Lines Matching +full:ipv4 +full:- +full:config +full:- +full:causing +full:- +full:fallback +full:- +full:to +full:- +full:tcp
19 openssh-7.5
21 Upstream-ID: b8b9a4a949427c393cd868215e1724ceb3467ee5
67 Upstream-ID: 3668852d1f145050e62f1da08917de34cb0c5234
85 Adapt Cygwin config script to privsep knob removal
95 accidents happen to the best of us; ok djm
97 Upstream-ID: b7a9dbd71011ffde95e06f6945fe7197dedd1604
105 fix regression in 7.4: deletion of PKCS#11-hosted keys
109 Upstream-ID: 5b5bc20ca11cacb5d5eb29c3f93fd18425552268
117 Fix segfault when sshd attempts to load RSA1 keys (can
121 Upstream-ID: 8fdaec2ba4b5f65db1d094f6714ce64b25d871d7
136 Upstream-ID: b4c52666256c4dd865f8ce9431af5d6ce2d74a0a
142 Make seccomp-bpf sandbox work on Linux/X32
161 prepending __NR_ to the syscall number parameter and just makes
188 Upstream-Regress-ID: 8717bc0ca4c21120f6dd3a1d3b7a363f707c31e1
198 Upstream-Regress-ID: fe15beaea8f5063c7f21b0660c722648e3d76431
209 Upstream-ID: 51f14c507ea87a3022e63f574100613ab2ba5708
220 Upstream-ID: 35e6a4e98f6fa24df50bfb8ba1307cf70e966f13
226 Add a "unit" target to run only unit tests.
232 Fix weakness in seccomp-bpf sandbox arg inspection
234 Syscall arguments are passed via an array of 64-bit values in struct
253 Upstream-Regress-ID: 0145d19328ed995b73fe2d9da33596b17429d0d0
261 allow ssh to use certificates accompanied by a private
265 Upstream-ID: 295668dca2c39505281577217583ddd2bd4b00b9
274 many bytes to discard for the work around for the attacks against CBC-mode.
277 Upstream-ID: f445f509a4e0a7ba3b9c0dae7311cb42458dc1e2
287 Upstream-ID: fc5e695d5d107d730182e2da7b23f00b489e0ee1
296 … date: 2017/03/11 23:37:23; author: djm; state: Exp; lines: +14 -1; commitid: jnFKyHkB3CEiEZ2R;
299 ----------------------------
301 date: 2013/11/29 19:00:51; author: deraadt; state: Exp; lines: +6 -5;
304 ----------------------------
306 date: 2012/11/12 14:07:20; author: halex; state: Exp; lines: +4 -2;
307 make scan_scaled set errno to EINVAL rather than ERANGE if it encounters
311 ----------------------------
313 date: 2009/06/20 15:00:04; author: martynas; state: Exp; lines: +4 -4;
314 use llabs instead of the home-grown version; and some comment changes
316 ----------------------------
326 keys when any of the ssh-rsa-sha2-* methods was enabled in HostkeyAlgorithms
327 nit ssh-rsa (SHA1 signatures) was not. bz#2650 reported by Luis Ressel; ok
330 Upstream-ID: c5e8cfee15c42f4a05d126158a0766ea06da79d2
338 make hostname matching really insensitive to case;
341 Upstream-ID: e467622ff154269e36ba8b6c9e3d105e1c4a9253
349 reword a comment to make it fit 80 columns
351 Upstream-ID: 4ef509a66b96c7314bbcc87027c2af71fa9d0ba4
359 better match sshd config parser behaviour: fatal() if
360 line is overlong, increase line buffer to match sshd's; bz#2651 reported by
363 Upstream-ID: b175ae7e0ba403833f1ee566edf10f67443ccd18
371 ensure hostname is lower-case before hashing it;
374 Upstream-ID: c3b8b93804f376bd00d859b8bcd9fc0d86b4db17
382 make hostname matching really insensitive to case;
385 Upstream-ID: e632b7a9bf0d0558d5ff56dab98b7cca6c3db549
393 Remove old null check from config dumper. Patch from
396 Upstream-ID: 824ab71467b78c4bab0dd1b3a38e8bc5f63dd528
404 fix regression in 7.4 server-sig-algs, where we were
408 Upstream-ID: 81ac8bfb30960447740b9b8f6a214dcf322f12e8
419 Upstream-ID: 059e33cd43cba88dc8caf0b1936fd4dd88fd5b8e
427 reword a comment to make it fit 80 columns
429 Upstream-ID: b4b48b4487c0821d16e812c40c9b09f03b28e349
437 Check for NULL argument to sshkey_read. Patch from
440 Upstream-ID: c2d00c2ea50c4861d271d0a586f925cc64a87e0e
451 Upstream-ID: 3fb030149598957a51b7c8beb32bf92cf30c96f2
462 Upstream-ID: 8016a7ae97719d3aa55fb723fc2ad3200058340d
473 Upstream-ID: 248acb99a5ed2fdca37d1aa33c0fcee7be286d88
484 Upstream-ID: 468e357ff143e00acc05bdd2803a696b3d4b6442
495 Upstream-ID: cdfdc4ba90639af807397ce996153c88af046ca4
506 Upstream-ID: dbe5494dfddfe523fab341a3dab5a79e7338f878
535 Upstream-ID: 65cdd161460e1351c3d778e974c1c2a4fa4bc182
543 Check l->hosts before dereferencing; fixes potential null
546 Upstream-ID: 81c0327c6ec361da794b5c680601195cc23d1301
557 Upstream-ID: 9dc582d9bb887ebe0164e030d619fc20b1a4ea08
565 fix ssh-keygen -H accidentally corrupting known_hosts that
566 contained already-hashed entries. HKF_MATCH_HOST_HASHED is only set by
567 hostkeys_foreach() when hostname matching is in use, so we need to look for
570 Upstream-ID: da82ad653b93e8a753580d3cf5cd448bc2520528
579 we are heading to exit anyway). From Tom Rix in bz#2683
581 Upstream-ID: 10e3dadbb8199845b66581473711642d9e6741c4
591 Upstream-ID: 83d93366a5acf47047298c5d3ebc5e7426f37921
601 Upstream-ID: 9c538433d6a0ca79f5f21decc5620e46fb68ab57
611 Upstream-Regress-ID: 783d75de35fbc923d46e2a5e6cee30f8f381ba87
619 Add a common nl_langinfo(CODESET) alias for US-ASCII
620 "ANSI_X3.4-1968" that is used by Linux. Fixes mprintf output truncation for
621 non-UTF-8 locales on Linux spotted by dtucker@; ok deraadt@ schwarze@
623 Upstream-ID: c6808956ebffd64066f9075d839f74ff0dd60719
634 Upstream-Regress-ID: 8066b753d9dce7cf02ff87af5c727ff680d99491
645 Upstream-ID: 068b5c41357a02f319957746fa4e84ea73960f57
656 Upstream-ID: cea93a26433d235bb1d64b1d990f19a9c160a70f
664 For ProxyJump/-J, surround host name with brackets to
667 Upstream-ID: 3a5d3b0171250daf6a5235e91bce09c1d5746bf1
679 Upstream-ID: c7f96ac0877f6dc9188bbc908100a8d246cc7f0e
691 Upstream-ID: 6fb6c2ae6b289aa07b6232dbc0be54682ef5419f
700 for the benefit of OpenSSL versions prior to that.
711 translate OpenSSL error codes to something more
714 with additional fix from Jakub Jelen to solve the backout.
715 bz#2525 bz#2523 re-ok dtucker@
717 Upstream-ID: a9d5bc0306f4473d9b4f4484f880e95f3c1cc031
725 Sanitise escape sequences in key comments sent to printf
726 but preserve valid UTF-8 when the locale supports it; bz#2520 ok dtucker@
728 Upstream-ID: e8eed28712ba7b22d49be534237eed019875bd1e
738 Upstream-ID: 06beef7344da0208efa9275d504d60d2a5b9266c
749 Upstream-ID: 5333fd43ce5396bf5999496096fac5536e678fac
760 Upstream-Regress-ID: 840ad6118552c35111f0a897af9c8d93ab8de92a
768 use ssh_packet_set_log_preamble() to include connection
775 Upstream-ID: 3591b88bdb5416d6066fb3d49d8fff2375bf1a15
783 add ssh_packet_set_log_preamble() to allow inclusion of a
786 Upstream-ID: 34cb41182cd76d414c214ccb01c01707849afead
794 support =- for removing methods from algorithms lists,
795 e.g. Ciphers=-*cbc; suggested by Cristian Ionescu-Idbohrn in bz#2671 "I like
798 Upstream-ID: c78c38f9f81a963b33d0eade559f6048add24a6d
806 allow form-feed characters at EOL; bz#2431 ok dtucker@
808 Upstream-ID: 1f453afaba6da2ae69d6afdf1ae79a917552f1a2
814 prefer to use ldns-config to find libldns
816 Should fix bz#2603 - "Build with ldns and without kerberos support
829 seconds until rekeying (negative values are rejected at config parse time).
833 rekey_time is cast to int64 for the comparison which is a no-op
834 on OpenBSD, but should also do the right thing in -portable on
840 Upstream-ID: c9f18613afb994a07e7622eb326f49de3d123b6c
849 don't set a function argument to the address of free'd memory.
853 Upstream-ID: 1efffffff2f51d53c9141f245b90ac23d33b9779
864 Upstream-ID: d901d9887951774e604ca970e1827afaaef9e419
872 Small correction to the known_hosts section on when it is
876 Upstream-ID: 1834d7af179dea1a12ad2137f84566664af225d5
885 and configurations, notably Solaris 64-bit binaries. It was there for
886 the benefit of Linux put the required bits in the *-*linux* section.
896 fully unbreak: some $SSH invocations did not have -F
897 specified and could pick up the ~/.ssh/config of the user running the tests
899 Upstream-Regress-ID: f362d1892c0d3e66212d5d3fc02d915c58ef6b89
910 Upstream-Regress-ID: bc8a5e98e57bad0a92ef4f34ed91c1d18294e2cc
918 revise keys/principals command hang fix (bz#2655) to
919 consume entire output, avoiding sending SIGPIPE to subprocesses early; ok
922 Upstream-ID: 7cb04b31a61f8c78c4e48ceededcd2fd5c4ee1bc
932 remove SSHv1-isms in commented examples
934 reorder token table to group deprecated and compile-time conditional tokens
937 fix config dumping code for some compile-time conditional options that
940 Upstream-ID: f2e96b3cb3158d857c5a91ad2e15925df3060105
951 Upstream-ID: 40957b8dea69672b0e50df6b4a91a94e3e37f72d
961 Upstream-ID: f7b794074d3aae8e35b69a91d211c599c94afaae
970 causes compilers to make assumptions; from Karsten Weiss
972 Upstream-ID: 794243aad1e976ebc717885b7a97a25e00c031b2
980 use correct ssh-add program; bz#2654, from Colin Watson
982 Upstream-Regress-ID: 7042a36e1bdaec6562f6e57e9d047efe9c7a6030
992 If the first test in a series for a given MAC happens to modify the low
997 Upstream-Regress-ID: e7467613b0badedaa300bc6fc7495ec2f44e2fb9
1006 sockets instead of TCP ports where possible. Patch from cjwatson at
1009 Upstream-Regress-ID: 4756375aac5916ef9d25452a1c1d5fa9e90299a9
1021 Upstream-ID: 0d4a7e5ead6cc59c9a44b4c1e5435ab3aada09af
1030 field in the incoming socket, so userspace doesn't need to set it unless it
1035 Upstream-ID: ca6e49e2f22f2b9e81d6d924b90ecd7e422e7437
1045 Upstream-ID: b96239dae4fb3aa94146bb381afabcc7740a1638
1055 Upstream-ID: c107d6a69bc22325d79fbf78a2a62e04bcac6895
1063 show a useful error message when included config files
1066 Upstream-ID: f598b73b5dfe497344cec9efc9386b4e5a3cb95b
1074 sshd_config is documented to set
1078 Upstream-ID: 99ef8ac51f17f0f7aec166cb2e34228d4d72a665
1086 Avoid confusing error message when attempting to use
1087 ssh-keyscan built without SSH protocol v.1 to scan for v.1 keys; bz#2583
1089 Upstream-ID: 5d214abd3a21337d67c6dcc5aa6f313298d0d165
1097 Re-add '%k' token for AuthorizedKeysCommand which was
1098 lost during the re-org in rev 1.235. bz#2656, from jboning at gmail.com.
1100 Upstream-ID: 2884e203c02764d7b3fe7472710d9c24bdc73e38
1111 Upstream-ID: 6649c76eb7a3fa15409373295ca71badf56920a2
1127 relax PKCS#11 whitelist a bit to allow libexec as well as
1130 Upstream-ID: cf5617958e2e2d39f8285fd3bc63b557da484702
1141 Upstream-ID: b6b2b434a6d6035b1644ca44f24cd8104057420f
1152 Upstream-ID: e19456429bf99087ea994432c16d00a642060afe
1158 Re-add missing "Prerequisites" header and fix typo
1170 Upstream-Regress-ID: 7b6f0b63525f399844c8ac211003acb8e4b0bec2
1184 openssh-7.4
1186 Upstream-ID: 1ee404adba6bbe10ae9277cbae3a94abe2867b79
1197 Upstream-Regress-ID: cab4288531766bd9593cb556613b91a2eeefb56f
1205 Use LOGNAME to get current user and fall back to whoami if
1206 not set. Mainly to benefit -portable since some platforms don't have whoami.
1208 Upstream-Regress-ID: e3a16b7836a3ae24dc8f8a4e43fdf8127a60bdfa
1219 Upstream-Regress-ID: 8f1aac24d52728398871dac14ad26ea38b533fb9
1235 revert to rev1.2; the new bits in this test depend on changes
1236 to ssh that aren't yet committed
1238 Upstream-Regress-ID: 828ffc2c7afcf65d50ff2cf3dfc47a073ad39123
1249 Upstream-Regress-ID: a113dea77df5bd97fb4633ea31f3d72dbe356329
1260 Upstream-Regress-ID: 2e74dc2c726f4dc839609b3ce045466b69f01115
1268 Use $SUDO to read pidfile in case root's umask is
1271 Upstream-Regress-ID: f6b1c7ffbc5a0dfb7d430adb2883344899174a98
1282 Upstream-ID: d747ace338dcf943b077925f90f85f789714b54e
1293 Upstream-ID: deb0486e175e7282f98f9a15035d76c55c84f7f6
1301 disable Unix-domain socket forwarding when privsep is
1304 Upstream-ID: ab61516ae0faadad407857808517efa900a0d6d0
1315 Upstream-ID: 703ae690dbf9b56620a6018f8a3b2389ce76d92b
1327 Remove commented-out includes.
1329 These commented-out includes have "Still needed?" comments. Since
1342 Add strcasestr to compat library.
1350 Force Turkish locales back to C/POSIX; bz#2643
1354 prepared to deal with that. For now, the best we can do is to force
1355 OpenSSH to use the C/POSIX locale and try to preserve the UTF-8
1378 Check for utf8 local support and if not found, do not attempt to run the
1385 Use AC_PATH_TOOL for krb5-config.
1387 This will use the host-prefixed version when cross compiling; patch from
1398 certificate id_rsa-cert.pub (and no id_rsa.pub).
1402 Upstream-ID: c1e9699b8c0e3b63cc4189e6972e3522b6292604
1408 Add a gnome-ssh-askpass3 target for GTK+3 version
1416 Make gnome-ssh-askpass2.c GTK+3-friendly
1427 authentication is in use. Instead of deleting and re-preparing the entire
1429 order (with already- tried keys at the back)
1433 Upstream-ID: 7123f12dc2f3bcaae715853035a97923d7300176
1444 a stale pid if sshd fails to restart. ok djm@ markus@
1446 Upstream-ID: 132dd6dda0c77dd49d2f15b2573b5794f6160870
1454 test new behaviour of cert force-command restriction vs.
1457 Upstream-Regress-ID: 399efa7469d40c404c0b0a295064ce75d495387c
1467 Upstream-ID: 93f6e54086145a75df8d8ec7d8689bdadbbac8fa
1475 add a whitelist of paths from which ssh-agent will load
1476 (via ssh-pkcs11-helper) a PKCS#11 module; ok markus@
1478 Upstream-ID: fe79769469d9cd6d26fe0dc15751b83ef2a06e8f
1487 X11, agent, TCP, tunnel and Unix domain socket forwarding, as well as
1490 This, like the 'restrict' authorized_keys flag, is intended to be a
1491 simple and future-proof way of restricting an account. Suggested as
1492 a complement to 'restrict' by Jann Horn; ok markus@
1494 Upstream-ID: 203803f66e533a474086b38a59ceb4cf2410fcf7
1502 When a forced-command appears in both a certificate and
1503 an authorized keys/principals command= restriction, refuse to accept the
1506 The previous (documented) behaviour of having the certificate forced-
1507 command override the other could be a bit confused and more error-prone.
1511 Upstream-ID: 79d811b6eb6bbe1221bf146dde6928f92d2cd05f
1519 On startup, check to see if sshd is already daemonized
1520 and if so, skip the call to daemon() and do not rewrite the PidFile. This
1521 means that when sshd re-execs itself on SIGHUP the process ID will no longer
1524 Upstream-ID: 5ea0355580056fb3b25c1fd6364307d9638a37b9
1532 Add a call to RAND_poll() to ensure than more than pid+time gets
1542 Allow PuTTY interop tests to run unattended. bz#2639,
1545 Upstream-Regress-ID: 4345253558ac23b2082aebabccd48377433b6fe0
1553 Reverse args to sshd-log-wrapper. Matches change in
1556 Upstream-Regress-ID: b438d1c6726dc5caa2a45153e6103a0393faa906
1566 Upstream-Regress-ID: 4c4a2ba0d37faf5fd230a91b4c7edb5699fbd73a
1575 MALLOC_OPTIONS and TEST_ENV to unittets/Makefile.inc.
1579 Upstream-Regress-ID: 890d497e0a38eeddfebb11cc429098d76cf29f12
1591 Upstream-Regress-ID: 6cc25024c8174a87e5734a0dc830194be216dd59
1599 Factor out code to disconnect from controlling terminal
1602 Upstream-ID: 39fd9e8ebd7222615a837312face5cc7ae962885
1610 use sshbuf_allocate() to pre-allocate the buffer used for
1613 appear to happen in practice for normal sized keys, but was observed for
1618 Upstream-ID: d620e1d46a29fdea56aeadeda120879eddc60ab1
1629 Upstream-ID: 11b8a2795afeeb1418d508a2c8095b3355577ec2
1640 Upstream-ID: 8beb4c1eadd588f1080b58932281983864979f55
1650 Upstream-ID: 1c67d4148f5e953c35acdb62e7c08ae8e33f7cb2
1659 configuration load time and refuse to accept bad ones. It was previously
1660 possible to specify invalid CIDR address ranges (e.g. djm@127.1.2.3/55) and
1663 Thanks to Laurence Parry for a detailed bug report. ok markus (for
1666 Upstream-ID: 9dfcdd9672b06e65233ea4434c38226680d40bfb
1675 excessively verbose error()s to debug()s, include PKCS#11 provider name and
1678 Upstream-ID: 3223ef693cfcbff9079edfc7e89f55bf63e1973d
1690 Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL
1698 Move OPENSSL_NO_RIPEMD160 to compat.
1700 Move OPENSSL_NO_RIPEMD160 to compat and add ifdefs to mac.c around the
1715 cipher-3des1.c and cipher-bf1.c are specific to sshv1 so don't even try
1716 to compile them when Protocol 1 is not enabled.
1726 forwarding for non-priv ports as a non root user.
1730 Upstream-ID: ddb8156ca03cc99997de284ce7777536ff9570c9
1741 Upstream-ID: ad9cc655829d67fad219762810770787ba913069
1759 Factor out "can bind to low ports" check into its own function. This will
1760 make it easier for Portable to support platforms with permissions models
1764 Upstream-ID: 86213df4183e92b8f189a6d2dac858c994bfface
1775 Upstream-ID: d9b3a68b2a7c2f2fc7f74678e29a4618d55ceced
1793 Update links to https.
1796 supports ftp. Make all links to these https.
1804 Remove ssh1 host key generation, add ssh-keygen -A
1812 Make links to openssh.com HTTPS now that it's supported, point release
1813 notes link to the HTML release notes page, and update a couple of other
1831 was the recently-removed SSH1 server code so it's now dead code. ok markus@
1833 Upstream-ID: 05453983230a1f439562535fec2818f63f297af9
1841 Install a signal handler for tty-generated signals and
1842 wait for the ssh child to suspend before suspending sftp. This lets ssh
1846 Upstream-ID: a31c1f42aa3e2985dcc91e46e6a17bd22e372d69
1856 Upstream-ID: 81e85df2b8e474f5f93d66e61d9a4419ce87347c
1869 and can result in both SIGTSTP and SIGTTOU being sent which can lead to
1882 (DEF_WEAK is a no-op in portable.)
1890 As well pull in more recent changes from OpenBSD these will start to
1906 unbreak principals-command test
1916 fix the KEX fuzzer - the previous method of obtaining the
1917 packet contents was broken. This now uses the new per-packet input hook, so
1918 it sees exact post-decrypt packets and doesn't have to pass packet integrity
1921 Upstream-Regress-ID: 402fb6ffabd97de590e8e57b25788949dce8d2fd
1929 Move USER out of the way to unbreak the BUILDUSER
1932 Upstream-Regress-ID: 74ab9687417dd071d62316eaadd20ddad1d5af3c
1943 Upstream-Regress-ID: 77bcb50e47b68c7209c7f0a5a020d73761e5143b
1951 Add a per-packet input hook that is called with the
1954 Upstream-ID: a3221cee6b1725dd4ae1dd2c13841b4784cb75dc
1964 allocation of up to 128MB -- until the connection is closed. Reported by
1965 shilei-c at 360.cn
1967 Upstream-ID: 43649ae12a27ef94290db16d1a98294588b75c05
1976 date: 2013/11/24 23:51:29; author: deraadt; state: Exp; lines: +4 -4;
1987 date: 2010/05/14 13:30:34; author: millert; state: Exp; lines: +41 -39;
1997 If we don't have TCSASOFT, define it to zero.
1999 This makes it a no-op when we use it below, which allows us to re-sync
2011 Upstream-ID: ff8e90aa0343d9bb56f40a535e148607973cc738
2019 add a comment about implicitly-expected checks to
2022 Upstream-ID: 74a7f71c28f7c13a50f89fc78e7863b9cd61713f
2030 fix some -Wpointer-sign warnings in the new mux proxy; ok
2033 Upstream-ID: b1ba7b3769fbc6b7f526792a215b0197f5e55dfd
2041 Add a makefile rule to create the ssh library when
2042 regress needs it. This allows to run the ssh regression tests without doing
2045 Upstream-Regress-ID: ce489bd53afcd471225a125b4b94565d4717c025
2053 Allow to run ssh regression tests as root. If the user
2055 another user, use sudo or doas to switch from root if necessary. OK dtucker@
2057 Upstream-Regress-ID: b464e55185ac4303529e3e6927db41683aaeace2
2065 ssh proxy mux mode (-O proxy; idea from Simon Tatham): - mux
2066 client speaks the ssh-packet protocol directly over unix-domain socket. - mux
2067 server acts as a proxy, translates channel IDs and relays to the server. - no
2068 filedescriptor passing necessary. - combined with unix-domain forwarding it's
2069 even possible to run mux client and server on different machines. feedback
2072 Upstream-ID: 666a2fb79f58e5c50e246265fb2b9251e505c25b
2080 put back some pre-auth zlib bits that I shouldn't have
2081 removed - they are still used by the client. Spotted by naddy@
2083 Upstream-ID: 80919468056031037d56a1f5b261c164a6f90dc2
2091 restore pre-auth compression support in the client -- the
2092 previous commit was intended to remove it from the server only.
2094 remove a few server-side pre-auth compression bits that escaped
2100 Upstream-ID: d23696ed72a228dacd4839dd9f2dec424ba2016b
2111 Upstream-ID: 640e32b5e4838e4363738cdec955084b3579481d
2119 We no longer need to wrap/replace mmap for portability now that
2120 pre-auth compression has been removed from OpenSSH.
2128 Remove support for pre-authentication compression. Doing
2133 Moreover, to support it across privilege-separation zlib needed
2134 the assistance of a complex shared-memory manager that made the
2137 Prompted by Guido Vranken pointing out a compiler-elided security
2141 NB. pre-auth authentication has been disabled by default in sshd
2144 Upstream-ID: 32af9771788d45a0779693b41d06ec199d849caf
2154 order of tests to avoid confusing increasingly pedantic compilers.
2159 Upstream-ID: f8508c830c86d8f36c113985e52bf8eedae23505
2165 fix mdoc2man.awk formatting for top-level lists
2178 Upstream-ID: 438d5ed6338b28b46e822eb13eee448aca31df37
2189 Upstream-ID: 81a6daa506a4a5af985fce7cf9e59699156527c8
2197 mention curve25519-sha256 KEX
2199 Upstream-ID: 33ae1f433ce4795ffa6203761fbdf86e0d7ffbaf
2207 support plain curve25519-sha256 KEX algorithm now that it
2209 curve25519-sha256@libssh.org)
2211 Upstream-ID: 5e2b6db2e72667048cf426da43c0ee3fc777baa2
2220 will cause ssh_dispatch_run(DISPATCH_BLOCK, ...) to return without the
2223 Upstream-ID: b3afe126c0839d2eae6cddd41ff2ba317eda0903
2232 Sami Farin via https://github.com/openssh/openssh-portable/pull/50
2234 Upstream-ID: c85999af28aaecbf92cfa2283381df81e839b42c
2244 Upstream-ID: 76d23e89419ccbd2320f92792a6d878211666ac1
2255 Upstream-Regress-ID: acebb8e5042f03d66d86a50405c46c4de0badcfd
2263 Revert two recent changes to negated address matching. The
2264 new behaviour offers unintuitive surprises. We'll find a better way to deal
2279 Upstream-ID: ec96c770f0f5b9a54e5e72fda25387545e9c80c6
2289 Upstream-Regress-ID: 0a79a84dfaa59f958e46b474c3db780b454d30e3
2297 add a way for principals command to get see key ID and serial
2300 Upstream-ID: 0d30978bdcf7e8eaeee4eea1b030eb2eb1823fcb
2310 Upstream-Regress-ID: 03804d4a0dbc5163e1a285a4c8cc0a76a4e864ec
2319 (diffie-hellman-group14-sha256 etc)
2321 Upstream-Regress-ID: fe942c669959462b507516ae1634fde0725f1c68
2329 move inbound NEWKEYS handling to kex layer; otherwise
2333 Upstream-ID: 9a68b882892e9f51dc7bfa9f5a423858af358b2f
2347 Upstream-ID: 738d3229130ccc7eac975c190276ca6fcf0208e4
2358 Upstream-ID: e18ede972d1737df54b49f011fa4f3917a403f48
2369 Upstream-ID: 553581a549cd6a3e73ce9f57559a325cc2cb1f38
2377 add %-escapes to AuthorizedPrincipalsCommand to match those
2379 few more to provide access to the certificate's CA key; 'looks ok' dtucker@
2381 Upstream-ID: 6b00fd446dbebe67f4e4e146d2e492d650ae04eb
2389 Improve test coverage of ssh-keygen -T a bit.
2391 Upstream-Regress-ID: 8851668c721bcc2b400600cfc5a87644cc024e72
2399 Add testcase for ssh-keygen -j, -J and -K options for
2403 Upstream-Regress-ID: 9de6ce801377ed3ce0a63a1413f1cd5fd3c2d062
2413 Upstream-Regress-ID: fae2d1fef84687ece584738a924c7bf969616c8e
2424 Upstream-ID: 901cb081c59d6d2698b57901c427f3f6dc7397d4
2433 server-sig-algs Reported by mb AT smartftp.com in bz#2547 and (independantly)
2436 Upstream-ID: ddf702d721f54646b11ef2cee6d916666cb685cd
2442 Remove no-op brackets to resync with upstream.
2448 Resync ssh-keygen -W error message with upstream.
2454 Move ssh-keygen -W handling code to match upstream
2460 Move ssh-keygen -T handling code to match upstream.
2466 Move -M handling code to match upstream.
2474 Spaces->tabs.
2476 Upstream-ID: f4829dfc3f36318273f6082b379ac562eead70b7
2484 Style whitespace fix. Also happens to remove a no-op
2487 Upstream-ID: 45d90f9a62ad56340913a433a9453eb30ceb8bf3
2495 Add MAXIMUM(), MINIMUM(), and ROUNDUP() to misc.h, then
2499 Upstream-ID: 712cafa816c9f012a61628b66b9fbd5687223fb8
2509 Upstream-ID: 73cec7f7ecc82d37a4adffad7745e4684de67ce7
2520 Upstream-ID: 32bb7a9cb9919ff5bab28d50ecef3a2b2045dd1e
2532 Upstream-ID: 2ceaa1076e19dbd3542254b4fb8e42d608f28856
2540 remove 3des-cbc from the client's default proposal;
2541 64-bit block ciphers are not safe in 2016 and we don't want to wait until
2542 attacks like sweet32 are extended to SSH.
2544 As 3des-cbc was the only mandatory cipher in the SSH RFCs, this may
2545 cause problems connecting to older devices using the defaults, but
2551 Upstream-ID: a505dfe65c6733af0f751b64cbc4bb7e0761bc2f
2559 enforce expected request flow for GSSAPI calls; thanks to
2562 Upstream-ID: d4bc0e70e1be403735d3d9d7e176309b1fd626b9
2568 Restore ssh-keygen's -J and -j option handling.
2578 only allow kbd-interactive ones when that authentication method is
2587 restrict monitor auth calls to be allowed only when their
2592 Upstream-ID: 6eb3f89332b3546d41d6dbf5a8e6ff920142b553
2598 Tighten monitor state-machine flow for PAM calls
2612 Upstream-ID: 1987ccee508ba5b18f016c85100d7ac3f70ff965
2624 Upstream-ID: ae34525485a173bccd61ac8eefeb91c57e3b7df6
2636 Upstream-ID: 7baa6a0f1e049bb3682522b4b95a26c866bfc043
2645 use it to suppress noisy deprecation warnings for the Protocol directive.
2649 Upstream-ID: 9fe040aca3d6ff393f6f7e60045cdd821dc4cbe0
2659 Upstream-ID: a7485c1f1be618e8c9e38fd9be46c13b2d03b90c
2670 Upstream-ID: c443e339768e7ed396dff3bb55f693e7d3641453
2678 downgrade an error() to a debug2() to match similar cases
2681 Upstream-ID: 07c3d53e357214153d9d08f234411e0d1a3d6f5c
2695 Upstream-Regress-ID: c16662c631af51633f9fd06aca552a70535de181
2701 hook match and utf8 unittests up to Makefile
2711 Upstream-Regress-ID: 0869d4f5c5d627c583c6a929d69c17d5dd65882c
2730 Upstream-ID: 01dcac3f3e6ca47518cf293e31c73597a4bb40d8
2743 Upstream-ID: 05a0cb323ea4bc20e98db099b42c067bfb9ea1ea
2754 Upstream-ID: bea7213fbf158efab7e602d9d844fba4837d2712
2767 Upstream-ID: 850328854675b4b6a0d4a90f0b4a9dd9ca4e905f
2775 Remove more SSH1 server code: * Drop sshd's -k option. *
2776 Retire configuration keywords that only apply to protocol 1, as well as the
2781 Upstream-ID: 9402f82886de917779db12f8ee3f03d4decc244d
2801 --with-ldflags isn't used until after the -ftrapv test, so mention
2810 Since -portable switched to git the CVS $Id tags are no longer being
2817 Remove now-obsolete CVS $Id tags from text files.
2819 Since -portable switched to git, the CVS $Id tags are no longer being
2837 When using clang with -ftrapv or -sanitize=integer the tests would pass
2838 but linking would fail with "undefined reference to __mulodi4".
2839 Explicitly test for this before enabling -trapv.
2845 add a --with-login-program configure argument
2848 packaging environments make hard to do during configure phase.
2854 add --with-pam-service to specify PAM service name
2856 Saves messing around with CFLAGS to do it.
2864 Our explicit_bzero successfully confused clang -fsanitize-memory
2865 in to thinking that memset is never called to initialise memory.
2876 Upstream-ID: c24c0c32c49b91740d5a94ae914fb1898ea5f534
2887 This makes the IPv6 example consistent with IPv4, and removes a dubious
2892 Upstream-ID: b027f3d0e0073419a132fd1bf002e8089b233634
2902 Upstream-ID: 6da9a37f74aef9f9cc639004345ad893cad582d8
2919 Upstream-ID: aed374e2e88dd3eb41390003e5303d0089861eb5
2927 small refactor of cipher.c: make ciphercontext opaque to
2930 Upstream-ID: 094849f8be68c3bdad2c0f3dee551ecf7be87f6f
2941 2", no SSH1 host key supplied). Reported by rainer.laatsch at t-online.de,
2944 Upstream-ID: aa6b132da5c325523aed7989cc5a320497c919dc
2955 Upstream-ID: 9baa6eb5cd6e30c9dc7398e5fe853721a3a5bdee
2974 implementation. Try to detect this mess, and assume the only safe option
2992 update config.guess and config.sub to current
3012 (or in the case of bsd-snprint.c, rsync).
3028 Date: Mon Aug 1 14:31:52 2016 -0700
3032 Spotted by Jean-Pierre Radley
3041 the problem (lack of prototype causing return type confusion).
3075 openssh-7.3
3077 Upstream-ID: af106a7eb665f642648cf1993e162c899f358718
3083 Move Cygwin IPPORT_RESERVED overrride to defines.h
3093 fix pledge violation with ssh -f; reported by Valentin
3096 Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa
3106 Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8
3115 message similar to other similar level. bz#2599, patch from cgallek at
3118 Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd
3137 Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d
3145 move debug("%p", key) to before key is free'd; probable
3148 Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a
3156 reverse the order in which -J/JumpHost proxies are visited to
3161 Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a
3170 easily DoS sshd by sending very long passwords, causing it to spend CPU
3173 Brought to our attention by tomas.kuthan at oracle.com, shilei-c at
3176 Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333
3187 Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31
3197 Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534
3209 Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2
3221 Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912
3230 until we find a user with a valid salt to use for crypting passwords of
3241 seem to work on some non-GNU makes, so do what works everywhere.
3255 We now have a shared implementation in libopenbsd-compat.
3267 Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76
3289 bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer
3290 password and keyboard-interative authentication methods. Should prevent
3293 It probably won't trigger with keyboard-interactive in the default
3294 configuration because the retry counter is stored in module-private
3304 support UTF-8 characters in ssh(1) banners using
3309 Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7
3317 - add proxyjump to the options list - formatting fixes -
3322 Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457
3334 Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5
3346 cast to avoid type warning in error message
3355 to an internal function, causing link errors. In some compat code we
3357 shared header and use for sshbuf-getput-basic.c too. Should fix building
3372 add a --disable-pkcs11 knob
3380 The hmac-ripemd160 was incorrect and could lead to broken
3390 Add a ProxyJump ssh_config(5) option and corresponding -J
3391 ssh(1) command-line flag to allow simplified indirection through a SSH
3394 These options construct a proxy command that connects to the
3396 port-forwarding to establish a connection to the next destination.
3399 servers and makes it easy to use.
3403 Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397
3419 When sshd decides to not allow a login (eg PermitRootLogin=no) and
3420 it's using PAM, it sends a fake password to PAM so that the timing for
3423 password string which is slower to hash than the fake password.
3426 as the one from the client and thus takes the same time to hash.
3435 When sshd is processing a non-PAM login for a non-existent user it uses
3438 systems that don't understand that crypt will fail fast due to an invalid
3442 by EddieEzra.Harari at verint.com (CVE-2016-6210).
3444 To mitigate, use the same hash algorithm that root uses for hashing
3459 If we don't have it, set BROKEN_STRNVIS to activate the compat replacement.
3469 Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a
3481 ok deraadt, looks good to millert
3483 Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b
3494 Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a
3502 If we don't have wcwidth force fallback implementations of nl_langinfo
3518 in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@
3532 whitelist more architectures for seccomp-bpf
3534 bz#2590 - testing and patch from Jakub Jelen
3543 it. CFLAGS contains -g by default anyway
3545 problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
3548 Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542
3556 Improve crypto ordering for Encrypt-then-MAC (EtM) mode
3560 checking the MAC. This gave rise to the possibility of creating a
3561 side-channel oracle in the decryption step, though no such oracle has
3565 one pass, and uses it to advance MAC checking for EtM algorithms to
3571 Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b
3580 delete it. CFLAGS contains -g by default anyway
3582 problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com)
3585 Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603
3593 Explicitly check for 100% completion to avoid potential
3594 floating point rounding error, which could cause progressmeter to report 99%
3598 Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d
3606 sort the -o list;
3608 Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac
3616 fix AuthenticationMethods during configuration re-parse;
3619 Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4
3631 Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179
3641 Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463
3649 translate OpenSSL error codes to something more
3652 Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5
3666 Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27
3676 Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd
3689 Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27
3697 Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip
3698 change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX.
3713 Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message
3714 about forward and reverse DNS not matching. We haven't supported IP-based
3718 Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29
3727 gets linked into ssh-agent when building --with-pam.
3735 There are a small number of "upstream" commits that do not correspond to
3736 a file in -portable. This file tracks those so that we can reconcile
3737 OpenBSD and Portable to ensure that no commits are accidentally missed.
3739 If you add something to .skipped-commit-ids please also add an upstream
3742 Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35
3743 Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca
3744 Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7
3745 Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120
3746 Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a
3747 Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef
3748 Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2
3749 Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660
3750 Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae
3751 Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee
3757 Remove now-defunct .cvsignore files. ok djm
3767 that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY.
3770 Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65
3778 Where possible, use Solaris setpflags to disable process tracing on
3779 ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee
3794 This should make it easier to add additional platform support such as
3803 Add a test for ssh(1)'s config file parsing.
3805 Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601
3813 Add 'sshd' to the test ID as I'm about to add a similar
3816 Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a
3826 Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6
3838 rather than -1 and NULL.
3845 Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4
3855 Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3
3863 Set umask to prevent "Bad owner or permissions" errors.
3865 Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417
3875 Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38
3885 Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d
3895 Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698
3903 Allow ExitOnForwardFailure and ClearAllForwardings to be
3904 overridden when using ssh -W (but still default to yes in that case).
3907 Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4
3915 Move the host and port used by ssh -W into the Options
3918 Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382
3927 we support before passing them to the monitor. ok djm@
3929 Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece
3937 Ensure that the client's proposed DH-GEX max value is at
3940 Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775
3946 Add compat bits to utf8.c.
3952 Fix utf->utf8 typo.
3968 Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e
3977 buffer may need to grow, or it would be overrun; issue found by tb@ with
3981 up front such that we don't have to realloc() later just for that.
3985 Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff
3997 rather than -1 and NULL.
4004 Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0
4012 To prevent screwing up terminal settings when printing to
4013 the terminal, for ASCII and UTF-8, escape bytes not forming characters and
4014 bytes forming non-printable characters with vis(3) VIS_OCTAL. For other
4021 This is believed to be sufficient to keep the local terminal safe
4023 state-dependent locales because many places in the code print
4031 Upstream-ID: e66afbc94ee396ddcaffd433b9a3b80f387647e0
4042 Upstream-ID: aa814b694efe9e5af8a26e4c80a05526ae6d6605
4052 Upstream-ID: 4faacdde136c24a961e24538de373660f869dbc0
4060 prefer agent-hosted keys to keys from PKCS#11; ok markus
4062 Upstream-ID: 7417f7653d58d6306d9f8c08d0263d050e2fd8f4
4072 Upstream-ID: bf968da7cfcea2a41902832e7d548356a4e2af34
4084 Date: Tue May 31 11:13:22 2016 -0700
4099 Add missing ssh-host-config --name option
4127 Upstream-ID: b32d0cb372bbe918ca2de56906901eae225a59b0
4137 Upstream-ID: 4ba9034b00a4cf1beae627f0728da897802df88a
4145 allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@
4147 Upstream-ID: 20c508480d8db3eef18942c0fc39b1fcf25652ac
4155 move SSH_MSG_NONE, so we don't have to include ssh1.h;
4158 Upstream-ID: c2f97502efc761a41b18c17ddf460e138ca7994e
4178 Upstream-ID: 789c6ad4928b5fa557369b88c3a6a34926082c05
4187 would cause the server to set an invalid mask. ok djm@
4189 Upstream-ID: 8a4404c8307a5ef9e07ee2169fc6d8106b527587
4200 Upstream-ID: 3e6a15eb89ea0fd406f108826b7dc7dec4fbfac1
4210 Upstream-ID: cc4d0cd32cb6b55a2ef98975d2f7ae857d0dc578
4220 Upstream-ID: 1fbd5b7ab16d2d9834ec79c3cedd4738fa42a168
4231 Upstream-ID: 940bc69ec0249ab428d24ccd0722ce35cb932ee2
4239 don't forget to include StreamLocalBindUnlink in the
4240 config dump output
4242 Upstream-ID: 14a6d970b3b45c8e94272e3c661e9a0b2a0ee7cb
4253 Upstream-ID: cb40d0235dc153c478c1aad3bc60b195422a54fb
4261 clarify ordering of subkeys; pointed out by ietf-ssh AT
4264 Upstream-ID: 05ebe9f949449a555ebce8e0aad7c8c9acaf8463
4272 Use a subshell for constructing key types to work around
4273 different sed behaviours for -portable.
4275 Upstream-Regress-ID: 0f6eb673162df229eda9a134a0f10da16151552d
4283 correct some typos and remove a long-stale XXX note.
4291 Upstream-ID: 7b535ab7dba3340b7d8210ede6791fdaefdf839a
4302 Upstream-ID: 8caac2d8e8cfd2fca6dc304877346e0a064b014b
4310 Implement IUTF8 as per draft-sgtatham-secsh-iutf8-00. Patch
4313 Upstream-ID: 58268ebdf37d9d467f78216c681705a5e10c58e8
4321 unbreak config parsing on reexec from previous commit
4323 Upstream-ID: bc69932638a291770955bd05ca55a32660a613ab
4333 Upstream-Regress-ID: a0cd1a92dc824067076a5fcef83c18df9b0bf2c6
4342 draft-ietf-curdle-ssh-kex-sha2-03
4344 diffie-hellman-group14-sha256 (2K group)
4345 diffie-hellman-group16-sha512 (4K group)
4346 diffie-hellman-group18-sha512 (8K group)
4351 Upstream-ID: ac00406ada4f0dfec41585ca0839f039545bc46f
4362 Upstream-ID: b45be2f2ce8cacd794dc5730edaabc90e5eb434a
4370 fix signed/unsigned errors reported by clang-3.7; add
4371 sshbuf_dup_string() to replace a common idiom of strdup(sshbuf_ptr()) with
4374 Upstream-ID: 71f926d9bb3f1efed51319a6daf37e93d57c8820
4383 in debug mode or when logging to a file or syslog. bz#1988 ok dtucker
4385 Upstream-ID: 4fb726f0fdcb155ad419913cea10dc4afd409d24
4395 Upstream-ID: 313a385bd7b69a82f8e28ecbaf5789c774457b15
4405 Upstream-ID: 13e7327fe85f6c63f3f7f069e0fdc8c351515d11
4415 Upstream-ID: dc4816678704aa5cbda3a702e0fa2033ff04581d
4425 Upstream-ID: 46c1bab91c164078edbccd5f7d06b9058edd814f
4435 Upstream-Regress-ID: 1063595f7f40f8489a1b7a27230b9e8acccea34f
4445 Upstream-Regress-ID: 29ef1b267fa56daa60a1463396635e7d53afb587
4455 Upstream-Regress-ID: cb782f4f1ab3e079efbc335c6b64942f790766ed
4465 Upstream-Regress-ID: 46a38c8101f635461c506d1aac2d96af80f97f1e
4473 unbreak test for recent ssh de-duplicated forwarding
4476 Upstream-Regress-ID: 6b2b115d99acd7cff13986e6739ea214cf2a3da3
4486 Upstream-Regress-ID: 8cd10952ce7898655ee58945904f2a0a3bdf7682
4496 Upstream-ID: ae3b76e2e343322b9f74acde6f1e1c5f027d5fff
4504 If PAM is configured to read user-specified environment variables
4509 CVE-2015-8325, found by Shayan Sadigh, via Colin Watson
4520 Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761
4528 Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have
4529 the same effect without causing problems syncing patches with OpenBSD.
4541 Upstream-ID: 5beffd4e001515da12851b974e2323ae4aa313b6
4550 every direct-streamlocal@openssh.com channel open, in contravention of our
4554 fields to be present and fatal() if they aren't, so document them
4560 Upstream-ID: 34cd326a4d236ca6e39084c4ff796bd97ab833e7
4573 Upstream-ID: 40a51d68b6300f1cc61deecdb7d4847b8b7b0de1
4589 Upstream-ID: f16811ffa19a1c5f4ef383c5f0fecb843c84e218
4601 Fix configure-time warnings for openssl test.
4611 Upstream-ID: 40ae2203d07cb14e0a89e1a0d4c6120ee8fd8c3a
4619 Remove fallback from moduli to "primes" file that was
4620 deprecated in 2001 and fix log messages referring to primes file. Based on
4623 Upstream-ID: 0d4f8c70e2fa7431a83b95f8ca81033147ba8713
4634 Upstream-ID: c1c1bb895dde46095fc6d81d8653703928437591
4659 ssh-agent: when attempting pubkey auth with a certificate, if no separate
4664 Upstream-ID: f939cd76d68e6a9a3d1711b5a943d6ed1e623966
4675 Upstream-ID: 18ad8d0d74cbd2ea3306a16595a306ee356aa261
4681 Pass supported malloc options to connect-privsep.
4683 This allows us to activate only the supported options during the malloc
4684 option portion of the connect-privsep test.
4700 The variable $L_TMP_ID_FILE needs to be surrounded by quotes in order to
4722 Add compat to monotime_double().
4724 Apply all of the portability changes in monotime() to monotime() double.
4729 Date: Tue Mar 8 14:12:58 2016 -0800
4731 make a regress-binaries target
4733 Easier to build all the regression/unit test binaries in one pass
4738 Date: Tue Mar 8 14:03:54 2016 -0800
4740 unbreak kexfuzz for -Werror without __bounded__
4744 Date: Tue Mar 8 14:01:29 2016 -0800
4755 same change to some portable-specific code.
4764 to the places that use them (authn and session code). After this, no state is
4769 Upstream-ID: 5f2e4df88d4803fc8ec59ec53629105e23ce625e
4787 Upstream-Regress-ID: 345d0a9589c381e7d640a4ead06cfaadf4db1363
4797 Upstream-Regress-ID: 3df5242d30551b12b828aa9ba4a4cec0846be8d1
4806 to the code mean that "Bad packet length" errors are 3 lines back instead of
4808 to.
4810 Upstream-Regress-ID: 24f36912740a634d509a3144ebc8eb7c09b9c684
4818 fix ClientAliveInterval when a time-based RekeyLimit is
4822 Upstream-ID: d48f9deadd35fdacdd5106b41bb07630ddd4aa81
4833 Upstream-ID: 99f1cf15c9a8f161086b814d414d862795ae153d
4842 storing sub-second timestamps. Pointed out by mmcc@, ok deraadt@ markus@
4844 Upstream-ID: 38fd83a3d83dbf81c8ff7b5d1302382fe54970ab
4854 Upstream-ID: 0590313bbb013ff6692298c98f7e0be349d124bd
4862 rearrange DH public value tests to be a little more clear
4864 rearrange DH private value generation to explain rationale more
4869 Upstream-ID: 9ad8a07e1a12684e1b329f9bd88941b249d4b2ad
4889 Skip PrintLastLog in config dump mode.
4891 When DISABLE_LASTLOG is set, do not try to include PrintLastLog in the
4892 config dump since it'll be reported as UNKNOWN.
4904 put back portable patchlevel to p1
4912 openssh-7.2
4914 Upstream-ID: 9db776b26014147fc907ece8460ef2bcb0f11e78
4923 for certain files and directories. This adds a regress/check-perm
4924 tool that copies the relevant logic from sshd to exactly test
4926 filesystem doesn't conform to our expectations rather than
4943 to sshd. Spotted by Darren.
4954 Upstream-ID: 58b2e46e63ed6912ed1ee780bd3bd8560f9a5899
4962 set ssh(1) protocol version to 2 only.
4966 Upstream-ID: e168daf9d27d7e392e3c9923826bd8e87b2b3a10
4974 add missing ~/.ssh/id_ecdsa and ~/.ssh/id_ed25519 to
4979 Upstream-ID: 6ce99466312e4ae7708017c3665e3edb976f70cf
4987 AddressFamily defaults to any.
4991 Upstream-ID: 0d94aa06a4b889bf57a7f631c45ba36d24c13e0c
5013 Upstream-ID: 43f0d57928cc077c949af0bfa71ef574dcb58243
5021 rsa-sha2-512,rsa-sha2-256 cannot be selected explicitly
5025 Upstream-ID: c6e8820eb8e610ac21551832c0c89684a9a51bb7
5033 since these pages now clearly tell folks to avoid v1,
5039 Upstream-ID: eb474f8c36fb6a532dc05c282f7965e38dcfa129
5050 Upstream-ID: 5221ef3b927d2df044e9aa3f5db74ae91743f69b
5058 no need to state that protocol 2 is the default twice;
5060 Upstream-ID: b1e4c36b0c2e12e338e5b66e2978f2ac953b95eb
5068 Replace list of ciphers and MACs adjacent to -1/-2 flag
5069 descriptions in ssh(1) with a strong recommendation not to use protocol 1.
5070 Add a similar warning to the Protocol option descriptions in ssh_config(5)
5075 Upstream-ID: 961f99e5437d50e636feca023978950a232ead5e
5083 add a "Close session" log entry (at loglevel=verbose) to
5084 correspond to the existing "Starting session" one. Also include the session
5085 id number to make multiplexed sessions more apparent.
5089 Upstream-ID: e72d2ac080e02774376325136e532cb24c2e617c
5099 Upstream-Regress-ID: b22d72edfde78c403aaec2b9c9753ef633cc0529
5108 it has the wrong number of args and it's not usable in non-variadic
5135 Upstream-ID: ccd742cd25952240ebd23d7d4d6b605862584d08
5143 Add a function to enable security-related malloc_options.
5146 Upstream-ID: 43a95523b832b7f3b943d2908662191110c380ed
5152 sync ssh-copy-id with upstream 783ef08b0a75
5163 Upstream-ID: 044a764fee526f2c4a9d530bd10695422d01fc54
5174 Upstream-ID: d7fd1b6c1ed848d866236bcb1d7049d2bb9b2ff6
5182 fix regression in openssh-6.8 sftp client: existing
5186 Upstream-ID: 3306be469f41f26758e3d447987ac6d662623e18
5194 turn off more old crypto in the client: hmac-md5, ripemd,
5197 Upstream-ID: 96aa11c2c082be45267a690c12f1d2aae6acd46e
5205 don't attempt to percent_expand() already-canonicalised
5206 addresses, avoiding unnecessary failures when attempting to connect to scoped
5209 Upstream-ID: f24569cffa1a7cbde5f08dc739a72f4d78aa5c6a
5219 This makes automatic rekeying internal to the packet code (previously
5220 the server and client loops needed to assist). In doing to it makes
5222 about to be sent as well as packets queued during rekeying events
5228 Upstream-ID: a441227fd64f9739850ca97b4cf794202860fcd8
5238 fail to notice that the client had exited. ok mikeb@ djm@
5240 Upstream-ID: 3c2dadc21fac6ef64665688aac8a75fffd57ae53
5251 Upstream-ID: 11b068d83c2865343aeb46acf1e9eec00f829b6b
5259 mention internal DH-GEX fallback groups; bz#2302
5261 Upstream-ID: e7b395fcca3122cd825515f45a2e41c9a157e09e
5271 Upstream-ID: e2c0d74ee185cd1a3e9d4ca1f1b939b745b354da
5288 printf argument casts to avoid warnings on strict
5291 Upstream-ID: 7b9f6712cef01865ad29070262d366cf13587c9c
5303 Upstream-ID: 20ee0cfbda678a247264c20ed75362042b90b412
5314 Upstream-Regress-ID: 548390350c62747b6234f522a99c319eee401328
5324 Upstream-ID: 13d1f9c8b65a5109756bcfd3b74df949d53615be
5332 include packet type of non-data packets in debug3 output;
5335 Upstream-ID: 034eaf639acc96459b9c5ce782db9fcd8bd02d41
5344 processed" change as it breaks for very small RekeyLimit values due to
5347 Upstream-ID: 7e03f636cb45ab60db18850236ccf19079182a19
5355 Allow RekeyLimits in excess of 4G up to 2**63 bits
5358 Upstream-ID: 13bea82be566b9704821b1ea05bf7804335c7979
5367 computing whether or not it is time to perform rekeying. bz#2521, based
5370 Upstream-ID: 67e268b547f990ed220f3cb70a5624d9bda12b8c
5381 Upstream-ID: 8ca558c01f184e596b45e4fc8885534b2c864722
5391 Upstream-ID: 478ccd4e897e0af8486b294aa63aa3f90ab78d64
5405 Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66
5416 Upstream-ID: 6ed0c33b836d9de0a664cd091e86523ecaa2fb3b
5427 Upstream-ID: 4ec0f12b9d8fa202293c9effa115464185aa071d
5437 Upstream-ID: 2cab8f4b197bc95776fb1c8dc2859dad0c64dc56
5445 Disable experimental client-side roaming support. Server
5449 Upstream-ID: 2328004b58f431a554d4c1bf67f5407eae3389df
5461 openssh-7.1p2
5475 eliminate fallback from untrusted X11 forwarding to trusted
5479 Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938
5490 Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
5496 Support Illumos/Solaris fine-grained privileges
5498 Includes a pre-auth privsep sandbox and several pledge()
5509 fix three bugs in KRL code related to (unused) signature
5514 Upstream-ID: e705e97ad3ccce84291eaa651708dd1b9692576b
5524 Upstream-ID: f3eef4389d53ed6c0d5c77dcdcca3060c745da97
5533 lastlog. Cast to off_t before multiplication to avoid truncation on ILP32
5537 Upstream-ID: fc40092568cd195719ddf1a00aa0742340d616cf
5546 "ask" or "autoask", the process will use ssh-askpass for asking confirmation.
5552 Upstream-ID: 38a58b30ae3eef85051c74d3c247216ec0735f80
5563 Upstream-ID: decc88ec4fc7515594fdb42b04aa03189a44184b
5571 Add "id" to ssh-agent pledge for subprocess support.
5573 Found the hard way by Jan Johansson when using ssh-agent with X. Also,
5574 rearranged proc/exec and retval to match other pledge calls in the tree.
5578 Upstream-ID: 914255f6850e5e7fa830a2de6c38605333b584db
5586 Remove NULL-checks before sshbuf_free().
5590 Upstream-ID: 5ebed00ed5f9f03b119a345085e8774565466917
5601 Upstream-ID: 9300dc354015f7a7368d94a8ff4a4266a69d237e
5609 don't try to load SSHv1 private key when compiled without
5612 Upstream-ID: 8b8e7b02a448cf5e5635979df2d83028f58868a7
5621 reading key files. Increase it to match the size of the buffers already being
5624 Upstream-ID: 1b60586b484b55a947d99a0b32bd25e0ced56fae
5632 Remove NULL-checks before sshkey_free().
5636 Upstream-ID: 3e35afe8a25e021216696b5d6cde7f5d2e5e3f52
5646 null-ptr.net.
5648 Upstream-ID: b0c6b4cd2cdb01d7e9eefbffdc522e35b5bc4acc
5656 - remove configure --with-rsh, because this option isn't supported anymore
5657 - replace last occurrence of BuildPreReq by BuildRequires
5658 - update grep statement to query the krb5 include directory
5666 Allow --without-ssl-engine with --without-openssl
5695 Upstream-ID: 7454a0affeab772398052954c79300aa82077093
5703 Pass (char *)NULL rather than (char *)0 to execl and
5708 Upstream-ID: 56c955106cbddba86c3dd9bbf786ac0d1b361492
5716 Remove NULL-checks before free().
5720 Upstream-ID: e3d3cb1ce900179906af36517b5eea0fb15e6ef8
5730 Upstream-ID: ec364c5af32031f013001fd28d1bd3dfacfe9a72
5738 stricter encoding type checks for ssh-rsa; ok djm@
5740 Upstream-ID: 8cca7c787599a5e8391e184d0b4f36fdc3665650
5756 basic unit tests for rsa-sha2-* signature types
5758 Upstream-Regress-ID: 7dc4b9db809d578ff104d591b4d86560c3598d3c
5766 prefer rsa-sha2-512 over -256 for hostkeys, too; noticed
5769 Upstream-ID: 685f55f7ec566a8caca587750672723a0faf3ffe
5777 Properly handle invalid %-format by calling fatal.
5781 Upstream-ID: 5692bce7d9f6eaa9c488cb93d3b55e758bef1eac
5789 implement SHA2-{256,512} for RSASSA-PKCS1-v1_5 signatures
5790 (user and host auth) based on draft-rsa-dsa-sha2-256-03.txt and
5791 draft-ssh-ext-info-04.txt; with & ok djm@
5793 Upstream-ID: cf82ce532b2733e5c4b34bb7b7c94835632db309
5801 clean up agent_fd handling; properly initialise it to -1
5806 Upstream-ID: ac9554323d5065745caf17b5e37cb0f0d4825707
5814 pledges ssh client: - mux client: which is used when
5815 ControlMaster is in use. will end with "stdio proc tty" (proc is to
5816 permit sending SIGWINCH to mux master on window resize)
5818 - client loop: several levels of pledging depending of your used options
5822 Upstream-ID: 21676155a700e51f2ce911e33538e92a2cd1d94b
5830 Add "cpath" to the ssh-agent pledge so the cleanup
5835 Upstream-ID: 9e632991d48241d56db645602d381253a3d8c29d
5843 ssh-agent pledge needs proc for askpass; spotted by todd@
5845 Upstream-ID: 349aa261b29cc0e7de47ef56167769c432630b2a
5853 basic pledge() for ssh-agent, more refinement needed
5855 Upstream-ID: 5b5b03c88162fce549e45e1b6dd833f20bbb5e13
5865 dtucker beat me to it :/
5889 Upstream-ID: 3e00f6ccfe2b9a7a2d1dbba5409586180801488f
5900 Upstream-ID: c820497fd5574844c782e79405c55860f170e426
5916 don't include port number in tcpip-forward replies for
5920 Upstream-ID: 77efad818addb61ec638b5a2362f1554e21a970a
5929 except for the -p option (which sadly has insane semantics...) ok semarie
5932 Upstream-ID: 8854bbd58279abe00f6c33f8094bdc02c8c65059
5944 Upstream-ID: 5fc477cf2f119b2d44aa9c683af16cb00bb3744b
5952 add cast to make -Werror clean
5954 Upstream-ID: 288db4f8f810bd475be01320c198250a04ff064d
5971 ssh_connect_direct() to print an uninitialised stack variable; bz#2500
5974 Upstream-ID: 32b5134c608270583a90b93a07b3feb3cbd5f7d5
5984 Upstream-ID: 31fe0ad7c4d08e87f1d69c79372f5e3c5cd79051
5994 Upstream-ID: 39354cdd8a2b32b308fd03f98645f877f540f00d
6002 move the certificate validity formatting code to
6005 Upstream-ID: f05f7c78fab20d02ff1d5ceeda533ef52e8fe523
6013 fix "ssh-keygen -l" of private key, broken in support for
6016 Upstream-ID: 6b3132d2c62d03d0bad6f2bcd7e2d8b7dab5cd9d
6024 Replace remaining calls to index(3) with strchr(3). OK
6027 Upstream-ID: 33837d767a0cf1db1489b96055f9e330bc0bab6d
6035 Allow fingerprinting from standard input "ssh-keygen -lf
6036 -"
6043 Upstream-ID: 903f8b4502929d6ccf53509e4e07eae084574b77
6053 failing to call it could result in sandbox violations later; ok markus@
6055 Upstream-ID: c8a6d0d56c42f3faab38460dc917ca0d1705d383
6066 Upstream-ID: f371e78e8f4fab366cf69a42bdecedaed5d1b089
6074 1) Use xcalloc() instead of xmalloc() to check for
6080 Upstream-ID: 013534c308187284756c3141f11d2c0f33c47213
6089 includes all current and future key restrictions (no-*-forwarding, etc). Also
6090 add permissive versions of the existing restrictions, e.g. "no-pty" -> "pty".
6092 maximally-restricted, regardless of any permissions we might implement in the
6097 restrict,pty,command="nethack" ssh-ed25519 AAAAC3NzaC1lZDI1...
6101 Upstream-ID: 04ceb9d448e46e67e13887a7ae5ea45b4f1719d0
6109 correct section number for ssh-agent;
6111 Upstream-ID: 44be72fd8bcc167635c49b357b1beea8d5674bd6
6121 Upstream-ID: 1470fce171c47b60bbc7ecd0fc717a442c2cfe65
6129 Add an AddKeysToAgent client option which can be set to
6130 'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When enabled, a
6131 private key that is used during authentication will be added to ssh-agent if
6132 it is running (with confirmation enabled if set to 'confirm').
6138 Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4
6146 send SSH2_MSG_UNIMPLEMENTED replies to unexpected
6149 Upstream-ID: 2b3abdff344d53c8d505f45c83a7b12e84935786
6158 ForceCommand and ChrootDirectory. Useful inside Match blocks to override a
6161 Upstream-ID: 7ef478d6592bc7db5c7376fc33b4443e63dccfa5
6170 reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@
6172 Upstream-ID: ecbadeeef3926e5be6281689b7250a32a80e88db
6183 Upstream-ID: e4d03f39d254db4c0cc54101921bb89fbda19879
6194 Upstream-ID: 9a1889e19647615ededbbabab89064843ba92d3e
6202 remove prototypes for long-gone s/key support; ok
6205 Upstream-ID: db5bed3c57118af986490ab23d399df807359a79
6230 -c before -H, in SYNOPSIS and usage();
6232 Upstream-ID: 25e8c58a69e1f37fcd54ac2cd1699370acb5e404
6240 Add "ssh-keyscan -c ..." flag to allow fetching
6243 Upstream-ID: 0947e2177dba92339eced9e49d3c5bf7dda69f82
6253 Upstream-ID: 39ba08548acde4c54f2d4520c202c2a863a3c730
6264 Upstream-ID: a3e3a85434ebfa0690d4879091959591f30efc62
6277 Upstream-ID: 8b46bc94cf1ca7c8c1a75b1c958b2bb38d7579c8
6285 "commandline" -> "command line", since there are so few
6291 Upstream-ID: 78459d59bff74223f8139d9001ccd56fc4310659
6312 Upstream-Regress-ID: 246c37ed64a2e5704d4c158ccdca1ff700e10647
6320 Fix typo certopt->certopts in shell variable. This would
6321 cause the test to hang at a host key prompt if you have an A or CNAME for
6324 Upstream-Regress-ID: 6ea03bcd39443a83c89e2c5606392ceb9585836a
6335 Upstream-ID: 853662c4036730b966aab77684390c47b9738c69
6343 fix execv arguments in a way less likely to cause grief
6344 for -portable; ok dtucker@
6346 Upstream-ID: 5902bf0ea0371f39f1300698dc3b8e4105fc0fc5
6354 log certificate serial in verbose() messages to match the
6357 Upstream-ID: dfc48b417c320b97c36ff351d303c142f2186288
6365 avoid de-const warning & shrink; ok dtucker@
6367 Upstream-ID: 69a85ef94832378952a22c172009cbf52aaa11db
6375 Expand tildes in filenames passed to -i before checking
6380 Upstream-ID: db1757178a14ac519e9a3e1a2dbd21113cb3bfc6
6388 Do not prepend "exec" to the shell command run by "Match
6389 exec" in a config file. It's an unnecessary optimization from repurposed
6393 Upstream-ID: a1ead25ae336bfa15fb58d8c6b5589f85b4c33a3
6401 Move glob.h from includes.h to the only caller (sftp) and override the
6412 Update expected group sizes to match recent code changes.
6414 Upstream-Regress-ID: 0004f0ea93428969fe75bcfff0d521c553977794
6425 Upstream-ID: 5321dabfaeceba343da3c8a8b5754c6f4a0a307b
6433 skip "Could not chdir to home directory" message when
6438 Upstream-ID: 86783c1953da426dff5b03b03ce46e699d9e5431
6447 tun-forwarding. Adapted from portable (using separate devices for this is the
6450 Upstream-ID: 90facf4c59ce73d6741db1bc926e578ef465cd39
6460 Upstream-ID: dd2f402b0a0029b755df029fc7f0679e1365ce35
6468 Compare pointers to NULL rather than 0.
6472 Upstream-ID: 21616cfea27eda65a06e772cc887530b9a1a27f8
6480 Replace a function-local allocation with stack memory.
6484 Upstream-ID: c09fbbab637053a2ab9f33ca142b4e20a4c5a17e
6490 turn off PrintLastLog when --disable-lastlog
6501 diffie-hellman-group-exchange to 2048 bits; ok markus@
6503 Upstream-ID: 06dce7a24c17b999a0f5fadfe95de1ed6a1a9b6a
6512 hostname canonicalisation - treat them as already canonical and remove the
6515 Upstream-ID: f7619652e074ac3febe8363f19622aa4853b679a
6523 0 -> NULL when comparing with a char*.
6527 Upstream-ID: a928e9c21c0a9020727d99738ff64027c1272300
6538 Upstream-ID: 78cd55420a0eef68c4095bdfddd1af84afe5f95c
6546 argument to sshkey_from_private() and sshkey_demote()
6549 Upstream-ID: 0111245b1641d387977a9b38da15916820a5fd1f
6561 Date: Thu Oct 15 15:48:28 2015 -0700
6567 Date: Wed Oct 14 09:22:15 2015 -0700
6578 …date: 2015/10/13 20:55:37; author: millert; state: Exp; lines: +2 -2; commitid: X39sl5ay1czgFI…
6580 the truncation check immediately following it was not updated to
6591 …date: 2015/01/16 16:48:51; author: deraadt; state: Exp; lines: +3 -3; commitid: 0DYulI8hhujBHM…
6592 Move to the <limits.h> universe.
6602 … date: 2014/10/19 03:56:28; author: doug; state: Exp; lines: +9 -9; commitid: U6QxmtbXrGoc02S5;
6603 Revert last commit due to changed semantics found by make release.
6612 …date: 2014/10/18 20:43:52; author: doug; state: Exp; lines: +10 -10; commitid: I74hI1tVZtsspKE…
6615 millert@ made changes to realpath.c based on FreeBSD's version. I merged
6627 date: 2013/04/05 12:59:54; author: kurt; state: Exp; lines: +3 -1;
6628 - Add comments regarding copies of these files also in libexec/ld.so
6638 date: 2012/09/13 15:39:05; author: deraadt; state: Exp; lines: +2 -2;
6639 specify the bounds of the dst to strlcat (both values were static and
6650 date: 2011/07/24 21:03:00; author: miod; state: Exp; lines: +35 -13;
6652 is NULL, and third-party software is starting to rely upon this.
6653 Adapted from FreeBSD via Jona Joachim (jaj ; hcl-club , .lu), with minor
6665 Upstream-ID: ba4f52f54268a421a2a5f98bb375403f4cb044b8
6676 Upstream-ID: c260d9e5ec73628d9ff4b067fbb060eff5a7d298
6684 Change all tame callers to namechange to pledge(2).
6686 Upstream-ID: 17e654fc27ceaf523c60f4ffd9ec7ae4e7efc7f2
6692 hook tame(2) sandbox up to build
6702 include PubkeyAcceptedKeyTypes in ssh -G config dump
6704 Upstream-ID: 6c097ce6ffebf6fe393fb7988b5d152a5d6b36bb
6712 UsePrivilegeSeparation defaults to sandbox now.
6716 Upstream-ID: bff136c38bcae89df82e044d2f42de21e1ad914f
6724 don't try to change tun device flags if they are already
6725 what we need; makes it possible to use tun/tap networking as non- root user
6726 if device permissions and interface flags are pre-established; based on patch
6729 Upstream-ID: 89099ac4634cd477b066865acf54cb230780fd21
6733 Date: Mon Oct 5 18:33:05 2015 -0700
6743 adapt to recent sshkey_parse_private_fileblob() API
6746 Upstream-Regress-ID: 5c0d818da511e33e0abf6a92a31bd7163b7ad988
6754 fix command-line option to match what was actually
6757 Upstream-Regress-ID: 3e8c24a2044e8afd37e7ce17b69002ca817ac699
6768 Upstream-Regress-ID: e7a6e980cbe0f8081ba2e83de40d06c17be8bd25
6776 some more bzero->explicit_bzero, from Michael McConville
6778 Upstream-ID: 17f19545685c33327db2efdc357c1c9225ff00d0
6788 Upstream-ID: 72150f2d54b94de14ebef1ea054ef974281bf834
6798 Upstream-ID: 4ca24e47895e72f5daaa02f3e3d3e5ca2d820fa3
6806 re-order system calls in order of risk, ok i'll be
6809 Upstream-ID: 42a1e6d251fd8be13c8262bee026059ae6328813
6819 Upstream-ID: 0e5a7852c28c05fc193419cc7e50e64c1c535af0
6827 add ssh_config CertificateFile option to explicitly list
6830 Upstream-ID: 58648ec53c510b41c1f46d8fe293aadc87229ab8
6840 Upstream-ID: 424402c0d8863a11b51749bacd7f8d932083b709
6851 Upstream-ID: f7afd41810f8540f524284f1be6b970859f94fe3
6860 root to ptrace arbitrary processes
6862 Upstream-Regress-ID: be2b925df89360dff36f972951fa0fa793769038
6873 Upstream-Regress-ID: 188cb7d9031cdbac3a0fa58b428b8fa2b2482bba
6881 - Fix error message: passphrase needs to be at least 5
6882 characters, not 4. - Remove unused function argument. - Remove two
6887 Upstream-ID: 13010c05bfa8b523da1c0dc19e81dd180662bc30
6895 When adding keys to the agent, don't ignore the comment
6900 Upstream-ID: dc737c620a5a8d282cc4f66e3b9b624e9abefbec
6913 Upstream-ID: 2e3337db046c3fe70c7369ee31515ac73ec00f50
6921 sync -Q in usage() to SYNOPSIS; since it's drastically
6922 shorter, i've reformatted the block to sync with the man (80 cols) and saved
6925 Upstream-ID: 86e2c65c3989a0777a6258a77e589b9f6f354abd
6935 Upstream-ID: f29b3cfcfd9aa31fa140c393e7bd48c1c74139d6
6943 Update usage to match man page.
6945 Upstream-ID: 9e85aefaecfb6aaf34c7cfd0700cd21783a35675
6953 expand %i in ControlPath to UID; bz#2449
6957 Upstream-ID: 2ba8d303e555a84e2f2165ab4b324b41e80ab925
6965 mention -Q key-plain and -Q key-cert; bz#2455 pointed out
6968 Upstream-ID: c8f1f8169332e4fa73ac96b0043e3b84e01d4896
6974 Use ssh-keygen -A when generating host keys.
6976 Use ssh-keygen -A instead of per-keytype invocations when generating host
6977 keys. Add tests when doing host-key-force since we can't use ssh-keygen -A
6984 Correct default value for --with-ssh1.
6986 bz#2457, from konto-mindrot.org at walimnieto.com.
6997 Upstream-ID: 78ab87f069080f0cc3bc353bb04eddd9e8ad3704
7007 to it. bz#2460
7009 Upstream-ID: b6e794b0c7fc4f9f329509263c8668d35f83ea55
7020 Upstream-ID: 5b84d0401e27fe1614c10997010cc55933adb48e
7044 Upstream-ID: 99d098287767799ac33d2442a05b5053fa5a551a
7055 Upstream-ID: 52a1a3e0748db66518e7598352c427145692a6a0
7065 Upstream-ID: 92fb2798617ad9561370897f4ab60adef2ff4c0e
7076 Upstream-ID: a126209b5a6d9cb3117ac7ab5bc63d284538bfc2
7087 Upstream-ID: 26b368fa2cff481f47f37e01b8da1ae5b57b1adc
7095 remove extra newline in nethack-mode hostkey; from
7098 Upstream-ID: 4f56368b1cc47baeea0531912186f66007fd5b92
7108 Upstream-Regress-ID: a4e64e8931e40d23874b047074444eff919cdfe6
7117 wrong error codes being returned due to != having higher precedence than =.
7121 Upstream-ID: 5fc35c9fc0319cc6fca243632662d2f06b5fd840
7140 Upstream-ID: 8db921b3f92a4565271b1c1fbce6e7f508e1a2cb
7148 Fix printing (ssh -G ...) of HostKeyAlgorithms=+...
7151 Upstream-ID: 19ad20c41bd5971e006289b6f9af829dd46c1293
7163 Upstream-ID: 70ca1deea39d758ba36d36428ae832e28566f78d
7174 Upstream-ID: 899b021be43b913fad3eca1aef44efe710c53e29
7186 we don't use Github for issues/pull-requests
7206 openssh-7.1
7208 Upstream-ID: ff7b1ef4b06caddfb45e08ba998128c88be3d73f
7219 Upstream-ID: 260dd6a904c1bb7e43267e394b1c9cf70bdd5ea5
7230 Upstream-ID: 5e50ded78cadf3841556649a16cc4b1cb6c58667
7241 Upstream-ID: 9e037ea3b15577b238604c5533e082a3947f13cb
7252 Upstream-ID: 24001d1ac115fa3260fbdc329a4b9aeb283c5389
7260 fix double-free() in error path of DSA key generation
7263 Upstream-ID: 4735d8f888b10599a935fa1b374787089116713c
7274 Upstream-ID: 519552b050618501a06b7b023de5cb104e2c5663
7285 Upstream-ID: 14a0c4e7d891f5a8dabc4b89d4f6b7c0d5a20109
7298 Upstream-ID: 35174a19b5237ea36aa3798f042bf5933b772c67
7306 add prohibit-password as a synonymn for without-password,
7307 since the without-password is causing too many questions. Harden it to ban
7311 Upstream-ID: d53317d7b28942153e6236d3fd6e12ceb482db7a
7329 set sshpam_ctxt to NULL after free
7331 Avoids use-after-free in monitor when privsep child is compromised.
7338 Don't resend username to PAM; it already has it.
7352 let principals-command.sh work for noexec /var/run
7358 work around echo -n / sed behaviour in tests
7368 Upstream-Regress-ID: 5a72c83431b96224d583c573ca281cd3a3ebfdae
7379 Upstream-ID: d0bd60dde9e8c3cd7030007680371894c1499822
7389 Upstream-ID: c63afdef537f57f28ae84145c5a8e29e9250221f
7397 Allow PermitRootLogin to be overridden by config
7401 Upstream-ID: 5cf3e26ed702888de84e2dc9d0054ccf4d9125b4
7412 Upstream-ID: 40ff076d2878b916fbfd8e4f45dbe5bec019e550
7420 change default: PermitRootLogin without-password matching
7423 Upstream-ID: 0e2a6c4441daf5498b47a61767382bead5eb8ea6
7429 downgrade OOM adjustment logging: verbose -> debug
7438 prefixed by a '+' to indicate that the specified items be appended to the
7443 Upstream-ID: 0f901137298fc17095d5756ff1561a7028e8882a
7454 Upstream-ID: 22c0dc6bc61930513065d92e11f0753adc4c6e6e
7462 include the peer's offer when logging a failure to
7465 Upstream-ID: bbb8caabf5c01790bb845f5ce135565248d7c796
7473 add Cisco to the list of clients that choke on the
7476 Upstream-ID: c9eadde28ecec056c73d09ee10ba4570dfba7e84
7484 Permit kbind(2) use in the sandbox now, to ease testing
7489 Upstream-ID: 523922e4d1ba7a091e3824e77a8a3c818ee97413
7497 Move .Pp before .Bl, not after to quiet mandoc -Tlint.
7500 Upstream-ID: 59fadbf8407cec4e6931e50c53cfa0214a848e23
7510 Upstream-ID: 7a321a170181a54f6450deabaccb6ef60cf3f0b7
7521 Upstream-ID: 85e28874726897e3f26ae50dfa2e8d2de683805d
7527 make realpath.c compile -Wsign-compare clean
7539 Upstream-ID: 0812705d5f2dfa59aab01f2764ee800b1741c4e1
7550 Upstream-ID: 2f7c94744eb0342f8ee8bf97b2351d4e00116485
7561 Upstream-ID: 744c1e7796e237ad32992d0d02148e8a18f27d29
7569 only query each keyboard-interactive device once per
7572 Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1
7580 remove -u flag to diff (only used for error output) to make
7581 things easier for -portable
7583 Upstream-Regress-ID: a5d6777d2909540d87afec3039d9bb2414ade548
7591 direct-streamlocal@openssh.com Unix domain foward
7596 Upstream-ID: 3d51a19e64f72f764682f1b08f35a8aa810a43ac
7607 Upstream-ID: 943080fe3864715c423bdeb7c920bb30c4eee861
7615 On some platforms the native realpath doesn't work with non-existent
7620 In addition, when compiling with -DFORTIFY_SOURCE, glibc redefines
7621 the realpath symbol to the checked version, so redefine ours to
7635 Upstream-ID: 6004d720345b8e481c405e8ad05ce2271726e451
7643 fix NULL-deref when SSH1 reenabled
7645 Upstream-ID: f22fd805288c92b3e9646782d15b48894b2d5295
7656 Upstream-Regress-ID: 7ccf437305dd63ff0b48dd50c5fd0f4d4230c10a
7665 PubkeyAcceptedKeyTypes and PubkeyAcceptedKeyTypes to test DSA.
7667 Upstream-Regress-ID: 0ff2a3ff5ac1ce5f92321d27aa07b98656efcc5c
7677 Upstream-Regress-ID: 3495ecb082b9a7c048a2d7c5c845d3bf181d25a4
7685 adapt tests to new minimum RSA size and default FP format
7687 Upstream-Regress-ID: a4b30afd174ce82b96df14eb49fb0b81398ffd0e
7695 legacy v00 certificates are gone; adapt and don't try to
7698 Upstream-Regress-ID: c57321e69b3cd4a3b3396dfcc43f0803d047da12
7708 Upstream-Regress-ID: f8812b16668ba78e6a698646b2a652b90b653397
7716 turn SSH1 back on to match src/usr.bin/ssh being tested
7718 Upstream-Regress-ID: 6c4f763a2f0cc6893bf33983919e9030ae638333
7726 Add "PuTTY_Local:" to the clients to which we do not
7727 offer DH-GEX. This was the string that was used for development versions
7728 prior to September 2014 and they don't do RFC4419 DH-GEX, but unfortunately
7732 Upstream-ID: be34d41e18b966832fe09ca243d275b81882e1d5
7740 Turn off DSA by default; add HostKeyAlgorithms to the
7741 server and PubkeyAcceptedKeyTypes to the client side, so it still can be
7744 Upstream-ID: 8450a9e6d83f80c9bfed864ff061dfc9323cec21
7752 re-enable ed25519-certs if compiled w/o openssl; ok djm
7754 Upstream-ID: e10c90808b001fd2c7a93778418e9b318f5c4c49
7762 no need to include the old buffer/key API
7764 Upstream-ID: fb13c9f7c0bba2545f3eb0a0e69cb0030819f52b
7774 Upstream-ID: 50e6a18ee92221d23ad173a96d5b6c42207cf9a7
7784 Upstream-ID: afb532355b7fa7135a60d944ca1e644d1d63cb58
7794 Upstream-ID: 174fa7faa9b9643cba06164b5e498591356fbced
7805 Upstream-ID: 9d8826cafe96aab4ae8e2f6fd22800874b7ffef1
7816 Upstream-ID: feae52b209d7782ad742df04a4260e9fe41741db
7824 refuse to generate or accept RSA keys smaller than 1024
7827 Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba
7835 turn off 1024 bit diffie-hellman-group1-sha1 key
7839 Upstream-ID: f59b88f449210ab7acf7d9d88f20f1daee97a4fa
7850 Upstream-ID: b5b9bb5f9202d09e88f912989d74928601b6636f
7858 Compile-time disable SSH v.1 again
7860 Upstream-ID: 1d4b513a3a06232f02650b73bad25100d1b800af
7870 Upstream-ID: 2bd23976305d0512e9f84d054e1fc23cd70b89f2
7878 twiddle; (this commit marks the openssh-6.9 release)
7880 Upstream-ID: 78500582819f61dd8adee36ec5cc9b9ac9351234
7891 Upstream-ID: bf0fddadc1b46a0334e26c080038313b4b6dea21
7901 Upstream-ID: 7bdedd5cead99c57ed5571f3b6b7840922d5f728
7909 openssh-6.9
7911 Upstream-ID: 6cfe8e1904812531080e6ab6e752d7001b5b2d45
7919 reset default PermitRootLogin to 'yes' (momentarily, for
7922 Upstream-ID: cad8513527066e65dd7a1c16363d6903e8cefa24
7934 s/--with-ssh1/--without-ssh1/
7943 value to overflow. Reported by Georg Wicherski, ok markus@
7945 Upstream-ID: ead397a9aceb3bf74ebfa5fcaf259d72e569f351
7957 Upstream-ID: be54059d11bf64e0d85061f7257f53067842e2ab
7963 skip IPv6-related portions on hosts without IPv6
7973 add getpid to sandbox, reachable by grace_alarm_handler
7977 Upstream-ID: d0da1117c16d4c223954995d35b0f47c8f684cd8
7985 Fix \-escaping bug that caused forward path parsing to skip
7990 Upstream-ID: 7b879dc446335677cbe4cb549495636a0535f3bd
8006 correct test to sshkey_sign(); spotted by Albert S.
8008 Upstream-ID: 5f7347f40f0ca6abdaca2edb3bd62f4776518933
8016 Revert previous commit. We still want to call setgroups
8017 in the case where there are zero groups to remove any that we might otherwise
8019 to setgroups is always a static global it's always valid to dereference in
8022 Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
8030 Revert previous commit. We still want to call setgroups in
8031 the case where there are zero groups to remove any that we might otherwise
8033 to setgroups is always a static global it's always valid to dereference in
8036 Upstream-ID: 895b5ac560a10befc6b82afa778641315725fd01
8045 in monitor; this may have caused the monitor to refuse multiple
8048 Upstream-ID: eb74b8e506714d0f649bd5c300f762a527af04a3
8057 guarantee that it won't try to deref the pointer. Based on a patch from mail
8060 Upstream-ID: 2fff85e11d7a9a387ef7fddf41fbfaf566708ab1
8075 AuthorizedPrincipalsFile is not (or is set to "none"), authentication will
8076 potentially fail due to key_cert_check_authority() failing to locate a
8079 same logic to determine if pw->pw_name should be passed, as is used to
8084 Upstream-ID: 43b42302ec846b0ea68aceb40677245391b9409d
8092 Make the arguments to match_principals_command() similar
8093 to match_principals_file(), by changing the last argument a struct
8094 sshkey_cert * and dereferencing key->cert in the caller.
8100 Upstream-ID: 533f99b844b21b47342b32b62e198dfffcf8651c
8106 trivial optimisation for seccomp-bpf
8116 aarch64 support for seccomp-bpf sandbox
8129 Upstream-ID: e61bb93dbe0349625807b0810bc213a6822121fa
8133 Date: Tue Jun 9 22:41:13 2015 -0700
8143 For "ssh -L 12345:/tmp/sock" don't fail with "No forward host
8147 Upstream-ID: 2846b0a8c7de037e33657f95afbd282837fc213f
8157 Upstream-ID: 45e620d99f6bc301e5949d34a54027374991c88b
8165 Stopgap to resolve bz#2409 because we are so close to release and will
8166 update config.guess and friends shortly after the release. ok djm@
8171 Date: Wed Jun 3 21:43:13 2015 -0700
8177 Date: Wed Jun 3 21:41:11 2015 -0700
8193 mention CheckHostIP adding addresses to known_hosts;
8196 Upstream-ID: fd44b68440fd0dc29abf9f2d3f703d74a2396cb7
8222 re-enable SSH protocol 1 at compile time
8232 Upstream-Regress-ID: bca88217b70bce2fe52b23b8e06bdeb82d98c715
8240 wrap all moduli-related code in #ifdef WITH_OPENSSL.
8243 Upstream-ID: d80cfc8be3e6ec65b3fac9e87c4466533b31b7cf
8252 in the log message to be consistent with other cases. Part of bz#1993, ok
8255 Upstream-ID: a9e97567be49f25daf286721450968251ff78397
8263 Fix typo (keywork->keyword)
8265 Upstream-ID: 8aacd0f4089c0a244cf43417f4f9045dfaeab534
8275 Upstream-ID: cbcc606e0b748520c74a210d8f3cc9718d3148cf
8283 make ssh-keygen default to ed25519 keys when compiled
8286 Upstream-ID: 85a471fa6d3fa57a7b8e882d22cfbfc1d84cdc71
8294 Reorder client proposal to prefer
8295 diffie-hellman-group-exchange-sha1 over diffie-hellman-group14-sha1. ok djm@
8297 Upstream-ID: 552c08d47347c3ee1a9a57d88441ab50abe17058
8305 Add a stronger (4k bit) fallback group that sshd can use
8309 Upstream-ID: b635215746a25a829d117673d5e5a76d4baee7f4
8326 bz#2240, based on patch from Dirk-Willem van Gulik; feedback and ok dtucker@
8328 Upstream-ID: 504568992b55a8fc984375242b1bd505ced61b0d
8336 Cap DH-GEX group size at 4kbits for Cisco implementations.
8340 Upstream-ID: 54b863a19713446b7431f9d06ad0532b4fcfef8d
8348 add missing 'c' option to getopt(), case statement was
8351 Upstream-ID: 9b19b4e2e0b54d6fefa0dfac707c51cf4bae3081
8361 Upstream-ID: bc1da0f205494944918533d8780fde65dff6c598
8369 mention ssh-keygen -E for comparing legacy MD5
8372 Upstream-ID: 079a3669549041dbf10dbc072d9563f0dc3b2859
8380 Reorder EscapeChar option parsing to avoid a single-byte
8381 out- of-bounds read. bz#2396 from Jaak Ristioja; ok dtucker@
8383 Upstream-ID: 1dc6b5b63d1c8d9a88619da0b27ade461d79b060
8391 add knob to relax GSSAPI host credential check for
8395 Upstream-ID: 15ddf1c6f7fd9d98eea9962f480079ae3637285d
8417 Support "ssh-keygen -lF hostname" to find search known_hosts
8418 and print key hashes. Already advertised by ssh-keygen(1), but not delivered
8421 Upstream-ID: 459e0e2bf39825e41b0811c336db2d56a1c23387
8437 Upstream-Regress-ID: c658fbf1ab6b6011dc83b73402322e396f1e1219
8447 Upstream-Regress-ID: bbd65c13c6b3be9a442ec115800bff9625898f12
8461 Upstream-ID: aa1bdac7b16fc6d2fa3524ef08f04c7258d247f6
8469 support arguments to AuthorizedKeysCommand
8474 Upstream-ID: b080387a14aa67dddd8ece67c00f268d626541f7
8485 Upstream-ID: 54fc38f5832e9b91028900819bda46c3959a0c1a
8494 enough. openssh-portable may want the #ifdef's but not base. discussed with
8497 Upstream-ID: 0506a4334de108e3fb6c66f8d6e0f9c112866926
8506 text and do constant-time comparisons of it. Should prevent leaking any
8508 incrementing delay for each failed unlock attempt up to 10s. ok markus@
8511 Upstream-ID: c599fcc325aa1cc65496b25220b622d22208c85f
8519 - tedu@cvs.openbsd.org 2015/01/12 03:20:04
8521 rename blocks to words. bcrypt "blocks" are unrelated to blowfish blocks,
8530 - deraadt@cvs.openbsd.org 2015/01/08 00:30:07
8540 - djm@cvs.openbsd.org 2014/12/30 01:41:43
8553 Prompted by hanno AT hboeck.de pointing an out-of-bound read
8565 refactor ssh_dispatch_run_fatal() to use sshpkt_fatal()
8566 to better report error conditions. Teach sshpkt_fatal() about ECONNRESET.
8568 Improves error messages on TCP connection resets. bz#2257
8579 causing them to be misapplied in match context; bz#2272 diagnosis and
8607 reduce stderr spam when using ssh -S /path/mux -O forward
8608 -R 0:... ok dtucker@
8617 tests without a corresponding private key authentication being applied to
8627 option conditional on PermitUserEnv - always parse it, but only use the
8642 Prompted by hanno AT hboeck.de pointing an out-of-bound read
8655 parser. Right now, all it does is run the output of sshd -T back through
8683 Upstream-Regress-ID: 6b708a3e709d5b7fd37890f874bafdff1f597519
8693 Upstream-Regress-ID: 9c48911643d5b05173b36a012041bed4080b8554
8703 Upstream-ID: 64eaf872a3ba52ed41e494287e80d40aaba4b515
8713 Upstream-ID: 57bcf67d666c6fc1ad798aee448fdc3f70f7ec2c
8729 Use diff w/out -u for better portability
8737 Use xcalloc for permitted_adm_opens instead of xmalloc to
8738 ensure it's zeroed. Fixes post-auth crash with permitopen=none. bz#2355, ok
8747 don't choke on new-format private keys encrypted with an
8756 Clarify pseudo-terminal request behaviour and use
8757 "pseudo-terminal" consistently. bz#1716, ok jmc@ "I like it" deraadt@.
8765 Blacklist DH-GEX for specific PuTTY versions known to
8766 send non-RFC4419 DH-GEX messages rather than all versions of PuTTY.
8767 According to Simon Tatham, 0.65 and newer versions will send RFC4419 DH-GEX
8776 WinSCP doesn't implement RFC4419 DH-GEX so flag it so we
8785 use the sizeof the struct not the sizeof a pointer to the
8806 xrealloc -> xreallocarray in portable code too.
8823 enviroment -> environment: apologies to darren for not
8841 subject to SendEnv and AcceptEnv. bz#2386, based loosely on a patch from
8850 Make sshd default to PermitRootLogin=no; ok deraadt@
8876 allow "sshd -f none" to skip reading the config file,
8877 much like "ssh -F none" does. ok dtucker
8885 combine -Dd onto one line and update usage();
8893 add ssh-agent -D to leave ssh-agent in foreground
8902 2*len -> use xreallocarray() ok djm
8910 rename xrealloc() to xreallocarray() since it follows
8919 Two small fixes for sshd -T: ListenAddress'es are added
8920 to a list head so reverse the order when printing them to ensure the
8940 unknown certificate extensions are non-fatal, so don't
8961 s/recommended/required/ that private keys be og-r this
8970 don't try to cleanup NULL KEX proposals in
8980 and exit(0), fix a few errors that were being printed to stdout instead of
8981 stderr and a few non-errors that were going to stderr instead of stdout
9008 Add some missing options to sshd -T and fix the output
9027 Plug leak of address passed to logging. bz#2373, patch
9043 Format UsePAM setting when using sshd -T.
9057 Look for '${host}-ar' before 'ar'.
9059 This changes configure.ac to look for '${host}-ar' as set by
9061 Useful when cross-compiling when all your binutils are prefixed.
9090 deprecate ancient, pre-RFC4419 and undocumented
9101 (hostkeys-00@openssh.com) to current versions of Tera Term as they can't
9111 include port number if a non-default one has been
9136 Use do{}while(0) for no-op functions.
9169 adapt to recent hostfile.c change: when parsing
9179 use ${SSH} for -Q instead of installed ssh
9195 downgrade error() for known_hosts parse errors to debug()
9196 to quiet warnings from ssh1 keys present when compiled !ssh1.
9226 tried to add one and entered his passphrase, explicitly clear it before exit.
9237 ssh-askpass(1) is the default, overridden by SSH_ASKPASS;
9246 fix uninitialised memory read when parsing a config file
9265 don't try to load .ssh/identity by default if SSH1 is
9274 ban all-zero curve25519 keys as recommended by latest
9283 relax bits needed check to allow
9284 diffie-hellman-group1-sha1 key exchange to complete for chacha20-poly1305 was
9293 ignore v1 errors on ssh-add -D; only try v2 keys on
9294 -l/-L (unless WITH_SSH1) ok djm@
9328 correct fmt-string for size_t as noted by Nicholas
9337 promote chacha20-poly1305@openssh.com to be the default
9346 Compile-time disable SSH protocol 1. You can turn it
9347 back on using the Makefile.inc knob if you need it to talk to ancient
9356 fix double-negative error message "ssh1 is not
9365 for ssh-keygen -A, don't try (and fail) to generate ssh
9385 use since we only need encrypt for AES-CTR)