* New upstream release (LP: #535029).

- After a transition period of about 10 years, this release disables SSH protocol 1 by default. Clients and servers that need to use the legacy protocol must explicitly enable it in ssh_config / sshd_config or on the command-line. - Remove the libsectok/OpenSC-based smartcard code and add support for PKCS#11 tokens. This support is enabled by default in the Debian packaging, since it now doesn't involve additional library dependencies (closes: #231472, LP: #16918). - Add support for certificate authentication of users and hosts using a new, minimal OpenSSH certificate format (closes: #482806). - Added a 'netcat mode' to ssh(1): "ssh -W host:port ...". - Add the ability to revoke keys in sshd(8) and ssh(1). (For the Debian package, this overlaps with the key blacklisting facility added in openssh 1:4.7p1-9, but with different file formats and slightly different scopes; for the moment, I've roughly merged the two.) - Various multiplexing improvements, including support for requesting port-forwardings via the multiplex protocol (closes: #360151). - Allow setting an explicit umask on the sftp-server(8) commandline to override whatever default the user has (closes: #496843). - Many sftp client improvements, including tab-completion, more options, and recursive transfer support for get/put (LP: #33378). The old mget/mput commands never worked properly and have been removed (closes: #270399, #428082). - Do not prompt for a passphrase if we fail to open a keyfile, and log the reason why the open failed to debug (closes: #431538). - Prevent sftp from crashing when given a "-" without a command. Also, allow whitespace to follow a "-" (closes: #531561).
author: Colin Watson <cjwatson@debian.org> 2010-03-31 10:46:28 +0100
committer: Colin Watson <cjwatson@debian.org> 2010-03-31 10:46:28 +0100
commit: efd3d4522636ae029488c2e9730b60c88e257d2e (patch)
tree: 31e02ac3f16090ce8c53448677356b2b7f423683 /debian/patches/user-group-modes.patch
parent: bbec4db36d464ea1d464a707625125f9fd5c7b5e (diff)
parent: d1a87e462e1db89f19cd960588d0c6b287cb5ccc (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index c99c796f3..375a098f9 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -23,7 +23,7 @@ Index: b/readconf.c
 
 #include "xmalloc.h"
 #include "ssh.h"
-@@ -998,11 +1000,30 @@
+@@ -1000,11 +1002,30 @@
 
        if (checkperm) {
                struct stat sb;
@@ -60,7 +60,7 @@ Index: b/ssh.1
 ===================================================================
 --- a/ssh.1
 +++ b/ssh.1
-@@ -1299,6 +1299,8 @@
+@@ -1326,6 +1326,8 @@
 .Xr ssh_config 5 .
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
@@ -73,7 +73,7 @@ Index: b/ssh_config.5
 ===================================================================
 --- a/ssh_config.5
 +++ b/ssh_config.5
-@@ -1194,6 +1194,8 @@
+@@ -1208,6 +1208,8 @@
 This file is used by the SSH client.
 Because of the potential for abuse, this file must have strict permissions:
 read/write for the user, and not accessible by others.
author	Colin Watson <cjwatson@debian.org>	2010-03-31 10:46:28 +0100
committer	Colin Watson <cjwatson@debian.org>	2010-03-31 10:46:28 +0100
commit	efd3d4522636ae029488c2e9730b60c88e257d2e (patch)
tree	31e02ac3f16090ce8c53448677356b2b7f423683 /debian/patches/user-group-modes.patch
parent	bbec4db36d464ea1d464a707625125f9fd5c7b5e (diff)
parent	d1a87e462e1db89f19cd960588d0c6b287cb5ccc (diff)

diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch index c99c796f3..375a098f9 100644 --- a/debian/patches/user-group-modes.patch +++ b/debian/patches/user-group-modes.patch
@@ -23,7 +23,7 @@ Index: b/readconf.c
23		23
24	#include "xmalloc.h"	24	#include "xmalloc.h"
25	#include "ssh.h"	25	#include "ssh.h"
26	@@ -998,11 +1000,30 @@	26	@@ -1000,11 +1002,30 @@
27		27
28	if (checkperm) {	28	if (checkperm) {
29	struct stat sb;	29	struct stat sb;
@@ -60,7 +60,7 @@ Index: b/ssh.1
60	===================================================================	60	===================================================================
61	--- a/ssh.1	61	--- a/ssh.1
62	+++ b/ssh.1	62	+++ b/ssh.1
63	@@ -1299,6 +1299,8 @@	63	@@ -1326,6 +1326,8 @@
64	.Xr ssh_config 5 .	64	.Xr ssh_config 5 .
65	Because of the potential for abuse, this file must have strict permissions:	65	Because of the potential for abuse, this file must have strict permissions:
66	read/write for the user, and not accessible by others.	66	read/write for the user, and not accessible by others.
@@ -73,7 +73,7 @@ Index: b/ssh_config.5
73	===================================================================	73	===================================================================
74	--- a/ssh_config.5	74	--- a/ssh_config.5
75	+++ b/ssh_config.5	75	+++ b/ssh_config.5
76	@@ -1194,6 +1194,8 @@	76	@@ -1208,6 +1208,8 @@
77	This file is used by the SSH client.	77	This file is used by the SSH client.
78	Because of the potential for abuse, this file must have strict permissions:	78	Because of the potential for abuse, this file must have strict permissions:
79	read/write for the user, and not accessible by others.	79	read/write for the user, and not accessible by others.