diff options
| author | Colin Watson <cjwatson@debian.org> | 2005-05-25 16:17:14 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2005-05-25 16:17:14 +0000 |
| commit | 561717f5fa58a6fbfc973bc2658999326e0a5b20 (patch) | |
| tree | 4019ce505bdd080b9dd158eaacf920522ff03345 | |
| parent | 064cb9033ca7030037d613ae196795d10652e60d (diff) | |
Enable HashKnownHosts by default. This only affects new entries; use
'ssh-keygen -H' to convert an entire known_hosts file to hashed format.
| -rw-r--r-- | debian/changelog | 5 | ||||
| -rw-r--r-- | ssh_config | 1 |
2 files changed, 6 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index fb5908382..a4ecb14f4 100644 --- a/debian/changelog +++ b/debian/changelog | |||
| @@ -5,6 +5,9 @@ openssh (1:4.0p1-1) UNRELEASED; urgency=low | |||
| 5 | the server allows client-specified bind addresses for remote port | 5 | the server allows client-specified bind addresses for remote port |
| 6 | forwardings when configured with "GatewayPorts clientspecified" | 6 | forwardings when configured with "GatewayPorts clientspecified" |
| 7 | (closes: #87253, #192206). | 7 | (closes: #87253, #192206). |
| 8 | - ssh and ssh-keyscan now support hashing of known_hosts files for | ||
| 9 | improved privacy. ssh-keygen has new options for managing known_hosts | ||
| 10 | files, which understand hashing. | ||
| 8 | - sftp supports command history and editing support using libedit | 11 | - sftp supports command history and editing support using libedit |
| 9 | (closes: #287013). | 12 | (closes: #287013). |
| 10 | - Have scp and sftp wait for the spawned ssh to exit before they exit | 13 | - Have scp and sftp wait for the spawned ssh to exit before they exit |
| @@ -23,6 +26,8 @@ openssh (1:4.0p1-1) UNRELEASED; urgency=low | |||
| 23 | - Don't build ssh-askpass-gnome on the Hurd, until GNOME is available to | 26 | - Don't build ssh-askpass-gnome on the Hurd, until GNOME is available to |
| 24 | satisfy build-dependencies. | 27 | satisfy build-dependencies. |
| 25 | * Drop workaround for #242462 on amd64; it's been fixed properly upstream. | 28 | * Drop workaround for #242462 on amd64; it's been fixed properly upstream. |
| 29 | * Enable HashKnownHosts by default. This only affects new entries; use | ||
| 30 | 'ssh-keygen -H' to convert an entire known_hosts file to hashed format. | ||
| 26 | * debconf template translations: | 31 | * debconf template translations: |
| 27 | - Update Czech (thanks, Miroslav Kure; closes: #298744). | 32 | - Update Czech (thanks, Miroslav Kure; closes: #298744). |
| 28 | - Update Finnish (thanks, Matti Pöllä; closes: #303787). | 33 | - Update Finnish (thanks, Matti Pöllä; closes: #303787). |
diff --git a/ssh_config b/ssh_config index 67dde0769..0510f347c 100644 --- a/ssh_config +++ b/ssh_config | |||
| @@ -39,3 +39,4 @@ Host * | |||
| 39 | # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc | 39 | # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc |
| 40 | # EscapeChar ~ | 40 | # EscapeChar ~ |
| 41 | SendEnv LANG LC_* | 41 | SendEnv LANG LC_* |
| 42 | HashKnownHosts yes | ||