![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / ssh
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.230 / (download) - annotate - [select for diffs], Mon Sep 4 10:29:58 2023 UTC (8 months, 1 week ago) by job
Branch: MAIN
CVS Tags: OPENBSD_7_5_BASE,
OPENBSD_7_5,
OPENBSD_7_4_BASE,
OPENBSD_7_4,
HEAD
Changes since 1.229: +3 -3 lines
Diff to previous 1.229 (colored)
Generate Ed25519 keys when invoked without arguments Ed25519 public keys are very convenient due to their small size. OpenSSH has supported Ed25519 since version 6.5 (January 2014). OK djm@ markus@ sthen@ deraadt@
Revision 1.229 / (download) - annotate - [select for diffs], Sun Jul 23 20:04:45 2023 UTC (9 months, 3 weeks ago) by naddy
Branch: MAIN
Changes since 1.228: +2 -2 lines
Diff to previous 1.228 (colored)
man page typos; ok jmc@
Revision 1.228 / (download) - annotate - [select for diffs], Fri Feb 10 06:40:48 2023 UTC (15 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_7_3_BASE,
OPENBSD_7_3
Changes since 1.227: +3 -3 lines
Diff to previous 1.227 (colored)
space between macro and punctuation;
Revision 1.227 / (download) - annotate - [select for diffs], Fri Feb 10 04:56:30 2023 UTC (15 months ago) by djm
Branch: MAIN
Changes since 1.226: +17 -2 lines
Diff to previous 1.226 (colored)
let ssh-keygen and ssh-keyscan accept -Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm selection. bz3493 ok dtucker@
Revision 1.226 / (download) - annotate - [select for diffs], Sat Sep 10 08:50:53 2022 UTC (20 months ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_7_2_BASE,
OPENBSD_7_2
Changes since 1.225: +3 -3 lines
Diff to previous 1.225 (colored)
fix repeated words ok miod@ jmc@
Revision 1.225 / (download) - annotate - [select for diffs], Tue Aug 16 20:24:08 2022 UTC (21 months ago) by jmc
Branch: MAIN
Changes since 1.224: +3 -3 lines
Diff to previous 1.224 (colored)
use .Cm for "sign"; from josiah frentsos
Revision 1.224 / (download) - annotate - [select for diffs], Thu Aug 11 01:56:51 2022 UTC (21 months ago) by djm
Branch: MAIN
Changes since 1.223: +65 -23 lines
Diff to previous 1.223 (colored)
allow certificate validity intervals, sshsig verification times and authorized_keys expiry-time options to accept dates in the UTC time zone in addition to the default of interpreting them in the system time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed with a 'Z' character. Also allow certificate validity intervals to be specified in raw seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This is intended for use by regress tests and other tools that call ssh-keygen as part of a CA workflow. bz3468 ok dtucker
Revision 1.223 / (download) - annotate - [select for diffs], Fri Jun 3 03:17:42 2022 UTC (23 months, 2 weeks ago) by dtucker
Branch: MAIN
Changes since 1.222: +5 -5 lines
Diff to previous 1.222 (colored)
ssh-keygen -A: do not generate DSA keys by default. Based on github PR#303 from jsegitz with man page text from jmc@, ok markus@ djm@
Revision 1.222 / (download) - annotate - [select for diffs], Mon May 9 03:09:53 2022 UTC (2 years ago) by djm
Branch: MAIN
Changes since 1.221: +5 -3 lines
Diff to previous 1.221 (colored)
Allow existing -U (use agent) flag to work with "-Y sign" operations, where it will be interpreted to require that the private keys is hosted in an agent; bz3429, suggested by Adam Szkoda; ok dtucker@
Revision 1.221 / (download) - annotate - [select for diffs], Tue May 3 07:42:27 2022 UTC (2 years ago) by florian
Branch: MAIN
Changes since 1.220: +78 -52 lines
Diff to previous 1.220 (colored)
Add FIDO AUTHENTICATOR section and explain a bit how FIDO works. The wording came mostly from the 8.2 OpenSSH release notes, addapted to fit the man page. Then move the -O bits into the new section as is already done for CERTIFICATES and MODULI GENERATION. Finally we can explain the trade-offs of resident keys. While here, consistently refer to the FIDO thingies as "FIDO authenticators", not "FIDO tokens". input & OK jmc, naddy
Revision 1.220 / (download) - annotate - [select for diffs], Sun Feb 6 00:29:03 2022 UTC (2 years, 3 months ago) by jsg
Branch: MAIN
CVS Tags: OPENBSD_7_1_BASE,
OPENBSD_7_1
Changes since 1.219: +8 -8 lines
Diff to previous 1.219 (colored)
remove please from manual pages ok jmc@ sthen@ millert@
Revision 1.219 / (download) - annotate - [select for diffs], Wed Jan 5 04:50:11 2022 UTC (2 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.218: +11 -2 lines
Diff to previous 1.218 (colored)
allow selection of hash at sshsig signing time; code already supported either sha512 (default) or sha256, but plumbing wasn't there mostly by Linus Nordberg
Revision 1.218 / (download) - annotate - [select for diffs], Sun Nov 28 07:15:10 2021 UTC (2 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.217: +2 -3 lines
Diff to previous 1.217 (colored)
ssh-keygen -Y match-principals doesn't accept any -O options at present, so don't say otherwise in SYNOPSIS; spotted jmc@
Revision 1.217 / (download) - annotate - [select for diffs], Sat Nov 27 07:14:46 2021 UTC (2 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.216: +15 -2 lines
Diff to previous 1.216 (colored)
Add ssh-keygen -Y match-principals operation to perform matching of principals names against an allowed signers file. Requested by and mostly written by Fabian Stelzer, towards a TOFU model for SSH signatures in git. Some tweaks by me. "doesn't bother me" deraadt@
Revision 1.216 / (download) - annotate - [select for diffs], Wed Aug 11 08:54:17 2021 UTC (2 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_7_0_BASE,
OPENBSD_7_0
Changes since 1.215: +3 -1 lines
Diff to previous 1.215 (colored)
when verifying sshsig signatures, support an option (-Oprint-pubkey) to dump the full public key to stdout; based on patch from Fabian Stelzer; ok markus@
Revision 1.215 / (download) - annotate - [select for diffs], Fri Jul 23 06:01:17 2021 UTC (2 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.214: +3 -3 lines
Diff to previous 1.214 (colored)
punctuation;
Revision 1.214 / (download) - annotate - [select for diffs], Fri Jul 23 03:37:52 2021 UTC (2 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.213: +22 -3 lines
Diff to previous 1.213 (colored)
Let allowed signers files used by ssh-keygen(1) signatures support key lifetimes, and allow the verification mode to specify a signature time to check at. This is intended for use by git to support signing objects using ssh keys. ok dtucker@
Revision 1.213 / (download) - annotate - [select for diffs], Wed May 12 11:34:30 2021 UTC (3 years ago) by dtucker
Branch: MAIN
Changes since 1.212: +3 -4 lines
Diff to previous 1.212 (colored)
Clarify language about moduli. While both ends of the connection do need to use the same parameters (ie groups), the DH-GEX protocol takes care of that and both ends do not need the same contents in the moduli file, which is what the previous text suggested. ok djm@ jmc@
Revision 1.212 / (download) - annotate - [select for diffs], Fri Nov 27 10:12:30 2020 UTC (3 years, 5 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_6_9_BASE,
OPENBSD_6_9
Changes since 1.211: +11 -2 lines
Diff to previous 1.211 (colored)
Document ssh-keygen -Z, sanity check its argument earlier and provide a better error message if it's not correct. Prompted by bz#2879, ok djm@ jmc@
Revision 1.211 / (download) - annotate - [select for diffs], Tue Nov 17 11:23:58 2020 UTC (3 years, 5 months ago) by dtucker
Branch: MAIN
Changes since 1.210: +5 -3 lines
Diff to previous 1.210 (colored)
Specify that the KDF function is bcrypt. Based on github PR#214 from rafork, ok markus@, mdoc correction jmc@
Revision 1.210 / (download) - annotate - [select for diffs], Mon Oct 26 00:39:04 2020 UTC (3 years, 6 months ago) by dtucker
Branch: MAIN
Changes since 1.209: +5 -5 lines
Diff to previous 1.209 (colored)
Minor man page fixes (capitalization, commas) identified by the manpage-l10n project via bz#3223. feedback deraadt@, ok jmc@
Revision 1.209 / (download) - annotate - [select for diffs], Wed Sep 9 03:08:01 2020 UTC (3 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_8_BASE,
OPENBSD_6_8
Changes since 1.208: +4 -3 lines
Diff to previous 1.208 (colored)
when writing an attestation blob for a FIDO key, record all the data needed to verify the attestation. Previously we were missing the "authenticator data" that is included in the signature. spotted by Ian Haken feedback Pedro Martelletto and Ian Haken; ok markus@
Revision 1.208 / (download) - annotate - [select for diffs], Thu Aug 27 06:15:22 2020 UTC (3 years, 8 months ago) by jmc
Branch: MAIN
Changes since 1.207: +2 -2 lines
Diff to previous 1.207 (colored)
tweak previous;
Revision 1.207 / (download) - annotate - [select for diffs], Thu Aug 27 01:08:45 2020 UTC (3 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.206: +4 -2 lines
Diff to previous 1.206 (colored)
Request PIN ahead of time for certain FIDO actions When we know that a particular action will require a PIN, such as downloading resident keys or generating a verify-required key, request the PIN before attempting it. joint work with Pedro Martelletto; ok markus@
Revision 1.206 / (download) - annotate - [select for diffs], Thu Aug 27 01:06:18 2020 UTC (3 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.205: +18 -2 lines
Diff to previous 1.205 (colored)
support for user-verified FIDO keys FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@
Revision 1.205 / (download) - annotate - [select for diffs], Wed Jul 15 07:50:46 2020 UTC (3 years, 10 months ago) by solene
Branch: MAIN
Changes since 1.204: +11 -4 lines
Diff to previous 1.204 (colored)
- Add [-a rounds] in ssh-keygen man page and usage() - Reorder parameters list in the first usage() case - Sentence rewording ok dtucker@ jmc@ noticed usage() missed -a flag too
Revision 1.204 / (download) - annotate - [select for diffs], Wed Jul 15 04:27:34 2020 UTC (3 years, 10 months ago) by dtucker
Branch: MAIN
Changes since 1.203: +3 -2 lines
Diff to previous 1.203 (colored)
Add default for number of rounds (-a). ok djm@
Revision 1.203 / (download) - annotate - [select for diffs], Fri Apr 3 02:26:56 2020 UTC (4 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_7_BASE,
OPENBSD_6_7
Changes since 1.202: +6 -2 lines
Diff to previous 1.202 (colored)
give ssh-keygen the ability to dump the contents of a binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker
Revision 1.202 / (download) - annotate - [select for diffs], Mon Feb 24 04:27:58 2020 UTC (4 years, 2 months ago) by dtucker
Branch: MAIN
Changes since 1.201: +3 -3 lines
Diff to previous 1.201 (colored)
Fix typo. Patch from itoama at live.jp via github PR#173.
Revision 1.201 / (download) - annotate - [select for diffs], Fri Feb 7 03:57:31 2020 UTC (4 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.200: +5 -3 lines
Diff to previous 1.200 (colored)
sync the description of the $SSH_SK_PROVIDER environment variable with that of the SecurityKeyProvider ssh/sshd_config(5) directive, as the latter was more descriptive.
Revision 1.200 / (download) - annotate - [select for diffs], Tue Feb 4 09:58:04 2020 UTC (4 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.199: +4 -2 lines
Diff to previous 1.199 (colored)
require FIDO application strings to start with "ssh:"; ok markus@
Revision 1.199 / (download) - annotate - [select for diffs], Mon Feb 3 08:15:37 2020 UTC (4 years, 3 months ago) by jmc
Branch: MAIN
Changes since 1.198: +7 -9 lines
Diff to previous 1.198 (colored)
use better markup for challenge and write-attestation, and rejig the challenge text a little; ok djm
Revision 1.198 / (download) - annotate - [select for diffs], Sun Feb 2 07:36:50 2020 UTC (4 years, 3 months ago) by jmc
Branch: MAIN
Changes since 1.197: +10 -10 lines
Diff to previous 1.197 (colored)
shuffle the challenge keyword to keep the -O list sorted;
Revision 1.197 / (download) - annotate - [select for diffs], Tue Jan 28 08:01:34 2020 UTC (4 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.196: +13 -1 lines
Diff to previous 1.196 (colored)
changes to support FIDO attestation Allow writing to disk the attestation certificate that is generated by the FIDO token at key enrollment time. These certificates may be used by an out-of-band workflow to prove that a particular key is held in trustworthy hardware. Allow passing in a challenge that will be sent to the card during key enrollment. These are needed to build an attestation workflow that resists replay attacks. ok markus@
Revision 1.196 / (download) - annotate - [select for diffs], Thu Jan 23 23:31:52 2020 UTC (4 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.195: +6 -5 lines
Diff to previous 1.195 (colored)
ssh-keygen -Y find-principals fixes based on feedback from Markus: use "principals" instead of principal, as allowed_signers lines may list multiple. When the signing key is a certificate, emit only principals that match the certificate principal list. NB. the command -Y name changes: "find-principal" => "find-principals" ok markus@
Revision 1.195 / (download) - annotate - [select for diffs], Thu Jan 23 07:16:38 2020 UTC (4 years, 3 months ago) by jmc
Branch: MAIN
Changes since 1.194: +4 -4 lines
Diff to previous 1.194 (colored)
new sentence, new line;
Revision 1.194 / (download) - annotate - [select for diffs], Thu Jan 23 02:43:48 2020 UTC (4 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.193: +16 -1 lines
Diff to previous 1.193 (colored)
add a new signature operations "find-principal" to look up the principal associated with a signature from an allowed-signers file. Work by Sebastian Kinne; ok dtucker@
Revision 1.193 / (download) - annotate - [select for diffs], Sat Jan 18 21:16:43 2020 UTC (4 years, 3 months ago) by naddy
Branch: MAIN
Changes since 1.192: +3 -3 lines
Diff to previous 1.192 (colored)
one more replacement "(security) key" -> "(FIDO) authenticator"
Revision 1.192 / (download) - annotate - [select for diffs], Sat Jan 18 15:45:41 2020 UTC (4 years, 3 months ago) by naddy
Branch: MAIN
Changes since 1.191: +3 -3 lines
Diff to previous 1.191 (colored)
undo merge error and replace the term "security key" again
Revision 1.191 / (download) - annotate - [select for diffs], Tue Jan 14 15:07:30 2020 UTC (4 years, 4 months ago) by naddy
Branch: MAIN
Changes since 1.190: +5 -5 lines
Diff to previous 1.190 (colored)
sync ssh-keygen.1 and ssh-keygen's usage() with each other and reality ok markus@
Revision 1.190 / (download) - annotate - [select for diffs], Mon Jan 6 07:43:28 2020 UTC (4 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.189: +18 -20 lines
Diff to previous 1.189 (colored)
put the fido options in a list, and tidy up the text a little; ok djm
Revision 1.189 / (download) - annotate - [select for diffs], Mon Jan 6 02:00:46 2020 UTC (4 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.188: +18 -3 lines
Diff to previous 1.188 (colored)
Extends the SK API to accept a set of key/value options for all operations. These are intended to future-proof the API a little by making it easier to specify additional fields for without having to change the API version for each. At present, only two options are defined: one to explicitly specify the device for an operation (rather than accepting the middleware's autoselection) and another to specify the FIDO2 username that may be used when generating a resident key. These new options may be invoked at key generation time via ssh-keygen -O This also implements a suggestion from Markus to avoid "int" in favour of uint32_t for the algorithm argument in the API, to make implementation of ssh-sk-client/helper a little easier. feedback, fixes and ok markus@
Revision 1.188 / (download) - annotate - [select for diffs], Fri Jan 3 07:33:33 2020 UTC (4 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.187: +3 -3 lines
Diff to previous 1.187 (colored)
the download resident keys option is -K (upper) not -k (lower); ok djm
Revision 1.187 / (download) - annotate - [select for diffs], Thu Jan 2 22:40:09 2020 UTC (4 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.186: +8 -1 lines
Diff to previous 1.186 (colored)
ability to download FIDO2 resident keys from a token via "ssh-keygen -K". This will save public/private keys into the current directory. This is handy if you move a token between hosts. feedback & ok markus@
Revision 1.186 / (download) - annotate - [select for diffs], Mon Dec 30 16:10:00 2019 UTC (4 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.185: +2 -8 lines
Diff to previous 1.185 (colored)
simplify the list for moduli options - no need for -compact;
Revision 1.185 / (download) - annotate - [select for diffs], Mon Dec 30 09:49:52 2019 UTC (4 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.184: +24 -15 lines
Diff to previous 1.184 (colored)
Remove the -x option currently used for FIDO/U2F-specific key flags. Instead these flags may be specified via -O. ok markus@
Revision 1.184 / (download) - annotate - [select for diffs], Mon Dec 30 03:30:09 2019 UTC (4 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.183: +79 -65 lines
Diff to previous 1.183 (colored)
remove single-letter flags for moduli options Move all moduli generation options to live under the -O flag. Frees up seven single-letter flags. NB. this change break existing ssh-keygen commandline syntax for moduli- related operations. Very few people use these fortunately. feedback and ok markus@
Revision 1.183 / (download) - annotate - [select for diffs], Mon Dec 30 03:28:41 2019 UTC (4 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.182: +92 -94 lines
Diff to previous 1.182 (colored)
prepare for use of ssh-keygen -O flag beyond certs Move list of available certificate options in ssh-keygen.1 to the CERTIFICATES section. Collect options specified by -O but delay parsing/validation of certificate options until we're sure that we're acting as a CA. ok markus@
Revision 1.182 / (download) - annotate - [select for diffs], Fri Dec 27 08:28:44 2019 UTC (4 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.181: +18 -18 lines
Diff to previous 1.181 (colored)
sort -Y internally in the options list, as is already done in synopsis;
Revision 1.181 / (download) - annotate - [select for diffs], Fri Dec 27 08:25:07 2019 UTC (4 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.180: +5 -5 lines
Diff to previous 1.180 (colored)
in the options list, sort -Y and -y;
Revision 1.180 / (download) - annotate - [select for diffs], Sat Dec 21 20:22:34 2019 UTC (4 years, 4 months ago) by naddy
Branch: MAIN
Changes since 1.179: +12 -13 lines
Diff to previous 1.179 (colored)
Replace the term "security key" with "(FIDO) authenticator". The polysemous use of "key" was too confusing. Input from markus@. ok jmc@
Revision 1.179 / (download) - annotate - [select for diffs], Sat Nov 30 07:07:59 2019 UTC (4 years, 5 months ago) by jmc
Branch: MAIN
Changes since 1.178: +2 -2 lines
Diff to previous 1.178 (colored)
tweak the Nd lines for a bit of consistency; ok markus
Revision 1.178 / (download) - annotate - [select for diffs], Mon Nov 25 00:55:58 2019 UTC (4 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.177: +11 -2 lines
Diff to previous 1.177 (colored)
allow "ssh-keygen -x no-touch-required" when generating a security key keypair to request one that does not require a touch for each authentication attempt. The default remains to require touch. feedback deraadt; ok markus@
Revision 1.177 / (download) - annotate - [select for diffs], Mon Nov 25 00:54:23 2019 UTC (4 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.176: +9 -1 lines
Diff to previous 1.176 (colored)
add a "no-touch-required" option for authorized_keys and a similar extension for certificates. This option disables the default requirement that security key signatures attest that the user touched their key to authorize them. feedback deraadt, ok markus
Revision 1.176 / (download) - annotate - [select for diffs], Mon Nov 18 23:16:49 2019 UTC (4 years, 5 months ago) by naddy
Branch: MAIN
Changes since 1.175: +11 -8 lines
Diff to previous 1.175 (colored)
more missing mentions of ed25519-sk; ok djm@
Revision 1.175 / (download) - annotate - [select for diffs], Mon Nov 18 04:50:45 2019 UTC (4 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.174: +6 -5 lines
Diff to previous 1.174 (colored)
mention ed25519-sk in places where it is accepted; prompted by jmc@
Revision 1.174 / (download) - annotate - [select for diffs], Thu Nov 14 21:27:30 2019 UTC (4 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.173: +4 -5 lines
Diff to previous 1.173 (colored)
directly support U2F/FIDO2 security keys in OpenSSH by linking against the (previously external) USB HID middleware. The dlopen() capability still exists for alternate middlewares, e.g. for Bluetooth, NFC and test/debugging.
Revision 1.173 / (download) - annotate - [select for diffs], Thu Nov 7 08:38:38 2019 UTC (4 years, 6 months ago) by naddy
Branch: MAIN
Changes since 1.172: +28 -8 lines
Diff to previous 1.172 (colored)
Fill in missing man page bits for U2F security key support: Mention the new key types, the ~/.ssh/id_ecdsa_sk file, ssh's SecurityKeyProvider keyword, the SSH_SK_PROVIDER environment variable, and ssh-keygen's new -w and -x options. Copy the ssh-sk-helper man page from ssh-pkcs11-helper with minimal substitutions. ok djm@
Revision 1.172 / (download) - annotate - [select for diffs], Tue Oct 22 08:50:35 2019 UTC (4 years, 6 months ago) by jmc
Branch: MAIN
Changes since 1.171: +5 -4 lines
Diff to previous 1.171 (colored)
fixes from lucas;
Revision 1.171 / (download) - annotate - [select for diffs], Thu Oct 3 17:07:50 2019 UTC (4 years, 7 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6
Changes since 1.170: +16 -18 lines
Diff to previous 1.170 (colored)
use a more common options order in SYNOPSIS and sync usage(); while here, no need for Bk/Ek; ok dtucker
Revision 1.170 / (download) - annotate - [select for diffs], Sun Sep 29 16:31:57 2019 UTC (4 years, 7 months ago) by jmc
Branch: MAIN
Changes since 1.169: +5 -7 lines
Diff to previous 1.169 (colored)
group and sort single letter options; ok deraadt
Revision 1.169 / (download) - annotate - [select for diffs], Fri Sep 27 20:03:24 2019 UTC (4 years, 7 months ago) by jmc
Branch: MAIN
Changes since 1.168: +5 -5 lines
Diff to previous 1.168 (colored)
fix the DH-GEX text in -a; because this required a comma, i added a comma to the first part, for balance...
Revision 1.168 / (download) - annotate - [select for diffs], Fri Sep 20 18:50:58 2019 UTC (4 years, 7 months ago) by jmc
Branch: MAIN
Changes since 1.167: +4 -3 lines
Diff to previous 1.167 (colored)
new sentence, new line;
Revision 1.167 / (download) - annotate - [select for diffs], Mon Sep 16 03:23:02 2019 UTC (4 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.166: +21 -3 lines
Diff to previous 1.166 (colored)
Allow testing signature syntax and validity without verifying that a signature came from a trusted signer. To discourage accidental or unintentional use, this is invoked by the deliberately ugly option name "check-novalidate" from Sebastian Kinne
Revision 1.166 / (download) - annotate - [select for diffs], Thu Sep 5 05:47:23 2019 UTC (4 years, 8 months ago) by jmc
Branch: MAIN
Changes since 1.165: +5 -5 lines
Diff to previous 1.165 (colored)
macro fix; ok djm
Revision 1.165 / (download) - annotate - [select for diffs], Wed Sep 4 05:56:54 2019 UTC (4 years, 8 months ago) by jmc
Branch: MAIN
Changes since 1.164: +4 -4 lines
Diff to previous 1.164 (colored)
tweak previous;
Revision 1.164 / (download) - annotate - [select for diffs], Tue Sep 3 08:35:27 2019 UTC (4 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.163: +3 -3 lines
Diff to previous 1.163 (colored)
sshsig tweaks and improvements from and suggested by Markus ok markus/me
Revision 1.163 / (download) - annotate - [select for diffs], Tue Sep 3 08:34:19 2019 UTC (4 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.162: +121 -2 lines
Diff to previous 1.162 (colored)
sshsig: lightweight signature and verification ability for OpenSSH This adds a simple manual signature scheme to OpenSSH. Signatures can be made and verified using ssh-keygen -Y sign|verify Signatures embed the key used to make them. At verification time, this is matched via principal name against an authorized_keys-like list of allowed signers. Mostly by Sebastian Kinne w/ some tweaks by me ok markus@
Revision 1.162 / (download) - annotate - [select for diffs], Fri Jul 19 03:38:01 2019 UTC (4 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.161: +3 -2 lines
Diff to previous 1.161 (colored)
Accept the verbose flag when searching for host keys in known hosts (i.e. "ssh-keygen -vF host") to print the matching host's random- art signature too. bz#3003 "amusing, pretty" deraadt@
Revision 1.161 / (download) - annotate - [select for diffs], Mon Jul 15 13:16:29 2019 UTC (4 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.160: +4 -3 lines
Diff to previous 1.160 (colored)
support PKCS8 as an optional format for storage of private keys, enabled via "ssh-keygen -m PKCS8" on operations that save private keys to disk. The OpenSSH native key format remains the default, but PKCS8 is a superior format to PEM if interoperability with non-OpenSSH software is required, as it may use a less terrible KDF (IIRC PEM uses a single round of MD5 as a KDF). adapted from patch by Jakub Jelen via bz3013; ok markus
Revision 1.160 / (download) - annotate - [select for diffs], Mon May 20 06:01:59 2019 UTC (4 years, 11 months ago) by jmc
Branch: MAIN
Changes since 1.159: +5 -4 lines
Diff to previous 1.159 (colored)
tweak previous;
Revision 1.159 / (download) - annotate - [select for diffs], Mon May 20 00:20:35 2019 UTC (4 years, 11 months ago) by djm
Branch: MAIN
Changes since 1.158: +11 -2 lines
Diff to previous 1.158 (colored)
When signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. Certificates signed by RSA keys will therefore be incompatible with OpenSSH < 7.2 unless the default is overridden. Document the ability of the ssh-keygen -t flag to override the signature algorithm when signing certificates, and the new default. ok deraadt@
Revision 1.158 / (download) - annotate - [select for diffs], Fri Apr 19 05:47:44 2019 UTC (5 years ago) by dtucker
Branch: MAIN
Changes since 1.157: +4 -4 lines
Diff to previous 1.157 (colored)
Document new default RSA key size. From sebastiaanlokhorst at gmail.com via bz#2997.
Revision 1.157 / (download) - annotate - [select for diffs], Tue Mar 5 16:17:12 2019 UTC (5 years, 2 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_6_5_BASE,
OPENBSD_6_5
Changes since 1.156: +3 -3 lines
Diff to previous 1.156 (colored)
PKCS#11 support is no longer limited to RSA; ok benno@ kn@
Revision 1.156 / (download) - annotate - [select for diffs], Wed Jan 23 04:51:02 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.155: +7 -1 lines
Diff to previous 1.155 (colored)
allow auto-incrementing certificate serial number for certs signed in a single commandline.
Revision 1.155 / (download) - annotate - [select for diffs], Tue Jan 22 11:40:42 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.154: +10 -4 lines
Diff to previous 1.154 (colored)
Include -m in the synopsis for a few more commands that support it Be more explicit in the description of -m about where it may be used Prompted by Jakub Jelen in bz2904
Revision 1.154 / (download) - annotate - [select for diffs], Tue Jan 22 11:19:42 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.153: +3 -3 lines
Diff to previous 1.153 (colored)
clarify: ssh-keygen -e only writes public keys, never private
Revision 1.153 / (download) - annotate - [select for diffs], Tue Jan 22 11:00:15 2019 UTC (5 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.152: +17 -5 lines
Diff to previous 1.152 (colored)
mention the new vs. old key formats in the introduction and give some hints on how keys may be converted or written in the old format.
Revision 1.152 / (download) - annotate - [select for diffs], Fri Dec 7 03:33:18 2018 UTC (5 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.151: +3 -3 lines
Diff to previous 1.151 (colored)
fix option letter pasto in previous
Revision 1.151 / (download) - annotate - [select for diffs], Fri Dec 7 03:32:26 2018 UTC (5 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.150: +6 -4 lines
Diff to previous 1.150 (colored)
mention that the ssh-keygen -F (find host in authorized_keys) and -R (remove host from authorized_keys) options may accept either a bare hostname or a [hostname]:port combo. bz#2935
Revision 1.150 / (download) - annotate - [select for diffs], Wed Sep 12 06:18:59 2018 UTC (5 years, 8 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_4_BASE,
OPENBSD_6_4
Changes since 1.149: +3 -3 lines
Diff to previous 1.149 (colored)
fix edit mistake; spotted by jmc@
Revision 1.149 / (download) - annotate - [select for diffs], Wed Sep 12 01:21:34 2018 UTC (5 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.148: +16 -3 lines
Diff to previous 1.148 (colored)
allow key revocation by SHA256 hash and allow ssh-keygen to create KRLs using SHA256/base64 key fingerprints; ok markus@
Revision 1.148 / (download) - annotate - [select for diffs], Wed Aug 8 01:16:01 2018 UTC (5 years, 9 months ago) by djm
Branch: MAIN
Changes since 1.147: +8 -16 lines
Diff to previous 1.147 (colored)
Use new private key format by default. This format is suported by OpenSSH >= 6.5 (released January 2014), so it should be supported by most OpenSSH versions in active use. It is possible to convert new-format private keys to the older format using "ssh-keygen -f /path/key -pm PEM". ok deraadt dtucker
Revision 1.147 / (download) - annotate - [select for diffs], Mon Mar 12 00:52:01 2018 UTC (6 years, 2 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_6_3_BASE,
OPENBSD_6_3
Changes since 1.146: +4 -4 lines
Diff to previous 1.146 (colored)
add valid-before="[time]" authorized_keys option. A simple way of giving a key an expiry date. ok markus@
Revision 1.146 / (download) - annotate - [select for diffs], Thu Jan 25 03:34:43 2018 UTC (6 years, 3 months ago) by djm
Branch: MAIN
Changes since 1.145: +5 -5 lines
Diff to previous 1.145 (colored)
certificate options are case-sensitive; fix case on one that had it wrong. move a badly-place sentence to a less bad place
Revision 1.145 / (download) - annotate - [select for diffs], Fri Nov 3 05:14:04 2017 UTC (6 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.144: +16 -7 lines
Diff to previous 1.144 (colored)
allow certificate validity intervals that specify only a start or stop time (we already support specifying both or neither)
Revision 1.144 / (download) - annotate - [select for diffs], Sat Jul 8 18:32:54 2017 UTC (6 years, 10 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_2_BASE,
OPENBSD_6_2
Changes since 1.143: +4 -4 lines
Diff to previous 1.143 (colored)
slightly rework previous, to avoid an article issue;
Revision 1.143 / (download) - annotate - [select for diffs], Fri Jul 7 03:53:12 2017 UTC (6 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.142: +7 -2 lines
Diff to previous 1.142 (colored)
When generating all hostkeys (ssh-keygen -A), clobber existing keys if they exist but are zero length. zero-length keys could previously be made if ssh-keygen failed part way through generating them, so avoid that case too. bz#2561 reported by Krzysztof Cieplucha; ok dtucker@
Revision 1.142 / (download) - annotate - [select for diffs], Wed Jun 28 01:09:22 2017 UTC (6 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.141: +20 -2 lines
Diff to previous 1.141 (colored)
Allow ssh-keygen to use a key held in ssh-agent as a CA when signing certificates. bz#2377 ok markus
Revision 1.141 / (download) - annotate - [select for diffs], Fri May 5 10:41:58 2017 UTC (7 years ago) by naddy
Branch: MAIN
Changes since 1.140: +5 -5 lines
Diff to previous 1.140 (colored)
remove superfluous protocol 2 mentions; ok jmc@
Revision 1.140 / (download) - annotate - [select for diffs], Wed May 3 06:32:02 2017 UTC (7 years ago) by jmc
Branch: MAIN
Changes since 1.139: +4 -31 lines
Diff to previous 1.139 (colored)
more protocol 1 stuff to go; ok djm
Revision 1.139 / (download) - annotate - [select for diffs], Tue May 2 17:04:09 2017 UTC (7 years ago) by jmc
Branch: MAIN
Changes since 1.138: +5 -8 lines
Diff to previous 1.138 (colored)
rsa1 is no longer valid;
Revision 1.138 / (download) - annotate - [select for diffs], Tue May 2 09:05:58 2017 UTC (7 years ago) by jmc
Branch: MAIN
Changes since 1.137: +4 -3 lines
Diff to previous 1.137 (colored)
more -O shuffle; ok djm
Revision 1.137 / (download) - annotate - [select for diffs], Tue May 2 07:13:31 2017 UTC (7 years ago) by jmc
Branch: MAIN
Changes since 1.136: +34 -27 lines
Diff to previous 1.136 (colored)
tidy up -O somewhat; ok djm
Revision 1.136 / (download) - annotate - [select for diffs], Sun Apr 30 23:18:44 2017 UTC (7 years ago) by djm
Branch: MAIN
Changes since 1.135: +3 -4 lines
Diff to previous 1.135 (colored)
remove KEY_RSA1 ok markus@
Revision 1.135 / (download) - annotate - [select for diffs], Sat Apr 29 06:06:01 2017 UTC (7 years ago) by jmc
Branch: MAIN
Changes since 1.134: +7 -7 lines
Diff to previous 1.134 (colored)
tweak previous;
Revision 1.134 / (download) - annotate - [select for diffs], Sat Apr 29 04:12:25 2017 UTC (7 years ago) by djm
Branch: MAIN
Changes since 1.133: +23 -3 lines
Diff to previous 1.133 (colored)
allow ssh-keygen to include arbitrary string or flag certificate extensions and critical options. ok markus@ dtucker@
Revision 1.133 / (download) - annotate - [select for diffs], Thu Jun 16 06:10:45 2016 UTC (7 years, 11 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0
Changes since 1.132: +4 -3 lines
Diff to previous 1.132 (colored)
keys stored in openssh format can have comments too; diff from yonas yanfa, tweaked a bit; ok djm
Revision 1.132 / (download) - annotate - [select for diffs], Tue May 3 18:38:12 2016 UTC (8 years ago) by jmc
Branch: MAIN
Changes since 1.131: +3 -3 lines
Diff to previous 1.131 (colored)
correct article;
Revision 1.131 / (download) - annotate - [select for diffs], Tue May 3 14:54:08 2016 UTC (8 years ago) by djm
Branch: MAIN
Changes since 1.130: +4 -3 lines
Diff to previous 1.130 (colored)
make nethack^wrandomart fingerprint flag more readily searchable pointed out by Matt Johnston
Revision 1.130 / (download) - annotate - [select for diffs], Wed Feb 17 07:38:19 2016 UTC (8 years, 3 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_9_BASE,
OPENBSD_5_9
Changes since 1.129: +9 -5 lines
Diff to previous 1.129 (colored)
since these pages now clearly tell folks to avoid v1, normalise the docs from a v2 perspective (i.e. stop pointing out which bits are v2 only); ok/tweaks djm ok markus
Revision 1.129 / (download) - annotate - [select for diffs], Fri Nov 13 04:34:15 2015 UTC (8 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.128: +3 -3 lines
Diff to previous 1.128 (colored)
support multiple certificates (one per line) and reading from standard input (using "-f -") for "ssh-keygen -L"; ok dtucker@
Revision 1.128 / (download) - annotate - [select for diffs], Thu Nov 5 09:48:05 2015 UTC (8 years, 6 months ago) by jmc
Branch: MAIN
Changes since 1.127: +3 -3 lines
Diff to previous 1.127 (colored)
"commandline" -> "command line", since there are so few examples of the former in the pages, so many of the latter, and in some of these pages we had multiple spellings; prompted by tj
Revision 1.127 / (download) - annotate - [select for diffs], Thu Aug 20 19:20:06 2015 UTC (8 years, 8 months ago) by naddy
Branch: MAIN
Changes since 1.126: +4 -4 lines
Diff to previous 1.126 (colored)
In the certificates section, be consistent about using "host_key" and "user_key" for the respective key types. ok sthen@ deraadt@
Revision 1.126 / (download) - annotate - [select for diffs], Fri Jul 3 03:49:45 2015 UTC (8 years, 10 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_8_BASE,
OPENBSD_5_8
Changes since 1.125: +3 -3 lines
Diff to previous 1.125 (colored)
refuse to generate or accept RSA keys smaller than 1024 bits; feedback and ok dtucker@
Revision 1.125 / (download) - annotate - [select for diffs], Tue Feb 24 15:24:05 2015 UTC (9 years, 2 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_5_7_BASE,
OPENBSD_5_7
Changes since 1.124: +3 -2 lines
Diff to previous 1.124 (colored)
add -v (show ASCII art) to -l's synopsis; ok djm@
Revision 1.124 / (download) - annotate - [select for diffs], Sun Dec 21 22:27:56 2014 UTC (9 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.123: +11 -2 lines
Diff to previous 1.123 (colored)
Add FingerprintHash option to control algorithm used for key fingerprints. Default changes from MD5 to SHA256 and format from hex to base64. Feedback and ok naddy@ markus@
Revision 1.123 / (download) - annotate - [select for diffs], Sat Aug 30 15:33:50 2014 UTC (9 years, 8 months ago) by sobrado
Branch: MAIN
Changes since 1.122: +6 -6 lines
Diff to previous 1.122 (colored)
improve capitalization for the Ed25519 public-key signature system. ok djm@
Revision 1.122 / (download) - annotate - [select for diffs], Mon Mar 31 13:39:34 2014 UTC (10 years, 1 month ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_6_BASE,
OPENBSD_5_6
Changes since 1.121: +6 -6 lines
Diff to previous 1.121 (colored)
the text for the -K option was inserted in the wrong place in -r1.108; fix From: Matthew Clarke
Revision 1.121 / (download) - annotate - [select for diffs], Sat Mar 15 17:28:26 2014 UTC (10 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.120: +4 -4 lines
Diff to previous 1.120 (colored)
Improve usage() and documentation towards the standard form. In particular,
this line saves a lot of man page reading time.
usage: ssh-keygen [-q] [-b bits] [-t dsa | ecdsa | ed25519 | rsa | rsa1]
[-N new_passphrase] [-C comment] [-f output_keyfile]
ok schwarze jmc
Revision 1.120 / (download) - annotate - [select for diffs], Wed Feb 5 20:13:25 2014 UTC (10 years, 3 months ago) by naddy
Branch: MAIN
CVS Tags: OPENBSD_5_5_BASE,
OPENBSD_5_5
Changes since 1.119: +3 -3 lines
Diff to previous 1.119 (colored)
tweak synopsis: calling ssh-keygen without any arguments is fine; ok jmc@ while here, fix ordering in usage(); requested by jmc@
Revision 1.119 / (download) - annotate - [select for diffs], Sat Dec 21 07:10:47 2013 UTC (10 years, 4 months ago) by tedu
Branch: MAIN
Changes since 1.118: +2 -2 lines
Diff to previous 1.118 (colored)
small typo
Revision 1.118 / (download) - annotate - [select for diffs], Sat Dec 7 11:58:46 2013 UTC (10 years, 5 months ago) by naddy
Branch: MAIN
Changes since 1.117: +19 -9 lines
Diff to previous 1.117 (colored)
add missing mentions of ed25519; ok djm@
Revision 1.117 / (download) - annotate - [select for diffs], Sat Dec 7 08:08:26 2013 UTC (10 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.116: +24 -7 lines
Diff to previous 1.116 (colored)
document -a and -o wrt new key format
Revision 1.116 / (download) - annotate - [select for diffs], Thu Jun 27 14:05:37 2013 UTC (10 years, 10 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_4_BASE,
OPENBSD_5_4
Changes since 1.115: +3 -4 lines
Diff to previous 1.115 (colored)
do not use Sx for sections outwith the man page - ingo informs me that stuff like html will render with broken links; issue reported by Eric S. Raymond, via djm
Revision 1.115 / (download) - annotate - [select for diffs], Sat Jan 19 07:13:25 2013 UTC (11 years, 3 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_5_3_BASE,
OPENBSD_5_3
Changes since 1.114: +2 -2 lines
Diff to previous 1.114 (colored)
fix some formatting; ok djm
Revision 1.114 / (download) - annotate - [select for diffs], Fri Jan 18 21:48:43 2013 UTC (11 years, 3 months ago) by jmc
Branch: MAIN
Changes since 1.113: +8 -8 lines
Diff to previous 1.113 (colored)
command-line (adj.) -> command line (n.);
Revision 1.113 / (download) - annotate - [select for diffs], Fri Jan 18 08:39:04 2013 UTC (11 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.112: +4 -2 lines
Diff to previous 1.112 (colored)
add -Q to the options list; ok djm
Revision 1.112 / (download) - annotate - [select for diffs], Fri Jan 18 07:57:47 2013 UTC (11 years, 4 months ago) by jmc
Branch: MAIN
Changes since 1.111: +16 -15 lines
Diff to previous 1.111 (colored)
tweak previous;
Revision 1.111 / (download) - annotate - [select for diffs], Thu Jan 17 23:00:01 2013 UTC (11 years, 4 months ago) by djm
Branch: MAIN
Changes since 1.110: +116 -2 lines
Diff to previous 1.110 (colored)
add support for Key Revocation Lists (KRLs). These are a compact way to represent lists of revoked keys and certificates, taking as little as a single bit of incremental cost to revoke a certificate by serial number. KRLs are loaded via the existing RevokedKeys sshd_config option. feedback and ok markus@
Revision 1.110 / (download) - annotate - [select for diffs], Wed Aug 15 18:25:50 2012 UTC (11 years, 9 months ago) by jmc
Branch: MAIN
Changes since 1.109: +5 -3 lines
Diff to previous 1.109 (colored)
a little more info on certificate validity; requested by Ross L Richardson, and provided by djm
Revision 1.109 / (download) - annotate - [select for diffs], Fri Jul 6 00:41:59 2012 UTC (11 years, 10 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_5_2_BASE,
OPENBSD_5_2
Changes since 1.108: +15 -3 lines
Diff to previous 1.108 (colored)
Add options to specify starting line number and number of lines to process when screening moduli candidates. This allows processing of different parts of a candidate moduli file in parallel. man page help jmc@, ok djm@
Revision 1.108 / (download) - annotate - [select for diffs], Sun Oct 16 11:02:46 2011 UTC (12 years, 7 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_5_1_BASE,
OPENBSD_5_1
Changes since 1.107: +11 -2 lines
Diff to previous 1.107 (colored)
Add optional checkpoints for moduli screening. feedback & ok deraadt
Revision 1.107 / (download) - annotate - [select for diffs], Wed Sep 7 02:18:31 2011 UTC (12 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.106: +2 -2 lines
Diff to previous 1.106 (colored)
typo (they vs the) found by Lawrence Teo
Revision 1.106 / (download) - annotate - [select for diffs], Wed Apr 13 04:09:37 2011 UTC (13 years, 1 month ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_5_0_BASE,
OPENBSD_5_0
Changes since 1.105: +8 -2 lines
Diff to previous 1.105 (colored)
mention valid -b sizes for ECDSA keys; bz#1862
Revision 1.105 / (download) - annotate - [select for diffs], Wed Apr 13 04:02:48 2011 UTC (13 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.104: +4 -5 lines
Diff to previous 1.104 (colored)
improve wording; bz#1861
Revision 1.104 / (download) - annotate - [select for diffs], Thu Mar 24 15:29:30 2011 UTC (13 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.103: +2 -2 lines
Diff to previous 1.103 (colored)
zap trailing whitespace;
Revision 1.103 / (download) - annotate - [select for diffs], Wed Mar 23 16:24:56 2011 UTC (13 years, 1 month ago) by stevesk
Branch: MAIN
Changes since 1.102: +2 -5 lines
Diff to previous 1.102 (colored)
-q not used in /etc/rc now so remove statement.
Revision 1.102 / (download) - annotate - [select for diffs], Wed Mar 23 15:16:22 2011 UTC (13 years, 1 month ago) by stevesk
Branch: MAIN
Changes since 1.101: +11 -2 lines
Diff to previous 1.101 (colored)
Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa) for which host keys do not exist, generate the host keys with the default key file path, an empty passphrase, default bits for the key type, and default comment. This will be used by /etc/rc to generate new host keys. Idea from deraadt. ok deraadt
Revision 1.101 / (download) - annotate - [select for diffs], Thu Oct 28 18:33:28 2010 UTC (13 years, 6 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_9_BASE,
OPENBSD_4_9
Changes since 1.100: +2 -4 lines
Diff to previous 1.100 (colored)
knock out some "-*- nroff -*-" lines;
Revision 1.100 / (download) - annotate - [select for diffs], Fri Sep 10 15:19:29 2010 UTC (13 years, 8 months ago) by naddy
Branch: MAIN
Changes since 1.99: +17 -26 lines
Diff to previous 1.99 (colored)
* mention ECDSA in more places * less repetition in FILES section * SSHv1 keys are still encrypted with 3DES help and ok jmc@
Revision 1.99 / (download) - annotate - [select for diffs], Tue Aug 31 11:54:45 2010 UTC (13 years, 8 months ago) by djm
Branch: MAIN
Changes since 1.98: +5 -4 lines
Diff to previous 1.98 (colored)
Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. Only the mandatory sections of RFC5656 are implemented, specifically the three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and ECDSA. Point compression (optional in RFC5656 is NOT implemented). Certificate host and user keys using the new ECDSA key types are supported. Note that this code has not been tested for interoperability and may be subject to change. feedback and ok markus@
Revision 1.98 / (download) - annotate - [select for diffs], Wed Aug 4 06:07:11 2010 UTC (13 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_4_8_BASE,
OPENBSD_4_8
Changes since 1.97: +18 -3 lines
Diff to previous 1.97 (colored)
Support CA keys in PKCS#11 tokens; feedback and ok markus@
Revision 1.97 / (download) - annotate - [select for diffs], Thu Jul 15 21:20:38 2010 UTC (13 years, 10 months ago) by schwarze
Branch: MAIN
Changes since 1.96: +3 -3 lines
Diff to previous 1.96 (colored)
repair incorrect block nesting, which screwed up indentation; problem reported and fix OK by jmc@
Revision 1.96 / (download) - annotate - [select for diffs], Wed Jun 30 07:24:25 2010 UTC (13 years, 10 months ago) by jmc
Branch: MAIN
Changes since 1.95: +8 -8 lines
Diff to previous 1.95 (colored)
tweak previous;
Revision 1.95 / (download) - annotate - [select for diffs], Tue Jun 29 23:15:30 2010 UTC (13 years, 10 months ago) by djm
Branch: MAIN
Changes since 1.94: +33 -12 lines
Diff to previous 1.94 (colored)
allow import (-i) and export (-e) of PEM and PKCS#8 encoded keys; bz#1749; ok markus@
Revision 1.94 / (download) - annotate - [select for diffs], Fri Apr 16 06:47:04 2010 UTC (14 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.93: +4 -4 lines
Diff to previous 1.93 (colored)
tweak previous; ok djm
Revision 1.93 / (download) - annotate - [select for diffs], Fri Apr 16 01:47:26 2010 UTC (14 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.92: +15 -10 lines
Diff to previous 1.92 (colored)
revised certificate format ssh-{dss,rsa}-cert-v01@openssh.com with the
following changes:
move the nonce field to the beginning of the certificate where it can
better protect against chosen-prefix attacks on the signature hash
Rename "constraints" field to "critical options"
Add a new non-critical "extensions" field
Add a serial number
The older format is still support for authentication and cert generation
(use "ssh-keygen -t v00 -s ca_key ..." to generate a v00 certificate)
ok markus@
Revision 1.92 / (download) - annotate - [select for diffs], Sat Mar 13 23:38:13 2010 UTC (14 years, 2 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_7_BASE,
OPENBSD_4_7
Changes since 1.91: +3 -3 lines
Diff to previous 1.91 (colored)
fix a formatting error (args need quoted); noted by stevesk
Revision 1.91 / (download) - annotate - [select for diffs], Sat Mar 13 21:45:46 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.90: +4 -4 lines
Diff to previous 1.90 (colored)
Certificates are named *-cert.pub, not *_cert.pub; committing a diff from stevesk@ ok me
Revision 1.90 / (download) - annotate - [select for diffs], Wed Mar 10 07:40:35 2010 UTC (14 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.89: +3 -4 lines
Diff to previous 1.89 (colored)
typos; from Ross Richardson closes prs 6334 and 6335
Revision 1.89 / (download) - annotate - [select for diffs], Mon Mar 8 09:41:27 2010 UTC (14 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.88: +16 -16 lines
Diff to previous 1.88 (colored)
sort the list of constraints (to -O); ok djm
Revision 1.88 / (download) - annotate - [select for diffs], Mon Mar 8 00:28:55 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.87: +5 -1 lines
Diff to previous 1.87 (colored)
document permit-agent-forwarding certificate constraint; patch from stevesk@
Revision 1.87 / (download) - annotate - [select for diffs], Thu Mar 4 22:52:40 2010 UTC (14 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.86: +2 -5 lines
Diff to previous 1.86 (colored)
fix Bk/Ek;
Revision 1.86 / (download) - annotate - [select for diffs], Thu Mar 4 20:35:08 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.85: +7 -1 lines
Diff to previous 1.85 (colored)
Add a -L flag to print the contents of a certificate; ok markus@
Revision 1.85 / (download) - annotate - [select for diffs], Fri Feb 26 22:09:28 2010 UTC (14 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.84: +13 -10 lines
Diff to previous 1.84 (colored)
tweak previous;
Revision 1.84 / (download) - annotate - [select for diffs], Fri Feb 26 20:29:54 2010 UTC (14 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.83: +176 -2 lines
Diff to previous 1.83 (colored)
Add support for certificate key types for users and hosts. OpenSSH certificate key types are not X.509 certificates, but a much simpler format that encodes a public key, identity information and some validity constraints and signs it with a CA key. CA keys are regular SSH keys. This certificate style avoids the attack surface of X.509 certificates and is very easy to deploy. Certified host keys allow automatic acceptance of new host keys when a CA certificate is marked as trusted in ~/.ssh/known_hosts. see VERIFYING HOST KEYS in ssh(1) for details. Certified user keys allow authentication of users when the signing CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS FILE FORMAT" in sshd(8) for details. Certificates are minted using ssh-keygen(1), documentation is in the "CERTIFICATES" section of that manpage. Documentation on the format of certificates is in the file PROTOCOL.certkeys feedback and ok markus@
Revision 1.83 / (download) - annotate - [select for diffs], Wed Feb 10 23:20:38 2010 UTC (14 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.82: +3 -4 lines
Diff to previous 1.82 (colored)
pkcs#11 is no longer optional; improve wording; ok jmc@
Revision 1.82 / (download) - annotate - [select for diffs], Mon Feb 8 22:03:05 2010 UTC (14 years, 3 months ago) by jmc
Branch: MAIN
Changes since 1.81: +3 -6 lines
Diff to previous 1.81 (colored)
tweak previous; ok markus
Revision 1.81 / (download) - annotate - [select for diffs], Mon Feb 8 10:50:20 2010 UTC (14 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.80: +6 -8 lines
Diff to previous 1.80 (colored)
replace our obsolete smartcard code with PKCS#11. ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11 provider (shared library) while ssh-agent(1) delegates PKCS#11 to a forked a ssh-pkcs11-helper process. PKCS#11 is currently a compile time option. feedback and ok djm@; inspired by patches from Alon Bar-Lev
Revision 1.80 / (download) - annotate - [select for diffs], Sat Oct 24 00:48:34 2009 UTC (14 years, 6 months ago) by dtucker
Branch: MAIN
Changes since 1.79: +5 -5 lines
Diff to previous 1.79 (colored)
ssh-keygen now uses AES-128 for private keys
Revision 1.79 / (download) - annotate - [select for diffs], Thu Jul 24 23:55:30 2008 UTC (15 years, 9 months ago) by sthen
Branch: MAIN
CVS Tags: OPENBSD_4_6_BASE,
OPENBSD_4_6,
OPENBSD_4_5_BASE,
OPENBSD_4_5,
OPENBSD_4_4_BASE,
OPENBSD_4_4
Changes since 1.78: +3 -2 lines
Diff to previous 1.78 (colored)
Add "ssh-keygen -F -l" to synopsis (displays fingerprint from known_hosts). ok djm@
Revision 1.78 / (download) - annotate - [select for diffs], Thu Jun 12 19:10:09 2008 UTC (15 years, 11 months ago) by jmc
Branch: MAIN
Changes since 1.77: +5 -6 lines
Diff to previous 1.77 (colored)
tweak the ascii art text; ok grunk
Revision 1.77 / (download) - annotate - [select for diffs], Wed Jun 11 22:20:46 2008 UTC (15 years, 11 months ago) by grunk
Branch: MAIN
Changes since 1.76: +6 -3 lines
Diff to previous 1.76 (colored)
ssh-keygen would write fingerprints to STDOUT, and random art to STDERR, that is not how it was envisioned. Also correct manpage saying that -v is needed along with -l for it to work. spotted by naddy@
Revision 1.76 / (download) - annotate - [select for diffs], Wed Jun 11 21:01:35 2008 UTC (15 years, 11 months ago) by grunk
Branch: MAIN
Changes since 1.75: +5 -4 lines
Diff to previous 1.75 (colored)
Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the graphical hash visualization schemes known as "random art", and by Dan Kaminsky's musings on the subject during a BlackOp talk at the 23C3 in Berlin. Scientific publication (original paper): "Hash Visualization: a New Technique to improve Real-World Security", Perrig A. and Song D., 1999, International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC '99) http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf The algorithm used here is a worm crawling over a discrete plane, leaving a trace (augmenting the field) everywhere it goes. Movement is taken from dgst_raw 2bit-wise. Bumping into walls makes the respective movement vector be ignored for this turn, thus switching to the other color of the chessboard. Graphs are not unambiguous for now, because circles in graphs can be walked in either direction. discussions with several people, help, corrections and ok markus@ djm@
Revision 1.75 / (download) - annotate - [select for diffs], Thu May 31 19:20:16 2007 UTC (16 years, 11 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_3_BASE,
OPENBSD_4_3,
OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.74: +2 -2 lines
Diff to previous 1.74 (colored)
convert to new .Dd format;
Revision 1.74 / (download) - annotate - [select for diffs], Fri Jan 12 20:20:41 2007 UTC (17 years, 4 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_4_1_BASE,
OPENBSD_4_1
Changes since 1.73: +2 -2 lines
Diff to previous 1.73 (colored)
more secsh -> rfc 4716 updates; spotted by wiz@netbsd ok markus
Revision 1.73 / (download) - annotate - [select for diffs], Mon Dec 11 21:25:46 2006 UTC (17 years, 5 months ago) by markus
Branch: MAIN
Changes since 1.72: +6 -9 lines
Diff to previous 1.72 (colored)
add rfc 4716 (public key format); ok jmc
Revision 1.69.2.2 / (download) - annotate - [select for diffs], Fri Oct 6 03:19:33 2006 UTC (17 years, 7 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.69.2.1: +0 -0 lines
Diff to previous 1.69.2.1 (colored) to branchpoint 1.69 (colored) next main 1.70 (colored)
upgrade to OpenSSH 4.4
Revision 1.69.2.1 / (download) - annotate - [select for diffs], Fri Feb 3 03:01:57 2006 UTC (18 years, 3 months ago) by brad
Branch: OPENBSD_3_8
Changes since 1.69: +6 -3 lines
Diff to previous 1.69 (colored)
upgrade to OpenSSH 4.3
Revision 1.67.2.2 / (download) - annotate - [select for diffs], Fri Feb 3 02:53:45 2006 UTC (18 years, 3 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.67.2.1: +6 -3 lines
Diff to previous 1.67.2.1 (colored) to branchpoint 1.67 (colored) next main 1.68 (colored)
upgrade to OpenSSH 4.3
Revision 1.72 / (download) - annotate - [select for diffs], Mon Nov 28 05:16:53 2005 UTC (18 years, 5 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_4_0_BASE,
OPENBSD_4_0,
OPENBSD_3_9_BASE,
OPENBSD_3_9
Changes since 1.71: +3 -3 lines
Diff to previous 1.71 (colored)
Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2, increase minumum RSA key size to 768 bits and update man page to reflect these. Patch originally bz#1119 (senthilkumar_sen at hotpop.com), ok djm@, grudging ok deraadt@.
Revision 1.71 / (download) - annotate - [select for diffs], Mon Oct 31 19:55:25 2005 UTC (18 years, 6 months ago) by jmc
Branch: MAIN
Changes since 1.70: +2 -2 lines
Diff to previous 1.70 (colored)
grammar;
Revision 1.70 / (download) - annotate - [select for diffs], Mon Oct 31 11:12:49 2005 UTC (18 years, 6 months ago) by djm
Branch: MAIN
Changes since 1.69: +4 -1 lines
Diff to previous 1.69 (colored)
generate a protocol 2 RSA key by default
Revision 1.67.2.1 / (download) - annotate - [select for diffs], Sun Sep 4 18:40:09 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_7
Changes since 1.67: +15 -15 lines
Diff to previous 1.67 (colored)
upgrade to OpenSSH 4.2
Revision 1.63.2.3 / (download) - annotate - [select for diffs], Fri Sep 2 03:45:01 2005 UTC (18 years, 8 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.63.2.2: +15 -15 lines
Diff to previous 1.63.2.2 (colored) to branchpoint 1.63 (colored) next main 1.64 (colored)
upgrade to OpenSSH 4.2
Revision 1.69 / (download) - annotate - [select for diffs], Wed Jun 8 03:50:00 2005 UTC (18 years, 11 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_8_BASE
Branch point for: OPENBSD_3_8
Changes since 1.68: +3 -3 lines
Diff to previous 1.68 (colored)
increase default rsa/dsa key length from 1024 to 2048 bits; ok markus@ deraadt@
Revision 1.63.2.2 / (download) - annotate - [select for diffs], Sun Jun 5 02:22:39 2005 UTC (18 years, 11 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.63.2.1: +5 -3 lines
Diff to previous 1.63.2.1 (colored) to branchpoint 1.63 (colored)
upgrade to OpenSSH 4.1
Revision 1.68 / (download) - annotate - [select for diffs], Thu Apr 21 06:17:50 2005 UTC (19 years, 1 month ago) by djm
Branch: MAIN
Changes since 1.67: +13 -13 lines
Diff to previous 1.67 (colored)
OpenSSH doesn't ever look at the $HOME environment variable, so don't say that we do (bz #623); ok deraadt@
Revision 1.67 / (download) - annotate - [select for diffs], Mon Mar 14 10:09:03 2005 UTC (19 years, 2 months ago) by dtucker
Branch: MAIN
CVS Tags: OPENBSD_3_7_BASE
Branch point for: OPENBSD_3_7
Changes since 1.66: +5 -3 lines
Diff to previous 1.66 (colored)
Correct description of -H (bz #997); ok markus@, punctuation jmc@
Revision 1.61.2.2 / (download) - annotate - [select for diffs], Thu Mar 10 17:15:05 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.61.2.1: +83 -42 lines
Diff to previous 1.61.2.1 (colored) to branchpoint 1.61 (colored) next main 1.62 (colored)
upgrade to OpenSSH 4.0
Revision 1.63.2.1 / (download) - annotate - [select for diffs], Thu Mar 10 16:28:28 2005 UTC (19 years, 2 months ago) by brad
Branch: OPENBSD_3_6
Changes since 1.63: +83 -42 lines
Diff to previous 1.63 (colored)
upgrade to OpenSSH 4.0
Revision 1.66 / (download) - annotate - [select for diffs], Tue Mar 1 18:15:56 2005 UTC (19 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.65: +67 -67 lines
Diff to previous 1.65 (colored)
sort options (no attempt made at synopsis clean up though); spelling (occurance -> occurrence); use prompt before examples; grammar;
Revision 1.65 / (download) - annotate - [select for diffs], Tue Mar 1 15:05:00 2005 UTC (19 years, 2 months ago) by jmc
Branch: MAIN
Changes since 1.64: +4 -4 lines
Diff to previous 1.64 (colored)
whitespace;
Revision 1.64 / (download) - annotate - [select for diffs], Tue Mar 1 10:42:49 2005 UTC (19 years, 2 months ago) by djm
Branch: MAIN
Changes since 1.63: +42 -1 lines
Diff to previous 1.63 (colored)
add tools for managing known_hosts files with hashed hostnames, including hashing existing files and deleting hosts by name; ok markus@ deraadt@
Revision 1.60.2.2 / (download) - annotate - [select for diffs], Thu Aug 19 22:37:32 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.60.2.1: +7 -4 lines
Diff to previous 1.60.2.1 (colored) to branchpoint 1.60 (colored) next main 1.61 (colored)
upgrade to OpenSSH 3.9
Revision 1.61.2.1 / (download) - annotate - [select for diffs], Thu Aug 19 04:13:27 2004 UTC (19 years, 9 months ago) by brad
Branch: OPENBSD_3_5
Changes since 1.61: +7 -4 lines
Diff to previous 1.61 (colored)
upgrade to OpenSSH 3.9
Revision 1.63 / (download) - annotate - [select for diffs], Fri Aug 13 00:01:43 2004 UTC (19 years, 9 months ago) by jmc
Branch: MAIN
CVS Tags: OPENBSD_3_6_BASE
Branch point for: OPENBSD_3_6
Changes since 1.62: +2 -2 lines
Diff to previous 1.62 (colored)
kill whitespace at eol;
Revision 1.62 / (download) - annotate - [select for diffs], Thu Aug 12 21:41:13 2004 UTC (19 years, 9 months ago) by jakob
Branch: MAIN
Changes since 1.61: +7 -4 lines
Diff to previous 1.61 (colored)
improve SSHFP documentation; ok deraadt@
Revision 1.55.2.3 / (download) - annotate - [select for diffs], Thu Mar 4 18:18:16 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.55.2.2: +13 -1 lines
Diff to previous 1.55.2.2 (colored) to branchpoint 1.55 (colored) next main 1.56 (colored)
upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8upgrade to OpenSSH 3.8
Revision 1.60.2.1 / (download) - annotate - [select for diffs], Sat Feb 28 03:51:34 2004 UTC (20 years, 2 months ago) by brad
Branch: OPENBSD_3_4
Changes since 1.60: +13 -1 lines
Diff to previous 1.60 (colored)
upgrade to OpenSSH 3.8
Revision 1.61 / (download) - annotate - [select for diffs], Mon Dec 22 09:16:58 2003 UTC (20 years, 4 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_5_BASE
Branch point for: OPENBSD_3_5
Changes since 1.60: +13 -1 lines
Diff to previous 1.60 (colored)
tidy up moduli generation debugging, add -v (verbose/debug) option to ssh-keygen; ok markus@
Revision 1.54.2.3 / (download) - annotate - [select for diffs], Tue Sep 16 21:20:28 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_2
Changes since 1.54.2.2: +119 -12 lines
Diff to previous 1.54.2.2 (colored) to branchpoint 1.54 (colored) next main 1.55 (colored)
upgrade to OpenSSH 3.7
Revision 1.55.2.2 / (download) - annotate - [select for diffs], Tue Sep 16 20:50:44 2003 UTC (20 years, 8 months ago) by brad
Branch: OPENBSD_3_3
Changes since 1.55.2.1: +119 -12 lines
Diff to previous 1.55.2.1 (colored) to branchpoint 1.55 (colored)
upgrade to OpenSSH 3.7
Revision 1.60 / (download) - annotate - [select for diffs], Mon Jul 28 09:49:56 2003 UTC (20 years, 9 months ago) by djm
Branch: MAIN
CVS Tags: OPENBSD_3_4_BASE
Branch point for: OPENBSD_3_4
Changes since 1.59: +99 -1 lines
Diff to previous 1.59 (colored)
Support for generating Diffie-Hellman groups (/etc/moduli) from ssh-keygen. Based on code from Phil Karn, William Allen Simpson and Niels Provos. ok markus@, thanks jmc@
Revision 1.59 / (download) - annotate - [select for diffs], Tue Jun 10 09:12:11 2003 UTC (20 years, 11 months ago) by jmc
Branch: MAIN
Changes since 1.58: +10 -10 lines
Diff to previous 1.58 (colored)
- section reorder - COMPATIBILITY merge - macro cleanup - kill whitespace at EOL - new sentence, new line ssh pages ok markus@
Revision 1.58 / (download) - annotate - [select for diffs], Tue May 20 12:09:31 2003 UTC (21 years ago) by jmc
Branch: MAIN
Changes since 1.57: +3 -3 lines
Diff to previous 1.57 (colored)
new sentence, new line
Revision 1.57 / (download) - annotate - [select for diffs], Wed May 14 18:16:20 2003 UTC (21 years ago) by jakob
Branch: MAIN
Changes since 1.56: +10 -1 lines
Diff to previous 1.56 (colored)
add experimental support for verifying hos keys using DNS as described in draft-ietf-secsh-dns-xx.txt. more information in README.dns. ok markus@ and henning@
Revision 1.55.2.1 / (download) - annotate - [select for diffs], Sun May 11 12:01:52 2003 UTC (21 years ago) by margarida
Branch: OPENBSD_3_3
Changes since 1.55: +3 -1 lines
Diff to previous 1.55 (colored)
Update OpenSSH to version 3.6.1
Revision 1.54.2.2 / (download) - annotate - [select for diffs], Thu Apr 3 23:27:13 2003 UTC (21 years, 1 month ago) by margarida
Branch: OPENBSD_3_2
Changes since 1.54.2.1: +3 -1 lines
Diff to previous 1.54.2.1 (colored) to branchpoint 1.54 (colored)
Update to OpenSSH 3.6.1
Revision 1.53.2.2 / (download) - annotate - [select for diffs], Thu Apr 3 22:35:17 2003 UTC (21 years, 1 month ago) by miod
Branch: OPENBSD_3_1
Changes since 1.53.2.1: +4 -3 lines
Diff to previous 1.53.2.1 (colored) to branchpoint 1.53 (colored) next main 1.54 (colored)
Merge OpenSSH 3.6.1
Revision 1.54.2.1 / (download) - annotate - [select for diffs], Tue Apr 1 00:12:14 2003 UTC (21 years, 1 month ago) by margarida
Branch: OPENBSD_3_2
Changes since 1.54: +2 -3 lines
Diff to previous 1.54 (colored)
Update to OpenSSH 3.6
Revision 1.56 / (download) - annotate - [select for diffs], Fri Mar 28 10:11:43 2003 UTC (21 years, 1 month ago) by jmc
Branch: MAIN
Changes since 1.55: +3 -1 lines
Diff to previous 1.55 (colored)
- killed whitespace - new sentence new line - .Bk for arguments ok markus@
Revision 1.55 / (download) - annotate - [select for diffs], Tue Nov 26 02:35:30 2002 UTC (21 years, 5 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_3_BASE
Branch point for: OPENBSD_3_3
Changes since 1.54: +2 -3 lines
Diff to previous 1.54 (colored)
remove outdated statement; ok markus@ deraadt@
Revision 1.53.2.1 / (download) - annotate - [select for diffs], Wed Jun 26 15:30:39 2002 UTC (21 years, 10 months ago) by jason
Branch: OPENBSD_3_1
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
Pull in OpenSSH-3.4
Revision 1.49.2.3 / (download) - annotate - [select for diffs], Sat Jun 22 07:23:18 2002 UTC (21 years, 11 months ago) by miod
Branch: OPENBSD_3_0
Changes since 1.49.2.2: +2 -2 lines
Diff to previous 1.49.2.2 (colored) to branchpoint 1.49 (colored) next main 1.50 (colored)
Update OpenSSH to version 3.3 (with local changes, configuration files still living in /etc and privsep user being nobody).
Revision 1.54 / (download) - annotate - [select for diffs], Wed Jun 19 00:27:55 2002 UTC (21 years, 11 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_2_BASE
Branch point for: OPENBSD_3_2
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored)
KNF done automatically while reading....
Revision 1.40.2.3 / (download) - annotate - [select for diffs], Sat Mar 9 00:20:45 2002 UTC (22 years, 2 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.40.2.2: +12 -9 lines
Diff to previous 1.40.2.2 (colored) to branchpoint 1.40 (colored) next main 1.41 (colored)
Merge OpenSSH 3.1, keeping /etc as configuration files directory. (i.e. OpenSSH 3.1 + openbsd29_3.1.patch)
Revision 1.23.2.7 / (download) - annotate - [select for diffs], Fri Mar 8 17:04:43 2002 UTC (22 years, 2 months ago) by brad
Branch: OPENBSD_2_8
Changes since 1.23.2.6: +12 -9 lines
Diff to previous 1.23.2.6 (colored) to branchpoint 1.23 (colored) next main 1.24 (colored)
Merge OpenSSH 3.1.
Revision 1.49.2.2 / (download) - annotate - [select for diffs], Thu Mar 7 17:37:47 2002 UTC (22 years, 2 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.49.2.1: +12 -9 lines
Diff to previous 1.49.2.1 (colored) to branchpoint 1.49 (colored)
Update to OpenSSH-3.1 on 3.0-stable branch
Revision 1.53 / (download) - annotate - [select for diffs], Sat Feb 16 14:53:37 2002 UTC (22 years, 3 months ago) by stevesk
Branch: MAIN
CVS Tags: OPENBSD_3_1_BASE
Branch point for: OPENBSD_3_1
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored)
-t required now for key generation
Revision 1.52 / (download) - annotate - [select for diffs], Fri Dec 21 08:52:22 2001 UTC (22 years, 5 months ago) by djm
Branch: MAIN
Changes since 1.51: +5 -6 lines
Diff to previous 1.51 (colored)
Remove default (rsa1) key type; ok markus@
Revision 1.51 / (download) - annotate - [select for diffs], Wed Nov 21 18:49:14 2001 UTC (22 years, 5 months ago) by stevesk
Branch: MAIN
Changes since 1.50: +7 -3 lines
Diff to previous 1.50 (colored)
more on passphrase construction; ok markus@
Revision 1.40.2.2 / (download) - annotate - [select for diffs], Thu Nov 15 22:51:15 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_9
Changes since 1.40.2.1: +7 -2 lines
Diff to previous 1.40.2.1 (colored) to branchpoint 1.40 (colored)
Merge OpenSSH 3.0.1.
Revision 1.23.2.6 / (download) - annotate - [select for diffs], Thu Nov 15 22:50:30 2001 UTC (22 years, 6 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.23.2.5: +7 -2 lines
Diff to previous 1.23.2.5 (colored) to branchpoint 1.23 (colored)
Merge OpenSSH 3.0.1. This is likely to be the last commit to the 2.8-STABLE branch.
Revision 1.49.2.1 / (download) - annotate - [select for diffs], Wed Nov 14 03:24:39 2001 UTC (22 years, 6 months ago) by jason
Branch: OPENBSD_3_0
Changes since 1.49: +7 -2 lines
Diff to previous 1.49 (colored)
Pull in patches from current (Errata 002): Update to OpenSSH-3.0.1 via errata patch (Instead of using release tarball)
Revision 1.50 / (download) - annotate - [select for diffs], Thu Oct 25 21:14:32 2001 UTC (22 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.49: +7 -2 lines
Diff to previous 1.49 (colored)
better docu for fingerprinting, ok deraadt@
Revision 1.40.2.1 / (download) - annotate - [select for diffs], Thu Sep 27 19:03:55 2001 UTC (22 years, 7 months ago) by jason
Branch: OPENBSD_2_9
Changes since 1.40: +26 -15 lines
Diff to previous 1.40 (colored)
Pull in OpenSSH-2.9.9
Revision 1.23.2.5 / (download) - annotate - [select for diffs], Thu Sep 27 00:15:42 2001 UTC (22 years, 7 months ago) by miod
Branch: OPENBSD_2_8
Changes since 1.23.2.4: +26 -15 lines
Diff to previous 1.23.2.4 (colored) to branchpoint 1.23 (colored)
Pull in OpenSSH 2.9.9 to the 2.8 branch.
Revision 1.49 / (download) - annotate - [select for diffs], Wed Sep 5 06:23:07 2001 UTC (22 years, 8 months ago) by deraadt
Branch: MAIN
CVS Tags: OPENBSD_3_0_BASE
Branch point for: OPENBSD_3_0
Changes since 1.48: +6 -6 lines
Diff to previous 1.48 (colored)
avoid first person in manual pages
Revision 1.48 / (download) - annotate - [select for diffs], Thu Aug 2 15:07:23 2001 UTC (22 years, 9 months ago) by jakob
Branch: MAIN
Changes since 1.47: +13 -2 lines
Diff to previous 1.47 (colored)
document smartcard upload/download. ok markus@
Revision 1.47 / (download) - annotate - [select for diffs], Mon Jul 23 14:14:18 2001 UTC (22 years, 9 months ago) by aaron
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored)
Fix typo.
Revision 1.46 / (download) - annotate - [select for diffs], Mon Jun 25 17:18:27 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.45: +4 -4 lines
Diff to previous 1.45 (colored)
sshd(8) will never read the private keys, but ssh(1) does; hugh@mimosa.com
Revision 1.45 / (download) - annotate - [select for diffs], Sat Jun 23 05:57:09 2001 UTC (22 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.44: +3 -2 lines
Diff to previous 1.44 (colored)
ok, tmac is now fixed
Revision 1.44 / (download) - annotate - [select for diffs], Sat Jun 23 02:33:05 2001 UTC (22 years, 10 months ago) by deraadt
Branch: MAIN
Changes since 1.43: +2 -3 lines
Diff to previous 1.43 (colored)
join .%A entries; most by bk@rt.fm
Revision 1.43 / (download) - annotate - [select for diffs], Fri Jun 22 21:55:49 2001 UTC (22 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.42: +3 -3 lines
Diff to previous 1.42 (colored)
merge authorized_keys2 into authorized_keys. authorized_keys2 is used for backward compat. (just append authorized_keys2 to authorized_keys).
Revision 1.42 / (download) - annotate - [select for diffs], Sun Jun 3 19:36:44 2001 UTC (22 years, 11 months ago) by markus
Branch: MAIN
Changes since 1.41: +2 -2 lines
Diff to previous 1.41 (colored)
1-2 bits of entrophy per character (not per word), ok stevesk@
Revision 1.23.2.4 / (download) - annotate - [select for diffs], Mon May 7 21:09:35 2001 UTC (23 years ago) by jason
Branch: OPENBSD_2_8
Changes since 1.23.2.3: +61 -24 lines
Diff to previous 1.23.2.3 (colored) to branchpoint 1.23 (colored)
Pull in OpenSSH-2.9 to 2.8 branch.
Revision 1.41 / (download) - annotate - [select for diffs], Sat May 5 13:42:52 2001 UTC (23 years ago) by stevesk
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored)
typos, grammar
Revision 1.40 / (download) - annotate - [select for diffs], Mon Apr 23 21:57:07 2001 UTC (23 years ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_9_BASE
Branch point for: OPENBSD_2_9
Changes since 1.39: +3 -2 lines
Diff to previous 1.39 (colored)
allow public key for -e, too
Revision 1.39 / (download) - annotate - [select for diffs], Sun Apr 22 23:58:36 2001 UTC (23 years ago) by markus
Branch: MAIN
Changes since 1.38: +3 -3 lines
Diff to previous 1.38 (colored)
document hostbased and other cleanup
Revision 1.38 / (download) - annotate - [select for diffs], Sun Apr 22 13:41:02 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 (colored)
style, noted by stevesk; sort flags in usage
Revision 1.37 / (download) - annotate - [select for diffs], Sun Apr 22 13:25:37 2001 UTC (23 years, 1 month ago) by markus
Branch: MAIN
Changes since 1.36: +34 -17 lines
Diff to previous 1.36 (colored)
rename arguments -x -> -e (export key), -X -> -i (import key) xref draft-ietf-secsh-publickeyfile-01.txt
Revision 1.36 / (download) - annotate - [select for diffs], Tue Apr 10 09:13:21 2001 UTC (23 years, 1 month ago) by itojun
Branch: MAIN
Changes since 1.35: +26 -7 lines
Diff to previous 1.35 (colored)
document id_rsa{.pub,}. markus ok
Revision 1.23.2.3 / (download) - annotate - [select for diffs], Wed Mar 21 19:46:29 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.23.2.2: +10 -5 lines
Diff to previous 1.23.2.2 (colored) to branchpoint 1.23 (colored)
Pull in OpenSSH-2.5.2 for 2.8 branch.
Revision 1.18.2.4 / (download) - annotate - [select for diffs], Wed Mar 21 18:53:09 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.18.2.3: +10 -5 lines
Diff to previous 1.18.2.3 (colored) to branchpoint 1.18 (colored) next main 1.19 (colored)
Pull in OpenSSH-2.5.2 for 2.7 branch.
Revision 1.18.2.3 / (download) - annotate - [select for diffs], Mon Mar 12 15:44:16 2001 UTC (23 years, 2 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.18.2.2: +30 -40 lines
Diff to previous 1.18.2.2 (colored) to branchpoint 1.18 (colored)
OpenSSH-2.5.1 for 2.7 patch branch
Revision 1.35 / (download) - annotate - [select for diffs], Sun Mar 11 22:33:23 2001 UTC (23 years, 2 months ago) by markus
Branch: MAIN
Changes since 1.34: +6 -4 lines
Diff to previous 1.34 (colored)
remove -v again. use -B instead for bubblebabble. make -B consistent with -l and make -B work with /path/to/known_hosts. ok deraadt@
Revision 1.34 / (download) - annotate - [select for diffs], Sun Mar 11 15:04:16 2001 UTC (23 years, 2 months ago) by jakob
Branch: MAIN
Changes since 1.33: +4 -1 lines
Diff to previous 1.33 (colored)
print both md5, sha1 and bubblebabble fingerprints when using ssh-keygen -l -v. ok markus@.
Revision 1.33 / (download) - annotate - [select for diffs], Fri Mar 2 18:54:31 2001 UTC (23 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.32: +4 -4 lines
Diff to previous 1.32 (colored)
make copyright lines the same format
Revision 1.32 / (download) - annotate - [select for diffs], Thu Feb 22 08:03:51 2001 UTC (23 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.31: +1 -6 lines
Diff to previous 1.31 (colored)
bye bye -d
Revision 1.31 / (download) - annotate - [select for diffs], Thu Feb 22 06:43:55 2001 UTC (23 years, 2 months ago) by deraadt
Branch: MAIN
Changes since 1.30: +7 -2 lines
Diff to previous 1.30 (colored)
document -d, and -t defaults to rsa1
Revision 1.23.2.2 / (download) - annotate - [select for diffs], Mon Feb 19 17:19:29 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.23.2.1: +0 -0 lines
Diff to previous 1.23.2.1 (colored) to branchpoint 1.23 (colored)
Pull in OpenSSH-2.5.1
Revision 1.23.2.1 / (download) - annotate - [select for diffs], Fri Feb 16 20:13:18 2001 UTC (23 years, 3 months ago) by jason
Branch: OPENBSD_2_8
Changes since 1.23: +30 -40 lines
Diff to previous 1.23 (colored)
Pull in OpenSSH 2.5.0
Revision 1.30 / (download) - annotate - [select for diffs], Thu Feb 8 19:22:38 2001 UTC (23 years, 3 months ago) by itojun
Branch: MAIN
Changes since 1.29: +2 -3 lines
Diff to previous 1.29 (colored)
drop references to ssl(8). markus ok
Revision 1.29 / (download) - annotate - [select for diffs], Mon Jan 29 01:58:18 2001 UTC (23 years, 3 months ago) by niklas
Branch: MAIN
Changes since 1.28: +2 -0 lines
Diff to previous 1.28 (colored)
$OpenBSD$
Revision 1.28 / (download) - annotate - [select for diffs], Sun Jan 28 10:24:04 2001 UTC (23 years, 3 months ago) by markus
Branch: MAIN
Changes since 1.27: +8 -25 lines
Diff to previous 1.27 (colored)
cleanup AUTHORS sections
Revision 1.27 / (download) - annotate - [select for diffs], Sun Jan 21 09:00:33 2001 UTC (23 years, 4 months ago) by jakob
Branch: MAIN
Changes since 1.26: +0 -6 lines
Diff to previous 1.26 (colored)
remove -R flag; ok markus@
Revision 1.26 / (download) - annotate - [select for diffs], Sat Jan 13 17:59:18 2001 UTC (23 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.25: +2 -2 lines
Diff to previous 1.25 (colored)
small ssh-keygen manpage cleanup; stevesk@pobox.com
Revision 1.25 / (download) - annotate - [select for diffs], Sun Nov 12 19:50:38 2000 UTC (23 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.24: +17 -5 lines
Diff to previous 1.24 (colored)
add support for RSA to SSH2. please test. there are now 3 types of keys: RSA1 is used by ssh-1 only, RSA and DSA are used by SSH2. you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA keys for SSH2 and use the RSA keys for hostkeys or for user keys. SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. IdentityFile2, HostDsaKey and DSAAuthentication are obsolete. you can use multiple IdentityFile and HostKey for all types of keys. the option DSAAuthentication is replaced by PubkeyAuthetication.
Revision 1.24 / (download) - annotate - [select for diffs], Fri Nov 10 05:10:40 2000 UTC (23 years, 6 months ago) by aaron
Branch: MAIN
Changes since 1.23: +1 -1 lines
Diff to previous 1.23 (colored)
- Section shuffling: comply to the section ordering outlined in mdoc(7). - Some .Nm trimming. - .Sh AUTHOR -> .Sh AUTHORS - Other miscellaneous fixes here and there.
Revision 1.18.2.2 / (download) - annotate - [select for diffs], Wed Nov 8 21:31:21 2000 UTC (23 years, 6 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.18.2.1: +32 -7 lines
Diff to previous 1.18.2.1 (colored) to branchpoint 1.18 (colored)
openssh-2.3.0 (again) for 2.7 branch
Revision 1.23 / (download) - annotate - [select for diffs], Mon Oct 9 21:30:43 2000 UTC (23 years, 7 months ago) by markus
Branch: MAIN
CVS Tags: OPENBSD_2_8_BASE
Branch point for: OPENBSD_2_8
Changes since 1.22: +3 -2 lines
Diff to previous 1.22 (colored)
-X now reads private ssh.com DSA keys, too.
Revision 1.22 / (download) - annotate - [select for diffs], Thu Sep 7 20:27:54 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.21: +29 -5 lines
Diff to previous 1.21 (colored)
cleanup copyright notices on all files. I have attempted to be accurate with the details. everything is now under Tatu's licence (which I copied from his readme), and/or the core-sdi bsd-ish thing for deattack, or various openbsd developers under a 2-term bsd licence. We're not changing any rules, just being accurate.
Revision 1.18.2.1 / (download) - annotate - [select for diffs], Fri Sep 1 18:23:23 2000 UTC (23 years, 8 months ago) by jason
Branch: OPENBSD_2_7
Changes since 1.18: +7 -10 lines
Diff to previous 1.18 (colored)
Pull in the rest of openssh-2.2.0 to 2.7 branch (luvin' cvs...)
Revision 1.21 / (download) - annotate - [select for diffs], Fri Aug 25 16:16:15 2000 UTC (23 years, 8 months ago) by deraadt
Branch: MAIN
Changes since 1.20: +1 -5 lines
Diff to previous 1.20 (colored)
no need for those dynamic libraries anymore
Revision 1.20 / (download) - annotate - [select for diffs], Thu Jul 20 22:23:14 2000 UTC (23 years, 10 months ago) by markus
Branch: MAIN
Changes since 1.19: +6 -6 lines
Diff to previous 1.19 (colored)
document input and output files
Revision 1.19 / (download) - annotate - [select for diffs], Thu Jul 6 04:06:56 2000 UTC (23 years, 10 months ago) by aaron
Branch: MAIN
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored)
Insert more missing .El directives. Our troff really should identify these and spit out a warning.
Revision 1.18 / (download) - annotate - [select for diffs], Mon May 8 17:26:04 2000 UTC (24 years ago) by hugh
Branch: MAIN
CVS Tags: OPENBSD_2_7_BASE
Branch point for: OPENBSD_2_7
Changes since 1.17: +4 -4 lines
Diff to previous 1.17 (colored)
One last nit fix. (markus approved)
Revision 1.17 / (download) - annotate - [select for diffs], Wed May 3 08:37:27 2000 UTC (24 years ago) by markus
Branch: MAIN
Changes since 1.16: +10 -4 lines
Diff to previous 1.16 (colored)
document -y, update -X,-x
Revision 1.16 / (download) - annotate - [select for diffs], Wed May 3 02:52:49 2000 UTC (24 years ago) by deraadt
Branch: MAIN
Changes since 1.15: +13 -1 lines
Diff to previous 1.15 (colored)
document -X and -x
Revision 1.15 / (download) - annotate - [select for diffs], Tue May 2 23:33:46 2000 UTC (24 years ago) by deraadt
Branch: MAIN
Changes since 1.14: +39 -6 lines
Diff to previous 1.14 (colored)
document DSA use of ssh-keygen
Revision 1.14 / (download) - annotate - [select for diffs], Wed Apr 26 21:55:04 2000 UTC (24 years ago) by deraadt
Branch: MAIN
Changes since 1.13: +7 -1 lines
Diff to previous 1.13 (colored)
add -R flag: exit code indicates if RSA is alive
Revision 1.13 / (download) - annotate - [select for diffs], Wed Apr 12 21:47:51 2000 UTC (24 years, 1 month ago) by aaron
Branch: MAIN
Changes since 1.12: +4 -4 lines
Diff to previous 1.12 (colored)
Trailing whitespace begone!
Revision 1.12 / (download) - annotate - [select for diffs], Thu Mar 23 21:10:10 2000 UTC (24 years, 1 month ago) by aaron
Branch: MAIN
Changes since 1.11: +35 -27 lines
Diff to previous 1.11 (colored)
Fix some formatting problems I missed before.
Revision 1.11 / (download) - annotate - [select for diffs], Sat Jan 22 02:17:50 2000 UTC (24 years, 4 months ago) by aaron
Branch: MAIN
Changes since 1.10: +2 -2 lines
Diff to previous 1.10 (colored)
ie. -> i.e.,
Revision 1.10 / (download) - annotate - [select for diffs], Sat Dec 25 13:35:55 1999 UTC (24 years, 4 months ago) by markus
Branch: MAIN
Changes since 1.9: +1 -5 lines
Diff to previous 1.9 (colored)
remove ref to .ssh/random_seed, mention .ssh/environment in .Sh FILES, too
Revision 1.9 / (download) - annotate - [select for diffs], Tue Nov 16 22:49:28 1999 UTC (24 years, 6 months ago) by markus
Branch: MAIN
Changes since 1.8: +11 -1 lines
Diff to previous 1.8 (colored)
rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
Revision 1.8 / (download) - annotate - [select for diffs], Mon Nov 15 07:18:46 1999 UTC (24 years, 6 months ago) by ericj
Branch: MAIN
Changes since 1.7: +2 -2 lines
Diff to previous 1.7 (colored)
fix .Xr
Revision 1.7 / (download) - annotate - [select for diffs], Sun Oct 17 20:35:46 1999 UTC (24 years, 7 months ago) by aaron
Branch: MAIN
CVS Tags: OPENBSD_2_6_BASE,
OPENBSD_2_6
Changes since 1.6: +1 -2 lines
Diff to previous 1.6 (colored)
Remove some redundant .Pp.
Revision 1.6 / (download) - annotate - [select for diffs], Sun Oct 17 00:31:06 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.5: +25 -9 lines
Diff to previous 1.5 (colored)
update trailer, and copy to other pages
Revision 1.5 / (download) - annotate - [select for diffs], Thu Oct 7 18:58:26 1999 UTC (24 years, 7 months ago) by aaron
Branch: MAIN
Changes since 1.4: +8 -1 lines
Diff to previous 1.4 (colored)
Document -q.
Revision 1.4 / (download) - annotate - [select for diffs], Sat Oct 2 13:10:26 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.3: +14 -2 lines
Diff to previous 1.3 (colored)
detail how we manage to not include RSA, and point people at ssl(8)
Revision 1.3 / (download) - annotate - [select for diffs], Fri Oct 1 18:17:49 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored)
s/IDEA/3DES/
Revision 1.2 / (download) - annotate - [select for diffs], Sun Sep 26 22:30:06 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
Changes since 1.1: +61 -83 lines
Diff to previous 1.1 (colored)
first cut of mandoc man pages from aaron
Revision 1.1 / (download) - annotate - [select for diffs], Sun Sep 26 20:53:37 1999 UTC (24 years, 7 months ago) by deraadt
Branch: MAIN
i bet a lot of people didn't know what ssh 1.2.16 had a nice license. well, except for the patent issues. someone in sweden (forget their name at the moment) cleaned out most of the patented code, and now this code removes rsa code. when this is done, it will link against libssl, but the work isn't completely done yet. then we need to bring this up to modern days, featurewise.