applied to login attempts for usernames that do not match real accounts.
Defaults to 5s to match 'authfail' but allows administrators to block such
sources for longer if desired. with & ok djm@
OpenBSD-Commit-ID: bb62797bcf2adceb96f608ce86d0bb042aff5834
and ERR_load_crypto_strings(). These are no-ops in LibreSSL, and in
Portable have been mostly replaced by a call to OPENSSL_init_crypto()
in the compat layer. ok tb@
OpenBSD-Commit-ID: 4c3e0af10fe276766054eda34428a37a5606d3ea
situations. At worst, this can cause all MaxStartups slots to fill and sshd
to refuse new connections.
Diagnosis by xnor; ok dtucker@
OpenBSD-Commit-ID: 10273033055552557196730f898ed6308b36a78d
maximum message size of 256KB. Some people apparently have configurations
larger than this and would hit this limit.
Worse, there was no good logging that could help diagnose what was
going wrong.
So this bumps the maximum message size to 4MB and implements an early
check (usable via the sshd -t test mode) that will report it to the
user where it is hopefully more visible.
bz3808, reported by Dmitry Belyavskiy, ok dtucker@
OpenBSD-Commit-ID: 69c303fb68cbd1a4735936835d67a71e7b57f63b
included from it can fit in a (possibly enlarged) socket buffer, by having
the sshd listener mainloop actively manage sending the configuration to the
sshd-session subprocess.
work by markus@ w/ a little feedback from me;
ok me and committing on his behalf
OpenBSD-Commit-ID: 8f54451483f64951853074adb76bc4f838eaf3ae
new ratelimited logging infrastructure.
Add ratelimits to logging of connections dropped by PerSourcePenalties
ok dtucker
OpenBSD-Commit-ID: f22fe7c39607e4361aadf95e33773ffd68c59489
This splits the user authentication code from the sshd-session
binary into a separate sshd-auth binary. This will be executed by
sshd-session to complete the user authentication phase of the
protocol only.
Splitting this code into a separate binary ensures that the crucial
pre-authentication attack surface has an entirely disjoint address
space from the code used for the rest of the connection. It also
yields a small runtime memory saving as the authentication code will
be unloaded after thhe authentication phase completes.
Joint work with markus@ feedback deraadt@
Tested in snaps since last week
OpenBSD-Commit-ID: 9c3b2087ae08626ec31b4177b023db600e986d9c
PerSourcePenalties
This allows penalising connection sources that have had connections
dropped by the RefuseConnection option. ok markus@
OpenBSD-Commit-ID: 3c8443c427470bb3eac1880aa075cb4864463cb6
OpenSSH 9.8, which incorrectly required that sshd was started with an
absolute path in inetd mode. bz3717, patch from Colin Wilson
OpenBSD-Commit-ID: 25c57f22764897242d942853f8cccc5e991ea058
problematic client behaviours, controlled by two new sshd_config(5) options:
PerSourcePenalties and PerSourcePenaltyExemptList.
When PerSourcePenalties are enabled, sshd(8) will monitor the exit
status of its child pre-auth session processes. Through the exit
status, it can observe situations where the session did not
authenticate as expected. These conditions include when the client
repeatedly attempted authentication unsucessfully (possibly indicating
an attack against one or more accounts, e.g. password guessing), or
when client behaviour caused sshd to crash (possibly indicating
attempts to exploit sshd).
When such a condition is observed, sshd will record a penalty of some
duration (e.g. 30 seconds) against the client's address. If this time
is above a minimum threshold specified by the PerSourcePenalties, then
connections from the client address will be refused (along with any
others in the same PerSourceNetBlockSize CIDR range).
Repeated offenses by the same client address will accrue greater
penalties, up to a configurable maximum. A PerSourcePenaltyExemptList
option allows certain address ranges to be exempt from all penalties.
We hope these options will make it significantly more difficult for
attackers to find accounts with weak/guessable passwords or exploit
bugs in sshd(8) itself.
PerSourcePenalties is off by default, but we expect to enable it
automatically in the near future.
much feedback markus@ and others, ok markus@
OpenBSD-Commit-ID: 89ded70eccb2b4926ef0366a4d58a693de366cca
separate sshd-session process - reserve them early and fatal if we can't
dup2(2) them later. The pre-split fallback to re-reading the configuration
files is not possible, so sshd-session absolutely requires the fd the
configuration is passed over to be in order.
ok deraadt@
OpenBSD-Commit-ID: 308a98ef3c8a6665ebf92c7c9a0fc9600ccd7065
binaries. This step splits sshd into a listener and a session binary. More
splits are planned.
After this changes, the listener binary will validate the configuration,
load the hostkeys, listen on port 22 and manage MaxStartups only. All
session handling will be performed by a new sshd-session binary that the
listener fork+execs.
This reduces the listener process to the minimum necessary and sets us
up for future work on the sshd-session binary.
feedback/ok markus@ deraadt@
NB. if you're updating via source, please restart sshd after installing,
otherwise you run the risk of locking yourself out.
OpenBSD-Commit-ID: 43c04a1ab96cdbdeb53d2df0125a6d42c5f19934
This adds another transport protocol extension to allow a sshd to send
SSH2_MSG_EXT_INFO during user authentication, after the server has
learned the username that is being logged in to.
This lets sshd to update the acceptable signature algoritms for public
key authentication, and allows these to be varied via sshd_config(5)
"Match" directives, which are evaluated after the server learns the
username being authenticated.
Full details in the PROTOCOL file
OpenBSD-Commit-ID: 1de7da7f2b6c32a46043d75fcd49b0cbb7db7779
This adds kex_proposal_populate_entries (and corresponding free) which
populates the KEX proposal array with dynamically allocated strings.
This replaces the previous mix of static and dynamic that has been the
source of previous leaks and bugs. Remove unused compat functions.
With & ok djm@.
OpenBSD-Commit-ID: f2f99da4aae2233cb18bf9c749320c5e040a9c7b
effective configuration without attempting to load private keys and perform
other checks. This allows usage of the option before keys have been
generated.
bz3460 feedback/ok dtucker@
OpenBSD-Commit-ID: 774504f629023fc25a559ab1d95401adb3a7fb29
This adds a sshd_config ChannelTimeouts directive that allows channels that
have not seen traffic in a configurable interval to be automatically closed.
Different timeouts may be applied to session, X11, agent and TCP forwarding
channels.
Note: this only affects channels over an opened SSH connection and not
the connection itself. Most clients close the connection when their channels
go away, with a notable exception being ssh(1) in multiplexing mode.
ok markus dtucker
OpenBSD-Commit-ID: ae8bba3ed9d9f95ff2e2dc8dcadfa36b48e6c0b8
started with one or more signals masked (sigprocmask(2) is not cleared
on fork/exec) and this could interfere with various things, e.g. the
login grace timer.
Execution environments that fail to clear the signal mask before running
sshd are clearly broken, but apparently they do exist.
Reported by Sreedhar Balasubramanian; ok dtucker@
OpenBSD-Commit-ID: 77078c0b1c53c780269fc0c416f121d05e3010ae
userspace: remove vestigial '?' cases from top-level getopt(3) loops
getopt(3) returns '?' when it encounters a flag not present in the in
the optstring or if a flag is missing its option argument. We can
handle this case with the "default" failure case with no loss of
legibility. Hence, remove all the redundant "case '?':" lines.
Prompted by dlg@. With help from dlg@ and millert@.
Link: https://marc.info/?l=openbsd-tech&m=167011979726449&w=2
ok naddy@ millert@ dlg@
OpenBSD-Commit-ID: b2f89346538ce4f5b33ab8011a23e0626a67e66e
This was added for the benefit of platforms using ssh-rand-helper to
prevent a delay on each connection as sshd reseeded itself.
ssh-random-helper is long gone, and since the re-exec happens before the
chroot the re-execed sshd can reseed itself normally. ok djm@
seed_rng will initialize OpenSSL, and some engine providers (eg Intel's
QAT) will open descriptors for their own use. bz#3483, patch from
joel.d.schuetze at intel.com, ok djm@
beneath this limit will be ignored for user and host-based authentication.
Feedback deraadt@ ok markus@
OpenBSD-Commit-ID: 187931dfc19d51873df5930a04f2d972adf1f7f1
and list_hostkey_types() that are passed to compat_pkalg_proposal(). Part of
github PR#324 from ZoltanFridrich, ok djm@
This is a roll-forward of the previous rollback now that the required
changes in compat.c have been done.
OpenBSD-Commit-ID: c7cd93730b3b9f53cdad3ae32462922834ef73eb
compat_pkalg_proposal and friends always allocate their returned strings.
Reported by Qualys.
OpenBSD-Commit-ID: 1c7a88a0d5033f42f88ab9bec58ef1cf72c81ad0
and list_hostkey_types() that are passed to compat_pkalg_proposal(). Part of
github PR#324 from ZoltanFridrich, ok djm@
OpenBSD-Commit-ID: b2f6e5f60f2bba293b831654328a8a0035ef4a1b
