# http://securitytracker.com/alerts/2004/Sep/1011143.html
--- openssh-4.4p1/sshd_config.0.orig 2006-09-26 13:03:48.000000000 +0200
+++ openssh-4.4p1/sshd_config.0 2006-10-05 10:11:41.615971000 +0200
-@@ -451,6 +451,16 @@
- To disable TCP keepalive messages, the value should be set to
- ``no''.
+@@ -921,6 +921,16 @@ DESCRIPTION
+ TrustedUserCAKeys. For more details on certificates, see the
+ CERTIFICATES section in ssh-keygen(1).
+ UseChroot
+ Specifies whether to use chroot-jail environment with ssh/sftp,
+ For this to work properly you have to create special chroot-jail
+ environment in a /path/to/chroot directory.
+
- UseDNS Specifies whether sshd(8) should look up the remote host name and
- check that the resolved host name for the remote IP address maps
- back to the very same IP address. The default is ``yes''.
+ UseDNS Specifies whether sshd(8) should look up the remote host name,
+ and to check that the resolved host name for the remote IP
+ address maps back to the very same IP address.
--- openssh-3.8p1/sshd_config.5.orig 2004-02-18 04:31:24.000000000 +0100
+++ openssh-3.8p1/sshd_config.5 2004-02-25 21:17:23.000000000 +0100
@@ -552,6 +552,16 @@
# Authentication:
#LoginGraceTime 2m
--#PermitRootLogin no
+-#PermitRootLogin prohibit-password
+PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
.Op Fl b Ar bind_address
.Op Fl c Ar cipher_spec
.Op Fl D Oo Ar bind_address : Oc Ns Ar port
-@@ -425,6 +425,10 @@
- on the local machine as the source address
+@@ -138,6 +138,11 @@ on the local machine as the source addre
of the connection.
Only useful on systems with more than one address.
+ .Pp
+.It Fl B
+Enables processing of SIGPIPE. Useful when using ssh output as input for
+another process, for example in a shell script. Be careful - it may break
+port/X11 forwarding when used.
++.Pp
.It Fl C
Requests compression of all data (including stdin, stdout, stderr, and
- data for forwarded X11 and TCP/IP connections).
+ data for forwarded X11, TCP and
--- openssh-4.0p1/ssh.c.orig 2005-03-02 02:04:33.000000000 +0100
+++ openssh-4.0p1/ssh.c 2005-03-10 15:11:10.000000000 +0100
@@ -135,6 +135,9 @@
Summary(ru.UTF-8): OpenSSH - свободная реализация протокола Secure Shell (SSH)
Summary(uk.UTF-8): OpenSSH - вільна реалізація протоколу Secure Shell (SSH)
Name: openssh
-Version: 6.9p1
-Release: 3
+Version: 7.0p1
+Release: 2
Epoch: 2
License: BSD
Group: Applications/Networking
Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
-# Source0-md5: 0b161c44fc31fbc6b76a6f8ae639f16f
+# Source0-md5: 831883f251ac34f0ab9c812acc24ee69
Source1: http://www.mif.pg.gda.pl/homepages/ankry/man-PLD/%{name}-non-english-man-pages.tar.bz2
# Source1-md5: 66943d481cc422512b537bcc2c7400d1
Source2: %{name}d.init
%userremove sshd
fi
+%triggerpostun server -- %{name}-server < %{epoch}:7.0p1-2
+%banner %{name}-server -e << EOF
+!!!!!!!!!!!!!!!!!!!!! WARNING !!!!!!!!!!!!!!!!!!!!!
+! Starting from openssh 7.0 DSA keys are disabled !
+! on server and client side. You will NOT be able !
+! to use DSA keys for authentication. Please read !
+! about PubkeyAcceptedKeyTypes in man ssh_config. !
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+EOF
+
%triggerpostun server -- %{name}-server < 6.2p1-1
cp -f %{_sysconfdir}/sshd_config{,.rpmorig}
sed -i -e 's#AuthorizedKeysCommandRunAs#AuthorizedKeysCommandUser##g' %{_sysconfdir}/sshd_config
TLD / packages / openssh.git / commitdiff