Portable OpenSSH
C Shell Roff M4 Makefile C++ Other
Latest commit d549919 Feb 18, 2017 @djmdjm djmdjm committed with djmdjm upstream commit
add test cases for C locale; ok schwarze@

Upstream-Regress-ID: 783d75de35fbc923d46e2a5e6cee30f8f381ba87
Permalink
Failed to load latest commit information.
contrib crank version numbers for release Dec 19, 2016
openbsd-compat Remove commented-out includes. Dec 13, 2016
regress upstream commit Feb 19, 2017
.skipped-commit-ids upstream commit Oct 13, 2016
CREDITS Remove now-obsolete CVS $Id tags from text files. Aug 17, 2016
INSTALL Re-add missing "Prerequisites" header and fix typo Dec 20, 2016
LICENCE - (dtucker) [INSTALL LICENCE configure.ac openbsd-compat/Makefile.in Nov 4, 2011
Makefile.in Check for utf8 local support before testing it. Dec 8, 2016
OVERVIEW upstream commit Jul 15, 2015
PROTOCOL Update links to https. Oct 20, 2016
PROTOCOL.agent upstream commit May 19, 2016
PROTOCOL.certkeys upstream commit May 3, 2016
PROTOCOL.chacha20poly1305 upstream commit May 3, 2016
PROTOCOL.key - markus@cvs.openbsd.org 2013/12/06 13:34:54 Dec 6, 2013
PROTOCOL.krl upstream commit Jan 30, 2015
PROTOCOL.mux upstream commit Jul 17, 2015
README crank version numbers for release Dec 19, 2016
README.dns - jakob@cvs.openbsd.org 2003/10/14 19:43:23 Oct 15, 2003
README.platform Remove now-obsolete CVS $Id tags from text files. Aug 17, 2016
README.privsep Remove portability support for mmap Sep 28, 2016
README.tun - deraadt@cvs.openbsd.org 2006/03/28 00:12:31 Mar 31, 2006
TODO Remove portability support for mmap Sep 28, 2016
aclocal.m4 Test multiplying two long long ints. Aug 17, 2016
addrmatch.c upstream commit Sep 21, 2016
atomicio.c upstream commit Aug 3, 2016
atomicio.h - djm@cvs.openbsd.org 2010/09/22 22:58:51 Sep 24, 2010
audit-bsm.c Remove obsolete CVS $Id from source files. Aug 17, 2016
audit-linux.c Remove obsolete CVS $Id from source files. Aug 17, 2016
audit.c Remove obsolete CVS $Id from source files. Aug 17, 2016
audit.h Remove obsolete CVS $Id from source files. Aug 17, 2016
auth-bsdauth.c upstream commit Oct 25, 2015
auth-krb5.c upstream commit May 19, 2016
auth-options.c upstream commit Nov 30, 2016
auth-options.h upstream commit Nov 30, 2016
auth-pam.c Remove do_pam_set_tty which is dead code. Oct 14, 2016
auth-pam.h Remove do_pam_set_tty which is dead code. Oct 14, 2016
auth-passwd.c upstream commit Jul 22, 2016
auth-rhosts.c upstream commit Aug 14, 2016
auth-shadow.c - (dtucker) [auth-shadow.c loginrec.c] Include time.h for time(2) pr… Apr 29, 2007
auth-sia.c - dtucker [auth-sia.c] Roll back the change for bug #1241 as it appa… Aug 28, 2009
auth-sia.h - (dtucker) [auth-passwd.c auth-sia.h] Remove duplicate definitions of Apr 5, 2005
auth-skey.c - (dtucker) [auth-skey.c] Add log.h to fix build --with-skey. Aug 27, 2011
auth.c upstream commit Dec 16, 2016
auth.h upstream commit Aug 14, 2016
auth2-chall.c upstream commit May 2, 2016
auth2-gss.c upstream commit Jan 19, 2015
auth2-hostbased.c upstream commit Mar 7, 2016
auth2-kbdint.c - millert@cvs.openbsd.org 2014/07/15 15:54:14 Jul 18, 2014
auth2-none.c - millert@cvs.openbsd.org 2014/07/15 15:54:14 Jul 18, 2014
auth2-passwd.c - millert@cvs.openbsd.org 2014/07/15 15:54:14 Jul 18, 2014
auth2-pubkey.c upstream commit Jan 30, 2017
auth2.c upstream commit Feb 3, 2017
authfd.c upstream commit Dec 7, 2015
authfd.h upstream commit Dec 7, 2015
authfile.c upstream commit Nov 29, 2016
authfile.h upstream commit Jan 8, 2015
bitmap.c upstream commit Sep 16, 2015
bitmap.h add files missed in last commit Jan 14, 2015
blocks.c - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]… Jan 17, 2014
bufaux.c - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for Jun 11, 2014
bufbn.c support --without-openssl at configure time Jan 14, 2015
bufec.c - (djm) [bufec.c] Skip this file on !ECC OpenSSL Aug 25, 2014
buffer.c - (dtucker) [bufaux.c bufbn.c bufec.c buffer.c] Pull in includes.h for Jun 11, 2014
buffer.h Include OpenSSL's objects.h before bn.h. Feb 24, 2015
buildpkg.sh.in Update links to https. Oct 20, 2016
canohost.c upstream commit Mar 7, 2016
canohost.h upstream commit Mar 7, 2016
chacha.c - djm@cvs.openbsd.org 2013/11/21 00:45:44 Nov 21, 2013
chacha.h upstream commit Aug 29, 2016
channels.c upstream commit Feb 3, 2017
channels.h upstream commit Feb 3, 2017
cipher-3des1.c Skip ssh1 specfic ciphers. Oct 28, 2016
cipher-aes.c - (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c ciph… Jun 1, 2013
cipher-aesctr.c Add includes.h for compatibility stuff. Feb 25, 2015
cipher-aesctr.h - markus@cvs.openbsd.org 2014/04/29 18:01:49 May 15, 2014
cipher-bf1.c Skip ssh1 specfic ciphers. Oct 28, 2016
cipher-chachapoly.c upstream commit Aug 8, 2016
cipher-chachapoly.h - djm@cvs.openbsd.org 2014/06/24 01:13:21 Jul 2, 2014
cipher-ctr.c support --without-openssl at configure time Jan 14, 2015
cipher.c Unbreak AES-CTR ciphers on old (~0.9.8) OpenSSL Oct 28, 2016
cipher.h upstream commit Aug 8, 2016
cleanup.c - (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c] Aug 5, 2006
clientloop.c upstream commit Jan 30, 2017
clientloop.h upstream commit Sep 30, 2016
compat.c upstream commit Feb 3, 2017
compat.h upstream commit May 27, 2015
config.guess update config.guess and config.sub to current Aug 2, 2016
config.sub update config.guess and config.sub to current Aug 2, 2016
configure.ac prefer to use ldns-config to find libldns Feb 3, 2017
crc32.c - stevesk@cvs.openbsd.org 2006/04/22 18:29:33 Apr 23, 2006
crc32.h - djm@cvs.openbsd.org 2006/03/25 22:22:43 Mar 26, 2006
crypto_api.h - (dtucker) [crypto_api.h] Wrap stdlib.h include inside #ifdef HAVE_… Jan 17, 2014
deattack.c upstream commit Jan 26, 2015
deattack.h upstream commit Jan 19, 2015
defines.h Move DEF_WEAK into defines.h. Oct 14, 2016
dh.c upstream commit Dec 16, 2016
dh.h upstream commit May 2, 2016
digest-libc.c upstream commit May 8, 2015
digest-openssl.c Move OPENSSL_NO_RIPEMD160 to compat. Oct 28, 2016
digest.h upstream commit Dec 21, 2014
dispatch.c upstream commit May 10, 2015
dispatch.h cleaner way fix dispatch.h portion of commit Feb 24, 2015
dns.c upstream commit Aug 21, 2015
dns.h upstream commit May 8, 2015
ed25519.c - markus@cvs.openbsd.org 2013/12/09 11:03:45 Dec 18, 2013
entropy.c support --without-openssl at configure time Jan 14, 2015
entropy.h Remove obsolete CVS $Id from source files. Aug 17, 2016
fatal.c - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 Aug 5, 2006
fe25519.c - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]… Jan 17, 2014
fe25519.h - markus@cvs.openbsd.org 2013/12/09 11:03:45 Dec 18, 2013
fixalgorithms - (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported Jun 11, 2013
fixpaths - (djm) PERL-free fixpaths from stuge-openssh-unix-dev@cdy.org Dec 5, 2002
fixprogs - djm@cvs.openbsd.org 2003/11/21 11:57:03 Nov 21, 2003
ge25519.c - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]… Jan 17, 2014
ge25519.h upstream commit Feb 16, 2015
ge25519_base.data - markus@cvs.openbsd.org 2013/12/09 11:03:45 Dec 18, 2013
groupaccess.c upstream commit May 10, 2015
groupaccess.h - djm@cvs.openbsd.org 2008/07/04 03:44:59 Jul 4, 2008
gss-genr.c upstream commit Sep 12, 2016
gss-serv-krb5.c - (dtucker) [auth2-gss.c gss-serv-krb5.c] Include misc.h for fwd_opt… Jul 18, 2014
gss-serv.c upstream commit May 22, 2015
hash.c - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]… Jan 17, 2014
hmac.c upstream commit Mar 27, 2015
hmac.h - djm@cvs.openbsd.org 2014/06/24 01:13:21 Jul 2, 2014
hostfile.c upstream commit Sep 21, 2016
hostfile.h upstream commit Feb 16, 2015
includes.h Prevent name collisions with system glob (bz#2463) Oct 28, 2015
install-sh - djm@cvs.openbsd.org 2003/11/21 11:57:03 Nov 21, 2003
kex.c upstream commit Feb 3, 2017
kex.h upstream commit Sep 28, 2016
kexc25519.c upstream commit May 2, 2016
kexc25519c.c upstream commit Jan 26, 2015
kexc25519s.c upstream commit Dec 7, 2015
kexdh.c upstream commit May 2, 2016
kexdhc.c upstream commit May 2, 2016
kexdhs.c upstream commit May 2, 2016
kexecdh.c upstream commit Jan 19, 2015
kexecdhc.c upstream commit Jan 26, 2015
kexecdhs.c upstream commit Dec 7, 2015
kexgex.c upstream commit Jan 19, 2015
kexgexc.c upstream commit Sep 12, 2016
kexgexs.c upstream commit Sep 12, 2016
key.c upstream commit May 2, 2016
key.h upstream commit Sep 12, 2016
krl.c upstream commit Sep 12, 2016
krl.h upstream commit Jan 7, 2016
log.c upstream commit Jul 15, 2016
log.h upstream commit Jul 15, 2016
loginrec.c Add sys/time.h for gettimeofday. Dec 15, 2015
loginrec.h - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instea… Nov 4, 2010
logintest.c - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #173… Apr 9, 2010
mac.c Move OPENSSL_NO_RIPEMD160 to compat. Oct 28, 2016
mac.h upstream commit Jul 8, 2016
match.c upstream commit Feb 17, 2017
match.h upstream commit Feb 3, 2017
md-sha256.c - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 Aug 5, 2006
md5crypt.c - (djm) [audit-bsm.c audit.c auth-bsdauth.c auth-chall.c auth-pam.c] Sep 1, 2006
md5crypt.h Remove obsolete CVS $Id from source files. Aug 17, 2016
mdoc2man.awk fix mdoc2man.awk formatting for top-level lists Sep 27, 2016
misc.c upstream commit Nov 30, 2016
misc.h upstream commit Nov 30, 2016
mkinstalldirs - djm@cvs.openbsd.org 2003/11/21 11:57:03 Nov 21, 2003
moduli Import updated moduli. Aug 11, 2016
moduli.5 - jmc@cvs.openbsd.org 2012/09/26 17:34:38 Nov 6, 2012
moduli.c upstream commit Sep 12, 2016
monitor.c upstream commit Feb 3, 2017
monitor.h upstream commit Sep 28, 2016
monitor_fdpass.c upstream commit Mar 4, 2016
monitor_fdpass.h - djm@cvs.openbsd.org 2007/09/04 03:21:03 Sep 17, 2007
monitor_wrap.c upstream commit Aug 14, 2016
monitor_wrap.h upstream commit Sep 28, 2016
msg.c upstream commit Jan 15, 2015
msg.h upstream commit Jan 15, 2015
mux.c upstream commit Jan 30, 2017
myproposal.h upstream commit Sep 28, 2016
nchan.c - djm@cvs.openbsd.org 2010/01/26 01:28:35 Jan 26, 2010
nchan.ms - djm@cvs.openbsd.org 2003/11/21 11:57:03 Nov 21, 2003
nchan2.ms - djm@cvs.openbsd.org 2008/05/15 23:52:24 May 19, 2008
opacket.c upstream commit Jan 27, 2016
opacket.h upstream commit Sep 30, 2016
openssh.xml.in - (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where… Jul 25, 2007
opensshd.init.in modified: configure.ac opensshd.init.in Aug 1, 2016
packet.c upstream commit Feb 3, 2017
packet.h upstream commit Feb 3, 2017
pathnames.h Remove LOGIN_PROGRAM. Jan 15, 2017
pkcs11.h - deraadt@cvs.openbsd.org 2013/11/26 19:15:09 Dec 4, 2013
platform-pledge.c Support Illumos/Solaris fine-grained privileges Jan 8, 2016
platform-tracing.c Use ptrace(PT_DENY_ATTACH, ..) on OS X. Oct 31, 2016
platform.c Remove obsolete CVS $Id from source files. Aug 17, 2016
platform.h Remove obsolete CVS $Id from source files. Aug 17, 2016
poly1305.c - (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_ST… Jan 17, 2014
poly1305.h - djm@cvs.openbsd.org 2014/05/02 03:27:54 May 15, 2014
progressmeter.c upstream commit Jul 8, 2016
progressmeter.h upstream commit Jan 14, 2015
readconf.c upstream commit Feb 3, 2017
readconf.h upstream commit Jul 15, 2016
readpass.c upstream commit Dec 11, 2015
rijndael.c upstream commit Mar 23, 2015
rijndael.h - (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions… May 15, 2014
rsa.c - djm@cvs.openbsd.org 2014/06/24 01:13:21 Jul 2, 2014
rsa.h - djm@cvs.openbsd.org 2014/06/24 01:13:21 Jul 2, 2014
sandbox-capsicum.c - (djm) [sandbox-capsicum.c] Don't fatal if Capsicum is offered by Feb 4, 2014
sandbox-darwin.c Add missing monitor.h include. Dec 16, 2016
sandbox-null.c - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c] Jan 17, 2014
sandbox-pledge.c s/SANDBOX_TAME/SANDBOX_PLEDGE/g Oct 14, 2015
sandbox-rlimit.c upstream commit Sep 12, 2016
sandbox-seccomp-filter.c Deny lstat syscalls in seccomp sandbox May 19, 2016
sandbox-solaris.c Make Solaris privs code build on older systems. Feb 18, 2016
sandbox-systrace.c (re)wrap SYS_sendsyslog in ifdef. Oct 29, 2015
sc25519.c - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]… Jan 17, 2014
sc25519.h - markus@cvs.openbsd.org 2013/12/09 11:03:45 Dec 18, 2013
scp.1 upstream commit Jul 17, 2016
scp.c Force Turkish locales back to C/POSIX; bz#2643 Dec 12, 2016
servconf.c upstream commit Feb 3, 2017
servconf.h upstream commit Nov 30, 2016
serverloop.c upstream commit Feb 3, 2017
serverloop.h upstream commit Aug 14, 2016
session.c upstream commit Nov 30, 2016
session.h upstream commit Aug 14, 2016
sftp-client.c upstream commit Jan 4, 2017
sftp-client.h Prevent name collisions with system glob (bz#2463) Oct 28, 2015
sftp-common.c upstream commit Sep 12, 2016
sftp-common.h upstream commit Jan 14, 2015
sftp-glob.c upstream commit Jan 14, 2015
sftp-server-main.c upstream commit Feb 15, 2016
sftp-server.8 upstream commit Dec 11, 2014
sftp-server.c upstream commit Sep 12, 2016
sftp.1 upstream commit Jul 17, 2016
sftp.c upstream commit Feb 17, 2017
sftp.h - dtucker@cvs.openbsd.org 2008/06/13 00:12:02 Jun 13, 2008
smult_curve25519_ref.c - markus@cvs.openbsd.org 2013/11/02 21:59:15 Nov 3, 2013
ssh-add.1 upstream commit Mar 31, 2015
ssh-add.c upstream commit Feb 15, 2016
ssh-agent.1 upstream commit Nov 30, 2016
ssh-agent.c upstream commit Jan 4, 2017
ssh-dss.c upstream commit Apr 21, 2016
ssh-ecdsa.c upstream commit Apr 21, 2016
ssh-ed25519.c upstream commit Apr 21, 2016
ssh-gss.h - djm@cvs.openbsd.org 2014/02/26 20:28:44 Feb 26, 2014
ssh-keygen.1 upstream commit Jun 24, 2016
ssh-keygen.c upstream commit Feb 17, 2017
ssh-keyscan.1 upstream commit Nov 9, 2015
ssh-keyscan.c upstream commit Jan 30, 2017
ssh-keysign.8 upstream commit Feb 17, 2016
ssh-keysign.c upstream commit Feb 15, 2016
ssh-pkcs11-client.c upstream commit Dec 11, 2015
ssh-pkcs11-helper.8 - schwarze@cvs.openbsd.org 2013/07/16 00:07:52 Jul 18, 2013
ssh-pkcs11-helper.c upstream commit Feb 15, 2016
ssh-pkcs11.c upstream commit Nov 6, 2016
ssh-pkcs11.h upstream commit Jan 15, 2015
ssh-rsa.c upstream commit Sep 14, 2016
ssh-sandbox.h - (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c] Jan 17, 2014
ssh.1 upstream commit Jul 17, 2016
ssh.c upstream commit Feb 17, 2017
ssh.h upstream commit Dec 18, 2015
ssh1.h upstream commit May 19, 2016
ssh2.h upstream commit May 19, 2016
ssh_api.c upstream commit May 19, 2016
ssh_api.h various include fixes for portable Feb 23, 2015
ssh_config upstream commit Feb 23, 2016
ssh_config.5 upstream commit Feb 3, 2017
sshbuf-getput-basic.c Move VA_COPY macro into compat header. Jul 15, 2016
sshbuf-getput-crypto.c upstream commit Jan 12, 2016
sshbuf-misc.c upstream commit May 2, 2016
sshbuf.c upstream commit Nov 29, 2016
sshbuf.h upstream commit Nov 29, 2016
sshconnect.c upstream commit Sep 12, 2016
sshconnect.h upstream commit Nov 16, 2015
sshconnect1.c upstream commit Sep 21, 2016
sshconnect2.c upstream commit Feb 3, 2017
sshd.8 upstream commit Feb 3, 2017
sshd.c upstream commit Feb 6, 2017
sshd_config upstream commit Aug 23, 2016
sshd_config.5 upstream commit Feb 3, 2017
ssherr.c upstream commit Sep 16, 2015
ssherr.h upstream commit Jan 30, 2015
sshkey.c upstream commit Feb 17, 2017
sshkey.h upstream commit Sep 12, 2016
sshlogin.c upstream commit Jan 7, 2016
sshlogin.h - (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134 Aug 1, 2013
sshpty.c upstream commit Nov 29, 2016
sshpty.h upstream commit Nov 29, 2016
sshtty.c - djm@cvs.openbsd.org 2010/01/09 05:04:24 Jan 9, 2010
survey.sh.in - (dtucker) [config.sh.in] Collect oslevel -r too. Feb 15, 2005
ttymodes.c upstream commit May 19, 2016
ttymodes.h upstream commit May 3, 2016
uidswap.c Support Illumos/Solaris fine-grained privileges Jan 8, 2016
uidswap.h - deraadt@cvs.openbsd.org 2006/08/03 03:34:42 Aug 5, 2006
umac.c - guenther@cvs.openbsd.org 2014/07/22 07:13:42 Jul 22, 2014
umac.h - djm@cvs.openbsd.org 2013/07/22 12:20:02 Jul 25, 2013
utf8.c upstream commit Feb 19, 2017
utf8.h Force Turkish locales back to C/POSIX; bz#2643 Dec 12, 2016
uuencode.c upstream commit Apr 29, 2015
uuencode.h - djm@cvs.openbsd.org 2010/08/31 11:54:45 Aug 31, 2010
verify.c - (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]… Jan 17, 2014
version.h upstream commit Dec 19, 2016
xmalloc.c make existing ssh_malloc_init only for __OpenBSD__ Feb 15, 2016
xmalloc.h upstream commit Feb 15, 2016

README

See https://www.openssh.com/releasenotes.html#7.4p1 for the release notes.

Please read https://www.openssh.com/report.html for bug reporting
instructions and note that we do not use Github for bug reporting or
patch/pull-request management.

- A Japanese translation of this document and of the release notes is
- available at http://www.unixuser.org/~haruyama/security/openssh/index.html
- Thanks to HARUYAMA Seigo <haruyama@unixuser.org>

This is the port of OpenBSD's excellent OpenSSH[0] to Linux and other
Unices.

OpenSSH is based on the last free version of Tatu Ylonen's sample
implementation with all patent-encumbered algorithms removed (to
external libraries), all known security bugs fixed, new features
reintroduced and many other clean-ups.  OpenSSH has been created by
Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt,
and Dug Song. It has a homepage at https://www.openssh.com/

This port consists of the re-introduction of autoconf support, PAM
support, EGD[1]/PRNGD[2] support and replacements for OpenBSD library
functions that are (regrettably) absent from other unices. This port
has been best tested on AIX, Cygwin, HP-UX, Linux, MacOS/X,
NetBSD, OpenBSD, OpenServer, Solaris, Unicos, and UnixWare.

This version actively tracks changes in the OpenBSD CVS repository.

The PAM support is now more functional than the popular packages of
commercial ssh-1.2.x. It checks "account" and "session" modules for
all logins, not just when using password authentication.

OpenSSH depends on Zlib[3], OpenSSL[4] and optionally PAM[5].

There is now several mailing lists for this port of OpenSSH. Please
refer to https://www.openssh.com/list.html for details on how to join.

Please send bug reports and patches to the mailing list
openssh-unix-dev@mindrot.org. The list is open to posting by unsubscribed
users.  Code contribution are welcomed, but please follow the OpenBSD
style guidelines[6].

Please refer to the INSTALL document for information on how to install
OpenSSH on your system.

Damien Miller <djm@mindrot.org>

Miscellania -

This version of OpenSSH is based upon code retrieved from the OpenBSD
CVS repository which in turn was based on the last free sample
implementation released by Tatu Ylonen.

References -

[0] https://www.openssh.com/
[1] http://www.lothar.com/tech/crypto/
[2] http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
[3] http://www.gzip.org/zlib/
[4] http://www.openssl.org/
[5] http://www.openpam.org
    http://www.kernel.org/pub/linux/libs/pam/
    (PAM also is standard on Solaris and HP-UX 11)
[6] http://man.openbsd.org/style.9