summaryrefslogtreecommitdiffstats
path: root/monitor.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Split per-connection sshd-session binarydjm@openbsd.org2024-10-141-10/+97
| | | | | | | | | | | | | | | | | | | This splits the user authentication code from the sshd-session binary into a separate sshd-auth binary. This will be executed by sshd-session to complete the user authentication phase of the protocol only. Splitting this code into a separate binary ensures that the crucial pre-authentication attack surface has an entirely disjoint address space from the code used for the rest of the connection. It also yields a small runtime memory saving as the authentication code will be unloaded after thhe authentication phase completes. Joint work with markus@ feedback deraadt@ Tested in snaps since last week OpenBSD-Commit-ID: 9c3b2087ae08626ec31b4177b023db600e986d9c
* upstream: remove some unused defines; ok djm@jsg@openbsd.org2024-09-241-3/+1
| | | | OpenBSD-Commit-ID: 81869ee6356fdbff19dae6ff757095e6b24de712
* upstream: Add a sshd_config "RefuseConnection" optiondjm@openbsd.org2024-09-151-1/+11
| | | | | | | | | If set, this will terminate the connection at the first authentication request (this is the earliest we can evaluate sshd_config Match blocks) ok markus@ OpenBSD-Commit-ID: 43cc2533984074c44d0d2f92eb93f661e7a0b09c
* upstream: Do not apply authorized_keys options when signaturedjm@openbsd.org2024-09-151-2/+2
| | | | | | | verification fails. Prevents restrictive key options being incorrectly applied to subsequent keys in authorized_keys. bz3733, ok markus@ OpenBSD-Commit-ID: ba3776d9da4642443c19dbc015a1333622eb5a4e
* upstream: pull post-quantum ML-KEM/x25519 key exchange out fromdjm@openbsd.org2024-09-091-3/+1
| | | | | | | | | | | compile-time flag now than an IANA codepoint has been assigned for the algorithm. Add mlkem768x25519-sha256 in 2nd KexAlgorithms preference slot. ok markus@ OpenBSD-Commit-ID: 9f50a0fae7d7ae8b27fcca11f8dc6f979207451a
* upstream: Add experimental support for hybrid post-quantum key exchangedjm@openbsd.org2024-09-021-1/+4
| | | | | | | | | | | | | | | | | | ML-KEM768 with ECDH/X25519 from the Internet-draft: https://datatracker.ietf.org/doc/html/draft-kampanakis-curdle-ssh-pq-ke-03 This is based on previous patches from markus@ but adapted to use the final FIPS203 standard ML-KEM using a formally-verified implementation from libcrux. Note this key exchange method is still a draft and thus subject to change. It is therefore disabled by default; set MLKEM=yes to build it. We're making it available now to make it easy for other SSH implementations to test against it. ok markus@ deraadt@ OpenBSD-Commit-ID: 02a8730a570b63fa8acd9913ec66353735dea42c
* upstream: Add a facility to sshd(8) to penalise particulardjm@openbsd.org2024-06-061-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | problematic client behaviours, controlled by two new sshd_config(5) options: PerSourcePenalties and PerSourcePenaltyExemptList. When PerSourcePenalties are enabled, sshd(8) will monitor the exit status of its child pre-auth session processes. Through the exit status, it can observe situations where the session did not authenticate as expected. These conditions include when the client repeatedly attempted authentication unsucessfully (possibly indicating an attack against one or more accounts, e.g. password guessing), or when client behaviour caused sshd to crash (possibly indicating attempts to exploit sshd). When such a condition is observed, sshd will record a penalty of some duration (e.g. 30 seconds) against the client's address. If this time is above a minimum threshold specified by the PerSourcePenalties, then connections from the client address will be refused (along with any others in the same PerSourceNetBlockSize CIDR range). Repeated offenses by the same client address will accrue greater penalties, up to a configurable maximum. A PerSourcePenaltyExemptList option allows certain address ranges to be exempt from all penalties. We hope these options will make it significantly more difficult for attackers to find accounts with weak/guessable passwords or exploit bugs in sshd(8) itself. PerSourcePenalties is off by default, but we expect to enable it automatically in the near future. much feedback markus@ and others, ok markus@ OpenBSD-Commit-ID: 89ded70eccb2b4926ef0366a4d58a693de366cca
* upstream: remove prototypes with no matching function; ok djm@jsg@openbsd.org2024-05-221-3/+1
| | | | OpenBSD-Commit-ID: 6d9065dadea5f14a01bece0dbfe2fba1be31c693
* upstream: Start the process of splitting sshd into separatedjm@openbsd.org2024-05-171-19/+30
| | | | | | | | | | | | | | | | | | | | binaries. This step splits sshd into a listener and a session binary. More splits are planned. After this changes, the listener binary will validate the configuration, load the hostkeys, listen on port 22 and manage MaxStartups only. All session handling will be performed by a new sshd-session binary that the listener fork+execs. This reduces the listener process to the minimum necessary and sets us up for future work on the sshd-session binary. feedback/ok markus@ deraadt@ NB. if you're updating via source, please restart sshd after installing, otherwise you run the risk of locking yourself out. OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934
* upstream: defence-in-depth MaxAuthTries check in monitor; ok markusdjm@openbsd.org2023-08-181-1/+6
| | | | OpenBSD-Commit-ID: 65a4225dc708e2dae71315adf93677edace46c21
* upstream: Remove unused prototypes for ssh1 RSA functions.dtucker@openbsd.org2023-05-101-4/+1
| | | | | | From lengyijun via github PR#396. OpenBSD-Commit-ID: 379a5afa8b7a0f3cba0c8a9bcceb4e5e33a5c1ef
* Limit the number of PAM environment variables.Darren Tucker2023-03-091-0/+4
| | | | | xcalloc has its own limits, but these are specific to PAM. From Coverity CID 405198, ok djm@
* upstream: Remove now-unused compat bit SSH_BUG_RSASIGMD5. The codedtucker@openbsd.org2023-02-171-6/+1
| | | | | | | to set this was removed in OpenSSH 7.7 when support for SSH implementations dating back to before RFC standardization were removed. "burn it all" djm@ OpenBSD-Commit-ID: 6330935fbe23dd00be79891505e06d1ffdac7cda
* upstream: make sure that UseDNS hostname lookup happens in the monitordjm@openbsd.org2022-06-151-6/+3
| | | | | | | and not in the pledge(2)'d unprivileged process; fixes regression caused by recent refactoring spotted by henning@ OpenBSD-Commit-ID: a089870b95101cd8881a2dff65b2f1627d13e88d
* upstream: refactor authorized_keys/principals handlingdjm@openbsd.org2022-05-271-3/+6
| | | | | | | | | | remove "struct ssh *" from arguments - this was only used to pass the remote host/address. These can be passed in instead and the resulting code is less tightly coupled to ssh_api.[ch] ok dtucker@ OpenBSD-Commit-ID: 9d4373d013edc4cc4b5c21a599e1837ac31dda0d
* upstream: save an unneccessary alloc/free, based on patch fromdjm@openbsd.org2022-03-011-7/+4
| | | | | | Martin Vahlensieck; ok dtucker@ OpenBSD-Commit-ID: 90ffbf1f837e509742f2c31a1fbf2c0fd376fd5f
* upstream: When it's the possessive of 'it', it's spelled "its",guenther@openbsd.org2022-02-011-2/+2
| | | | | | without the apostrophe. OpenBSD-Commit-ID: fb6ab9c65bd31de831da1eb4631ddac018c5fae7
* upstream: log signature algorithm during verification by monitor;djm@openbsd.org2022-01-061-2/+3
| | | | | | ok markus OpenBSD-Commit-ID: 02b92bb42c4d4bf05a051702a56eb915151d9ecc
* upstream: sshd side of hostbound public key authdjm@openbsd.org2021-12-191-5/+21
| | | | | | | | | This is identical to the standard "publickey" method, but it also includes the initial server hostkey in the message signed by the client. feedback / ok markus@ OpenBSD-Commit-ID: 7ea01bb7238a560c1bfb426fda0c10a8aac07862
* upstream: remove a bunch of %p in format strings; leftovers ofdjm@openbsd.org2021-08-111-6/+4
| | | | | | debuggings past. prompted by Michael Forney, ok dtucker@ OpenBSD-Commit-ID: 4853a0d6c9cecaba9ecfcc19066e52d3a8dcb2ac
* Sync remaining ChallengeResponse removal.Darren Tucker2021-07-031-2/+2
| | | | These were omitted from commit 88868fd131.
* upstream: Remove now-unused skey function prototypes leftover fromdtucker@openbsd.org2021-04-301-3/+1
| | | | | | skey removal. OpenBSD-Commit-ID: 2fc36d519fd37c6f10ce74854c628561555a94c3
* upstream: do not pass file/func to monitor; noted by Ilja van Sprundel;markus@openbsd.org2021-04-161-10/+6
| | | | | | ok djm@ OpenBSD-Commit-ID: 85ae5c063845c410283cbdce685515dcd19479fa
* upstream: don't sshbuf_get_u32() into an enum; reported by goetzedjm@openbsd.org2021-03-031-4/+4
| | | | | | AT dovetail.com via bz3269 OpenBSD-Commit-ID: 99a30a8f1df9bd72be54e21eee5c56a0f050921a
* upstream: make ssh->kex->session_id a sshbuf instead of u_char*/size_tdjm@openbsd.org2021-01-271-21/+28
| | | | | | | and use that instead of global variables containing copies of it. feedback/ok markus@ OpenBSD-Commit-ID: a4b1b1ca4afd2e37cb9f64f737b30a6a7f96af68
* upstream: remove global variable used to stash compat flags and use thedjm@openbsd.org2021-01-271-5/+5
| | | | | | purpose-built ssh->compat variable instead; feedback/ok markus@ OpenBSD-Commit-ID: 7c4f200e112dae6bcf99f5bae1a5629288378a06
* upstream: Rename HostbasedKeyTypes (ssh) anddtucker@openbsd.org2021-01-261-2/+2
| | | | | | | | | HostbasedAcceptedKeyTypes (sshd) to HostbasedAcceptedAlgorithms, which more accurately reflects its effect. This matches a previous change to PubkeyAcceptedAlgorithms. The previous names are retained as aliases. ok djm@ OpenBSD-Commit-ID: 49451c382adc6e69d3fa0e0663eeef2daa4b199e
* upstream: Rename PubkeyAcceptedKeyTypes keyword todtucker@openbsd.org2021-01-221-2/+2
| | | | | | | | | | PubkeyAcceptedAlgorithms. While the two were originally equivalent, this actually specifies the signature algorithms that are accepted. Some key types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512) so the old name is becoming increasingly misleading. The old name is retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@ OpenBSD-Commit-ID: 0346b2f73f54c43d4e001089759d149bfe402ca5
* upstream: Update/replace the experimental post-quantim hybrid keydjm@openbsd.org2020-12-291-2/+2
| | | | | | | | | | | | | | | | | | | | exchange method based on Streamlined NTRU Prime (coupled with X25519). The previous sntrup4591761x25519-sha512@tinyssh.org method is replaced with sntrup761x25519-sha512@openssh.com. Per the authors, sntrup4591761 was replaced almost two years ago by sntrup761. The sntrup761 implementaion, like sntrup4591761 before it, is public domain code extracted from the SUPERCOP cryptography benchmark suite (https://bench.cr.yp.to/supercop.html). Thanks for Daniel J Bernstein for guidance on algorithm selection. Patch from Tobias Heider; feedback & ok markus@ and myself (note this both the updated method and the one that it replaced are disabled by default) OpenBSD-Commit-ID: 2bf582b772d81ee24e911bb6f4b2aecfd39338ae
* upstream: clean up passing of struct passwd from monitor to preauthdjm@openbsd.org2020-11-271-6/+20
| | | | | | | | | privsep process. No longer copy entire struct w/ pointer addresses, but pass remaining scalar fields explicitly, Prompted by Yuichiro NAITO, feedback Thorsten Glaser; ok dtucker@ OpenBSD-Commit-ID: 9925df75a56732c43f3663e70dd15ff413ab3e53
* upstream: use the new variant log macros instead of prependingdjm@openbsd.org2020-10-181-154/+141
| | | | | | __func__ and appending ssh_err(r) manually; ok markus@ OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8
* upstream: variants of the log methods that append a ssherr.h stringdjm@openbsd.org2020-10-181-4/+3
| | | | | | from a supplied error code; ok markus@ OpenBSD-Commit-ID: aed98c4435d48d036ae6740300f6a8357b7cc0bf
* upstream: revised log infrastructure for OpenSSHdjm@openbsd.org2020-10-161-5/+10
| | | | | | | | | log functions receive function, filename and line number of caller. We can use this to selectively enable logging via pattern-lists. ok markus@ OpenBSD-Commit-ID: 51a472610cbe37834ce6ce4a3f0e0b1ccc95a349
* upstream: support for requiring user verified FIDO keys in sshddjm@openbsd.org2020-08-271-2/+15
| | | | | | | | | | | | | This adds a "verify-required" authorized_keys flag and a corresponding sshd_config option that tells sshd to require that FIDO keys verify the user identity before completing the signing/authentication attempt. Whether or not user verification was performed is already baked into the signature made on the FIDO token, so this is just plumbing that flag through and adding ways to require it. feedback and ok markus@ OpenBSD-Commit-ID: 3a2313aae153e043d57763d766bb6d55c4e276e6
* upstream: support for user-verified FIDO keysdjm@openbsd.org2020-08-271-2/+2
| | | | | | | | | | | | | | | | | FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@ OpenBSD-Commit-ID: 57fd461e4366f87c47502c5614ec08573e6d6a15
* upstream: correct recently broken commentsderaadt@openbsd.org2020-07-151-2/+2
| | | | OpenBSD-Commit-ID: 964d9a88f7de1d0eedd3f8070b43fb6e426351f1
* upstream: some language improvements; ok markusdjm@openbsd.org2020-07-151-2/+2
| | | | OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
* upstream: spelling errors in comments; no code change fromdjm@openbsd.org2020-03-141-2/+2
| | | | OpenBSD-Commit-ID: 166ea64f6d84f7bac5636dbd38968592cb5eb924
* upstream: change explicit_bzero();free() to freezero()jsg@openbsd.org2020-02-281-3/+2
| | | | | | | | | | While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
* upstream: Replace "security key" with "authenticator" in programnaddy@openbsd.org2020-02-061-3/+4
| | | | | | | | | | | messages. This replaces "security key" in error/usage/verbose messages and distinguishes between "authenticator" and "authenticator-hosted key". ok djm@ OpenBSD-Commit-ID: 7c63800e9c340c59440a054cde9790a78f18592e
* upstream: Replace all calls to signal(2) with a wrapper arounddtucker@openbsd.org2020-01-231-5/+5
| | | | | | | | sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations. OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519
* upstream: allow security keys to act as host keys as well as userdjm@openbsd.org2019-12-161-2/+2
| | | | | | | | | | | | | keys. Previously we didn't do this because we didn't want to expose the attack surface presented by USB and FIDO protocol handling, but now that this is insulated behind ssh-sk-helper there is less risk. ok markus@ OpenBSD-Commit-ID: 77b068dd133b8d87e0f010987bd5131e640ee64c
* upstream: redundant testdjm@openbsd.org2019-11-251-2/+2
| | | | OpenBSD-Commit-ID: 38fa7806c528a590d91ae560e67bd8b246c2d7a3
* upstream: add a "no-touch-required" option for authorized_keys anddjm@openbsd.org2019-11-251-2/+3
| | | | | | | | | | a similar extension for certificates. This option disables the default requirement that security key signatures attest that the user touched their key to authorize them. feedback deraadt, ok markus OpenBSD-Commit-ID: f1fb56151ba68d55d554d0f6d3d4dba0cf1a452e
* upstream: Add a sshd_config PubkeyAuthOptions directivedjm@openbsd.org2019-11-251-24/+39
| | | | | | | | | | | This directive has a single valid option "no-touch-required" that causes sshd to skip checking whether user presence was tested before a security key signature was made (usually by the user touching the key). ok markus@ OpenBSD-Commit-ID: 46e434a49802d4ed82bc0aa38cb985c198c407de
* upstream: Add new structure for signature optionsdjm@openbsd.org2019-11-251-3/+11
| | | | | | | | | | | This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field. with and ok markus@ OpenBSD-Commit-ID: 338a1f0e04904008836130bedb9ece4faafd4e49
* upstream: a little more information from the monitor when signaturedjm@openbsd.org2019-11-191-3/+4
| | | | | | verification fails. OpenBSD-Commit-ID: e6a30071e0518cac512f9e10be3dc3500e2003f3
* upstream: Refactor signing - use sshkey_sign for everything,djm@openbsd.org2019-10-311-2/+2
| | | | | | | | | | | | | including the new U2F signatures. Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that. Suggested by / ok markus@ OpenBSD-Commit-ID: d5193a03fcfa895085d91b2b83d984a9fde76c8c
* upstream: reversed test yielded incorrect debug messagedjm@openbsd.org2019-10-091-2/+2
| | | | OpenBSD-Commit-ID: 78bb512d04cfc238adb2c5b7504ac93eecf523b3
* wrap stdint.h include in HAVE_STDINT_HDamien Miller2019-10-091-1/+1
| | | | | | make the indenting a little more consistent too.. Fixes Solaris 2.6; reported by Tom G. Christensen
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-01 21:00:41 +0100