From c159d0ce661efc5d3e13a98404a5b8ee19363910ba75598b48730439bed0d19f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 17 Oct 2018 09:24:31 +0000 Subject: [PATCH] - Disable ssh1 protocol support as neither RH or Debian enable this protocol by default anymore either. OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=154 --- README.SUSE | 4 ---- openssh.changes | 6 ++++++ openssh.spec | 7 ++----- 3 files changed, 8 insertions(+), 9 deletions(-) diff --git a/README.SUSE b/README.SUSE index d52608c..cd33733 100644 --- a/README.SUSE +++ b/README.SUSE @@ -11,10 +11,6 @@ There are following changes in default settings of ssh client and server: either "prohibit-password" or even better to "no" (which disables direct remote root login entirely). -* SSH protocol version 1 is enabled for maximum compatibility. - NOTE: do not use protocol version 1. It is less secure then v2 and should - generally be phased out. - * DSA authentication is enabled by default for maximum compatibility. NOTE: do not use DSA authentication since it is being phased out for a reason - the size of DSA keys is limited by the standard to 1024 bits which cannot diff --git a/openssh.changes b/openssh.changes index 366ef78..3eafc4d 100644 --- a/openssh.changes +++ b/openssh.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Oct 17 09:22:36 UTC 2018 - Tomáš Chvátal + +- Disable ssh1 protocol support as neither RH or Debian enable + this protocol by default anymore either. + ------------------------------------------------------------------- Wed Oct 17 08:42:12 UTC 2018 - Tomáš Chvátal diff --git a/openssh.spec b/openssh.spec index 354e64f..a531eaf 100644 --- a/openssh.spec +++ b/openssh.spec @@ -27,8 +27,7 @@ %bcond_without susefirewall %bcond_with tirpc %endif -%define _fwdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d -%define _fwdefdir %{_fwdir}/services +%define _fwdefdir %{_sysconfdir}/sysconfig/SuSEfirewall2.d/services %define _appdefdir %( grep "configdirspec=" $( which xmkmf ) | sed -r 's,^[^=]+=.*-I(.*)/config.*$,\\1/app-defaults,' ) %define CHECKSUM_SUFFIX .hmac %define CHECKSUM_HMAC_KEY "HMAC_KEY:OpenSSH-FIPS@SLE" @@ -197,10 +196,8 @@ export LDFLAGS CFLAGS CXXFLAGS CPPFLAGS --with-ldap \ --with-xauth=%{_bindir}/xauth \ --with-libedit \ - --with-ssh1 \ - --target=%{_target_cpu}-suse-linux \ + --target=%{_target_cpu}-suse-linux -### configure end make %{?_smp_mflags} %install