mirrors/openssh
0
0
Fork 0
mirror of git://anongit.mindrot.org/openssh.git synced 2024-11-24 10:53:24 +08:00
Code Issues Packages Projects Releases Wiki Activity
6,801 Commits 69 Branches 157 Tags 28 MiB
37f1c08473
Commit Graph

289 Commits

Author SHA1 Message Date
Damien Miller
3597821046 - jmc@cvs.openbsd.org 2005/12/23 23:46:23 
[ssh.1]
     less mark up for -c;
 2005-12-24 14:56:47 +11:00
Damien Miller
2142ba0769 - jmc@cvs.openbsd.org 2005/12/23 14:55:53 
[ssh.1]
     - sync the description of -e w/ synopsis
     - simplify the description of -I
     - note that -I is only available if support compiled in, and that it
     isn't by default
     feedback/ok djm@
 2005-12-24 14:56:29 +11:00
Damien Miller
cf1e342c6c - jmc@cvs.openbsd.org 2005/12/22 11:23:42 
[ssh.1]
     expand the description of -w somewhat;
     help/ok reyk
 2005-12-24 14:56:04 +11:00
Damien Miller
d7f308f6d8 - stevesk@cvs.openbsd.org 2005/12/21 22:44:26 
[sshd.8]
     clarify precedence of -p, Port, ListenAddress; ok and help jmc@
 2005-12-24 14:55:16 +11:00
Damien Miller
9a765b22b7 - jmc@cvs.openbsd.org 2005/12/21 11:57:25 
[ssh.1]
     options now described `above', rather than `later';
 2005-12-24 14:53:44 +11:00
Damien Miller
329cb01638 - jmc@cvs.openbsd.org 2005/12/21 11:48:16 
[ssh.1]
     -L and -R descriptions are now above, not below, ~C description;
 2005-12-24 14:53:23 +11:00
Damien Miller
e9b333a544 - jmc@cvs.openbsd.org 2005/12/20 22:09:41 
[ssh.1]
     move info on ssh return values and config files up into the main
     description;
 2005-12-24 14:53:04 +11:00
Damien Miller
52d2061ab0 - jmc@cvs.openbsd.org 2005/12/20 22:02:50 
[ssh.1]
     .Ss -> .Sh: subsections have not made this page more readable
 2005-12-24 14:52:36 +11:00
Damien Miller
c93a813802 - jmc@cvs.openbsd.org 2005/12/20 21:59:43 
[ssh.1]
     merge the sections on protocols 1 and 2 into one section on
     authentication;
     feedback djm dtucker
     ok deraadt markus dtucker
 2005-12-24 14:52:13 +11:00
Darren Tucker
5434cfe368 - jmc@cvs.openbsd.org 2005/12/16 18:14:40 
[ssh.1]
     signpost the protocol sections;
 2005-12-20 16:11:35 +11:00
Darren Tucker
ff9f484f45 - jmc@cvs.openbsd.org 2005/12/16 18:12:22 
[ssh.1]
     make the description of -c a little nicer;
 2005-12-20 16:10:45 +11:00
Darren Tucker
b18c867c9d - jmc@cvs.openbsd.org 2005/12/16 18:08:53 
[ssh.1]
     simplify a sentence;
 2005-12-20 16:10:09 +11:00
Darren Tucker
d3877b995a - jmc@cvs.openbsd.org 2005/12/16 18:07:08 
[ssh.1]
     move the option descriptions up the page: start of a restructure;
     ok markus deraadt
 2005-12-20 16:09:36 +11:00
Damien Miller
4b2319fb85 - jmc@cvs.openbsd.org 2005/12/08 14:59:44 
[ssh.1 ssh_config.5]
     make `!command' a little clearer;
     ok reyk
 2005-12-13 19:30:27 +11:00
Damien Miller
f0c8c15322 - jmc@cvs.openbsd.org 2005/12/07 10:52:13 
[ssh.1]
     - avoid line split in SYNOPSIS
     - add args to -w
     - kill trailing whitespace
 2005-12-13 19:29:58 +11:00
Damien Miller
d27b947178 - reyk@cvs.openbsd.org 2005/12/06 22:38:28 
[auth-options.c auth-options.h channels.c channels.h clientloop.c]
     [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h]
     [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c]
     [sshconnect.h sshd.8 sshd_config sshd_config.5]
     Add support for tun(4) forwarding over OpenSSH, based on an idea and
     initial channel code bits by markus@. This is a simple and easy way to
     use OpenSSH for ad hoc virtual private network connections, e.g.
     administrative tunnels or secure wireless access. It's based on a new
     ssh channel and works similar to the existing TCP forwarding support,
     except that it depends on the tun(4) network interface on both ends of
     the connection for layer 2 or layer 3 tunneling. This diff also adds
     support for LocalCommand in the ssh(1) client.

     ok djm@, markus@, jmc@ (manpages), tested and discussed with others
 2005-12-13 19:29:02 +11:00
Damien Miller
6dbdb6afee - jmc@cvs.openbsd.org 2005/11/30 11:45:20 
[ssh.1]
     avoid ambiguities in describing TZ;
     ok djm@
 2005-12-13 19:25:43 +11:00
Damien Miller
c94ebbc723 - (djm) OpenBSD CVS Sync 
- jmc@cvs.openbsd.org 2005/11/30 11:18:27
     [ssh.1]
     timezone -> time zone
 2005-12-13 19:25:21 +11:00
Darren Tucker
1e4308e6fa - djm@cvs.openbsd.org 2005/09/19 23:31:31 
[ssh.1]
     spelling nit from stevesk@
 2005-10-03 18:18:40 +10:00
Darren Tucker
05d4dfe38f - jmc@cvs.openbsd.org 2005/09/19 15:38:27 
[ssh.1]
     some more .Bk/.Ek to avoid ugly line split;
 2005-10-03 18:17:38 +10:00
Darren Tucker
c8d6421a64 - djm@cvs.openbsd.org 2005/09/19 11:37:34 
[ssh_config.5 ssh.1]
     mention ability to specify bind_address for DynamicForward and -D options;
     bz#1077 spotted by Haruyama Seigo
 2005-10-03 18:13:42 +10:00
Darren Tucker
a5cf85584c - dtucker@cvs.openbsd.org 2005/07/06 09:33:05 
[ssh.1]
     clarify meaning of ssh -b ; with & ok jmc@
 2005-07-14 17:04:18 +10:00
Damien Miller
3710f278ae - djm@cvs.openbsd.org 2005/05/23 23:32:46 
[cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
     add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
     ok markus@
 2005-05-26 12:19:17 +10:00
Damien Miller
167ea5d026 - djm@cvs.openbsd.org 2005/04/21 06:17:50 
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
     [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
     variable, so don't say that we do (bz #623); ok deraadt@
 2005-05-26 12:04:02 +10:00
Damien Miller
3dc967e17b - jmc@cvs.openbsd.org 2005/04/14 12:30:30 
[ssh.1]
     arg to -b is an address, not if_name;
     ok markus@
 2005-05-26 12:03:15 +10:00
Damien Miller
b096ac4674 - jmc@cvs.openbsd.org 2005/03/07 23:41:54 
[ssh.1 ssh_config.5]
     more macro simplification;
 2005-03-09 11:00:05 +11:00
Damien Miller
b022b23584 - jmc@cvs.openbsd.org 2005/03/02 11:45:01 
[ssh.1]
     missing word;
 2005-03-05 11:22:36 +11:00
Damien Miller
947219e6e6 - djm@cvs.openbsd.org 2005/03/02 02:21:07 
[ssh.1]
     bz#987: mention ForwardX11Trusted in ssh.1,
     reported by andrew.benham AT thus.net; ok deraadt@
 2005-03-02 13:22:30 +11:00
Damien Miller
36bf7dd184 - jmc@cvs.openbsd.org 2005/03/01 14:47:58 
[ssh.1]
     remove some unneccesary macros;
     do not mark up punctuation;
 2005-03-02 12:02:47 +11:00
Damien Miller
e1776155d1 - djm@cvs.openbsd.org 2005/03/01 10:40:27 
[hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
     [sshconnect.c sshd.8]
     add support for hashing host names and addresses added to known_hosts
     files, to improve privacy of which hosts user have been visiting; ok
     markus@ deraadt@
 2005-03-01 21:47:37 +11:00
Damien Miller
f91ee4c3de - djm@cvs.openbsd.org 2005/03/01 10:09:52 
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
     [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
     [sshd_config.5]
     bz#413: allow optional specification of bind address for port forwardings.
     Patch originally by Dan Astorian, but worked on by several people
     Adds GatewayPorts=clientspecified option on server to allow remote
     forwards to bind to client-specified ports.
 2005-03-01 21:24:33 +11:00
Darren Tucker
e04644c162 - (dtucker) OpenBSD CVS Sync 
- jmc@cvs.openbsd.org 2004/11/07 17:42:36
     [ssh.1]
     options sort, and whitespace;
 2004-12-03 14:08:45 +11:00
Darren Tucker
7ebfc10884 - djm@cvs.openbsd.org 2004/11/07 00:01:46 
[clientloop.c clientloop.h ssh.1 ssh.c]
     add basic control of a running multiplex master connection; including the
     ability to check its status and request it to exit; ok markus@
 2004-11-07 20:06:19 +11:00
Darren Tucker
636ca90247 - djm@cvs.openbsd.org 2004/10/07 10:10:24 
[scp.1 sftp.1 ssh.1 ssh_config.5]
     document KbdInteractiveDevices; ok markus@
 2004-11-05 20:22:00 +11:00
Darren Tucker
4e4fe0052c - jmc@cvs.openbsd.org 2004/08/30 21:22:49 
[ssh-add.1 ssh.1]
     .Xsession -> .xsession;
     originally from a pr from f at obiit dot org, but missed by myself;
     ok markus@ matthieu@
 2004-11-05 20:01:03 +11:00
Darren Tucker
db69390817 - markus@cvs.openbsd.org 2004/08/26 16:00:55 
[ssh.1 sshd.8]
     get rid of references to rhosts authentication; with jmc@
 2004-08-29 16:37:24 +10:00
Darren Tucker
0b42e6d95b - jakob@cvs.openbsd.org 2004/08/12 21:41:13 
[ssh-keygen.1 ssh.1]
     improve SSHFP documentation; ok deraadt@
 2004-08-13 21:22:40 +10:00
Damien Miller
5d1ecebcb5 - OpenBSD CVS Sync 
- jmc@cvs.openbsd.org 2004/06/26 09:03:21
     [ssh.1]
     - remove double word
     - rearrange .Bk to keep SYNOPSIS nice
     - -M before -m in options description
 2004-06-30 22:37:57 +10:00
Damien Miller
b8ea24868f - markus@cvs.openbsd.org 2004/06/18 10:55:43 
[ssh.1 ssh.c]
     trim synopsis for -S, allow -S and -oControlMaster, -MM means 'ask'; ok djm
 2004-06-18 22:21:55 +10:00
Darren Tucker
ba5c592126 - djm@cvs.openbsd.org 2004/06/17 23:56:57 
[ssh.1 ssh.c]
     sync usage() and SYNPOSIS with connection sharing changes
 2004-06-18 16:22:39 +10:00
Damien Miller
0e220dbfbc - djm@cvs.openbsd.org 2004/06/13 15:03:02 
[channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
     [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
     implement session multiplexing in the client (the server has supported
     this since 2.0); ok markus@
 2004-06-15 10:34:08 +10:00
Damien Miller
05202ffe21 - dtucker@cvs.openbsd.org 2004/06/13 14:01:42 
[ssh.1 ssh_config.5 sshd_config.5]
     List supported ciphers in man pages, tidy up ssh -c;
     "looks fine" jmc@, ok markus@
 2004-06-15 10:30:39 +10:00
Darren Tucker
e534e12127 - jmc@cvs.openbsd.org 2004/05/22 16:01:05 
[ssh.1]
     kill whitespace at eol;
 2004-05-24 10:35:14 +10:00
Darren Tucker
1973c88898 - djm@cvs.openbsd.org 2004/05/22 06:32:12 
[clientloop.c ssh.1]
     use '-h' for help in ~C commandline instead of '-?'; inspired by jmc@
 2004-05-24 10:34:36 +10:00
Darren Tucker
e7066dfde3 - djm@cvs.openbsd.org 2004/05/21 11:33:11 
[channels.c channels.h clientloop.c serverloop.c ssh.1]
     bz #756: add support for the cancel-tcpip-forward request for the server and
     the client (through the ~C commandline). reported by z3p AT twistedmatrix.com;
     ok markus@
 2004-05-24 10:18:05 +10:00
Darren Tucker
edae0ec12a - dtucker@cvs.openbsd.org 2004/05/02 11:57:52 
[ssh.1]
     ConnectionTimeout -> ConnectTimeout, from m.a.ellis at ncl.ac.uk via
     Debian.  ok djm@
 2004-05-02 22:15:52 +10:00
Darren Tucker
7a6c06620e - jmc@cvs.openbsd.org 2004/04/28 07:13:42 
[sftp.1 ssh.1]
     add SendEnv to -o list;
 2004-05-02 22:14:03 +10:00
Damien Miller
c970cb9052 - djm@cvs.openbsd.org 2004/04/19 13:02:40 
[ssh.1 ssh_config.5]
     document strict permission checks on ~/.ssh/config; prompted by,
     with & ok jmc@
 2004-04-20 20:12:53 +10:00
Damien Miller
bd394c329b - markus@cvs.openbsd.org 2004/03/05 10:53:58 
[readconf.c readconf.h scp.1 sftp.1 ssh.1 ssh_config.5 sshconnect2.c]
     add IdentitiesOnly; ok djm@, pb@
 2004-03-08 23:12:36 +11:00
Damien Miller
509b0107f0 - markus@cvs.openbsd.org 2003/12/16 15:49:51 
[clientloop.c clientloop.h readconf.c readconf.h scp.1 sftp.1 ssh.1]
     [ssh.c ssh_config.5]
     application layer keep alive (ServerAliveInterval ServerAliveCountMax)
     for ssh(1), similar to the sshd(8) option; ok beck@; with help from
     jmc and dtucker@
 2003-12-17 16:33:10 +11:00
Damien Miller
12c150e7e0 - markus@cvs.openbsd.org 2003/12/09 21:53:37 
[readconf.c readconf.h scp.1 servconf.c servconf.h sftp.1 ssh.1]
     [ssh_config.5 sshconnect.c sshd.c sshd_config.5]
     rename keepalive to tcpkeepalive; the old name causes too much
     confusion; ok djm, dtucker; with help from jmc@
 2003-12-17 16:31:10 +11:00
Damien Miller
e0113ccc08 - dtucker@cvs.openbsd.org 2003/11/24 00:16:35 
[ssh.1 ssh.c]
     Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
 2003-11-24 13:10:09 +11:00
Darren Tucker
0a118da00e - markus@cvs.openbsd.org 2003/10/11 08:24:08 
[readconf.c readconf.h ssh.1 ssh.c ssh_config.5]
     remote x11 clients are now untrusted by default, uses xauth(8) to generate
     untrusted cookies; ForwardX11Trusted=yes restores old behaviour.
     ok deraadt; feedback and ok djm/fries
 2003-10-15 15:54:32 +10:00
Darren Tucker
1f20394e92 - jmc@cvs.openbsd.org 2003/10/08 08:27:36 
[scp.1 scp.c sftp-server.8 sftp.1 sftp.c ssh.1 sshd.8]
     scp and sftp: add options list and sort options. options list requested
     by deraadt@
     sshd: use same format as ssh
     ssh: remove wrong option from list
     sftp-server: Subsystem is documented in ssh_config(5), not sshd(8)
     ok deraadt@ markus@
 2003-10-15 15:50:42 +10:00
Darren Tucker
6177695c0b - jmc@cvs.openbsd.org 2003/09/29 11:40:51 
[ssh.1]
     - add list of options to -o and .Xr ssh_config(5)
     - some other cleanup
     requested by deraadt@;
     ok deraadt@ markus@
 2003-10-02 16:19:47 +10:00
Darren Tucker
6aaa58c470 - (dtucker) OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2003/07/22 13:35:22
     [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
     monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
     ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
     remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
     test+ok henning@
 - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
 - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.

I hope I got this right....
 2003-08-02 22:24:49 +10:00
Darren Tucker
46471c9a81 - markus@cvs.openbsd.org 2003/07/02 14:51:16 
[channels.c ssh.1 ssh_config.5]
     (re)add socks5 suppport to -D; ok djm@
     now ssh(1) can act both as a socks 4 and socks 5 server and
     dynamically forward ports.
 2003-07-03 13:55:19 +10:00
Damien Miller
f1ce505daf - jmc@cvs.openbsd.org 2003/06/10 09:12:11 
[scp.1 sftp-server.8 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5]
     [sshd.8 sshd_config.5 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
     - section reorder
     - COMPATIBILITY merge
     - macro cleanup
     - kill whitespace at EOL
     - new sentence, new line
     ssh pages ok markus@
 2003-06-11 22:04:39 +10:00
Damien Miller
fbf486b4a6 - jmc@cvs.openbsd.org 2003/05/20 12:09:31 
[ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1]
     new sentence, new line
 2003-05-23 18:44:23 +10:00
Damien Miller
46a7b40d1e - markus@cvs.openbsd.org 2003/05/15 04:08:41 
[ssh.1]
     ~B is ssh2 only
 2003-05-15 14:17:28 +10:00
Damien Miller
54c459866e - markus@cvs.openbsd.org 2003/05/14 22:24:42 
[clientloop.c session.c ssh.1]
     allow to send a BREAK to the remote system; ok various
 2003-05-15 10:20:13 +10:00
Damien Miller
44e72a764f - naddy@cvs.openbsd.org 2003/04/12 11:40:15 
[ssh.1]
     document -V switch, fix wording; ok markus@
 2003-05-14 13:42:08 +10:00
Damien Miller
495dca3518 - (djm) OpenBSD CVS Sync 
- jmc@cvs.openbsd.org 2003/03/28 10:11:43
     [scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5]
     [ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
     - killed whitespace
     - new sentence new line
     - .Bk for arguments
     ok markus@
 2003-04-01 21:42:14 +10:00
Damien Miller
d8769625fb - stevesk@cvs.openbsd.org 2002/09/27 15:46:21 
[ssh.1]
     clarify compression level protocol 1 only; ok markus@ deraadt@
 2002-09-30 12:00:55 +10:00
Damien Miller
f37e246f85 - stevesk@cvs.openbsd.org 2002/09/12 19:50:36 
[session.c ssh.1]
     add SSH_CONNECTION and deprecate SSH_CLIENT; bug #384.  ok markus@
 2002-09-19 11:47:55 +10:00
Damien Miller
b5fdfaae13 - stevesk@cvs.openbsd.org 2002/09/11 17:55:03 
[ssh.1]
     add agent and X11 forwarding warning text from ssh_config.5; ok markus@
 2002-09-12 09:52:03 +10:00
Damien Miller
147bba3453 - stevesk@cvs.openbsd.org 2002/08/29 16:02:54 
[ssh.1 ssh.c]
     deprecate -P as UsePrivilegedPort defaults to no now; ok markus@
 2002-09-04 16:46:06 +10:00
Ben Lindstrom
3541f18e10 - stevesk@cvs.openbsd.org 2002/08/17 23:07:14 
[ssh.1]
     ForwardAgent has defaulted to no for over 2 years; be more clear here.
 2002-08-20 19:03:20 +00:00
Ben Lindstrom
bd9bf38b00 - stevesk@cvs.openbsd.org 2002/08/12 17:30:35 
[ssh.1 sshd.8 sshd_config.5]
     more PermitUserEnvironment; ok markus@
 2002-08-20 18:54:20 +00:00
Ben Lindstrom
dc7adf2670 - marc@cvs.openbsd.org 2002/08/02 16:00:07 
[ssh.1 sshd.8]
     note that .ssh/environment is only read when
     allowed (PermitUserEnvironment in sshd_config).
     OK markus@
 2002-08-20 18:38:02 +00:00
Ben Lindstrom
c001cd3577 - naddy@cvs.openbsd.org 2002/06/22 11:51:39 
[ssh.1]
     typo
 2002-06-23 00:32:11 +00:00
Ben Lindstrom
bf69e3b95d - stevesk@cvs.openbsd.org 2002/06/22 02:40:23 
[ssh.1]
     section 5 not 4 for ssh_config
 2002-06-23 00:31:24 +00:00
Ben Lindstrom
9f04903c50 - stevesk@cvs.openbsd.org 2002/06/20 19:56:07 
[ssh.1 sshd.8]
     move configuration file options from ssh.1/sshd.8 to
     ssh_config.5/sshd_config.5; ok deraadt@ millert@
 2002-06-21 00:59:05 +00:00
Ben Lindstrom
cb72e4f6d2 - deraadt@cvs.openbsd.org 2002/06/19 00:27:55 
[auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
      authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
      ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
      ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
      xmalloc.h]
     KNF done automatically while reading....
 2002-06-21 00:41:51 +00:00
Ben Lindstrom
2bf8276393 - stevesk@cvs.openbsd.org 2002/06/10 17:45:20 
[readconf.c ssh.1]
     change RhostsRSAAuthentication and RhostsAuthentication default to no
     since ssh is no longer setuid root by default; ok markus@
 2002-06-11 15:53:05 +00:00
Ben Lindstrom
5cac423871 - stevesk@cvs.openbsd.org 2002/06/09 22:15:15 
[ssh.1]
     update for no setuid root and ssh-keysign; ok deraadt@
 2002-06-11 15:45:02 +00:00
Ben Lindstrom
4daea86fd4 - markus@cvs.openbsd.org 2002/06/08 05:17:01 
[readconf.c readconf.h ssh.1 ssh.c]
     deprecate FallBackToRsh and UseRsh; patch from djm@
 2002-06-09 20:04:02 +00:00
Ben Lindstrom
20abb75f53 - stevesk@cvs.openbsd.org 2002/05/29 03:06:30 
[ssh.1 sshd.8]
     spelling
 2002-06-06 20:45:33 +00:00
Ben Lindstrom
033a49c7cc - stevesk@cvs.openbsd.org 2002/05/26 20:35:10 
[ssh.1]
     sort ChallengeResponseAuthentication; ok markus@
 2002-06-06 20:30:28 +00:00
Ben Lindstrom
c57bbf158d - millert@cvs.openbsd.org 2002/05/06 23:34:33 
[ssh.1 sshd.8]
     Kill/adjust r(login|exec)d? references now that those are no longer in
     the tree.
 2002-05-15 21:36:45 +00:00
Ben Lindstrom
f181384a6b - markus@cvs.openbsd.org 2002/03/26 11:34:49 
[ssh.1 sshd.8]
     update to recent drafts
 2002-03-27 17:18:31 +00:00
Ben Lindstrom
5589f4b55f - jakob@cvs.openbsd.org 2002/03/21 15:17:26 
[clientloop.c ssh.1]
     add built-in command line for adding new port forwardings on the fly.
     based on a patch from brian wellington. ok markus@.
 2002-03-22 03:24:32 +00:00
Damien Miller
85221b2818 - markus@cvs.openbsd.org 2002/02/18 17:55:20 
[ssh.1]
     -q: Fatal errors are _not_ displayed.
 2002-02-19 15:27:23 +11:00
Damien Miller
05eda437a6 - (djm) OpenBSD CVS Sync 
- deraadt@cvs.openbsd.org 2002/02/09 17:37:34
     [pathnames.h session.c ssh.1 sshd.8 sshd_config ssh-keyscan.1]
     move ssh config files to /etc/ssh
 - (djm) Adjust portable Makefile.in tnd ssh-rand-helper.c o match
 2002-02-10 18:32:28 +11:00
Damien Miller
9749c0c972 - stevesk@cvs.openbsd.org 2002/02/03 22:35:57 
[ssh.1 sshd.8]
     some KeepAlive cleanup/clarify; ok markus@
 2002-02-05 12:23:58 +11:00
Damien Miller
07a2d429b2 - markus@cvs.openbsd.org 2002/01/29 23:50:37 
[scp.1 ssh.1]
     mention exit status; ok stevesk@
 2002-02-05 12:16:15 +11:00
Damien Miller
fae2386cc9 - stevesk@cvs.openbsd.org 2002/01/16 17:42:33 
[ssh.1]
     correct defaults for -i/IdentityFile; ok markus@
 2002-01-22 23:32:26 +11:00
Damien Miller
70972eb388 - stevesk@cvs.openbsd.org 2002/01/05 21:51:56 
[ssh.1 sshd.8]
     some missing and misplaced periods
 2002-01-22 23:19:55 +11:00
Damien Miller
dc9e067614 - stevesk@cvs.openbsd.org 2001/12/28 22:37:48 
[ssh.1 sshd.8]
     document LogLevel DEBUG[123]; ok markus@
 2002-01-22 23:17:51 +11:00
Damien Miller
705499b248 - markus@cvs.openbsd.org 2001/11/08 17:49:53 
[ssh.1]
     mention setuid root requirements; noted by cnorris@csc.UVic.ca; ok stevesk@
 2001-11-12 11:05:38 +11:00
Damien Miller
1f8dddc927 - markus@cvs.openbsd.org 2001/10/30 20:29:09 
[ssh.1]
     ssh.1
 2001-11-12 11:02:25 +11:00
Ben Lindstrom
3cecc9a41f - markus@cvs.openbsd.org 2001/10/01 21:51:16 
[readconf.c readconf.h ssh.1 sshconnect.c]
     add NoHostAuthenticationForLocalhost; note that the hostkey is
     now check for localhost, too.
 2001-10-03 17:39:38 +00:00
Ben Lindstrom
2b7a0e953e - stevesk@cvs.openbsd.org 2001/09/19 19:24:19 
[readconf.c readconf.h scp.c sftp.c ssh.1]
     add ClearAllForwardings ssh option and set it in scp and sftp; ok
     markus@
 2001-09-20 00:57:55 +00:00
Ben Lindstrom
594e203894 - deraadt@cvs.openbsd.org 2001/09/05 06:23:07 
[scp.1 sftp.1 ssh.1 ssh-agent.1 sshd.8 ssh-keygen.1 ssh-keyscan.1]
     avoid first person in manual pages
 2001-09-12 18:35:30 +00:00
Ben Lindstrom
62c25a43db - stevesk@cvs.openbsd.org 2001/08/30 16:04:35 
[readconf.c ssh.1]
     validate ports for LocalForward/RemoteForward.
     add host/port alternative syntax for IPv6 (like -L/-R).
     ok markus@
 2001-09-12 18:01:59 +00:00
Ben Lindstrom
6e69d532dc - naddy@cvs.openbsd.org 2001/08/30 15:42:36 
[ssh.1]
     add -D to synopsis line; ok markus@
 2001-09-12 17:59:59 +00:00
Ben Lindstrom
60d82be9f3 - stevesk@cvs.openbsd.org 2001/08/29 23:39:40 
[ssh.1 sshd.8]
     additional documentation for GatewayPorts; ok markus@
 2001-09-12 17:58:15 +00:00
Ben Lindstrom
19ceb17040 - stevesk@cvs.openbsd.org 2001/08/29 23:13:10 
[ssh.1 ssh.c]
     document -D and DynamicForward; ok markus
 2001-09-12 17:54:24 +00:00
Ben Lindstrom
14f31ab947 - markus@cvs.openbsd.org 2001/08/28 15:39:48 
[ssh.1 ssh.c]
     allow: ssh -F configfile host
 2001-09-12 17:48:04 +00:00
Ben Lindstrom
ffa1dd6817 - stevesk@cvs.openbsd.org 2001/08/22 17:45:16 
[ssh.1]
     document cipher des for protocol 1; ok deraadt@
 2001-09-12 16:52:28 +00:00
Ben Lindstrom
a10aed8b5e - stevesk@cvs.openbsd.org 2001/08/22 16:21:21 
[ssh.1]
     hostname not optional; ok markus@
 2001-09-12 16:43:26 +00:00
Ben Lindstrom
e59433da7a - stevesk@cvs.openbsd.org 2001/08/21 21:47:42 
[ssh.1 sshd.8]
     minor typos and cleanup
 2001-09-12 16:41:37 +00:00
Ben Lindstrom
1c0fd09d15 - stevesk@cvs.openbsd.org 2001/08/16 20:14:57 
[ssh.1 sshd.8]
     document case sensitivity for ssh, sshd and key file
     options and arguments; ok markus@
 2001-09-12 16:36:17 +00:00
Ben Lindstrom
14c62eb2be - stevesk@cvs.openbsd.org 2001/08/14 17:54:29 
[scp.1 sftp.1 ssh.1]
     consistent documentation and example of ``-o ssh_option'' for sftp and
     scp; document keyword=argument for ssh.
 2001-08-15 23:25:46 +00:00
Ben Lindstrom
020a8699a9 - markus@cvs.openbsd.org 2001/08/01 22:16:45 
[ssh.1 sshd.8]
     refer to current ietf drafts for protocol v2
 2001-08-06 21:38:10 +00:00
Ben Lindstrom
ae996bf7d1 - jakob@cvs.openbsd.org 2001/07/31 09:28:44 
[readconf.c readconf.h ssh.1 ssh.c]
     add 'SmartcardDevice' client option to specify which smartcard device
     is used to access a smartcard used for storing the user's private RSA
     key. ok markus@.
 2001-08-06 21:27:53 +00:00
Ben Lindstrom
f9cedb9ca0 - markus@cvs.openbsd.org 2001/07/25 14:35:18 
[readconf.c ssh.1 ssh.c sshconnect.c]
     cleanup connect(); connection_attempts 4 -> 1; from
eivind@freebsd.org
 2001-08-06 21:07:11 +00:00
Ben Lindstrom
a9086a1c4c - markus@cvs.openbsd.org 2001/07/23 12:47:05 
[ssh.1]
     sync PreferredAuthentications
 2001-08-06 20:58:51 +00:00
Ben Lindstrom
0076d75c25 - markus@cvs.openbsd.org 2001/07/22 22:04:19 
[readconf.c ssh.1]
     enable challenge-response auth by default; ok millert@
 2001-08-06 20:53:26 +00:00
Ben Lindstrom
e2b9b06425 - pvalchev@cvs.openbsd.org 2001/07/22 21:32:42 
[ssh.1]
     There is no option "Compress", point to "Compression" instead; ok
     markus
 2001-08-06 20:50:55 +00:00
Ben Lindstrom
979c981f99 - stevesk@cvs.openbsd.org 2001/07/20 18:41:51 
[ssh.1]
     "the" command line
 2001-07-22 20:45:39 +00:00
Ben Lindstrom
660076925e - stevesk@cvs.openbsd.org 2001/07/19 00:41:44 
[ssh.1]
     escape chars are below now
 2001-07-22 20:41:59 +00:00
Ben Lindstrom
5bf5d67d49 - markus@cvs.openbsd.org 2001/06/26 17:25:34 
[ssh.1]
     document SSH_ASKPASS; fubob@MIT.EDU
 2001-07-04 04:31:38 +00:00
Ben Lindstrom
2464322d7e - itojun@cvs.openbsd.org 2001/06/23 17:48:18 
[sftp.1 ssh.1 sshd.8 ssh-keyscan.1]
     kill whitespace at EOL.
 2001-06-25 05:08:11 +00:00
Ben Lindstrom
d6481ea49a - markus@cvs.openbsd.org 2001/06/23 02:34:33 
[kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1
      sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8]
     get rid of known_hosts2, use it for hostkey lookup, but do not
     modify.
 2001-06-25 04:37:41 +00:00
Ben Lindstrom
f96704d4ef - markus@cvs.openbsd.org 2001/06/22 21:55:49 
[auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config
      ssh-keygen.1]
     merge authorized_keys2 into authorized_keys.
     authorized_keys2 is used for backward compat.
     (just append authorized_keys2 to authorized_keys).
 2001-06-25 04:17:12 +00:00
Ben Lindstrom
d2bf0d64d9 - mpech@cvs.openbsd.org 2001/06/22 10:17:51 
[ssh.1 sshd.8 ssh-keyscan.1]
     o) .Sh AUTHOR -> .Sh AUTHORS;
     o) remove unnecessary .Pp;
     o) better -mdoc style;
     o) typo;
     o) sort SEE ALSO;

     aaron@ ok
 2001-06-25 04:10:54 +00:00
Ben Lindstrom
bd0e2de8e5 - markus@cvs.openbsd.org 2001/05/19 16:46:19 
[ssh.1 sshd.8]
     document MACs defaults with .Dq
 2001-06-05 19:52:52 +00:00
Ben Lindstrom
1bfe29151b - markus@cvs.openbsd.org 2001/05/19 16:32:16 
[ssh.1 sshconnect2.c]
     change preferredauthentication order to
        publickey,hostbased,password,keyboard-interactive
     document that hostbased defaults to no, document order
 2001-06-05 19:37:25 +00:00
Ben Lindstrom
c4bcb7d9e3 - markus@cvs.openbsd.org 2001/05/17 21:34:15 
[ssh.1]
     no spaces in PreferredAuthentications;
     meixner@rbg.informatik.tu-darmstadt.de
 2001-06-05 18:39:10 +00:00
Ben Lindstrom
7121507b19 - deraadt@cvs.openbsd.org 2001/05/15 22:04:01 
[ssh.1]
     X11 forwarding details improved
 2001-05-17 03:16:18 +00:00
Ben Lindstrom
f0609f8bd3 - stevesk@cvs.openbsd.org 2001/05/04 14:21:56 
[ssh.1 sshd.8]
     typos
 2001-05-04 22:38:43 +00:00
Ben Lindstrom
e0f8804194 - markus@cvs.openbsd.org 2001/04/30 11:18:52 
[readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
     implement 'ssh -b bind_address' like 'telnet -b'
 2001-04-30 13:06:24 +00:00
Ben Lindstrom
c65e6a0fec - markus@cvs.openbsd.org 2001/04/22 23:58:36 
[ssh-keygen.1 ssh.1 sshd.8]
     document hostbased and other cleanup
 2001-04-23 13:02:16 +00:00
Ben Lindstrom
160ec62dce - markus@cvs.openbsd.org 2001/04/22 13:32:27 
[sftp-server.8 sftp.1 ssh.1 sshd.8]
     xref draft-ietf-secsh-*
 2001-04-22 17:17:46 +00:00
Ben Lindstrom
f8d245756b - djm@cvs.openbsd.org 2001/04/22 08:13:30 
[ssh.1]
     typos spotted by stevesk@; ok deraadt@
 2001-04-22 17:11:56 +00:00
Ben Lindstrom
9ffdcb5478 - djm@cvs.openbsd.org 2001/04/20 07:17:51 
[clientloop.c ssh.1]
     Split out and improve escape character documentation, mention ~R in
     ~? help text; ok markus@
 2001-04-20 12:50:51 +00:00
Ben Lindstrom
982dbbcfda - markus@cvs.openbsd.org 2001/04/17 10:53:26 
[key.c key.h readconf.c readconf.h ssh.1 sshconnect2.c]
     add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@
 2001-04-17 18:11:36 +00:00
Ben Lindstrom
18a82ac029 - itojun@cvs.openbsd.org 2001/04/10 09:13:22 
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
     document id_rsa{.pub,}.  markus ok
 2001-04-11 15:59:35 +00:00
Ben Lindstrom
f327235f65 - markus@cvs.openbsd.org 2001/04/05 15:45:43 
[ssh.1]
     ssh defaults to protocol v2; from quisar@quisar.ambre.net
 2001-04-05 23:29:59 +00:00
Ben Lindstrom
89b0bd66e2 - stevesk@cvs.openbsd.org 2001/03/26 15:47:59 
[ssh.1]
     document more defaults; misc. cleanup.  ok markus@
 2001-03-29 00:27:11 +00:00
Damien Miller
1e42f30c4c - djm@cvs.openbsd.org 2001/03/19 05:49:52 
[ssh.1]
     document PreferredAuthentications option; ok markus@
 2001-03-19 23:59:11 +11:00
Ben Lindstrom
cebc858ca2 - OpenBSD CVS Sync 
- markus@cvs.openbsd.org 2001/03/08 00:15:48
     [readconf.c ssh.1]
     turn off useprivilegedports by default. only rhost-auth needs
     this. older sshd's may need this, too.
 2001-03-08 03:39:10 +00:00
Ben Lindstrom
b29e34d1e4 - deraadt@cvs.openbsd.org 2001/03/07 04:05:58 
[ssh.1]
     removed dated comment
 2001-03-07 06:08:50 +00:00
Ben Lindstrom
d58eb5f50e - deraadt@cvs.openbsd.org 2001/03/07 01:19:06 
[ssh.1 sshd.8]
     the name "secure shell" is boring, noone ever uses it
 2001-03-07 06:07:22 +00:00
Ben Lindstrom
1e62174af1 - stevesk@cvs.openbsd.org 2001/03/05 17:40:48 
[ssh.1]
     more ssh_known_hosts2 documentation; ok markus@
 2001-03-06 01:10:53 +00:00
Ben Lindstrom
ec26fb1667 - deraadt@cvs.openbsd.org 2001/03/05 15:56:16 
[myproposal.h ssh.1]
     switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster;
     provos & markus ok
 2001-03-06 01:05:23 +00:00
Ben Lindstrom
92a2e38f8e - deraadt@cvs.openbsd.org 2001/03/02 18:54:31 
[atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
      scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
      ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
     make copyright lines the same format
 2001-03-05 06:59:27 +00:00
Ben Lindstrom
ebd888d919 - markus@cvs.openbsd.org 2001/02/22 21:57:27 
[ssh.1 sshd.8]
     typos/grammar from matt@anzen.com
 2001-03-05 05:49:29 +00:00
Ben Lindstrom
06b33aa0e8 - markus@cvs.openbsd.org 2001/02/11 12:59:25 
[Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
      sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
     1) clean up the MAC support for SSH-2
     2) allow you to specify the MAC with 'ssh -m'
     3) or the 'MACs' keyword in ssh(d)_config
     4) add hmac-{md5,sha1}-96
             ok stevesk@, provos@
 2001-02-15 03:01:59 +00:00
Ben Lindstrom
5ab6ae1282 - (bal) Synced ssh.1 w/ OpenBSD 2001-02-10 22:08:03 +00:00
Kevin Steves
3c034ae01a - markus@cvs.openbsd.org 2001/02/04 08:10:44 
[ssh.1]
     typo; dpo@club-internet.fr
 2001-02-05 13:47:11 +00:00
Damien Miller
3380426358 NB: big update - may break stuff. Please test! 
- (djm) OpenBSD CVS sync:
   - markus@cvs.openbsd.org  2001/02/03 03:08:38
     [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
     [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
     [sshd_config]
     make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
   - markus@cvs.openbsd.org  2001/02/03 03:19:51
     [ssh.1 sshd.8 sshd_config]
     Skey is now called ChallengeResponse
   - markus@cvs.openbsd.org  2001/02/03 03:43:09
     [sshd.8]
     use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
     channel. note from Erik.Anggard@cygate.se (pr/1659)
   - stevesk@cvs.openbsd.org 2001/02/03 10:03:06
     [ssh.1]
     typos; ok markus@
   - djm@cvs.openbsd.org     2001/02/04 04:11:56
     [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
     [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
     Basic interactive sftp client; ok theo@
 - (djm) Update RPM specs for new sftp binary
 - (djm) Update several bits for new optional reverse lookup stuff. I
   think I got them all.
 2001-02-04 23:20:18 +11:00
Damien Miller
832562e9ba - djm@cvs.openbsd.org 2001/01/29 05:36:11 
[ssh.1 ssh.c]
     Allow invocation of sybsystem by commandline (-s); ok markus@
 2001-01-30 09:30:01 +11:00
Ben Lindstrom
eb930d4432 - stevesk@cvs.openbsd.org 2001/01/28 20:36:16 
[readconf.c ssh.1]
     ``StrictHostKeyChecking ask'' documentation and small cleanup.
     ok markus@
 2001-01-29 08:37:08 +00:00
Ben Lindstrom
035782e712 - markus@cvs.openbsd.org 2001/01/28 10:24:04 
[ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1]
     cleanup AUTHORS sections
 2001-01-29 08:34:16 +00:00
Ben Lindstrom
db65e8fded Please grep through the source and look for 'ISSUE' comments and verify 
that I was able to get all the portable bits in the right location.  As for
the SKEY comment there is an email out to Markus as to how it should be
resolved.  Until then I just #ifdef SKEY/#endif out the whole block.

 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/18 16:20:21
     [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h
      sshd.8 sshd.c]
     log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many
     systems
   - markus@cvs.openbsd.org 2001/01/18 16:59:59
     [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c
      session.h sshconnect1.c]
     1) removes fake skey from sshd, since this will be much
        harder with /usr/libexec/auth/login_XXX
     2) share/unify code used in ssh-1 and ssh-2 authentication (server side)
     3) make addition of BSD_AUTH and other challenge reponse methods
        easier.
   - markus@cvs.openbsd.org 2001/01/18 17:12:43
     [auth-chall.c auth2-chall.c]
     rename *-skey.c *-chall.c since the files are not skey specific
 2001-01-19 04:26:52 +00:00
Ben Lindstrom
a383baac46 20010108 
- (bal) Fixed another typo in cli.c
 - (bal) OpenBSD Sync
   - markus@cvs.openbsd.org 2001/01/07 21:26:55
     [cli.c]
     typo
   - markus@cvs.openbsd.org 2001/01/07 21:26:55
     [cli.c]
     missing free, stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/07 19:06:25
     [auth1.c]
     missing free, stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/07 11:28:04
     [log-client.c log-server.c log.c readconf.c servconf.c ssh.1
      ssh.h sshd.8 sshd.c]
     rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
     syslog priority changes:
             fatal() LOG_ERR  -> LOG_CRIT
             log()   LOG_INFO -> LOG_NOTICE
 2001-01-08 06:13:41 +00:00
Ben Lindstrom
d26dcf3371 20010107 
- (bal) OpenBSD Sync
   - markus@cvs.openbsd.org 2001/01/06 11:23:27
     [ssh-rsa.c]
     remove unused
   - itojun@cvs.openbsd.org 2001/01/05 08:23:29
     [ssh-keyscan.1]
     missing .El
   - markus@cvs.openbsd.org 2001/01/04 22:41:03
     [session.c sshconnect.c]
     consistent use of _PATH_BSHELL; from stevesk@pobox.com
   - djm@cvs.openbsd.org 2001/01/04 22:35:32
     [ssh.1 sshd.8]
     Mention AES as available SSH2 Cipher; ok markus
   - markus@cvs.openbsd.org 2001/01/04 22:25:58
     [sshd.c]
     sync usage()/man with defaults; from stevesk@pobox.com
   - markus@cvs.openbsd.org 2001/01/04 22:21:26
     [sshconnect2.c]
     handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server
     that prints a banner (e.g. /etc/issue.net)
 2001-01-06 15:18:16 +00:00
Ben Lindstrom
4dccfa5fb7 - (bal) OpenBSD CVS Update 
- markus@cvs.openbsd.org 2000/12/28 14:25:51
     [auth.h auth2.c]
     count authentication failures only
   - markus@cvs.openbsd.org 2000/12/28 14:25:03
     [sshconnect.c]
     fingerprint for MITM attacks, too.
   - markus@cvs.openbsd.org 2000/12/28 12:03:57
     [sshd.8 sshd.c]
     document -D
   - markus@cvs.openbsd.org 2000/12/27 14:19:21
     [serverloop.c]
     less chatty
   - markus@cvs.openbsd.org 2000/12/27 12:34
     [auth1.c sshconnect2.c sshd.c]
     typo
   - markus@cvs.openbsd.org 2000/12/27 12:30:19
     [readconf.c readconf.h ssh.1 sshconnect.c]
     new option: HostKeyAlias: allow the user to record the host key
     under a different name. This is useful for ssh tunneling over
     forwarded connections or if you run multiple sshd's on different
     ports on the same machine.
   - markus@cvs.openbsd.org 2000/12/27 11:51:53
     [ssh.1 ssh.c]
     multiple -t force pty allocation, document ORIGINAL_COMMAND
   - markus@cvs.openbsd.org 2000/12/27 11:41:31
     [sshd.8]
     update for ssh-2
 2000-12-28 16:40:05 +00:00