Go to file
2024-10-28 11:22:01 +00:00
_multibuild - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
.gitattributes - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
.gitignore - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
0001-auth-pam-Immediately-report-instructions-to-clients-and-fix-handling-in-ssh-client.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
0001-fix-utmpx-ifdef.patch - Add patches from upstream: 2024-10-28 11:16:49 +00:00
0001-upstream-correctly-restore-sigprocmask-around-ppoll.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
0001-upstream-fix-proxy-multiplexing-mode_-broken-when-keystroke.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
0001-upstream-when-sending-ObscureKeystrokeTiming-chaff-packets_.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch - Add patches from upstream: 2024-10-28 11:16:49 +00:00
0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch - Add patches from upstream: 2024-10-28 11:16:49 +00:00
0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch - Add patches from upstream: 2024-10-28 11:16:49 +00:00
cavs_driver-ssh.pl - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
fix-audit-fail-attempt.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
fix-CVE-2024-6387.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
fix-memleak-in-process_server_config_line_depth.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
fix-missing-lz.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
fix-x11-regression-bsc1229449.patch Updated the patch with a suggestion from upstream. 2024-10-14 06:33:00 +00:00
logind_set_tty.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-6.6.1p1-selinux-contexts.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-6.6p1-keycat.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-6.6p1-privsep-selinux.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.6p1-cleanup-selinux.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-allow_root_password_login.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-cavstest-ctr.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-cavstest-kdf.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-disable_openssl_abi_check.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-eal3.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-enable_PAM_by_default.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-fips_checks.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-fips.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-host_ident.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-hostname_changes_when_forwarding_X.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-IPv6_X_forwarding.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-ldap.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-no_fork-no_pid_file.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-pam_check_locks.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-pts_names_formatting.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-remove_xauth_cookies_on_exit.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-seccomp_ipc_flock.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-seccomp_stat.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-send_locale.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-sftp_force_permissions.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-sftp_print_diagnostic_messages.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-systemd-notify.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-X11_trusted_forwarding.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.7p1-X_forward_with_disabled_ipv6.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.8p1-role-mls.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.9p1-keygen-preserve-perms.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-7.9p1-revert-new-qos-defaults.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-8.0p1-gssapi-keyex.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-8.1p1-audit.patch - Add a const to the openssl 1.1/RSA section of sshkey_is_private 2024-09-25 11:55:37 +00:00
openssh-8.1p1-ed25519-use-openssl-rng.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-8.1p1-seccomp-clock_gettime64.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-8.1p1-seccomp-clock_nanosleep_time64.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-8.1p1-seccomp-clock_nanosleep.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-8.1p1-use-openssl-kdf.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-8.4p1-pam_motd.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-8.4p1-ssh_config_d.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-8.4p1-vendordir.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-9.6p1-crypto-policies-man.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-9.6p1-crypto-policies.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-9.6p1.tar.gz - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-9.6p1.tar.gz.asc - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-9.8p1.tar.gz - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-9.8p1.tar.gz.asc - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-9.9p1.tar.gz - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-9.9p1.tar.gz.asc - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-askpass-gnome.changes - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-askpass-gnome.spec - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-do-not-send-empty-message.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-fips-ensure-approved-moduli.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-link-with-sk.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-mitigate-lingering-secrets.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-openssl-3.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-reenable-dh-group14-sha1-default.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh-whitelist-syscalls.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh.changes - Don't force using gcc11 on SLFO/ALP which have a newer version. 2024-10-28 11:22:01 +00:00
openssh.keyring - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
openssh.spec - Don't force using gcc11 on SLFO/ALP which have a newer version. 2024-10-28 11:22:01 +00:00
README.FIPS - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
README.kerberos - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
README.SUSE - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
ssh-askpass - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
ssh.reg - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
sshd-gen-keys-start - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
sshd-sle.pamd Updated the patch with a suggestion from upstream. 2024-10-14 06:33:00 +00:00
sshd.fw - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
sshd.pamd - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
sshd.service - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
sshd.socket - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
sshd@.service - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
sysconfig.ssh - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
sysusers-sshd.conf - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00
wtmpdb.patch - Update to openssh 9.9p1: 2024-09-25 08:42:29 +00:00

There are following changes in default settings of ssh client and server:

* Accepting and sending of locale environment variables in protocol 2 is
  enabled.

* PAM authentication is enabled and mostly even required, do not turn it off.

* In SLE15, root authentiation with password is enabled by default
  (PermitRootLogin yes).
  NOTE: this has security implications and is only done in order to not change
  behaviour of the server in an update. We strongly suggest setting this option
  either "prohibit-password" or even better to "no" (which disables direct
  remote root login entirely).

* DSA authentication is enabled by default for maximum compatibility.
  NOTE: do not use DSA authentication since it is being phased out for a reason
  - the size of DSA keys is limited by the standard to 1024 bits which cannot
  be considered safe any more.

* Accepting all RFC4419 specified DH group parameters. See KexDHMin in
  ssh_config and sshd_config manual pages.

For more information on differences in SUSE OpenSSH package see README.FIPS