Antonio Larrosa
33d804a345
- To fix a copy&paste oversight in an ifdef :
* 0001-fix-utmpx-ifdef.patch
- To fix a regression introduced when the "Match" criteria
tokenizer was modified since it stopped supporting the
"Match criteria=argument" format:
* 0002-upstream-fix-regression-introduced-when-I-switched-the-Match.patch
- To fix the previous patch which broke on negated Matches:
* 0003-upstream-fix-previous-change-to-ssh_config-Match_-which-broken-on.patch
- To fix the ML-KEM768x25519 kex algorithm on big-endian systems:
* 0004-upstream-fix-ML-KEM768x25519-KEX-on-big-endian-systems-spotted-by.patch
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=279
There are following changes in default settings of ssh client and server: * Accepting and sending of locale environment variables in protocol 2 is enabled. * PAM authentication is enabled and mostly even required, do not turn it off. * In SLE15, root authentiation with password is enabled by default (PermitRootLogin yes). NOTE: this has security implications and is only done in order to not change behaviour of the server in an update. We strongly suggest setting this option either "prohibit-password" or even better to "no" (which disables direct remote root login entirely). * DSA authentication is enabled by default for maximum compatibility. NOTE: do not use DSA authentication since it is being phased out for a reason - the size of DSA keys is limited by the standard to 1024 bits which cannot be considered safe any more. * Accepting all RFC4419 specified DH group parameters. See KexDHMin in ssh_config and sshd_config manual pages. For more information on differences in SUSE OpenSSH package see README.FIPS