summaryrefslogtreecommitdiff
path: root/ssh-vulnkey.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2011-09-06 14:56:29 +0100
committerColin Watson <cjwatson@debian.org>2011-09-06 14:56:29 +0100
commit978e62d6f14c60747bddef2cc72d66a9c8b83b54 (patch)
tree89400a44e42d84937deba7864e4964d6c7734da5 /ssh-vulnkey.c
parent87c685b8c6a49814fd782288097b3093f975aa72 (diff)
parent3a7e89697ca363de0f64e0d5704c57219294e41c (diff)
* New upstream release (http://www.openssh.org/txt/release-5.9).
- Introduce sandboxing of the pre-auth privsep child using an optional sshd_config(5) "UsePrivilegeSeparation=sandbox" mode that enables mandatory restrictions on the syscalls the privsep child can perform. - Add new SHA256-based HMAC transport integrity modes from http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt. - The pre-authentication sshd(8) privilege separation slave process now logs via a socket shared with the master process, avoiding the need to maintain /dev/log inside the chroot (closes: #75043, #429243, #599240). - ssh(1) now warns when a server refuses X11 forwarding (closes: #504757). - sshd_config(5)'s AuthorizedKeysFile now accepts multiple paths, separated by whitespace (closes: #76312). The authorized_keys2 fallback is deprecated but documented (closes: #560156). - ssh(1) and sshd(8): set IPv6 traffic class from IPQoS, as well as IPv4 ToS/DSCP (closes: #498297). - ssh-add(1) now accepts keys piped from standard input. E.g. "ssh-add - < /path/to/key" (closes: #229124). - Clean up lost-passphrase text in ssh-keygen(1) (closes: #444691). - Say "required" rather than "recommended" in unprotected-private-key warning (LP: #663455).
Diffstat (limited to 'ssh-vulnkey.c')
-rw-r--r--ssh-vulnkey.c1
1 files changed, 0 insertions, 1 deletions
diff --git a/ssh-vulnkey.c b/ssh-vulnkey.c
index 2e29ba462..f8125e0bb 100644
--- a/ssh-vulnkey.c
+++ b/ssh-vulnkey.c
@@ -311,7 +311,6 @@ main(int argc, char **argv)
311 /* We don't need the RNG ourselves, but symbol references here allow 311 /* We don't need the RNG ourselves, but symbol references here allow
312 * ld to link us properly. 312 * ld to link us properly.
313 */ 313 */
314 init_rng();
315 seed_rng(); 314 seed_rng();
316 315
317 while ((opt = getopt(argc, argv, "ahqv")) != -1) { 316 while ((opt = getopt(argc, argv, "ahqv")) != -1) {