1. 09 Feb, 2014 3 commits
  2. 20 Jul, 2013 1 commit
    • Damien Miller's avatar
      - markus@cvs.openbsd.org 2013/07/19 07:37:48 · 85b45e09
      Damien Miller authored
           [auth.h kex.h kexdhs.c kexecdhs.c kexgexs.c monitor.c servconf.c]
           [servconf.h session.c sshd.c sshd_config.5]
           add ssh-agent(1) support to sshd(8); allows encrypted hostkeys,
           or hostkeys on smartcards; most of the work by Zev Weiss; bz #1974
           ok djm@
      85b45e09
  3. 18 Jul, 2013 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2013/06/21 00:34:49 · 20bdcd72
      Damien Miller authored
           [auth-rsa.c auth.h auth2-hostbased.c auth2-pubkey.c monitor.c]
           for hostbased authentication, print the client host and user on
           the auth success/failure line; bz#2064, ok dtucker@
      20bdcd72
  4. 01 Jun, 2013 3 commits
    • Darren Tucker's avatar
      - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c cipher-ctr.c · f60845fd
      Darren Tucker authored
         groupaccess.c loginrec.c monitor.c monitor_wrap.c session.c sshd.c
         sshlogin.c uidswap.c openbsd-compat/bsd-cygwin_util.c
         openbsd-compat/getrrsetbyname-ldns.c openbsd-compat/port-aix.c
         openbsd-compat/port-linux.c] Replace portable-specific instances of xfree
         with the equivalent calls to free.
      f60845fd
    • Darren Tucker's avatar
      - djm@cvs.openbsd.org 2013/05/19 02:42:42 · 0acca379
      Darren Tucker authored
           [auth.h auth.c key.c monitor.c auth-rsa.c auth2.c auth1.c key.h]
           Standardise logging of supplemental information during userauth. Keys
           and ruser is now logged in the auth success/failure message alongside
           the local username, remote host/port and protocol in use. Certificates
           contents and CA are logged too.
           Pushing all logging onto a single line simplifies log analysis as it is
           no longer necessary to relate information scattered across multiple log
           entries. "I like it" markus@
      0acca379
    • Darren Tucker's avatar
      - djm@cvs.openbsd.org 2013/05/17 00:13:13 · a627d42e
      Darren Tucker authored
           [xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
           ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
           gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
           auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
           servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
           auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
           sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
           kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
           kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
           monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
           ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
           sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
           ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
           dns.c packet.c readpass.c authfd.c moduli.c]
           bye, bye xfree(); ok markus@
      a627d42e
  5. 16 May, 2013 1 commit
    • Darren Tucker's avatar
      - dtucker@cvs.openbsd.org 2013/05/16 04:09:14 · 5f96f3b4
      Darren Tucker authored
           [sshd_config.5 servconf.c servconf.h packet.c serverloop.c monitor.c sshd_config
           sshd.c] Add RekeyLimit to sshd with the same syntax as the client allowing
           rekeying based on traffic volume or time.  ok djm@, help & ok jmc@ for the man
           page.
      5f96f3b4
  6. 23 Apr, 2013 3 commits
  7. 11 Dec, 2012 1 commit
  8. 02 Dec, 2012 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2012/12/02 20:34:10 · 15b05cfa
      Damien Miller authored
           [auth.c auth.h auth1.c auth2-chall.c auth2-gss.c auth2-jpake.c auth2.c]
           [monitor.c monitor.h]
           Fixes logging of partial authentication when privsep is enabled
           Previously, we recorded "Failed xxx" since we reset authenticated before
           calling auth_log() in auth2.c. This adds an explcit "Partial" state.
      
           Add a "submethod" to auth_log() to report which submethod is used
           for keyboard-interactive.
      
           Fix multiple authentication when one of the methods is
           keyboard-interactive.
      
           ok markus@
      15b05cfa
  9. 04 Nov, 2012 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2012/11/04 11:09:15 · a6e3f01d
      Damien Miller authored
           [auth.h auth1.c auth2.c monitor.c servconf.c servconf.h sshd.c]
           [sshd_config.5]
           Support multiple required authentication via an AuthenticationMethods
           option. This option lists one or more comma-separated lists of
           authentication method names. Successful completion of all the methods in
           any list is required for authentication to complete;
           feedback and ok markus@
      a6e3f01d
  10. 29 Jun, 2012 1 commit
  11. 10 Feb, 2012 1 commit
  12. 05 Aug, 2011 1 commit
  13. 20 Jun, 2011 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2011/06/17 21:44:31 · 8f0bf237
      Damien Miller authored
           [log.c log.h monitor.c monitor.h monitor_wrap.c monitor_wrap.h sshd.c]
           make the pre-auth privsep slave log via a socketpair shared with the
           monitor rather than /var/empty/dev/log; ok dtucker@ deraadt@ markus@
      8f0bf237
  14. 03 Jun, 2011 1 commit
  15. 29 May, 2011 1 commit
    • Damien Miller's avatar
      OpenBSD CVS Sync · d8478b6a
      Damien Miller authored
         - djm@cvs.openbsd.org 2011/05/23 03:30:07
           [auth-rsa.c auth.c auth.h auth2-pubkey.c monitor.c monitor_wrap.c pathnames.h servconf.c servconf.h sshd.8 sshd_config sshd_config.5]
           allow AuthorizedKeysFile to specify multiple files, separated by spaces.
           Bring back authorized_keys2 as a default search path (to avoid breaking
           existing users of this file), but override this in sshd_config so it will
           be no longer used on fresh installs. Maybe in 2015 we can remove it
           entierly :)
      
           feedback and ok markus@ dtucker@
      d8478b6a
  16. 20 May, 2011 2 commits
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2011/05/20 03:25:45 · f2e407e2
      Damien Miller authored
           [monitor.c monitor_wrap.c servconf.c servconf.h]
           use a macro to define which string options to copy between configs
           for Match. This avoids problems caused by forgetting to keep three
           code locations in perfect sync and ordering
      
           "this is at once beautiful and horrible" + ok dtucker@
      f2e407e2
    • Damien Miller's avatar
      - OpenBSD CVS Sync · 814ace08
      Damien Miller authored
         - djm@cvs.openbsd.org 2011/05/15 08:09:01
           [authfd.c monitor.c serverloop.c]
           use FD_CLOEXEC consistently; patch from zion AT x96.org
      814ace08
  17. 10 Sep, 2010 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2010/09/09 10:45:45 · 041ab7c1
      Damien Miller authored
           [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
           ECDH/ECDSA compliance fix: these methods vary the hash function they use
           (SHA256/384/512) depending on the length of the curve in use. The previous
           code incorrectly used SHA256 in all cases.
      
           This fix will cause authentication failure when using 384 or 521-bit curve
           keys if one peer hasn't been upgraded and the other has. (256-bit curve
           keys work ok). In particular you may need to specify HostkeyAlgorithms
           when connecting to a server that has not been upgraded from an upgraded
           client.
      
           ok naddy@
      041ab7c1
  18. 31 Aug, 2010 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2010/08/31 11:54:45 · eb8b60e3
      Damien Miller authored
           [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
           [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
           [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
           [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
           [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
           [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
           [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
           Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
           host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
           better performance than plain DH and DSA at the same equivalent symmetric
           key length, as well as much shorter keys.
      
           Only the mandatory sections of RFC5656 are implemented, specifically the
           three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
           ECDSA. Point compression (optional in RFC5656 is NOT implemented).
      
           Certificate host and user keys using the new ECDSA key types are supported.
      
           Note that this code has not been tested for interoperability and may be
           subject to change.
      
           feedback and ok markus@
      eb8b60e3
  19. 03 Aug, 2010 1 commit
  20. 16 Jul, 2010 2 commits
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2010/07/13 23:13:16 · ea1651c9
      Damien Miller authored
           [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c packet.c]
           [ssh-rsa.c]
           s/timing_safe_cmp/timingsafe_bcmp/g
      ea1651c9
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2010/07/13 11:52:06 · 8a0268f1
      Damien Miller authored
           [auth-rsa.c channels.c jpake.c key.c misc.c misc.h monitor.c]
           [packet.c ssh-rsa.c]
           implement a timing_safe_cmp() function to compare memory without leaking
           timing information by short-circuiting like memcmp() and use it for
           some of the more sensitive comparisons (though nothing high-value was
           readily attackable anyway); "looks ok" markus@
      8a0268f1
  21. 07 Mar, 2010 1 commit
    • Darren Tucker's avatar
      - dtucker@cvs.openbsd.org 2010/03/07 11:57:13 · cd70e1b8
      Darren Tucker authored
           [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
           Hold authentication debug messages until after successful authentication.
           Fixes an info leak of environment variables specified in authorized_keys,
           reported by Jacob Appelbaum.  ok djm@
      cd70e1b8
  22. 26 Feb, 2010 1 commit
    • Damien Miller's avatar
      - OpenBSD CVS Sync · 0a80ca19
      Damien Miller authored
         - djm@cvs.openbsd.org 2010/02/26 20:29:54
           [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
           [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
           [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
           [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
           [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
           [sshconnect2.c sshd.8 sshd.c sshd_config.5]
           Add support for certificate key types for users and hosts.
      
           OpenSSH certificate key types are not X.509 certificates, but a much
           simpler format that encodes a public key, identity information and
           some validity constraints and signs it with a CA key. CA keys are
           regular SSH keys. This certificate style avoids the attack surface
           of X.509 certificates and is very easy to deploy.
      
           Certified host keys allow automatic acceptance of new host keys
           when a CA certificate is marked as sh/known_hosts.
           see VERIFYING HOST KEYS in ssh(1) for details.
      
           Certified user keys allow authentication of users when the signing
           CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
           FILE FORMAT" in sshd(8) for details.
      
           Certificates are minted using ssh-keygen(1), documentation is in
           the "CERTIFICATES" section of that manpage.
      
           Documentation on the format of certificates is in the file
           PROTOCOL.certkeys
      
           feedback and ok markus@
      0a80ca19
  23. 21 Jun, 2009 3 commits
    • Darren Tucker's avatar
      - andreas@cvs.openbsd.org 2009/06/12 20:43:22 · b422afa4
      Darren Tucker authored
           [monitor.c packet.c]
           Fix warnings found by chl@ and djm@ and change roaming_atomicio's
           return type to match atomicio's
           Diff from djm@, ok markus@
      b422afa4
    • Darren Tucker's avatar
      - andreas@cvs.openbsd.org 2009/05/28 16:50:16 · c5564e1c
      Darren Tucker authored
           [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c
           monitor.c Added roaming.h roaming_common.c roaming_dummy.c]
           Keep track of number of bytes read and written. Needed for upcoming
           changes. Most code from Martin Forssen, maf at appgate dot com.
           ok markus@
           Also, applied appropriate changes to Makefile.in
      c5564e1c
    • Darren Tucker's avatar
      - andreas@cvs.openbsd.org 2009/05/27 06:31:25 · f7288d77
      Darren Tucker authored
           [canohost.h canohost.c]
           Add clear_cached_addr(), needed for upcoming changes allowing the peer
           address to change.
           ok markus@
      f7288d77
  24. 14 Feb, 2009 1 commit
  25. 05 Nov, 2008 1 commit
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2008/11/04 08:22:13 · 01ed2272
      Damien Miller authored
           [auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
           [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
           [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
           [Makefile.in]
           Add support for an experimental zero-knowledge password authentication
           method using the J-PAKE protocol described in F. Hao, P. Ryan,
           "Password Authenticated Key Exchange by Juggling", 16th Workshop on
           Security Protocols, Cambridge, April 2008.
      
           This method allows password-based authentication without exposing
           the password to the server. Instead, the client and server exchange
           cryptographic proofs to demonstrate of knowledge of the password while
           revealing nothing useful to an attacker or compromised endpoint.
      
           This is experimental, work-in-progress code and is presently
           compiled-time disabled (turn on -DJPAKE in Makefile.inc).
      
           "just commit it.  It isn't too intrusive." deraadt@
      01ed2272
  26. 11 Jul, 2008 1 commit
  27. 04 Jul, 2008 1 commit
  28. 13 Jun, 2008 1 commit
    • Darren Tucker's avatar
      - dtucker@cvs.openbsd.org 2008/06/13 13:56:59 · f2c16d30
      Darren Tucker authored
           [monitor.c]
           Clear key options in the monitor on failed authentication, prevents
           applying additional restrictions to non-pubkey authentications in
           the case where pubkey fails but another method subsequently succeeds.
           bz #1472, found by Colin Watson, ok markus@ djm
      f2c16d30
  29. 19 May, 2008 2 commits
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2008/05/08 12:21:16 · 7207f64a
      Damien Miller authored
           [monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c]
           [sshd_config sshd_config.5]
           Make the maximum number of sessions run-time controllable via
           a sshd_config MaxSessions knob. This is useful for disabling
           login/shell/subsystem access while leaving port-forwarding working
           (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
           simply increasing the number of allows multiplexed sessions.
           Because some bozos are sure to configure MaxSessions in excess of the
           number of available file descriptors in sshd (which, at peak, might be
           as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
           on error paths, and make it fail gracefully on out-of-fd conditions -
           sending channel errors instead of than exiting with fatal().
           bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
           ok markus@
      7207f64a
    • Damien Miller's avatar
      - djm@cvs.openbsd.org 2008/05/08 12:02:23 · b84886ba
      Damien Miller authored
           [auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
           [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
           [ssh.c sshd.c]
           Implement a channel success/failure status confirmation callback
           mechanism. Each channel maintains a queue of callbacks, which will
           be drained in order (RFC4253 guarantees confirm messages are not
           reordered within an channel).
           Also includes a abandonment callback to clean up if a channel is
           closed without sending confirmation messages. This probably
           shouldn't happen in compliant implementations, but it could be
           abused to leak memory.
           ok markus@ (as part of a larger diff)
      b84886ba