summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
16 hoursupstream: when AddKeysToAgent=yes is set and the key contains noHEADmasterdjm@openbsd.org
16 hoursupstream: group14-sha1 is no longer a default algorithmtedu@openbsd.org
16 hoursupstream: reword HashKnownHosts description a little more; somedjm@openbsd.org
16 hoursupstream: weaken the language for what HashKnownHosts provides withdjm@openbsd.org
16 hoursupstream: the GatewayPorts vs -R listen address selection logic isdjm@openbsd.org
17 hoursupstream: mention that permitopen=/PermitOpen do no name to addressdjm@openbsd.org
17 hoursinclude tunnel device path in error messageDamien Miller
18 hoursupstream: unrevert this:djm@openbsd.org
19 hoursupstream: Move setting $NC into test-exec since it's now used bydtucker@openbsd.org
21 hoursPut EC key export inside OPENSSL_HAS_ECC.Darren Tucker
22 hoursupstream: Wait a bit longer for the multiplex master to become readydtucker@openbsd.org
22 hoursupstream: Add a connection test for proxycommand. This would havedtucker@openbsd.org
22 hoursupstream: set UpdateKnownHosts=ask by default; bz#2894; okdjm@openbsd.org
22 hoursupstream: allow UpdateKnownHosts=yes to function when multipledjm@openbsd.org
22 hoursupstream: process security key provider via realpath() in agent,djm@openbsd.org
22 hoursupstream: expose PKCS#11 key labels/X.509 subjects as commentsdjm@openbsd.org
22 hoursupstream: tweak proctitle to include sshd arguments, as these aredjm@openbsd.org
22 hoursupstream: add xextendf() to extend a string with a formatdjm@openbsd.org
22 hoursupstream: minor tweaks to ssh-keygen -Y find-principals:djm@openbsd.org
22 hoursupstream: remove ssh-rsa (SHA1) from the list of allowed CAdjm@openbsd.org
22 hoursupstream: when signing a certificate with an RSA key, default todjm@openbsd.org
22 hoursupstream: allow PEM export of DSA and ECDSA keys; bz3091, patchdjm@openbsd.org
22 hoursupstream: ssh-keygen -Y find-principals fixes based on feedbackdjm@openbsd.org
44 hoursupstream: Do not warn about permissions on symlinks.dtucker@openbsd.org
2 daysupstream: Handle zlib compression being disabled now that it'sdtucker@openbsd.org
2 daysupstream: Fix typo in comment.dtucker@openbsd.org
2 daysupstream: When checking for unsafe directories, ignore non-directoriesdtucker@openbsd.org
2 dayszlib is now optional.Darren Tucker
2 daysPlumb WITH_ZLIB into configure.Darren Tucker
3 daysupstream: Make zlib optional. This adds a "ZLIB" build time optiondtucker@openbsd.org
3 daysupstream: remove trailing period characters from pub/priv keydjm@openbsd.org
3 daysFix a couple of mysig_t leftovers.Darren Tucker
3 daysRemove mysignal wrapper.Darren Tucker
3 daysupstream: new sentence, new line;jmc@openbsd.org
3 daysupstream: Replace all calls to signal(2) with a wrapper arounddtucker@openbsd.org
3 daysupstream: missing header change from previous; spotted by dtucker@djm@openbsd.org
3 daysupstream: Check for and warn about StrictModes permission problems. ok tb@dtucker@openbsd.org
3 daysupstream: Also test PuTTY chacha20.dtucker@openbsd.org
3 daysupstream: Also test PuTTY ecdh kex methods.dtucker@openbsd.org
3 daysupstream: Remove unsupported algorithms from list of defaults at rundtucker@openbsd.org
3 daysupstream: add a new signature operations "find-principal" to lookdjm@openbsd.org
3 daysupstream: Ignore whitespace when checking explict fingerprint.dtucker@openbsd.org
4 daysupstream: Increase keyscan timeout from default. On slow hosts 3dtucker@openbsd.org
4 daysupstream: remove diffie-hellman-group14-sha1 from default kex totedu@openbsd.org
4 daysupstream: For ssh-keygen -lF only add a space after key fingerprintclaudio@openbsd.org
4 daysupstream: some __func__ and strerror(errno) here; no functionaldjm@openbsd.org
4 daysupstream: factor out parsing of allowed-signers linesdjm@openbsd.org
4 daysunbreak fuzzer support for recent ssh-sk.h changesDamien Miller
4 daysupstream: expose the number of currently-authenticating connectionsdjm@openbsd.org
4 daysupstream: document the default value of the ControlPersist option;naddy@openbsd.org