the destination. This allows, eg, keeping host keys in individual files
using "UserKnownHostsFile ~/.ssh/known_hosts.d/%k". bz#1654, ok djm@, jmc@
(man page bits)
OpenBSD-Commit-ID: 7084d723c9cc987a5c47194219efd099af5beadc
UserKnownHostsFile, allowing the file to be automagically split up in the
configuration (eg bz#1654). ok djm@, man page parts jmc@
OpenBSD-Commit-ID: 7e1b406caf147638bb51558836a72d6cc0bd1b18
Reorder parameters list in the first usage() case - Sentence rewording
ok dtucker@
jmc@ noticed usage() missed -a flag too
OpenBSD-Commit-ID: f06b9afe91cc96f260b929a56e9930caecbde246
This is a frankenstein monster of AMD64 instructions/calling conventions
but with a 4GB address space. Allegedly deprecated but people still run
into it causing weird sandbox failures, e.g. bz#3085
type SSH_CHANNEL_MUX_LISTENER; Specifically SSH_CHANNEL_MUX_PROXY channels
should not have this structure freed.
OpenBSD-Commit-ID: f3b213ae60405f77439e2b06262f054760c9d325
sshd is in chroot mode, the likely absence of a password database will cause
tilde_expand_filename() to fatal; ok dtucker@
OpenBSD-Commit-ID: e20aee6159e8b79190d18dba1513fc1b7c8b7ee1
through select() loop; fixed theoretical case where busy sshd may ignore
timeouts from client; inspired by and ok dtucker
OpenBSD-Commit-ID: 96bfc4b1f86c7da313882a84755b2b47eb31957f
the server and ignore traffic from a port forwarding client, preventing a
client from keeping a connection alive when it should be terminated. Based
on a patch from jxraynor at gmail.com via openssh-unix-dev and bz#2265, ok
djm@
OpenBSD-Commit-ID: a941a575a5cbc244c0ef5d7abd0422bbf02c2dcd
request
the change introduced a NULL deref in sshpkt_vfatal() (uses of ssh->kex after
calling ssh_packet_clear_keys())
OpenBSD-Commit-ID: 9c9a6721411461b0b1c28dc00930d7251a798484
write to it so we don't leave an empty .ssh directory when it's not needed.
Use the same function to replace the code in ssh-keygen that does the same
thing. bz#3156, ok djm@
OpenBSD-Commit-ID: 59c073b569be1a60f4de36f491a4339bc4ae870f
being relative to the current directory, so that it'll still be found if the
shell startup changes its directory. Since the path is potentially longer,
make the cmd buffer that uses it dynamically sized. bz#3185, with & ok djm@
OpenBSD-Commit-ID: 36e33ff01497af3dc8226d0c4c1526fc3a1e46bf
and example HTML/JS to generate webauthn signatures in SSH formats (also used
to generate the testdata/* for the test).
OpenBSD-Regress-ID: dc575be5bb1796fdf4b8aaee0ef52a6671a0f6fb
webauthn is a standard for using FIDO keys in web browsers. webauthn
signatures are a slightly different format to plain FIDO signatures - this
support allows verification of these. Feedback and ok markus@
OpenBSD-Commit-ID: ab7e3a9fb5782d99d574f408614d833379e564ad
