| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Adjust notification points slightly to catch all auth failures, rather
than just the ones caused by bad usernames. Modify notification point
for bad usernames to send new type of BLACKLIST_BAD_USER. (Support in
libblacklist will be forthcoming soon.) Add guards to allow library
headers to expose the enum of action values.
Reviewed by: des
Relnotes: yes
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change the calls to of blacklist_init() and blacklist_notify to be
macros defined in the blacklist_client.h file. This avoids
the need for #ifdef USE_BLACKLIST / #endif except in the
blacklist.c file.
Remove redundent initialization attempts from within
blacklist_notify - everything always goes through
blacklistd_init().
Added UseBlacklist option to sshd, which defaults to off.
To enable the functionality, use '-o UseBlacklist=yes' on
the command line, or uncomment in the sshd_config file.
Approved by: des
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
|
|
| |
This change has functional impact, and other concerns raised
by the OpenSSH maintainer.
Requested by: des
PR: 210479 (related)
Approved by: re (marius)
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
| |
Reviewed by: rpaulo
Approved by: rpaulo (earlier version of changes)
Relnotes: YES
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D5915
|
| |\ |
|
| | | |
|
| | | |
|
| |\ \
| |/ |
|
| |\ \
| |/ |
|
| |\ \
| |/
| |
| |
| |
| | |
upstream) and a number of security fixes which we had already backported.
MFC after: 1 week
|
| | | |
|
| | | |
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
$FreeBSD$ tags and man page dates.
Add a post-merge script which reapplies these changes.
Run both scripts to normalize the existing code base. As a result, many
files which should have had $FreeBSD$ tags but didn't now have them.
Partly rewrite the upgrade instructions and remove the now outdated
list of tricks.
|
| |\ \
| |/ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Upgrade to OpenSSH 6.4p1.
Bump VersionAddendum.
Approved by: des
|
| |\ \
| |/
| |
| | |
Approved by: re (gjb)
|
| | |
| |
| |
| | |
the issues that affected us.
|
| | | |
|
| |\ \
| |/
| |
| | |
for a key revocation list and more fine-grained authentication control.
|
| | | |
|
| |\ \
| |/
| |
| | |
MFC after: 3 months
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
the bandwidth of long fat pipes (i.e. 100Mbps+ trans-oceanic or
trans-continental links). Bandwidth-delay products up to 64MB are
supported.
Also add support (not compiled by default) for the None cypher. The
None cypher can only be enabled on non-interactive sessions (those
without a pty where -T was not used) and must be enabled in both
the client and server configuration files and on the client command
line. Additionally, the None cypher will only be activated after
authentication is complete. To enable the None cypher you must add
-DNONE_CIPHER_ENABLED to CFLAGS via the make command line or in
/etc/make.conf.
This code is a style(9) compliant version of these features extracted
from the patches published at:
http://www.psc.edu/networking/projects/hpn-ssh/
Merging this patch has been a collaboration between me and Bjoern.
Reviewed by: bz
Approved by: re (kib), des (maintainer)
|
| |\ \
| |/ |
|
| |\ \
| |/ |
|
| |\ \
| |/ |
|
| |\ \
| |/
| |
| | |
MFC after: 3 months
|
| |\ \
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
I have worked hard to reduce diffs against the vendor branch. One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago. This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.
MFC after: 6 weeks
|
| | | |
|
| | | |
|
| |/ |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
the OpenSSH-portable CVS repo, I'm committing this on the vendor branch.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Happy birthday to: rwatson
|
| | |
|
| | |
|
| | |
|
| |
|
