summaryrefslogtreecommitdiffstats
path: root/ssh_config (follow)
Commit message (Collapse)AuthorAgeFilesLines
* upstream: Add a '%k' TOKEN that expands to the effective HostKey ofdtucker@openbsd.org2020-07-171-1/+2
| | | | | | | | the destination. This allows, eg, keeping host keys in individual files using "UserKnownHostsFile ~/.ssh/known_hosts.d/%k". bz#1654, ok djm@, jmc@ (man page bits) OpenBSD-Commit-ID: 7084d723c9cc987a5c47194219efd099af5beadc
* upstream: Remove obsolete "Protocol" from commented out examples. Patchdtucker@openbsd.org2019-02-041-2/+1
| | | | | | from samy.mahmoudi at gmail com. OpenBSD-Commit-ID: 16aede33dae299725a03abdac5dcb4d73f5d0cbf
* upstream commitdjm@openbsd.org2017-05-081-3/+3
| | | | | | | As promised in last release announcement: remove support for Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@ Upstream-ID: 21f8facdba3fd8da248df6417000867cec6ba222
* upstream commitjmc@openbsd.org2017-05-081-3/+1
| | | | | | more protocol 1 bits removed; ok djm Upstream-ID: b5b977eaf756915acb56aef3604a650e27f7c2b9
* upstream commitdjm@openbsd.org2017-05-011-3/+1
| | | | | | | | remove SSHv1 configuration options and man pages bits ok markus@ Upstream-ID: 84638c23546c056727b7a7d653c72574e0f19424
* upstream commitsobrado@openbsd.org2016-02-231-2/+2
| | | | | | | | set ssh(1) protocol version to 2 only. ok djm@ Upstream-ID: e168daf9d27d7e392e3c9923826bd8e87b2b3a10
* upstream commitsobrado@openbsd.org2016-02-231-1/+3
| | | | | | | | | add missing ~/.ssh/id_ecdsa and ~/.ssh/id_ed25519 to IdentityFile. ok djm@ Upstream-ID: 6ce99466312e4ae7708017c3665e3edb976f70cf
* - sthen@cvs.openbsd.org 2013/09/16 11:35:43Darren Tucker2013-10-101-1/+1
| | | | | | | [ssh_config] Remove gssapi config parts from ssh_config, as was already done for sshd_config. Req by/ok ajacoutot@ ID SYNC ONLY for portable; kerberos/gssapi is still pretty popular
* - dtucker@cvs.openbsd.org 2013/05/16 02:00:34Darren Tucker2013-05-161-1/+2
| | | | | | | | [ssh_config sshconnect2.c packet.c readconf.h readconf.c clientloop.c ssh_config.5 packet.h] Add an optional second argument to RekeyLimit in the client to allow rekeying based on elapsed time in addition to amount of traffic. with djm@ jmc@, ok djm
* - dtucker@cvs.openbsd.org 2010/01/11 01:39:46Darren Tucker2010-01-121-1/+2
| | | | | | | | [ssh_config channels.c ssh.1 channels.h ssh.c] Add a 'netcat mode' (ssh -W). This connects stdio on the client to a single port forward on the server. This allows, for example, using ssh as a ProxyCommand to route connections via intermediate servers. bz #1618, man page help from jmc@, ok markus@
* - djm@cvs.openbsd.org 2009/02/17 01:28:32Damien Miller2009-02-211-2/+2
| | | | | [ssh_config] sync with revised default ciphers; pointed out by dkrause@
* - grunk@cvs.openbsd.org 2008/07/25 06:56:35Damien Miller2008-11-031-1/+2
| | | | | [ssh_config] Add VisualHostKey to example file, ok djm@
* - pvalchev@cvs.openbsd.org 2007/06/08 04:40:40Damien Miller2007-06-111-1/+2
| | | | | | | [ssh_config] Add a "MACs" line after "Ciphers" with the default MAC algorithms, to ease people who want to tweak both (eg. for performance reasons). ok deraadt@ djm@ dtucker@
* - dtucker@cvs.openbsd.org 2006/05/29 12:56:33Damien Miller2006-06-131-1/+3
| | | | | | [ssh_config] Add GSSAPIAuthentication and GSSAPIDelegateCredentials to examples in sample ssh_config. ok markus@
* - reyk@cvs.openbsd.org 2005/12/06 22:38:28Damien Miller2005-12-131-1/+4
| | | | | | | | | | | | | | | | | [auth-options.c auth-options.h channels.c channels.h clientloop.c] [misc.c misc.h readconf.c readconf.h scp.c servconf.c servconf.h] [serverloop.c sftp.c ssh.1 ssh.c ssh_config ssh_config.5 sshconnect.c] [sshconnect.h sshd.8 sshd_config sshd_config.5] Add support for tun(4) forwarding over OpenSSH, based on an idea and initial channel code bits by markus@. This is a simple and easy way to use OpenSSH for ad hoc virtual private network connections, e.g. administrative tunnels or secure wireless access. It's based on a new ssh channel and works similar to the existing TCP forwarding support, except that it depends on the tun(4) network interface on both ends of the connection for layer 2 or layer 3 tunneling. This diff also adds support for LocalCommand in the ssh(1) client. ok djm@, markus@, jmc@ (manpages), tested and discussed with others
* - dtucker@cvs.openbsd.org 2005/01/28 09:45:53Darren Tucker2005-02-081-2/+4
| | | | | | | [ssh_config] Make it clear that the example entries in ssh_config are only some of the commonly-used options and refer the user to ssh_config(5) for more details; ok djm@
* - markus@cvs.openbsd.org 2003/08/13 08:46:31Darren Tucker2003-08-131-2/+1
| | | | | | | [auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5] remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@, fgsch@, miod@, henning@, jakob@ and others
* - djm@cvs.openbsd.org 2003/05/16 03:27:12Damien Miller2003-05-181-1/+2
| | | | | | [readconf.c ssh_config ssh_config.5 ssh-keysign.c] add AddressFamily option to ssh_config (like -4, -6 on commandline). Portable bug #534; ok markus@
* - djm@cvs.openbsd.org 2003/05/15 14:55:25Damien Miller2003-05-161-1/+2
| | | | | | [readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c] add a ConnectTimeout option to ssh, based on patch from Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
* - markus@cvs.openbsd.org 2002/07/03 14:21:05Ben Lindstrom2002-07-041-1/+2
| | | | | | | | [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config] re-enable ssh-keysign's sbit, but make ssh-keysign read /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled globally. based on discussions with deraadt, itojun and sommerfeld; ok itojun@
* - stevesk@cvs.openbsd.org 2002/06/20 20:03:34Ben Lindstrom2002-06-211-5/+5
| | | | | [ssh_config sshd_config] refer to config file man page
* - stevesk@cvs.openbsd.org 2002/06/10 21:21:10Ben Lindstrom2002-06-111-3/+3
| | | | | | [ssh_config] update defaults for RhostsRSAAuthentication and RhostsAuthentication here too (all options commented out with default value).
* - markus@cvs.openbsd.org 2002/06/08 05:41:18Ben Lindstrom2002-06-091-3/+1
| | | | | [ssh_config] remove FallBackToRsh/UseRsh
* - stevesk@cvs.openbsd.org 2002/01/16 17:55:33Damien Miller2002-01-221-5/+6
| | | | | [ssh_config] correct some commented defaults. add Ciphers default. ok markus@
* - stevesk@cvs.openbsd.org 2002/01/03 04:11:08Damien Miller2002-01-221-4/+5
| | | | | [ssh_config] grammar in comment
* - todd@cvs.openbsd.org 2001/04/03 21:19:38Ben Lindstrom2001-04-041-3/+2
| | | | | [ssh_config] id_rsa1/2 -> id_rsa; ok markus@
* - deraadt@cvs.openbsd.org 2001/03/10 12:53:51Ben Lindstrom2001-03-101-2/+2
| | | | | [readconf.c ssh_config] default to SSH2, now that m68k runs fast
* NB: big update - may break stuff. Please test!Damien Miller2001-02-041-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | - (djm) OpenBSD CVS sync: - markus@cvs.openbsd.org 2001/02/03 03:08:38 [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c] [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8] [sshd_config] make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@ - markus@cvs.openbsd.org 2001/02/03 03:19:51 [ssh.1 sshd.8 sshd_config] Skey is now called ChallengeResponse - markus@cvs.openbsd.org 2001/02/03 03:43:09 [sshd.8] use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean channel. note from Erik.Anggard@cygate.se (pr/1659) - stevesk@cvs.openbsd.org 2001/02/03 10:03:06 [ssh.1] typos; ok markus@ - djm@cvs.openbsd.org 2001/02/04 04:11:56 [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h] [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c] Basic interactive sftp client; ok theo@ - (djm) Update RPM specs for new sftp binary - (djm) Update several bits for new optional reverse lookup stuff. I think I got them all.
* - niklas@cvs.openbsd.org 2001/01/2001Ben Lindstrom2001-01-291-0/+2
| | | | | | | | | | [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1 ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h] $OpenBSD$
* - (djm) Merge OpenBSD changes:Damien Miller2000-11-131-5/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - markus@cvs.openbsd.org 2000/11/06 16:04:56 [channels.c channels.h clientloop.c nchan.c serverloop.c] [session.c ssh.c] agent forwarding and -R for ssh2, based on work from jhuuskon@messi.uku.fi - markus@cvs.openbsd.org 2000/11/06 16:13:27 [ssh.c sshconnect.c sshd.c] do not disabled rhosts(rsa) if server port > 1024; from pekkas@netcore.fi - markus@cvs.openbsd.org 2000/11/06 16:16:35 [sshconnect.c] downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net - markus@cvs.openbsd.org 2000/11/09 18:04:40 [auth1.c] typo; from mouring@pconline.com - markus@cvs.openbsd.org 2000/11/12 12:03:28 [ssh-agent.c] off-by-one when removing a key from the agent - markus@cvs.openbsd.org 2000/11/12 12:50:39 [auth-rh-rsa.c auth2.c authfd.c authfd.h] [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] add support for RSA to SSH2. please test. there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. - (djm) Fix up Makefile and Redhat init script to create RSA host keys - (djm) Change to interim version
* - (djm) Periodically rekey arc4randomDamien Miller2000-08-301-7/+1
| | | | - (djm) Clean up diff against OpenBSD.
* - (djm) OpenBSD CVS Updates:Damien Miller2000-07-121-1/+1
| | | | | | | | | - deraadt@cvs.openbsd.org 2000/07/11 02:11:34 [session.c sshd.c ] make MaxStartups code still work with -d; djm - deraadt@cvs.openbsd.org 2000/07/11 13:17:45 [readconf.c ssh_config] disable FallBackToRsh by default
* - Debian bug #58031 - ssh_config lies about default cipherDamien Miller2000-04-201-1/+1
|
* - OpenBSD CVS updatesDamien Miller2000-04-191-0/+1
| | | | | | | | | | | | | [channels.c] - fix pr 1196, listen_port and port_to_connect interchanged [scp.c] - after completion, replace the progress bar ETA counter with a final elapsed time; my idea, aaron wrote the patch [ssh_config sshd_config] - show 'Protocol' as an example, ok markus@ [sshd.c] - missing xfree() - Add missing header to bsd-misc.c
* - Big manpage and config file cleanup from Andre LucasDamien Miller2000-01-201-0/+36
| | | | | <andre.lucas@dial.pipex.com> - Re-added latest (unmodified) OpenBSD manpages
* - Automatically correct paths in manpages and configuration files. PatchDamien Miller1999-12-261-30/+0
| | | | | and script from Andre Lucas <andre.lucas@dial.pipex.com> - Removed credits from README to CREDITS file, updated.
* Initial revisionDamien Miller1999-10-271-0/+30