientific publication (original paper):
"Hash Visualization: a New Technique to improve Real-World Security",
Perrig A. and Song D., 1999, International Workshop on Cryptographic
Techniques and E-Commerce (CrypTEC '99)
http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
The algorithm used here is a worm crawling over a discrete plane,
leaving a trace (augmenting the field) everywhere it goes.
Movement is taken from dgst_raw 2bit-wise. Bumping into walls
makes the respective movement vector be ignored for this turn,
thus switching to the other color of the chessboard.
Graphs are not unambiguous for now, because circles in graphs can be
walked in either direction.
discussions with several people,
help, corrections and ok markus@ djm@
2008-06-13 04:40:35 +10:00
0f7e910604
- djm@cvs.openbsd.org 2008/05/19 15:46:31
...
[ssh-keygen.c]
support -l (print fingerprint) in combination with -F (find host) to
search for a host in ~/.ssh/known_hosts and display its fingerprint;
ok markus@
2008-06-08 12:54:29 +10:00
bfaaf960a0
- (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
...
openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
header to after OpenSSL headers, since some versions of OpenSSL have
SSLeay_add_all_algorithms as a macro already.
2008-02-28 19:13:52 +11:00
cb2fbb2407
- djm@cvs.openbsd.org 2008/01/19 22:37:19
...
[ssh-keygen.c]
unbreak line numbering (broken in revision 1.164), fix error message
2008-02-10 22:24:55 +11:00
a8796f3fcc
- djm@cvs.openbsd.org 2008/01/19 22:22:58
...
[ssh-keygen.c]
when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
hash just the specified hostname and not the entire hostspec from the
keyfile. It may be of the form "hostname,ipaddr", which would lead to
a hash that never matches. report and fix from jp AT devnull.cz
2008-02-10 22:24:30 +11:00
0f4ed693d6
- chl@cvs.openbsd.org 2007/10/02 17:49:58
...
[ssh-keygen.c]
handles zero-sized strings that fgets can return
2007-10-26 14:26:32 +10:00
14b017d6f2
- gilles@cvs.openbsd.org 2007/09/11 15:47:17
...
[session.c ssh-keygen.c sshlogin.c]
use strcspn to properly overwrite '\n' in fgets returned buffer
ok pyr@, ray@, millert@, moritz@, chl@
2007-09-17 16:09:15 +10:00
5cbe7ca18d
- sobrado@cvs.openbsd.org 2007/09/09 11:38:01
...
[ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c]
sort synopsis and options in ssh-agent(1); usage is lowercase
ok jmc@
2007-09-17 16:05:50 +10:00
82a3d2bc6f
- stevesk@cvs.openbsd.org 2007/01/21 01:41:54
...
[auth-skey.c kex.c ssh-keygen.c session.c clientloop.c]
spaces
2007-02-19 22:10:25 +11:00
26dc3e656a
- jmc@cvs.openbsd.org 2007/01/12 20:20:41
...
[ssh-keygen.1 ssh-keygen.c]
more secsh -> rfc 4716 updates;
spotted by wiz@netbsd
ok markus
2007-02-19 22:09:06 +11:00
9ac56e945b
- (dtucker) [ssh-keygen.c] ac -> argv to match earlier sync.
2007-01-14 10:19:59 +11:00
80163907ed
- stevesk@cvs.openbsd.org 2007/01/03 03:01:40
...
[auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c]
spaces
2007-01-05 16:30:16 +11:00
6c7439f963
- stevesk@cvs.openbsd.org 2007/01/03 00:53:38
...
[ssh-keygen.c]
remove small dead code; arnaud.lacombe.1@ulaval.ca via Coverity scan
2007-01-05 16:29:55 +11:00
df8b7db16e
- (djm) OpenBSD CVS Sync
...
- deraadt@cvs.openbsd.org 2006/11/14 19:41:04
[ssh-keygen.c]
use argc and argv not some made up short form
2007-01-05 16:22:57 +11:00
0bc85579a9
- markus@cvs.openbsd.org 2006/11/06 21:25:28
...
[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
add missing checks for openssl return codes; with & ok djm@
2006-11-07 23:14:41 +11:00
ded319cca2
- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
...
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
[auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
[cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
[dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
[md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
[scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c rc4.diff]
[openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
[openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
[openbsd-compat/port-uw.c]
Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
d783435315
- deraadt@cvs.openbsd.org 2006/08/03 03:34:42
...
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
[auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
[buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
[groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
[key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
[monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
[readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
[serverloop.c session.c session.h sftp-client.c sftp-common.c]
[sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
[ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
[ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
[uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
[loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step
NB. portable commit contains everything *except* removing includes.h, as
that will take a fair bit more work as we move headers that are required
for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
a7a73ee35d
- stevesk@cvs.openbsd.org 2006/08/01 23:22:48
...
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
[auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
[channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
[kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
[monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
[servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
[uuencode.h xmalloc.c]
move #include <stdio.h> out of includes.h
2006-08-05 11:37:59 +10:00
e7a1e5cf63
- stevesk@cvs.openbsd.org 2006/07/26 13:57:17
...
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
[hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
[scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
[ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
[sshconnect1.c sshd.c xmalloc.c]
move #include <stdlib.h> out of includes.h
2006-08-05 11:34:19 +10:00
8dbffe7904
- stevesk@cvs.openbsd.org 2006/07/26 02:35:17
...
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
[groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
[packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
[sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
[uidswap.c xmalloc.c]
move #include <sys/param.h> out of includes.h
2006-08-05 11:02:17 +10:00
b8fe89c4d9
- (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]
...
[canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
[gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
[servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
[ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
[openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
[openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
[openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
[openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
[openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
make the portable tree compile again - sprinkle unistd.h and string.h
back in. Don't redefine __unused, as it turned out to be used in
headers on Linux, and replace its use in auth-pam.c with ARGSUSED
2006-07-24 14:51:00 +10:00
e3476ed03b
- stevesk@cvs.openbsd.org 2006/07/22 20:48:23
...
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
[auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
[authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
[cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
[compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
[includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
[progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
e6b3b610ec
- stevesk@cvs.openbsd.org 2006/07/17 01:31:10
...
[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
[includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
[readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
[sshconnect.c sshlogin.c sshpty.c uidswap.c]
move #include <unistd.h> out of includes.h
2006-07-24 14:01:23 +10:00
be43ebf975
- stevesk@cvs.openbsd.org 2006/07/12 22:28:52
...
[auth-options.c canohost.c channels.c includes.h readconf.c servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c]
move #include <netdb.h> out of includes.h; ok djm@
2006-07-24 13:51:51 +10:00
3997249346
- stevesk@cvs.openbsd.org 2006/07/11 20:07:25
...
[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
move #include <errno.h> out of includes.h; ok markus@
2006-07-12 22:22:46 +10:00
2ee50c5cce
- (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c
...
openbsd-compat/daemon.c] Add includes needed by open(2). Conditionally
include paths.h. Fixes build error on Solaris.
2006-07-11 18:55:05 +10:00
57cf638577
- stevesk@cvs.openbsd.org 2006/07/09 15:15:11
...
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
[readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
[sshlogin.c sshpty.c]
move #include <fcntl.h> out of includes.h
2006-07-10 21:13:46 +10:00
e3b60b524e
- stevesk@cvs.openbsd.org 2006/07/08 21:47:12
...
[authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
[monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
move #include <sys/socket.h> out of includes.h
2006-07-10 21:08:03 +10:00
69996104fe
- stevesk@cvs.openbsd.org 2006/07/06 16:22:39
...
[ssh-keygen.c]
move #include "dns.h" up
2006-07-10 20:53:31 +10:00
9f2abc47eb
- stevesk@cvs.openbsd.org 2006/07/06 16:03:53
...
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
[auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
[auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
[monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
[session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
[ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
[uidswap.h]
move #include <pwd.h> out of includes.h; ok markus@
2006-07-10 20:53:08 +10:00
40b5985fe0
- markus@cvs.openbsd.org 2006/05/17 12:43:34
...
[scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
fix leak; coverity via Kylene Jo Hall
2006-06-13 13:00:25 +10:00
e23209f434
- dtucker@cvs.openbsd.org 2006/03/30 11:05:17
...
[ssh-keygen.c]
Correctly handle truncated files while converting keys; ok djm@
2006-03-31 23:13:35 +11:00
5f340065fc
- deraadt@cvs.openbsd.org 2006/03/25 18:40:14
...
[ssh-keygen.c]
cast strtonum() result to right type
2006-03-26 14:27:57 +11:00
57c30117c1
- djm@cvs.openbsd.org 2006/03/25 13:17:03
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
[auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
[auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
[buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
[cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
[deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
[kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
[readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
[sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c]
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
9096740f6c
- deraadt@cvs.openbsd.org 2006/03/20 18:26:55
...
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
[ssh-rsa.c ssh.c sshlogin.c]
annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
cb314828eb
- OpenBSD CVS Sync
...
- jakob@cvs.openbsd.org 2006/03/15 08:46:44
[ssh-keygen.c]
if no key file are given when printing the DNS host record, use the
host key file(s) as default. ok djm@
2006-03-26 13:48:01 +11:00
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
8056a9d46a
- dtucker@cvs.openbsd.org 2006/03/13 08:43:16
...
[ssh-keygen.c]
Make ssh-keygen handle CR and CRLF line termination when converting IETF
format keys, in adition to vanilla LF. mindrot #1157 , tested by Chris
Pepper, ok djm@
2006-03-15 12:05:40 +11:00
f17883e6a0
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
...
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
3af2ac56a2
- dtucker@cvs.openbsd.org 2005/11/29 02:04:55
...
[ssh-keygen.c]
Populate default key sizes before checking them; from & ok tim@
2005-11-29 13:10:24 +11:00
660c3405f9
- (tim) [ssh-keygen.c] Move DSA length test after setting default when
...
bits == 0.
2005-11-28 17:45:32 -08:00
9f647335d2
[ssh-keygen.1 ssh-keygen.c]
...
Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2,
increase minumum RSA key size to 768 bits and update man page to reflect
these. Patch originally bz#1119 (senthilkumar_sen at hotpop.com),
ok djm@, grudging ok deraadt@.
2005-11-28 16:41:46 +11:00
f14be5ce03
- djm@cvs.openbsd.org 2005/10/31 11:12:49
...
[ssh-keygen.1 ssh-keygen.c]
generate a protocol 2 RSA key by default
2005-11-05 15:15:49 +11:00
788f212aed
- djm@cvs.openbsd.org 2005/10/30 08:52:18
...
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
[ssh.c sshconnect.c sshconnect1.c sshd.c]
no need to escape single quotes in comments, no binary change
2005-11-05 15:14:59 +11:00
15d72a00a3
- stevesk@cvs.openbsd.org 2005/10/14 02:17:59
...
[ssh-keygen.c ssh.c sshconnect2.c]
no trailing "\n" for log functions; ok djm@
2005-11-05 15:07:33 +11:00
3f54a9f5b7
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2005/10/07 11:13:57
[ssh-keygen.c]
change DSA default back to 1024, as it's defined for 1024 bits only
and this causes interop problems with other clients. moreover,
in order to improve the security of DSA you need to change more
components of DSA key generation (e.g. the internal SHA1 hash);
ok deraadt
2005-11-05 14:52:18 +11:00
ce321d8a30
- djm@cvs.openbsd.org 2005/09/13 23:40:07
...
[sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
ensure that stdio fds are attached; ok deraadt@
2005-10-03 18:11:24 +10:00
0dc1bef12d
- djm@cvs.openbsd.org 2005/07/17 07:17:55
...
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
[cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
[serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
[sshconnect.c sshconnect2.c]
knf says that a 2nd level indent is four (not three or five) spaces
2005-07-17 17:22:45 +10:00
ac7ef6a736
- djm@cvs.openbsd.org 2005/06/08 03:50:00
...
[ssh-keygen.1 ssh-keygen.c sshd.8]
increase default rsa/dsa key length from 1024 to 2048 bits;
ok markus@ deraadt@
2005-06-16 13:19:06 +10:00
2db8ae671e
- dtucker@cvs.openbsd.org 2005/05/26 09:08:12
...
[ssh-keygen.c]
uint32_t -> u_int32_t for consistency; ok djm@
2005-06-01 23:02:25 +10:00
02e754f1f0
- avsm@cvs.openbsd.org 2005/05/24 02:05:09
...
[ssh-keygen.c]
some style nits from dmiller@, and use a fatal() instead of a printf()/exit
2005-05-26 12:19:39 +10:00
b089fb5fe1
- avsm@cvs.openbsd.org 2005/05/23 22:44:01
...
[moduli.c ssh-keygen.c]
- removes signed/unsigned comparisons in moduli generation
- use strtonum instead of atoi where its easier
- check some strlcpy overflow and fatal instead of truncate
2005-05-26 12:16:18 +10:00
9278ffaf71
- (djm) OpenBSD CVS Sync
...
- otto@cvs.openbsd.org 2005/04/05 13:45:31
[ssh-keygen.c]
2005-05-26 11:59:06 +10:00
9f438a9d63
- markus@cvs.openbsd.org 2005/03/11 14:59:06
...
[ssh-keygen.c]
typo, missing \n; mpech
2005-03-14 23:09:18 +11:00
47eede77ed
- deraadt@cvs.openbsd.org 2005/03/10 22:01:05
...
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
readconf.c bufaux.c sftp.c]
spacing
2005-03-14 23:08:12 +11:00
89eac8010a
- djm@cvs.openbsd.org 2005/03/02 01:27:41
...
[ssh-keygen.c]
ignore hostnames with metachars when hashing; ok deraadt@
2005-03-02 12:33:04 +11:00
4b42d7f195
- djm@cvs.openbsd.org 2005/03/01 10:42:49
...
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
add tools for managing known_hosts files with hashed hostnames, including
hashing existing files and deleting hosts by name; ok markus@ deraadt@
2005-03-01 21:48:35 +11:00
7cfeecf670
- markus@cvs.openbsd.org 2004/12/23 17:38:07
...
[ssh-keygen.c]
leak; from mpech
2005-01-20 10:56:31 +11:00
fc9597034b
- deraadt@cvs.openbsd.org 2004/07/11 17:48:47
...
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
2004-07-17 16:12:08 +10:00
ba6de952a0
- (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
...
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces
diff vs OpenBSD; ok mouring@, tested by tim@ too.
2004-07-17 14:07:42 +10:00
3f9fdc7121
- avsm@cvs.openbsd.org 2004/06/21 17:36:31
...
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
sshpty.c]
make ssh -Wshadow clean, no functional changes
markus@ ok
There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
770fc01078
- djm@cvs.openbsd.org 2004/05/09 00:06:47
...
[moduli.c ssh-keygen.c] removed: moduli.h
zap another tiny header; ok deraadt@
2004-05-13 16:24:32 +10:00
e608ca2965
- djm@cvs.openbsd.org 2004/05/08 00:21:31
...
[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
kill a tiny header; ok deraadt@
2004-05-13 16:15:47 +10:00
06930c70ad
- djm@cvs.openbsd.org 2003/12/22 09:16:58
...
[moduli.c ssh-keygen.1 ssh-keygen.c]
tidy up moduli generation debugging, add -v (verbose/debug) option to
ssh-keygen; ok markus@
2003-12-31 11:34:51 +11:00
a4b33dfb6d
- djm@cvs.openbsd.org 2003/11/23 23:18:45
...
[ssh-keygen.c]
consistency PATH_MAX -> MAXPATHLEN; ok markus@
(RCS ID sync only)
- djm@cvs.openbsd.org 2003/11/23 23:21:21
[scp.c]
from portable: rename clashing variable limit-> limit_rate; ok markus@
(RCS ID sync only)
2003-11-24 13:09:27 +11:00
787b2ec18c
more whitespace (tabs this time)
2003-11-21 23:56:47 +11:00
a8e06cef35
- djm@cvs.openbsd.org 2003/11/21 11:57:03
...
[everything]
unexpand and delete whitespace at EOL; ok markus@
(done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
dda19d63ff
- jakob@cvs.openbsd.org 2003/10/14 19:42:10
...
[dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
include SSHFP lookup code (not enabled by default). ok markus@
2003-10-15 16:00:47 +10:00
c0815c927e
- miod@cvs.openbsd.org 2003/09/18 13:02:21
...
[authfd.c bufaux.c dh.c mac.c ssh-keygen.c]
A few signedness fixes for harmless situations; markus@ ok
2003-09-22 21:05:50 +10:00
2e0e38e310
[ssh-keygen.c] s/PATH_MAX/MAXPATHLEN/ ok mouring@
2003-09-08 16:11:33 -07:00
59d3d5b8b4
- (djm) s/get_progname/ssh_get_progname/g to avoid conflict with Heimdal
...
-lbroken; ok dtucker
2003-08-22 09:34:41 +10:00
f4220e6cef
- markus@cvs.openbsd.org 2003/08/14 16:08:58
...
[ssh-keygen.c]
exit after primetest, ok djm@
2003-08-21 16:44:07 +10:00
019cefeaad
- djm@cvs.openbsd.org 2003/07/28 09:49:56
...
[ssh-keygen.1 ssh-keygen.c]
Support for generating Diffie-Hellman groups (/etc/moduli) from ssh-keygen.
Based on code from Phil Karn, William Allen Simpson and Niels Provos.
ok markus@, thanks jmc@
2003-08-02 22:40:07 +10:00
ed12a26f0d
- djm@cvs.openbsd.org 2003/05/15 03:10:52
...
[ssh-keygen.c]
avoid warning; ok jakob@
2003-05-15 13:37:43 +10:00
37876e913a
- jakob@cvs.openbsd.org 2003/05/14 18:16:20
...
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
[dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
add experimental support for verifying hos keys using DNS as described
in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
ok markus@ and henning@
2003-05-15 10:19:46 +10:00
db2747259c
- markus@cvs.openbsd.org 2003/05/11 16:56:48
...
[authfile.c ssh-keygen.c]
change key_load_public to try to read a public from:
rsa1 private or rsa1 public and ssh2 keys.
this makes ssh-keygen -e fail for ssh1 keys more gracefully
for example; report from itojun (netbsd pr 20550).
2003-05-14 13:45:22 +10:00
d558092522
- (djm) RCSID sync w/ OpenBSD
2003-05-14 13:40:06 +10:00
996acd2476
*** empty log message ***
2003-04-09 20:59:48 +10:00
e7ee7fe602
- wcobb@cvs.openbsd.org 2002/11/26 00:45:03
...
[scp.c ssh-keygen.c]
Remove unnecessary fflush(stderr) calls, stderr is unbuffered by default.
ok markus@
2002-12-23 02:11:02 +00:00
3a8819102c
- (stevesk) [ssh-keygen.c] bug #231 : always init/seed_rng().
2002-07-20 19:05:40 +00:00
58d3b7224f
- deraadt@cvs.openbsd.org 2002/06/23 09:39:55
...
[ssh-keygen.c]
u_int stuff
2002-06-23 21:28:13 +00:00
cb72e4f6d2
- deraadt@cvs.openbsd.org 2002/06/19 00:27:55
...
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
xmalloc.h]
KNF done automatically while reading....
2002-06-21 00:41:51 +00:00
05efee1092
- (bal) RCSID tag updates on channels.c, clientloop.c, nchan.c,
...
sftp-client.c, ssh-agenet.c, ssh-keygen.c and connect.h (we did unexpand
independant of them)
2002-06-09 20:20:58 +00:00
5a6abdae0f
unexpand
2002-06-09 19:41:48 +00:00
155b981494
- markus@cvs.openbsd.org 2002/03/27 22:21:45
...
[ssh-keygen.c]
try to import keys with extra trailing === (seen with ssh.com < 2.0.12)
2002-04-02 20:26:26 +00:00
0936a5bb72
- markus@cvs.openbsd.org 2002/03/25 17:34:27
...
[scard.c scard.h ssh-agent.c ssh-keygen.c ssh.c]
change sc_get_key to sc_get_keys and hide smartcard details in scard.c
2002-03-26 03:17:42 +00:00
266ec63eb3
- rees@cvs.openbsd.org 2002/03/21 21:54:34
...
[scard.c scard.h ssh-keygen.c]
Add PIN-protection for secret key.
2002-03-22 03:47:38 +00:00
70e3ad8231
- markus@cvs.openbsd.org 2002/03/21 16:57:15
...
[scard.c]
remove const
2002-03-22 03:33:43 +00:00
4a10d2e90b
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
2002-03-11 22:53:29 +11:00
c58ab02e45
- markus@cvs.openbsd.org 2002/02/25 16:33:27
...
[ssh-keygen.c sshconnect2.c uuencode.c uuencode.h]
more u_* fixes
2002-02-26 18:15:09 +00:00
90fd814f90
- markus@cvs.openbsd.org 2002/02/24 19:14:59
...
[auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h
ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c]
signed vs. unsigned: make size arguments u_int, ok stevesk@
2002-02-26 18:09:42 +00:00
993dd55094
- stevesk@cvs.openbsd.org 2002/02/16 20:40:08
...
[ssh-keygen.c]
default to rsa keyfile path for non key generation operations where
keyfile not specified. fixes core dump in those cases. ok markus@
2002-02-19 15:22:47 +11:00
8eb7141758
- (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@
2002-01-30 09:37:06 +11:00
4a8ed54361
- stevesk@cvs.openbsd.org 2002/01/18 18:14:17
...
[authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c]
unneeded cast cleanup; ok markus@
2002-01-22 23:33:31 +11:00
a1db12bac4
- markus@cvs.openbsd.org 2002/01/09 13:49:27
...
[ssh-keygen.c]
append \n only for public keys
2002-01-22 23:20:15 +11:00
708d21c802
- stevesk@cvs.openbsd.org 2001/12/29 21:56:01
...
[authfile.c channels.c compress.c packet.c sftp-server.c ssh-agent.c ssh-keygen.c]
remove unneeded casts and some char->u_char cleanup; ok markus@
2002-01-22 23:18:15 +11:00
154dda73a8
- markus@cvs.openbsd.org 2001/12/27 18:10:29
...
[ssh-keygen.c]
-t is only needed for key generation (unbreaks -i, -e, etc).
2002-01-22 23:08:16 +11:00
a41c8b15bd
- djm@cvs.openbsd.org 2001/12/21 08:52:22
...
[ssh-keygen.1 ssh-keygen.c]
Remove default (rsa1) key type; ok markus@
2002-01-22 23:05:08 +11:00
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
1c37c6a518
- deraadt@cvs.openbsd.org 2001/12/05 10:06:12
...
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
minor KNF
2001-12-06 18:00:18 +00:00
65366a8c76
- stevesk@cvs.openbsd.org 2001/11/17 19:14:34
...
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c]
enum/int type cleanup where it made sense to do so; ok markus@
2001-12-06 16:32:47 +00:00
eb5fec6494
- markus@cvs.openbsd.org 2001/10/25 21:14:32
...
[ssh-keygen.1 ssh-keygen.c]
better docu for fingerprinting, ok deraadt@
2001-11-12 10:52:44 +11:00
1af4d3bb70
- djm@cvs.openbsd.org 2001/09/28 12:07:09
...
[ssh-keygen.c]
bzero private key after loading to smartcard; ok markus@
2001-10-03 17:18:37 +00:00
99a30f11c2
- markus@cvs.openbsd.org 2001/09/17 20:50:22
...
[key.c ssh-keygen.c]
better error handling if you try to export a bad key to ssh.com
2001-09-18 05:49:14 +00:00
9e0ddd4379
- stevesk@cvs.openbsd.org 2001/09/17 19:27:15
...
[kexdh.c kexgex.c key.c key.h ssh-dss.c ssh-keygen.c ssh-rsa.c]
u_char*/char* cleanup; ok markus
2001-09-18 05:41:19 +00:00
bcc1808bf2
- jakob@cvs.openbsd.org 2001/08/02 16:14:05
...
[scard.c ssh-agent.c ssh.c ssh-keygen.c]
clean up some /* SMARTCARD */. ok markus@
2001-08-06 21:59:25 +00:00
ffce147638
- jakob@cvs.openbsd.org 2001/08/02 15:43:57
...
[ssh-agent.c ssh.c ssh-keygen.c]
add /* SMARTCARD */ to #else/#endif. ok markus@
2001-08-06 21:57:31 +00:00
97be31e6ff
- jakob@cvs.openbsd.org 2001/08/02 15:06:52
...
[ssh-keygen.c]
more verbose usage(). ok markus@
2001-08-06 21:49:06 +00:00
f19578c447
- jakob@cvs.openbsd.org 2001/08/02 08:58:35
...
[ssh-keygen.c]
change -u (upload smartcard key) to -U. ok markus@
2001-08-06 21:46:54 +00:00
8282d6a82f
- markus@cvs.openbsd.org 2001/08/02 00:10:17
...
[ssh-keygen.c]
add -D readerid option (download, i.e. print public RSA key to stdout).
check for card present when uploading keys.
use strings instead of ints for smartcard reader ids, too.
2001-08-06 21:44:05 +00:00
6818bfbf30
- markus@cvs.openbsd.org 2001/08/01 23:33:09
...
[ssh-keygen.c]
allow uploading RSA keys for non-default AUT0 (sha1 over passphrase
like sectok).
2001-08-06 21:40:04 +00:00
60df8e4f7d
- rees@cvs.openbsd.org 2001/07/26 20:04:27
...
[scard.c ssh-keygen.c]
Inquire Cyberflex class for 0xf0 cards
change aid to conform to 7816-5
remove gratuitous fid selects
2001-08-06 21:10:52 +00:00
0047764526
- markus@cvs.openbsd.org 2001/07/02 22:40:18
...
[ssh-keygen.c]
update for sectok.h interface changes.
2001-07-04 05:24:27 +00:00
d6e049cd59
- markus@cvs.openbsd.org 2001/06/29 07:11:01
...
[ssh-keygen.c]
initialize early
2001-07-04 05:08:39 +00:00
7feba35a47
- markus@cvs.openbsd.org 2001/06/29 07:06:34
...
[ssh-keygen.c]
new error handling for cyberflex_*
2001-07-04 05:06:59 +00:00
511d69e6d7
- stevesk@cvs.openbsd.org 2001/06/28 19:57:35
...
[ssh-keygen.c]
'\0' terminated data[] is ok; ok markus@
2001-07-04 05:05:27 +00:00
f7297dd79d
- markus@cvs.openbsd.org 2001/06/27 05:42:25
...
[rsa.c rsa.h ssh-agent.c ssh-keygen.c]
s/generate_additional_parameters/rsa_generate_additional_parameters/
http://www.humppa.com/
2001-07-04 05:02:23 +00:00
680b276aad
- markus@cvs.openbsd.org 2001/06/27 05:35:42
...
[ssh-keygen.c]
use cyberflex_inq_class to inquire class.
2001-07-04 05:00:11 +00:00
cd392284ac
- markus@cvs.openbsd.org 2001/06/26 02:47:07
...
[ssh-keygen.c]
allow loading a private RSA key to a cyberflex card.
2001-07-04 03:44:03 +00:00
949974bbdb
- markus@cvs.openbsd.org 2001/06/24 05:35:33
...
[readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c]
switch to readpassphrase(3)
2.7/8-stable needs readpassphrase.[ch] from libc
2001-06-25 05:20:31 +00:00
e586c4ce3f
- markus@cvs.openbsd.org 2001/06/23 17:05:22
...
[ssh-keygen.c]
fix import for (broken?) ssh.com/f-secure private keys
(i tested > 1000 RSA keys)
2001-06-25 05:04:58 +00:00
bba81213b9
- itojun@cvs.openbsd.org 2001/06/23 15:12:20
...
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
2001-06-25 05:01:22 +00:00
34f91883a6
- markus@cvs.openbsd.org 2001/06/23 06:41:10
...
[ssh-keygen.c]
try to decode ssh-3.0.0 private rsa keys
(allow migration to openssh, not vice versa), #910
2001-06-25 04:47:54 +00:00
d78ae766de
- markus@cvs.openbsd.org 2001/05/25 14:37:32
...
[ssh-keygen.c]
use -P for -e and -y, too.
2001-06-05 20:35:09 +00:00
3035860f24
- markus@cvs.openbsd.org 2001/04/23 22:14:13
...
[ssh-keygen.c]
remove debug
2001-04-24 16:59:28 +00:00
46c264f2ae
- markus@cvs.openbsd.org 2001/04/23 21:57:07
...
[ssh-keygen.1 ssh-keygen.c]
allow public key for -e, too
2001-04-24 16:56:58 +00:00
2857d9cf77
- markus@cvs.openbsd.org 2001/04/22 13:41:02
...
[ssh-keygen.1 ssh-keygen.c]
style, noted by stevesk; sort flags in usage
2001-04-22 17:19:46 +00:00
5a70782576
- markus@cvs.openbsd.org 2001/04/22 13:25:37
...
[ssh-keygen.1 ssh-keygen.c]
rename arguments -x -> -e (export key), -X -> -i (import key)
xref draft-ietf-secsh-publickeyfile-01.txt
2001-04-22 17:15:46 +00:00
15f33866a6
- markus@cvs.openbsd.org 2001/04/15 16:58:03
...
[authfile.c ssh-keygen.c sshd.c]
don't use errno for key_{load,save}_private; discussion w/ solar@openwall
2001-04-16 02:00:02 +00:00
a3700050ec
- markus@cvs.openbsd.org 2001/04/05 10:42:57
...
[auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c
mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c
sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c
sshconnect2.c sshd.c]
fix whitespace: unexpand + trailing spaces.
2001-04-05 23:26:32 +00:00
86ebcb6cf5
- stevesk@cvs.openbsd.org 2001/04/03 13:56:11
...
[sftp-glob.c ssh-agent.c ssh-keygen.c]
free() -> xfree()
2001-04-04 01:53:20 +00:00
d09fcf5f6e
- markus@cvs.openbsd.org 2001/03/26 23:23:24
...
[rsa.c rsa.h ssh-agent.c ssh-keygen.c]
try to read private f-secure ssh v2 rsa keys.
2001-03-29 00:29:54 +00:00
Damien Miller
Darren Tucker
Tim Rice
Ben Lindstrom
Kevin Steves