| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
| | |
| | |
| | |
| | | |
use variable from_host
Reviewed by: des
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Sponsored by: DARPA, NAI Labs
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- sshd fails to set TERM correctly.
- privilege separation may break PAM and is currently turned off.
- man pages have not yet been updated
I will have these issues resolved, and privilege separation turned on by
default, in time for DP2.
Sponsored by: DARPA, NAI Labs
|
| |\ \ \
| |/ /
| | |
| | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
|
| | | |
| | |
| | |
| | | |
'VENDOR-crypto-openssh'.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
can then end up not properly clearing wtmp/utmp entries.
PR: bin/37934
Submitted by: Sandeep Kumar <skumar@juniper.net>
Reviewed by: markm
MFC after: 2 weeks
|
| | | |
| | |
| | |
| | | |
Reviewed by: des
|
| | | |
| | |
| | |
| | |
| | | |
commands.c, sys_bsd.c: comment out/remove junk after #endif/#else
network.c, terminal.c, utlities.c: include stdlib.h for exit(3)
|
| | | |
| | |
| | |
| | | |
need in paths.h.
|
| | | |
| | |
| | |
| | |
| | | |
MFC after: 1 week
PR: 37766
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
This brings us into sync with the behavior of sshd on other Unix platforms.
Submitted by: Joshua Goodall <joshua@roughtrade.net>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
2) For "copyright" case #ifdef HAVE_LOGIN_CAP was placed on too big block,
narrow it down.
3) Don't check the same conditions twice (for "copyright" and "welcome"),
put them under single block.
4) Print \n between "copyright" and "welcome" as our login does.
Reviewed by: des (1)
|
| | | |
| | |
| | |
| | | |
Sponsored by: DARPA, NAI Labs
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
descriptors may be used by LOGIN_CAP internally, add login_close().
Use "nocheckmail" LOGIN_CAP capability too like our login does.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
version, so documented "CheckMail" option exists but does nothing.
Bring it back to life adding code back.
2) Cosmetique. Reduce number of args in do_setusercontext()
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
code merge.
2) In addition honor "timezone" and "term" capabilities from login.conf,
not overwrite them once they set (they are TZ and TERM variables).
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
sshd uses separate child_env. So, to make setusercontext() really does
something, environment must be switched before call and passed to child_env
back after it.
The error here was that modified environment not passed back to child_env,
so all variables that setusercontext() adds are lost, including ones from
~/.login_conf
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
"/dev/" off the tty name before passing it to auth_ttyok or PAM.
Inspired by: dinoex
Sponsored by: DARPA, NAI Labs
|
| | | |
| | |
| | |
| | |
| | | |
preferrable to RSA (not least because the SECSH draft standard requires
DSA while RSA is only recommended).
|
| | | |
| | |
| | |
| | | |
should transition away from DSA.
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
was incorrect.
Pointed out by: Markus Friedl <markus@openbsd.org>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
the version string to 28 characters, which is below the 40-character limit
specified in the proposed SECSH standard. Some servers, however (like the
one built into the Foundry BigIron line of switches) will hang when
confronted with a version string longer than 24 characters, so some users
may need to shorten it further.
Sponsored by: DARPA, NAI Labs
|
| | | |
| | |
| | |
| | | |
Submitted by: pb
|
| | | |
| | |
| | |
| | |
| | |
| | | |
(Fixes static compilation. Reduces diffs to OpenSSH.)
Reviewed by: bde
|
| | | |
| | |
| | |
| | | |
Noticed by: roam
|
| | | |
| | |
| | |
| | | |
Approved by: des
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Sponsored by: DARPA, NAI Labs
|
| | | |
| | |
| | |
| | |
| | |
| | | |
because of bugs (incorrect design decisions, actually) in Linux-PAM.
Sponsored by: DARPA, NAI Labs
|
| | | |
| | |
| | |
| | | |
Sponsored by: DARPA, NAI Labs
|
| | | |
| | |
| | |
| | | |
Sponsored by: DARPA, NAI Labs
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
- If the user doesn't have an OPIE key, don't challenge him. This is
a workaround until I get PAM to work properly with ssh2.
Sponsored by: DARPA, NAI Labs
|
| | | |
| | |
| | |
| | | |
Sponsored by: DARPA, NAI Labs
|
| | | | |
|
| | | | |
|
| |\ \ \
| |/ /
| | |
| | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
|
| | | |
| | |
| | |
| | | |
Sponsored by: DARPA, NAI Labs
|
| | | | |
|
