Portable OpenSSH, all Win32-OpenSSH releases and wiki are managed at https://github.com/powershell/Win32-OpenSSH

openssh openssh-server windows win32

C Shell PowerShell Roff M4 Makefile Other

Find file

Clone or download

Pull request Compare This branch is 415 commits ahead, 271 commits behind openssh:master.

bagajjal update to libressl 2.9.2.1

Latest commit ee11c8e

Dec 18, 2019

Name	Latest commit message	Commit time
Failed to load latest commit information.
contrib	update to libressl 2.9.2.1	Dec 18, 2019
openbsd-compat	Port Unix bash tests (#410 )	Dec 9, 2019
regress	Match user force command (pty) (#421 )	Dec 17, 2019
.depend	depend	Oct 9, 2019
.gitignore	Added compression support vai Zlib (#404 )	Nov 1, 2019
.skipped-commit-ids	upstream: avoid compiling certain files that deeply depend on	Sep 6, 2019
CREDITS	convert to UTF-8; from Mike Frysinger	Jul 28, 2019
INSTALL	Privsep is now required.	Sep 19, 2019
LICENCE	convert to UTF-8; from Mike Frysinger	Jul 28, 2019
Makefile.in	Provide explicit path to configure-check.	Sep 6, 2019
OVERVIEW	upstream: refer to OpenSSL not SSLeay;	Oct 23, 2018
PROTOCOL	upstream: mention INFO@openssh.com for sending SIGINFO	Oct 2, 2018
PROTOCOL.agent	update URL again	Sep 30, 2017
PROTOCOL.certkeys	upstream: mention ssh-ed25519-cert-v01@openssh.com in list of cert	Nov 16, 2018
PROTOCOL.chacha20poly1305	upstream: lots of typos in comments/docs. Patch from Karsten Weiss	Apr 10, 2018
PROTOCOL.key	- markus@cvs.openbsd.org 2013/12/06 13:34:54	Dec 6, 2013
PROTOCOL.krl	upstream: allow key revocation by SHA256 hash and allow ssh-keygen	Sep 12, 2018
PROTOCOL.mux	upstream: Document mux proxy mode; added by Markus in openssh-7.4	Sep 26, 2018
PROTOCOL.sshsig	upstream: sshsig tweaks and improvements from and suggested by	Sep 3, 2019
README	prepare for 8.1 release	Oct 9, 2019
README.dns	- jakob@cvs.openbsd.org 2003/10/14 19:43:23	Oct 15, 2003
README.md	second thoughts: leave README in place	Apr 5, 2019
README.platform	Many typo fixes from Karsten Weiss	Apr 10, 2018
README.privsep	Privsep is now required.	Sep 19, 2019
README.tun	- deraadt@cvs.openbsd.org 2006/03/28 00:12:31	Mar 31, 2006
TODO	Remove support for S/Key	Jul 31, 2018
aclocal.m4	Better detection of unsupported compiler options.	Jun 8, 2018
addrmatch.c	upstream: fix some memory leaks spotted by Coverity via Jakub Jelen	Jul 31, 2018
appveyor.yml	remove code to block rdp	Dec 17, 2019
atomicio.c	upstream: Check for both EAGAIN and EWOULDBLOCK. This is a no-op	Jan 24, 2019
atomicio.h	upstream: move client/server SSH-* banners to buffers under	Dec 27, 2018
audit-bsm.c	last bits of old packet API / active_state global	Jan 20, 2019
audit-linux.c	last bits of old packet API / active_state global	Jan 20, 2019
audit.c	last bits of old packet API / active_state global	Jan 20, 2019
audit.h	last bits of old packet API / active_state global	Jan 20, 2019
auth-bsdauth.c	remove duplicate #includes	Oct 2, 2019
auth-krb5.c	upstream: sshd: switch authentication to sshbuf API; ok djm@	Jul 10, 2018
auth-options.c	remove duplicate #includes	Oct 2, 2019
auth-options.h	upstream: cap the number of permiopen/permitlisten directives we're	Jul 9, 2019
auth-pam.c	memleak of buffer in sshpam_query	Sep 13, 2019
auth-pam.h	remove PAM dependencies on old packet API	Jan 19, 2019
auth-passwd.c	Converge fork and upstream branches	Oct 30, 2018
auth-rhosts.c	upstream: remove some duplicate #includes	Oct 2, 2019
auth-shadow.c	Remove key.h from portable files too.	Jul 12, 2018
auth-sia.c	Remove key.h from portable files too.	Jul 12, 2018
auth-sia.h	- (dtucker) [auth-passwd.c auth-sia.h] Remove duplicate definitions of	Apr 5, 2005
auth-skey.c	Remove key.h from portable files too.	Jul 12, 2018
auth.c	Added support for AuthorizedKeysCommand and AuthorizedPrincipalsComma…	Nov 15, 2019
auth.h	remove duplicate #includes	Oct 2, 2019
auth2-chall.c	upstream: lots of things were relying on libcrypto headers to	Sep 6, 2019
auth2-gss.c	upstream: delay bailout for invalid authentic	Jul 31, 2018
auth2-hostbased.c	upstream: lots of things were relying on libcrypto headers to	Sep 6, 2019
auth2-kbdint.c	upstream: lots of things were relying on libcrypto headers to	Sep 6, 2019
auth2-none.c	upstream: sshd: switch authentication to sshbuf API; ok djm@	Jul 10, 2018
auth2-passwd.c	upstream: lots of things were relying on libcrypto headers to	Sep 6, 2019
auth2-pubkey.c	Added support for AuthorizedKeysCommand and AuthorizedPrincipalsComma…	Nov 15, 2019
auth2.c	remove duplicate #includes	Oct 2, 2019
authfd.c	upstream: authfd: add function to check if key is in agent	Sep 3, 2019
authfd.h	upstream: authfd: add function to check if key is in agent	Sep 3, 2019
authfile.c	Added support for AuthorizedKeysCommand and AuthorizedPrincipalsComma…	Nov 15, 2019
authfile.h	upstream: move advance_past_options to authfile.c and make it	Sep 3, 2019
bitmap.c	upstream commit	Oct 20, 2017
bitmap.h	upstream commit	Oct 20, 2017
buildpkg.sh.in	Update links to https.	Oct 20, 2016
canohost.c	upstream: When system calls indicate an error they return -1, not	Jul 5, 2019
canohost.h	upstream commit	Mar 7, 2016
chacha.c	- djm@cvs.openbsd.org 2013/11/21 00:45:44	Nov 21, 2013
chacha.h	upstream commit	Aug 29, 2016
channels.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
channels.h	upstream: include a little more information about the status and	Oct 4, 2018
cipher-aes.c	- (dtucker) [M auth-chall.c auth-krb5.c auth-pam.c cipher-aes.c ciph…	Jun 1, 2013
cipher-aesctr.c	Add includes.h for compatibility stuff.	Feb 25, 2015
cipher-aesctr.h	- markus@cvs.openbsd.org 2014/04/29 18:01:49	May 15, 2014
cipher-chachapoly.c	upstream commit	Aug 8, 2016
cipher-chachapoly.h	- djm@cvs.openbsd.org 2014/06/24 01:13:21	Jul 2, 2014
cipher-ctr.c	support --without-openssl at configure time	Jan 14, 2015
cipher.c	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
cipher.h	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
cleanup.c	- (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c]	Aug 5, 2006
clientloop.c	upstream: When using a combination of a Yubikey+GnuPG+remote	Jul 30, 2019
clientloop.h	upstream: client: switch to sshbuf API; ok djm@	Jul 10, 2018
compat.c	upstream: revert compat.[ch] section of the following change. It	Aug 13, 2018
compat.h	upstream: revert compat.[ch] section of the following change. It	Aug 13, 2018
config.guess	update config.guess and config.sub to current	Aug 2, 2016
config.sub	update config.guess and config.sub to current	Aug 2, 2016
configure.ac	tweak warning flags	Aug 30, 2019
crypto_api.h	upstream: Add support for a PQC KEX/KEM:	Jan 21, 2019
defines.h	Make DEF_WEAK more likely to be correct.	Oct 8, 2019
dh.c	upstream: typo in previous	Sep 8, 2019
dh.h	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
digest-libc.c	Re-apply portability changes to current sha2.{c,h}.	Jul 23, 2019
digest-openssl.c	Re-apply portability changes to current sha2.{c,h}.	Jul 23, 2019
digest.h	upstream commit	May 10, 2017
dispatch.c	upstream: allow sshpkt_fatal() to take a varargs format; we'll	Jan 19, 2019
dispatch.h	upstream: remove last traces of old packet API!	Jan 19, 2019
dns.c	remove duplicate #includes	Oct 2, 2019
dns.h	upstream: Add experimental support for PQC XMSS keys (Extended	Feb 26, 2018
ed25519.c	- markus@cvs.openbsd.org 2013/12/09 11:03:45	Dec 18, 2013
entropy.c	typo in comment	Oct 2, 2019
entropy.h	Adapt portable to legacy buffer API removal	Jul 10, 2018
fatal.c	- deraadt@cvs.openbsd.org 2006/08/03 03:34:42	Aug 5, 2006
fe25519.c	- (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]…	Jan 17, 2014
fe25519.h	- markus@cvs.openbsd.org 2013/12/09 11:03:45	Dec 18, 2013
fixalgorithms	- (dtucker) [Makefile.in configure.ac fixalgorithms] Remove unsupported	Jun 11, 2013
fixpaths	- (djm) PERL-free fixpaths from stuge-openssh-unix-dev@cdy.org	Dec 5, 2002
ge25519.c	- (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]…	Jan 17, 2014
ge25519.h	upstream commit	Feb 16, 2015
ge25519_base.data	- markus@cvs.openbsd.org 2013/12/09 11:03:45	Dec 18, 2013
groupaccess.c	upstream: Move checks for lists of users or groups into their own	Mar 8, 2019
groupaccess.h	- djm@cvs.openbsd.org 2008/07/04 03:44:59	Jul 4, 2008
gss-genr.c	upstream: kerberos/gssapi fixes for buffer removal	Jul 10, 2018
gss-serv-krb5.c	upstream: sshd: switch GSSAPI to sshbuf API; ok djm@	Jul 10, 2018
gss-serv.c	Kerberos SSPI Support Via GSSAPI	Jan 9, 2019
hash.c	upstream commit	Jan 23, 2018
hmac.c	remove duplicate #includes	Oct 2, 2019
hmac.h	- djm@cvs.openbsd.org 2014/06/24 01:13:21	Jul 2, 2014
hostfile.c	remove duplicate #includes	Oct 2, 2019
hostfile.h	upstream commit	Feb 16, 2015
includes.h	portability for sftp globbed ls sort by mtime	Jun 10, 2017
install-sh	Pull in newer install-sh from autoconf-2.69.	Dec 1, 2017
kex.c	upstream: Correct type for end-of-list sentinel; fixes initializer	Oct 9, 2019
kex.h	remove duplicate #includes	Oct 2, 2019
kexc25519.c	upstream: rename kex->kem_client_pub -> kex->client_pub now that	Jan 21, 2019
kexdh.c	typo	Jan 21, 2019
kexecdh.c	Put ssherr.h back as it's actually needed.	Oct 2, 2019
kexgen.c	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
kexgex.c	upstream: pass most arguments to the KEX hash functions as sshbuf	Jan 23, 2019
kexgexc.c	upstream: pass most arguments to the KEX hash functions as sshbuf	Jan 23, 2019
kexgexs.c	upstream: pass most arguments to the KEX hash functions as sshbuf	Jan 23, 2019
kexsntrup4591761x25519.c	new files need includes.h	Jan 21, 2019
krl.c	remove duplicate #includes	Oct 2, 2019
krl.h	upstream: Add protection for private keys at rest in RAM against	Jun 21, 2019
log.c	upstream: avoid expensive channel_open_message() calls; ok djm@	Jul 31, 2018
log.h	upstream: lots of things were relying on libcrypto headers to	Sep 6, 2019
loginrec.c	upstream: lots of things were relying on libcrypto headers to	Sep 6, 2019
loginrec.h	remove vestiges of old packet API from loginrec.c	Jan 19, 2019
logintest.c	- (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #173…	Apr 9, 2010
mac.c	remove duplicate #includes	Oct 2, 2019
mac.h	upstream commit	Jul 8, 2016
match.c	Port Unix bash tests (#410 )	Dec 9, 2019
match.h	upstream: Move checks for lists of users or groups into their own	Mar 8, 2019
md5crypt.c	Remove assigned-to-but-never-used variable.	Feb 13, 2018
md5crypt.h	Remove obsolete CVS $Id from source files.	Aug 17, 2016
mdoc2man.awk	Remove remaining now-obsolete cvs $Ids.	Feb 15, 2018
misc.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
misc.h	upstream: move authorized_keys option parsing helpsers to misc.c	Sep 3, 2019
mkinstalldirs	Remove remaining now-obsolete cvs $Ids.	Feb 15, 2018
moduli	Import regenerated moduli.	Apr 26, 2019
moduli.5	- jmc@cvs.openbsd.org 2012/09/26 17:34:38	Nov 6, 2012
moduli.c	upstream: Check for gmtime failure in moduli generation. Based on	Oct 4, 2019
monitor.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
monitor.h	upstream: remove last references to active_state	Jan 19, 2019
monitor_fdpass.c	upstream commit	Mar 4, 2016
monitor_fdpass.h	- djm@cvs.openbsd.org 2007/09/04 03:21:03	Sep 17, 2007
monitor_wrap.c	upstream: When system calls indicate an error they return -1, not	Jul 5, 2019
monitor_wrap.h	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
msg.c	upstream: replace cast with call to sshbuf_mutable_ptr(); ok djm@	Jul 10, 2018
msg.h	upstream commit	Jan 15, 2015
mux.c	upstream: When system calls indicate an error they return -1, not	Jul 5, 2019
myproposal.h	Use the correct macro for SSH_ALLOWED_CA_SIGALGS.	May 17, 2019
nchan.c	upstream: When system calls indicate an error they return -1, not	Jul 5, 2019
nchan.ms	- djm@cvs.openbsd.org 2003/11/21 11:57:03	Nov 21, 2003
nchan2.ms	- djm@cvs.openbsd.org 2008/05/15 23:52:24	May 19, 2008
openssh.xml.in	- (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where…	Jul 25, 2007
opensshd.init.in	Remove RSA1 host key generation.	Dec 1, 2017
packet.c	upstream: When system calls indicate an error they return -1, not	Jul 5, 2019
packet.h	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
pal_doexec.h	Fix of 1211 and 1082 (#349 )	Nov 5, 2018
pathnames.h	upstream: Add experimental support for PQC XMSS keys (Extended	Feb 26, 2018
pkcs11.h	- deraadt@cvs.openbsd.org 2013/11/26 19:15:09	Dec 4, 2013
platform-misc.c	Split platform_sys_dir_uid into its own file	Aug 25, 2017
platform-pledge.c	Support Illumos/Solaris fine-grained privileges	Jan 8, 2016
platform-tracing.c	Use ptrace(PT_DENY_ATTACH, ..) on OS X.	Oct 31, 2016
platform.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
platform.h	Remove obsolete CVS $Id from source files.	Aug 17, 2016
poly1305.c	- (dtucker) [poly1305.c] Wrap stdlib.h include inside #ifdef HAVE_ST…	Jan 17, 2014
poly1305.h	- djm@cvs.openbsd.org 2014/05/02 03:27:54	May 15, 2014
progressmeter.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
progressmeter.h	upstream: Have progressmeter force an update at the beginning and	Jan 24, 2019
readconf.c	ssh config include failed to read windows file paths (#414 )	Dec 9, 2019
readconf.h	upstream: add a ssh_config "Match final" predicate	Nov 23, 2018
readpass.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
rijndael.c	upstream commit	Mar 23, 2015
rijndael.h	- (djm) [rijndael.c rijndael.h] Sync with newly-ressurected versions…	May 15, 2014
sandbox-capsicum.c	Switch Capsicum header to sys/capsicum.h.	Aug 28, 2017
sandbox-darwin.c	Add missing monitor.h include.	Dec 16, 2016
sandbox-null.c	- (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]	Jan 17, 2014
sandbox-pledge.c	s/SANDBOX_TAME/SANDBOX_PLEDGE/g	Oct 14, 2015
sandbox-rlimit.c	upstream commit	Sep 12, 2016
sandbox-seccomp-filter.c	Enable specific ioctl call for EP11 crypto card (s390)	Oct 5, 2019
sandbox-solaris.c	drop two more privileges in the Solaris sandbox	Jun 9, 2017
sandbox-systrace.c	remove duplicate #includes	Oct 2, 2019
sc25519.c	- (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]…	Jan 17, 2014
sc25519.h	- markus@cvs.openbsd.org 2013/12/09 11:03:45	Dec 18, 2013
scp.1	upstream: Hostname->HostName cleanup; from lauri tirkkonen ok	Jun 14, 2019
scp.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
servconf.c	Added support for AuthorizedKeysCommand and AuthorizedPrincipalsComma…	Nov 15, 2019
servconf.h	upstream: When running sshd -T, assume any attibute not provided by	May 8, 2019
serverloop.c	upstream: When system calls indicate an error they return -1, not	Jul 5, 2019
serverloop.h	upstream commit	Sep 12, 2017
session.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
session.h	upstream: Add server support for signalling sessions via the SSH	Oct 2, 2018
sftp-client.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
sftp-client.h	upstream: Add "-h" flag to sftp chown/chgrp/chmod commands to	Jan 17, 2019
sftp-common.c	Include unistd.h for strmode().	Jan 23, 2019
sftp-common.h	upstream commit	Jan 14, 2015
sftp-glob.c	upstream: remove some duplicate #includes	Oct 2, 2019
sftp-realpath.c	sftp-realpath.c needs includes.h	Jul 8, 2019
sftp-server-main.c	upstream: Replace calls to ssh_malloc_init() by a static init of	Jun 7, 2019
sftp-server.8	upstream commit	Dec 11, 2014
sftp-server.c	Port Unix bash tests (#410 )	Dec 9, 2019
sftp.1	upstream: from tim: - for reput, it is remote-path which is	Jun 21, 2019
sftp.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
sftp.h	- dtucker@cvs.openbsd.org 2008/06/13 00:12:02	Jun 13, 2008
smult_curve25519_ref.c	- markus@cvs.openbsd.org 2013/11/02 21:59:15	Nov 3, 2013
sntrup4591761.c	Add includes.h for compat layer.	Apr 1, 2019
sntrup4591761.sh	upstream: Add authors for public domain sntrup4591761 code;	Feb 1, 2019
ssh-add.1	upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn up	Jan 21, 2019
ssh-add.c	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
ssh-agent.1	upstream commit	Nov 30, 2016
ssh-agent.c	upstream: When system calls indicate an error they return -1, not	Jul 5, 2019
ssh-dss.c	adapt -portable to OpenSSL 1.1x API	Sep 13, 2018
ssh-ecdsa.c	upstream: Make sshpkt_get_bignum2() allocate the bignum it is	Jan 21, 2019
ssh-ed25519.c	upstream commit	Apr 21, 2016
ssh-gss.h	upstream: kerberos/gssapi fixes for buffer removal	Jul 10, 2018
ssh-keygen.1	upstream: use a more common options order in SYNOPSIS and sync	Oct 4, 2019
ssh-keygen.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
ssh-keyscan.1	upstream: move the input format details to -f; remove the output	Mar 12, 2018
ssh-keyscan.c	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
ssh-keysign.8	upstream commit	Feb 17, 2016
ssh-keysign.c	remove duplicate #includes	Oct 2, 2019
ssh-pkcs11-client.c	upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn up	Jan 21, 2019
ssh-pkcs11-helper.8	upstream: add "-v" flags to ssh-add and ssh-pkcs11-helper to turn up	Jan 21, 2019
ssh-pkcs11-helper.c	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
ssh-pkcs11.c	upstream: revert unconditional forced login implemented in r1.41 of	Oct 1, 2019
ssh-pkcs11.h	upstream: add support for ECDSA keys in PKCS#11 tokens	Jan 20, 2019
ssh-rsa.c	adapt -portable to OpenSSL 1.1x API	Sep 13, 2018
ssh-sandbox.h	- (djm) [Makefile.in configure.ac sandbox-capsicum.c sandbox-darwin.c]	Jan 17, 2014
ssh-xmss.c	Add WITH_XMSS, move to prevent conflicts.	Feb 28, 2018
ssh.1	upstream: Hostname->HostName cleanup; from lauri tirkkonen ok	Jun 14, 2019
ssh.c	Tell Windows (CreateProcessW) which part of the command is the progra…	Dec 12, 2019
ssh.h	upstream: move client/server SSH-* banners to buffers under	Dec 27, 2018
ssh2.h	upstream commit	May 19, 2016
ssh_api.c	upstream: Plug mem leaks on error paths, based in part on github	Sep 13, 2019
ssh_api.h	upstream: lots of typos in comments/docs. Patch from Karsten Weiss	Apr 10, 2018
ssh_config	upstream: Remove obsolete "Protocol" from commented out examples. Patch	Feb 4, 2019
ssh_config.5	upstream: clarify that IdentitiesOnly also applies to the default	Sep 13, 2019
sshbuf-getput-basic.c	wrap stdint.h include in HAVE_STDINT_H	Oct 8, 2019
sshbuf-getput-crypto.c	upstream: Make sshpkt_get_bignum2() allocate the bignum it is	Jan 21, 2019
sshbuf-misc.c	wrap stdint.h include in HAVE_STDINT_H	Oct 8, 2019
sshbuf.c	upstream: make grandparent-parent-child sshbuf chains robust to	Nov 16, 2018
sshbuf.h	upstream: fixes for !WITH_OPENSSL compilation; ok dtucker@	Sep 6, 2019
sshconnect.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
sshconnect.h	upstream: allow %n to be expanded in ProxyCommand strings	Sep 13, 2019
sshconnect2.c	upstream: Remove now-redundant perm_ok arg since	Aug 8, 2019
sshd.8	upstream: Switch authorized_keys example from ssh-dss to ssh-rsa	Jul 26, 2018
sshd.c	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
sshd_config	upstream: the UseLogin option was removed, so remove it here too.	Apr 10, 2018
sshd_config.5	upstream: Allow prepending a list of algorithms to the default set	Sep 8, 2019
ssherr.c	upstream: Improve strictness and control over RSA-SHA2 signature	Jul 3, 2018
ssherr.h	upstream: Improve strictness and control over RSA-SHA2 signature	Jul 3, 2018
sshfileperm.h	Added support for AuthorizedKeysCommand and AuthorizedPrincipalsComma…	Nov 15, 2019
sshkey-xmss.c	upstream: fix integer overflow in XMSS private key parsing.	Oct 9, 2019
sshkey-xmss.h	upstream: Add experimental support for PQC XMSS keys (Extended	Feb 26, 2018
sshkey.c	Ported v8.1 changes	Nov 1, 2019
sshkey.h	upstream: make get_sigtype public as sshkey_get_sigtype(); ok	Sep 3, 2019
sshlogin.c	upstream: When system calls indicate an error they return -1, not	Jul 5, 2019
sshlogin.h	- (djm) [sshlogin.h] Fix prototype merge botch from 2006; bz#2134	Aug 1, 2013
sshpty.c	Do not fatal on failed lookup of group "tty".	Jul 5, 2019
sshpty.h	upstream commit	Nov 29, 2016
sshsig.c	upstream: make signature format match PROTOCO	Oct 2, 2019
sshsig.h	upstream: expose allowed_signers options parsing code in header for	Sep 5, 2019
sshtty.c	latestw + Test Infra upgrades	Mar 24, 2017
survey.sh.in	- (dtucker) [config.sh.in] Collect oslevel -r too.	Feb 15, 2005
ttymodes.c	upstream: ttymodes: switch to sshbuf API; ok djm@	Jul 10, 2018
ttymodes.h	upstream commit	May 1, 2017
uidswap.c	explicitly test set[ug]id() return values	Sep 13, 2019
uidswap.h	upstream: Remove support for running ssh(1) setuid and fatal if	Jul 19, 2018
umac.c	upstream: lots of typos in comments/docs. Patch from Karsten Weiss	Apr 10, 2018
umac.h	upstream: Typo and spelling fixes in comments and error messages.	Jun 7, 2019
umac128.c	upstream commit	Feb 9, 2018
utf8.c	upstream: AIX reports the CODESET as "ISO8859-1" in the POSIX locale.	Aug 21, 2018
utf8.h	Force Turkish locales back to C/POSIX; bz#2643	Dec 12, 2016
verify.c	- (dtucker) [blocks.c fe25519.c ge25519.c hash.c sc25519.c verify.c]…	Jan 17, 2014
version.h	Merge branch 'V_8_1' of https://github.com/openssh/openssh-portable i…	Nov 1, 2019
xmalloc.c	wrap stdint.h include in HAVE_STDINT_H	Oct 8, 2019
xmalloc.h	Include missed bits from previous sync.	Jun 7, 2019
xmss_commons.c	wrap stdint.h include in HAVE_STDINT_H	Oct 8, 2019
xmss_commons.h	Remove extra XMSS #endif	Mar 4, 2018
xmss_fast.c	wrap stdint.h include in HAVE_STDINT_H	Oct 8, 2019
xmss_fast.h	upstream: Add $OpenBSD$ markers to xmss files to help keep synced	Mar 2, 2018
xmss_hash.c	wrap stdint.h include in HAVE_STDINT_H	Oct 8, 2019
xmss_hash.h	upstream: Add $OpenBSD$ markers to xmss files to help keep synced	Mar 2, 2018
xmss_hash_address.c	wrap stdint.h include in HAVE_STDINT_H	Oct 8, 2019
xmss_hash_address.h	upstream: Add $OpenBSD$ markers to xmss files to help keep synced	Mar 2, 2018
xmss_wots.c	wrap stdint.h include in HAVE_STDINT_H	Oct 8, 2019
xmss_wots.h	upstream: Remove unneeded (local) include. ok markus@	Mar 2, 2018

README.md

Portable OpenSSH

OpenSSH is a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ssh and server sshd, file transfer utilities scp and sftp as well as tools for key generation (ssh-keygen), run-time key storage (ssh-agent) and a number of supporting programs.

This is a port of OpenBSD's OpenSSH to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not available elsewhere, adds sshd sandboxing for more operating systems and includes support for OS-native authentication and auditing (e.g. using PAM).

Documentation

The official documentation for OpenSSH are the man pages for each tool:

Stable Releases

Stable release tarballs are available from a number of download mirrors. We recommend the use of a stable release for most users. Please read the release notes for details of recent changes and potential incompatibilities.

Building Portable OpenSSH

Dependencies

Portable OpenSSH is built using autoconf and make. It requires a working C compiler, standard library and headers, as well as zlib and libcrypto from either LibreSSL or OpenSSL to build. Certain platforms and build-time options may require additional dependencies.

Building a release

Releases include a pre-built copy of the configure script and may be built using:

tar zxvf openssh-X.Y.tar.gz
cd openssh
./configure # [options]
make && make tests

See the Build-time Customisation section below for configure options. If you plan on installing OpenSSH to your system, then you will usually want to specify destination paths.

Building from git

If building from git, you'll need autoconf installed to build the configure script. The following commands will check out and build portable OpenSSH from git:

git clone https://github.com/openssh/openssh-portable # or https://anongit.mindrot.org/openssh.git
cd openssh-portable
autoreconf
./configure
make && make tests

Build-time Customisation

There are many build-time customisation options available. All Autoconf destination path flags (e.g. --prefix) are supported (and are usually required if you want to install OpenSSH).

For a full list of available flags, run configure --help but a few of the more frequently-used ones are described below. Some of these flags will require additional libraries and/or headers be installed.

Flag	Meaning
`--with-pam`	Enable PAM support. OpenPAM, Linux PAM and Solaris PAM are supported.
`--with-libedit`	Enable libedit support for sftp.
`--with-kerberos5`	Enable Kerberos/GSSAPI support. Both Heimdal and MIT Kerberos implementations are supported.
`--with-selinux`	Enable SELinux support.

Development

Portable OpenSSH development is discussed on the openssh-unix-dev mailing list (archive mirror). Bugs and feature requests are tracked on our Bugzilla.

Reporting bugs

Non-security bugs may be reported to the developers via Bugzilla or via the mailing list above. Security bugs should be reported to openssh@openssh.com.

Dec	JAN	Feb
	12
2019	2020	2021

PowerShell / openssh-portable

Join GitHub today

Clone with HTTPS

Downloading

Launching GitHub Desktop