diff options
author | Colin Watson <cjwatson@debian.org> | 2016-12-26 00:56:20 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-12-26 00:58:36 +0000 |
commit | f34e7a4deda39af73585fb2440e7ebc062940a6a (patch) | |
tree | 0fd69bca2a7c69396c227a03f66317d391040116 /debian/patches/debian-config.patch | |
parent | de911c73504da8dd7d9bbaddcf0c0845dd6eb9a0 (diff) | |
parent | 41265d4fa6f5946719155a08a19717a4ca229454 (diff) |
Remove redundant "GSSAPIDelegateCredentials no" from ssh_config (already the upstream default), and document that setting ServerAliveInterval to 300 by default if BatchMode is set is Debian-specific (closes: #765630).
Diffstat (limited to 'debian/patches/debian-config.patch')
-rw-r--r-- | debian/patches/debian-config.patch | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch index 65175d589..9b46e1392 100644 --- a/debian/patches/debian-config.patch +++ b/debian/patches/debian-config.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From af54c22db774b37a15df5e599d08a83d4bbe5079 Mon Sep 17 00:00:00 2001 | 1 | From 41265d4fa6f5946719155a08a19717a4ca229454 Mon Sep 17 00:00:00 2001 |
2 | From: Colin Watson <cjwatson@debian.org> | 2 | From: Colin Watson <cjwatson@debian.org> |
3 | Date: Sun, 9 Feb 2014 16:10:18 +0000 | 3 | Date: Sun, 9 Feb 2014 16:10:18 +0000 |
4 | Subject: Various Debian-specific configuration changes | 4 | Subject: Various Debian-specific configuration changes |
@@ -11,8 +11,7 @@ ssh: Set 'SendEnv LANG LC_*' by default (http://bugs.debian.org/264024). | |||
11 | ssh: Enable HashKnownHosts by default to try to limit the spread of ssh | 11 | ssh: Enable HashKnownHosts by default to try to limit the spread of ssh |
12 | worms. | 12 | worms. |
13 | 13 | ||
14 | ssh: Enable GSSAPIAuthentication and disable GSSAPIDelegateCredentials by | 14 | ssh: Enable GSSAPIAuthentication by default. |
15 | default. | ||
16 | 15 | ||
17 | sshd: Enable PAM, disable ChallengeResponseAuthentication, and disable | 16 | sshd: Enable PAM, disable ChallengeResponseAuthentication, and disable |
18 | PrintMotd. | 17 | PrintMotd. |
@@ -27,17 +26,17 @@ Document all of this. | |||
27 | 26 | ||
28 | Author: Russ Allbery <rra@debian.org> | 27 | Author: Russ Allbery <rra@debian.org> |
29 | Forwarded: not-needed | 28 | Forwarded: not-needed |
30 | Last-Update: 2016-12-24 | 29 | Last-Update: 2016-12-26 |
31 | 30 | ||
32 | Patch-Name: debian-config.patch | 31 | Patch-Name: debian-config.patch |
33 | --- | 32 | --- |
34 | readconf.c | 2 +- | 33 | readconf.c | 2 +- |
35 | ssh.1 | 21 +++++++++++++++++++++ | 34 | ssh.1 | 21 +++++++++++++++++++++ |
36 | ssh_config | 7 ++++++- | 35 | ssh_config | 6 +++++- |
37 | ssh_config.5 | 19 ++++++++++++++++++- | 36 | ssh_config.5 | 19 ++++++++++++++++++- |
38 | sshd_config | 16 ++++++++++------ | 37 | sshd_config | 16 ++++++++++------ |
39 | sshd_config.5 | 22 ++++++++++++++++++++++ | 38 | sshd_config.5 | 22 ++++++++++++++++++++++ |
40 | 6 files changed, 78 insertions(+), 9 deletions(-) | 39 | 6 files changed, 77 insertions(+), 9 deletions(-) |
41 | 40 | ||
42 | diff --git a/readconf.c b/readconf.c | 41 | diff --git a/readconf.c b/readconf.c |
43 | index c02cdf63..d1091cbd 100644 | 42 | index c02cdf63..d1091cbd 100644 |
@@ -92,7 +91,7 @@ index 22e56a7b..6aa57c46 100644 | |||
92 | Send log information using the | 91 | Send log information using the |
93 | .Xr syslog 3 | 92 | .Xr syslog 3 |
94 | diff --git a/ssh_config b/ssh_config | 93 | diff --git a/ssh_config b/ssh_config |
95 | index 4e879cd2..5190b06b 100644 | 94 | index 4e879cd2..093c8366 100644 |
96 | --- a/ssh_config | 95 | --- a/ssh_config |
97 | +++ b/ssh_config | 96 | +++ b/ssh_config |
98 | @@ -17,9 +17,10 @@ | 97 | @@ -17,9 +17,10 @@ |
@@ -107,16 +106,15 @@ index 4e879cd2..5190b06b 100644 | |||
107 | # RhostsRSAAuthentication no | 106 | # RhostsRSAAuthentication no |
108 | # RSAAuthentication yes | 107 | # RSAAuthentication yes |
109 | # PasswordAuthentication yes | 108 | # PasswordAuthentication yes |
110 | @@ -50,3 +51,7 @@ | 109 | @@ -50,3 +51,6 @@ |
111 | # VisualHostKey no | 110 | # VisualHostKey no |
112 | # ProxyCommand ssh -q -W %h:%p gateway.example.com | 111 | # ProxyCommand ssh -q -W %h:%p gateway.example.com |
113 | # RekeyLimit 1G 1h | 112 | # RekeyLimit 1G 1h |
114 | + SendEnv LANG LC_* | 113 | + SendEnv LANG LC_* |
115 | + HashKnownHosts yes | 114 | + HashKnownHosts yes |
116 | + GSSAPIAuthentication yes | 115 | + GSSAPIAuthentication yes |
117 | + GSSAPIDelegateCredentials no | ||
118 | diff --git a/ssh_config.5 b/ssh_config.5 | 116 | diff --git a/ssh_config.5 b/ssh_config.5 |
119 | index 40617be4..8dce757e 100644 | 117 | index 8698c28e..26f983a3 100644 |
120 | --- a/ssh_config.5 | 118 | --- a/ssh_config.5 |
121 | +++ b/ssh_config.5 | 119 | +++ b/ssh_config.5 |
122 | @@ -74,6 +74,22 @@ Since the first obtained value for each parameter is used, more | 120 | @@ -74,6 +74,22 @@ Since the first obtained value for each parameter is used, more |