#
321d5b75 |
| 16-Oct-2020 |
djm <djm@openbsd.org> |
revised log infrastructure for OpenSSH
log functions receive function, filename and line number of caller. We can use this to selectively enable logging via pattern-lists.
ok markus@
|
#
869858c2 |
| 27-Aug-2020 |
djm <djm@openbsd.org> |
support for requiring user verified FIDO keys in sshd
This adds a "verify-required" authorized_keys flag and a corresponding sshd_config option that tells sshd to require that FIDO keys verify the u
support for requiring user verified FIDO keys in sshd
This adds a "verify-required" authorized_keys flag and a corresponding sshd_config option that tells sshd to require that FIDO keys verify the user identity before completing the signing/authentication attempt. Whether or not user verification was performed is already baked into the signature made on the FIDO token, so this is just plumbing that flag through and adding ways to require it.
feedback and ok markus@
show more ...
|
#
1f63d3c4 |
| 27-Aug-2020 |
djm <djm@openbsd.org> |
support for user-verified FIDO keys
FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing).
support for user-verified FIDO keys
FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token.
This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication.
feedback markus@ and Pedro Martelletto; ok markus@
show more ...
|
#
0761eee7 |
| 07-Jul-2020 |
deraadt <deraadt@openbsd.org> |
correct recently broken comments
|
#
5bde2954 |
| 05-Jul-2020 |
djm <djm@openbsd.org> |
some language improvements; ok markus
|
#
264cfea2 |
| 13-Mar-2020 |
djm <djm@openbsd.org> |
spelling errors in comments; no code change from https://fossies.org/linux/misc/openssh-8.2p1.tar.gz/codespell.html
|
#
c9831b39 |
| 26-Feb-2020 |
jsg <jsg@openbsd.org> |
change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argume
change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry.
ok deraadt@ djm@
show more ...
|
#
5f47a660 |
| 06-Feb-2020 |
naddy <naddy@openbsd.org> |
Replace "security key" with "authenticator" in program messages.
This replaces "security key" in error/usage/verbose messages and distinguishes between "authenticator" and "authenticator-hosted key"
Replace "security key" with "authenticator" in program messages.
This replaces "security key" in error/usage/verbose messages and distinguishes between "authenticator" and "authenticator-hosted key".
ok djm@
show more ...
|
#
e9716d4d |
| 23-Jan-2020 |
dtucker <dtucker@openbsd.org> |
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce
Replace all calls to signal(2) with a wrapper around sigaction(2). This wrapper blocks all other signals during the handler preventing races between handlers, and sets SA_RESTART which should reduce the potential for short read/write operations.
show more ...
|
#
cda0497a |
| 15-Dec-2019 |
djm <djm@openbsd.org> |
allow security keys to act as host keys as well as user keys.
Previously we didn't do this because we didn't want to expose the attack surface presented by USB and FIDO protocol handling, but now th
allow security keys to act as host keys as well as user keys.
Previously we didn't do this because we didn't want to expose the attack surface presented by USB and FIDO protocol handling, but now that this is insulated behind ssh-sk-helper there is less risk.
ok markus@
show more ...
|
#
a84762ce |
| 25-Nov-2019 |
djm <djm@openbsd.org> |
redundant test
|
#
6e27da75 |
| 25-Nov-2019 |
djm <djm@openbsd.org> |
add a "no-touch-required" option for authorized_keys and a similar extension for certificates. This option disables the default requirement that security key signatures attest that the user touched t
add a "no-touch-required" option for authorized_keys and a similar extension for certificates. This option disables the default requirement that security key signatures attest that the user touched their key to authorize them.
feedback deraadt, ok markus
show more ...
|
#
47ce46c8 |
| 25-Nov-2019 |
djm <djm@openbsd.org> |
Add a sshd_config PubkeyAuthOptions directive
This directive has a single valid option "no-touch-required" that causes sshd to skip checking whether user presence was tested before a security key si
Add a sshd_config PubkeyAuthOptions directive
This directive has a single valid option "no-touch-required" that causes sshd to skip checking whether user presence was tested before a security key signature was made (usually by the user touching the key).
ok markus@
show more ...
|
#
493ad5b0 |
| 25-Nov-2019 |
djm <djm@openbsd.org> |
Add new structure for signature options
This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to rec
Add new structure for signature options
This is populated during signature verification with additional fields that are present in and covered by the signature. At the moment, it is only used to record security key-specific options, especially the flags field.
with and ok markus@
show more ...
|
#
73734971 |
| 19-Nov-2019 |
djm <djm@openbsd.org> |
a little more information from the monitor when signature verification fails.
|
#
e3a62e69 |
| 31-Oct-2019 |
djm <djm@openbsd.org> |
Refactor signing - use sshkey_sign for everything, including the new U2F signatures.
Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature opera
Refactor signing - use sshkey_sign for everything, including the new U2F signatures.
Don't use sshsk_ecdsa_sign() directly, instead make it reachable via sshkey_sign() like all other signature operations. This means that we need to add a provider argument to sshkey_sign(), so most of this change is mechanically adding that.
Suggested by / ok markus@
show more ...
|
#
8ef5120b |
| 07-Oct-2019 |
djm <djm@openbsd.org> |
reversed test yielded incorrect debug message
|
#
3aaa63eb |
| 28-Jun-2019 |
deraadt <deraadt@openbsd.org> |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
show more ...
|
#
39957e0d |
| 21-Jan-2019 |
djm <djm@openbsd.org> |
merge kexkem[cs] into kexgen
from markus@ ok djm@
|
#
32573a67 |
| 21-Jan-2019 |
djm <djm@openbsd.org> |
use KEM API for vanilla ECDH
from markus@ ok djm@
|
#
c9e07d34 |
| 21-Jan-2019 |
djm <djm@openbsd.org> |
use KEM API for vanilla DH KEX
from markus@ ok djm@
|
#
f3ab853d |
| 21-Jan-2019 |
djm <djm@openbsd.org> |
use KEM API for vanilla c25519 KEX
|
#
b869f5f7 |
| 21-Jan-2019 |
djm <djm@openbsd.org> |
Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not enabled by default
Add support for a PQC KEX/KEM: sntrup4591761x25519-sha512@tinyssh.org using the Streamlined NTRU Prime 4591^761 implementation from SUPERCOP coupled with X25519 as a stop-loss. Not enabled by default.
introduce KEM API; a simplified framework for DH-ish KEX methods.
from markus@ feedback & ok djm@
show more ...
|
#
8d3ff63d |
| 19-Jan-2019 |
djm <djm@openbsd.org> |
remove last references to active_state
with & ok markus@
|
#
523edccc |
| 19-Jan-2019 |
djm <djm@openbsd.org> |
convert monitor.c to new packet API
with & ok markus@
|