comparison CHANGES @ 546:568638be7203 agent-client

propagate from branch 'au.asn.ucc.matt.dropbear' (head 899a8851a5edf840b2f7925bcc26ffe99dcac54d) to branch 'au.asn.ucc.matt.dropbear.cli-agent' (head 6bbab8364de17bd9ecb1dee5ffb796e48c0380d2)
author Matt Johnston <matt@ucc.asn.au>
date Wed, 01 Jul 2009 04:16:32 +0000
parents ce104c8b0be1
children 7ec26a5b92e7
comparison
equal deleted inserted replaced
500:d588e3ea557a 546:568638be7203
1 0.52 - Wed 12 November 2008
2
3 - Add "netcat-alike" option (-B) to dbclient, allowing Dropbear to tunnel
4 standard input/output to a TCP port-forwarded remote host.
5
6 - Add "proxy command" support to dbclient, to allow using a spawned process for
7 IO rather than a direct TCP connection. eg
8 dbclient remotehost
9 is equivalent to
10 dbclient -J 'nc remotehost 22' remotehost
11 (the hostname is still provided purely for looking up saved host keys)
12
13 - Combine netcat-alike and proxy support to allow "multihop" connections, with
14 comma-separated host syntax. Allows running
15
16 dbclient user1@host1,user2@host2,user3@host3
17
18 to end up at host3 via the other two, using SSH TCP forwarding. It's a bit
19 like onion-routing. All connections are established from the local machine.
20 The comma-separated syntax can also be used for scp/rsync, eg
21
22 rsync -a -e dbclient m@gateway,m2@host,martello:/home/matt/ ~/backup/
23
24 to bounce through a few hosts.
25
26 - Add -I "idle timeout" option (contributed by Farrell Aultman)
27
28 - Allow restrictions on authorized_keys logins such as restricting commands
29 to be run etc. This is a subset of those allowed by OpenSSH, doesn't
30 yet allow restricting source host.
31
32 - Use vfork() for scp on uClinux
33
34 - Default to PATH=/usr/bin:/bin for shells.
35
36 - Report errors if -R forwarding fails
37
38 - Add counter mode cipher support, which avoids some security problems with the
39 standard CBC mode.
40
41 - Support [email protected] delayed compression for client/server. It can be
42 required for the Dropbear server with the '-Z' option. This is useful for
43 security as it avoids exposing the server to attacks on zlib by
44 unauthenticated remote users, though requires client side support.
45
46 - options.h has been split into options.h (user-changable) and sysoptions.h
47 (less commonly changed)
48
49 - Support "dbclient -s sftp" to specify a subsystem
50
51 - Fix a bug in replies to channel requests that could be triggered by recent
52 versions of PuTTY
53
1 0.51 - Thu 27 March 2008 54 0.51 - Thu 27 March 2008
2 55
3 - Make a copy of password fields rather erroneously relying on getwpnam() 56 - Make a copy of password fields rather erroneously relying on getwpnam()
4 to be safe to call multiple times 57 to be safe to call multiple times
5 58