| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
being assigned and what is being checked
ok djm dtucker
OpenBSD-Commit-ID: 19c10baa46ae559474409f75a5cb3d0eade7a9b8
|
|
|
|
|
|
| |
Spotted by Luci Stanescu; ok deraadt@ markus@
OpenBSD-Commit-ID: add879fac6903a1cb1d1e42c4309e5359c3d870f
|
|
|
|
|
|
|
|
| |
We've previously removed a lot of the really old compatibility code,
and with it went the need to include compat.h in most of the files that
have it.
OpenBSD-Commit-ID: 5af8baa194be00a3092d17598e88a5b29f7ea2b4
|
|
|
|
| |
OpenBSD-Commit-ID: f735a17d1a6f2bee63bfc609d76ef8db8c090890
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Have ssh-add accept a list of "destination constraints" that allow
restricting where keys may be used in conjunction with a ssh-agent/ssh
that supports session ID/hostkey binding.
Constraints are specified as either "[user@]host-pattern" or
"host-pattern>[user@]host-pattern".
The first form permits a key to be used to authenticate as the
specified user to the specified host.
The second form permits a key that has previously been permitted
for use at a host to be available via a forwarded agent to an
additional host.
For example, constraining a key with "user1@host_a" and
"host_a>host_b". Would permit authentication as "user1" at
"host_a", and allow the key to be available on an agent forwarded
to "host_a" only for authentication to "host_b". The key would not
be visible on agent forwarded to other hosts or usable for
authentication there.
Internally, destination constraints use host keys to identify hosts.
The host patterns are used to obtain lists of host keys for that
destination that are communicated to the agent. The user/hostkeys are
encoded using a new restrict-destination-v00@openssh.com key
constraint.
host keys are looked up in the default client user/system known_hosts
files. It is possible to override this set on the command-line.
feedback Jann Horn & markus@
ok markus@
OpenBSD-Commit-ID: ef47fa9ec0e3c2a82e30d37ef616e245df73163e
|
|
|
|
|
|
|
|
|
|
| |
send session ID, hostkey, signature and a flag indicating whether the
agent connection is being forwarded to ssh agent each time a connection
is opened via a new "session-bind@openssh.com" agent extension.
ok markus@
OpenBSD-Commit-ID: 2f154844fe13167d3ab063f830d7455fcaa99135
|
|
|
|
|
|
|
|
|
|
| |
Add a ssh_request_reply_decode() function that sends a message to
the agent, reads and parses a success/failure reply.
Use it for all requests that only expect success/failure
ok markus@
OpenBSD-Commit-ID: e0c1f4d5e6cfa525d62581e2b8de93be0cb85adb
|
|
|
|
| |
OpenBSD-Commit-ID: efefc1c47e880887bdee8cd2127ca93177eaad79
|
|
|
|
|
|
| |
djm@.
OpenBSD-Commit-ID: 9c35ec3aa0f710e4e3325187ceff4fa3791686de
|
|
|
|
|
|
| |
diff)
OpenBSD-Commit-ID: 7c17fc987085994d752304bd20b1ae267a9bcdf6
|
|
|
|
|
|
| |
ssh_request_reply() so we should also check against != 0 ok djm
OpenBSD-Commit-ID: 28d0028769d03e665688c61bb5fd943e18614952
|
|
|
|
|
|
|
|
|
|
| |
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.
ok deraadt@ djm@
OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
|
|
|
|
|
|
|
|
|
|
| |
specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to
accepting an explicit path or the name of an environment variable in addition
to yes/no.
Patch by Eric Chiang, manpage by me; ok markus@
OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265
|
|
|
|
| |
OpenBSD-Commit-ID: b5b15674cde1b54d6dbbae8faf30d47e6e5d6513
|
|
|
|
| |
OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e
|
|
|
|
|
|
| |
feedback & ok markus@
OpenBSD-Commit-ID: d880c380170704280b4003860a1744d286c7a172
|
|
|
|
|
|
|
|
|
| |
This commit adds a helper function which allows the caller to
check if a given public key is present in ssh-agent.
work by Sebastian Kinne; ok markus@
OpenBSD-Commit-ID: d43c5826353e1fdc1af71eb42961b30782c7bd13
|
|
|
|
| |
OpenBSD-Commit-ID: aa51f77ae2c5330a1f61b2d22933f24a443f9abf
|
|
|
|
|
|
|
|
| |
some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.
OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer
and Rambleed. This change encrypts private keys when they are not in use with
a symmetic key that is derived from a relatively large "prekey" consisting of
random data (currently 16KB).
Attackers must recover the entire prekey with high accuracy before
they can attempt to decrypt the shielded private key, but the current
generation of attacks have bit error rates that, when applied
cumulatively to the entire prekey, make this unlikely.
Implementation-wise, keys are encrypted "shielded" when loaded and then
automatically and transparently unshielded when used for signatures or
when being saved/serialised.
Hopefully we can remove this in a few years time when computer
architecture has become less unsafe.
been in snaps for a bit already; thanks deraadt@
ok dtucker@ deraadt@
OpenBSD-Commit-ID: 19767213c312e46f94b303a512ef8e9218a39bd4
|
|
|
|
|
|
| |
rsa-sha2-{256|512}-cert-v01@openssh.com cert algorithms; ok markus@
OpenBSD-Commit-ID: afc6f7ca216ccd821656d1c911d2a3deed685033
|
|
|
|
| |
OpenBSD-Commit-ID: 0e8fc8f19f14b21adef7109e0faa583d87c0e929
|
|
|
|
| |
OpenBSD-Commit-ID: 4dfe9d29fa93d9231645c89084f7217304f7ba29
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In ssh, when an agent fails to return a RSA-SHA2 signature when
requested and falls back to RSA-SHA1 instead, retry the signature to
ensure that the public key algorithm sent in the SSH_MSG_USERAUTH
matches the one in the signature itself.
In sshd, strictly enforce that the public key algorithm sent in the
SSH_MSG_USERAUTH message matches what appears in the signature.
Make the sshd_config PubkeyAcceptedKeyTypes and
HostbasedAcceptedKeyTypes options control accepted signature algorithms
(previously they selected supported key types). This allows these
options to ban RSA-SHA1 in favour of RSA-SHA2.
Add new signature algorithms "rsa-sha2-256-cert-v01@openssh.com" and
"rsa-sha2-512-cert-v01@openssh.com" to force use of RSA-SHA2 signatures
with certificate keys.
feedback and ok markus@
OpenBSD-Commit-ID: c6e9f6d45eed8962ad502d315d7eaef32c419dde
|
|
|
|
|
|
|
| |
after checking with codespell tool
(https://github.com/lucasdemarchi/codespell)
OpenBSD-Commit-ID: 373222f12d7ab606598a2d36840c60be93568528
|
|
|
|
|
|
|
|
|
| |
Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS
in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See
https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok
djm@
OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
|
|
|
|
|
|
|
| |
constify some private key-related functions; based on
https://github.com/openssh/openssh-portable/pull/56 by Vincent Brillault
OpenBSD-Commit-ID: dcb94a41834a15f4d00275cb5051616fdc4c988c
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop compatibility hacks for some ancient SSH
implementations, including ssh.com <=2.* and OpenSSH <= 3.*.
These versions were all released in or before 2001 and predate the
final SSH RFCs. The hacks in question aren't necessary for RFC-
compliant SSH implementations.
ok markus@
OpenBSD-Commit-ID: 4be81c67db57647f907f4e881fb9341448606138
|
|
|
|
|
|
|
| |
remove post-SSHv1 removal dead code from rsa.c and merge
the remaining bit that it still used into ssh-rsa.c; ok markus
Upstream-ID: ac8a048d24dcd89594b0052ea5e3404b473bfa2f
|
|
|
|
|
|
|
| |
Allow ssh-keygen to use a key held in ssh-agent as a CA when
signing certificates. bz#2377 ok markus
Upstream-ID: fb42e920b592edcbb5b50465739a867c09329c8f
|
|
|
|
|
|
|
| |
more simplification and removal of SSHv1-related code;
ok djm@
Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
|
|
|
|
|
|
|
|
| |
since a couple of people have asked, leave a comment
explaining why we retain SSH v.1 support in the "delete all keys from agent"
path.
Upstream-ID: 4b42dcfa339813c15fe9248a2c1b7ed41c21bbb4
|
|
|
|
|
|
| |
unifdef WITH_SSH1 ok markus@
Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
|
|
|
|
|
|
|
|
| |
implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
(user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
draft-ssh-ext-info-04.txt; with & ok djm@
Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
|
|
|
|
|
|
|
|
|
| |
Fix occurrences of "r = func() != 0" which result in the
wrong error codes being returned due to != having higher precedence than =.
ok deraadt@ markus@
Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840
|
|
|
|
|
|
|
| |
delete support for legacy v00 certificates; "sure"
markus@ dtucker@
Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
|
|
|
|
|
| |
sigp and lenp are not optional in ssh_agent_sign(); ok
djm@
|
|
|
|
| |
unbreak ssh_agent_sign (lenp vs *lenp)
|
|
|
|
|
| |
consistent check for NULL as noted by Nicholas
Lemonias; ok djm@
|
|
|
|
|
| |
move authfd.c and its tentacles to the new buffer/key
API; ok markus@
|
|
|
|
|
|
|
|
|
|
| |
[auth.c authfd.c authfile.c bufaux.c cipher.c cipher.h hostfile.c]
[kex.c key.c mac.c monitor.c monitor_wrap.c myproposal.h packet.c]
[roaming_client.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c]
[ssh-pkcs11.h ssh.c sshconnect.c sshconnect2.c sshd.c]
make compiling against OpenSSL optional (make OPENSSL=no);
reduces algorithms to curve25519, aes-ctr, chacha, ed25519;
allows us to explore further options; with and ok djm
|
|
|
|
|
|
|
|
|
|
| |
[auth2-chall.c authfd.c authfile.c bufaux.c bufec.c canohost.c]
[channels.c cipher-chachapoly.c clientloop.c configure.ac hostfile.c]
[kexc25519.c krl.c monitor.c sandbox-systrace.c session.c]
[sftp-client.c ssh-keygen.c ssh.c sshconnect2.c sshd.c sshlogin.c]
[openbsd-compat/explicit_bzero.c openbsd-compat/openbsd-compat.h]
replace most bzero with explicit_bzero, except a few that cna be memset
ok djm dtucker
|
|
|
|
|
| |
[authfd.c]
allow deletion of ed25519 keys from the agent
|
|
|
|
|
|
|
|
|
|
|
|
| |
[authfd.c authfile.c key.c key.h myproposal.h pathnames.h readconf.c]
[servconf.c ssh-agent.c ssh-keygen.c ssh-keyscan.1 ssh-keyscan.c]
[ssh-keysign.c ssh.c ssh_config.5 sshd.8 sshd.c verify.c ssh-ed25519.c]
[sc25519.h sc25519.c hash.c ge25519_base.data ge25519.h ge25519.c]
[fe25519.h fe25519.c ed25519.c crypto_api.h blocks.c]
support ed25519 keys (hostkeys and user identities) using the public
domain ed25519 reference code from SUPERCOP, see
http://ed25519.cr.yp.to/software.html
feedback, help & ok djm@
|
|
|
|
|
| |
[authfd.c key.c key.h ssh-agent.c]
move private key (de)serialization to key.c; ok djm
|
|
|
|
|
|
|
| |
[auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
[clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
[sftp-client.c sftp-glob.c]
use calloc for all structure allocations; from markus@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[xmalloc.h cipher.c sftp-glob.c ssh-keyscan.c ssh.c sftp-common.c
ssh-ecdsa.c auth2-chall.c compat.c readconf.c kexgexs.c monitor.c
gss-genr.c cipher-3des1.c kex.c monitor_wrap.c ssh-pkcs11-client.c
auth-options.c rsa.c auth2-pubkey.c sftp.c hostfile.c auth2.c
servconf.c auth.c authfile.c xmalloc.c uuencode.c sftp-client.c
auth2-gss.c sftp-server.c bufaux.c mac.c session.c jpake.c kexgexc.c
sshconnect.c auth-chall.c auth2-passwd.c sshconnect1.c buffer.c
kexecdhs.c kexdhs.c ssh-rsa.c auth1.c ssh-pkcs11.c auth2-kbdint.c
kexdhc.c sshd.c umac.c ssh-dss.c auth2-jpake.c bufbn.c clientloop.c
monitor_mm.c scp.c roaming_client.c serverloop.c key.c auth-rsa.c
ssh-pkcs11-helper.c ssh-keysign.c ssh-keygen.c match.c channels.c
sshconnect2.c addrmatch.c mux.c canohost.c kexecdhc.c schnorr.c
ssh-add.c misc.c auth2-hostbased.c ssh-agent.c bufec.c groupaccess.c
dns.c packet.c readpass.c authfd.c moduli.c]
bye, bye xfree(); ok markus@
|
|
|
|
|
|
|
| |
[authfd.c]
bzero the agent address. the kernel was for a while very cranky about
these things. evne though that's fixed, always good to initialize
memory. ok deraadt djm
|
|
|
|
|
|
| |
- djm@cvs.openbsd.org 2011/05/15 08:09:01
[authfd.c monitor.c serverloop.c]
use FD_CLOEXEC consistently; patch from zion AT x96.org
|
|
|
|
|
|
| |
[kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
[ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
platforms that don't have the requisite OpenSSL support. ok dtucker@
|