use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld)
in order to avoid a possible Kocher timing attack pointed out by Charles
Hannum; ok provos@
+ - markus@cvs.openbsd.org 2002/07/03 14:21:05
+ [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
+ re-enable ssh-keysign's sbit, but make ssh-keysign read
+ /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
+ globally. based on discussions with deraadt, itojun and sommerfeld;
+ ok itojun@
20020702
- (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc &
andersk / openssh.git / blobdiff