openssh/openssh-6.4p1-eal3.patch
Petr Cerny 712ccf3395 Accepting request 220466 from home:pcerny:factory
- Update of the underlying OpenSSH to 6.4p1

- Update to 6.4p1
  Features since 6.2p2:
  * ssh-agent(1) support in sshd(8); allows encrypted hostkeys, or
    hostkeys on smartcards.
  * ssh(1)/sshd(8): allow optional time-based rekeying via a
    second argument to the existing RekeyLimit option. RekeyLimit
    is now supported in sshd_config as well as on the client.
  * sshd(8): standardise logging of information during user
    authentication.
  * The presented key/cert and the remote username (if available)
    is now logged in the authentication success/failure message on
    the same log line as the local username, remote host/port and
    protocol in use.  Certificates contents and the key
    fingerprint of the signing CA are logged too.
  * ssh(1) ability to query what cryptographic algorithms are
    supported in the binary.
  * ssh(1): ProxyCommand=- for cases where stdin and stdout
    already point to the proxy.
  * ssh(1): allow IdentityFile=none
  * ssh(1)/sshd(8): -E option to append debugging logs to a
    specified file instead of stderr or syslog.
  * sftp(1): support resuming partial downloads with the "reget"
    command and on the sftp commandline or on the "get"
    commandline with the "-a" (append) option.
  * ssh(1): "IgnoreUnknown" configuration option to selectively
    suppress errors arising from unknown configuration directives.
  * sshd(8): support for submethods to be appended to required
    authentication methods listed via AuthenticationMethods.

OBS-URL: https://build.opensuse.org/request/show/220466
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=58
2014-01-31 12:18:41 +00:00

86 lines
2.3 KiB
Diff

# fix paths and references in sshd man pages
diff --git a/openssh-6.4p1/sshd.8 b/openssh-6.4p1/sshd.8
--- a/openssh-6.4p1/sshd.8
+++ b/openssh-6.4p1/sshd.8
@@ -872,17 +872,17 @@ See
If this file exists,
.Nm
refuses to let anyone except root log in.
The contents of the file
are displayed to anyone trying to log in, and non-root connections are
refused.
The file should be world-readable.
.Pp
-.It Pa /etc/shosts.equiv
+.It Pa /etc/ssh/shosts.equiv
This file is used in exactly the same way as
.Pa hosts.equiv ,
but allows host-based authentication without permitting login with
rlogin/rsh.
.Pp
.It Pa /etc/ssh/ssh_host_key
.It Pa /etc/ssh/ssh_host_dsa_key
.It Pa /etc/ssh/ssh_host_ecdsa_key
@@ -951,17 +951,17 @@ The content of this file is not sensitiv
.Xr sftp 1 ,
.Xr ssh 1 ,
.Xr ssh-add 1 ,
.Xr ssh-agent 1 ,
.Xr ssh-keygen 1 ,
.Xr ssh-keyscan 1 ,
.Xr chroot 2 ,
.Xr hosts_access 5 ,
-.Xr login.conf 5 ,
+.Xr login.defs 5 ,
.Xr moduli 5 ,
.Xr sshd_config 5 ,
.Xr inetd 8 ,
.Xr sftp-server 8
.Sh AUTHORS
OpenSSH is a derivative of the original and free
ssh 1.2.12 release by Tatu Ylonen.
Aaron Campbell, Bob Beck, Markus Friedl, Niels Provos,
diff --git a/openssh-6.4p1/sshd_config.5 b/openssh-6.4p1/sshd_config.5
--- a/openssh-6.4p1/sshd_config.5
+++ b/openssh-6.4p1/sshd_config.5
@@ -278,18 +278,17 @@ The contents of the specified file are s
authentication is allowed.
If the argument is
.Dq none
then no banner is displayed.
This option is only available for protocol version 2.
By default, no banner is displayed.
.It Cm ChallengeResponseAuthentication
Specifies whether challenge-response authentication is allowed (e.g. via
-PAM or though authentication styles supported in
-.Xr login.conf 5 )
+PAM)
The default is
.Dq yes .
.It Cm ChrootDirectory
Specifies the pathname of a directory to
.Xr chroot 2
to after authentication.
All components of the pathname must be root-owned directories that are
not writable by any other user or group.
@@ -565,17 +564,17 @@ and
.Pa .shosts
files will not be used in
.Cm RhostsRSAAuthentication
or
.Cm HostbasedAuthentication .
.Pp
.Pa /etc/hosts.equiv
and
-.Pa /etc/shosts.equiv
+.Pa /etc/ssh/shosts.equiv
are still used.
The default is
.Dq yes .
.It Cm IgnoreUserKnownHosts
Specifies whether
.Xr sshd 8
should ignore the user's
.Pa ~/.ssh/known_hosts