Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-05-17 | Merge branch 'hans/ssh/ext-info_bug_fixes' | Hans Nilsson | |
2017-05-17 | ssh: select server-sig-algs from configured algos (preferred_algorithms) | Hans Nilsson | |
2017-05-17 | ssh: Enable rsa-sha2-* | Hans Nilsson | |
Conflicts: lib/ssh/src/ssh_transport.erl | |||
2017-05-12 | ssh: Tests for ext-info extension (ext-info-c) | Hans Nilsson | |
2017-05-04 | Update copyright year | Raimo Niskanen | |
2017-04-27 | ssh: Don't expose new rsa-sha2-* as default | Hans Nilsson | |
2017-04-26 | ssh: Codenomicon/Defensics fixes | Hans Nilsson | |
2017-04-26 | ssh: Implement signature algorithms rsa-sha2-*. draft-ietf-curdle-rsa-sha2 | Hans Nilsson | |
2017-04-26 | ssh: server-sig-algs, server side | Hans Nilsson | |
2017-04-26 | ssh: Implement ext-info extension. draft-ietf-curdle-ssh-ext-info | Hans Nilsson | |
This is only a draft extension, but it is quite stable and already supported by some implementations. OpenSSH has had it for some year now. | |||
2017-04-12 | ssh: replace deprecated crypto:rand_uniform | Hans Nilsson | |
2017-04-07 | ssh: option 'silently_accept_hosts' reworked | Hans Nilsson | |
New (yet) undocumented option value {false,Alg} where Alg :: md5 | sha | sha224 | sha256 | sha384 | sha512 This option includes the fingerprint value in the accept question to the user. The fingerprint is calculated with the Alg provided | |||
2017-04-07 | ssh: Bug fix when calling ssh_io:yes_no | Hans Nilsson | |
This was introduced by the new option handling in commit 89a829f32d855610b0bc0c3ea53e7c05454b7a24 | |||
2017-03-02 | ssh: Initial commit of option handling changes | Hans Nilsson | |
2017-02-14 | Fixed typos in lib/ssh | Andrew Dryga | |
2017-02-06 | Revert "ssh: removed 'ssh-dss' from default list" | Hans Nilsson | |
This reverts commit 6847d9223420fb86cdf72f0e608a5f41a2673053. The removal of ssh-dss seems to give a too high risk of failing customer systems. Needs to be properly deprecated. | |||
2017-02-01 | ssh: minor code unfolding | Hans Nilsson | |
2017-02-01 | ssh: clearer hash calculation | Hans Nilsson | |
2017-01-31 | ssh: better error msg at kex failure | Hans Nilsson | |
2017-01-31 | ssh: removed 'ssh-dss' from default list | Hans Nilsson | |
Reason: insecure | |||
2017-01-31 | ssh: removed 'diffie-hellman-group1-sha1' from default list | Hans Nilsson | |
Reason: very insecure | |||
2017-01-31 | ssh: added stronger diffie-hellman groups | Hans Nilsson | |
diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group14-sha256 | |||
2017-01-31 | ssh: reordered default algorithms list | Hans Nilsson | |
2017-01-31 | Merge branch 'maint' | Hans Nilsson | |
Conflicts: lib/crypto/c_src/crypto.c lib/crypto/src/crypto.erl | |||
2017-01-30 | ssh: optimize kex dh_gex using new crypto functionality | Hans Nilsson | |
2017-01-26 | Merge branch 'maint' | Hans Nilsson | |
2017-01-25 | ssh: correct host key signature calculation | Hans Nilsson | |
2016-12-16 | ssh: Optimize handling of #ssh.shared_secret | Hans Nilsson | |
It is not necessary to mpint-encode it every time it is used (in MAC:s), it sufficies to do it once after key exchange | |||
2016-11-18 | ssh: Add fun and fingerprint to option 'silently_accept_host' | Hans Nilsson | |
2016-09-02 | ssh: make ecdsa sha dependent on curve | Hans Nilsson | |
Bug fix. | |||
2016-04-27 | ssh: Partly refactor and polish ssh_connection_handler | Hans Nilsson | |
2016-04-27 | ssh: Gen_statem rewrite of ssh_connection_handler | Hans Nilsson | |
Including misc fixes in surronding code as well as in test cases. | |||
2016-03-15 | update copyright-year | Henrik Nord | |
2016-01-18 | ssh: Optimization - inline encoding in ssh_message:encode/1, now 8 times faster. | Hans Nilsson | |
Also fixes minor error in ssh_protocol_SUITE that the new encoder found. | |||
2015-12-07 | ssh: fix error for bad packet lengths found by Defensics | Hans Nilsson | |
2015-11-27 | Merge branch 'maint-18' into maint | Hans Nilsson | |
* maint-18: Updated OTP version Update release notes ssh: vsn.mk updated ssh: New test cases for SSH_MSG_KEX_DH_GEX_REQUEST_OLD ssh: update existing testcases ssh: Improve group selection ssh: implemented server side SSH_MSG_KEX_DH_GEX_REQUEST_OLD for putty client Conflicts: lib/ssh/src/ssh_transport.erl lib/ssh/test/ssh_protocol_SUITE.erl lib/ssh/vsn.mk | |||
2015-11-26 | ssh: Improve group selection | Hans Nilsson | |
Now it chooses the first found if no exact match. | |||
2015-11-26 | ssh: implemented server side SSH_MSG_KEX_DH_GEX_REQUEST_OLD for putty client | Hans Nilsson | |
2015-11-23 | ssh: fix dialyzer reported error | Hans Nilsson | |
2015-11-23 | ssh: AEAD_AES_(128|256)_GCM and aes(128|256)[email protected] crypto | Hans Nilsson | |
Note that the rfc5647 is ambigous so this implementation of AEAD_AES_(128|256)_GCM may or may not be compatible with others. They are note enabled by default but may be enabled by the user. See the Reference Manual, Application SSH for details of how we interpret the rfc. To be safe, use [email protected] or [email protected] instead. | |||
2015-11-23 | ssh: refactor packet reception | Hans Nilsson | |
There was an assymetric relationship between receiving a ssh-packet (decrypting-mac-decompress) and sending one. When sending, most of the work was defined in the ssh_transport module, while at reception the ssh_connection_handler was the one knowing what to do. This commit moves the reception down to the ssh_transport module where it belongs. | |||
2015-11-09 | ssh: use crypto for ecdh point validation | Hans Nilsson | |
2015-11-04 | ssh: extend 'dh_gex_limits' to server side | Hans Nilsson | |
OTP-13066 | |||
2015-11-04 | ssh, public_key: random selection of diffie-hellman moduli | Hans Nilsson | |
Also tool (public_key:gen_moduli_hrl) to convert an openssh moduli file to erlang format. | |||
2015-11-02 | ssh: Make tests for bad packet_len and field lengths inside packets | Hans Nilsson | |
Includes a ssh_transport:pack/3 function for generating invalid packets | |||
2015-10-19 | ssh: Implemented ssh_transport:ecdh_validate_public_key (partly) | Hans Nilsson | |
Defined in http://www.secg.org/sec1-v2.pdf '3.2.2 Validation of Elliptic Curve Public Keys' according to RFC 5656 ch 4. More to be done: check singularities, implement reading compressed points.... | |||
2015-10-16 | public_key: add/update -spec for ssh functions | Hans Nilsson | |
2015-10-16 | ssh, public_key: use pubkey encode/decode in app public_key | Hans Nilsson | |
2015-10-16 | ssh, public_key: Change EC Public Key representation to what was intended | Hans Nilsson | |
2015-10-08 | Merge branch 'hans/ssh/option_dh_gex_limits_ignored/OTP-13029' into maint | Hans Nilsson | |