#
19261079 |
|
07-Sep-2021 |
Ed Maste <emaste@FreeBSD.org> |
openssh: update to OpenSSH v8.7p1 Some notable changes, from upstream's release notes: - sshd(8): Remove support for obsolete "host/port" syntax. - ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes". - ssh-keygen(1): when acting as a CA and signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. - ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa" (RSA/SHA1) algorithm from those accepted for certificate signatures. - ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F support to provide address-space isolation for token middleware libraries (including the internal one). - ssh(1): this release enables UpdateHostkeys by default subject to some conservative preconditions. - scp(1): this release changes the behaviour of remote to remote copies (e.g. "scp host-a:/path host-b:") to transfer through the local host by default. - scp(1): experimental support for transfers using the SFTP protocol as a replacement for the venerable SCP/RCP protocol that it has traditionally used. Additional integration work is needed to support FIDO/U2F in the base system. Deprecation Notice ------------------ OpenSSH will disable the ssh-rsa signature scheme by default in the next release. Reviewed by: imp MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29985
|
#
27ceebbc |
|
31-Aug-2021 |
Ed Maste <emaste@FreeBSD.org> |
openssh: simplify login class restrictions Login class-based restrictions were introduced in 5b400a39b8ad. The code was adapted for sshd's Capsicum sandbox and received many changes over time, including at least fc3c19a9fcee, bd393de91cc3, and e8c56fba2926. During an attempt to upstream the work a much simpler approach was suggested. Adopt it now in the in-tree OpenSSH to reduce conflicts with future updates. Submitted by: Yuchiro Naito (against OpenSSH-portable on GitHub) Obtained from: https://github.com/openssh/openssh-portable/pull/262 Reviewed by: allanjude, kevans MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D31760 |
#
fc3c19a9 |
|
06-Oct-2018 |
Ed Maste <emaste@FreeBSD.org> |
sshd: address capsicum issues * Add a wrapper to proxy login_getpwclass(3) as it is not allowed in capability mode. * Cache timezone data via caph_cache_tzdata() as we cannot access the timezone file. * Reverse resolve hostname before entering capability mode. PR: 231172 Submitted by: naito.yuichiro@gmail.com Reviewed by: cem, des Approved by: re (rgrimes) MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D17128 |
#
190cef3d |
|
10-Sep-2018 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.8p1. Approved by: re (kib@)
|
#
ca86bcf2 |
|
05-Mar-2017 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 7.4p1.
|
#
bc5531de |
|
19-Jan-2016 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 6.8p1.
|
#
b83788ff |
|
25-Mar-2014 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 6.6p1.
|
#
6888a9be |
|
22-Mar-2013 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 6.2p1. The most important new features are support for a key revocation list and more fine-grained authentication control.
|
#
e146993e |
|
05-Oct-2011 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 5.9p1. MFC after: 3 months
|
#
cce7d346 |
|
22-May-2009 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Upgrade to OpenSSH 5.2p1. MFC after: 3 months
|
#
3b137a2c |
|
31-Jul-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Another four files without local changes. This is driving me nuts - every time I think I got them all, another one pops up. |
#
e3ae3b09 |
|
22-Jul-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Properly flatten openssh/dist. |
#
333ee039 |
|
30-Sep-2006 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Merge conflicts. MFC after: 1 week |
#
761efaa7 |
|
30-Sep-2006 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 4.4p1. |
#
aa49c926 |
|
05-Jun-2005 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Resolve conflicts. |
#
5e8dbd04 |
|
05-Jun-2005 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 4.0p1. |
#
1ec0d754 |
|
26-Feb-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Resolve conflicts. |
#
efcad6b7 |
|
26-Feb-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.8p1. |
#
cf2b5f3b |
|
07-Jan-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Resolve conflicts and remove obsolete files. Sponsored by: registrar.no |
#
d95e11bf |
|
07-Jan-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.7.1p2. |
#
f388f5ef |
|
29-Oct-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Resolve conflicts. |
#
4b17dab0 |
|
29-Oct-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH-portable 3.5p1. |
#
382d19ee |
|
29-Jun-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
PAM support, the FreeBSD way. Sponsored by: DARPA, NAI Labs |
#
83d2307d |
|
27-Jun-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.3p1. |
#
545d5eca |
|
23-Jun-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.3. |
#
27ceebbc |
|
31-Aug-2021 |
Ed Maste <emaste@FreeBSD.org> |
openssh: simplify login class restrictions Login class-based restrictions were introduced in 5b400a39b8ad. The code was adapted for sshd's Capsicum sandbox and received many changes over time, including at least fc3c19a9fcee, bd393de91cc3, and e8c56fba2926. During an attempt to upstream the work a much simpler approach was suggested. Adopt it now in the in-tree OpenSSH to reduce conflicts with future updates. Submitted by: Yuchiro Naito (against OpenSSH-portable on GitHub) Obtained from: https://github.com/openssh/openssh-portable/pull/262 Reviewed by: allanjude, kevans MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D31760
|
#
fc3c19a9 |
|
06-Oct-2018 |
Ed Maste <emaste@FreeBSD.org> |
sshd: address capsicum issues * Add a wrapper to proxy login_getpwclass(3) as it is not allowed in capability mode. * Cache timezone data via caph_cache_tzdata() as we cannot access the timezone file. * Reverse resolve hostname before entering capability mode. PR: 231172 Submitted by: naito.yuichiro@gmail.com Reviewed by: cem, des Approved by: re (rgrimes) MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D17128
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
3b137a2c |
|
31-Jul-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Another four files without local changes. This is driving me nuts - every time I think I got them all, another one pops up.
|
#
333ee039 |
|
30-Sep-2006 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Merge conflicts. MFC after: 1 week
|
#
761efaa7 |
|
30-Sep-2006 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 4.4p1.
|
#
aa49c926 |
|
05-Jun-2005 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Resolve conflicts.
|
#
5e8dbd04 |
|
05-Jun-2005 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 4.0p1.
|
#
1ec0d754 |
|
26-Feb-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Resolve conflicts.
|
#
efcad6b7 |
|
26-Feb-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.8p1.
|
#
cf2b5f3b |
|
07-Jan-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Resolve conflicts and remove obsolete files. Sponsored by: registrar.no
|
#
d95e11bf |
|
07-Jan-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.7.1p2.
|
#
f388f5ef |
|
29-Oct-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Resolve conflicts.
|
#
4b17dab0 |
|
29-Oct-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH-portable 3.5p1.
|
#
382d19ee |
|
29-Jun-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
PAM support, the FreeBSD way. Sponsored by: DARPA, NAI Labs
|
#
83d2307d |
|
27-Jun-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.3p1.
|
#
545d5eca |
|
23-Jun-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Vendor import of OpenSSH 3.3.
|