diff options
author | Darren Tucker <dtucker@zip.com.au> | 2007-08-17 22:03:09 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2007-08-17 22:03:09 +1000 |
commit | 1a32953e487ceb311e38b603f270d7ddbd241a04 (patch) | |
tree | 6974c23d16c59d0e17ec71578addc48c0b9e4598 | |
parent | 637cc404c655ba935a28b03c813a949d45fa2d35 (diff) |
- (dtucker) [INSTALL] Group the parts describing random options and PAM
implementations together which is hopefully more coherent.
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | INSTALL | 49 |
2 files changed, 28 insertions, 25 deletions
@@ -2,6 +2,8 @@ | |||
2 | - (dtucker) [sshd.8] Many Linux variants use a single "!" to denote locked | 2 | - (dtucker) [sshd.8] Many Linux variants use a single "!" to denote locked |
3 | accounts and that's what the code looks for, so make man page and code | 3 | accounts and that's what the code looks for, so make man page and code |
4 | agree. Pointed out by Roumen Petrov. | 4 | agree. Pointed out by Roumen Petrov. |
5 | - (dtucker) [INSTALL] Group the parts describing random options and PAM | ||
6 | implementations together which is hopefully more coherent. | ||
5 | 7 | ||
6 | 20070816 | 8 | 20070816 |
7 | - (dtucker) [session.c] Call PAM cleanup functions for unauthenticated | 9 | - (dtucker) [session.c] Call PAM cleanup functions for unauthenticated |
@@ -3178,4 +3180,4 @@ | |||
3178 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 3180 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
3179 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 3181 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
3180 | 3182 | ||
3181 | $Id: ChangeLog,v 1.4732 2007/08/16 23:42:32 dtucker Exp $ | 3183 | $Id: ChangeLog,v 1.4733 2007/08/17 12:03:09 dtucker Exp $ |
@@ -14,31 +14,11 @@ Blowfish) do not work correctly.) | |||
14 | 14 | ||
15 | The remaining items are optional. | 15 | The remaining items are optional. |
16 | 16 | ||
17 | OpenSSH can utilise Pluggable Authentication Modules (PAM) if your | ||
18 | system supports it. PAM is standard most Linux distributions, Solaris, | ||
19 | HP-UX 11 and AIX >= 5.2. | ||
20 | |||
21 | NB. If you operating system supports /dev/random, you should configure | 17 | NB. If you operating system supports /dev/random, you should configure |
22 | OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of | 18 | OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of |
23 | /dev/random. If you don't you will have to rely on ssh-rand-helper, which | 19 | /dev/random, or failing that, either prngd or egd. If you don't have |
24 | is inferior to a good kernel-based solution. | 20 | any of these you will have to rely on ssh-rand-helper, which is inferior |
25 | 21 | to a good kernel-based solution or prngd. | |
26 | Linux PAM: | ||
27 | http://www.kernel.org/pub/linux/libs/pam/ | ||
28 | |||
29 | OpenPAM: | ||
30 | http://www.openpam.org/ | ||
31 | |||
32 | If you wish to build the GNOME passphrase requester, you will need the GNOME | ||
33 | libraries and headers. | ||
34 | |||
35 | GNOME: | ||
36 | http://www.gnome.org/ | ||
37 | |||
38 | Alternatively, Jim Knoble <jmknoble@pobox.com> has written an excellent X11 | ||
39 | passphrase requester. This is maintained separately at: | ||
40 | |||
41 | http://www.jmknoble.net/software/x11-ssh-askpass/ | ||
42 | 22 | ||
43 | PRNGD: | 23 | PRNGD: |
44 | 24 | ||
@@ -54,6 +34,27 @@ lacks /dev/random and don't want to use OpenSSH's internal entropy collection. | |||
54 | 34 | ||
55 | http://www.lothar.com/tech/crypto/ | 35 | http://www.lothar.com/tech/crypto/ |
56 | 36 | ||
37 | OpenSSH can utilise Pluggable Authentication Modules (PAM) if your | ||
38 | system supports it. PAM is standard most Linux distributions, Solaris, | ||
39 | HP-UX 11, AIX >= 5.2, FreeBSD and NetBSD. | ||
40 | |||
41 | Information about the various PAM implementations are available: | ||
42 | |||
43 | Solaris PAM: http://www.sun.com/software/solaris/pam/ | ||
44 | Linux PAM: http://www.kernel.org/pub/linux/libs/pam/ | ||
45 | OpenPAM: http://www.openpam.org/ | ||
46 | |||
47 | If you wish to build the GNOME passphrase requester, you will need the GNOME | ||
48 | libraries and headers. | ||
49 | |||
50 | GNOME: | ||
51 | http://www.gnome.org/ | ||
52 | |||
53 | Alternatively, Jim Knoble <jmknoble@pobox.com> has written an excellent X11 | ||
54 | passphrase requester. This is maintained separately at: | ||
55 | |||
56 | http://www.jmknoble.net/software/x11-ssh-askpass/ | ||
57 | |||
57 | S/Key Libraries: | 58 | S/Key Libraries: |
58 | 59 | ||
59 | If you wish to use --with-skey then you will need the library below | 60 | If you wish to use --with-skey then you will need the library below |
@@ -254,4 +255,4 @@ Please refer to the "reporting bugs" section of the webpage at | |||
254 | http://www.openssh.com/ | 255 | http://www.openssh.com/ |
255 | 256 | ||
256 | 257 | ||
257 | $Id: INSTALL,v 1.80 2007/08/17 11:40:22 dtucker Exp $ | 258 | $Id: INSTALL,v 1.81 2007/08/17 12:03:10 dtucker Exp $ |