Jakub Jelen
|
4769e25cb1
|
the .local domain example should be in ssh_config, not in sshd_config
|
2015-03-11 11:43:08 +01:00 |
|
Jakub Jelen
|
e3688ed6ab
|
6.4p1-8 + 0.9.3-1
|
2015-01-15 15:27:59 +01:00 |
|
Jakub Jelen
|
9718c78d6b
|
Add missing documentation link to systemd service files (RHBZ#1181593)
|
2015-01-15 15:27:59 +01:00 |
|
Petr Lautrbach
|
e83e64b469
|
add new option GSSAPIEnablek5users and disable using ~/.k5users by default CVE-2014-9278 (#1170745)
|
2015-01-15 15:27:59 +01:00 |
|
Jakub Jelen
|
6d6c363361
|
Update vendor-patchlevel string
|
2015-01-15 15:27:59 +01:00 |
|
Jakub Jelen
|
284aebf281
|
Update ldap extension to resolve #981058
|
2015-01-15 15:27:59 +01:00 |
|
Jakub Jelen
|
6b64f7566c
|
Fix config parser for ip:port values (#1130733)
|
2015-01-15 15:27:59 +01:00 |
|
Jakub Jelen
|
87ef7b8238
|
Fix confusing error message in scp (#1142223)
|
2015-01-15 15:27:59 +01:00 |
|
Petr Lautrbach
|
11084609c9
|
increase size of AUDIT_LOG_SIZE to 256
|
2015-01-15 15:27:59 +01:00 |
|
Jakub Jelen
|
91cb47ec28
|
backport fix for sftp prepending remote directory to relative symlinks (#825538)
|
2015-01-09 17:21:15 +01:00 |
|
Petr Lautrbach
|
2de83b1356
|
6.4p1-7 + 0.9.3-1
|
2014-12-04 14:30:46 +01:00 |
|
Petr Lautrbach
|
2f3cd96ab9
|
use different values for DH for Cisco servers (#1026430)
|
2014-12-04 14:30:23 +01:00 |
|
Petr Lautrbach
|
b64b2cc975
|
6.4p1-6 + 0.9.3-1
|
2014-11-11 16:06:16 +01:00 |
|
Petr Lautrbach
|
1232a2070b
|
correct the calculation of bytes for authctxt->krb5_ccname <ams@corefiling.com> (#1161073)
|
2014-11-11 16:02:12 +01:00 |
|
Petr Lautrbach
|
c53250668e
|
change audit trail
- do not use (invalid user)
- change acct for an unknown user "(unknown)"
- don't send login audit event in getpwnamallow()
|
2014-11-11 16:01:29 +01:00 |
|
Petr Lautrbach
|
4a92081130
|
fix kuserok patch which checked for the existence of .k5login unconditionally and hence prevented other mechanisms to be used properly
|
2014-11-11 11:34:18 +01:00 |
|
Petr Lautrbach
|
3c7aefbbeb
|
Ignore SIGXFSZ in postauth monitor
https://bugzilla.mindrot.org/show_bug.cgi?id=2263
|
2014-11-10 14:39:23 +01:00 |
|
Petr Lautrbach
|
f9f5754ffc
|
fix parsing of empty arguments in sshd_conf
https://bugzilla.mindrot.org/show_bug.cgi?id=2281
|
2014-11-10 10:58:25 +01:00 |
|
Petr Lautrbach
|
2ab5418106
|
don't consider a partial success as a failure
|
2014-11-10 10:53:49 +01:00 |
|
Petr Lautrbach
|
a1fe096ff3
|
apply RFC3454 stringprep to banners when possible
https://bugzilla.mindrot.org/show_bug.cgi?id=2058
|
2014-11-10 10:51:04 +01:00 |
|
Petr Lautrbach
|
9f170e3ec1
|
set a client's address right after a connection is set
http://bugzilla.mindrot.org/show_bug.cgi?id=2257
|
2014-11-10 10:30:45 +01:00 |
|
Petr Lautrbach
|
81226fcc51
|
6.4p1-5 + 0.9.3-1
|
2014-07-18 08:42:26 +02:00 |
|
Petr Lautrbach
|
66d55f7a69
|
standardise on NI_MAXHOST for gethostname() string lengths (#1051490)
|
2014-07-17 18:30:37 +02:00 |
|
Petr Lautrbach
|
d75575229f
|
6.4p1-4 + 0.9.3-1
|
2014-05-15 10:37:16 +02:00 |
|
Petr Lautrbach
|
8f8619e1e6
|
ignore environment variables with embedded '=' or '\0' characters (#1077843)
CVE-2014-2532
|
2014-05-15 10:24:04 +02:00 |
|
Petr Lautrbach
|
d271e02296
|
prevent a server from skipping SSHFP lookup (#1081338)
CVE-2014-2653
|
2014-05-15 10:23:46 +02:00 |
|
Petr Lautrbach
|
9a031d2641
|
try CLOCK_BOOTTIME with fallback (#1091992)
|
2014-05-14 17:30:43 +02:00 |
|
Petr Lautrbach
|
f3b39bb6cb
|
don't clean up gssapi credentials by default (#1055016)
|
2014-02-26 17:08:07 +01:00 |
|
Petr Lautrbach
|
f9f83a00b5
|
make /etc/ssh/moduli file public (#1043661)
|
2014-02-26 15:54:02 +01:00 |
|
Petr Lautrbach
|
c3c35d5f25
|
fix ssh-copy-id (#1058792)
|
2014-02-26 14:53:23 +01:00 |
|
Petr Lautrbach
|
e2813b36f4
|
log fipscheck verification message into syslog authpriv
|
2014-02-26 14:52:42 +01:00 |
|
Petr Lautrbach
|
9060bbe156
|
sshd-keygen.service - don't check dsa key, use ecdsa instead
|
2014-02-19 13:58:34 +01:00 |
|
Petr Lautrbach
|
96df3b5ecb
|
use tty allocation for a remote scp
|
2014-01-23 18:30:39 +01:00 |
|
Petr Lautrbach
|
b898cbf5e1
|
Run ssh-copy-id in the legacy mode when SSH_COPY_ID_LEGACY variable is set
|
2014-01-23 18:30:03 +01:00 |
|
Petr Lautrbach
|
084bc6fca5
|
FIPS mode - adjust the key echange DH groups and ssh-keygen according to SP800-131A
|
2014-01-23 18:29:02 +01:00 |
|
Petr Lautrbach
|
222dd2e358
|
6.4p1-3 + 0.9.3-1
|
2013-12-11 14:32:11 +01:00 |
|
Petr Lautrbach
|
2b2955a332
|
use only rsa and ecdsa host keys by default
|
2013-12-11 14:28:49 +01:00 |
|
Petr Lautrbach
|
545aa0d026
|
sshd-keygen - create an ecdsa host key with 640 permissions (#1023945)
|
2013-12-09 11:14:59 +01:00 |
|
Petr Lautrbach
|
89d920b074
|
6.4p1-2 + 0.9.3-1
|
2013-11-26 15:28:39 +01:00 |
|
Petr Lautrbach
|
82d2beb4d4
|
fix fatal() cleanup in the audit patch (#1029074)
|
2013-11-26 13:22:08 +01:00 |
|
Petr Lautrbach
|
36a09e37e8
|
fix parsing logic of ldap.conf file (#1033662)
|
2013-11-26 11:10:04 +01:00 |
|
Petr Lautrbach
|
8f439b3006
|
minor change in HOWTO.ssh-keycat - s/AuthorizedKeysCommandRunAs/AuthorizedKeysCommandUser/
|
2013-11-25 15:40:42 +01:00 |
|
Petr Lautrbach
|
09e9ef3d7c
|
6.4p1-1 + 0.9.3-1
|
2013-11-08 14:04:33 +01:00 |
|
Petr Lautrbach
|
27189b85ef
|
rebase audit patch for openssh-6.4p1
|
2013-11-08 13:33:51 +01:00 |
|
Petr Lautrbach
|
3ed6191f56
|
6.3p1-5 + 0.9.3-7
|
2013-11-01 17:07:27 +01:00 |
|
Petr Lautrbach
|
5795323a53
|
don't use xfree in pam_ssh_agent_auth sources <geertj@gmail.com> (#1024965)
|
2013-11-01 17:06:02 +01:00 |
|
Petr Lautrbach
|
3834483295
|
adjust gss kex mechanism to the upstream changes (#1024004)
|
2013-10-31 11:30:12 +01:00 |
|
Petr Lautrbach
|
7feb965804
|
6.3p1-4 + 0.9.3-6
|
2013-10-25 15:46:49 +02:00 |
|
Petr Lautrbach
|
2add7a8ff5
|
rebuild with openssl-1.0.1e-29.fc20 to enable ECC support
|
2013-10-25 15:19:26 +02:00 |
|
Petr Lautrbach
|
f0aa6e5f51
|
rebuild with openssl-1.0.1e-29.fc20 to enable ECC support
|
2013-10-25 14:46:48 +02:00 |
|