diff options
author | Damien Miller <djm@mindrot.org> | 2007-09-17 11:57:38 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2007-09-17 11:57:38 +1000 |
commit | 4890e539774ab8b57aa0ee733a5b07bdf9561af6 (patch) | |
tree | d2f3621c59e1bf6ae1513a74eb54cbdff0444fb3 | |
parent | 6f40204c442c92b180edc871e8946bade9f6b56f (diff) |
- djm@cvs.openbsd.org 2007/08/23 03:22:16
[auth2-none.c sshd_config sshd_config.5]
Support "Banner=none" to disable displaying of the pre-login banner;
ok dtucker@ deraadt@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | auth2-none.c | 7 | ||||
-rw-r--r-- | sshd_config | 4 | ||||
-rw-r--r-- | sshd_config.5 | 9 |
4 files changed, 17 insertions, 9 deletions
@@ -12,6 +12,10 @@ | |||
12 | [auth.h] | 12 | [auth.h] |
13 | login_cap.h doesn't belong here | 13 | login_cap.h doesn't belong here |
14 | NB. RCS ID sync only for portable | 14 | NB. RCS ID sync only for portable |
15 | - djm@cvs.openbsd.org 2007/08/23 03:22:16 | ||
16 | [auth2-none.c sshd_config sshd_config.5] | ||
17 | Support "Banner=none" to disable displaying of the pre-login banner; | ||
18 | ok dtucker@ deraadt@ | ||
15 | 19 | ||
16 | 20070914 | 20 | 20070914 |
17 | - (dtucker) [openbsd-compat/bsd-asprintf.c] Plug mem leak in error path. | 21 | - (dtucker) [openbsd-compat/bsd-asprintf.c] Plug mem leak in error path. |
@@ -3209,4 +3213,4 @@ | |||
3209 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 3213 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
3210 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 3214 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
3211 | 3215 | ||
3212 | $Id: ChangeLog,v 1.4745 2007/09/17 01:55:25 djm Exp $ | 3216 | $Id: ChangeLog,v 1.4746 2007/09/17 01:57:38 djm Exp $ |
diff --git a/auth2-none.c b/auth2-none.c index 952b44824..28e593e6c 100644 --- a/auth2-none.c +++ b/auth2-none.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth2-none.c,v 1.13 2006/08/05 07:52:52 dtucker Exp $ */ | 1 | /* $OpenBSD: auth2-none.c,v 1.14 2007/08/23 03:22:16 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -32,6 +32,7 @@ | |||
32 | #include <fcntl.h> | 32 | #include <fcntl.h> |
33 | #include <stdarg.h> | 33 | #include <stdarg.h> |
34 | #include <unistd.h> | 34 | #include <unistd.h> |
35 | #include <string.h> | ||
35 | 36 | ||
36 | #include "xmalloc.h" | 37 | #include "xmalloc.h" |
37 | #include "key.h" | 38 | #include "key.h" |
@@ -106,7 +107,9 @@ userauth_banner(void) | |||
106 | { | 107 | { |
107 | char *banner = NULL; | 108 | char *banner = NULL; |
108 | 109 | ||
109 | if (options.banner == NULL || (datafellows & SSH_BUG_BANNER)) | 110 | if (options.banner == NULL || |
111 | strcasecmp(options.banner, "none") == 0 || | ||
112 | (datafellows & SSH_BUG_BANNER) != 0) | ||
110 | return; | 113 | return; |
111 | 114 | ||
112 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) | 115 | if ((banner = PRIVSEP(auth2_read_banner())) == NULL) |
diff --git a/sshd_config b/sshd_config index 3393cec50..c7094e775 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -1,4 +1,4 @@ | |||
1 | # $OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $ | 1 | # $OpenBSD: sshd_config,v 1.76 2007/08/23 03:22:16 djm Exp $ |
2 | 2 | ||
3 | # This is the sshd server system-wide configuration file. See | 3 | # This is the sshd server system-wide configuration file. See |
4 | # sshd_config(5) for more information. | 4 | # sshd_config(5) for more information. |
@@ -104,7 +104,7 @@ Protocol 2 | |||
104 | #PermitTunnel no | 104 | #PermitTunnel no |
105 | 105 | ||
106 | # no default banner path | 106 | # no default banner path |
107 | #Banner /some/path | 107 | #Banner none |
108 | 108 | ||
109 | # override default of no subsystems | 109 | # override default of no subsystems |
110 | Subsystem sftp /usr/libexec/sftp-server | 110 | Subsystem sftp /usr/libexec/sftp-server |
diff --git a/sshd_config.5 b/sshd_config.5 index 2a283ea2d..3d4afb459 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -34,8 +34,8 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd_config.5,v 1.77 2007/06/08 07:48:09 jmc Exp $ | 37 | .\" $OpenBSD: sshd_config.5,v 1.78 2007/08/23 03:22:16 djm Exp $ |
38 | .Dd $Mdocdate: June 8 2007 $ | 38 | .Dd $Mdocdate: June 11 2007 $ |
39 | .Dt SSHD_CONFIG 5 | 39 | .Dt SSHD_CONFIG 5 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -159,10 +159,11 @@ directory. | |||
159 | The default is | 159 | The default is |
160 | .Dq .ssh/authorized_keys . | 160 | .Dq .ssh/authorized_keys . |
161 | .It Cm Banner | 161 | .It Cm Banner |
162 | In some jurisdictions, sending a warning message before authentication | ||
163 | may be relevant for getting legal protection. | ||
164 | The contents of the specified file are sent to the remote user before | 162 | The contents of the specified file are sent to the remote user before |
165 | authentication is allowed. | 163 | authentication is allowed. |
164 | If the argument is | ||
165 | .Dq none | ||
166 | then no banner is displayed. | ||
166 | This option is only available for protocol version 2. | 167 | This option is only available for protocol version 2. |
167 | By default, no banner is displayed. | 168 | By default, no banner is displayed. |
168 | .It Cm ChallengeResponseAuthentication | 169 | .It Cm ChallengeResponseAuthentication |