Commit Graph

86 Commits

Author SHA1 Message Date
Andrey A. Chernov
b36e10eee6 1) Surprisingly, "CheckMail" handling code completely removed from this
version, so documented "CheckMail" option exists but does nothing.
Bring it back to life adding code back.

2) Cosmetique. Reduce number of args in do_setusercontext()
2002-04-20 09:26:43 +00:00
Dag-Erling Smørgrav
cd3dfe6d6e Back out previous backout. It seems I was right to begin with, and DSA is
preferrable to RSA (not least because the SECSH draft standard requires
DSA while RSA is only recommended).
2002-04-12 15:52:10 +00:00
Dag-Erling Smørgrav
8f8855cff0 Knowledgeable persons assure me that RSA is preferable to DSA and that we
should transition away from DSA.
2002-04-11 22:04:40 +00:00
Dag-Erling Smørgrav
9c0adca3e7 Do not attempt to load an ssh2 RSA host key by default. 2002-04-11 16:08:02 +00:00
Jacques Vidrine
7fd1ca3b0c REALLY correct typo this time.
Noticed by:	roam
2002-03-26 12:27:43 +00:00
Jacques Vidrine
26241f6368 Fix typo (missing paren) affecting KRB4 && KRB5 case.
Approved by:	des
2002-03-25 14:55:41 +00:00
Dag-Erling Smørgrav
1d9e2b0ad5 Unbreak for KRB4 ^ KRB5 case.
Sponsored by:	DARPA, NAI Labs
2002-03-19 16:44:11 +00:00
Dag-Erling Smørgrav
af12a3e74a Fix conflicts. 2002-03-18 10:09:43 +00:00
Dag-Erling Smørgrav
ae1f160d56 Vendor import of OpenSSH 3.1 2002-03-18 09:55:03 +00:00
Brian Feldman
ca3176e7c8 Fix conflicts for OpenSSH 2.9. 2001-05-04 04:14:23 +00:00
Brian Feldman
1e8db6e2f6 Say "hi" to the latest in the OpenSSH series, version 2.9!
Happy birthday to:	rwatson
2001-05-04 03:57:05 +00:00
Brian Feldman
933ca70f8f Add a "VersionAddendum" configuration setting for sshd which allows
anyone to easily change the part of the OpenSSH version after the main
version number.  The FreeBSD-specific version banner could be disabled
that way, for example:

# Call ourselves plain OpenSSH
VersionAddendum
2001-05-03 00:29:28 +00:00
Assar Westerlund
cb96ab3672 Add code for being compatible with ssh.com's krb5 authentication.
It is done by using the same ssh messages for v4 and v5 authentication
(since the ssh.com does not now anything about v4) and looking at the
contents after unpacking it to see if it is v4 or v5.
Based on code from Björn Grönvall <bg@sics.se>

PR:		misc/20504
2001-03-04 02:22:04 +00:00
Paul Saab
8e97fe726f Make ConnectionsPerPeriod non-fatal for real. 2001-02-18 01:33:31 +00:00
Brian Feldman
895b03b1e8 MFF: Make ConnectionsPerPeriod usage a warning, not fatal. 2001-02-04 20:15:53 +00:00
Brian Feldman
ea0187039a /Really/ deprecate ConnectionsPerPeriod, ripping out the code for it
and giving a dire error to its lingering users.
2001-01-13 07:57:43 +00:00
Brian Feldman
099584266b Update to OpenSSH 2.3.0 with FreeBSD modifications. OpenSSH 2.3.0
new features description elided in favor of checking out their
website.

Important new FreeBSD-version stuff: PAM support has been worked
in, partially from the "Unix" OpenSSH version, and a lot due to the
work of Eivind Eklend, too.

This requires at least the following in pam.conf:

sshd    auth    sufficient      pam_skey.so
sshd    auth    required        pam_unix.so                     try_first_pass
sshd    session required        pam_permit.so

Parts by:	Eivind Eklend <eivind@FreeBSD.org>
2000-12-05 02:55:12 +00:00
Brian Feldman
5b9b2fafd4 Import of OpenSSH 2.3.0 (virgin OpenBSD source release). 2000-12-05 02:20:19 +00:00
Kris Kennaway
c2d3a5594b Resolve conflicts and update for OpenSSH 2.2.0
Reviewed by:	gshapiro, peter, green
2000-09-10 09:35:38 +00:00
Kris Kennaway
b66f2d16a0 Initial import of OpenSSH post-2.2.0 snapshot dated 2000-09-09 2000-09-10 08:31:17 +00:00
Kris Kennaway
1610cd7fa6 Turn on X11Forwarding by default on the server. Any risk is to the client,
where it is already disabled by default.

Reminded by:	peter
2000-09-02 03:49:22 +00:00
Kris Kennaway
b87db7cec0 Increase the default value of LoginGraceTime from 60 seconds to 120
seconds.

PR:		20488
Submitted by:	rwatson
2000-08-23 09:47:25 +00:00
Peter Wemm
365c420eb1 Sync sshd_config with sshd and manapage internal defaults (Checkmail = yes) 2000-07-11 09:54:24 +00:00
Peter Wemm
44de2297a4 Sync LoginGraceTime with sshd_config = 60 seconds by default, not 600. 2000-07-11 09:52:14 +00:00
Peter Wemm
e213d985b2 Fix out-of-sync defaults. PermitRootLogin is supposed to be 'no' but
sshd's internal default was 'yes'.  (if some cracker managed to trash
/etc/ssh/sshd_config, then root logins could be reactivated)

Approved by: kris
2000-07-11 09:50:15 +00:00
Brian Feldman
2803b77e52 Allow "DenyUsers" to function. 2000-06-06 06:16:55 +00:00
Kris Kennaway
c322fe352d Resolve conflicts 2000-06-03 09:58:15 +00:00
Kris Kennaway
2632b0c875 Initial import of OpenSSH snapshot from 2000/05/30
Obtained from:	OpenBSD
2000-06-03 09:52:37 +00:00
Kris Kennaway
e8aafc91b5 Resolve conflicts and update for FreeBSD. 2000-05-15 05:24:25 +00:00
Kris Kennaway
a04a10f891 Initial import of OpenSSH v2.1. 2000-05-15 04:37:24 +00:00
Kris Kennaway
3c6ae11886 Resolve conflicts. 2000-03-26 07:37:48 +00:00
Kris Kennaway
a8f6863aa6 Virgin import of OpenSSH sources dated 2000/03/25 2000-03-26 07:07:24 +00:00
Sheldon Hearn
962a3f4e81 IgnoreUserKnownHosts is a boolean flag, not an integer value.
The fix submitted in the attributed PR is identical to the one
adopted by OpenBSD.

PR:		17027
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
Obtained from:	OpenBSD
2000-03-22 09:36:35 +00:00
Mark Murray
fe5fd0173b 1) Add kerberos5 functionality.
by Daniel Kouril <kouril@informatics.muni.cz>
2) Add full LOGIN_CAP capability
   by Andrey Chernov
2000-02-28 19:03:50 +00:00
Mark Murray
42f71286cd Add the patches fom ports (QV: ports/security/openssh/patches/patch-*) 2000-02-24 15:29:42 +00:00
Mark Murray
511b41d2a1 Vendor import of OpenSSH. 2000-02-24 14:29:47 +00:00