forked from pool/openssh
Dominique Leuenberger
37692216e0
- Use TIRPC on suse_version >= 1500: sunrpc is deprecated and should be replaced by TIRPC. This has several effects: * We get RPC support back... from build log in oS:F/standard: [ 48s] checking rpc/types.h usability... no [ 48s] checking rpc/types.h presence... no [ 48s] checking for rpc/types.h... no vs this branch: [ 50s] checking rpc/types.h usability... yes [ 50s] checking rpc/types.h presence... yes [ 50s] checking for rpc/types.h... yes AND as a side-effect, FALSE for ldapbody.c is now defined (not the nicest of side-effects, but seems that ldap patch relies on RPC headers to be included. So all in all: this fixes the build failures for openSUSE Tumblewee (forwarded request 602971 from dimstar) OBS-URL: https://build.opensuse.org/request/show/603107 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=117
This is OpenSSH version 7.2p2 for SLE12 There are following changes in default settings of ssh client and server: * Accepting and sending of locale environment variables in protocol 2 is enabled. * PAM authentication is enabled. * root authentiation with password is enabled by default (PermitRootLogin yes). NOTE: this has security implications and is only done in order to not change behaviour of the server in an update. We strongly suggest setting this option either "prohibit-password" or even better to "no" (which disables direct remote root login entirely). * SSH protocol version 1 is enabled for maximum compatibility. NOTE: do not use protocol version 1. It is less secure then v2 and should generally be phased out. * DSA authentication is enabled by default for maximum compatibility. NOTE: do not use DSA authentication since it is being phased out for a reason - the size of DSA keys is limited by the standard to 1024 bits which cannot be considered safe any more. * Accepting all RFC4419 specified DH group parameters. See KexDHMin in ssh_config and sshd_config manual pages. For more information on differences in SUSE OpenSSH package see README.FIPS