diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | servconf.c | 7 | ||||
| -rw-r--r-- | sshd_config.5 | 5 |
3 files changed, 12 insertions, 6 deletions
| @@ -19,6 +19,10 @@ | |||
| 19 | If scp -p encounters a pre-epoch timestamp, use the epoch which is | 19 | If scp -p encounters a pre-epoch timestamp, use the epoch which is |
| 20 | as close as we can get given that it's used unsigned. Add a little | 20 | as close as we can get given that it's used unsigned. Add a little |
| 21 | debugging while there. bz #828, ok djm@ | 21 | debugging while there. bz #828, ok djm@ |
| 22 | - dtucker@cvs.openbsd.org 2008/01/01 09:27:33 | ||
| 23 | [sshd_config.5 servconf.c] | ||
| 24 | Allow PermitRootLogin in a Match block. Allows for, eg, permitting root | ||
| 25 | only from the local network. ok markus@, man page bit ok jmc@ | ||
| 22 | 26 | ||
| 23 | 20071231 | 27 | 20071231 |
| 24 | - (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407: force use of | 28 | - (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407: force use of |
| @@ -3509,4 +3513,4 @@ | |||
| 3509 | OpenServer 6 and add osr5bigcrypt support so when someone migrates | 3513 | OpenServer 6 and add osr5bigcrypt support so when someone migrates |
| 3510 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ | 3514 | passwords between UnixWare and OpenServer they will still work. OK dtucker@ |
| 3511 | 3515 | ||
| 3512 | $Id: ChangeLog,v 1.4814 2008/01/01 09:36:25 dtucker Exp $ | 3516 | $Id: ChangeLog,v 1.4815 2008/01/01 09:36:56 dtucker Exp $ |
diff --git a/servconf.c b/servconf.c index 4e3140fe3..19c286c18 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: servconf.c,v 1.174 2007/12/31 10:41:31 dtucker Exp $ */ | 1 | /* $OpenBSD: servconf.c,v 1.175 2008/01/01 09:27:33 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 4 | * All rights reserved | 4 | * All rights reserved |
| @@ -321,7 +321,7 @@ static struct { | |||
| 321 | { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, | 321 | { "serverkeybits", sServerKeyBits, SSHCFG_GLOBAL }, |
| 322 | { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, | 322 | { "logingracetime", sLoginGraceTime, SSHCFG_GLOBAL }, |
| 323 | { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL }, | 323 | { "keyregenerationinterval", sKeyRegenerationTime, SSHCFG_GLOBAL }, |
| 324 | { "permitrootlogin", sPermitRootLogin, SSHCFG_GLOBAL }, | 324 | { "permitrootlogin", sPermitRootLogin, SSHCFG_ALL }, |
| 325 | { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, | 325 | { "syslogfacility", sLogFacility, SSHCFG_GLOBAL }, |
| 326 | { "loglevel", sLogLevel, SSHCFG_GLOBAL }, | 326 | { "loglevel", sLogLevel, SSHCFG_GLOBAL }, |
| 327 | { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, | 327 | { "rhostsauthentication", sDeprecated, SSHCFG_GLOBAL }, |
| @@ -806,7 +806,7 @@ parse_filename: | |||
| 806 | fatal("%s line %d: Bad yes/" | 806 | fatal("%s line %d: Bad yes/" |
| 807 | "without-password/forced-commands-only/no " | 807 | "without-password/forced-commands-only/no " |
| 808 | "argument: %s", filename, linenum, arg); | 808 | "argument: %s", filename, linenum, arg); |
| 809 | if (*intptr == -1) | 809 | if (*activep && *intptr == -1) |
| 810 | *intptr = value; | 810 | *intptr = value; |
| 811 | break; | 811 | break; |
| 812 | 812 | ||
| @@ -1351,6 +1351,7 @@ copy_set_server_options(ServerOptions *dst, ServerOptions *src, int preauth) | |||
| 1351 | M_CP_INTOPT(kerberos_authentication); | 1351 | M_CP_INTOPT(kerberos_authentication); |
| 1352 | M_CP_INTOPT(hostbased_authentication); | 1352 | M_CP_INTOPT(hostbased_authentication); |
| 1353 | M_CP_INTOPT(kbd_interactive_authentication); | 1353 | M_CP_INTOPT(kbd_interactive_authentication); |
| 1354 | M_CP_INTOPT(permit_root_login); | ||
| 1354 | 1355 | ||
| 1355 | M_CP_INTOPT(allow_tcp_forwarding); | 1356 | M_CP_INTOPT(allow_tcp_forwarding); |
| 1356 | M_CP_INTOPT(gateway_ports); | 1357 | M_CP_INTOPT(gateway_ports); |
diff --git a/sshd_config.5 b/sshd_config.5 index 3d4afb459..aa6720dc3 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
| @@ -34,8 +34,8 @@ | |||
| 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
| 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| 36 | .\" | 36 | .\" |
| 37 | .\" $OpenBSD: sshd_config.5,v 1.78 2007/08/23 03:22:16 djm Exp $ | 37 | .\" $OpenBSD: sshd_config.5,v 1.79 2008/01/01 09:27:33 dtucker Exp $ |
| 38 | .Dd $Mdocdate: June 11 2007 $ | 38 | .Dd $Mdocdate: January 1 2008 $ |
| 39 | .Dt SSHD_CONFIG 5 | 39 | .Dt SSHD_CONFIG 5 |
| 40 | .Os | 40 | .Os |
| 41 | .Sh NAME | 41 | .Sh NAME |
| @@ -524,6 +524,7 @@ Available keywords are | |||
| 524 | .Cm KerberosAuthentication , | 524 | .Cm KerberosAuthentication , |
| 525 | .Cm PasswordAuthentication , | 525 | .Cm PasswordAuthentication , |
| 526 | .Cm PermitOpen , | 526 | .Cm PermitOpen , |
| 527 | .Cm PermitRootLogin , | ||
| 527 | .Cm RhostsRSAAuthentication , | 528 | .Cm RhostsRSAAuthentication , |
| 528 | .Cm RSAAuthentication , | 529 | .Cm RSAAuthentication , |
| 529 | .Cm X11DisplayOffset , | 530 | .Cm X11DisplayOffset , |