forked from pool/openssh
6d007f0e34
- Updated to 6.1p1, a bugfix release
Features:
* sshd(8): This release turns on pre-auth sandboxing sshd by default for
new installs, by setting UsePrivilegeSeparation=sandbox in sshd_config.
* ssh-keygen(1): Add options to specify starting line number and number of
lines to process when screening moduli candidates, allowing processing
of different parts of a candidate moduli file in parallel
* sshd(8): The Match directive now supports matching on the local (listen)
address and port upon which the incoming connection was received via
LocalAddress and LocalPort clauses.
* sshd(8): Extend sshd_config Match directive to allow setting AcceptEnv
and {Allow,Deny}{Users,Groups}
* Add support for RFC6594 SSHFP DNS records for ECDSA key types. bz#1978
* ssh-keygen(1): Allow conversion of RSA1 keys to public PEM and PKCS8
* sshd(8): Allow the sshd_config PermitOpen directive to accept "none" as
an argument to refuse all port-forwarding requests.
* sshd(8): Support "none" as an argument for AuthorizedPrincipalsFile
* ssh-keyscan(1): Look for ECDSA keys by default. bz#1971
* sshd(8): Add "VersionAddendum" to sshd_config to allow server operators
to append some arbitrary text to the server SSH protocol banner.
Bugfixes:
* ssh(1)/sshd(8): Don't spin in accept() in situations of file
descriptor exhaustion. Instead back off for a while.
* ssh(1)/sshd(8): Remove hmac-sha2-256-96 and hmac-sha2-512-96 MACs as
they were removed from the specification. bz#2023,
* sshd(8): Handle long comments in config files better. bz#2025
* ssh(1): Delay setting tty_flag so RequestTTY options are correctly
picked up. bz#1995
* sshd(8): Fix handling of /etc/nologin incorrectly being applied to root
on platforms that use login_cap.
OBS-URL: https://build.opensuse.org/request/show/141129
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=82
|
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| converter-linking.patch | ||
| converter.tar.bz2 | ||
| openssh-5.9p1-audit.patch | ||
| openssh-5.9p1-blocksigalrm.diff | ||
| openssh-5.9p1-default-protocol.diff | ||
| openssh-5.9p1-eal3.diff | ||
| openssh-5.9p1-engines.diff | ||
| openssh-5.9p1-gssapimitm.patch | ||
| openssh-5.9p1-homechroot.patch | ||
| openssh-5.9p1-host_ident.diff | ||
| openssh-5.9p1-pam-fix2.diff | ||
| openssh-5.9p1-pam-fix3.diff | ||
| openssh-5.9p1-pts.diff | ||
| openssh-5.9p1-saveargv-fix.diff | ||
| openssh-5.9p1-send_locale.diff | ||
| openssh-5.9p1-sshconfig-knownhostschanges.diff | ||
| openssh-5.9p1-sshd_config.diff | ||
| openssh-5.9p1-xauth.diff | ||
| openssh-5.9p1-xauthlocalhostname.diff | ||
| openssh-6.1p1.tar.gz | ||
| openssh-askpass-gnome.changes | ||
| openssh-askpass-gnome.spec | ||
| openssh-nocrazyabicheck.patch | ||
| openssh-nodaemon-nopid.patch | ||
| openssh.changes | ||
| openssh.spec | ||
| README.kerberos | ||
| README.SuSE | ||
| ssh-askpass | ||
| ssh.reg | ||
| sshd-gen-keys-start | ||
| sshd.fw | ||
| sshd.init | ||
| sshd.pamd | ||
| sshd.service | ||
| sysconfig.ssh | ||
This is OpenSSH version 5.6p1. There are following changes in default settings of ssh client: * Accepting and sending of locale environment variables in protocol 2 is enabled. * New host keys will be hashed to and them unusable for malicious people or software trying to use known_hosts to find further hops. * Tunneled clear text passwords are disabled. * PAM authentication is enabled. * Only support for protocol 2 is enabled.