Commit Graph

47 Commits

Author SHA1 Message Date
itojun
56d0ea03cf >implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@
>server interops with commercial client; ok jakob@ djm@

markus@openbsd
2003-05-14 18:22:07 +00:00
itojun
e7e7c84a6a sync w/ 3.6.1 2003-04-03 06:21:31 +00:00
itojun
ef7d24574a upgrade to openssh 3.5. major changes include:
- krb4/5 support for privsep (krb5 diff was already applied)

includes fake implementaation of getpeereid() from openssh-portable, which
does nothing useful - need improvement.
2002-10-01 14:07:26 +00:00
lukem
5d4973fe97 makefile delint. use NETBSDSRCDIR as appropriate 2002-09-18 14:00:33 +00:00
lukem
09ccdda836 rcsid fix 2002-09-18 13:50:52 +00:00
simonb
cb9c117389 Don't set BINOWN if using the default BINMODE. 2002-08-02 04:05:13 +00:00
christos
0b56b322c8 Add utmpx support. 2002-07-28 23:43:12 +00:00
itojun
412f69af85 re-enable ssh-keysign's sbit. sync w/openbsd 2002-07-03 14:23:49 +00:00
itojun
968294e218 >make ssh-keysign read /etc/ssh/ssh_config
>and exit if HostbasedAuthentication is disabled globally. based on discussions
>with deraadt, itojun and sommerfeld; ok itojun@

sync w/openbsd
2002-07-03 14:23:13 +00:00
itojun
124313224f install ssh-keysign non-setuid for the moment.
(HostbasedAuthentication does not work for a while)
2002-07-01 06:19:22 +00:00
itojun
de7e3177b2 tidy up makefiles 2002-06-24 06:11:11 +00:00
itojun
82659024b5 make sure to install ssh-keysign as setuid root 2002-06-24 05:52:29 +00:00
itojun
3ea946f134 sync with openssh 3.3.
local mods included to make it compile with openssl 0.9.6d.
2002-06-24 05:48:24 +00:00
lukem
244b762de1 Complete the conversion back to the OpenSSH default configuration files of
"/etc/ssh/ssh_config" (from "/etc/ssh/ssh.conf") for ssh(1) and other
userland tools, and "/etc/ssh/sshd_config (from "/etc/ssh/sshd.conf")
for sshd(8).

etc/postinstall will detect this, and if "fix" is given, rename the files.
2002-04-29 08:23:34 +00:00
itojun
34b40b030e sync with openssh 3.2 as of 2002/4/22.
- privilege separation
- afs/kerberos auth security issue fixed
2002-04-22 07:59:35 +00:00
thorpej
9c33b55e7c Split the notion of building Hesiod, Kerberos, S/key, and YP
infrastructure and using that infrastructure in programs.

	* MKHESIOD, MKKERBEROS, MKSKEY, and MKYP control building
	  of the infratsructure (libraries, support programs, etc.)

	* USE_HESIOD, USE_KERBEROS, USE_SKEY, and USE_YP control
	  building of support for using the corresponding API
	  in various libraries/programs that can use it.

As discussed on tech-toolchain.
2002-03-22 18:10:19 +00:00
itojun
0a2445c3b6 move sshd config files to /etc/ssh 2002-03-11 04:57:55 +00:00
itojun
af34a358ff sync w/ 3.1 as of 2002/3/8. configuration file directory is still /etc
(openbsd usr.bin/ssh is using /etc/ssh)
2002-03-08 02:00:50 +00:00
lukem
670a900e30 use ${INSTALL_FILE} as appropriate 2002-02-09 09:14:32 +00:00
lukem
b0b0a32ad7 Set NOxxx= before <bsd.own.mk> is pulled in (even indirectly).
Otherwise the appropriate MKxxx=no won't be defined .
2001-12-12 12:24:19 +00:00
tv
8e6f7afb5b MKfoo=no -> NOfoo 2001-12-12 01:48:43 +00:00
itojun
ba613513e8 sync with openssh 2.9.9 around 9/27. 2001-09-27 03:24:01 +00:00
itojun
69d60502fe upgrade to openssh 2.9, around 2001/6/24 (from openbsd usr.bin/ssh).
- authorized_keys2 and known_hosts2 are obsoleted, and integrated
  into those without "2".
- file name change, /etc/primes -> /etc/moduli
- cleanups
2001-06-23 19:37:38 +00:00
wiz
4b1c5f37c5 On note by kleink: Add primes.5 to crypto/dist/ssh instead of share/man/man5. 2001-06-15 12:51:58 +00:00
itojun
2160ac71db install /etc/primes for ssh 2001-05-26 23:27:13 +00:00
itojun
f4532f2487 upgrade to openssh (openbsd usr.bin/ssh) 2.9, around 5/15/2001. 2001-05-15 15:26:07 +00:00
itojun
235b9f0c2f upgrade to openssh 2.5.4 (2001/4/10).
major behavior changes: (made in openssh master tree - openbsd usr.bin/ssh)
- ssh(1) now defaults to ssh protocol version 2.
  if you want version 1 to take precedence, use /etc/ssh.conf to override.
- config change: ~/.ssh/id_rsa[12] is now ~/.ssh/id_rsa (changed 4/3)
- forced client rekey for protocol version 2 (~R)
- swap gid when uid swaps.
- ListenAddress syntax can take [foo]:port for IPv6 numerics.
- "ssh -D 1080" allows us to use ssh tunnel as SOCKS4 proxy.
2001-04-10 08:07:54 +00:00
ad
f85c698f44 Link against libcrypt in order to make MD5 passwords work. 2001-04-01 15:11:05 +00:00
itojun
37da3c3c3c sync with openssh 2.5.2 (from openbsd usr.bin/ssh, not from portable). 2001-03-19 20:03:24 +00:00
assar
e625c71295 add krb5 support to ssh/sshd. based on code initially from Daniel Kouril <kouril@informatics.muni.cz> and Björn Grönvall <bg@sics.se> 2001-03-04 00:41:27 +00:00
itojun
531a3ed838 sync with 2/14.
openssh changes:
- SIGWINCH propagated correctly
- mitigate SSH1 traffic analysis
- sprintf -> snprintf and lots of other cleanups
netbsd local changes:
- include OpenBSD RCSID into binary again, which helps us diagnose later.
2001-02-14 01:06:48 +00:00
itojun
1f5cfca3e6 sync crypto/dist/ssh with re-importorted tree. try to minimize diffs
with openssh tree to ease future upgrade.  re-do local changes, including:
- prototype pedants
- IgnoreRootRhosts
- login.conf user validation
some of the local changes that weren't used are omitted for now.  we may
need to revisit those afterwards.

it adds "sftp".
2001-02-07 17:05:31 +00:00
itojun
a0f7a7d829 crypto/dist/ssh: resolve conflicts with 2.3.0/20010105.
usr.bin/ssh: add ssh-keyscan and sftp-server into SUBDIR.
2001-01-14 05:22:31 +00:00
lukem
443a19e035 convert to using .WAIT 2001-01-09 03:13:39 +00:00
sommerfeld
64cf1af58d Let src/usr.bin build with recursive parallel make..
- add .WAIT and .NOTPARALLEL in a few places
 - change ${MAKE} print-objdir to ${PRINTOBJDIR}
 - convert other ad-hoc forms to use ${PRINTOBJDIR}
2000-12-30 14:54:39 +00:00
garbled
bd7a6d88d2 Hunted down another make -> ${MAKE}.... 2000-10-28 15:36:58 +00:00
tv
45fc6b59ae Remove INSTALLFLAGS=-fschg. This will break a "make install" phase where
the binary may have been installed already, i.e. a install without
UPDATE=1 (done so that everything gets reinstalled).  The schg flag is not
unsettable, even by root, at securelevel 1.

A flag like this should be set by mtree, not install.
2000-10-17 23:51:24 +00:00
cjs
b03e36f917 Do not install /usr/bin/ssh suid, as this can cause various security problems. 2000-10-17 15:58:16 +00:00
thorpej
9f6ddd1801 Enable the ssh build framework. 2000-09-28 22:20:58 +00:00
thorpej
03aaa05985 Update for most recent ssh source files. 2000-09-28 22:06:44 +00:00
simonb
cd2e1c1e91 Use ${COPY} instead of -c for ${INSTALL} commands. 2000-09-23 13:53:41 +00:00
simonb
3a3ed5c9db Get the build ordering right for all and dependall. 2000-09-23 06:18:08 +00:00
thorpej
db82701e06 Fix a problem with the "distribution" target pointed out
by itojun@netbsd.org.
2000-08-02 17:04:23 +00:00
thorpej
4032d79eac Rename ssh_config to ssh.conf and sshd_config to sshd.conf, for
consistency with other NetBSD configuration files, and to avoid
clashes with other SSH implementations.
2000-07-28 16:43:49 +00:00
simonb
9c7e8fa55d Remove white space after \ line continuation char. 2000-07-26 15:16:28 +00:00
thorpej
79e0feb179 Install ssh_config and sshd_config for `distribution' target. 2000-07-25 18:54:09 +00:00
thorpej
8f6bf0e264 Add a build-framework for an SSH implementation which is not
yet part of the NetBSD source tree.  These Makefiles are a
noop until such time as that implementation is committed.
2000-07-25 16:32:24 +00:00