OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
/* $OpenBSD: sshpty.c,v 1.34 2019/07/04 16:20:10 deraadt Exp $ */
|
2009-06-08 02:19:00 +04:00
|
|
|
/*
|
|
|
|
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
|
|
|
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
|
|
|
|
* All rights reserved
|
|
|
|
|
* Allocating a pseudo-terminal, and making it the controlling tty.
|
|
|
|
|
*
|
|
|
|
|
* As far as I am concerned, the code I have written for this software
|
|
|
|
|
* can be used freely for any purpose. Any derived versions of this
|
|
|
|
|
* software must be clearly marked as such, and if the derived work is
|
|
|
|
|
* incompatible with the protocol description in the RFC file, it must be
|
|
|
|
|
* called by a name other than "ssh" or "Secure Shell".
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <sys/ioctl.h>
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
|
|
|
|
|
#include <errno.h>
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
#include <grp.h>
|
|
|
|
|
#include <paths.h>
|
|
|
|
|
#include <pwd.h>
|
|
|
|
|
#include <stdarg.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <termios.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <util.h>
|
|
|
|
|
|
|
|
|
|
#include "sshpty.h"
|
|
|
|
|
#include "log.h"
|
|
|
|
|
|
|
|
|
|
#ifndef O_NOCTTY
|
|
|
|
|
#define O_NOCTTY 0
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Allocates and opens a pty. Returns 0 if no pty could be allocated, or
|
|
|
|
|
* nonzero if a pty was successfully allocated. On success, open file
|
|
|
|
|
* descriptors for the pty and tty sides and the name of the tty side are
|
|
|
|
|
* returned (the buffer must be able to hold at least 64 characters).
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
pty_allocate(int *ptyfd, int *ttyfd, char *namebuf, size_t namebuflen)
|
|
|
|
|
{
|
|
|
|
|
char buf[64];
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
i = openpty(ptyfd, ttyfd, buf, NULL, NULL);
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (i == -1) {
|
2009-06-08 02:19:00 +04:00
|
|
|
error("openpty: %.100s", strerror(errno));
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
strlcpy(namebuf, buf, namebuflen); /* possible truncation */
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Releases the tty. Its ownership is returned to root, and permissions to 0666. */
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
pty_release(const char *tty)
|
|
|
|
|
{
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (chown(tty, (uid_t) 0, (gid_t) 0) == -1)
|
2009-06-08 02:19:00 +04:00
|
|
|
error("chown %.100s 0 0 failed: %.100s", tty, strerror(errno));
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (chmod(tty, (mode_t) 0666) == -1)
|
2009-06-08 02:19:00 +04:00
|
|
|
error("chmod %.100s 0666 failed: %.100s", tty, strerror(errno));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Makes the tty the process's controlling tty and sets it to sane modes. */
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
pty_make_controlling_tty(int *ttyfd, const char *tty)
|
|
|
|
|
{
|
|
|
|
|
int fd;
|
|
|
|
|
|
|
|
|
|
/* First disconnect from the old controlling tty. */
|
|
|
|
|
#ifdef TIOCNOTTY
|
|
|
|
|
fd = open(_PATH_TTY, O_RDWR | O_NOCTTY);
|
|
|
|
|
if (fd >= 0) {
|
|
|
|
|
(void) ioctl(fd, TIOCNOTTY, NULL);
|
|
|
|
|
close(fd);
|
|
|
|
|
}
|
|
|
|
|
#endif /* TIOCNOTTY */
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (setsid() == -1)
|
2009-06-08 02:19:00 +04:00
|
|
|
error("setsid: %.100s", strerror(errno));
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Verify that we are successfully disconnected from the controlling
|
|
|
|
|
* tty.
|
|
|
|
|
*/
|
|
|
|
|
fd = open(_PATH_TTY, O_RDWR | O_NOCTTY);
|
|
|
|
|
if (fd >= 0) {
|
|
|
|
|
error("Failed to disconnect from controlling tty.");
|
|
|
|
|
close(fd);
|
|
|
|
|
}
|
|
|
|
|
/* Make it our controlling tty. */
|
|
|
|
|
#ifdef TIOCSCTTY
|
|
|
|
|
debug("Setting controlling tty using TIOCSCTTY.");
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (ioctl(*ttyfd, TIOCSCTTY, NULL) == -1)
|
2009-06-08 02:19:00 +04:00
|
|
|
error("ioctl(TIOCSCTTY): %.100s", strerror(errno));
|
|
|
|
|
#endif /* TIOCSCTTY */
|
|
|
|
|
fd = open(tty, O_RDWR);
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (fd == -1)
|
2009-06-08 02:19:00 +04:00
|
|
|
error("%.100s: %.100s", tty, strerror(errno));
|
|
|
|
|
else
|
|
|
|
|
close(fd);
|
|
|
|
|
|
|
|
|
|
/* Verify that we now have a controlling tty. */
|
|
|
|
|
fd = open(_PATH_TTY, O_WRONLY);
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (fd == -1)
|
2009-06-08 02:19:00 +04:00
|
|
|
error("open /dev/tty failed - could not set controlling tty: %.100s",
|
|
|
|
|
strerror(errno));
|
|
|
|
|
else
|
|
|
|
|
close(fd);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Changes the window size associated with the pty. */
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
pty_change_window_size(int ptyfd, u_int row, u_int col,
|
|
|
|
|
u_int xpixel, u_int ypixel)
|
|
|
|
|
{
|
|
|
|
|
struct winsize w;
|
|
|
|
|
|
|
|
|
|
/* may truncate u_int -> u_short */
|
|
|
|
|
w.ws_row = row;
|
|
|
|
|
w.ws_col = col;
|
|
|
|
|
w.ws_xpixel = xpixel;
|
|
|
|
|
w.ws_ypixel = ypixel;
|
|
|
|
|
(void) ioctl(ptyfd, TIOCSWINSZ, &w);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
pty_setowner(struct passwd *pw, const char *tty)
|
|
|
|
|
{
|
|
|
|
|
struct group *grp;
|
|
|
|
|
gid_t gid;
|
|
|
|
|
mode_t mode;
|
|
|
|
|
struct stat st;
|
|
|
|
|
|
|
|
|
|
/* Determine the group to make the owner of the tty. */
|
|
|
|
|
grp = getgrnam("tty");
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (grp == NULL)
|
|
|
|
|
fatal("no tty group");
|
Changes since OpenSSH 6.7
=========================
This is a major release, containing a number of new features as
well as a large internal re-factoring.
Potentially-incompatible changes
--------------------------------
* sshd(8): UseDNS now defaults to 'no'. Configurations that match
against the client host name (via sshd_config or authorized_keys)
may need to re-enable it or convert to matching against addresses.
New Features
------------
* Much of OpenSSH's internal code has been re-factored to be more
library-like. These changes are mostly not user-visible, but
have greatly improved OpenSSH's testability and internal layout.
* Add FingerprintHash option to ssh(1) and sshd(8), and equivalent
command-line flags to the other tools to control algorithm used
for key fingerprints. The default changes from MD5 to SHA256 and
format from hex to base64.
Fingerprints now have the hash algorithm prepended. An example of
the new format: SHA256:mVPwvezndPv/ARoIadVY98vAC0g+P/5633yTC4d/wXE
Please note that visual host keys will also be different.
* ssh(1), sshd(8): Experimental host key rotation support. Add a
protocol extension for a server to inform a client of all its
available host keys after authentication has completed. The client
may record the keys in known_hosts, allowing it to upgrade to better
host key algorithms and a server to gracefully rotate its keys.
The client side of this is controlled by a UpdateHostkeys config
option (default off).
* ssh(1): Add a ssh_config HostbasedKeyType option to control which
host public key types are tried during host-based authentication.
* ssh(1), sshd(8): fix connection-killing host key mismatch errors
when sshd offers multiple ECDSA keys of different lengths.
* ssh(1): when host name canonicalisation is enabled, try to
parse host names as addresses before looking them up for
canonicalisation. fixes bz#2074 and avoiding needless DNS
lookups in some cases.
* ssh-keygen(1), sshd(8): Key Revocation Lists (KRLs) no longer
require OpenSSH to be compiled with OpenSSL support.
* ssh(1), ssh-keysign(8): Make ed25519 keys work for host based
authentication.
* sshd(8): SSH protocol v.1 workaround for the Meyer, et al,
Bleichenbacher Side Channel Attack. Fake up a bignum key before
RSA decryption.
* sshd(8): Remember which public keys have been used for
authentication and refuse to accept previously-used keys.
This allows AuthenticationMethods=publickey,publickey to require
that users authenticate using two _different_ public keys.
* sshd(8): add sshd_config HostbasedAcceptedKeyTypes and
PubkeyAcceptedKeyTypes options to allow sshd to control what
public key types will be accepted. Currently defaults to all.
* sshd(8): Don't count partial authentication success as a failure
against MaxAuthTries.
* ssh(1): Add RevokedHostKeys option for the client to allow
text-file or KRL-based revocation of host keys.
* ssh-keygen(1), sshd(8): Permit KRLs that revoke certificates by
serial number or key ID without scoping to a particular CA.
* ssh(1): Add a "Match canonical" criteria that allows ssh_config
Match blocks to trigger only in the second config pass.
* ssh(1): Add a -G option to ssh that causes it to parse its
configuration and dump the result to stdout, similar to "sshd -T".
* ssh(1): Allow Match criteria to be negated. E.g. "Match !host".
* The regression test suite has been extended to cover more OpenSSH
features. The unit tests have been expanded and now cover key
exchange.
Bugfixes
* ssh-keyscan(1): ssh-keyscan has been made much more robust again
servers that hang or violate the SSH protocol.
* ssh(1), ssh-keygen(1): Fix regression bz#2306: Key path names were
being lost as comment fields.
* ssh(1): Allow ssh_config Port options set in the second config
parse phase to be applied (they were being ignored). bz#2286
* ssh(1): Tweak config re-parsing with host canonicalisation - make
the second pass through the config files always run when host name
canonicalisation is enabled (and not whenever the host name
changes) bz#2267
* ssh(1): Fix passing of wildcard forward bind addresses when
connection multiplexing is in use; bz#2324;
* ssh-keygen(1): Fix broken private key conversion from non-OpenSSH
formats; bz#2345.
* ssh-keygen(1): Fix KRL generation bug when multiple CAs are in
use.
* Various fixes to manual pages: bz#2288, bz#2316, bz#2273
Portable OpenSSH
* Support --without-openssl at configure time
Disables and removes dependency on OpenSSL. Many features,
including SSH protocol 1 are not supported and the set of crypto
options is greatly restricted. This will only work on systems
with native arc4random or /dev/urandom.
Considered highly experimental for now.
* Support --without-ssh1 option at configure time
Allows disabling support for SSH protocol 1.
* sshd(8): Fix compilation on systems with IPv6 support in utmpx; bz#2296
* Allow custom service name for sshd on Cygwin. Permits the use of
multiple sshd running with different service names.
Checksums:
==========
- SHA1 (openssh-6.8.tar.gz) = 99903c6ca76e0a2c044711017f81127e12459d37
- SHA256 (openssh-6.8.tar.gz) = N1uzVarFbrm2CzAwuDu3sRoszmqpK+5phAChP/QNyuw=
- SHA1 (openssh-6.8p1.tar.gz) = cdbc51e46a902b30d263b05fdc71340920e91c92
- SHA256 (openssh-6.8p1.tar.gz) = P/ZM5z7hJEgLW/dnuYMNfTwDu8tqvnFrePAZLDfOFg4=
Please note that the PGP key used to sign releases was recently rotated.
The new key has been signed by the old key to provide continuity. It is
available from the mirror sites as RELEASE_KEY.asc.
Reporting Bugs:
===============
- Please read http://www.openssh.com/report.html
Security bugs should be reported directly to openssh@openssh.com
OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt,
Kevin Steves, Damien Miller, Darren Tucker, Jason McIntyre, Tim Rice and
Ben Lindstrom.
2015-04-04 02:49:21 +03:00
|
|
|
gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid;
|
import openssh-7.0
Changes since OpenSSH 6.9
=========================
This focus of this release is primarily to deprecate weak, legacy
and/or unsafe cryptography.
Security
--------
* sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world-
writable. Local attackers may be able to write arbitrary messages
to logged-in users, including terminal escape sequences.
Reported by Nikolay Edigaryev.
* sshd(8): Portable OpenSSH only: Fixed a privilege separation
weakness related to PAM support. Attackers who could successfully
compromise the pre-authentication process for remote code
execution and who had valid credentials on the host could
impersonate other users. Reported by Moritz Jodeit.
* sshd(8): Portable OpenSSH only: Fixed a use-after-free bug
related to PAM support that was reachable by attackers who could
compromise the pre-authentication process for remote code
execution. Also reported by Moritz Jodeit.
* sshd(8): fix circumvention of MaxAuthTries using keyboard-
interactive authentication. By specifying a long, repeating
keyboard-interactive "devices" string, an attacker could request
the same authentication method be tried thousands of times in
a single pass. The LoginGraceTime timeout in sshd(8) and any
authentication failure delays implemented by the authentication
mechanism itself were still applied. Found by Kingcope.
Potentially-incompatible Changes
--------------------------------
* Support for the legacy SSH version 1 protocol is disabled by
default at compile time.
* Support for the 1024-bit diffie-hellman-group1-sha1 key exchange
is disabled by default at run-time. It may be re-enabled using
the instructions at http://www.openssh.com/legacy.html
* Support for ssh-dss, ssh-dss-cert-* host and user keys is disabled
by default at run-time. These may be re-enabled using the
instructions at http://www.openssh.com/legacy.html
* Support for the legacy v00 cert format has been removed.
* The default for the sshd_config(5) PermitRootLogin option has
changed from "yes" to "prohibit-password".
* PermitRootLogin=without-password/prohibit-password now bans all
interactive authentication methods, allowing only public-key,
hostbased and GSSAPI authentication (previously it permitted
keyboard-interactive and password-less authentication if those
were enabled).
New Features
------------
* ssh_config(5): add PubkeyAcceptedKeyTypes option to control which
public key types are available for user authentication.
* sshd_config(5): add HostKeyAlgorithms option to control which
public key types are offered for host authentications.
* ssh(1), sshd(8): extend Ciphers, MACs, KexAlgorithms,
HostKeyAlgorithms, PubkeyAcceptedKeyTypes and HostbasedKeyTypes
options to allow appending to the default set of algorithms
instead of replacing it. Options may now be prefixed with a '+'
to append to the default, e.g. "HostKeyAlgorithms=+ssh-dss".
* sshd_config(5): PermitRootLogin now accepts an argument of
'prohibit-password' as a less-ambiguous synonym of 'without-
password'.
Bugfixes
--------
* ssh(1), sshd(8): add compatability workarounds for Cisco and more
PuTTY versions. bz#2424
* Fix some omissions and errors in the PROTOCOL and PROTOCOL.mux
documentation relating to Unix domain socket forwarding;
bz#2421 bz#2422
* ssh(1): Improve the ssh(1) manual page to include a better
description of Unix domain socket forwarding; bz#2423
* ssh(1), ssh-agent(1): skip uninitialised PKCS#11 slots, fixing
failures to load keys when they are present. bz#2427
* ssh(1), ssh-agent(1): do not ignore PKCS#11 hosted keys that wth
empty CKA_ID; bz#2429
* sshd(8): clarify documentation for UseDNS option; bz#2045
2015-08-13 13:25:35 +03:00
|
|
|
mode = (grp != NULL) ? 0620 : 0600;
|
2009-06-08 02:19:00 +04:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Change owner and mode of the tty as required.
|
|
|
|
|
* Warn but continue if filesystem is read-only and the uids match/
|
|
|
|
|
* tty is owned by root.
|
|
|
|
|
*/
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (stat(tty, &st) == -1)
|
2009-06-08 02:19:00 +04:00
|
|
|
fatal("stat(%.100s) failed: %.100s", tty,
|
|
|
|
|
strerror(errno));
|
|
|
|
|
|
|
|
|
|
if (st.st_uid != pw->pw_uid || st.st_gid != gid) {
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (chown(tty, pw->pw_uid, gid) == -1) {
|
2009-06-08 02:19:00 +04:00
|
|
|
if (errno == EROFS &&
|
|
|
|
|
(st.st_uid == pw->pw_uid || st.st_uid == 0))
|
|
|
|
|
debug("chown(%.100s, %u, %u) failed: %.100s",
|
|
|
|
|
tty, (u_int)pw->pw_uid, (u_int)gid,
|
|
|
|
|
strerror(errno));
|
|
|
|
|
else
|
|
|
|
|
fatal("chown(%.100s, %u, %u) failed: %.100s",
|
|
|
|
|
tty, (u_int)pw->pw_uid, (u_int)gid,
|
|
|
|
|
strerror(errno));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((st.st_mode & (S_IRWXU|S_IRWXG|S_IRWXO)) != mode) {
|
OpenSSH 8.1 was released on 2019-10-09. It is available from the
mirrors listed at https://www.openssh.com/.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Security
========
* ssh(1), sshd(8), ssh-add(1), ssh-keygen(1): an exploitable integer
overflow bug was found in the private key parsing code for the XMSS
key type. This key type is still experimental and support for it is
not compiled by default. No user-facing autoconf option exists in
portable OpenSSH to enable it. This bug was found by Adam Zabrocki
and reported via SecuriTeam's SSD program.
* ssh(1), sshd(8), ssh-agent(1): add protection for private keys at
rest in RAM against speculation and memory side-channel attacks like
Spectre, Meltdown and Rambleed. This release encrypts private keys
when they are not in use with a symmetric key that is derived from a
relatively large "prekey" consisting of random data (currently 16KB).
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* ssh-keygen(1): when acting as a CA and signing certificates with
an RSA key, default to using the rsa-sha2-512 signature algorithm.
Certificates signed by RSA keys will therefore be incompatible
with OpenSSH versions prior to 7.2 unless the default is
overridden (using "ssh-keygen -t ssh-rsa -s ...").
2019-10-12 18:13:53 +03:00
|
|
|
if (chmod(tty, mode) == -1) {
|
2009-06-08 02:19:00 +04:00
|
|
|
if (errno == EROFS &&
|
|
|
|
|
(st.st_mode & (S_IRGRP | S_IROTH)) == 0)
|
|
|
|
|
debug("chmod(%.100s, 0%o) failed: %.100s",
|
|
|
|
|
tty, (u_int)mode, strerror(errno));
|
|
|
|
|
else
|
|
|
|
|
fatal("chmod(%.100s, 0%o) failed: %.100s",
|
|
|
|
|
tty, (u_int)mode, strerror(errno));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
Import OpenSSH-7.4
OpenSSH 7.4 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol 2.0 implementation and
includes sftp client and server support. OpenSSH also includes
transitional support for the legacy SSH 1.3 and 1.5 protocols
that may be enabled at compile-time.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or patches, reported bugs, tested snapshots or donated to the
project. More information on donations may be found at:
http://www.openssh.com/donations.html
Future deprecation notice
=========================
We plan on retiring more legacy cryptography in future releases,
specifically:
* In approximately August 2017, removing remaining support for the
SSH v.1 protocol (client-only and currently compile-time disabled).
* In the same release, removing support for Blowfish and RC4 ciphers
and the RIPE-MD160 HMAC. (These are currently run-time disabled).
* Refusing all RSA keys smaller than 1024 bits (the current minimum
is 768 bits)
* The next release of OpenSSH will remove support for running sshd(8)
with privilege separation disabled.
* The next release of portable OpenSSH will remove support for
OpenSSL version prior to 1.0.1.
This list reflects our current intentions, but please check the final
release notes for future releases.
Potentially-incompatible changes
================================
This release includes a number of changes that may affect existing
configurations:
* This release removes server support for the SSH v.1 protocol.
* ssh(1): Remove 3des-cbc from the client's default proposal. 64-bit
block ciphers are not safe in 2016 and we don't want to wait until
attacks like SWEET32 are extended to SSH. As 3des-cbc was the
only mandatory cipher in the SSH RFCs, this may cause problems
connecting to older devices using the default configuration,
but it's highly likely that such devices already need explicit
configuration for key exchange and hostkey algorithms already
anyway.
* sshd(8): Remove support for pre-authentication compression.
Doing compression early in the protocol probably seemed reasonable
in the 1990s, but today it's clearly a bad idea in terms of both
cryptography (cf. multiple compression oracle attacks in TLS) and
attack surface. Pre-auth compression support has been disabled by
default for >10 years. Support remains in the client.
* ssh-agent will refuse to load PKCS#11 modules outside a whitelist
of trusted paths by default. The path whitelist may be specified
at run-time.
* sshd(8): When a forced-command appears in both a certificate and
an authorized keys/principals command= restriction, sshd will now
refuse to accept the certificate unless they are identical.
The previous (documented) behaviour of having the certificate
forced-command override the other could be a bit confusing and
error-prone.
* sshd(8): Remove the UseLogin configuration directive and support
for having /bin/login manage login sessions.
2016-12-25 03:00:13 +03:00
|
|
|
|
|
|
|
|
/* Disconnect from the controlling tty. */
|
|
|
|
|
void
|
|
|
|
|
disconnect_controlling_tty(void)
|
|
|
|
|
{
|
|
|
|
|
int fd;
|
|
|
|
|
|
|
|
|
|
if ((fd = open(_PATH_TTY, O_RDWR | O_NOCTTY)) >= 0) {
|
|
|
|
|
(void) ioctl(fd, TIOCNOTTY, NULL);
|
|
|
|
|
close(fd);
|
|
|
|
|
}
|
|
|
|
|
}
|