mirror of
git://anongit.mindrot.org/openssh.git
synced 2024-11-27 05:46:36 +08:00
- markus@cvs.openbsd.org 2004/03/05 10:53:58
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
add IdentitiesOnly; ok djm@, pb@
This commit is contained in:
Damien Miller
parent
c0f27d8782
commit
bd394c329b
@ -20,6 +20,9 @@
|
||||
- djm@cvs.openbsd.org 2004/03/03 09:31:20
|
||||
[sftp.c]
|
||||
Fix initialisation of progress meter; ok markus@
|
||||
- markus@cvs.openbsd.org 2004/03/05 10:53:58
|
||||
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
|
||||
add IdentitiesOnly; ok djm@, pb@
|
||||
|
||||
20040307
|
||||
- (tim) [regress/login-timeout.sh] fix building outside of source tree.
|
||||
@ -880,4 +883,4 @@
|
||||
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
|
||||
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
|
||||
|
||||
$Id: ChangeLog,v 1.3282 2004/03/08 12:12:19 djm Exp $
|
||||
$Id: ChangeLog,v 1.3283 2004/03/08 12:12:36 djm Exp $
|
||||
|
||||
12
readconf.c
12
readconf.c
@ -12,7 +12,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: readconf.c,v 1.127 2003/12/16 15:49:51 markus Exp $");
|
||||
RCSID("$OpenBSD: readconf.c,v 1.128 2004/03/05 10:53:58 markus Exp $");
|
||||
|
||||
#include "ssh.h"
|
||||
#include "xmalloc.h"
|
||||
@ -105,7 +105,7 @@ typedef enum {
|
||||
oClearAllForwardings, oNoHostAuthenticationForLocalhost,
|
||||
oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
|
||||
oAddressFamily, oGssAuthentication, oGssDelegateCreds,
|
||||
oServerAliveInterval, oServerAliveCountMax,
|
||||
oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
|
||||
oDeprecated, oUnsupported
|
||||
} OpCodes;
|
||||
|
||||
@ -147,6 +147,7 @@ static struct {
|
||||
{ "usersh", oDeprecated },
|
||||
{ "identityfile", oIdentityFile },
|
||||
{ "identityfile2", oIdentityFile }, /* alias */
|
||||
{ "identitiesonly", oIdentitiesOnly },
|
||||
{ "hostname", oHostName },
|
||||
{ "hostkeyalias", oHostKeyAlias },
|
||||
{ "proxycommand", oProxyCommand },
|
||||
@ -736,6 +737,10 @@ parse_int:
|
||||
intptr = &options->enable_ssh_keysign;
|
||||
goto parse_flag;
|
||||
|
||||
case oIdentitiesOnly:
|
||||
intptr = &options->identities_only;
|
||||
goto parse_flag;
|
||||
|
||||
case oServerAliveInterval:
|
||||
intptr = &options->server_alive_interval;
|
||||
goto parse_time;
|
||||
@ -869,6 +874,7 @@ initialize_options(Options * options)
|
||||
options->smartcard_device = NULL;
|
||||
options->enable_ssh_keysign = - 1;
|
||||
options->no_host_authentication_for_localhost = - 1;
|
||||
options->identities_only = - 1;
|
||||
options->rekey_limit = - 1;
|
||||
options->verify_host_key_dns = -1;
|
||||
options->server_alive_interval = -1;
|
||||
@ -981,6 +987,8 @@ fill_default_options(Options * options)
|
||||
clear_forwardings(options);
|
||||
if (options->no_host_authentication_for_localhost == - 1)
|
||||
options->no_host_authentication_for_localhost = 0;
|
||||
if (options->identities_only == -1)
|
||||
options->identities_only = 0;
|
||||
if (options->enable_ssh_keysign == -1)
|
||||
options->enable_ssh_keysign = 0;
|
||||
if (options->rekey_limit == -1)
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
/* $OpenBSD: readconf.h,v 1.59 2003/12/16 15:49:51 markus Exp $ */
|
||||
/* $OpenBSD: readconf.h,v 1.60 2004/03/05 10:53:58 markus Exp $ */
|
||||
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
@ -100,6 +100,7 @@ typedef struct {
|
||||
int enable_ssh_keysign;
|
||||
int rekey_limit;
|
||||
int no_host_authentication_for_localhost;
|
||||
int identities_only;
|
||||
int server_alive_interval;
|
||||
int server_alive_count_max;
|
||||
} Options;
|
||||
|
||||
3
scp.1
3
scp.1
@ -9,7 +9,7 @@
|
||||
.\"
|
||||
.\" Created: Sun May 7 00:14:37 1995 ylo
|
||||
.\"
|
||||
.\" $OpenBSD: scp.1,v 1.32 2003/12/16 15:49:51 markus Exp $
|
||||
.\" $OpenBSD: scp.1,v 1.33 2004/03/05 10:53:58 markus Exp $
|
||||
.\"
|
||||
.Dd September 25, 1999
|
||||
.Dt SCP 1
|
||||
@ -137,6 +137,7 @@ For full details of the options listed below, and their possible values, see
|
||||
.It HostKeyAlias
|
||||
.It HostName
|
||||
.It IdentityFile
|
||||
.It IdentitiesOnly
|
||||
.It LogLevel
|
||||
.It MACs
|
||||
.It NoHostAuthenticationForLocalhost
|
||||
|
||||
3
sftp.1
3
sftp.1
@ -1,4 +1,4 @@
|
||||
.\" $OpenBSD: sftp.1,v 1.51 2004/01/13 12:17:33 jmc Exp $
|
||||
.\" $OpenBSD: sftp.1,v 1.52 2004/03/05 10:53:58 markus Exp $
|
||||
.\"
|
||||
.\" Copyright (c) 2001 Damien Miller. All rights reserved.
|
||||
.\"
|
||||
@ -163,6 +163,7 @@ For full details of the options listed below, and their possible values, see
|
||||
.It HostKeyAlias
|
||||
.It HostName
|
||||
.It IdentityFile
|
||||
.It IdentitiesOnly
|
||||
.It LogLevel
|
||||
.It MACs
|
||||
.It NoHostAuthenticationForLocalhost
|
||||
|
||||
3
ssh.1
3
ssh.1
@ -34,7 +34,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: ssh.1,v 1.181 2003/12/16 15:49:51 markus Exp $
|
||||
.\" $OpenBSD: ssh.1,v 1.182 2004/03/05 10:53:58 markus Exp $
|
||||
.Dd September 25, 1999
|
||||
.Dt SSH 1
|
||||
.Os
|
||||
@ -634,6 +634,7 @@ For full details of the options listed below, and their possible values, see
|
||||
.It HostKeyAlias
|
||||
.It HostName
|
||||
.It IdentityFile
|
||||
.It IdentitiesOnly
|
||||
.It LocalForward
|
||||
.It LogLevel
|
||||
.It MACs
|
||||
|
||||
20
ssh_config.5
20
ssh_config.5
@ -34,7 +34,7 @@
|
||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $OpenBSD: ssh_config.5,v 1.28 2003/12/16 15:49:51 markus Exp $
|
||||
.\" $OpenBSD: ssh_config.5,v 1.29 2004/03/05 10:53:58 markus Exp $
|
||||
.Dd September 25, 1999
|
||||
.Dt SSH_CONFIG 5
|
||||
.Os
|
||||
@ -406,6 +406,24 @@ syntax to refer to a user's home directory.
|
||||
It is possible to have
|
||||
multiple identity files specified in configuration files; all these
|
||||
identities will be tried in sequence.
|
||||
.It Cm IdentitiesOnly
|
||||
Specifies that
|
||||
.Nm ssh
|
||||
should only use the authentication identity files configured in the
|
||||
.Nm
|
||||
files,
|
||||
even if the
|
||||
.Nm ssh-agent
|
||||
offers more identities.
|
||||
The argument to this keyword must be
|
||||
.Dq yes
|
||||
or
|
||||
.Dq no .
|
||||
This option is intented for situations where
|
||||
.Nm ssh-agent
|
||||
offers many different identities.
|
||||
The default is
|
||||
.Dq no .
|
||||
.It Cm LocalForward
|
||||
Specifies that a TCP/IP port on the local machine be forwarded over
|
||||
the secure channel to the specified host and port from the remote machine.
|
||||
|
||||
@ -23,7 +23,7 @@
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: sshconnect2.c,v 1.134 2004/01/19 21:25:15 markus Exp $");
|
||||
RCSID("$OpenBSD: sshconnect2.c,v 1.135 2004/03/05 10:53:58 markus Exp $");
|
||||
|
||||
#include "openbsd-compat/sys-queue.h"
|
||||
|
||||
@ -1044,7 +1044,7 @@ pubkey_prepare(Authctxt *authctxt)
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (!found) {
|
||||
if (!found && !options.identities_only) {
|
||||
id = xmalloc(sizeof(*id));
|
||||
memset(id, 0, sizeof(*id));
|
||||
id->key = key;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user