36854a5a23
6.1p1-11 + 0.9.3-3
2013-12-11 16:00:37 +01:00
3b37f5b889
sshd-keygen - create an ecdsa host key with 640 permissions ( #1023945 )
2013-12-09 11:22:51 +01:00
6ca2f775e1
minor change in HOWTO.ssh-keycat - s/AuthorizedKeysCommandRunAs/AuthorizedKeysCommandUser/
2013-12-09 11:22:50 +01:00
a23056d990
6.1p1-10 + 0.9.3-3
2013-11-18 14:31:52 +01:00
8115d9469c
sshd-keygen to generate ECDSA keys <i.grok@comcast.net> ( #1019222 )
2013-11-18 14:18:04 +01:00
05765c1225
Increase the size of the Diffie-Hellman groups requested for a each symmetric key size. New values from NIST Special Publication 800-57 with the upper limit specified by RFC4419. Pointed out by Peter Backes, ok djm@. ( #1010607 )
2013-11-18 14:10:27 +01:00
c7eccad288
don't show Success for EAI_SYSTEM ( #985964 )
2013-11-18 14:08:48 +01:00
82946ad504
6.1p1-9 + 0.9.3-3
2013-06-20 10:42:41 +02:00
b5b762a4d1
make sftp's libedit interface marginally multibyte aware ( #841771 )
2013-06-20 10:28:25 +02:00
1784dd0d3b
6.1p1-8 + 0.9.3-3
2013-04-23 12:23:05 +02:00
fb00871f19
AuthorizedKeysCommandUser: use the user being authenticated by default ( #953534 )
2013-04-19 15:30:36 +02:00
1e3cc96dcb
6.1p1-7 + 0.9.3-3
2013-04-17 18:07:20 +02:00
3c8d85c214
don't use export in sysconfig file ( #953111 )
2013-04-17 18:00:29 +02:00
134fe470bd
sshd.service: use KillMode=process ( #890376 )
2013-04-17 18:00:13 +02:00
52161dcd5f
allow specification of alternate host key location(s) via /etc/sysconfig/sshd
...
<john_florian@dart.biz> (#865803 )
2013-03-26 15:47:25 +01:00
7524ce4c02
6.1p1-6 + 0.9.3-3
2013-02-15 13:40:34 +01:00
5c8cd31261
fix AuthorizedKeysCommand option and adopt latest upstream changes
2013-02-15 13:38:55 +01:00
fa0507a75a
pam_ssh_agent_auth - change paths from %{_lib} to %{_libdir}
2013-02-15 13:38:49 +01:00
8b4b7fffad
fix bogus day names in changelog dates
2013-02-15 13:38:39 +01:00
a9eca237d2
6.1p1-5 + 0.9.3-3
2013-02-08 14:59:33 +01:00
984bb05a16
change default value of MaxStartups - CVE-2010-5107 - #908707
2013-02-08 14:59:24 +01:00
7642de98e4
6.1p1-4 + 0.9.3-3
2012-12-03 17:16:39 +01:00
4dbe32e492
fix segfault in openssh-5.8p2-force_krb.patch ( #882541 )
2012-12-03 17:02:10 +01:00
790103e764
6.1p1-3 + 0.9.3-3
2012-12-03 10:29:07 +01:00
f578f0ac16
fix privsep patch
...
the selinux-policy removed rules which allow SELinux users to use setuid()
so we can't do setcon() before setuid()
2012-12-03 10:25:26 +01:00
fe661c5cbb
obsolete RequiredAuthentications[12] options
2012-11-30 21:40:22 +01:00
283f3afe27
remove unused openssh-5.9p1-2auth.patch
2012-11-30 16:26:19 +01:00
5039c7c85d
reformat several patches after openssh-6.1p1-authenticationmethods.patch
2012-11-30 16:25:51 +01:00
bffd1c2234
replace RequiredAuthentications2 with AuthenticationMethods according to upstream
...
the upstream refused original patch with RequiredAuthentications2, but they came with their own implementation of required authentications,
see https://bugzilla.mindrot.org/show_bug.cgi?id=983 . The new method is more robust and flexible
it will be included in next openssh-6.2 release
2012-11-30 16:23:29 +01:00
e75a99b5f3
remove unused patches
2012-11-27 15:01:12 +01:00
251c8dbdae
fix warnings in ssh-add and sshd_config man pages
2012-11-12 13:58:36 +01:00
20d541d728
fix the required authentications patch ( #872608 )
2012-11-08 15:24:56 +01:00
ab30b92bd6
fix the man moduli page ( #841065 )
2012-11-06 09:59:17 +01:00
dfa0cd5146
avoid xfree(NULL) in ssh_selinux_copy_context() ( #789502 )
2012-11-05 16:18:52 +01:00
f7f8b483b0
adapt openssh-6.1p1-akc.patch to the upstream version - https://bugzilla.mindrot.org/show_bug.cgi?id=1663
2012-11-05 14:43:22 +01:00
52c8eca4d9
fix gssapi canohost patch ( #863350 )
2012-10-30 11:06:45 +01:00
af2ebf77dc
6.1p1-2 + 0.9.3-3
2012-10-26 17:15:55 +02:00
afd52c4857
drop openssh-5.9p1-sftp-chroot.patch ( #830237 )
2012-10-26 17:04:25 +02:00
470ebd7abc
add SELinux comment to /etc/ssh/sshd_config about SELinux command to modify port ( #861400 )
2012-10-26 16:34:55 +02:00
13cf2478d6
smartcard support is replaced with PKCS#11 support already in 5.4p1 https://bugzilla.mindrot.org/show_bug.cgi?id=1371
2012-10-26 15:42:59 +02:00
1a5c95ee57
drop required chkconfig ( #865498 )
2012-10-12 13:03:26 +02:00
e7c6eb2640
remove openssh-6.0p1-noacss.tar.bz2 from sources
2012-09-15 14:31:24 +02:00
0512a0153c
upload openssh-6.1p1-noacss.tar.bz2 to cache
2012-09-15 14:30:18 +02:00
d0630aa358
6.1p1-1 + 0.9.3-3
2012-09-15 13:48:14 +02:00
fd408ed2a5
to run tests use --with check
2012-09-15 13:48:13 +02:00
e58e548a57
don't use /bin and /sbin paths ( #856590 )
2012-09-15 13:48:13 +02:00
581bf30d07
don't use chroot_user_t for chrooted users ( #830237 )
2012-09-15 13:47:45 +02:00
9fe1afc163
rebase to openssh-6.1p1 ( #852651 )
2012-09-15 13:29:49 +02:00
51ca3be245
use DIR: kerberos cache type ( #848228 )
2012-09-15 13:28:23 +02:00
94943d59db
replace scriptlets with systemd macros ( #850249 )
2012-09-15 13:28:01 +02:00
Petr Lautrbach
bach