5093e42eaa
- upgrade to 7.2p2 - changing license to 2-clause BSD to match source - enable trusted X11 forwarding by default [-X11_trusted_forwarding] - set UID for lastlog properly [-lastlog] - enable use of PAM by default [-enable_PAM_by_default] - copy command line arguments properly [-saveargv-fix] - do not use pthreads in PAM code [-dont_use_pthreads_in_PAM] - fix paths in documentation [-eal3] - prevent race consitions triggered by SIGALRM [-blocksigalrm] - do send and accept locale environment variables by default [-send_locale] - handle hostnames changes during X forwarding [-hostname_changes_when_forwarding_X] - try to remove xauth cookies on exit [-remove_xauth_cookies_on_exit] - properly format pts names for ?tmp? log files [-pts_names_formatting] - check locked accounts when using PAM [-pam_check_locks] - chenge default PermitRootLogin to 'yes' to prevent unwanted surprises on updates from older versions. See README.SUSE for details [-allow_root_password_login] - Disable DH parameters under 2048 bits by default and allow lowering the limit back to the RFC 4419 specified minimum through an option (bsc#932483, bsc#948902) [-disable_short_DH_parameters] - Add getuid() and stat() syscalls to the seccomp filter OBS-URL: https://build.opensuse.org/request/show/398802 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=103 |
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| cavs_driver-ssh.pl | ||
| openssh-7.2p2-allow_root_password_login.patch | ||
| openssh-7.2p2-blocksigalrm.patch | ||
| openssh-7.2p2-disable_short_DH_parameters.patch | ||
| openssh-7.2p2-dont_use_pthreads_in_PAM.patch | ||
| openssh-7.2p2-eal3.patch | ||
| openssh-7.2p2-enable_PAM_by_default.patch | ||
| openssh-7.2p2-hostname_changes_when_forwarding_X.patch | ||
| openssh-7.2p2-lastlog.patch | ||
| openssh-7.2p2-pam_check_locks.patch | ||
| openssh-7.2p2-pts_names_formatting.patch | ||
| openssh-7.2p2-remove_xauth_cookies_on_exit.patch | ||
| openssh-7.2p2-seccomp_getuid.patch | ||
| openssh-7.2p2-seccomp_stat.patch | ||
| openssh-7.2p2-send_locale.patch | ||
| openssh-7.2p2-X11_trusted_forwarding.patch | ||
| openssh-7.2p2.tar.gz | ||
| openssh-askpass-gnome.changes | ||
| openssh-askpass-gnome.spec | ||
| openssh.changes | ||
| openssh.spec | ||
| README.FIPS | ||
| README.kerberos | ||
| README.SUSE | ||
| ssh-askpass | ||
| ssh.reg | ||
| sshd-gen-keys-start | ||
| sshd.fw | ||
| sshd.init | ||
| sshd.pamd | ||
| sshd.service | ||
| sysconfig.ssh | ||
This is OpenSSH version 7.2p2 for SLE12 There are following changes in default settings of ssh client and server: * Accepting and sending of locale environment variables in protocol 2 is enabled. * PAM authentication is enabled. * root authentiation with password is enabled by default (PermitRootLogin yes). NOTE: this has security implications and is only done in order to not change behaviour of the server in an update. We strongly suggest setting this option either "prohibit-password" or even better to "no" (which disables direct remote root login entirely). For more information on differences in SUSE OpenSSH package see README.FIPS