summaryrefslogtreecommitdiffstats
path: root/sftp.1 (unfollow)
Commit message (Collapse)AuthorFilesLines
2024-10-14put back some portable bits for sshd-auth.cDamien Miller1-3/+20
2024-10-14there's only one sandbox, move to a static globalDamien Miller1-2/+5
2024-10-14dependDamien Miller1-3/+3
2024-10-14upstream: regress support for split sshd-auth binarydjm@openbsd.org1-1/+6
OpenBSD-Regress-ID: df7d18a87b475f70004770f0f4e404adba5f6ab7
2024-10-14upstream: test some more Match syntax, including criteria=arg anddjm@openbsd.org3-48/+50
negations OpenBSD-Regress-ID: 67476baccc60bf1a255fd4e329ada950047b8b8d
2024-10-14upstream: Split per-connection sshd-session binarydjm@openbsd.org22-633/+1193
This splits the user authentication code from the sshd-session binary into a separate sshd-auth binary. This will be executed by sshd-session to complete the user authentication phase of the protocol only. Splitting this code into a separate binary ensures that the crucial pre-authentication attack surface has an entirely disjoint address space from the code used for the rest of the connection. It also yields a small runtime memory saving as the authentication code will be unloaded after thhe authentication phase completes. Joint work with markus@ feedback deraadt@ Tested in snaps since last week OpenBSD-Commit-ID: 9c3b2087ae08626ec31b4177b023db600e986d9c
2024-10-14upstream: don't start the ObscureKeystrokeTiming mitigations ifdjm@openbsd.org3-5/+26
there has been traffic on a X11 forwarding channel recently. Should fix X11 forwarding performance problems when this setting is enabled. Patch from Antonio Larrosa via bz3655 OpenBSD-Commit-ID: 820284a92eb4592fcd3d181a62c1b86b08a4a7ab
2024-10-14upstream: remove duplicate misc.h include ok dtucker@jsg@openbsd.org1-2/+1
OpenBSD-Commit-ID: fdd056e7854294834d54632b4282b877cfe4c12e
2024-10-14upstream: Turn off finite field (a.k.a modp) Diffie-Hellman keydjm@openbsd.org2-10/+7
exchange in sshd by default. Specifically, this removes the diffie-hellman-group* and diffie-hellman-group-exchange-* methods. The client is unchanged and continues to support these methods by default. Finite field Diffie Hellman is slow and computationally expensive for the same security level as Elliptic Curve DH or PQ key agreement while offering no redeeming advantages. ECDH has been specified for the SSH protocol for 15 years and some form of ECDH has been the default key exchange in OpenSSH for the last 14 years. ok markus@ OpenBSD-Commit-ID: 4e238ad480a33312667cc10ae0eb6393abaec8da
2024-09-27upstream: fix previous change to ssh_config Match, which broken ondjm@openbsd.org1-7/+7
negated Matches; spotted by phessler@ ok deraadt@ OpenBSD-Commit-ID: b1c6acec66cd5bd1252feff1d02ad7129ced37c7
2024-09-27upstream: remove some unused defines; ok djm@jsg@openbsd.org2-16/+4
OpenBSD-Commit-ID: 3a63e4e11d455704f684c28715d61b17f91e0996
2024-09-27upstream: remove some unneeded Xo/Xc calls; from evan silberman thejmc@openbsd.org1-5/+3
original diff had a couple of errors, which i've fixed OpenBSD-Commit-ID: f37ad5888adbc0d4e1cd6b6de237841f4b1e650d
2024-09-25upstream: fix regression introduced when I switched the "Match"djm@openbsd.org4-22/+89
criteria tokeniser to a more shell-like one. Apparently the old tokeniser (accidentally?) allowed "Match criteria=argument" as well as the "Match criteria argument" syntax that we tested for. People were using this syntax so this adds back support for "Match criteria=argument" bz3739 ok dtucker OpenBSD-Commit-ID: d1eebedb8c902002b75b75debfe1eeea1801f58a
2024-09-25upstream: some extra paranoia, reminded by jsg@djm@openbsd.org1-1/+5
OpenBSD-Commit-ID: 22072bfa1df1391858ae7768a6c627e08593a91e
2024-09-25gss-serv.c needs sys/param.hDamien Miller1-0/+1
From Void Linux
2024-09-25build construct_utmp() when USE_BTMP is setDamien Miller1-2/+2
Fixes compile error on Void Linux/Musl
2024-09-24Test the flags from OpenWRT's package.Darren Tucker1-0/+8
2024-09-24fix utmpx ifdefChristoph Ostarek1-2/+2
02e16ad95fb1f56ab004b01a10aab89f7103c55d did a copy-paste for utmpx, but forgot to change the ifdef appropriately
2024-09-24upstream: remove some unused defines; ok djm@jsg@openbsd.org4-12/+4
OpenBSD-Commit-ID: 81869ee6356fdbff19dae6ff757095e6b24de712
2024-09-24upstream: remove unneeded semicolons; checked by millert@jsg@openbsd.org2-5/+5
OpenBSD-Commit-ID: 3fb621a58e04b759a875ad6a33f35bb57ca80231
2024-09-23Add 9.9 branch to CI status console.Darren Tucker1-0/+4
2024-09-20update version numbersDamien Miller3-3/+3
2024-09-20upstream: openssh-9.9djm@openbsd.org1-2/+2
OpenBSD-Commit-ID: 303417285f1a73b9cb7a2ae78d3f493bbbe31f98
2024-09-18include openbsd-compat/base64.c license in LICENSEDamien Miller1-0/+41
2024-09-18conditionally include mman.h in arc4random codeDamien Miller2-2/+4
2024-09-17fix bug in recently-added sntrup761 fuzzerDamien Miller1-2/+2
key values need to be static to persist across invocations; spotted by the Qualys Security Advisory team.
2024-09-16upstream: use 64 bit math to avoid signed underflow. upstream codedjm@openbsd.org2-8/+13
relies on using -fwrapv to provide defined over/underflow behaviour, but we use -ftrapv to catch integer errors and abort the program. ok dtucker@ OpenBSD-Commit-ID: 8933369b33c17b5f02479503d0a92d87bc3a574b
2024-09-16upstream: minor grammar/sort fixes for refuseconnection; ok djmjmc@openbsd.org1-4/+4
OpenBSD-Commit-ID: 1c81f37b138b8b66abba811fec836388a0f3e6da
2024-09-15avoid gcc warning in fuzz testDamien Miller1-1/+1
2024-09-15upstream: bad whitespace in config dump outputdjm@openbsd.org1-2/+2
OpenBSD-Commit-ID: d899c13b0e8061d209298eaf58fe53e3643e967c
2024-09-15use construct_utmp to construct btmp recordsDamien Miller1-63/+26
Simpler and removes some code with the old-style BSD license.
2024-09-15upstream: update the Streamlined NTRU Prime code from the "ref"djm@openbsd.org3-1022/+1925
implementation in SUPERCOP 20201130 to the "compact" implementation in SUPERCOP 20240808. The new version is substantially faster. Thanks to Daniel J Bernstein for pointing out the new implementation (and of course for writing it). tested in snaps/ok deraadt@ OpenBSD-Commit-ID: bf1a77924c125ecdbf03e2f3df8ad13bd3dafdcb
2024-09-15upstream: document Match invalid-userdjm@openbsd.org1-2/+6
OpenBSD-Commit-ID: 2c84a9b517283e9711e2812c1f268081dcb02081
2024-09-15upstream: add a "Match invalid-user" predicate to sshd_config Matchdjm@openbsd.org4-8/+25
options. This allows writing Match conditions that trigger for invalid username. E.g. PerSourcePenalties refuseconnection:90s Match invalid-user RefuseConnection yes Will effectively penalise bots try to guess passwords for bogus accounts, at the cost of implicitly revealing which accounts are invalid. feedback markus@ OpenBSD-Commit-ID: 93d3a46ca04bbd9d84a94d1e1d9d3a21073fbb07
2024-09-15upstream: Add a "refuseconnection" penalty class to sshd_configdjm@openbsd.org6-11/+42
PerSourcePenalties This allows penalising connection sources that have had connections dropped by the RefuseConnection option. ok markus@ OpenBSD-Commit-ID: 3c8443c427470bb3eac1880aa075cb4864463cb6
2024-09-15upstream: Add a sshd_config "RefuseConnection" optiondjm@openbsd.org5-6/+38
If set, this will terminate the connection at the first authentication request (this is the earliest we can evaluate sshd_config Match blocks) ok markus@ OpenBSD-Commit-ID: 43cc2533984074c44d0d2f92eb93f661e7a0b09c
2024-09-15upstream: switch sshd_config Match processing to the argv tokeniserdjm@openbsd.org1-20/+16
too; ok markus@ OpenBSD-Commit-ID: b74b5b0385f2e0379670e2b869318a65b0bc3923
2024-09-15upstream: switch "Match" directive processing over to the argvdjm@openbsd.org1-21/+14
string tokeniser, making it possible to use shell-like quoting in Match directives, particularly "Match exec". ok markus@ OpenBSD-Commit-ID: 0877309650b76f624b2194c35dbacaf065e769a5
2024-09-15upstream: include pathname in some of the ssh-keygen passphrasedjm@openbsd.org1-9/+17
prompts. Helps the user know what's going on when ssh-keygen is invoked via other tools. Requested in GHPR503 OpenBSD-Commit-ID: 613b0bb6cf845b7e787d69a5b314057ceda6a8b6
2024-09-15upstream: Do not apply authorized_keys options when signaturedjm@openbsd.org1-2/+2
verification fails. Prevents restrictive key options being incorrectly applied to subsequent keys in authorized_keys. bz3733, ok markus@ OpenBSD-Commit-ID: ba3776d9da4642443c19dbc015a1333622eb5a4e
2024-09-13Fix without_openssl always being set to 1Wu Weixin1-2/+2
In Fedora systems, %{?rhel} is empty. In RHEL systems, %{?fedora} is empty. Therefore, the original code always sets without_openssl to 1.
2024-09-12upstream: Relax absolute path requirement back to what it was prior todjm@openbsd.org1-2/+2
OpenSSH 9.8, which incorrectly required that sshd was started with an absolute path in inetd mode. bz3717, patch from Colin Wilson OpenBSD-Commit-ID: 25c57f22764897242d942853f8cccc5e991ea058
2024-09-11upstream: document the mlkem768x25519-sha256 key exchange algorithmnaddy@openbsd.org2-4/+8
OpenBSD-Commit-ID: fa18dccdd9753dd287e62ecab189b3de45672521
2024-09-10Spell omnios test host correctly.Darren Tucker1-1/+1
2024-09-10Add omnios test target.Darren Tucker1-0/+2
2024-09-10Wrap stdint.h in ifdef.Darren Tucker1-0/+2
2024-09-10Also test PAM on dfly64.Darren Tucker1-0/+1
2024-09-09stubs for ML-KEM KEX functionsDamien Miller1-2/+23
used for C89 compilers
2024-09-09declare defeat trying to detect C89 compilersDamien Miller2-18/+2
I can't find a reliable way to detect the features the ML-KEM code requires in configure. Give up for now and use VLA support (that we can detect) as a proxy for "old compiler" and turn off ML-KEM if it isn't supported.
2024-09-09fix previous; check for C99 compound literalsDamien Miller2-8/+9
The previous commit was incorrect (or at least insufficient), the ML-KEM code is actually using compound literals, so test for them.