Russ Magee
|
9cf55ed4ca
|
Adopt the Code of Merit (http://code-of-merit.org/)
|
2018-10-16 00:35:36 -07:00 |
Russ Magee
|
a060ae39b1
|
HMAC portion made into symbolic const
|
2018-10-14 00:20:30 -07:00 |
Russ Magee
|
5d9a110d57
|
Added more (explicit) sizes for all KEX algs
|
2018-10-12 16:16:49 -07:00 |
Russ Magee
|
361fa2a7c3
|
Added hkexnet to LICENSE file
|
2018-10-10 22:37:25 -07:00 |
Russ Magee
|
703c8851b3
|
Moved HerraduraKEx-specific LICENSE files into component subdir
Added overall hkexsh LICENSE file to toplevel
|
2018-10-10 22:35:49 -07:00 |
Russ Magee
|
1d265c923e
|
Updated README.md
|
2018-10-10 22:08:57 -07:00 |
Russ Magee
|
fad35aa4fa
|
Merge branch 'add-kex-kyber768'
|
2018-10-10 21:42:18 -07:00 |
Russ Magee
|
231ede1734
|
KYBER768 KEM works. :O
|
2018-10-10 21:12:38 -07:00 |
Russ Magee
|
de8f9552c3
|
Update TODO - ~/.hkexsh_id
|
2018-10-08 23:42:09 -07:00 |
Russ Magee
|
4c286ae6c1
|
Set up to handle Kyber768 KEM
|
2018-10-08 21:31:11 -07:00 |
Russ Magee
|
767ae7bd07
|
Updates to README.md
|
2018-10-03 22:44:27 -07:00 |
Russ Magee
|
cb7a79063e
|
Added validation user actually exists on system
|
2018-10-03 22:31:35 -07:00 |
Russ Magee
|
420e0319ca
|
Merge branch 'master' of ssh://blitter.com/var/git/hkexsh
|
2018-10-02 21:24:10 -07:00 |
Russ Magee
|
103070d00a
|
Made padding size random [max/2, max); use of improved goutmp host lookup
|
2018-10-02 21:23:45 -07:00 |
Russ Magee
|
6788fd1adf
|
Made padding size random (max/2, max]; use of improved goutmp host lookup
|
2018-10-02 11:03:10 -07:00 |
Russ Magee
|
1485e8392e
|
Removed moving avg chaff in favour of random-padding
|
2018-10-01 20:35:50 -07:00 |
Russ Magee
|
06ee94da03
|
Added HMAC_SHA512
|
2018-09-30 00:19:25 -07:00 |
Russ Magee
|
cd9f7914e0
|
Dial() and Accept() again conform to net.Dial(), net.Accept() return signature
|
2018-09-29 12:15:53 -07:00 |
Russ Magee
|
e57d97d3e6
|
Changed many funcs to take *hkexnet.Conn to allow tracking of packets sent, total bytes sent and experimental moving avg chaff
|
2018-09-26 22:57:36 -07:00 |
Russ Magee
|
b810fa7f4a
|
tightened up some const types
|
2018-09-17 23:07:04 -07:00 |
Russ Magee
|
8b0b833d6e
|
Split hkexsh and hkexnet consts into separate files
|
2018-09-17 17:27:13 -07:00 |
Russ Magee
|
869dbf6e10
|
Bumped version
|
2018-09-16 23:54:25 -07:00 |
Russ Magee
|
1da6f37ec5
|
Merge branch 'master' of ssh://blitter.com/var/git/hkexsh
|
2018-09-16 22:22:40 -07:00 |
Russ Magee
|
84e29bdf51
|
Fixes to authtoken/password indication at login
|
2018-09-16 22:22:14 -07:00 |
Russ Magee
|
2864940a8e
|
Fixes to authtoken/password indication at login
|
2018-09-16 17:56:17 -07:00 |
Russ Magee
|
d25b883873
|
Fixed bug in fallback from authtoken (-g) to password login
|
2018-09-16 17:30:02 -07:00 |
Russ Magee
|
19697d5164
|
Remote exit status now reflected in client->server copies
|
2018-09-16 17:14:50 -07:00 |
Russ Magee
|
e02764bf4b
|
.hkexsh_id file supports multiple authtokens (multi remote hosts, aliases for same remote host)
|
2018-09-14 11:58:10 -07:00 |
Russ Magee
|
d9b34fa631
|
GenAuthToken() now uses client-supplied ConnHost
|
2018-09-14 01:13:14 -07:00 |
Russ Magee
|
1efc1337df
|
-TODO items; scrub authCookie after use
|
2018-09-14 00:40:20 -07:00 |
Russ Magee
|
c9eb6bcb38
|
Added -a authtoken feature for scripted use
|
2018-09-13 23:51:49 -07:00 |
Russ Magee
|
350f3f375e
|
-hkexauth now always tries bcrypt even for nonexistent users (user enum timing attack resist)
|
2018-09-11 22:36:20 -07:00 |
Russ Magee
|
140523dabb
|
-Refactored HerraduraKEx negotiation into subroutine (anticipation of future multi-KEx support)
|
2018-09-11 00:04:38 -07:00 |
Russ Magee
|
bee0bececf
|
-Bumped version to 0.2pre to reflect protocol break w/0.1pre
-Added design principle note (no downgrade attack-enabling protocol features)
|
2018-09-10 20:28:41 -07:00 |
Russ Magee
|
dcb42d43f1
|
-BREAKING CHANGE: pre-KEx byte sent for KEx alg (default and only for now: KEX_HERRADURA)
|
2018-09-10 20:22:09 -07:00 |
Russ Magee
|
5f1d57f987
|
Fixed hkexauth fields expected
|
2018-09-08 22:01:33 -07:00 |
Russ Magee
|
8bca54ed7b
|
-hkexpasswd: now can add new users
-Removed unused disallowedCmdList (field 4) from CSV
|
2018-09-07 20:56:42 -07:00 |
Russ Magee
|
075ca7521c
|
Client now passes xterm-256color in Session
|
2018-09-07 20:37:47 -07:00 |
Russ Magee
|
9e803ffc19
|
-Moved recCmd out of hkexsh and hkexshd into hkexsession.go (now abstract Session type)
|
2018-09-07 15:35:33 -07:00 |
Russ Magee
|
bff56a2c61
|
-Added -z option back to tarpipes
-Moved remaining chatty fmt.Prints to log.Print
|
2018-09-06 16:37:17 -07:00 |
Russ Magee
|
b33e9de139
|
-Moved taunting of failed logins to client-side
-Added byte auth pass/fail stage prior to shell/copy session start
|
2018-09-06 16:23:57 -07:00 |
Russ Magee
|
9ff35a69fe
|
-Converted exit status to uint32 (0-255: UNIX exit codes), above for OOB (out-of-band) status
-Failed auth for shell logins now returns extended code CSEBadAuth to client
|
2018-09-06 13:50:56 -07:00 |
Russ Magee
|
8a24fb113f
|
client prints nonzero remote end exit status; comment cleanup
|
2018-09-06 11:40:13 -07:00 |
Russ Magee
|
db1b494d00
|
Fixed shell (interative & non-) exit status after cp status fixes
|
2018-09-06 00:16:44 -07:00 |
Russ Magee
|
a6979298fd
|
Steps toward getting remote cp(tar) status back to client
|
2018-09-05 21:58:55 -07:00 |
Russ Magee
|
963d1c8eb2
|
Some comment/dead test code cleanup
|
2018-09-05 20:36:32 -07:00 |
Russ Magee
|
b419b2e002
|
File copy remote close signal to ensure completed tar pipe data
|
2018-09-04 22:24:16 -07:00 |
Russ Magee
|
0586f306c0
|
Removed debug time.Sleep
|
2018-09-02 21:50:25 -07:00 |
Russ Magee
|
7295492aa3
|
hkexcp: fixed copy chunked payload logic (now 2*32-1 MAX_PAYLOAD_LEN w/chunking)
|
2018-09-02 19:58:13 -07:00 |
Russ Magee
|
c842d36319
|
README.md - added EXPERIMENTAL warning to hkexcp section
|
2018-09-01 10:44:13 -07:00 |