openssh

SHA256

Go to file

Stephan Kulow f53e0cfba2 Accepting request 222366 from network - Update of the underlying OpenSSH to 6.5p1 - Update to 6.5p1 Features since 6.4p1: * ssh(1), sshd(8): support for key exchange using ECDH in Daniel Bernstein's Curve25519; default when both the client and server support it. * ssh(1), sshd(8): support for Ed25519 as a public key type fo rboth server and client. Ed25519 is an EC signature offering better security than ECDSA and DSA and good performance. * Add a new private key format that uses a bcrypt KDF to better protect keys at rest. Used unconditionally for Ed25519 keys, on demand for other key types via the -o ssh-keygen(1) option. Intended to become default in the near future. Details documented in PROTOCOL.key. * ssh(1), sshd(8): new transport cipher "chacha20-poly1305@openssh.com" combining Daniel Bernstein's ChaCha20 stream cipher and Poly1305 MAC to build an authenticated encryption mode. Details documented PROTOCOL.chacha20poly1305. * ssh(1), sshd(8): refuse RSA keys from old proprietary clients and servers that use the obsolete RSA+MD5 signature scheme. It will still be possible to connect with these clients/servers but only DSA keys will be accepted, and OpenSSH will refuse connection entirely in a future release. * ssh(1), sshd(8): refuse old proprietary clients and servers that use a weaker key exchange hash calculation. * ssh(1): increase the size of the Diffie-Hellman groups requested for each symmetric key size. New values from NIST Special Publication 800-57 with the upper limit specified by (forwarded request 222365 from pcerny) OBS-URL: https://build.opensuse.org/request/show/222366 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=90		2014-02-15 16:17:36 +00:00
.gitattributes	OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=1	2007-01-07 16:26:05 +00:00
.gitignore	OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=1	2007-01-07 16:26:05 +00:00
openssh-6.5p1-audit1-remove_duplicit_audit.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-audit2-better_audit_of_user_actions.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-audit3-key_auth_usage.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-audit4-kex_results.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-audit5-session_key_destruction.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-audit6-server_key_destruction.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-audit7-libaudit_compat.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-audit8-libaudit_dns_timeouts.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-blocksigalrm.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-default-protocol.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-disable-openssl-abi-check.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-eal3.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-fingerprint_hash.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-fips.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-gssapi_key_exchange.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-gssapimitm.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-host_ident.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-key-converter.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-lastlog.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-ldap.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-login_options.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-no_fork-no_pid_file.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-pam-check-locks.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-pam-fix2.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-pam-fix3.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-pts.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-saveargv-fix.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-seed-prng.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-send_locale.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-sftp_force_permissions.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-sftp_homechroot.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-X11-forwarding.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-xauth.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1-xauthlocalhostname.patch	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-6.5p1.tar.gz	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-askpass-gnome.changes	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh-askpass-gnome.spec	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh.changes	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
openssh.spec	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
README.kerberos	OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=1	2007-01-07 16:26:05 +00:00
README.SuSE	Accepting request 48012 from Base:System	2010-09-17 19:02:24 +00:00
ssh-askpass	Accepting request 199679 from home:pcerny:factory	2013-09-19 04:09:33 +00:00
ssh.reg	OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=1	2007-01-07 16:26:05 +00:00
sshd-gen-keys-start	Accepting request 199679 from home:pcerny:factory	2013-09-19 04:09:33 +00:00
sshd.fw	OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssh?expand=0&rev=7	2007-07-27 00:01:43 +00:00
sshd.init	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
sshd.pamd	Accepting request 199679 from home:pcerny:factory	2013-09-19 04:09:33 +00:00
sshd.service	Accepting request 222365 from home:pcerny:factory	2014-02-14 14:54:10 +00:00
sysconfig.ssh	Accepting request 88642 from home:pcerny:factory	2011-10-19 02:18:13 +00:00

README.SuSE

This is OpenSSH version 5.6p1.

There are following changes in default settings of ssh client: 

* Accepting and sending of locale environment variables in protocol 2 is
  enabled.

* New host keys will be hashed to and them unusable for malicious people or
  software trying to use known_hosts to find further hops.

* Tunneled clear text passwords are disabled.

* PAM authentication is enabled.

* Only support for protocol 2 is enabled.