Commit Graph

89 Commits

Author SHA1 Message Date
Kris Kennaway
b787acb5e3 Unbreak Kerberos5 compilation. This still remains untested.
Noticed by:	obrien
2000-05-17 08:06:20 +00:00
Kris Kennaway
e551e5eafa Oops, rename S/Key to Opie in line with FreeBSD usage. 2000-05-15 06:11:30 +00:00
Kris Kennaway
0c11f6e187 Create a DSA host key if one does not already exist, and teach sshd_config
about it.
2000-05-15 05:40:27 +00:00
Kris Kennaway
e8aafc91b5 Resolve conflicts and update for FreeBSD. 2000-05-15 05:24:25 +00:00
Kris Kennaway
a04a10f891 Initial import of OpenSSH v2.1. 2000-05-15 04:37:24 +00:00
Kris Kennaway
fe01acb846 This commit was generated by cvs2svn to compensate for changes in r60573,
which included commits to RCS files with non-trunk default branches.
2000-05-15 04:37:24 +00:00
Nik Clayton
699cc2f5e1 Note that X11 Forwarding is off by default.
PR:             docs/17566
Submitted by:   Keith Stevenson <ktstev01@louisville.edu>
2000-04-30 22:41:58 +00:00
Kris Kennaway
e31adaffd9 Fix a memory leak.
PR:		17360
Submitted by:	Andrew J. Korty <ajk@iu.edu>
2000-03-29 08:24:37 +00:00
Kris Kennaway
18fa3c2ec9 #include <ssl/foo.h> -> #include <openssl/foo.h> 2000-03-26 10:00:28 +00:00
Kris Kennaway
3c6ae11886 Resolve conflicts. 2000-03-26 07:37:48 +00:00
Kris Kennaway
a8f6863aa6 Virgin import of OpenSSH sources dated 2000/03/25 2000-03-26 07:07:24 +00:00
Kris Kennaway
cc99d7f2df This commit was generated by cvs2svn to compensate for changes in r58582,
which included commits to RCS files with non-trunk default branches.
2000-03-26 07:07:24 +00:00
Brian Somers
727214e9b8 Use pipe() instead of socketpair() in sshd when communicating
with the client.
This allows ppp/ssh style tunnels to function again.

Ok'd by:	markk
Submitted by:	markk@knigma.org
2000-03-24 15:39:37 +00:00
Mike Pritchard
5c51cd6437 Fix a few spelling errors. 2000-03-24 02:26:54 +00:00
Sheldon Hearn
962a3f4e81 IgnoreUserKnownHosts is a boolean flag, not an integer value.
The fix submitted in the attributed PR is identical to the one
adopted by OpenBSD.

PR:		17027
Submitted by:	David Malone <dwmalone@maths.tcd.ie>
Obtained from:	OpenBSD
2000-03-22 09:36:35 +00:00
Kris Kennaway
9fd4066575 Add a new function stub to libcrypto() which resolves to a symbol in
the librsa* library and reports which version of the library (OpenSSL/RSAREF)
is being used.

This is then used in openssh to detect the failure case of RSAREF and a RSA key
>1024 bits, to print a more helpful error message than 'rsa_public_encrypt() fai
led.'

This is a 4.0-RELEASE candidate.
2000-03-13 09:55:53 +00:00
Kris Kennaway
6a8633db4e Various manpage style/grammar/formatting cleanups
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>, jedgar
PR:		17292 (remainder of)
2000-03-13 00:17:43 +00:00
Nik Clayton
8ff0a8c302 - typos
- Add double spaces following full stops to improve typeset output
- mdoc-ification.  (Though I'm uncertain whether option values and
  contents should be .Dq or something else).
- Fix a missed /etc/ssh change
- Expand wording on RandomSeed and behaviour when X11 isn't forwarded.
- Change examples to literal mode.
- Trim trailing whitespace

PR:		docs/17292
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
2000-03-10 11:48:49 +00:00
Mark Murray
c59bf09996 Make LOGIN_CAP work properly. 2000-03-09 14:52:31 +00:00
Kris Kennaway
2134165c54 /etc -> /etc/ssh
Submitted by:	Ben Smithurst <ben@scientia.demon.co.uk>
2000-03-08 03:44:00 +00:00
John Hay
2216ad9c7e MFI: Use krb5 functions in krb5 files.
Reviewed by:	markm
2000-03-03 20:31:58 +00:00
Brian Feldman
5dc73ebebe Turn off X11 forwarding in the client. X11 forwarding in the server by
default should probably also get turned on, now.

Requested by:	kris
Obtained from:	OpenBSD
2000-03-03 05:58:39 +00:00
Hajimu UMEMOTO
e51ec40ec8 Enable connection logging. FreeBSD's libwrap is IPv6 ready.
OpenSSH is in our source tree, now.  It's a time to enable it.

Reviewed by:	markm, shin
Approved by:	jkh
2000-02-29 19:37:04 +00:00
Mark Murray
fe5fd0173b 1) Add kerberos5 functionality.
by Daniel Kouril <kouril@informatics.muni.cz>
2) Add full LOGIN_CAP capability
   by Andrey Chernov
2000-02-28 19:03:50 +00:00
Brian Somers
ccd16b43ed Don't put truncated hostnames in utmp
Approved by: jkh
2000-02-28 18:51:30 +00:00
Peter Wemm
2307080405 Redo this with a repo copy from the original file and reset the
__PREFIX__ markers.
2000-02-26 09:59:14 +00:00
Peter Wemm
4d3289a849 oops, update path to /etc/ssh/ssh_host_key 2000-02-26 02:24:38 +00:00
Peter Wemm
9ceffc938a Merge from internat.freebsd.org; move ssh files from /etc to /etc/ssh 2000-02-25 14:25:10 +00:00
Brian Feldman
8261034302 Fix a bug that crawled in pretty recently (from the port). It made
sshd coredump :(
2000-02-25 05:22:14 +00:00
Peter Wemm
38ba484ce1 Fix garbage in SSH_PROGRAM (only on freefall, not internat) 2000-02-25 04:41:06 +00:00
Brian Feldman
a95c122521 Make "CheckHostIP" default to off. This was proposed on -security and
earlier IRC, but despite my inital feeling against it, this seems
the more proper thing to do.

Proposed by:	rwatson
2000-02-25 03:04:29 +00:00
Brian Feldman
18a711954e The includes must be <openssl/.*\.h>, not <ssl/.*\.h>. 2000-02-25 01:53:12 +00:00
Mark Murray
b719e3c926 remove more ports crud. 2000-02-24 23:54:00 +00:00
Mark Murray
6ecb050733 remove ports junk 2000-02-24 23:46:38 +00:00
Mark Murray
42f71286cd Add the patches fom ports (QV: ports/security/openssh/patches/patch-*) 2000-02-24 15:29:42 +00:00
Mark Murray
511b41d2a1 Vendor import of OpenSSH. 2000-02-24 14:29:47 +00:00
Mark Murray
8e3e42fe07 This commit was generated by cvs2svn to compensate for changes in r57429,
which included commits to RCS files with non-trunk default branches.
2000-02-24 14:29:47 +00:00
Brian Feldman
0e17bca17c Upgrade to the pam_ssh module, version 1.1..
(From the author:)
Primarily, I have added built-in functions for manipulating the
environment, so putenv() is no longer used.  XDM and its variants
should now work without modification.  Note that the new code uses
the macros in <sys/queue.h>.

Submitted by:	Andrew J. Korty <ajk@iu.edu>
1999-12-28 05:32:54 +00:00
Brian Feldman
b71e3dafa5 Add the PAM SSH RSA key authentication module. For example, you can add,
"login  auth    sufficient      pam_ssh.so" to your /etc/pam.conf, and
users with a ~/.ssh/identity can login(1) with their SSH key :)

PR:		15158
Submitted by:	Andrew J. Korty <ajk@waterspout.com>
Reviewed by:	obrien
1999-11-29 07:09:44 +00:00