Commit Graph

55 Commits

Author SHA1 Message Date
djm@openbsd.org
4c3cf36263
upstream: fix missing field in users-groups-by-id@openssh.com reply
documentation

GHPR441 from TJ Saunders

OpenBSD-Commit-ID: ff5733ff6ef4cd24e0758ebeed557aa91184c674
2024-01-08 16:06:29 +11:00
djm@openbsd.org
f64cede2a3
upstream: make kex-strict section more explicit about its intent:
banning all messages not strictly required in KEX

OpenBSD-Commit-ID: fc33a2d7f3b7013a7fb7500bdbaa8254ebc88116
2024-01-08 16:06:28 +11:00
jsg@openbsd.org
64ddf77653
upstream: spelling; ok markus@
OpenBSD-Commit-ID: 9d01f2e9d59a999d5d42fc3b3efcf8dfb892e31b
2024-01-08 13:25:21 +11:00
djm@openbsd.org
5413b1c7ff
upstream: correct section numbers; from Ed Maste
OpenBSD-Commit-ID: e289576ee5651528404cb2fb68945556052cf83f
2024-01-08 13:25:20 +11:00
djm@openbsd.org
a7ed931cae
upstream: add "ext-info-in-auth@openssh.com" extension
This adds another transport protocol extension to allow a sshd to send
SSH2_MSG_EXT_INFO during user authentication, after the server has
learned the username that is being logged in to.

This lets sshd to update the acceptable signature algoritms for public
key authentication, and allows these to be varied via sshd_config(5)
"Match" directives, which are evaluated after the server learns the
username being authenticated.

Full details in the PROTOCOL file

OpenBSD-Commit-ID: 1de7da7f2b6c32a46043d75fcd49b0cbb7db7779
2023-12-19 01:51:46 +11:00
djm@openbsd.org
1edb00c58f
upstream: implement "strict key exchange" in ssh and sshd
This adds a protocol extension to improve the integrity of the SSH
transport protocol, particular in and around the initial key exchange
(KEX) phase.

Full details of the extension are in the PROTOCOL file.

with markus@

OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14
2023-12-19 01:51:11 +11:00
djm@openbsd.org
dce6d80d2e
upstream: Introduce a transport-level ping facility
This adds a pair of SSH transport protocol messages SSH2_MSG_PING/PONG
to implement a ping capability. These messages use numbers in the "local
extensions" number space and are advertised using a "ping@openssh.com"
ext-info message with a string version number of "0".

ok markus@

OpenBSD-Commit-ID: b6b3c4cb2084c62f85a8dc67cf74954015eb547f
2023-08-28 13:34:01 +10:00
dtucker@openbsd.org
5c3f18fb99
upstream: Fix typo. From pablomh via -portable github PR#344.
OpenBSD-Commit-ID: d056ee2e73691dc3ecdb44a6de68e6b88cd93827
2022-11-07 14:00:23 +11:00
djm@openbsd.org
74b77f7497
upstream: sftp-server(8): add a "users-groups-by-id@openssh.com"
extension request that allows the client to obtain user/group names that
correspond to a set of uids/gids.

Will be used to make directory listings more useful and consistent
in sftp(1).

ok markus@

OpenBSD-Commit-ID: 7ebabde0bcb95ef949c4840fe89e697e30df47d3
2022-09-19 20:49:13 +10:00
djm@openbsd.org
730a806094 upstream: sftp-server: support home-directory request
Add support to the sftp-server for the home-directory extension defined
in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the
existing expand-path@openssh.com, but uses a more official protocol name,
and so is a bit more likely to be implemented by non-OpenSSH clients.

From Mike Frysinger, ok dtucker@

OpenBSD-Commit-ID: bfc580d05cc0c817831ae7ecbac4a481c23566ab
2022-08-12 15:22:37 +10:00
dtucker@openbsd.org
aa19203027 upstream: Note that curve25519-sha256 was later published in
RFC8731.  ok djm@

OpenBSD-Commit-ID: 2ac2b5d642d4cf5918eaec8653cad9a4460b2743
2022-04-12 09:35:31 +10:00
djm@openbsd.org
7988bfc4b7 upstream: add support for the "corp-data" protocol extension to
allow server-side copies to be performed without having to go via the client.
Patch by Mike Frysinger, ok dtucker@

OpenBSD-Commit-ID: 00aa510940fedd66dab1843b58682de4eb7156d5
2022-03-31 14:09:42 +11:00
djm@openbsd.org
266678e19e upstream: document host-bound publickey authentication
OpenBSD-Commit-ID: ea6ed91779a81f06d961e30ecc49316b3d71961b
2021-12-20 09:28:08 +11:00
djm@openbsd.org
2ab864010e upstream: SFTP protocol extension to allow the server to expand
~-prefixed paths, in particular ~user ones. Allows scp in sftp mode to accept
these paths, like scp in rcp mode does.

prompted by and much discussion deraadt@
ok markus@

OpenBSD-Commit-ID: 7d794def9e4de348e1e777f6030fc9bafdfff392
2021-08-10 12:47:46 +10:00
djm@openbsd.org
63238f5aed upstream: Fix the hostkeys rotation extension documentation
The documentation was lacking the needed want-reply field in the initial
global request.

https://github.com/openssh/openssh-portable/pull/218 by dbussink

OpenBSD-Commit-ID: 051824fd78edf6d647a0b9ac011bf88e28775054
2021-02-18 13:50:37 +11:00
djm@openbsd.org
788cbc5b74 upstream: sftp-server: implement limits@openssh.com extension
This is a simple extension that allows the server to clearly
communicate transfer limits it is imposing so the client doesn't
have to guess, or force the user to manually tune.  This is
particularly useful when an attempt to use too large of a value
causes the server to abort the connection.

Patch from Mike Frysinger; ok dtucker@

OpenBSD-Commit-ID: f96293221e5aa24102d9bf30e4f4ef04d5f4fb51
2021-02-18 13:17:43 +11:00
djm@openbsd.org
16eacdb016 upstream: sftp: add missing lsetstat@openssh.com documentation
patch from Mike Frysinger

OpenBSD-Commit-ID: 9c114db88d505864075bfe7888b7c8745549715b
2021-02-17 15:03:41 +11:00
djm@openbsd.org
6d755706a0 upstream: some language improvements; ok markus
OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
2020-07-15 15:07:42 +10:00
dtucker@openbsd.org
0001576a09 upstream: Fix some typos and an incorrect word in docs. Patch from
itoama at live.jp via github PR#172.

OpenBSD-Commit-ID: 166ee8f93a7201fef431b9001725ab8b269d5874
2020-02-21 12:27:23 +11:00
djm@openbsd.org
a46ac4d86b upstream: mention INFO@openssh.com for sending SIGINFO
OpenBSD-Commit-ID: 132471eeb0df658210afd27852fe65131b26e900
2018-10-02 22:53:48 +10:00
djm@openbsd.org
e1b26ce504 upstream: improve
OpenBSD-Commit-ID: 40d839db0977b4e7ac8b647b16d5411d4faf2f60
2018-08-10 11:14:06 +10:00
djm@openbsd.org
7c712966a3 upstream: Describe pubkey format, prompted by bz#2853
While I'm here, describe and link to the remaining local PROTOCOL.*
docs that weren't already mentioned (PROTOCOL.key, PROTOCOL.krl and
PROTOCOL.mux)

OpenBSD-Commit-ID: 2a900f9b994ba4d53e7aeb467d44d75829fd1231
2018-08-10 11:14:06 +10:00
djm@openbsd.org
ef100a2c5a upstream: fix numbering
OpenBSD-Commit-ID: bc7a1764dff23fa4c5ff0e3379c9c4d5b63c9596
2018-08-10 11:14:06 +10:00
djm@openbsd.org
fcdb9d7778 upstream: emphasise that the hostkey rotation may send key types
that the client may not support, and that the client should simply disregard
such keys (this is what ssh does already).

OpenBSD-Commit-ID: 65f8ffbc32ac8d12be8f913d7c0ea55bef8622bf
2018-02-23 13:37:32 +11:00
djm@openbsd.org
8ba0fd4008 upstream commit
fix references to obsolete v00 cert format; spotted by
Jakub Jelen

Upstream-ID: 7600ce193ab8fd19451acfe24fc2eb39d46b2c4f
2017-05-27 15:35:52 +10:00
Darren Tucker
461f50e7ab Update links to https.
www.openssh.com now supports https and ftp.openbsd.org no longer
supports ftp.  Make all links to these https.
2016-10-21 06:55:58 +11:00
djm@openbsd.org
90ee563fa6 upstream commit
We accidentally send an empty string and a zero uint32 with
 every direct-streamlocal@openssh.com channel open, in contravention of our
 own spec.

Fixing this is too hard wrt existing versions that expect these
fields to be present and fatal() if they aren't, so document them
as "reserved" fields in the PROTOCOL spec as though we always
intended this and let us never speak of it again.

bz#2529, reported by Ron Frederick

Upstream-ID: 34cd326a4d236ca6e39084c4ff796bd97ab833e7
2016-04-08 17:36:29 +10:00
djm@openbsd.org
deb8d99ecb upstream commit
direct-streamlocal@openssh.com Unix domain foward
 messages do not contain a "reserved for future use" field and in fact,
 serverloop.c checks that there isn't one. Remove erroneous mention from
 PROTOCOL description. bz#2421 from Daniel Black

Upstream-ID: 3d51a19e64f72f764682f1b08f35a8aa810a43ac
2015-07-17 13:36:30 +10:00
djm@openbsd.org
4e636cf201 upstream commit
whitespace at EOL
2015-05-08 13:58:06 +10:00
djm@openbsd.org
44732de068 upstream commit
UpdateHostKeys fixes:

I accidentally changed the format of the hostkeys@openssh.com messages
last week without changing the extension name, and this has been causing
connection failures for people who are running -current. First reported
by sthen@

s/hostkeys@openssh.com/hostkeys-00@openssh.com/
Change the name of the proof message too, and reorder it a little.

Also, UpdateHostKeys=ask is incompatible with ControlPersist (no TTY
available to read the response) so disable UpdateHostKeys if it is in
ask mode and ControlPersist is active (and document this)
2015-02-21 09:20:28 +11:00
djm@openbsd.org
523463a3a2 upstream commit
Revise hostkeys@openssh.com hostkey learning extension.

The client will not ask the server to prove ownership of the private
halves of any hitherto-unseen hostkeys it offers to the client.

Allow UpdateHostKeys option to take an 'ask' argument to let the
user manually review keys offered.

ok markus@
2015-02-17 09:32:32 +11:00
djm@openbsd.org
8d4f87258f upstream commit
Host key rotation support.

Add a hostkeys@openssh.com protocol extension (global request) for
a server to inform a client of all its available host key after
authentication has completed. The client may record the keys in
known_hosts, allowing it to upgrade to better host key algorithms
and a server to gracefully rotate its keys.

The client side of this is controlled by a UpdateHostkeys config
option (default on).

ok markus@
2015-01-27 00:00:57 +11:00
Damien Miller
7acefbbcbe - millert@cvs.openbsd.org 2014/07/15 15:54:14
[PROTOCOL auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
     [auth-rsa.c auth.c auth1.c auth2-hostbased.c auth2-kbdint.c auth2-none.c]
     [auth2-passwd.c auth2-pubkey.c auth2.c canohost.c channels.c channels.h]
     [clientloop.c misc.c misc.h monitor.c mux.c packet.c readconf.c]
     [readconf.h servconf.c servconf.h serverloop.c session.c ssh-agent.c]
     [ssh.c ssh_config.5 sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
     [sshd_config.5 sshlogin.c]
     Add support for Unix domain socket forwarding.  A remote TCP port
     may be forwarded to a local Unix domain socket and vice versa or
     both ends may be a Unix domain socket.  This is a reimplementation
     of the streamlocal patches by William Ahern from:
         http://www.25thandclement.com/~william/projects/streamlocal.html
     OK djm@ markus@
2014-07-18 14:11:24 +10:00
Damien Miller
e4870c0906 - djm@cvs.openbsd.org 2013/12/01 23:19:05
[PROTOCOL]
     mention curve25519-sha256@libssh.org key exchange algorithm
2013-12-05 10:22:39 +11:00
Damien Miller
0fde8acdad - djm@cvs.openbsd.org 2013/11/21 00:45:44
[Makefile.in PROTOCOL PROTOCOL.chacha20poly1305 authfile.c chacha.c]
     [chacha.h cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h]
     [dh.c myproposal.h packet.c poly1305.c poly1305.h servconf.c ssh.1]
     [ssh.c ssh_config.5 sshd_config.5] Add a new protocol 2 transport
     cipher "chacha20-poly1305@openssh.com" that combines Daniel
     Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an
     authenticated encryption mode.

     Inspired by and similar to Adam Langley's proposal for TLS:
     http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03
     but differs in layout used for the MAC calculation and the use of a
     second ChaCha20 instance to separately encrypt packet lengths.
     Details are in the PROTOCOL.chacha20poly1305 file.

     Feedback markus@, naddy@; manpage bits Loganden Velvindron @ AfriNIC
     ok markus@ naddy@
2013-11-21 14:12:23 +11:00
Damien Miller
f29238e674 - djm@cvs.openbsd.org 2013/10/17 00:30:13
[PROTOCOL sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c]
     fsync@openssh.com protocol extension for sftp-server
     client support to allow calling fsync() faster successful transfer
     patch mostly by imorgan AT nas.nasa.gov; bz#1798
     "fine" markus@ "grumble OK" deraadt@ "doesn't sound bad to me" millert@
2013-10-17 11:48:52 +11:00
Damien Miller
1d75abfe23 - markus@cvs.openbsd.org 2013/01/08 18:49:04
[PROTOCOL authfile.c cipher.c cipher.h kex.c kex.h monitor_wrap.c]
     [myproposal.h packet.c ssh_config.5 sshd_config.5]
     support AES-GCM as defined in RFC 5647 (but with simpler KEX handling)
     ok and feedback djm@
2013-01-09 16:12:19 +11:00
Damien Miller
3739c8f041 - djm@cvs.openbsd.org 2013/01/03 12:49:01
[PROTOCOL]
     fix description of MAC calculation for EtM modes; ok markus@
2013-01-09 15:57:16 +11:00
Damien Miller
af43a7ac2d - markus@cvs.openbsd.org 2012/12/11 22:31:18
[PROTOCOL authfile.c cipher.c cipher.h kex.h mac.c myproposal.h]
     [packet.c ssh_config.5 sshd_config.5]
     add encrypt-then-mac (EtM) modes to openssh by defining new mac algorithms
     that change the packet format and compute the MAC over the encrypted
     message (including the packet size) instead of the plaintext data;
     these EtM modes are considered more secure and used by default.
     feedback and ok djm@
2012-12-12 10:46:31 +11:00
Darren Tucker
af1f909254 - djm@cvs.openbsd.org 2010/12/04 00:18:01
[sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
     add a protocol extension to support a hard link operation. It is
     available through the "ln" command in the client. The old "ln"
     behaviour of creating a symlink is available using its "-s" option
     or through the preexisting "symlink" command; based on a patch from
     miklos AT szeredi.hu in bz#1555; ok markus@
2010-12-05 09:02:47 +11:00
Damien Miller
eb8b60e320 - djm@cvs.openbsd.org 2010/08/31 11:54:45
[PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
     [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
     [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
     [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
     [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
     [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
     [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
     Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
     host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
     better performance than plain DH and DSA at the same equivalent symmetric
     key length, as well as much shorter keys.

     Only the mandatory sections of RFC5656 are implemented, specifically the
     three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
     ECDSA. Point compression (optional in RFC5656 is NOT implemented).

     Certificate host and user keys using the new ECDSA key types are supported.

     Note that this code has not been tested for interoperability and may be
     subject to change.

     feedback and ok markus@
2010-08-31 22:41:14 +10:00
Damien Miller
0a80ca190a - OpenBSD CVS Sync
- djm@cvs.openbsd.org 2010/02/26 20:29:54
     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
     [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
     [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
     [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
     [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
     [sshconnect2.c sshd.8 sshd.c sshd_config.5]
     Add support for certificate key types for users and hosts.

     OpenSSH certificate key types are not X.509 certificates, but a much
     simpler format that encodes a public key, identity information and
     some validity constraints and signs it with a CA key. CA keys are
     regular SSH keys. This certificate style avoids the attack surface
     of X.509 certificates and is very easy to deploy.

     Certified host keys allow automatic acceptance of new host keys
     when a CA certificate is marked as sh/known_hosts.
     see VERIFYING HOST KEYS in ssh(1) for details.

     Certified user keys allow authentication of users when the signing
     CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
     FILE FORMAT" in sshd(8) for details.

     Certificates are minted using ssh-keygen(1), documentation is in
     the "CERTIFICATES" section of that manpage.

     Documentation on the format of certificates is in the file
     PROTOCOL.certkeys

     feedback and ok markus@
2010-02-27 07:55:05 +11:00
Darren Tucker
a2e10485c5 - djm@cvs.openbsd.org 2010/01/09 00:57:10
[PROTOCOL]
     tweak language
2010-01-09 22:25:14 +11:00
Darren Tucker
f2705c8b7d - djm@cvs.openbsd.org 2009/12/20 23:20:40
[PROTOCOL]
     fix an incorrect magic number and typo in PROTOCOL; bz#1688
     report and fix from ueno AT unixuser.org
2010-01-08 18:54:17 +11:00
Damien Miller
6385e758df - djm@cvs.openbsd.org 2009/02/14 06:35:49
[PROTOCOL]
     mention that eow and no-more-sessions extensions are sent only to
     OpenSSH peers
2009-02-14 18:00:52 +11:00
Damien Miller
c9c96f2e28 - djm@cvs.openbsd.org 2008/07/05 05:16:01
[PROTOCOL]
     grammar
2008-07-05 15:17:48 +10:00
Darren Tucker
1f781b194f - djm@cvs.openbsd.org 2008/06/30 12:18:34
[PROTOCOL]
     clarify that eow@openssh.com is only sent on session channels
2008-07-02 22:33:16 +10:00
Damien Miller
1e18beb1e7 - djm@cvs.openbsd.org 2008/06/28 14:08:30
[PROTOCOL PROTOCOL.agent]
     document the protocol used by ssh-agent; "looks ok" markus@
2008-06-30 00:07:00 +10:00
Damien Miller
bd45afb5ad - djm@cvs.openbsd.org 2008/06/28 07:25:07
[PROTOCOL]
     spelling fixes
2008-06-30 00:04:57 +10:00
Darren Tucker
e5d98290a6 - djm@cvs.openbsd.org 2008/06/12 05:15:41
[PROTOCOL]
     document tun@openssh.com forwarding method
2008-06-13 04:53:27 +10:00