summaryrefslogtreecommitdiff
path: root/ssh-add.c
Commit message (Collapse)AuthorAgeFilesLines
* upstream: use RSA/SHA256 when testing usability of private key indjm@openbsd.org2023-03-081-3/+6
| | | | | | agent; with/ok dtucker OpenBSD-Commit-ID: fe1382e2fdf23fcae631308e72342bad56066a56
* upstream: Don't attempt to fprintf a null identity comment. Fromdtucker@openbsd.org2022-06-241-3/+3
| | | | | | Martin Vahlensieck via tech@. OpenBSD-Commit-ID: 4c54d20a8e8e4e9912c38a7b4ef5bfc5ca2e05c2
* upstream: Since they are deprecated, move DSA to the end of thedtucker@openbsd.org2022-02-071-2/+2
| | | | | | | default list of public keys so that they will be tried last. From github PR#295 from "ProBackup-nl", ok djm@ OpenBSD-Commit-ID: 7e5d575cf4971d4e2de92e0b6d6efaba53598bf0
* upstream: allow pin-required FIDO keys to be added to ssh-agent(1).djm@openbsd.org2022-01-181-6/+1
| | | | | | | | ssh-askpass will be used to request the PIN at authentication time. From Pedro Martelletto, ok djm OpenBSD-Commit-ID: de8189fcd35b45f632484864523c1655550e2950
* upstream: sort -H and -h in SYNOPSIS/usage(); tweak the -H text;jmc@openbsd.org2021-12-271-3/+3
| | | | | | ok djm OpenBSD-Commit-ID: 90721643e41e9e09deb5b776aaa0443456ab0965
* upstream: ssh-add side of destination constraintsdjm@openbsd.org2021-12-201-16/+171
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Have ssh-add accept a list of "destination constraints" that allow restricting where keys may be used in conjunction with a ssh-agent/ssh that supports session ID/hostkey binding. Constraints are specified as either "[user@]host-pattern" or "host-pattern>[user@]host-pattern". The first form permits a key to be used to authenticate as the specified user to the specified host. The second form permits a key that has previously been permitted for use at a host to be available via a forwarded agent to an additional host. For example, constraining a key with "user1@host_a" and "host_a>host_b". Would permit authentication as "user1" at "host_a", and allow the key to be available on an agent forwarded to "host_a" only for authentication to "host_b". The key would not be visible on agent forwarded to other hosts or usable for authentication there. Internally, destination constraints use host keys to identify hosts. The host patterns are used to obtain lists of host keys for that destination that are communicated to the agent. The user/hostkeys are encoded using a new restrict-destination-v00@openssh.com key constraint. host keys are looked up in the default client user/system known_hosts files. It is possible to override this set on the command-line. feedback Jann Horn & markus@ ok markus@ OpenBSD-Commit-ID: ef47fa9ec0e3c2a82e30d37ef616e245df73163e
* upstream: When downloading resident keys from a FIDO token, passdjm@openbsd.org2021-10-281-14/+14
| | | | | | | | | | | | | | | back the user ID that was used when the key was created and append it to the filename the key is written to (if it is not the default). Avoids keys being clobbered if the user created multiple resident keys with the same application string but different user IDs. feedback Pedro Martelletto; ok markus NB. increments SSH_SK_VERSION_MAJOR OpenBSD-Commit-ID: dbd658b5950f583106d945641a634bc6562dd3a3
* upstream: highly polished whitespace, mostly fixing spaces-for-tabdjm@openbsd.org2021-04-031-3/+3
| | | | | | and bad indentation on continuation lines. Prompted by GHPR#185 OpenBSD-Commit-ID: e5c81f0cbdcc6144df1ce468ec1bac366d8ad6e9
* upstream: Change convtime() from returning long to returning int.dtucker@openbsd.org2021-01-111-5/+5
| | | | | | | | On platforms where sizeof(int) != sizeof(long), convtime could accept values >MAX_INT which subsequently truncate when stored in an int during config parsing. bz#3250, ok djm@ OpenBSD-Commit-ID: 8fc932683d6b4660d52f50911d62bd6639c5db31
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-18/+14
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: refuse to add verify-required (PINful) FIDO keys todjm@openbsd.org2020-08-311-7/+16
| | | | | | ssh-agent until the agent supports them properly OpenBSD-Commit-ID: 125bd55a8df32c87c3ec33c6ebe437673a3d037e
* upstream: allow "ssh-add -d -" to read keys to be deleted fromdjm@openbsd.org2020-06-261-17/+54
| | | | | | stdin bz#3180; ok dtucker@ OpenBSD-Commit-ID: 15c7f10289511eb19fce7905c9cae8954e3857ff
* upstream: Cast lifetime to u_long for comparison to prevent unsigneddtucker@openbsd.org2020-03-171-2/+2
| | | | | | comparison warning on 32bit arches. Spotted by deraadt, ok djm. OpenBSD-Commit-ID: 7a75b2540bff5ab4fa00b4d595db1df13bb0515a
* upstream: change explicit_bzero();free() to freezero()jsg@openbsd.org2020-02-281-7/+4
| | | | | | | | | | While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
* upstream: Ensure that the key lifetime provided fits within thedtucker@openbsd.org2020-02-181-6/+7
| | | | | | | values allowed by the wire format (u32). Prevents integer wraparound of the timeout values. bz#3119, ok markus@ djm@ OpenBSD-Commit-ID: 8afe6038b5cdfcf63360788f012a7ad81acc46a2
* upstream: Replace "security key" with "authenticator" in programnaddy@openbsd.org2020-02-071-4/+4
| | | | | | | | | | | messages. This replaces "security key" in error/usage/verbose messages and distinguishes between "authenticator" and "authenticator-hosted key". ok djm@ OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
* upstream: factor out reading/writing sshbufs to dedicateddjm@openbsd.org2020-01-261-4/+2
| | | | | | functions; feedback and ok markus@ OpenBSD-Commit-ID: dc09e5f1950b7acc91b8fdf8015347782d2ecd3d
* upstream: Document loading of resident keys from a FIDOnaddy@openbsd.org2020-01-211-25/+15
| | | | | | | | | | | | authenticator. * Rename -O to -K to keep "-O option" available. * Document -K. * Trim usage() message down to synopsis, like all other commands. ok markus@ OpenBSD-Commit-ID: 015c2c4b28f8e19107adc80351b44b23bca4c78a
* upstream: Extends the SK API to accept a set of key/value optionsdjm@openbsd.org2020-01-061-2/+3
| | | | | | | | | | | | | | | | | | | | for all operations. These are intended to future-proof the API a little by making it easier to specify additional fields for without having to change the API version for each. At present, only two options are defined: one to explicitly specify the device for an operation (rather than accepting the middleware's autoselection) and another to specify the FIDO2 username that may be used when generating a resident key. These new options may be invoked at key generation time via ssh-keygen -O This also implements a suggestion from Markus to avoid "int" in favour of uint32_t for the algorithm argument in the API, to make implementation of ssh-sk-client/helper a little easier. feedback, fixes and ok markus@ OpenBSD-Commit-ID: 973ce11704609022ab36abbdeb6bc23c8001eabc
* upstream: implement loading resident keys in ssh-adddjm@openbsd.org2019-12-301-5/+63
| | | | | | | | | "ssh-add -O" will load resident keys from a FIDO2 token and add them to a ssh-agent. feedback and ok markus@ OpenBSD-Commit-ID: 608104ae957a7d65cb84e0a3a26c8f60e0df3290
* upstream: Add new structure for signature optionsdjm@openbsd.org2019-11-251-2/+2
| | | | | | | | | | | This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@ OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
* upstream: additional missing stdarg.h includes when built withoutnaddy@openbsd.org2019-11-201-1/+1
| | | | | | WITH_OPENSSL; ok djm@ OpenBSD-Commit-ID: 881f9a2c4e2239849cee8bbf4faec9bab128f55b
* upstream: directly support U2F/FIDO2 security keys in OpenSSH bydjm@openbsd.org2019-11-151-1/+6
| | | | | | | | linking against the (previously external) USB HID middleware. The dlopen() capability still exists for alternate middlewares, e.g. for Bluetooth, NFC and test/debugging. OpenBSD-Commit-ID: 14446cf170ac0351f0d4792ba0bca53024930069
* upstream: enable ed25519 support; ok djmmarkus@openbsd.org2019-11-131-2/+3
| | | | OpenBSD-Commit-ID: 1a399c5b3ef15bd8efb916110cf5a9e0b554ab7e
* upstream: ssh-add support for U2F/FIDO keysdjm@openbsd.org2019-11-011-10/+27
| | | | OpenBSD-Commit-ID: 7f88a5181c982687afedf3130c6ab2bba60f7644
* upstream: add new agent key constraint for U2F/FIDO providerdjm@openbsd.org2019-11-011-3/+3
| | | | | | feedback & ok markus@ OpenBSD-Commit-ID: d880c380170704280b4003860a1744d286c7a172
* upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@djm@openbsd.org2019-09-061-3/+5
| | | | OpenBSD-Commit-ID: 7fd68eaa9e0f7482b5d4c7e8d740aed4770a839f
* upstream: When system calls indicate an error they return -1, notderaadt@openbsd.org2019-07-051-3/+3
| | | | | | | | some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
* upstream: Replace calls to ssh_malloc_init() by a static init ofotto@openbsd.org2019-06-081-2/+1
| | | | | | | malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@ OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
* upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn updjm@openbsd.org2019-01-211-2/+14
| | | | | | | | | | | | debug verbosity. Make ssh-agent turn on ssh-pkcs11-helper's verbosity when it is run in debug mode ("ssh-agent -d"), so we get to see errors from the PKCS#11 code. ok markus@ OpenBSD-Commit-ID: 0a798643c6a92a508df6bd121253ba1c8bee659d
* upstream: add option to test whether keys in an agent are usable,djm@openbsd.org2019-01-211-3/+49
| | | | | | | | | by performing a signature and a verification using each key "ssh-add -T pubkey [...]" work by markus@, ok djm@ OpenBSD-Commit-ID: 931b888a600b6a883f65375bd5f73a4776c6d19b
* refactor libcrypto initialisationDamien Miller2018-11-231-4/+0
| | | | | | | | | | Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call that from seed_rng() that is called early in each tool's main(). Prompted by patch from Rosen Penev
* upstream: Make "ssh-add -q" do what it says on the tin: silencedjm@openbsd.org2018-09-201-23/+39
| | | | | | | | output from successful operations. Based on patch from Thijs van Dijk; ok dtucker@ deraadt@ OpenBSD-Commit-ID: c4f754ecc055c10af166116ce7515104aa8522e1
* upstream: Add experimental support for PQC XMSS keys (Extendedmarkus@openbsd.org2018-02-261-5/+69
| | | | | | | | | Hash-Based Signatures) The code is not compiled in by default (see WITH_XMSS in Makefile.inc) Joint work with stefan-lukas_gazdag at genua.eu See https://tools.ietf.org/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 ok djm@ OpenBSD-Commit-ID: ef3eccb96762a5d6f135d7daeef608df7776a7ac
* upstream commitdlg@openbsd.org2017-09-041-13/+23
| | | | | | | | | | | | add a -q option to ssh-add to make it quiet on success. if you want to silence ssh-add without this you generally redirect the output to /dev/null, but that can hide error output which you should see. ok djm@ Upstream-ID: 2f31b9b13f99dcf587e9a8ba443458e6c0d8997c
* upstream commitdjm@openbsd.org2017-07-211-2/+1
| | | | | | | remove post-SSHv1 removal dead code from rsa.c and merge the remaining bit that it still used into ssh-rsa.c; ok markus Upstream-ID: ac8a048d24dcd89594b0052ea5e3404b473bfa2f
* upstream commitmarkus@openbsd.org2017-05-311-2/+2
| | | | | | remove unused wrapper functions from key.[ch]; ok djm@ Upstream-ID: ea0f4016666a6817fc11f439dd4be06bab69707e
* upstream commitnaddy@openbsd.org2017-05-081-36/+26
| | | | | | | more simplification and removal of SSHv1-related code; ok djm@ Upstream-ID: d2f041aa0b79c0ebd98c68a01e5a0bfab2cf3b55
* upstream commitdjm@openbsd.org2017-05-081-1/+6
| | | | | | | | since a couple of people have asked, leave a comment explaining why we retain SSH v.1 support in the "delete all keys from agent" path. Upstream-ID: 4b42dcfa339813c15fe9248a2c1b7ed41c21bbb4
* upstream commitdjm@openbsd.org2017-05-011-8/+1
| | | | | | unifdef WITH_SSH1 ok markus@ Upstream-ID: 9716e62a883ef8826c57f4d33b4a81a9cc7755c7
* upstream commitdtucker@openbsd.org2016-02-161-1/+2
| | | | | | | Add a function to enable security-related malloc_options. With and ok deraadt@, something similar has been in the snaps for a while. Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
* upstream commitmmcc@openbsd.org2015-12-181-5/+3
| | | | | | | | Remove NULL-checks before sshkey_free(). ok djm@ Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
* upstream commitdjm@openbsd.org2015-10-161-2/+2
| | | | | | | fix some signed/unsigned integer type mismatches in format strings; reported by Nicholas Lemonias Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c
* upstream committim@openbsd.org2015-09-161-7/+6
| | | | | | | | | | - Fix error message: passphrase needs to be at least 5 characters, not 4. - Remove unused function argument. - Remove two unnecessary variables. OK djm@ Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30
* upstream committim@openbsd.org2015-09-161-9/+8
| | | | | | | | | When adding keys to the agent, don't ignore the comment of keys for which the user is prompted for a passphrase. Tweak and OK djm@ Upstream-ID: dc737c620a5a8d282cc4f66e3b9b624e9abefbec
* upstream commitdjm@openbsd.org2015-07-151-3/+2
| | | | | | | delete support for legacy v00 certificates; "sure" markus@ dtucker@ Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
* upstream commitnaddy@openbsd.org2015-03-271-1/+3
| | | | | don't try to load .ssh/identity by default if SSH1 is disabled; ok markus@
* upstream commitmarkus@openbsd.org2015-03-271-7/+11
| | | | | ignore v1 errors on ssh-add -D; only try v2 keys on -l/-L (unless WITH_SSH1) ok djm@
* upstream commithalex@openbsd.org2015-02-221-4/+10
| | | | | | | make "ssh-add -d" properly remove a corresponding certificate, and also not whine and fail if there is none ok djm@
* upstream commithalex@openbsd.org2015-02-051-4/+5
| | | | | | | | slightly extend the passphrase prompt if running with -c in order to give the user a chance to notice if unintentionally running without it wording tweak and ok djm@
View Lorry Controller Status