1cfbfaf4a0
- stevesk@cvs.openbsd.org 2010/03/15 19:40:02
...
[key.c key.h ssh-keygen.c]
also print certificate type (user or host) for ssh-keygen -L
ok djm kettenis
2010-03-22 05:58:24 +11:00
3e1ee491f3
- djm@cvs.openbsd.org 2010/03/07 22:16:01
...
[ssh-keygen.c]
make internal strptime string match strftime format;
suggested by vinschen AT redhat.com and markus@
2010-03-08 09:24:11 +11:00
689b872842
- djm@cvs.openbsd.org 2010/03/04 23:27:25
...
[auth-options.c ssh-keygen.c]
"force-command" is not spelled "forced-command"; spotted by
imorgan AT nas.nasa.gov
2010-03-05 10:42:24 +11:00
f2b70cad75
- djm@cvs.openbsd.org 2010/03/04 20:35:08
...
[ssh-keygen.1 ssh-keygen.c]
Add a -L flag to print the contents of a certificate; ok markus@
2010-03-05 07:39:35 +11:00
1aed65eb27
- djm@cvs.openbsd.org 2010/03/04 10:36:03
...
[auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
[authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
[ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
are trusted to authenticate users (in addition than doing it per-user
in authorized_keys).
Add a RevokedKeys option to sshd_config and a @revoked marker to
known_hosts to allow keys to me revoked and banned for user or host
authentication.
feedback and ok markus@
2010-03-04 21:53:35 +11:00
910f209c1d
- (djm) [ssh-keygen.c] Use correct local variable, instead of
...
maybe-undefined global "optarg"
2010-03-04 14:17:22 +11:00
2ca342b84b
- djm@cvs.openbsd.org 2010/03/02 23:20:57
...
[ssh-keygen.c]
POSIX strptime is stricter than OpenBSD's so do a little dance to
appease it.
2010-03-03 12:14:15 +11:00
0a80ca190a
- OpenBSD CVS Sync
...
- djm@cvs.openbsd.org 2010/02/26 20:29:54
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
[auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
[hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
[myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
[sshconnect2.c sshd.8 sshd.c sshd_config.5]
Add support for certificate key types for users and hosts.
OpenSSH certificate key types are not X.509 certificates, but a much
simpler format that encodes a public key, identity information and
some validity constraints and signs it with a CA key. CA keys are
regular SSH keys. This certificate style avoids the attack surface
of X.509 certificates and is very easy to deploy.
Certified host keys allow automatic acceptance of new host keys
when a CA certificate is marked as sh/known_hosts.
see VERIFYING HOST KEYS in ssh(1) for details.
Certified user keys allow authentication of users when the signing
CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
FILE FORMAT" in sshd(8) for details.
Certificates are minted using ssh-keygen(1), documentation is in
the "CERTIFICATES" section of that manpage.
Documentation on the format of certificates is in the file
PROTOCOL.certkeys
feedback and ok markus@
2010-02-27 07:55:05 +11:00
86cbb44d47
- djm@cvs.openbsd.org 2010/02/09 00:50:59
...
[ssh-keygen.c]
fix -Wall
2010-02-12 09:22:57 +11:00
7ea845e48d
- markus@cvs.openbsd.org 2010/02/08 10:50:20
...
[pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
[ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
replace our obsolete smartcard code with PKCS#11.
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
provider (shared library) while ssh-agent(1) delegates PKCS#11 to
a forked a ssh-pkcs11-helper process.
PKCS#11 is currently a compile time option.
feedback and ok djm@; inspired by patches from Alon Bar-Lev
`
2010-02-12 09:21:02 +11:00
d04758dc4c
- djm@cvs.openbsd.org 2010/01/11 10:51:07
...
[ssh-keygen.c]
when converting keys, truncate key comments at 72 chars as per RFC4716;
bz#1630 reported by tj AT castaglia.org; ok markus@
2010-01-12 19:41:57 +11:00
9bcd25b78b
- djm@cvs.openbsd.org 2009/08/27 17:33:49
...
[ssh-keygen.c]
force use of correct hash function for random-art signature display
as it was inheriting the wrong one when bubblebabble signatures were
activated; bz#1611 report and patch from fwojcik+openssh AT besh.com;
ok markus@
2009-10-07 08:45:48 +11:00
821d3dbe36
- dtucker@cvs.openbsd.org 2009/06/22 05:39:28
...
[monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
alphabetize includes; reduces diff vs portable and style(9).
ok stevesk djm
(Id sync only; these were already in order in -portable)
2009-06-22 16:11:06 +10:00
9eab9564d5
- (djm) OpenBSD CVS Sync
...
- tobias@cvs.openbsd.org 2009/02/21 19:32:04
[misc.c sftp-server-main.c ssh-keygen.c]
Added missing newlines in error messages.
ok dtucker
2009-02-22 08:47:02 +11:00
e15fb09847
- stevesk@cvs.openbsd.org 2008/11/07 00:42:12
...
[ssh-keygen.c]
spelling/typo in comment
2008-11-11 16:31:43 +11:00
81dec0589a
- sthen@cvs.openbsd.org 2008/07/13 21:22:52
...
[ssh-keygen.c]
Change "ssh-keygen -F [host] -l" to not display random art unless
-v is also specified, making it consistent with the manual and other
uses of -l.
ok grunk@
2008-07-14 11:28:29 +10:00
b68fb4ad21
- grunk@cvs.openbsd.org 2008/06/12 21:14:46
...
[ssh-keygen.c]
make ssh-keygen -lf show the key type just as ssh-add -l would do it
ok djm@ markus@
2008-06-13 08:57:27 +10:00
35c45535ea
- grunk@cvs.openbsd.org 2008/06/11 22:20:46
...
[ssh-keygen.c ssh-keygen.1]
ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
that is not how it was envisioned.
Also correct manpage saying that -v is needed along with -l for it to work.
spotted by naddy@
2008-06-13 04:43:15 +10:00
a376a32e8e
- grunk@cvs.openbsd.org 2008/06/11 21:38:25
...
[ssh-keygen.c]
ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
would not display you the random art as intended, spotted by canacar@
2008-06-13 04:42:14 +10:00
9c16ac9263
- grunk@cvs.openbsd.org 2008/06/11 21:01:35
...
[ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
sshconnect.c]
Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
graphical hash visualization schemes known as "random art", and by
Dan Kaminsky's musings on the subject during a BlackOp talk at the
23C3 in Berlin.
Scientific publication (original paper):
"Hash Visualization: a New Technique to improve Real-World Security",
Perrig A. and Song D., 1999, International Workshop on Cryptographic
Techniques and E-Commerce (CrypTEC '99)
http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
The algorithm used here is a worm crawling over a discrete plane,
leaving a trace (augmenting the field) everywhere it goes.
Movement is taken from dgst_raw 2bit-wise. Bumping into walls
makes the respective movement vector be ignored for this turn,
thus switching to the other color of the chessboard.
Graphs are not unambiguous for now, because circles in graphs can be
walked in either direction.
discussions with several people,
help, corrections and ok markus@ djm@
2008-06-13 04:40:35 +10:00
0f7e910604
- djm@cvs.openbsd.org 2008/05/19 15:46:31
...
[ssh-keygen.c]
support -l (print fingerprint) in combination with -F (find host) to
search for a host in ~/.ssh/known_hosts and display its fingerprint;
ok markus@
2008-06-08 12:54:29 +10:00
bfaaf960a0
- (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
...
openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
header to after OpenSSL headers, since some versions of OpenSSL have
SSLeay_add_all_algorithms as a macro already.
2008-02-28 19:13:52 +11:00
cb2fbb2407
- djm@cvs.openbsd.org 2008/01/19 22:37:19
...
[ssh-keygen.c]
unbreak line numbering (broken in revision 1.164), fix error message
2008-02-10 22:24:55 +11:00
a8796f3fcc
- djm@cvs.openbsd.org 2008/01/19 22:22:58
...
[ssh-keygen.c]
when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
hash just the specified hostname and not the entire hostspec from the
keyfile. It may be of the form "hostname,ipaddr", which would lead to
a hash that never matches. report and fix from jp AT devnull.cz
2008-02-10 22:24:30 +11:00
0f4ed693d6
- chl@cvs.openbsd.org 2007/10/02 17:49:58
...
[ssh-keygen.c]
handles zero-sized strings that fgets can return
2007-10-26 14:26:32 +10:00
14b017d6f2
- gilles@cvs.openbsd.org 2007/09/11 15:47:17
...
[session.c ssh-keygen.c sshlogin.c]
use strcspn to properly overwrite '\n' in fgets returned buffer
ok pyr@, ray@, millert@, moritz@, chl@
2007-09-17 16:09:15 +10:00
5cbe7ca18d
- sobrado@cvs.openbsd.org 2007/09/09 11:38:01
...
[ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c]
sort synopsis and options in ssh-agent(1); usage is lowercase
ok jmc@
2007-09-17 16:05:50 +10:00
82a3d2bc6f
- stevesk@cvs.openbsd.org 2007/01/21 01:41:54
...
[auth-skey.c kex.c ssh-keygen.c session.c clientloop.c]
spaces
2007-02-19 22:10:25 +11:00
26dc3e656a
- jmc@cvs.openbsd.org 2007/01/12 20:20:41
...
[ssh-keygen.1 ssh-keygen.c]
more secsh -> rfc 4716 updates;
spotted by wiz@netbsd
ok markus
2007-02-19 22:09:06 +11:00
9ac56e945b
- (dtucker) [ssh-keygen.c] ac -> argv to match earlier sync.
2007-01-14 10:19:59 +11:00
80163907ed
- stevesk@cvs.openbsd.org 2007/01/03 03:01:40
...
[auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c]
spaces
2007-01-05 16:30:16 +11:00
6c7439f963
- stevesk@cvs.openbsd.org 2007/01/03 00:53:38
...
[ssh-keygen.c]
remove small dead code; arnaud.lacombe.1@ulaval.ca via Coverity scan
2007-01-05 16:29:55 +11:00
df8b7db16e
- (djm) OpenBSD CVS Sync
...
- deraadt@cvs.openbsd.org 2006/11/14 19:41:04
[ssh-keygen.c]
use argc and argv not some made up short form
2007-01-05 16:22:57 +11:00
0bc85579a9
- markus@cvs.openbsd.org 2006/11/06 21:25:28
...
[auth-rsa.c kexgexc.c kexdhs.c key.c ssh-dss.c sshd.c kexgexs.c
ssh-keygen.c bufbn.c moduli.c scard.c kexdhc.c sshconnect1.c dh.c rsa.c]
add missing checks for openssl return codes; with & ok djm@
2006-11-07 23:14:41 +11:00
ded319cca2
- (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c]
...
[auth-rsa.c auth-shadow.c auth-sia.c auth1.c auth2-chall.c]
[auth2-gss.c auth2-kbdint.c auth2-none.c authfd.c authfile.c]
[cipher-3des1.c cipher-aes.c cipher-bf1.c cipher-ctr.c clientloop.c]
[dh.c dns.c entropy.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c loginrec.c mac.c]
[md5crypt.c monitor.c monitor_wrap.c readconf.c rsa.c]
[scard-opensc.c scard.c session.c ssh-add.c ssh-agent.c ssh-dss.c]
[ssh-keygen.c ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c rc4.diff]
[openbsd-compat/bsd-cray.c openbsd-compat/port-aix.c]
[openbsd-compat/port-linux.c openbsd-compat/port-solaris.c]
[openbsd-compat/port-uw.c]
Lots of headers for SCO OSR6, mainly adding stdarg.h for log.h;
compile problems reported by rac AT tenzing.org
2006-09-01 15:38:36 +10:00
d783435315
- deraadt@cvs.openbsd.org 2006/08/03 03:34:42
...
[OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
[auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
[buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
[groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
[kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
[key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
[monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
[readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
[serverloop.c session.c session.h sftp-client.c sftp-common.c]
[sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
[ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
[ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
[uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
[loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
almost entirely get rid of the culture of ".h files that include .h files"
ok djm, sort of ok stevesk
makes the pain stop in one easy step
NB. portable commit contains everything *except* removing includes.h, as
that will take a fair bit more work as we move headers that are required
for portability workarounds to defines.h. (also, this step wasn't "easy")
2006-08-05 12:39:39 +10:00
a7a73ee35d
- stevesk@cvs.openbsd.org 2006/08/01 23:22:48
...
[auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
[auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
[channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
[kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
[monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
[servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
[sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
[uuencode.h xmalloc.c]
move #include <stdio.h> out of includes.h
2006-08-05 11:37:59 +10:00
e7a1e5cf63
- stevesk@cvs.openbsd.org 2006/07/26 13:57:17
...
[authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
[hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
[scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
[ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
[sshconnect1.c sshd.c xmalloc.c]
move #include <stdlib.h> out of includes.h
2006-08-05 11:34:19 +10:00
8dbffe7904
- stevesk@cvs.openbsd.org 2006/07/26 02:35:17
...
[atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
[groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
[packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
[sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
[uidswap.c xmalloc.c]
move #include <sys/param.h> out of includes.h
2006-08-05 11:02:17 +10:00
b8fe89c4d9
- (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]
...
[canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
[gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
[servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
[ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
[openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
[openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
[openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
[openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
[openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
make the portable tree compile again - sprinkle unistd.h and string.h
back in. Don't redefine __unused, as it turned out to be used in
headers on Linux, and replace its use in auth-pam.c with ARGSUSED
2006-07-24 14:51:00 +10:00
e3476ed03b
- stevesk@cvs.openbsd.org 2006/07/22 20:48:23
...
[atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
[auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
[authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
[cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
[compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
[includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
[progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
[sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
move #include <string.h> out of includes.h
2006-07-24 14:13:33 +10:00
e6b3b610ec
- stevesk@cvs.openbsd.org 2006/07/17 01:31:10
...
[authfd.c authfile.c channels.c cleanup.c clientloop.c groupaccess.c]
[includes.h log.c misc.c msg.c packet.c progressmeter.c readconf.c]
[readpass.c scp.c servconf.c sftp-client.c sftp-server.c sftp.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c]
[sshconnect.c sshlogin.c sshpty.c uidswap.c]
move #include <unistd.h> out of includes.h
2006-07-24 14:01:23 +10:00
be43ebf975
- stevesk@cvs.openbsd.org 2006/07/12 22:28:52
...
[auth-options.c canohost.c channels.c includes.h readconf.c servconf.c ssh-keyscan.c ssh.c sshconnect.c sshd.c]
move #include <netdb.h> out of includes.h; ok djm@
2006-07-24 13:51:51 +10:00
3997249346
- stevesk@cvs.openbsd.org 2006/07/11 20:07:25
...
[scp.c auth.c monitor.c serverloop.c sftp-server.c sshpty.c readpass.c
sshd.c monitor_wrap.c monitor_fdpass.c ssh-agent.c ttymodes.c atomicio.c
includes.h session.c sshlogin.c monitor_mm.c packet.c sshconnect2.c
sftp-client.c nchan.c clientloop.c sftp.c misc.c canohost.c channels.c
ssh-keygen.c progressmeter.c uidswap.c msg.c readconf.c sshconnect.c]
move #include <errno.h> out of includes.h; ok markus@
2006-07-12 22:22:46 +10:00
2ee50c5cce
- (dtucker) [configure.ac ssh-keygen.c openbsd-compat/bsd-openpty.c
...
openbsd-compat/daemon.c] Add includes needed by open(2). Conditionally
include paths.h. Fixes build error on Solaris.
2006-07-11 18:55:05 +10:00
57cf638577
- stevesk@cvs.openbsd.org 2006/07/09 15:15:11
...
[auth2-none.c authfd.c authfile.c includes.h misc.c monitor.c]
[readpass.c scp.c serverloop.c sftp-client.c sftp-server.c]
[ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
[sshlogin.c sshpty.c]
move #include <fcntl.h> out of includes.h
2006-07-10 21:13:46 +10:00
e3b60b524e
- stevesk@cvs.openbsd.org 2006/07/08 21:47:12
...
[authfd.c canohost.c clientloop.c dns.c dns.h includes.h]
[monitor_fdpass.c nchan.c packet.c servconf.c sftp.c ssh-agent.c]
[ssh-keyscan.c ssh.c sshconnect.h sshd.c sshlogin.h]
move #include <sys/socket.h> out of includes.h
2006-07-10 21:08:03 +10:00
69996104fe
- stevesk@cvs.openbsd.org 2006/07/06 16:22:39
...
[ssh-keygen.c]
move #include "dns.h" up
2006-07-10 20:53:31 +10:00
9f2abc47eb
- stevesk@cvs.openbsd.org 2006/07/06 16:03:53
...
[auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c]
[auth-rhosts.c auth-rsa.c auth.c auth.h auth2-hostbased.c]
[auth2-pubkey.c auth2.c includes.h misc.c misc.h monitor.c]
[monitor_wrap.c monitor_wrap.h scp.c serverloop.c session.c]
[session.h sftp-common.c ssh-add.c ssh-keygen.c ssh-keysign.c]
[ssh.c sshconnect.c sshconnect.h sshd.c sshpty.c sshpty.h uidswap.c]
[uidswap.h]
move #include <pwd.h> out of includes.h; ok markus@
2006-07-10 20:53:08 +10:00
40b5985fe0
- markus@cvs.openbsd.org 2006/05/17 12:43:34
...
[scp.c sftp.c ssh-agent.c ssh-keygen.c sshconnect.c]
fix leak; coverity via Kylene Jo Hall
2006-06-13 13:00:25 +10:00
e23209f434
- dtucker@cvs.openbsd.org 2006/03/30 11:05:17
...
[ssh-keygen.c]
Correctly handle truncated files while converting keys; ok djm@
2006-03-31 23:13:35 +11:00
5f340065fc
- deraadt@cvs.openbsd.org 2006/03/25 18:40:14
...
[ssh-keygen.c]
cast strtonum() result to right type
2006-03-26 14:27:57 +11:00
57c30117c1
- djm@cvs.openbsd.org 2006/03/25 13:17:03
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c]
[auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c]
[auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
[auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c]
[buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c]
[cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c]
[deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c]
[kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c]
[mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c]
[monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c]
[readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c]
[session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c]
[sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
[ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c]
Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that
Theo nuked - our scripts to sync -portable need them in the files
2006-03-26 14:24:48 +11:00
9096740f6c
- deraadt@cvs.openbsd.org 2006/03/20 18:26:55
...
[channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c]
[ssh-rsa.c ssh.c sshlogin.c]
annoying spacing fixes getting in the way of real diffs
2006-03-26 14:07:26 +11:00
cb314828eb
- OpenBSD CVS Sync
...
- jakob@cvs.openbsd.org 2006/03/15 08:46:44
[ssh-keygen.c]
if no key file are given when printing the DNS host record, use the
host key file(s) as default. ok djm@
2006-03-26 13:48:01 +11:00
b0fb6872ed
- deraadt@cvs.openbsd.org 2006/03/19 18:51:18
...
[atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c]
[auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c]
[auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c]
[auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c]
[auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c]
[canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c]
[cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
[compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c]
[groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c]
[kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c]
[loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c]
[monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c]
[nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c]
[scard.c scp.c servconf.c serverloop.c session.c sftp-client.c]
[sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c]
[ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c]
[sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c]
[uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c]
[openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c]
[openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c]
[openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c]
[openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c]
RCSID() can die
2006-03-26 00:03:21 +11:00
8056a9d46a
- dtucker@cvs.openbsd.org 2006/03/13 08:43:16
...
[ssh-keygen.c]
Make ssh-keygen handle CR and CRLF line termination when converting IETF
format keys, in adition to vanilla LF. mindrot #1157 , tested by Chris
Pepper, ok djm@
2006-03-15 12:05:40 +11:00
f17883e6a0
- stevesk@cvs.openbsd.org 2006/02/20 17:02:44
...
[clientloop.c includes.h monitor.c progressmeter.c scp.c]
[serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
move #include <signal.h> out of includes.h; ok markus@
2006-03-15 11:45:54 +11:00
3af2ac56a2
- dtucker@cvs.openbsd.org 2005/11/29 02:04:55
...
[ssh-keygen.c]
Populate default key sizes before checking them; from & ok tim@
2005-11-29 13:10:24 +11:00
660c3405f9
- (tim) [ssh-keygen.c] Move DSA length test after setting default when
...
bits == 0.
2005-11-28 17:45:32 -08:00
9f647335d2
[ssh-keygen.1 ssh-keygen.c]
...
Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2,
increase minumum RSA key size to 768 bits and update man page to reflect
these. Patch originally bz#1119 (senthilkumar_sen at hotpop.com),
ok djm@, grudging ok deraadt@.
2005-11-28 16:41:46 +11:00
f14be5ce03
- djm@cvs.openbsd.org 2005/10/31 11:12:49
...
[ssh-keygen.1 ssh-keygen.c]
generate a protocol 2 RSA key by default
2005-11-05 15:15:49 +11:00
788f212aed
- djm@cvs.openbsd.org 2005/10/30 08:52:18
...
[clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
[ssh.c sshconnect.c sshconnect1.c sshd.c]
no need to escape single quotes in comments, no binary change
2005-11-05 15:14:59 +11:00
15d72a00a3
- stevesk@cvs.openbsd.org 2005/10/14 02:17:59
...
[ssh-keygen.c ssh.c sshconnect2.c]
no trailing "\n" for log functions; ok djm@
2005-11-05 15:07:33 +11:00
3f54a9f5b7
- (djm) OpenBSD CVS Sync
...
- markus@cvs.openbsd.org 2005/10/07 11:13:57
[ssh-keygen.c]
change DSA default back to 1024, as it's defined for 1024 bits only
and this causes interop problems with other clients. moreover,
in order to improve the security of DSA you need to change more
components of DSA key generation (e.g. the internal SHA1 hash);
ok deraadt
2005-11-05 14:52:18 +11:00
ce321d8a30
- djm@cvs.openbsd.org 2005/09/13 23:40:07
...
[sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
ensure that stdio fds are attached; ok deraadt@
2005-10-03 18:11:24 +10:00
0dc1bef12d
- djm@cvs.openbsd.org 2005/07/17 07:17:55
...
[auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
[cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
[serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
[sshconnect.c sshconnect2.c]
knf says that a 2nd level indent is four (not three or five) spaces
2005-07-17 17:22:45 +10:00
ac7ef6a736
- djm@cvs.openbsd.org 2005/06/08 03:50:00
...
[ssh-keygen.1 ssh-keygen.c sshd.8]
increase default rsa/dsa key length from 1024 to 2048 bits;
ok markus@ deraadt@
2005-06-16 13:19:06 +10:00
2db8ae671e
- dtucker@cvs.openbsd.org 2005/05/26 09:08:12
...
[ssh-keygen.c]
uint32_t -> u_int32_t for consistency; ok djm@
2005-06-01 23:02:25 +10:00
02e754f1f0
- avsm@cvs.openbsd.org 2005/05/24 02:05:09
...
[ssh-keygen.c]
some style nits from dmiller@, and use a fatal() instead of a printf()/exit
2005-05-26 12:19:39 +10:00
b089fb5fe1
- avsm@cvs.openbsd.org 2005/05/23 22:44:01
...
[moduli.c ssh-keygen.c]
- removes signed/unsigned comparisons in moduli generation
- use strtonum instead of atoi where its easier
- check some strlcpy overflow and fatal instead of truncate
2005-05-26 12:16:18 +10:00
9278ffaf71
- (djm) OpenBSD CVS Sync
...
- otto@cvs.openbsd.org 2005/04/05 13:45:31
[ssh-keygen.c]
2005-05-26 11:59:06 +10:00
9f438a9d63
- markus@cvs.openbsd.org 2005/03/11 14:59:06
...
[ssh-keygen.c]
typo, missing \n; mpech
2005-03-14 23:09:18 +11:00
47eede77ed
- deraadt@cvs.openbsd.org 2005/03/10 22:01:05
...
[misc.c ssh-keygen.c servconf.c clientloop.c auth-options.c ssh-add.c
monitor.c sftp-client.c bufaux.h hostfile.c ssh.c sshconnect.c channels.c
readconf.c bufaux.c sftp.c]
spacing
2005-03-14 23:08:12 +11:00
89eac8010a
- djm@cvs.openbsd.org 2005/03/02 01:27:41
...
[ssh-keygen.c]
ignore hostnames with metachars when hashing; ok deraadt@
2005-03-02 12:33:04 +11:00
4b42d7f195
- djm@cvs.openbsd.org 2005/03/01 10:42:49
...
[ssh-keygen.1 ssh-keygen.c ssh_config.5]
add tools for managing known_hosts files with hashed hostnames, including
hashing existing files and deleting hosts by name; ok markus@ deraadt@
2005-03-01 21:48:35 +11:00
7cfeecf670
- markus@cvs.openbsd.org 2004/12/23 17:38:07
...
[ssh-keygen.c]
leak; from mpech
2005-01-20 10:56:31 +11:00
fc9597034b
- deraadt@cvs.openbsd.org 2004/07/11 17:48:47
...
[channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
sshd.c ttymodes.h]
spaces
2004-07-17 16:12:08 +10:00
ba6de952a0
- (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
...
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces
diff vs OpenBSD; ok mouring@, tested by tim@ too.
2004-07-17 14:07:42 +10:00
3f9fdc7121
- avsm@cvs.openbsd.org 2004/06/21 17:36:31
...
[auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
sshpty.c]
make ssh -Wshadow clean, no functional changes
markus@ ok
There are also some portable-specific -Wshadow warnings to be fixed in
monitor.c and montior_wrap.c.
2004-06-22 12:56:01 +10:00
770fc01078
- djm@cvs.openbsd.org 2004/05/09 00:06:47
...
[moduli.c ssh-keygen.c] removed: moduli.h
zap another tiny header; ok deraadt@
2004-05-13 16:24:32 +10:00
e608ca2965
- djm@cvs.openbsd.org 2004/05/08 00:21:31
...
[clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
kill a tiny header; ok deraadt@
2004-05-13 16:15:47 +10:00
06930c70ad
- djm@cvs.openbsd.org 2003/12/22 09:16:58
...
[moduli.c ssh-keygen.1 ssh-keygen.c]
tidy up moduli generation debugging, add -v (verbose/debug) option to
ssh-keygen; ok markus@
2003-12-31 11:34:51 +11:00
a4b33dfb6d
- djm@cvs.openbsd.org 2003/11/23 23:18:45
...
[ssh-keygen.c]
consistency PATH_MAX -> MAXPATHLEN; ok markus@
(RCS ID sync only)
- djm@cvs.openbsd.org 2003/11/23 23:21:21
[scp.c]
from portable: rename clashing variable limit-> limit_rate; ok markus@
(RCS ID sync only)
2003-11-24 13:09:27 +11:00
787b2ec18c
more whitespace (tabs this time)
2003-11-21 23:56:47 +11:00
a8e06cef35
- djm@cvs.openbsd.org 2003/11/21 11:57:03
...
[everything]
unexpand and delete whitespace at EOL; ok markus@
(done locally and RCS IDs synced)
2003-11-21 23:48:55 +11:00
dda19d63ff
- jakob@cvs.openbsd.org 2003/10/14 19:42:10
...
[dns.c dns.h readconf.c ssh-keygen.c sshconnect.c]
include SSHFP lookup code (not enabled by default). ok markus@
2003-10-15 16:00:47 +10:00
c0815c927e
- miod@cvs.openbsd.org 2003/09/18 13:02:21
...
[authfd.c bufaux.c dh.c mac.c ssh-keygen.c]
A few signedness fixes for harmless situations; markus@ ok
2003-09-22 21:05:50 +10:00
2e0e38e310
[ssh-keygen.c] s/PATH_MAX/MAXPATHLEN/ ok mouring@
2003-09-08 16:11:33 -07:00
59d3d5b8b4
- (djm) s/get_progname/ssh_get_progname/g to avoid conflict with Heimdal
...
-lbroken; ok dtucker
2003-08-22 09:34:41 +10:00
f4220e6cef
- markus@cvs.openbsd.org 2003/08/14 16:08:58
...
[ssh-keygen.c]
exit after primetest, ok djm@
2003-08-21 16:44:07 +10:00
019cefeaad
- djm@cvs.openbsd.org 2003/07/28 09:49:56
...
[ssh-keygen.1 ssh-keygen.c]
Support for generating Diffie-Hellman groups (/etc/moduli) from ssh-keygen.
Based on code from Phil Karn, William Allen Simpson and Niels Provos.
ok markus@, thanks jmc@
2003-08-02 22:40:07 +10:00
ed12a26f0d
- djm@cvs.openbsd.org 2003/05/15 03:10:52
...
[ssh-keygen.c]
avoid warning; ok jakob@
2003-05-15 13:37:43 +10:00
37876e913a
- jakob@cvs.openbsd.org 2003/05/14 18:16:20
...
[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
[dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
add experimental support for verifying hos keys using DNS as described
in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
ok markus@ and henning@
2003-05-15 10:19:46 +10:00
db2747259c
- markus@cvs.openbsd.org 2003/05/11 16:56:48
...
[authfile.c ssh-keygen.c]
change key_load_public to try to read a public from:
rsa1 private or rsa1 public and ssh2 keys.
this makes ssh-keygen -e fail for ssh1 keys more gracefully
for example; report from itojun (netbsd pr 20550).
2003-05-14 13:45:22 +10:00
d558092522
- (djm) RCSID sync w/ OpenBSD
2003-05-14 13:40:06 +10:00
996acd2476
*** empty log message ***
2003-04-09 20:59:48 +10:00
e7ee7fe602
- wcobb@cvs.openbsd.org 2002/11/26 00:45:03
...
[scp.c ssh-keygen.c]
Remove unnecessary fflush(stderr) calls, stderr is unbuffered by default.
ok markus@
2002-12-23 02:11:02 +00:00
3a8819102c
- (stevesk) [ssh-keygen.c] bug #231 : always init/seed_rng().
2002-07-20 19:05:40 +00:00
58d3b7224f
- deraadt@cvs.openbsd.org 2002/06/23 09:39:55
...
[ssh-keygen.c]
u_int stuff
2002-06-23 21:28:13 +00:00
cb72e4f6d2
- deraadt@cvs.openbsd.org 2002/06/19 00:27:55
...
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
xmalloc.h]
KNF done automatically while reading....
2002-06-21 00:41:51 +00:00
05efee1092
- (bal) RCSID tag updates on channels.c, clientloop.c, nchan.c,
...
sftp-client.c, ssh-agenet.c, ssh-keygen.c and connect.h (we did unexpand
independant of them)
2002-06-09 20:20:58 +00:00
5a6abdae0f
unexpand
2002-06-09 19:41:48 +00:00
155b981494
- markus@cvs.openbsd.org 2002/03/27 22:21:45
...
[ssh-keygen.c]
try to import keys with extra trailing === (seen with ssh.com < 2.0.12)
2002-04-02 20:26:26 +00:00
0936a5bb72
- markus@cvs.openbsd.org 2002/03/25 17:34:27
...
[scard.c scard.h ssh-agent.c ssh-keygen.c ssh.c]
change sc_get_key to sc_get_keys and hide smartcard details in scard.c
2002-03-26 03:17:42 +00:00
266ec63eb3
- rees@cvs.openbsd.org 2002/03/21 21:54:34
...
[scard.c scard.h ssh-keygen.c]
Add PIN-protection for secret key.
2002-03-22 03:47:38 +00:00
70e3ad8231
- markus@cvs.openbsd.org 2002/03/21 16:57:15
...
[scard.c]
remove const
2002-03-22 03:33:43 +00:00
4a10d2e90b
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
2002-03-11 22:53:29 +11:00
c58ab02e45
- markus@cvs.openbsd.org 2002/02/25 16:33:27
...
[ssh-keygen.c sshconnect2.c uuencode.c uuencode.h]
more u_* fixes
2002-02-26 18:15:09 +00:00
90fd814f90
- markus@cvs.openbsd.org 2002/02/24 19:14:59
...
[auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h
ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c]
signed vs. unsigned: make size arguments u_int, ok stevesk@
2002-02-26 18:09:42 +00:00
993dd55094
- stevesk@cvs.openbsd.org 2002/02/16 20:40:08
...
[ssh-keygen.c]
default to rsa keyfile path for non key generation operations where
keyfile not specified. fixes core dump in those cases. ok markus@
2002-02-19 15:22:47 +11:00
8eb7141758
- (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@
2002-01-30 09:37:06 +11:00
4a8ed54361
- stevesk@cvs.openbsd.org 2002/01/18 18:14:17
...
[authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c]
unneeded cast cleanup; ok markus@
2002-01-22 23:33:31 +11:00
a1db12bac4
- markus@cvs.openbsd.org 2002/01/09 13:49:27
...
[ssh-keygen.c]
append \n only for public keys
2002-01-22 23:20:15 +11:00
708d21c802
- stevesk@cvs.openbsd.org 2001/12/29 21:56:01
...
[authfile.c channels.c compress.c packet.c sftp-server.c ssh-agent.c ssh-keygen.c]
remove unneeded casts and some char->u_char cleanup; ok markus@
2002-01-22 23:18:15 +11:00
154dda73a8
- markus@cvs.openbsd.org 2001/12/27 18:10:29
...
[ssh-keygen.c]
-t is only needed for key generation (unbreaks -i, -e, etc).
2002-01-22 23:08:16 +11:00
a41c8b15bd
- djm@cvs.openbsd.org 2001/12/21 08:52:22
...
[ssh-keygen.1 ssh-keygen.c]
Remove default (rsa1) key type; ok markus@
2002-01-22 23:05:08 +11:00
9f0f5c64bc
- deraadt@cvs.openbsd.org 2001/12/19 07:18:56
...
[auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
[auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
[cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
[match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
[servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
[sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
[sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
[ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
basic KNF done while i was looking for something else
2001-12-21 14:45:46 +11:00
1c37c6a518
- deraadt@cvs.openbsd.org 2001/12/05 10:06:12
...
[authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
minor KNF
2001-12-06 18:00:18 +00:00
65366a8c76
- stevesk@cvs.openbsd.org 2001/11/17 19:14:34
...
[auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c]
enum/int type cleanup where it made sense to do so; ok markus@
2001-12-06 16:32:47 +00:00
eb5fec6494
- markus@cvs.openbsd.org 2001/10/25 21:14:32
...
[ssh-keygen.1 ssh-keygen.c]
better docu for fingerprinting, ok deraadt@
2001-11-12 10:52:44 +11:00
1af4d3bb70
- djm@cvs.openbsd.org 2001/09/28 12:07:09
...
[ssh-keygen.c]
bzero private key after loading to smartcard; ok markus@
2001-10-03 17:18:37 +00:00
99a30f11c2
- markus@cvs.openbsd.org 2001/09/17 20:50:22
...
[key.c ssh-keygen.c]
better error handling if you try to export a bad key to ssh.com
2001-09-18 05:49:14 +00:00
9e0ddd4379
- stevesk@cvs.openbsd.org 2001/09/17 19:27:15
...
[kexdh.c kexgex.c key.c key.h ssh-dss.c ssh-keygen.c ssh-rsa.c]
u_char*/char* cleanup; ok markus
2001-09-18 05:41:19 +00:00
bcc1808bf2
- jakob@cvs.openbsd.org 2001/08/02 16:14:05
...
[scard.c ssh-agent.c ssh.c ssh-keygen.c]
clean up some /* SMARTCARD */. ok markus@
2001-08-06 21:59:25 +00:00
ffce147638
- jakob@cvs.openbsd.org 2001/08/02 15:43:57
...
[ssh-agent.c ssh.c ssh-keygen.c]
add /* SMARTCARD */ to #else/#endif. ok markus@
2001-08-06 21:57:31 +00:00
97be31e6ff
- jakob@cvs.openbsd.org 2001/08/02 15:06:52
...
[ssh-keygen.c]
more verbose usage(). ok markus@
2001-08-06 21:49:06 +00:00
f19578c447
- jakob@cvs.openbsd.org 2001/08/02 08:58:35
...
[ssh-keygen.c]
change -u (upload smartcard key) to -U. ok markus@
2001-08-06 21:46:54 +00:00
8282d6a82f
- markus@cvs.openbsd.org 2001/08/02 00:10:17
...
[ssh-keygen.c]
add -D readerid option (download, i.e. print public RSA key to stdout).
check for card present when uploading keys.
use strings instead of ints for smartcard reader ids, too.
2001-08-06 21:44:05 +00:00
6818bfbf30
- markus@cvs.openbsd.org 2001/08/01 23:33:09
...
[ssh-keygen.c]
allow uploading RSA keys for non-default AUT0 (sha1 over passphrase
like sectok).
2001-08-06 21:40:04 +00:00
60df8e4f7d
- rees@cvs.openbsd.org 2001/07/26 20:04:27
...
[scard.c ssh-keygen.c]
Inquire Cyberflex class for 0xf0 cards
change aid to conform to 7816-5
remove gratuitous fid selects
2001-08-06 21:10:52 +00:00
0047764526
- markus@cvs.openbsd.org 2001/07/02 22:40:18
...
[ssh-keygen.c]
update for sectok.h interface changes.
2001-07-04 05:24:27 +00:00
d6e049cd59
- markus@cvs.openbsd.org 2001/06/29 07:11:01
...
[ssh-keygen.c]
initialize early
2001-07-04 05:08:39 +00:00
7feba35a47
- markus@cvs.openbsd.org 2001/06/29 07:06:34
...
[ssh-keygen.c]
new error handling for cyberflex_*
2001-07-04 05:06:59 +00:00
511d69e6d7
- stevesk@cvs.openbsd.org 2001/06/28 19:57:35
...
[ssh-keygen.c]
'\0' terminated data[] is ok; ok markus@
2001-07-04 05:05:27 +00:00
f7297dd79d
- markus@cvs.openbsd.org 2001/06/27 05:42:25
...
[rsa.c rsa.h ssh-agent.c ssh-keygen.c]
s/generate_additional_parameters/rsa_generate_additional_parameters/
http://www.humppa.com/
2001-07-04 05:02:23 +00:00
680b276aad
- markus@cvs.openbsd.org 2001/06/27 05:35:42
...
[ssh-keygen.c]
use cyberflex_inq_class to inquire class.
2001-07-04 05:00:11 +00:00
cd392284ac
- markus@cvs.openbsd.org 2001/06/26 02:47:07
...
[ssh-keygen.c]
allow loading a private RSA key to a cyberflex card.
2001-07-04 03:44:03 +00:00
949974bbdb
- markus@cvs.openbsd.org 2001/06/24 05:35:33
...
[readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c]
switch to readpassphrase(3)
2.7/8-stable needs readpassphrase.[ch] from libc
2001-06-25 05:20:31 +00:00
e586c4ce3f
- markus@cvs.openbsd.org 2001/06/23 17:05:22
...
[ssh-keygen.c]
fix import for (broken?) ssh.com/f-secure private keys
(i tested > 1000 RSA keys)
2001-06-25 05:04:58 +00:00
bba81213b9
- itojun@cvs.openbsd.org 2001/06/23 15:12:20
...
[auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
readpass.c scp.c servconf.c serverloop.c session.c sftp.c
sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
ssh-keygen.c ssh-keyscan.c]
more strict prototypes. raise warning level in Makefile.inc.
markus ok'ed
TODO; cleanup headers
2001-06-25 05:01:22 +00:00
34f91883a6
- markus@cvs.openbsd.org 2001/06/23 06:41:10
...
[ssh-keygen.c]
try to decode ssh-3.0.0 private rsa keys
(allow migration to openssh, not vice versa), #910
2001-06-25 04:47:54 +00:00
d78ae766de
- markus@cvs.openbsd.org 2001/05/25 14:37:32
...
[ssh-keygen.c]
use -P for -e and -y, too.
2001-06-05 20:35:09 +00:00
3035860f24
- markus@cvs.openbsd.org 2001/04/23 22:14:13
...
[ssh-keygen.c]
remove debug
2001-04-24 16:59:28 +00:00
46c264f2ae
- markus@cvs.openbsd.org 2001/04/23 21:57:07
...
[ssh-keygen.1 ssh-keygen.c]
allow public key for -e, too
2001-04-24 16:56:58 +00:00
2857d9cf77
- markus@cvs.openbsd.org 2001/04/22 13:41:02
...
[ssh-keygen.1 ssh-keygen.c]
style, noted by stevesk; sort flags in usage
2001-04-22 17:19:46 +00:00
5a70782576
- markus@cvs.openbsd.org 2001/04/22 13:25:37
...
[ssh-keygen.1 ssh-keygen.c]
rename arguments -x -> -e (export key), -X -> -i (import key)
xref draft-ietf-secsh-publickeyfile-01.txt
2001-04-22 17:15:46 +00:00
15f33866a6
- markus@cvs.openbsd.org 2001/04/15 16:58:03
...
[authfile.c ssh-keygen.c sshd.c]
don't use errno for key_{load,save}_private; discussion w/ solar@openwall
2001-04-16 02:00:02 +00:00
a3700050ec
- markus@cvs.openbsd.org 2001/04/05 10:42:57
...
[auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c
mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c
sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c
sshconnect2.c sshd.c]
fix whitespace: unexpand + trailing spaces.
2001-04-05 23:26:32 +00:00
86ebcb6cf5
- stevesk@cvs.openbsd.org 2001/04/03 13:56:11
...
[sftp-glob.c ssh-agent.c ssh-keygen.c]
free() -> xfree()
2001-04-04 01:53:20 +00:00
Damien Miller
Darren Tucker
Tim Rice
Ben Lindstrom
Kevin Steves