--- openssh-4.5p1/sshd_config.0.redhat 2006-11-07 14:07:28.000000000 +0100 +++ openssh-4.5p1/sshd_config.0 2006-12-20 22:04:16.000000000 +0100 @@ -430,9 +430,9 @@ SyslogFacility Gives the facility code that is used when logging messages from - sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0, - LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The de- - fault is AUTH. + sshd(8). The possible values are: DAEMON, USER, AUTH, AUTHPRIV, + LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. + The default is AUTH. TCPKeepAlive Specifies whether the system should send TCP keepalive messages --- openssh-4.5p1/sshd_config.redhat 2006-07-24 06:06:47.000000000 +0200 +++ openssh-4.5p1/sshd_config 2006-12-20 21:59:15.000000000 +0100 @@ -12,6 +12,7 @@ #Port 22 #Protocol 2,1 +Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: @@ -29,6 +30,7 @@ # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH +SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: @@ -55,9 +57,11 @@ # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no +PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes +ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no @@ -67,7 +71,9 @@ # GSSAPI options #GSSAPIAuthentication no +GSSAPIAuthentication yes #GSSAPICleanupCredentials yes +GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will @@ -79,10 +85,16 @@ # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. #UsePAM no +UsePAM yes +# Accept locale-related environment variables +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT +AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no +X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes --- openssh-4.5p1/ssh_config.redhat 2006-06-13 05:01:10.000000000 +0200 +++ openssh-4.5p1/ssh_config 2006-12-20 21:59:15.000000000 +0100 @@ -42,3 +42,13 @@ # Tunnel no # TunnelDevice any:any # PermitLocalCommand no +Host * + GSSAPIAuthentication yes +# If this option is set to yes then remote X11 clients will have full access +# to the original X11 display. As virtually no X11 client supports the untrusted +# mode correctly we set this to yes. + ForwardX11Trusted yes +# Send locale-related environment variables + SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES + SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT + SendEnv LC_IDENTIFICATION LC_ALL --- openssh-4.5p1/sshd_config.5.redhat 2006-08-30 03:06:34.000000000 +0200 +++ openssh-4.5p1/sshd_config.5 2006-12-20 22:05:18.000000000 +0100 @@ -740,7 +740,7 @@ .It Cm SyslogFacility Gives the facility code that is used when logging messages from .Xr sshd 8 . -The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, +The possible values are: DAEMON, USER, AUTH, AUTHPRIV, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The default is AUTH. .It Cm TCPKeepAlive