Commit Graph

206 Commits

Author SHA1 Message Date
jmc@openbsd.org 78de1673c0 upstream commit
ssh-askpass(1) is the default, overridden by SSH_ASKPASS;
 diff originally from jiri b;
2015-04-01 10:00:27 +11:00
djm@openbsd.org 44732de068 upstream commit
UpdateHostKeys fixes:

I accidentally changed the format of the hostkeys@openssh.com messages
last week without changing the extension name, and this has been causing
connection failures for people who are running -current. First reported
by sthen@

s/hostkeys@openssh.com/hostkeys-00@openssh.com/
Change the name of the proof message too, and reorder it a little.

Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY
available to read the response) so disable UpdateHostKeys if it is in
ask mode and ControlPersist is active (and document this)
2015-02-21 09:20:28 +11:00
djm@openbsd.org 523463a3a2 upstream commit
Revise hostkeys@openssh.com hostkey learning extension.

The client will not ask the server to prove ownership of the private
halves of any hitherto-unseen hostkeys it offers to the client.

Allow UpdateHostKeys option to take an 'ask' argument to let the
user manually review keys offered.

ok markus@
2015-02-17 09:32:32 +11:00
djm@openbsd.org 15ad750e5e upstream commit
turn UpdateHostkeys off by default until I figure out
 mlarkin@'s warning message; requested by deraadt@
2015-02-03 11:06:16 +11:00
djm@openbsd.org 46347ed596 upstream commit
Add a ssh_config HostbasedKeyType option to control which
 host public key types are tried during hostbased authentication.

This may be used to prevent too many keys being sent to the server,
and blowing past its MaxAuthTries limit.

bz#2211 based on patch by Iain Morgan; ok markus@
2015-01-30 22:47:01 +11:00
djm@openbsd.org 1d1092bff8 upstream commit
correct description of UpdateHostKeys in ssh_config.5 and
 add it to -o lists for ssh, scp and sftp; pointed out by jmc@
2015-01-27 00:00:58 +11:00
djm@openbsd.org 8d4f87258f upstream commit
Host key rotation support.

Add a hostkeys@openssh.com protocol extension (global request) for
a server to inform a client of all its available host key after
authentication has completed. The client may record the keys in
known_hosts, allowing it to upgrade to better host key algorithms
and a server to gracefully rotate its keys.

The client side of this is controlled by a UpdateHostkeys config
option (default on).

ok markus@
2015-01-27 00:00:57 +11:00
jmc@openbsd.org 296ef0560f upstream commit
tweak previous;
2015-01-09 00:13:34 +11:00
djm@openbsd.org 8f6784f0cb upstream commit
mention ssh -Q feature to list supported { MAC, cipher,
 KEX, key } algorithms in more places and include the query string used to
 list the relevant information; bz#2288
2014-12-22 20:05:41 +11:00
djm@openbsd.org b79efde5c3 upstream commit
document FingerprintHash here too
2014-12-22 13:16:57 +11:00
djm@openbsd.org 5e39a49930 upstream commit
add RevokedHostKeys option for the client

Allow textfile or KRL-based revocation of hostkeys.
2014-12-05 09:29:47 +11:00
djm@openbsd.org fc30256136 upstream commit
mux-related manual tweaks

mention ControlPersist=0 is the same as ControlPersist=yes

recommend that ControlPath sockets be placed in a og-w directory
2014-11-11 09:27:17 +11:00
jmc@openbsd.org b1ba15f388 upstream commit
tweak previous;
2014-10-20 14:40:05 +11:00
djm@openbsd.org 957fbceb0f upstream commit
Tweak config reparsing with host canonicalisation

Make the second pass through the config files always run when
hostname canonicalisation is enabled.

Add a "Match canonical" criteria that allows ssh_config Match
blocks to trigger only in the second config pass.

Add a -G option to ssh that causes it to parse its configuration
and dump the result to stdout, similar to "sshd -T"

Allow ssh_config Port options set in the second config parse
phase to be applied (they were being ignored).

bz#2267 bz#2286; ok markus
2014-10-13 11:41:48 +11:00
sobrado@openbsd.org f70b22bcdd upstream commit
improve capitalization for the Ed25519 public-key
 signature system.

ok djm@
2014-10-13 11:37:32 +11:00
Damien Miller 7acefbbcbe - millert@cvs.openbsd.org 2014/07/15 15:54:14
[PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
     [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
     [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
     [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     [sshd_config.5 sshlogin.c]
     Add support for Unix domain socket forwarding.  A remote TCP port
     may be forwarded to a local Unix domain socket and vice versa or
     both ends may be a Unix domain socket.  This is a reimplementation
     of the streamlocal patches by William Ahern from:
         http://www.25thandclement.com/~william/projects/streamlocal.html
     OK djm@ markus@
2014-07-18 14:11:24 +10:00
Damien Miller 079bac2a43 - djm@cvs.openbsd.org 2014/07/07 08:19:12
[ssh_config.5]
     mention that ProxyCommand is executed using shell "exec" to avoid
     a lingering process; bz#1977
2014-07-09 13:06:25 +10:00
Damien Miller 0f12341402 - jmc@cvs.openbsd.org 2014/07/03 07:45:27
[ssh_config.5]
     escape %C since groff thinks it part of an Rs/Re block;
2014-07-03 21:28:09 +10:00
Damien Miller 9c38643c5c - djm@cvs.openbsd.org 2014/07/03 06:39:19
[ssh.c ssh_config.5]
     Add a %C escape sequence for LocalCommand and ControlPath that expands
     to a unique identifer based on a has of the tuple of (local host,
     remote user, hostname, port).

     Helps avoid exceeding sockaddr_un's miserly pathname limits for mux
     control paths.

     bz#2220, based on patch from mancha1 AT zoho.com; ok markus@
2014-07-03 21:27:46 +10:00
Damien Miller ef9f13ba4c - djm@cvs.openbsd.org 2014/07/03 05:32:36
[ssh_config.5]
     mention '%%' escape sequence in HostName directives and how it may
     be used to specify IPv6 link-local addresses
2014-07-03 21:26:21 +10:00
Damien Miller c1621c84f2 - naddy@cvs.openbsd.org 2014/03/28 05:17:11
[ssh_config.5 sshd_config.5]
     sync available and default algorithms, improve algorithm list formatting
     help from jmc@ and schwarze@, ok deraadt@
2014-04-20 13:22:46 +10:00
Damien Miller 13f97b2286 - djm@cvs.openbsd.org 2014/02/23 20:11:36
[readconf.c readconf.h ssh.c ssh_config.5]
     reparse ssh_config and ~/.ssh/config if hostname canonicalisation changes
     the hostname. This allows users to write configurations that always
     refer to canonical hostnames, e.g.

     CanonicalizeHostname yes
     CanonicalDomains int.example.org example.org
     CanonicalizeFallbackLocal no

     Host *.int.example.org
         Compression off
     Host *.example.org
         User djm

     ok markus@
2014-02-24 15:57:55 +11:00
Darren Tucker b7e01c09b5 - djm@cvs.openbsd.org 2014/01/19 04:48:08
[ssh_config.5]
     fix inverted meaning of 'no' and 'yes' for CanonicalizeFallbackLocal
2014-01-19 22:36:13 +11:00
Damien Miller 8ba0ead698 - naddy@cvs.openbsd.org 2013/12/07 11:58:46
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8 ssh.1]
     [ssh_config.5 sshd.8 sshd_config.5]
     add missing mentions of ed25519; ok djm@
2013-12-18 17:46:27 +11:00
Damien Miller 5be9d9e3cb - markus@cvs.openbsd.org 2013/12/06 13:39:49
[authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
     [servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
     [ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
     [sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
     [fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
     support ed25519 keys (hostkeys and user identities) using the public
     domain ed25519 reference code from SUPERCOP, see
     http://ed25519.cr.yp.to/software.html
     feedback, help & ok djm@
2013-12-07 11:24:01 +11:00
Damien Miller dec0393f7e - jmc@cvs.openbsd.org 2013/11/21 08:05:09
[ssh_config.5 sshd_config.5]
     no need for .Pp before displays;
2013-12-05 10:18:43 +11:00
Damien Miller 0fde8acdad - djm@cvs.openbsd.org 2013/11/21 00:45:44
[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
     [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
     [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
     [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
     cipher "chacha20-poly1305@openssh.com" that combines Daniel
     Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
     authenticated encryption mode.

     Inspired by and similar to Adam Langley's proposal for TLS:
     http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
     but differs in layout used for the MAC calculation and the use of a
     second ChaCha20 instance to separately encrypt packet lengths.
     Details are in the PROTOCOL.chacha20poly1305 file.

     Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
     ok markus@ naddy@
2013-11-21 14:12:23 +11:00
Damien Miller 0bd8f1519d - markus@cvs.openbsd.org 2013/11/02 22:39:19
[ssh_config.5 sshd_config.5]
     the default kex is now curve25519-sha256@libssh.org
2013-11-04 08:55:43 +11:00
Damien Miller cf31f38634 - dtucker@cvs.openbsd.org 2013/10/24 00:51:48
[readconf.c servconf.c ssh_config.5 sshd_config.5]
     Disallow empty Match statements and add "Match all" which matches
     everything.  ok djm, man page help jmc@
2013-10-24 21:02:56 +11:00
Damien Miller 8e5a67f469 - jmc@cvs.openbsd.org 2013/10/20 18:00:13
[ssh_config.5]
     tweak the "exec" description, as worded by djm;
2013-10-23 16:30:25 +11:00
Damien Miller 8a04be795f - djm@cvs.openbsd.org 2013/10/20 06:19:28
[readconf.c ssh_config.5]
     rename "command" subclause of the recently-added "Match" keyword to
     "exec"; it's shorter, clearer in intent and we might want to add the
     ability to match against the command being executed at the remote end in
     the future.
2013-10-23 16:29:40 +11:00
Damien Miller 5c86ebdf83 - djm@cvs.openbsd.org 2013/10/20 04:39:28
[ssh_config.5]
     document % expansions performed by "Match command ..."
2013-10-23 16:29:12 +11:00
Damien Miller 51682faa59 - djm@cvs.openbsd.org 2013/10/16 22:58:01
[ssh.c ssh_config.5]
     one I missed in previous: s/isation/ization/
2013-10-17 11:48:31 +11:00
Damien Miller 3850559be9 - djm@cvs.openbsd.org 2013/10/16 22:49:39
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
     s/canonicalise/canonicalize/ for consistency with existing spelling,
     e.g. authorized_keys; pointed out by naddy@
2013-10-17 11:48:13 +11:00
Damien Miller 607af3434b - jmc@cvs.openbsd.org 2013/10/16 06:42:25
[ssh_config.5]
     tweak previous;
2013-10-17 11:47:51 +11:00
Damien Miller 0faf747e2f - djm@cvs.openbsd.org 2013/10/16 02:31:47
[readconf.c readconf.h roaming_client.c ssh.1 ssh.c ssh_config.5]
     [sshconnect.c sshconnect.h]
     Implement client-side hostname canonicalisation to allow an explicit
     search path of domain suffixes to use to convert unqualified host names
     to fully-qualified ones for host key matching.
     This is particularly useful for host certificates, which would otherwise
     need to list unqualified names alongside fully-qualified ones (and this
     causes a number of problems).
     "looks fine" markus@
2013-10-17 11:47:23 +11:00
Damien Miller d77b81f856 - jmc@cvs.openbsd.org 2013/10/15 14:10:25
[ssh.1 ssh_config.5]
     tweak previous;
2013-10-17 11:39:00 +11:00
Damien Miller 194fd904d8 - djm@cvs.openbsd.org 2013/10/14 22:22:05
[readconf.c readconf.h ssh-keysign.c ssh.c ssh_config.5]
     add a "Match" keyword to ssh_config that allows matching on hostname,
     user and result of arbitrary commands. "nice work" markus@
2013-10-15 12:13:05 +11:00
Damien Miller f2f6c315a9 - jmc@cvs.openbsd.org 2013/08/20 06:56:07
[ssh.1 ssh_config.5]
     some proxyusefdpass tweaks;
2013-08-21 02:44:58 +10:00
Damien Miller 1262b6638f - djm@cvs.openbsd.org 2013/08/20 00:11:38
[readconf.c readconf.h ssh_config.5 sshconnect.c]
     Add a ssh_config ProxyUseFDPass option that supports the use of
     ProxyCommands that establish a connection and then pass a connected
     file descriptor back to ssh(1). This allows the ProxyCommand to exit
     rather than have to shuffle data back and forth and enables ssh to use
     getpeername, etc. to obtain address information just like it does with
     regular directly-connected sockets. ok markus@
2013-08-21 02:44:24 +10:00
Damien Miller fecfd118d6 - jmc@cvs.openbsd.org 2013/06/27 14:05:37
[ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
     do not use Sx for sections outwith the man page - ingo informs me that
     stuff like html will render with broken links;

     issue reported by Eric S. Raymond, via djm
2013-07-18 16:11:50 +10:00
Damien Miller 7f2b438ca0 - djm@cvs.openbsd.org 2013/06/21 00:37:49
[ssh_config.5]
     explicitly mention that IdentitiesOnly can be used with IdentityFile
     to control which keys are offered from an agent.
2013-07-18 16:10:29 +10:00
Darren Tucker 63e0df2b93 - jmc@cvs.openbsd.org 2013/05/16 06:28:45
[ssh_config.5]
     put IgnoreUnknown in the right place;
2013-05-16 20:30:31 +10:00
Darren Tucker 0763698f71 - djm@cvs.openbsd.org 2013/05/16 04:27:50
[ssh_config.5 readconf.h readconf.c]
     add the ability to ignore specific unrecognised ssh_config options;
     bz#866; ok markus@
2013-05-16 20:30:03 +10:00
Darren Tucker c53c2af173 - dtucker@cvs.openbsd.org 2013/05/16 02:00:34
[ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c
     ssh_config.5 packet.h]
     Add an optional second argument to RekeyLimit in the client to allow
     rekeying based on elapsed time in addition to amount of traffic.
     with djm@ jmc@, ok djm
2013-05-16 20:28:16 +10:00
Damien Miller 1d75abfe23 - markus@cvs.openbsd.org 2013/01/08 18:49:04
[PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c]
     [myproposal.h packet.c ssh_config.5 sshd_config.5]
     support AES-GCM as defined in RFC 5647 (but with simpler KEX handling)
     ok and feedback djm@
2013-01-09 16:12:19 +11:00
Damien Miller af43a7ac2d - markus@cvs.openbsd.org 2012/12/11 22:31:18
[PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h]
     [packet.c ssh_config.5 sshd_config.5]
     add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms
     that change the packet format and compute the MAC over the encrypted
     message (including the packet size) instead of the plaintext data;
     these EtM modes are considered more secure and used by default.
     feedback and ok djm@
2012-12-12 10:46:31 +11:00
Damien Miller cb6b68b209 - djm@cvs.openbsd.org 2012/12/02 20:26:11
[ssh_config.5 sshconnect2.c]
     Make IdentitiesOnly apply to keys obtained from a PKCS11Provider.
     This allows control of which keys are offered from tokens using
     IdentityFile. ok markus@
2012-12-03 09:49:52 +11:00
Darren Tucker 427e409e99 - markus@cvs.openbsd.org 2012/10/04 13:21:50
[myproposal.h ssh_config.5 umac.h sshd_config.5 ssh.1 sshd.8 mac.c]
     add umac128 variant; ok djm@ at n2k12
     (note: further Makefile work is required)
2012-10-05 11:02:39 +10:00
Darren Tucker ecbf14aa53 - naddy@cvs.openbsd.org 2012/06/29 13:57:25
[ssh_config.5 sshd_config.5]
     match the documented MAC order of preference to the actual one;
     ok dtucker@
2012-07-02 18:53:37 +10:00