rpms
/
openssh
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
574 Commits 32 Branches 239 Tags 9.6 MiB
Commit Graph

574 Commits

Author SHA1 Message Date
Jakub Jelen 4769e25cb1 the .local domain example should be in ssh_config, not in sshd_config 2015-03-11 11:43:08 +01:00
Jakub Jelen e3688ed6ab 6.4p1-8 + 0.9.3-1 2015-01-15 15:27:59 +01:00
Jakub Jelen 9718c78d6b Add missing documentation link to systemd service files (RHBZ#1181593) 2015-01-15 15:27:59 +01:00
Petr Lautrbach e83e64b469 add new option GSSAPIEnablek5users and disable using ~/.k5users by default CVE-2014-9278 (#1170745) 2015-01-15 15:27:59 +01:00
Jakub Jelen 6d6c363361 Update vendor-patchlevel string 2015-01-15 15:27:59 +01:00
Jakub Jelen 284aebf281 Update ldap extension to resolve #981058 2015-01-15 15:27:59 +01:00
Jakub Jelen 6b64f7566c Fix config parser for ip:port values (#1130733) 2015-01-15 15:27:59 +01:00
Jakub Jelen 87ef7b8238 Fix confusing error message in scp (#1142223) 2015-01-15 15:27:59 +01:00
Petr Lautrbach 11084609c9 increase size of AUDIT_LOG_SIZE to 256 2015-01-15 15:27:59 +01:00
Jakub Jelen 91cb47ec28 backport fix for sftp prepending remote directory to relative symlinks (#825538) 2015-01-09 17:21:15 +01:00
Petr Lautrbach 2de83b1356 6.4p1-7 + 0.9.3-1 2014-12-04 14:30:46 +01:00
Petr Lautrbach 2f3cd96ab9 use different values for DH for Cisco servers (#1026430) 2014-12-04 14:30:23 +01:00
Petr Lautrbach b64b2cc975 6.4p1-6 + 0.9.3-1 2014-11-11 16:06:16 +01:00
Petr Lautrbach 1232a2070b correct the calculation of bytes for authctxt->krb5_ccname <ams@corefiling.com> (#1161073) 2014-11-11 16:02:12 +01:00
Petr Lautrbach c53250668e change audit trail 
- do not use (invalid user)
- change acct for an unknown user "(unknown)"
- don't send login audit event in getpwnamallow()
 2014-11-11 16:01:29 +01:00
Petr Lautrbach 4a92081130 fix kuserok patch which checked for the existence of .k5login unconditionally and hence prevented other mechanisms to be used properly 2014-11-11 11:34:18 +01:00
Petr Lautrbach 3c7aefbbeb Ignore SIGXFSZ in postauth monitor 
https://bugzilla.mindrot.org/show_bug.cgi?id=2263
 2014-11-10 14:39:23 +01:00
Petr Lautrbach f9f5754ffc fix parsing of empty arguments in sshd_conf 
https://bugzilla.mindrot.org/show_bug.cgi?id=2281
 2014-11-10 10:58:25 +01:00
Petr Lautrbach 2ab5418106 don't consider a partial success as a failure 2014-11-10 10:53:49 +01:00
Petr Lautrbach a1fe096ff3 apply RFC3454 stringprep to banners when possible 
https://bugzilla.mindrot.org/show_bug.cgi?id=2058
 2014-11-10 10:51:04 +01:00
Petr Lautrbach 9f170e3ec1 set a client's address right after a connection is set 
http://bugzilla.mindrot.org/show_bug.cgi?id=2257
 2014-11-10 10:30:45 +01:00
Petr Lautrbach 81226fcc51 6.4p1-5 + 0.9.3-1 2014-07-18 08:42:26 +02:00
Petr Lautrbach 66d55f7a69 standardise on NI_MAXHOST for gethostname() string lengths (#1051490) 2014-07-17 18:30:37 +02:00
Petr Lautrbach d75575229f 6.4p1-4 + 0.9.3-1 2014-05-15 10:37:16 +02:00
Petr Lautrbach 8f8619e1e6 ignore environment variables with embedded '=' or '\0' characters (#1077843) 
CVE-2014-2532
 2014-05-15 10:24:04 +02:00
Petr Lautrbach d271e02296 prevent a server from skipping SSHFP lookup (#1081338) 
CVE-2014-2653
 2014-05-15 10:23:46 +02:00
Petr Lautrbach 9a031d2641 try CLOCK_BOOTTIME with fallback (#1091992) 2014-05-14 17:30:43 +02:00
Petr Lautrbach f3b39bb6cb don't clean up gssapi credentials by default (#1055016) 2014-02-26 17:08:07 +01:00
Petr Lautrbach f9f83a00b5 make /etc/ssh/moduli file public (#1043661) 2014-02-26 15:54:02 +01:00
Petr Lautrbach c3c35d5f25 fix ssh-copy-id (#1058792) 2014-02-26 14:53:23 +01:00
Petr Lautrbach e2813b36f4 log fipscheck verification message into syslog authpriv 2014-02-26 14:52:42 +01:00
Petr Lautrbach 9060bbe156 sshd-keygen.service - don't check dsa key, use ecdsa instead 2014-02-19 13:58:34 +01:00
Petr Lautrbach 96df3b5ecb use tty allocation for a remote scp 2014-01-23 18:30:39 +01:00
Petr Lautrbach b898cbf5e1 Run ssh-copy-id in the legacy mode when SSH_COPY_ID_LEGACY variable is set 2014-01-23 18:30:03 +01:00
Petr Lautrbach 084bc6fca5 FIPS mode - adjust the key echange DH groups and ssh-keygen according to SP800-131A 2014-01-23 18:29:02 +01:00
Petr Lautrbach 222dd2e358 6.4p1-3 + 0.9.3-1 2013-12-11 14:32:11 +01:00
Petr Lautrbach 2b2955a332 use only rsa and ecdsa host keys by default 2013-12-11 14:28:49 +01:00
Petr Lautrbach 545aa0d026 sshd-keygen - create an ecdsa host key with 640 permissions (#1023945) 2013-12-09 11:14:59 +01:00
Petr Lautrbach 89d920b074 6.4p1-2 + 0.9.3-1 2013-11-26 15:28:39 +01:00
Petr Lautrbach 82d2beb4d4 fix fatal() cleanup in the audit patch (#1029074) 2013-11-26 13:22:08 +01:00
Petr Lautrbach 36a09e37e8 fix parsing logic of ldap.conf file (#1033662) 2013-11-26 11:10:04 +01:00
Petr Lautrbach 8f439b3006 minor change in HOWTO.ssh-keycat - s/AuthorizedKeysCommandRunAs/AuthorizedKeysCommandUser/ 2013-11-25 15:40:42 +01:00
Petr Lautrbach 09e9ef3d7c 6.4p1-1 + 0.9.3-1 2013-11-08 14:04:33 +01:00
Petr Lautrbach 27189b85ef rebase audit patch for openssh-6.4p1 2013-11-08 13:33:51 +01:00
Petr Lautrbach 3ed6191f56 6.3p1-5 + 0.9.3-7 2013-11-01 17:07:27 +01:00
Petr Lautrbach 5795323a53 don't use xfree in pam_ssh_agent_auth sources <geertj@gmail.com> (#1024965) 2013-11-01 17:06:02 +01:00
Petr Lautrbach 3834483295 adjust gss kex mechanism to the upstream changes (#1024004) 2013-10-31 11:30:12 +01:00
Petr Lautrbach 7feb965804 6.3p1-4 + 0.9.3-6 2013-10-25 15:46:49 +02:00
Petr Lautrbach 2add7a8ff5 rebuild with openssl-1.0.1e-29.fc20 to enable ECC support 2013-10-25 15:19:26 +02:00
Petr Lautrbach f0aa6e5f51 rebuild with openssl-1.0.1e-29.fc20 to enable ECC support 2013-10-25 14:46:48 +02:00