Go to file
Stephan Kulow 6d007f0e34 Accepting request 141129 from network
- Updated to 6.1p1, a bugfix release
  Features:
 * sshd(8): This release turns on pre-auth sandboxing sshd by default for
   new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
 * ssh-keygen(1): Add options to specify starting line number and number of
   lines to process when screening moduli candidates, allowing processing
   of different parts of a candidate moduli file in parallel
 * sshd(8): The Match directive now supports matching on the local (listen)
   address and port upon which the incoming connection was received via
   LocalAddress and LocalPort clauses.
 * sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv
   and {Allow,Deny}{Users,Groups}
 * Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978
 * ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8
 * sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
   an argument to refuse all port-forwarding requests.
 * sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
 * ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
 * sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
   to append some arbitrary text to the server SSH protocol banner.
 Bugfixes:
 * ssh(1)/sshd(8): Don't spin in accept() in situations of file
   descriptor exhaustion. Instead back off for a while.
 * ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as
   they were removed from the specification. bz#2023,
 * sshd(8): Handle long comments in config files better. bz#2025
 * ssh(1): Delay setting tty_flag so RequestTTY options are correctly
   picked up. bz#1995
 * sshd(8): Fix handling of /etc/nologin incorrectly being applied to root
   on platforms that use login_cap.

OBS-URL: https://build.opensuse.org/request/show/141129
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=82
2012-11-14 08:15:15 +00:00
.gitattributes OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=1 2007-01-07 16:26:05 +00:00
.gitignore OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=1 2007-01-07 16:26:05 +00:00
converter-linking.patch Accepting request 80152 from home:elvigia:branches:network 2011-09-07 15:50:44 +00:00
converter.tar.bz2 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=1 2007-01-07 16:26:05 +00:00
openssh-5.9p1-audit.patch Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-blocksigalrm.diff Accepting request 98019 from home:aljex 2011-12-26 07:09:33 +00:00
openssh-5.9p1-default-protocol.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-eal3.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-engines.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-gssapimitm.patch Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-homechroot.patch Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-host_ident.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-pam-fix2.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-pam-fix3.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-pts.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-saveargv-fix.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-send_locale.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-sshconfig-knownhostschanges.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-sshd_config.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-xauth.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-5.9p1-xauthlocalhostname.diff Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00
openssh-6.1p1.tar.gz - Updated to 6.1p1, a bugfix release 2012-11-13 10:50:53 +00:00
openssh-askpass-gnome.changes - Updated to 6.1p1, a bugfix release 2012-11-13 10:50:53 +00:00
openssh-askpass-gnome.spec - Updated to 6.1p1, a bugfix release 2012-11-13 10:50:53 +00:00
openssh-nocrazyabicheck.patch Accepting request 122649 from home:elvigia:branches:network 2012-05-29 07:11:57 +00:00
openssh-nodaemon-nopid.patch Accepting request 130946 from home:elvigia:branches:network 2012-08-16 12:55:50 +00:00
openssh.changes - Updated to 6.1p1, a bugfix release 2012-11-13 10:50:53 +00:00
openssh.spec - Updated to 6.1p1, a bugfix release 2012-11-13 10:50:53 +00:00
README.kerberos OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=1 2007-01-07 16:26:05 +00:00
README.SuSE Accepting request 48012 from Base:System 2010-09-17 19:02:24 +00:00
ssh-askpass Accepting request 89778 from home:pcerny:factory 2011-11-02 15:44:39 +00:00
ssh.reg OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=1 2007-01-07 16:26:05 +00:00
sshd-gen-keys-start Accepting request 94377 from home:elvigia:branches:network 2011-11-29 19:55:10 +00:00
sshd.fw OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=7 2007-07-27 00:01:43 +00:00
sshd.init Accepting request 141090 from home:kukuk:branches:network 2012-11-13 10:18:36 +00:00
sshd.pamd Accepting request 53420 from Base:System 2010-11-20 10:18:22 +00:00
sshd.service Accepting request 94377 from home:elvigia:branches:network 2011-11-29 19:55:10 +00:00
sysconfig.ssh Accepting request 88642 from home:pcerny:factory 2011-10-19 02:18:13 +00:00

This is OpenSSH version 5.6p1.

There are following changes in default settings of ssh client: 

* Accepting and sending of locale environment variables in protocol 2 is
  enabled.

* New host keys will be hashed to and them unusable for malicious people or
  software trying to use known_hosts to find further hops.

* Tunneled clear text passwords are disabled.

* PAM authentication is enabled.

* Only support for protocol 2 is enabled.