6d007f0e34
- Updated to 6.1p1, a bugfix release Features: * sshd(8): This release turns on pre-auth sandboxing sshd by default for new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config. * ssh-keygen(1): Add options to specify starting line number and number of lines to process when screening moduli candidates, allowing processing of different parts of a candidate moduli file in parallel * sshd(8): The Match directive now supports matching on the local (listen) address and port upon which the incoming connection was received via LocalAddress and LocalPort clauses. * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv and {Allow,Deny}{Users,Groups} * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as an argument to refuse all port-forwarding requests. * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators to append some arbitrary text to the server SSH protocol banner. Bugfixes: * ssh(1)/sshd(8): Don't spin in accept() in situations of file descriptor exhaustion. Instead back off for a while. * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as they were removed from the specification. bz#2023, * sshd(8): Handle long comments in config files better. bz#2025 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly picked up. bz#1995 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root on platforms that use login_cap. OBS-URL: https://build.opensuse.org/request/show/141129 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=82 |
||
---|---|---|
.gitattributes | ||
.gitignore | ||
converter-linking.patch | ||
converter.tar.bz2 | ||
openssh-5.9p1-audit.patch | ||
openssh-5.9p1-blocksigalrm.diff | ||
openssh-5.9p1-default-protocol.diff | ||
openssh-5.9p1-eal3.diff | ||
openssh-5.9p1-engines.diff | ||
openssh-5.9p1-gssapimitm.patch | ||
openssh-5.9p1-homechroot.patch | ||
openssh-5.9p1-host_ident.diff | ||
openssh-5.9p1-pam-fix2.diff | ||
openssh-5.9p1-pam-fix3.diff | ||
openssh-5.9p1-pts.diff | ||
openssh-5.9p1-saveargv-fix.diff | ||
openssh-5.9p1-send_locale.diff | ||
openssh-5.9p1-sshconfig-knownhostschanges.diff | ||
openssh-5.9p1-sshd_config.diff | ||
openssh-5.9p1-xauth.diff | ||
openssh-5.9p1-xauthlocalhostname.diff | ||
openssh-6.1p1.tar.gz | ||
openssh-askpass-gnome.changes | ||
openssh-askpass-gnome.spec | ||
openssh-nocrazyabicheck.patch | ||
openssh-nodaemon-nopid.patch | ||
openssh.changes | ||
openssh.spec | ||
README.kerberos | ||
README.SuSE | ||
ssh-askpass | ||
ssh.reg | ||
sshd-gen-keys-start | ||
sshd.fw | ||
sshd.init | ||
sshd.pamd | ||
sshd.service | ||
sysconfig.ssh |
This is OpenSSH version 5.6p1. There are following changes in default settings of ssh client: * Accepting and sending of locale environment variables in protocol 2 is enabled. * New host keys will be hashed to and them unusable for malicious people or software trying to use known_hosts to find further hops. * Tunneled clear text passwords are disabled. * PAM authentication is enabled. * Only support for protocol 2 is enabled.