| #
cd4ada6a |
| 12-Oct-2019 |
christos <christos@NetBSD.org> |
merge openssh-8.1
|
| #
7a183406 |
| 07-Oct-2017 |
christos <christos@NetBSD.org> |
merge conflicts.
|
| #
41768fc1 |
| 18-Apr-2017 |
christos <christos@NetBSD.org> |
merge conflicts
|
| #
ee85abc4 |
| 25-Dec-2016 |
christos <christos@NetBSD.org> |
merge conflicts
|
| #
5101d403 |
| 02-Aug-2016 |
christos <christos@NetBSD.org> |
merge conflicts.
|
| #
e4d43b82 |
| 03-Apr-2015 |
christos <christos@NetBSD.org> |
Merge conflicts
|
| #
343a8bbd |
| 20-Oct-2014 |
christos <christos@NetBSD.org> |
- remove some more jpake remnants.
- try to fix umac; probably still broken on hosts that require strict
alignment, but it is still a start.
|
| #
8a4530f9 |
| 19-Oct-2014 |
christos <christos@NetBSD.org> |
merge openssh-6.7
|
| #
00a838c4 |
| 08-Nov-2013 |
christos <christos@NetBSD.org> |
merge conflicts.
|
| #
ce11a51f |
| 29-Mar-2013 |
christos <christos@NetBSD.org> |
welcome to openssh-6.2
|
| #
2649c700 |
| 12-Dec-2012 |
christos <christos@NetBSD.org> |
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for
new installs, by setting UsePrivilegeSeparation=sandbox in
update to 6.1
This is primarily a bugfix release.
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for
new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
* ssh-keygen(1): Add options to specify starting line number and number of
lines to process when screening moduli candidates, allowing processing
of different parts of a candidate moduli file in parallel
* sshd(8): The Match directive now supports matching on the local (listen)
address and port upon which the incoming connection was received via
LocalAddress and LocalPort clauses.
* sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv
and {Allow,Deny}{Users,Groups}
* Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978
* ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8
* sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
an argument to refuse all port-forwarding requests.
* sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
* ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
* sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file
descriptor exhaustion. Instead back off for a while.
* ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as
they were removed from the specification. bz#2023,
* sshd(8): Handle long comments in config files better. bz#2025
* ssh(1): Delay setting tty_flag so RequestTTY options are correctly
picked up. bz#1995
* sshd(8): Fix handling of /etc/nologin incorrectly being applied to root
on platforms that use login_cap.
show more ...
|
| #
091c4109 |
| 02-May-2012 |
christos <christos@NetBSD.org> |
merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening
* ssh-add(1): new -k option to load plain keys (skipping certificates)
* sshd(8): Add wildcard support
merge OpenSSH 6.0
Features:
* ssh-keygen(1): Add optional checkpoints for moduli screening
* ssh-add(1): new -k option to load plain keys (skipping certificates)
* sshd(8): Add wildcard support to PermitOpen, allowing things like
"PermitOpen localhost:*". bz #1857
* ssh(1): support for cancelling local and remote port forwards via the
multiplex socket. Use ssh -O cancel -L xx:xx:xx -R yy:yy:yy user@host"
to request the cancellation of the specified forwardings
* support cancellation of local/dynamic forwardings from ~C commandline
Bugfixes:
* ssh(1): ensure that $DISPLAY contains only valid characters before
using it to extract xauth data so that it can't be used to play local
shell metacharacter games.
* ssh(1): unbreak remote portforwarding with dynamic allocated listen ports
* scp(1): uppress adding '--' to remote commandlines when the first
argument does not start with '-'. saves breakage on some
difficult-to-upgrade embedded/router platforms
* ssh(1)/sshd(8): fix typo in IPQoS parsing: there is no "AF14" class,
but there is an "AF21" class
* ssh(1)/sshd(8): do not permit SSH2_MSG_SERVICE_REQUEST/ACCEPT during
rekeying
* ssh(1): skip attempting to create ~/.ssh when -F is passed
* sshd(8): unbreak stdio forwarding when ControlPersist is in use; bz#1943
* sshd(1): send tty break to pty master instead of (probably already
closed) slave side; bz#1859
* sftp(1): silence error spam for "ls */foo" in directory with files;
bz#1683
* Fixed a number of memory and file descriptor leaks
show more ...
|
| #
6f47b660 |
| 07-Sep-2011 |
christos <christos@NetBSD.org> |
merge openssh-5.9
|
| #
185c8f97 |
| 25-Jul-2011 |
christos <christos@NetBSD.org> |
- Merge conflicts
- WARNS=5
|
| #
313c6c94 |
| 07-Jun-2009 |
christos <christos@NetBSD.org> |
Merge in our changes:
- conditionalize login_cap
- conditionalize bsd_auth
- bring in pam from portable
- restore krb5, krb4, afs, skey
- bring in hpn patches, disable mt aes cipher, keep speedups an
Merge in our changes:
- conditionalize login_cap
- conditionalize bsd_auth
- bring in pam from portable
- restore krb5, krb4, afs, skey
- bring in hpn patches, disable mt aes cipher, keep speedups and cipher none
- add ignore root rhosts option
- fix ctype macro arguments
- umac is broken, disable it
- better ~homedir handling
- netbsd style tunnels
- urandom, xhome, chrootdir, rescuedir NetBSD handling
- utmp/utmpx handling
- handle tty posix_vdisable properly
- handle setuid and unsetuid the posix way instead of setresuid()
- add all missing functions
- add new moduli
- add build glue
show more ...
|
| #
ca32bd8d |
| 07-Jun-2009 |
christos <christos@NetBSD.org> |
import 5.2 from ftp.openbsd.org
|