summaryrefslogtreecommitdiff
path: root/debian/openssh-server.templates
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2008-01-11 00:09:20 +0000
committerColin Watson <cjwatson@debian.org>2008-01-11 00:09:20 +0000
commita508edc2333f9b001dabd65368067a8cc05d3faa (patch)
tree6dec8710161eb36a91affbc1f4170291d8ef57dd /debian/openssh-server.templates
parent7663ed6227ec01f2fc33e7adcb597201f006b62e (diff)
* Drop source-compatibility with Debian 3.0:
- Remove support for building with GNOME 1. This allows simplification of our GNOME build-dependencies (see #460136). - Remove hacks to support the old PAM configuration scheme. - Remove compatibility for building without po-debconf. * Build-depend on libgtk2.0-dev rather than libgnomeui-dev. As far as I can see, the GTK2 version of ssh-askpass-gnome has never required libgnomeui-dev.
Diffstat (limited to 'debian/openssh-server.templates')
-rw-r--r--debian/openssh-server.templates64
1 files changed, 64 insertions, 0 deletions
diff --git a/debian/openssh-server.templates b/debian/openssh-server.templates
new file mode 100644
index 000000000..2cc62f8f1
--- /dev/null
+++ b/debian/openssh-server.templates
@@ -0,0 +1,64 @@
1# These templates have been reviewed by the debian-l10n-english
2# team
3#
4# If modifications/additions/rewording are needed, please ask
5# for an advice to debian-l10n-english@lists.debian.org
6#
7# Even minor modifications require translation updates and such
8# changes should be coordinated with translators and reviewers.
9#
10Template: ssh/new_config
11Type: boolean
12Default: true
13_Description: Generate a new configuration file for OpenSSH?
14 This version of OpenSSH has a considerably changed configuration file from
15 the version shipped in Debian 'Potato', which you appear to be upgrading
16 from. This package can now generate a new configuration file
17 (/etc/ssh/sshd.config), which will work with the new server version, but
18 will not contain any customizations you made with the old version.
19 .
20 Please note that this new configuration file will set the value of
21 'PermitRootLogin' to 'yes' (meaning that anyone knowing the root password
22 can ssh directly in as root). Please read the README.Debian file for
23 more details about this design choice.
24 .
25 It is strongly recommended that you choose to generate a new
26 configuration file now.
27
28Template: ssh/use_old_init_script
29Type: boolean
30Default: false
31_Description: Do you want to risk killing active SSH sessions?
32 The currently installed version of /etc/init.d/ssh is likely to kill
33 all running sshd instances. If you are doing this upgrade via an SSH
34 session, you're likely to be disconnected and leave the upgrade
35 procedure unfinished.
36 .
37 This can be fixed by manually adding "--pidfile /var/run/sshd.pid" to
38 the start-stop-daemon line in the stop section of the file.
39
40Template: ssh/encrypted_host_key_but_no_keygen
41Type: note
42_Description: New host key mandatory
43 The current host key, in /etc/ssh/ssh_host_key, is encrypted with the
44 IDEA algorithm. OpenSSH can not handle this host key file, and the
45 ssh-keygen utility from the old (non-free) SSH installation does not
46 appear to be available.
47 .
48 You need to manually generate a new host key.
49
50Template: ssh/disable_cr_auth
51Type: boolean
52Default: false
53_Description: Disable challenge-response authentication?
54 Password authentication appears to be disabled in the current OpenSSH
55 server configuration. In order to prevent users from logging in using
56 passwords (perhaps using only public key authentication instead) with
57 recent versions of OpenSSH, you must disable challenge-response
58 authentication, or else ensure that your PAM configuration does not allow
59 Unix password file authentication.
60 .
61 If you disable challenge-response authentication, then users will not be
62 able to log in using passwords. If you leave it enabled (the default
63 answer), then the 'PasswordAuthentication no' option will have no useful
64 effect unless you also adjust your PAM configuration in /etc/pam.d/ssh.