debian/0000755000000000000000000000000013437222753007176 5ustar debian/tests/0000755000000000000000000000000012330654315010332 5ustar debian/tests/Makefile0000644000000000000000000000031112330654315011765 0ustar test: getpid.so chmod +x keygen-test ./keygen-test getpid.o: getpid.c gcc -fPIC -c $< -o $@ getpid.so: getpid.o gcc -shared -o $@ $< clean: rm -f getpid.o getpid.so key1 key1.pub key2 key2.pub debian/tests/keygen-test0000755000000000000000000000051412330654315012517 0ustar #! /bin/sh rm -f key1 key1.pub key2 key2.pub LD_PRELOAD="$(pwd)/getpid.so" FORCE_PID=1234 \ ../../build-deb/ssh-keygen -N '' -f key1 >/dev/null LD_PRELOAD="$(pwd)/getpid.so" FORCE_PID=1234 \ ../../build-deb/ssh-keygen -N '' -f key2 >/dev/null if cmp -s key1 key2; then echo "Generated two identical keys!" >&2 exit 1 fi exit 0 debian/tests/getpid.c0000644000000000000000000000210512330654315011750 0ustar /* * Compile: gcc -fPIC -c getpid.c -o getpid.o gcc -shared -o getpid.so getpid.o * Use: FORCE_PID=1234 LD_PRELOAD=./getpid.so bash # # Copyright (C) 2001-2008 Kees Cook # kees@outflux.net, http://outflux.net/ # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # http://www.gnu.org/copyleft/gpl.html */ #include #include #include pid_t getpid(void) { return atoi(getenv("FORCE_PID")); } debian/openssh-server.examples0000644000000000000000000000001412330654315013706 0ustar sshd_config debian/openssh-client.postrm0000644000000000000000000000101412330654315013365 0ustar #!/bin/sh set -e #DEBHELPER# case $1 in purge) # Remove all non-conffiles that ssh might create, so that we # can smoothly remove /etc/ssh if and only if the user # hasn't dropped some other files in there. Conffiles have # already been removed at this point. rm -f /etc/ssh/moduli /etc/ssh/primes rm -f /etc/ssh/ssh_known_hosts /etc/ssh/ssh_known_hosts2 rmdir --ignore-fail-on-non-empty /etc/ssh if which delgroup >/dev/null 2>&1; then delgroup --quiet ssh > /dev/null || true fi ;; esac exit 0 debian/README.Debian0000644000000000000000000002137412330654315011240 0ustar OpenSSH for Debian ------------------ UPGRADE ISSUES ============== Privilege Separation -------------------- As of 3.3, openssh has employed privilege separation to reduce the quantity of code that runs as root, thereby reducing the impact of some security holes in sshd. This now also works properly with PAM. Privilege separation is turned on by default, so, if you decide you want it turned off, you need to add "UsePrivilegeSeparation no" to /etc/ssh/sshd_config. PermitRootLogin --------------- As of 1:6.6p1-1, new installations will be set to "PermitRootLogin without-password". This disables password authentication for root, foiling password dictionary attacks on the root user. Some sites may wish to use the stronger "PermitRootLogin forced-commands-only" or "PermitRootLogin no", but note that "PermitRootLogin no" will break setups that SSH to root with a forced command to take full-system backups. You can use PermitRootLogin in a Match block if you want finer-grained control here. For many years Debian's OpenSSH packaging used "PermitRootLogin yes", in line with upstream. To avoid breaking local setups, this is still true for installations upgraded from before 1:6.6p1-1. If you wish to change this, you should edit /etc/ssh/sshd_config, change it manually, and run "service ssh restart" as root. Disabling PermitRootLogin means that an attacker possessing credentials for the root account (any credentials in the case of "yes", or private key material in the case of "without-password") must compromise a normal user account rather than being able to SSH directly to root. Be careful to avoid a false illusion of security if you change this setting; any account you escalate to root from should be considered equivalent to root for the purposes of security against external attack. You might for example disable it if you know you will only ever log in as root from the physical console. Since the root account does not generally have non-password credentials unless you explicitly install an SSH public key in its ~/.ssh/authorized_keys, which you presumably only do if you want to SSH to it, "without-password" should be a reasonable default for most sites. For further discussion, see: https://bugs.debian.org/298138 https://bugzilla.mindrot.org/show_bug.cgi?id=2164 X11 Forwarding -------------- ssh's default for ForwardX11 has been changed to ``no'' because it has been pointed out that logging into remote systems administered by untrusted people is likely to open you up to X11 attacks, so you should have to actively decide that you trust the remote machine's root, before enabling X11. I strongly recommend that you do this on a machine-by-machine basis, rather than just enabling it in the default host settings. In order for X11 forwarding to work, you need to install xauth on the server. In Debian this is in the xbase-clients package. As of OpenSSH 3.1, the remote $DISPLAY uses localhost by default to reduce the security risks of X11 forwarding. Look up X11UseLocalhost in sshd_config(8) if this is a problem. OpenSSH 3.8 invented ForwardX11Trusted, which when set to no causes the ssh client to create an untrusted X cookie so that attacks on the forwarded X11 connection can't become attacks on X clients on the remote machine. However, this has some problems in implementation - notably a very short timeout of the untrusted cookie - breaks large numbers of existing setups, and generally seems immature. The Debian package therefore sets the default for this option to "yes" (in ssh itself, rather than in ssh_config). Fallback to RSH --------------- The default for this setting has been changed from Yes to No, for security reasons, and to stop the delay attempting to rsh to machines that don't offer the service. Simply switch it back on in either /etc/ssh/ssh_config or ~/.ssh/config for those machines that you need it for. Setgid ssh-agent and environment variables ------------------------------------------ As of version 1:3.5p1-1, ssh-agent is installed setgid to prevent ptrace() attacks retrieving private key material. This has the side-effect of causing glibc to remove certain environment variables which might have security implications for set-id programs, including LD_PRELOAD, LD_LIBRARY_PATH, and TMPDIR. If you need to set any of these environment variables, you will need to do so in the program exec()ed by ssh-agent. This may involve creating a small wrapper script. Symlink Hostname invocation --------------------------- This version of ssh no longer includes support for invoking ssh with the hostname as the name of the file run. People wanting this support should use the ssh-argv0 script. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= OTHER ISSUES ============ /usr/bin/ssh not SUID --------------------- Due to Debian bug #164325, RhostsRSAAuthentication can only be used if ssh is SUID. Until this is fixed, if that is a problem, use: dpkg-statoverride or if that's also missing, use this: chown root.root /usr/bin/ssh chmod 04755 /usr/bin/ssh Authorization Forwarding ------------------------ Similarly, root on a remote server could make use of your ssh-agent (while you're logged into their machine) to obtain access to machines which trust your keys. This feature is therefore disabled by default. You should only re-enable it for those hosts (in your ~/.ssh/config or /etc/ssh/ssh_config) where you are confident that the remote machine is not a threat. Problems logging in with RSA authentication ------------------------------------------- If you have trouble logging in with RSA authentication then the problem is probably caused by the fact that you have your home directory writable by group, as well as user (this is the default on Debian systems). Depending upon other settings on your system (i.e. other users being in your group) this could open a security hole, so you will need to make your home directory writable only by yourself. Run this command, as yourself: chmod g-w ~/ to remove group write permissions. If you use ssh-copy-id to install your keys, it does this for you. -L option of ssh nonfree ------------------------ non-free ssh supported the usage of the option -L to use a non privileged port for scp. This option will not be supported by scp from openssh. Please use instead scp -o "UsePrivilegedPort=no" as documented in the manpage to scp itself. Problem logging in because of TCP-Wrappers ------------------------------------------ ssh is compiled with support for tcp-wrappers. So if you can no longer log into your system, please check that /etc/hosts.allow and /etc/hosts.deny are configured so that ssh is not blocked. Kerberos support ---------------- ssh is now compiled with Kerberos support. Unfortunately, privilege separation is incompatible with Kerberos support for SSH protocol 1 and parts of the support for protocol 2; you may need to run kinit after logging in. Interoperability between scp and the ssh.com SSH server ------------------------------------------------------- In version 2 and greater of the commercial SSH server produced by SSH Communications Security, scp was changed to use SFTP (SSH2's file transfer protocol) instead of the traditional rcp-over-ssh, thereby breaking compatibility. The OpenSSH developers regard this as a bug in the ssh.com server, and do not currently intend to change OpenSSH's scp to match. Workarounds for this problem are to install scp1 on the server (scp2 will fall back to it), to use sftp, or to use some other transfer mechanism such as rsync-over-ssh or tar-over-ssh. Running sshd from inittab ------------------------- Some people find it useful to run the sshd server from inittab, to make sure that it always stays running. To do this, stop sshd ('/etc/init.d/ssh stop'), add the following line to /etc/inittab, and run 'telinit q': ss:2345:respawn:/usr/sbin/sshd -D If you do this, note that you will need to stop sshd being started in the normal way ('update-rc.d ssh disable') and that you will need to restart this sshd manually on upgrades. Per-connection sshd instances with systemd ------------------------------------------ If you want to reconfigure systemd to listen on port 22 itself and launch an instance of sshd for each connection (inetd-style socket activation), then you can run: systemctl stop ssh.service systemctl start ssh.socket To make this permanent: systemctl disable ssh.service systemctl enable ssh.socket This may be appropriate in environments where minimal footprint is critical (e.g. cloud guests). Be aware that this bypasses MaxStartups, and systemd's MaxConnections cannot quite replace this as it cannot distinguish between authenticated and unauthenticated connections; see https://bugzilla.redhat.com/show_bug.cgi?id=963268 for more discussion. -- Matthew Vernon Colin Watson debian/ssh-askpass-gnome.prerm0000644000000000000000000000166612330654315013613 0ustar #! /bin/sh # prerm script for ssh-askpass-gnome # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `remove' # * `upgrade' # * `failed-upgrade' # * `remove' `in-favour' # * `deconfigure' `in-favour' # `removing' # # for details, see /usr/share/doc/packaging-manual/ case "$1" in remove|deconfigure) update-alternatives --quiet --remove ssh-askpass /usr/lib/openssh/gnome-ssh-askpass ;; upgrade) ;; failed-upgrade) ;; *) echo "prerm called with unknown argument \`$1'" >&2 exit 0 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/openssh-server.preinst0000644000000000000000000000047012330654315013562 0ustar #!/bin/sh set -e action=$1 version=$2 if [ "$action" = upgrade ] || [ "$action" = install ] then if dpkg --compare-versions "$version" lt 1:5.5p1-6 && \ [ -d /var/run/sshd ]; then # make sure /var/run/sshd is not removed on upgrades touch /var/run/sshd/.placeholder fi fi #DEBHELPER# exit 0 debian/rules0000755000000000000000000001624012651711323010252 0ustar #!/usr/bin/make -f # Uncomment this to turn on verbose mode. # export DH_VERBOSE=1 # This has to be exported to make some magic below work. export DH_OPTIONS ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS))) RUN_TESTS := yes else RUN_TESTS := endif ifeq (,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) PARALLEL := else PARALLEL := \ -j$(patsubst parallel=%,%,$(filter parallel=%,$(DEB_BUILD_OPTIONS))) endif DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) ifeq ($(DEB_BUILD_GNU_TYPE),$(DEB_HOST_GNU_TYPE)) CC := gcc PKG_CONFIG = pkg-config else CC := $(DEB_HOST_GNU_TYPE)-gcc PKG_CONFIG = $(DEB_HOST_GNU_TYPE)-pkg-config RUN_TESTS := endif DEB_HOST_ARCH_OS := $(shell dpkg-architecture -qDEB_HOST_ARCH_OS 2>/dev/null) # Take account of old dpkg-architecture output. ifeq ($(DEB_HOST_ARCH_OS),) DEB_HOST_ARCH_OS := $(subst -gnu,,$(shell dpkg-architecture -qDEB_HOST_GNU_SYSTEM)) ifeq ($(DEB_HOST_ARCH_OS),gnu) DEB_HOST_ARCH_OS := hurd endif endif # Change the version string to reflect distribution DISTRIBUTION := $(shell dpkg-vendor --query vendor) SSH_EXTRAVERSION := $(DISTRIBUTION)-$(shell dpkg-parsechangelog | sed -n -e '/^Version:/s/Version: //p' | sed -e 's/[^-]*-//') DISTRIBUTOR := $(shell if dpkg-vendor --derives-from Ubuntu 2>/dev/null; then echo Ubuntu; else echo Debian; fi) ifeq ($(DISTRIBUTOR),Ubuntu) DEFAULT_PATH := /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games else DEFAULT_PATH := /usr/local/bin:/usr/bin:/bin:/usr/games endif SUPERUSER_PATH := /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin ifeq ($(DISTRIBUTOR),Ubuntu) server_recommends := ssh-import-id else server_recommends := endif # Common path configuration. confflags += --sysconfdir=/etc/ssh # Common build options. confflags += --disable-strip confflags += --with-mantype=doc confflags += --with-4in6 confflags += --with-privsep-path=/var/run/sshd # The Hurd needs libcrypt for res_query et al. ifeq ($(DEB_HOST_ARCH_OS),hurd) confflags += --with-libs=-lcrypt endif # http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60155 ifeq ($(DEB_HOST_ARCH),hppa) confflags += --without-hardening endif # Everything above here is common to the deb and udeb builds. confflags_udeb := $(confflags) # Options specific to the deb build. confflags += --with-tcp-wrappers confflags += --with-pam confflags += --with-libedit confflags += --with-kerberos5=/usr confflags += --with-ssl-engine ifeq ($(DEB_HOST_ARCH_OS),linux) confflags += --with-selinux confflags += --with-audit=linux endif ifeq ($(DISTRIBUTOR),Ubuntu) confflags += --with-consolekit endif # The deb build wants xauth; the udeb build doesn't. confflags += --with-xauth=/usr/bin/xauth confflags_udeb += --without-xauth # Default paths. The udeb build has /usr/games removed. confflags += --with-default-path=$(DEFAULT_PATH) --with-superuser-path=$(SUPERUSER_PATH) confflags_udeb += --with-default-path=/usr/local/bin:/usr/bin:/bin --with-superuser-path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin # Compiler flags. export DEB_BUILD_MAINT_OPTIONS := hardening=+all default_cflags := $(shell dpkg-buildflags --get CPPFLAGS) $(shell dpkg-buildflags --get CFLAGS) cflags := $(default_cflags) cflags += -DLOGIN_PROGRAM=\"/bin/login\" -DLOGIN_NO_ENDOPT cflags += -DSSH_EXTRAVERSION=\"$(SSH_EXTRAVERSION)\" cflags_udeb := -Os cflags_udeb += -DSSH_EXTRAVERSION=\"$(SSH_EXTRAVERSION)\" confflags += --with-cflags='$(cflags)' confflags_udeb += --with-cflags='$(cflags_udeb)' # Linker flags. default_ldflags := $(shell dpkg-buildflags --get LDFLAGS) confflags += --with-ldflags='$(strip -Wl,--as-needed $(default_ldflags))' confflags_udeb += --with-ldflags='-Wl,--as-needed' %: dh $@ --with=autoreconf,systemd autoreconf: autoreconf -f -i cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub ./ override_dh_autoreconf: dh_autoreconf debian/rules -- autoreconf override_dh_auto_configure: dh_auto_configure -Bbuild-deb -- $(confflags) dh_auto_configure -Bbuild-udeb -- $(confflags_udeb) override_dh_auto_build: # Avoid libnsl linkage. Ugh. perl -pi -e 's/ +-lnsl//' build-udeb/config.status cd build-udeb && ./config.status $(MAKE) -C build-deb $(PARALLEL) ASKPASS_PROGRAM='/usr/bin/ssh-askpass' $(MAKE) -C build-udeb $(PARALLEL) ASKPASS_PROGRAM='/usr/bin/ssh-askpass' ssh scp sftp sshd ssh-keygen $(MAKE) -C contrib gnome-ssh-askpass2 CC='$(CC) $(default_cflags) -Wall -Wl,--as-needed $(default_ldflags)' PKG_CONFIG=$(PKG_CONFIG) override_dh_auto_test: ifeq ($(RUN_TESTS),yes) $(MAKE) -C debian/tests endif override_dh_auto_clean: rm -rf build-deb build-udeb ifeq ($(RUN_TESTS),yes) $(MAKE) -C debian/tests clean endif $(MAKE) -C contrib clean (cat debian/copyright.head; iconv -f ISO-8859-1 -t UTF-8 LICENCE) \ > debian/copyright override_dh_auto_install: $(MAKE) -C build-deb DESTDIR=`pwd`/debian/tmp install-nokeys override_dh_install: rm -f debian/tmp/etc/ssh/sshd_config dh_install -Nopenssh-client-udeb -Nopenssh-server-udeb --fail-missing dh_install -popenssh-client-udeb -popenssh-server-udeb \ --sourcedir=build-udeb install -o root -g root -m 755 contrib/gnome-ssh-askpass2 debian/ssh-askpass-gnome/usr/lib/openssh/gnome-ssh-askpass install -o root -g root debian/openssh-server.if-up debian/openssh-server/etc/network/if-up.d/openssh-server install -o root -g root -m 644 debian/openssh-server.ufw.profile debian/openssh-server/etc/ufw/applications.d/openssh-server # Remove version control tags to avoid unnecessary conffile # resolution steps for administrators. sed -i '/\$$OpenBSD:/d' \ debian/openssh-client/etc/ssh/moduli \ debian/openssh-client/etc/ssh/ssh_config # dh_apport would be neater, but at the time of writing it isn't in # unstable yet. install -p -m 644 debian/openssh-client.apport debian/openssh-client/usr/share/apport/package-hooks/openssh-client.py install -p -m 644 debian/openssh-server.apport debian/openssh-server/usr/share/apport/package-hooks/openssh-server.py # Upstart user job (only used under user sessions) install -p -m 644 -D debian/ssh-agent.user-session.upstart debian/openssh-client/usr/share/upstart/sessions/ssh-agent.conf override_dh_installdocs: dh_installdocs -Nopenssh-server -Nopenssh-sftp-server -Nssh dh_installdocs -popenssh-server -popenssh-sftp-server -pssh \ --link-doc=openssh-client # Avoid breaking dh_installexamples later. mkdir -p debian/openssh-server/usr/share/doc/openssh-client override_dh_systemd_enable: dh_systemd_enable -popenssh-server --name ssh ssh.service dh_systemd_enable -popenssh-server --name ssh --no-enable ssh.socket override_dh_installinit: dh_installinit -R --name ssh override_dh_installpam: dh_installpam --name sshd override_dh_fixperms: dh_fixperms chmod u+s debian/openssh-client/usr/lib/openssh/ssh-keysign # Tighten libssl dependencies to match the check in entropy.c. override_dh_shlibdeps: dh_shlibdeps debian/adjust-openssl-dependencies override_dh_gencontrol: dh_gencontrol -- -V'openssh-server:Recommends=$(server_recommends)' override_dh_builddeb: dh_builddeb -- -Zxz debian/faq.html: wget -O - http://www.openssh.org/faq.html | \ sed 's,\(href="\)\(txt/\|[^":]*\.html\),\1http://www.openssh.org/\2,g' \ > debian/faq.html debian/ssh-argv0.10000644000000000000000000000260412330654315011066 0ustar .Dd September 7, 2001 .Dt SSH-ARGV0 1 .Os Debian Project .Sh NAME .Nm ssh-argv0 .Nd replaces the old ssh command-name as hostname handling .Sh SYNOPSIS .Ar hostname | user@hostname .Op Fl l Ar login_name .Op Ar command .Pp .Ar hostname | user@hostname .Op Fl afgknqstvxACNTX1246 .Op Fl b Ar bind_address .Op Fl c Ar cipher_spec .Op Fl e Ar escape_char .Op Fl i Ar identity_file .Op Fl l Ar login_name .Op Fl m Ar mac_spec .Op Fl o Ar option .Op Fl p Ar port .Op Fl F Ar configfile .Oo Fl L Xo .Sm off .Ar port : .Ar host : .Ar hostport .Sm on .Xc .Oc .Oo Fl R Xo .Sm off .Ar port : .Ar host : .Ar hostport .Sm on .Xc .Oc .Op Fl D Ar port .Op Ar command .Sh DESCRIPTION .Nm replaces the old ssh command-name as hostname handling. If you link to this script with a hostname then executing the link is equivalent to having executed ssh with that hostname as an argument. All other arguments are passed to ssh and will be processed normally. .Sh OPTIONS See .Xr ssh 1 . .Sh FILES See .Xr ssh 1 . .Sh AUTHORS OpenSSH is a derivative of the original and free ssh 1.2.12 release by Tatu Ylonen. Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt and Dug Song removed many bugs, re-added newer features and created OpenSSH. Markus Friedl contributed the support for SSH protocol versions 1.5 and 2.0. Jonathan Amery wrote this ssh-argv0 script and the associated documentation. .Sh SEE ALSO .Xr ssh 1 debian/ssh-askpass-gnome.install0000644000000000000000000000005712330654315014125 0ustar debian/ssh-askpass-gnome.png usr/share/pixmaps debian/gnome-ssh-askpass.10000644000000000000000000000263612330654315012624 0ustar .TH GNOME-SSH-ASKPASS 1 .SH NAME gnome\-ssh\-askpass \- prompts a user for a passphrase using GNOME .SH SYNOPSIS .B gnome\-ssh\-askpass .SH DESCRIPTION .B gnome\-ssh\-askpass is a GNOME-based passphrase dialog for use with OpenSSH. It is intended to be called by the .BR ssh\-add (1) program and not invoked directly. It allows .BR ssh\-add (1) to obtain a passphrase from a user, even if not connected to a terminal (assuming that an X display is available). This happens automatically in the case where .B ssh\-add is invoked from one's .B ~/.xsession or as one of the GNOME startup programs, for example. .PP In order to be called automatically by .BR ssh\-add , .B gnome\-ssh\-askpass should be installed as .IR /usr/bin/ssh\-askpass . .SH "ENVIRONMENT VARIABLES" The following environment variables are recognized: .TP .I GNOME_SSH_ASKPASS_GRAB_SERVER Causes .B gnome\-ssh\-askpass to grab the X server before asking for a passphrase. .TP .I GNOME_SSH_ASKPASS_GRAB_POINTER Causes .B gnome\-ssh\-askpass to grab the mouse pointer using .IR gdk_pointer_grab () before asking for a passphrase. .PP Regardless of whether either of these environment variables is set, .B gnome\-ssh\-askpass will grab the keyboard using .IR gdk_keyboard_grab (). .SH AUTHOR This manual page was written by Colin Watson for the Debian system (but may be used by others). It was based on that for .B x11\-ssh\-askpass by Philip Hands. debian/control0000644000000000000000000001563312651711301010576 0ustar Source: openssh Section: net Priority: standard Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Debian OpenSSH Maintainers Build-Depends: libwrap0-dev | libwrap-dev, zlib1g-dev (>= 1:1.2.3), libssl-dev (>= 0.9.8g), libpam0g-dev | libpam-dev, libgtk2.0-dev, libedit-dev, debhelper (>= 8.1.0~), libselinux1-dev [linux-any], libkrb5-dev | heimdal-dev, dpkg (>= 1.16.1~), libck-connector-dev, dh-autoreconf, autotools-dev, dh-systemd (>= 1.4), libaudit-dev [linux-any] Standards-Version: 3.9.5 Uploaders: Colin Watson , Matthew Vernon Homepage: http://www.openssh.org/ Vcs-Git: git://anonscm.debian.org/pkg-ssh/openssh.git Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-ssh/openssh.git Package: openssh-client Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, adduser (>= 3.10), dpkg (>= 1.7.0), passwd Recommends: xauth Conflicts: sftp Replaces: ssh, ssh-krb5 Suggests: ssh-askpass, libpam-ssh, keychain, monkeysphere Provides: rsh-client, ssh-client Multi-Arch: foreign Description: secure shell (SSH) client, for secure access to remote machines This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group. . Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. It can be used to provide applications with a secure communication channel. . This package provides the ssh, scp and sftp clients, the ssh-agent and ssh-add programs to make public key authentication more convenient, and the ssh-keygen, ssh-keyscan, ssh-copy-id and ssh-argv0 utilities. . In some countries it may be illegal to use any encryption at all without a special permit. . ssh replaces the insecure rsh, rcp and rlogin programs, which are obsolete for most purposes. Package: openssh-server Priority: optional Architecture: any Pre-Depends: ${misc:Pre-Depends} Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-runtime (>= 0.76-14), libpam-modules (>= 0.72-9), adduser (>= 3.9), dpkg (>= 1.9.0), openssh-client (= ${binary:Version}), lsb-base (>= 4.1+Debian3), procps, openssh-sftp-server Recommends: xauth, ncurses-term, ${openssh-server:Recommends} Conflicts: ssh-socks, ssh2, sftp Replaces: ssh, ssh-krb5 Suggests: ssh-askpass, rssh, molly-guard, ufw, monkeysphere Provides: ssh-server Multi-Arch: foreign Description: secure shell (SSH) server, for secure access from remote machines This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group. . Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. It can be used to provide applications with a secure communication channel. . This package provides the sshd server. . In some countries it may be illegal to use any encryption at all without a special permit. . sshd replaces the insecure rshd program, which is obsolete for most purposes. Package: openssh-sftp-server Priority: optional Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Recommends: openssh-server | ssh-server Breaks: openssh-server (<< 1:6.5p1-5) Replaces: openssh-server (<< 1:6.5p1-5) Enhances: openssh-server, ssh-server Description: secure shell (SSH) sftp server module, for SFTP access from remote machines This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group. . Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. It can be used to provide applications with a secure communication channel. . This package provides the SFTP server module for the SSH server. It is needed if you want to access your SSH server with SFTP. The SFTP server module also works with other SSH daemons like dropbear. Package: ssh Priority: extra Architecture: all Depends: ${misc:Depends}, openssh-client (>= ${binary:Version}), openssh-server (>= ${binary:Version}) Description: secure shell client and server (metapackage) This metapackage is a convenient way to install both the OpenSSH client and the OpenSSH server. It provides nothing in and of itself, so you may remove it if nothing depends on it. Package: ssh-krb5 Section: oldlibs Priority: extra Architecture: all Depends: ${misc:Depends}, openssh-client (>= ${binary:Version}), openssh-server (>= ${binary:Version}) Description: secure shell client and server (transitional package) This is a transitional package depending on the regular Debian OpenSSH client and server, which now support GSSAPI natively. It will add the necessary GSSAPI options to the server configuration file. You can remove it once the upgrade is complete and nothing depends on it. Package: ssh-askpass-gnome Section: gnome Priority: optional Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends}, openssh-client | ssh (>= 1:1.2pre7-4) | ssh-krb5 Replaces: ssh (<< 1:3.5p1-3) Provides: ssh-askpass Description: interactive X program to prompt users for a passphrase for ssh-add This has been split out of the main openssh-client package so that openssh-client does not need to depend on GTK+. . You probably want the ssh-askpass package instead, but this is provided to add to your choice and/or confusion. Package: openssh-client-udeb XC-Package-Type: udeb Section: debian-installer Priority: optional Architecture: any Depends: ${shlibs:Depends}, libnss-files-udeb XB-Installer-Menu-Item: 99999 Description: secure shell client for the Debian installer This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group. . This package provides the ssh client for use in debian-installer. Package: openssh-server-udeb XC-Package-Type: udeb Section: debian-installer Priority: optional Architecture: any Depends: ${shlibs:Depends}, libnss-files-udeb Description: secure shell server for the Debian installer This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group. . This package provides the sshd server for use in debian-installer. Since it is expected to be used in specialized situations (e.g. S/390 installs with no console), it does not provide any configuration. debian/ssh-argv00000644000000000000000000000266012330654315010731 0ustar #! /bin/sh set -e # Copyright (c) 2001 Jonathan Amery. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. if [ "${0##*/}" = "ssh-argv0" ] then echo 'ssh-argv0: This script should not be run like this, see ssh-argv0(1) for details' 1>&2 exit 1 fi exec ssh "${0##*/}" "$@" debian/watch0000644000000000000000000000016412330654315010222 0ustar version=3 opts=pgpsigurlmangle=s/$/.asc/ \ ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-(.*)\.tar\.gz debian/ssh-askpass-gnome.examples0000644000000000000000000000004112330654315014266 0ustar debian/ssh-askpass-gnome.desktop debian/openssh-server.postrm0000644000000000000000000000145512330654315013426 0ustar #!/bin/sh set -e #DEBHELPER# case $1 in purge) # Remove all non-conffiles that ssh might create, so that we # can smoothly remove /etc/ssh if and only if the user # hasn't dropped some other files in there. Conffiles have # already been removed at this point. rm -f /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.pub rm -f /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub rm -f /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub rm -f /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key.pub rm -f /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_ed25519_key.pub rm -f /etc/ssh/sshd_config rm -f /etc/ssh/sshd_not_to_be_run rmdir --ignore-fail-on-non-empty /etc/ssh if which deluser >/dev/null 2>&1; then deluser --quiet sshd > /dev/null || true fi ;; esac exit 0 debian/patches/0000755000000000000000000000000013437222463010623 5ustar debian/patches/CVE-2016-10012-3.patch0000644000000000000000000000415413227153245013452 0ustar Backport of: From b7689155f3f5c4999846c07a852b1c7a43b09cec Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 28 Sep 2016 21:44:52 +0000 Subject: [PATCH] upstream commit put back some pre-auth zlib bits that I shouldn't have removed - they are still used by the client. Spotted by naddy@ Upstream-ID: 80919468056031037d56a1f5b261c164a6f90dc2 --- kex.c | 4 +++- kex.h | 5 +++-- packet.c | 7 ++++--- 3 files changed, 10 insertions(+), 6 deletions(-) Index: openssh-6.6p1/kex.c =================================================================== --- openssh-6.6p1.orig/kex.c 2018-01-15 11:27:30.122628432 -0500 +++ openssh-6.6p1/kex.c 2018-01-15 11:27:30.118628427 -0500 @@ -406,6 +406,8 @@ choose_comp(Comp *comp, char *client, ch fatal("no matching comp found: client %s server %s", client, server); if (strcmp(name, "zlib@openssh.com") == 0) { comp->type = COMP_DELAYED; + } else if (strcmp(name, "zlib") == 0) { + comp->type = COMP_ZLIB; } else if (strcmp(name, "none") == 0) { comp->type = COMP_NONE; } else { Index: openssh-6.6p1/kex.h =================================================================== --- openssh-6.6p1.orig/kex.h 2018-01-15 11:27:30.122628432 -0500 +++ openssh-6.6p1/kex.h 2018-01-15 11:27:30.118628427 -0500 @@ -46,7 +46,8 @@ #define KEX_CURVE25519_SHA256 "curve25519-sha256@libssh.org" #define COMP_NONE 0 -#define COMP_DELAYED 1 +#define COMP_ZLIB 1 +#define COMP_DELAYED 2 enum kex_init_proposals { PROPOSAL_KEX_ALGS, Index: openssh-6.6p1/packet.c =================================================================== --- openssh-6.6p1.orig/packet.c 2018-01-15 11:27:30.122628432 -0500 +++ openssh-6.6p1/packet.c 2018-01-15 11:28:13.370678495 -0500 @@ -790,7 +790,8 @@ set_newkeys(int mode) /* explicit_bzero(enc->iv, enc->block_size); explicit_bzero(enc->key, enc->key_len); explicit_bzero(mac->key, mac->key_len); */ - if (((comp->type == COMP_DELAYED && + if ((comp->type == COMP_ZLIB || + (comp->type == COMP_DELAYED && active_state->after_authentication)) && comp->enabled == 0) { packet_init_compression(); if (mode == MODE_OUT) debian/patches/CVE-2018-20685.patch0000644000000000000000000000202713424617253013335 0ustar Backport of: From 6010c0303a422a9c5fa8860c061bf7105eb7f8b2 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 16 Nov 2018 03:03:10 +0000 Subject: [PATCH] upstream: disallow empty incoming filename or ones that refer to the current directory; based on report/patch from Harry Sintonen OpenBSD-Commit-ID: f27651b30eaee2df49540ab68d030865c04f6de9 --- scp.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) Index: openssh-6.6p1/scp.c =================================================================== --- openssh-6.6p1.orig/scp.c 2019-01-31 11:13:29.527186922 -0500 +++ openssh-6.6p1/scp.c 2019-01-31 11:13:29.527186922 -0500 @@ -1035,7 +1035,8 @@ sink(int argc, char **argv) size = size * 10 + (*cp++ - '0'); if (*cp++ != ' ') SCREWUP("size not delimited"); - if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { + if (*cp == '\0' || strchr(cp, '/') != NULL || + strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { run_err("error: unexpected filename: %s", cp); exit(1); } debian/patches/gssapi.patch0000644000000000000000000027266412330654315013147 0ustar From 9dfcd1a0e691c1cad34b168e27b3ed31ab6986cd Mon Sep 17 00:00:00 2001 From: Simon Wilkinson Date: Sun, 9 Feb 2014 16:09:48 +0000 Subject: GSSAPI key exchange support This patch has been rejected upstream: "None of the OpenSSH developers are in favour of adding this, and this situation has not changed for several years. This is not a slight on Simon's patch, which is of fine quality, but just that a) we don't trust GSSAPI implementations that much and b) we don't like adding new KEX since they are pre-auth attack surface. This one is particularly scary, since it requires hooks out to typically root-owned system resources." However, quite a lot of people rely on this in Debian, and it's better to have it merged into the main openssh package rather than having separate -krb5 packages (as we used to have). It seems to have a generally good security history. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1242 Last-Updated: 2014-03-19 Patch-Name: gssapi.patch --- ChangeLog.gssapi | 113 +++++++++++++++++++ Makefile.in | 3 +- auth-krb5.c | 17 ++- auth2-gss.c | 48 +++++++- auth2.c | 2 + clientloop.c | 13 +++ config.h.in | 6 + configure | 57 ++++++++++ configure.ac | 24 ++++ gss-genr.c | 275 ++++++++++++++++++++++++++++++++++++++++++++- gss-serv-krb5.c | 85 ++++++++++++-- gss-serv.c | 221 +++++++++++++++++++++++++++++++----- kex.c | 16 +++ kex.h | 14 +++ kexgssc.c | 332 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ kexgsss.c | 289 ++++++++++++++++++++++++++++++++++++++++++++++++ key.c | 3 +- key.h | 1 + monitor.c | 108 +++++++++++++++++- monitor.h | 3 + monitor_wrap.c | 47 +++++++- monitor_wrap.h | 4 +- readconf.c | 42 +++++++ readconf.h | 5 + servconf.c | 38 ++++++- servconf.h | 3 + ssh-gss.h | 41 ++++++- ssh_config | 2 + ssh_config.5 | 34 +++++- sshconnect2.c | 124 ++++++++++++++++++++- sshd.c | 110 ++++++++++++++++++ sshd_config | 2 + sshd_config.5 | 28 +++++ 33 files changed, 2051 insertions(+), 59 deletions(-) create mode 100644 ChangeLog.gssapi create mode 100644 kexgssc.c create mode 100644 kexgsss.c diff --git a/ChangeLog.gssapi b/ChangeLog.gssapi new file mode 100644 index 0000000..f117a33 --- /dev/null +++ b/ChangeLog.gssapi @@ -0,0 +1,113 @@ +20110101 + - Finally update for OpenSSH 5.6p1 + - Add GSSAPIServerIdentity option from Jim Basney + +20100308 + - [ Makefile.in, key.c, key.h ] + Updates for OpenSSH 5.4p1 + - [ servconf.c ] + Include GSSAPI options in the sshd -T configuration dump, and flag + some older configuration options as being unsupported. Thanks to Colin + Watson. + - + +20100124 + - [ sshconnect2.c ] + Adapt to deal with additional element in Authmethod structure. Thanks to + Colin Watson + +20090615 + - [ gss-genr.c gss-serv.c kexgssc.c kexgsss.c monitor.c sshconnect2.c + sshd.c ] + Fix issues identified by Greg Hudson following a code review + Check return value of gss_indicate_mechs + Protect GSSAPI calls in monitor, so they can only be used if enabled + Check return values of bignum functions in key exchange + Use BN_clear_free to clear other side's DH value + Make ssh_gssapi_id_kex more robust + Only configure kex table pointers if GSSAPI is enabled + Don't leak mechanism list, or gss mechanism list + Cast data.length before printing + If serverkey isn't provided, use an empty string, rather than NULL + +20090201 + - [ gss-genr.c gss-serv.c kex.h kexgssc.c readconf.c readconf.h ssh-gss.h + ssh_config.5 sshconnet2.c ] + Add support for the GSSAPIClientIdentity option, which allows the user + to specify which GSSAPI identity to use to contact a given server + +20080404 + - [ gss-serv.c ] + Add code to actually implement GSSAPIStrictAcceptCheck, which had somehow + been omitted from a previous version of this patch. Reported by Borislav + Stoichkov + +20070317 + - [ gss-serv-krb5.c ] + Remove C99ism, where new_ccname was being declared in the middle of a + function + +20061220 + - [ servconf.c ] + Make default for GSSAPIStrictAcceptorCheck be Yes, to match previous, and + documented, behaviour. Reported by Dan Watson. + +20060910 + - [ gss-genr.c kexgssc.c kexgsss.c kex.h monitor.c sshconnect2.c sshd.c + ssh-gss.h ] + add support for gss-group14-sha1 key exchange mechanisms + - [ gss-serv.c servconf.c servconf.h sshd_config sshd_config.5 ] + Add GSSAPIStrictAcceptorCheck option to allow the disabling of + acceptor principal checking on multi-homed machines. + + - [ sshd_config ssh_config ] + Add settings for GSSAPIKeyExchange and GSSAPITrustDNS to the sample + configuration files + - [ kexgss.c kegsss.c sshconnect2.c sshd.c ] + Code cleanup. Replace strlen/xmalloc/snprintf sequences with xasprintf() + Limit length of error messages displayed by client + +20060909 + - [ gss-genr.c gss-serv.c ] + move ssh_gssapi_acquire_cred() and ssh_gssapi_server_ctx to be server + only, where they belong + + +20060829 + - [ gss-serv-krb5.c ] + Fix CCAPI credentials cache name when creating KRB5CCNAME environment + variable + +20060828 + - [ gss-genr.c ] + Avoid Heimdal context freeing problem + + +20060818 + - [ gss-genr.c ssh-gss.h sshconnect2.c ] + Make sure that SPENGO is disabled + + +20060421 + - [ gssgenr.c, sshconnect2.c ] + a few type changes (signed versus unsigned, int versus size_t) to + fix compiler errors/warnings + (from jbasney AT ncsa.uiuc.edu) + - [ kexgssc.c, sshconnect2.c ] + fix uninitialized variable warnings + (from jbasney AT ncsa.uiuc.edu) + - [ gssgenr.c ] + pass oid to gss_display_status (helpful when using GSSAPI mechglue) + (from jbasney AT ncsa.uiuc.edu) + + - [ gss-serv-krb5.c ] + #ifdef HAVE_GSSAPI_KRB5 should be #ifdef HAVE_GSSAPI_KRB5_H + (from jbasney AT ncsa.uiuc.edu) + + - [ readconf.c, readconf.h, ssh_config.5, sshconnect2.c + add client-side GssapiKeyExchange option + (from jbasney AT ncsa.uiuc.edu) + - [ sshconnect2.c ] + add support for GssapiTrustDns option for gssapi-with-mic + (from jbasney AT ncsa.uiuc.edu) + diff --git a/Makefile.in b/Makefile.in index 28a8ec4..ee1d2c3 100644 --- a/Makefile.in +++ b/Makefile.in @@ -72,6 +72,7 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o bufbn.o buffer.o \ atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \ monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ + kexgssc.o \ msg.o progressmeter.o dns.o entropy.o gss-genr.o umac.o umac128.o \ ssh-pkcs11.o krl.o smult_curve25519_ref.o \ kexc25519.o kexc25519c.o poly1305.o chacha.o cipher-chachapoly.o \ @@ -91,7 +92,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ auth2-none.o auth2-passwd.o auth2-pubkey.o \ monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o kexecdhs.o \ kexc25519s.o auth-krb5.o \ - auth2-gss.o gss-serv.o gss-serv-krb5.o \ + auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ sftp-server.o sftp-common.o \ roaming_common.o roaming_serv.o \ diff --git a/auth-krb5.c b/auth-krb5.c index 6c62bdf..69a1a53 100644 --- a/auth-krb5.c +++ b/auth-krb5.c @@ -182,8 +182,13 @@ auth_krb5_password(Authctxt *authctxt, const char *password) len = strlen(authctxt->krb5_ticket_file) + 6; authctxt->krb5_ccname = xmalloc(len); +#ifdef USE_CCAPI + snprintf(authctxt->krb5_ccname, len, "API:%s", + authctxt->krb5_ticket_file); +#else snprintf(authctxt->krb5_ccname, len, "FILE:%s", authctxt->krb5_ticket_file); +#endif #ifdef USE_PAM if (options.use_pam) @@ -240,15 +245,22 @@ krb5_cleanup_proc(Authctxt *authctxt) #ifndef HEIMDAL krb5_error_code ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { - int tmpfd, ret, oerrno; + int ret, oerrno; char ccname[40]; mode_t old_umask; +#ifdef USE_CCAPI + char cctemplate[] = "API:krb5cc_%d"; +#else + char cctemplate[] = "FILE:/tmp/krb5cc_%d_XXXXXXXXXX"; + int tmpfd; +#endif ret = snprintf(ccname, sizeof(ccname), - "FILE:/tmp/krb5cc_%d_XXXXXXXXXX", geteuid()); + cctemplate, geteuid()); if (ret < 0 || (size_t)ret >= sizeof(ccname)) return ENOMEM; +#ifndef USE_CCAPI old_umask = umask(0177); tmpfd = mkstemp(ccname + strlen("FILE:")); oerrno = errno; @@ -265,6 +277,7 @@ ssh_krb5_cc_gen(krb5_context ctx, krb5_ccache *ccache) { return oerrno; } close(tmpfd); +#endif return (krb5_cc_resolve(ctx, ccname, ccache)); } diff --git a/auth2-gss.c b/auth2-gss.c index c28a705..3ff2d72 100644 --- a/auth2-gss.c +++ b/auth2-gss.c @@ -1,7 +1,7 @@ /* $OpenBSD: auth2-gss.c,v 1.21 2014/02/26 20:28:44 djm Exp $ */ /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. + * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -52,6 +52,40 @@ static void input_gssapi_mic(int type, u_int32_t plen, void *ctxt); static void input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt); static void input_gssapi_errtok(int, u_int32_t, void *); +/* + * The 'gssapi_keyex' userauth mechanism. + */ +static int +userauth_gsskeyex(Authctxt *authctxt) +{ + int authenticated = 0; + Buffer b; + gss_buffer_desc mic, gssbuf; + u_int len; + + mic.value = packet_get_string(&len); + mic.length = len; + + packet_check_eom(); + + ssh_gssapi_buildmic(&b, authctxt->user, authctxt->service, + "gssapi-keyex"); + + gssbuf.value = buffer_ptr(&b); + gssbuf.length = buffer_len(&b); + + /* gss_kex_context is NULL with privsep, so we can't check it here */ + if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gss_kex_context, + &gssbuf, &mic)))) + authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, + authctxt->pw)); + + buffer_free(&b); + free(mic.value); + + return (authenticated); +} + /* * We only support those mechanisms that we know about (ie ones that we know * how to check local user kuserok and the like) @@ -235,7 +269,8 @@ input_gssapi_exchange_complete(int type, u_int32_t plen, void *ctxt) packet_check_eom(); - authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); + authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user, + authctxt->pw)); authctxt->postponed = 0; dispatch_set(SSH2_MSG_USERAUTH_GSSAPI_TOKEN, NULL); @@ -270,7 +305,8 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt) gssbuf.length = buffer_len(&b); if (!GSS_ERROR(PRIVSEP(ssh_gssapi_checkmic(gssctxt, &gssbuf, &mic)))) - authenticated = PRIVSEP(ssh_gssapi_userok(authctxt->user)); + authenticated = + PRIVSEP(ssh_gssapi_userok(authctxt->user, authctxt->pw)); else logit("GSSAPI MIC check failed"); @@ -285,6 +321,12 @@ input_gssapi_mic(int type, u_int32_t plen, void *ctxt) userauth_finish(authctxt, authenticated, "gssapi-with-mic", NULL); } +Authmethod method_gsskeyex = { + "gssapi-keyex", + userauth_gsskeyex, + &options.gss_authentication +}; + Authmethod method_gssapi = { "gssapi-with-mic", userauth_gssapi, diff --git a/auth2.c b/auth2.c index a5490c0..fbe3e1b 100644 --- a/auth2.c +++ b/auth2.c @@ -69,6 +69,7 @@ extern Authmethod method_passwd; extern Authmethod method_kbdint; extern Authmethod method_hostbased; #ifdef GSSAPI +extern Authmethod method_gsskeyex; extern Authmethod method_gssapi; #endif @@ -76,6 +77,7 @@ Authmethod *authmethods[] = { &method_none, &method_pubkey, #ifdef GSSAPI + &method_gsskeyex, &method_gssapi, #endif &method_passwd, diff --git a/clientloop.c b/clientloop.c index 59ad3a2..6d8cd7d 100644 --- a/clientloop.c +++ b/clientloop.c @@ -111,6 +111,10 @@ #include "msg.h" #include "roaming.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif + /* import options */ extern Options options; @@ -1608,6 +1612,15 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) /* Do channel operations unless rekeying in progress. */ if (!rekeying) { channel_after_select(readset, writeset); + +#ifdef GSSAPI + if (options.gss_renewal_rekey && + ssh_gssapi_credentials_updated(NULL)) { + debug("credentials updated - forcing rekey"); + need_rekeying = 1; + } +#endif + if (need_rekeying || packet_need_rekeying()) { debug("need rekeying"); xxx_kex->done = 0; diff --git a/config.h.in b/config.h.in index 0401ad1..6bc422c 100644 --- a/config.h.in +++ b/config.h.in @@ -1622,6 +1622,9 @@ /* Use btmp to log bad logins */ #undef USE_BTMP +/* platform uses an in-memory credentials cache */ +#undef USE_CCAPI + /* Use libedit for sftp */ #undef USE_LIBEDIT @@ -1637,6 +1640,9 @@ /* Use PIPES instead of a socketpair() */ #undef USE_PIPES +/* platform has the Security Authorization Session API */ +#undef USE_SECURITY_SESSION_API + /* Define if you have Solaris process contracts */ #undef USE_SOLARIS_PROCESS_CONTRACTS diff --git a/configure b/configure index d690393..b6b5b6d 100755 --- a/configure +++ b/configure @@ -7170,6 +7170,63 @@ $as_echo "#define SSH_TUN_COMPAT_AF 1" >>confdefs.h $as_echo "#define SSH_TUN_PREPEND_AF 1" >>confdefs.h + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we have the Security Authorization Session API" >&5 +$as_echo_n "checking if we have the Security Authorization Session API... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +SessionCreate(0, 0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_use_security_session_api="yes" + +$as_echo "#define USE_SECURITY_SESSION_API 1" >>confdefs.h + + LIBS="$LIBS -framework Security" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + ac_cv_use_security_session_api="no" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we have an in-memory credentials cache" >&5 +$as_echo_n "checking if we have an in-memory credentials cache... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +cc_context_t c; + (void) cc_initialize (&c, 0, NULL, NULL); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +$as_echo "#define USE_CCAPI 1" >>confdefs.h + + LIBS="$LIBS -framework Security" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + if test "x$ac_cv_use_security_session_api" = "xno"; then + as_fn_error $? "*** Need a security framework to use the credentials cache API ***" "$LINENO" 5 + fi +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_fn_c_check_decl "$LINENO" "AU_IPv4" "ac_cv_have_decl_AU_IPv4" "$ac_includes_default" if test "x$ac_cv_have_decl_AU_IPv4" = xyes; then : diff --git a/configure.ac b/configure.ac index 7c6ce08..d235fb0 100644 --- a/configure.ac +++ b/configure.ac @@ -584,6 +584,30 @@ main() { if (NSVersionOfRunTimeLibrary("System") >= (60 << 16)) [Use tunnel device compatibility to OpenBSD]) AC_DEFINE([SSH_TUN_PREPEND_AF], [1], [Prepend the address family to IP tunnel traffic]) + AC_MSG_CHECKING([if we have the Security Authorization Session API]) + AC_TRY_COMPILE([#include ], + [SessionCreate(0, 0);], + [ac_cv_use_security_session_api="yes" + AC_DEFINE([USE_SECURITY_SESSION_API], [1], + [platform has the Security Authorization Session API]) + LIBS="$LIBS -framework Security" + AC_MSG_RESULT([yes])], + [ac_cv_use_security_session_api="no" + AC_MSG_RESULT([no])]) + AC_MSG_CHECKING([if we have an in-memory credentials cache]) + AC_TRY_COMPILE( + [#include ], + [cc_context_t c; + (void) cc_initialize (&c, 0, NULL, NULL);], + [AC_DEFINE([USE_CCAPI], [1], + [platform uses an in-memory credentials cache]) + LIBS="$LIBS -framework Security" + AC_MSG_RESULT([yes]) + if test "x$ac_cv_use_security_session_api" = "xno"; then + AC_MSG_ERROR([*** Need a security framework to use the credentials cache API ***]) + fi], + [AC_MSG_RESULT([no])] + ) m4_pattern_allow([AU_IPv]) AC_CHECK_DECL([AU_IPv4], [], AC_DEFINE([AU_IPv4], [0], [System only supports IPv4 audit records]) diff --git a/gss-genr.c b/gss-genr.c index b39281b..1e569ad 100644 --- a/gss-genr.c +++ b/gss-genr.c @@ -1,7 +1,7 @@ /* $OpenBSD: gss-genr.c,v 1.22 2013/11/08 00:39:15 djm Exp $ */ /* - * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -39,12 +39,167 @@ #include "buffer.h" #include "log.h" #include "ssh2.h" +#include "cipher.h" +#include "key.h" +#include "kex.h" +#include #include "ssh-gss.h" extern u_char *session_id2; extern u_int session_id2_len; +typedef struct { + char *encoded; + gss_OID oid; +} ssh_gss_kex_mapping; + +/* + * XXX - It would be nice to find a more elegant way of handling the + * XXX passing of the key exchange context to the userauth routines + */ + +Gssctxt *gss_kex_context = NULL; + +static ssh_gss_kex_mapping *gss_enc2oid = NULL; + +int +ssh_gssapi_oid_table_ok(void) { + return (gss_enc2oid != NULL); +} + +/* + * Return a list of the gss-group1-sha1 mechanisms supported by this program + * + * We test mechanisms to ensure that we can use them, to avoid starting + * a key exchange with a bad mechanism + */ + +char * +ssh_gssapi_client_mechanisms(const char *host, const char *client) { + gss_OID_set gss_supported; + OM_uint32 min_status; + + if (GSS_ERROR(gss_indicate_mechs(&min_status, &gss_supported))) + return NULL; + + return(ssh_gssapi_kex_mechs(gss_supported, ssh_gssapi_check_mechanism, + host, client)); +} + +char * +ssh_gssapi_kex_mechs(gss_OID_set gss_supported, ssh_gssapi_check_fn *check, + const char *host, const char *client) { + Buffer buf; + size_t i; + int oidpos, enclen; + char *mechs, *encoded; + u_char digest[EVP_MAX_MD_SIZE]; + char deroid[2]; + const EVP_MD *evp_md = EVP_md5(); + EVP_MD_CTX md; + + if (gss_enc2oid != NULL) { + for (i = 0; gss_enc2oid[i].encoded != NULL; i++) + free(gss_enc2oid[i].encoded); + free(gss_enc2oid); + } + + gss_enc2oid = xmalloc(sizeof(ssh_gss_kex_mapping) * + (gss_supported->count + 1)); + + buffer_init(&buf); + + oidpos = 0; + for (i = 0; i < gss_supported->count; i++) { + if (gss_supported->elements[i].length < 128 && + (*check)(NULL, &(gss_supported->elements[i]), host, client)) { + + deroid[0] = SSH_GSS_OIDTYPE; + deroid[1] = gss_supported->elements[i].length; + + EVP_DigestInit(&md, evp_md); + EVP_DigestUpdate(&md, deroid, 2); + EVP_DigestUpdate(&md, + gss_supported->elements[i].elements, + gss_supported->elements[i].length); + EVP_DigestFinal(&md, digest, NULL); + + encoded = xmalloc(EVP_MD_size(evp_md) * 2); + enclen = __b64_ntop(digest, EVP_MD_size(evp_md), + encoded, EVP_MD_size(evp_md) * 2); + + if (oidpos != 0) + buffer_put_char(&buf, ','); + + buffer_append(&buf, KEX_GSS_GEX_SHA1_ID, + sizeof(KEX_GSS_GEX_SHA1_ID) - 1); + buffer_append(&buf, encoded, enclen); + buffer_put_char(&buf, ','); + buffer_append(&buf, KEX_GSS_GRP1_SHA1_ID, + sizeof(KEX_GSS_GRP1_SHA1_ID) - 1); + buffer_append(&buf, encoded, enclen); + buffer_put_char(&buf, ','); + buffer_append(&buf, KEX_GSS_GRP14_SHA1_ID, + sizeof(KEX_GSS_GRP14_SHA1_ID) - 1); + buffer_append(&buf, encoded, enclen); + + gss_enc2oid[oidpos].oid = &(gss_supported->elements[i]); + gss_enc2oid[oidpos].encoded = encoded; + oidpos++; + } + } + gss_enc2oid[oidpos].oid = NULL; + gss_enc2oid[oidpos].encoded = NULL; + + buffer_put_char(&buf, '\0'); + + mechs = xmalloc(buffer_len(&buf)); + buffer_get(&buf, mechs, buffer_len(&buf)); + buffer_free(&buf); + + if (strlen(mechs) == 0) { + free(mechs); + mechs = NULL; + } + + return (mechs); +} + +gss_OID +ssh_gssapi_id_kex(Gssctxt *ctx, char *name, int kex_type) { + int i = 0; + + switch (kex_type) { + case KEX_GSS_GRP1_SHA1: + if (strlen(name) < sizeof(KEX_GSS_GRP1_SHA1_ID)) + return GSS_C_NO_OID; + name += sizeof(KEX_GSS_GRP1_SHA1_ID) - 1; + break; + case KEX_GSS_GRP14_SHA1: + if (strlen(name) < sizeof(KEX_GSS_GRP14_SHA1_ID)) + return GSS_C_NO_OID; + name += sizeof(KEX_GSS_GRP14_SHA1_ID) - 1; + break; + case KEX_GSS_GEX_SHA1: + if (strlen(name) < sizeof(KEX_GSS_GEX_SHA1_ID)) + return GSS_C_NO_OID; + name += sizeof(KEX_GSS_GEX_SHA1_ID) - 1; + break; + default: + return GSS_C_NO_OID; + } + + while (gss_enc2oid[i].encoded != NULL && + strcmp(name, gss_enc2oid[i].encoded) != 0) + i++; + + if (gss_enc2oid[i].oid != NULL && ctx != NULL) + ssh_gssapi_set_oid(ctx, gss_enc2oid[i].oid); + + return gss_enc2oid[i].oid; +} + /* Check that the OID in a data stream matches that in the context */ int ssh_gssapi_check_oid(Gssctxt *ctx, void *data, size_t len) @@ -197,7 +352,7 @@ ssh_gssapi_init_ctx(Gssctxt *ctx, int deleg_creds, gss_buffer_desc *recv_tok, } ctx->major = gss_init_sec_context(&ctx->minor, - GSS_C_NO_CREDENTIAL, &ctx->context, ctx->name, ctx->oid, + ctx->client_creds, &ctx->context, ctx->name, ctx->oid, GSS_C_MUTUAL_FLAG | GSS_C_INTEG_FLAG | deleg_flag, 0, NULL, recv_tok, NULL, send_tok, flags, NULL); @@ -227,8 +382,42 @@ ssh_gssapi_import_name(Gssctxt *ctx, const char *host) } OM_uint32 +ssh_gssapi_client_identity(Gssctxt *ctx, const char *name) +{ + gss_buffer_desc gssbuf; + gss_name_t gssname; + OM_uint32 status; + gss_OID_set oidset; + + gssbuf.value = (void *) name; + gssbuf.length = strlen(gssbuf.value); + + gss_create_empty_oid_set(&status, &oidset); + gss_add_oid_set_member(&status, ctx->oid, &oidset); + + ctx->major = gss_import_name(&ctx->minor, &gssbuf, + GSS_C_NT_USER_NAME, &gssname); + + if (!ctx->major) + ctx->major = gss_acquire_cred(&ctx->minor, + gssname, 0, oidset, GSS_C_INITIATE, + &ctx->client_creds, NULL, NULL); + + gss_release_name(&status, &gssname); + gss_release_oid_set(&status, &oidset); + + if (ctx->major) + ssh_gssapi_error(ctx); + + return(ctx->major); +} + +OM_uint32 ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) { + if (ctx == NULL) + return -1; + if ((ctx->major = gss_get_mic(&ctx->minor, ctx->context, GSS_C_QOP_DEFAULT, buffer, hash))) ssh_gssapi_error(ctx); @@ -236,6 +425,19 @@ ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_t buffer, gss_buffer_t hash) return (ctx->major); } +/* Priviledged when used by server */ +OM_uint32 +ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) +{ + if (ctx == NULL) + return -1; + + ctx->major = gss_verify_mic(&ctx->minor, ctx->context, + gssbuf, gssmic, NULL); + + return (ctx->major); +} + void ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, const char *context) @@ -249,11 +451,16 @@ ssh_gssapi_buildmic(Buffer *b, const char *user, const char *service, } int -ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) +ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host, + const char *client) { gss_buffer_desc token = GSS_C_EMPTY_BUFFER; OM_uint32 major, minor; gss_OID_desc spnego_oid = {6, (void *)"\x2B\x06\x01\x05\x05\x02"}; + Gssctxt *intctx = NULL; + + if (ctx == NULL) + ctx = &intctx; /* RFC 4462 says we MUST NOT do SPNEGO */ if (oid->length == spnego_oid.length && @@ -263,6 +470,10 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) ssh_gssapi_build_ctx(ctx); ssh_gssapi_set_oid(*ctx, oid); major = ssh_gssapi_import_name(*ctx, host); + + if (!GSS_ERROR(major) && client) + major = ssh_gssapi_client_identity(*ctx, client); + if (!GSS_ERROR(major)) { major = ssh_gssapi_init_ctx(*ctx, 0, GSS_C_NO_BUFFER, &token, NULL); @@ -272,10 +483,66 @@ ssh_gssapi_check_mechanism(Gssctxt **ctx, gss_OID oid, const char *host) GSS_C_NO_BUFFER); } - if (GSS_ERROR(major)) + if (GSS_ERROR(major) || intctx != NULL) ssh_gssapi_delete_ctx(ctx); return (!GSS_ERROR(major)); } +int +ssh_gssapi_credentials_updated(Gssctxt *ctxt) { + static gss_name_t saved_name = GSS_C_NO_NAME; + static OM_uint32 saved_lifetime = 0; + static gss_OID saved_mech = GSS_C_NO_OID; + static gss_name_t name; + static OM_uint32 last_call = 0; + OM_uint32 lifetime, now, major, minor; + int equal; + + now = time(NULL); + + if (ctxt) { + debug("Rekey has happened - updating saved versions"); + + if (saved_name != GSS_C_NO_NAME) + gss_release_name(&minor, &saved_name); + + major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, + &saved_name, &saved_lifetime, NULL, NULL); + + if (!GSS_ERROR(major)) { + saved_mech = ctxt->oid; + saved_lifetime+= now; + } else { + /* Handle the error */ + } + return 0; + } + + if (now - last_call < 10) + return 0; + + last_call = now; + + if (saved_mech == GSS_C_NO_OID) + return 0; + + major = gss_inquire_cred(&minor, GSS_C_NO_CREDENTIAL, + &name, &lifetime, NULL, NULL); + if (major == GSS_S_CREDENTIALS_EXPIRED) + return 0; + else if (GSS_ERROR(major)) + return 0; + + major = gss_compare_name(&minor, saved_name, name, &equal); + gss_release_name(&minor, &name); + if (GSS_ERROR(major)) + return 0; + + if (equal && (saved_lifetime < lifetime + now - 10)) + return 1; + + return 0; +} + #endif /* GSSAPI */ diff --git a/gss-serv-krb5.c b/gss-serv-krb5.c index 759fa10..e678a27 100644 --- a/gss-serv-krb5.c +++ b/gss-serv-krb5.c @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv-krb5.c,v 1.8 2013/07/20 01:55:13 djm Exp $ */ /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. + * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -120,8 +120,8 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) krb5_error_code problem; krb5_principal princ; OM_uint32 maj_status, min_status; - int len; const char *errmsg; + const char *new_ccname; if (client->creds == NULL) { debug("No credentials stored"); @@ -180,11 +180,16 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) return; } - client->store.filename = xstrdup(krb5_cc_get_name(krb_context, ccache)); + new_ccname = krb5_cc_get_name(krb_context, ccache); + client->store.envvar = "KRB5CCNAME"; - len = strlen(client->store.filename) + 6; - client->store.envval = xmalloc(len); - snprintf(client->store.envval, len, "FILE:%s", client->store.filename); +#ifdef USE_CCAPI + xasprintf(&client->store.envval, "API:%s", new_ccname); + client->store.filename = NULL; +#else + xasprintf(&client->store.envval, "FILE:%s", new_ccname); + client->store.filename = xstrdup(new_ccname); +#endif #ifdef USE_PAM if (options.use_pam) @@ -196,6 +201,71 @@ ssh_gssapi_krb5_storecreds(ssh_gssapi_client *client) return; } +int +ssh_gssapi_krb5_updatecreds(ssh_gssapi_ccache *store, + ssh_gssapi_client *client) +{ + krb5_ccache ccache = NULL; + krb5_principal principal = NULL; + char *name = NULL; + krb5_error_code problem; + OM_uint32 maj_status, min_status; + + if ((problem = krb5_cc_resolve(krb_context, store->envval, &ccache))) { + logit("krb5_cc_resolve(): %.100s", + krb5_get_err_text(krb_context, problem)); + return 0; + } + + /* Find out who the principal in this cache is */ + if ((problem = krb5_cc_get_principal(krb_context, ccache, + &principal))) { + logit("krb5_cc_get_principal(): %.100s", + krb5_get_err_text(krb_context, problem)); + krb5_cc_close(krb_context, ccache); + return 0; + } + + if ((problem = krb5_unparse_name(krb_context, principal, &name))) { + logit("krb5_unparse_name(): %.100s", + krb5_get_err_text(krb_context, problem)); + krb5_free_principal(krb_context, principal); + krb5_cc_close(krb_context, ccache); + return 0; + } + + + if (strcmp(name,client->exportedname.value)!=0) { + debug("Name in local credentials cache differs. Not storing"); + krb5_free_principal(krb_context, principal); + krb5_cc_close(krb_context, ccache); + krb5_free_unparsed_name(krb_context, name); + return 0; + } + krb5_free_unparsed_name(krb_context, name); + + /* Name matches, so lets get on with it! */ + + if ((problem = krb5_cc_initialize(krb_context, ccache, principal))) { + logit("krb5_cc_initialize(): %.100s", + krb5_get_err_text(krb_context, problem)); + krb5_free_principal(krb_context, principal); + krb5_cc_close(krb_context, ccache); + return 0; + } + + krb5_free_principal(krb_context, principal); + + if ((maj_status = gss_krb5_copy_ccache(&min_status, client->creds, + ccache))) { + logit("gss_krb5_copy_ccache() failed. Sorry!"); + krb5_cc_close(krb_context, ccache); + return 0; + } + + return 1; +} + ssh_gssapi_mech gssapi_kerberos_mech = { "toWM5Slw5Ew8Mqkay+al2g==", "Kerberos", @@ -203,7 +273,8 @@ ssh_gssapi_mech gssapi_kerberos_mech = { NULL, &ssh_gssapi_krb5_userok, NULL, - &ssh_gssapi_krb5_storecreds + &ssh_gssapi_krb5_storecreds, + &ssh_gssapi_krb5_updatecreds }; #endif /* KRB5 */ diff --git a/gss-serv.c b/gss-serv.c index e61b37b..c33463b 100644 --- a/gss-serv.c +++ b/gss-serv.c @@ -1,7 +1,7 @@ /* $OpenBSD: gss-serv.c,v 1.26 2014/02/26 20:28:44 djm Exp $ */ /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -45,15 +45,21 @@ #include "channels.h" #include "session.h" #include "misc.h" +#include "servconf.h" +#include "uidswap.h" #include "ssh-gss.h" +#include "monitor_wrap.h" + +extern ServerOptions options; static ssh_gssapi_client gssapi_client = { GSS_C_EMPTY_BUFFER, GSS_C_EMPTY_BUFFER, - GSS_C_NO_CREDENTIAL, NULL, {NULL, NULL, NULL, NULL}}; + GSS_C_NO_CREDENTIAL, GSS_C_NO_NAME, NULL, + {NULL, NULL, NULL, NULL, NULL}, 0, 0}; ssh_gssapi_mech gssapi_null_mech = - { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL}; + { NULL, NULL, {0, NULL}, NULL, NULL, NULL, NULL, NULL}; #ifdef KRB5 extern ssh_gssapi_mech gssapi_kerberos_mech; @@ -100,25 +106,32 @@ ssh_gssapi_acquire_cred(Gssctxt *ctx) char lname[MAXHOSTNAMELEN]; gss_OID_set oidset; - gss_create_empty_oid_set(&status, &oidset); - gss_add_oid_set_member(&status, ctx->oid, &oidset); + if (options.gss_strict_acceptor) { + gss_create_empty_oid_set(&status, &oidset); + gss_add_oid_set_member(&status, ctx->oid, &oidset); - if (gethostname(lname, MAXHOSTNAMELEN)) { - gss_release_oid_set(&status, &oidset); - return (-1); - } + if (gethostname(lname, MAXHOSTNAMELEN)) { + gss_release_oid_set(&status, &oidset); + return (-1); + } + + if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) { + gss_release_oid_set(&status, &oidset); + return (ctx->major); + } + + if ((ctx->major = gss_acquire_cred(&ctx->minor, + ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, + NULL, NULL))) + ssh_gssapi_error(ctx); - if (GSS_ERROR(ssh_gssapi_import_name(ctx, lname))) { gss_release_oid_set(&status, &oidset); return (ctx->major); + } else { + ctx->name = GSS_C_NO_NAME; + ctx->creds = GSS_C_NO_CREDENTIAL; } - - if ((ctx->major = gss_acquire_cred(&ctx->minor, - ctx->name, 0, oidset, GSS_C_ACCEPT, &ctx->creds, NULL, NULL))) - ssh_gssapi_error(ctx); - - gss_release_oid_set(&status, &oidset); - return (ctx->major); + return GSS_S_COMPLETE; } /* Privileged */ @@ -133,6 +146,29 @@ ssh_gssapi_server_ctx(Gssctxt **ctx, gss_OID oid) } /* Unprivileged */ +char * +ssh_gssapi_server_mechanisms(void) { + gss_OID_set supported; + + ssh_gssapi_supported_oids(&supported); + return (ssh_gssapi_kex_mechs(supported, &ssh_gssapi_server_check_mech, + NULL, NULL)); +} + +/* Unprivileged */ +int +ssh_gssapi_server_check_mech(Gssctxt **dum, gss_OID oid, const char *data, + const char *dummy) { + Gssctxt *ctx = NULL; + int res; + + res = !GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctx, oid))); + ssh_gssapi_delete_ctx(&ctx); + + return (res); +} + +/* Unprivileged */ void ssh_gssapi_supported_oids(gss_OID_set *oidset) { @@ -142,7 +178,9 @@ ssh_gssapi_supported_oids(gss_OID_set *oidset) gss_OID_set supported; gss_create_empty_oid_set(&min_status, oidset); - gss_indicate_mechs(&min_status, &supported); + + if (GSS_ERROR(gss_indicate_mechs(&min_status, &supported))) + return; while (supported_mechs[i]->name != NULL) { if (GSS_ERROR(gss_test_oid_set_member(&min_status, @@ -268,8 +306,48 @@ OM_uint32 ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) { int i = 0; + int equal = 0; + gss_name_t new_name = GSS_C_NO_NAME; + gss_buffer_desc ename = GSS_C_EMPTY_BUFFER; + + if (options.gss_store_rekey && client->used && ctx->client_creds) { + if (client->mech->oid.length != ctx->oid->length || + (memcmp(client->mech->oid.elements, + ctx->oid->elements, ctx->oid->length) !=0)) { + debug("Rekeyed credentials have different mechanism"); + return GSS_S_COMPLETE; + } + + if ((ctx->major = gss_inquire_cred_by_mech(&ctx->minor, + ctx->client_creds, ctx->oid, &new_name, + NULL, NULL, NULL))) { + ssh_gssapi_error(ctx); + return (ctx->major); + } + + ctx->major = gss_compare_name(&ctx->minor, client->name, + new_name, &equal); - gss_buffer_desc ename; + if (GSS_ERROR(ctx->major)) { + ssh_gssapi_error(ctx); + return (ctx->major); + } + + if (!equal) { + debug("Rekeyed credentials have different name"); + return GSS_S_COMPLETE; + } + + debug("Marking rekeyed credentials for export"); + + gss_release_name(&ctx->minor, &client->name); + gss_release_cred(&ctx->minor, &client->creds); + client->name = new_name; + client->creds = ctx->client_creds; + ctx->client_creds = GSS_C_NO_CREDENTIAL; + client->updated = 1; + return GSS_S_COMPLETE; + } client->mech = NULL; @@ -284,6 +362,13 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) if (client->mech == NULL) return GSS_S_FAILURE; + if (ctx->client_creds && + (ctx->major = gss_inquire_cred_by_mech(&ctx->minor, + ctx->client_creds, ctx->oid, &client->name, NULL, NULL, NULL))) { + ssh_gssapi_error(ctx); + return (ctx->major); + } + if ((ctx->major = gss_display_name(&ctx->minor, ctx->client, &client->displayname, NULL))) { ssh_gssapi_error(ctx); @@ -301,6 +386,8 @@ ssh_gssapi_getclient(Gssctxt *ctx, ssh_gssapi_client *client) return (ctx->major); } + gss_release_buffer(&ctx->minor, &ename); + /* We can't copy this structure, so we just move the pointer to it */ client->creds = ctx->client_creds; ctx->client_creds = GSS_C_NO_CREDENTIAL; @@ -348,7 +435,7 @@ ssh_gssapi_do_child(char ***envp, u_int *envsizep) /* Privileged */ int -ssh_gssapi_userok(char *user) +ssh_gssapi_userok(char *user, struct passwd *pw) { OM_uint32 lmin; @@ -358,9 +445,11 @@ ssh_gssapi_userok(char *user) return 0; } if (gssapi_client.mech && gssapi_client.mech->userok) - if ((*gssapi_client.mech->userok)(&gssapi_client, user)) + if ((*gssapi_client.mech->userok)(&gssapi_client, user)) { + gssapi_client.used = 1; + gssapi_client.store.owner = pw; return 1; - else { + } else { /* Destroy delegated credentials if userok fails */ gss_release_buffer(&lmin, &gssapi_client.displayname); gss_release_buffer(&lmin, &gssapi_client.exportedname); @@ -374,14 +463,90 @@ ssh_gssapi_userok(char *user) return (0); } -/* Privileged */ -OM_uint32 -ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) +/* These bits are only used for rekeying. The unpriviledged child is running + * as the user, the monitor is root. + * + * In the child, we want to : + * *) Ask the monitor to store our credentials into the store we specify + * *) If it succeeds, maybe do a PAM update + */ + +/* Stuff for PAM */ + +#ifdef USE_PAM +static int ssh_gssapi_simple_conv(int n, const struct pam_message **msg, + struct pam_response **resp, void *data) { - ctx->major = gss_verify_mic(&ctx->minor, ctx->context, - gssbuf, gssmic, NULL); + return (PAM_CONV_ERR); +} +#endif - return (ctx->major); +void +ssh_gssapi_rekey_creds(void) { + int ok; + int ret; +#ifdef USE_PAM + pam_handle_t *pamh = NULL; + struct pam_conv pamconv = {ssh_gssapi_simple_conv, NULL}; + char *envstr; +#endif + + if (gssapi_client.store.filename == NULL && + gssapi_client.store.envval == NULL && + gssapi_client.store.envvar == NULL) + return; + + ok = PRIVSEP(ssh_gssapi_update_creds(&gssapi_client.store)); + + if (!ok) + return; + + debug("Rekeyed credentials stored successfully"); + + /* Actually managing to play with the ssh pam stack from here will + * be next to impossible. In any case, we may want different options + * for rekeying. So, use our own :) + */ +#ifdef USE_PAM + if (!use_privsep) { + debug("Not even going to try and do PAM with privsep disabled"); + return; + } + + ret = pam_start("sshd-rekey", gssapi_client.store.owner->pw_name, + &pamconv, &pamh); + if (ret) + return; + + xasprintf(&envstr, "%s=%s", gssapi_client.store.envvar, + gssapi_client.store.envval); + + ret = pam_putenv(pamh, envstr); + if (!ret) + pam_setcred(pamh, PAM_REINITIALIZE_CRED); + pam_end(pamh, PAM_SUCCESS); +#endif +} + +int +ssh_gssapi_update_creds(ssh_gssapi_ccache *store) { + int ok = 0; + + /* Check we've got credentials to store */ + if (!gssapi_client.updated) + return 0; + + gssapi_client.updated = 0; + + temporarily_use_uid(gssapi_client.store.owner); + if (gssapi_client.mech && gssapi_client.mech->updatecreds) + ok = (*gssapi_client.mech->updatecreds)(store, &gssapi_client); + else + debug("No update function for this mechanism"); + + restore_uid(); + + return ok; } #endif diff --git a/kex.c b/kex.c index 74e2b86..d114ee3 100644 --- a/kex.c +++ b/kex.c @@ -51,6 +51,10 @@ #include "roaming.h" #include "digest.h" +#ifdef GSSAPI +#include "ssh-gss.h" +#endif + #if OPENSSL_VERSION_NUMBER >= 0x00907000L # if defined(HAVE_EVP_SHA256) # define evp_ssh_sha256 EVP_sha256 @@ -92,6 +96,14 @@ static const struct kexalg kexalgs[] = { #endif { NULL, -1, -1, -1}, }; +static const struct kexalg kexalg_prefixes[] = { +#ifdef GSSAPI + { KEX_GSS_GEX_SHA1_ID, KEX_GSS_GEX_SHA1, 0, SSH_DIGEST_SHA1 }, + { KEX_GSS_GRP1_SHA1_ID, KEX_GSS_GRP1_SHA1, 0, SSH_DIGEST_SHA1 }, + { KEX_GSS_GRP14_SHA1_ID, KEX_GSS_GRP14_SHA1, 0, SSH_DIGEST_SHA1 }, +#endif + { NULL, -1, -1, -1 }, +}; char * kex_alg_list(char sep) @@ -120,6 +132,10 @@ kex_alg_by_name(const char *name) if (strcmp(k->name, name) == 0) return k; } + for (k = kexalg_prefixes; k->name != NULL; k++) { + if (strncmp(k->name, name, strlen(k->name)) == 0) + return k; + } return NULL; } diff --git a/kex.h b/kex.h index c85680e..ea698c4 100644 --- a/kex.h +++ b/kex.h @@ -76,6 +76,9 @@ enum kex_exchange { KEX_DH_GEX_SHA256, KEX_ECDH_SHA2, KEX_C25519_SHA256, + KEX_GSS_GRP1_SHA1, + KEX_GSS_GRP14_SHA1, + KEX_GSS_GEX_SHA1, KEX_MAX }; @@ -135,6 +138,12 @@ struct Kex { int flags; int hash_alg; int ec_nid; +#ifdef GSSAPI + int gss_deleg_creds; + int gss_trust_dns; + char *gss_host; + char *gss_client; +#endif char *client_version_string; char *server_version_string; int (*verify_host_key)(Key *); @@ -167,6 +176,11 @@ void kexecdh_server(Kex *); void kexc25519_client(Kex *); void kexc25519_server(Kex *); +#ifdef GSSAPI +void kexgss_client(Kex *); +void kexgss_server(Kex *); +#endif + void kex_dh_hash(char *, char *, char *, int, char *, int, u_char *, int, BIGNUM *, BIGNUM *, BIGNUM *, u_char **, u_int *); diff --git a/kexgssc.c b/kexgssc.c new file mode 100644 index 0000000..92a31c5 --- /dev/null +++ b/kexgssc.c @@ -0,0 +1,332 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" + +#ifdef GSSAPI + +#include "includes.h" + +#include +#include + +#include + +#include "xmalloc.h" +#include "buffer.h" +#include "ssh2.h" +#include "key.h" +#include "cipher.h" +#include "kex.h" +#include "log.h" +#include "packet.h" +#include "dh.h" + +#include "ssh-gss.h" + +void +kexgss_client(Kex *kex) { + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; + gss_buffer_desc recv_tok, gssbuf, msg_tok, *token_ptr; + Gssctxt *ctxt; + OM_uint32 maj_status, min_status, ret_flags; + u_int klen, kout, slen = 0, hashlen, strlen; + DH *dh; + BIGNUM *dh_server_pub = NULL; + BIGNUM *shared_secret = NULL; + BIGNUM *p = NULL; + BIGNUM *g = NULL; + u_char *kbuf, *hash; + u_char *serverhostkey = NULL; + u_char *empty = ""; + char *msg; + int type = 0; + int first = 1; + int nbits = 0, min = DH_GRP_MIN, max = DH_GRP_MAX; + + /* Initialise our GSSAPI world */ + ssh_gssapi_build_ctx(&ctxt); + if (ssh_gssapi_id_kex(ctxt, kex->name, kex->kex_type) + == GSS_C_NO_OID) + fatal("Couldn't identify host exchange"); + + if (ssh_gssapi_import_name(ctxt, kex->gss_host)) + fatal("Couldn't import hostname"); + + if (kex->gss_client && + ssh_gssapi_client_identity(ctxt, kex->gss_client)) + fatal("Couldn't acquire client credentials"); + + switch (kex->kex_type) { + case KEX_GSS_GRP1_SHA1: + dh = dh_new_group1(); + break; + case KEX_GSS_GRP14_SHA1: + dh = dh_new_group14(); + break; + case KEX_GSS_GEX_SHA1: + debug("Doing group exchange\n"); + nbits = dh_estimate(kex->we_need * 8); + packet_start(SSH2_MSG_KEXGSS_GROUPREQ); + packet_put_int(min); + packet_put_int(nbits); + packet_put_int(max); + + packet_send(); + + packet_read_expect(SSH2_MSG_KEXGSS_GROUP); + + if ((p = BN_new()) == NULL) + fatal("BN_new() failed"); + packet_get_bignum2(p); + if ((g = BN_new()) == NULL) + fatal("BN_new() failed"); + packet_get_bignum2(g); + packet_check_eom(); + + if (BN_num_bits(p) < min || BN_num_bits(p) > max) + fatal("GSSGRP_GEX group out of range: %d !< %d !< %d", + min, BN_num_bits(p), max); + + dh = dh_new_group(g, p); + break; + default: + fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); + } + + /* Step 1 - e is dh->pub_key */ + dh_gen_key(dh, kex->we_need * 8); + + /* This is f, we initialise it now to make life easier */ + dh_server_pub = BN_new(); + if (dh_server_pub == NULL) + fatal("dh_server_pub == NULL"); + + token_ptr = GSS_C_NO_BUFFER; + + do { + debug("Calling gss_init_sec_context"); + + maj_status = ssh_gssapi_init_ctx(ctxt, + kex->gss_deleg_creds, token_ptr, &send_tok, + &ret_flags); + + if (GSS_ERROR(maj_status)) { + if (send_tok.length != 0) { + packet_start(SSH2_MSG_KEXGSS_CONTINUE); + packet_put_string(send_tok.value, + send_tok.length); + } + fatal("gss_init_context failed"); + } + + /* If we've got an old receive buffer get rid of it */ + if (token_ptr != GSS_C_NO_BUFFER) + free(recv_tok.value); + + if (maj_status == GSS_S_COMPLETE) { + /* If mutual state flag is not true, kex fails */ + if (!(ret_flags & GSS_C_MUTUAL_FLAG)) + fatal("Mutual authentication failed"); + + /* If integ avail flag is not true kex fails */ + if (!(ret_flags & GSS_C_INTEG_FLAG)) + fatal("Integrity check failed"); + } + + /* + * If we have data to send, then the last message that we + * received cannot have been a 'complete'. + */ + if (send_tok.length != 0) { + if (first) { + packet_start(SSH2_MSG_KEXGSS_INIT); + packet_put_string(send_tok.value, + send_tok.length); + packet_put_bignum2(dh->pub_key); + first = 0; + } else { + packet_start(SSH2_MSG_KEXGSS_CONTINUE); + packet_put_string(send_tok.value, + send_tok.length); + } + packet_send(); + gss_release_buffer(&min_status, &send_tok); + + /* If we've sent them data, they should reply */ + do { + type = packet_read(); + if (type == SSH2_MSG_KEXGSS_HOSTKEY) { + debug("Received KEXGSS_HOSTKEY"); + if (serverhostkey) + fatal("Server host key received more than once"); + serverhostkey = + packet_get_string(&slen); + } + } while (type == SSH2_MSG_KEXGSS_HOSTKEY); + + switch (type) { + case SSH2_MSG_KEXGSS_CONTINUE: + debug("Received GSSAPI_CONTINUE"); + if (maj_status == GSS_S_COMPLETE) + fatal("GSSAPI Continue received from server when complete"); + recv_tok.value = packet_get_string(&strlen); + recv_tok.length = strlen; + break; + case SSH2_MSG_KEXGSS_COMPLETE: + debug("Received GSSAPI_COMPLETE"); + packet_get_bignum2(dh_server_pub); + msg_tok.value = packet_get_string(&strlen); + msg_tok.length = strlen; + + /* Is there a token included? */ + if (packet_get_char()) { + recv_tok.value= + packet_get_string(&strlen); + recv_tok.length = strlen; + /* If we're already complete - protocol error */ + if (maj_status == GSS_S_COMPLETE) + packet_disconnect("Protocol error: received token when complete"); + } else { + /* No token included */ + if (maj_status != GSS_S_COMPLETE) + packet_disconnect("Protocol error: did not receive final token"); + } + break; + case SSH2_MSG_KEXGSS_ERROR: + debug("Received Error"); + maj_status = packet_get_int(); + min_status = packet_get_int(); + msg = packet_get_string(NULL); + (void) packet_get_string_ptr(NULL); + fatal("GSSAPI Error: \n%.400s",msg); + default: + packet_disconnect("Protocol error: didn't expect packet type %d", + type); + } + token_ptr = &recv_tok; + } else { + /* No data, and not complete */ + if (maj_status != GSS_S_COMPLETE) + fatal("Not complete, and no token output"); + } + } while (maj_status & GSS_S_CONTINUE_NEEDED); + + /* + * We _must_ have received a COMPLETE message in reply from the + * server, which will have set dh_server_pub and msg_tok + */ + + if (type != SSH2_MSG_KEXGSS_COMPLETE) + fatal("Didn't receive a SSH2_MSG_KEXGSS_COMPLETE when I expected it"); + + /* Check f in range [1, p-1] */ + if (!dh_pub_is_valid(dh, dh_server_pub)) + packet_disconnect("bad server public DH value"); + + /* compute K=f^x mod p */ + klen = DH_size(dh); + kbuf = xmalloc(klen); + kout = DH_compute_key(kbuf, dh_server_pub, dh); + if (kout < 0) + fatal("DH_compute_key: failed"); + + shared_secret = BN_new(); + if (shared_secret == NULL) + fatal("kexgss_client: BN_new failed"); + + if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) + fatal("kexdh_client: BN_bin2bn failed"); + + memset(kbuf, 0, klen); + free(kbuf); + + switch (kex->kex_type) { + case KEX_GSS_GRP1_SHA1: + case KEX_GSS_GRP14_SHA1: + kex_dh_hash( kex->client_version_string, + kex->server_version_string, + buffer_ptr(&kex->my), buffer_len(&kex->my), + buffer_ptr(&kex->peer), buffer_len(&kex->peer), + (serverhostkey ? serverhostkey : empty), slen, + dh->pub_key, /* e */ + dh_server_pub, /* f */ + shared_secret, /* K */ + &hash, &hashlen + ); + break; + case KEX_GSS_GEX_SHA1: + kexgex_hash( + kex->hash_alg, + kex->client_version_string, + kex->server_version_string, + buffer_ptr(&kex->my), buffer_len(&kex->my), + buffer_ptr(&kex->peer), buffer_len(&kex->peer), + (serverhostkey ? serverhostkey : empty), slen, + min, nbits, max, + dh->p, dh->g, + dh->pub_key, + dh_server_pub, + shared_secret, + &hash, &hashlen + ); + break; + default: + fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); + } + + gssbuf.value = hash; + gssbuf.length = hashlen; + + /* Verify that the hash matches the MIC we just got. */ + if (GSS_ERROR(ssh_gssapi_checkmic(ctxt, &gssbuf, &msg_tok))) + packet_disconnect("Hash's MIC didn't verify"); + + free(msg_tok.value); + + DH_free(dh); + free(serverhostkey); + BN_clear_free(dh_server_pub); + + /* save session id */ + if (kex->session_id == NULL) { + kex->session_id_len = hashlen; + kex->session_id = xmalloc(kex->session_id_len); + memcpy(kex->session_id, hash, kex->session_id_len); + } + + if (kex->gss_deleg_creds) + ssh_gssapi_credentials_updated(ctxt); + + if (gss_kex_context == NULL) + gss_kex_context = ctxt; + else + ssh_gssapi_delete_ctx(&ctxt); + + kex_derive_keys_bn(kex, hash, hashlen, shared_secret); + BN_clear_free(shared_secret); + kex_finish(kex); +} + +#endif /* GSSAPI */ diff --git a/kexgsss.c b/kexgsss.c new file mode 100644 index 0000000..8095259 --- /dev/null +++ b/kexgsss.c @@ -0,0 +1,289 @@ +/* + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include "includes.h" + +#ifdef GSSAPI + +#include + +#include +#include + +#include "xmalloc.h" +#include "buffer.h" +#include "ssh2.h" +#include "key.h" +#include "cipher.h" +#include "kex.h" +#include "log.h" +#include "packet.h" +#include "dh.h" +#include "ssh-gss.h" +#include "monitor_wrap.h" +#include "servconf.h" + +extern ServerOptions options; + +void +kexgss_server(Kex *kex) +{ + OM_uint32 maj_status, min_status; + + /* + * Some GSSAPI implementations use the input value of ret_flags (an + * output variable) as a means of triggering mechanism specific + * features. Initializing it to zero avoids inadvertently + * activating this non-standard behaviour. + */ + + OM_uint32 ret_flags = 0; + gss_buffer_desc gssbuf, recv_tok, msg_tok; + gss_buffer_desc send_tok = GSS_C_EMPTY_BUFFER; + Gssctxt *ctxt = NULL; + u_int slen, klen, kout, hashlen; + u_char *kbuf, *hash; + DH *dh; + int min = -1, max = -1, nbits = -1; + BIGNUM *shared_secret = NULL; + BIGNUM *dh_client_pub = NULL; + int type = 0; + gss_OID oid; + char *mechs; + + /* Initialise GSSAPI */ + + /* If we're rekeying, privsep means that some of the private structures + * in the GSSAPI code are no longer available. This kludges them back + * into life + */ + if (!ssh_gssapi_oid_table_ok()) { + mechs = ssh_gssapi_server_mechanisms(); + free(mechs); + } + + debug2("%s: Identifying %s", __func__, kex->name); + oid = ssh_gssapi_id_kex(NULL, kex->name, kex->kex_type); + if (oid == GSS_C_NO_OID) + fatal("Unknown gssapi mechanism"); + + debug2("%s: Acquiring credentials", __func__); + + if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, oid)))) + fatal("Unable to acquire credentials for the server"); + + switch (kex->kex_type) { + case KEX_GSS_GRP1_SHA1: + dh = dh_new_group1(); + break; + case KEX_GSS_GRP14_SHA1: + dh = dh_new_group14(); + break; + case KEX_GSS_GEX_SHA1: + debug("Doing group exchange"); + packet_read_expect(SSH2_MSG_KEXGSS_GROUPREQ); + min = packet_get_int(); + nbits = packet_get_int(); + max = packet_get_int(); + min = MAX(DH_GRP_MIN, min); + max = MIN(DH_GRP_MAX, max); + packet_check_eom(); + if (max < min || nbits < min || max < nbits) + fatal("GSS_GEX, bad parameters: %d !< %d !< %d", + min, nbits, max); + dh = PRIVSEP(choose_dh(min, nbits, max)); + if (dh == NULL) + packet_disconnect("Protocol error: no matching group found"); + + packet_start(SSH2_MSG_KEXGSS_GROUP); + packet_put_bignum2(dh->p); + packet_put_bignum2(dh->g); + packet_send(); + + packet_write_wait(); + break; + default: + fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); + } + + dh_gen_key(dh, kex->we_need * 8); + + do { + debug("Wait SSH2_MSG_GSSAPI_INIT"); + type = packet_read(); + switch(type) { + case SSH2_MSG_KEXGSS_INIT: + if (dh_client_pub != NULL) + fatal("Received KEXGSS_INIT after initialising"); + recv_tok.value = packet_get_string(&slen); + recv_tok.length = slen; + + if ((dh_client_pub = BN_new()) == NULL) + fatal("dh_client_pub == NULL"); + + packet_get_bignum2(dh_client_pub); + + /* Send SSH_MSG_KEXGSS_HOSTKEY here, if we want */ + break; + case SSH2_MSG_KEXGSS_CONTINUE: + recv_tok.value = packet_get_string(&slen); + recv_tok.length = slen; + break; + default: + packet_disconnect( + "Protocol error: didn't expect packet type %d", + type); + } + + maj_status = PRIVSEP(ssh_gssapi_accept_ctx(ctxt, &recv_tok, + &send_tok, &ret_flags)); + + free(recv_tok.value); + + if (maj_status != GSS_S_COMPLETE && send_tok.length == 0) + fatal("Zero length token output when incomplete"); + + if (dh_client_pub == NULL) + fatal("No client public key"); + + if (maj_status & GSS_S_CONTINUE_NEEDED) { + debug("Sending GSSAPI_CONTINUE"); + packet_start(SSH2_MSG_KEXGSS_CONTINUE); + packet_put_string(send_tok.value, send_tok.length); + packet_send(); + gss_release_buffer(&min_status, &send_tok); + } + } while (maj_status & GSS_S_CONTINUE_NEEDED); + + if (GSS_ERROR(maj_status)) { + if (send_tok.length > 0) { + packet_start(SSH2_MSG_KEXGSS_CONTINUE); + packet_put_string(send_tok.value, send_tok.length); + packet_send(); + } + fatal("accept_ctx died"); + } + + if (!(ret_flags & GSS_C_MUTUAL_FLAG)) + fatal("Mutual Authentication flag wasn't set"); + + if (!(ret_flags & GSS_C_INTEG_FLAG)) + fatal("Integrity flag wasn't set"); + + if (!dh_pub_is_valid(dh, dh_client_pub)) + packet_disconnect("bad client public DH value"); + + klen = DH_size(dh); + kbuf = xmalloc(klen); + kout = DH_compute_key(kbuf, dh_client_pub, dh); + if (kout < 0) + fatal("DH_compute_key: failed"); + + shared_secret = BN_new(); + if (shared_secret == NULL) + fatal("kexgss_server: BN_new failed"); + + if (BN_bin2bn(kbuf, kout, shared_secret) == NULL) + fatal("kexgss_server: BN_bin2bn failed"); + + memset(kbuf, 0, klen); + free(kbuf); + + switch (kex->kex_type) { + case KEX_GSS_GRP1_SHA1: + case KEX_GSS_GRP14_SHA1: + kex_dh_hash( + kex->client_version_string, kex->server_version_string, + buffer_ptr(&kex->peer), buffer_len(&kex->peer), + buffer_ptr(&kex->my), buffer_len(&kex->my), + NULL, 0, /* Change this if we start sending host keys */ + dh_client_pub, dh->pub_key, shared_secret, + &hash, &hashlen + ); + break; + case KEX_GSS_GEX_SHA1: + kexgex_hash( + kex->hash_alg, + kex->client_version_string, kex->server_version_string, + buffer_ptr(&kex->peer), buffer_len(&kex->peer), + buffer_ptr(&kex->my), buffer_len(&kex->my), + NULL, 0, + min, nbits, max, + dh->p, dh->g, + dh_client_pub, + dh->pub_key, + shared_secret, + &hash, &hashlen + ); + break; + default: + fatal("%s: Unexpected KEX type %d", __func__, kex->kex_type); + } + + BN_clear_free(dh_client_pub); + + if (kex->session_id == NULL) { + kex->session_id_len = hashlen; + kex->session_id = xmalloc(kex->session_id_len); + memcpy(kex->session_id, hash, kex->session_id_len); + } + + gssbuf.value = hash; + gssbuf.length = hashlen; + + if (GSS_ERROR(PRIVSEP(ssh_gssapi_sign(ctxt,&gssbuf,&msg_tok)))) + fatal("Couldn't get MIC"); + + packet_start(SSH2_MSG_KEXGSS_COMPLETE); + packet_put_bignum2(dh->pub_key); + packet_put_string(msg_tok.value,msg_tok.length); + + if (send_tok.length != 0) { + packet_put_char(1); /* true */ + packet_put_string(send_tok.value, send_tok.length); + } else { + packet_put_char(0); /* false */ + } + packet_send(); + + gss_release_buffer(&min_status, &send_tok); + gss_release_buffer(&min_status, &msg_tok); + + if (gss_kex_context == NULL) + gss_kex_context = ctxt; + else + ssh_gssapi_delete_ctx(&ctxt); + + DH_free(dh); + + kex_derive_keys_bn(kex, hash, hashlen, shared_secret); + BN_clear_free(shared_secret); + kex_finish(kex); + + /* If this was a rekey, then save out any delegated credentials we + * just exchanged. */ + if (options.gss_store_rekey) + ssh_gssapi_rekey_creds(); +} +#endif /* GSSAPI */ diff --git a/key.c b/key.c index 168e1b7..3d640e7 100644 --- a/key.c +++ b/key.c @@ -985,6 +985,7 @@ static const struct keytype keytypes[] = { KEY_DSA_CERT_V00, 0, 1 }, { "ssh-ed25519-cert-v01@openssh.com", "ED25519-CERT", KEY_ED25519_CERT, 0, 1 }, + { "null", "null", KEY_NULL, 0, 0 }, { NULL, NULL, -1, -1, 0 } }; @@ -1063,7 +1064,7 @@ key_alg_list(int certs_only, int plain_only) const struct keytype *kt; for (kt = keytypes; kt->type != -1; kt++) { - if (kt->name == NULL) + if (kt->name == NULL || kt->type == KEY_NULL) continue; if ((certs_only && !kt->cert) || (plain_only && kt->cert)) continue; diff --git a/key.h b/key.h index d8ad13d..c8aeba2 100644 --- a/key.h +++ b/key.h @@ -46,6 +46,7 @@ enum types { KEY_ED25519_CERT, KEY_RSA_CERT_V00, KEY_DSA_CERT_V00, + KEY_NULL, KEY_UNSPEC }; enum fp_type { diff --git a/monitor.c b/monitor.c index 531c4f9..2918814 100644 --- a/monitor.c +++ b/monitor.c @@ -175,6 +175,8 @@ int mm_answer_gss_setup_ctx(int, Buffer *); int mm_answer_gss_accept_ctx(int, Buffer *); int mm_answer_gss_userok(int, Buffer *); int mm_answer_gss_checkmic(int, Buffer *); +int mm_answer_gss_sign(int, Buffer *); +int mm_answer_gss_updatecreds(int, Buffer *); #endif #ifdef SSH_AUDIT_EVENTS @@ -247,11 +249,18 @@ struct mon_table mon_dispatch_proto20[] = { {MONITOR_REQ_GSSSTEP, MON_ISAUTH, mm_answer_gss_accept_ctx}, {MONITOR_REQ_GSSUSEROK, MON_AUTH, mm_answer_gss_userok}, {MONITOR_REQ_GSSCHECKMIC, MON_ISAUTH, mm_answer_gss_checkmic}, + {MONITOR_REQ_GSSSIGN, MON_ONCE, mm_answer_gss_sign}, #endif {0, 0, NULL} }; struct mon_table mon_dispatch_postauth20[] = { +#ifdef GSSAPI + {MONITOR_REQ_GSSSETUP, 0, mm_answer_gss_setup_ctx}, + {MONITOR_REQ_GSSSTEP, 0, mm_answer_gss_accept_ctx}, + {MONITOR_REQ_GSSSIGN, 0, mm_answer_gss_sign}, + {MONITOR_REQ_GSSUPCREDS, 0, mm_answer_gss_updatecreds}, +#endif {MONITOR_REQ_MODULI, 0, mm_answer_moduli}, {MONITOR_REQ_SIGN, 0, mm_answer_sign}, {MONITOR_REQ_PTY, 0, mm_answer_pty}, @@ -360,6 +369,10 @@ monitor_child_preauth(Authctxt *_authctxt, struct monitor *pmonitor) /* Permit requests for moduli and signatures */ monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); +#ifdef GSSAPI + /* and for the GSSAPI key exchange */ + monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); +#endif } else { mon_dispatch = mon_dispatch_proto15; @@ -465,6 +478,10 @@ monitor_child_postauth(struct monitor *pmonitor) monitor_permit(mon_dispatch, MONITOR_REQ_MODULI, 1); monitor_permit(mon_dispatch, MONITOR_REQ_SIGN, 1); monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); +#ifdef GSSAPI + /* and for the GSSAPI key exchange */ + monitor_permit(mon_dispatch, MONITOR_REQ_GSSSETUP, 1); +#endif } else { mon_dispatch = mon_dispatch_postauth15; monitor_permit(mon_dispatch, MONITOR_REQ_TERM, 1); @@ -1834,6 +1851,13 @@ mm_get_kex(Buffer *m) kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; kex->kex[KEX_ECDH_SHA2] = kexecdh_server; kex->kex[KEX_C25519_SHA256] = kexc25519_server; +#ifdef GSSAPI + if (options.gss_keyex) { + kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; + kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; + kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; + } +#endif kex->server = 1; kex->hostkey_type = buffer_get_int(m); kex->kex_type = buffer_get_int(m); @@ -2041,6 +2065,9 @@ mm_answer_gss_setup_ctx(int sock, Buffer *m) OM_uint32 major; u_int len; + if (!options.gss_authentication && !options.gss_keyex) + fatal("In GSSAPI monitor when GSSAPI is disabled"); + goid.elements = buffer_get_string(m, &len); goid.length = len; @@ -2068,6 +2095,9 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) OM_uint32 flags = 0; /* GSI needs this */ u_int len; + if (!options.gss_authentication && !options.gss_keyex) + fatal("In GSSAPI monitor when GSSAPI is disabled"); + in.value = buffer_get_string(m, &len); in.length = len; major = ssh_gssapi_accept_ctx(gsscontext, &in, &out, &flags); @@ -2085,6 +2115,7 @@ mm_answer_gss_accept_ctx(int sock, Buffer *m) monitor_permit(mon_dispatch, MONITOR_REQ_GSSSTEP, 0); monitor_permit(mon_dispatch, MONITOR_REQ_GSSUSEROK, 1); monitor_permit(mon_dispatch, MONITOR_REQ_GSSCHECKMIC, 1); + monitor_permit(mon_dispatch, MONITOR_REQ_GSSSIGN, 1); } return (0); } @@ -2096,6 +2127,9 @@ mm_answer_gss_checkmic(int sock, Buffer *m) OM_uint32 ret; u_int len; + if (!options.gss_authentication && !options.gss_keyex) + fatal("In GSSAPI monitor when GSSAPI is disabled"); + gssbuf.value = buffer_get_string(m, &len); gssbuf.length = len; mic.value = buffer_get_string(m, &len); @@ -2122,7 +2156,11 @@ mm_answer_gss_userok(int sock, Buffer *m) { int authenticated; - authenticated = authctxt->valid && ssh_gssapi_userok(authctxt->user); + if (!options.gss_authentication && !options.gss_keyex) + fatal("In GSSAPI monitor when GSSAPI is disabled"); + + authenticated = authctxt->valid && + ssh_gssapi_userok(authctxt->user, authctxt->pw); buffer_clear(m); buffer_put_int(m, authenticated); @@ -2135,5 +2173,73 @@ mm_answer_gss_userok(int sock, Buffer *m) /* Monitor loop will terminate if authenticated */ return (authenticated); } + +int +mm_answer_gss_sign(int socket, Buffer *m) +{ + gss_buffer_desc data; + gss_buffer_desc hash = GSS_C_EMPTY_BUFFER; + OM_uint32 major, minor; + u_int len; + + if (!options.gss_authentication && !options.gss_keyex) + fatal("In GSSAPI monitor when GSSAPI is disabled"); + + data.value = buffer_get_string(m, &len); + data.length = len; + if (data.length != 20) + fatal("%s: data length incorrect: %d", __func__, + (int) data.length); + + /* Save the session ID on the first time around */ + if (session_id2_len == 0) { + session_id2_len = data.length; + session_id2 = xmalloc(session_id2_len); + memcpy(session_id2, data.value, session_id2_len); + } + major = ssh_gssapi_sign(gsscontext, &data, &hash); + + free(data.value); + + buffer_clear(m); + buffer_put_int(m, major); + buffer_put_string(m, hash.value, hash.length); + + mm_request_send(socket, MONITOR_ANS_GSSSIGN, m); + + gss_release_buffer(&minor, &hash); + + /* Turn on getpwnam permissions */ + monitor_permit(mon_dispatch, MONITOR_REQ_PWNAM, 1); + + /* And credential updating, for when rekeying */ + monitor_permit(mon_dispatch, MONITOR_REQ_GSSUPCREDS, 1); + + return (0); +} + +int +mm_answer_gss_updatecreds(int socket, Buffer *m) { + ssh_gssapi_ccache store; + int ok; + + store.filename = buffer_get_string(m, NULL); + store.envvar = buffer_get_string(m, NULL); + store.envval = buffer_get_string(m, NULL); + + ok = ssh_gssapi_update_creds(&store); + + free(store.filename); + free(store.envvar); + free(store.envval); + + buffer_clear(m); + buffer_put_int(m, ok); + + mm_request_send(socket, MONITOR_ANS_GSSUPCREDS, m); + + return(0); +} + #endif /* GSSAPI */ diff --git a/monitor.h b/monitor.h index 5bc41b5..7f32b0c 100644 --- a/monitor.h +++ b/monitor.h @@ -65,6 +65,9 @@ enum monitor_reqtype { MONITOR_REQ_PAM_FREE_CTX = 110, MONITOR_ANS_PAM_FREE_CTX = 111, MONITOR_REQ_AUDIT_EVENT = 112, MONITOR_REQ_AUDIT_COMMAND = 113, + MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, + MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, + }; struct mm_master; diff --git a/monitor_wrap.c b/monitor_wrap.c index 1a47e41..60b987d 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1271,7 +1271,7 @@ mm_ssh_gssapi_checkmic(Gssctxt *ctx, gss_buffer_t gssbuf, gss_buffer_t gssmic) } int -mm_ssh_gssapi_userok(char *user) +mm_ssh_gssapi_userok(char *user, struct passwd *pw) { Buffer m; int authenticated = 0; @@ -1288,5 +1288,50 @@ mm_ssh_gssapi_userok(char *user) debug3("%s: user %sauthenticated",__func__, authenticated ? "" : "not "); return (authenticated); } + +OM_uint32 +mm_ssh_gssapi_sign(Gssctxt *ctx, gss_buffer_desc *data, gss_buffer_desc *hash) +{ + Buffer m; + OM_uint32 major; + u_int len; + + buffer_init(&m); + buffer_put_string(&m, data->value, data->length); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSSIGN, &m); + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSSIGN, &m); + + major = buffer_get_int(&m); + hash->value = buffer_get_string(&m, &len); + hash->length = len; + + buffer_free(&m); + + return(major); +} + +int +mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store) +{ + Buffer m; + int ok; + + buffer_init(&m); + + buffer_put_cstring(&m, store->filename ? store->filename : ""); + buffer_put_cstring(&m, store->envvar ? store->envvar : ""); + buffer_put_cstring(&m, store->envval ? store->envval : ""); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_GSSUPCREDS, &m); + mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_GSSUPCREDS, &m); + + ok = buffer_get_int(&m); + + buffer_free(&m); + + return (ok); +} + #endif /* GSSAPI */ diff --git a/monitor_wrap.h b/monitor_wrap.h index 18c2501..a4e9d24 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -58,8 +58,10 @@ BIGNUM *mm_auth_rsa_generate_challenge(Key *); OM_uint32 mm_ssh_gssapi_server_ctx(Gssctxt **, gss_OID); OM_uint32 mm_ssh_gssapi_accept_ctx(Gssctxt *, gss_buffer_desc *, gss_buffer_desc *, OM_uint32 *); -int mm_ssh_gssapi_userok(char *user); +int mm_ssh_gssapi_userok(char *user, struct passwd *); OM_uint32 mm_ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); +OM_uint32 mm_ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); +int mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *); #endif #ifdef USE_PAM diff --git a/readconf.c b/readconf.c index dc884c9..7613ff2 100644 --- a/readconf.c +++ b/readconf.c @@ -141,6 +141,8 @@ typedef enum { oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, + oGssTrustDns, oGssKeyEx, oGssClientIdentity, oGssRenewalRekey, + oGssServerIdentity, oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly, oSendEnv, oControlPath, oControlMaster, oControlPersist, oHashKnownHosts, @@ -183,10 +185,19 @@ static struct { { "afstokenpassing", oUnsupported }, #if defined(GSSAPI) { "gssapiauthentication", oGssAuthentication }, + { "gssapikeyexchange", oGssKeyEx }, { "gssapidelegatecredentials", oGssDelegateCreds }, + { "gssapitrustdns", oGssTrustDns }, + { "gssapiclientidentity", oGssClientIdentity }, + { "gssapiserveridentity", oGssServerIdentity }, + { "gssapirenewalforcesrekey", oGssRenewalRekey }, #else { "gssapiauthentication", oUnsupported }, + { "gssapikeyexchange", oUnsupported }, { "gssapidelegatecredentials", oUnsupported }, + { "gssapitrustdns", oUnsupported }, + { "gssapiclientidentity", oUnsupported }, + { "gssapirenewalforcesrekey", oUnsupported }, #endif { "fallbacktorsh", oDeprecated }, { "usersh", oDeprecated }, @@ -841,10 +852,30 @@ parse_time: intptr = &options->gss_authentication; goto parse_flag; + case oGssKeyEx: + intptr = &options->gss_keyex; + goto parse_flag; + case oGssDelegateCreds: intptr = &options->gss_deleg_creds; goto parse_flag; + case oGssTrustDns: + intptr = &options->gss_trust_dns; + goto parse_flag; + + case oGssClientIdentity: + charptr = &options->gss_client_identity; + goto parse_string; + + case oGssServerIdentity: + charptr = &options->gss_server_identity; + goto parse_string; + + case oGssRenewalRekey: + intptr = &options->gss_renewal_rekey; + goto parse_flag; + case oBatchMode: intptr = &options->batch_mode; goto parse_flag; @@ -1497,7 +1528,12 @@ initialize_options(Options * options) options->pubkey_authentication = -1; options->challenge_response_authentication = -1; options->gss_authentication = -1; + options->gss_keyex = -1; options->gss_deleg_creds = -1; + options->gss_trust_dns = -1; + options->gss_renewal_rekey = -1; + options->gss_client_identity = NULL; + options->gss_server_identity = NULL; options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->kbd_interactive_devices = NULL; @@ -1616,8 +1652,14 @@ fill_default_options(Options * options) options->challenge_response_authentication = 1; if (options->gss_authentication == -1) options->gss_authentication = 0; + if (options->gss_keyex == -1) + options->gss_keyex = 0; if (options->gss_deleg_creds == -1) options->gss_deleg_creds = 0; + if (options->gss_trust_dns == -1) + options->gss_trust_dns = 0; + if (options->gss_renewal_rekey == -1) + options->gss_renewal_rekey = 0; if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) diff --git a/readconf.h b/readconf.h index 75e3f8f..5cc97f0 100644 --- a/readconf.h +++ b/readconf.h @@ -54,7 +54,12 @@ typedef struct { int challenge_response_authentication; /* Try S/Key or TIS, authentication. */ int gss_authentication; /* Try GSS authentication */ + int gss_keyex; /* Try GSS key exchange */ int gss_deleg_creds; /* Delegate GSS credentials */ + int gss_trust_dns; /* Trust DNS for GSS canonicalization */ + int gss_renewal_rekey; /* Credential renewal forces rekey */ + char *gss_client_identity; /* Principal to initiate GSSAPI with */ + char *gss_server_identity; /* GSSAPI target principal */ int password_authentication; /* Try password * authentication. */ int kbd_interactive_authentication; /* Try keyboard-interactive auth. */ diff --git a/servconf.c b/servconf.c index 7ba65d5..0083cf8 100644 --- a/servconf.c +++ b/servconf.c @@ -108,7 +108,10 @@ initialize_server_options(ServerOptions *options) options->kerberos_ticket_cleanup = -1; options->kerberos_get_afs_token = -1; options->gss_authentication=-1; + options->gss_keyex = -1; options->gss_cleanup_creds = -1; + options->gss_strict_acceptor = -1; + options->gss_store_rekey = -1; options->password_authentication = -1; options->kbd_interactive_authentication = -1; options->challenge_response_authentication = -1; @@ -244,8 +247,14 @@ fill_default_server_options(ServerOptions *options) options->kerberos_get_afs_token = 0; if (options->gss_authentication == -1) options->gss_authentication = 0; + if (options->gss_keyex == -1) + options->gss_keyex = 0; if (options->gss_cleanup_creds == -1) options->gss_cleanup_creds = 1; + if (options->gss_strict_acceptor == -1) + options->gss_strict_acceptor = 1; + if (options->gss_store_rekey == -1) + options->gss_store_rekey = 0; if (options->password_authentication == -1) options->password_authentication = 1; if (options->kbd_interactive_authentication == -1) @@ -340,7 +349,9 @@ typedef enum { sBanner, sUseDNS, sHostbasedAuthentication, sHostbasedUsesNameFromPacketOnly, sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile, - sGssAuthentication, sGssCleanupCreds, sAcceptEnv, sPermitTunnel, + sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor, + sGssKeyEx, sGssStoreRekey, + sAcceptEnv, sPermitTunnel, sMatch, sPermitOpen, sForceCommand, sChrootDirectory, sUsePrivilegeSeparation, sAllowAgentForwarding, sHostCertificate, @@ -407,10 +418,20 @@ static struct { #ifdef GSSAPI { "gssapiauthentication", sGssAuthentication, SSHCFG_ALL }, { "gssapicleanupcredentials", sGssCleanupCreds, SSHCFG_GLOBAL }, + { "gssapicleanupcreds", sGssCleanupCreds, SSHCFG_GLOBAL }, + { "gssapistrictacceptorcheck", sGssStrictAcceptor, SSHCFG_GLOBAL }, + { "gssapikeyexchange", sGssKeyEx, SSHCFG_GLOBAL }, + { "gssapistorecredentialsonrekey", sGssStoreRekey, SSHCFG_GLOBAL }, #else { "gssapiauthentication", sUnsupported, SSHCFG_ALL }, { "gssapicleanupcredentials", sUnsupported, SSHCFG_GLOBAL }, + { "gssapicleanupcreds", sUnsupported, SSHCFG_GLOBAL }, + { "gssapistrictacceptorcheck", sUnsupported, SSHCFG_GLOBAL }, + { "gssapikeyexchange", sUnsupported, SSHCFG_GLOBAL }, + { "gssapistorecredentialsonrekey", sUnsupported, SSHCFG_GLOBAL }, #endif + { "gssusesessionccache", sUnsupported, SSHCFG_GLOBAL }, + { "gssapiusesessioncredcache", sUnsupported, SSHCFG_GLOBAL }, { "passwordauthentication", sPasswordAuthentication, SSHCFG_ALL }, { "kbdinteractiveauthentication", sKbdInteractiveAuthentication, SSHCFG_ALL }, { "challengeresponseauthentication", sChallengeResponseAuthentication, SSHCFG_GLOBAL }, @@ -1086,10 +1107,22 @@ process_server_config_line(ServerOptions *options, char *line, intptr = &options->gss_authentication; goto parse_flag; + case sGssKeyEx: + intptr = &options->gss_keyex; + goto parse_flag; + case sGssCleanupCreds: intptr = &options->gss_cleanup_creds; goto parse_flag; + case sGssStrictAcceptor: + intptr = &options->gss_strict_acceptor; + goto parse_flag; + + case sGssStoreRekey: + intptr = &options->gss_store_rekey; + goto parse_flag; + case sPasswordAuthentication: intptr = &options->password_authentication; goto parse_flag; @@ -1995,7 +2028,10 @@ dump_config(ServerOptions *o) #endif #ifdef GSSAPI dump_cfg_fmtint(sGssAuthentication, o->gss_authentication); + dump_cfg_fmtint(sGssKeyEx, o->gss_keyex); dump_cfg_fmtint(sGssCleanupCreds, o->gss_cleanup_creds); + dump_cfg_fmtint(sGssStrictAcceptor, o->gss_strict_acceptor); + dump_cfg_fmtint(sGssStoreRekey, o->gss_store_rekey); #endif dump_cfg_fmtint(sPasswordAuthentication, o->password_authentication); dump_cfg_fmtint(sKbdInteractiveAuthentication, diff --git a/servconf.h b/servconf.h index 752d1c5..c922eb5 100644 --- a/servconf.h +++ b/servconf.h @@ -112,7 +112,10 @@ typedef struct { int kerberos_get_afs_token; /* If true, try to get AFS token if * authenticated with Kerberos. */ int gss_authentication; /* If true, permit GSSAPI authentication */ + int gss_keyex; /* If true, permit GSSAPI key exchange */ int gss_cleanup_creds; /* If true, destroy cred cache on logout */ + int gss_strict_acceptor; /* If true, restrict the GSSAPI acceptor name */ + int gss_store_rekey; int password_authentication; /* If true, permit password * authentication. */ int kbd_interactive_authentication; /* If true, permit */ diff --git a/ssh-gss.h b/ssh-gss.h index a99d7f0..914701b 100644 --- a/ssh-gss.h +++ b/ssh-gss.h @@ -1,6 +1,6 @@ /* $OpenBSD: ssh-gss.h,v 1.11 2014/02/26 20:28:44 djm Exp $ */ /* - * Copyright (c) 2001-2003 Simon Wilkinson. All rights reserved. + * Copyright (c) 2001-2009 Simon Wilkinson. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -61,10 +61,22 @@ #define SSH_GSS_OIDTYPE 0x06 +#define SSH2_MSG_KEXGSS_INIT 30 +#define SSH2_MSG_KEXGSS_CONTINUE 31 +#define SSH2_MSG_KEXGSS_COMPLETE 32 +#define SSH2_MSG_KEXGSS_HOSTKEY 33 +#define SSH2_MSG_KEXGSS_ERROR 34 +#define SSH2_MSG_KEXGSS_GROUPREQ 40 +#define SSH2_MSG_KEXGSS_GROUP 41 +#define KEX_GSS_GRP1_SHA1_ID "gss-group1-sha1-" +#define KEX_GSS_GRP14_SHA1_ID "gss-group14-sha1-" +#define KEX_GSS_GEX_SHA1_ID "gss-gex-sha1-" + typedef struct { char *filename; char *envvar; char *envval; + struct passwd *owner; void *data; } ssh_gssapi_ccache; @@ -72,8 +84,11 @@ typedef struct { gss_buffer_desc displayname; gss_buffer_desc exportedname; gss_cred_id_t creds; + gss_name_t name; struct ssh_gssapi_mech_struct *mech; ssh_gssapi_ccache store; + int used; + int updated; } ssh_gssapi_client; typedef struct ssh_gssapi_mech_struct { @@ -84,6 +99,7 @@ typedef struct ssh_gssapi_mech_struct { int (*userok) (ssh_gssapi_client *, char *); int (*localname) (ssh_gssapi_client *, char **); void (*storecreds) (ssh_gssapi_client *); + int (*updatecreds) (ssh_gssapi_ccache *, ssh_gssapi_client *); } ssh_gssapi_mech; typedef struct { @@ -94,10 +110,11 @@ typedef struct { gss_OID oid; /* client */ gss_cred_id_t creds; /* server */ gss_name_t client; /* server */ - gss_cred_id_t client_creds; /* server */ + gss_cred_id_t client_creds; /* both */ } Gssctxt; extern ssh_gssapi_mech *supported_mechs[]; +extern Gssctxt *gss_kex_context; int ssh_gssapi_check_oid(Gssctxt *, void *, size_t); void ssh_gssapi_set_oid_data(Gssctxt *, void *, size_t); @@ -119,16 +136,32 @@ void ssh_gssapi_build_ctx(Gssctxt **); void ssh_gssapi_delete_ctx(Gssctxt **); OM_uint32 ssh_gssapi_sign(Gssctxt *, gss_buffer_t, gss_buffer_t); void ssh_gssapi_buildmic(Buffer *, const char *, const char *, const char *); -int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *); +int ssh_gssapi_check_mechanism(Gssctxt **, gss_OID, const char *, const char *); +OM_uint32 ssh_gssapi_client_identity(Gssctxt *, const char *); +int ssh_gssapi_credentials_updated(Gssctxt *); /* In the server */ +typedef int ssh_gssapi_check_fn(Gssctxt **, gss_OID, const char *, + const char *); +char *ssh_gssapi_client_mechanisms(const char *, const char *); +char *ssh_gssapi_kex_mechs(gss_OID_set, ssh_gssapi_check_fn *, const char *, + const char *); +gss_OID ssh_gssapi_id_kex(Gssctxt *, char *, int); +int ssh_gssapi_server_check_mech(Gssctxt **,gss_OID, const char *, + const char *); OM_uint32 ssh_gssapi_server_ctx(Gssctxt **, gss_OID); -int ssh_gssapi_userok(char *name); +int ssh_gssapi_userok(char *name, struct passwd *); OM_uint32 ssh_gssapi_checkmic(Gssctxt *, gss_buffer_t, gss_buffer_t); void ssh_gssapi_do_child(char ***, u_int *); void ssh_gssapi_cleanup_creds(void); void ssh_gssapi_storecreds(void); +char *ssh_gssapi_server_mechanisms(void); +int ssh_gssapi_oid_table_ok(void); + +int ssh_gssapi_update_creds(ssh_gssapi_ccache *store); +void ssh_gssapi_rekey_creds(void); + #endif /* GSSAPI */ #endif /* _SSH_GSS_H */ diff --git a/ssh_config b/ssh_config index 03a228f..228e5ab 100644 --- a/ssh_config +++ b/ssh_config @@ -26,6 +26,8 @@ # HostbasedAuthentication no # GSSAPIAuthentication no # GSSAPIDelegateCredentials no +# GSSAPIKeyExchange no +# GSSAPITrustDNS no # BatchMode no # CheckHostIP yes # AddressFamily any diff --git a/ssh_config.5 b/ssh_config.5 index b580392..e7accd6 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -682,11 +682,43 @@ Specifies whether user authentication based on GSSAPI is allowed. The default is .Dq no . Note that this option applies to protocol version 2 only. +.It Cm GSSAPIKeyExchange +Specifies whether key exchange based on GSSAPI may be used. When using +GSSAPI key exchange the server need not have a host key. +The default is +.Dq no . +Note that this option applies to protocol version 2 only. +.It Cm GSSAPIClientIdentity +If set, specifies the GSSAPI client identity that ssh should use when +connecting to the server. The default is unset, which means that the default +identity will be used. +.It Cm GSSAPIServerIdentity +If set, specifies the GSSAPI server identity that ssh should expect when +connecting to the server. The default is unset, which means that the +expected GSSAPI server identity will be determined from the target +hostname. .It Cm GSSAPIDelegateCredentials Forward (delegate) credentials to the server. The default is .Dq no . -Note that this option applies to protocol version 2 only. +Note that this option applies to protocol version 2 connections using GSSAPI. +.It Cm GSSAPIRenewalForcesRekey +If set to +.Dq yes +then renewal of the client's GSSAPI credentials will force the rekeying of the +ssh connection. With a compatible server, this can delegate the renewed +credentials to a session on the server. +The default is +.Dq no . +.It Cm GSSAPITrustDns +Set to +.Dq yes to indicate that the DNS is trusted to securely canonicalize +the name of the host being connected to. If +.Dq no, the hostname entered on the +command line will be passed untouched to the GSSAPI library. +The default is +.Dq no . +This option only applies to protocol version 2 connections using GSSAPI. .It Cm HashKnownHosts Indicates that .Xr ssh 1 diff --git a/sshconnect2.c b/sshconnect2.c index 7f4ff41..66cb035 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -158,9 +158,34 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) { Kex *kex; +#ifdef GSSAPI + char *orig = NULL, *gss = NULL; + char *gss_host = NULL; +#endif + xxx_host = host; xxx_hostaddr = hostaddr; +#ifdef GSSAPI + if (options.gss_keyex) { + /* Add the GSSAPI mechanisms currently supported on this + * client to the key exchange algorithm proposal */ + orig = myproposal[PROPOSAL_KEX_ALGS]; + + if (options.gss_trust_dns) + gss_host = (char *)get_canonical_hostname(1); + else + gss_host = host; + + gss = ssh_gssapi_client_mechanisms(gss_host, options.gss_client_identity); + if (gss) { + debug("Offering GSSAPI proposal: %s", gss); + xasprintf(&myproposal[PROPOSAL_KEX_ALGS], + "%s,%s", gss, orig); + } + } +#endif + if (options.ciphers == (char *)-1) { logit("No valid ciphers for protocol version 2 given, using defaults."); options.ciphers = NULL; @@ -196,6 +221,17 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) if (options.kex_algorithms != NULL) myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; +#ifdef GSSAPI + /* If we've got GSSAPI algorithms, then we also support the + * 'null' hostkey, as a last resort */ + if (options.gss_keyex && gss) { + orig = myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]; + xasprintf(&myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS], + "%s,null", orig); + free(gss); + } +#endif + if (options.rekey_limit || options.rekey_interval) packet_set_rekey_limits((u_int32_t)options.rekey_limit, (time_t)options.rekey_interval); @@ -208,10 +244,30 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) kex->kex[KEX_DH_GEX_SHA256] = kexgex_client; kex->kex[KEX_ECDH_SHA2] = kexecdh_client; kex->kex[KEX_C25519_SHA256] = kexc25519_client; +#ifdef GSSAPI + if (options.gss_keyex) { + kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_client; + kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_client; + kex->kex[KEX_GSS_GEX_SHA1] = kexgss_client; + } +#endif kex->client_version_string=client_version_string; kex->server_version_string=server_version_string; kex->verify_host_key=&verify_host_key_callback; +#ifdef GSSAPI + if (options.gss_keyex) { + kex->gss_deleg_creds = options.gss_deleg_creds; + kex->gss_trust_dns = options.gss_trust_dns; + kex->gss_client = options.gss_client_identity; + if (options.gss_server_identity) { + kex->gss_host = options.gss_server_identity; + } else { + kex->gss_host = gss_host; + } + } +#endif + xxx_kex = kex; dispatch_run(DISPATCH_BLOCK, &kex->done, kex); @@ -301,6 +357,7 @@ void input_gssapi_token(int type, u_int32_t, void *); void input_gssapi_hash(int type, u_int32_t, void *); void input_gssapi_error(int, u_int32_t, void *); void input_gssapi_errtok(int, u_int32_t, void *); +int userauth_gsskeyex(Authctxt *authctxt); #endif void userauth(Authctxt *, char *); @@ -316,6 +373,11 @@ static char *authmethods_get(void); Authmethod authmethods[] = { #ifdef GSSAPI + {"gssapi-keyex", + userauth_gsskeyex, + NULL, + &options.gss_authentication, + NULL}, {"gssapi-with-mic", userauth_gssapi, NULL, @@ -612,19 +674,31 @@ userauth_gssapi(Authctxt *authctxt) static u_int mech = 0; OM_uint32 min; int ok = 0; + const char *gss_host; + + if (options.gss_server_identity) + gss_host = options.gss_server_identity; + else if (options.gss_trust_dns) + gss_host = get_canonical_hostname(1); + else + gss_host = authctxt->host; /* Try one GSSAPI method at a time, rather than sending them all at * once. */ if (gss_supported == NULL) - gss_indicate_mechs(&min, &gss_supported); + if (GSS_ERROR(gss_indicate_mechs(&min, &gss_supported))) { + gss_supported = NULL; + return 0; + } /* Check to see if the mechanism is usable before we offer it */ while (mech < gss_supported->count && !ok) { /* My DER encoding requires length<128 */ if (gss_supported->elements[mech].length < 128 && ssh_gssapi_check_mechanism(&gssctxt, - &gss_supported->elements[mech], authctxt->host)) { + &gss_supported->elements[mech], gss_host, + options.gss_client_identity)) { ok = 1; /* Mechanism works */ } else { mech++; @@ -721,8 +795,8 @@ input_gssapi_response(int type, u_int32_t plen, void *ctxt) { Authctxt *authctxt = ctxt; Gssctxt *gssctxt; - int oidlen; - char *oidv; + u_int oidlen; + u_char *oidv; if (authctxt == NULL) fatal("input_gssapi_response: no authentication context"); @@ -831,6 +905,48 @@ input_gssapi_error(int type, u_int32_t plen, void *ctxt) free(msg); free(lang); } + +int +userauth_gsskeyex(Authctxt *authctxt) +{ + Buffer b; + gss_buffer_desc gssbuf; + gss_buffer_desc mic = GSS_C_EMPTY_BUFFER; + OM_uint32 ms; + + static int attempt = 0; + if (attempt++ >= 1) + return (0); + + if (gss_kex_context == NULL) { + debug("No valid Key exchange context"); + return (0); + } + + ssh_gssapi_buildmic(&b, authctxt->server_user, authctxt->service, + "gssapi-keyex"); + + gssbuf.value = buffer_ptr(&b); + gssbuf.length = buffer_len(&b); + + if (GSS_ERROR(ssh_gssapi_sign(gss_kex_context, &gssbuf, &mic))) { + buffer_free(&b); + return (0); + } + + packet_start(SSH2_MSG_USERAUTH_REQUEST); + packet_put_cstring(authctxt->server_user); + packet_put_cstring(authctxt->service); + packet_put_cstring(authctxt->method->name); + packet_put_string(mic.value, mic.length); + packet_send(); + + buffer_free(&b); + gss_release_buffer(&ms, &mic); + + return (1); +} + #endif /* GSSAPI */ int diff --git a/sshd.c b/sshd.c index 7523de9..d787fea 100644 --- a/sshd.c +++ b/sshd.c @@ -122,6 +122,10 @@ #include "ssh-sandbox.h" #include "version.h" +#ifdef USE_SECURITY_SESSION_API +#include +#endif + #ifdef LIBWRAP #include #include @@ -1728,10 +1732,13 @@ main(int ac, char **av) logit("Disabling protocol version 1. Could not load host key"); options.protocol &= ~SSH_PROTO_1; } +#ifndef GSSAPI + /* The GSSAPI key exchange can run without a host key */ if ((options.protocol & SSH_PROTO_2) && !sensitive_data.have_ssh2_key) { logit("Disabling protocol version 2. Could not load host key"); options.protocol &= ~SSH_PROTO_2; } +#endif if (!(options.protocol & (SSH_PROTO_1|SSH_PROTO_2))) { logit("sshd: no hostkeys available -- exiting."); exit(1); @@ -2058,6 +2065,60 @@ main(int ac, char **av) remote_ip, remote_port, get_local_ipaddr(sock_in), get_local_port()); +#ifdef USE_SECURITY_SESSION_API + /* + * Create a new security session for use by the new user login if + * the current session is the root session or we are not launched + * by inetd (eg: debugging mode or server mode). We do not + * necessarily need to create a session if we are launched from + * inetd because Panther xinetd will create a session for us. + * + * The only case where this logic will fail is if there is an + * inetd running in a non-root session which is not creating + * new sessions for us. Then all the users will end up in the + * same session (bad). + * + * When the client exits, the session will be destroyed for us + * automatically. + * + * We must create the session before any credentials are stored + * (including AFS pags, which happens a few lines below). + */ + { + OSStatus err = 0; + SecuritySessionId sid = 0; + SessionAttributeBits sattrs = 0; + + err = SessionGetInfo(callerSecuritySession, &sid, &sattrs); + if (err) + error("SessionGetInfo() failed with error %.8X", + (unsigned) err); + else + debug("Current Session ID is %.8X / Session Attributes are %.8X", + (unsigned) sid, (unsigned) sattrs); + + if (inetd_flag && !(sattrs & sessionIsRoot)) + debug("Running in inetd mode in a non-root session... " + "assuming inetd created the session for us."); + else { + debug("Creating new security session..."); + err = SessionCreate(0, sessionHasTTY | sessionIsRemote); + if (err) + error("SessionCreate() failed with error %.8X", + (unsigned) err); + + err = SessionGetInfo(callerSecuritySession, &sid, + &sattrs); + if (err) + error("SessionGetInfo() failed with error %.8X", + (unsigned) err); + else + debug("New Session ID is %.8X / Session Attributes are %.8X", + (unsigned) sid, (unsigned) sattrs); + } + } +#endif + /* * We don't want to listen forever unless the other side * successfully authenticates itself. So we set up an alarm which is @@ -2469,6 +2530,48 @@ do_ssh2_kex(void) myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = compat_pkalg_proposal( list_hostkey_types()); +#ifdef GSSAPI + { + char *orig; + char *gss = NULL; + char *newstr = NULL; + orig = myproposal[PROPOSAL_KEX_ALGS]; + + /* + * If we don't have a host key, then there's no point advertising + * the other key exchange algorithms + */ + + if (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS]) == 0) + orig = NULL; + + if (options.gss_keyex) + gss = ssh_gssapi_server_mechanisms(); + else + gss = NULL; + + if (gss && orig) + xasprintf(&newstr, "%s,%s", gss, orig); + else if (gss) + newstr = gss; + else if (orig) + newstr = orig; + + /* + * If we've got GSSAPI mechanisms, then we've got the 'null' host + * key alg, but we can't tell people about it unless its the only + * host key algorithm we support + */ + if (gss && (strlen(myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS])) == 0) + myproposal[PROPOSAL_SERVER_HOST_KEY_ALGS] = "null"; + + if (newstr) + myproposal[PROPOSAL_KEX_ALGS] = newstr; + else + fatal("No supported key exchange algorithms"); + } +#endif + /* start key exchange */ kex = kex_setup(myproposal); kex->kex[KEX_DH_GRP1_SHA1] = kexdh_server; @@ -2477,6 +2580,13 @@ do_ssh2_kex(void) kex->kex[KEX_DH_GEX_SHA256] = kexgex_server; kex->kex[KEX_ECDH_SHA2] = kexecdh_server; kex->kex[KEX_C25519_SHA256] = kexc25519_server; +#ifdef GSSAPI + if (options.gss_keyex) { + kex->kex[KEX_GSS_GRP1_SHA1] = kexgss_server; + kex->kex[KEX_GSS_GRP14_SHA1] = kexgss_server; + kex->kex[KEX_GSS_GEX_SHA1] = kexgss_server; + } +#endif kex->server = 1; kex->client_version_string=client_version_string; kex->server_version_string=server_version_string; diff --git a/sshd_config b/sshd_config index e9045bc..d9b8594 100644 --- a/sshd_config +++ b/sshd_config @@ -84,6 +84,8 @@ AuthorizedKeysFile .ssh/authorized_keys # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will diff --git a/sshd_config.5 b/sshd_config.5 index ce71efe..ceed88a 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -493,12 +493,40 @@ Specifies whether user authentication based on GSSAPI is allowed. The default is .Dq no . Note that this option applies to protocol version 2 only. +.It Cm GSSAPIKeyExchange +Specifies whether key exchange based on GSSAPI is allowed. GSSAPI key exchange +doesn't rely on ssh keys to verify host identity. +The default is +.Dq no . +Note that this option applies to protocol version 2 only. .It Cm GSSAPICleanupCredentials Specifies whether to automatically destroy the user's credentials cache on logout. The default is .Dq yes . Note that this option applies to protocol version 2 only. +.It Cm GSSAPIStrictAcceptorCheck +Determines whether to be strict about the identity of the GSSAPI acceptor +a client authenticates against. If +.Dq yes +then the client must authenticate against the +.Pa host +service on the current hostname. If +.Dq no +then the client may authenticate against any service key stored in the +machine's default store. This facility is provided to assist with operation +on multi homed machines. +The default is +.Dq yes . +Note that this option applies only to protocol version 2 GSSAPI connections, +and setting it to +.Dq no +may only work with recent Kerberos GSSAPI libraries. +.It Cm GSSAPIStoreCredentialsOnRekey +Controls whether the user's GSSAPI credentials should be updated following a +successful connection rekeying. This option can be used to accepted renewed +or updated credentials from a compatible client. The default is +.Dq no . .It Cm HostbasedAuthentication Specifies whether rhosts or /etc/hosts.equiv authentication together with successful public key client host authentication is allowed debian/patches/series0000644000000000000000000000264013437222463012042 0ustar gssapi.patch selinux-role.patch ssh-vulnkey-compat.patch ssh1-keepalive.patch keepalive-extensions.patch syslog-level-silent.patch quieter-signals.patch helpful-wait-terminate.patch consolekit.patch user-group-modes.patch scp-quoting.patch shell-path.patch dnssec-sshfp.patch auth-log-verbosity.patch mention-ssh-keygen-on-keychange.patch package-versioning.patch debian-banner.patch authorized-keys-man-symlink.patch lintian-symlink-pickiness.patch openbsd-docs.patch ssh-argv0.patch doc-hash-tab-completion.patch doc-upstart.patch ssh-agent-setgid.patch no-openssl-version-check.patch gnome-ssh-askpass2-icon.patch sigstop.patch debian-config.patch sshfp_with_server_cert_upstr curve25519-sha256-bignum-encoding.patch CVE-2015-5600.patch pam-security-1.patch pam-security-2.patch CVE-2015-5352.patch CVE-2015-5600-2.patch CVE-2016-077x.patch report-max-auth.patch CVE-2015-8325.patch CVE-2016-1908-1.patch CVE-2016-1908-2.patch CVE-2016-3115.patch CVE-2016-6210-1.patch CVE-2016-6210-2.patch CVE-2016-6210-3.patch CVE-2016-6515.patch CVE-2016-10009.patch CVE-2016-10009-2.patch CVE-2016-10009-3.patch CVE-2016-10009-4.patch CVE-2016-10011.patch CVE-2016-10012-1-2.patch CVE-2016-10012-3.patch CVE-2017-15906.patch CVE-2018-15473.patch CVE-2016-10708.patch CVE-2018-20685.patch CVE-2019-6111.patch CVE-2019-6109-pre1.patch CVE-2019-6109-pre2.patch CVE-2019-6109-1.patch CVE-2019-6109-2.patch CVE-2019-6111-pre1.patch CVE-2019-6111-2.patch debian/patches/debian-banner.patch0000644000000000000000000000644212330654315014333 0ustar From 9fcad888f4dbf0ecc0c7e87b6ef0f8d88d7ac3ec Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Sun, 9 Feb 2014 16:10:06 +0000 Subject: Add DebianBanner server configuration option Setting this to "no" causes sshd to omit the Debian revision from its initial protocol handshake, for those scared by package-versioning.patch. Bug-Debian: http://bugs.debian.org/562048 Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: debian-banner.patch --- servconf.c | 9 +++++++++ servconf.h | 2 ++ sshd.c | 3 ++- sshd_config.5 | 5 +++++ 4 files changed, 18 insertions(+), 1 deletion(-) diff --git a/servconf.c b/servconf.c index 90de888..37fd2de 100644 --- a/servconf.c +++ b/servconf.c @@ -156,6 +156,7 @@ initialize_server_options(ServerOptions *options) options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; options->version_addendum = NULL; + options->debian_banner = -1; } void @@ -309,6 +310,8 @@ fill_default_server_options(ServerOptions *options) options->ip_qos_bulk = IPTOS_THROUGHPUT; if (options->version_addendum == NULL) options->version_addendum = xstrdup(""); + if (options->debian_banner == -1) + options->debian_banner = 1; /* Turn privilege separation on by default */ if (use_privsep == -1) use_privsep = PRIVSEP_NOSANDBOX; @@ -359,6 +362,7 @@ typedef enum { sKexAlgorithms, sIPQoS, sVersionAddendum, sAuthorizedKeysCommand, sAuthorizedKeysCommandUser, sAuthenticationMethods, sHostKeyAgent, + sDebianBanner, sDeprecated, sUnsupported } ServerOpCodes; @@ -496,6 +500,7 @@ static struct { { "authorizedkeyscommanduser", sAuthorizedKeysCommandUser, SSHCFG_ALL }, { "versionaddendum", sVersionAddendum, SSHCFG_GLOBAL }, { "authenticationmethods", sAuthenticationMethods, SSHCFG_ALL }, + { "debianbanner", sDebianBanner, SSHCFG_GLOBAL }, { NULL, sBadOption, 0 } }; @@ -1654,6 +1659,10 @@ process_server_config_line(ServerOptions *options, char *line, } return 0; + case sDebianBanner: + intptr = &options->debian_banner; + goto parse_int; + case sDeprecated: logit("%s line %d: Deprecated option %s", filename, linenum, arg); diff --git a/servconf.h b/servconf.h index c922eb5..dcd1c2a 100644 --- a/servconf.h +++ b/servconf.h @@ -186,6 +186,8 @@ typedef struct { u_int num_auth_methods; char *auth_methods[MAX_AUTH_METHODS]; + + int debian_banner; } ServerOptions; /* Information about the incoming connection as used by Match */ diff --git a/sshd.c b/sshd.c index af9b8f1..665c0b9 100644 --- a/sshd.c +++ b/sshd.c @@ -440,7 +440,8 @@ sshd_exchange_identification(int sock_in, int sock_out) } xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s", - major, minor, SSH_RELEASE, + major, minor, + options.debian_banner ? SSH_RELEASE : SSH_RELEASE_MINIMUM, *options.version_addendum == '\0' ? "" : " ", options.version_addendum, newline); diff --git a/sshd_config.5 b/sshd_config.5 index 2164d58..8f078f6 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -413,6 +413,11 @@ or .Dq no . The default is .Dq delayed . +.It Cm DebianBanner +Specifies whether the distribution-specified extra version suffix is +included during initial protocol handshake. +The default is +.Dq yes . .It Cm DenyGroups This keyword can be followed by a list of group name patterns, separated by spaces. debian/patches/CVE-2015-5600.patch0000644000000000000000000000261212563350537013242 0ustar From 5b64f85bb811246c59ebab70aed331f26ba37b18 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 18 Jul 2015 07:57:14 +0000 Subject: [PATCH] upstream commit only query each keyboard-interactive device once per authentication request regardless of how many times it is listed; ok markus@ Upstream-ID: d73fafba6e86030436ff673656ec1f33d9ffeda1 --- auth2-chall.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) Index: openssh-6.6p1/auth2-chall.c =================================================================== --- openssh-6.6p1.orig/auth2-chall.c 2015-08-14 07:30:36.931740538 -0400 +++ openssh-6.6p1/auth2-chall.c 2015-08-14 07:30:36.927740505 -0400 @@ -82,6 +82,7 @@ void *ctxt; KbdintDevice *device; u_int nreq; + u_int devices_done; }; #ifdef USE_PAM @@ -168,11 +169,15 @@ if (len == 0) break; for (i = 0; devices[i]; i++) { - if (!auth2_method_allowed(authctxt, + if ((kbdintctxt->devices_done & (1 << i)) != 0 || + !auth2_method_allowed(authctxt, "keyboard-interactive", devices[i]->name)) continue; - if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) + if (strncmp(kbdintctxt->devices, devices[i]->name, + len) == 0) { kbdintctxt->device = devices[i]; + kbdintctxt->devices_done |= 1 << i; + } } t = kbdintctxt->devices; kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; debian/patches/mention-ssh-keygen-on-keychange.patch0000644000000000000000000000303512330654315017733 0ustar From 8ab8f1465980856291f215c7b7184a4456398fb4 Mon Sep 17 00:00:00 2001 From: Scott Moser Date: Sun, 9 Feb 2014 16:10:03 +0000 Subject: Mention ssh-keygen in ssh fingerprint changed warning Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843 Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607 Last-Update: 2013-09-14 Patch-Name: mention-ssh-keygen-on-keychange.patch --- sshconnect.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/sshconnect.c b/sshconnect.c index 9e02837..e0a5db9 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1065,9 +1065,12 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, error("%s. This could either mean that", key_msg); error("DNS SPOOFING is happening or the IP address for the host"); error("and its host key have changed at the same time."); - if (ip_status != HOST_NEW) + if (ip_status != HOST_NEW) { error("Offending key for IP in %s:%lu", ip_found->file, ip_found->line); + error(" remove with: ssh-keygen -f \"%s\" -R %s", + ip_found->file, ip); + } } /* The host key has changed. */ warn_changed_key(host_key); @@ -1075,6 +1078,8 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, u_short port, user_hostfiles[0]); error("Offending %s key in %s:%lu", key_type(host_found->key), host_found->file, host_found->line); + error(" remove with: ssh-keygen -f \"%s\" -R %s", + host_found->file, host); /* * If strict host key checking is in use, the user will have debian/patches/CVE-2016-10009-2.patch0000644000000000000000000000372313230121667013455 0ustar Backport of: From 25f837646be8c2017c914d34be71ca435dfc0e07 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 15 Mar 2017 02:25:09 +0000 Subject: [PATCH] upstream commit fix regression in 7.4: deletion of PKCS#11-hosted keys would fail unless they were specified by full physical pathname. Report and fix from Jakub Jelen via bz#2682; ok dtucker@ Upstream-ID: 5b5bc20ca11cacb5d5eb29c3f93fd18425552268 --- ssh-agent.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) Index: openssh-6.6p1/ssh-agent.c =================================================================== --- openssh-6.6p1.orig/ssh-agent.c 2018-01-18 08:39:25.361183517 -0500 +++ openssh-6.6p1/ssh-agent.c 2018-01-18 08:39:48.625238746 -0500 @@ -668,7 +668,7 @@ send: static void process_remove_smartcard_key(SocketEntry *e) { - char *provider = NULL, *pin = NULL; + char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX]; int version, success = 0; Identity *id, *nxt; Idtab *tab; @@ -677,6 +677,13 @@ process_remove_smartcard_key(SocketEntry pin = buffer_get_string(&e->request, NULL); free(pin); + if (realpath(provider, canonical_provider) == NULL) { + verbose("failed PKCS#11 add of \"%.100s\": realpath: %s", + provider, strerror(errno)); + goto send; + } + + debug("%s: remove %.100s", __func__, canonical_provider); for (version = 1; version < 3; version++) { tab = idtab_lookup(version); for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) { @@ -684,14 +691,14 @@ process_remove_smartcard_key(SocketEntry /* Skip file--based keys */ if (id->provider == NULL) continue; - if (!strcmp(provider, id->provider)) { + if (!strcmp(canonical_provider, id->provider)) { TAILQ_REMOVE(&tab->idlist, id, next); free_identity(id); tab->nentries--; } } } - if (pkcs11_del_provider(provider) == 0) + if (pkcs11_del_provider(canonical_provider) == 0) success = 1; else error("process_remove_smartcard_key:" debian/patches/CVE-2019-6109-pre1.patch0000644000000000000000000002623413424617347014130 0ustar Description: add utf8.c to get snmprintf Origin: backported from OpenSSH 7.7p1 Index: openssh-6.6p1/Makefile.in =================================================================== --- openssh-6.6p1.orig/Makefile.in 2019-01-31 11:14:07.627200966 -0500 +++ openssh-6.6p1/Makefile.in 2019-01-31 11:14:24.879209996 -0500 @@ -69,7 +69,7 @@ LIBSSH_OBJS=authfd.o authfile.o bufaux.o compat.o compress.o crc32.o deattack.o fatal.o hostfile.o \ log.o match.o md-sha256.o moduli.o nchan.o packet.o \ readpass.o rsa.o ttymodes.o xmalloc.o addrmatch.o \ - atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o \ + atomicio.o key.o dispatch.o kex.o mac.o uidswap.o uuencode.o misc.o utf8.o \ monitor_fdpass.o rijndael.o ssh-dss.o ssh-ecdsa.o ssh-rsa.o dh.o \ kexdh.o kexgex.o kexdhc.o kexgexc.o bufec.o kexecdh.o kexecdhc.o \ kexgssc.o \ Index: openssh-6.6p1/utf8.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ openssh-6.6p1/utf8.c 2019-01-31 11:14:07.623200964 -0500 @@ -0,0 +1,335 @@ +/* $OpenBSD: utf8.c,v 1.7 2017/05/31 09:15:42 deraadt Exp $ */ +/* + * Copyright (c) 2016 Ingo Schwarze + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* + * Utility functions for multibyte-character handling, + * in particular to sanitize untrusted strings for terminal output. + */ + +#include "includes.h" + +#include +#ifdef HAVE_LANGINFO_H +# include +#endif +#include +#include +#include +#include +#include +#include +#if defined(HAVE_STRNVIS) && defined(HAVE_VIS_H) && !defined(BROKEN_STRNVIS) +# include +#endif +#ifdef HAVE_WCHAR_H +# include +#endif + +#include "utf8.h" + +static int dangerous_locale(void); +static int grow_dst(char **, size_t *, size_t, char **, size_t); +static int vasnmprintf(char **, size_t, int *, const char *, va_list); + + +/* + * For US-ASCII and UTF-8 encodings, we can safely recover from + * encoding errors and from non-printable characters. For any + * other encodings, err to the side of caution and abort parsing: + * For state-dependent encodings, recovery is impossible. + * For arbitrary encodings, replacement of non-printable + * characters would be non-trivial and too fragile. + */ + +static int +dangerous_locale(void) { + char *loc; + + loc = nl_langinfo(CODESET); + return strcmp(loc, "US-ASCII") != 0 && strcmp(loc, "UTF-8") != 0 && + strcmp(loc, "ANSI_X3.4-1968") != 0 && strcmp(loc, "646") != 0 && + strcmp(loc, "") != 0; +} + +static int +grow_dst(char **dst, size_t *sz, size_t maxsz, char **dp, size_t need) +{ + char *tp; + size_t tsz; + + if (*dp + need < *dst + *sz) + return 0; + tsz = *sz + 128; + if (tsz > maxsz) + tsz = maxsz; + if ((tp = realloc(*dst, tsz)) == NULL) + return -1; + *dp = tp + (*dp - *dst); + *dst = tp; + *sz = tsz; + return 0; +} + +/* + * The following two functions limit the number of bytes written, + * including the terminating '\0', to sz. Unless wp is NULL, + * they limit the number of display columns occupied to *wp. + * Whichever is reached first terminates the output string. + * To stay close to the standard interfaces, they return the number of + * non-NUL bytes that would have been written if both were unlimited. + * If wp is NULL, newline, carriage return, and tab are allowed; + * otherwise, the actual number of columns occupied by what was + * written is returned in *wp. + */ + +static int +vasnmprintf(char **str, size_t maxsz, int *wp, const char *fmt, va_list ap) +{ + char *src; /* Source string returned from vasprintf. */ + char *sp; /* Pointer into src. */ + char *dst; /* Destination string to be returned. */ + char *dp; /* Pointer into dst. */ + char *tp; /* Temporary pointer for dst. */ + size_t sz; /* Number of bytes allocated for dst. */ + wchar_t wc; /* Wide character at sp. */ + int len; /* Number of bytes in the character at sp. */ + int ret; /* Number of bytes needed to format src. */ + int width; /* Display width of the character wc. */ + int total_width, max_width, print; + + src = NULL; + if ((ret = vasprintf(&src, fmt, ap)) <= 0) + goto fail; + + sz = strlen(src) + 1; + if ((dst = malloc(sz)) == NULL) { + free(src); + ret = -1; + goto fail; + } + + if (maxsz > INT_MAX) + maxsz = INT_MAX; + + sp = src; + dp = dst; + ret = 0; + print = 1; + total_width = 0; + max_width = wp == NULL ? INT_MAX : *wp; + while (*sp != '\0') { + if ((len = mbtowc(&wc, sp, MB_CUR_MAX)) == -1) { + (void)mbtowc(NULL, NULL, MB_CUR_MAX); + if (dangerous_locale()) { + ret = -1; + break; + } + len = 1; + width = -1; + } else if (wp == NULL && + (wc == L'\n' || wc == L'\r' || wc == L'\t')) { + /* + * Don't use width uninitialized; the actual + * value doesn't matter because total_width + * is only returned for wp != NULL. + */ + width = 0; + } else if ((width = wcwidth(wc)) == -1 && + dangerous_locale()) { + ret = -1; + break; + } + + /* Valid, printable character. */ + + if (width >= 0) { + if (print && (dp - dst >= (int)maxsz - len || + total_width > max_width - width)) + print = 0; + if (print) { + if (grow_dst(&dst, &sz, maxsz, + &dp, len) == -1) { + ret = -1; + break; + } + total_width += width; + memcpy(dp, sp, len); + dp += len; + } + sp += len; + if (ret >= 0) + ret += len; + continue; + } + + /* Escaping required. */ + + while (len > 0) { + if (print && (dp - dst >= (int)maxsz - 4 || + total_width > max_width - 4)) + print = 0; + if (print) { + if (grow_dst(&dst, &sz, maxsz, + &dp, 4) == -1) { + ret = -1; + break; + } + tp = vis(dp, *sp, VIS_OCTAL | VIS_ALL, 0); + width = tp - dp; + total_width += width; + dp = tp; + } else + width = 4; + len--; + sp++; + if (ret >= 0) + ret += width; + } + if (len > 0) + break; + } + free(src); + *dp = '\0'; + *str = dst; + if (wp != NULL) + *wp = total_width; + + /* + * If the string was truncated by the width limit but + * would have fit into the size limit, the only sane way + * to report the problem is using the return value, such + * that the usual idiom "if (ret < 0 || ret >= sz) error" + * works as expected. + */ + + if (ret < (int)maxsz && !print) + ret = -1; + return ret; + +fail: + if (wp != NULL) + *wp = 0; + if (ret == 0) { + *str = src; + return 0; + } else { + *str = NULL; + return -1; + } +} + +int +snmprintf(char *str, size_t sz, int *wp, const char *fmt, ...) +{ + va_list ap; + char *cp; + int ret; + + va_start(ap, fmt); + ret = vasnmprintf(&cp, sz, wp, fmt, ap); + va_end(ap); + if (cp != NULL) { + (void)strlcpy(str, cp, sz); + free(cp); + } else + *str = '\0'; + return ret; +} + +/* + * To stay close to the standard interfaces, the following functions + * return the number of non-NUL bytes written. + */ + +int +vfmprintf(FILE *stream, const char *fmt, va_list ap) +{ + char *str; + int ret; + + if ((ret = vasnmprintf(&str, INT_MAX, NULL, fmt, ap)) < 0) + return -1; + if (fputs(str, stream) == EOF) + ret = -1; + free(str); + return ret; +} + +int +fmprintf(FILE *stream, const char *fmt, ...) +{ + va_list ap; + int ret; + + va_start(ap, fmt); + ret = vfmprintf(stream, fmt, ap); + va_end(ap); + return ret; +} + +int +mprintf(const char *fmt, ...) +{ + va_list ap; + int ret; + + va_start(ap, fmt); + ret = vfmprintf(stdout, fmt, ap); + va_end(ap); + return ret; +} + +/* + * Set up libc for multibyte output in the user's chosen locale. + * + * XXX: we are known to have problems with Turkish (i/I confusion) so we + * deliberately fall back to the C locale for now. Longer term we should + * always prefer to select C.[encoding] if possible, but there's no + * standardisation in locales between systems, so we'll need to survey + * what's out there first. + */ +void +msetlocale(void) +{ + const char *vars[] = { "LC_ALL", "LC_CTYPE", "LANG", NULL }; + char *cp; + int i; + + /* + * We can't yet cope with dotless/dotted I in Turkish locales, + * so fall back to the C locale for these. + */ + for (i = 0; vars[i] != NULL; i++) { + if ((cp = getenv(vars[i])) == NULL) + continue; + if (strncasecmp(cp, "TR", 2) != 0) + break; + /* + * If we're in a UTF-8 locale then prefer to use + * the C.UTF-8 locale (or equivalent) if it exists. + */ + if ((strcasestr(cp, "UTF-8") != NULL || + strcasestr(cp, "UTF8") != NULL) && + (setlocale(LC_CTYPE, "C.UTF-8") != NULL || + setlocale(LC_CTYPE, "POSIX.UTF-8") != NULL)) + return; + setlocale(LC_CTYPE, "C"); + return; + } + /* We can handle this locale */ + setlocale(LC_CTYPE, ""); +} Index: openssh-6.6p1/utf8.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ openssh-6.6p1/utf8.h 2019-01-31 11:14:07.623200964 -0500 @@ -0,0 +1,25 @@ +/* $OpenBSD: utf8.h,v 1.1 2016/05/25 23:48:45 schwarze Exp $ */ +/* + * Copyright (c) 2016 Ingo Schwarze + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +int mprintf(const char *, ...) + __attribute__((format(printf, 1, 2))); +int fmprintf(FILE *, const char *, ...) + __attribute__((format(printf, 2, 3))); +int vfmprintf(FILE *, const char *, va_list); +int snmprintf(char *, size_t, int *, const char *, ...) + __attribute__((format(printf, 4, 5))); +void msetlocale(void); Index: openssh-6.6p1/configure.ac =================================================================== --- openssh-6.6p1.orig/configure.ac 2019-01-31 11:14:07.627200966 -0500 +++ openssh-6.6p1/configure.ac 2019-01-31 11:14:07.623200964 -0500 @@ -340,6 +340,7 @@ AC_CHECK_HEADERS([ \ ia.h \ iaf.h \ inttypes.h \ + langinfo.h \ limits.h \ locale.h \ login.h \ @@ -392,6 +393,7 @@ AC_CHECK_HEADERS([ \ utmp.h \ utmpx.h \ vis.h \ + wchar.h \ ]) # lastlog.h requires sys/time.h to be included first on Solaris debian/patches/keepalive-extensions.patch0000644000000000000000000001106012330654315016000 0ustar From 81540b7886fdc73c7be304706ea33d6d87b5fc81 Mon Sep 17 00:00:00 2001 From: Richard Kettlewell Date: Sun, 9 Feb 2014 16:09:52 +0000 Subject: Various keepalive extensions Add compatibility aliases for ProtocolKeepAlives and SetupTimeOut, supported in previous versions of Debian's OpenSSH package but since superseded by ServerAliveInterval. (We're probably stuck with this bit for compatibility.) In batch mode, default ServerAliveInterval to five minutes. Adjust documentation to match and to give some more advice on use of keepalives. Author: Ian Jackson Author: Matthew Vernon Author: Colin Watson Last-Update: 2013-09-14 Patch-Name: keepalive-extensions.patch --- readconf.c | 14 ++++++++++++-- ssh_config.5 | 21 +++++++++++++++++++-- sshd_config.5 | 3 +++ 3 files changed, 34 insertions(+), 4 deletions(-) diff --git a/readconf.c b/readconf.c index bcd8cad..6409937 100644 --- a/readconf.c +++ b/readconf.c @@ -151,6 +151,7 @@ typedef enum { oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown, oProxyUseFdpass, oCanonicalDomains, oCanonicalizeHostname, oCanonicalizeMaxDots, oCanonicalizeFallbackLocal, oCanonicalizePermittedCNAMEs, + oProtocolKeepAlives, oSetupTimeOut, oIgnoredUnknownOption, oDeprecated, oUnsupported } OpCodes; @@ -274,6 +275,8 @@ static struct { { "canonicalizemaxdots", oCanonicalizeMaxDots }, { "canonicalizepermittedcnames", oCanonicalizePermittedCNAMEs }, { "ignoreunknown", oIgnoreUnknown }, + { "protocolkeepalives", oProtocolKeepAlives }, + { "setuptimeout", oSetupTimeOut }, { NULL, oBadOption } }; @@ -1247,6 +1250,8 @@ parse_int: goto parse_flag; case oServerAliveInterval: + case oProtocolKeepAlives: /* Debian-specific compatibility alias */ + case oSetupTimeOut: /* Debian-specific compatibility alias */ intptr = &options->server_alive_interval; goto parse_time; @@ -1746,8 +1751,13 @@ fill_default_options(Options * options) options->rekey_interval = 0; if (options->verify_host_key_dns == -1) options->verify_host_key_dns = 0; - if (options->server_alive_interval == -1) - options->server_alive_interval = 0; + if (options->server_alive_interval == -1) { + /* in batch mode, default is 5mins */ + if (options->batch_mode == 1) + options->server_alive_interval = 300; + else + options->server_alive_interval = 0; + } if (options->server_alive_count_max == -1) options->server_alive_count_max = 3; if (options->control_master == -1) diff --git a/ssh_config.5 b/ssh_config.5 index 473971e..3172fd4 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -205,8 +205,12 @@ Valid arguments are If set to .Dq yes , passphrase/password querying will be disabled. +In addition, the +.Cm ServerAliveInterval +option will be set to 300 seconds by default. This option is useful in scripts and other batch jobs where no user -is present to supply the password. +is present to supply the password, +and where it is desirable to detect a broken network swiftly. The argument must be .Dq yes or @@ -1305,8 +1309,15 @@ from the server, will send a message through the encrypted channel to request a response from the server. The default -is 0, indicating that these messages will not be sent to the server. +is 0, indicating that these messages will not be sent to the server, +or 300 if the +.Cm BatchMode +option is set. This option applies to protocol version 2 only. +.Cm ProtocolKeepAlives +and +.Cm SetupTimeOut +are Debian-specific compatibility aliases for this option. .It Cm StrictHostKeyChecking If this flag is set to .Dq yes , @@ -1345,6 +1356,12 @@ Specifies whether the system should send TCP keepalive messages to the other side. If they are sent, death of the connection or crash of one of the machines will be properly noticed. +This option only uses TCP keepalives (as opposed to using ssh level +keepalives), so takes a long time to notice when the connection dies. +As such, you probably want +the +.Cm ServerAliveInterval +option as well. However, this means that connections will die if the route is down temporarily, and some people find it annoying. diff --git a/sshd_config.5 b/sshd_config.5 index ceed88a..2164d58 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -1183,6 +1183,9 @@ This avoids infinitely hanging sessions. .Pp To disable TCP keepalive messages, the value should be set to .Dq no . +.Pp +This option was formerly called +.Cm KeepAlive . .It Cm TrustedUserCAKeys Specifies a file containing public keys of certificate authorities that are trusted to sign user certificates for authentication. debian/patches/authorized-keys-man-symlink.patch0000644000000000000000000000217412330654315017230 0ustar From 71448da5ce75ba50bcb10dbbd3b8c7633f633e8f Mon Sep 17 00:00:00 2001 From: Tomas Pospisek Date: Sun, 9 Feb 2014 16:10:07 +0000 Subject: Install authorized_keys(5) as a symlink to sshd(8) Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1720 Bug-Debian: http://bugs.debian.org/441817 Last-Update: 2013-09-14 Patch-Name: authorized-keys-man-symlink.patch --- Makefile.in | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile.in b/Makefile.in index 3d96c05..feee0b2 100644 --- a/Makefile.in +++ b/Makefile.in @@ -287,6 +287,7 @@ install-files: $(INSTALL) -m 644 sshd_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/sshd_config.5 $(INSTALL) -m 644 ssh_config.5.out $(DESTDIR)$(mandir)/$(mansubdir)5/ssh_config.5 $(INSTALL) -m 644 sshd.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sshd.8 + ln -s ../$(mansubdir)8/sshd.8 $(DESTDIR)$(mandir)/$(mansubdir)5/authorized_keys.5 $(INSTALL) -m 644 sftp.1.out $(DESTDIR)$(mandir)/$(mansubdir)1/sftp.1 $(INSTALL) -m 644 sftp-server.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/sftp-server.8 $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 debian/patches/sshfp_with_server_cert_upstr0000644000000000000000000000541312330654315016563 0ustar From 08a63152deb5deda168aaef870bdb9f56425acb3 Mon Sep 17 00:00:00 2001 From: Matthew Vernon Date: Wed, 26 Mar 2014 15:32:23 +0000 Subject: Attempt SSHFP lookup even if server presents a certificate If an ssh server presents a certificate to the client, then the client does not check the DNS for SSHFP records. This means that a malicious server can essentially disable DNS-host-key-checking, which means the client will fall back to asking the user (who will just say "yes" to the fingerprint, sadly). This patch is by Damien Miller (of openssh upstream). It's simpler than the patch by Mark Wooding which I applied yesterday; a copy is taken of the proffered key/cert, the key extracted from the cert (if necessary), and then the DNS consulted. Signed-off-by: Matthew Vernon Bug-Debian: http://bugs.debian.org/742513 Patch-Name: sshfp_with_server_cert_upstr --- sshconnect.c | 42 ++++++++++++++++++++++++++---------------- 1 file changed, 26 insertions(+), 16 deletions(-) diff --git a/sshconnect.c b/sshconnect.c index 87c3770..324f5e0 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1224,29 +1224,39 @@ verify_host_key(char *host, struct sockaddr *hostaddr, Key *host_key) { int flags = 0; char *fp; + Key *plain = NULL; fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); debug("Server host key: %s %s", key_type(host_key), fp); free(fp); - /* XXX certs are not yet supported for DNS */ - if (!key_is_cert(host_key) && options.verify_host_key_dns && - verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) { - if (flags & DNS_VERIFY_FOUND) { - - if (options.verify_host_key_dns == 1 && - flags & DNS_VERIFY_MATCH && - flags & DNS_VERIFY_SECURE) - return 0; - - if (flags & DNS_VERIFY_MATCH) { - matching_host_key_dns = 1; - } else { - warn_changed_key(host_key); - error("Update the SSHFP RR in DNS with the new " - "host key to get rid of this message."); + if (options.verify_host_key_dns) { + /* + * XXX certs are not yet supported for DNS, so downgrade + * them and try the plain key. + */ + plain = key_from_private(host_key); + if (key_is_cert(plain)) + key_drop_cert(plain); + if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) { + if (flags & DNS_VERIFY_FOUND) { + if (options.verify_host_key_dns == 1 && + flags & DNS_VERIFY_MATCH && + flags & DNS_VERIFY_SECURE) { + key_free(plain); + return 0; + } + if (flags & DNS_VERIFY_MATCH) { + matching_host_key_dns = 1; + } else { + warn_changed_key(plain); + error("Update the SSHFP RR in DNS " + "with the new host key to get rid " + "of this message."); + } } } + key_free(plain); } return check_host_key(host, hostaddr, options.port, host_key, RDRW, debian/patches/ssh-argv0.patch0000644000000000000000000000151712330654315013456 0ustar From d4ac61d918775f629eff9a389d0f7bb0f8426b48 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:10 +0000 Subject: ssh(1): Refer to ssh-argv0(1) Old versions of OpenSSH (up to 2.5 or thereabouts) allowed creating symlinks to ssh with the name of the host you want to connect to. Debian ships an ssh-argv0 script restoring this feature; this patch refers to its manual page from ssh(1). Bug-Debian: http://bugs.debian.org/111341 Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: ssh-argv0.patch --- ssh.1 | 1 + 1 file changed, 1 insertion(+) diff --git a/ssh.1 b/ssh.1 index 67b4f44..9868025 100644 --- a/ssh.1 +++ b/ssh.1 @@ -1468,6 +1468,7 @@ if an error occurred. .Xr sftp 1 , .Xr ssh-add 1 , .Xr ssh-agent 1 , +.Xr ssh-argv0 1 , .Xr ssh-keygen 1 , .Xr ssh-keyscan 1 , .Xr tun 4 , debian/patches/CVE-2018-15473.patch0000644000000000000000000000660713366640641013346 0ustar Backport of: From 779974d35b4859c07bc3cb8a12c74b43b0a7d1e0 Mon Sep 17 00:00:00 2001 From: djm Date: Tue, 31 Jul 2018 03:10:27 +0000 Subject: [PATCH] =?UTF-8?q?delay=20bailout=20for=20invalid=20authenticatin?= =?UTF-8?q?g=20user=20until=20after=20the=20packet=20containing=20the=20re?= =?UTF-8?q?quest=20has=20been=20fully=20parsed.=20Reported=20by=20Dariusz?= =?UTF-8?q?=20Tytko=20and=20Micha=C5=82=20Sajdak;=20ok=20deraadt?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit delay bailout for invalid authenticating user until after the packet containing the request has been fully parsed. --- auth2-gss.c | 9 ++++++--- auth2-hostbased.c | 9 +++++---- auth2-pubkey.c | 20 +++++++++++++------- 3 files changed, 24 insertions(+), 14 deletions(-) --- a/auth2-gss.c +++ b/auth2-gss.c @@ -101,9 +101,6 @@ u_int len; u_char *doid = NULL; - if (!authctxt->valid || authctxt->user == NULL) - return (0); - mechs = packet_get_int(); if (mechs == 0) { debug("Mechanism negotiation is not supported"); @@ -134,6 +131,12 @@ return (0); } + if (!authctxt->valid || authctxt->user == NULL) { + debug2("%s: disabled because of invalid user", __func__); + free(doid); + return (0); + } + if (GSS_ERROR(PRIVSEP(ssh_gssapi_server_ctx(&ctxt, &goid)))) { if (ctxt != NULL) ssh_gssapi_delete_ctx(&ctxt); --- a/auth2-hostbased.c +++ b/auth2-hostbased.c @@ -64,10 +64,6 @@ int pktype; int authenticated = 0; - if (!authctxt->valid) { - debug2("userauth_hostbased: disabled because of invalid user"); - return 0; - } pkalg = packet_get_string(&alen); pkblob = packet_get_string(&blen); chost = packet_get_string(NULL); @@ -106,6 +102,11 @@ "signature format"); goto done; } + if (!authctxt->valid || authctxt->user == NULL) { + debug2("%s: disabled because of invalid user", __func__); + goto done; + } + service = datafellows & SSH_BUG_HBSERVICE ? "ssh-userauth" : authctxt->service; buffer_init(&b); --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -76,15 +76,11 @@ Buffer b; Key *key = NULL; char *pkalg, *userstyle; - u_char *pkblob, *sig; + u_char *pkblob, *sig = NULL; u_int alen, blen, slen; int have_sig, pktype; int authenticated = 0; - if (!authctxt->valid) { - debug2("userauth_pubkey: disabled because of invalid user"); - return 0; - } have_sig = packet_get_char(); if (datafellows & SSH_BUG_PKAUTH) { debug2("userauth_pubkey: SSH_BUG_PKAUTH"); @@ -131,6 +127,12 @@ } else { buffer_put_string(&b, session_id2, session_id2_len); } + if (!authctxt->valid || authctxt->user == NULL) { + debug2("%s: disabled because of invalid user", + __func__); + buffer_free(&b); + goto done; + } /* reconstruct packet */ buffer_put_char(&b, SSH2_MSG_USERAUTH_REQUEST); xasprintf(&userstyle, "%s%s%s", authctxt->user, @@ -162,11 +164,14 @@ buffer_len(&b))) == 1) authenticated = 1; buffer_free(&b); - free(sig); } else { debug("test whether pkalg/pkblob are acceptable"); packet_check_eom(); - + if (!authctxt->valid || authctxt->user == NULL) { + debug2("%s: disabled because of invalid user", + __func__); + goto done; + } /* XXX fake reply and always send PK_OK ? */ /* * XXX this allows testing whether a user is allowed @@ -192,6 +197,7 @@ key_free(key); free(pkalg); free(pkblob); + free(sig); return authenticated; } debian/patches/CVE-2016-10009-4.patch0000644000000000000000000000155513230121751013452 0ustar Backport of: From 1a321bfdb91defe3c4d9cca5651724ae167e5436 Mon Sep 17 00:00:00 2001 From: "deraadt@openbsd.org" Date: Wed, 15 Mar 2017 03:52:30 +0000 Subject: [PATCH] upstream commit accidents happen to the best of us; ok djm Upstream-ID: b7a9dbd71011ffde95e06f6945fe7197dedd1604 --- ssh-agent.c | 3 ++- sshd.c | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) Index: openssh-6.6p1/ssh-agent.c =================================================================== --- openssh-6.6p1.orig/ssh-agent.c 2018-01-18 08:40:55.313385371 -0500 +++ openssh-6.6p1/ssh-agent.c 2018-01-18 08:40:55.309385363 -0500 @@ -703,6 +703,7 @@ process_remove_smartcard_key(SocketEntry else error("process_remove_smartcard_key:" " pkcs11_del_provider failed"); +send: free(provider); buffer_put_int(&e->output, 1); buffer_put_char(&e->output, debian/patches/ssh-vulnkey-compat.patch0000644000000000000000000000316112330654315015412 0ustar From d422205e757aaf23e8e0e787f842ef37f6a170a2 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:09:50 +0000 Subject: Accept obsolete ssh-vulnkey configuration options These options were used as part of Debian's response to CVE-2008-0166. Nearly six years later, we no longer need to continue carrying the bulk of that patch, but we do need to avoid failing when the associated configuration options are still present. Last-Update: 2014-02-09 Patch-Name: ssh-vulnkey-compat.patch --- readconf.c | 1 + servconf.c | 1 + 2 files changed, 2 insertions(+) diff --git a/readconf.c b/readconf.c index 7613ff2..bcd8cad 100644 --- a/readconf.c +++ b/readconf.c @@ -172,6 +172,7 @@ static struct { { "passwordauthentication", oPasswordAuthentication }, { "kbdinteractiveauthentication", oKbdInteractiveAuthentication }, { "kbdinteractivedevices", oKbdInteractiveDevices }, + { "useblacklistedkeys", oDeprecated }, { "rsaauthentication", oRSAAuthentication }, { "pubkeyauthentication", oPubkeyAuthentication }, { "dsaauthentication", oPubkeyAuthentication }, /* alias */ diff --git a/servconf.c b/servconf.c index 0083cf8..90de888 100644 --- a/servconf.c +++ b/servconf.c @@ -448,6 +448,7 @@ static struct { { "x11uselocalhost", sX11UseLocalhost, SSHCFG_ALL }, { "xauthlocation", sXAuthLocation, SSHCFG_GLOBAL }, { "strictmodes", sStrictModes, SSHCFG_GLOBAL }, + { "permitblacklistedkeys", sDeprecated, SSHCFG_GLOBAL }, { "permitemptypasswords", sEmptyPasswd, SSHCFG_ALL }, { "permituserenvironment", sPermitUserEnvironment, SSHCFG_GLOBAL }, { "uselogin", sUseLogin, SSHCFG_GLOBAL }, debian/patches/consolekit.patch0000644000000000000000000005353412330654315014024 0ustar From 7a26d16efb4ee303c8d66ee82caf9d0686f4a074 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:09:57 +0000 Subject: Add support for registering ConsoleKit sessions on login Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1450 Last-Updated: 2014-03-20 Patch-Name: consolekit.patch --- Makefile.in | 3 +- configure | 132 +++++++++++++++++++++++++++++++ configure.ac | 25 ++++++ consolekit.c | 240 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ consolekit.h | 24 ++++++ monitor.c | 42 ++++++++++ monitor.h | 2 + monitor_wrap.c | 30 ++++++++ monitor_wrap.h | 4 + session.c | 13 ++++ session.h | 6 ++ 11 files changed, 520 insertions(+), 1 deletion(-) create mode 100644 consolekit.c create mode 100644 consolekit.h diff --git a/Makefile.in b/Makefile.in index ee1d2c3..3d96c05 100644 --- a/Makefile.in +++ b/Makefile.in @@ -97,7 +97,8 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o \ sftp-server.o sftp-common.o \ roaming_common.o roaming_serv.o \ sandbox-null.o sandbox-rlimit.o sandbox-systrace.o sandbox-darwin.o \ - sandbox-seccomp-filter.o sandbox-capsicum.o + sandbox-seccomp-filter.o sandbox-capsicum.o \ + consolekit.o MANPAGES = moduli.5.out scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-keysign.8.out ssh-pkcs11-helper.8.out sshd_config.5.out ssh_config.5.out MANPAGES_IN = moduli.5 scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh-keyscan.1 ssh.1 sshd.8 sftp-server.8 sftp.1 ssh-keysign.8 ssh-pkcs11-helper.8 sshd_config.5 ssh_config.5 diff --git a/configure b/configure index b6b5b6d..e2f12cd 100755 --- a/configure +++ b/configure @@ -740,6 +740,7 @@ with_privsep_user with_sandbox with_selinux with_kerberos5 +with_consolekit with_privsep_path with_xauth enable_strip @@ -1432,6 +1433,7 @@ Optional Packages: --with-sandbox=style Specify privilege separation sandbox (no, darwin, rlimit, systrace, seccomp_filter, capsicum) --with-selinux Enable SELinux support --with-kerberos5=PATH Enable Kerberos 5 support + --with-consolekit Enable ConsoleKit support --with-privsep-path=xxx Path for privilege separation chroot (default=/var/empty) --with-xauth=PATH Specify path to xauth program --with-maildir=/path/to/mail Specify your system mail directory @@ -17217,6 +17219,135 @@ fi +# Check whether user wants ConsoleKit support +CONSOLEKIT_MSG="no" +LIBCK_CONNECTOR="" + +# Check whether --with-consolekit was given. +if test "${with_consolekit+set}" = set; then : + withval=$with_consolekit; if test "x$withval" != "xno" ; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args. +set dummy ${ac_tool_prefix}pkg-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_PKGCONFIG+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $PKGCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_PKGCONFIG="$PKGCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +PKGCONFIG=$ac_cv_path_PKGCONFIG +if test -n "$PKGCONFIG"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PKGCONFIG" >&5 +$as_echo "$PKGCONFIG" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_path_PKGCONFIG"; then + ac_pt_PKGCONFIG=$PKGCONFIG + # Extract the first word of "pkg-config", so it can be a program name with args. +set dummy pkg-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_ac_pt_PKGCONFIG+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $ac_pt_PKGCONFIG in + [\\/]* | ?:[\\/]*) + ac_cv_path_ac_pt_PKGCONFIG="$ac_pt_PKGCONFIG" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + ac_cv_path_ac_pt_PKGCONFIG="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +ac_pt_PKGCONFIG=$ac_cv_path_ac_pt_PKGCONFIG +if test -n "$ac_pt_PKGCONFIG"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_pt_PKGCONFIG" >&5 +$as_echo "$ac_pt_PKGCONFIG" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_pt_PKGCONFIG" = x; then + PKGCONFIG="no" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + PKGCONFIG=$ac_pt_PKGCONFIG + fi +else + PKGCONFIG="$ac_cv_path_PKGCONFIG" +fi + + if test "$PKGCONFIG" != "no"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ck-connector" >&5 +$as_echo_n "checking for ck-connector... " >&6; } + if $PKGCONFIG --exists ck-connector; then + CKCON_CFLAGS=`$PKGCONFIG --cflags ck-connector` + CKCON_LIBS=`$PKGCONFIG --libs ck-connector` + CPPFLAGS="$CPPFLAGS $CKCON_CFLAGS" + SSHDLIBS="$SSHDLIBS $CKCON_LIBS" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + +$as_echo "#define USE_CONSOLEKIT 1" >>confdefs.h + + CONSOLEKIT_MSG="yes" + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + fi + fi + fi + +fi + + # Looking for programs, paths and files PRIVSEP_PATH=/var/empty @@ -19746,6 +19877,7 @@ echo " MD5 password support: $MD5_MSG" echo " libedit support: $LIBEDIT_MSG" echo " Solaris process contract support: $SPC_MSG" echo " Solaris project support: $SP_MSG" +echo " ConsoleKit support: $CONSOLEKIT_MSG" echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" echo " BSD Auth support: $BSD_AUTH_MSG" diff --git a/configure.ac b/configure.ac index d235fb0..8669271 100644 --- a/configure.ac +++ b/configure.ac @@ -4072,6 +4072,30 @@ AC_ARG_WITH([kerberos5], AC_SUBST([GSSLIBS]) AC_SUBST([K5LIBS]) +# Check whether user wants ConsoleKit support +CONSOLEKIT_MSG="no" +LIBCK_CONNECTOR="" +AC_ARG_WITH(consolekit, + [ --with-consolekit Enable ConsoleKit support], + [ if test "x$withval" != "xno" ; then + AC_PATH_TOOL([PKGCONFIG], [pkg-config], [no]) + if test "$PKGCONFIG" != "no"; then + AC_MSG_CHECKING([for ck-connector]) + if $PKGCONFIG --exists ck-connector; then + CKCON_CFLAGS=`$PKGCONFIG --cflags ck-connector` + CKCON_LIBS=`$PKGCONFIG --libs ck-connector` + CPPFLAGS="$CPPFLAGS $CKCON_CFLAGS" + SSHDLIBS="$SSHDLIBS $CKCON_LIBS" + AC_MSG_RESULT([yes]) + AC_DEFINE(USE_CONSOLEKIT, 1, [Define if you want ConsoleKit support.]) + CONSOLEKIT_MSG="yes" + else + AC_MSG_RESULT([no]) + fi + fi + fi ] +) + # Looking for programs, paths and files PRIVSEP_PATH=/var/empty @@ -4873,6 +4897,7 @@ echo " MD5 password support: $MD5_MSG" echo " libedit support: $LIBEDIT_MSG" echo " Solaris process contract support: $SPC_MSG" echo " Solaris project support: $SP_MSG" +echo " ConsoleKit support: $CONSOLEKIT_MSG" echo " IP address in \$DISPLAY hack: $DISPLAY_HACK_MSG" echo " Translate v4 in v6 hack: $IPV4_IN6_HACK_MSG" echo " BSD Auth support: $BSD_AUTH_MSG" diff --git a/consolekit.c b/consolekit.c new file mode 100644 index 0000000..f1039e6 --- /dev/null +++ b/consolekit.c @@ -0,0 +1,240 @@ +/* + * Copyright (c) 2008 Colin Watson. All rights reserved. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ +/* + * Loosely based on pam-ck-connector, which is: + * + * Copyright (c) 2007 David Zeuthen + * + * Permission is hereby granted, free of charge, to any person + * obtaining a copy of this software and associated documentation + * files (the "Software"), to deal in the Software without + * restriction, including without limitation the rights to use, + * copy, modify, merge, publish, distribute, sublicense, and/or sell + * copies of the Software, and to permit persons to whom the + * Software is furnished to do so, subject to the following + * conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES + * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT + * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, + * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR + * OTHER DEALINGS IN THE SOFTWARE. + */ + +#include "includes.h" + +#ifdef USE_CONSOLEKIT + +#include + +#include "openbsd-compat/sys-queue.h" +#include "xmalloc.h" +#include "channels.h" +#include "key.h" +#include "hostfile.h" +#include "auth.h" +#include "log.h" +#include "servconf.h" +#include "canohost.h" +#include "session.h" +#include "consolekit.h" + +extern ServerOptions options; +extern u_int utmp_len; + +void +set_active(const char *cookie) +{ + DBusError err; + DBusConnection *connection; + DBusMessage *message = NULL, *reply = NULL; + char *sid; + DBusMessageIter iter, subiter; + const char *interface, *property; + dbus_bool_t active; + + dbus_error_init(&err); + connection = dbus_bus_get_private(DBUS_BUS_SYSTEM, &err); + if (!connection) { + if (dbus_error_is_set(&err)) { + error("unable to open DBus connection: %s", + err.message); + dbus_error_free(&err); + } + goto out; + } + dbus_connection_set_exit_on_disconnect(connection, FALSE); + + message = dbus_message_new_method_call("org.freedesktop.ConsoleKit", + "/org/freedesktop/ConsoleKit/Manager", + "org.freedesktop.ConsoleKit.Manager", + "GetSessionForCookie"); + if (!message) + goto out; + if (!dbus_message_append_args(message, DBUS_TYPE_STRING, &cookie, + DBUS_TYPE_INVALID)) { + if (dbus_error_is_set(&err)) { + error("unable to get current session: %s", + err.message); + dbus_error_free(&err); + } + goto out; + } + + dbus_error_init(&err); + reply = dbus_connection_send_with_reply_and_block(connection, message, + -1, &err); + if (!reply) { + if (dbus_error_is_set(&err)) { + error("unable to get current session: %s", + err.message); + dbus_error_free(&err); + } + goto out; + } + + dbus_error_init(&err); + if (!dbus_message_get_args(reply, &err, + DBUS_TYPE_OBJECT_PATH, &sid, + DBUS_TYPE_INVALID)) { + if (dbus_error_is_set(&err)) { + error("unable to get current session: %s", + err.message); + dbus_error_free(&err); + } + goto out; + } + dbus_message_unref(reply); + dbus_message_unref(message); + message = reply = NULL; + + message = dbus_message_new_method_call("org.freedesktop.ConsoleKit", + sid, "org.freedesktop.DBus.Properties", "Set"); + if (!message) + goto out; + interface = "org.freedesktop.ConsoleKit.Session"; + property = "active"; + if (!dbus_message_append_args(message, + DBUS_TYPE_STRING, &interface, DBUS_TYPE_STRING, &property, + DBUS_TYPE_INVALID)) + goto out; + dbus_message_iter_init_append(message, &iter); + if (!dbus_message_iter_open_container(&iter, DBUS_TYPE_VARIANT, + DBUS_TYPE_BOOLEAN_AS_STRING, &subiter)) + goto out; + active = TRUE; + if (!dbus_message_iter_append_basic(&subiter, DBUS_TYPE_BOOLEAN, + &active)) + goto out; + if (!dbus_message_iter_close_container(&iter, &subiter)) + goto out; + + dbus_error_init(&err); + reply = dbus_connection_send_with_reply_and_block(connection, message, + -1, &err); + if (!reply) { + if (dbus_error_is_set(&err)) { + error("unable to make current session active: %s", + err.message); + dbus_error_free(&err); + } + goto out; + } + +out: + if (reply) + dbus_message_unref(reply); + if (message) + dbus_message_unref(message); +} + +/* + * We pass display separately rather than using s->display because the + * latter is not available in the monitor when using privsep. + */ + +char * +consolekit_register(Session *s, const char *display) +{ + DBusError err; + const char *tty = s->tty; + const char *remote_host_name; + dbus_bool_t is_local = FALSE; + const char *cookie = NULL; + + if (s->ckc) { + debug("already registered with ConsoleKit"); + return xstrdup(ck_connector_get_cookie(s->ckc)); + } + + s->ckc = ck_connector_new(); + if (!s->ckc) { + error("ck_connector_new failed"); + return NULL; + } + + if (!tty) + tty = ""; + if (!display) + display = ""; + remote_host_name = get_remote_name_or_ip(utmp_len, options.use_dns); + if (!remote_host_name) + remote_host_name = ""; + + dbus_error_init(&err); + if (!ck_connector_open_session_with_parameters(s->ckc, &err, + "unix-user", &s->pw->pw_uid, + "display-device", &tty, + "x11-display", &display, + "remote-host-name", &remote_host_name, + "is-local", &is_local, + NULL)) { + if (dbus_error_is_set(&err)) { + debug("%s", err.message); + dbus_error_free(&err); + } else { + debug("insufficient privileges or D-Bus / ConsoleKit " + "not available"); + } + return NULL; + } + + debug("registered uid=%d on tty='%s' with ConsoleKit", + s->pw->pw_uid, s->tty); + + cookie = ck_connector_get_cookie(s->ckc); + set_active(cookie); + return xstrdup(cookie); +} + +void +consolekit_unregister(Session *s) +{ + if (s->ckc) { + debug("unregistering ConsoleKit session %s", + ck_connector_get_cookie(s->ckc)); + ck_connector_unref(s->ckc); + s->ckc = NULL; + } +} + +#endif /* USE_CONSOLEKIT */ diff --git a/consolekit.h b/consolekit.h new file mode 100644 index 0000000..8ce3716 --- /dev/null +++ b/consolekit.h @@ -0,0 +1,24 @@ +/* + * Copyright (c) 2008 Colin Watson. All rights reserved. + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifdef USE_CONSOLEKIT + +struct Session; + +char * consolekit_register(struct Session *, const char *); +void consolekit_unregister(struct Session *); + +#endif /* USE_CONSOLEKIT */ diff --git a/monitor.c b/monitor.c index 11eac63..7c105e6 100644 --- a/monitor.c +++ b/monitor.c @@ -97,6 +97,9 @@ #include "ssh2.h" #include "roaming.h" #include "authfd.h" +#ifdef USE_CONSOLEKIT +#include "consolekit.h" +#endif #ifdef GSSAPI static Gssctxt *gsscontext = NULL; @@ -187,6 +190,10 @@ int mm_answer_audit_command(int, Buffer *); static int monitor_read_log(struct monitor *); +#ifdef USE_CONSOLEKIT +int mm_answer_consolekit_register(int, Buffer *); +#endif + static Authctxt *authctxt; static BIGNUM *ssh1_challenge = NULL; /* used for ssh1 rsa auth */ @@ -272,6 +279,9 @@ struct mon_table mon_dispatch_postauth20[] = { {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT, mm_answer_audit_command}, #endif +#ifdef USE_CONSOLEKIT + {MONITOR_REQ_CONSOLEKIT_REGISTER, 0, mm_answer_consolekit_register}, +#endif {0, 0, NULL} }; @@ -314,6 +324,9 @@ struct mon_table mon_dispatch_postauth15[] = { {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, {MONITOR_REQ_AUDIT_COMMAND, MON_PERMIT|MON_ONCE, mm_answer_audit_command}, #endif +#ifdef USE_CONSOLEKIT + {MONITOR_REQ_CONSOLEKIT_REGISTER, 0, mm_answer_consolekit_register}, +#endif {0, 0, NULL} }; @@ -492,6 +505,9 @@ monitor_child_postauth(struct monitor *pmonitor) monitor_permit(mon_dispatch, MONITOR_REQ_PTY, 1); monitor_permit(mon_dispatch, MONITOR_REQ_PTYCLEANUP, 1); } +#ifdef USE_CONSOLEKIT + monitor_permit(mon_dispatch, MONITOR_REQ_CONSOLEKIT_REGISTER, 1); +#endif for (;;) monitor_read(pmonitor, mon_dispatch, NULL); @@ -2269,3 +2285,29 @@ mm_answer_gss_updatecreds(int socket, Buffer *m) { #endif /* GSSAPI */ +#ifdef USE_CONSOLEKIT +int +mm_answer_consolekit_register(int sock, Buffer *m) +{ + Session *s; + char *tty, *display; + char *cookie = NULL; + + debug3("%s entering", __func__); + + tty = buffer_get_string(m, NULL); + display = buffer_get_string(m, NULL); + s = session_by_tty(tty); + if (s != NULL) + cookie = consolekit_register(s, display); + buffer_clear(m); + buffer_put_cstring(m, cookie != NULL ? cookie : ""); + mm_request_send(sock, MONITOR_ANS_CONSOLEKIT_REGISTER, m); + + free(cookie); + free(display); + free(tty); + + return (0); +} +#endif /* USE_CONSOLEKIT */ diff --git a/monitor.h b/monitor.h index 4d5e8fa..10ba59e 100644 --- a/monitor.h +++ b/monitor.h @@ -70,6 +70,8 @@ enum monitor_reqtype { MONITOR_REQ_AUTHROLE = 154, + MONITOR_REQ_CONSOLEKIT_REGISTER = 156, MONITOR_ANS_CONSOLEKIT_REGISTER = 157, + }; struct mm_master; diff --git a/monitor_wrap.c b/monitor_wrap.c index f75dc9d..a8fb07b 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -1353,3 +1353,33 @@ mm_ssh_gssapi_update_creds(ssh_gssapi_ccache *store) #endif /* GSSAPI */ +#ifdef USE_CONSOLEKIT +char * +mm_consolekit_register(Session *s, const char *display) +{ + Buffer m; + char *cookie; + + debug3("%s entering", __func__); + + if (s->ttyfd == -1) + return NULL; + buffer_init(&m); + buffer_put_cstring(&m, s->tty); + buffer_put_cstring(&m, display != NULL ? display : ""); + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_CONSOLEKIT_REGISTER, &m); + buffer_clear(&m); + + mm_request_receive_expect(pmonitor->m_recvfd, + MONITOR_ANS_CONSOLEKIT_REGISTER, &m); + cookie = buffer_get_string(&m, NULL); + buffer_free(&m); + + /* treat empty cookie as missing cookie */ + if (strlen(cookie) == 0) { + free(cookie); + cookie = NULL; + } + return (cookie); +} +#endif /* USE_CONSOLEKIT */ diff --git a/monitor_wrap.h b/monitor_wrap.h index 9c2ee49..00e93fe 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -111,4 +111,8 @@ void *mm_zalloc(struct mm_master *, u_int, u_int); void mm_zfree(struct mm_master *, void *); void mm_init_compression(struct mm_master *); +#ifdef USE_CONSOLEKIT +char *mm_consolekit_register(struct Session *, const char *); +#endif /* USE_CONSOLEKIT */ + #endif /* _MM_WRAP_H_ */ diff --git a/session.c b/session.c index 6848df4..9d43fc3 100644 --- a/session.c +++ b/session.c @@ -92,6 +92,7 @@ #include "kex.h" #include "monitor_wrap.h" #include "sftp.h" +#include "consolekit.h" #if defined(KRB5) && defined(USE_AFS) #include @@ -1160,6 +1161,9 @@ do_setup_env(Session *s, const char *shell) #if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN) char *path = NULL; #endif +#ifdef USE_CONSOLEKIT + const char *ckcookie = NULL; +#endif /* USE_CONSOLEKIT */ /* Initialize the environment. */ envsize = 100; @@ -1304,6 +1308,11 @@ do_setup_env(Session *s, const char *shell) child_set_env(&env, &envsize, "KRB5CCNAME", s->authctxt->krb5_ccname); #endif +#ifdef USE_CONSOLEKIT + ckcookie = PRIVSEP(consolekit_register(s, s->display)); + if (ckcookie) + child_set_env(&env, &envsize, "XDG_SESSION_COOKIE", ckcookie); +#endif /* USE_CONSOLEKIT */ #ifdef USE_PAM /* * Pull in any environment variables that may have @@ -2353,6 +2362,10 @@ session_pty_cleanup2(Session *s) debug("session_pty_cleanup: session %d release %s", s->self, s->tty); +#ifdef USE_CONSOLEKIT + consolekit_unregister(s); +#endif /* USE_CONSOLEKIT */ + /* Record that the user has logged out. */ if (s->pid != 0) record_logout(s->pid, s->tty, s->pw->pw_name); diff --git a/session.h b/session.h index ef6593c..a6b6983 100644 --- a/session.h +++ b/session.h @@ -26,6 +26,8 @@ #ifndef SESSION_H #define SESSION_H +struct _CkConnector; + #define TTYSZ 64 typedef struct Session Session; struct Session { @@ -61,6 +63,10 @@ struct Session { char *name; char *val; } *env; + +#ifdef USE_CONSOLEKIT + struct _CkConnector *ckc; +#endif /* USE_CONSOLEKIT */ }; void do_authenticated(Authctxt *); debian/patches/no-openssl-version-check.patch0000644000000000000000000000256112330654315016477 0ustar From 20690ea4b33e8ff81fea287492270df3a7029777 Mon Sep 17 00:00:00 2001 From: Philip Hands Date: Sun, 9 Feb 2014 16:10:14 +0000 Subject: Disable OpenSSL version check OpenSSL's SONAME is sufficient nowadays. Author: Colin Watson Bug-Debian: http://bugs.debian.org/93581 Bug-Debian: http://bugs.debian.org/664383 Forwarded: not-needed Last-Update: 2013-12-23 Patch-Name: no-openssl-version-check.patch --- entropy.c | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/entropy.c b/entropy.c index 2d483b3..2aee2d9 100644 --- a/entropy.c +++ b/entropy.c @@ -209,18 +209,6 @@ seed_rng(void) #ifndef OPENSSL_PRNG_ONLY unsigned char buf[RANDOM_SEED_SIZE]; #endif - /* - * OpenSSL version numbers: MNNFFPPS: major minor fix patch status - * We match major, minor, fix and status (not patch) for <1.0.0. - * After that, we acceptable compatible fix versions (so we - * allow 1.0.1 to work with 1.0.0). Going backwards is only allowed - * within a patch series. - */ - u_long version_mask = SSLeay() >= 0x1000000f ? ~0xffff0L : ~0xff0L; - if (((SSLeay() ^ OPENSSL_VERSION_NUMBER) & version_mask) || - (SSLeay() >> 12) < (OPENSSL_VERSION_NUMBER >> 12)) - fatal("OpenSSL version mismatch. Built against %lx, you " - "have %lx", (u_long)OPENSSL_VERSION_NUMBER, SSLeay()); #ifndef OPENSSL_PRNG_ONLY if (RAND_status() == 1) { debian/patches/CVE-2016-6210-2.patch0000644000000000000000000000657312753071313013403 0ustar From 283b97ff33ea2c641161950849931bd578de6946 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 15 Jul 2016 13:49:44 +1000 Subject: Mitigate timing of disallowed users PAM logins. When sshd decides to not allow a login (eg PermitRootLogin=no) and it's using PAM, it sends a fake password to PAM so that the timing for the failure is not noticeably different whether or not the password is correct. This behaviour can be detected by sending a very long password string which is slower to hash than the fake password. Mitigate by constructing an invalid password that is the same length as the one from the client and thus takes the same time to hash. Diff from djm@ --- auth-pam.c | 35 +++++++++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 4 deletions(-) Index: openssh-6.6p1/auth-pam.c =================================================================== --- openssh-6.6p1.orig/auth-pam.c 2016-08-11 08:42:49.741778966 -0400 +++ openssh-6.6p1/auth-pam.c 2016-08-11 08:42:49.737778935 -0400 @@ -231,7 +231,6 @@ static char **sshpam_env = NULL; static Authctxt *sshpam_authctxt = NULL; static const char *sshpam_password = NULL; -static char badpw[] = "\b\n\r\177INCORRECT"; /* Some PAM implementations don't implement this */ #ifndef HAVE_PAM_GETENVLIST @@ -809,12 +808,35 @@ return (-1); } +/* + * Returns a junk password of identical length to that the user supplied. + * Used to mitigate timing attacks against crypt(3)/PAM stacks that + * vary processing time in proportion to password length. + */ +static char * +fake_password(const char *wire_password) +{ + const char junk[] = "\b\n\r\177INCORRECT"; + char *ret = NULL; + size_t i, l = wire_password != NULL ? strlen(wire_password) : 0; + + if (l >= INT_MAX) + fatal("%s: password length too long: %zu", __func__, l); + + ret = malloc(l + 1); + for (i = 0; i < l; i++) + ret[i] = junk[i % (sizeof(junk) - 1)]; + ret[i] = '\0'; + return ret; +} + /* XXX - see also comment in auth-chall.c:verify_response */ static int sshpam_respond(void *ctx, u_int num, char **resp) { Buffer buffer; struct pam_ctxt *ctxt = ctx; + char *fake; debug2("PAM: %s entering, %u responses", __func__, num); switch (ctxt->pam_done) { @@ -835,8 +857,11 @@ (sshpam_authctxt->pw->pw_uid != 0 || options.permit_root_login == PERMIT_YES)) buffer_put_cstring(&buffer, *resp); - else - buffer_put_cstring(&buffer, badpw); + else { + fake = fake_password(*resp); + buffer_put_cstring(&buffer, fake); + free(fake); + } if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) { buffer_free(&buffer); return (-1); @@ -1180,6 +1205,7 @@ { int flags = (options.permit_empty_passwd == 0 ? PAM_DISALLOW_NULL_AUTHTOK : 0); + char *fake = NULL; if (!options.use_pam || sshpam_handle == NULL) fatal("PAM: %s called when PAM disabled or failed to " @@ -1195,7 +1221,7 @@ */ if (!authctxt->valid || (authctxt->pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)) - sshpam_password = badpw; + sshpam_password = fake = fake_password(password); sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, (const void *)&passwd_conv); @@ -1205,6 +1231,7 @@ sshpam_err = pam_authenticate(sshpam_handle, flags); sshpam_password = NULL; + free(fake); if (sshpam_err == PAM_SUCCESS && authctxt->valid) { debug("PAM: password authentication accepted for %.100s", authctxt->user); debian/patches/doc-upstart.patch0000644000000000000000000000140212330654315014102 0ustar From 111de26347496af3f6ed04849fd29bc4bf1c2cea Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:12 +0000 Subject: Refer to ssh's Upstart job as well as its init script Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: doc-upstart.patch --- sshd.8 | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/sshd.8 b/sshd.8 index b016e90..cba168a 100644 --- a/sshd.8 +++ b/sshd.8 @@ -70,7 +70,10 @@ over an insecure network. .Nm listens for connections from clients. It is normally started at boot from -.Pa /etc/init.d/ssh . +.Pa /etc/init.d/ssh +(or +.Pa /etc/init/ssh.conf +on systems using the Upstart init daemon). It forks a new daemon for each incoming connection. The forked daemons handle debian/patches/package-versioning.patch0000644000000000000000000000431112330654315015413 0ustar From 6de70b95f5005447ae23532d4f3ee41a9338479f Mon Sep 17 00:00:00 2001 From: Matthew Vernon Date: Sun, 9 Feb 2014 16:10:05 +0000 Subject: Include the Debian version in our identification This makes it easier to audit networks for versions patched against security vulnerabilities. It has little detrimental effect, as attackers will generally just try attacks rather than bothering to scan for vulnerable-looking version strings. (However, see debian-banner.patch.) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: package-versioning.patch --- sshconnect.c | 4 ++-- sshd.c | 2 +- version.h | 7 ++++++- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/sshconnect.c b/sshconnect.c index e0a5db9..87c3770 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -520,10 +520,10 @@ send_client_banner(int connection_out, int minor1) /* Send our own protocol version identification. */ if (compat20) { xasprintf(&client_version_string, "SSH-%d.%d-%.100s\r\n", - PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_VERSION); + PROTOCOL_MAJOR_2, PROTOCOL_MINOR_2, SSH_RELEASE); } else { xasprintf(&client_version_string, "SSH-%d.%d-%.100s\n", - PROTOCOL_MAJOR_1, minor1, SSH_VERSION); + PROTOCOL_MAJOR_1, minor1, SSH_RELEASE); } if (roaming_atomicio(vwrite, connection_out, client_version_string, strlen(client_version_string)) != strlen(client_version_string)) diff --git a/sshd.c b/sshd.c index e343d90..af9b8f1 100644 --- a/sshd.c +++ b/sshd.c @@ -440,7 +440,7 @@ sshd_exchange_identification(int sock_in, int sock_out) } xasprintf(&server_version_string, "SSH-%d.%d-%.100s%s%s%s", - major, minor, SSH_VERSION, + major, minor, SSH_RELEASE, *options.version_addendum == '\0' ? "" : " ", options.version_addendum, newline); diff --git a/version.h b/version.h index a1579ac..a97c337 100644 --- a/version.h +++ b/version.h @@ -3,4 +3,9 @@ #define SSH_VERSION "OpenSSH_6.6" #define SSH_PORTABLE "p1" -#define SSH_RELEASE SSH_VERSION SSH_PORTABLE +#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE +#ifdef SSH_EXTRAVERSION +#define SSH_RELEASE SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION +#else +#define SSH_RELEASE SSH_RELEASE_MINIMUM +#endif debian/patches/CVE-2019-6111-2.patch0000644000000000000000000002060413437217611013400 0ustar From 3d896c157c722bc47adca51a58dca859225b5874 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sun, 10 Feb 2019 11:15:52 +0000 Subject: [PATCH] upstream: when checking that filenames sent by the server side match what the client requested, be prepared to handle shell-style brace alternations, e.g. "{foo,bar}". "looks good to me" millert@ + in snaps for the last week courtesy deraadt@ OpenBSD-Commit-ID: 3b1ce7639b0b25b2248e3a30f561a548f6815f3e --- scp.c | 282 +++++++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 270 insertions(+), 12 deletions(-) Index: openssh-6.6p1/scp.c =================================================================== --- openssh-6.6p1.orig/scp.c 2019-03-04 07:52:23.369076689 -0500 +++ openssh-6.6p1/scp.c 2019-03-04 07:52:23.369076689 -0500 @@ -583,6 +583,253 @@ do_times(int fd, int verb, const struct return (response()); } +/* Appends a string to an array; returns 0 on success, -1 on alloc failure */ +static int +append(char *cp, char ***ap, size_t *np) +{ + char **tmp; + + if ((tmp = reallocarray(*ap, *np + 1, sizeof(*tmp))) == NULL) + return -1; + tmp[(*np)] = cp; + (*np)++; + *ap = tmp; + return 0; +} + +/* + * Finds the start and end of the first brace pair in the pattern. + * returns 0 on success or -1 for invalid patterns. + */ +static int +find_brace(const char *pattern, int *startp, int *endp) +{ + int i; + int in_bracket, brace_level; + + *startp = *endp = -1; + in_bracket = brace_level = 0; + for (i = 0; i < INT_MAX && *endp < 0 && pattern[i] != '\0'; i++) { + switch (pattern[i]) { + case '\\': + /* skip next character */ + if (pattern[i + 1] != '\0') + i++; + break; + case '[': + in_bracket = 1; + break; + case ']': + in_bracket = 0; + break; + case '{': + if (in_bracket) + break; + if (pattern[i + 1] == '}') { + /* Protect a single {}, for find(1), like csh */ + i++; /* skip */ + break; + } + if (*startp == -1) + *startp = i; + brace_level++; + break; + case '}': + if (in_bracket) + break; + if (*startp < 0) { + /* Unbalanced brace */ + return -1; + } + if (--brace_level <= 0) + *endp = i; + break; + } + } + /* unbalanced brackets/braces */ + if (*endp < 0 && (*startp >= 0 || in_bracket)) + return -1; + return 0; +} + +/* + * Assembles and records a successfully-expanded pattern, returns -1 on + * alloc failure. + */ +static int +emit_expansion(const char *pattern, int brace_start, int brace_end, + int sel_start, int sel_end, char ***patternsp, size_t *npatternsp) +{ + char *cp; + int o = 0, tail_len = strlen(pattern + brace_end + 1); + + if ((cp = malloc(brace_start + (sel_end - sel_start) + + tail_len + 1)) == NULL) + return -1; + + /* Pattern before initial brace */ + if (brace_start > 0) { + memcpy(cp, pattern, brace_start); + o = brace_start; + } + /* Current braced selection */ + if (sel_end - sel_start > 0) { + memcpy(cp + o, pattern + sel_start, + sel_end - sel_start); + o += sel_end - sel_start; + } + /* Remainder of pattern after closing brace */ + if (tail_len > 0) { + memcpy(cp + o, pattern + brace_end + 1, tail_len); + o += tail_len; + } + cp[o] = '\0'; + if (append(cp, patternsp, npatternsp) != 0) { + free(cp); + return -1; + } + return 0; +} + +/* + * Expand the first encountered brace in pattern, appending the expanded + * patterns it yielded to the *patternsp array. + * + * Returns 0 on success or -1 on allocation failure. + * + * Signals whether expansion was performed via *expanded and whether + * pattern was invalid via *invalid. + */ +static int +brace_expand_one(const char *pattern, char ***patternsp, size_t *npatternsp, + int *expanded, int *invalid) +{ + int i; + int in_bracket, brace_start, brace_end, brace_level; + int sel_start, sel_end; + + *invalid = *expanded = 0; + + if (find_brace(pattern, &brace_start, &brace_end) != 0) { + *invalid = 1; + return 0; + } else if (brace_start == -1) + return 0; + + in_bracket = brace_level = 0; + for (i = sel_start = brace_start + 1; i < brace_end; i++) { + switch (pattern[i]) { + case '{': + if (in_bracket) + break; + brace_level++; + break; + case '}': + if (in_bracket) + break; + brace_level--; + break; + case '[': + in_bracket = 1; + break; + case ']': + in_bracket = 0; + break; + case '\\': + if (i < brace_end - 1) + i++; /* skip */ + break; + } + if (pattern[i] == ',' || i == brace_end - 1) { + if (in_bracket || brace_level > 0) + continue; + /* End of a selection, emit an expanded pattern */ + + /* Adjust end index for last selection */ + sel_end = (i == brace_end - 1) ? brace_end : i; + if (emit_expansion(pattern, brace_start, brace_end, + sel_start, sel_end, patternsp, npatternsp) != 0) + return -1; + /* move on to the next selection */ + sel_start = i + 1; + continue; + } + } + if (in_bracket || brace_level > 0) { + *invalid = 1; + return 0; + } + /* success */ + *expanded = 1; + return 0; +} + +/* Expand braces from pattern. Returns 0 on success, -1 on failure */ +static int +brace_expand(const char *pattern, char ***patternsp, size_t *npatternsp) +{ + char *cp, *cp2, **active = NULL, **done = NULL; + size_t i, nactive = 0, ndone = 0; + int ret = -1, invalid = 0, expanded = 0; + + *patternsp = NULL; + *npatternsp = 0; + + /* Start the worklist with the original pattern */ + if ((cp = strdup(pattern)) == NULL) + return -1; + if (append(cp, &active, &nactive) != 0) { + free(cp); + return -1; + } + while (nactive > 0) { + cp = active[nactive - 1]; + nactive--; + if (brace_expand_one(cp, &active, &nactive, + &expanded, &invalid) == -1) { + free(cp); + goto fail; + } + if (invalid) + fatal("%s: invalid brace pattern \"%s\"", __func__, cp); + if (expanded) { + /* + * Current entry expanded to new entries on the + * active list; discard the progenitor pattern. + */ + free(cp); + continue; + } + /* + * Pattern did not expand; append the finename component to + * the completed list + */ + if ((cp2 = strrchr(cp, '/')) != NULL) + *cp2++ = '\0'; + else + cp2 = cp; + if (append(xstrdup(cp2), &done, &ndone) != 0) { + free(cp); + goto fail; + } + free(cp); + } + /* success */ + *patternsp = done; + *npatternsp = ndone; + done = NULL; + ndone = 0; + ret = 0; + fail: + for (i = 0; i < nactive; i++) + free(active[i]); + free(active); + for (i = 0; i < ndone; i++) + free(done[i]); + free(done); + return ret; +} + void toremote(char *targ, int argc, char **argv) { @@ -930,7 +1177,8 @@ sink(int argc, char **argv, const char * unsigned long long ull; int setimes, targisdir, wrerrno = 0; char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; - char *src_copy = NULL, *restrict_pattern = NULL; + char **patterns = NULL; + size_t n, npatterns = 0; struct timeval tv[2]; #define atime tv[0] @@ -957,16 +1205,13 @@ sink(int argc, char **argv, const char * * Prepare to try to restrict incoming filenames to match * the requested destination file glob. */ - if ((src_copy = strdup(src)) == NULL) - fatal("strdup failed"); - if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) { - *restrict_pattern++ = '\0'; - } + if (brace_expand(src, &patterns, &npatterns) != 0) + fatal("%s: could not expand pattern", __func__); } for (first = 1;; first = 0) { cp = buf; if (atomicio(read, remin, cp, 1) != 1) - return; + goto done; if (*cp++ == '\n') SCREWUP("unexpected "); do { @@ -989,7 +1234,7 @@ sink(int argc, char **argv, const char * } if (buf[0] == 'E') { (void) atomicio(vwrite, remout, "", 1); - return; + goto done; } if (ch == '\n') *--cp = 0; @@ -1059,9 +1304,14 @@ sink(int argc, char **argv, const char * run_err("error: unexpected filename: %s", cp); exit(1); } - if (restrict_pattern != NULL && - fnmatch(restrict_pattern, cp, 0) != 0) - SCREWUP("filename does not match request"); + if (npatterns > 0) { + for (n = 0; n < npatterns; n++) { + if (fnmatch(patterns[n], cp, 0) == 0) + break; + } + if (n >= npatterns) + SCREWUP("filename does not match request"); + } if (targisdir) { static char *namebuf; static size_t cursize; @@ -1220,7 +1470,15 @@ bad: run_err("%s: %s", np, strerror(er break; } } +done: + for (n = 0; n < npatterns; n++) + free(patterns[n]); + free(patterns); + return; screwup: + for (n = 0; n < npatterns; n++) + free(patterns[n]); + free(patterns); run_err("protocol error: %s", why); exit(1); } debian/patches/CVE-2016-10012-1-2.patch0000644000000000000000000003013613227154110013576 0ustar Description: fix local privilege escalation via incorrect bounds check in shared memory manager Origin: based on patch backport from https://bugzilla.redhat.com/show_bug.cgi?id=1406293 Index: openssh-6.6p1/kex.c =================================================================== --- openssh-6.6p1.orig/kex.c 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/kex.c 2018-01-15 11:23:57.338382495 -0500 @@ -406,8 +406,6 @@ choose_comp(Comp *comp, char *client, ch fatal("no matching comp found: client %s server %s", client, server); if (strcmp(name, "zlib@openssh.com") == 0) { comp->type = COMP_DELAYED; - } else if (strcmp(name, "zlib") == 0) { - comp->type = COMP_ZLIB; } else if (strcmp(name, "none") == 0) { comp->type = COMP_NONE; } else { Index: openssh-6.6p1/kex.h =================================================================== --- openssh-6.6p1.orig/kex.h 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/kex.h 2018-01-15 11:23:02.818319604 -0500 @@ -46,8 +46,7 @@ #define KEX_CURVE25519_SHA256 "curve25519-sha256@libssh.org" #define COMP_NONE 0 -#define COMP_ZLIB 1 -#define COMP_DELAYED 2 +#define COMP_DELAYED 1 enum kex_init_proposals { PROPOSAL_KEX_ALGS, Index: openssh-6.6p1/Makefile.in =================================================================== --- openssh-6.6p1.orig/Makefile.in 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/Makefile.in 2018-01-15 11:24:10.166397300 -0500 @@ -90,7 +90,7 @@ SSHDOBJS=sshd.o auth-rhosts.o auth-passw auth-chall.o auth2-chall.o groupaccess.o \ auth-skey.o auth-bsdauth.o auth2-hostbased.o auth2-kbdint.o \ auth2-none.o auth2-passwd.o auth2-pubkey.o \ - monitor_mm.o monitor.o monitor_wrap.o kexdhs.o kexgexs.o kexecdhs.o \ + monitor.o monitor_wrap.o kexdhs.o kexgexs.o kexecdhs.o \ kexc25519s.o auth-krb5.o \ auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o \ loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ Index: openssh-6.6p1/monitor.c =================================================================== --- openssh-6.6p1.orig/monitor.c 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/monitor.c 2018-01-15 11:24:46.750439541 -0500 @@ -86,7 +86,6 @@ #include "log.h" #include "servconf.h" #include "monitor.h" -#include "monitor_mm.h" #ifdef GSSAPI #include "ssh-gss.h" #endif @@ -119,8 +118,6 @@ extern Buffer loginmsg; /* State exported from the child */ struct { - z_stream incoming; - z_stream outgoing; u_char *keyin; u_int keyinlen; u_char *keyout; @@ -513,15 +510,6 @@ monitor_child_postauth(struct monitor *p monitor_read(pmonitor, mon_dispatch, NULL); } -void -monitor_sync(struct monitor *pmonitor) -{ - if (options.compression) { - /* The member allocation is not visible, so sync it */ - mm_share_sync(&pmonitor->m_zlib, &pmonitor->m_zback); - } -} - static int monitor_read_log(struct monitor *pmonitor) { @@ -1842,15 +1830,6 @@ monitor_apply_keystate(struct monitor *p free(child_state.ivin); } - memcpy(&incoming_stream, &child_state.incoming, - sizeof(incoming_stream)); - memcpy(&outgoing_stream, &child_state.outgoing, - sizeof(outgoing_stream)); - - /* Update with new address */ - if (options.compression) - mm_init_compression(pmonitor->m_zlib); - if (options.rekey_limit || options.rekey_interval) packet_set_rekey_limits((u_int32_t)options.rekey_limit, (time_t)options.rekey_interval); @@ -1929,8 +1908,8 @@ void mm_get_keystate(struct monitor *pmonitor) { Buffer m; - u_char *blob, *p; - u_int bloblen, plen; + u_char *blob; + u_int bloblen; u_int32_t seqnr, packets; u_int64_t blocks, bytes; @@ -1978,20 +1957,6 @@ mm_get_keystate(struct monitor *pmonitor child_state.keyout = buffer_get_string(&m, &child_state.keyoutlen); child_state.keyin = buffer_get_string(&m, &child_state.keyinlen); - debug3("%s: Getting compression state", __func__); - /* Get compression state */ - p = buffer_get_string(&m, &plen); - if (plen != sizeof(child_state.outgoing)) - fatal("%s: bad request size", __func__); - memcpy(&child_state.outgoing, p, sizeof(child_state.outgoing)); - free(p); - - p = buffer_get_string(&m, &plen); - if (plen != sizeof(child_state.incoming)) - fatal("%s: bad request size", __func__); - memcpy(&child_state.incoming, p, sizeof(child_state.incoming)); - free(p); - /* Network I/O buffers */ debug3("%s: Getting Network I/O buffers", __func__); child_state.input = buffer_get_string(&m, &child_state.ilen); @@ -2007,39 +1972,6 @@ mm_get_keystate(struct monitor *pmonitor } -/* Allocation functions for zlib */ -void * -mm_zalloc(struct mm_master *mm, u_int ncount, u_int size) -{ - size_t len = (size_t) size * ncount; - void *address; - - if (len == 0 || ncount > SIZE_T_MAX / size) - fatal("%s: mm_zalloc(%u, %u)", __func__, ncount, size); - - address = mm_malloc(mm, len); - - return (address); -} - -void -mm_zfree(struct mm_master *mm, void *address) -{ - mm_free(mm, address); -} - -void -mm_init_compression(struct mm_master *mm) -{ - outgoing_stream.zalloc = (alloc_func)mm_zalloc; - outgoing_stream.zfree = (free_func)mm_zfree; - outgoing_stream.opaque = mm; - - incoming_stream.zalloc = (alloc_func)mm_zalloc; - incoming_stream.zfree = (free_func)mm_zfree; - incoming_stream.opaque = mm; -} - /* XXX */ #define FD_CLOSEONEXEC(x) do { \ @@ -2081,15 +2013,6 @@ monitor_init(void) monitor_openfds(mon, 1); - /* Used to share zlib space across processes */ - if (options.compression) { - mon->m_zback = mm_create(NULL, MM_MEMSIZE); - mon->m_zlib = mm_create(mon->m_zback, 20 * MM_MEMSIZE); - - /* Compression needs to share state across borders */ - mm_init_compression(mon->m_zlib); - } - return mon; } Index: openssh-6.6p1/monitor.h =================================================================== --- openssh-6.6p1.orig/monitor.h 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/monitor.h 2018-01-15 11:25:10.346466798 -0500 @@ -74,21 +74,17 @@ enum monitor_reqtype { }; -struct mm_master; struct monitor { int m_recvfd; int m_sendfd; int m_log_recvfd; int m_log_sendfd; - struct mm_master *m_zback; - struct mm_master *m_zlib; struct Kex **m_pkex; pid_t m_pid; }; struct monitor *monitor_init(void); void monitor_reinit(struct monitor *); -void monitor_sync(struct monitor *); struct Authctxt; void monitor_child_preauth(struct Authctxt *, struct monitor *); Index: openssh-6.6p1/monitor_wrap.c =================================================================== --- openssh-6.6p1.orig/monitor_wrap.c 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/monitor_wrap.c 2018-01-15 11:23:02.818319604 -0500 @@ -145,7 +145,6 @@ mm_request_receive(int sock, Buffer *m) u_int msg_len; debug3("%s entering", __func__); - if (atomicio(read, sock, buf, sizeof(buf)) != sizeof(buf)) { if (errno == EPIPE) cleanup_exit(255); @@ -530,7 +529,6 @@ mm_newkeys_from_blob(u_char *blob, int b /* Comp structure */ comp->type = buffer_get_int(&b); - comp->enabled = buffer_get_int(&b); comp->name = buffer_get_string(&b, NULL); len = buffer_len(&b); @@ -580,7 +578,6 @@ mm_newkeys_to_blob(int mode, u_char **bl /* Comp structure */ buffer_put_int(&b, comp->type); - buffer_put_int(&b, comp->enabled); buffer_put_cstring(&b, comp->name); len = buffer_len(&b); @@ -692,11 +689,6 @@ mm_send_keystate(struct monitor *monitor buffer_put_string(&m, p, plen); free(p); - /* Compression state */ - debug3("%s: Sending compression state", __func__); - buffer_put_string(&m, &outgoing_stream, sizeof(outgoing_stream)); - buffer_put_string(&m, &incoming_stream, sizeof(incoming_stream)); - /* Network I/O buffers */ input = (Buffer *)packet_get_input(); output = (Buffer *)packet_get_output(); Index: openssh-6.6p1/monitor_wrap.h =================================================================== --- openssh-6.6p1.orig/monitor_wrap.h 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/monitor_wrap.h 2018-01-15 11:25:24.274482891 -0500 @@ -105,12 +105,6 @@ int mm_bsdauth_respond(void *, u_int, ch int mm_skey_query(void *, char **, char **, u_int *, char ***, u_int **); int mm_skey_respond(void *, u_int, char **); -/* zlib allocation hooks */ - -void *mm_zalloc(struct mm_master *, u_int, u_int); -void mm_zfree(struct mm_master *, void *); -void mm_init_compression(struct mm_master *); - #ifdef USE_CONSOLEKIT char *mm_consolekit_register(struct Session *, const char *); #endif /* USE_CONSOLEKIT */ Index: openssh-6.6p1/myproposal.h =================================================================== --- openssh-6.6p1.orig/myproposal.h 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/myproposal.h 2018-01-15 11:25:45.894507878 -0500 @@ -130,7 +130,7 @@ "hmac-sha1-96," \ "hmac-md5-96" -#define KEX_DEFAULT_COMP "none,zlib@openssh.com,zlib" +#define KEX_DEFAULT_COMP "none,zlib@openssh.com" #define KEX_DEFAULT_LANG "" Index: openssh-6.6p1/packet.c =================================================================== --- openssh-6.6p1.orig/packet.c 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/packet.c 2018-01-15 11:23:02.818319604 -0500 @@ -790,8 +790,7 @@ set_newkeys(int mode) /* explicit_bzero(enc->iv, enc->block_size); explicit_bzero(enc->key, enc->key_len); explicit_bzero(mac->key, mac->key_len); */ - if ((comp->type == COMP_ZLIB || - (comp->type == COMP_DELAYED && + if (((comp->type == COMP_DELAYED && active_state->after_authentication)) && comp->enabled == 0) { packet_init_compression(); if (mode == MODE_OUT) @@ -799,6 +798,7 @@ set_newkeys(int mode) else buffer_compress_init_recv(); comp->enabled = 1; + } /* * The 2^(blocksize*2) limit is too expensive for 3DES, @@ -1989,6 +1989,7 @@ void packet_set_authenticated(void) { active_state->after_authentication = 1; + packet_enable_delayed_compress(); } void * Index: openssh-6.6p1/servconf.c =================================================================== --- openssh-6.6p1.orig/servconf.c 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/servconf.c 2018-01-15 11:23:02.818319604 -0500 @@ -821,8 +821,8 @@ static const struct multistate multistat { NULL, -1 } }; static const struct multistate multistate_compression[] = { + { "yes", COMP_DELAYED }, { "delayed", COMP_DELAYED }, - { "yes", COMP_ZLIB }, { "no", COMP_NONE }, { NULL, -1 } }; Index: openssh-6.6p1/sshd.c =================================================================== --- openssh-6.6p1.orig/sshd.c 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/sshd.c 2018-01-15 11:23:02.822319608 -0500 @@ -112,7 +112,6 @@ #include "dispatch.h" #include "channels.h" #include "session.h" -#include "monitor_mm.h" #include "monitor.h" #ifdef GSSAPI #include "ssh-gss.h" @@ -685,9 +684,6 @@ privsep_preauth(Authctxt *authctxt) ssh_sandbox_parent_preauth(box, pid); monitor_child_preauth(authctxt, pmonitor); - /* Sync memory */ - monitor_sync(pmonitor); - /* Wait for the child's exit status */ while (waitpid(pid, &status, 0) < 0) { if (errno == EINTR) @@ -2527,9 +2523,6 @@ do_ssh2_kex(void) if (options.compression == COMP_NONE) { myproposal[PROPOSAL_COMP_ALGS_CTOS] = myproposal[PROPOSAL_COMP_ALGS_STOC] = "none"; - } else if (options.compression == COMP_DELAYED) { - myproposal[PROPOSAL_COMP_ALGS_CTOS] = - myproposal[PROPOSAL_COMP_ALGS_STOC] = "none,zlib@openssh.com"; } if (options.kex_algorithms != NULL) myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; Index: openssh-6.6p1/sshd_config.5 =================================================================== --- openssh-6.6p1.orig/sshd_config.5 2018-01-15 11:23:02.822319608 -0500 +++ openssh-6.6p1/sshd_config.5 2018-01-15 11:26:29.346558118 -0500 @@ -428,15 +428,17 @@ The default is 0, indicating that these messages will not be sent to the client. This option applies to protocol version 2 only. .It Cm Compression -Specifies whether compression is allowed, or delayed until +Specifies whether compression is enabled after the user has authenticated successfully. The argument must be .Dq yes , -.Dq delayed , +.Dq delayed +(a legacy synonym for +.Dq yes ) or .Dq no . The default is -.Dq delayed . +.Dq yes . .It Cm DebianBanner Specifies whether the distribution-specified extra version suffix is included during initial protocol handshake. debian/patches/helpful-wait-terminate.patch0000644000000000000000000000166612330654315016240 0ustar From ef912859a4300360164292abe47b5516c8ee4a13 Mon Sep 17 00:00:00 2001 From: Matthew Vernon Date: Sun, 9 Feb 2014 16:09:56 +0000 Subject: Mention ~& when waiting for forwarded connections to terminate Bug-Debian: http://bugs.debian.org/50308 Last-Update: 2010-02-27 Patch-Name: helpful-wait-terminate.patch --- serverloop.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/serverloop.c b/serverloop.c index 2f8e3a0..441d73b 100644 --- a/serverloop.c +++ b/serverloop.c @@ -687,7 +687,7 @@ server_loop(pid_t pid, int fdin_arg, int fdout_arg, int fderr_arg) if (!channel_still_open()) break; if (!waiting_termination) { - const char *s = "Waiting for forwarded connections to terminate...\r\n"; + const char *s = "Waiting for forwarded connections to terminate... (press ~& to background)\r\n"; char *cp; waiting_termination = 1; buffer_append(&stderr_buffer, s, strlen(s)); debian/patches/gnome-ssh-askpass2-icon.patch0000644000000000000000000000145312330654315016216 0ustar From b7df8fdb32f3d33b70ff8733cb0c39417e367534 Mon Sep 17 00:00:00 2001 From: Vincent Untz Date: Sun, 9 Feb 2014 16:10:16 +0000 Subject: Give the ssh-askpass-gnome window a default icon Bug-Ubuntu: https://bugs.launchpad.net/bugs/27152 Last-Update: 2010-02-28 Patch-Name: gnome-ssh-askpass2-icon.patch --- contrib/gnome-ssh-askpass2.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/contrib/gnome-ssh-askpass2.c b/contrib/gnome-ssh-askpass2.c index 9d97c30..04b3a11 100644 --- a/contrib/gnome-ssh-askpass2.c +++ b/contrib/gnome-ssh-askpass2.c @@ -209,6 +209,8 @@ main(int argc, char **argv) gtk_init(&argc, &argv); + gtk_window_set_default_icon_from_file ("/usr/share/pixmaps/ssh-askpass-gnome.png", NULL); + if (argc > 1) { message = g_strjoinv(" ", argv + 1); } else { debian/patches/scp-quoting.patch0000644000000000000000000000211512330654315014110 0ustar From 8ab204ee192e655d5a8f4d599adb3d99eeabedc6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= Date: Sun, 9 Feb 2014 16:09:59 +0000 Subject: Adjust scp quoting in verbose mode Tweak scp's reporting of filenames in verbose mode to be a bit less confusing with spaces. This should be revised to mimic real shell quoting. Bug-Ubuntu: https://bugs.launchpad.net/bugs/89945 Last-Update: 2010-02-27 Patch-Name: scp-quoting.patch --- scp.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/scp.c b/scp.c index 18d3b1d..0669d02 100644 --- a/scp.c +++ b/scp.c @@ -189,8 +189,16 @@ do_local_cmd(arglist *a) if (verbose_mode) { fprintf(stderr, "Executing:"); - for (i = 0; i < a->num; i++) - fprintf(stderr, " %s", a->list[i]); + for (i = 0; i < a->num; i++) { + if (i == 0) + fprintf(stderr, " %s", a->list[i]); + else + /* + * TODO: misbehaves if a->list[i] contains a + * single quote + */ + fprintf(stderr, " '%s'", a->list[i]); + } fprintf(stderr, "\n"); } if ((pid = fork()) == -1) debian/patches/CVE-2017-15906.patch0000644000000000000000000000202013227153265013324 0ustar Backport of: From a6981567e8e215acc1ef690c8dbb30f2d9b00a19 Mon Sep 17 00:00:00 2001 From: djm Date: Tue, 4 Apr 2017 00:24:56 +0000 Subject: [PATCH] disallow creation (of empty files) in read-only mode; reported by Michal Zalewski, feedback & ok deraadt@ --- usr.bin/ssh/sftp-server.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) Index: openssh-6.6p1/sftp-server.c =================================================================== --- openssh-6.6p1.orig/sftp-server.c 2018-01-15 11:28:34.746703247 -0500 +++ openssh-6.6p1/sftp-server.c 2018-01-15 11:28:34.746703247 -0500 @@ -678,8 +678,8 @@ process_open(u_int32_t id) logit("open \"%s\" flags %s mode 0%o", name, string_from_portable(pflags), mode); if (readonly && - ((flags & O_ACCMODE) == O_WRONLY || - (flags & O_ACCMODE) == O_RDWR)) { + ((flags & O_ACCMODE) != O_RDONLY || + (flags & (O_CREAT|O_TRUNC)) != 0)) { verbose("Refusing open request in read-only mode"); status = SSH2_FX_PERMISSION_DENIED; } else { debian/patches/CVE-2016-6515.patch0000644000000000000000000000235112753071327013247 0ustar From fcd135c9df440bcd2d5870405ad3311743d78d97 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 21 Jul 2016 01:39:35 +0000 Subject: upstream commit Skip passwords longer than 1k in length so clients can't easily DoS sshd by sending very long passwords, causing it to spend CPU hashing them. feedback djm@, ok markus@. Brought to our attention by tomas.kuthan at oracle.com, shilei-c at 360.cn and coredump at autistici.org Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333 --- auth-passwd.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) Index: openssh-6.6p1/auth-passwd.c =================================================================== --- openssh-6.6p1.orig/auth-passwd.c 2016-08-11 08:43:01.749872947 -0400 +++ openssh-6.6p1/auth-passwd.c 2016-08-11 08:43:01.745872916 -0400 @@ -65,6 +65,8 @@ #define DAY (24L * 60 * 60) /* 1 day in seconds */ #define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */ +#define MAX_PASSWORD_LEN 1024 + void disable_forwarding(void) { @@ -86,6 +88,9 @@ static int expire_checked = 0; #endif + if (strlen(password) > MAX_PASSWORD_LEN) + return 0; + #ifndef HAVE_CYGWIN if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES) ok = 0; debian/patches/CVE-2019-6109-2.patch0000644000000000000000000000661513424617704013420 0ustar Backport of: From bdc6c63c80b55bcbaa66b5fde31c1cb1d09a41eb Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Thu, 24 Jan 2019 16:52:17 +0000 Subject: [PATCH] upstream: Have progressmeter force an update at the beginning and end of each transfer. Fixes the problem recently introduces where very quick transfers do not display the progressmeter at all. Spotted by naddy@ OpenBSD-Commit-ID: 68dc46c259e8fdd4f5db3ec2a130f8e4590a7a9a --- progressmeter.c | 13 +++++-------- progressmeter.h | 4 ++-- scp.c | 4 ++-- sftp-client.c | 4 ++-- 4 files changed, 11 insertions(+), 14 deletions(-) Index: openssh-6.6p1/progressmeter.c =================================================================== --- openssh-6.6p1.orig/progressmeter.c 2019-01-31 11:17:55.855434181 -0500 +++ openssh-6.6p1/progressmeter.c 2019-01-31 11:17:55.851434175 -0500 @@ -59,9 +59,6 @@ static void format_rate(char *, int, off static void sig_winch(int); static void setscreensize(void); -/* updates the progressmeter to reflect the current state of the transfer */ -void refresh_progress_meter(void); - /* signal handler for updating the progress meter */ static void sig_alarm(int); @@ -120,7 +117,7 @@ format_size(char *buf, int size, off_t b } void -refresh_progress_meter(void) +refresh_progress_meter(int force_update) { char buf[MAX_WINSIZE + 1]; time_t now; @@ -132,7 +129,7 @@ refresh_progress_meter(void) int hours, minutes, seconds; int file_len; - if ((!alarm_fired && !win_resized) || !can_output()) + if ((!force_update && !alarm_fired && !win_resized) || !can_output()) return; alarm_fired = 0; @@ -255,7 +252,7 @@ start_progress_meter(char *f, off_t file bytes_per_second = 0; setscreensize(); - refresh_progress_meter(); + refresh_progress_meter(1); signal(SIGALRM, sig_alarm); signal(SIGWINCH, sig_winch); @@ -272,7 +269,7 @@ stop_progress_meter(void) /* Ensure we complete the progress */ if (cur_pos != end_pos) - refresh_progress_meter(); + refresh_progress_meter(1); atomicio(vwrite, STDOUT_FILENO, "\n", 1); } Index: openssh-6.6p1/progressmeter.h =================================================================== --- openssh-6.6p1.orig/progressmeter.h 2019-01-31 11:17:55.855434181 -0500 +++ openssh-6.6p1/progressmeter.h 2019-01-31 11:18:07.575451909 -0500 @@ -24,5 +24,5 @@ */ void start_progress_meter(char *, off_t, off_t *); -void refresh_progress_meter(void); +void refresh_progress_meter(int); void stop_progress_meter(void); Index: openssh-6.6p1/scp.c =================================================================== --- openssh-6.6p1.orig/scp.c 2019-01-31 11:17:55.855434181 -0500 +++ openssh-6.6p1/scp.c 2019-01-31 11:17:55.851434175 -0500 @@ -559,7 +559,7 @@ scpio(void *_cnt, size_t s) off_t *cnt = (off_t *)_cnt; *cnt += s; - refresh_progress_meter(); + refresh_progress_meter(0); if (limit_kbps > 0) bandwidth_limit(&bwlimit, s); return 0; Index: openssh-6.6p1/sftp-client.c =================================================================== --- openssh-6.6p1.orig/sftp-client.c 2019-01-31 11:17:55.855434181 -0500 +++ openssh-6.6p1/sftp-client.c 2019-01-31 11:17:55.851434175 -0500 @@ -93,7 +93,7 @@ sftpio(void *_bwlimit, size_t amount) { struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; - refresh_progress_meter(); + refresh_progress_meter(0); if (bwlimit != NULL) bandwidth_limit(bwlimit, amount); return 0; debian/patches/CVE-2019-6111.patch0000644000000000000000000001253013424617307013242 0ustar Backport of: From 391ffc4b9d31fa1f4ad566499fef9176ff8a07dc Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Sat, 26 Jan 2019 22:41:28 +0000 Subject: [PATCH] upstream: check in scp client that filenames sent during remote->local directory copies satisfy the wildcard specified by the user. This checking provides some protection against a malicious server sending unexpected filenames, but it comes at a risk of rejecting wanted files due to differences between client and server wildcard expansion rules. For this reason, this also adds a new -T flag to disable the check. reported by Harry Sintonen fix approach suggested by markus@; has been in snaps for ~1wk courtesy deraadt@ OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda --- scp.1 | 16 +++++++++++++--- scp.c | 39 ++++++++++++++++++++++++++++++--------- 2 files changed, 43 insertions(+), 12 deletions(-) Index: openssh-6.6p1/scp.1 =================================================================== --- openssh-6.6p1.orig/scp.1 2019-01-31 11:13:39.379189754 -0500 +++ openssh-6.6p1/scp.1 2019-01-31 11:13:39.379189754 -0500 @@ -19,7 +19,7 @@ .Sh SYNOPSIS .Nm scp .Bk -words -.Op Fl 12346BCpqrv +.Op Fl 12346BCpqrTv .Op Fl c Ar cipher .Op Fl F Ar ssh_config .Op Fl i Ar identity_file @@ -212,6 +212,16 @@ to use for the encrypted connection. The program must understand .Xr ssh 1 options. +.It Fl T +Disable strict filename checking. +By default when copying files from a remote host to a local directory +.Nm +checks that the received filenames match those requested on the command-line +to prevent the remote end from sending unexpected or unwanted files. +Because of differences in how various operating systems and shells interpret +filename wildcards, these checks may cause wanted files to be rejected. +This option disables these checks at the expense of fully trusting that +the server will not send unexpected filenames. .It Fl v Verbose mode. Causes Index: openssh-6.6p1/scp.c =================================================================== --- openssh-6.6p1.orig/scp.c 2019-01-31 11:13:39.379189754 -0500 +++ openssh-6.6p1/scp.c 2019-01-31 11:13:54.615195238 -0500 @@ -95,6 +95,7 @@ #include #include #include +#include #include #include #include @@ -360,14 +361,14 @@ void verifydir(char *); struct passwd *pwd; uid_t userid; int errs, remin, remout; -int pflag, iamremote, iamrecursive, targetshouldbedirectory; +int Tflag, pflag, iamremote, iamrecursive, targetshouldbedirectory; #define CMDNEEDS 64 char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ int response(void); void rsource(char *, struct stat *); -void sink(int, char *[]); +void sink(int, char *[], const char *); void source(int, char *[]); void tolocal(int, char *[]); void toremote(char *, int, char *[]); @@ -402,8 +403,9 @@ main(int argc, char **argv) addargs(&args, "-oPermitLocalCommand=no"); addargs(&args, "-oClearAllForwardings=yes"); - fflag = tflag = 0; - while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1) + fflag = Tflag = tflag = 0; + while ((ch = getopt(argc, argv, + "dfl:prtTvBCc:i:P:q12346S:o:F:")) != -1) { switch (ch) { /* User-visible flags. */ case '1': @@ -479,9 +481,13 @@ main(int argc, char **argv) setmode(0, O_BINARY); #endif break; + case 'T': + Tflag = 1; + break; default: usage(); } + } argc -= optind; argv += optind; @@ -502,7 +508,7 @@ main(int argc, char **argv) } if (tflag) { /* Receive data. */ - sink(argc, argv); + sink(argc, argv, NULL); exit(errs != 0); } if (argc < 2) @@ -742,7 +748,7 @@ tolocal(int argc, char **argv) continue; } free(bp); - sink(1, argv + argc - 1); + sink(1, argv + argc - 1, src); (void) close(remin); remin = remout = -1; } @@ -907,7 +913,7 @@ rsource(char *name, struct stat *statp) } void -sink(int argc, char **argv) +sink(int argc, char **argv, const char *src) { static BUF buffer; struct stat stb; @@ -923,6 +929,7 @@ sink(int argc, char **argv) unsigned long long ull; int setimes, targisdir, wrerrno = 0; char ch, *cp, *np, *targ, *why, *vect[1], buf[2048]; + char *src_copy = NULL, *restrict_pattern = NULL; struct timeval tv[2]; #define atime tv[0] @@ -944,6 +951,17 @@ sink(int argc, char **argv) (void) atomicio(vwrite, remout, "", 1); if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) targisdir = 1; + if (src != NULL && !iamrecursive && !Tflag) { + /* + * Prepare to try to restrict incoming filenames to match + * the requested destination file glob. + */ + if ((src_copy = strdup(src)) == NULL) + fatal("strdup failed"); + if ((restrict_pattern = strrchr(src_copy, '/')) != NULL) { + *restrict_pattern++ = '\0'; + } + } for (first = 1;; first = 0) { cp = buf; if (atomicio(read, remin, cp, 1) != 1) @@ -1040,6 +1058,9 @@ sink(int argc, char **argv) run_err("error: unexpected filename: %s", cp); exit(1); } + if (restrict_pattern != NULL && + fnmatch(restrict_pattern, cp, 0) != 0) + SCREWUP("filename does not match request"); if (targisdir) { static char *namebuf; static size_t cursize; @@ -1077,7 +1098,7 @@ sink(int argc, char **argv) goto bad; } vect[0] = xstrdup(np); - sink(1, vect); + sink(1, vect, src); if (setimes) { setimes = 0; if (utimes(vect[0], tv) < 0) debian/patches/shell-path.patch0000644000000000000000000000247312330654315013707 0ustar From 6103c29d855e82c098e88ee12f05a6eb41f659ce Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:00 +0000 Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand There's some debate on the upstream bug about whether POSIX requires this. I (Colin Watson) agree with Vincent and think it does. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1494 Bug-Debian: http://bugs.debian.org/492728 Last-Update: 2013-09-14 Patch-Name: shell-path.patch --- sshconnect.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sshconnect.c b/sshconnect.c index 573d7a8..9e02837 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -227,7 +227,7 @@ ssh_proxy_connect(const char *host, u_short port, const char *proxy_command) /* Execute the proxy command. Note that we gave up any extra privileges above. */ signal(SIGPIPE, SIG_DFL); - execv(argv[0], argv); + execvp(argv[0], argv); perror(argv[0]); exit(1); } @@ -1387,7 +1387,7 @@ ssh_local_cmd(const char *args) if (pid == 0) { signal(SIGPIPE, SIG_DFL); debug3("Executing %s -c \"%s\"", shell, args); - execl(shell, shell, "-c", args, (char *)NULL); + execlp(shell, shell, "-c", args, (char *)NULL); error("Couldn't execute %s -c \"%s\": %s", shell, args, strerror(errno)); _exit(1); debian/patches/lintian-symlink-pickiness.patch0000644000000000000000000000233612330654315016754 0ustar From eb567100ef178f4395c95cc1f37b921e02c3dd5b Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:08 +0000 Subject: Fix picky lintian errors about slogin symlinks Apparently this breaks some SVR4 packaging systems, so upstream can't win either way and opted to keep the status quo. We need this patch anyway. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1728 Last-Update: 2013-09-14 Patch-Name: lintian-symlink-pickiness.patch --- Makefile.in | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile.in b/Makefile.in index feee0b2..7d192bb 100644 --- a/Makefile.in +++ b/Makefile.in @@ -293,9 +293,9 @@ install-files: $(INSTALL) -m 644 ssh-keysign.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-keysign.8 $(INSTALL) -m 644 ssh-pkcs11-helper.8.out $(DESTDIR)$(mandir)/$(mansubdir)8/ssh-pkcs11-helper.8 -rm -f $(DESTDIR)$(bindir)/slogin - ln -s ./ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin + ln -s ssh$(EXEEXT) $(DESTDIR)$(bindir)/slogin -rm -f $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 - ln -s ./ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 + ln -s ssh.1 $(DESTDIR)$(mandir)/$(mansubdir)1/slogin.1 install-sysconf: if [ ! -d $(DESTDIR)$(sysconfdir) ]; then \ debian/patches/CVE-2016-10708.patch0000644000000000000000000000303113366642222013321 0ustar Origin: debian, openssh_1:6.0p1-4+deb7u7 Reviewed-by: Santiago R.R. From 28652bca29046f62c7045e933e6b931de1d16737 Mon Sep 17 00:00:00 2001 From: "markus@openbsd.org" Date: Mon, 19 Sep 2016 19:02:19 +0000 Subject: upstream commit move inbound NEWKEYS handling to kex layer; otherwise early NEWKEYS causes NULL deref; found by Robert Swiecki/honggfuzz; fixed with & ok djm@ Upstream-ID: 9a68b882892e9f51dc7bfa9f5a423858af358b2f --- kex.c | 4 +++- packet.c | 6 ++---- 2 files changed, 5 insertions(+), 5 deletions(-) Index: openssh-6.6p1/kex.c =================================================================== --- openssh-6.6p1.orig/kex.c +++ openssh-6.6p1/kex.c @@ -250,6 +250,7 @@ kex_finish(Kex *kex) packet_read_expect(SSH2_MSG_NEWKEYS); packet_check_eom(); debug("SSH2_MSG_NEWKEYS received"); + set_newkeys(MODE_IN); kex->done = 1; buffer_clear(&kex->peer); Index: openssh-6.6p1/packet.c =================================================================== --- openssh-6.6p1.orig/packet.c +++ openssh-6.6p1/packet.c @@ -1434,9 +1434,7 @@ packet_read_poll2(u_int32_t *seqnr_p) type = buffer_get_char(&active_state->incoming_packet); if (type < SSH2_MSG_MIN || type >= SSH2_MSG_LOCAL_MIN) packet_disconnect("Invalid ssh2 packet type: %d", type); - if (type == SSH2_MSG_NEWKEYS) - set_newkeys(MODE_IN); - else if (type == SSH2_MSG_USERAUTH_SUCCESS && + if (type == SSH2_MSG_USERAUTH_SUCCESS && !active_state->server_side) packet_enable_delayed_compress(); #ifdef PACKET_DEBUG debian/patches/CVE-2016-6210-1.patch0000644000000000000000000000711012753071305013367 0ustar From 9286875a73b2de7736b5e50692739d314cd8d9dc Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 15 Jul 2016 13:32:45 +1000 Subject: Determine appropriate salt for invalid users. When sshd is processing a non-PAM login for a non-existent user it uses the string from the fakepw structure as the salt for crypt(3)ing the password supplied by the client. That string has a Blowfish prefix, so on systems that don't understand that crypt will fail fast due to an invalid salt, and even on those that do it may have significantly different timing from the hash methods used for real accounts (eg sha512). This allows user enumeration by, eg, sending large password strings. This was noted by EddieEzra.Harari at verint.com (CVE-2016-6210). To mitigate, use the same hash algorithm that root uses for hashing passwords for users that do not exist on the system. ok djm@ --- auth-passwd.c | 12 ++++++++---- openbsd-compat/xcrypt.c | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 42 insertions(+), 4 deletions(-) Index: openssh-6.6p1/auth-passwd.c =================================================================== --- openssh-6.6p1.orig/auth-passwd.c 2016-08-11 08:42:43.233727982 -0400 +++ openssh-6.6p1/auth-passwd.c 2016-08-11 08:42:43.233727982 -0400 @@ -192,7 +192,7 @@ sys_auth_passwd(Authctxt *authctxt, const char *password) { struct passwd *pw = authctxt->pw; - char *encrypted_password; + char *encrypted_password, *salt = NULL; /* Just use the supplied fake password if authctxt is invalid */ char *pw_password = authctxt->valid ? shadow_pw(pw) : pw->pw_passwd; @@ -201,9 +201,13 @@ if (strcmp(pw_password, "") == 0 && strcmp(password, "") == 0) return (1); - /* Encrypt the candidate password using the proper salt. */ - encrypted_password = xcrypt(password, - (pw_password[0] && pw_password[1]) ? pw_password : "xx"); + /* + * Encrypt the candidate password using the proper salt, or pass a + * NULL and let xcrypt pick one. + */ + if (authctxt->valid && pw_password[0] && pw_password[1]) + salt = pw_password; + encrypted_password = xcrypt(password, salt); /* * Authentication is accepted if the encrypted passwords Index: openssh-6.6p1/openbsd-compat/xcrypt.c =================================================================== --- openssh-6.6p1.orig/openbsd-compat/xcrypt.c 2016-08-11 08:42:43.233727982 -0400 +++ openssh-6.6p1/openbsd-compat/xcrypt.c 2016-08-11 08:42:43.233727982 -0400 @@ -25,6 +25,7 @@ #include "includes.h" #include +#include #include #include @@ -62,11 +63,44 @@ # define crypt DES_crypt # endif +/* + * Pick an appropriate password encryption type and salt for the running + * system. + */ +static const char * +pick_salt(void) +{ + struct passwd *pw; + char *passwd, *p; + size_t typelen; + static char salt[32]; + + if (salt[0] != '\0') + return salt; + strlcpy(salt, "xx", sizeof(salt)); + if ((pw = getpwuid(0)) == NULL) + return salt; + passwd = shadow_pw(pw); + if (passwd[0] != '$' || (p = strrchr(passwd + 1, '$')) == NULL) + return salt; /* no $, DES */ + typelen = p - passwd + 1; + strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); + explicit_bzero(passwd, strlen(passwd)); + return salt; +} + char * xcrypt(const char *password, const char *salt) { char *crypted; + /* + * If we don't have a salt we are encrypting a fake password for + * for timing purposes. Pick an appropriate salt. + */ + if (salt == NULL) + salt = pick_salt(); + # ifdef HAVE_MD5_PASSWORDS if (is_md5_salt(salt)) crypted = md5_crypt(password, salt); debian/patches/CVE-2019-6109-pre2.patch0000644000000000000000000001001013424621763014107 0ustar From ae9c0d4d5c581b3040d1f16b5c5f4b1cd1616743 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 3 Jun 2016 16:03:44 +1000 Subject: [PATCH] Update vis.h and vis.c from OpenBSD. This will be needed for the upcoming utf8 changes. --- openbsd-compat/vis.c | 60 +++++++++++++++++++++++++++++++++----------- openbsd-compat/vis.h | 5 +++- 2 files changed, 50 insertions(+), 15 deletions(-) Index: openssh-6.6p1/openbsd-compat/vis.c =================================================================== --- openssh-6.6p1.orig/openbsd-compat/vis.c 2019-01-31 11:35:35.954123032 -0500 +++ openssh-6.6p1/openbsd-compat/vis.c 2019-01-31 11:35:49.390164333 -0500 @@ -1,4 +1,4 @@ -/* $OpenBSD: vis.c,v 1.19 2005/09/01 17:15:49 millert Exp $ */ +/* $OpenBSD: vis.c,v 1.25 2015/09/13 11:32:51 guenther Exp $ */ /*- * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. @@ -33,13 +33,24 @@ #include "includes.h" #if !defined(HAVE_STRNVIS) || defined(BROKEN_STRNVIS) +/* + * We want these to override in the BROKEN_STRNVIS case. TO avoid future sync + * problems no-op out the weak symbol definition rather than remove it. + */ +#define DEF_WEAK(x) + +#include +#include #include +#include #include +#include #include "vis.h" #define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') -#define isvisible(c) \ +#define isvisible(c,flag) \ + (((c) == '\\' || (flag & VIS_ALL) == 0) && \ (((u_int)(c) <= UCHAR_MAX && isascii((u_char)(c)) && \ (((c) != '*' && (c) != '?' && (c) != '[' && (c) != '#') || \ (flag & VIS_GLOB) == 0) && isgraph((u_char)(c))) || \ @@ -48,7 +59,7 @@ ((flag & VIS_NL) == 0 && (c) == '\n') || \ ((flag & VIS_SAFE) && ((c) == '\b' || \ (c) == '\007' || (c) == '\r' || \ - isgraph((u_char)(c))))) + isgraph((u_char)(c)))))) /* * vis - visually encode characters @@ -56,10 +67,11 @@ char * vis(char *dst, int c, int flag, int nextc) { - if (isvisible(c)) { - *dst++ = c; - if (c == '\\' && (flag & VIS_NOSLASH) == 0) + if (isvisible(c, flag)) { + if ((c == '"' && (flag & VIS_DQ) != 0) || + (c == '\\' && (flag & VIS_NOSLASH) == 0)) *dst++ = '\\'; + *dst++ = c; *dst = '\0'; return (dst); } @@ -136,6 +148,7 @@ done: *dst = '\0'; return (dst); } +DEF_WEAK(vis); /* * strvis, strnvis, strvisx - visually encode characters from src into dst @@ -161,6 +174,7 @@ strvis(char *dst, const char *src, int f *dst = '\0'; return (dst - start); } +DEF_WEAK(strvis); int strnvis(char *dst, const char *src, size_t siz, int flag) @@ -171,19 +185,18 @@ strnvis(char *dst, const char *src, size i = 0; for (start = dst, end = start + siz - 1; (c = *src) && dst < end; ) { - if (isvisible(c)) { - i = 1; - *dst++ = c; - if (c == '\\' && (flag & VIS_NOSLASH) == 0) { + if (isvisible(c, flag)) { + if ((c == '"' && (flag & VIS_DQ) != 0) || + (c == '\\' && (flag & VIS_NOSLASH) == 0)) { /* need space for the extra '\\' */ - if (dst < end) - *dst++ = '\\'; - else { - dst--; + if (dst + 1 >= end) { i = 2; break; } + *dst++ = '\\'; } + i = 1; + *dst++ = c; src++; } else { i = vis(tbuf, c, flag, *++src) - tbuf; Index: openssh-6.6p1/openbsd-compat/vis.h =================================================================== --- openssh-6.6p1.orig/openbsd-compat/vis.h 2019-01-31 11:35:35.954123032 -0500 +++ openssh-6.6p1/openbsd-compat/vis.h 2019-01-31 11:35:57.022187828 -0500 @@ -1,4 +1,4 @@ -/* $OpenBSD: vis.h,v 1.11 2005/08/09 19:38:31 millert Exp $ */ +/* $OpenBSD: vis.h,v 1.15 2015/07/20 01:52:27 millert Exp $ */ /* $NetBSD: vis.h,v 1.4 1994/10/26 00:56:41 cgd Exp $ */ /*- @@ -58,6 +58,8 @@ #define VIS_NL 0x10 /* also encode newline */ #define VIS_WHITE (VIS_SP | VIS_TAB | VIS_NL) #define VIS_SAFE 0x20 /* only encode "unsafe" characters */ +#define VIS_DQ 0x200 /* backslash-escape double quotes */ +#define VIS_ALL 0x400 /* encode all characters */ /* * other debian/patches/CVE-2015-8325.patch0000644000000000000000000000174612712633547013261 0ustar From 85bdcd7c92fe7ff133bbc4e10a65c91810f88755 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 13 Apr 2016 10:39:57 +1000 Subject: ignore PAM environment vars when UseLogin=yes If PAM is configured to read user-specified environment variables and UseLogin=yes in sshd_config, then a hostile local user may attack /bin/login via LD_PRELOAD or similar environment variables set via PAM. CVE-2015-8325, found by Shayan Sadigh, via Colin Watson --- session.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: openssh-6.6p1/session.c =================================================================== --- openssh-6.6p1.orig/session.c 2016-05-05 08:07:01.457978021 -0400 +++ openssh-6.6p1/session.c 2016-05-05 08:07:01.445977887 -0400 @@ -1318,7 +1318,7 @@ * Pull in any environment variables that may have * been set by PAM. */ - if (options.use_pam) { + if (options.use_pam && !options.use_login) { char **p; p = fetch_pam_child_environment(); debian/patches/CVE-2016-077x.patch0000644000000000000000000000163412645470676013371 0ustar Description: fix information leak and overflow in roaming support Index: openssh-6.6p1/readconf.c =================================================================== --- openssh-6.6p1.orig/readconf.c 2016-01-13 10:48:12.409127875 -0500 +++ openssh-6.6p1/readconf.c 2016-01-13 10:48:12.409127875 -0500 @@ -1599,7 +1599,7 @@ options->tun_remote = -1; options->local_command = NULL; options->permit_local_command = -1; - options->use_roaming = -1; + options->use_roaming = 0; options->visual_host_key = -1; options->ip_qos_interactive = -1; options->ip_qos_bulk = -1; @@ -1777,8 +1777,7 @@ options->tun_remote = SSH_TUNID_ANY; if (options->permit_local_command == -1) options->permit_local_command = 0; - if (options->use_roaming == -1) - options->use_roaming = 1; + options->use_roaming = 0; if (options->visual_host_key == -1) options->visual_host_key = 0; if (options->ip_qos_interactive == -1) debian/patches/ssh1-keepalive.patch0000644000000000000000000000514312330654315014464 0ustar From 789d58ed3df120c7b80d07fb2d259c216194a29c Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:09:51 +0000 Subject: Partial server keep-alive implementation for SSH1 Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1712 Last-Update: 2013-09-14 Patch-Name: ssh1-keepalive.patch --- clientloop.c | 25 +++++++++++++++---------- ssh_config.5 | 5 ++++- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/clientloop.c b/clientloop.c index 6d8cd7d..73a800c 100644 --- a/clientloop.c +++ b/clientloop.c @@ -563,16 +563,21 @@ client_global_request_reply(int type, u_int32_t seq, void *ctxt) static void server_alive_check(void) { - if (packet_inc_alive_timeouts() > options.server_alive_count_max) { - logit("Timeout, server %s not responding.", host); - cleanup_exit(255); + if (compat20) { + if (packet_inc_alive_timeouts() > options.server_alive_count_max) { + logit("Timeout, server %s not responding.", host); + cleanup_exit(255); + } + packet_start(SSH2_MSG_GLOBAL_REQUEST); + packet_put_cstring("keepalive@openssh.com"); + packet_put_char(1); /* boolean: want reply */ + packet_send(); + /* Insert an empty placeholder to maintain ordering */ + client_register_global_confirm(NULL, NULL); + } else { + packet_send_ignore(0); + packet_send(); } - packet_start(SSH2_MSG_GLOBAL_REQUEST); - packet_put_cstring("keepalive@openssh.com"); - packet_put_char(1); /* boolean: want reply */ - packet_send(); - /* Insert an empty placeholder to maintain ordering */ - client_register_global_confirm(NULL, NULL); } /* @@ -634,7 +639,7 @@ client_wait_until_can_do_something(fd_set **readsetp, fd_set **writesetp, */ timeout_secs = INT_MAX; /* we use INT_MAX to mean no timeout */ - if (options.server_alive_interval > 0 && compat20) { + if (options.server_alive_interval > 0) { timeout_secs = options.server_alive_interval; server_alive_time = now + options.server_alive_interval; } diff --git a/ssh_config.5 b/ssh_config.5 index e7accd6..473971e 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -1294,7 +1294,10 @@ If, for example, .Cm ServerAliveCountMax is left at the default, if the server becomes unresponsive, ssh will disconnect after approximately 45 seconds. -This option applies to protocol version 2 only. +This option applies to protocol version 2 only; in protocol version +1 there is no mechanism to request a response from the server to the +server alive messages, so disconnection is the responsibility of the TCP +stack. .It Cm ServerAliveInterval Sets a timeout interval in seconds after which if no data has been received from the server, debian/patches/CVE-2016-10009.patch0000644000000000000000000001124013227155646013321 0ustar Backport of: From 786d5994da79151180cb14a6cf157ebbba61c0cc Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 30 Nov 2016 03:07:37 +0000 Subject: [PATCH] upstream commit add a whitelist of paths from which ssh-agent will load (via ssh-pkcs11-helper) a PKCS#11 module; ok markus@ Upstream-ID: fe79769469d9cd6d26fe0dc15751b83ef2a06e8f --- ssh-agent.1 | 17 +++++++++++++++-- ssh-agent.c | 43 +++++++++++++++++++++++++++++++++++-------- 2 files changed, 50 insertions(+), 10 deletions(-) Index: openssh-6.6p1/ssh-agent.1 =================================================================== --- openssh-6.6p1.orig/ssh-agent.1 2018-01-15 11:44:51.848008648 -0500 +++ openssh-6.6p1/ssh-agent.1 2018-01-15 11:44:51.848008648 -0500 @@ -46,6 +46,7 @@ .Op Fl d .Op Fl a Ar bind_address .Op Fl t Ar life +.Op Fl P Ar pkcs11_whitelist .Op Ar command Op Ar arg ... .Nm ssh-agent .Op Fl c | s @@ -88,6 +89,18 @@ will not fork. Kill the current agent (given by the .Ev SSH_AGENT_PID environment variable). +.It Fl P +Specify a pattern-list of acceptable paths for PKCS#11 shared libraries +that may be added using the +.Fl s +option to +.Xr ssh-add 1 . +The default is to allow loading PKCS#11 libraries from +.Dq /usr/lib/*,/usr/local/lib/* . +PKCS#11 libraries that do not match the whitelist will be refused. +See PATTERNS in +.Xr ssh_config 5 +for a description of pattern-list syntax. .It Fl s Generate Bourne shell commands on .Dv stdout . Index: openssh-6.6p1/ssh-agent.c =================================================================== --- openssh-6.6p1.orig/ssh-agent.c 2018-01-15 11:44:51.848008648 -0500 +++ openssh-6.6p1/ssh-agent.c 2018-01-15 11:49:34.708366701 -0500 @@ -75,6 +75,7 @@ #include "log.h" #include "misc.h" #include "digest.h" +#include "match.h" #ifdef ENABLE_PKCS11 #include "ssh-pkcs11.h" @@ -84,6 +85,10 @@ #include /* For prctl() and PR_SET_DUMPABLE */ #endif +#ifndef DEFAULT_PKCS11_WHITELIST +# define DEFAULT_PKCS11_WHITELIST "/usr/lib/*,/usr/local/lib/*" +#endif + typedef enum { AUTH_UNUSED, AUTH_SOCKET, @@ -128,6 +133,9 @@ time_t parent_alive_interval = 0; char socket_name[MAXPATHLEN]; char socket_dir[MAXPATHLEN]; +/* PKCS#11 path whitelist */ +static char *pkcs11_whitelist; + /* locking */ int locked = 0; char *lock_passwd = NULL; @@ -590,7 +598,7 @@ no_identities(SocketEntry *e, u_int type static void process_add_smartcard_key(SocketEntry *e) { - char *provider = NULL, *pin; + char *provider = NULL, *pin, canonical_provider[PATH_MAX]; int i, type, version, count = 0, success = 0, confirm = 0; time_t death = 0; Key **keys = NULL, *k; @@ -614,10 +622,21 @@ process_add_smartcard_key(SocketEntry *e goto send; } } + if (realpath(provider, canonical_provider) == NULL) { + verbose("failed PKCS#11 add of \"%.100s\": realpath: %s", + provider, strerror(errno)); + goto send; + } + if (match_pattern_list(canonical_provider, pkcs11_whitelist, strlen(pkcs11_whitelist), 0) != 1) { + verbose("refusing PKCS#11 add of \"%.100s\": " + "provider not whitelisted", canonical_provider); + goto send; + } + debug("%s: add %.100s", __func__, canonical_provider); if (lifetime && !death) death = monotime() + lifetime; - count = pkcs11_add_provider(provider, pin, &keys); + count = pkcs11_add_provider(canonical_provider, pin, &keys); for (i = 0; i < count; i++) { k = keys[i]; version = k->type == KEY_RSA1 ? 1 : 2; @@ -625,8 +644,8 @@ process_add_smartcard_key(SocketEntry *e if (lookup_identity(k, version) == NULL) { id = xcalloc(1, sizeof(Identity)); id->key = k; - id->provider = xstrdup(provider); - id->comment = xstrdup(provider); /* XXX */ + id->provider = xstrdup(canonical_provider); + id->comment = xstrdup(canonical_provider); /* XXX */ id->death = death; id->confirm = confirm; TAILQ_INSERT_TAIL(&tab->idlist, id, next); @@ -1050,7 +1069,7 @@ main(int ac, char **av) __progname = ssh_get_progname(av[0]); seed_rng(); - while ((ch = getopt(ac, av, "cdksa:t:")) != -1) { + while ((ch = getopt(ac, av, "cdksa:P:t:")) != -1) { switch (ch) { case 'c': if (s_flag) @@ -1060,6 +1079,11 @@ main(int ac, char **av) case 'k': k_flag++; break; + case 'P': + if (pkcs11_whitelist != NULL) + fatal("-P option already specified"); + pkcs11_whitelist = xstrdup(optarg); + break; case 's': if (c_flag) usage(); @@ -1089,6 +1113,9 @@ main(int ac, char **av) if (ac > 0 && (c_flag || k_flag || s_flag || d_flag)) usage(); + if (pkcs11_whitelist == NULL) + pkcs11_whitelist = xstrdup(DEFAULT_PKCS11_WHITELIST); + if (ac == 0 && !c_flag && !s_flag) { shell = getenv("SHELL"); if (shell != NULL && (len = strlen(shell)) > 2 && debian/patches/CVE-2019-6111-pre1.patch0000644000000000000000000000777213437222440014115 0ustar Description: add reallocarray Origin: backported from OpenSSH 7.2p2 Index: openssh-6.6p1/openbsd-compat/Makefile.in =================================================================== --- openssh-6.6p1.orig/openbsd-compat/Makefile.in 2014-02-03 19:37:50.000000000 -0500 +++ openssh-6.6p1/openbsd-compat/Makefile.in 2019-03-04 08:14:46.809685709 -0500 @@ -16,7 +16,7 @@ RANLIB=@RANLIB@ INSTALL=@INSTALL@ LDFLAGS=-L. @LDFLAGS@ -OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o +OPENBSD=base64.o basename.o bcrypt_pbkdf.o bindresvport.o blowfish.o daemon.o dirname.o fmt_scaled.o getcwd.o getgrouplist.o getopt_long.o getrrsetbyname.o glob.o inet_aton.o inet_ntoa.o inet_ntop.o mktemp.o pwcache.o readpassphrase.o reallocarray.o realpath.o rresvport.o setenv.o setproctitle.o sha2.o sigact.o strlcat.o strlcpy.o strmode.o strnlen.o strptime.o strsep.o strtonum.o strtoll.o strtoul.o strtoull.o timingsafe_bcmp.o vis.o blowfish.o bcrypt_pbkdf.o explicit_bzero.o COMPAT=arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o getrrsetbyname-ldns.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-poll.o bsd-setres_id.o bsd-snprintf.o bsd-statvfs.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o Index: openssh-6.6p1/openbsd-compat/openbsd-compat.h =================================================================== --- openssh-6.6p1.orig/openbsd-compat/openbsd-compat.h 2014-02-03 19:18:23.000000000 -0500 +++ openssh-6.6p1/openbsd-compat/openbsd-compat.h 2019-03-04 08:15:28.569771773 -0500 @@ -62,6 +62,10 @@ void closefrom(int); char *getcwd(char *pt, size_t size); #endif +#ifndef HAVE_REALLOCARRAY +void *reallocarray(void *, size_t, size_t); +#endif + #if !defined(HAVE_REALPATH) || defined(BROKEN_REALPATH) char *realpath(const char *path, char *resolved); #endif Index: openssh-6.6p1/openbsd-compat/reallocarray.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ openssh-6.6p1/openbsd-compat/reallocarray.c 2019-03-04 08:14:10.961610883 -0500 @@ -0,0 +1,46 @@ +/* $OpenBSD: reallocarray.c,v 1.2 2014/12/08 03:45:00 bcook Exp $ */ +/* + * Copyright (c) 2008 Otto Moerbeek + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +/* OPENBSD ORIGINAL: lib/libc/stdlib/reallocarray.c */ + +#include "includes.h" +#ifndef HAVE_REALLOCARRAY + +#include +#include +#ifdef HAVE_STDINT_H +#include +#endif +#include + +/* + * This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX + * if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW + */ +#define MUL_NO_OVERFLOW ((size_t)1 << (sizeof(size_t) * 4)) + +void * +reallocarray(void *optr, size_t nmemb, size_t size) +{ + if ((nmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) && + nmemb > 0 && SIZE_MAX / nmemb < size) { + errno = ENOMEM; + return NULL; + } + return realloc(optr, size * nmemb); +} +#endif /* HAVE_REALLOCARRAY */ debian/patches/debian-config.patch0000644000000000000000000001060712330654315014331 0ustar From df5c8d109fb3d9ec16a487107a44300ed3006849 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:18 +0000 Subject: Various Debian-specific configuration changes ssh: Enable ForwardX11Trusted, returning to earlier semantics which cause fewer problems with existing setups (http://bugs.debian.org/237021). ssh: Set 'SendEnv LANG LC_*' by default (http://bugs.debian.org/264024). ssh: Enable HashKnownHosts by default to try to limit the spread of ssh worms. ssh: Enable GSSAPIAuthentication and disable GSSAPIDelegateCredentials by default. sshd: Refer to /usr/share/doc/openssh-server/README.Debian.gz alongside PermitRootLogin default. Document all of this, along with several sshd defaults set in debian/openssh-server.postinst. Author: Russ Allbery Forwarded: not-needed Last-Update: 2014-02-12 Patch-Name: debian-config.patch --- readconf.c | 2 +- ssh_config | 7 ++++++- ssh_config.5 | 19 ++++++++++++++++++- sshd_config | 1 + sshd_config.5 | 25 +++++++++++++++++++++++++ 5 files changed, 51 insertions(+), 3 deletions(-) diff --git a/readconf.c b/readconf.c index 32c4b42..5429fc2 100644 --- a/readconf.c +++ b/readconf.c @@ -1640,7 +1640,7 @@ fill_default_options(Options * options) if (options->forward_x11 == -1) options->forward_x11 = 0; if (options->forward_x11_trusted == -1) - options->forward_x11_trusted = 0; + options->forward_x11_trusted = 1; if (options->forward_x11_timeout == -1) options->forward_x11_timeout = 1200; if (options->exit_on_forward_failure == -1) diff --git a/ssh_config b/ssh_config index 228e5ab..c9386aa 100644 --- a/ssh_config +++ b/ssh_config @@ -17,9 +17,10 @@ # list of available options, their meanings and defaults, please see the # ssh_config(5) man page. -# Host * +Host * # ForwardAgent no # ForwardX11 no +# ForwardX11Trusted yes # RhostsRSAAuthentication no # RSAAuthentication yes # PasswordAuthentication yes @@ -48,3 +49,7 @@ # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com # RekeyLimit 1G 1h + SendEnv LANG LC_* + HashKnownHosts yes + GSSAPIAuthentication yes + GSSAPIDelegateCredentials no diff --git a/ssh_config.5 b/ssh_config.5 index 1d500e9..22e6372 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -71,6 +71,22 @@ Since the first obtained value for each parameter is used, more host-specific declarations should be given near the beginning of the file, and general defaults at the end. .Pp +Note that the Debian +.Ic openssh-client +package sets several options as standard in +.Pa /etc/ssh/ssh_config +which are not the default in +.Xr ssh 1 : +.Pp +.Bl -bullet -offset indent -compact +.It +.Cm SendEnv No LANG LC_* +.It +.Cm HashKnownHosts No yes +.It +.Cm GSSAPIAuthentication No yes +.El +.Pp The configuration file has the following format: .Pp Empty lines and lines starting with @@ -654,7 +670,8 @@ token used for the session will be set to expire after 20 minutes. Remote clients will be refused access after this time. .Pp The default is -.Dq no . +.Dq yes +(Debian-specific). .Pp See the X11 SECURITY extension specification for full details on the restrictions imposed on untrusted clients. diff --git a/sshd_config b/sshd_config index d9b8594..4db32f5 100644 --- a/sshd_config +++ b/sshd_config @@ -41,6 +41,7 @@ # Authentication: #LoginGraceTime 2m +# See /usr/share/doc/openssh-server/README.Debian.gz. #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 diff --git a/sshd_config.5 b/sshd_config.5 index 908e0bb..90fd3f4 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -57,6 +57,31 @@ Arguments may optionally be enclosed in double quotes .Pq \&" in order to represent arguments containing spaces. .Pp +Note that the Debian +.Ic openssh-server +package sets several options as standard in +.Pa /etc/ssh/sshd_config +which are not the default in +.Xr sshd 8 . +The exact list depends on whether the package was installed fresh or +upgraded from various possible previous versions, but includes at least the +following: +.Pp +.Bl -bullet -offset indent -compact +.It +.Cm ChallengeResponseAuthentication No no +.It +.Cm X11Forwarding No yes +.It +.Cm PrintMotd No no +.It +.Cm AcceptEnv No LANG LC_* +.It +.Cm Subsystem No sftp /usr/lib/openssh/sftp-server +.It +.Cm UsePAM No yes +.El +.Pp The possible keywords and their meanings are as follows (note that keywords are case-insensitive and arguments are case-sensitive): debian/patches/doc-hash-tab-completion.patch0000644000000000000000000000173112330654315016243 0ustar From 1d108ef62050b4368e24e1efada16ec88c177fb8 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:11 +0000 Subject: Document that HashKnownHosts may break tab-completion Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1727 Bug-Debian: http://bugs.debian.org/430154 Last-Update: 2013-09-14 Patch-Name: doc-hash-tab-completion.patch --- ssh_config.5 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ssh_config.5 b/ssh_config.5 index 4bf7cbb..1d500e9 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -740,6 +740,9 @@ Note that existing names and addresses in known hosts files will not be converted automatically, but may be manually hashed using .Xr ssh-keygen 1 . +Use of this option may break facilities such as tab-completion that rely +on being able to read unhashed host names from +.Pa ~/.ssh/known_hosts . .It Cm HostbasedAuthentication Specifies whether to try rhosts based authentication with public key authentication. debian/patches/pam-security-2.patch0000644000000000000000000000205212563350555014427 0ustar From 5e75f5198769056089fb06c4d738ab0e5abc66f7 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 11 Aug 2015 13:34:12 +1000 Subject: [PATCH] set sshpam_ctxt to NULL after free Avoids use-after-free in monitor when privsep child is compromised. Reported by Moritz Jodeit; ok dtucker@ --- monitor.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) Index: openssh-6.6p1/monitor.c =================================================================== --- openssh-6.6p1.orig/monitor.c 2015-08-14 07:30:51.083855870 -0400 +++ openssh-6.6p1/monitor.c 2015-08-14 07:30:51.079855837 -0400 @@ -1168,14 +1168,16 @@ int mm_answer_pam_free_ctx(int sock, Buffer *m) { + int r = sshpam_authok != NULL && sshpam_authok == sshpam_ctxt; debug3("%s", __func__); (sshpam_device.free_ctx)(sshpam_ctxt); + sshpam_ctxt = sshpam_authok = NULL; buffer_clear(m); mm_request_send(sock, MONITOR_ANS_PAM_FREE_CTX, m); auth_method = "keyboard-interactive"; auth_submethod = "pam"; - return (sshpam_authok == sshpam_ctxt); + return r; } #endif debian/patches/CVE-2016-6210-3.patch0000644000000000000000000000334612753071316013402 0ustar From dbf788b4d9d9490a5fff08a7b09888272bb10fcc Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Thu, 21 Jul 2016 14:17:31 +1000 Subject: Search users for one with a valid salt. If the root account is locked (eg password "!!" or "*LK*") keep looking until we find a user with a valid salt to use for crypting passwords of invalid users. ok djm@ --- openbsd-compat/xcrypt.c | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/openbsd-compat/xcrypt.c b/openbsd-compat/xcrypt.c index 8913bb8..cf6a9b9 100644 --- a/openbsd-compat/xcrypt.c +++ b/openbsd-compat/xcrypt.c @@ -65,7 +65,9 @@ /* * Pick an appropriate password encryption type and salt for the running - * system. + * system by searching through accounts until we find one that has a valid + * salt. Usually this will be root unless the root account is locked out. + * If we don't find one we return a traditional DES-based salt. */ static const char * pick_salt(void) @@ -78,14 +80,18 @@ pick_salt(void) if (salt[0] != '\0') return salt; strlcpy(salt, "xx", sizeof(salt)); - if ((pw = getpwuid(0)) == NULL) - return salt; - passwd = shadow_pw(pw); - if (passwd[0] != '$' || (p = strrchr(passwd + 1, '$')) == NULL) - return salt; /* no $, DES */ - typelen = p - passwd + 1; - strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); - explicit_bzero(passwd, strlen(passwd)); + setpwent(); + while ((pw = getpwent()) != NULL) { + passwd = shadow_pw(pw); + if (passwd[0] == '$' && (p = strrchr(passwd+1, '$')) != NULL) { + typelen = p - passwd + 1; + strlcpy(salt, passwd, MIN(typelen, sizeof(salt))); + explicit_bzero(passwd, strlen(passwd)); + goto out; + } + } + out: + endpwent(); return salt; } -- cgit v0.12 debian/patches/quieter-signals.patch0000644000000000000000000000257012330654315014760 0ustar From 9875e47079abff55f8d2c1e958e9d50de6eae7ec Mon Sep 17 00:00:00 2001 From: Peter Samuelson Date: Sun, 9 Feb 2014 16:09:55 +0000 Subject: Reduce severity of "Killed by signal %d" This produces irritating messages when using ProxyCommand or other programs that use ssh under the covers (e.g. Subversion). These messages are more normally printed by the calling program, such as the shell. According to the upstream bug, the right way to avoid this is to use the -q option, so we may drop this patch after further investigation into whether any software in Debian is still relying on it. Author: Colin Watson Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1118 Bug-Debian: http://bugs.debian.org/313371 Last-Update: 2013-09-14 Patch-Name: quieter-signals.patch --- clientloop.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/clientloop.c b/clientloop.c index 73a800c..4bc5b57 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1717,8 +1717,10 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) exit_status = 0; } - if (received_signal) - fatal("Killed by signal %d.", (int) received_signal); + if (received_signal) { + debug("Killed by signal %d.", (int) received_signal); + cleanup_exit((int) received_signal + 128); + } /* * In interactive mode (with pseudo tty) display a message indicating debian/patches/CVE-2016-10009-3.patch0000644000000000000000000000152013230121741013440 0ustar From b108ce92aae0ca0376dce9513d953be60e449ae1 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 4 Jan 2017 02:21:43 +0000 Subject: [PATCH] upstream commit relax PKCS#11 whitelist a bit to allow libexec as well as lib directories. Upstream-ID: cf5617958e2e2d39f8285fd3bc63b557da484702 --- ssh-agent.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Index: openssh-6.6p1/ssh-agent.c =================================================================== --- openssh-6.6p1.orig/ssh-agent.c 2018-01-18 08:40:46.925367833 -0500 +++ openssh-6.6p1/ssh-agent.c 2018-01-18 08:40:46.921367825 -0500 @@ -86,7 +86,7 @@ #endif #ifndef DEFAULT_PKCS11_WHITELIST -# define DEFAULT_PKCS11_WHITELIST "/usr/lib/*,/usr/local/lib/*" +# define DEFAULT_PKCS11_WHITELIST "/usr/lib*/*,/usr/local/lib*/*" #endif typedef enum { debian/patches/CVE-2016-1908-2.patch0000644000000000000000000002274312712635617013421 0ustar Backport of: From ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 13 Jan 2016 23:04:47 +0000 Subject: upstream commit eliminate fallback from untrusted X11 forwarding to trusted forwarding when the X server disables the SECURITY extension; Reported by Thomas Hoger; ok deraadt@ Upstream-ID: f76195bd2064615a63ef9674a0e4096b0713f938 --- clientloop.c | 114 ++++++++++++++++++++++++++++++++++++----------------------- clientloop.h | 4 +-- mux.c | 22 ++++++------ ssh.c | 23 +++++------- 4 files changed, 93 insertions(+), 70 deletions(-) Index: openssh-6.6p1/clientloop.c =================================================================== --- openssh-6.6p1.orig/clientloop.c 2016-05-05 08:22:47.256807058 -0400 +++ openssh-6.6p1/clientloop.c 2016-05-05 08:24:41.022101628 -0400 @@ -291,6 +291,9 @@ { size_t i, dlen; + if (display == NULL) + return 0; + dlen = strlen(display); for (i = 0; i < dlen; i++) { if (!isalnum((u_char)display[i]) && @@ -304,34 +307,33 @@ #define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" #define X11_TIMEOUT_SLACK 60 -void +int client_x11_get_proto(const char *display, const char *xauth_path, u_int trusted, u_int timeout, char **_proto, char **_data) { - char cmd[1024]; - char line[512]; - char xdisplay[512]; + char cmd[1024], line[512], xdisplay[512]; + char xauthfile[MAXPATHLEN], xauthdir[MAXPATHLEN]; static char proto[512], data[512]; FILE *f; - int got_data = 0, generated = 0, do_unlink = 0, i; - char xauthdir[MAXPATHLEN] = "", xauthfile[MAXPATHLEN] = ""; + int got_data = 0, generated = 0, do_unlink = 0, i, r; struct stat st; u_int now, x11_timeout_real; *_proto = proto; *_data = data; - proto[0] = data[0] = '\0'; + proto[0] = data[0] = xauthfile[0] = xauthdir[0] = '\0'; - if (xauth_path == NULL ||(stat(xauth_path, &st) == -1)) { - debug("No xauth program."); - } else if (!client_x11_display_valid(display)) { - logit("DISPLAY '%s' invalid, falling back to fake xauth data", + if (!client_x11_display_valid(display)) { + logit("DISPLAY \"%s\" invalid; disabling X11 forwarding", display); - } else { - if (display == NULL) { - debug("x11_get_proto: DISPLAY not set"); - return; - } + return -1; + } + if (xauth_path != NULL && stat(xauth_path, &st) == -1) { + debug("No xauth program."); + xauth_path = NULL; + } + + if (xauth_path != NULL) { /* * Handle FamilyLocal case where $DISPLAY does * not match an authorization entry. For this we @@ -340,43 +342,60 @@ * is not perfect. */ if (strncmp(display, "localhost:", 10) == 0) { - snprintf(xdisplay, sizeof(xdisplay), "unix:%s", - display + 10); + if ((r = snprintf(xdisplay, sizeof(xdisplay), "unix:%s", + display + 10)) < 0 || + (size_t)r >= sizeof(xdisplay)) { + error("%s: display name too long", __func__); + return -1; + } display = xdisplay; } if (trusted == 0) { - mktemp_proto(xauthdir, MAXPATHLEN); /* + * Generate an untrusted X11 auth cookie. + * * The authentication cookie should briefly outlive * ssh's willingness to forward X11 connections to * avoid nasty fail-open behaviour in the X server. */ + mktemp_proto(xauthdir, sizeof(xauthdir)); + if (mkdtemp(xauthdir) == NULL) { + error("%s: mkdtemp: %s", + __func__, strerror(errno)); + return -1; + } + do_unlink = 1; + if ((r = snprintf(xauthfile, sizeof(xauthfile), + "%s/xauthfile", xauthdir)) < 0 || + (size_t)r >= sizeof(xauthfile)) { + error("%s: xauthfile path too long", __func__); + unlink(xauthfile); + rmdir(xauthdir); + return -1; + } + if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK) x11_timeout_real = UINT_MAX; else x11_timeout_real = timeout + X11_TIMEOUT_SLACK; - if (mkdtemp(xauthdir) != NULL) { - do_unlink = 1; - snprintf(xauthfile, MAXPATHLEN, "%s/xauthfile", - xauthdir); - snprintf(cmd, sizeof(cmd), - "%s -f %s generate %s " SSH_X11_PROTO - " untrusted timeout %u 2>" _PATH_DEVNULL, - xauth_path, xauthfile, display, - x11_timeout_real); - debug2("x11_get_proto: %s", cmd); - if (x11_refuse_time == 0) { - now = monotime() + 1; - if (UINT_MAX - timeout < now) - x11_refuse_time = UINT_MAX; - else - x11_refuse_time = now + timeout; - channel_set_x11_refuse_time( - x11_refuse_time); - } - if (system(cmd) == 0) - generated = 1; + if ((r = snprintf(cmd, sizeof(cmd), + "%s -f %s generate %s " SSH_X11_PROTO + " untrusted timeout %u 2>" _PATH_DEVNULL, + xauth_path, xauthfile, display, + x11_timeout_real)) < 0 || + (size_t)r >= sizeof(cmd)) + fatal("%s: cmd too long", __func__); + debug2("%s: %s", __func__, cmd); + if (x11_refuse_time == 0) { + now = monotime() + 1; + if (UINT_MAX - timeout < now) + x11_refuse_time = UINT_MAX; + else + x11_refuse_time = now + timeout; + channel_set_x11_refuse_time(x11_refuse_time); } + if (system(cmd) == 0) + generated = 1; } /* @@ -398,9 +417,7 @@ got_data = 1; if (f) pclose(f); - } else - error("Warning: untrusted X11 forwarding setup failed: " - "xauth key data not generated"); + } } if (do_unlink) { @@ -408,6 +425,13 @@ rmdir(xauthdir); } + /* Don't fall back to fake X11 data for untrusted forwarding */ + if (!trusted && !got_data) { + error("Warning: untrusted X11 forwarding setup failed: " + "xauth key data not generated"); + return -1; + } + /* * If we didn't get authentication data, just make up some * data. The forwarding code will check the validity of the @@ -430,6 +454,8 @@ rnd >>= 8; } } + + return 0; } /* Index: openssh-6.6p1/clientloop.h =================================================================== --- openssh-6.6p1.orig/clientloop.h 2016-05-05 08:22:47.256807058 -0400 +++ openssh-6.6p1/clientloop.h 2016-05-05 08:22:47.252807013 -0400 @@ -39,7 +39,7 @@ /* Client side main loop for the interactive session. */ int client_loop(int, int, int); -void client_x11_get_proto(const char *, const char *, u_int, u_int, +int client_x11_get_proto(const char *, const char *, u_int, u_int, char **, char **); void client_global_request_reply_fwd(int, u_int32_t, void *); void client_session2_setup(int, int, int, const char *, struct termios *, Index: openssh-6.6p1/mux.c =================================================================== --- openssh-6.6p1.orig/mux.c 2016-05-05 08:22:47.256807058 -0400 +++ openssh-6.6p1/mux.c 2016-05-05 08:22:47.252807013 -0400 @@ -1261,16 +1261,18 @@ char *proto, *data; /* Get reasonable local authentication information. */ - client_x11_get_proto(display, options.xauth_location, + if (client_x11_get_proto(display, options.xauth_location, options.forward_x11_trusted, options.forward_x11_timeout, - &proto, &data); - /* Request forwarding with authentication spoofing. */ - debug("Requesting X11 forwarding with authentication " - "spoofing."); - x11_request_forwarding_with_spoofing(id, display, proto, - data, 1); - client_expect_confirm(id, "X11 forwarding", CONFIRM_WARN); - /* XXX exit_on_forward_failure */ + &proto, &data) == 0) { + /* Request forwarding with authentication spoofing. */ + debug("Requesting X11 forwarding with authentication " + "spoofing."); + x11_request_forwarding_with_spoofing(id, display, proto, + data, 1); + /* XXX exit_on_forward_failure */ + client_expect_confirm(id, "X11 forwarding", + CONFIRM_WARN); + } } if (cctx->want_agent_fwd && options.forward_agent) { Index: openssh-6.6p1/ssh.c =================================================================== --- openssh-6.6p1.orig/ssh.c 2016-05-05 08:22:47.256807058 -0400 +++ openssh-6.6p1/ssh.c 2016-05-05 08:22:47.252807013 -0400 @@ -1405,6 +1405,7 @@ struct winsize ws; char *cp; const char *display; + char *proto = NULL, *data = NULL; /* Enable compression if requested. */ if (options.compression) { @@ -1473,13 +1474,9 @@ } /* Request X11 forwarding if enabled and DISPLAY is set. */ display = getenv("DISPLAY"); - if (options.forward_x11 && display != NULL) { - char *proto, *data; - /* Get reasonable local authentication information. */ - client_x11_get_proto(display, options.xauth_location, - options.forward_x11_trusted, - options.forward_x11_timeout, - &proto, &data); + if (options.forward_x11 && client_x11_get_proto(display, + options.xauth_location, options.forward_x11_trusted, + options.forward_x11_timeout, &proto, &data) == 0) { /* Request forwarding with authentication spoofing. */ debug("Requesting X11 forwarding with authentication " "spoofing."); @@ -1569,17 +1566,15 @@ extern char **environ; const char *display; int interactive = tty_flag; + char *proto = NULL, *data = NULL; if (!success) return; /* No need for error message, channels code sens one */ display = getenv("DISPLAY"); - if (options.forward_x11 && display != NULL) { - char *proto, *data; - /* Get reasonable local authentication information. */ - client_x11_get_proto(display, options.xauth_location, - options.forward_x11_trusted, - options.forward_x11_timeout, &proto, &data); + if (options.forward_x11 && client_x11_get_proto(display, + options.xauth_location, options.forward_x11_trusted, + options.forward_x11_timeout, &proto, &data) == 0) { /* Request forwarding with authentication spoofing. */ debug("Requesting X11 forwarding with authentication " "spoofing."); debian/patches/selinux-role.patch0000644000000000000000000003731312330654315014275 0ustar From ae32d626ed3d15cfd7f432358b63c005961921df Mon Sep 17 00:00:00 2001 From: Manoj Srivastava Date: Sun, 9 Feb 2014 16:09:49 +0000 Subject: Handle SELinux authorisation roles Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2013-09-14 Patch-Name: selinux-role.patch --- auth.h | 1 + auth1.c | 8 +++++++- auth2.c | 10 ++++++++-- monitor.c | 32 +++++++++++++++++++++++++++++--- monitor.h | 2 ++ monitor_wrap.c | 22 ++++++++++++++++++++-- monitor_wrap.h | 3 ++- openbsd-compat/port-linux.c | 27 ++++++++++++++++++++------- openbsd-compat/port-linux.h | 4 ++-- platform.c | 4 ++-- platform.h | 2 +- session.c | 10 +++++----- session.h | 2 +- sshd.c | 2 +- sshpty.c | 4 ++-- sshpty.h | 2 +- 16 files changed, 104 insertions(+), 31 deletions(-) diff --git a/auth.h b/auth.h index 124e597..79e4ea5 100644 --- a/auth.h +++ b/auth.h @@ -59,6 +59,7 @@ struct Authctxt { char *service; struct passwd *pw; /* set if 'valid' */ char *style; + char *role; void *kbdintctxt; char *info; /* Extra info for next auth_log */ #ifdef BSD_AUTH diff --git a/auth1.c b/auth1.c index 0f870b3..c707390 100644 --- a/auth1.c +++ b/auth1.c @@ -380,7 +380,7 @@ void do_authentication(Authctxt *authctxt) { u_int ulen; - char *user, *style = NULL; + char *user, *style = NULL, *role = NULL; /* Get the name of the user that we wish to log in as. */ packet_read_expect(SSH_CMSG_USER); @@ -389,11 +389,17 @@ do_authentication(Authctxt *authctxt) user = packet_get_cstring(&ulen); packet_check_eom(); + if ((role = strchr(user, '/')) != NULL) + *role++ = '\0'; + if ((style = strchr(user, ':')) != NULL) *style++ = '\0'; + else if (role && (style = strchr(role, ':')) != NULL) + *style++ = '\0'; authctxt->user = user; authctxt->style = style; + authctxt->role = role; /* Verify that the user is a valid user. */ if ((authctxt->pw = PRIVSEP(getpwnamallow(user))) != NULL) diff --git a/auth2.c b/auth2.c index fbe3e1b..70f2925 100644 --- a/auth2.c +++ b/auth2.c @@ -216,7 +216,7 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) { Authctxt *authctxt = ctxt; Authmethod *m = NULL; - char *user, *service, *method, *style = NULL; + char *user, *service, *method, *style = NULL, *role = NULL; int authenticated = 0; if (authctxt == NULL) @@ -228,8 +228,13 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) debug("userauth-request for user %s service %s method %s", user, service, method); debug("attempt %d failures %d", authctxt->attempt, authctxt->failures); + if ((role = strchr(user, '/')) != NULL) + *role++ = 0; + if ((style = strchr(user, ':')) != NULL) *style++ = 0; + else if (role && (style = strchr(role, ':')) != NULL) + *style++ = '\0'; if (authctxt->attempt++ == 0) { /* setup auth context */ @@ -253,8 +258,9 @@ input_userauth_request(int type, u_int32_t seq, void *ctxt) use_privsep ? " [net]" : ""); authctxt->service = xstrdup(service); authctxt->style = style ? xstrdup(style) : NULL; + authctxt->role = role ? xstrdup(role) : NULL; if (use_privsep) - mm_inform_authserv(service, style); + mm_inform_authserv(service, style, role); userauth_banner(); if (auth2_setup_methods_lists(authctxt) != 0) packet_disconnect("no authentication methods enabled"); diff --git a/monitor.c b/monitor.c index 2918814..11eac63 100644 --- a/monitor.c +++ b/monitor.c @@ -145,6 +145,7 @@ int mm_answer_sign(int, Buffer *); int mm_answer_pwnamallow(int, Buffer *); int mm_answer_auth2_read_banner(int, Buffer *); int mm_answer_authserv(int, Buffer *); +int mm_answer_authrole(int, Buffer *); int mm_answer_authpassword(int, Buffer *); int mm_answer_bsdauthquery(int, Buffer *); int mm_answer_bsdauthrespond(int, Buffer *); @@ -221,6 +222,7 @@ struct mon_table mon_dispatch_proto20[] = { {MONITOR_REQ_SIGN, MON_ONCE, mm_answer_sign}, {MONITOR_REQ_PWNAM, MON_ONCE, mm_answer_pwnamallow}, {MONITOR_REQ_AUTHSERV, MON_ONCE, mm_answer_authserv}, + {MONITOR_REQ_AUTHROLE, MON_ONCE, mm_answer_authrole}, {MONITOR_REQ_AUTH2_READ_BANNER, MON_ONCE, mm_answer_auth2_read_banner}, {MONITOR_REQ_AUTHPASSWORD, MON_AUTH, mm_answer_authpassword}, #ifdef USE_PAM @@ -822,6 +824,7 @@ mm_answer_pwnamallow(int sock, Buffer *m) else { /* Allow service/style information on the auth context */ monitor_permit(mon_dispatch, MONITOR_REQ_AUTHSERV, 1); + monitor_permit(mon_dispatch, MONITOR_REQ_AUTHROLE, 1); monitor_permit(mon_dispatch, MONITOR_REQ_AUTH2_READ_BANNER, 1); } #ifdef USE_PAM @@ -852,14 +855,37 @@ mm_answer_authserv(int sock, Buffer *m) authctxt->service = buffer_get_string(m, NULL); authctxt->style = buffer_get_string(m, NULL); - debug3("%s: service=%s, style=%s", - __func__, authctxt->service, authctxt->style); + authctxt->role = buffer_get_string(m, NULL); + debug3("%s: service=%s, style=%s, role=%s", + __func__, authctxt->service, authctxt->style, authctxt->role); if (strlen(authctxt->style) == 0) { free(authctxt->style); authctxt->style = NULL; } + if (strlen(authctxt->role) == 0) { + free(authctxt->role); + authctxt->role = NULL; + } + + return (0); +} + +int +mm_answer_authrole(int sock, Buffer *m) +{ + monitor_permit_authentications(1); + + authctxt->role = buffer_get_string(m, NULL); + debug3("%s: role=%s", + __func__, authctxt->role); + + if (strlen(authctxt->role) == 0) { + free(authctxt->role); + authctxt->role = NULL; + } + return (0); } @@ -1464,7 +1490,7 @@ mm_answer_pty(int sock, Buffer *m) res = pty_allocate(&s->ptyfd, &s->ttyfd, s->tty, sizeof(s->tty)); if (res == 0) goto error; - pty_setowner(authctxt->pw, s->tty); + pty_setowner(authctxt->pw, s->tty, authctxt->role); buffer_put_int(m, 1); buffer_put_cstring(m, s->tty); diff --git a/monitor.h b/monitor.h index 7f32b0c..4d5e8fa 100644 --- a/monitor.h +++ b/monitor.h @@ -68,6 +68,8 @@ enum monitor_reqtype { MONITOR_REQ_GSSSIGN = 150, MONITOR_ANS_GSSSIGN = 151, MONITOR_REQ_GSSUPCREDS = 152, MONITOR_ANS_GSSUPCREDS = 153, + MONITOR_REQ_AUTHROLE = 154, + }; struct mm_master; diff --git a/monitor_wrap.c b/monitor_wrap.c index 60b987d..f75dc9d 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c @@ -318,10 +318,10 @@ mm_auth2_read_banner(void) return (banner); } -/* Inform the privileged process about service and style */ +/* Inform the privileged process about service, style, and role */ void -mm_inform_authserv(char *service, char *style) +mm_inform_authserv(char *service, char *style, char *role) { Buffer m; @@ -330,12 +330,30 @@ mm_inform_authserv(char *service, char *style) buffer_init(&m); buffer_put_cstring(&m, service); buffer_put_cstring(&m, style ? style : ""); + buffer_put_cstring(&m, role ? role : ""); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHSERV, &m); buffer_free(&m); } +/* Inform the privileged process about role */ + +void +mm_inform_authrole(char *role) +{ + Buffer m; + + debug3("%s entering", __func__); + + buffer_init(&m); + buffer_put_cstring(&m, role ? role : ""); + + mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_AUTHROLE, &m); + + buffer_free(&m); +} + /* Do the password authentication */ int mm_auth_password(Authctxt *authctxt, char *password) diff --git a/monitor_wrap.h b/monitor_wrap.h index a4e9d24..9c2ee49 100644 --- a/monitor_wrap.h +++ b/monitor_wrap.h @@ -41,7 +41,8 @@ void mm_log_handler(LogLevel, const char *, void *); int mm_is_monitor(void); DH *mm_choose_dh(int, int, int); int mm_key_sign(Key *, u_char **, u_int *, u_char *, u_int); -void mm_inform_authserv(char *, char *); +void mm_inform_authserv(char *, char *, char *); +void mm_inform_authrole(char *); struct passwd *mm_getpwnamallow(const char *); char *mm_auth2_read_banner(void); int mm_auth_password(struct Authctxt *, char *); diff --git a/openbsd-compat/port-linux.c b/openbsd-compat/port-linux.c index 4637a7a..de6ad3f 100644 --- a/openbsd-compat/port-linux.c +++ b/openbsd-compat/port-linux.c @@ -29,6 +29,12 @@ #include #include +#ifdef WITH_SELINUX +#include "key.h" +#include "hostfile.h" +#include "auth.h" +#endif + #include "log.h" #include "xmalloc.h" #include "port-linux.h" @@ -58,7 +64,7 @@ ssh_selinux_enabled(void) /* Return the default security context for the given username */ static security_context_t -ssh_selinux_getctxbyname(char *pwname) +ssh_selinux_getctxbyname(char *pwname, const char *role) { security_context_t sc = NULL; char *sename = NULL, *lvl = NULL; @@ -73,9 +79,16 @@ ssh_selinux_getctxbyname(char *pwname) #endif #ifdef HAVE_GET_DEFAULT_CONTEXT_WITH_LEVEL - r = get_default_context_with_level(sename, lvl, NULL, &sc); + if (role != NULL && role[0]) + r = get_default_context_with_rolelevel(sename, role, lvl, NULL, + &sc); + else + r = get_default_context_with_level(sename, lvl, NULL, &sc); #else - r = get_default_context(sename, NULL, &sc); + if (role != NULL && role[0]) + r = get_default_context_with_role(sename, role, NULL, &sc); + else + r = get_default_context(sename, NULL, &sc); #endif if (r != 0) { @@ -105,7 +118,7 @@ ssh_selinux_getctxbyname(char *pwname) /* Set the execution context to the default for the specified user */ void -ssh_selinux_setup_exec_context(char *pwname) +ssh_selinux_setup_exec_context(char *pwname, const char *role) { security_context_t user_ctx = NULL; @@ -114,7 +127,7 @@ ssh_selinux_setup_exec_context(char *pwname) debug3("%s: setting execution context", __func__); - user_ctx = ssh_selinux_getctxbyname(pwname); + user_ctx = ssh_selinux_getctxbyname(pwname, role); if (setexeccon(user_ctx) != 0) { switch (security_getenforce()) { case -1: @@ -136,7 +149,7 @@ ssh_selinux_setup_exec_context(char *pwname) /* Set the TTY context for the specified user */ void -ssh_selinux_setup_pty(char *pwname, const char *tty) +ssh_selinux_setup_pty(char *pwname, const char *tty, const char *role) { security_context_t new_tty_ctx = NULL; security_context_t user_ctx = NULL; @@ -147,7 +160,7 @@ ssh_selinux_setup_pty(char *pwname, const char *tty) debug3("%s: setting TTY context on %s", __func__, tty); - user_ctx = ssh_selinux_getctxbyname(pwname); + user_ctx = ssh_selinux_getctxbyname(pwname, role); /* XXX: should these calls fatal() upon failure in enforcing mode? */ diff --git a/openbsd-compat/port-linux.h b/openbsd-compat/port-linux.h index e3d1004..80ce13a 100644 --- a/openbsd-compat/port-linux.h +++ b/openbsd-compat/port-linux.h @@ -21,8 +21,8 @@ #ifdef WITH_SELINUX int ssh_selinux_enabled(void); -void ssh_selinux_setup_pty(char *, const char *); -void ssh_selinux_setup_exec_context(char *); +void ssh_selinux_setup_pty(char *, const char *, const char *); +void ssh_selinux_setup_exec_context(char *, const char *); void ssh_selinux_change_context(const char *); void ssh_selinux_setfscreatecon(const char *); #endif diff --git a/platform.c b/platform.c index 30fc609..4aab9a9 100644 --- a/platform.c +++ b/platform.c @@ -142,7 +142,7 @@ platform_setusercontext(struct passwd *pw) * called if sshd is running as root. */ void -platform_setusercontext_post_groups(struct passwd *pw) +platform_setusercontext_post_groups(struct passwd *pw, const char *role) { #if !defined(HAVE_LOGIN_CAP) && defined(USE_PAM) /* @@ -183,7 +183,7 @@ platform_setusercontext_post_groups(struct passwd *pw) } #endif /* HAVE_SETPCRED */ #ifdef WITH_SELINUX - ssh_selinux_setup_exec_context(pw->pw_name); + ssh_selinux_setup_exec_context(pw->pw_name, role); #endif } diff --git a/platform.h b/platform.h index 1c7a45d..436ae7c 100644 --- a/platform.h +++ b/platform.h @@ -27,7 +27,7 @@ void platform_post_fork_parent(pid_t child_pid); void platform_post_fork_child(void); int platform_privileged_uidswap(void); void platform_setusercontext(struct passwd *); -void platform_setusercontext_post_groups(struct passwd *); +void platform_setusercontext_post_groups(struct passwd *, const char *); char *platform_get_krb5_client(const char *); char *platform_krb5_get_principal_name(const char *); int platform_sys_dir_uid(uid_t); diff --git a/session.c b/session.c index 2bcf818..6848df4 100644 --- a/session.c +++ b/session.c @@ -1502,7 +1502,7 @@ safely_chroot(const char *path, uid_t uid) /* Set login name, uid, gid, and groups. */ void -do_setusercontext(struct passwd *pw) +do_setusercontext(struct passwd *pw, const char *role) { char *chroot_path, *tmp; @@ -1530,7 +1530,7 @@ do_setusercontext(struct passwd *pw) endgrent(); #endif - platform_setusercontext_post_groups(pw); + platform_setusercontext_post_groups(pw, role); if (options.chroot_directory != NULL && strcasecmp(options.chroot_directory, "none") != 0) { @@ -1679,7 +1679,7 @@ do_child(Session *s, const char *command) /* Force a password change */ if (s->authctxt->force_pwchange) { - do_setusercontext(pw); + do_setusercontext(pw, s->authctxt->role); child_close_fds(); do_pwchange(s); exit(1); @@ -1706,7 +1706,7 @@ do_child(Session *s, const char *command) /* When PAM is enabled we rely on it to do the nologin check */ if (!options.use_pam) do_nologin(pw); - do_setusercontext(pw); + do_setusercontext(pw, s->authctxt->role); /* * PAM session modules in do_setusercontext may have * generated messages, so if this in an interactive @@ -2117,7 +2117,7 @@ session_pty_req(Session *s) tty_parse_modes(s->ttyfd, &n_bytes); if (!use_privsep) - pty_setowner(s->pw, s->tty); + pty_setowner(s->pw, s->tty, s->authctxt->role); /* Set window size from the packet. */ pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); diff --git a/session.h b/session.h index 6a2f35e..ef6593c 100644 --- a/session.h +++ b/session.h @@ -77,7 +77,7 @@ void session_pty_cleanup2(Session *); Session *session_new(void); Session *session_by_tty(char *); void session_close(Session *); -void do_setusercontext(struct passwd *); +void do_setusercontext(struct passwd *, const char *); void child_set_env(char ***envp, u_int *envsizep, const char *name, const char *value); diff --git a/sshd.c b/sshd.c index d787fea..e343d90 100644 --- a/sshd.c +++ b/sshd.c @@ -769,7 +769,7 @@ privsep_postauth(Authctxt *authctxt) explicit_bzero(rnd, sizeof(rnd)); /* Drop privileges */ - do_setusercontext(authctxt->pw); + do_setusercontext(authctxt->pw, authctxt->role); skip: /* It is safe now to apply the key state */ diff --git a/sshpty.c b/sshpty.c index bbbc0fe..8cc26a2 100644 --- a/sshpty.c +++ b/sshpty.c @@ -200,7 +200,7 @@ pty_change_window_size(int ptyfd, u_int row, u_int col, } void -pty_setowner(struct passwd *pw, const char *tty) +pty_setowner(struct passwd *pw, const char *tty, const char *role) { struct group *grp; gid_t gid; @@ -227,7 +227,7 @@ pty_setowner(struct passwd *pw, const char *tty) strerror(errno)); #ifdef WITH_SELINUX - ssh_selinux_setup_pty(pw->pw_name, tty); + ssh_selinux_setup_pty(pw->pw_name, tty, role); #endif if (st.st_uid != pw->pw_uid || st.st_gid != gid) { diff --git a/sshpty.h b/sshpty.h index cfa3224..edf2436 100644 --- a/sshpty.h +++ b/sshpty.h @@ -24,4 +24,4 @@ int pty_allocate(int *, int *, char *, size_t); void pty_release(const char *); void pty_make_controlling_tty(int *, const char *); void pty_change_window_size(int, u_int, u_int, u_int, u_int); -void pty_setowner(struct passwd *, const char *); +void pty_setowner(struct passwd *, const char *, const char *); debian/patches/user-group-modes.patch0000644000000000000000000001753512330654315015070 0ustar From 77638f6662ecd8500e1b97e537233b1277ca829f Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:09:58 +0000 Subject: Allow harmless group-writability Allow secure files (~/.ssh/config, ~/.ssh/authorized_keys, etc.) to be group-writable, provided that the group in question contains only the file's owner. Rejected upstream for IMO incorrect reasons (e.g. a misunderstanding about the contents of gr->gr_mem). Given that per-user groups and umask 002 are the default setup in Debian (for good reasons - this makes operating in setgid directories with other groups much easier), we need to permit this by default. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1060 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=314347 Last-Update: 2013-09-14 Patch-Name: user-group-modes.patch --- auth-rhosts.c | 6 ++---- auth.c | 9 +++----- misc.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++- misc.h | 2 ++ platform.c | 16 -------------- readconf.c | 5 +++-- ssh.1 | 2 ++ ssh_config.5 | 2 ++ 8 files changed, 82 insertions(+), 29 deletions(-) diff --git a/auth-rhosts.c b/auth-rhosts.c index 06ae7f0..f202787 100644 --- a/auth-rhosts.c +++ b/auth-rhosts.c @@ -256,8 +256,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam return 0; } if (options.strict_modes && - ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) { + !secure_permissions(&st, pw->pw_uid)) { logit("Rhosts authentication refused for %.100s: " "bad ownership or modes for home directory.", pw->pw_name); auth_debug_add("Rhosts authentication refused for %.100s: " @@ -283,8 +282,7 @@ auth_rhosts2_raw(struct passwd *pw, const char *client_user, const char *hostnam * allowing access to their account by anyone. */ if (options.strict_modes && - ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) { + !secure_permissions(&st, pw->pw_uid)) { logit("Rhosts authentication refused for %.100s: bad modes for %.200s", pw->pw_name, buf); auth_debug_add("Bad file modes for %.200s", buf); diff --git a/auth.c b/auth.c index 9a36f1d..0c45f09 100644 --- a/auth.c +++ b/auth.c @@ -407,8 +407,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, user_hostfile = tilde_expand_filename(userfile, pw->pw_uid); if (options.strict_modes && (stat(user_hostfile, &st) == 0) && - ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || - (st.st_mode & 022) != 0)) { + !secure_permissions(&st, pw->pw_uid)) { logit("Authentication refused for %.100s: " "bad owner or modes for %.200s", pw->pw_name, user_hostfile); @@ -470,8 +469,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, snprintf(err, errlen, "%s is not a regular file", buf); return -1; } - if ((!platform_sys_dir_uid(stp->st_uid) && stp->st_uid != uid) || - (stp->st_mode & 022) != 0) { + if (!secure_permissions(stp, uid)) { snprintf(err, errlen, "bad ownership or modes for file %s", buf); return -1; @@ -486,8 +484,7 @@ auth_secure_path(const char *name, struct stat *stp, const char *pw_dir, strlcpy(buf, cp, sizeof(buf)); if (stat(buf, &st) < 0 || - (!platform_sys_dir_uid(st.st_uid) && st.st_uid != uid) || - (st.st_mode & 022) != 0) { + !secure_permissions(&st, uid)) { snprintf(err, errlen, "bad ownership or modes for directory %s", buf); return -1; diff --git a/misc.c b/misc.c index e4c8c32..4e756b0 100644 --- a/misc.c +++ b/misc.c @@ -49,8 +49,9 @@ #include #ifdef HAVE_PATHS_H # include -#include #endif +#include +#include #ifdef SSH_TUN_OPENBSD #include #endif @@ -59,6 +60,7 @@ #include "misc.h" #include "log.h" #include "ssh.h" +#include "platform.h" /* remove newline at end of string */ char * @@ -643,6 +645,71 @@ read_keyfile_line(FILE *f, const char *filename, char *buf, size_t bufsz, return -1; } +/* + * return 1 if the specified uid is a uid that may own a system directory + * otherwise 0. + */ +int +platform_sys_dir_uid(uid_t uid) +{ + if (uid == 0) + return 1; +#ifdef PLATFORM_SYS_DIR_UID + if (uid == PLATFORM_SYS_DIR_UID) + return 1; +#endif + return 0; +} + +int +secure_permissions(struct stat *st, uid_t uid) +{ + if (!platform_sys_dir_uid(st->st_uid) && st->st_uid != uid) + return 0; + if ((st->st_mode & 002) != 0) + return 0; + if ((st->st_mode & 020) != 0) { + /* If the file is group-writable, the group in question must + * have exactly one member, namely the file's owner. + * (Zero-member groups are typically used by setgid + * binaries, and are unlikely to be suitable.) + */ + struct passwd *pw; + struct group *gr; + int members = 0; + + gr = getgrgid(st->st_gid); + if (!gr) + return 0; + + /* Check primary group memberships. */ + while ((pw = getpwent()) != NULL) { + if (pw->pw_gid == gr->gr_gid) { + ++members; + if (pw->pw_uid != uid) + return 0; + } + } + endpwent(); + + pw = getpwuid(st->st_uid); + if (!pw) + return 0; + + /* Check supplementary group memberships. */ + if (gr->gr_mem[0]) { + ++members; + if (strcmp(pw->pw_name, gr->gr_mem[0]) || + gr->gr_mem[1]) + return 0; + } + + if (!members) + return 0; + } + return 1; +} + int tun_open(int tun, int mode) { diff --git a/misc.h b/misc.h index d4df619..ceb173b 100644 --- a/misc.h +++ b/misc.h @@ -106,4 +106,6 @@ char *read_passphrase(const char *, int); int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); int read_keyfile_line(FILE *, const char *, char *, size_t, u_long *); +int secure_permissions(struct stat *st, uid_t uid); + #endif /* _MISC_H */ diff --git a/platform.c b/platform.c index 4aab9a9..f99de7f 100644 --- a/platform.c +++ b/platform.c @@ -196,19 +196,3 @@ platform_krb5_get_principal_name(const char *pw_name) return NULL; #endif } - -/* - * return 1 if the specified uid is a uid that may own a system directory - * otherwise 0. - */ -int -platform_sys_dir_uid(uid_t uid) -{ - if (uid == 0) - return 1; -#ifdef PLATFORM_SYS_DIR_UID - if (uid == PLATFORM_SYS_DIR_UID) - return 1; -#endif - return 0; -} diff --git a/readconf.c b/readconf.c index 6409937..32c4b42 100644 --- a/readconf.c +++ b/readconf.c @@ -37,6 +37,8 @@ #include #include #include +#include +#include #ifdef HAVE_UTIL_H #include #endif @@ -1477,8 +1479,7 @@ read_config_file(const char *filename, struct passwd *pw, const char *host, if (fstat(fileno(f), &sb) == -1) fatal("fstat %s: %s", filename, strerror(errno)); - if (((sb.st_uid != 0 && sb.st_uid != getuid()) || - (sb.st_mode & 022) != 0)) + if (!secure_permissions(&sb, getuid())) fatal("Bad owner or permissions on %s", filename); } diff --git a/ssh.1 b/ssh.1 index 27794e2..ff5e6ac 100644 --- a/ssh.1 +++ b/ssh.1 @@ -1352,6 +1352,8 @@ The file format and configuration options are described in .Xr ssh_config 5 . Because of the potential for abuse, this file must have strict permissions: read/write for the user, and not writable by others. +It may be group-writable provided that the group in question contains only +the user. .Pp .It Pa ~/.ssh/environment Contains additional definitions for environment variables; see diff --git a/ssh_config.5 b/ssh_config.5 index 3172fd4..4bf7cbb 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -1529,6 +1529,8 @@ The format of this file is described above. This file is used by the SSH client. Because of the potential for abuse, this file must have strict permissions: read/write for the user, and not accessible by others. +It may be group-writable provided that the group in question contains only +the user. .It Pa /etc/ssh/ssh_config Systemwide configuration file. This file provides defaults for those debian/patches/CVE-2016-1908-1.patch0000644000000000000000000000261012712635222013377 0ustar Backport of: From f98a09cacff7baad8748c9aa217afd155a4d493f Mon Sep 17 00:00:00 2001 From: "mmcc@openbsd.org" Date: Tue, 20 Oct 2015 03:36:35 +0000 Subject: upstream commit Replace a function-local allocation with stack memory. ok djm@ Upstream-ID: c09fbbab637053a2ab9f33ca142b4e20a4c5a17e --- clientloop.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) Index: openssh-6.6p1/clientloop.c =================================================================== --- openssh-6.6p1.orig/clientloop.c 2016-05-05 08:09:50.075917830 -0400 +++ openssh-6.6p1/clientloop.c 2016-05-05 08:10:30.336380407 -0400 @@ -314,11 +314,10 @@ static char proto[512], data[512]; FILE *f; int got_data = 0, generated = 0, do_unlink = 0, i; - char *xauthdir, *xauthfile; + char xauthdir[MAXPATHLEN] = "", xauthfile[MAXPATHLEN] = ""; struct stat st; u_int now, x11_timeout_real; - xauthdir = xauthfile = NULL; *_proto = proto; *_data = data; proto[0] = data[0] = '\0'; @@ -346,8 +345,6 @@ display = xdisplay; } if (trusted == 0) { - xauthdir = xmalloc(MAXPATHLEN); - xauthfile = xmalloc(MAXPATHLEN); mktemp_proto(xauthdir, MAXPATHLEN); /* * The authentication cookie should briefly outlive @@ -410,8 +407,6 @@ unlink(xauthfile); rmdir(xauthdir); } - free(xauthdir); - free(xauthfile); /* * If we didn't get authentication data, just make up some debian/patches/sigstop.patch0000644000000000000000000000174012330654315013332 0ustar From cfeaa0ba2ce2859573f7e980be09ef05511f56a2 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:17 +0000 Subject: Support synchronisation with service supervisor using SIGSTOP Author: Robie Basak Forwarded: no Last-Update: 2014-04-14 Patch-Name: sigstop.patch --- sshd.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/sshd.c b/sshd.c index 665c0b9..0964491 100644 --- a/sshd.c +++ b/sshd.c @@ -1931,6 +1931,16 @@ main(int ac, char **av) } } + if (getenv("SSH_SIGSTOP")) { + /* Tell service supervisor that we are ready. */ + kill(getpid(), SIGSTOP); + /* The service supervisor only ever expects a single + * STOP signal, so do not ever signal it again, even + * in the case of a re-exec or future children. + */ + unsetenv("SSH_SIGSTOP"); + } + /* Accept a connection and return in a forked child */ server_accept_loop(&sock_in, &sock_out, &newsock, config_s); debian/patches/CVE-2016-10011.patch0000644000000000000000000000426713227153543013317 0ustar Description: local information disclosure via effects of realloc on buffer contents Origin: obtained from OpenSuSE's openssh-6.6p1-17.1.src.rpm package # HG changeset patch # Parent 98d3623ac4a49c42f10e557c78900734808ce668 Pre-allocare buffer for private keys data to prevent leaking of sensitive data via heap. CVE-2016-10011 bsc#1016369 backported upstream commit 54d022026aae4f53fa74cc636e4a032d9689b64d backported upstream commit a9c746088787549bb5b1ae3add7d06a1b6d93d5e diff --git a/authfile.c b/authfile.c --- a/authfile.c +++ b/authfile.c @@ -689,34 +689,44 @@ key_load_file(int fd, const char *filena if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 && st.st_size > MAX_KEY_FILE_SIZE) { toobig: error("%s: key file %.200s%stoo large", __func__, filename == NULL ? "" : filename, filename == NULL ? "" : " "); return 0; } + /* + * Pre-allocate the buffer used for the key contents and clamp its + * maximum size. This ensures that key contents are never leaked via + * implicit realloc() in the sshbuf code. + */ + if ((st.st_mode & S_IFREG) == 0 || st.st_size <= 0) { + st.st_size = 64*1024; /* 64k should be enough for anyone :) */ + } + buffer_append_space(blob, st.st_size); buffer_clear(blob); for (;;) { if ((len = atomicio(read, fd, buf, sizeof(buf))) == 0) { if (errno == EPIPE) break; debug("%s: read from key file %.200s%sfailed: %.100s", __func__, filename == NULL ? "" : filename, filename == NULL ? "" : " ", strerror(errno)); buffer_clear(blob); explicit_bzero(buf, sizeof(buf)); return 0; } - buffer_append(blob, buf, len); - if (buffer_len(blob) > MAX_KEY_FILE_SIZE) { + /* first check limits to prevent automatic buffer blow-up */ + if (buffer_len(blob) + len > (u_int)st.st_size) { buffer_clear(blob); explicit_bzero(buf, sizeof(buf)); goto toobig; } + buffer_append(blob, buf, len); } explicit_bzero(buf, sizeof(buf)); if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 && st.st_size != buffer_len(blob)) { debug("%s: key file %.200s%schanged size while reading", __func__, filename == NULL ? "" : filename, filename == NULL ? "" : " "); buffer_clear(blob); debian/patches/CVE-2015-5600-2.patch0000644000000000000000000000113212564507762013402 0ustar Description: fix random auth failures because of uninitialized struct field Author: Benn Sundsrud Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1485719 Index: openssh-6.6p1/auth2-chall.c =================================================================== --- openssh-6.6p1.orig/auth2-chall.c 2015-08-17 21:52:45.843249437 -0400 +++ openssh-6.6p1/auth2-chall.c 2015-08-17 21:52:45.843249437 -0400 @@ -131,6 +131,7 @@ kbdintctxt->ctxt = NULL; kbdintctxt->device = NULL; kbdintctxt->nreq = 0; + kbdintctxt->devices_done = 0; return kbdintctxt; } debian/patches/pam-security-1.patch0000644000000000000000000000255012563350547014432 0ustar From d4697fe9a28dab7255c60433e4dd23cf7fce8a8b Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 11 Aug 2015 13:33:24 +1000 Subject: [PATCH] Don't resend username to PAM; it already has it. Pointed out by Moritz Jodeit; ok dtucker@ --- monitor.c | 2 -- monitor_wrap.c | 1 - 2 files changed, 3 deletions(-) Index: openssh-6.6p1/monitor.c =================================================================== --- openssh-6.6p1.orig/monitor.c 2015-08-14 07:30:44.987806191 -0400 +++ openssh-6.6p1/monitor.c 2015-08-14 07:30:44.983806158 -0400 @@ -1086,9 +1086,7 @@ int mm_answer_pam_init_ctx(int sock, Buffer *m) { - debug3("%s", __func__); - authctxt->user = buffer_get_string(m, NULL); sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); sshpam_authok = NULL; buffer_clear(m); Index: openssh-6.6p1/monitor_wrap.c =================================================================== --- openssh-6.6p1.orig/monitor_wrap.c 2015-08-14 07:30:44.987806191 -0400 +++ openssh-6.6p1/monitor_wrap.c 2015-08-14 07:30:44.987806191 -0400 @@ -838,7 +838,6 @@ debug3("%s", __func__); buffer_init(&m); - buffer_put_cstring(&m, authctxt->user); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, &m); debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_INIT_CTX, &m); debian/patches/CVE-2015-5352.patch0000644000000000000000000001157612563363667013267 0ustar Backport of: From 1bf477d3cdf1a864646d59820878783d42357a1d Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Wed, 1 Jul 2015 02:26:31 +0000 Subject: [PATCH] upstream commit better refuse ForwardX11Trusted=no connections attempted after ForwardX11Timeout expires; reported by Jann Horn Upstream-ID: bf0fddadc1b46a0334e26c080038313b4b6dea21 --- channels.c | 18 +++++++++++++++++- channels.h | 3 ++- clientloop.c | 29 +++++++++++++++++++++-------- 3 files changed, 40 insertions(+), 10 deletions(-) Index: openssh-6.6p1/channels.c =================================================================== --- openssh-6.6p1.orig/channels.c 2015-08-14 09:05:57.436375602 -0400 +++ openssh-6.6p1/channels.c 2015-08-14 09:05:57.432375565 -0400 @@ -151,6 +151,9 @@ static char *x11_saved_data = NULL; static u_int x11_saved_data_len = 0; +/* Deadline after which all X11 connections are refused */ +static u_int x11_refuse_time; + /* * Fake X11 authentication data. This is what the server will be sending us; * we should replace any occurrences of this by the real data. @@ -894,6 +897,13 @@ u_char *ucp; u_int proto_len, data_len; + /* Is this being called after the refusal deadline? */ + if (x11_refuse_time != 0 && (u_int)monotime() >= x11_refuse_time) { + verbose("Rejected X11 connection after ForwardX11Timeout " + "expired"); + return -1; + } + /* Check if the fixed size part of the packet is in buffer. */ if (buffer_len(b) < 12) return 0; @@ -1457,6 +1467,12 @@ error("setsockopt SO_REUSEADDR fd %d: %s", fd, strerror(errno)); } +void +channel_set_x11_refuse_time(u_int refuse_time) +{ + x11_refuse_time = refuse_time; +} + /* * This socket is listening for connections to a forwarded TCP/IP port. */ Index: openssh-6.6p1/channels.h =================================================================== --- openssh-6.6p1.orig/channels.h 2015-08-14 09:05:57.436375602 -0400 +++ openssh-6.6p1/channels.h 2015-08-14 09:05:57.432375565 -0400 @@ -279,6 +279,7 @@ /* x11 forwarding */ +void channel_set_x11_refuse_time(u_int); int x11_connect_display(void); int x11_create_display_inet(int, int, int, u_int *, int **); void x11_input_open(int, u_int32_t, void *); Index: openssh-6.6p1/clientloop.c =================================================================== --- openssh-6.6p1.orig/clientloop.c 2015-08-14 09:05:57.436375602 -0400 +++ openssh-6.6p1/clientloop.c 2015-08-14 09:05:57.432375565 -0400 @@ -164,7 +164,7 @@ static int connection_out; /* Connection to server (output). */ static int need_rekeying; /* Set to non-zero if rekeying is requested. */ static int session_closed; /* In SSH2: login session closed. */ -static int x11_refuse_time; /* If >0, refuse x11 opens after this time. */ +static u_int x11_refuse_time; /* If >0, refuse x11 opens after this time. */ static void client_init_dispatch(void); int session_ident = -1; @@ -302,7 +302,8 @@ return 1; } -#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" +#define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" +#define X11_TIMEOUT_SLACK 60 void client_x11_get_proto(const char *display, const char *xauth_path, u_int trusted, u_int timeout, char **_proto, char **_data) @@ -315,7 +316,7 @@ int got_data = 0, generated = 0, do_unlink = 0, i; char *xauthdir, *xauthfile; struct stat st; - u_int now; + u_int now, x11_timeout_real; xauthdir = xauthfile = NULL; *_proto = proto; @@ -348,6 +349,15 @@ xauthdir = xmalloc(MAXPATHLEN); xauthfile = xmalloc(MAXPATHLEN); mktemp_proto(xauthdir, MAXPATHLEN); + /* + * The authentication cookie should briefly outlive + * ssh's willingness to forward X11 connections to + * avoid nasty fail-open behaviour in the X server. + */ + if (timeout >= UINT_MAX - X11_TIMEOUT_SLACK) + x11_timeout_real = UINT_MAX; + else + x11_timeout_real = timeout + X11_TIMEOUT_SLACK; if (mkdtemp(xauthdir) != NULL) { do_unlink = 1; snprintf(xauthfile, MAXPATHLEN, "%s/xauthfile", @@ -355,17 +365,20 @@ snprintf(cmd, sizeof(cmd), "%s -f %s generate %s " SSH_X11_PROTO " untrusted timeout %u 2>" _PATH_DEVNULL, - xauth_path, xauthfile, display, timeout); + xauth_path, xauthfile, display, + x11_timeout_real); debug2("x11_get_proto: %s", cmd); - if (system(cmd) == 0) - generated = 1; if (x11_refuse_time == 0) { now = monotime() + 1; if (UINT_MAX - timeout < now) x11_refuse_time = UINT_MAX; else x11_refuse_time = now + timeout; + channel_set_x11_refuse_time( + x11_refuse_time); } + if (system(cmd) == 0) + generated = 1; } } @@ -1891,7 +1904,7 @@ "malicious server."); return NULL; } - if (x11_refuse_time != 0 && monotime() >= x11_refuse_time) { + if (x11_refuse_time != 0 && (u_int)monotime() >= x11_refuse_time) { verbose("Rejected X11 connection after ForwardX11Timeout " "expired"); return NULL; debian/patches/openbsd-docs.patch0000644000000000000000000001106012330654315014216 0ustar From ec9bfd62211fdf5a3004ef2045c2eb3baccfd375 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:09 +0000 Subject: Adjust various OpenBSD-specific references in manual pages No single bug reference for this patch, but history includes: http://bugs.debian.org/154434 (login.conf(5)) http://bugs.debian.org/513417 (/etc/rc) http://bugs.debian.org/530692 (ssl(8)) https://bugs.launchpad.net/bugs/456660 (ssl(8)) Forwarded: not-needed Last-Update: 2013-09-14 Patch-Name: openbsd-docs.patch --- moduli.5 | 4 ++-- ssh-keygen.1 | 12 ++++-------- ssh.1 | 4 ++++ sshd.8 | 5 ++--- sshd_config.5 | 3 +-- 5 files changed, 13 insertions(+), 15 deletions(-) diff --git a/moduli.5 b/moduli.5 index ef0de08..149846c 100644 --- a/moduli.5 +++ b/moduli.5 @@ -21,7 +21,7 @@ .Nd Diffie-Hellman moduli .Sh DESCRIPTION The -.Pa /etc/moduli +.Pa /etc/ssh/moduli file contains prime numbers and generators for use by .Xr sshd 8 in the Diffie-Hellman Group Exchange key exchange method. @@ -110,7 +110,7 @@ first estimates the size of the modulus required to produce enough Diffie-Hellman output to sufficiently key the selected symmetric cipher. .Xr sshd 8 then randomly selects a modulus from -.Fa /etc/moduli +.Fa /etc/ssh/moduli that best meets the size requirement. .Sh SEE ALSO .Xr ssh-keygen 1 , diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 12e00d4..a71de74 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -172,9 +172,7 @@ key in .Pa ~/.ssh/id_ed25519 or .Pa ~/.ssh/id_rsa . -Additionally, the system administrator may use this to generate host keys, -as seen in -.Pa /etc/rc . +Additionally, the system administrator may use this to generate host keys. .Pp Normally this program generates the key and asks for a file in which to store the private key. @@ -221,9 +219,7 @@ For each of the key types (rsa1, rsa, dsa, ecdsa and ed25519) for which host keys do not exist, generate the host keys with the default key file path, an empty passphrase, default bits for the key type, and default comment. -This is used by -.Pa /etc/rc -to generate new host keys. +This is used by system administration scripts to generate new host keys. .It Fl a Ar rounds When saving a new-format private key (i.e. an ed25519 key or any SSH protocol 2 key when the @@ -628,7 +624,7 @@ option. Valid generator values are 2, 3, and 5. .Pp Screened DH groups may be installed in -.Pa /etc/moduli . +.Pa /etc/ssh/moduli . It is important that this file contains moduli of a range of bit lengths and that both ends of a connection share common moduli. .Sh CERTIFICATES @@ -827,7 +823,7 @@ on all machines where the user wishes to log in using public key authentication. There is no need to keep the contents of this file secret. .Pp -.It Pa /etc/moduli +.It Pa /etc/ssh/moduli Contains Diffie-Hellman groups used for DH-GEX. The file format is described in .Xr moduli 5 . diff --git a/ssh.1 b/ssh.1 index ff5e6ac..67b4f44 100644 --- a/ssh.1 +++ b/ssh.1 @@ -763,6 +763,10 @@ Protocol 1 is restricted to using only RSA keys, but protocol 2 may use any. The HISTORY section of .Xr ssl 8 +(on non-OpenBSD systems, see +.nh +http://www.openbsd.org/cgi\-bin/man.cgi?query=ssl&sektion=8#HISTORY) +.hy contains a brief discussion of the DSA and RSA algorithms. .Pp The file diff --git a/sshd.8 b/sshd.8 index e6a900b..b016e90 100644 --- a/sshd.8 +++ b/sshd.8 @@ -70,7 +70,7 @@ over an insecure network. .Nm listens for connections from clients. It is normally started at boot from -.Pa /etc/rc . +.Pa /etc/init.d/ssh . It forks a new daemon for each incoming connection. The forked daemons handle @@ -862,7 +862,7 @@ This file is for host-based authentication (see .Xr ssh 1 ) . It should only be writable by root. .Pp -.It Pa /etc/moduli +.It Pa /etc/ssh/moduli Contains Diffie-Hellman groups used for the "Diffie-Hellman Group Exchange". The file format is described in .Xr moduli 5 . @@ -961,7 +961,6 @@ The content of this file is not sensitive; it can be world-readable. .Xr ssh-keyscan 1 , .Xr chroot 2 , .Xr hosts_access 5 , -.Xr login.conf 5 , .Xr moduli 5 , .Xr sshd_config 5 , .Xr inetd 8 , diff --git a/sshd_config.5 b/sshd_config.5 index 8f078f6..908e0bb 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -283,8 +283,7 @@ This option is only available for protocol version 2. By default, no banner is displayed. .It Cm ChallengeResponseAuthentication Specifies whether challenge-response authentication is allowed (e.g. via -PAM or though authentication styles supported in -.Xr login.conf 5 ) +PAM). The default is .Dq yes . .It Cm ChrootDirectory debian/patches/report-max-auth.patch0000644000000000000000000000346112645765554014722 0ustar Description: backport upstream changes from 6.7: Make the "Too many authentication failures" message include the user, source address, port and protocol in a format similar to the authentication success / failure messages. Index: openssh-6.6p1/auth1.c =================================================================== --- openssh-6.6p1.orig/auth1.c 2015-03-31 12:58:15.000000000 -0700 +++ openssh-6.6p1/auth1.c 2015-04-21 11:17:55.292642652 -0700 @@ -40,6 +40,7 @@ #endif #include "monitor_wrap.h" #include "buffer.h" +#include "canohost.h" /* import */ extern ServerOptions options; @@ -363,6 +364,13 @@ #ifdef SSH_AUDIT_EVENTS PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); #endif + error("maximum authentication attempts exceeded for " + "%s%.100s from %.200s port %d %s", + authctxt->valid ? "" : "invalid user ", + authctxt->user, + get_remote_ipaddr(), + get_remote_port(), + compat20 ? "ssh2" : "ssh1"); packet_disconnect(AUTH_FAIL_MSG, authctxt->user); } Index: openssh-6.6p1/auth2.c =================================================================== --- openssh-6.6p1.orig/auth2.c 2015-03-31 12:58:15.000000000 -0700 +++ openssh-6.6p1/auth2.c 2015-04-21 11:17:41.308441059 -0700 @@ -49,6 +49,7 @@ #include "dispatch.h" #include "pathnames.h" #include "buffer.h" +#include "canohost.h" #ifdef GSSAPI #include "ssh-gss.h" @@ -370,6 +371,13 @@ #ifdef SSH_AUDIT_EVENTS PRIVSEP(audit_event(SSH_LOGIN_EXCEED_MAXTRIES)); #endif + error("maximum authentication attempts exceeded for " + "%s%.100s from %.200s port %d %s", + authctxt->valid ? "" : "invalid user ", + authctxt->user, + get_remote_ipaddr(), + get_remote_port(), + compat20 ? "ssh2" : "ssh1"); packet_disconnect(AUTH_FAIL_MSG, authctxt->user); } methods = authmethods_get(authctxt); debian/patches/auth-log-verbosity.patch0000644000000000000000000001037412330654315015411 0ustar From 283322f493ee7dc75511f6cf9e9b88e536de0874 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:02 +0000 Subject: Quieten logs when multiple from= restrictions are used Bug-Debian: http://bugs.debian.org/630606 Forwarded: no Last-Update: 2013-09-14 Patch-Name: auth-log-verbosity.patch --- auth-options.c | 35 ++++++++++++++++++++++++++--------- auth-options.h | 1 + auth-rsa.c | 2 ++ auth2-pubkey.c | 3 +++ 4 files changed, 32 insertions(+), 9 deletions(-) diff --git a/auth-options.c b/auth-options.c index fa209ea..df61330 100644 --- a/auth-options.c +++ b/auth-options.c @@ -54,9 +54,20 @@ int forced_tun_device = -1; /* "principals=" option. */ char *authorized_principals = NULL; +/* Throttle log messages. */ +int logged_from_hostip = 0; +int logged_cert_hostip = 0; + extern ServerOptions options; void +auth_start_parse_options(void) +{ + logged_from_hostip = 0; + logged_cert_hostip = 0; +} + +void auth_clear_options(void) { no_agent_forwarding_flag = 0; @@ -284,10 +295,13 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum) /* FALLTHROUGH */ case 0: free(patterns); - logit("Authentication tried for %.100s with " - "correct key but not from a permitted " - "host (host=%.200s, ip=%.200s).", - pw->pw_name, remote_host, remote_ip); + if (!logged_from_hostip) { + logit("Authentication tried for %.100s with " + "correct key but not from a permitted " + "host (host=%.200s, ip=%.200s).", + pw->pw_name, remote_host, remote_ip); + logged_from_hostip = 1; + } auth_debug_add("Your host '%.200s' is not " "permitted to use this key for login.", remote_host); @@ -510,11 +524,14 @@ parse_option_list(u_char *optblob, size_t optblob_len, struct passwd *pw, break; case 0: /* no match */ - logit("Authentication tried for %.100s " - "with valid certificate but not " - "from a permitted host " - "(ip=%.200s).", pw->pw_name, - remote_ip); + if (!logged_cert_hostip) { + logit("Authentication tried for %.100s " + "with valid certificate but not " + "from a permitted host " + "(ip=%.200s).", pw->pw_name, + remote_ip); + logged_cert_hostip = 1; + } auth_debug_add("Your address '%.200s' " "is not permitted to use this " "certificate for login.", diff --git a/auth-options.h b/auth-options.h index 7455c94..a3f0a02 100644 --- a/auth-options.h +++ b/auth-options.h @@ -33,6 +33,7 @@ extern int forced_tun_device; extern int key_is_cert_authority; extern char *authorized_principals; +void auth_start_parse_options(void); int auth_parse_options(struct passwd *, char *, char *, u_long); void auth_clear_options(void); int auth_cert_options(Key *, struct passwd *); diff --git a/auth-rsa.c b/auth-rsa.c index 5dad6c3..260ce2f 100644 --- a/auth-rsa.c +++ b/auth-rsa.c @@ -178,6 +178,8 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file, if ((f = auth_openkeyfile(file, pw, options.strict_modes)) == NULL) return 0; + auth_start_parse_options(); + /* * Go though the accepted keys, looking for the current key. If * found, perform a challenge-response dialog to verify that the diff --git a/auth2-pubkey.c b/auth2-pubkey.c index 0fd27bb..7c56927 100644 --- a/auth2-pubkey.c +++ b/auth2-pubkey.c @@ -263,6 +263,7 @@ match_principals_file(char *file, struct passwd *pw, struct KeyCert *cert) restore_uid(); return 0; } + auth_start_parse_options(); while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { /* Skip leading whitespace. */ for (cp = line; *cp == ' ' || *cp == '\t'; cp++) @@ -324,6 +325,7 @@ check_authkeys_file(FILE *f, char *file, Key* key, struct passwd *pw) found_key = 0; found = NULL; + auth_start_parse_options(); while (read_keyfile_line(f, file, line, sizeof(line), &linenum) != -1) { char *cp, *key_options = NULL; if (found != NULL) @@ -459,6 +461,7 @@ user_cert_trusted_ca(struct passwd *pw, Key *key) if (key_cert_check_authority(key, 0, 1, principals_file == NULL ? pw->pw_name : NULL, &reason) != 0) goto fail_reason; + auth_start_parse_options(); if (auth_cert_options(key, pw) != 0) goto out; debian/patches/syslog-level-silent.patch0000644000000000000000000000317412330654315015566 0ustar From b8ed36cdf2dbebc01e52e83eece4bb1d78607e84 Mon Sep 17 00:00:00 2001 From: Jonathan David Amery Date: Sun, 9 Feb 2014 16:09:54 +0000 Subject: "LogLevel SILENT" compatibility "LogLevel SILENT" (-qq) was introduced in Debian openssh 1:3.0.1p1-1 to match the behaviour of non-free SSH, in which -q does not suppress fatal errors. However, this was unintentionally broken in 1:4.6p1-2 and nobody complained, so we've dropped most of it. The parts that remain are basic configuration file compatibility, and an adjustment to "Pseudo-terminal will not be allocated ..." which should be split out into a separate patch. Author: Matthew Vernon Author: Colin Watson Last-Update: 2013-09-14 Patch-Name: syslog-level-silent.patch --- log.c | 1 + ssh.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/log.c b/log.c index 32e1d2e..53e7b65 100644 --- a/log.c +++ b/log.c @@ -94,6 +94,7 @@ static struct { LogLevel val; } log_levels[] = { + { "SILENT", SYSLOG_LEVEL_QUIET }, /* compatibility */ { "QUIET", SYSLOG_LEVEL_QUIET }, { "FATAL", SYSLOG_LEVEL_FATAL }, { "ERROR", SYSLOG_LEVEL_ERROR }, diff --git a/ssh.c b/ssh.c index 1e6cb90..3e63708 100644 --- a/ssh.c +++ b/ssh.c @@ -965,7 +965,7 @@ main(int ac, char **av) /* Do not allocate a tty if stdin is not a tty. */ if ((!isatty(fileno(stdin)) || stdin_null_flag) && options.request_tty != REQUEST_TTY_FORCE) { - if (tty_flag) + if (tty_flag && options.log_level != SYSLOG_LEVEL_QUIET) logit("Pseudo-terminal will not be allocated because " "stdin is not a terminal."); tty_flag = 0; debian/patches/dnssec-sshfp.patch0000644000000000000000000000602012330654315014236 0ustar From 912129ba92bea401d8cdeadc7aa7084fbf7625a1 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:01 +0000 Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf This allows SSHFP DNS records to be verified if glibc 2.11 is installed. Origin: vendor, https://cvs.fedoraproject.org/viewvc/F-12/openssh/openssh-5.2p1-edns.patch?revision=1.1&view=markup Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=572049 Last-Update: 2010-04-06 Patch-Name: dnssec-sshfp.patch --- dns.c | 14 +++++++++++++- openbsd-compat/getrrsetbyname.c | 10 +++++----- openbsd-compat/getrrsetbyname.h | 3 +++ 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/dns.c b/dns.c index 630b97a..478c3d9 100644 --- a/dns.c +++ b/dns.c @@ -196,6 +196,7 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, { u_int counter; int result; + unsigned int rrset_flags = 0; struct rrsetinfo *fingerprints = NULL; u_int8_t hostkey_algorithm; @@ -219,8 +220,19 @@ verify_host_key_dns(const char *hostname, struct sockaddr *address, return -1; } + /* + * Original getrrsetbyname function, found on OpenBSD for example, + * doesn't accept any flag and prerequisite for obtaining AD bit in + * DNS response is set by "options edns0" in resolv.conf. + * + * Our version is more clever and use RRSET_FORCE_EDNS0 flag. + */ +#ifndef HAVE_GETRRSETBYNAME + rrset_flags |= RRSET_FORCE_EDNS0; +#endif result = getrrsetbyname(hostname, DNS_RDATACLASS_IN, - DNS_RDATATYPE_SSHFP, 0, &fingerprints); + DNS_RDATATYPE_SSHFP, rrset_flags, &fingerprints); + if (result) { verbose("DNS lookup error: %s", dns_result_totext(result)); return -1; diff --git a/openbsd-compat/getrrsetbyname.c b/openbsd-compat/getrrsetbyname.c index dc6fe05..e061a29 100644 --- a/openbsd-compat/getrrsetbyname.c +++ b/openbsd-compat/getrrsetbyname.c @@ -209,8 +209,8 @@ getrrsetbyname(const char *hostname, unsigned int rdclass, goto fail; } - /* don't allow flags yet, unimplemented */ - if (flags) { + /* Allow RRSET_FORCE_EDNS0 flag only. */ + if ((flags & !RRSET_FORCE_EDNS0) != 0) { result = ERRSET_INVAL; goto fail; } @@ -226,9 +226,9 @@ getrrsetbyname(const char *hostname, unsigned int rdclass, #endif /* DEBUG */ #ifdef RES_USE_DNSSEC - /* turn on DNSSEC if EDNS0 is configured */ - if (_resp->options & RES_USE_EDNS0) - _resp->options |= RES_USE_DNSSEC; + /* turn on DNSSEC if required */ + if (flags & RRSET_FORCE_EDNS0) + _resp->options |= (RES_USE_EDNS0|RES_USE_DNSSEC); #endif /* RES_USE_DNSEC */ /* make query */ diff --git a/openbsd-compat/getrrsetbyname.h b/openbsd-compat/getrrsetbyname.h index 1283f55..dbbc85a 100644 --- a/openbsd-compat/getrrsetbyname.h +++ b/openbsd-compat/getrrsetbyname.h @@ -72,6 +72,9 @@ #ifndef RRSET_VALIDATED # define RRSET_VALIDATED 1 #endif +#ifndef RRSET_FORCE_EDNS0 +# define RRSET_FORCE_EDNS0 0x0001 +#endif /* * Return codes for getrrsetbyname() debian/patches/CVE-2019-6109-1.patch0000644000000000000000000001704713424617610013414 0ustar Backport of: From 8976f1c4b2721c26e878151f52bdf346dfe2d54c Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 23 Jan 2019 08:01:46 +0000 Subject: [PATCH] upstream: Sanitize scp filenames via snmprintf. To do this we move the progressmeter formatting outside of signal handler context and have the atomicio callback called for EINTR too. bz#2434 with contributions from djm and jjelen at redhat.com, ok djm@ OpenBSD-Commit-ID: 1af61c1f70e4f3bd8ab140b9f1fa699481db57d8 --- atomicio.c | 20 ++++++++++++++----- progressmeter.c | 53 ++++++++++++++++++++++--------------------------- progressmeter.h | 3 ++- scp.c | 3 ++- sftp-client.c | 18 +++++++++-------- 5 files changed, 53 insertions(+), 44 deletions(-) Index: openssh-6.6p1/atomicio.c =================================================================== --- openssh-6.6p1.orig/atomicio.c 2019-01-31 11:14:44.883222450 -0500 +++ openssh-6.6p1/atomicio.c 2019-01-31 11:14:44.883222450 -0500 @@ -64,9 +64,14 @@ atomicio6(ssize_t (*f) (int, void *, siz res = (f) (fd, s + pos, n - pos); switch (res) { case -1: - if (errno == EINTR) + if (errno == EINTR) { + /* possible SIGALARM, update callback */ + if (cb != NULL && cb(cb_arg, 0) == -1) { + errno = EINTR; + return pos; + } continue; - if (errno == EAGAIN || errno == EWOULDBLOCK) { + } else if (errno == EAGAIN || errno == EWOULDBLOCK) { #ifndef BROKEN_READ_COMPARISON (void)poll(&pfd, 1, -1); #endif @@ -121,9 +126,14 @@ atomiciov6(ssize_t (*f) (int, const stru res = (f) (fd, iov, iovcnt); switch (res) { case -1: - if (errno == EINTR) + if (errno == EINTR) { + /* possible SIGALARM, update callback */ + if (cb != NULL && cb(cb_arg, 0) == -1) { + errno = EINTR; + return pos; + } continue; - if (errno == EAGAIN || errno == EWOULDBLOCK) { + } else if (errno == EAGAIN || errno == EWOULDBLOCK) { #ifndef BROKEN_READV_COMPARISON (void)poll(&pfd, 1, -1); #endif Index: openssh-6.6p1/progressmeter.c =================================================================== --- openssh-6.6p1.orig/progressmeter.c 2019-01-31 11:14:44.883222450 -0500 +++ openssh-6.6p1/progressmeter.c 2019-01-31 11:14:44.883222450 -0500 @@ -31,6 +31,7 @@ #include #include +#include #include #include #include @@ -39,6 +40,7 @@ #include "progressmeter.h" #include "atomicio.h" #include "misc.h" +#include "utf8.h" #define DEFAULT_WINSIZE 80 #define MAX_WINSIZE 512 @@ -61,7 +63,7 @@ static void setscreensize(void); void refresh_progress_meter(void); /* signal handler for updating the progress meter */ -static void update_progress_meter(int); +static void sig_alarm(int); static time_t start; /* start progress */ static time_t last_update; /* last progress update */ @@ -74,6 +76,7 @@ static long stalled; /* how long we hav static int bytes_per_second; /* current speed in bytes per second */ static int win_size; /* terminal window size */ static volatile sig_atomic_t win_resized; /* for window resizing */ +static volatile sig_atomic_t alarm_fired; /* units for format_size */ static const char unit[] = " KMGT"; @@ -127,9 +130,17 @@ refresh_progress_meter(void) off_t bytes_left; int cur_speed; int hours, minutes, seconds; - int i, len; int file_len; + if ((!alarm_fired && !win_resized) || !can_output()) + return; + alarm_fired = 0; + + if (win_resized) { + setscreensize(); + win_resized = 0; + } + transferred = *counter - (cur_pos ? cur_pos : start_pos); cur_pos = *counter; now = monotime(); @@ -159,16 +170,11 @@ refresh_progress_meter(void) /* filename */ buf[0] = '\0'; - file_len = win_size - 35; + file_len = win_size - 36; if (file_len > 0) { - len = snprintf(buf, file_len + 1, "\r%s", file); - if (len < 0) - len = 0; - if (len >= file_len + 1) - len = file_len; - for (i = len; i < file_len; i++) - buf[i] = ' '; - buf[file_len] = '\0'; + buf[0] = '\r'; + snmprintf(buf+1, sizeof(buf)-1 , &file_len, "%*s", + file_len * -1, file); } /* percent of transfer done */ @@ -229,22 +235,11 @@ refresh_progress_meter(void) /*ARGSUSED*/ static void -update_progress_meter(int ignore) +sig_alarm(int ignore) { - int save_errno; - - save_errno = errno; - - if (win_resized) { - setscreensize(); - win_resized = 0; - } - if (can_output()) - refresh_progress_meter(); - - signal(SIGALRM, update_progress_meter); + signal(SIGALRM, sig_alarm); + alarm_fired = 1; alarm(UPDATE_INTERVAL); - errno = save_errno; } void @@ -260,10 +255,9 @@ start_progress_meter(char *f, off_t file bytes_per_second = 0; setscreensize(); - if (can_output()) - refresh_progress_meter(); + refresh_progress_meter(); - signal(SIGALRM, update_progress_meter); + signal(SIGALRM, sig_alarm); signal(SIGWINCH, sig_winch); alarm(UPDATE_INTERVAL); } @@ -287,6 +281,7 @@ stop_progress_meter(void) static void sig_winch(int sig) { + signal(SIGWINCH, sig_winch); win_resized = 1; } Index: openssh-6.6p1/progressmeter.h =================================================================== --- openssh-6.6p1.orig/progressmeter.h 2019-01-31 11:14:44.883222450 -0500 +++ openssh-6.6p1/progressmeter.h 2019-01-31 11:15:00.435233556 -0500 @@ -24,4 +24,5 @@ */ void start_progress_meter(char *, off_t, off_t *); +void refresh_progress_meter(void); void stop_progress_meter(void); Index: openssh-6.6p1/scp.c =================================================================== --- openssh-6.6p1.orig/scp.c 2019-01-31 11:14:44.883222450 -0500 +++ openssh-6.6p1/scp.c 2019-01-31 11:14:44.883222450 -0500 @@ -559,6 +559,7 @@ scpio(void *_cnt, size_t s) off_t *cnt = (off_t *)_cnt; *cnt += s; + refresh_progress_meter(); if (limit_kbps > 0) bandwidth_limit(&bwlimit, s); return 0; Index: openssh-6.6p1/sftp-client.c =================================================================== --- openssh-6.6p1.orig/sftp-client.c 2019-01-31 11:14:44.883222450 -0500 +++ openssh-6.6p1/sftp-client.c 2019-01-31 11:17:00.723357486 -0500 @@ -93,7 +93,9 @@ sftpio(void *_bwlimit, size_t amount) { struct bwlimit *bwlimit = (struct bwlimit *)_bwlimit; - bandwidth_limit(bwlimit, amount); + refresh_progress_meter(); + if (bwlimit != NULL) + bandwidth_limit(bwlimit, amount); return 0; } @@ -113,8 +115,8 @@ send_msg(struct sftp_conn *conn, Buffer iov[1].iov_base = buffer_ptr(m); iov[1].iov_len = buffer_len(m); - if (atomiciov6(writev, conn->fd_out, iov, 2, - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_out) != + if (atomiciov6(writev, conn->fd_out, iov, 2, sftpio, + conn->limit_kbps > 0 ? &conn->bwlimit_out : NULL) != buffer_len(m) + sizeof(mlen)) fatal("Couldn't send packet: %s", strerror(errno)); @@ -127,8 +129,8 @@ get_msg(struct sftp_conn *conn, Buffer * u_int msg_len; buffer_append_space(m, 4); - if (atomicio6(read, conn->fd_in, buffer_ptr(m), 4, - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) != 4) { + if (atomicio6(read, conn->fd_in, buffer_ptr(m), 4, sftpio, + conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != 4) { if (errno == EPIPE) fatal("Connection closed"); else @@ -140,8 +142,8 @@ get_msg(struct sftp_conn *conn, Buffer * fatal("Received message too long %u", msg_len); buffer_append_space(m, msg_len); - if (atomicio6(read, conn->fd_in, buffer_ptr(m), msg_len, - conn->limit_kbps > 0 ? sftpio : NULL, &conn->bwlimit_in) + if (atomicio6(read, conn->fd_in, buffer_ptr(m), msg_len, sftpio, + conn->limit_kbps > 0 ? &conn->bwlimit_in : NULL) != msg_len) { if (errno == EPIPE) fatal("Connection closed"); debian/patches/ssh-agent-setgid.patch0000644000000000000000000000230112330654315015002 0ustar From d53483ab71ac2a9195c8f171da5a5dcf54ec16ec Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:13 +0000 Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) Bug-Debian: http://bugs.debian.org/711623 Forwarded: no Last-Update: 2013-06-08 Patch-Name: ssh-agent-setgid.patch --- ssh-agent.1 | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/ssh-agent.1 b/ssh-agent.1 index 281ecbd..38fd540 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 @@ -183,6 +183,21 @@ environment variable holds the agent's process ID. .Pp The agent exits automatically when the command given on the command line terminates. +.Pp +In Debian, +.Nm +is installed with the set-group-id bit set, to prevent +.Xr ptrace 2 +attacks retrieving private key material. +This has the side-effect of causing the run-time linker to remove certain +environment variables which might have security implications for set-id +programs, including +.Ev LD_PRELOAD , +.Ev LD_LIBRARY_PATH , +and +.Ev TMPDIR . +If you need to set any of these environment variables, you will need to do +so in the program executed by ssh-agent. .Sh FILES .Bl -tag -width Ds .It Pa ~/.ssh/identity debian/patches/CVE-2016-3115.patch0000644000000000000000000000365412712636220013241 0ustar From 9d47b8d3f50c3a6282896df8274147e3b9a38c56 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 10 Mar 2016 05:03:39 +1100 Subject: sanitise characters destined for xauth(1) reported by github.com/tintinweb --- session.c | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) Index: openssh-6.6p1/session.c =================================================================== --- openssh-6.6p1.orig/session.c 2016-05-05 08:29:01.941064864 -0400 +++ openssh-6.6p1/session.c 2016-05-05 08:29:01.937064818 -0400 @@ -46,6 +46,7 @@ #include +#include #include #include #include @@ -290,6 +291,21 @@ do_cleanup(authctxt); } +/* Check untrusted xauth strings for metacharacters */ +static int +xauth_valid_string(const char *s) +{ + size_t i; + + for (i = 0; s[i] != '\0'; i++) { + if (!isalnum((u_char)s[i]) && + s[i] != '.' && s[i] != ':' && s[i] != '/' && + s[i] != '-' && s[i] != '_') + return 0; + } + return 1; +} + /* * Prepares for an interactive session. This is called after the user has * been successfully authenticated. During this message exchange, pseudo @@ -363,7 +379,13 @@ s->screen = 0; } packet_check_eom(); - success = session_setup_x11fwd(s); + if (xauth_valid_string(s->auth_proto) && + xauth_valid_string(s->auth_data)) + success = session_setup_x11fwd(s); + else { + success = 0; + error("Invalid X11 forwarding data"); + } if (!success) { free(s->auth_proto); free(s->auth_data); @@ -2192,7 +2214,13 @@ s->screen = packet_get_int(); packet_check_eom(); - success = session_setup_x11fwd(s); + if (xauth_valid_string(s->auth_proto) && + xauth_valid_string(s->auth_data)) + success = session_setup_x11fwd(s); + else { + success = 0; + error("Invalid X11 forwarding data"); + } if (!success) { free(s->auth_proto); free(s->auth_data); debian/patches/curve25519-sha256-bignum-encoding.patch0000644000000000000000000001215612330654320017444 0ustar From 27c03831c0954238880c5754c2d335368648b95e Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 20 Apr 2014 13:47:45 +1000 Subject: bad bignum encoding for curve25519-sha256@libssh.org Hi, So I screwed up when writing the support for the curve25519 KEX method that doesn't depend on OpenSSL's BIGNUM type - a bug in my code left leading zero bytes where they should have been skipped. The impact of this is that OpenSSH 6.5 and 6.6 will fail during key exchange with a peer that implements curve25519-sha256@libssh.org properly about 0.2% of the time (one in every 512ish connections). We've fixed this for OpenSSH 6.7 by avoiding the curve25519-sha256 key exchange for previous versions, but I'd recommend distributors of OpenSSH apply this patch so the affected code doesn't become too entrenched in LTS releases. The patch fixes the bug and makes OpenSSH identify itself as 6.6.1 so as to distinguish itself from the incorrect versions so the compatibility code to disable the affected KEX isn't activated. I've committed this on the 6.6 branch too. Apologies for the hassle. -d Origin: upstream, https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-April/032494.html Forwarded: not-needed Last-Update: 2014-04-21 Patch-Name: curve25519-sha256-bignum-encoding.patch --- bufaux.c | 5 ++++- compat.c | 17 ++++++++++++++++- compat.h | 2 ++ sshconnect2.c | 2 ++ sshd.c | 3 +++ version.h | 2 +- 6 files changed, 28 insertions(+), 3 deletions(-) diff --git a/bufaux.c b/bufaux.c index e24b5fc..f6a6f2a 100644 --- a/bufaux.c +++ b/bufaux.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bufaux.c,v 1.56 2014/02/02 03:44:31 djm Exp $ */ +/* $OpenBSD: bufaux.c,v 1.57 2014/04/16 23:22:45 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -372,6 +372,9 @@ buffer_put_bignum2_from_string(Buffer *buffer, const u_char *s, u_int l) if (l > 8 * 1024) fatal("%s: length %u too long", __func__, l); + /* Skip leading zero bytes */ + for (; l > 0 && *s == 0; l--, s++) + ; p = buf = xmalloc(l + 1); /* * If most significant bit is set then prepend a zero byte to diff --git a/compat.c b/compat.c index 9d9fabe..2709dc5 100644 --- a/compat.c +++ b/compat.c @@ -95,6 +95,9 @@ compat_datafellows(const char *version) { "Sun_SSH_1.0*", SSH_BUG_NOREKEY|SSH_BUG_EXTEOF}, { "OpenSSH_4*", 0 }, { "OpenSSH_5*", SSH_NEW_OPENSSH|SSH_BUG_DYNAMIC_RPORT}, + { "OpenSSH_6.6.1*", SSH_NEW_OPENSSH}, + { "OpenSSH_6.5*," + "OpenSSH_6.6*", SSH_NEW_OPENSSH|SSH_BUG_CURVE25519PAD}, { "OpenSSH*", SSH_NEW_OPENSSH }, { "*MindTerm*", 0 }, { "2.1.0*", SSH_BUG_SIGBLOB|SSH_BUG_HMAC| @@ -251,7 +254,6 @@ compat_cipher_proposal(char *cipher_prop) return cipher_prop; } - char * compat_pkalg_proposal(char *pkalg_prop) { @@ -265,3 +267,16 @@ compat_pkalg_proposal(char *pkalg_prop) return pkalg_prop; } +char * +compat_kex_proposal(char *kex_prop) +{ + if (!(datafellows & SSH_BUG_CURVE25519PAD)) + return kex_prop; + debug2("%s: original KEX proposal: %s", __func__, kex_prop); + kex_prop = filter_proposal(kex_prop, "curve25519-sha256@libssh.org"); + debug2("%s: compat KEX proposal: %s", __func__, kex_prop); + if (*kex_prop == '\0') + fatal("No supported key exchange algorithms found"); + return kex_prop; +} + diff --git a/compat.h b/compat.h index b174fa1..a6c3f3d 100644 --- a/compat.h +++ b/compat.h @@ -59,6 +59,7 @@ #define SSH_BUG_RFWD_ADDR 0x02000000 #define SSH_NEW_OPENSSH 0x04000000 #define SSH_BUG_DYNAMIC_RPORT 0x08000000 +#define SSH_BUG_CURVE25519PAD 0x10000000 void enable_compat13(void); void enable_compat20(void); @@ -66,6 +67,7 @@ void compat_datafellows(const char *); int proto_spec(const char *); char *compat_cipher_proposal(char *); char *compat_pkalg_proposal(char *); +char *compat_kex_proposal(char *); extern int compat13; extern int compat20; diff --git a/sshconnect2.c b/sshconnect2.c index 66cb035..1a4e551 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -220,6 +220,8 @@ ssh_kex2(char *host, struct sockaddr *hostaddr, u_short port) } if (options.kex_algorithms != NULL) myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; + myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( + myproposal[PROPOSAL_KEX_ALGS]); #ifdef GSSAPI /* If we've got GSSAPI algorithms, then we also support the diff --git a/sshd.c b/sshd.c index 0964491..fe78d7b 100644 --- a/sshd.c +++ b/sshd.c @@ -2534,6 +2534,9 @@ do_ssh2_kex(void) if (options.kex_algorithms != NULL) myproposal[PROPOSAL_KEX_ALGS] = options.kex_algorithms; + myproposal[PROPOSAL_KEX_ALGS] = compat_kex_proposal( + myproposal[PROPOSAL_KEX_ALGS]); + if (options.rekey_limit || options.rekey_interval) packet_set_rekey_limits((u_int32_t)options.rekey_limit, (time_t)options.rekey_interval); diff --git a/version.h b/version.h index a97c337..0659576 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ /* $OpenBSD: version.h,v 1.70 2014/02/27 22:57:40 djm Exp $ */ -#define SSH_VERSION "OpenSSH_6.6" +#define SSH_VERSION "OpenSSH_6.6.1" #define SSH_PORTABLE "p1" #define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE debian/openssh-server.ssh.default0000644000000000000000000000020512330654315014312 0ustar # Default settings for openssh-server. This file is sourced by /bin/sh from # /etc/init.d/ssh. # Options to pass to sshd SSHD_OPTS= debian/openssh-server.lintian-overrides0000644000000000000000000000011712330654315015532 0ustar openssh-server: package-contains-empty-directory usr/share/doc/openssh-client/ debian/clean0000644000000000000000000000001312330654315010167 0ustar config.log debian/ssh-askpass-gnome.desktop0000644000000000000000000000040412330654315014124 0ustar [Desktop Entry] Version=1.0 Encoding=UTF-8 Name=SSH AskPass GenericName=ssh-add Comment=Enter passphrase to authenticate to the ssh agent Exec=/usr/bin/ssh-add TryExec=ssh-add Terminal=false Type=Application Icon=ssh-askpass-gnome Categories=Network;Security; debian/openssh-client.lintian-overrides0000644000000000000000000000011112330654315015474 0ustar openssh-client: setuid-binary usr/lib/openssh/ssh-keysign 4755 root/root debian/upstream/0000755000000000000000000000000012330654315011030 5ustar debian/upstream/signing-key.asc0000644000000000000000000000504012330654315013743 0ustar -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1 mQGdBFKmggUBDICUNqm4cNh7tdEbwaNhbnwqLiHpILeXT6sddGI0Stz5ofB1uvIH m9kXYG5XUUwlc5ywjIZm2JeuKqrd/6wAz5laLagFA6k86EZzzuBE3b5FxSQ4EN4K 5XZEJo61xASEF7z1mQCiqoA6/F407ht7nNoiVE95kOmqJlv4cqbpCw3n8f2VW+mV UH6MYRZVrYAC9NnJWv24rem2fjgFhNT1/bx44G7H9bVJqL7hMEGa+xYQBI3YT/ul Eu9HYmLFVeiZm1gB1eKXW7jS4ctLl5uPrxayA5DX/qNB2yqgVVlIKFwUm8gGPGPO nsNKo0xBseE7E0F/KeGpaT5aS9yFgPm9A652Jx9felYgb0e9Ipt3lxriPQwgF/cx LGuP/WEbN5fpWFnuV0ViklusuVI2e8GHJGU5bQD5AlzvWu4Sv6oBOcDCabScydY7 IxPBk/XBWCF9QDIa2qa32Mc9dYc8EnJszPeVCHX5hG23omDRmdLGLwH7F+CuBvCx AKCymZtJl5DhRmnhdzRg9d+0VG4hLF7O06ANABEBAAG0H0RhbWllbiBNaWxsZXIg PGRqbUBtaW5kcm90Lm9yZz6JAc0EEwECACcCGwMFCQ1H67ECHgECF4AFAlKmjJwE CwkIBwYVCgkICwIFFgIDAQAACgkQ0+X1a22SDTB2TAx9E1ozPJKUGWJPZefqsSr8 KsO6Dp3QuPrw2Zwgo2QfeCT+uzNA5AKCDIAaYEpVbQsvu4sDy8dAW1+HENCxVrMX WG+SH41lcdAdI4io0PGHVQDl42R5jX3e9pfjYCQALVv5BDXddK6054nyxEmudQ3I CFCYXIcqQbA1nfj3Uk06jGhuM99B2/akbxCoFSiUX9uHDZKNYAGpU7/FCF9xCZF4 Kd9Twvyy17jDIg7km3/Q4Jy++VP8FyvE5JjBdLRQSBzSG9GCjv9fyKWW7S0bMY4D 3SKKt/Jm1XchEMgpRr4eBpgCs3rxO1hXjzqm3te97uy6/q8CuJUtupJsPKc9Wh4+ ogUZifC0ta7UrxZp8yZTRvPSUxYrlvDzM32VDLQ3FX6Y2i4VNo48PSJMA+BPUx7D TcZKIXt457zsLD4jF4sRdwOk/QF/GXCkH2GAyKHWCPXIOe+jIXgiuajcqZm9cAWj L3hidSohKfefvKkzsg75mDmjhvAtDncIbmImJNjXIe2PQU4iY9Vq5i0vlaVKgBgK SohGBBARAgAGBQJSpovfAAoJEM6OywOG/5xInf8An0A7MPrfJIz2e643VEV4AX3d O9+IAJ9MOsQiB4LnqtTcc9NBMHf9VLE46LkBnQRSpoIFAQyA1OdwfpwXKch+O00W 1FsQSMcEjahGmo84WTroM/qjTd7Ysld300PMv3wkQn2WdhyTca/EmkW0fVTGSYs7 Z3v5SpPf0prYSjmfu8WlXoz64ApdXqGHjj9KAeq2OuUtWrwobgiQEzU4Hxlz94X/ 65BgG5k7OTyE3J6bgRcMwJCgCkwjK85wbbBkGH+Jo9o/Zw9TPczQcE7BmGYkkLNA Xbw7omKBOL4Z6w9sXToz9UnQ0EB9s4TvAbHGKX9y2PEQjZN+wkzR3DavWB7ql8vH ZIRmspAsDAJvDT1ofsNtu8MB8wJcxvZaoZ7j9wULYpnaNYx9xxEhgbB9o1mBcYsd Dj3xz5jrgtq/cpdgGC6bg+awDc/ylQ1mNglKfY8P9hFIhIANZilnmAlk5GSoWclP /69m+u34KKoHU4Yc3I1pPNcL6Nyi0bh8mHqe9WedKfod7Y4yM1S20fXaS4vrLIlK gxbsDpWiWrk0ltV03uyC7eqDe3nzzGW/2GLTHj5xsA2+HwGtPom5mmzjvV5PFNpS 7a90JQARAQABiQG1BBgBAgAPBQJSpoIFAhsMBQkNR+uxAAoJENPl9Wttkg0wEScM f2QjDWm3XawJxNA8pqqxrFeTEo+GESznVRTUeprrUFd1GHw33qaAvqLixZ+x8cr+ 1Gj/fJd5eiIVJfRLYbXlC8su8JZXngfX0VhuMcUob/FTikfpcoYkRzriUsJEB3/O mjlLjGgnQm5Gz9TV1ityF3bzoHkR8svWEKKKzNoIEPHLU3y7bqSkOrjnY3bZfdVR h618XbjV28NMuoZsV8E4pOuQoy+3s5IjmIf/mkSiFE3VJwdaPem23UsXatFb/eoC /Ahi0iCd/8ioFwi+oHT2Pnt9HrzVF6E8gBVO3vKo6UJgDTr9Qt27Nc6eHL0O5j50 ins9ob/3DoOC3P5A08zhl+w466yGEv5+Es/usUAs/4ng4ksI3DTLK9Ygj70l5oBu MFYd3b5KGVfAIlGc5mwIOIG41YLIzZTrGuOuTymjwCdC9cUZJ6R2Cv/Vx0htZ0hq DdyaDO0Io9OG/W2s2T7160tY9ic4MwBCFemzwFELIBIIHNY/n/wsmxQGkI3Oj86J pOVVgR5lXWR+BrGcBjkSEyg= =T9xO -----END PGP PUBLIC KEY BLOCK----- debian/openssh-server.if-up0000644000000000000000000000136312330654315013120 0ustar #! /bin/sh # Reload the OpenSSH server when an interface comes up, to allow it to start # listening on new addresses. set -e # Don't bother to restart sshd when lo is configured. if [ "$IFACE" = lo ]; then exit 0 fi # Only run from ifup. if [ "$MODE" != start ]; then exit 0 fi # OpenSSH only cares about inet and inet6. Get ye gone, strange people # still using ipx. if [ "$ADDRFAM" != inet ] && [ "$ADDRFAM" != inet6 ]; then exit 0 fi # Is /usr mounted? if [ ! -e /usr/sbin/sshd ]; then exit 0 fi if [ ! -f /var/run/sshd.pid ] || \ [ "$(ps -p "$(cat /var/run/sshd.pid)" -o comm=)" != sshd ]; then exit 0 fi # We'd like to use 'reload' here, but it has some problems; see # #502444. invoke-rc.d ssh restart >/dev/null 2>&1 || true exit 0 debian/copyright.head0000644000000000000000000000441212330654315012024 0ustar This package was debianized by Philip Hands on 31 Oct 1999 (with help from Dan Brosemer ) It was downloaded from here: ftp://ftp.fu-berlin.de/unix/security/openssh/openssh-2.3.0p1.tar.gz worldwide mirrors are listed here: http://www.openssh.com/ftp.html The Debian-specific parts of the package were initially derived from the original ssh package, which has since been renamed as ssh-nonfree. The Debian patch is distributed under the terms of the GPL, which you can find in /usr/share/common-licenses/GPL-2. In addition, as a special exception, Matthew Vernon gives permission to link the code of the Debian patch with any version of the OpenSSH code which is distributed under a license identical to that listed in the included Copyright file, and distribute linked combinations including the two. You must obey the GNU General Public License in all respects for all of the code used other than OpenSSH. If you modify this file, you may extend this exception to your version of the file, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version. The upstream source for this package is a combination of the ssh branch that is being maintained by the OpenBSD team (starting from the last version of SSH that was distributed under a free license), and porting work by Damien Miller to get it working on Linux. Other people also contributed to this, and are credited in /usr/share/doc/ssh/README. This package contains Kerberos version 5 patches from http://www.sxw.org.uk/computing/patches/openssh.html; this is Copyright (c) 2001-2009 Simon Wilkinson and provided under the standard 2-term BSD licence used elsewhere in OpenSSH. Copyright: Code in helper.[ch] is Copyright Internet Business Solutions and is released under a X11-style license (see source file for details). (A)RC4 code in rc4.[ch] is Copyright Damien Miller. It too is under a X11-style license (see source file for details). make-ssh-known-hosts is Copyright Tero Kivinen , and is distributed under the GPL (see source file for details). The copyright for the original SSH version follows. It has been modified with [comments] to reflect the changes that the OpenBSD folks have made: debian/openssh-server.sshd.pam0000644000000000000000000000413312330654315013613 0ustar # PAM configuration for the Secure Shell service # Standard Un*x authentication. @include common-auth # Disallow non-root logins when /etc/nologin exists. account required pam_nologin.so # Uncomment and edit /etc/security/access.conf if you need to set complex # access limits that are hard to express in sshd_config. # account required pam_access.so # Standard Un*x authorization. @include common-account # SELinux needs to be the first session rule. This ensures that any # lingering context has been cleared. Without this it is possible that a # module could execute code in the wrong domain. session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so close # Set the loginuid process attribute. session required pam_loginuid.so # Create a new session keyring. session optional pam_keyinit.so force revoke # Standard Un*x session setup and teardown. @include common-session # Print the message of the day upon successful login. # This includes a dynamically generated part from /run/motd.dynamic # and a static (admin-editable) part from /etc/motd. session optional pam_motd.so motd=/run/motd.dynamic noupdate session optional pam_motd.so # [1] # Print the status of the user's mailbox upon successful login. session optional pam_mail.so standard noenv # [1] # Set up user limits from /etc/security/limits.conf. session required pam_limits.so # Read environment variables from /etc/environment and # /etc/security/pam_env.conf. session required pam_env.so # [1] # In Debian 4.0 (etch), locale-related environment variables were moved to # /etc/default/locale, so read that as well. session required pam_env.so user_readenv=1 envfile=/etc/default/locale # SELinux needs to intervene at login time to ensure that the process starts # in the proper default security context. Only sessions which are intended # to run in the user's context should be run after this. session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux.so open # Standard Un*x password updating. @include common-password debian/openssh-client.docs0000644000000000000000000000010712330654315012773 0ustar ChangeLog.gssapi OVERVIEW README README.dns README.tun debian/faq.html debian/openssh-client.dirs0000644000000000000000000000003712330654315013006 0ustar usr/share/apport/package-hooks debian/openssh-server.ssh.upstart0000644000000000000000000000120112330654315014365 0ustar # ssh - OpenBSD Secure Shell server # # The OpenSSH server provides secure shell access to the system. description "OpenSSH server" start on runlevel [2345] stop on runlevel [!2345] respawn respawn limit 10 5 umask 022 env SSH_SIGSTOP=1 expect stop # 'sshd -D' leaks stderr and confuses things in conjunction with 'console log' console none pre-start script test -x /usr/sbin/sshd || { stop; exit 0; } test -e /etc/ssh/sshd_not_to_be_run && { stop; exit 0; } mkdir -p -m0755 /var/run/sshd end script # if you used to set SSHD_OPTS in /etc/default/ssh, you can change the # 'exec' line here instead exec /usr/sbin/sshd -D debian/openssh-server.dirs0000644000000000000000000000024012330654315013032 0ustar etc/init.d etc/default etc/network/if-up.d etc/ufw/applications.d usr/lib/openssh usr/sbin usr/share/apport/package-hooks usr/share/man/man5 usr/share/man/man8 debian/openssh-client.apport0000644000000000000000000000221512330654315013352 0ustar #!/usr/bin/python '''apport hook for openssh-client (c) 2010 Canonical Ltd. Author: Chuck Short This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. See http://www.gnu.org/copyleft/gpl.html for the full text of the license. ''' from apport.hookutils import * def add_info(report, ui): response = ui.yesno("The contents of your /etc/ssh/ssh_config file " "may help developers diagnose your bug more " "quickly. However, it may contain sensitive " "information. Do you want to include it in your " "bug report?") if response == None: # user cancelled raise StopIteration elif response == True: attach_conffiles(report, 'openssh-client') attach_related_packages(report, ['ssh-askpass', 'libpam-ssh', 'keychain', 'ssh-askpass-gnome']) report['SSHClientVersion'] = command_output(['/usr/bin/ssh', '-V']) debian/openssh-server.install0000644000000000000000000000036712330654315013551 0ustar usr/sbin/sshd usr/share/man/man5/authorized_keys.5 usr/share/man/man5/sshd_config.5 usr/share/man/man8/sshd.8 debian/systemd/ssh.socket lib/systemd/system debian/systemd/ssh@.service lib/systemd/system debian/systemd/sshd.conf usr/lib/tmpfiles.d debian/compat0000644000000000000000000000000212330654315010366 0ustar 7 debian/openssh-client-udeb.dirs0000644000000000000000000000001012330654315013712 0ustar usr/bin debian/ssh-askpass-gnome.copyright0000644000000000000000000000333612330654315014472 0ustar This package contains a Gnome based implementation of ssh-askpass written by Damien Miller. It is split out from the main package to isolate the dependency on the Gnome and X11 libraries. It was packaged for Debian by Philip Hands . Copyright: /* ** ** GNOME ssh passphrase requestor ** ** Damien Miller ** ** Copyright 1999 Internet Business Solutions ** ** Permission is hereby granted, free of charge, to any person ** obtaining a copy of this software and associated documentation ** files (the "Software"), to deal in the Software without ** restriction, including without limitation the rights to use, copy, ** modify, merge, publish, distribute, sublicense, and/or sell copies ** of the Software, and to permit persons to whom the Software is ** furnished to do so, subject to the following conditions: ** ** The above copyright notice and this permission notice shall be ** included in all copies or substantial portions of the Software. ** ** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY ** KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE ** WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE ** AND NONINFRINGEMENT. IN NO EVENT SHALL DAMIEN MILLER OR INTERNET ** BUSINESS SOLUTIONS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER ** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ** ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE ** OR OTHER DEALINGS IN THE SOFTWARE. ** ** Except as contained in this notice, the name of Internet Business ** Solutions shall not be used in advertising or otherwise to promote ** the sale, use or other dealings in this Software without prior ** written authorization from Internet Business Solutions. ** */ debian/ssh.lintian-overrides0000644000000000000000000000010412330654315013340 0ustar ssh: package-contains-empty-directory usr/share/doc/openssh-client/ debian/openssh-sftp-server.install0000644000000000000000000000007512330654315014517 0ustar usr/lib/openssh/sftp-server usr/share/man/man8/sftp-server.8 debian/openssh-server-udeb.install0000644000000000000000000000004112330654315014453 0ustar sshd usr/sbin ssh-keygen usr/bin debian/copyright0000644000000000000000000004366413437222753011146 0ustar This package was debianized by Philip Hands on 31 Oct 1999 (with help from Dan Brosemer ) It was downloaded from here: ftp://ftp.fu-berlin.de/unix/security/openssh/openssh-2.3.0p1.tar.gz worldwide mirrors are listed here: http://www.openssh.com/ftp.html The Debian-specific parts of the package were initially derived from the original ssh package, which has since been renamed as ssh-nonfree. The Debian patch is distributed under the terms of the GPL, which you can find in /usr/share/common-licenses/GPL-2. In addition, as a special exception, Matthew Vernon gives permission to link the code of the Debian patch with any version of the OpenSSH code which is distributed under a license identical to that listed in the included Copyright file, and distribute linked combinations including the two. You must obey the GNU General Public License in all respects for all of the code used other than OpenSSH. If you modify this file, you may extend this exception to your version of the file, but you are not obligated to do so. If you do not wish to do so, delete this exception statement from your version. The upstream source for this package is a combination of the ssh branch that is being maintained by the OpenBSD team (starting from the last version of SSH that was distributed under a free license), and porting work by Damien Miller to get it working on Linux. Other people also contributed to this, and are credited in /usr/share/doc/ssh/README. This package contains Kerberos version 5 patches from http://www.sxw.org.uk/computing/patches/openssh.html; this is Copyright (c) 2001-2009 Simon Wilkinson and provided under the standard 2-term BSD licence used elsewhere in OpenSSH. Copyright: Code in helper.[ch] is Copyright Internet Business Solutions and is released under a X11-style license (see source file for details). (A)RC4 code in rc4.[ch] is Copyright Damien Miller. It too is under a X11-style license (see source file for details). make-ssh-known-hosts is Copyright Tero Kivinen , and is distributed under the GPL (see source file for details). The copyright for the original SSH version follows. It has been modified with [comments] to reflect the changes that the OpenBSD folks have made: This file is part of the OpenSSH software. The licences which components of this software fall under are as follows. First, we will summarize and say that all components are under a BSD licence, or a licence more free than that. OpenSSH contains no GPL code. 1) * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved * * As far as I am concerned, the code I have written for this software * can be used freely for any purpose. Any derived versions of this * software must be clearly marked as such, and if the derived work is * incompatible with the protocol description in the RFC file, it must be * called by a name other than "ssh" or "Secure Shell". [Tatu continues] * However, I am not implying to give any licenses to any patents or * copyrights held by third parties, and the software includes parts that * are not under my direct control. As far as I know, all included * source code is used in accordance with the relevant license agreements * and can be used freely for any purpose (the GNU license being the most * restrictive); see below for details. [However, none of that term is relevant at this point in time. All of these restrictively licenced software components which he talks about have been removed from OpenSSH, i.e., - RSA is no longer included, found in the OpenSSL library - IDEA is no longer included, its use is deprecated - DES is now external, in the OpenSSL library - GMP is no longer used, and instead we call BN code from OpenSSL - Zlib is now external, in a library - The make-ssh-known-hosts script is no longer included - TSS has been removed - MD5 is now external, in the OpenSSL library - RC4 support has been replaced with ARC4 support from OpenSSL - Blowfish is now external, in the OpenSSL library [The licence continues] Note that any information and cryptographic algorithms used in this software are publicly available on the Internet and at any major bookstore, scientific library, and patent office worldwide. More information can be found e.g. at "http://www.cs.hut.fi/crypto". The legal status of this program is some combination of all these permissions and restrictions. Use only at your own responsibility. You will be responsible for any legal consequences yourself; I am not making any claims whether possessing or using this is legal or not in your country, and I am not taking any responsibility on your behalf. NO WARRANTY BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 2) The 32-bit CRC compensation attack detector in deattack.c was contributed by CORE SDI S.A. under a BSD-style license. * Cryptographic attack detector for ssh - source code * * Copyright (c) 1998 CORE SDI S.A., Buenos Aires, Argentina. * * All rights reserved. Redistribution and use in source and binary * forms, with or without modification, are permitted provided that * this copyright notice is retained. * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES ARE DISCLAIMED. IN NO EVENT SHALL CORE SDI S.A. BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY OR * CONSEQUENTIAL DAMAGES RESULTING FROM THE USE OR MISUSE OF THIS * SOFTWARE. * * Ariel Futoransky * 3) ssh-keyscan was contributed by David Mazieres under a BSD-style license. * Copyright 1995, 1996 by David Mazieres . * * Modification and redistribution in source and binary forms is * permitted provided that due credit is given to the author and the * OpenBSD project by leaving this copyright notice intact. 4) The Rijndael implementation by Vincent Rijmen, Antoon Bosselaers and Paulo Barreto is in the public domain and distributed with the following license: * @version 3.0 (December 2000) * * Optimised ANSI C code for the Rijndael cipher (now AES) * * @author Vincent Rijmen * @author Antoon Bosselaers * @author Paulo Barreto * * This code is hereby placed in the public domain. * * THIS SOFTWARE IS PROVIDED BY THE AUTHORS ''AS IS'' AND ANY EXPRESS * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, * EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 5) One component of the ssh source code is under a 3-clause BSD license, held by the University of California, since we pulled these parts from original Berkeley code. * Copyright (c) 1983, 1990, 1992, 1993, 1995 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. 6) Remaining components of the software are provided under a standard 2-term BSD licence with the following names as copyright holders: Markus Friedl Theo de Raadt Niels Provos Dug Song Aaron Campbell Damien Miller Kevin Steves Daniel Kouril Wesley Griffin Per Allansson Nils Nordman Simon Wilkinson Portable OpenSSH additionally includes code from the following copyright holders, also under the 2-term BSD license: Ben Lindstrom Tim Rice Andre Lucas Chris Adams Corinna Vinschen Cray Inc. Denis Parker Gert Doering Jakob Schlyter Jason Downs Juha Yrjölä Michael Stone Networks Associates Technology, Inc. Solar Designer Todd C. Miller Wayne Schroeder William Jones Darren Tucker Sun Microsystems The SCO Group Daniel Walsh Red Hat, Inc Simon Vallet / Genoscope * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 8) Portable OpenSSH contains the following additional licenses: a) md5crypt.c, md5crypt.h * "THE BEER-WARE LICENSE" (Revision 42): * wrote this file. As long as you retain this * notice you can do whatever you want with this stuff. If we meet * some day, and you think this stuff is worth it, you can buy me a * beer in return. Poul-Henning Kamp b) snprintf replacement * Copyright Patrick Powell 1995 * This code is based on code written by Patrick Powell * (papowell@astart.com) It may be used for any purpose as long as this * notice remains intact on all source code distributions c) Compatibility code (openbsd-compat) Apart from the previously mentioned licenses, various pieces of code in the openbsd-compat/ subdirectory are licensed as follows: Some code is licensed under a 3-term BSD license, to the following copyright holders: Todd C. Miller Theo de Raadt Damien Miller Eric P. Allman The Regents of the University of California Constantin S. Svintsoff * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. Some code is licensed under an ISC-style license, to the following copyright holders: Internet Software Consortium. Todd C. Miller Reyk Floeter Chad Mynhier * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies. * * THE SOFTWARE IS PROVIDED "AS IS" AND TODD C. MILLER DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL TODD C. MILLER BE LIABLE * FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. Some code is licensed under a MIT-style license to the following copyright holders: Free Software Foundation, Inc. * Permission is hereby granted, free of charge, to any person obtaining a * * copy of this software and associated documentation files (the * * "Software"), to deal in the Software without restriction, including * * without limitation the rights to use, copy, modify, merge, publish, * * distribute, distribute with modifications, sublicense, and/or sell * * copies of the Software, and to permit persons to whom the Software is * * furnished to do so, subject to the following conditions: * * * * The above copyright notice and this permission notice shall be included * * in all copies or substantial portions of the Software. * * * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS * * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF * * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. * * IN NO EVENT SHALL THE ABOVE COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, * * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR * * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR * * THE USE OR OTHER DEALINGS IN THE SOFTWARE. * * * * Except as contained in this notice, the name(s) of the above copyright * * holders shall not be used in advertising or otherwise to promote the * * sale, use or other dealings in this Software without prior written * * authorization. * ****************************************************************************/ ------ $OpenBSD: LICENCE,v 1.19 2004/08/30 09:18:08 markus Exp $ debian/openssh-client.install0000644000000000000000000000117412330654315013516 0ustar etc/ssh/moduli etc/ssh/ssh_config usr/bin/scp usr/bin/sftp usr/bin/slogin usr/bin/ssh usr/bin/ssh-add usr/bin/ssh-agent usr/bin/ssh-keygen usr/bin/ssh-keyscan usr/lib/openssh/ssh-keysign usr/lib/openssh/ssh-pkcs11-helper usr/share/man/man1/scp.1 usr/share/man/man1/sftp.1 usr/share/man/man1/slogin.1 usr/share/man/man1/ssh-add.1 usr/share/man/man1/ssh-agent.1 usr/share/man/man1/ssh-keygen.1 usr/share/man/man1/ssh-keyscan.1 usr/share/man/man1/ssh.1 usr/share/man/man5/moduli.5 usr/share/man/man5/ssh_config.5 usr/share/man/man8/ssh-keysign.8 usr/share/man/man8/ssh-pkcs11-helper.8 contrib/ssh-copy-id usr/bin debian/ssh-argv0 usr/bin debian/ssh-askpass-gnome.png0000644000000000000000000001544512330654315013252 0ustar PNG  IHDRsn Z4PLTE!!!999BBBJJJRRRZZZccckkksss{{{ZRRJB9J9!cZJ{kJޔ1))!R9ֽ{sJεsތޔƄ֌΄{JB9!1J9B1ZBZR9RJ1ZcތJB){Z1)s!J9kRkkƵscZ9B9έ9ֵ9sZsƜkkνscZR1RJ)91)!RB{ckΥ֭޵{sJ΄{skBքkc9ZR)sckZ1)ZJcRkZs{ƥRJBsc91scJZRRJƄ΄))!!!!))ss{!{1s{9{J{R19)ks{JRJ)1)ckkRZZZccBJJ1BB֌Jks9RZ1JRcZsk֔9JRkc1BJBcsޜ猽Z{Rs!19JZc{)9BRk{JcsskcJscBZk9RckRsJkZ1RkޔJs9BJ!))9ks{!)1BRc)9J!1B!9R)BƔ19B!B9!1ss{4q?YtRNS@fbKGDH pHYs  ~tIME,xIDATx[mly>GA[G]ǭ=֬[û߳dovof\/&[_v? )` $. r CSmBEi9N$PiHZE@nowyem csǯĕq|Sm-oM?qw7ew[ljq.3~"#kˣM]f~W_E/k@Lޝ}::qt#W~z햝OkX=ߋ{jF{vouDZAI  { DZ9%.̷_ץ}ڏ'2\Yw͋ׯ-|n,Z{ ^rp*=W[# ;'.u-n3E^Xaop O|?|Z󛋙 >*^Nczå3<򂀶Cg ,o nev^)r~0H ($~Kpp&lڮpP JY/$9?r}͇\-9ϛojr  ١GKQ|\tش^✿w)ǏpM1OX@G@sJzN6jֽgY Ǿ*žqƍ9"n4A(68nLC=,ȯֽcbcO0s.l@G޴w M" 3uVf$ۿ Lqvx]X;|mrr5CBP'q0lL1 ޫwG.W5hpI<3>ZÈQ<"daؚSk1^ BqUaӞuR߹f[qX1s\zmBd;QX!a)|[9kt>xaق'Tn[gDA}/uğ _*3*ҋ aOME62To`J-{k;Nݶer$u{GEqK^H䝰5KL>*ݘƴt^ "SBI%)◓Ǿv#ia60*V6g)\"tbO+Ǟ Y=F Tar Á7u3fMy MPz` j'Υ>sEA"`O1l[s ) yDfP4 BHä=B]Ǥ ,&l)6îbf2'Yc_C/ S2 z2JP_0k# BRyD mJo.=/4Y8W[X(m%*\0O 5$F&6%>qUqt@ 2!$(̻Cee̺ad"b:d TV) /'7bܳ\٪Sn悸,o=mKC\VҲrp@–1cn(Vs{Z˲zUlyb;dʀ;'fҰ G/EYnͅ[!aXFҨM@A R|@ǭ8erp ercuN鐈ǣrO#^)YFS_$v 7Yc(ʂJJ3FYjS#p k$KTf;u"*X_?vA4\' ޘhE ]'V 3"r =C^CQ>=6ShM8'pWX&B͂*yfaK`Ggzӓ՛mO}MMHepMF/5{1\iXE2 ,H''gD~&Q AO, Tλɪ/ĢwF MWE|?6PƼ`YW2)= H37,/i~n74قJeN]MDhGM%'9 ytqo=#+4*v} d.X揃!iʼn#_x;'嘹m$Ax}lK󷶵^ Pv|H+~2rQ&}Ǚg3wqqǝ3B bfƉZc@9L2RE qg|J)Tӏ> mƊis-E!7ťȣh;U(ym;g&:1sQJT8儳Kdn" H #&j7/qrEnJW@{#g7R*&!s0ʓaî'nvM"附U7$B~ wСvE>1\w;`0 KG/Ib _az1AL9N2a5d5^nb<W\nVdU*@سjHxt]Yd qXO>qaYzpkc81jf4#xlnBԨLA!hlu*2ko%!(m;uCPv9󕇠u<\RIբ ǂ8- =9o3u@/P2\XpkTd/p /] ^}l=!5ʕeE%f\od%rat$^O8-6j?w=sߊ.P[UjDĝo,ó"<}2b`N1F_}uw}۝uq Q8nu੎!.L6x$$Q{(hENv̟*{ʣ` su@;9CW^)E.JuOZIzUpt%k>nq|߿mr|A7VD5` m=hPH:*/CSm6FMȇwTF\[`JdGA#a*'׺G%VH} {JB=6ƛcGI}*GOY ? ka[UHlIF219<ƫ)FT:qy@6rGD0";eB2)[\khG]'.ApPsJQ'ts=οv̝|zF`1z A>R*nBqNM ۶\I3yX``súv]P DX??5 bnySs I2zNV^X4WTGQoD˾H6_P~gzvgA_ݞ\}eG`nۜj,lV-8 flY/ϛ[ 坑ܡVg8hny m_+j9W,z{EqU޴%WDS#Z-F3W~;ٲ|~`n;dp!oqب!aJnb)iy! H˧hz7y'd7yA{~rԎrdza20Jkt漮[ZgZ )@oCsj]ήg* VtX6_/˜3!H8d;Pi+gd6&TF'K=G*049}/z$þ+# ~s`5Nb/Ssq$t lIr)eY=QC ;|cLԗ~)C({B}Ħ! |_\ '5G"( ]¾EAN|煪@N&kr^(`jjn$iq*I\i6U8<=i3h0VN}pH <&df8W팡UP(</8̏\6fں[㱤_[F%>ϵdD[{fF,Ԡrin OŁ4sa[|ԼQ|i_y-wX:VE,.鋼ŇCC a ;&Ce0R\8|Xtv*u SJ=HT m:EhW|Uul\^Cgg.{F_D{G^.02O0ԙZGNTĈ~Hnm'E `|,GetF%](G%*3lra0J泾V.$g%ۃDʤqv ;ej_=v-n!g2*Fyafncg7/o ƫKICll 1)2 lvlDdj';Zϋ TY?bO`2;f⸘uEyw*QSSS2Yls<ڇ 8LĆsپA E*xŲbtp`Y4LAf&ٔGTiK VLUCIM֤-ZL4~/ j){]~,!6~{N$%Dq} ,IB 2`MnHjqtF43|Z3pORk@Z6#RG<جCc@*u[Br_8%z)tiճK YҰXL_}@LJܜO EHW<{^U9QtBw2f`k?;c;+[Izk\[]ՖM=ꛁŁ=pVL{Kɹju=:[T$R{>e9 )@;:m阄9-_\S[A1 zV"r'R۰a0PN}s~GzWAG!jvSٳss=v372Ox [_<^kLs>K":̝S3U T(~*?ןy0omD8)V :]b4LR8ʶk[oI.͆b.I- VA =/^9S(=?bDPx!ITd逸q4C9O)W]S?/ۄO5w=BR WW9sܴ=z|"cjj47Pc݈ H >W~9[z2ՕUU^go>u />Q;1^'R/&'Η=7n !hWҞIV'~%ͽ`V!6p%&Z|`וq8CY*Ir(̚Dgj&7lK'q,YrIN8ަ 彮,Mk۔~6#~'ʮ+\~`wmq12@\8^r This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. See http://www.gnu.org/copyleft/gpl.html for the full text of the license. ''' from apport.hookutils import * def add_info(report, ui): response = ui.yesno("The contents of your /etc/ssh/sshd_config file " "may help developers diagnose your bug more " "quickly. However, it may contain sensitive " "information. Do you want to include it in your " "bug report?") if response == None: # user cancelled raise StopIteration elif response == True: report['SSHDConfig'] = root_command_output(['/usr/sbin/sshd', '-T']) debian/adjust-openssl-dependencies0000755000000000000000000000215012330654315014513 0ustar #! /bin/sh # Attempt to tighten libssl dependencies to match the check in entropy.c. # Must be run after dpkg-shlibdeps. client=debian/openssh-client.substvars server=debian/openssh-server.substvars libssl_version="$(dpkg-query -W libssl-dev 2>/dev/null | cut -f2)" if [ -z "$libssl_version" ]; then echo "Can't find libssl-dev version; leaving dependencies alone." exit 0 fi libssl_version="$(echo "$libssl_version" | sed 's/[a-z-].*//')" libssl_package="$(sed -n 's/.*[= ]\(libssl[0-9][a-z0-9+.-]*\).*/\1/p' "$client")" if [ "$libssl_package" ]; then new_dep="$libssl_package (>= $libssl_version)" sed -i "/^shlibs:Depends=/s/\$/, $new_dep/" "$client" sed -i "/^shlibs:Depends=/s/\$/, $new_dep/" "$server" fi client_udeb=debian/openssh-client-udeb.substvars server_udeb=debian/openssh-server-udeb.substvars libcrypto_package="$(sed -n 's/.*[= ]\(libcrypto[0-9][a-z0-9+.-]*\).*/\1/p' "$client_udeb")" if [ "$libcrypto_package" ]; then new_dep="$libcrypto_package (>= $libssl_version)" sed -i "/^shlibs:Depends=/s/\$/, $new_dep/" "$client_udeb" sed -i "/^shlibs:Depends=/s/\$/, $new_dep/" "$server_udeb" fi exit 0 debian/openssh-server.maintscript0000644000000000000000000000006612330654315014434 0ustar mv_conffile /etc/pam.d/ssh /etc/pam.d/sshd 1:4.7p1-4~ debian/source/0000755000000000000000000000000012330654315010470 5ustar debian/source/include-binaries0000644000000000000000000000003512330654315013626 0ustar debian/ssh-askpass-gnome.png debian/source/format0000644000000000000000000000001412330654315011676 0ustar 3.0 (quilt) debian/openssh-server.ufw.profile0000644000000000000000000000022112330654315014330 0ustar [OpenSSH] title=Secure shell server, an rshd replacement description=OpenSSH is a free implementation of the Secure Shell protocol. ports=22/tcp debian/ssh-askpass-gnome.manpages0000644000000000000000000000003312330654315014244 0ustar debian/gnome-ssh-askpass.1 debian/ssh-krb5.NEWS0000644000000000000000000000127212330654315011326 0ustar ssh-krb5 (1:4.3p2-7) unstable; urgency=low The normal openssh-server and openssh-client packages in Debian now include full GSSAPI support, including key exchange. This package is now only a transitional package that depends on openssh-server and openssh-client and configures openssh-server for GSSAPI authentication if it wasn't already. You can now simply install openssh-server and openssh-client directly and remove this package. Just make sure that /etc/ssh/sshd_config contains: GSSAPIAuthentication yes GSSAPIKeyExchange yes if you want to support GSSAPI authentication to your ssh server. -- Russ Allbery Tue, 03 Oct 2006 22:27:27 -0700 debian/ssh-agent.user-session.upstart0000644000000000000000000000143012330654415015142 0ustar description "SSH Agent" author "Stéphane Graber " start on starting xsession-init pre-start script [ -e /etc/X11/Xsession.options ] || { stop; exit 0; } grep -q "^use-ssh-agent$" /etc/X11/Xsession.options || { stop; exit 0; } [ -z "$SSH_AUTH_SOCK" ] || { stop; exit 0; } eval "$(ssh-agent -s)" >/dev/null initctl set-env --global SSH_AUTH_SOCK=$SSH_AUTH_SOCK initctl set-env --global SSH_AGENT_PID=$SSH_AGENT_PID initctl set-env --global SSH_AGENT_LAUNCHER=upstart end script post-stop script [ "$SSH_AGENT_LAUNCHER" = upstart ] || exit 0 kill $SSH_AGENT_PID 2>/dev/null || true initctl unset-env --global SSH_AUTH_SOCK initctl unset-env --global SSH_AGENT_PID initctl unset-env --global SSH_AGENT_LAUNCHER end script debian/openssh-server.ssh.init0000644000000000000000000000775512330654315013652 0ustar #! /bin/sh ### BEGIN INIT INFO # Provides: sshd # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: # Short-Description: OpenBSD Secure Shell server ### END INIT INFO set -e # /etc/init.d/ssh: start and stop the OpenBSD "secure shell(tm)" daemon test -x /usr/sbin/sshd || exit 0 ( /usr/sbin/sshd -\? 2>&1 | grep -q OpenSSH ) 2>/dev/null || exit 0 umask 022 if test -f /etc/default/ssh; then . /etc/default/ssh fi . /lib/lsb/init-functions if [ -n "$2" ]; then SSHD_OPTS="$SSHD_OPTS $2" fi # Are we running from init? run_by_init() { ([ "$previous" ] && [ "$runlevel" ]) || [ "$runlevel" = S ] } check_for_upstart() { if init_is_upstart; then exit $1 fi } check_for_no_start() { # forget it if we're trying to start, and /etc/ssh/sshd_not_to_be_run exists if [ -e /etc/ssh/sshd_not_to_be_run ]; then if [ "$1" = log_end_msg ]; then log_end_msg 0 || true fi if ! run_by_init; then log_action_msg "OpenBSD Secure Shell server not in use (/etc/ssh/sshd_not_to_be_run)" || true fi exit 0 fi } check_dev_null() { if [ ! -c /dev/null ]; then if [ "$1" = log_end_msg ]; then log_end_msg 1 || true fi if ! run_by_init; then log_action_msg "/dev/null is not a character device!" || true fi exit 1 fi } check_privsep_dir() { # Create the PrivSep empty dir if necessary if [ ! -d /var/run/sshd ]; then mkdir /var/run/sshd chmod 0755 /var/run/sshd fi } check_config() { if [ ! -e /etc/ssh/sshd_not_to_be_run ]; then /usr/sbin/sshd $SSHD_OPTS -t || exit 1 fi } export PATH="${PATH:+$PATH:}/usr/sbin:/sbin" case "$1" in start) check_for_upstart 1 check_privsep_dir check_for_no_start check_dev_null log_daemon_msg "Starting OpenBSD Secure Shell server" "sshd" || true if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then log_end_msg 0 || true else log_end_msg 1 || true fi ;; stop) check_for_upstart 0 log_daemon_msg "Stopping OpenBSD Secure Shell server" "sshd" || true if start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid; then log_end_msg 0 || true else log_end_msg 1 || true fi ;; reload|force-reload) check_for_upstart 1 check_for_no_start check_config log_daemon_msg "Reloading OpenBSD Secure Shell server's configuration" "sshd" || true if start-stop-daemon --stop --signal 1 --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd; then log_end_msg 0 || true else log_end_msg 1 || true fi ;; restart) check_for_upstart 1 check_privsep_dir check_config log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true start-stop-daemon --stop --quiet --oknodo --retry 30 --pidfile /var/run/sshd.pid check_for_no_start log_end_msg check_dev_null log_end_msg if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then log_end_msg 0 || true else log_end_msg 1 || true fi ;; try-restart) check_for_upstart 1 check_privsep_dir check_config log_daemon_msg "Restarting OpenBSD Secure Shell server" "sshd" || true RET=0 start-stop-daemon --stop --quiet --retry 30 --pidfile /var/run/sshd.pid || RET="$?" case $RET in 0) # old daemon stopped check_for_no_start log_end_msg check_dev_null log_end_msg if start-stop-daemon --start --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd -- $SSHD_OPTS; then log_end_msg 0 || true else log_end_msg 1 || true fi ;; 1) # daemon not running log_progress_msg "(not running)" || true log_end_msg 0 || true ;; *) # failed to stop log_progress_msg "(failed to stop)" || true log_end_msg 1 || true ;; esac ;; status) check_for_upstart 1 status_of_proc -p /var/run/sshd.pid /usr/sbin/sshd sshd && exit 0 || exit $? ;; *) log_action_msg "Usage: /etc/init.d/ssh {start|stop|reload|force-reload|restart|try-restart|status}" || true exit 1 esac exit 0 debian/openssh-server.config0000644000000000000000000000113312330654315013340 0ustar #! /bin/sh set -e . /usr/share/debconf/confmodule db_version 2.0 get_config_option() { option="$1" [ -f /etc/ssh/sshd_config ] || return # TODO: actually only one '=' allowed after option perl -ne 'print if s/^[[:space:]]*'"$option"'[[:space:]=]+//i' \ /etc/ssh/sshd_config 2>/dev/null } if dpkg --compare-versions "$2" lt-nl 1:6.6p1-1 && \ [ "$(get_config_option PermitRootLogin)" = yes ]; then if [ "$(getent shadow root | cut -d: -f2)" = "!" ]; then db_set openssh-server/permit-root-login true else db_input high openssh-server/permit-root-login || true db_go fi fi exit 0 debian/NEWS0000644000000000000000000000354112330654315007672 0ustar openssh (1:5.4p1-2) unstable; urgency=low Smartcard support is now available using PKCS#11 tokens. If you were previously using an unofficial build of Debian's OpenSSH package with OpenSC-based smartcard support added, then note that commands like 'ssh-add -s 0' will no longer work; you need to use 'ssh-add -s /usr/lib/opensc-pkcs11.so' instead. -- Colin Watson Sat, 10 Apr 2010 01:08:59 +0100 openssh (1:3.8.1p1-9) experimental; urgency=low The ssh package has been split into openssh-client and openssh-server. If you had previously requested that the sshd server should not be run, then that request will still be honoured. However, the recommended approach is now to remove the openssh-server package if you do not want to run sshd. You can remove the old /etc/ssh/sshd_not_to_be_run marker file after doing that. -- Colin Watson Mon, 2 Aug 2004 20:48:54 +0100 openssh (1:3.5p1-1) unstable; urgency=low This version of OpenSSH disables the environment option for public keys by default, in order to avoid certain attacks (for example, LD_PRELOAD). If you are using this option in an authorized_keys file, beware that the keys in question will no longer work until the option is removed. To re-enable this option, set "PermitUserEnvironment yes" in /etc/ssh/sshd_config after the upgrade is complete, taking note of the warning in the sshd_config(5) manual page. -- Colin Watson Sat, 26 Oct 2002 19:41:51 +0100 openssh (1:3.0.1p1-1) unstable; urgency=high As of version 3, OpenSSH no longer uses separate files for ssh1 and ssh2 keys. This means the authorized_keys2 and known_hosts2 files are no longer needed. They will still be read in order to maintain backward compatibility. -- Matthew Vernon Thu, 28 Nov 2001 17:43:01 +0000 debian/openssh-server.ssh.service0000777000000000000000000000000012330654315020175 2systemd/ssh.serviceustar debian/openssh-client.prerm0000644000000000000000000000177412330654315013203 0ustar #! /bin/sh # prerm script for ssh # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `remove' # * `upgrade' # * `failed-upgrade' # * `remove' `in-favour' # * `deconfigure' `in-favour' # `removing' # # for details, see /usr/share/doc/packaging-manual/ case "$1" in remove|deconfigure) update-alternatives --quiet --remove rsh /usr/bin/ssh update-alternatives --quiet --remove rlogin /usr/bin/slogin update-alternatives --quiet --remove rcp /usr/bin/scp ;; upgrade) ;; failed-upgrade) ;; *) echo "prerm called with unknown argument \`$1'" >&2 exit 0 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/openssh-client.postinst0000644000000000000000000000216612330654315013735 0ustar #!/bin/sh set -e action="$1" oldversion="$2" umask 022 create_alternatives() { # Create alternatives for the various r* tools. # Make sure we don't change existing alternatives that a user might have # changed, but clean up after some old alternatives that mistakenly pointed # rlogin and rcp to ssh. update-alternatives --quiet --remove rlogin /usr/bin/ssh update-alternatives --quiet --remove rcp /usr/bin/ssh for cmd in rsh rlogin rcp; do scmd="s${cmd#r}" if ! update-alternatives --display "$cmd" 2>/dev/null | \ grep -q "$scmd"; then update-alternatives --quiet --install "/usr/bin/$cmd" "$cmd" "/usr/bin/$scmd" 20 \ --slave "/usr/share/man/man1/$cmd.1.gz" "$cmd.1.gz" "/usr/share/man/man1/$scmd.1.gz" fi done } set_ssh_agent_permissions() { if ! getent group ssh >/dev/null; then addgroup --system --quiet ssh fi if ! [ -x /usr/sbin/dpkg-statoverride ] || \ ! dpkg-statoverride --list /usr/bin/ssh-agent >/dev/null ; then chgrp ssh /usr/bin/ssh-agent chmod 2755 /usr/bin/ssh-agent fi } if [ "$action" = configure ]; then create_alternatives set_ssh_agent_permissions fi #DEBHELPER# exit 0 debian/openssh-server.links0000644000000000000000000000000012330654315013203 0ustar debian/openssh-server.templates0000644000000000000000000000144712330654315014101 0ustar Template: openssh-server/permit-root-login Type: boolean Default: false _Description: Disable SSH password authentication for root? Previous versions of openssh-server permitted logging in as root over SSH using password authentication. The default for new installations is now "PermitRootLogin without-password", which disables password authentication for root without breaking systems that have explicitly configured SSH public key authentication for root. . This change makes systems more secure against brute-force password dictionary attacks on the root user (a very common target for such attacks). However, it may break systems that are set up with the expectation of being able to SSH as root using password authentication. You should only make this change if you do not need to do that. debian/openssh-client-udeb.install0000644000000000000000000000004512330654315014427 0ustar scp usr/bin sftp usr/bin ssh usr/bin debian/openssh-server.postinst0000644000000000000000000002112512330654315013761 0ustar #!/bin/sh set -e . /usr/share/debconf/confmodule db_version 2.0 action="$1" oldversion="$2" umask 022 get_config_option() { option="$1" [ -f /etc/ssh/sshd_config ] || return # TODO: actually only one '=' allowed after option perl -lne 's/\s+/ /g; print if s/^\s*'"$option"'[[:space:]=]+//i' \ /etc/ssh/sshd_config } set_config_option() { option="$1" value="$2" perl -le ' $option = $ARGV[0]; $value = $ARGV[1]; $done = 0; while () { chomp; (my $match = $_) =~ s/\s+/ /g; if ($match =~ s/^\s*\Q$option\E\s+.*/$option $value/) { $_ = $match; $done = 1; } print; } print "$option $value" unless $done;' \ "$option" "$value" \ < /etc/ssh/sshd_config > /etc/ssh/sshd_config.dpkg-new chown --reference /etc/ssh/sshd_config /etc/ssh/sshd_config.dpkg-new chmod --reference /etc/ssh/sshd_config /etc/ssh/sshd_config.dpkg-new mv /etc/ssh/sshd_config.dpkg-new /etc/ssh/sshd_config } rename_config_option() { oldoption="$1" newoption="$2" value="$(get_config_option "$oldoption")" [ "$value" ] || return 0 perl -le ' $oldoption = $ARGV[0]; $newoption = $ARGV[1]; while () { chomp; (my $match = $_) =~ s/\s+/ /g; # TODO: actually only one "=" allowed after option if ($match =~ s/^(\s*)\Q$oldoption\E([[:space:]=]+)/$1$newoption$2/i) { $_ = $match; } print; }' \ "$oldoption" "$newoption" \ < /etc/ssh/sshd_config > /etc/ssh/sshd_config.dpkg-new chown --reference /etc/ssh/sshd_config /etc/ssh/sshd_config.dpkg-new chmod --reference /etc/ssh/sshd_config /etc/ssh/sshd_config.dpkg-new mv /etc/ssh/sshd_config.dpkg-new /etc/ssh/sshd_config } host_keys_required() { hostkeys="$(get_config_option HostKey)" if [ "$hostkeys" ]; then echo "$hostkeys" else # No HostKey directives at all, so the server picks some # defaults depending on the setting of Protocol. protocol="$(get_config_option Protocol)" [ "$protocol" ] || protocol=1,2 if echo "$protocol" | grep 1 >/dev/null; then echo /etc/ssh/ssh_host_key fi if echo "$protocol" | grep 2 >/dev/null; then echo /etc/ssh/ssh_host_rsa_key echo /etc/ssh/ssh_host_dsa_key echo /etc/ssh/ssh_host_ecdsa_key echo /etc/ssh/ssh_host_ed25519_key fi fi } create_key() { msg="$1" shift hostkeys="$1" shift file="$1" shift if echo "$hostkeys" | grep -x "$file" >/dev/null && \ [ ! -f "$file" ] ; then echo -n $msg ssh-keygen -q -f "$file" -N '' "$@" echo if which restorecon >/dev/null 2>&1; then restorecon "$file" "$file.pub" fi fi } create_keys() { hostkeys="$(host_keys_required)" create_key "Creating SSH1 key; this may take some time ..." \ "$hostkeys" /etc/ssh/ssh_host_key -t rsa1 create_key "Creating SSH2 RSA key; this may take some time ..." \ "$hostkeys" /etc/ssh/ssh_host_rsa_key -t rsa create_key "Creating SSH2 DSA key; this may take some time ..." \ "$hostkeys" /etc/ssh/ssh_host_dsa_key -t dsa create_key "Creating SSH2 ECDSA key; this may take some time ..." \ "$hostkeys" /etc/ssh/ssh_host_ecdsa_key -t ecdsa create_key "Creating SSH2 ED25519 key; this may take some time ..." \ "$hostkeys" /etc/ssh/ssh_host_ed25519_key -t ed25519 } fix_loglevel_silent() { if [ "$(get_config_option LogLevel)" = SILENT ]; then set_config_option LogLevel QUIET fi } update_server_key_bits() { if [ "$(get_config_option ServerKeyBits)" = 768 ]; then set_config_option ServerKeyBits 1024 fi } create_sshdconfig() { if [ -e /etc/ssh/sshd_config ] ; then # Upgrade an existing sshd configuration. # This option was renamed in 3.8p1, but we never took care # of adjusting the configuration file until now. if dpkg --compare-versions "$oldversion" lt 1:4.7p1-8; then rename_config_option KeepAlive TCPKeepAlive fi # 'LogLevel SILENT' is now equivalent to QUIET. if dpkg --compare-versions "$oldversion" lt 1:5.4p1-1; then fix_loglevel_silent fi # Changed upstream in 5.1p1, but we forgot to update the # package-generated configuration file until now. if dpkg --compare-versions "$oldversion" lt 1:6.4p1-2; then update_server_key_bits fi return 0 fi cat < /etc/ssh/sshd_config # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 1024 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin without-password StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes EOF } fix_statoverride() { # Remove an erronous override for sshd (we should have overridden ssh) if [ -x /usr/sbin/dpkg-statoverride ]; then if dpkg-statoverride --list /usr/sbin/sshd >/dev/null ; then dpkg-statoverride --remove /usr/sbin/sshd fi fi } setup_sshd_user() { if ! getent passwd sshd >/dev/null; then adduser --quiet --system --no-create-home --home /var/run/sshd --shell /usr/sbin/nologin sshd fi } if [ "$action" = configure ]; then create_sshdconfig create_keys fix_statoverride setup_sshd_user # Renamed to /etc/ssh/moduli in 2.9.9 (!) if dpkg --compare-versions "$2" lt 1:4.7p1-1; then rm -f /etc/ssh/primes fi if dpkg --compare-versions "$2" lt 1:5.5p1-6; then rm -f /var/run/sshd/.placeholder fi if dpkg --compare-versions "$2" lt 1:6.2p2-3 && \ which initctl >/dev/null && initctl version | grep -q upstart && \ ! status ssh 2>/dev/null | grep -q ' start/'; then # We must stop the sysvinit-controlled sshd before we can # restart it under Upstart. start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid || true fi if dpkg --compare-versions "$2" lt 1:6.5p1-2 && \ deb-systemd-helper debian-installed ssh.socket && \ deb-systemd-helper --quiet was-enabled ssh.service && \ deb-systemd-helper --quiet was-enabled ssh.socket; then # 1:6.5p1-1 mistakenly left both ssh.service and ssh.socket # enabled. deb-systemd-helper disable ssh.socket >/dev/null || true fi if dpkg --compare-versions "$2" lt 1:6.5p1-3 && \ [ -d /run/systemd/system ]; then # We must stop the sysvinit-controlled sshd before we can # restart it under systemd. start-stop-daemon --stop --quiet --oknodo --pidfile /var/run/sshd.pid --exec /usr/sbin/sshd || true fi if dpkg --compare-versions "$2" lt-nl 1:6.6p1-1 && \ [ "$(get_config_option PermitRootLogin)" = yes ] && db_get openssh-server/permit-root-login && [ "$RET" = true ]; then set_config_option PermitRootLogin without-password fi fi #DEBHELPER# db_stop exit 0 debian/ssh-askpass-gnome.dirs0000644000000000000000000000006512330654315013417 0ustar usr/lib/openssh usr/share/man/man1 usr/share/pixmaps debian/openssh-sftp-server.links0000644000000000000000000000006012330654315014163 0ustar usr/lib/openssh/sftp-server usr/lib/sftp-server debian/ssh-krb5.postinst0000644000000000000000000000370012330654315012433 0ustar #!/bin/sh set -e action="$1" oldversion="$2" if [ "$action" = configure ] ; then # Make sure that GSSAPI is enabled. If there is no uncommented GSSAPI # configuration, uncomment any commented-out configuration if present # (this will catch the case of a fresh install of openssh-server). # Otherwise, add configuration turning on GSSAPIAuthentication and # GSSAPIKeyExchange. # # If there is some configuration, we may be upgrading from ssh-krb5. It # enabled GSSAPIKeyExchange without any configuration option. Therefore, # if it isn't explicitly set, always enable it for compatible behavior # with ssh-krb5. if dpkg --compare-versions "$oldversion" ge 1:4.3p2-9; then : else changed= if grep -qi '^[ ]*GSSAPI' /etc/ssh/sshd_config ; then if grep -qi '^[ ]*GSSAPIKeyExchange' /etc/ssh/sshd_config ; then : else changed=true cat >> /etc/ssh/sshd_config < /etc/ssh/sshd_config.dpkg-new chown --reference /etc/ssh/sshd_config \ /etc/ssh/sshd_config.dpkg-new chmod --reference /etc/ssh/sshd_config \ /etc/ssh/sshd_config.dpkg-new mv /etc/ssh/sshd_config.dpkg-new /etc/ssh/sshd_config else cat >> /etc/ssh/sshd_config < `configure' # * `abort-upgrade' # * `abort-remove' `in-favour' # # * `abort-deconfigure' `in-favour' # `removing' # # for details, see /usr/share/doc/packaging-manual/ # # quoting from the policy: # Any necessary prompting should almost always be confined to the # post-installation script, and should be protected with a conditional # so that unnecessary prompting doesn't happen if a package's # installation fails and the `postinst' is called with `abort-upgrade', # `abort-remove' or `abort-deconfigure'. case "$1" in configure) update-alternatives --quiet \ --install /usr/bin/ssh-askpass ssh-askpass \ /usr/lib/openssh/gnome-ssh-askpass 30 \ --slave /usr/share/man/man1/ssh-askpass.1.gz \ ssh-askpass.1.gz /usr/share/man/man1/gnome-ssh-askpass.1.gz ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 0 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 debian/faq.html0000644000000000000000000013166212330654315010636 0ustar OpenSSH FAQ [OpenSSH]

OpenSSH FAQ (Frequently asked questions)

1.0 - What Is OpenSSH and Where Can I Get It?

2.0 - General Questions

3.0 - Portable OpenSSH Questions

1.0 - What Is OpenSSH and Where Can I Get It?

1.1 - What is OpenSSH and where can I download it?

OpenSSH provides end-to-end encrypted replacement of applications such as telnet, rlogin, and ftp. Unlike these legacy applications, OpenSSH never passes anything (including username and password) over the wire in unencrypted form, and provides host authentication, to verify that you really are talking to the system that you think you are and that no one else can take over that session.

The OpenSSH suite includes the ssh(1) program which replaces rlogin and telnet, and scp(1) which replaces rcp(1) and ftp(1). OpenSSH has also added sftp(1) and sftp-server(8) which implement an easier solution for file-transfer. This is based upon the secsh-filexfer IETF draft.

OpenSSH consists of a number of programs.

  • sshd(8) - Server program run on the server machine. This listens for connections from client machines, and whenever it receives a connection, it performs authentication and starts serving the client. Its behaviour is controlled by the config file sshd_config(5).
  • ssh(1) - This is the client program used to log into another machine or to execute commands on the other machine. slogin is another name for this program. Its behaviour is controlled by the global config file ssh_config(5) and individual users' $HOME/.ssh/config files.
  • scp(1) - Securely copies files from one machine to another.
  • ssh-keygen(1) - Used to create Pubkey Authentication (RSA or DSA) keys (host keys and user authentication keys).
  • ssh-agent(1) - Authentication agent. This can be used to hold RSA keys for authentication.
  • ssh-add(1) - Used to register new keys with the agent.
  • sftp-server(8) - SFTP server subsystem.
  • sftp(1) - Secure file transfer program.
  • ssh-keyscan(1) - gather ssh public keys.
  • ssh-keysign(8) - ssh helper program for hostbased authentication.

Downloading

The most recent version of OpenSSH is included with the current distribution of OpenBSD, and installed as part of a basic install.

Today, most other operating systems include some version of OpenSSH (often re-badged or privately labeled), so most users can immediately use it. However, sometimes the included versions are quite old, and missing features of the current release of OpenSSH, and you may wish to install the current version, or install it on one of the few OSs that lacked it, and where the OS publisher does not make a modern version available. You may also wish to use OpenSSH on your embedded application.

Non-OpenBSD users will want to download, compile and install the multi-platform Portable distribution from a mirror near you.

1.2 - Why should it be used?

OpenSSH is a suite of tools to help secure your network connections. Here is a list of features:

  • Strong authentication. Closes several security holes (e.g., IP, routing, and DNS spoofing).
  • Improved privacy. All communications are automatically and transparently encrypted.
  • Secure X11 sessions. The program automatically sets DISPLAY on the server machine, and forwards any X11 connections over the secure channel.
  • Arbitrary TCP/IP ports can be redirected through the encrypted channel in both directions (e.g., for e-cash transactions).
  • No retraining needed for normal users.
  • Never trusts the network. Minimal trust on the remote side of the connection. Minimal trust on domain name servers. Pure RSA authentication never trusts anything but the private key.
  • Client RSA-authenticates the server machine in the beginning of every connection to prevent trojan horses (by routing or DNS spoofing) and man-in-the-middle attacks, and the server RSA-authenticates the client machine before accepting .rhosts or /etc/hosts.equiv authentication (to prevent DNS, routing, or IP-spoofing).
  • Host authentication key distribution can be centrally by the administration, automatically when the first connection is made to a machine.
  • Any user can create any number of user authentication RSA keys for his/her own use.
  • The server program has its own server RSA key which is automatically regenerated every hour.
  • An authentication agent, running in the user's laptop or local workstation, can be used to hold the user's RSA authentication keys.
  • The software can be installed and used (with restricted functionality) even without root privileges.
  • The client is customizable in system-wide and per-user configuration files.
  • Optional compression of all data with gzip (including forwarded X11 and TCP/IP port data), which may result in significant speedups on slow connections.
  • Complete replacement for rlogin, rsh, and rcp.

Currently, almost all communications in computer networks are done without encryption. As a consequence, anyone who has access to any machine connected to the network can listen in on any communication. This is being done by hackers, curious administrators, employers, criminals, industrial spies, and governments. Some networks leak off enough electromagnetic radiation that data may be captured even from a distance.

When you log in, your password goes in the network in plain text. Thus, any listener can then use your account to do any evil he likes. Many incidents have been encountered worldwide where crackers have started programs on workstations without the owner's knowledge just to listen to the network and collect passwords. Programs for doing this are available on the Internet, or can be built by a competent programmer in a few hours.

Businesses have trade secrets, patent applications in preparation, pricing information, subcontractor information, client data, personnel data, financial information, etc. Currently, anyone with access to the network (any machine on the network) can listen to anything that goes in the network, without any regard to normal access restrictions.

Many companies are not aware that information can so easily be recovered from the network. They trust that their data is safe since nobody is supposed to know that there is sensitive information in the network, or because so much other data is transferred in the network. This is not a safe policy.

1.3 - What operating systems are supported?

Even though OpenSSH is developed on OpenBSD a wide variety of ports to other operating systems exist. The portable version of OpenSSH is headed by Damien Miller. For a quick overview of the portable version of OpenSSH see OpenSSH Portable Release. Currently, the supported operating systems are:

  • OpenBSD
  • NetBSD
  • FreeBSD
  • AIX
  • HP-UX
  • IRIX
  • Linux
  • NeXT
  • SCO
  • SNI/Reliant Unix
  • Solaris
  • Digital Unix/Tru64/OSF
  • Mac OS X
  • Cygwin

A list of vendors that include OpenSSH in their distributions is located in the OpenSSH Users page.

1.4 - What about copyrights, usage and patents?

The OpenSSH developers have tried very hard to keep OpenSSH free of any patent or copyright problems. To do this, some options had to be stripped from OpenSSH. Namely support for patented algorithms.

OpenSSH does not support any patented transport algorithms. In SSH1 mode, only 3DES and Blowfish are available options. In SSH2 mode, only 3DES, Blowfish, CAST128, Arcfour and AES can be selected. The patented IDEA algorithm is not supported.

OpenSSH provides support for both SSH1 and SSH2 protocols.

Since the RSA patent has expired, there are no restrictions on the use of RSA algorithm using software, including OpenBSD.

1.5 - Where should I ask for help?

There are many places to turn to for help. In addition to the main OpenSSH website, there are many mailing lists to try. Before trying any mailing lists, please search through all mailing list archives to see if your question has already been answered. The OpenSSH Mailing List has been archived and put in searchable form and can be found at marc.info.

For more information on subscribing to OpenSSH related mailing lists, please see OpenSSH Mailing lists.

1.6 - I have found a bug. Where do I report it?

Information about submitting bug reports can be found at the OpenSSH Reporting bugs page.

If you wish to report a security bug, please contact the private developers list <openssh@openssh.com>.

2.0 - General Questions

2.1 - Why does ssh/scp make connections from low-numbered ports.

The OpenSSH client uses low numbered ports for rhosts and rhosts-rsa authentication because the server needs to trust the username provided by the client. To get around this, you can add the below example to your ssh_config or ~/.ssh/config file.

UsePrivilegedPort no

Or you can specify this option on the command line, using the -o option to ssh(1) command.

$ ssh -o "UsePrivilegedPort no" host.com

2.2 - Why is the ssh client setuid root?

In conjunction with the previous question, (2.1) OpenSSH needs root authority to be able to bind to low-numbered ports to facilitate rhosts authentication. A privileged port is also required for rhosts-rsa authentication to older SSH releases.

Additionally, for both rhosts-rsa authentication (in protocol version 1) and hostbased authentication (in protocol version 2) the ssh client needs to access the private host key in order to authenticate the client machine to the server. OpenSSH versions prior to 3.3 required the ssh binary to be setuid root to enable this, and you may safely remove it if you don't want to use these authentication methods.

Starting in OpenSSH 3.3, ssh is not setuid by default. ssh-keysign, is used for access to the private hosts keys, and ssh does not use privileged source ports by default. If you wish to use a privileged source port, you must manually set the setuid bit on ssh.

2.3 - Why does SSH 2.3 have problems interoperating with OpenSSH 2.1.1?

SSH 2.3 and earlier versions contain a flaw in their HMAC implementation. Their code was not supplying the full data block output from the digest, and instead always provided 128 bits. For longer digests, this caused SSH 2.3 to not interoperate with OpenSSH.

OpenSSH 2.2.0 detects that SSH 2.3 has this flaw. Recent versions of SSH will have this bug fixed. Or you can add the following to SSH 2.3 sshd2_config.

Mac hmac-md5

2.4 - Why does OpenSSH print: Dispatch protocol error: type 20

Problems in interoperation have been seen because older versions of OpenSSH did not support session rekeying. However the commercial SSH 2.3 tries to negotiate this feature, and you might experience connection freezes or see the error message "Dispatch protocol error: type 20 ". To solve this problem, either upgrade to a recent OpenSSH release or disable rekeying by adding the following to your commercial SSH 2.3's ssh2_config or sshd2_config.

RekeyIntervalSeconds 0

2.5 - Old versions of commercial SSH encrypt host keys with IDEA.

The old versions of SSH used a patented algorithm to encrypt their /etc/ssh/ssh_host_key. This problem will manifest as sshd(8) not being able to read its host key. To solve this, use the command below to convert your ssh_host_key to use 3DES. NOTE: Use the ssh-keygen(1) program from the Commercial SSH product, *NOT* OpenSSH for the example below.

# ssh-keygen -u -f /etc/ssh/ssh_host_key

2.6 - What are these warning messages about key lengths

Commercial SSH's ssh-keygen(1) program contained a bug which caused it to occasionally generate Pubkey Authentication (RSA or DSA) keys which had their Most Significant Bit (MSB) unset. Such keys were advertised as being full-length, but are actually, half the time, smaller than advertised.

OpenSSH will print warning messages when it encounters such keys. To rid yourself of these message, edit your known_hosts files and replace the incorrect key length (usually "1024") with the correct key length (usually "1023").

2.7 - X11 and/or agent forwarding does not work.

Check your ssh_config and sshd_config. The default configuration files disable authentication agent and X11 forwarding. To enable it, put the line below in sshd_config:

X11Forwarding yes

and put the following lines in ssh_config:

ForwardAgent yes
ForwardX11 yes

X11 forwarding requires a working xauth(1) binary. On OpenBSD this is in the xbase file set but will probably be different on other platforms. For OpenSSH Portable, xauth must be either found at configure time or specified via XAuthLocation in sshd_config(5) and ssh_config(5).

Note on agent interoperability: There are two different and incompatible agent forwarding mechanisms within the SSH2 protocol. OpenSSH has always used an extension of the original SSH1 agent requests, however some commercial products use a different, non-free agent forwarding protocol. This means that agent forwarding cannot be used between OpenSSH and those products.

NOTE: For users of Linux Mandrake 7.2, Mandrake modifies the XAUTHORITY environment variable in /etc/skel/.bashrc, and thus any bash user's home directory. This variable is set by OpenSSH and for either of the above options to work, you need to comment out the line:

# export XAUTHORITY=$HOME/.Xauthority

2.8 - After upgrading OpenSSH I lost SSH2 support.

Between versions changes can be made to sshd_config or ssh_config. You should always check on these changes when upgrading versions of OpenSSH. After OpenSSH Version 2.3.0 you need to add the following to your sshd_config:

HostKey /etc/ssh_host_dsa_key
HostKey /etc/ssh_host_rsa_key

2.9 - sftp/scp fails at connection, but ssh is OK.

sftp and/or scp may fail at connection time if you have shell initialization (.profile, .bashrc, .cshrc, etc) which produces output for non-interactive sessions. This output confuses the sftp/scp client. You can verify if your shell is doing this by executing:

ssh yourhost /usr/bin/true

If the above command produces any output, then you need to modify your shell initialization.

2.10 - Will you add [foo] to scp?

Short Answer: no.

Long Answer: scp is not standardized. The closest thing it has to a specification is "what rcp does". Since the same command is used on both ends of the connection, adding features or options risks breaking interoperability with other implementations.

New features are more likely in sftp, since the protocol is standardized (well, a draft standard), extensible, and the client and server are decoupled.

2.11 - How do I use port forwarding?

If the remote server is running sshd(8), it may be possible to ``tunnel'' certain services via ssh. This may be desirable, for example, to encrypt POP or SMTP connections, even though the software does not directly support encrypted communications. Tunnelling uses port forwarding to create a connection between the client and server. The client software must be able to specify a non-standard port to connect to for this to work.

The idea is that the user connects to the remote host using ssh, and specifies which port on the client's machine should be used to forward connections to the remote server. After that it is possible to start the service which is to be encrypted (e.g. fetchmail, irc) on the client machine, specifying the same local port passed to ssh, and the connection will be tunnelled through ssh. By default, the system running the forward will only accept connections from itself.

The options most relevant to tunnelling are the -L and -R options, which allow the user to forward connections, the -D option, which permits dynamic port forwarding, the -g option, which permits other hosts to use port forwards, and the -f option, which instructs ssh to put itself in the background after authentication. See the ssh(1) man page for further details.

This is an example of tunnelling an IRC session from client machine ``127.0.0.1'' (localhost) to remote server ``server.example.com'':

ssh -f -L 1234:server.example.com:6667 server.example.com sleep 10
irc -c '#users' -p 1234 pinky 127.0.0.1

This tunnels a connection to IRC server server.example.com, joining channel ``#users'', using the nickname ``pinky''. The local port used in this example is 1234. It does not matter which port is used, as long as it's greater than 1023 (remember, only root can open sockets on privileged ports) and doesn't conflict with any ports already in use. The connection is forwarded to port 6667 on the remote server, since that's the standard port for IRC services.

The remote command ``sleep 10'' was specified to allow an amount of time (10 seconds, in the example) to start the service which is to be tunnelled. If no connections are made within the time specified, ssh will exit. If more time is required, the sleep(1) value can be increased appropriately or, alternatively, the example above could be added as a function to the user's shell. See ksh(1) and csh(1) for more details about user-defined functions.

ssh also has an -N option, convenient for use with port forwarding: if -N is specified, it is not necessary to specify a remote command (``sleep 10'' in the example above). However, use of this option causes ssh to wait around for ever (as opposed to exiting after a remote command has completed), and the user must take care to manually kill(1) the process afterwards.

2.12 - My ssh connection freezes or drops out after N minutes of inactivity.

This is usually the result of a packet filter or NAT device timing out your TCP connection due to inactivity. You can enable ClientAliveInterval in the server's sshd_config, or enable ServerAliveInterval in the client's ssh_config (the latter is available in OpenSSH 3.8 and newer).

Enabling either option and setting the interval for less than the time it takes to time out your session will ensure that the connection is kept "fresh" in the device's connection table.

2.13 - How do I use scp to copy a file with a colon in it?

scp will interpret the component before the colon to be a remote server name and attempt to connect to it. To prevent this, refer to the file by a relative or absolute path, eg:
$ scp ./source:file sshserver:

2.14 - Why does OpenSSH report its version to clients?

OpenSSH, like most SSH implementations, reports its name and version to clients when they connect, e.g.

SSH-2.0-OpenSSH_3.9

This information is used by clients and servers to enable protocol compatibility tweaks to work around changed, buggy or missing features in the implementation they are talking to. This protocol feature checking is still required at present because versions with incompatibilities are still in wide use.

3.0 - Portable OpenSSH Questions

3.1 - Spurious PAM authentication messages in logfiles.

The portable version of OpenSSH will generate spurious authentication failures at every login, similar to:

"authentication failure; (uid=0) -> root for sshd service"

These are generated because OpenSSH first tries to determine whether a user needs authentication to login (e.g. empty password). Unfortunately PAM likes to log all authentication events, this one included.

If it annoys you too much, set "PermitEmptyPasswords no" in sshd_config. This will quiet the error message at the expense of disabling logins to accounts with no password set. This is the default if you use the supplied sshd_config file.

3.2 - Empty passwords not allowed with PAM authentication.

To enable empty passwords with a version of OpenSSH built with PAM you must add the flag nullok to the end of the password checking module in the /etc/pam.d/sshd file. For example:

auth required/lib/security/pam_unix.so shadow nodelay nullok

This must be done in addition to setting "PermitEmptyPasswords yes" in the sshd_config file.

There is one caveat when using empty passwords with PAM authentication: PAM will allow any password when authenticating an account with an empty password. This breaks the check that sshd(8) uses to determine whether an account has no password set and grant users access to the account regardless of the policy specified by PermitEmptyPasswords. For this reason, it is recommended that you do not add the nullok directive to your PAM configuration file unless you specifically wish to allow empty passwords.

3.3 - ssh(1) takes a long time to connect or log in

Large delays (more than 10 seconds) are typically caused by a problem with name resolution:

  • Some versions of glibc (notably glibc 2.1 shipped with Red Hat 6.1) can take a long time to resolve "IPv6 or IPv4" addresses from domain names. This can be worked around with by specifying AddressFamily inet option in ssh_config.
  • There may be a DNS lookup problem, either at the client or server. You can use the nslookup command to check this on both client and server by looking up the other end's name and IP address. In addition, on the server look up the name returned by the client's IP-name lookup. You can disable most of the server-side lookups by setting UseDNS no in sshd_config.

Delays less than 10 seconds can have other causes.

  • OpenSSH releases prior to 3.8 had an moduli file with moduli that were just smaller than what sshd would look for, and as a result, sshd would end up using moduli significantly larger than requested, which resulted in a speed penalty. Replacing the moduli file will resolve this (note that in most cases this file will not be replaced during an upgrade and must be replaced manually).
  • OpenSSH releases prior to 3.8 had a flaw in ssh that would cause it to request moduli larger than intended (which when combined with the above resulted in significant slowdowns). Upgrading the client to 3.8 or higher will resolve this issue.
  • If either the client or server lack a kernel-based random number device (eg Solaris < 9, AIX < 5.2, HP-UX < 11.11) and no substitute is available (eg prngd) it's possible that one of the programs called by ssh-rand-helper to generate entropy is hanging. This can be investigated by running it in debug mode:
    /usr/local/libexec/ssh-rand-helper -vvv
    Any significant delays should be investigated and rectified, or the corresponding commands should be removed from ssh_prng_cmds.

How slow is "slow"?

Under normal conditions, the speed of SSH logins is dependant on CPU speed of client and server. For comparison the following are typical connect times for time ssh localhost true with a 1024-bit RSA key on otherwise unloaded hosts. OpenSSH and OpenSSL were compiled with gcc 3.3.x.

CPUTime (SSHv1)[1] Time (SSHv2)
170MHz SPARC/sun4m0.74 sec1.25 sec
236MHz HPPA/8200[2]0.44 sec 0.79 sec
375MHz PowerPC/604e0.38 sec0.51 sec
933MHz VIA Ezra0.34 sec0.44 sec
2.1GHz Athlon XP 2600+0.14 sec0.22 sec

[1] The SSHv1 protocol is faster but is cryptographically weaker than SSHv2.
[2] At the time of writing, gcc generates relatively slow code on HPPA for RSA and Diffie-Hellman operations (see gcc bug #7625 and discussion on openssh-unix-dev).

3.4 - "Can't locate module net-pf-10" messages in log under Linux.

The Linux kernel is looking (via modprobe) for protocol family 10 (IPv6). Either load the appropriate kernel module, enter the correct alias in /etc/modules.conf or disable IPv6 in /etc/modules.conf.

For some silly reason /etc/modules.conf may also be named /etc/conf.modules.

3.5 - Password authentication doesn't work (eg on Slackware 7.0 or Red Hat 6.x)

If the password is correct password the login is still denied, the usual cause is that the system is configured to use MD5-type passwords but the crypt(3) function used by sshd doesn't understand them.

Affected accounts will have password strings in /etc/passwd or /etc/shadow that start with $1$. If password authentication fails for new accounts or accounts with recently changed passwords, but works for old accounts, this is the likely culprit.

The underlying cause is that some versions of OpenSSL have a crypt(3) function that does not understand MD5 passwords, and the link order of sshd means that OpenSSL's crypt(3) is used instead of the system's. OpensSSH's configure attempts to correct for this but is not always successful.

There are several possible solutions:

  • Enable sshd's built-in support for MD5 passwords at build time.

    ./configure --with-md5-passwords [options]
    This is safe even if you have both types of encryption as sshd will select the correct algorithm for each account automatically.

  • If your system has a separate libcrypt library (eg Slackware 7) then you can manually add -lcrypt to the LIBS list so it's used instead of OpenSSL's:

    LIBS=-lcrypt ./configure [options]

  • If your platforms supports PAM, you may configure sshd to use it (see section 3.15). This will mean that sshd will not verify passwords itself but will defer to the configured PAM modules.

3.6 - Configure or sshd(8) complain about lack of RSA or DSA support

Ensure that your OpenSSL libraries have been built to include RSA or DSA support either internally or through RSAref.

3.7 - "scp: command not found" errors

scp(1) must be in the default PATH on both the client and the server. You may need to use the --with-default-path option to specify a custom path to search on the server. This option replaces the default path, so you need to specify all the current directories on your path as well as where you have installed scp. For example:

$ ./configure --with-default-path=/bin:/usr/bin:/usr/local/bin:/path/to/scp

Note that configuration by the server's admin will take precedence over the setting of --with-default-path. This includes resetting PATH in /etc/profile, PATH in /etc/environment on AIX, or (for 3.7p1 and above) setting PATH or SUPATH in /etc/default/login on Solaris or Reliant Unix.

3.8 - Unable to read passphrase

Some operating systems set /dev/tty with incorrect modes, causing the reading of passwords to fail with the following error:

You have no controlling tty. Cannot read passphrase.

The solution to this is to reset the permissions on /dev/tty to mode 0666 and report the error as a bug to your OS vendor.

3.9 - 'configure' missing or make fails

If there is no 'configure' file in the tar.gz file that you downloaded or make fails with "missing separator" errors, you have probably downloaded the OpenBSD distribution of OpenSSH and are attempting to compile it on another platform. Please refer to the information on the portable version.

3.10 - Hangs when exiting ssh

OpenSSH may hang when exiting. This can occur when there is an active background process. This is known to occur on Linux and HP-UX. The problem can be verified by doing the following:

$ sleep 20 & exit
Try to use this instead:
$ sleep 20 < /dev/null > /dev/null 2>&1 &

A work around for bash users is to place "shopt -s huponexit" in either /etc/bashrc or ~/.bashrc. Otherwise, consult your shell's man page for an option to enable it to send a HUP signal to active jobs when exiting. See bug #52 for other workarounds.

3.11 - Why does ssh hang on exit?

When executing

$ ssh host command
ssh needs to hang, because it needs to wait:
  • until it can be sure that command does not need more input.
  • until it can be sure that command does not produce more output.
  • until command exits because sshd needs to tell the exit status from command to ssh.

3.12 - I upgraded to OpenSSH 3.1 and X11 forwarding stopped working.

Starting with OpenSSH 3.1, the sshd x11 forwarding server listens on localhost by default; see the sshd X11UseLocalhost option to revert to prior behaviour if your older X11 clients do not function with this configuration.

In general, X11 clients using X11 R6 should work with the default setting. Some vendors, including HP, ship X11 clients with R6 and R5 libs, so some clients will work, and others will not work. This is true for HP-UX 11.X.

3.13 - I upgraded to OpenSSH 3.8 and some X11 programs stopped working.

As documented in the 3.8 release notes, ssh will now use untrusted X11 cookies by default. The previous behaviour can be restored by setting ForwardX11Trusted yes in ssh_config.

Possible symptoms include:
BadWindow (invalid Window parameter)
BadAccess (attempt to access private resource denied)
X Error of failed request: BadAtom (invalid Atom parameter)
Major opcode of failed request: 20 (X_GetProperty)

3.14 - I copied my public key to authorized_keys but public-key authentication still doesn't work.

Typically this is caused by the file permissions on $HOME, $HOME/.ssh or $HOME/.ssh/authorized_keys being more permissive than sshd allows by default.

In this case, it can be solved by executing the following on the server.

$ chmod go-w $HOME $HOME/.ssh
$ chmod 600 $HOME/.ssh/authorized_keys
$ chown `whoami` $HOME/.ssh/authorized_keys

If this is not possible for some reason, an alternative is to set StrictModes no in sshd_config, however this is not recommended.

3.15 - OpenSSH versions and PAM behaviour.

Portable OpenSSH has a configure-time option to enable sshd's use of the PAM (Pluggable Authentication Modules) interface.
./configure --with-pam [options]
To use PAM at all, this option must be provided at build time. The run-time behaviour when PAM is built in varies with the version of Portable OpenSSH, and on later versions it must also be enabled by setting UsePAM to yes in sshd_config.

The behaviour of the relevant authentications options when PAM support is built in is summarised by the following table.

Version UsePAM PasswordAuthentication ChallengeResponseAuthentication
<=3.6.1p2 Not applicable Uses PAM Uses PAM if PAMAuthenticationViaKbdInt is enabled
3.7p1 - 3.7.1p1 Defaults to yes Does not use PAM Uses PAM if UsePAM is enabled
3.7.1p2 - 3.8.1p1 Defaults to no Does not use PAM [1] Uses PAM if UsePAM is enabled
3.9p1 Defaults to no Uses PAM if UsePAM is enabled Uses PAM if UsePAM is enabled

[1] Some vendors, notably Redhat/Fedora, have backported the PasswordAuthentication from 3.9p1 to their 3.8x based packages. If you're using a vendor-supplied package then consult their documentation.

OpenSSH Portable's PAM interface still has problems with a few modules, however we hope that this number will reduce in the future. As at the 3.9p1 release, the known problems are:

  • Modules relying on module-private data (eg pam_dhkeys, pam_krb5, AFS) may fail to correctly establish credentials (bug #688) when authenticating via ChallengeResponseAuthentication. PasswordAuthentication with 3.9p1 and above should work.
You can also check bugzilla for current PAM issues.

3.16 - Why doesn't "w" or "who" on AIX 5.x show users logged in via ssh?

Between AIX 4.3.3 and AIX 5.x, the format of the wtmp struct changed. This means that sshd binaries built on AIX 4.x will not correctly write wtmp entries when run on AIX 5.x. This can be fixed by simply recompiling sshd on an AIX 5.x system and using that.
OpenSSH www@openbsd.org
$OpenBSD: faq.html,v 1.113 2012/04/21 12:12:22 dtucker Exp $ debian/po/0000755000000000000000000000000012330654315007606 5ustar debian/po/ru.po0000644000000000000000000000577312330654315010610 0ustar # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the openssh package. # # Yuri Kozlov , 2014. msgid "" msgstr "" "Project-Id-Version: openssh 1:6.6p1-1\n" "Report-Msgid-Bugs-To: openssh@packages.debian.org\n" "POT-Creation-Date: 2014-03-20 02:06+0000\n" "PO-Revision-Date: 2014-03-22 10:04+0400\n" "Last-Translator: Yuri Kozlov \n" "Language-Team: Russian \n" "Language: ru\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 && n" "%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n" "X-Generator: Lokalize 1.4\n" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "Disable SSH password authentication for root?" msgstr "Выключить в SSH аутентификацию по паролю для root?" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "Previous versions of openssh-server permitted logging in as root over SSH " "using password authentication. The default for new installations is now " "\"PermitRootLogin without-password\", which disables password authentication " "for root without breaking systems that have explicitly configured SSH public " "key authentication for root." msgstr "" "В предыдущих версиях openssh-server разрешён вход с правами пользователя " "root через SSH с помощью аутентификации по паролю. При новых установках по " "умолчанию теперь используется настройка «PermitRootLogin without-password», " "которая отключает аутентификацию по паролю для root, что не вредит системам, " "у которых в SSH для root настроена аутентификация по открытому ключу." #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "This change makes systems more secure against brute-force password " "dictionary attacks on the root user (a very common target for such attacks). " "However, it may break systems that are set up with the expectation of being " "able to SSH as root using password authentication. You should only make this " "change if you do not need to do that." msgstr "" "Это изменение делает системы более стойкими к атакам методом перебора " "словарных паролей для пользователя root (самая распространённая цель таких " "атак). Однако, это вредит системам, в которых специально настроен вход для " "root по SSH с парольной аутентификацией. Если это не ваш случай, то ответьте " "утвердительно." debian/po/ja.po0000644000000000000000000000514212330654315010542 0ustar # SOME DESCRIPTIVE TITLE. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the openssh package. # victory , 2014. # msgid "" msgstr "" "Project-Id-Version: openssh\n" "Report-Msgid-Bugs-To: openssh@packages.debian.org\n" "POT-Creation-Date: 2014-03-20 02:06+0000\n" "PO-Revision-Date: 2014-03-20 11:06+0900\n" "Last-Translator: victory \n" "Language-Team: Japanese \n" "Language: ja\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "Disable SSH password authentication for root?" msgstr "root での SSH パスワード認証を無効にしますか?" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "Previous versions of openssh-server permitted logging in as root over SSH " "using password authentication. The default for new installations is now " "\"PermitRootLogin without-password\", which disables password authentication " "for root without breaking systems that have explicitly configured SSH public " "key authentication for root." msgstr "" "openssh-server の以前のバージョンではパスワード認証を利用した SSH 経由の " "root のログインを許可していました。新しくインストールした場合のデフォルト値が" "現在は「PermitRootLogin without-password」になり、root のパスワード認証を無効" "化しますが SSH の公開鍵認証を root 用に明示的に設定しているシステムでは特に問" "題はありません。" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "This change makes systems more secure against brute-force password " "dictionary attacks on the root user (a very common target for such attacks). " "However, it may break systems that are set up with the expectation of being " "able to SSH as root using password authentication. You should only make this " "change if you do not need to do that." msgstr "" "この変更によりシステムは root ユーザ (こういった攻撃ではとても一般的な攻撃対" "象です) へのブルートフォースによるパスワード辞書攻撃に対してはより安全になり" "ます。しかしパスワード認証により root で SSH 接続できることを前提として構成し" "たシステムでは問題が発生する可能性があります。そういった必要のない場合にのみ" "この変更を行うようにしてください。" debian/po/pt.po0000644000000000000000000000515012330654315010572 0ustar # Translation of openssh's debconf messages to European Portuguese # Copyright (C) 2014 YEAR THE openssh'S COPYRIGHT HOLDER # This file is distributed under the same license as the openssh package. # # Américo Monteiro , 2014. msgid "" msgstr "" "Project-Id-Version: openssh 1:6.6p1-1\n" "Report-Msgid-Bugs-To: openssh@packages.debian.org\n" "POT-Creation-Date: 2014-03-20 02:06+0000\n" "PO-Revision-Date: 2014-03-21 21:13+0000\n" "Last-Translator: Américo Monteiro \n" "Language-Team: Portuguese \n" "Language: pt\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Lokalize 1.4\n" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "Disable SSH password authentication for root?" msgstr "Desactivar a autenticação SSH por palavra passe para o root?" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "Previous versions of openssh-server permitted logging in as root over SSH " "using password authentication. The default for new installations is now " "\"PermitRootLogin without-password\", which disables password authentication " "for root without breaking systems that have explicitly configured SSH public " "key authentication for root." msgstr "" "As versões anteriores do servidor openssh permitiam iniciar sessão como root " "sobre SSH usando autenticação por palavra-passe. A predefinição para novas " "instalações é agora \"PermitRootLogin without-password\", a qual desactiva a " "autenticação por palavra-passe para o root sem danificar os sistemas que têm " "configurados explicitamente autenticação SSH por chave pública para o root." #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "This change makes systems more secure against brute-force password " "dictionary attacks on the root user (a very common target for such attacks). " "However, it may break systems that are set up with the expectation of being " "able to SSH as root using password authentication. You should only make this " "change if you do not need to do that." msgstr "" "Esta alteração torna os sistemas mais seguros contra ataques em que se " "forçam dicionários de palavras-passe no utilizador root (um alvo muito comum " "para tais ataques). No entanto, pode danificar sistemas que estão " "configurados com a expectativa de serem capazes de SSH como root usando " "autenticação por palavra-passe. Apenas deverá fazer esta alteração se não " "precisa de tal método de autenticação." debian/po/POTFILES.in0000644000000000000000000000006312330654315011362 0ustar [type: gettext/rfc822deb] openssh-server.templates debian/po/da.po0000644000000000000000000000453312330654315010537 0ustar # Danish translation openssh. # Copyright (C) 2014 openssh og nedenstående oversættere. # This file is distributed under the same license as the openssh package. # Joe Hansen , 2014. # msgid "" msgstr "" "Project-Id-Version: openssh\n" "Report-Msgid-Bugs-To: openssh@packages.debian.org\n" "POT-Creation-Date: 2014-03-20 02:06+0000\n" "PO-Revision-Date: 2014-03-21 23:51+0200\n" "Last-Translator: Joe Hansen \n" "Language-Team: Danish \n" "Language: da\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "Disable SSH password authentication for root?" msgstr "Deaktiver SSH-adgangskodegodkendelse for root?" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "Previous versions of openssh-server permitted logging in as root over SSH " "using password authentication. The default for new installations is now " "\"PermitRootLogin without-password\", which disables password authentication " "for root without breaking systems that have explicitly configured SSH public " "key authentication for root." msgstr "" "Tidligere versioner af openssh-server tillod indlogning som root over SSH " "med brug af adgangskodegodkendelse. Standarden for nye installationer er nu " "»PermitRootLogin without-password«, som deaktiverer adgangskodegodkendelse " "for root uden at ødelægge systemer, som eksplicit har konfigureret SSH-" "offentlig nøglegodkendelse for root." #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "This change makes systems more secure against brute-force password " "dictionary attacks on the root user (a very common target for such attacks). " "However, it may break systems that are set up with the expectation of being " "able to SSH as root using password authentication. You should only make this " "change if you do not need to do that." msgstr "" "Denne ændring gør systemer mere sikre mod brute-force angreb vis ordlister " "med adgangskoder på root-brugeren (et meget ofte mål for sådanne angreb). " "Det kan dog ødelægge systemer, som er opsat med forventning om at kunne SSH " "som root via brug af adgangskodegodkendelse. Du skal kun lave denne ændring, " "hvis du ikke har brug for dette." debian/po/templates.pot0000644000000000000000000000310212330654315012324 0ustar # SOME DESCRIPTIVE TITLE. # Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER # This file is distributed under the same license as the PACKAGE package. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: openssh\n" "Report-Msgid-Bugs-To: openssh@packages.debian.org\n" "POT-Creation-Date: 2014-03-20 02:06+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=CHARSET\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "Disable SSH password authentication for root?" msgstr "" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "Previous versions of openssh-server permitted logging in as root over SSH " "using password authentication. The default for new installations is now " "\"PermitRootLogin without-password\", which disables password authentication " "for root without breaking systems that have explicitly configured SSH public " "key authentication for root." msgstr "" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "This change makes systems more secure against brute-force password " "dictionary attacks on the root user (a very common target for such attacks). " "However, it may break systems that are set up with the expectation of being " "able to SSH as root using password authentication. You should only make this " "change if you do not need to do that." msgstr "" debian/po/sv.po0000644000000000000000000000477212330654315010610 0ustar # Swedish translations for openssh package # Svenska översättningar för paket openssh. # Copyright (C) 2014 THE openssh'S COPYRIGHT HOLDER # This file is distributed under the same license as the openssh package. # Andreas Rönnquist , 2014. # msgid "" msgstr "" "Project-Id-Version: openssh\n" "Report-Msgid-Bugs-To: openssh@packages.debian.org\n" "POT-Creation-Date: 2014-03-20 02:06+0000\n" "PO-Revision-Date: 2014-03-21 21:36+0100\n" "Last-Translator: Andreas Rönnquist \n" "Language-Team: Swedish\n" "Language: sv\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "Disable SSH password authentication for root?" msgstr "Inaktivera SSH-lösenordsautentisering för root?" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "Previous versions of openssh-server permitted logging in as root over SSH " "using password authentication. The default for new installations is now " "\"PermitRootLogin without-password\", which disables password authentication " "for root without breaking systems that have explicitly configured SSH public " "key authentication for root." msgstr "" "Tidigare versioner av openssh-server tillät inloggning som root över SSH med " "hjälp av lösenordsautentisering. Standardinställningen för nya " "installationer är nu \"PermitRootLogin without-password\", vilket " "inaktiverar lösenordsautentisering för root utan att förstöra system som " "explicit har konfigurerat nyckelautentisering med hjälp av publika nycklar " "för root." #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "This change makes systems more secure against brute-force password " "dictionary attacks on the root user (a very common target for such attacks). " "However, it may break systems that are set up with the expectation of being " "able to SSH as root using password authentication. You should only make this " "change if you do not need to do that." msgstr "" "Denna förändring gör system säkrare mot brute-force-angrepp med hjälp av " "ordlistor med lösenord på root-användaren (ett väldigt vanligt mål för " "sådana angrepp). Dock så kan detta förstöra system som förväntas kunna " "använda SSH som root med hjälp av lösenordsautentisering. Du skall endast " "göra denna förändring om du inte har ett behov av att kunna göra detta." debian/po/it.po0000644000000000000000000000512612330654315010566 0ustar # Italian translation of openssh debconf messages. # Copyright (C) 2014, openssh package copyright holder # This file is distributed under the same license as the openssh package. # Beatrice Torracca , 2014. msgid "" msgstr "" "Project-Id-Version: openssh\n" "Report-Msgid-Bugs-To: openssh@packages.debian.org\n" "POT-Creation-Date: 2014-03-20 02:06+0000\n" "PO-Revision-Date: 2014-03-28 11:12+0200\n" "Last-Translator: Beatrice Torracca \n" "Language-Team: Italian \n" "Language: it\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" "X-Generator: Virtaal 0.7.1\n" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "Disable SSH password authentication for root?" msgstr "Disabilitare l'autenticazione SSH con password per root?" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "Previous versions of openssh-server permitted logging in as root over SSH " "using password authentication. The default for new installations is now " "\"PermitRootLogin without-password\", which disables password authentication " "for root without breaking systems that have explicitly configured SSH public " "key authentication for root." msgstr "" "Le versioni precedenti di openssh-server permettevano il login come root via " "SSH, usando l'autenticazione con password. Il comportamento predefinito " "delle nuove installazioni è «PermitRootLogin without-password» che " "disabilita l'autenticazione con password per root, senza rendere non " "funzionanti sistemi che hanno esplicitamente configurato l'autenticazione " "SSH con chiave pubblica per root." #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "This change makes systems more secure against brute-force password " "dictionary attacks on the root user (a very common target for such attacks). " "However, it may break systems that are set up with the expectation of being " "able to SSH as root using password authentication. You should only make this " "change if you do not need to do that." msgstr "" "Questo cambiamento rende i sistemi più al sicuro da attacchi di forza bruta " "a dizionario sulle password per l'utente root (un obiettivo molto comune per " "tali attacchi). Tuttavia, può rendere non funzionanti sistemi che sono " "impostati facendo affidamento sulla possibilità di autenticazione SSH come " "root usando la password. Si dovrebbe fare questo cambiamento solo se non si " "ha bisogno di tale comportamento." debian/po/de.po0000644000000000000000000000530012330654315010534 0ustar # openssh. # Copyright (C) 2014 Colin Watson # Copyright (C) 2014 Stephan Beck # This file is distributed under the same license as the openssh package. # Stephan Beck , 2014. # msgid "" msgstr "" "Project-Id-Version: openssh_1:6.6p1-1\n" "Report-Msgid-Bugs-To: openssh@packages.debian.org\n" "POT-Creation-Date: 2014-03-20 02:06+0000\n" "PO-Revision-Date: 2014-03-24 22:21+0100\n" "Last-Translator: Stephan Beck \n" "Language-Team: Debian German translation team \n" "Language: de\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "Disable SSH password authentication for root?" msgstr "SSH Passwort-Authentifizierung für »root« deaktivieren?" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "Previous versions of openssh-server permitted logging in as root over SSH " "using password authentication. The default for new installations is now " "\"PermitRootLogin without-password\", which disables password authentication " "for root without breaking systems that have explicitly configured SSH public " "key authentication for root." msgstr "" "Vorherige Versionen von openssh-server erlaubten das Anmelden als »root« " "über SSH unter Verwendung von Passwort-Authentifizierung. Die " "Standardeinstellung für Neuinstallationen lautet nun »PermitRootLogin " "without-password«, wodurch die Passwort-Authentifizierung für »root« " "deaktiviert wird, und Systeme dennoch funktionsfähig bleiben, bei denen " "ausdrücklich die Authentifizierung als »root« mittels öffentlichem SSH-" "Schlüssel konfiguriert ist." #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "This change makes systems more secure against brute-force password " "dictionary attacks on the root user (a very common target for such attacks). " "However, it may break systems that are set up with the expectation of being " "able to SSH as root using password authentication. You should only make this " "change if you do not need to do that." msgstr "" "Diese Änderung sichert Systeme besser gegen jene Angriffe auf den Benutzer " "»root« (ein verbreitetes Ziel solcher Angriffe) ab, die das Passwort durch " "simples Ausprobieren aller Einträge von Wörterbüchern zu erraten versuchen. " "Sie kann allerdings dazu führen, dass Systeme nicht mehr funktionieren, die " "in der Absicht konfiguriert wurden, die Anmeldung als »root« über SSH unter " "Verwendung von Passwort-Authentifizierung zuzulassen. Sie sollten diese " "Änderung nur vornehmen, wenn Sie auf Letzteres verzichten können." debian/po/fr.po0000644000000000000000000000517412330654315010564 0ustar # Translation of openssh debconf template to French # Copyright (C) 2014 # This file is distributed under the same license as the openssh package. # Étienne Gilli , 2014. # msgid "" msgstr "" "Project-Id-Version: openssh_1:6.5p1-6\n" "Report-Msgid-Bugs-To: openssh@packages.debian.org\n" "POT-Creation-Date: 2014-03-20 02:06+0000\n" "PO-Revision-Date: 2014-03-22 08:26+0100\n" "Last-Translator: Étienne Gilli \n" "Language-Team: French \n" "Language: fr\n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "Disable SSH password authentication for root?" msgstr "" "Désactiver l’authentification SSH par mot de passe pour le superutilisateur ?" #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "Previous versions of openssh-server permitted logging in as root over SSH " "using password authentication. The default for new installations is now " "\"PermitRootLogin without-password\", which disables password authentication " "for root without breaking systems that have explicitly configured SSH public " "key authentication for root." msgstr "" "Les versions précédentes du paquet openssh-server autorisaient la connexion " "par SSH du superutilisateur (root) en utilisant l’authentification par mot " "de passe. Par défaut, les nouvelles installations ont maintenant l’option " "« PermitRootLogin without-password », qui désactive l’authentification par " "mot de passe pour le compte « root », sans casser les systèmes qui ont " "configuré explicitement l’authentification SSH par clé publique pour ce " "compte." #. Type: boolean #. Description #: ../openssh-server.templates:1001 msgid "" "This change makes systems more secure against brute-force password " "dictionary attacks on the root user (a very common target for such attacks). " "However, it may break systems that are set up with the expectation of being " "able to SSH as root using password authentication. You should only make this " "change if you do not need to do that." msgstr "" "Cette modification rend les systèmes plus robustes face aux attaques par " "force brute et par dictionnaire contre le superutilisateur (très souvent " "pris pour cible par ce type d’attaque). Cependant, cela peut rendre " "inutilisables les systèmes reposant sur la possibilité de se connecter au " "compte « root » par SSH avec authentification par mot de passe. Vous ne " "devriez appliquer cette modification que si ce n’est pas votre cas." debian/.git-dpm0000644000000000000000000000042512330654320010527 0ustar # see git-dpm(1) from git-dpm package 27c03831c0954238880c5754c2d335368648b95e 27c03831c0954238880c5754c2d335368648b95e 796ba4fd011b5d0d9d78d592ba2f30fc9d5ed2e7 796ba4fd011b5d0d9d78d592ba2f30fc9d5ed2e7 openssh_6.6p1.orig.tar.gz b850fd1af704942d9b3c2eff7ef6b3a59b6a6b6e 1282502 debian/openssh-client.manpages0000644000000000000000000000005112330654315013634 0ustar contrib/ssh-copy-id.1 debian/ssh-argv0.1 debian/changelog0000644000000000000000000053776313437222542011071 0ustar openssh (1:6.6p1-2ubuntu2.13) trusty-security; urgency=medium * SECURITY UPDATE: Incomplete fix for CVE-2019-6111 - debian/patches/CVE-2019-6111-pre1.patch: add reallocarray to openbsd-compat/Makefile.in, openbsd-compat/openbsd-compat.h, openbsd-compat/reallocarray.c. - debian/patches/CVE-2019-6111-2.patch: add another fix to the filename check in scp.c. - CVE-2019-6111 * Fixed inverted CVE numbers in patch filenames and in previous changelog. -- Marc Deslauriers Mon, 04 Mar 2019 07:52:28 -0500 openssh (1:6.6p1-2ubuntu2.12) trusty-security; urgency=medium * SECURITY UPDATE: access restrictions bypass in scp - debian/patches/CVE-2018-20685.patch: disallow empty filenames or ones that refer to the current directory in scp.c. - CVE-2018-20685 * SECURITY UPDATE: scp client spoofing via object name - debian/patches/CVE-2019-6111.patch: make sure the filenames match the wildcard specified by the user, and add new flag to relax the new restrictions in scp.c, scp.1. - CVE-2019-6111 * SECURITY UPDATE: scp client missing received object name validation - debian/patches/CVE-2019-6109-pre1.patch: backport snmprintf from newer OpenSSH in Makefile.in, utf8.c, utf8.h, configure.ac. - debian/patches/CVE-2019-6109-pre2.patch: update vis.h and vis.c from newer OpenSSH. - debian/patches/CVE-2019-6109-1.patch: sanitize scp filenames via snmprintf in atomicio.c, progressmeter.c, progressmeter.h, scp.c, sftp-client.c. - debian/patches/CVE-2019-6109-2.patch: force progressmeter updates in progressmeter.c, progressmeter.h, scp.c, sftp-client.c. - CVE-2019-6109 -- Marc Deslauriers Thu, 31 Jan 2019 11:18:29 -0500 openssh (1:6.6p1-2ubuntu2.11) trusty-security; urgency=medium * SECURITY UPDATE: OpenSSH User Enumeration Vulnerability (LP: #1794629) - debian/patches/CVE-2018-15473.patch: delay bailout for invalid authenticating user until after the packet containing the request has been fully parsed. - CVE-2018-15473 [ Leonidas S. Barbosa ] * SECURITY UPDATE: Privsep process chrashing via an out-of-sequence - debian/patches/CVE-2016-10708.patch: fix in kex.c, pack.c. - CVE-2016-10708 -- Ryan Finnie Sat, 13 Oct 2018 23:31:08 +0000 openssh (1:6.6p1-2ubuntu2.10) trusty-security; urgency=medium * SECURITY UPDATE: untrusted search path when loading PKCS#11 modules - debian/patches/CVE-2016-10009.patch: add a whitelist of paths from which ssh-agent will load a PKCS#11 module in ssh-agent.1, ssh-agent.c. - debian/patches/CVE-2016-10009-2.patch: fix deletion of PKCS#11 keys in ssh-agent.c. - debian/patches/CVE-2016-10009-3.patch: relax whitelist in ssh-agent.c. - debian/patches/CVE-2016-10009-4.patch: add missing label in ssh-agent.c. - CVE-2016-10009 * SECURITY UPDATE: local information disclosure via effects of realloc on buffer contents - debian/patches/CVE-2016-10011.patch: pre-allocate the buffer used for loading keys in authfile.c. - CVE-2016-10011 * SECURITY UPDATE: local privilege escalation via incorrect bounds check in shared memory manager - debian/patches/CVE-2016-10012-1-2.patch: remove support for pre-authentication compression in kex.c, kex.h, Makefile.in, monitor.c, monitor.h, monitor_wrap.c, monitor_wrap.h, myproposal.h, packet.c, servconf.c, sshd.c, sshd_config.5. - debian/patches/CVE-2016-10012-3.patch: put back some pre-auth zlib bits in kex.c, kex.h, packet.c. - CVE-2016-10012 * SECURITY UPDATE: DoS via zero-length file creation in readonly mode - debian/patches/CVE-2017-15906.patch: disallow creation of empty files in sftp-server.c. - CVE-2017-15906 -- Marc Deslauriers Mon, 15 Jan 2018 11:28:55 -0500 openssh (1:6.6p1-2ubuntu2.8) trusty-security; urgency=medium * SECURITY UPDATE: user enumeration via covert timing channel - debian/patches/CVE-2016-6210-1.patch: determine appropriate salt for invalid users in auth-passwd.c, openbsd-compat/xcrypt.c. - debian/patches/CVE-2016-6210-2.patch: mitigate timing of disallowed users PAM logins in auth-pam.c. - debian/patches/CVE-2016-6210-3.patch: search users for one with a valid salt in openbsd-compat/xcrypt.c. - CVE-2016-6210 * SECURITY UPDATE: denial of service via long passwords - debian/patches/CVE-2016-6515.patch: skip passwords longer than 1k in length in auth-passwd.c. - CVE-2016-6515 -- Marc Deslauriers Thu, 11 Aug 2016 08:43:06 -0400 openssh (1:6.6p1-2ubuntu2.7) trusty-security; urgency=medium * SECURITY UPDATE: privilege escalation via environment files when UseLogin is configured - debian/patches/CVE-2015-8325.patch: ignore PAM environment vars when UseLogin is enabled in session.c. - CVE-2015-8325 * SECURITY UPDATE: fallback from untrusted X11-forwarding to trusted - debian/patches/CVE-2016-1908-1.patch: use stack memory in clientloop.c. - debian/patches/CVE-2016-1908-2.patch: eliminate fallback in clientloop.c, clientloop.h, mux.c, ssh.c. - CVE-2016-1908 * SECURITY UPDATE: shell-command restrictions bypass via crafted X11 forwarding data - debian/patches/CVE-2016-3115.patch: sanitise characters destined for xauth in session.c. - CVE-2016-3115 -- Marc Deslauriers Thu, 05 May 2016 08:29:07 -0400 openssh (1:6.6p1-2ubuntu2.6) trusty; urgency=medium * debian/control, debian/rules: enable libaudit support. (LP: #1478087) -- Mathieu Trudel-Lapierre Tue, 26 Jan 2016 10:38:35 -0500 openssh (1:6.6p1-2ubuntu2.5) trusty-proposed; urgency=medium * Backport upstream reporting of max auth attempts, so that fail2bail and similar tools can learn the IP address of brute forcers. (LP: #1534340) - debian/patches/report-max-auth.patch -- Kees Cook Thu, 14 Jan 2016 13:56:03 -0800 openssh (1:6.6p1-2ubuntu2.4) trusty-security; urgency=medium * SECURITY UPDATE: information leak and overflow in roaming support - debian/patches/CVE-2016-077x.patch: completely disable roaming option in readconf.c. - CVE-2016-0777 - CVE-2016-0778 -- Marc Deslauriers Wed, 13 Jan 2016 10:48:19 -0500 openssh (1:6.6p1-2ubuntu2.3) trusty-security; urgency=medium * SECURITY REGRESSION: random auth failures because of uninitialized struct field (LP: #1485719) - debian/patches/CVE-2015-5600-2.patch: -- Marc Deslauriers Mon, 17 Aug 2015 21:52:52 -0400 openssh (1:6.6p1-2ubuntu2.2) trusty-security; urgency=medium * SECURITY UPDATE: possible user impersonation via PAM support - debian/patches/pam-security-1.patch: don't resend username to PAM in monitor.c, monitor_wrap.c. - CVE number pending * SECURITY UPDATE: use-after-free in PAM support - debian/patches/pam-security-2.patch: fix use after free in monitor.c. - CVE number pending * SECURITY UPDATE: - debian/patches/CVE-2015-5600.patch: only query each keyboard-interactive device once per authentication request in auth2-chall.c. - CVE-2015-5600 * SECURITY UPDATE: X connections access restriction bypass - debian/patches/CVE-2015-5352.patch: refuse ForwardX11Trusted=no connections attempted after ForwardX11Timeout expires in channels.c, channels.h, clientloop.c. - CVE-2015-5352 -- Marc Deslauriers Fri, 14 Aug 2015 07:31:00 -0400 openssh (1:6.6p1-2ubuntu2) trusty; urgency=medium * Apply upstream-recommended patch to fix bignum encoding for curve25519-sha256@libssh.org, fixing occasional key exchange failures (LP: #1310781). * Force ssh-agent Upstart job to use sh syntax regardless of the user's shell (thanks, Steffen Stempel; LP: #1312928). -- Colin Watson Fri, 02 May 2014 09:42:23 +0100 openssh (1:6.6p1-2ubuntu1) trusty; urgency=medium * Upload from Debian git repository to fix a release-critical bug. * Debconf translations: - French (thanks, Étienne Gilli; closes: #743242). * Never signal the service supervisor with SIGSTOP more than once, to prevent a hang on re-exec (thanks, Robie Basak; LP: #1306877). -- Colin Watson Mon, 14 Apr 2014 12:20:48 +0100 openssh (1:6.6p1-2) unstable; urgency=medium * If no root password is set, then switch to "PermitRootLogin without-password" without asking (LP: #1300127). -- Colin Watson Mon, 31 Mar 2014 12:20:46 +0100 openssh (1:6.6p1-1) unstable; urgency=medium [ Colin Watson ] * Apply various warning-suppression and regression-test fixes to gssapi.patch from Damien Miller. * New upstream release (http://www.openssh.com/txt/release-6.6, LP: #1298280): - CVE-2014-2532: sshd(8): when using environment passing with an sshd_config(5) AcceptEnv pattern with a wildcard, OpenSSH prior to 6.6 could be tricked into accepting any environment variable that contains the characters before the wildcard character. * Re-enable btmp logging, as its permissions were fixed a long time ago in response to #370050 (closes: #341883). * Change to "PermitRootLogin without-password" for new installations, and ask a debconf question when upgrading systems with "PermitRootLogin yes" from previous versions (closes: #298138). * Debconf translations: - Danish (thanks, Joe Hansen). - Portuguese (thanks, Américo Monteiro). - Russian (thanks, Yuri Kozlov; closes: #742308). - Swedish (thanks, Andreas Rönnquist). - Japanese (thanks, victory). - German (thanks, Stephan Beck; closes: #742541). - Italian (thanks, Beatrice Torracca). * Don't start ssh-agent from the Upstart user session job if something like Xsession has already done so (based on work by Bruno Vasselle; LP: #1244736). [ Matthew Vernon ] * CVE-2014-2653: Fix failure to check SSHFP records if server presents a certificate (bug reported by me, patch by upstream's Damien Miller; thanks also to Mark Wooding for his help in fixing this) (Closes: #742513) -- Colin Watson Fri, 28 Mar 2014 18:04:41 +0000 openssh (1:6.5p1-6) unstable; urgency=medium * Fix Breaks/Replaces versions of openssh-sftp-server on openssh-server (thanks, Axel Beckert). -- Colin Watson Thu, 06 Mar 2014 16:18:44 +0000 openssh (1:6.5p1-5) unstable; urgency=medium [ Colin Watson ] * Add Alias=sshd.service to systemd ssh.service file, to match "Provides: sshd" in the sysvinit script (thanks, Michael Biebl). * Add Before=ssh.service to systemd ssh.socket file, since otherwise nothing guarantees that ssh.service has stopped before ssh.socket starts (thanks, Uoti Urpala). [ Axel Beckert ] * Split sftp-server into its own package to allow it to also be used by other SSH server implementations like dropbear (closes: #504290). -- Colin Watson Wed, 05 Mar 2014 13:53:08 +0000 openssh (1:6.5p1-4) unstable; urgency=medium * Configure --without-hardening on hppa, to work around http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60155 (closes: #738798). * Amend "Running sshd from inittab" instructions in README.Debian to recommend 'update-rc.d ssh disable', rather than manual removal of rc*.d symlinks that won't work with dependency-based sysv-rc. * Remove code related to non-dependency-based sysv-rc ordering, since that is no longer supported. * Apply patch from https://bugzilla.mindrot.org/show_bug.cgi?id=2200 to fix getsockname errors when using "ssh -W" (closes: #738693). -- Colin Watson Sat, 15 Feb 2014 02:19:36 +0000 openssh (1:6.5p1-3) unstable; urgency=medium * Clarify socket activation mode in README.Debian, as suggested by Uoti Urpala. * Stop claiming that "Protocol 2" is a Debian-specific default; this has been upstream's default since 5.4p1. * Avoid stdout noise from which(1) on purge of openssh-client. * Fix sysvinit->systemd transition code to cope with still-running sysvinit jobs being considered active by systemd (thanks, Uoti Urpala and Michael Biebl). * Bump guard version for sysvinit->systemd transition to 1:6.5p1-3; we may have got it wrong before, and it's fairly harmless to repeat it. * Remove tests for whether /dev/null is a character device from the Upstart job and the systemd service files; it's there to avoid a confusing failure mode in daemon(), but with modern init systems we use the -D option to suppress daemonisation anyway. * Refer to /usr/share/common-licenses/GPL-2 in debian/copyright (for the Debian patch) rather than plain GPL. * Drop some very old Conflicts and Replaces (ssh (<< 1:3.8.1p1-9), rsh-client (<< 0.16.1-1), ssh-krb5 (<< 1:4.3p2-7), ssh-nonfree (<< 2), and openssh-client (<< 1:3.8.1p1-11)). These all relate to pre-etch versions, for which we no longer have maintainer script code, and per policy they would have to become Breaks nowadays anyway. * Policy version 3.9.5. * Drop unnecessary -1 in zlib1g Build-Depends version. * Tweak dh_systemd_enable invocations to avoid lots of error noise. -- Colin Watson Wed, 12 Feb 2014 13:10:08 +0000 openssh (1:6.5p1-2) unstable; urgency=medium * Only enable ssh.service for systemd, not both ssh.service and ssh.socket. Thanks to Michael Biebl for spotting this. * Backport upstream patch to unbreak case-sensitive matching of ssh_config (closes: #738619). -- Colin Watson Tue, 11 Feb 2014 11:28:35 +0000 openssh (1:6.5p1-1) unstable; urgency=medium * New upstream release (http://www.openssh.com/txt/release-6.5, LP: #1275068): - ssh(1): Add support for client-side hostname canonicalisation using a set of DNS suffixes and rules in ssh_config(5). This allows unqualified names to be canonicalised to fully-qualified domain names to eliminate ambiguity when looking up keys in known_hosts or checking host certificate names (closes: #115286). * Switch to git; adjust Vcs-* fields. * Convert to git-dpm, and drop source package documentation associated with the old bzr/quilt patch handling workflow. * Drop ssh-vulnkey and the associated ssh/ssh-add/sshd integration code, leaving only basic configuration file compatibility, since it has been nearly six years since the original vulnerability and this code is not likely to be of much value any more (closes: #481853, #570651). See https://lists.debian.org/debian-devel/2013/09/msg00240.html for my full reasoning. * Add OpenPGP signature checking configuration to watch file (thanks, Daniel Kahn Gillmor; closes: #732441). * Add the pam_keyinit session module, to create a new session keyring on login (closes: #734816). * Incorporate default path changes from shadow 1:4.0.18.1-8, removing /usr/bin/X11 (closes: #644521). * Generate ED25519 host keys on fresh installations. Upgraders who wish to add such host keys should manually add 'HostKey /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run 'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'. * Drop long-obsolete "SSH now uses protocol 2 by default" section from README.Debian. * Add systemd support (thanks, Sven Joachim; closes: #676830). -- Colin Watson Mon, 10 Feb 2014 14:58:26 +0000 openssh (1:6.4p1-2) unstable; urgency=high * Increase ServerKeyBits value in package-generated sshd_config to 1024 (closes: #727622, LP: #1244272). * Restore patch to disable OpenSSL version check (closes: #732940). -- Colin Watson Mon, 23 Dec 2013 10:44:04 +0000 openssh (1:6.4p1-1) unstable; urgency=high * New upstream release. Important changes: - 6.3/6.3p1 (http://www.openssh.com/txt/release-6.3): + sftp(1): add support for resuming partial downloads using the "reget" command and on the sftp commandline or on the "get" commandline using the "-a" (append) option (closes: #158590). + ssh(1): add an "IgnoreUnknown" configuration option to selectively suppress errors arising from unknown configuration directives (closes: #436052). + sftp(1): update progressmeter when data is acknowledged, not when it's sent (partially addresses #708372). + ssh(1): do not fatally exit when attempting to cleanup multiplexing- created channels that are incompletely opened (closes: #651357). - 6.4/6.4p1 (http://www.openssh.com/txt/release-6.4): + CVE-2013-4548: sshd(8): fix a memory corruption problem triggered during rekeying when an AES-GCM cipher is selected (closes: #729029). Full details of the vulnerability are available at: http://www.openssh.com/txt/gcmrekey.adv * When running under Upstart, only consider the daemon started once it is ready to accept connections (by raising SIGSTOP at that point and using "expect stop"). -- Colin Watson Sat, 09 Nov 2013 18:24:16 +0000 openssh (1:6.2p2-6) unstable; urgency=low * Update config.guess and config.sub automatically at build time. dh_autoreconf does not take care of that by default because openssh does not use automake. -- Colin Watson Tue, 02 Jul 2013 22:54:49 +0100 openssh (1:6.2p2-5) unstable; urgency=low [ Colin Watson ] * Document consequences of ssh-agent being setgid in ssh-agent(1); see #711623. * Use 'set -e' rather than '#! /bin/sh -e' in maintainer scripts and ssh-argv0. [ Yolanda Robla ] * debian/rules: Include real distribution in SSH_EXTRAVERSION instead of hardcoding Debian (LP: #1195342). -- Colin Watson Thu, 27 Jun 2013 15:24:14 +0100 openssh (1:6.2p2-4) unstable; urgency=low * Fix non-portable shell in ssh-copy-id (closes: #711162). * Rebuild against debhelper 9.20130604 with fixed dependencies for invoke-rc.d and Upstart jobs (closes: #711159, #711364). * Set SELinux context on private host keys as well as public host keys (closes: #687436). -- Colin Watson Thu, 06 Jun 2013 17:06:31 +0100 openssh (1:6.2p2-3) unstable; urgency=low * If the running init daemon is Upstart, then, on the first upgrade to this version, check whether sysvinit is still managing sshd; if so, manually stop it so that it can be restarted under upstart. We do this near the end of the postinst, so it shouldn't result in any appreciable extra window where sshd is not running during upgrade. -- Colin Watson Wed, 22 May 2013 17:42:10 +0100 openssh (1:6.2p2-2) unstable; urgency=low * Change start condition of Upstart job to be just the standard "runlevel [2345]", rather than "filesystem or runlevel [2345]"; the latter makes it unreasonably difficult to ensure that urandom starts before ssh, and is not really necessary since one of static-network-up and failsafe-boot is guaranteed to happen and will trigger entry to the default runlevel, and we don't care about ssh starting before the network (LP: #1098299). * Drop conffile handling for direct upgrades from pre-split ssh package; this was originally added in 1:4.3p2-7 / 1:4.3p2-8, and contained a truly ghastly hack around a misbehaviour in sarge's dpkg. Since this is now four Debian releases ago, we can afford to drop this and simplify the packaging. * Remove ssh/use_old_init_script, which was a workaround for a very old bug in /etc/init.d/ssh. If anyone has ignored this for >10 years then they aren't going to be convinced now (closes: #214182). * Remove support for upgrading directly from ssh-nonfree. * Remove lots of maintainer script support for direct upgrades from pre-etch (three releases before current stable). * Add #DEBHELPER# tokens to openssh-client.postinst and openssh-server.postinst. * Replace old manual conffile handling code with dpkg-maintscript-helper, via dh_installdeb. * Switch to new unified layout for Upstart jobs as documented in https://wiki.ubuntu.com/UpstartCompatibleInitScripts: the init script checks for a running Upstart, and we now let dh_installinit handle most of the heavy lifting in maintainer scripts. Ubuntu users should be essentially unaffected except that sshd may no longer start automatically in chroots if the running Upstart predates 0.9.0; but the main goal is simply not to break when openssh-server is installed in a chroot. * Remove the check for vulnerable host keys; this was first added five years ago, and everyone should have upgraded through a version that applied these checks by now. The ssh-vulnkey tool and the blacklisting support in sshd are still here, at least for the moment. * This removes the last of our uses of debconf (closes: #221531). * Use the pam_loginuid session module (thanks, Laurent Bigonville; closes: #677440, LP: #1067779). * Bracket our session stack with calls to pam_selinux close/open (thanks, Laurent Bigonville; closes: #679458). * Fix dh_builddeb invocation so that we really use xz compression for binary packages, as intended since 1:6.1p1-2. -- Colin Watson Wed, 22 May 2013 09:07:42 +0100 openssh (1:6.2p2-1) unstable; urgency=low * New upstream release (http://www.openssh.com/txt/release-6.2p2): - Only warn for missing identity files that were explicitly specified (closes: #708275). - Fix bug in contributed contrib/ssh-copy-id script that could result in "rm *" being called on mktemp failure (closes: #708419). -- Colin Watson Thu, 16 May 2013 14:05:06 +0100 openssh (1:6.2p1-3) unstable; urgency=low * Renumber Debian-specific additions to enum monitor_reqtype so that they fit within a single byte (thanks, Jason Conti; LP: #1179202). -- Colin Watson Mon, 13 May 2013 10:56:04 +0100 openssh (1:6.2p1-2) unstable; urgency=low * Fix build failure on Ubuntu: - Include openbsd-compat/sys-queue.h from consolekit.c. - Fix consolekit mismerges in monitor.c and monitor_wrap.c. -- Colin Watson Thu, 09 May 2013 09:45:57 +0100 openssh (1:6.2p1-1) unstable; urgency=low * New upstream release (http://www.openssh.com/txt/release-6.2). - Add support for multiple required authentication in SSH protocol 2 via an AuthenticationMethods option (closes: #195716). - Fix Sophie Germain formula in moduli(5) (closes: #698612). - Update ssh-copy-id to Phil Hands' greatly revised version (closes: #99785, #322228, #620428; LP: #518883, #835901, #1074798). * Use dh-autoreconf. -- Colin Watson Tue, 07 May 2013 11:48:16 +0100 openssh (1:6.1p1-4) experimental; urgency=low [ Gunnar Hjalmarsson ] * debian/openssh-server.sshd.pam: Explicitly state that ~/.pam_environment should be read, and move the pam_env calls from "auth" to "session" so that it's also read when $HOME is encrypted (LP: #952185). [ Stéphane Graber ] * Add ssh-agent upstart user job. This implements something similar to the 90x11-common_ssh-agent Xsession script. That is, start ssh-agent and set the appropriate environment variables (closes: #703906). -- Colin Watson Mon, 25 Mar 2013 16:58:04 +0000 openssh (1:6.1p1-3) experimental; urgency=low * Give ssh and ssh-krb5 versioned dependencies on openssh-client and openssh-server, to try to reduce confusion when people run 'apt-get install ssh' or similar and expect that to upgrade everything relevant. * CVE-2010-5107: Improve DoS resistance by changing default of MaxStartups to 10:30:100 (closes: #700102). -- Colin Watson Fri, 08 Feb 2013 21:07:31 +0000 openssh (1:6.1p1-2) experimental; urgency=low * Use xz compression for binary packages. * Merge from Ubuntu: - Add support for registering ConsoleKit sessions on login. (This is currently enabled only when building for Ubuntu.) - Drop openssh-blacklist and openssh-blacklist-extra to Suggests. It's been long enough since the relevant vulnerability that we shouldn't need these installed by default nowadays. - Add an Upstart job (not currently used by default in Debian). - Add mention of ssh-keygen in ssh connect warning (Scott Moser). - Install apport hooks. * Only build with -j if DEB_BUILD_OPTIONS=parallel=* is used (closes: #694282). -- Colin Watson Mon, 26 Nov 2012 16:39:07 +0000 openssh (1:6.1p1-1) experimental; urgency=low * New upstream release (http://www.openssh.com/txt/release-6.1). - Enable pre-auth sandboxing by default for new installs. - Allow "PermitOpen none" to refuse all port-forwarding requests (closes: #543683). -- Colin Watson Fri, 07 Sep 2012 00:22:44 +0100 openssh (1:6.0p1-3) unstable; urgency=low * debconf template translations: - Add Indonesian (thanks, Andika Triwidada; closes: #681670). * Call restorecon on copied ~/.ssh/authorized_keys if possible, since some SELinux policies require this (closes: #658675). * Add ncurses-term to openssh-server's Recommends, since it's often needed to support unusual terminal emulators on clients (closes: #675362). -- Colin Watson Fri, 24 Aug 2012 06:55:36 +0100 openssh (1:6.0p1-2) unstable; urgency=low * Tighten libssl1.0.0 and libcrypto1.0.0-udeb dependencies to the current "fix" version at build time (closes: #678661). -- Colin Watson Sun, 24 Jun 2012 12:16:06 +0100 openssh (1:6.0p1-1) unstable; urgency=low [ Roger Leigh ] * Display dynamic part of MOTD from /run/motd.dynamic, if it exists (closes: #669699). [ Colin Watson ] * Update OpenSSH FAQ to revision 1.113, fixing missing line break (closes: #669667). * New upstream release (closes: #671010, http://www.openssh.org/txt/release-6.0). - Fix IPQoS not being set on non-mapped v4-in-v6 addressed connections (closes: #643312, #650512, #671075). - Add a new privilege separation sandbox implementation for Linux's new seccomp sandbox, automatically enabled on platforms that support it. (Note: privilege separation sandboxing is still experimental.) * Fix a bashism in configure's seccomp_filter check. * Add a sandbox fallback mechanism, so that behaviour on Linux depends on whether the running system's kernel has seccomp_filter support, not the build system's kernel (forwarded upstream as https://bugzilla.mindrot.org/show_bug.cgi?id=2011). -- Colin Watson Sat, 26 May 2012 13:48:14 +0100 openssh (1:5.9p1-5) unstable; urgency=low * Use dpkg-buildflags, including for hardening support; drop use of hardening-includes. * Fix cross-building: - Allow using a cross-architecture pkg-config. - Pass default LDFLAGS to contrib/Makefile. - Allow dh_strip to strip gnome-ssh-askpass, rather than calling 'install -s'. -- Colin Watson Mon, 02 Apr 2012 11:20:33 +0100 openssh (1:5.9p1-4) unstable; urgency=low * Disable OpenSSL version check again, as its SONAME is sufficient nowadays (closes: #664383). -- Colin Watson Mon, 19 Mar 2012 11:06:30 +0000 openssh (1:5.9p1-3) unstable; urgency=low * debconf template translations: - Update Polish (thanks, Michał Kułach; closes: #659829). * Ignore errors writing to console in init script (closes: #546743). * Move ssh-krb5 to Section: oldlibs. -- Colin Watson Fri, 24 Feb 2012 08:56:18 +0000 openssh (1:5.9p1-2) unstable; urgency=low * Mark openssh-client and openssh-server as Multi-Arch: foreign. -- Colin Watson Wed, 09 Nov 2011 02:06:48 +0000 openssh (1:5.9p1-1) unstable; urgency=low * New upstream release (http://www.openssh.org/txt/release-5.9). - Introduce sandboxing of the pre-auth privsep child using an optional sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables mandatory restrictions on the syscalls the privsep child can perform. - Add new SHA256-based HMAC transport integrity modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt. - The pre-authentication sshd(8) privilege separation slave process now logs via a socket shared with the master process, avoiding the need to maintain /dev/log inside the chroot (closes: #75043, #429243, #599240). - ssh(1) now warns when a server refuses X11 forwarding (closes: #504757). - sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, separated by whitespace (closes: #76312). The authorized_keys2 fallback is deprecated but documented (closes: #560156). - ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4 ToS/DSCP (closes: #498297). - ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add - < /path/to/key" (closes: #229124). - Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691). - Say "required" rather than "recommended" in unprotected-private-key warning (LP: #663455). * Update OpenSSH FAQ to revision 1.112. -- Colin Watson Wed, 07 Sep 2011 23:46:00 +0100 openssh (1:5.8p1-7) unstable; urgency=low * Only recommend ssh-import-id when built on Ubuntu (closes: #635887). * Use 'dpkg-vendor --derives-from Ubuntu' to detect Ubuntu systems rather than 'lsb_release -is' so that Ubuntu derivatives behave the same way as Ubuntu itself. -- Colin Watson Fri, 29 Jul 2011 14:27:52 +0100 openssh (1:5.8p1-6) unstable; urgency=low * openssh-client and openssh-server Suggests: monkeysphere. * Quieten logs when multiple from= restrictions are used in different authorized_keys lines for the same key; it's still not ideal, but at least you'll only get one log entry per key (closes: #630606). * Merge from Ubuntu (Dustin Kirkland): - openssh-server Recommends: ssh-import-id (no-op in Debian since that package doesn't exist there, but this reduces the Ubuntu delta). -- Colin Watson Thu, 28 Jul 2011 17:10:18 +0100 openssh (1:5.8p1-5) unstable; urgency=low * Drop openssh-server's dependency on openssh-blacklist to a recommendation (closes: #622604). * Update Vcs-* fields and README.source for Alioth changes. * Backport from upstream: - Make hostbased auth with ECDSA keys work correctly (closes: #633368). -- Colin Watson Sun, 24 Jul 2011 11:06:47 +0100 openssh (1:5.8p1-4) unstable; urgency=low * Drop hardcoded dependencies on libssl0.9.8 and libcrypto0.9.8-udeb, since the required minimum versions are rather old now anyway and openssl has bumped its SONAME (thanks, Julien Cristau; closes: #620828). * Remove unreachable code from openssh-server.postinst. -- Colin Watson Mon, 04 Apr 2011 15:56:18 +0100 openssh (1:5.8p1-3) unstable; urgency=low * Correct ssh-keygen instruction in the changelog for 1:5.7p1-1 (thanks, Joel Stanley). * Allow ssh-add to read from FIFOs (thanks, Daniel Kahn Gillmor; closes: #614897). -- Colin Watson Fri, 18 Mar 2011 16:42:42 +0000 openssh (1:5.8p1-2) unstable; urgency=low * Upload to unstable. -- Colin Watson Tue, 08 Feb 2011 10:59:17 +0000 openssh (1:5.8p1-1) experimental; urgency=low * New upstream release (http://www.openssh.org/txt/release-5.8): - Fix stack information leak in legacy certificate signing (http://www.openssh.com/txt/legacy-cert.adv). -- Colin Watson Sat, 05 Feb 2011 11:13:11 +0000 openssh (1:5.7p1-2) experimental; urgency=low * Fix crash in ssh_selinux_setfscreatecon when SELinux is disabled (LP: #708571). -- Colin Watson Thu, 27 Jan 2011 12:14:17 +0000 openssh (1:5.7p1-1) experimental; urgency=low * New upstream release (http://www.openssh.org/txt/release-5.7): - Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. - sftp(1)/sftp-server(8): add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command. - scp(1): Add a new -3 option to scp: Copies between two remote hosts are transferred through the local host (closes: #508613). - ssh(1): "atomically" create the listening mux socket by binding it on a temporary name and then linking it into position after listen() has succeeded. This allows the mux clients to determine that the server socket is either ready or stale without races (closes: #454784). Stale server sockets are now automatically removed (closes: #523250). - ssh(1): install a SIGCHLD handler to reap expired child process (closes: #594687). - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent temporary directories (closes: #357469, although only if you arrange for ssh-agent to actually see $TMPDIR since the setgid bit will cause it to be stripped off). * Update to current GSSAPI patch from http://www.sxw.org.uk/computing/patches/openssh-5.7p1-gsskex-all-20110125.patch: - Add GSSAPIServerIdentity option. * Generate ECDSA host keys on fresh installations. Upgraders who wish to add such host keys should manually add 'HostKey /etc/ssh/ssh_host_ecdsa_key' to /etc/ssh/sshd_config and run 'ssh-keygen -q -f /etc/ssh/ssh_host_ecdsa_key -N "" -t ecdsa'. * Build-depend on libssl-dev (>= 0.9.8g) to ensure sufficient ECC support. * Backport SELinux build fix from CVS. * Rearrange selinux-role.patch so that it links properly given this SELinux build fix. -- Colin Watson Wed, 26 Jan 2011 23:48:02 +0000 openssh (1:5.6p1-3) experimental; urgency=low * Drop override for desktop-file-but-no-dh_desktop-call, which Lintian no longer issues. * Merge 1:5.5p1-6. -- Colin Watson Thu, 30 Dec 2010 11:48:00 +0000 openssh (1:5.6p1-2) experimental; urgency=low * Backport upstream patch to install a SIGCHLD handler to reap expired ssh child processes, preventing lots of zombies when using ControlPersist (closes: #594687). -- Colin Watson Tue, 26 Oct 2010 14:46:40 +0100 openssh (1:5.6p1-1) experimental; urgency=low * New upstream release (http://www.openssh.com/txt/release-5.6): - Added a ControlPersist option to ssh_config(5) that automatically starts a background ssh(1) multiplex master when connecting. This connection can stay alive indefinitely, or can be set to automatically close after a user-specified duration of inactivity (closes: #335697, #350898, #454787, #500573, #550262). - Support AuthorizedKeysFile, AuthorizedPrincipalsFile, HostbasedUsesNameFromPacketOnly, and PermitTunnel in sshd_config(5) Match blocks (closes: #549858). - sftp(1): fix ls in working directories that contain globbing characters in their pathnames (LP: #530714). -- Colin Watson Tue, 24 Aug 2010 00:37:54 +0100 openssh (1:5.5p1-6) unstable; urgency=low * Touch /var/run/sshd/.placeholder in the preinst so that /var/run/sshd, which is intentionally no longer shipped in the openssh-server package due to /var/run often being a temporary directory, is not removed on upgrade (closes: #575582). -- Colin Watson Sun, 26 Dec 2010 18:09:29 +0000 openssh (1:5.5p1-5) unstable; urgency=low * Use an architecture wildcard for libselinux1-dev (closes: #591740). * debconf template translations: - Update Danish (thanks, Joe Hansen; closes: #592800). -- Colin Watson Mon, 23 Aug 2010 22:59:03 +0100 openssh (1:5.5p1-4) unstable; urgency=low [ Sebastian Andrzej Siewior ] * Add powerpcspe to architecture list for libselinux1-dev build-dependency (closes: #579843). [ Colin Watson ] * Allow ~/.ssh/authorized_keys and other secure files to be group-writable, provided that the group in question contains only the file's owner; this extends a patch previously applied to ~/.ssh/config (closes: #581919). * Check primary group memberships as well as supplementary group memberships, and only allow group-writability by groups with exactly one member, as zero-member groups are typically used by setgid binaries rather than being user-private groups (closes: #581697). -- Colin Watson Sat, 22 May 2010 23:37:20 +0100 openssh (1:5.5p1-3) unstable; urgency=low * Discard error messages while checking whether rsh, rlogin, and rcp alternatives exist (closes: #579285). * Drop IDEA key check; I don't think it works properly any more due to textual changes in error output, it's only relevant for direct upgrades from truly ancient versions, and it breaks upgrades if /etc/ssh/ssh_host_key can't be loaded (closes: #579570). -- Colin Watson Wed, 28 Apr 2010 22:12:47 +0100 openssh (1:5.5p1-2) unstable; urgency=low * Use dh_installinit -n, since our maintainer scripts already handle this more carefully (thanks, Julien Cristau). -- Colin Watson Sat, 17 Apr 2010 12:55:56 +0100 openssh (1:5.5p1-1) unstable; urgency=low * New upstream release: - Unbreak sshd_config's AuthorizedKeysFile option for $HOME-relative paths. - Include a language tag when sending a protocol 2 disconnection message. - Make logging of certificates used for user authentication more clear and consistent between CAs specified using TrustedUserCAKeys and authorized_keys. -- Colin Watson Fri, 16 Apr 2010 10:27:30 +0100 openssh (1:5.4p1-2) unstable; urgency=low * Borrow patch from Fedora to add DNSSEC support: if glibc 2.11 is installed, the host key is published in an SSHFP RR secured with DNSSEC, and VerifyHostKeyDNS=yes, then ssh will no longer prompt for host key verification (closes: #572049). * Convert to dh(1), and use dh_installdocs --link-doc. * Drop lpia support, since Ubuntu no longer supports this architecture. * Use dh_install more effectively. * Add a NEWS.Debian entry about changes in smartcard support relative to previous unofficial builds (closes: #231472). -- Colin Watson Sat, 10 Apr 2010 01:08:59 +0100 openssh (1:5.4p1-1) unstable; urgency=low * New upstream release (LP: #535029). - After a transition period of about 10 years, this release disables SSH protocol 1 by default. Clients and servers that need to use the legacy protocol must explicitly enable it in ssh_config / sshd_config or on the command-line. - Remove the libsectok/OpenSC-based smartcard code and add support for PKCS#11 tokens. This support is enabled by default in the Debian packaging, since it now doesn't involve additional library dependencies (closes: #231472, LP: #16918). - Add support for certificate authentication of users and hosts using a new, minimal OpenSSH certificate format (closes: #482806). - Added a 'netcat mode' to ssh(1): "ssh -W host:port ...". - Add the ability to revoke keys in sshd(8) and ssh(1). (For the Debian package, this overlaps with the key blacklisting facility added in openssh 1:4.7p1-9, but with different file formats and slightly different scopes; for the moment, I've roughly merged the two.) - Various multiplexing improvements, including support for requesting port-forwardings via the multiplex protocol (closes: #360151). - Allow setting an explicit umask on the sftp-server(8) commandline to override whatever default the user has (closes: #496843). - Many sftp client improvements, including tab-completion, more options, and recursive transfer support for get/put (LP: #33378). The old mget/mput commands never worked properly and have been removed (closes: #270399, #428082). - Do not prompt for a passphrase if we fail to open a keyfile, and log the reason why the open failed to debug (closes: #431538). - Prevent sftp from crashing when given a "-" without a command. Also, allow whitespace to follow a "-" (closes: #531561). * Fix 'debian/rules quilt-setup' to avoid writing .orig files if some patches apply with offsets. * Include debian/ssh-askpass-gnome.png in the Debian tarball now that we're using a source format that permits this, rather than messing around with uudecode. * Drop compatibility with the old gssapi mechanism used in ssh-krb5 << 3.8.1p1-1. Simon Wilkinson refused this patch since the old gssapi mechanism was removed due to a serious security hole, and since these versions of ssh-krb5 are no longer security-supported by Debian I don't think there's any point keeping client compatibility for them. * Fix substitution of ETC_PAM_D_SSH, following the rename in 1:4.7p1-4. * Hardcode the location of xauth to /usr/bin/xauth rather than /usr/bin/X11/xauth (thanks, Aron Griffis; closes: #575725, LP: #8440). xauth no longer depends on x11-common, so we're no longer guaranteed to have the /usr/bin/X11 symlink available. I was taking advantage of the /usr/bin/X11 symlink to smooth X's move to /usr/bin, but this is far enough in the past now that it's probably safe to just use /usr/bin. * Remove SSHD_OOM_ADJUST configuration. sshd now unconditionally makes itself non-OOM-killable, and doesn't require configuration to avoid log spam in virtualisation containers (closes: #555625). * Drop Debian-specific removal of OpenSSL version check. Upstream ignores the two patchlevel nybbles now, which is sufficient to address the original reason this change was introduced, and it appears that any change in the major/minor/fix nybbles would involve a new libssl package name. (We'd still lose if the status nybble were ever changed, but that would mean somebody had packaged a development/beta version rather than a proper release, which doesn't appear to be normal practice.) * Drop most of our "LogLevel SILENT" (-qq) patch. This was originally introduced to match the behaviour of non-free SSH, in which -q does not suppress fatal errors, but matching the behaviour of OpenSSH upstream is much more important nowadays. We no longer document that -q does not suppress fatal errors (closes: #280609). Migrate "LogLevel SILENT" to "LogLevel QUIET" in sshd_config on upgrade. * Policy version 3.8.4: - Add a Homepage field. -- Colin Watson Tue, 06 Apr 2010 22:38:31 +0100 openssh (1:5.3p1-3) unstable; urgency=low * Convert to source format 3.0 (quilt). * Update README.source to match, and add a 'quilt-setup' target to debian/rules for the benefit of those checking out the package from revision control. * All patches are now maintained separately and tagged according to DEP-3. * Add GSSAPIStoreCredentialsOnRekey to 'sshd -T' configuration dump. * Remove documentation of building for Debian 3.0 in README.Debian. Support for this was removed in 1:4.7p1-2. * Remove obsolete header from README.Debian dating from when people expected non-free SSH. * Update copyright years for GSSAPI patch. -- Colin Watson Sun, 28 Feb 2010 01:35:53 +0000 openssh (1:5.3p1-2) unstable; urgency=low * Link with -Wl,--as-needed (closes: #560155). * Install upstream sshd_config as an example (closes: #415008). * Use dh_lintian. * Honour DEB_BUILD_OPTIONS=nocheck. -- Colin Watson Mon, 22 Feb 2010 12:43:24 +0000 openssh (1:5.3p1-1) unstable; urgency=low * New upstream release. * Update to GSSAPI patch from http://www.sxw.org.uk/computing/patches/openssh-5.3p1-gsskex-all-20100124.patch. * Backport from upstream: - Do not fall back to adding keys without constraints (ssh-add -c / -t ...) when the agent refuses the constrained add request. This was a useful migration measure back in 2002 when constraints were new, but just adds risk now (LP: #209447). * Drop change from 1:3.8p1-3 to avoid setresuid() and setresgid() system calls. This only applied to Linux 2.2, which it's no longer feasible to run anyway (see 1:5.2p1-2 changelog). -- Colin Watson Tue, 26 Jan 2010 11:55:29 +0000 openssh (1:5.2p1-2) unstable; urgency=low [ Colin Watson ] * Backport from upstream: - After sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs itself. Prevents two HUPs in quick succession from resulting in sshd dying (LP: #497781). - Output a debug if we can't open an existing keyfile (LP: #505301). * Use host compiler for ssh-askpass-gnome when cross-compiling. * Don't run tests when cross-compiling. * Drop change from 1:3.6.1p2-5 to disable cmsg_type check for file descriptor passing when running on Linux 2.0. The previous stable release of Debian dropped support for Linux 2.4, let alone 2.0, so this very likely has no remaining users depending on it. [ Kees Cook ] * Implement DebianBanner server configuration flag that can be set to "no" to allow sshd to run without the Debian-specific extra version in the initial protocol handshake (closes: #562048). -- Colin Watson Sat, 16 Jan 2010 01:28:58 +0000 openssh (1:5.2p1-1) unstable; urgency=low * New upstream release (closes: #536182). Yes, I know 5.3p1 has been out for a while, but there's no GSSAPI patch available for it yet. - Change the default cipher order to prefer the AES CTR modes and the revised "arcfour256" mode to CBC mode ciphers that are susceptible to CPNI-957037 "Plaintext Recovery Attack Against SSH". - Add countermeasures to mitigate CPNI-957037-style attacks against the SSH protocol's use of CBC-mode ciphers. Upon detection of an invalid packet length or Message Authentication Code, ssh/sshd will continue reading up to the maximum supported packet length rather than immediately terminating the connection. This eliminates most of the known differences in behaviour that leaked information about the plaintext of injected data which formed the basis of this attack (closes: #506115, LP: #379329). - ForceCommand directive now accepts commandline arguments for the internal-sftp server (closes: #524423, LP: #362511). - Add AllowAgentForwarding to available Match keywords list (closes: #540623). - Make ssh(1) send the correct channel number for SSH2_MSG_CHANNEL_SUCCESS and SSH2_MSG_CHANNEL_FAILURE messages to avoid triggering 'Non-public channel' error messages on sshd(8) in openssh-5.1. - Avoid printing 'Non-public channel' warnings in sshd(8), since the ssh(1) has sent incorrect channel numbers since ~2004 (this reverts a behaviour introduced in openssh-5.1; closes: #496017). - Disable nonfunctional ssh(1) ~C escape handler in multiplex slave connections (closes: #507541). - Fix "whitepsace" typo in ssh_config(5) (closes: #514313, LP: #303835). * Update to GSSAPI patch from http://www.sxw.org.uk/computing/patches/openssh-5.2p1-gsskex-all-20090726.patch, including cascading credentials support (LP: #416958). * Use x11.pc when compiling/linking gnome-ssh-askpass2 (closes: #555951). * Moved to bzr.debian.org; add Vcs-Bzr and Vcs-Browser control fields. * Add debian/README.source with instructions on bzr handling. * Make ChrootDirectory work with SELinux (thanks, Russell Coker; closes: #556644). * Initialise sc to NULL in ssh_selinux_getctxbyname (thanks, Václav Ovsík; closes: #498684). * Don't duplicate backslashes when displaying server banner (thanks, Michał Górny; closes: #505378, LP: #425346). * Use hardening-includes for hardening logic (thanks, Kees Cook; closes: #561887). * Update OpenSSH FAQ to revision 1.110. * Remove ssh/new_config, only needed for direct upgrades from potato which are no longer particularly feasible anyway (closes: #420682). * Cope with insserv reordering of init script links. * Remove init script stop link in rc1, as killprocs handles it already. * Adjust short descriptions to avoid relying on previous experience with rsh, based on suggestions from Reuben Thomas (closes: #512198). * Remove manual page references to login.conf, which aren't applicable on non-BSD systems (closes: #154434). * Remove/adjust manual page references to BSD-specific /etc/rc (closes: #513417). * Refer to sshd_config(5) rather than sshd(8) in postinst-written /etc/ssh/sshd_config, and add UsePAM commentary from upstream-shipped configuration file (closes: #415008, although unfortunately this will only be conveniently visible on new installations). * Include URL to OpenBSD's ssl(8) in ssh(1), since I don't see a better source for the same information among Debian's manual pages (closes: #530692, LP: #456660). -- Colin Watson Mon, 04 Jan 2010 13:23:35 +0000 openssh (1:5.1p1-8) unstable; urgency=low * Build with just -fPIC on mips/mipsel, not -fPIE as well (thanks, LIU Qi; closes: #538313). * Build-depend on libselinux1-dev on sh4 too (thanks, Nobuhiro Iwamatsu; closes: #547103). * Fix grammar in if-up script (closes: #549128). * Pass $SSHD_OPTS when checking configuration too (thanks, "sobtwmxt"; closes: #548662). -- Colin Watson Mon, 05 Oct 2009 13:30:49 +0100 openssh (1:5.1p1-7) unstable; urgency=low * Update config.guess and config.sub from autotools-dev 20090611.1 (closes: #538301). * Set umask to 022 in the init script as well as postinsts (closes: #539030). * Add ${misc:Depends} to keep Lintian happy. * Use 'which' rather than 'type' in maintainer scripts. * Upgrade to debhelper v7. -- Colin Watson Fri, 31 Jul 2009 16:28:10 +0100 openssh (1:5.1p1-6) unstable; urgency=low * Open /proc/self/oom_adj with O_RDONLY or O_WRONLY as necessary, rather than O_RDWR. * Disable OOM adjustment for vserver/OpenVZ (thanks, Karl Chen; closes: #511771). * Add ufw integration (thanks, Didier Roche; see https://wiki.ubuntu.com/UbuntuFirewall#Integrating%20UFW%20with%20Packages; LP: #261884). * Add a comment above PermitRootLogin in sshd_config pointing to README.Debian. * Check if delgroup is present in openssh-client.postrm (closes: #530501). * Build with -fPIC on mips/mipsel (thanks, Luk Claes; closes: #531942). * Remove /var/run/sshd from openssh-server package; it will be created at run-time before starting the server. * Use invoke-rc.d in openssh-server's if-up script. -- Colin Watson Fri, 05 Jun 2009 11:56:03 +0100 openssh (1:5.1p1-5) unstable; urgency=low * Backport from upstream CVS (Markus Friedl): - packet_disconnect() on padding error, too. Should reduce the success probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18. * Check that /var/run/sshd.pid exists and that the process ID listed there corresponds to sshd before running '/etc/init.d/ssh reload' from if-up script; SIGHUP is racy if called at boot before sshd has a chance to install its signal handler, but fortunately the pid file is written after that which lets us avoid the race (closes: #502444). * While the above is a valuable sanity-check, it turns out that it doesn't really fix the bug (thanks to Kevin Price for testing), so for the meantime we'll just use '/etc/init.d/ssh restart', even though it is unfortunately heavyweight. -- Colin Watson Wed, 14 Jan 2009 00:34:08 +0000 openssh (1:5.1p1-4) unstable; urgency=low * ssh-copy-id: Strip trailing colons from hostname (closes: #226172, LP: #249706; thanks to Karl Goetz for nudging this along; forwarded upstream as https://bugzilla.mindrot.org/show_bug.cgi?id=1530). * Backport from upstream CVS (Markus Friedl): - Only send eow and no-more-sessions requests to openssh 5 and newer; fixes interop problems with broken ssh v2 implementations (closes: #495917). * Fix double-free when failing to parse a forwarding specification given using ~C (closes: #505330; forwarded upstream as https://bugzilla.mindrot.org/show_bug.cgi?id=1539). -- Colin Watson Sun, 23 Nov 2008 14:46:10 +0000 openssh (1:5.1p1-3) unstable; urgency=low * Remove unnecessary ssh-vulnkey output in non-verbose mode when no compromised or unknown keys were found (closes: #496495). * Configure with --disable-strip; dh_strip will deal with stripping binaries and will honour DEB_BUILD_OPTIONS (thanks, Bernhard R. Link; closes: #498681). * Fix handling of zero-length server banners (thanks, Tomas Mraz; closes: #497026). -- Colin Watson Tue, 30 Sep 2008 23:09:58 +0100 openssh (1:5.1p1-2) unstable; urgency=low * Look for $SHELL on the path when executing ProxyCommands or LocalCommands (closes: #492728). -- Colin Watson Tue, 29 Jul 2008 15:31:25 +0100 openssh (1:5.1p1-1) unstable; urgency=low * New upstream release (closes: #474301). Important changes not previously backported to 4.7p1: - 4.9/4.9p1 (http://www.openssh.com/txt/release-4.9): + Added chroot(2) support for sshd(8), controlled by a new option "ChrootDirectory" (closes: #139047, LP: #24777). + Linked sftp-server(8) into sshd(8). The internal sftp server is used when the command "internal-sftp" is specified in a Subsystem or ForceCommand declaration. When used with ChrootDirectory, the internal sftp server requires no special configuration of files inside the chroot environment. + Added a protocol extension method "posix-rename@openssh.com" for sftp-server(8) to perform POSIX atomic rename() operations; sftp(1) prefers this if available (closes: #308561). + Removed the fixed limit of 100 file handles in sftp-server(8). + ssh(8) will now skip generation of SSH protocol 1 ephemeral server keys when in inetd mode and protocol 2 connections are negotiated. This speeds up protocol 2 connections to inetd-mode servers that also allow Protocol 1. + Accept the PermitRootLogin directive in a sshd_config(5) Match block. Allows for, e.g. permitting root only from the local network. + Reworked sftp(1) argument splitting and escaping to be more internally consistent (i.e. between sftp commands) and more consistent with sh(1). Please note that this will change the interpretation of some quoted strings, especially those with embedded backslash escape sequences. + Support "Banner=none" in sshd_config(5) to disable sending of a pre-login banner (e.g. in a Match block). + ssh(1) ProxyCommands are now executed with $SHELL rather than /bin/sh. + ssh(1)'s ConnectTimeout option is now applied to both the TCP connection and the SSH banner exchange (previously it just covered the TCP connection). This allows callers of ssh(1) to better detect and deal with stuck servers that accept a TCP connection but don't progress the protocol, and also makes ConnectTimeout useful for connections via a ProxyCommand. + scp(1) incorrectly reported "stalled" on slow copies (closes: #140828). + scp(1) date underflow for timestamps before epoch. + ssh(1) used the obsolete SIG DNS RRtype for host keys in DNS, instead of the current standard RRSIG. + Correctly drain ACKs when a sftp(1) upload write fails midway, avoids a fatal() exit from what should be a recoverable condition. + Fixed ssh-keygen(1) selective host key hashing (i.e. "ssh-keygen -HF hostname") to not include any IP address in the data to be hashed. + Make ssh(1) skip listening on the IPv6 wildcard address when a binding address of 0.0.0.0 is used against an old SSH server that does not support the RFC4254 syntax for wildcard bind addresses. + Enable IPV6_V6ONLY socket option on sshd(8) listen socket, as is already done for X11/TCP forwarding sockets (closes: #439661). + Fix FD leak that could hang a ssh(1) connection multiplexing master. + Make ssh(1) -q option documentation consistent with reality. + Fixed sshd(8) PAM support not calling pam_session_close(), or failing to call it with root privileges (closes: #372680). + Fix activation of OpenSSL engine support when requested in configure (LP: #119295). + Cache SELinux status earlier so we know if it's enabled after a chroot (LP: #237557). - 5.1/5.1p1 (http://www.openssh.com/txt/release-5.1): + Introduce experimental SSH Fingerprint ASCII Visualisation to ssh(1) and ssh-keygen(1). Visual fingerprint display is controlled by a new ssh_config(5) option "VisualHostKey". The intent is to render SSH host keys in a visual form that is amenable to easy recall and rejection of changed host keys. + sshd_config(5) now supports CIDR address/masklen matching in "Match address" blocks, with a fallback to classic wildcard matching. + sshd(8) now supports CIDR matching in ~/.ssh/authorized_keys from="..." restrictions, also with a fallback to classic wildcard matching. + Added an extended test mode (-T) to sshd(8) to request that it write its effective configuration to stdout and exit. Extended test mode also supports the specification of connection parameters (username, source address and hostname) to test the application of sshd_config(5) Match rules. + ssh(1) now prints the number of bytes transferred and the overall connection throughput for SSH protocol 2 sessions when in verbose mode (previously these statistics were displayed for protocol 1 connections only). + sftp-server(8) now supports extension methods statvfs@openssh.com and fstatvfs@openssh.com that implement statvfs(2)-like operations. + sftp(1) now has a "df" command to the sftp client that uses the statvfs@openssh.com to produce a df(1)-like display of filesystem space and inode utilisation (requires statvfs@openssh.com support on the server). + Added a MaxSessions option to sshd_config(5) to allow control of the number of multiplexed sessions supported over a single TCP connection. This allows increasing the number of allowed sessions above the previous default of 10, disabling connection multiplexing (MaxSessions=1) or disallowing login/shell/subsystem sessions entirely (MaxSessions=0). + Added a no-more-sessions@openssh.com global request extension that is sent from ssh(1) to sshd(8) when the client knows that it will never request another session (i.e. when session multiplexing is disabled). This allows a server to disallow further session requests and terminate the session in cases where the client has been hijacked. + ssh-keygen(1) now supports the use of the -l option in combination with -F to search for a host in ~/.ssh/known_hosts and display its fingerprint. + ssh-keyscan(1) now defaults to "rsa" (protocol 2) keys, instead of "rsa1" (LP: #129794). + Added an AllowAgentForwarding option to sshd_config(8) to control whether authentication agent forwarding is permitted. Note that this is a loose control, as a client may install their own unofficial forwarder. + ssh(1) and sshd(8): avoid unnecessary malloc/copy/free when receiving network data, resulting in a ~10% speedup. + ssh(1) and sshd(8) will now try additional addresses when connecting to a port forward destination whose DNS name resolves to more than one address. The previous behaviour was to try the only first address and give up if that failed. + ssh(1) and sshd(8) now support signalling that channels are half-closed for writing, through a channel protocol extension notification "eow@openssh.com". This allows propagation of closed file descriptors, so that commands such as "ssh -2 localhost od /bin/ls | true" do not send unnecessary data over the wire. + sshd(8): increased the default size of ssh protocol 1 ephemeral keys from 768 to 1024 bits. + When ssh(1) has been requested to fork after authentication ("ssh -f") with ExitOnForwardFailure enabled, delay the fork until after replies for any -R forwards have been seen. Allows for robust detection of -R forward failure when using -f. + "Match group" blocks in sshd_config(5) now support negation of groups. E.g. "Match group staff,!guests". + sftp(1) and sftp-server(8) now allow chmod-like operations to set set[ug]id/sticky bits. + The MaxAuthTries option is now permitted in sshd_config(5) match blocks. + Multiplexed ssh(1) sessions now support a subset of the ~ escapes that are available to a primary connection. + ssh(1) connection multiplexing will now fall back to creating a new connection in most error cases (closes: #352830). + Make ssh(1) deal more gracefully with channel requests that fail. Previously it would optimistically assume that requests would always succeed, which could cause hangs if they did not (e.g. when the server runs out of file descriptors). + ssh(1) now reports multiplexing errors via the multiplex slave's stderr where possible (subject to LogLevel in the mux master). + Fixed an UMAC alignment problem that manifested on Itanium platforms. * Remove our local version of moduli(5) now that there's one upstream. * Say "GTK+" rather than "GTK" in ssh-askpass-gnome's description. * Add lintian overrides for empty /usr/share/doc/openssh-client directories in openssh-server and ssh (necessary due to being symlink targets). * Merge from Ubuntu: - Add 'status' action to openssh-server init script, requiring lsb-base (>= 3.2-13) (thanks, Dustin Kirkland). * debconf template translations: - Update Korean (thanks, Sunjae Park; closes: #484821). -- Colin Watson Fri, 25 Jul 2008 10:45:08 +0100 openssh (1:4.7p1-13) unstable; urgency=low * Add some helpful advice to the end of ssh-vulnkey's output if there are unknown or compromised keys (thanks, Dan Jacobson; closes: #483756). * Check compromised key blacklist in ssh or ssh-add, as well as in the server (LP: #232391). To override the blacklist check in ssh temporarily, use 'ssh -o UseBlacklistedKeys=yes'; there is no override for the blacklist check in ssh-add. * Add cross-references to ssh-vulnkey(1) to ssh(1), ssh-add(1), ssh-keygen(1), and sshd(8) (closes: #484451). * Change openssh-client-udeb's Installer-Menu-Item from 99900 to 99999 (thanks, Frans Pop). * Drop openssh-client-udeb isinstallable hack, as main-menu (>= 1.26) now takes care of that (thanks, Frans Pop; closes: #484404). * Update DEB_BUILD_OPTIONS parsing code from policy 3.8.0. * Add documentation on removing openssh-blacklist locally (see #484269). * Clarify documentation of SSHD_OOM_ADJUST, and make setting it to the empty string actually skip adjustment as intended (closes: #487325). * Remove empty /usr/share/applications directory in ssh-askpass-gnome. * debconf template translations: - Update Romanian (thanks, Cătălin Feștilă; closes: #485415). -- Colin Watson Mon, 21 Jul 2008 12:18:28 +0100 openssh (1:4.7p1-12) unstable; urgency=low * Fill in CVE identifier for ssh-vulnkey bug fixed in 1:4.7p1-10. * Refactor rejection of blacklisted user keys into a single reject_blacklisted_key function in auth.c (thanks, Dmitry V. Levin). * Fix memory leak of blacklisted host keys (thanks, Dmitry V. Levin). * debconf template translations: - Update Dutch (thanks, Bart Cornelis; closes: #483004). - Update Brazilian Portuguese (thanks, Eder L. Marques; closes: #483142). - Update Slovak (thanks, Ivan Masár; closes: #483517). -- Colin Watson Thu, 29 May 2008 21:41:29 +0100 openssh (1:4.7p1-11) unstable; urgency=low * Make init script depend on $syslog, and fix some other dependency glitches (thanks, Petter Reinholdtsen; closes: #481018). * Remove 0 and 6 from Default-Stop in init script (thanks, Kel Modderman; closes: #481151). * Restore OOM killer adjustment for child processes (thanks, Vaclav Ovsik; closes: #480020). * Allow building with heimdal-dev (LP: #125805). * Check RSA1 keys without the need for a separate blacklist. Thanks to Simon Tatham for the idea. * Generate two keys with the PID forced to the same value and test that they differ, to defend against recurrences of the recent Debian OpenSSL vulnerability. * Recommend openssh-blacklist from openssh-client (closes: #481187). * Recommend openssh-blacklist-extra from openssh-client and openssh-server. * Make ssh-vulnkey report the file name and line number for each key (thanks, Heiko Schlittermann and Christopher Perry; closes: #481398). * Check for blacklists in /usr/share/ssh/ as well as /etc/ssh/ (see #481283). * Log IP addresses of hosts attempting to use blacklisted keys (closes: #481721). * Incorporate various ssh-vulnkey suggestions from Hugh Daniel: - Add -v (verbose) option, and don't print output for keys that have a blacklist file but that are not listed unless in verbose mode. - Move exit status documentation to a separate section. - Document key status descriptions. - Add key type to output. - Fix error output if ssh-vulnkey fails to read key files, with the exception of host keys unless -a was given. - In verbose mode, output the name of each file examined. * Handle leading IP addresses in ssh-vulnkey input (LP: #230497). * Fix various ssh-vulnkey problems pointed out by Solar Designer: - Fix some buffer handling inconsistencies. - Use xasprintf to build user key file names, avoiding truncation problems. - Drop to the user's UID when reading user keys with -a. - Use EUID rather than UID when run with no file names and without -a. - Reword "Unknown (no blacklist information)" to "Unknown (blacklist file not installed)". * Fix typo in ssh/vulnerable_host_keys message (thanks, Esko Arajärvi). * debconf template translations: - Update Finnish (thanks, Esko Arajärvi; closes: #481530). - Update French (thanks, Christian Perrier; closes: #481576). - Update Norwegian Bokmål (thanks, Bjørn Steensrud; closes: #481591). - Update Galician (thanks, Jacobo Tarrio; closes: #481596). - Update Japanese (thanks, Kenshi Muto; closes: #481621). - Update Czech (thanks, Miroslav Kure; closes: #481624). - Update German (thanks, Helge Kreutzmann; closes: #481676). - Update Portuguese (thanks, Ricardo Silva; closes: #481781). - Update Basque (thanks, Piarres Beobide; closes: #481836). - Update Bulgarian (thanks, Damyan Ivanov; closes: #481870). - Update Vietnamese (thanks, Clytie Siddall; closes: #481876). - Update Spanish (thanks, Javier Fernandez-Sanguino Peña; closes: #482341). - Update Turkish (thanks, Mert Dirik; closes: #482548). - Update Russian (thanks, Yuri Kozlov; closes: #482887). - Update Swedish (thanks, Martin Bagge; closes: #482464). - Update Italian (thanks, Luca Monducci; closes: #482808). -- Colin Watson Mon, 26 May 2008 12:21:39 +0100 openssh (1:4.7p1-10) unstable; urgency=low * Add a FILES section to ssh-vulnkey(1) (thanks, Hugh Daniel). * CVE-2008-2285: ssh-vulnkey handles options in authorized_keys (LP: #230029), and treats # as introducing a comment even if it is preceded by whitespace. -- Colin Watson Wed, 14 May 2008 12:35:05 +0100 openssh (1:4.7p1-9) unstable; urgency=critical * Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-8. * Mitigate OpenSSL security vulnerability (CVE-2008-0166): - Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.) -- Colin Watson Tue, 13 May 2008 12:33:38 +0100 openssh (1:4.7p1-8) unstable; urgency=high * Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5. * Rename KeepAlive to TCPKeepAlive in sshd_config, cleaning up from old configurations (LP: #211400). * Tweak scp's reporting of filenames in verbose mode to be a bit less confusing with spaces (thanks, Nicolas Valcárcel; LP: #89945). * Backport from 4.9p1: - CVE-2008-1657: Ignore ~/.ssh/rc if a sshd_config ForceCommand is specified. - Add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc. * Backport from Simon Wilkinson's GSSAPI key exchange patch for 5.0p1: - Add code to actually implement GSSAPIStrictAcceptorCheck, which had somehow been omitted from a previous version of this patch (closes: #474246). -- Colin Watson Sun, 06 Apr 2008 12:34:19 +0100 openssh (1:4.7p1-7) unstable; urgency=low * Ignore errors writing to oom_adj (closes: #473573). -- Colin Watson Mon, 31 Mar 2008 16:24:44 +0100 openssh (1:4.7p1-6) unstable; urgency=low * Disable the Linux kernel's OOM-killer for the sshd parent; tweak SSHD_OOM_ADJUST in /etc/default/ssh to change this (closes: #341767). -- Colin Watson Sun, 30 Mar 2008 21:14:12 +0100 openssh (1:4.7p1-5) unstable; urgency=low * Recommends: xauth rather than Suggests: xbase-clients. * Document in ssh(1) that '-S none' disables connection sharing (closes: #471437). * Patch from Red Hat / Fedora: - CVE-2008-1483: Don't use X11 forwarding port which can't be bound on all address families, preventing hijacking of X11 forwarding by unprivileged users when both IPv4 and IPv6 are configured (closes: #463011). * Use printf rather than echo -en (a bashism) in openssh-server.config and openssh-server.preinst. * debconf template translations: - Update Finnish (thanks, Esko Arajärvi; closes: #468563). -- Colin Watson Sat, 22 Mar 2008 12:37:00 +0000 openssh (1:4.7p1-4) unstable; urgency=low [ Caleb Case ] * Fix configure detection of getseuserbyname and get_default_context_with_level (closes: #465614, LP: #188136). [ Colin Watson ] * Include the autogenerated debian/copyright in the source package. * Move /etc/pam.d/ssh to /etc/pam.d/sshd, allowing us to stop defining SSHD_PAM_SERVICE (closes: #255870). -- Colin Watson Wed, 13 Feb 2008 18:18:52 +0000 openssh (1:4.7p1-3) unstable; urgency=low * Improve grammar of ssh-askpass-gnome description. * Backport from upstream: - Use the correct packet maximum sizes for remote port and agent forwarding. Prevents the server from killing the connection if too much data is queued and an excessively large packet gets sent (https://bugzilla.mindrot.org/show_bug.cgi?id=1360). * Allow passing temporary daemon parameters on the init script's command line, e.g. '/etc/init.d/ssh start "-o PermitRootLogin=yes"' (thanks, Marc Haber; closes: #458547). -- Colin Watson Fri, 01 Feb 2008 21:59:59 +0000 openssh (1:4.7p1-2) unstable; urgency=low * Adjust many relative links in faq.html to point to http://www.openssh.org/ (thanks, Dan Jacobson; mentioned in #459807). * Pass --with-mantype=doc to configure rather than build-depending on groff (closes: #460121). * Add armel to architecture list for libselinux1-dev build-dependency (closes: #460136). * Drop source-compatibility with Debian 3.0: - Remove support for building with GNOME 1. This allows simplification of our GNOME build-dependencies (see #460136). - Remove hacks to support the old PAM configuration scheme. - Remove compatibility for building without po-debconf. * Build-depend on libgtk2.0-dev rather than libgnomeui-dev. As far as I can see, the GTK2 version of ssh-askpass-gnome has never required libgnomeui-dev. -- Colin Watson Fri, 11 Jan 2008 00:14:10 +0000 openssh (1:4.7p1-1) unstable; urgency=low * New upstream release (closes: #453367). - CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if creation of an untrusted cookie fails; found and fixed by Jan Pechanec (closes: #444738). - sshd(8) in new installations defaults to SSH Protocol 2 only. Existing installations are unchanged. - The SSH channel window size has been increased, and both ssh(1) sshd(8) now send window updates more aggressively. These improves performance on high-BDP (Bandwidth Delay Product) networks. - ssh(1) and sshd(8) now preserve MAC contexts between packets, which saves 2 hash calls per packet and results in 12-16% speedup for arcfour256/hmac-md5. - A new MAC algorithm has been added, UMAC-64 (RFC4418) as "umac-64@openssh.com". UMAC-64 has been measured to be approximately 20% faster than HMAC-MD5. - Failure to establish a ssh(1) TunnelForward is now treated as a fatal error when the ExitOnForwardFailure option is set. - ssh(1) returns a sensible exit status if the control master goes away without passing the full exit status. - When using a ProxyCommand in ssh(1), set the outgoing hostname with gethostname(2), allowing hostbased authentication to work. - Make scp(1) skip FIFOs rather than hanging (closes: #246774). - Encode non-printing characters in scp(1) filenames. These could cause copies to be aborted with a "protocol error". - Handle SIGINT in sshd(8) privilege separation child process to ensure that wtmp and lastlog records are correctly updated. - Report GSSAPI mechanism in errors, for libraries that support multiple mechanisms. - Improve documentation for ssh-add(1)'s -d option. - Rearrange and tidy GSSAPI code, removing server-only code being linked into the client. - Delay execution of ssh(1)'s LocalCommand until after all forwardings have been established. - In scp(1), do not truncate non-regular files. - Improve exit message from ControlMaster clients. - Prevent sftp-server(8) from reading until it runs out of buffer space, whereupon it would exit with a fatal error (closes: #365541). - pam_end() was not being called if authentication failed (closes: #405041). - Manual page datestamps updated (closes: #433181). * Install the OpenSSH FAQ in /usr/share/doc/openssh-client. - Includes documentation on copying files with colons using scp (closes: #303453). * Create /var/run/sshd on start even if /etc/ssh/sshd_not_to_be_run exists (closes: #453285). * Fix "overriden" typo in ssh(1) (thanks, A. Costa; closes: #390699). * Refactor debian/rules configure and make invocations to make development easier. * Remove the hideously old /etc/ssh/primes on upgrade (closes: #123013). * Update moduli(5) to revision 1.11 from OpenBSD CVS. * Document the non-default options we set as standard in ssh_config(5) and sshd_config(5) (closes: #327886, #345628). * Recode LICENCE to UTF-8 when concatenating it to debian/copyright. * Override desktop-file-but-no-dh_desktop-call lintian warning; the .desktop file is intentionally not installed (see 1:3.8.1p1-10). * Update copyright dates for Kerberos patch in debian/copyright.head. * Policy version 3.7.3: no changes required. -- Colin Watson Mon, 24 Dec 2007 16:43:02 +0000 openssh (1:4.6p1-7) unstable; urgency=low * Don't build PIE executables on m68k (closes: #451192). * Use autotools-dev's recommended configure --build and --host options. * Adjust README.Debian to suggest mailing debian-ssh@lists.debian.org rather than Matthew. * Check whether deluser exists in postrm (closes: #454085). -- Colin Watson Mon, 03 Dec 2007 11:11:02 +0000 openssh (1:4.6p1-6) unstable; urgency=low * Remove blank line between head comment and first template in debian/openssh-server.templates.master; apparently it confuses some versions of debconf. * Install authorized_keys(5) as a symlink to sshd(8) (thanks, Tomas Pospisek; closes: #441817). * Discard error output from dpkg-query in preinsts, in case the ssh metapackage is not installed. * Fix sshd/inittab advice in README.Debian to account for rc.d movement (closes: #450632). * Suppress error from debian/rules if lsb-release is not installed. * Don't ignore errors from 'make -C contrib clean'. * Adjust categories in ssh-askpass-gnome.desktop to comply with the Desktop Menu Specification. * debconf template translations: - Add Slovak (thanks, Ivan Masár; closes: #441690). - Update Brazilian Portuguese (thanks, Eder L. Marques; closes: #447145). -- Colin Watson Mon, 12 Nov 2007 11:47:28 +0000 openssh (1:4.6p1-5) unstable; urgency=low * Identify ssh as a metapackage rather than a transitional package. It's still useful as a quick way to install both the client and the server. * ssh-copy-id now checks the exit status of ssh-add -L (thanks, Adeodato Simó; closes: #221675). * ssh-copy-id no longer prints the output of expr (thanks, Peter Eisentraut; closes: #291534). * ssh-copy-id defaults to ~/.ssh/id_rsa.pub rather than ~/.ssh/identity.pub, in line with ssh-keygen (thanks, Greg Norris; closes: #234627). * Build-depend on libselinux1-dev on lpia. * openssh-client Suggests: keychain. * debconf template translations: - Update Catalan (thanks, Jordà Polo; closes: #431970). -- Colin Watson Mon, 30 Jul 2007 09:34:38 +0100 openssh (1:4.6p1-4) unstable; urgency=low * Don't build PIE executables on hppa, as they crash. -- Colin Watson Thu, 05 Jul 2007 11:06:54 +0100 openssh (1:4.6p1-3) unstable; urgency=low * Only build PIE executables on Linux and NetBSD (closes: #430455). * Fix broken switch fallthrough when SELinux is running in permissive mode (closes: #430838). * Document that HashKnownHosts may break tab-completion (closes: #430154). -- Colin Watson Fri, 29 Jun 2007 07:15:38 +0100 openssh (1:4.6p1-2) unstable; urgency=low * Fix ordering of SYSLOG_LEVEL_QUIET and SYSLOG_LEVEL_FATAL. * Clarify that 'ssh -q -q' still prints errors caused by bad arguments (i.e. before the logging system is initialised). * Suppress "Connection to closed" and "Connection to master closed" messages at loglevel SILENT (thanks, Jaap Eldering; closes: #409788). * Suppress "Pseudo-terminal will not be allocated because stdin is not a terminal" message at loglevels QUIET and SILENT (closes: #366814). * Document the SILENT loglevel in sftp-server(8), ssh_config(5), and sshd_config(5). * Add try-restart action to init script. * Add /etc/network/if-up.d/openssh-server to restart sshd when new interfaces appear (LP: #103436). * Backport from upstream: - Move C/R -> kbdint special case to after the defaults have been loaded, which makes ChallengeResponse default to yes again. This was broken by the Match changes and not fixed properly subsequently (closes: #428968). - Silence spurious error messages from hang-on-exit fix (http://bugzilla.mindrot.org/show_bug.cgi?id=1306, closes: #429531). -- Colin Watson Wed, 20 Jun 2007 11:52:44 +0100 openssh (1:4.6p1-1) unstable; urgency=low * New upstream release (closes: #395507, #397961, #420035). Important changes not previously backported to 4.3p2: - 4.4/4.4p1 (http://www.openssh.org/txt/release-4.4): + On portable OpenSSH, fix a GSSAPI authentication abort that could be used to determine the validity of usernames on some platforms. + Implemented conditional configuration in sshd_config(5) using the "Match" directive. This allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met. So far a useful subset of post-authentication options are supported and more are expected to be added in future releases. + Add support for Diffie-Hellman group exchange key agreement with a final hash of SHA256. + Added a "ForceCommand" directive to sshd_config(5). Similar to the command="..." option accepted in ~/.ssh/authorized_keys, this forces the execution of the specified command regardless of what the user requested. This is very useful in conjunction with the new "Match" option. + Add a "PermitOpen" directive to sshd_config(5). This mirrors the permitopen="..." authorized_keys option, allowing fine-grained control over the port-forwardings that a user is allowed to establish. + Add optional logging of transactions to sftp-server(8). + ssh(1) will now record port numbers for hosts stored in ~/.ssh/known_hosts when a non-standard port has been requested (closes: #50612). + Add an "ExitOnForwardFailure" option to cause ssh(1) to exit (with a non-zero exit code) when requested port forwardings could not be established. + Extend sshd_config(5) "SubSystem" declarations to allow the specification of command-line arguments. + Replacement of all integer overflow susceptible invocations of malloc(3) and realloc(3) with overflow-checking equivalents. + Many manpage fixes and improvements. + Add optional support for OpenSSL hardware accelerators (engines), enabled using the --with-ssl-engine configure option. + Tokens in configuration files may be double-quoted in order to contain spaces (closes: #319639). + Move a debug() call out of a SIGCHLD handler, fixing a hang when the session exits very quickly (closes: #307890). + Fix some incorrect buffer allocation calculations (closes: #410599). + ssh-add doesn't ask for a passphrase if key file permissions are too liberal (closes: #103677). + Likewise, ssh doesn't ask either (closes: #99675). - 4.6/4.6p1 (http://www.openssh.org/txt/release-4.6): + sshd now allows the enabling and disabling of authentication methods on a per user, group, host and network basis via the Match directive in sshd_config. + Fixed an inconsistent check for a terminal when displaying scp progress meter (closes: #257524). + Fix "hang on exit" when background processes are running at the time of exit on a ttyful/login session (closes: #88337). * Update to current GSSAPI patch from http://www.sxw.org.uk/computing/patches/openssh-4.6p1-gsskex-20070312.patch; install ChangeLog.gssapi. * Build the .deb --with-ssl-engine (closes: #408027, LP: #119295). * Use LSB functions in init scripts, and add an LSB-style header (partly from Ubuntu and partly thanks to Christian Perrier; closes: #389038). * Move init script start links to S16, move rc1 stop link to K84, and remove rc0 and rc6 stop links altogether (the last part from Ubuntu; closes: #122188). * Emit a slightly more informative message from the init script if /dev/null has somehow become not a character device (closes: #369964). * Belatedly build-depend on zlib1g-dev (>= 1:1.2.3-1) (closes: #333447). * Merge from Ubuntu: - Build position-independent executables (only for debs, not for udebs) to take advantage of address space layout randomisation. - If building on Ubuntu, add /sbin, /usr/sbin, and /usr/local/sbin to the default path. * Use ${binary:Version} rather than ${Source-Version} in openssh-server -> openssh-client dependency. -- Colin Watson Wed, 13 Jun 2007 00:28:26 +0100 openssh (1:4.3p2-11) unstable; urgency=low * It's been four and a half years now since I took over as "temporary" maintainer, so the Maintainer field is getting a bit inaccurate. Set Maintainer to debian-ssh@lists.debian.org and leave Matthew and myself as Uploaders. * Use dpkg-query to fetch conffile md5sums rather than parsing /var/lib/dpkg/status directly. * openssh-client Suggests: libpam-ssh (closes: #427840). * Use 'start-stop-daemon --oknodo' so that openssh-server's init script exits successfully if sshd is already running (closes: #426858). * Apply results of debconf templates and package descriptions review by debian-l10n-english (closes: #420107, #420742). * debconf template translations: - Update Dutch (thanks, Machteld de Kok; closes: #419260). - Update Norwegian Bokmål (thanks, Bjørn Steensrud; closes: #420630). - Update Galician (thanks, Jacobo Tarrio; closes: #420635). - Update Spanish (thanks, Javier Fernández-Sanguino Peña; closes: #420651). - Update Swedish (thanks, Daniel Nylander; closes: #420663). - Add Bulgarian (thanks, Damyan Ivanov; closes: #420703). - Add Tamil (thanks, Tirumurti Vasudevan; closes: #420739). - Update German (thanks, Helge Kreutzmann; closes: #420743). - Update Japanese (thanks, Kenshi Muto; closes: #420946). - Add Basque (thanks, Piarres Beobide; closes: #421238). - Update Italian (thanks, Luca Monducci; closes: #421348). - Update Czech (thanks, Miroslav Kure; closes: #421484). - Update Romanian (thanks, Igor Stirbu; closes: #421760). - Update Russian (thanks, Yuriy Talakan' and Sergey Alyoshin; closes: #420862). - Update Dutch (thanks, Bart Cornelis; closes: #422767). - Update Portuguese (thanks, Ricardo Silva; closes: #423112). - Update French (thanks, Christian Perrier). - Add Korean (thanks, Sunjae Park; closes: #424008). - Update Vietnamese (thanks, Clytie Siddall; closes: #426991). -- Colin Watson Sun, 10 Jun 2007 08:59:42 +0100 openssh (1:4.3p2-10) unstable; urgency=low * Multiply openssh-client-udeb's Installer-Menu-Item by 100. * Increase MAX_SESSIONS to 64. -- Colin Watson Tue, 10 Apr 2007 19:17:20 +0100 openssh (1:4.3p2-9) unstable; urgency=high [ Russ Allbery ] * Fix GSSAPIKeyExchange configuration file handling logic in ssh-krb5 (closes: #404863). * Fix uncommenting of GSSAPI options by ssh-krb5 (closes: #407766). [ Colin Watson ] * debconf template translations: - Add Norwegian Bokmål (thanks, Bjørn Steensrud; closes: #412330). -- Colin Watson Mon, 5 Mar 2007 16:13:50 +0000 openssh (1:4.3p2-8) unstable; urgency=medium [ Vincent Untz ] * Give the ssh-askpass-gnome window a default icon; remove unnecessary icon extension from .desktop file (closes: https://launchpad.net/bugs/27152). [ Colin Watson ] * Drop versioning on ssh/ssh-krb5 Replaces, as otherwise it isn't sufficient to replace conffiles (closes: #402804). * Make GSSAPICleanupCreds a compatibility alias for GSSAPICleanupCredentials. Mark GSSUseSessionCCache and GSSAPIUseSessionCredCache as known-but-unsupported options, and migrate away from them on upgrade. * It turns out that the people who told me that removing a conffile in the preinst was sufficient to have dpkg replace it without prompting when moving a conffile between packages were very much mistaken. As far as I can tell, the only way to do this reliably is to write out the desired new text of the conffile in the preinst. This is gross, and requires shipping the text of all conffiles in the preinst too, but there's nothing for it. Fortunately this nonsense is only required for smooth upgrades from sarge. * debconf template translations: - Add Romanian (thanks, Stan Ioan-Eugen; closes: #403528). -- Colin Watson Sat, 23 Dec 2006 18:38:33 +0000 openssh (1:4.3p2-7) unstable; urgency=medium [ Colin Watson ] * Ignore errors from usermod when changing sshd's shell, since it will fail if the sshd user is not local (closes: #398436). * Remove version control tags from /etc/ssh/moduli and /etc/ssh/ssh_config to avoid unnecessary conffile resolution steps for administrators (thanks, Jari Aalto; closes: #335259). * Fix quoting error in configure.ac and regenerate configure (thanks, Ben Pfaff; closes: #391248). * When installing openssh-client or openssh-server from scratch, remove any unchanged conffiles from the pre-split ssh package to work around a bug in sarge's dpkg (thanks, Justin Pryzby and others; closes: #335276). [ Russ Allbery ] * Create transitional ssh-krb5 package which enables GSSAPI configuration in sshd_config (closes: #390986). * Default client to attempting GSSAPI authentication. * Remove obsolete GSSAPINoMICAuthentication from sshd_config if it's found. * Add ssh -K option, the converse of -k, to enable GSSAPI credential delegation (closes: #401483). -- Colin Watson Wed, 6 Dec 2006 23:00:49 +0000 openssh (1:4.3p2-6) unstable; urgency=low * Acknowledge NMU (thanks, Manoj; closes: #394795). * Backport from 4.5p1: - Fix a bug in the sshd privilege separation monitor that weakened its verification of successful authentication. This bug is not known to be exploitable in the absence of additional vulnerabilities. * openssh-server Suggests: molly-guard (closes: #395473). * debconf template translations: - Update German (thanks, Helge Kreutzmann; closes: #395947). -- Colin Watson Wed, 15 Nov 2006 00:07:32 +0000 openssh (1:4.3p2-5.1) unstable; urgency=low * NMU to update SELinux patch, bringing it in line with current selinux releases. The patch for this NMU is simply the Bug#394795 patch, and no other changes. (closes: #394795) -- Manoj Srivastava Mon, 23 Oct 2006 14:11:24 -0500 openssh (1:4.3p2-5) unstable; urgency=low * Remove ssh/insecure_telnetd check altogether (closes: #391081). * debconf template translations: - Update Danish (thanks, Claus Hindsgaul; closes: #390612). -- Colin Watson Thu, 5 Oct 2006 09:04:19 +0100 openssh (1:4.3p2-4) unstable; urgency=high * Backport from 4.4p1 (since I don't have an updated version of the GSSAPI patch yet): - CVE-2006-4924: Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired (closes: #389995). - CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. The signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote. * Read /etc/default/locale as well as /etc/environment (thanks, Raphaël Hertzog; closes: #369395). * Remove no-longer-used ssh/insecure_rshd debconf template. * Make ssh/insecure_telnetd Type: error (closes: #388946). * debconf template translations: - Update Portuguese (thanks, Rui Branco; closes: #381942). - Update Spanish (thanks, Javier Fernández-Sanguino Peña; closes: #382966). -- Colin Watson Fri, 29 Sep 2006 16:28:24 +0100 openssh (1:4.3p2-3) unstable; urgency=low * Document KeepAlive->TCPKeepAlive renaming in sshd_config(5) (closes: https://launchpad.net/bugs/50702). * Change sshd user's shell to /usr/sbin/nologin (closes: #366541). Introduces dependency on passwd for usermod. * debconf template translations: - Update French (thanks, Denis Barbier; closes: #368503). - Update Dutch (thanks, Bart Cornelis; closes: #375100). - Update Japanese (thanks, Kenshi Muto; closes: #379950). -- Colin Watson Thu, 27 Jul 2006 00:12:36 +0100 openssh (1:4.3p2-2) unstable; urgency=low * Include commented-out pam_access example in /etc/pam.d/ssh. * On '/etc/init.d/ssh restart', create /var/run/sshd before checking the server configuration, as otherwise 'sshd -t' will complain about the lack of /var/run/sshd (closes: https://launchpad.net/bugs/45234). * debconf template translations: - Update Russian (thanks, Yuriy Talakan'; closes: #367143). - Update Czech (thanks, Miroslav Kure; closes: #367161). - Update Italian (thanks, Luca Monducci; closes: #367186). - Update Galician (thanks, Jacobo Tarrio; closes: #367318). - Update Swedish (thanks, Daniel Nylander; closes: #367971). -- Colin Watson Fri, 19 May 2006 09:14:27 +0100 openssh (1:4.3p2-1) unstable; urgency=low * New upstream release (closes: #361032). - CVE-2006-0225: scp (as does rcp, on which it is based) invoked a subshell to perform local to local, and remote to remote copy operations. This subshell exposed filenames to shell expansion twice; allowing a local attacker to create filenames containing shell metacharacters that, if matched by a wildcard, could lead to execution of attacker-specified commands with the privilege of the user running scp (closes: #349645). - Add support for tunneling arbitrary network packets over a connection between an OpenSSH client and server via tun(4) virtual network interfaces. This allows the use of OpenSSH (4.3+) to create a true VPN between the client and server providing real network connectivity at layer 2 or 3. This feature is experimental. - Reduce default key length for new DSA keys generated by ssh-keygen back to 1024 bits. DSA is not specified for longer lengths and does not fully benefit from simply making keys longer. As per FIPS 186-2 Change Notice 1, ssh-keygen will refuse to generate a new DSA key smaller or larger than 1024 bits. - Fixed X forwarding failing to start when the X11 client is executed in background at the time of session exit. - Change ssh-keygen to generate a protocol 2 RSA key when invoked without arguments (closes: #114894). - Fix timing variance for valid vs. invalid accounts when attempting Kerberos authentication. - Ensure that ssh always returns code 255 on internal error (closes: #259865). - Cleanup wtmp files on SIGTERM when not using privsep. - Set SO_REUSEADDR on X11 listeners to avoid problems caused by lingering sockets from previous session (X11 applications can sometimes not connect to 127.0.0.1:60xx) (closes: https://launchpad.net/bugs/25528). - Ensure that fds 0, 1 and 2 are always attached in all programs, by duping /dev/null to them if necessary. - Xauth list invocation had bogus "." argument. - Remove internal assumptions on key exchange hash algorithm and output length, preparing OpenSSH for KEX methods with alternate hashes. - Ignore junk sent by a server before it sends the "SSH-" banner. - Many manual page improvements. - Lots of cleanups, including fixes to memory leaks on error paths and possible crashes. * Update to current GSSAPI patch from http://www.sxw.org.uk/computing/patches/openssh-4.3p2-gsskex-20060223.patch (closes: #352042). * debian/rules: Resynchronise CFLAGS with that generated by configure. * Restore pam_nologin to /etc/pam.d/ssh; sshd no longer checks this itself when PAM is enabled, but relies on PAM to do it. * Rename KeepAlive to TCPKeepAlive in default sshd_config (closes: #349896). * Rephrase ssh/new_config and ssh/encrypted_host_key_but_no_keygen debconf templates to make boolean short descriptions end with a question mark and to avoid use of the first person. * Ship README.tun. * Policy version 3.7.2: no changes required. * debconf template translations: - Update Italian (thanks, Luca Monducci; closes: #360348). - Add Galician (thanks, Jacobo Tarrio; closes: #361220). -- Colin Watson Fri, 12 May 2006 12:48:24 +0100 openssh (1:4.2p1-8) unstable; urgency=low [ Frans Pop ] * Use udeb support introduced in debhelper 4.2.0 (available in sarge) rather than constructing udebs by steam. * Require debhelper 5.0.22, which generates correct shared library dependencies for udebs (closes: #360068). This build-dependency can be ignored if building on sarge. [ Colin Watson ] * Switch to debhelper compatibility level 4, since we now require debhelper 4 even on sarge anyway for udeb support. -- Colin Watson Fri, 31 Mar 2006 09:44:55 +0100 openssh (1:4.2p1-7) unstable; urgency=low * I accidentally applied the default $PATH change in 1:4.2p1-6 to the udeb rather than the deb. Fixed. -- Colin Watson Wed, 1 Mar 2006 16:19:00 +0000 openssh (1:4.2p1-6) unstable; urgency=low * Sync default values of $PATH from shadow 1:4.0.12-6, adding /usr/bin/X11 to the normal and superuser paths and /usr/games to the normal path. * When the client receives a signal, don't fatal() with "Killed by signal %d." (which produces unhelpful noise on stderr and causes confusion for users of some applications that wrap ssh); instead, generate a debug message and exit with the traditional status (closes: #313371). * debconf template translations: - Add Swedish (thanks, Daniel Nylander; closes: #333133). - Update Spanish (thanks, Javier Fernández-Sanguino Peña; closes: #341371). - Correct erroneously-changed Last-Translator headers in Greek and Spanish translations. -- Colin Watson Mon, 20 Feb 2006 16:50:55 +0000 openssh (1:4.2p1-5) unstable; urgency=low * Add a CVE name to the 1:4.0p1-1 changelog entry. * Build-depend on libselinux1-dev on armeb. * Only send GSSAPI proposal if GSSAPIAuthentication is enabled. * Build-depend on libssl-dev (>= 0.9.8-1) to cope with surprise OpenSSL transition, since otherwise who knows what the buildds will do. If you're building openssh yourself, you can safely ignore this and use an older libssl-dev. -- Colin Watson Fri, 7 Oct 2005 12:23:42 +0100 openssh (1:4.2p1-4) unstable; urgency=low * Initialise token to GSS_C_EMPTY_BUFFER in ssh_gssapi_check_mechanism (closes: #328606). -- Colin Watson Fri, 16 Sep 2005 12:50:16 +0100 openssh (1:4.2p1-3) unstable; urgency=low * Add prototype for ssh_gssapi_server_mechanisms (closes: #328372). * Interoperate with ssh-krb5 << 3.8.1p1-1 servers, which used a slightly different version of the gssapi authentication method (thanks, Aaron M. Ucko; closes: #328388). * Explicitly tell po2debconf to use the 'popular' output encoding, so that the woody-compatibility hack works even with po-debconf 0.9.0. -- Colin Watson Thu, 15 Sep 2005 09:28:21 +0100 openssh (1:4.2p1-2) unstable; urgency=low * Annotate 1:4.2p1-1 changelog with CVE references. * Add remaining pieces of Kerberos support (closes: #152657, #275472): - Add GSSAPI key exchange support from http://www.sxw.org.uk/computing/patches/openssh.html (thanks, Stephen Frost). - Build-depend on libkrb5-dev and configure --with-kerberos5=/usr. - openssh-client and openssh-server replace ssh-krb5. - Update commented-out Kerberos/GSSAPI options in default sshd_config. - Fix HAVE_GSSAPI_KRB5_H/HAVE_GSSAPI_GSSAPI_KRB5_H typos in gss-serv-krb5.c. -- Colin Watson Wed, 14 Sep 2005 18:28:49 +0100 openssh (1:4.2p1-1) unstable; urgency=low * New upstream release. - SECURITY (CAN-2005-2797): Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts to be incorrectly activated for dynamic ("-D") port forwardings when no listen address was explicitly specified (closes: #326065). - SECURITY (CAN-2005-2798): Fix improper delegation of GSSAPI credentials. This code is only built in openssh-krb5, not openssh, but I mention the CVE reference here anyway for completeness. - Add a new compression method ("Compression delayed") that delays zlib compression until after authentication, eliminating the risk of zlib vulnerabilities being exploited by unauthenticated users. Note that users of OpenSSH versions earlier than 3.5 will need to disable compression on the client or set "Compression yes" (losing this security benefit) on the server. - Increase the default size of new RSA/DSA keys generated by ssh-keygen from 1024 to 2048 bits (closes: #181162). - Many bugfixes and improvements to connection multiplexing. - Don't pretend to accept $HOME (closes: #208648). * debian/rules: Resynchronise CFLAGS with that generated by configure. * openssh-client and openssh-server conflict with pre-split ssh to avoid problems when ssh is left un-upgraded (closes: #324695). * Set X11Forwarding to yes in the default sshd_config (new installs only). At least when X11UseLocalhost is turned on, which is the default, the security risks of using X11 forwarding are risks to the client, not to the server (closes: #320104). -- Colin Watson Wed, 14 Sep 2005 15:16:14 +0100 openssh (1:4.1p1-7) unstable; urgency=low * Do the IDEA host key check on a temporary file to avoid altering /etc/ssh/ssh_host_key itself (closes: #312312). * Work around the ssh-askpass alternative somehow ending up in manual mode pointing to the obsolete /usr/lib/ssh/gnome-ssh-askpass. * Add GNU/kFreeBSD support (thanks, Aurelien Jarno; closes: #318113). * Fix XSIish uses of 'test' in openssh-server.preinst. * Policy version 3.6.2: no changes required. -- Colin Watson Fri, 2 Sep 2005 16:18:11 +0100 openssh (1:4.1p1-6) unstable; urgency=low * Fix one-character typo that meant the binaries in openssh-client and openssh-server got recompiled with the wrong options during 'debian/rules install' (closes: #317088, #317238, #317241). -- Colin Watson Thu, 7 Jul 2005 10:56:16 +0100 openssh (1:4.1p1-5) unstable; urgency=low * Build-depend on libselinux1-dev on ppc64 too (closes: #314625). * Drop priority of ssh to extra to match the override file. * Make /usr/share/doc/openssh-server and /usr/share/doc/ssh symlinks to /usr/share/doc/openssh-client (closes: #314745). * Ship README.dns (closes: #284874). * Disable btmp logging, since Debian's /var/log/btmp has inappropriate permissions (closes: #314956). * Allow ~/.ssh/config to be group-writable, provided that the group in question contains only the file's owner (closes: #314347). * debconf template translations: - Update Brazilian Portuguese (thanks, André Luís Lopes; closes: #315477). - Add Vietnamese (thanks, Clytie Siddall; closes: #316636). -- Colin Watson Sun, 3 Jul 2005 17:08:08 +0100 openssh (1:4.1p1-4) unstable; urgency=low * openssh-client and openssh-server conflict with ssh-krb5, as ssh-krb5 only conflicts with ssh (closes: #312475). * SELinux support (thanks, Manoj Srivastava; closes: #308555): - Added SELinux capability, and turned it on be default. Added restorecon calls in preinst and postinst (should not matter if the machine is not SELinux aware). By and large, the changes made should have no effect unless the rules file calls --with-selinux; and even then there should be no performance hit for machines not actively running SELinux. - Modified the preinst and postinst to call restorecon to set the security context for the generated public key files. - Added a comment to /etc/pam.d/ssh to indicate that an SELinux system may want to also include pam_selinux.so. * Re-enable ssh-askpass-gnome on the Hurd, now that its build-dependencies are available. * Restore /usr/lib/sftp-server temporarily, as a symlink to /usr/lib/openssh/sftp-server (closes: #312891). * Switch to debhelper compatibility level 3, since 2 is deprecated. * debconf template translations: - Update German (thanks, Jens Seidel; closes: #313949). -- Colin Watson Fri, 17 Jun 2005 14:20:20 +0100 openssh (1:4.1p1-3) unstable; urgency=low * Upload to unstable. -- Colin Watson Mon, 6 Jun 2005 22:28:33 +0100 openssh (1:4.1p1-2) experimental; urgency=low * Drop debconf support for allowing SSH protocol 1, which is discouraged and has not been the default since openssh 1:3.0.1p1-1. Users who need this should edit sshd_config instead (closes: #147212). * Since ssh-keysign isn't used by default (you need to set EnableSSHKeysign to "yes" in /etc/ssh/ssh_config), having a debconf question to ask whether it should be setuid is overkill, and the question text had got out of date anyway. Remove this question, ship ssh-keysign setuid in openssh-client.deb, and set a statoverride if the debconf question was previously set to false. * Add lintian overrides for the above (setuid-binary, no-debconf-templates). * Fix picky lintian errors about slogin symlinks. * Fix DEB_HOST_ARCH_OS/DEB_HOST_GNU_SYSTEM compatibility handling. * Apply Linux 2.2 workaround (see #239999) only on Linux. -- Colin Watson Thu, 2 Jun 2005 00:55:58 +0100 openssh (1:4.1p1-1) experimental; urgency=low * New upstream release. - Normalise socket addresses returned by get_remote_hostname(), fixing 4-in-6 mapping issues with AllowUsers et al (closes: #192234). * Take upstream's hint and disable the unsupported USE_POSIX_THREADS (closes: #295757, #308868, and possibly others; may open other bugs). Use PAM password authentication to avoid #278394. In future I may provide two sets of binaries built with and without this option, since it seems I can't win. * Disable ChallengeResponseAuthentication in new installations, returning to PasswordAuthentication by default, since it now supports PAM and apparently works better with a non-threaded sshd (closes: #247521). * openssh-server Suggests: rssh (closes: #233012). * Change libexecdir to /usr/lib/openssh, and fix up various alternatives and configuration files to match (closes: #87900, #151321). * Fix up very old sshd_config files that refer to /usr/libexec/sftp-server (closes: #141979). -- Colin Watson Tue, 31 May 2005 01:33:33 +0100 openssh (1:4.0p1-1) experimental; urgency=low * New upstream release. - Port-forwarding specifications now take optional bind addresses, and the server allows client-specified bind addresses for remote port forwardings when configured with "GatewayPorts clientspecified" (closes: #87253, #192206). - ssh and ssh-keyscan now support hashing of known_hosts files for improved privacy (CAN-2005-2666). ssh-keygen has new options for managing known_hosts files, which understand hashing. - sftp supports command history and editing support using libedit (closes: #287013). - Have scp and sftp wait for the spawned ssh to exit before they exit themselves, allowing ssh to restore terminal modes (closes: #257130). - Improved the handling of bad data in authorized_keys files, eliminating fatal errors on corrupt or very large keys; e.g. linefeeds in keys only produce errors in auth.log now (closes: #220726). - Add "command mode" to ssh connection multiplexing (closes: #303452). - Mention $HOME/.hushlogin in sshd(8) FILES section (closes: #163933). * Make gnome-ssh-askpass stay above other windows (thanks, Liyang HU; closes: #296487). * Remove obsolete and unnecessary ssh/forward_warning debconf note. * Hurd build fixes (although sshd still doesn't work): - Restore X forwarding fix from #102991, lost somewhere along the way. - Link with -lcrypt. - Link with -lpthread rather than -pthread. - Don't build ssh-askpass-gnome on the Hurd, until GNOME is available to satisfy build-dependencies. * Drop workaround for #242462 on amd64; it's been fixed properly upstream. * Enable HashKnownHosts by default. This only affects new entries; use 'ssh-keygen -H' to convert an entire known_hosts file to hashed format. * Note in ssh_config(5) that the SetupTimeOut option is Debian-specific (closes: #307069). * debconf template translations: - Update Czech (thanks, Miroslav Kure; closes: #298744). - Update Finnish (thanks, Matti Pöllä; closes: #303787). - Synchronise Spanish with sarge branch (thanks, Javier Fernández-Sanguino Peña; closes: #298536). - Add Ukrainian (thanks, Eugeniy Meshcheryakov; closes: #301852). -- Colin Watson Thu, 26 May 2005 11:23:18 +0100 openssh (1:3.9p1-3) experimental; urgency=low * Explain how to run sshd from inittab in README.Debian (closes: #147360). * Add debian/watch file. -- Colin Watson Fri, 18 Feb 2005 00:20:16 +0000 openssh (1:3.9p1-2) experimental; urgency=low * Remove pam_nologin from /etc/pam.d/ssh, as sshd's built-in support appears to be sufficient and more useful (closes: #162996). * Depend on debconf | debconf-2.0. * Drop LoginGraceTime back to the upstream default of two minutes on new installs (closes: #289573). * debconf template translations from Ubuntu bug #1232: - Update Greek (thanks, Logiotatidis George). - Update Spanish (thanks, Santiago Erquicia). -- Colin Watson Sat, 15 Jan 2005 12:37:54 +0000 openssh (1:3.9p1-1) experimental; urgency=low * New upstream release. - PAM password authentication implemented again (closes: #238699, #242119). - Implemented the ability to pass selected environment variables between the client and the server. - Fix ssh-keyscan breakage when remote server doesn't speak SSH protocol (closes: #228828). - Fix res_query detection (closes: #242462). - 'ssh -c' documentation improved (closes: #265627). * Pass LANG and LC_* environment variables from the client by default, and accept them to the server by default in new installs, although not on upgrade (closes: #264024). * Build ssh in binary-indep, not binary-arch (thanks, LaMont Jones). * Expand on openssh-client package description (closes: #273831). -- Colin Watson Tue, 4 Jan 2005 14:18:31 +0000 openssh (1:3.8.1p1-14) experimental; urgency=low * We use DH_COMPAT=2, so build-depend on debhelper (>= 2). * Fix timing information leak allowing discovery of invalid usernames in PAM keyboard-interactive authentication (backported from a patch by Darren Tucker; closes: #281595). * Make sure that there's a delay in PAM keyboard-interactive authentication when PermitRootLogin is not set to yes and the correct root password is entered (closes: #248747). -- Colin Watson Sun, 28 Nov 2004 18:09:37 +0000 openssh (1:3.8.1p1-13) experimental; urgency=low * Enable threading for PAM, on Sam Hartman's advice (closes: #278394). * debconf template translations: - Update Dutch (thanks, cobaco; closes: #278715). * Correct README.Debian's ForwardX11Trusted description (closes: #280190). -- Colin Watson Fri, 12 Nov 2004 12:03:13 +0000 openssh (1:3.8.1p1-12) experimental; urgency=low * Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754). * Shorten the version string from the form "OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH implementations apparently have problems with the long version string. This is of course a bug in those implementations, but since the extent of the problem is unknown it's best to play safe (closes: #275731). * debconf template translations: - Add Finnish (thanks, Matti Pöllä; closes: #265339). - Update Danish (thanks, Morten Brix Pedersen; closes: #275895). - Update French (thanks, Denis Barbier; closes: #276703). - Update Japanese (thanks, Kenshi Muto; closes: #277438). -- Colin Watson Sun, 24 Oct 2004 19:21:17 +0100 openssh (1:3.8.1p1-11) experimental; urgency=high * Move sshd_config(5) to openssh-server, where it belongs. * If PasswordAuthentication is disabled, then offer to disable ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369). * This will ask a question of anyone who installed fresh with 1:3.8p1-2 or later and then upgraded. Sorry about that ... for this reason, the default answer is to leave ChallengeResponseAuthentication enabled. -- Colin Watson Wed, 6 Oct 2004 14:28:20 +0100 openssh (1:3.8.1p1-10) experimental; urgency=low * Don't install the ssh-askpass-gnome .desktop file by default; I've had too many GNOME people tell me it's the wrong thing to be doing. I've left it in /usr/share/doc/ssh-askpass-gnome/examples/ for now. -- Colin Watson Wed, 25 Aug 2004 18:18:14 +0100 openssh (1:3.8.1p1-9) experimental; urgency=low * Split the ssh binary package into openssh-client and openssh-server (closes: #39741). openssh-server depends on openssh-client for some common functionality; it didn't seem worth creating yet another package for this. openssh-client is priority standard, openssh-server optional. * New transitional ssh package, priority optional, depending on openssh-client and openssh-server. May be removed once nothing depends on it. * When upgrading from ssh to openssh-{client,server}, it's very difficult for the maintainer scripts to find out what version we're upgrading from without dodgy dpkg hackery. I've therefore taken the opportunity to move a couple of debconf notes into NEWS files, namely ssh/ssh2_keys_merged and ssh/user_environment_tell. * Add a heuristic to try to make sure the sshd_config upgrade to >= 3.7 happens even though we don't know what version we're upgrading from. * Remove /etc/ssh/sshd_not_to_be_run on purge of openssh-server. For now (until sarge+2) it's still honoured to avoid breaking existing configurations, but the right approach is now to remove the openssh-server package if you don't want to run the server. Add a NEWS item to that effect. -- Colin Watson Mon, 2 Aug 2004 20:48:54 +0100 openssh (1:3.8.1p1-8.sarge.4) unstable; urgency=high * Fix timing information leak allowing discovery of invalid usernames in PAM keyboard-interactive authentication (backported from a patch by Darren Tucker; closes: #281595). * Make sure that there's a delay in PAM keyboard-interactive authentication when PermitRootLogin is not set to yes and the correct root password is entered (closes: #248747). -- Colin Watson Sun, 28 Nov 2004 12:37:16 +0000 openssh (1:3.8.1p1-8.sarge.3) unstable; urgency=low * Enable threading for PAM, on Sam Hartman's advice (closes: #278394). * debconf template translations: - Update Dutch (thanks, cobaco; closes: #278715). * Correct README.Debian's ForwardX11Trusted description (closes: #280190). -- Colin Watson Fri, 12 Nov 2004 10:31:12 +0000 openssh (1:3.8.1p1-8.sarge.2) unstable; urgency=low * Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754). * Shorten the version string from the form "OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH implementations apparently have problems with the long version string. This is of course a bug in those implementations, but since the extent of the problem is unknown it's best to play safe (closes: #275731). * debconf template translations: - Add Finnish (thanks, Matti Pöllä; closes: #265339). - Update Danish (thanks, Morten Brix Pedersen; closes: #275895). - Update French (thanks, Denis Barbier; closes: #276703). - Update Japanese (thanks, Kenshi Muto; closes: #277438). -- Colin Watson Sun, 24 Oct 2004 17:57:14 +0100 openssh (1:3.8.1p1-8.sarge.1) unstable; urgency=high * If PasswordAuthentication is disabled, then offer to disable ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369). * This will ask a question of anyone who installed fresh with 1:3.8p1-2 or later and then upgraded. Sorry about that ... for this reason, the default answer is to leave ChallengeResponseAuthentication enabled. -- Colin Watson Wed, 6 Oct 2004 14:21:55 +0100 openssh (1:3.8.1p1-8) unstable; urgency=high * Matthew Vernon: - Add a GPL exception to the licensing terms of the Debian patch (closes: #211644). -- Colin Watson Thu, 29 Jul 2004 13:28:47 +0100 openssh (1:3.8.1p1-7) unstable; urgency=low * Re-enable shadow password support in openssh-server-udeb, at Bastian Blank's request (closes: #260800). -- Colin Watson Thu, 22 Jul 2004 10:56:06 +0100 openssh (1:3.8.1p1-6) unstable; urgency=low * Implement hack in http://lists.debian.org/debian-boot/2004/07/msg01207.html to get openssh-client-udeb to show up as a retrievable debian-installer component. * Generate host keys in postinst only if the relevant HostKey directives are found in sshd_config (closes: #87946). -- Colin Watson Wed, 21 Jul 2004 15:14:46 +0100 openssh (1:3.8.1p1-5) unstable; urgency=medium * Update German debconf template translation (thanks, Helge Kreutzmann; closes: #252226). * Remove Suggests: dnsutils, as it was only needed for make-ssh-known-hosts (#93265), which has been replaced by ssh-keyscan. * Disable shadow password support in openssh-server-udeb. * Fix non-portable shell constructs in maintainer scripts, Makefile, and ssh-copy-id (thanks, David Weinehall; closes: #258517). * Apply patch from Darren Tucker to make the PAM authentication SIGCHLD handler kill the PAM thread if its waitpid() call returns 0, as well as the previous check for -1 (closes: #252676). * Add scp and sftp to openssh-client-udeb. It might not be very 'u' any more; oh well. -- Colin Watson Sat, 10 Jul 2004 13:57:27 +0100 openssh (1:3.8.1p1-4) unstable; urgency=medium * Kill off PAM thread if privsep slave dies (closes: #248125). -- Colin Watson Fri, 28 May 2004 17:58:45 -0300 openssh (1:3.8.1p1-3) unstable; urgency=low * Add ssh-keygen to openssh-server-udeb. -- Colin Watson Thu, 20 May 2004 16:31:52 +0100 openssh (1:3.8.1p1-2) unstable; urgency=low * Add Catalan debconf template translation (thanks, Aleix Badia i Bosch; closes: #248748). * openssh-client-udeb and openssh-server-udeb depend on libnss-files-udeb (not yet uploaded). * Restore ssh-askpass-gnome binary, lost by mistake. * Don't link against libnsl in udeb builds. -- Colin Watson Thu, 20 May 2004 11:15:58 +0100 openssh (1:3.8.1p1-1) unstable; urgency=low * New upstream release. - Use a longer buffer for tty names in utmp (closes: #247538). * Make sure there's a newline at the end of sshd_config before adding 'UsePAM yes' (closes: #244829). * Generate a new .orig.tar.gz without RFC.nroff, and remove /usr/share/doc/ssh/RFC.gz (closes: #211640). It isn't DFSG-free and only documents the obsolete SSH1 protocol, not to mention that it was never a real RFC but only an Internet-Draft. It's available from http://www.free.lp.se/bamse/draft-ylonen-ssh-protocol-00.txt if you want it for some reason. * Add openssh-client-udeb and openssh-server-udeb binary packages for use in debian-installer. They still need libnss_files to be supplied in udeb form by glibc. * Work around lack of res_query weak alias in libresolv on amd64 (see #242462, awaiting real fix upstream). * Fix grammar in sshd(8) (closes: #238753). * Add .desktop file and icon for ssh-askpass-gnome (closes: #232333). * Update Polish debconf template translation (thanks, Emil Nowak; closes: #242808). * Add Turkish debconf template translation (thanks, Recai Oktaş; closes: #246068). -- Colin Watson Tue, 11 May 2004 23:38:10 +0100 openssh (1:3.8p1-3) unstable; urgency=low * Remove deprecated ReverseMappingCheck option from newly generated sshd_config files (closes: #239987). * Build everything apart from contrib in a subdirectory, to allow for multiple builds. * Some older kernels are missing setresuid() and setresgid(), so don't try to use them. setreuid() and setregid() will do well enough for our purposes (closes: #239999). -- Colin Watson Mon, 5 Apr 2004 21:23:43 +0100 openssh (1:3.8p1-2) unstable; urgency=medium * Disable PasswordAuthentication for new installations (closes: #236810). * Turn off the new ForwardX11Trusted by default, returning to the semantics of 3.7 and earlier, since it seems immature and causes far too many problems with existing setups. See README.Debian for details (closes: #237021). -- Colin Watson Wed, 10 Mar 2004 10:33:07 +0000 openssh (1:3.8p1-1) unstable; urgency=low * New upstream release (closes: #232281): - New PAM implementation based on that in FreeBSD. This runs PAM session modules before dropping privileges (closes: #132681, #150968). - Since PAM session modules are run as root, we can turn pam_limits back on by default, and it no longer spits out "Operation not permitted" to syslog (closes: #171673). - Password expiry works again (closes: #153235). - 'ssh -q' suppresses login banner (closes: #134589). - sshd doesn't lie to PAM about invalid usernames (closes: #157078). - ssh-add prints key comment on each prompt (closes: #181869). - Punctuation formatting fixed in man pages (closes: #191131). - EnableSSHKeysign documented in ssh_config(5) (closes: #224457). * Add 'UsePAM yes' to /etc/ssh/sshd_config on upgrade from versions older than this, to maintain the standard Debian sshd configuration. * Comment out PAMAuthenticationViaKbdInt and RhostsAuthentication in sshd_config on upgrade. Neither option is supported any more. * Privilege separation and PAM are now properly supported together, so remove both debconf questions related to them and simply set it unconditionally in newly generated sshd_config files (closes: #228838). * ServerAliveInterval implemented upstream, so ProtocolKeepAlives is now a compatibility alias. The semantics differ slightly, though; see ssh_config(5) for details. * Implement SSH1 support for ServerAliveInterval using SSH_MSG_IGNORE. As documented in ssh_config(5), it's not as good as the SSH2 version. * Remove -fno-builtin-log, -DHAVE_MMAP_ANON_SHARED, and -D__FILE_OFFSET_BITS=64 compiler options, which are no longer necessary. * Update config.guess and config.sub from autotools-dev 20040105.1. * Darren Tucker: - Reset signal status when starting pam auth thread, prevent hanging during PAM keyboard-interactive authentications. - Fix a non-security-critical segfault in PAM authentication. * Add debconf template translations: - Greek (thanks, Konstantinos Margaritis; closes: #232843). - Italian (thanks, Renato Gini; closes: #234777). -- Colin Watson Sat, 6 Mar 2004 18:43:44 +0000 openssh (1:3.6.1p2-12) unstable; urgency=low * Update Spanish debconf template translation (thanks, Javier Fernández-Sanguino Peña; closes: #228242). * Add debconf template translations: - Czech (thanks, Miroslav Kure; closes: #230110). - Simplified Chinese (thanks, Hiei Xu; closes: #230726). -- Colin Watson Wed, 11 Feb 2004 09:37:57 +0000 openssh (1:3.6.1p2-11) unstable; urgency=low * Comment out pam_limits in default configuration, for now at least (closes: #198254). * Use invoke-rc.d (if it exists) to run the init script. * Backport format string bug fix in sshconnect.c (closes: #225238). * ssh-copy-id exits if ssh fails (closes: #215252). -- Colin Watson Sun, 4 Jan 2004 18:59:21 +0000 openssh (1:3.6.1p2-10) unstable; urgency=low * Use --retry in init script when restarting rather than sleeping, to make sure the old process is dead (thanks, Herbert Xu; closes: #212117). Depend on dpkg (>= 1.9.0) for start-stop-daemon's --retry option. * Update debconf template translations: - Brazilian Portuguese (thanks, Andre Luis Lopes; closes: #219844). - Danish (thanks, Morten Brix Pedersen; closes: #217964). - Japanese (thanks, Kenshi Muto; closes: #212497). - Russian (thanks, Ilgiz Kalmetev). - Spanish (thanks, Carlos Valdivia Yagüe; closes: #211832). * Add Dutch debconf template translation (thanks, cobaco; closes: #215372). * Update config.guess and config.sub from autotools-dev 20031007.1 (closes: #217696). * Implement New World Order for PAM configuration, including /etc/pam.d/common-* from /etc/pam.d/ssh (closes: #212959). - To backport this release to woody, you need to set DEB_BUILD_SSH_WOODY in your environment. See README.Debian. * Add more commentary to /etc/pam.d/ssh. -- Colin Watson Sun, 16 Nov 2003 01:14:16 +0000 openssh (1:3.6.1p2-9) unstable; urgency=high * Merge even more buffer allocation fixes from upstream (CAN-2003-0682; closes: #211434). -- Colin Watson Fri, 19 Sep 2003 10:25:25 +0100 openssh (1:3.6.1p2-8) unstable; urgency=high * Merge more buffer allocation fixes from new upstream version 3.7.1p1 (closes: #211324). -- Colin Watson Wed, 17 Sep 2003 03:07:19 +0100 openssh (1:3.6.1p2-7) unstable; urgency=high * Update debconf template translations: - French (thanks, Christian Perrier; closes: #208801). - Japanese (thanks, Kenshi Muto; closes: #210380). * Some small improvements to the English templates courtesy of Christian Perrier. I've manually unfuzzied a few translations where it was obvious, on Christian's advice, but the others will have to be updated. * Document how to generate an RSA1 host key (closes: #141703). * Incorporate NMU fix for early buffer expansion vulnerability, CAN-2003-0693 (closes: #211205). Thanks to Michael Stone. -- Colin Watson Tue, 16 Sep 2003 14:32:28 +0100 openssh (1:3.6.1p2-6.0) unstable; urgency=high * SECURITY: fix for CAN-2003-0693, buffer allocation error -- Michael Stone Tue, 16 Sep 2003 08:27:07 -0400 openssh (1:3.6.1p2-6) unstable; urgency=medium * Use a more CVS-friendly means of setting SSH_VERSION. * Update Brazilian Portuguese debconf template translation (thanks, Andre Luis Lopes; closes: #208036). * Don't run 'sshd -t' in init script if the server isn't to be run (closes: #197576). * Fix login delay, spurious auth.log entry, and PermitRootLogin information leakage due to PAM issues with upstream's recent security update (thanks, Darren Tucker; closes: #99168, #192207, #193546). * Policy version 3.6.1: recode this changelog to UTF-8. -- Colin Watson Wed, 3 Sep 2003 19:14:02 +0100 openssh (1:3.6.1p2-5) unstable; urgency=low * Disable cmsg_type check for file descriptor passing when running on Linux 2.0 (closes: #150976). Remove comments about non-functional privilege separation on 2.0 from ssh/privsep_ask and ssh/privsep_tell debconf questions and from README.Debian, since it should all now work. * Fix "defails" typo in generated sshd_config (closes: #206484). * Backport upstream patch to strip trailing whitespace (including newlines) from configuration directives (closes: #192079). -- Colin Watson Wed, 27 Aug 2003 02:19:57 +0100 openssh (1:3.6.1p2-4) unstable; urgency=low * getent can get just one key; no need to use grep (thanks, James Troup). * Move /usr/local/bin to the front of the default path, following /etc/login.defs (closes: #201150). * Remove specifics of problematic countries from package description (closes: #197040). * Update Spanish debconf template translation (thanks, Carlos Valdivia Yagüe; closes: #198456). * Backport upstream patch to pass monitor signals through to child (closes: #164797). -- Colin Watson Sun, 27 Jul 2003 17:31:15 +0100 openssh (1:3.6.1p2-3) unstable; urgency=low * Update French debconf template translation (thanks, Christian Perrier; closes: #194323). * Version the adduser dependency for --no-create-home (closes: #195756). * Add a version of moduli(5), namely revision 1.7 of http://www.openbsd.org/cgi-bin/cvsweb/src/share/man/man5/moduli.5 with '/etc/moduli' changed to '/etc/ssh/moduli' throughout (closes: #196061). -- Colin Watson Mon, 9 Jun 2003 02:51:35 +0100 openssh (1:3.6.1p2-2) unstable; urgency=low * Force /etc/default/ssh to be non-executable, since dpkg apparently doesn't deal with permissions changes on conffiles (closes: #192966). * Use debconf 0.5's seen flag rather than the deprecated isdefault. * Add GPL location to copyright file. * Remove debian/postinst.old. * Switch to po-debconf, with some careful manual use of po2debconf to ensure that the source package continues to build smoothly on woody (closes: #183986). * Update debconf template translations: - Brazilian Portugese (thanks, Andre Luis Lopes; see #183986). - Japanese (thanks, Tomohiro KUBOTA; closes: #192429). * Compile with -fno-builtin-log for now, otherwise gcc-3.3 complains "log.h:59: warning: conflicting types for built-in function `log'". The OpenSSH log() function has been renamed in upstream CVS. -- Colin Watson Mon, 19 May 2003 01:52:38 +0100 openssh (1:3.6.1p2-1) unstable; urgency=medium * New upstream release, including fix for PAM user-discovery security hole (closes: #191681). * Fix ChallengeResponseAuthentication default in generated sshd_config (closes: #106037). * Put newlines after full stops in man page documentation for ProtocolKeepAlives and SetupTimeOut. * Policy version 3.5.9: support DEB_BUILD_OPTIONS=noopt, build gnome-ssh-askpass with -g and -Wall flags. * Really ask ssh/new_config debconf question before trying to fetch its value (closes: #188721). * On purge, remove only the files we know about in /etc/ssh rather than the whole thing, and remove the directory if that leaves it empty (closes: #176679). * ssh has depended on debconf for some time now with no complaints, so: - Simplify the postinst by relying on debconf being present. (The absent case was buggy anyway.) - Get rid of "if you have not installed debconf" text in README.Debian, and generally update the "/usr/bin/ssh not SUID" entry. * More README.Debian work: - Reorganize into "UPGRADE ISSUES" and "OTHER ISSUES", in an effort to make it easier for people to find the former. The upgrade issues should probably be sorted by version somehow. - Document X11UseLocalhost under "X11 Forwarding" (closes: #150913). * Fix setting of IP flags for interactive sessions (upstream bug #541). -- Colin Watson Mon, 5 May 2003 17:47:40 +0100 openssh (1:3.6.1p1-1) unstable; urgency=low * New upstream release (thanks, Laurence J. Lane). * debian/control: ssh-askpass-gnome is now Section: gnome, following the override file. -- Colin Watson Wed, 2 Apr 2003 00:51:02 +0100 openssh (1:3.6p1-1) unstable; urgency=low * New upstream release. - Workaround applied upstream for a bug in the interaction of glibc's getaddrinfo() with the Linux 2.2 kernel (closes: #155814). - As such, it should now be safe to remove --with-ipv4-default, so starting sshd with -6 is no longer necessary (closes: #79861 and lots of other merged bugs). - ssh-copy-id prints usage when run without arguments (closes: #71376). - scp exits 1 if ssh fails (closes: #138400). - sshd writes to utmp's ut_addr_v6 field in IPv6 mode (closes: #167867). - 'ssh-add -c' causes ssh-agent to ask the user each time a key is used (closes: #109795). * Install /etc/default/ssh non-executable (closes: #185537). -- Colin Watson Mon, 31 Mar 2003 23:00:59 +0100 openssh (1:3.5p1-5) unstable; urgency=low * Add /etc/default/ssh (closes: #161049). * Run the init script under 'set -e' (closes: #175010). * Change the default superuser path to include /sbin, /usr/sbin, and /usr/local/sbin (closes: #128235, #151267). Using login.defs would be nice, but that belongs to another package. Without a defined API to retrieve its settings, parsing it is off-limits. * Build ssh-askpass-gnome with GNOME 2. The source package should still support building on stable with GNOME 1, using the alternate libgnome-dev build-dependency (thanks, Colin Walters; closes: #167582). -- Colin Watson Sun, 9 Mar 2003 20:12:10 +0000 openssh (1:3.5p1-4) unstable; urgency=low * Point rlogin and rcp alternatives at slogin and scp respectively rather than ssh (closes: #121103, #151666). Fix alternative removal to match; previously it was completely wrong anyway. * Find out whether /etc/ssh/sshd_not_to_be_run exists and set the debconf question's default using that information, rather than using debconf as a registry. Other solutions may be better in the long run, but this is at least correct (thanks, Matthew Woodcraft; closes: #84725). * Stop using pam_lastlog, as it doesn't currently work well as a session module when privilege separation is enabled; it can usually read /var/log/lastlog but can't write to it. Instead, just use sshd's built-in support, already enabled by default (closes: #151297, #169938). * Use 'ssh-keygen -q' rather than redirecting output to /dev/null. * Add a "this may take some time" warning when creating host keys on installation (part of #110094). * When restarting via the init script, check for sshd_not_to_be_run after stopping sshd (idea from Tomas Pospisek; closes: #149850). * Append /usr/sbin:/sbin to the init script's $PATH, just in case of strangeness (closes: #115138). * Fix a dpkg-statoverride call to redirect stdout to /dev/null, not stderr. * Correct copyright file typo: "orignal" -> "original" (closes: #176490). * Rebuild with libssl0.9.7 (closes: #176983). * We're up to policy version 3.5.6. DEB_BUILD_OPTIONS stuff still needs to be looked at. -- Colin Watson Sat, 18 Jan 2003 01:37:23 +0000 openssh (1:3.5p1-3) unstable; urgency=low * Happy new year! * Use getent rather than id to find out whether the sshd user exists (closes: #150974). * Remove some duplication from the postinst's ssh-keysign setuid code. * Replace db_text with db_input throughout debian/config. (db_text has been a compatibility wrapper since debconf 0.1.5.) * Warn about PermitUserEnvironment on upgrade (closes: #167895). * Use 'make install-nokeys', and disable unused debhelper commands, thereby forward-porting the last pieces of Zack Weinberg's patch (closes: #68341). * Move the man page for gnome-ssh-askpass from the ssh package to ssh-askpass-gnome (closes: #174449). * Build with -DLOGIN_NO_ENDOPT, since Debian's /bin/login doesn't accept '--' to terminate the list of options (closes: #171554). * Add Jonathan Amery's ssh-argv0 script (closes: #111341). * Update Danish debconf template (thanks, Morten Brix Pedersen; closes: #174757). * Document setgid ssh-agent's effect on certain environment variables in README.Debian (closes: #167974). * Document interoperability problems between scp and ssh.com's server in README.Debian, and suggest some workarounds (closes: #174662). -- Colin Watson Wed, 1 Jan 2003 14:18:30 +0000 openssh (1:3.5p1-2) unstable; urgency=low * Mention in the ssh package description that it provides both ssh and sshd (closes: #99680). * Create a system group for ssh-agent, not a user group (closes: #167669). -- Colin Watson Mon, 4 Nov 2002 13:43:53 +0000 openssh (1:3.5p1-1) unstable; urgency=low * New upstream release. - Fixes typo in ssh-add usage (closes: #152239). - Fixes 'PermitRootLogin forced-commands-only' (closes: #166184). - ~/.ssh/environment and environment= options in ~/.ssh/authorized_keys are deprecated for security reasons and will eventually go away. For now they can be re-enabled by setting 'PermitUserEnvironment yes' in sshd_config. - ssh-agent is installed setgid to prevent ptrace() attacks. The group actually doesn't matter, as it drops privileges immediately, but to avoid confusion the postinst creates a new 'ssh' group for it. * Obsolete patches: - Solar Designer's privsep+compression patch for Linux 2.2 (see 1:3.3p1-0.0woody1). - Hostbased auth ssh-keysign backport (see 1:3.4p1-4). * Remove duplicated phrase in ssh_config(5) (closes: #152404). * Source the debconf confmodule at the top of the postrm rather than at the bottom, to avoid making future non-idempotency problems worse (see #151035). * Debconf templates: - Add Polish (thanks, Grzegorz Kusnierz). - Update French (thanks, Denis Barbier; closes: #132509). - Update Spanish (thanks, Carlos Valdivia Yagüe; closes: #164716). * Write a man page for gnome-ssh-askpass, and link it to ssh-askpass.1 if this is the selected ssh-askpass alternative (closes: #67775). -- Colin Watson Sat, 26 Oct 2002 19:41:51 +0100 openssh (1:3.4p1-4) unstable; urgency=low * Allow ssh-krb5 in ssh-askpass-gnome's dependencies (closes: #129532). * Restore Russia to list of countries where encryption is problematic (see #148951 and http://www.average.org/freecrypto/). * Drop ssh-askpass-gnome's priority to optional, per the override file. * Drop the PAM special case for hurd-i386 (closes: #99157). * s/dile/idle/ in ssh_config(5) (closes: #118331). * Note in README.Debian that you need xauth from xbase-clients on the server for X11 forwarding (closes: #140269). * Use correct path to upstream README in copyright file (closes: #146037). * Document the units for ProtocolKeepAlives (closes: #159479). * Backport upstream patch to fix hostbased auth (closes: #117114). * Add -g to CFLAGS. -- Colin Watson Sun, 13 Oct 2002 18:58:53 +0100 openssh (1:3.4p1-3) unstable; urgency=low * Add myself to Uploaders: and begin acting as temporary maintainer, at Matthew's request. (Normal service will resume in some months' time.) * Add sharutils to Build-Depends (closes: #138465). * Stop creating the /usr/doc/ssh symlink. * Fix some debconf template typos (closes: #160358). * Split debconf templates into one file per language. * Add debconf template translations: - Brazilian Portuguese (thanks, Andre Luis Lopes; closes: #106173). - Danish (thanks, Claus Hindsgaul; closes: #126607). - Japanese (thanks, Tomohiro KUBOTA; closes: #137427). - Russian (thanks, Ilgiz Kalmetev; closes: #136610). - Spanish (thanks, Carlos Valdivia Yagüe; closes: #129041). * Update debconf template translations: - French (thanks, Igor Genibel; closes: #151361). - German (thanks, Axel Noetzold; closes: #147069). * Some of these translations are fuzzy. Please send updates. -- Colin Watson Sun, 13 Oct 2002 14:09:57 +0100 openssh (1:3.4p1-2) unstable; urgency=high * Get a security-fixed version into unstable * Also tidy README.Debian up a little -- Matthew Vernon Fri, 28 Jun 2002 17:20:59 +0100 openssh (1:3.4p1-1) testing; urgency=high * Extend my tendrils back into this package (Closes: #150915, #151098) * thanks to the security team for their work * no thanks to ISS/Theo de Raadt for their handling of these bugs * save old sshd_configs to sshd_config.dpkg-old when auto-generating a new one * tell/ask the user about PriviledgeSeparation * /etc/init.d/ssh run will now create the chroot empty dir if necessary * Remove our previous statoverride on /usr/bin/ssh (only for people upgrading from a version where we'd put one in ourselves!) * Stop slandering Russia, since someone asked so nicely (Closes: #148951) * Reduce the sleep time in /etc/init.d/ssh during a restart -- Matthew Vernon Fri, 28 Jun 2002 15:52:10 +0100 openssh (1:3.4p1-0.0woody1) testing-security; urgency=high * NMU by the security team. * New upstream version -- Michael Stone Wed, 26 Jun 2002 15:40:38 -0400 openssh (1:3.3p1-0.0woody4) testing-security; urgency=high * NMU by the security team. * fix error when /etc/ssh/sshd_config exists on new install * check that user doesn't exist before running adduser * use openssl internal random unconditionally -- Michael Stone Tue, 25 Jun 2002 19:44:39 -0400 openssh (1:3.3p1-0.0woody3) testing-security; urgency=high * NMU by the security team. * use correct home directory when sshd user is created -- Michael Stone Tue, 25 Jun 2002 08:59:50 -0400 openssh (1:3.3p1-0.0woody2) testing-security; urgency=high * NMU by the security team. * Fix rsa1 key creation (Closes: #150949) * don't fail if sshd user removal fails * depends: on adduser (Closes: #150907) -- Michael Stone Tue, 25 Jun 2002 08:59:50 -0400 openssh (1:3.3p1-0.0woody1) testing-security; urgency=high * NMU by the security team. * New upstream version. - Enable privilege separation by default. * Include patch from Solar Designer for privilege separation and compression on 2.2.x kernels. * Remove --disable-suid-ssh from configure. * Support setuid ssh-keysign binary instead of setuid ssh client. * Check sshd configuration before restarting. -- Daniel Jacobowitz Mon, 24 Jun 2002 13:43:44 -0400 openssh (1:3.0.2p1-9) unstable; urgency=high * Thanks to those who NMUd * The only change in this version is to debian/control - I've removed the bit that says you can't export it from the US - it would look pretty daft to say this about a package in main! Also, it's now OK to use crypto in France, so I've edited that comment slightly * Correct a path in README.Debian too (Closes: #138634) -- Matthew Vernon Sun, 4 Apr 2002 09:52:59 +0100 openssh (1:3.0.2p1-8.3) unstable; urgency=medium * NMU * Really set urgency to medium this time (oops) * Fix priority to standard per override while I'm at it -- Aaron M. Ucko Sun, 24 Mar 2002 09:00:08 -0500 openssh (1:3.0.2p1-8.2) unstable; urgency=low * NMU with maintainer's permission * Prepare for upcoming ssh-nonfree transitional packages per * Urgency medium because it would really be good to get this into woody before it releases * Fix sections to match override file * Reissued due to clash with non-US -> main move -- Aaron M. Ucko Sat, 23 Mar 2002 21:21:52 -0500 openssh (1:3.0.2p1-8.1) unstable; urgency=low * NMU * Move from non-US to mani -- LaMont Jones Thu, 21 Mar 2002 09:33:50 -0700 openssh (1:3.0.2p1-8) unstable; urgency=critical * Security fix - patch from upstream (Closes: #137209, #137210) * Undo the changes in the unreleased -7, since they appear to break things here. Accordingly, the code change is minimal, and I'm happy to get it into testing ASAP -- Matthew Vernon Thu, 7 Mar 2002 14:25:23 +0000 openssh (1:3.0.2p1-7) unstable; urgency=high * Build to support IPv6 and IPv4 by default again -- Matthew Vernon Sat, 2 Mar 2002 00:25:05 +0000 openssh (1:3.0.2p1-6) unstable; urgency=high * Correct error in the clean target (Closes: #130868) -- Matthew Vernon Sat, 26 Jan 2002 00:32:00 +0000 openssh (1:3.0.2p1-5) unstable; urgency=medium * Include the Debian version in our identification, to make it easier to audit networks for patched versions in future -- Matthew Vernon Mon, 21 Jan 2002 17:16:10 +0000 openssh (1:3.0.2p1-4) unstable; urgency=medium * If we're asked to not run sshd, stop any running sshd's first (Closes: #129327) -- Matthew Vernon Wed, 16 Jan 2002 21:24:16 +0000 openssh (1:3.0.2p1-3) unstable; urgency=high * Fix /etc/pam.d/ssh to not set $MAIL (Closes: #128913) * Remove extra debconf suggestion (Closes: #128094) * Mmm. speedy bug-fixing :-) -- Matthew Vernon Sat, 12 Jan 2002 17:23:58 +0000 openssh (1:3.0.2p1-2) unstable; urgency=high * Fix postinst to not automatically overwrite sshd_config (!) (Closes: #127842, #127867) * Add section in README.Debian about the PermitRootLogin setting -- Matthew Vernon Sat, 5 Jan 2003 05:26:30 +0000 openssh (1:3.0.2p1-1) unstable; urgency=high * Incorporate fix from Colin's NMU * New upstream version (fixes the bug Wichert fixed) (Closes: #124035) * Capitalise IETF (Closes: #125379) * Refer to the correct sftp-server location (Closes: #126854, #126224) * Do what we're asked re SetUID ssh (Closes: #124065, #124154, #123247) * Ask people upgrading from potato if they want a new conffile (Closes: #125642) * Fix a typo in postinst (Closes: #122192, #122410, #123440) * Frob the default config a little (Closes: #122284, #125827, #125696, #123854) * Make /etc/init.d/ssh be more clear about ssh not running (Closes: #123552) * Fix typo in templates file (Closes: #123411) -- Matthew Vernon Fri, 4 Jan 2002 16:01:52 +0000 openssh (1:3.0.1p1-1.2) unstable; urgency=high * Non-maintainer upload * Prevent local users from passing environment variables to the login process when UseLogin is enabled -- Wichert Akkerman Mon, 3 Dec 2001 19:34:45 +0100 openssh (1:3.0.1p1-1.1) unstable; urgency=low * Non-maintainer upload, at Matthew's request. * Remove sa_restorer assignment to fix compilation on alpha, hppa, and ia64 (closes: #122086). -- Colin Watson Sun, 2 Dec 2001 18:54:16 +0000 openssh (1:3.0.1p1-1) unstable; urgency=high * New upstream version (Closes: #113646, #113513, #114707, #118564) * Building with a libc that works (!) (Closes: #115228) * Patches forward-ported are -1/-2 options for scp, the improvement to 'waiting for forwarded connections to terminate...' * Fix /etc/init.d/ssh to stop sshd properly (Closes: #115228) * /etc/ssh/sshd_config is no longer a conffile but generated in the postinst * Remove suidregister leftover from postrm * Mention key we are making in the postinst * Default to not enable SSH protocol 1 support, since protocol 2 is much safer anyway. * New version of the vpn-fixes patch, from Ian Jackson * New handling of -q, and added new -qq option; thanks to Jon Amery * Experimental smartcard support not enabled, since I have no way of testing it. -- Matthew Vernon Thu, 28 Nov 2001 17:43:01 +0000 openssh (1:2.9p2-6) unstable; urgency=low * check for correct file in /etc/init.d/ssh (Closes: #110876) * correct location of version 2 keys in ssh.1 (Closes: #110439) * call update-alternatives --quiet (Closes: #103314) * hack ssh-copy-id to chmod go-w (Closes: #95551) * TEMPORARY fix to provide largefile support using a -D in the cflags line. long-term, upstream will patch the autoconf stuff (Closes: #106809, #111849) * remove /etc/rc references in ssh-keygen.1 (Closes: #68350) * scp.1 patch from Adam McKenna to document -r properly (Closes: #76054) * Check for files containing a newline character (Closes: #111692) -- Matthew Vernon Thu, 13 Sep 2001 16:47:36 +0100 openssh (1:2.9p2-5) unstable; urgency=high * Thanks to all the bug-fixers who helped! * remove sa_restorer assignment (Closes: #102837) * patch from Peter Benie to DTRT wrt X forwarding if the server refuses us access (Closes: #48297) * patch from upstream CVS to fix port forwarding (Closes: #107132) * patch from Jonathan Amery to document ssh-keygen behaviour (Closes:#106643, #107512) * patch to postinst from Jonathan Amery (Closes: #106411) * patch to manpage from Jonathan Amery (Closes: #107364) * patch from Matthew Vernon to make -q emit fatal errors as that is the documented behaviour (Closes: #64347) * patch from Ian Jackson to cause us to destroy a file when we scp it onto itself, rather than dumping bits of our memory into it, which was a security hole (see #51955) * patch from Jonathan Amery to document lack of Kerberos support (Closes: #103726) * patch from Matthew Vernon to make the 'waiting for connections to terminate' message more helpful (Closes: #50308) -- Matthew Vernon Thu, 23 Aug 2001 02:14:09 +0100 openssh (1:2.9p2-4) unstable; urgency=high * Today's build of ssh is strawberry flavoured * Patch from mhp to reduce length of time sshd is stopped for (Closes: #106176) * Tidy up debconf template (Closes: #106152) * If called non-setuid, then setgid()'s failure should not be fatal (see #105854) -- Matthew Vernon Sun, 22 Jul 2001 14:19:43 +0100 openssh (1:2.9p2-3) unstable; urgency=low * Patch from yours truly to add -1 and -2 options to scp (Closes: #106061) * Improve the IdentityFile section in the man page (Closes: #106038) -- Matthew Vernon Sat, 21 Jul 2001 14:47:27 +0100 openssh (1:2.9p2-2) unstable; urgency=low * Document the protocol version 2 and IPV6 changes (Closes: #105845, #105868) * Make PrintLastLog 'no' by default (Closes: #105893) -- Matthew Vernon Thu, 19 Jul 2001 18:36:41 +0100 openssh (1:2.9p2-1) unstable; urgency=low * new (several..) upstream version (Closes: #96726, #81856, #96335) * Hopefully, this will close some other bugs too -- Matthew Vernon Tue, 17 Jul 2001 19:41:58 +0100 openssh (1:2.5.2p2-3) unstable; urgency=low * Taking Over this package * Patches from Robert Bihlmeyer for the Hurd (Closes: #102991) * Put PermitRootLogin back to yes (Closes: #67334, #67371, #78274) * Don't fiddle with conf-files any more (Closes: #69501) -- Matthew Vernon Tue, 03 Jul 2001 02:58:13 +0100 openssh (1:2.5.2p2-2.2) unstable; urgency=low * NMU * Include Hurd compatibility patches from Robert Bihlmeyer (Closes: #76033) * Patch from Richard Kettlewell for protocolkeepalives (Closes: #99273) * Patch from Matthew Vernon for BannerTimeOut, batchmode, and documentation for protocolkeepalives. Makes ssh more generally useful for scripting uses (Closes: #82877, #99275) * Set a umask, so ourpidfile isn't world-writable (closes: #100012, #98286, #97391) -- Matthew Vernon Thu, 28 Jun 2001 23:15:42 +0100 openssh (1:2.5.2p2-2.1) unstable; urgency=low * NMU * Remove duplicate Build-Depends for libssl096-dev and change it to depend on libssl-dev instaed. Also adding in virtual | real package style build-deps. (Closes: #93793, #75228) * Removing add-log entry (Closes: #79266) * This was a pam bug from a while back (Closes: #86908, #88457, #86843) * pam build-dep already exists (Closes: #93683) * libgnome-dev build-dep already exists (Closes: #93694) * No longer in non-free (Closes: #85401) * Adding in fr debconf translations (Closes: #83783) * Already suggests xbase-clients (Closes: #79741) * No need to suggest libpam-pwdb anymore (Closes: #81658) * Providing rsh-client (Closes: #79437) * hurd patch was already applied (Closes: #76033) * default set to no (Closes: #73682) * Adding in a suggests for dnsutils (Closes: #93265) * postinst bugs fixed (Closes: #88057, #88066, #88196, #88405, #88612) (Closes: #88774, #88196, #89556, #90123, #90228, #90833, #87814, #85465) * Adding in debconf dependency -- Ivan E. Moore II Mon, 16 Apr 2001 14:11:04 +0100 openssh (1:2.5.2p2-2) unstable; urgency=high * disable the OpenSSL version check in entropy.c (closes: #93581, #93588, #93590, #93614, #93619, #93635, #93648) -- Philip Hands Wed, 11 Apr 2001 20:30:04 +0100 openssh (1:2.5.2p2-1) unstable; urgency=low * New upstream release * removed make-ssh-known-hosts, since ssh-keyscan does that job (closes: #86069, #87748) * fix double space indent in german templates (closes: #89493) * make postinst check for ssh_host_rsa_key * get rid of the last of the misguided debian/rules NMU debris :-/ -- Philip Hands Sat, 24 Mar 2001 20:59:33 +0000 openssh (1:2.5.1p2-2) unstable; urgency=low * rebuild with new debhelper (closes: #89558, #89536, #90225) * fix broken dpkg-statoverride test in postinst (closes: #89612, #90474, #90460, #89605) * NMU bug fixed but not closed in last upload (closes: #88206) -- Philip Hands Fri, 23 Mar 2001 16:11:33 +0000 openssh (1:2.5.1p2-1) unstable; urgency=high * New upstream release * fix typo in postinst (closes: #88110) * revert to setting PAM service name in debian/rules, backing out last NMU, which also (closes: #88101) * restore the pam lastlog/motd lines, lost during the NMUs, and sshd_config * restore printlastlog option patch * revert to using debhelper, which had been partially disabled in NMUs -- Philip Hands Tue, 13 Mar 2001 01:41:34 +0000 openssh (1:2.5.1p1-1.8) unstable; urgency=high * And now the old pam-bug s/sshd/ssh in ssh.c is also fixed -- Christian Kurz Thu, 1 Mar 2001 19:48:01 +0100 openssh (1:2.5.1p1-1.7) unstable; urgency=high * And now we mark the correct binary as setuid, when a user requested to install it setuid. -- Christian Kurz Thu, 1 Mar 2001 07:19:56 +0100 openssh (1:2.5.1p1-1.6) unstable; urgency=high * Fixes postinst to handle overrides that are already there. Damn, I should have noticed the bug earlier. -- Christian Kurz Wed, 28 Feb 2001 22:35:00 +0100 openssh (1:2.5.1p1-1.5) unstable; urgency=high * Rebuild ssh with pam-support. -- Christian Kurz Mon, 26 Feb 2001 21:55:51 +0100 openssh (1:2.5.1p1-1.4) unstable; urgency=low * Added Build-Depends on libssl096-dev. * Fixed sshd_config file to disallow root logins again. -- Christian Kurz Sun, 25 Feb 2001 20:03:55 +0100 openssh (1:2.5.1p1-1.3) unstable; urgency=low * Fixed missing manpages for sftp.1 and ssh-keyscan.1 * Made package policy 3.5.2 compliant. -- Christian Kurz Sun, 25 Feb 2001 15:46:26 +0100 openssh (1:2.5.1p1-1.2) unstable; urgency=low * Added Conflict with sftp, since we now provide our own sftp-client. * Added a fix for our broken dpkg-statoverride call in the 2.3.0p1-13. * Fixed some config pathes in the comments of sshd_config. * Removed ssh-key-exchange-vulnerability-patch since it's not needed anymore because upstream included the fix. -- Christian Kurz Sun, 25 Feb 2001 13:46:58 +0100 openssh (1:2.5.1p1-1.1) unstable; urgency=high * Another NMU to get the new upstream version 2.5.1p1 into unstable. (Closes: #87123) * Corrected postinst to mark ssh as setuid. (Closes: #86391, #85766) * Key Exchange patch is already included by upstream. (Closes: #86015) * Upgrading should be possible now. (Closes: #85525, #85523) * Added --disable-suid-ssh as compile option, so ssh won't get installed suid per default. * Fixed postinst to run dpkg-statoverride only, when dpkg-statoverride is available and the mode of the binary should be 4755. And also added suggestion for a newer dpkg. (Closes: #85734, #85741, #86876) * sftp and ssh-keyscan will also be included from now on. (Closes: #79994) * scp now understands spaces in filenames (Closes: #53783, #58958, #66723) * ssh-keygen now supports showing DSA fingerprints. (Closes: #68623) * ssh doesn' t show motd anymore when switch -t is used. (Closes #69035) * ssh supports the usage of other dsa keys via the ssh command line options. (Closes: #81250) * Documentation in sshd_config fixed. (Closes: #81088) * primes file included by upstream and included now. (Closes: #82101) * scp now allows dots in the username. (Closes: #82477) * Spelling error in ssh-copy-id.1 corrected by upstream. (Closes: #78124) -- Christian Kurz Sun, 25 Feb 2001 10:06:08 +0100 openssh (1:2.3.0p1-1.13) unstable; urgency=low * Config should now also be fixed with this hopefully last NMU. -- Christian Kurz Sat, 10 Feb 2001 22:56:36 +0100 openssh (1:2.3.0p1-1.12) unstable; urgency=high * Added suggest for xbase-clients to control-file. (Closes #85227) * Applied patch from Markus Friedl to fix a vulnerability in the rsa keyexchange. * Fixed position of horizontal line. (Closes: #83613) * Fixed hopefully the grep problem in the config-file. (Closes: #78802) * Converted package from suidregister to dpkg-statoverride. -- Christian Kurz Fri, 9 Feb 2001 19:43:55 +0100 openssh (1:2.3.0p1-1.11) unstable; urgency=medium * Fixed some typos in the german translation of the debconf template. -- Christian Kurz Wed, 24 Jan 2001 18:22:38 +0100 openssh (1:2.3.0p1-1.10) unstable; urgency=medium * Fixed double printing of motd. (Closes: #82618) -- Christian Kurz Tue, 23 Jan 2001 21:03:43 +0100 openssh (1:2.3.0p1-1.9) unstable; urgency=high * And the next NMU which includes the patch from Andrew Bartlett and Markus Friedl to fix the root privileges handling of openssh. (Closes: #82657) -- Christian Kurz Wed, 17 Jan 2001 22:20:54 +0100 openssh (1:2.3.0p1-1.8) unstable; urgency=high * Applied fix from Ryan Murray to allow building on other architectures since the hurd patch was wrong. (Closes: #82471) -- Christian Kurz Tue, 16 Jan 2001 22:45:51 +0100 openssh (1:2.3.0p1-1.7) unstable; urgency=medium * Fixed another typo on sshd_config -- Christian Kurz Sun, 14 Jan 2001 19:01:31 +0100 openssh (1:2.3.0p1-1.6) unstable; urgency=high * Added Build-Dependency on groff (Closes: #81886) * Added Build-Depencency on debhelper (Closes: #82072) * Fixed entry for known_hosts in sshd_config (Closes: #82096) -- Christian Kurz Thu, 11 Jan 2001 23:08:16 +0100 openssh (1:2.3.0p1-1.5) unstable; urgency=high * Fixed now also the problem with sshd used as default ipv4 and didn't use IPv6. This should be now fixed. -- Christian Kurz Thu, 11 Jan 2001 21:25:55 +0100 openssh (1:2.3.0p1-1.4) unstable; urgency=high * Fixed buggy entry in postinst. -- Christian Kurz Wed, 10 Jan 2001 23:12:16 +0100 openssh (1:2.3.0p1-1.3) unstable; urgency=high * After finishing the rewrite of the rules-file I had to notice that the manpage installation was broken. This should now work again. -- Christian Kurz Wed, 10 Jan 2001 22:11:59 +0100 openssh (1:2.3.0p1-1.2) unstable; urgency=high * Fixed the screwed up build-dependency. * Removed --with-ipv4-default to support ipv6. * Changed makefile to use /etc/pam.d/ssh instead of /etc/pam.d/sshd. * Fixed location to sftp-server in config. * Since debian still relies on /etc/pam.d/ssh instead of moving to /etc/pam.d/sshd, I had to hack ssh.h to get ssh to use this name. * Fixed path to host key in sshd_config. -- Christian Kurz Wed, 10 Jan 2001 08:23:47 +0100 openssh (1:2.3.0p1-1.1) unstable; urgency=medium * NMU with permission of Phil Hands. * New upstream release * Update Build-Depends to point to new libssl096. * This upstream release doesn't leak any information depending on the setting of PermitRootLogin (Closes: #59933) * New upstream release contains fix against forcing a client to do X/agent forwarding (Closes: #76788) * Changed template to contain correct path to the documentation (Closes: #67245) * Added --with-4in6 switch as compile option into debian/rules. * Added --with-ipv4-default as compile option into debian/rules. (Closes: #75037) * Changed default path to also contain /usr/local/bin and /usr/X11R6/bin (Closes: #62472,#54567,#62810) * Changed path to sftp-server in sshd_config to match the our package (Closes: #68347) * Replaced OpenBSDh with OpenBSD in the init-script. * Changed location to original source in copyright.head * Changed behaviour of init-script when invoked with the option restart (Closes: #68706,#72560) * Added a note about -L option of scp to README.Debian * ssh won't print now the motd if invoked with -t option (Closes: #59933) * RFC.nroff.gz get's now converted into RFC.gz. (Closes: #63867) * Added a note about tcp-wrapper support to README.Debian (Closes: #72807,#22190) * Removed two unneeded options from building process. * Added sshd.pam into debian dir and install it. * Commented out unnecessary call to dh_installinfo. * Added a line to sshd.pam so that limits will be paid attention to (Closes: #66904) * Restart Option has a Timeout of 10 seconds (Closes: 51264) * scp won't override files anymore (Closes: 51955) * Removed pam_lastlog module, so that the lastlog is now printed only once (Closes: #71742, #68335, #69592, #71495, #77781) * If password is expired, openssh now forces the user to change it. (Closes: #51747) * scp should now have no more problems with shell-init-files that produces ouput (Closes: #56280,#59873) * ssh now prints the motd correctly (Closes: #66926) * ssh upgrade should disable ssh daemon only if users has choosen to do so (Closes: #67478) * ssh can now be installed suid (Closes: #70879) * Modified debian/rules to support hurd. -- Christian Kurz Wed, 27 Dec 2000 20:06:57 +0100 openssh (1:2.2.0p1-1.1) unstable; urgency=medium * Non-Maintainer Upload * Check for new returns in the new libc (closes: #72803, #74393, #72797, #71307, #71702) * Link against libssl095a (closes: #66304) * Correct check for PermitRootLogin (closes: #69448) -- Ryan Murray Wed, 18 Oct 2000 00:48:18 -0700 openssh (1:2.2.0p1-1) unstable; urgency=low * New upstream release -- Philip Hands Mon, 11 Sep 2000 14:49:43 +0100 openssh (1:2.1.1p4-3) unstable; urgency=low * add rsh alternatives * add -S option to scp (using Tommi Virtanen's patch) (closes: #63097) * do the IPV4_DEFAULT thing properly this time -- Philip Hands Fri, 11 Aug 2000 18:14:37 +0100 openssh (1:2.1.1p4-2) unstable; urgency=low * reinstate manpage .out patch from 1:1.2.3 * fix typo in postinst * only compile ssh with IPV4_DEFAULT * apply James Troup's patch to add a -o option to scp and updated manpage -- Philip Hands Sun, 30 Jul 2000 00:12:49 +0100 openssh (1:2.1.1p4-1) unstable; urgency=low * New upstream release -- Philip Hands Sat, 29 Jul 2000 14:46:16 +0100 openssh (1:1.2.3-10) unstable; urgency=low * add version to libpam-modules dependency, because old versions of pam_motd make it impossible to log in. -- Philip Hands Sat, 29 Jul 2000 13:28:22 +0100 openssh (1:1.2.3-9) frozen unstable; urgency=low * force location of /usr/bin/X11/xauth (closes: #64424, #66437, #66859) *RC* * typos in config (closes: #66779, #66780) * sshd_not_to_be_run could be assumed to be true, in error, if the config script died in an unusual way --- I've reversed this (closes: #66335) * Apply Zack Weinberg 's patch to ssh-askpass-ptk (closes: #65981) * change default for PermitRootLogin to "no" (closes: #66406) -- Philip Hands Tue, 11 Jul 2000 20:51:18 +0100 openssh (1:1.2.3-8) frozen unstable; urgency=low * get rid of Provides: rsh-server (this will mean that rstartd will need to change it's depends to deal with #63948, which I'm reopening) (closes: #66257) Given that this is also a trivial change, and is a reversal of a change that was mistakenly made after the freeze, I think this should also go into frozen. -- Philip Hands Wed, 28 Jun 2000 03:26:30 +0100 openssh (1:1.2.3-7) frozen unstable; urgency=low * check if debconf is installed before calling db_stop in postinst. This is required to allow ssh to be installed when debconf is not wanted, which probably makes it an RC upload (hopefully the last of too many). -- Philip Hands Wed, 28 Jun 2000 03:19:47 +0100 openssh (1:1.2.3-6) frozen unstable; urgency=low * fixed depressing little bug involving a line wrap looking like a blank line in the templates file *RC* (closes: #66090, #66078, #66083, #66182) -- Philip Hands Mon, 26 Jun 2000 00:45:05 +0100 openssh (1:1.2.3-5) frozen unstable; urgency=low * add code to prevent UseLogin exploit, although I think our PAM conditional code breaks UseLogin in a way that protects us from this exploit anyway. ;-) (closes: #65495) *RC* * Apply Zack Weinberg 's patch to fix keyboard grab vulnerability in ssh-askpass-gnome (closes: #64795) *RC* * stop redirection of sshd's file descriptors (introduced in 1:1.2.3-3) and use db_stop in the postinst to solve that problem instead (closes: #65104) * add Provides: rsh-server to ssh (closes: #63948) * provide config option not to run sshd -- Philip Hands Mon, 12 Jun 2000 23:05:11 +0100 openssh (1:1.2.3-4) frozen unstable; urgency=low * fixes #63436 which is *RC* * add 10 second pause in init.d restart (closes: #63844) * get rid of noenv in PAM mail line (closes: #63856) * fix host key path in make-ssh-known-hosts (closes: #63713) * change wording of SUID template (closes: #62788, #63436) -- Philip Hands Sat, 27 May 2000 11:18:06 +0100 openssh (1:1.2.3-3) frozen unstable; urgency=low * redirect sshd's file descriptors to /dev/null in init to prevent debconf from locking up during installation ** grave bug just submited by me ** -- Philip Hands Thu, 20 Apr 2000 17:10:59 +0100 openssh (1:1.2.3-2) frozen unstable; urgency=low * allow user to select SUID status of /usr/bin/ssh (closes: 62462) ** RC ** * suggest debconf * conflict with debconf{,-tiny} (<<0.2.17) so I can clean up the preinst -- Philip Hands Wed, 19 Apr 2000 17:49:15 +0100 openssh (1:1.2.3-1) frozen unstable; urgency=low * New upstream release * patch sshd to create extra xauth key required for localhost (closes: #49944) *** RC *** * FallbacktoRsh now defaults to ``no'' to match impression given in sshd_config * stop setting suid bit on ssh (closes: #58711, #58558) This breaks Rhosts authentication (which nobody uses) and allows the LD_PRELOAD trick to get socks working, so seems like a net benefit. -- Philip Hands Thu, 13 Apr 2000 20:01:54 +0100 openssh (1:1.2.2-1.4) frozen unstable; urgency=low * Recompile for frozen, contains fix for RC bug. -- Tommi Virtanen Tue, 29 Feb 2000 22:14:58 +0200 openssh (1:1.2.2-1.3) unstable; urgency=low * Integrated man page addition for PrintLastLog. This bug was filed on "openssh", and I ended up creating my own patch for this (closes: #59054) * Improved error message when ssh_exchange_identification gets EOF (closes: #58904) * Fixed typo (your -> you're) in debian/preinst. * Added else-clauses to config to make this upgradepath possible: oldssh -> openssh preinst fails due to upgrade_to_openssh=false -> ssh-nonfree -> openssh. Without these, debconf remembered the old answer, config didn't force asking it, and preinst always aborted (closes: #56596, #57782) * Moved setting upgrade_to_openssh isdefault flag to the place where preinst would abort. This means no double question to most users, people who currently suffer from "can't upgrade" may need to run apt-get install ssh twice. Did not do the same for use_old_init_script, as the situation is a bit different, and less common (closes: #54010, #56224) * Check for existance of ssh-keygen before attempting to use it in preinst, added warning for non-existant ssh-keygen in config. This happens when the old ssh is removed (say, due to ssh-nonfree getting installed). -- Tommi Virtanen Sun, 27 Feb 2000 21:36:43 +0200 openssh (1:1.2.2-1.2) frozen unstable; urgency=low * Non-maintainer upload. * Added configuration option PrintLastLog, default off due to PAM (closes: #54007, #55042) * ssh-askpass-{gnome,ptk} now provide ssh-askpass, making ssh's Suggests: line more accurate. Also closing related bugs fixed earlier, when default ssh-askpass moved to /usr/bin. (closes: #52403, #54741, #50607, #52298, #50967, #51661) * Patched to call vhangup, with autoconf detection and all (closes: #55379) * Added --with-ipv4-default workaround to a glibc bug causing slow DNS lookups, as per UPGRADING. Use -6 to really use IPv6 addresses. (closes: #57891, #58744, #58713, #57970) * Added noenv to PAM pam_mail line. Thanks to Ben Collins. (closes: #58429) * Added the UPGRADING file to the package. * Added frozen to the changelog line and recompiled before package was installed into the archive. -- Tommi Virtanen Fri, 25 Feb 2000 22:08:57 +0200 openssh (1:1.2.2-1.1) frozen unstable; urgency=low * Non-maintainer upload. * Integrated scp pipe buffer patch from Ben Collins , should now work even if reading a pipe gives less than fstat st_blksize bytes. Should now work on Alpha and Sparc Linux (closes: #53697, #52071) * Made ssh depend on libssl09 (>= 0.9.4-3) (closes: #51393) * Integrated patch from Ben Collins to do full shadow account locking and expiration checking (closes: #58165, #51747) -- Tommi Virtanen Tue, 22 Feb 2000 20:46:12 +0200 openssh (1:1.2.2-1) frozen unstable; urgency=medium * New upstream release (closes: #56870, #56346) * built against new libesd (closes: #56805) * add Colin Watson =NULL patch (closes: #49902, #54894) * use socketpairs as suggested by Andrew Tridgell to eliminate rsync (and other) lockups * patch SSHD_PAM_SERVICE back into auth-pam.c, again :-/ (closes: #49902, #55872, #56959) * uncoment the * line in ssh_config (closes: #56444) * #54894 & #49902 are release critical, so this should go in frozen -- Philip Hands Wed, 9 Feb 2000 04:52:04 +0000 openssh (1:1.2.1pre24-1) unstable; urgency=low * New upstream release -- Philip Hands Fri, 31 Dec 1999 02:47:24 +0000 openssh (1:1.2.1pre23-1) unstable; urgency=low * New upstream release * excape ? in /etc/init.d/ssh (closes: #53269) -- Philip Hands Wed, 29 Dec 1999 16:50:46 +0000 openssh (1:1.2pre17-1) unstable; urgency=low * New upstream release -- Philip Hands Thu, 9 Dec 1999 16:50:40 +0000 openssh (1:1.2pre16-1) unstable; urgency=low * New upstream release * upstream release (1.2pre14) (closes: #50299) * make ssh depend on libwrap0 (>= 7.6-1.1) (closes: #50973, #50776) * dispose of grep -q broken pipe message in config script (closes: #50855) * add make-ssh-known-hosts (closes: #50660) * add -i option to ssh-copy-id (closes: #50657) * add check for *LK* in password, indicating a locked account -- Philip Hands Wed, 8 Dec 1999 22:59:38 +0000 openssh (1:1.2pre13-1) unstable; urgency=low * New upstream release * make sshd.c use SSHD_PAM_SERVICE and define it as "ssh" in debian/rules * remove duplicate line in /etc/pam.d/ssh (closes: #50310) * mention ssh -A option in ssh.1 & ssh_config * enable forwarding to localhost in default ssh_config (closes: #50373) * tweak preinst to deal with debconf being `unpacked' * use --with-tcp-wrappers (closes: #49545) -- Philip Hands Sat, 20 Nov 1999 14:20:04 +0000 openssh (1:1.2pre11-2) unstable; urgency=low * oops, just realised that I forgot to strip out the unpleasant fiddling mentioned below (which turned not to be a fix anyway) -- Philip Hands Mon, 15 Nov 1999 01:35:23 +0000 openssh (1:1.2pre11-1) unstable; urgency=low * New upstream release (closes: #49722) * add 2>/dev/null to dispose of spurious message casused by grep -q (closes: #49876, #49604) * fix typo in debian/control (closes: #49841) * Do some unpleasant fiddling with upgraded keys in the preinst, which should make the keylength problem go away. (closes: #49676) * make pam_start in sshd use ``ssh'' as the service name (closes: #49956) * If /etc/ssh/NOSERVER exist, stop sshd from starting (closes: #47107) * apply Ben Collins 's shadow patch * disable lastlogin and motd printing if using pam (closes: #49957) * add ssh-copy-id script and manpage -- Philip Hands Fri, 12 Nov 1999 01:03:38 +0000 openssh (1:1.2pre9-1) unstable; urgency=low * New upstream release * apply Chip Salzenberg 's SO_REUSEADDR patch to channels.c, to make forwarded ports instantly reusable * replace Pre-Depend: debconf with some check code in preinst * make the ssh-add ssh-askpass failure message more helpful * fix the ssh-agent getopts bug (closes: #49426) * fixed typo on Suggests: line (closes: #49704, #49571) * tidy up ssh package description (closes: #49642) * make ssh suid (closes: #49635) * in preinst upgrade code, ensure ssh_host_keys is mode 600 (closes: #49606) * disable agent forwarding by default, for the similar reasons as X forwarding (closes: #49586) -- Philip Hands Tue, 9 Nov 1999 09:57:47 +0000 openssh (1:1.2pre7-4) unstable; urgency=low * predepend on debconf (>= 0.2.17) should now allow preinst questions -- Philip Hands Sat, 6 Nov 1999 10:31:06 +0000 openssh (1:1.2pre7-3) unstable; urgency=low * add ssh-askpass package using Tommi Virtanen's perl-tk script * add ssh-preconfig package cludge * add usage hints to ssh-agent.1 -- Philip Hands Fri, 5 Nov 1999 00:38:33 +0000 openssh (1:1.2pre7-2) unstable; urgency=low * use pam patch from Ben Collins * add slogin symlink to Makefile.in * change /usr/bin/login to LOGIN_PROGRAM define of /bin/login * sort out debconf usage * patch from Tommi Virtanen 's makes ssh-add use ssh-askpass -- Philip Hands Thu, 4 Nov 1999 11:08:54 +0000 openssh (1:1.2pre7-1) unstable; urgency=low * New upstream release -- Philip Hands Tue, 2 Nov 1999 21:02:37 +0000 openssh (1:1.2.0.pre6db1-2) unstable; urgency=low * change the binary package name to ssh (the non-free branch of ssh has been renamed to ssh-nonfree) * make pam file comply with Debian standards * use an epoch to make sure openssh supercedes ssh-nonfree -- Philip Hands Sat, 30 Oct 1999 16:26:05 +0100 openssh (1.2pre6db1-1) unstable; urgency=low * New upstream source * sshd accepts logins now! -- Dan Brosemer Fri, 29 Oct 1999 11:13:38 -0500 openssh (1.2.0.19991028-1) unstable; urgency=low * New upstream source * Added test for -lnsl to configure script -- Dan Brosemer Thu, 28 Oct 1999 18:52:09 -0500 openssh (1.2.0.19991027-3) unstable; urgency=low * Initial release -- Dan Brosemer Wed, 27 Oct 1999 19:39:46 -0500