mirror of
https://github.com/opnsense/src.git
synced 2026-04-15 14:29:58 -04:00
19261079b7
Some notable changes, from upstream's release notes: - sshd(8): Remove support for obsolete "host/port" syntax. - ssh(1): When prompting whether to record a new host key, accept the key fingerprint as a synonym for "yes". - ssh-keygen(1): when acting as a CA and signing certificates with an RSA key, default to using the rsa-sha2-512 signature algorithm. - ssh(1), sshd(8), ssh-keygen(1): this release removes the "ssh-rsa" (RSA/SHA1) algorithm from those accepted for certificate signatures. - ssh-sk-helper(8): this is a new binary. It is used by the FIDO/U2F support to provide address-space isolation for token middleware libraries (including the internal one). - ssh(1): this release enables UpdateHostkeys by default subject to some conservative preconditions. - scp(1): this release changes the behaviour of remote to remote copies (e.g. "scp host-a:/path host-b:") to transfer through the local host by default. - scp(1): experimental support for transfers using the SFTP protocol as a replacement for the venerable SCP/RCP protocol that it has traditionally used. Additional integration work is needed to support FIDO/U2F in the base system. Deprecation Notice ------------------ OpenSSH will disable the ssh-rsa signature scheme by default in the next release. Reviewed by: imp MFC after: 1 month Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D29985 |
||
|---|---|---|
| .. | ||
| aix | ||
| cygwin | ||
| hpux | ||
| redhat | ||
| solaris | ||
| suse | ||
| findssl.sh | ||
| gnome-ssh-askpass1.c | ||
| gnome-ssh-askpass2.c | ||
| gnome-ssh-askpass3.c | ||
| Makefile | ||
| README | ||
| ssh-copy-id | ||
| ssh-copy-id.1 | ||
| sshd.pam.freebsd | ||
| sshd.pam.generic | ||
Other patches and addons for OpenSSH. Please send submissions to
djm@mindrot.org
Externally maintained
---------------------
SSH Proxy Command -- connect.c
Shun-ichi GOTO <gotoh@imasy.or.jp> has written a very useful ProxyCommand
which allows the use of outbound SSH from behind a SOCKS4, SOCKS5 or
https CONNECT style proxy server. His page for connect.c has extensive
documentation on its use as well as compiled versions for Win32.
https://bitbucket.org/gotoh/connect/wiki/Home
X11 SSH Askpass:
Jim Knoble <jmknoble@pobox.com> has written an excellent X11
passphrase requester. This is highly recommended:
http://www.jmknoble.net/software/x11-ssh-askpass/
In this directory
-----------------
ssh-copy-id:
Phil Hands' <phil@hands.com> shell script to automate the process of adding
your public key to a remote machine's ~/.ssh/authorized_keys file.
gnome-ssh-askpass[12]:
A GNOME and Gtk2 passphrase requesters. Use "make gnome-ssh-askpass1" or
"make gnome-ssh-askpass2" to build.
sshd.pam.generic:
A generic PAM config file which may be useful on your system. YMMV
sshd.pam.freebsd:
A PAM config file which works with FreeBSD's PAM port. Contributed by
Dominik Brettnacher <domi@saargate.de>
findssl.sh:
Search for all instances of OpenSSL headers and libraries and print their
versions. This is intended to help diagnose OpenSSH's "OpenSSL headers do not
match your library" errors.
aix:
Files to build an AIX native (installp or SMIT installable) package.
caldera:
RPM spec file and scripts for building Caldera OpenLinuix packages
cygwin:
Support files for Cygwin
hpux:
Support files for HP-UX
redhat:
RPM spec file and scripts for building Redhat packages
suse:
RPM spec file and scripts for building SuSE packages