summaryrefslogtreecommitdiff
path: root/security/ssh/files (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Default to not allowing root logins. This makes it consistant withWarner Losh1999-11-201-1/+1
| | | | | | | | OpenSSH. Users desiring the old functionality can edit their sshd-config files by hand for new installs. Notes: svn path=/head/; revision=23216
* Don't overflow rsa bits. As seen on bugtraq and elsewhere.Warner Losh1999-11-161-0/+25
| | | | | | | | | Submitted by: drow@false.org Reviewed by: ache PR: 14749 Notes: svn path=/head/; revision=23147
* Turn Root Login on again.Torsten Blum1999-09-101-1/+1
| | | | | | | | It has been changed in rev. 1.4 of this file, but the committer forgot to mention it on the log. Notes: svn path=/head/; revision=21609
* Only use trimdomain() if __FreeBSD_version > 320000Brian Somers1999-06-182-9/+22
| | | | | | | It was available in 3.0 & 3.1 but would truncate at UT_HOSTSIZE-1 Notes: svn path=/head/; revision=19543
* PR: ports/12037SADA Kenji1999-06-159-384/+158
| | | | | | | | | | Submitted by: Issei Suzuki <issei@jp.FreeBSD.ORG> Upgrade to 1.2.27. # I'm not maintainer but it seems that torstenb is too busy to # look the PR and many people want new version ssh port. Notes: svn path=/head/; revision=19489
* Always use trimdomain(), not just #if __FreeBSD_version >= 400004Brian Somers1999-05-072-22/+8
| | | | | | | The port maintainer must be away.... Notes: svn path=/head/; revision=18592
* Reduce the copy of the DISPLAY variable usingBrian Somers1999-04-111-2/+24
| | | | | | | | | trimdomain() so that ``ssh machine.domain xterm'' comes out with a machine name of (say) ``machine:10.0''. Reviewed by: torstenb@ Notes: svn path=/head/; revision=17770
* Call trimdomain() to reduce the size of the ut_hostBrian Somers1999-04-111-0/+31
| | | | | | | | field before reveting to storing an IP number. Reviewed by: torstenb@ Notes: svn path=/head/; revision=17769
* add official kerberos patchAndrey A. Chernov1998-11-101-0/+286
| | | | Notes: svn path=/head/; revision=14446
* Properly reference the rsaref sources, which are required during the buildJordan K. Hubbard1998-10-081-5/+8
| | | | | | | | of ssh now. If anyone knows of a way of making the build dependency here less gross, I'm listening! :) Notes: svn path=/head/; revision=13727
* Repair a linkage problem, whereis the ssh port was trying toChuck Robey1998-09-131-186/+121
| | | | | | | | specify the location of system libs. Reviewed by: Mark Murray, David O'Brien Notes: svn path=/head/; revision=13098
* 1.2.22 -> 1.2.25Dima Ruban1998-06-122-425/+139
| | | | | | | | | | Somebody needs to go through patch-af to check it, since I'm not sure about some of the stuff. This version fixes a security flaw in previous version. Notes: svn path=/head/; revision=11400
* Fix rare DES empty passwords bugAndrey A. Chernov1998-02-131-0/+13
| | | | Notes: svn path=/head/; revision=9707
* Don't print "No mail" for FreeBSD , just print nothingAndrey A. Chernov1998-01-221-3/+15
| | | | Notes: svn path=/head/; revision=9411
* Fix .hushlogin supportAndrey A. Chernov1998-01-221-48/+74
| | | | | | | | | Remove FreeBSD mail check, now done elsewhere in the code Use bsdi code to warn about expired/changed passwords Move misplaced login_close up Notes: svn path=/head/; revision=9410
* Upgrade to ssh 1.2.22. Please send problems with the upgrade to me.Warner Losh1998-01-201-422/+355
| | | | | | | | | | 1.2.22 fixes a security hole with ssh-agent, so users are encouraged to upgrade. OK'd by: Torsten Blum (torstenb@freebsd.org) Notes: svn path=/head/; revision=9384
* Merge in change requested by theo:Warner Losh1997-12-241-1/+1
| | | | | | | | | OpenBSD and FreeBSD now both use rresvport. This is a nop for FreeBSD, but for OpenBSD this picks random port numbers. Submitted by: deraadt@cvs.openbsd.org Notes: svn path=/head/; revision=9175
* Upgrade to 1.2.21Torsten Blum1997-09-161-61/+63
| | | | Notes: svn path=/head/; revision=7923
* Prevent this server error message:John Polstra1997-07-191-0/+13
| | | | | | | | | | | | | | | fatal: Local: Agent socket bind failed: Address already in use It would happen when the server tried to create the Unix domain socket "/tmp/ssh-username/agent-socket-123", if the file already existed. It could already exist if it happened to be left over from a system crash. This patch unlinks the file before attempting the bind operation. I will send this patch to ssh-bugs@cs.hut.fi too. Notes: svn path=/head/; revision=7375
* Handle expired and changed password timeouts nowAndrey A. Chernov1997-06-111-19/+70
| | | | Notes: svn path=/head/; revision=6862
* login_getclass() -> login_getpwclass().David Nugent1997-05-101-2/+2
| | | | Notes: svn path=/head/; revision=6441
* Fix 3 error with login.confAndrey A. Chernov1997-05-021-24/+38
| | | | | | | | | | 1) pw->pw_class was always zero since not copied 2) login_getuserclass() used instead of login_getclass(), so default class always returned 3) env pointer can be redefined at the moment of setusercontext() call Notes: svn path=/head/; revision=6379
* Update from ssh-1.2.19 to ssh-1.2.20. All patches applied still, I justPeter Wemm1997-04-254-62/+62
| | | | | | | | | | | | regenerated them to fix the line numbers. Also, I added two commented out options in Makefile, one to tell sshd that a group writeable homedir is OK because all users are in their own group, and the other is to allow an unencrypted connection (which is dangerous since it can lead to compromise of keys), but on a secure network it's damn useful for backups etc. Notes: svn path=/head/; revision=6293
* Disable extended LOGIN_CAP $MAIL processing until it will be fixedAndrey A. Chernov1997-04-161-1/+1
| | | | | | | | properly. In old variant /var/mail/root was always checked instead of /var/mail/<user> Notes: svn path=/head/; revision=6223
* Upgrade to 1.2.19Andrey A. Chernov1997-04-164-74/+147
| | | | Notes: svn path=/head/; revision=6222
* Fix argument parsing loop in ssh-agent (original 1.2.18 bug)Andrey A. Chernov1997-04-011-0/+13
| | | | Notes: svn path=/head/; revision=6082
* Upgrade to 1.2.18Andrey A. Chernov1997-03-286-186/+187
| | | | Notes: svn path=/head/; revision=6051
* Add LOGIN_CAP abilitiesAndrey A. Chernov1997-02-275-37/+237
| | | | | | | Submitted by: davidn Notes: svn path=/head/; revision=5763
* Make one of our changes for -current work on 2.1. In -current, rresvport()Peter Wemm1996-12-271-1/+2
| | | | | | | | | | ignores it's argument (it's meaningless, the kernel keeps the state), but 2.1.x use it. ssh was effectively giving a random port to 2.1. Originally noticed by: John Polstra <jdp@polstra.com> Notes: svn path=/head/; revision=5106
* 1.2.16 --> 1.2.17Adam David1996-11-201-13/+13
| | | | | | | (new agent forwarding protocol that is said to work this time) Notes: svn path=/head/; revision=4614
* Remove my ptys patch, because this code is unused, openpty is used insteadAndrey A. Chernov1996-11-121-15/+35
| | | | | | | | | Mimic login more closely now: 1) Put usual Copyright line 2) You have mail Notes: svn path=/head/; revision=4414
* Use BSD naming convention for pty names, it fixes two problems:Andrey A. Chernov1996-11-121-0/+19
| | | | | | | | 1) Too many false open syscalls on pty allocation 2) (more serious) ssh not use about half of available ptys Notes: svn path=/head/; revision=4412
* Change syslog facility from DAEMON to AUTHAndrey A. Chernov1996-11-021-0/+19
| | | | Notes: svn path=/head/; revision=4249
* Use system shared libgmp nowAndrey A. Chernov1996-10-242-89/+183
| | | | Notes: svn path=/head/; revision=4148
* It fixes a really annoying errorAndrey A. Chernov1996-10-171-0/+32
| | | | | | | | | | | reporting bug which happens if the remote end uses tcp_wrappers to control sshd access (it says something like "read: no such file or directory" or "read: permission denied" instead of "connection closed"). I already sent it in to the ssh mailing list. Submitted by: fenner Notes: svn path=/head/; revision=4020
* Upgrade to official 1.2.16Andrey A. Chernov1996-10-162-64/+89
| | | | | | | Fix PLIST Notes: svn path=/head/; revision=3997
* Have ssh use rresvport() to get a privileged socket instead of doing itPeter Wemm1996-08-121-0/+26
| | | | | | | itself. This means it obeys the portrange sysctl's. Notes: svn path=/head/; revision=3583
* Back out andrews change - 1.2.14.1 is not an official ssh release.Torsten Blum1996-07-182-67/+65
| | | | Notes: svn path=/head/; revision=3400
* Upgrade to 1.2.14.1Andrey A. Chernov1996-07-162-65/+67
| | | | | | | Misc bugfixes Notes: svn path=/head/; revision=3393
* If hostname > UT_HOSTSIZE, write its numeric address instead to keepAndrey A. Chernov1996-06-171-0/+24
| | | | | | | valid information in utmp and lastlog Notes: svn path=/head/; revision=3244
* Update ssh-1.2.13 -> ssh-1.2.14Peter Wemm1996-06-071-74/+41
| | | | | | | | | | ssh-askpass no longer uses wish, so chop the make rules that attempt to locate it. Go further to try and protect the ssh_host_key, since it's critical to the operation and security of the machine. Notes: svn path=/head/; revision=3175
* Upgrade to 1.2.13Andrey A. Chernov1996-02-171-12/+12
| | | | Notes: svn path=/head/; revision=2721
* Fix patch typo.Paul Traina1996-02-071-1/+1
| | | | | | | Found by: Andrzej Tobola <san@iem.pw.edu.pl> Notes: svn path=/head/; revision=2683
* Upgrade to snapshot of ssh. 1.1.12a was recalled due to even worsePaul Traina1996-02-062-14/+74
| | | | | | | | | | security problems. Also re-do the method we use for disconnecting ourselves from the supplied gmp and z libraries so that this can be maintained in the future (sigh!). Notes: svn path=/head/; revision=2678
* two minor adjustments to ssh for freebsd specific issues:Peter Wemm1995-11-211-0/+14
| | | | | | | | | | | | | | patch-ac: call setsid() before setlogin() in the child (when emulating rsh) otherwise the setlogin() will fail when/if the proposed setlogin() changes go in. Otherwise it silently fails and may leave the login name of the user session as "root" (depending on how sshd was started). Without the proposed kernel change, it harmlessly sets the login name of the user's session. patch-ad: patch the #ifdef botch that stopped a ssh login from using and updating the lastlog file. This is because we have struct lastlog defined inside utmp.h rather than a lastlog.h include file like it was expecting. Notes: svn path=/head/; revision=2440
* Ssh is a secure rlogin/rsh/rcp replacement with strong authenticationTorsten Blum1995-10-071-0/+19
(.rhosts together with RSA based host authentication, and pure RSA authentication) and improved privacy (all communications are automatically and transparently encrypted). Notes: svn path=/head/; revision=2294
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-01 07:45:34 +0000