summaryrefslogtreecommitdiff
path: root/servconf.h
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Add a sshd_config UnusedConnectionTimeout option to terminatedjm@openbsd.org2023-01-171-1/+3
| | | | | | | | | | client connections that have no open channels for some length of time. This complements the recently-added ChannelTimeout option that terminates inactive channels after a timeout. ok markus@ OpenBSD-Commit-ID: ca983be74c0350364c11f8ba3bd692f6f24f5da9
* upstream: Implement channel inactivity timeoutsdjm@openbsd.org2023-01-061-1/+6
| | | | | | | | | | | | | | | This adds a sshd_config ChannelTimeouts directive that allows channels that have not seen traffic in a configurable interval to be automatically closed. Different timeouts may be applied to session, X11, agent and TCP forwarding channels. Note: this only affects channels over an opened SSH connection and not the connection itself. Most clients close the connection when their channels go away, with a notable exception being ssh(1) in multiplexing mode. ok markus dtucker OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
* upstream: Add RequiredRSASize for sshd(8); RSA keys that falldjm@openbsd.org2022-09-171-1/+2
| | | | | | | | beneath this limit will be ignored for user and host-based authentication. Feedback deraadt@ ok markus@ OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1
* upstream: don't try to resolve ListenAddress directives in the sshddjm@openbsd.org2022-03-201-2/+2
| | | | | | | | re-exec path - we're never going to use the result and if the operation fails then it can prevent connections from being accepted. Reported by Aaron Poffenberger; with / ok dtucker@ OpenBSD-Commit-ID: 44c53a43909a328e2f5ab26070fdef3594eded60
* Sync remaining ChallengeResponse removal.Darren Tucker2021-07-031-2/+1
| | | | These were omitted from commit 88868fd131.
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-4/+4
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* upstream: whitespace (tab after space)djm@openbsd.org2021-04-031-2/+2
| | | | OpenBSD-Commit-ID: 0e2b3f7674e985d3f7c27ff5028e690ba1c2efd4
* upstream: Add ModuliFile keyword to sshd_config to specify thedtucker@openbsd.org2021-03-131-1/+2
| | | | | | | | location of the "moduli" file containing the groups for DH-GEX. This will allow us to run tests against arbitrary moduli files without having to install them. ok djm@ OpenBSD-Commit-ID: 8df99d60b14ecaaa28f3469d01fc7f56bff49f66
* upstream: Rename HostbasedKeyTypes (ssh) anddtucker@openbsd.org2021-01-261-3/+3
| | | | | | | | | HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more accurately reflects its effect. This matches a previous change to PubkeyAcceptedAlgorithms. The previous names are retained as aliases. ok djm@ OpenBSD-Commit-ID: 49451c382adc6e69d3fa0e0663eeef2daa4b199e
* upstream: Rename PubkeyAcceptedKeyTypes keyword todtucker@openbsd.org2021-01-221-3/+3
| | | | | | | | | | PubkeyAcceptedAlgorithms. While the two were originally equivalent, this actually specifies the signature algorithms that are accepted. Some key types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512) so the old name is becoming increasingly misleading. The old name is retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@ OpenBSD-Commit-ID: 0346b2f73f54c43d4e001089759d149bfe402ca5
* upstream: Add PerSourceMaxStartups and PerSourceNetBlockSizedtucker@openbsd.org2021-01-111-1/+4
| | | | | | | options which provide more fine grained MaxStartups limits. Man page help jmc@, feedback & ok djm@ OpenBSD-Commit-ID: e2f68664e3d02c0895b35aa751c48a2af622047b
* upstream: fix sshd_config SetEnv directive inside Match blocks; part ofdjm@openbsd.org2020-10-291-1/+2
| | | | | | github PR#201 from github user manuelm OpenBSD-Commit-ID: 9772e3748abff3ad65ae8fc43d026ed569b1d2bc
* upstream: LogVerbose keyword for ssh and sshddjm@openbsd.org2020-10-171-1/+4
| | | | | | | | | Allows forcing maximum debug logging by file/function/line pattern- lists. ok markus@ OpenBSD-Commit-ID: c294c25732d1b4fe7e345cb3e044df00531a6356
* upstream: support for requiring user verified FIDO keys in sshddjm@openbsd.org2020-08-271-2/+3
| | | | | | | | | | | | | This adds a "verify-required" authorized_keys flag and a corresponding sshd_config option that tells sshd to require that FIDO keys verify the user identity before completing the signing/authentication attempt. Whether or not user verification was performed is already baked into the signature made on the FIDO token, so this is just plumbing that flag through and adding ways to require it. feedback and ok markus@ OpenBSD-Commit-ID: 3a2313aae153e043d57763d766bb6d55c4e276e6
* upstream: some language improvements; ok markusdjm@openbsd.org2020-07-151-4/+4
| | | | OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
* upstream: make IgnoreRhosts a tri-state option: "yes" ignoredjm@openbsd.org2020-04-171-1/+6
| | | | | | | rhosts/shosts, "no" allow rhosts/shosts or (new) "shosts-only" to allow .shosts files but not .rhosts. ok dtucker@ OpenBSD-Commit-ID: d08d6930ed06377a80cf53923c1955e9589342e9
* Use sys-queue.h from compat library.Darren Tucker2020-02-011-1/+1
| | | | Fixes build on platforms that don't have sys/queue.h (eg MUSL).
* upstream: Add a sshd_config "Include" directive to allow inclusiondjm@openbsd.org2020-02-011-4/+16
| | | | | | | | of files. This has sensible semantics wrt Match blocks and accepts glob(3) patterns to specify the included files. Based on patch by Jakub Jelen in bz2468; feedback and ok markus@ OpenBSD-Commit-ID: 36ed0e845b872e33f03355b936a4fff02d5794ff
* upstream: allow security keys to act as host keys as well as userdjm@openbsd.org2019-12-161-1/+2
| | | | | | | | | | | | | keys. Previously we didn't do this because we didn't want to expose the attack surface presented by USB and FIDO protocol handling, but now that this is insulated behind ssh-sk-helper there is less risk. ok markus@ OpenBSD-Commit-ID: 77b068dd133b8d87e0f010987bd5131e640ee64c
* upstream: Add a sshd_config PubkeyAuthOptions directivedjm@openbsd.org2019-11-251-1/+5
| | | | | | | | | | | This directive has a single valid option "no-touch-required" that causes sshd to skip checking whether user presence was tested before a security key signature was made (usually by the user touching the key). ok markus@ OpenBSD-Commit-ID: 46e434a49802d4ed82bc0aa38cb985c198c407de
* upstream: When running sshd -T, assume any attibute not provided bydtucker@openbsd.org2019-05-081-1/+3
| | | | | | | -C does not match, which allows it to work when sshd_config contains a Match directive with or without -C. bz#2858, ok djm@ OpenBSD-Commit-ID: 1a701f0a33e3bc96753cfda2fe0b0378520b82eb
* upstream: convert servconf.c to new packet APIdjm@openbsd.org2019-01-201-2/+2
| | | | | | with & ok markus@ OpenBSD-Commit-ID: 126553aecca302c9e02fd77e333b9cb217e623b4
* upstream: silence (to log level debug2) failure messages whendjm@openbsd.org2018-11-191-2/+3
| | | | | | | | | | | | | | | | loading the default hostkeys. Hostkeys explicitly specified in the configuration or on the command-line are still reported as errors, and failure to load at least one host key remains a fatal error. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Based on patch from Dag-Erling Smørgrav via https://github.com/openssh/openssh-portable/pull/103 ok markus@ OpenBSD-Commit-ID: ffc2e35a75d1008effaf05a5e27425041c27b684
* upstream: Add sshd_config CASignatureAlgorithms option to allowdjm@openbsd.org2018-09-201-1/+3
| | | | | | | | | | control over which signature algorithms a CA may use when signing certificates. In particular, this allows a sshd to ban certificates signed with RSA/SHA1. ok markus@ OpenBSD-Commit-ID: b05c86ef8b52b913ed48d54a9b9c1a7714d96bac
* upstream: sshd: switch loginmsg to sshbuf API; ok djm@markus@openbsd.org2018-07-101-3/+3
| | | | OpenBSD-Commit-ID: f3cb4e54bff15c593602d95cc43e32ee1a4bac42
* upstream: allow sshd_config PermitUserEnvironment to accept adjm@openbsd.org2018-07-031-1/+3
| | | | | | | | pattern-list of whitelisted environment variable names in addition to yes|no. bz#1800, feedback and ok markus@ OpenBSD-Commit-ID: 77dc2b468e0bf04b53f333434ba257008a1fdf24
* upstream: add a SetEnv directive for sshd_config to allow andjm@openbsd.org2018-06-091-1/+3
| | | | | | | | | | | administrator to explicitly specify environment variables set in sessions started by sshd. These override the default environment and any variables set by user configuration (PermitUserEnvironment, etc), but not the SSH_* variables set by sshd itself. ok markus@ OpenBSD-Commit-ID: b6a96c0001ccd7dd211df6cae9e961c20fd718c0
* upstream: permitlisten option for authorized_keys; ok markus@djm@openbsd.org2018-06-071-5/+4
| | | | OpenBSD-Commit-ID: 8650883018d7aa893173d703379e4456a222c672
* upstream: Add a PermitListen directive to control which server-sidedjm@openbsd.org2018-06-071-9/+7
| | | | | | | | | | | | addresses may be listened on when the client requests remote forwarding (ssh -R). This is the converse of the existing PermitOpen directive and this includes some refactoring to share much of its implementation. feedback and ok markus@ OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
* upstream: Defend against user enumeration timing attacks. Thisdtucker@openbsd.org2018-04-131-1/+2
| | | | | | | | establishes a minimum time for each failed authentication attempt (5ms) and adds a per-user constant derived from a host secret (0-4ms). Based on work by joona.kannisto at tut.fi, ok markus@ djm@. OpenBSD-Commit-ID: b7845b355bb7381703339c8fb0e57e81a20ae5ca
* upstream commitdjm@openbsd.org2017-10-251-1/+2
| | | | | | | | add a "rdomain" criteria for the sshd_config Match keyword to allow conditional configuration that depends on which rdomain(4) a connection was recevied on. ok markus@ Upstream-ID: 27d8fd5a3f1bae18c9c6e533afdf99bff887a4fb
* upstream commitdjm@openbsd.org2017-10-251-1/+4
| | | | | | | | | | add sshd_config RDomain keyword to place sshd and the subsequent user session (including the shell and any TCP/IP forwardings) into the specified rdomain(4) ok markus@ Upstream-ID: be2358e86346b5cacf20d90f59f980b87d1af0f5
* upstream commitdjm@openbsd.org2017-10-251-4/+21
| | | | | | | | | Add optional rdomain qualifier to sshd_config's ListenAddress option to allow listening on a different rdomain(4), e.g. ListenAddress 0.0.0.0 rdomain 4 Upstream-ID: 24b6622c376feeed9e9be8b9605e593695ac9091
* upstream commitDamien Miller2017-10-201-28/+24
| | | | | | Apply missing commit 1.127 to servconf.h Upstream-ID: f14c4bac74a2b7cf1e3cff6bea5c447f192a7d15
* upstream commitV_7_6_P1djm@openbsd.org2017-10-031-2/+2
| | | | | | Fix PermitOpen crash; spotted by benno@, ok dtucker@ deraadt@ Upstream-ID: c2cc84ffac070d2e1ff76182c70ca230a387983c
* upstream commitdjm@openbsd.org2017-09-121-2/+12
| | | | | | | | | | | | | | | | | | | | | | refactor channels.c Move static state to a "struct ssh_channels" that is allocated at runtime and tracked as a member of struct ssh. Explicitly pass "struct ssh" to all channels functions. Replace use of the legacy packet APIs in channels.c. Rework sshd_config PermitOpen handling: previously the configuration parser would call directly into the channels layer. After the refactor this is not possible, as the channels structures are allocated at connection time and aren't available when the configuration is parsed. The server config parser now tracks PermitOpen itself and explicitly configures the channels code later. ok markus@ Upstream-ID: 11828f161656b965cc306576422613614bea2d8f
* upstream commitdjm@openbsd.org2017-06-241-1/+2
| | | | | | | | | | | refactor authentication logging optionally record successful auth methods and public credentials used in a file accessible to user sessions feedback and ok markus@ Upstream-ID: 090b93036967015717b9a54fd0467875ae9d32fb
* upstream commitdjm@openbsd.org2016-11-301-1/+2
| | | | | | | | | | | | Add a sshd_config DisableForwaring option that disables X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as anything else we might implement in the future. This, like the 'restrict' authorized_keys flag, is intended to be a simple and future-proof way of restricting an account. Suggested as a complement to 'restrict' by Jann Horn; ok markus@ Upstream-ID: 203803f66e533a474086b38a59ceb4cf2410fcf7
* upstream commitdjm@openbsd.org2016-08-231-2/+1
| | | | | | | remove UseLogin option and support for having /bin/login manage login sessions; ok deraadt markus dtucker Upstream-ID: bea7213fbf158efab7e602d9d844fba4837d2712
* upstream commitnaddy@openbsd.org2016-08-231-7/+1
| | | | | | | | | | Remove more SSH1 server code: * Drop sshd's -k option. * Retire configuration keywords that only apply to protocol 1, as well as the "protocol" keyword. * Remove some related vestiges of protocol 1 support. ok markus@ Upstream-ID: 9402f82886de917779db12f8ee3f03d4decc244d
* upstream commitmarkus@openbsd.org2015-07-151-1/+2
| | | | | | | | Turn off DSA by default; add HostKeyAlgorithms to the server and PubkeyAcceptedKeyTypes to the client side, so it still can be tested or turned back on; feedback and ok djm@ Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21
* upstream commitdjm@openbsd.org2015-05-221-1/+2
| | | | | | | | add knob to relax GSSAPI host credential check for multihomed hosts bz#928, patch by Simon Wilkinson; ok dtucker (kerberos/GSSAPI is not compiled by default on OpenBSD) Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d
* upstream commitdjm@openbsd.org2015-05-211-3/+7
| | | | | | | | | | add AuthorizedPrincipalsCommand that allows getting authorized_principals from a subprocess rather than a file, which is quite useful in deployments with large userbases feedback and ok markus@ Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
* upstream commitdtucker@openbsd.org2015-04-291-2/+4
| | | | | Allow ListenAddress, Port and AddressFamily in any order. bz#68, ok djm@, jmc@ (for the man page bit).
* upstream commitdjm@openbsd.org2015-01-131-1/+5
| | | | | | add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypes options to allow sshd to control what public key types will be accepted. Currently defaults to all. Feedback & ok markus@
* upstream commitdjm@openbsd.org2014-12-221-1/+3
| | | | | | | | Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
* - millert@cvs.openbsd.org 2014/07/15 15:54:14Damien Miller2014-07-181-2/+3
| | | | | | | | | | | | | | | | [PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h] [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c] [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c] [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c] [sshd_config.5 sshlogin.c] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
* - djm@cvs.openbsd.org 2014/07/03 22:40:43Damien Miller2014-07-041-1/+2
| | | | | | | [servconf.c servconf.h session.c sshd.8 sshd_config.5] Add a sshd_config PermitUserRC option to control whether ~/.ssh/rc is executed, mirroring the no-user-rc authorized_keys option; bz#2160; ok markus@
* - djm@cvs.openbsd.org 2014/01/29 06:18:35Damien Miller2014-02-041-3/+1
| | | | | | | [Makefile.in auth.h auth2-jpake.c auth2.c jpake.c jpake.h monitor.c] [monitor.h monitor_wrap.c monitor_wrap.h readconf.c readconf.h] [schnorr.c schnorr.h servconf.c servconf.h ssh2.h sshconnect2.c] remove experimental, never-enabled JPAKE code; ok markus@
* - djm@cvs.openbsd.org 2013/12/05 01:16:41Damien Miller2013-12-051-1/+4
| | | | | | | [servconf.c servconf.h] bz#2161 - fix AuthorizedKeysCommand inside a Match block and rearrange things so the same error is harder to make next time; with and ok dtucker@
View Lorry Controller Status