Description of FIDO/U2F support (from OpenSSH 8.2 release notes,
https://www.openssh.com/txt/release-8.2):
This release adds support for FIDO/U2F hardware authenticators to
OpenSSH. U2F/FIDO are open standards for inexpensive two-factor
authentication hardware that are widely used for website
authentication. In OpenSSH FIDO devices are supported by new public
key types "ecdsa-sk" and "ed25519-sk", along with corresponding
certificate types.
ssh-keygen(1) may be used to generate a FIDO token-backed key, after
which they may be used much like any other key type supported by
OpenSSH, so long as the hardware token is attached when the keys are
used. FIDO tokens also generally require the user explicitly
authorise operations by touching or tapping them.
Generating a FIDO key requires the token be attached, and will
usually require the user tap the token to confirm the operation:
$ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
Generating public/private ecdsa-sk key pair.
You may need to touch your security key to authorize key generation.
Enter file in which to save the key (/home/djm/.ssh/id_ecdsa_sk):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/djm/.ssh/id_ecdsa_sk
Your public key has been saved in /home/djm/.ssh/id_ecdsa_sk.pub
This will yield a public and private key-pair. The private key file
should be useless to an attacker who does not have access to the
physical token. After generation, this key may be used like any
other supported key in OpenSSH and may be listed in authorized_keys,
added to ssh-agent(1), etc. The only additional stipulation is that
the FIDO token that the key belongs to must be attached when the key
is used.
To enable FIDO/U2F support, this change regenerates ssh_namespace.h,
adds ssh-sk-helper, and sets ENABLE_SK_INTERNAL (unless building
WITHOUT_USB).
devd integration is not included in this change, and is under
investigation for the base system. In the interim the security/u2f-devd
port can be installed to provide appropriate devd rules.
Reviewed by: delphij, kevans
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32509
We want to set ENABLE_SK_INTERNAL only when building with USB support.
We'll leave it off in config.h and enble it via our bespoke build's
Makefile.inc.
Sponsored by: The FreeBSD Foundation
Two local changes were committed upstream and are present in OpenSSH
8.7p1. Remove references from FREEBSD-upgrade now that we have updated
to that version.
Some notable changes, from upstream's release notes:
- sshd(8): Remove support for obsolete "host/port" syntax.
- ssh(1): When prompting whether to record a new host key, accept the key
fingerprint as a synonym for "yes".
- ssh-keygen(1): when acting as a CA and signing certificates with an RSA
key, default to using the rsa-sha2-512 signature algorithm.
- ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa"
(RSA/SHA1) algorithm from those accepted for certificate signatures.
- ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F
support to provide address-space isolation for token middleware
libraries (including the internal one).
- ssh(1): this release enables UpdateHostkeys by default subject to some
conservative preconditions.
- scp(1): this release changes the behaviour of remote to remote copies
(e.g. "scp host-a:/path host-b:") to transfer through the local host
by default.
- scp(1): experimental support for transfers using the SFTP protocol as
a replacement for the venerable SCP/RCP protocol that it has
traditionally used.
Additional integration work is needed to support FIDO/U2F in the base
system.
Deprecation Notice
------------------
OpenSSH will disable the ssh-rsa signature scheme by default in the
next release.
Reviewed by: imp
MFC after: 1 month
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29985
/usr/include/gssapi.h claims that it is deprecated, and gssapi/gssapi.h
should be used instead. So, test HAVE_GSSAPI_GSSAPI_H first falling
back to HAVE_GSSAPI_H.
This will be submitted upstream.
Fixes: 6eac665c81 ("openssh: diff reduction against...")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31810
For some reason poly64 was omitted when this file was last generated
(perhaps it was inlined by the Clang version then in use).
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Tools like Phabricator use the @generated tag to identify files that
may be excluded from review by default.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Since config.h was last regenerated FreeBSD has added (a stub) libdl,
and has removed sys/dir.h. Regenerate config.h to avoid spurious
additional changes when OpenSSH is next updated.
There should be no issue if this change is MFC'd, but I don't plan to do
so. Although configure checks for libdl HAVE_LIBDL isn't even used, and
sys/dir.h was non-functional before being removed. The state of these
two config.h settings should make no difference in the built OpenSSH.
Sponsored by: The FreeBSD Foundation
We define LIBWRAP at build time in secure/usr.sbin/sshd/Makefile if
WITH_TCPWRAPPERS is in effect, so it should not be set in config.h.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
freebsd-configure.sh runs configure twice, --with-kerberos5 and
--without-kerberos5, in order to build a config.h that defaults to
kerberos5 disabled, and a small config file that represents the
differences.
Rename config.h.orig to config.h.kerberos5 to clarify the intent of this
script.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Login class-based restrictions were introduced in 5b400a39b8. The
code was adapted for sshd's Capsicum sandbox and received many changes
over time, including at least fc3c19a9fc, bd393de91c, and
e8c56fba29.
During an attempt to upstream the work a much simpler approach was
suggested. Adopt it now in the in-tree OpenSSH to reduce conflicts with
future updates.
Submitted by: Yuchiro Naito (against OpenSSH-portable on GitHub)
Obtained from: https://github.com/openssh/openssh-portable/pull/262
Reviewed by: allanjude, kevans
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D31760
This was introduced in 8998619212, and left behind when the hpn-ssh
patches were removed in 60c59fad88. Although Being able to log
SO_RCVBUF in debug mode might have some small value on its own, it's
not worth carrying an extra diff against upstream.
Reviewed by: kevans
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28610
This was introduced in 03f6c5cd93, which added use of
sysctl net.inet.ip.portrange.reservedhigh instead of IPPORT_RESERVED,
but it appears the rest of that change was lost in some subsequent
update.
The change should probably be restored, but until then there is no
reason to leave an unused variable around.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Literal references to /usr/local exist in a large number of files in
the FreeBSD base system. Many are in contributed software, in configuration
files, or in the documentation, but 19 uses have been identified in C
source files or headers outside the contrib and sys/contrib directories.
This commit makes it possible to set _PATH_LOCALBASE in paths.h to use
a different prefix for locally installed software.
In order to avoid changes to openssh source files, LOCALBASE is passed to
the build via Makefiles under src/secure. While _PATH_LOCALBASE could have
been used here, there is precedent in the construction of the path used to
a xauth program which depends on the LOCALBASE value passed on the compiler
command line to select a non-default directory.
This could be changed in a later commit to make the openssh build
consistently use _PATH_LOCALBASE. It is considered out-of-scope for this
commit.
Reviewed by: imp
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D26942
blacklistd has been renamed to blocklistd upstream, and a future
import into FreeBSD will follow that change. Support the new name
as an alias in config files.
Reviewed by: bz, delphij
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D25865
A base system OpenSSH update in 2016 or so removed a number of ciphers
from the default lists offered by the server/client, due to known
weaknesses. This caused POLA issues for some users and prompted
PR207679; the ciphers were restored to the default lists in r296634.
When upstream removed these ciphers from the default server list, they
moved them to the client-only default list. They were subsequently
removed from the client default, in OpenSSH 7.9p1.
The change has persisted long enough. Remove these extra ciphers from
both the server and client default lists, in advance of FreeBSD 13.
Reviewed by: markm, rgrimes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D25833
This change was made upstream between 7.9p1 and 8.0p1. We've made local
changes in the same places for handling the version_addendum; apply the
SSLeay_version to OpenSSL_version change in advance of importing 8.0p1.
This should have been part of r363225.
Obtained from: OpenSSH-portable a65784c9f9c5
MFC with: r363225
Sponsored by: The FreeBSD Foundation
This change was made upstream between 7.9p1 and 8.0p1. We've made local
changes in the same places for handling the version_addendum; apply the
SSLeay_version to OpenSSL_version change in advance of importing 8.0p1.
Obtained from: OpenSSH-portable a65784c9f9c5
Sponsored by: The FreeBSD Foundation
The logging was introduced in r314527 but doesn't appear to be useful
for regular operation, and as the result, for users with no class set
(very common) the administrator would see a message like this in their
auth.log:
sshd[44251]: user root login class [preauth]
(note that the class was "" because that's what's typically configured
for most users; we would get 'default' if lc->lc_class is chosen)
Remove this log as it can be annoying as the lookup happen before
authentication and repeats, and our code is not acting upon lc_class
or pw_class directly anyways.
Reviewed by: cem, imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D24997
This is currently staged in vendor/ as part of the 8.0p1 import, which isn't
quite ready to land. Given that this is a simple one-line fix, apply it now
as the fallout will be pretty minimal.
-fno-common will become the default in GCC10/LLVM11.
MFC after: 3 days
It appears that FREEBSD-vendor is an idea that never really took off
and we should probably just remove it, but until then we might as well
record the correct version.
We need to add user-facing deprecation notices for TCP wrappers; start
with a note in the upgrade process docmentation.
Sponsored by: The FreeBSD Foundation
In r339216 a privsep wrapper was added for login_getpwclass to address
PR 231172. Unfortunately the change used the MON_AUTH flag in the
wrapper, and MON_AUTH includes MON_AUTHDECIDE which triggers an
auth_log() on each invocation. getpwclass() does not participate in the
authentication decision, so should be MON_ISAUTH instead.
PR: 234793
Submitted by: Henry Hu
Reviewed by: Yuichiro NAITO
MFC after: 1 week
upstream: when checking that filenames sent by the server side
match what the client requested, be prepared to handle shell-style brace
alternations, e.g. "{foo,bar}".
"looks good to me" millert@ + in snaps for the last week courtesy
deraadt@
OpenBSD-Commit-ID: 3b1ce7639b0b25b2248e3a30f561a548f6815f3e
Discussed with: des
Obtained from: OpenSSH-portable 3d896c157c722bc47adca51a58dca859225b5874
OpenSSH-portable commits:
check in scp client that filenames sent during remote->local directory
copies satisfy the wildcard specified by the user.
This checking provides some protection against a malicious server
sending unexpected filenames, but it comes at a risk of rejecting wanted
files due to differences between client and server wildcard expansion rules.
For this reason, this also adds a new -T flag to disable the check.
reported by Harry Sintonen
fix approach suggested by markus@;
has been in snaps for ~1wk courtesy deraadt@
OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda
Minor patch conflict (getopt) resolved.
Obtained from: OpenSSH-portable 391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
scp: add -T to usage();
OpenBSD-Commit-ID: a7ae14d9436c64e1bd05022329187ea3a0ce1899
Obtained from: OpenSSH-portable 2c21b75a7be6ebdcbceaebb43157c48dbb36f3d8
PR: 234965
Approved by: des
MFC after: 3 days
Obtained from: OpenSSH-portable 391ffc4b9d, 2c21b75a7b
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D19076
- Update OpenSSL to version 1.1.1.
- Update Kerberos/Heimdal API for OpenSSL 1.1.1 compatibility.
- Bump __FreeBSD_version.
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation
- Wrap access to pw_change and pw_expire in the appropriate #ifdefs.
- Wrap calls to login_cap(3) API in appropriate #ifdefs.
- Add wrapper for transferring time_t, which is still only 32 bits wide
on FreeBSD i386.
- Use a temporary variable to deserialize size_t.
Approved by: re (gjb)
