Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Revert "Make hmac-sha2-{256,512}-etm opt-in"revert-757-opt-in-etm-hmac | Miklós Fazekas | 2020-04-25 | 1 | -4/+3 |
| | |||||
* | Fix corrupted hmac detected | Miklos Fazekas | 2020-04-25 | 1 | -1/+1 |
| | |||||
* | Merge pull request #751 from maxfierke/mf-support_algo_subtraction | Miklós Fazekas | 2020-04-24 | 1 | -3/+17 |
|\ | | | | | Support algorithm subtraction syntax from ssh_config | ||||
| * | Support algorithm subtraction syntax from ssh_config | Max Fierke | 2020-04-14 | 1 | -3/+17 |
| | | | | | | | | | | | | | | | | | | | | As per `man ssh_config` for KexAlgorithms, MACs, and similar options: ``` Multiple algorithms must be comma-separated. Alternately if the specified value begins with a '+' character, then the specified methods will be appended to the default set instead of replacing them. If the specified value begins with a '-' character, then the specified methods (including wildcards) will be removed from the default set instead of replacing them. ``` Without this, having these subtraction options in your SSH config will replace the default algorithms and cause Net::SSH to raise with `Net::SSH::Exception` and "could not settle on host_key algorithm". i.e. it uses `-ssh-rsa` as the algorithm, rather than removing `ssh-rsa` from the algorithm preferences. | ||||
* | | 6.0.1v6.0.1 | Miklos Fazekas | 2020-04-24 | 1 | -1/+1 |
| | | |||||
* | | Make hmac-md5-96 hmac-sha2-512-etm@openssh.com hmac-sha2-256-etm@openssh.com ↵ | Miklos Fazekas | 2020-04-24 | 1 | -3/+4 |
| | | | | | | | | opt in instead of default because of the currpoted hmac issue | ||||
* | | Added new basic hmac integration test for etm | Miklos Fazekas | 2020-04-20 | 1 | -1/+3 |
| | | |||||
* | | Final releasev6.0.0 | Miklos Fazekas | 2020-04-20 | 1 | -1/+1 |
|/ | |||||
* | Update version.rb | Miklós Fazekas | 2020-03-18 | 1 | -1/+1 |
| | |||||
* | Merge pull request #745 from uzxmx/master | Miklós Fazekas | 2020-03-16 | 3 | -3/+16 |
|\ | | | | | Add set_env option | ||||
| * | Add integration test for set_env option | Mingxiang Xue | 2020-03-11 | 2 | -5/+0 |
| | | | | | | | | Signed-off-by: Mingxiang Xue <mingxiangxue@gmail.com> | ||||
| * | Fix rubocop styles | Mingxiang Xue | 2020-03-09 | 2 | -0/+5 |
| | | | | | | | | Signed-off-by: Mingxiang Xue <mingxiangxue@gmail.com> | ||||
| * | Add set_env option | Mingxiang Xue | 2020-03-09 | 3 | -3/+16 |
| | | | | | | | | Signed-off-by: Mingxiang Xue <mingxiangxue@gmail.com> | ||||
* | | Merge pull request #746 from sskousen/master | Miklós Fazekas | 2020-03-16 | 1 | -1/+10 |
|\ \ | | | | | | | Limit cert.valid_before to max supported by JRuby | ||||
| * | | Only limit value if on JRuby | Seth Skousen | 2020-03-12 | 1 | -3/+4 |
| | | | |||||
| * | | Only limit valid_before if on JRuby | Seth Skousen | 2020-03-12 | 1 | -5/+5 |
| | | | |||||
| * | | Only limit value if on JRuby | Seth Skousen | 2020-03-12 | 1 | -1/+6 |
| | | | |||||
| * | | Limit cert.valid_before to max supported by JRuby | Seth Skousen | 2020-03-11 | 1 | -1/+4 |
| |/ | |||||
* | | RbNacl dependecy was replaced with ed25519 | Popa Marius Adrian | 2020-03-13 | 1 | -1/+1 |
|/ | |||||
* | (GH-737) Allow known_hosts to have empty lines and comments | donoghuc | 2020-02-15 | 1 | -1/+2 |
| | | | | Previously empty lines in a known_hosts file would result in an exception parsing the file. This commit updates the parser to allow empty lines as well as comments. Note that comments were already supported. | ||||
* | One more fix | Alexander Pyatkin | 2020-02-11 | 1 | -0/+1 |
| | |||||
* | Fix kex algorithm name | Alexander Pyatkin | 2020-02-11 | 1 | -1/+1 |
| | |||||
* | Merge pull request #733 from ↵ | Miklós Fazekas | 2020-02-11 | 1 | -2/+2 |
|\ | | | | | | | | | hirura/fix-loggable_facility_to_use_to_s_method_instead_of_name_method_for_self_class Fix Loggable to use to_s method instead of name method for self.class | ||||
| * | Fix Loggable to use to_s method instead of name method for self.class | hirura | 2020-01-11 | 1 | -2/+2 |
| | | |||||
* | | allow multiple newlines for OPENSSH PRIVATE KEY | sawanoboly | 2020-01-23 | 1 | -1/+2 |
| | | |||||
* | | beta2 preparev6.0.0.beta2 | Miklos Fazekas | 2020-01-19 | 1 | -1/+1 |
| | | |||||
* | | Merge pull request #722 from anderscarling/certkeys | Miklós Fazekas | 2020-01-19 | 4 | -26/+62 |
|\ \ | |/ |/| | Support :certkeys and CertificateFile configuration option | ||||
| * | Reduce number of lines in method to satisfy rubocop | Anders Carling | 2019-10-31 | 1 | -21/+21 |
| | | |||||
| * | Restore accidentally reordered value | Anders Carling | 2019-10-31 | 1 | -1/+1 |
| | | |||||
| * | Reduce number of lines in block to satisfy rubocop | Anders Carling | 2019-10-31 | 1 | -6/+2 |
| | | |||||
| * | Place value in globals if we're in a global context | Anders Carling | 2019-10-31 | 1 | -1/+1 |
| | | |||||
| * | Fix rubocop complaints | Anders Carling | 2019-10-31 | 1 | -1/+0 |
| | | |||||
| * | Remove disused variable | Anders Carling | 2019-10-31 | 1 | -1/+1 |
| | | |||||
| * | Fix signing with private key file existing both on disk and in agent, ↵ | Anders Carling | 2019-10-31 | 1 | -7/+2 |
| | | | | | | | | without corresponding public key on disk | ||||
| * | Support :certkeys and CertificateFile configuration option | Anders Carling | 2019-10-29 | 4 | -4/+50 |
| | | |||||
* | | Remove ruby_compat to comply with the new Ruby >= 2.3 requirement | Maxime Alay-Eddine | 2019-11-13 | 8 | -20/+0 |
|/ | |||||
* | 6.0.0 beta1 prepare | Miklos Fazekas | 2019-10-25 | 1 | -3/+3 |
| | |||||
* | Original (brbrady) Add support for all algorithms in ↵ | Brandon Weaver | 2019-10-25 | 1 | -2/+2 |
| | | | | Transport::Algorithms#host_key_format | ||||
* | Define rubocop metric length | Florian Wininger | 2019-09-25 | 11 | -21/+48 |
| | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com> | ||||
* | Add sha2-{256,512}-etm@openssh.com MAC algorithms | Hans de Graaff | 2019-09-17 | 6 | -22/+101 |
| | | | | | | | | | | | | | | | Implement the Encrypt-Then-Mac versions of the SHA2-256 and SHA2-512 MACs. These MACs are implemented by openssh and may be the only MACs available on a hardened installation of openssh. With EtM the MAC is calculated over the unencrypted packet length and the encrypted payload (which includes padding length and padding). The main benefit of EtM schemes is that it allows the encrypted payload to be authenticated before it gets passed to the encryption engine. This patch does not implement that mechanism, but this can be added later to the poll_next_packet method. Note that all current MACs already pass unauthenticated data to the encryption engine. | ||||
* | Add Curve25519Sha256 | Florian Wininger | 2019-09-10 | 4 | -18/+99 |
| | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com> | ||||
* | Merge pull request #708 from fwininger/refactoring_kex | Miklós Fazekas | 2019-09-04 | 4 | -65/+95 |
|\ | | | | | Refactoring kex ecdh with RFC5656 | ||||
| * | Refactoring kex ecdh RFC5656 | Florian Wininger | 2019-08-28 | 4 | -65/+95 |
| | | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com> | ||||
* | | Disable by default unsecure algorithm | Florian Wininger | 2019-09-02 | 2 | -26/+42 |
|/ | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com> | ||||
* | Merge pull request #704 from fwininger/rubocop_small_cop | Miklós Fazekas | 2019-08-28 | 1 | -7/+1 |
|\ | | | | | Enhance some code | ||||
| * | Refactoring style unlesselse. | Florian Wininger | 2019-08-23 | 1 | -7/+1 |
| | | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com> | ||||
* | | Merge pull request #703 from fwininger/openssl4 | Miklós Fazekas | 2019-08-28 | 1 | -11/+9 |
|\ \ | | | | | | | Modernize OpenSSL SHA2 implementation | ||||
| * | | Modernize OpenSSL SHA2 implementation | Florian Wininger | 2019-08-23 | 1 | -11/+9 |
| |/ | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com> | ||||
* | | Merge pull request #702 from fwininger/refactoring_kex2 | Miklós Fazekas | 2019-08-28 | 5 | -136/+130 |
|\ \ | | | | | | | Refactoring kex | ||||
| * | | Add Abstract Kex class | Florian Wininger | 2019-08-24 | 3 | -113/+121 |
| | | | | | | | | | | | | Signed-off-by: Florian Wininger <fw.centrale@gmail.com> |