path: root/ssh.c
AgeCommit message (Collapse)Author
5 daysupstream: close stdin when forking after authentication too; ok
OpenBSD-Commit-ID: 43db17e4abc3e6b4a7b033aa8cdab326a7cb6c24
6 daysupstream: close stdout/stderr after "ssh -f ..."
bz#3137, ok markus OpenBSD-Commit-ID: e2d83cc4dea1665651a7aa924ad1ed6bcaaab3e2
2020-08-03upstream: Also compare username when checking for JumpHost
bz#3057, ok djm@ OpenBSD-Commit-ID: 9bbc1d138adb34c54f3c03a15a91f75dbf418782
2020-07-17upstream: Add a '%k' TOKEN that expands to the effective HostKey
the destination. This allows, eg, keeping host keys in individual files using "UserKnownHostsFile ~/.ssh/known_hosts.d/%k". bz#1654, ok djm@, jmc@ (man page bits) OpenBSD-Commit-ID: 7084d723c9cc987a5c47194219efd099af5beadc
2020-07-17upstream: Add %-TOKEN, environment variable and tilde expansion
UserKnownHostsFile, allowing the file to be automagically split up in the configuration (eg bz#1654). ok djm@, man page parts jmc@ OpenBSD-Commit-ID: 7e1b406caf147638bb51558836a72d6cc0bd1b18
2020-07-15upstream: some language improvements; ok
OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
2020-06-26upstream: Defer creation of ~/.ssh by ssh(1) until we attempt
write to it so we don't leave an empty .ssh directory when it's not needed. Use the same function to replace the code in ssh-keygen that does the same thing. bz#3156, ok djm@ OpenBSD-Commit-ID: 59c073b569be1a60f4de36f491a4339bc4ae870f
2020-06-05upstream: Correct historical comment: provos@ modified OpenSSH
work with SSLeay (very quickly replaced by OpenSSL) not SSL in general. ok deraadt, historical context markus@ OpenBSD-Commit-ID: 7209e07a2984b50411ed8ca5a4932da5030d2b90
2020-05-29upstream: Allow some keywords to expand shell-style ${ENV}
environment variables on the client side. The supported keywords are CertificateFile, ControlPath, IdentityAgent and IdentityFile, plus LocalForward and RemoteForward when used for Unix domain socket paths. This would for example allow forwarding of Unix domain socket paths that change at runtime. bz#3140, ok djm@ OpenBSD-Commit-ID: a4a2e801fc2d4df2fe0e58f50d9c81b03822dffa
2020-04-10upstream: Add TOKEN percent expansion to LocalFoward and
when used for Unix domain socket forwarding. Factor out the code for the config keywords that use the most common subset of TOKENS into its own function. bz#3014, ok jmc@ (man page bits) djm@ OpenBSD-Commit-ID: bffc9f7e7b5cf420309a057408bef55171fd0b97
2020-04-03upstream: r1.522 deleted one too many lines;
OpenBSD-Commit-ID: 1af8851fd7a99e4a887b19aa8f4c41a6b3d25477
2020-04-03upstream: fix debug
OpenBSD-Commit-ID: 42c6edeeda5ce88b51a20d88c93be3729ce6b916
2020-04-03upstream: the tunnel-forwarding vs ExitOnForwardFailure fix that
committed earlier had an off-by-one. Fix this and add some debugging that would have made it apparent sooner. OpenBSD-Commit-ID: 082f8f72b1423bd81bbdad750925b906e5ac6910
2020-04-03upstream: make failures when establishing "Tunnel" forwarding
the connection when ExitOnForwardFailure is enabled; bz3116; ok dtucker OpenBSD-Commit-ID: ef4b4808de0a419c17579b1081da768625c1d735
2020-04-03upstream: Make with config keywords support
percent_expansions more consistent. - %C is moved into its own function and added to Match Exec. - move the common (global) options into a macro. This is ugly but it's the least-ugly way I could come up with. - move IdentityAgent and ForwardAgent percent expansion to before the config dump to make it regression-testable. - document all of the above ok jmc@ for man page bits, "makes things less terrible" djm@ for the rest. OpenBSD-Commit-ID: 4b65664bd6d8ae2a9afaf1a2438ddd1b614b1d75
2020-03-13upstream: initialize cname in case ai_canonname is NULL or
long; ok djm OpenBSD-Commit-ID: c27984636fdb1035d1642283664193e91aab6e37
2020-02-18upstream: Detect and prevent simple configuration loops when
ProxyJump. bz#3057, ok djm@ OpenBSD-Commit-ID: 077d21c564c886c98309d871ed6f8ef267b9f037
2020-02-07upstream: Add ssh -Q key-sig for all key and signature
Teach ssh -Q to accept ssh_config(5) and sshd_config(5) algorithm keywords as an alias for the corresponding query. Man page help jmc@, ok djm@. OpenBSD-Commit-ID: 1e110aee3db2fc4bc5bee2d893b7128fd622e0f8
2020-02-07upstream: Replace "security key" with "authenticator" in
messages. This replaces "security key" in error/usage/verbose messages and distinguishes between "authenticator" and "authenticator-hosted key". ok djm@ OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
2020-01-29upstream: disable UpdateHostKeys=ask when in quiet mode; "work
me" matthieu@ OpenBSD-Commit-ID: 60d7b5eb91accf935ed9852650a826d86db2ddc7
2020-01-28upstream: disable UpdateHostKeys=ask if command is specified;
djm@ sthen@ OpenBSD-Commit-ID: e5bcc45eadb78896637d4143d289f1e42c2ef5d7
2020-01-25upstream: allow UpdateKnownHosts=yes to function when
known_hosts files are in use. When updating host keys, ssh will now search subsequent known_hosts files, but will add new/changed host keys to the first specified file only. bz#2738 ok markus@ OpenBSD-Commit-ID: 6ded6d878a03e57d5aa20bab9c31f92e929dbc6c
2020-01-25upstream: expose PKCS#11 key labels/X.509 subjects as
Extract the key label or X.509 subject string when PKCS#11 keys are retrieved from the token and plumb this through to places where it may be used as a comment. based on by Danielle Church feedback and ok markus@ OpenBSD-Commit-ID: cae1fda10d9e10971dea29520916e27cfec7ca35
2020-01-23upstream: Make zlib optional. This adds a "ZLIB" build time
that allows building without zlib compression and associated options. With feedback from markus@, ok djm@ OpenBSD-Commit-ID: 44c6e1133a90fd15a3aa865bdedc53bab28b7910
2020-01-23upstream: Replace all calls to signal(2) with a wrapper
sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations. OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
2020-01-06upstream: fix CanonicalizeHostname, broken by rev
Issue noticed and reported by Pierre-Olivier Martel <> ok dtucker@ markus@ djm@ OpenBSD-Commit-ID: 749f3168ec520609c35b0c4e1984e5fa47f16094
2019-12-21upstream: Allow forwarding a different agent socket to the
specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to accepting an explicit path or the name of an environment variable in addition to yes/no. Patch by Eric Chiang, manpage by me; ok markus@ OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265
2019-11-20upstream: additional missing stdarg.h includes when built
WITH_OPENSSL; ok djm@ OpenBSD-Commit-ID: 881f9a2c4e2239849cee8bbf4faec9bab128f55b
2019-11-01upstream: ssh client support for U2F/FIDO
OpenBSD-Commit-ID: eb2cfa6cf7419a1895e06e398ea6d41516c5b0bc
2019-09-13upstream: allow %n to be expanded in ProxyCommand
From Zachary Harmany via ok dtucker@ OpenBSD-Commit-ID: 7eebf1b7695f50c66d42053d352a4db9e8fb84b6
2019-09-08upstream: Allow prepending a list of algorithms to the default
by starting the list with the '^' character, e.g. HostKeyAlgorithms ^ssh-ed25519 Ciphers ^, ok djm@ dtucker@ OpenBSD-Commit-ID: 1e1996fac0dc8a4b0d0ff58395135848287f6f97
2019-07-05upstream: When system calls indicate an error they return -1,
some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future. OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
2019-06-14upstream: slightly more instructive error message when the
specifies multiple -J options on the commandline. bz3015 ok dtucker@ OpenBSD-Commit-ID: 181c15a65cac3b575819bc8d9a56212c3c748179
2019-06-14upstream: Hostname->HostName cleanup; from lauri tirkkonen
dtucker OpenBSD-Commit-ID: 4ade73629ede63b691f36f9a929f943d4e7a44e4
2019-06-08upstream: Replace calls to ssh_malloc_init() by a static init
malloc_options. Prepares for changes in the way malloc is initialized. ok guenther@ dtucker@ OpenBSD-Commit-ID: 154f4e3e174f614b09f792d4d06575e08de58a6b
2019-05-08upstream: Use the LogLevel typdef instead of int where appropriate. Patch ↵
from Markus Schmidt via openssh-unix-dev, ok markus@ OpenBSD-Commit-ID: 4c0f0f458e3da7807806b35e3eb5c1e8403c968a
2019-01-20upstream: remove last references to
with & ok markus@ OpenBSD-Commit-ID: 78619a50ea7e4ca2f3b54d4658b3227277490ba2
2019-01-20upstream: convert ssh.c to new packet
with & ok markus@ OpenBSD-Commit-ID: eb146878b24e85c2a09ee171afa6797c166a2e21
2019-01-20upstream: begin landing remaining refactoring of packet
API, started almost exactly six years ago. This change stops including the old packet_* API by default and makes each file that requires the old API include it explicitly. We will commit file-by-file refactoring to remove the old API in consistent steps. with & ok markus@ OpenBSD-Commit-ID: 93c98a6b38f6911fd1ae025a1ec57807fb4d4ef4
2018-12-27upstream: move client/server SSH-* banners to buffers
ssh->kex and factor out the banner exchange. This eliminates some common code from the client and server. Also be more strict about handling \r characters - these should only be accepted immediately before \n (pointed out by Jann Horn). Inspired by a patch from Markus Schmidt. (lots of) feedback and ok markus@ OpenBSD-Commit-ID: 1cc7885487a6754f63641d7d3279b0941890275b
2018-11-23upstream: add a ssh_config "Match final"
Matches in same pass as "Match canonical" but doesn't require hostname canonicalisation be enabled. bz#2906 ok markus OpenBSD-Commit-ID: fba1dfe9f6e0cabcd0e2b3be13f7a434199beffa
2018-11-23refactor libcrypto initialisationDamien Miller
Don't call OpenSSL_add_all_algorithms() unless OpenSSL actually supports it. Move all libcrypto initialisation to a single function, and call that from seed_rng() that is called early in each tool's main(). Prompted by patch from Rosen Penev
2018-10-23upstream: refer to OpenSSL not SSLeay;
we're old, but we don't have to act it OpenBSD-Commit-ID: 9ca38d11f8ed19e61a55108d1e892d696cee08ec
2018-10-03upstream: Allow ssh_config IdentityAgent directive to
environment variable names as well as explicit paths. ok dtucker@ OpenBSD-Commit-ID: 2f0996e103876c53d8c9dd51dcce9889d700767b
2018-09-21upstream: Treat connections with ProxyJump specified the same as
with a ProxyCommand set with regards to hostname canonicalisation (i.e. don't try to canonicalise the hostname unless CanonicalizeHostname is set to 'always'). Patch from Sven Wegener via bz#2896 OpenBSD-Commit-ID: 527ff501cf98bf65fb4b29ed0cb847dda10f4d37
2018-09-20upstream: fix "ssh -Q sig" to show correct signature algorithm
(it was erroneously showing certificate algorithms); prompted by markus@ OpenBSD-Commit-ID: 1cdee002f2f0c21456979deeb887fc889afb154d
2018-09-12upstream: Add "ssh -Q sig" to allow listing supported
algorithms ok markus@ OpenBSD-Commit-ID: 7a8c6eb6c249dc37823ba5081fce64876d10fe2b
2018-07-31upstream: Now that ssh can't be setuid, remove
original_real_uid and original_effective_uid globals and replace with calls to plain getuid(). ok djm@ OpenBSD-Commit-ID: 92561c0cd418d34e6841e20ba09160583e27b68c
2018-07-26upstream: Use the caller provided (copied) pwent struct
load_public_identity_files instead of calling getpwuid() again and discarding the argument. This prevents a client crash where tilde_expand_filename calls getpwuid() again before the pwent pointer is used. Issue noticed and reported by Pierre-Olivier Martel <> ok djm@ deraadt@ OpenBSD-Commit-ID: a067d74b5b098763736c94cc1368de8ea3f0b157
2018-07-19upstream: Deprecate UsePrivilegedPort now that support for
ssh(1) setuid has been removed, remove supporting code and clean up references to it in the man pages We have not shipped ssh(1) the setuid bit since 2002. If ayone really needs to make connections from a low port number this can be implemented via a small setuid ProxyCommand. ok markus@ jmc@ djm@ OpenBSD-Commit-ID: d03364610b7123ae4c6792f5274bd147b6de717e