summaryrefslogtreecommitdiff
path: root/sshconnect1.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-11-13 22:57:25 +1100
committerDamien Miller <djm@mindrot.org>2000-11-13 22:57:25 +1100
commit0bc1bd814e3c2b5e92d6f595930051960d17f47f (patch)
tree176c7dc2844ecc2c1de0f72d221449556ffa5209 /sshconnect1.c
parent559d383037b0872fcde4e6c40188b649c574be74 (diff)
- (djm) Merge OpenBSD changes:
- markus@cvs.openbsd.org 2000/11/06 16:04:56 [channels.c channels.h clientloop.c nchan.c serverloop.c] [session.c ssh.c] agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi - markus@cvs.openbsd.org 2000/11/06 16:13:27 [ssh.c sshconnect.c sshd.c] do not disabled rhosts(rsa) if server port > 1024; from pekkas@netcore.fi - markus@cvs.openbsd.org 2000/11/06 16:16:35 [sshconnect.c] downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net - markus@cvs.openbsd.org 2000/11/09 18:04:40 [auth1.c] typo; from mouring@pconline.com - markus@cvs.openbsd.org 2000/11/12 12:03:28 [ssh-agent.c] off-by-one when removing a key from the agent - markus@cvs.openbsd.org 2000/11/12 12:50:39 [auth-rh-rsa.c auth2.c authfd.c authfd.h] [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] add support for RSA to SSH2. please test. there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. - (djm) Fix up Makefile and Redhat init script to create RSA host keys - (djm) Change to interim version
Diffstat (limited to 'sshconnect1.c')
-rw-r--r--sshconnect1.c13
1 files changed, 7 insertions, 6 deletions
diff --git a/sshconnect1.c b/sshconnect1.c
index ce560791..227e10b4 100644
--- a/sshconnect1.c
+++ b/sshconnect1.c
@@ -13,7 +13,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: sshconnect1.c,v 1.8 2000/10/12 09:59:19 markus Exp $");
+RCSID("$OpenBSD: sshconnect1.c,v 1.9 2000/11/12 19:50:38 markus Exp $");
#include <openssl/bn.h>
#include <openssl/dsa.h>
@@ -62,7 +62,7 @@ try_agent_authentication()
return 0;
challenge = BN_new();
- key = key_new(KEY_RSA);
+ key = key_new(KEY_RSA1);
/* Loop through identities served by the agent. */
for (key = ssh_get_first_identity(auth, &comment, 1);
@@ -196,7 +196,7 @@ try_rsa_authentication(const char *authfile)
int plen, clen;
/* Try to load identification for the authentication key. */
- public = key_new(KEY_RSA);
+ public = key_new(KEY_RSA1);
if (!load_public_key(authfile, public, &comment)) {
key_free(public);
/* Could not load it. Fail. */
@@ -237,7 +237,7 @@ try_rsa_authentication(const char *authfile)
debug("Received RSA challenge from server.");
- private = key_new(KEY_RSA);
+ private = key_new(KEY_RSA1);
/*
* Load the private key. Try first with empty passphrase; if it
* fails, ask for a passphrase.
@@ -760,7 +760,7 @@ ssh_kex(char *host, struct sockaddr *hostaddr)
packet_integrity_check(payload_len,
8 + 4 + sum_len + 0 + 4 + 0 + 0 + 4 + 4 + 4,
SSH_SMSG_PUBLIC_KEY);
- k.type = KEY_RSA;
+ k.type = KEY_RSA1;
k.rsa = host_key;
check_host_key(host, hostaddr, &k,
options.user_hostfile, options.system_hostfile);
@@ -994,7 +994,8 @@ ssh_userauth(
/* Try RSA authentication for each identity. */
for (i = 0; i < options.num_identity_files; i++)
- if (try_rsa_authentication(options.identity_files[i]))
+ if (options.identity_files_type[i] == KEY_RSA1 &&
+ try_rsa_authentication(options.identity_files[i]))
return;
}
/* Try skey authentication if the server supports it. */