the private keys may be 640 root:ssh_keys ssh_keysign is sgid

This commit is contained in:
Jan F 2011-04-22 11:43:01 +02:00
parent e93cf2786f
commit 0e46f275c6
2 changed files with 18 additions and 0 deletions

View File

@ -0,0 +1,14 @@
diff -up openssh-5.8p1/sshd_config.localdomain openssh-5.8p1/sshd_config
--- openssh-5.8p1/sshd_config.localdomain 2011-04-22 11:37:49.273648812 +0200
+++ openssh-5.8p1/sshd_config 2011-04-22 11:39:31.758648401 +0200
@@ -130,6 +130,10 @@ X11Forwarding yes
# override default of no subsystems
Subsystem sftp /usr/libexec/sftp-server
+# Uncomment this if you want to use .local domain
+#Host *.local
+# CheckHostIP no
+
# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no

View File

@ -170,6 +170,8 @@ Patch58: openssh-5.8p1-keycat.patch
Patch60: openssh-5.8p1-gsskex.patch Patch60: openssh-5.8p1-gsskex.patch
#? #?
Patch61: openssh-5.8p1-gssapi-canohost.patch Patch61: openssh-5.8p1-gssapi-canohost.patch
#?
Patch62: openssh-5.8p1-localdomain.patch
#--- #---
#https://bugzilla.mindrot.org/show_bug.cgi?id=1604 #https://bugzilla.mindrot.org/show_bug.cgi?id=1604
# sctp # sctp
@ -370,6 +372,7 @@ popd
%patch58 -p1 -b .keycat %patch58 -p1 -b .keycat
%patch60 -p1 -b .gsskex %patch60 -p1 -b .gsskex
%patch61 -p1 -b .canohost %patch61 -p1 -b .canohost
%patch62 -p1 -b .localdomain
autoreconf autoreconf
pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver} pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
@ -670,6 +673,7 @@ fi
%changelog %changelog
* Fri Apr 22 2011 Jan F. Chadima <jchadima@redhat.com> - 5.8p1-28 + 0.9.2-30 * Fri Apr 22 2011 Jan F. Chadima <jchadima@redhat.com> - 5.8p1-28 + 0.9.2-30
- improving sshd -> passwd transation - improving sshd -> passwd transation
- add template for .local domain to sshd_config
* Thu Apr 21 2011 Jan F. Chadima <jchadima@redhat.com> - 5.8p1-27 + 0.9.2-30 * Thu Apr 21 2011 Jan F. Chadima <jchadima@redhat.com> - 5.8p1-27 + 0.9.2-30
- the private keys may be 640 root:ssh_keys ssh_keysign is sgid - the private keys may be 640 root:ssh_keys ssh_keysign is sgid