forked from pool/openssh
7bccbbd821
- Update to 7.8p1: * no actual changes for the askpass - Format with spec-cleaner - Respect cflags - Use gtk3 rather than gtk2 which is being phased out - Remove the mention of the SLE12 in the README.SUSE - Install firewall rules only when really needed (<SLE15) - Version update to 7.8p1: * For most details see release notes file * ssh-keygen(1): write OpenSSH format private keys by default instead of using OpenSSL's PEM format - Rebase patches to apply on 7.8p1 release: * openssh-7.7p1-fips.patch * openssh-7.7p1-cavstest-kdf.patch * openssh-7.7p1-fips_checks.patch * openssh-7.7p1-gssapi_key_exchange.patch * openssh-7.7p1-audit.patch * openssh-7.7p1-openssl_1.1.0.patch * openssh-7.7p1-ldap.patch * openssh-7.7p1-IPv6_X_forwarding.patch * openssh-7.7p1-sftp_print_diagnostic_messages.patch * openssh-7.7p1-disable_short_DH_parameters.patch * openssh-7.7p1-hostname_changes_when_forwarding_X.patch * openssh-7.7p1-pam_check_locks.patch * openssh-7.7p1-seed-prng.patch * openssh-7.7p1-systemd-notify.patch * openssh-7.7p1-X11_trusted_forwarding.patch - Dropped patches: OBS-URL: https://build.opensuse.org/request/show/642573 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=153
29 lines
1.0 KiB
Diff
29 lines
1.0 KiB
Diff
# HG changeset patch
|
|
# Parent 5c1e122e31b601de64d81085294216af33f31aed
|
|
# force PAM in defaullt install (this was removed from upstream in 3.8p1)
|
|
# bnc#46749
|
|
# --used to be called '-pam-fix2'
|
|
|
|
diff --git a/openssh-7.7p1/sshd_config b/openssh-7.7p1/sshd_config
|
|
--- openssh-7.7p1/sshd_config
|
|
+++ openssh-7.7p1/sshd_config
|
|
@@ -74,17 +74,17 @@ AuthorizedKeysFile .ssh/authorized_keys
|
|
# and session processing. If this is enabled, PAM authentication will
|
|
# be allowed through the ChallengeResponseAuthentication and
|
|
# PasswordAuthentication. Depending on your PAM configuration,
|
|
# PAM authentication via ChallengeResponseAuthentication may bypass
|
|
# the setting of "PermitRootLogin without-password".
|
|
# If you just want the PAM account and session checks to run without
|
|
# PAM authentication, then enable this but set PasswordAuthentication
|
|
# and ChallengeResponseAuthentication to 'no'.
|
|
-#UsePAM no
|
|
+UsePAM yes
|
|
|
|
#AllowAgentForwarding yes
|
|
#AllowTcpForwarding yes
|
|
#GatewayPorts no
|
|
X11Forwarding yes
|
|
#X11DisplayOffset 10
|
|
#X11UseLocalhost yes
|
|
#PermitTTY yes
|