add explict check for server hostkey type against HostkeyAlgorithms.
Allows HostkeyAlgorithms to disable implicit fallback from certificate
keys to plain keys. ok markus@

correct indentation; no functional change
ok tb@

make DSA key support compile-time optional, defaulting to on

ok markus@

set errno=EAFNOSUPPORT when filtering addresses that don't match
AddressFamily; yields slightly better error message if no address
matches. bz#3526

when connecting via socket (the default case), filter addresses by
AddressFamily if one was specified. Fixes the case where, if
CanonicalizeHostname is enabled, ssh may ignore AddressFamily.
bz5326;

when connecting via socket (the default case), filter addresses by
AddressFamily if one was specified. Fixes the case where, if
CanonicalizeHostname is enabled, ssh may ignore AddressFamily.
bz5326; ok dtucker

show more ...

Explicitly ignore return from fcntl(... FD_CLOEXEC) here too.
Coverity CID 291853.

Remove unused compat.h includes. We've previously removed a lot
of the really old compatibility code, and with it went the need to
include compat.h in most of the files that have it.

avoid printf("%s", NULL) if using ssh -oUserKnownHostsFile=none
and a hostkey in one of the system known hosts file changes;
ok dtucker@

replace recently-added valid_domain() check for hostnames going to
known_hosts with a more relaxed check for bad characters; previous
commit broke address literals. Reported by/feedback from florian@

Be more paranoid with host/domain names coming from the resolver:
don't follow CNAMEs with invalid characters when canonicalising
and never write a name with bad characters to a known_hosts file.

re

Be more paranoid with host/domain names coming from the resolver:
don't follow CNAMEs with invalid characters when canonicalising
and never write a name with bad characters to a known_hosts file.

reported by David Leadbeater, ok deraadt@

show more ...

whitespace

Add period at end of "not known by any other names" message. github PR#320
from jschauma, ok djm@

ssh-add side of destination constraints

Have ssh-add accept a list of "destination constraints" that allow
restricting where keys may be used in conjunction with a ssh-agent/ssh
that supports sessio

ssh-add side of destination constraints

Have ssh-add accept a list of "destination constraints" that allow
restricting where keys may be used in conjunction with a ssh-agent/ssh
that supports session ID/hostkey binding.

Constraints are specified as either "[user@]host-pattern" or
"host-pattern>[user@]host-pattern".

The first form permits a key to be used to authenticate as the
specified user to the specified host.

The second form permits a key that has previously been permitted
for use at a host to be available via a forwarded agent to an
additional host.

For example, constraining a key with "user1@host_a" and
"host_a>host_b". Would permit authentication as "user1" at
"host_a", and allow the key to be available on an agent forwarded
to "host_a" only for authentication to "host_b". The key would not
be visible on agent forwarded to other hosts or usable for
authentication there.

Internally, destination constraints use host keys to identify hosts.
The host patterns are used to obtain lists of host keys for that
destination that are communicated to the agent. The user/hostkeys are
encoded using a new restrict-destination-v00@openssh.com key
constraint.

host keys are looked up in the default client user/system known_hosts
files. It is possible to override this set on the command-line.

feedback Jann Horn & markus@
ok markus@

show more ...

Remove references to ChallengeResponseAuthentication in favour of
KbdInteractiveAuthentication. The former is what was in SSHv1, the
latter is what is in SSHv2 (RFC4256) and they were treated as som

Remove references to ChallengeResponseAuthentication in favour of
KbdInteractiveAuthentication. The former is what was in SSHv1, the
latter is what is in SSHv2 (RFC4256) and they were treated as somewhat
but not entirely equivalent. We retain the old name as deprecated alias
so config files continue to work and a reference in the man page for
people looking for it.

Prompted by bz#3303 which pointed out the discrepancy between the two
when used with Match. Man page help & ok jmc@, with & ok djm@

show more ...

Use better language to refer to the user. From l1ving via github
PR#250, ok jmc@

Allow argv_split() to optionally terminate tokenisation when it
encounters an unquoted comment.

Add some additional utility function for working with argument
vectors, since we'll be switching to us

Allow argv_split() to optionally terminate tokenisation when it
encounters an unquoted comment.

Add some additional utility function for working with argument
vectors, since we'll be switching to using them to parse
ssh/sshd_config shortly.

ok markus@ as part of a larger diff; tested in snaps

show more ...

highly polished whitespace, mostly fixing spaces-for-tab and bad
indentation on continuation lines. Prompted by GHPR#185

typo in other_hostkeys_message() display output, ok djm

move check_host_cert() from sshconnect,c to sshkey.c and refactor
it to make it more generally usable and testable.

ok markus@

add a ssh_config KnownHostsCommand that allows the client to obtain
known_hosts data from a command in addition to the usual files.

The command accepts bunch of %-expansions, including details of th

add a ssh_config KnownHostsCommand that allows the client to obtain
known_hosts data from a command in addition to the usual files.

The command accepts bunch of %-expansions, including details of the
connection and the offered server host key. Note that the command may
be invoked up to three times per connection (see the manpage for
details).

ok markus@

show more ...

plumb ssh_conn_info through to sshconnect.c; feedback/ok markus@

allow UserKnownHostsFile=none; feedback and ok markus@

load_hostkeys()/hostkeys_foreach() variants for FILE*

Add load_hostkeys_file() and hostkeys_foreach_file() that accept a
FILE* argument instead of opening the file directly.

Original load_hostkeys(

load_hostkeys()/hostkeys_foreach() variants for FILE*

Add load_hostkeys_file() and hostkeys_foreach_file() that accept a
FILE* argument instead of opening the file directly.

Original load_hostkeys() and hostkeys_foreach() are implemented using
these new interfaces.

Add a u_int note field to the hostkey_entry and hostkey_foreach_line
structs that is passed directly from the load_hostkeys() and
hostkeys_foreach() call. This is a lightweight way to annotate results
between different invocations of load_hostkeys().

ok markus@

show more ...

Set the specified TOS/DSCP for interactive use prior to TCP connect.
The connection phase of the SSH session is time-sensitive (due to
server side login grace periods) and is frequently interactive (

Set the specified TOS/DSCP for interactive use prior to TCP connect.
The connection phase of the SSH session is time-sensitive (due to
server side login grace periods) and is frequently interactive (e.g.
entering passwords). The ultimate interactive/bulk TOS/DSCP will be
set after authentication completes.

ok dtucker@

show more ...

when mentioning that the host key has changed, don't report the type
because it is ambiguous as to whether it referred to the known or new
host key. bz3216; ok dtucker@