diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | TODO | 13 | ||||
-rw-r--r-- | WARNING.RNG | 11 |
3 files changed, 10 insertions, 19 deletions
@@ -1,3 +1,6 @@ | |||
1 | 20041206 | ||
2 | - (dtucker) [TODO WARNING.RNG] Update to reflect current reality. ok djm@ | ||
3 | |||
1 | 20041203 | 4 | 20041203 |
2 | - (dtucker) OpenBSD CVS Sync | 5 | - (dtucker) OpenBSD CVS Sync |
3 | - jmc@cvs.openbsd.org 2004/11/07 17:42:36 | 6 | - jmc@cvs.openbsd.org 2004/11/07 17:42:36 |
@@ -1870,4 +1873,4 @@ | |||
1870 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 1873 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
1871 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 1874 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
1872 | 1875 | ||
1873 | $Id: ChangeLog,v 1.3584 2004/12/03 03:33:47 dtucker Exp $ | 1876 | $Id: ChangeLog,v 1.3585 2004/12/06 11:40:10 dtucker Exp $ |
@@ -30,13 +30,8 @@ Programming: | |||
30 | 30 | ||
31 | - More platforms for for setproctitle() emulation (testing needed) | 31 | - More platforms for for setproctitle() emulation (testing needed) |
32 | 32 | ||
33 | - Improve PAM support (a pam_lastlog module will cause sshd to exit) | ||
34 | and maybe support alternate forms of authentications like OPIE via | ||
35 | pam? | ||
36 | |||
37 | - Improve PAM ChallengeResponseAuthentication | 33 | - Improve PAM ChallengeResponseAuthentication |
38 | - Informational messages | 34 | - Informational messages |
39 | - chauthtok | ||
40 | - Use different PAM service name for kbdint vs regular auth (suggest from | 35 | - Use different PAM service name for kbdint vs regular auth (suggest from |
41 | Solar Designer) | 36 | Solar Designer) |
42 | - Ability to select which ChallengeResponseAuthentications may be used | 37 | - Ability to select which ChallengeResponseAuthentications may be used |
@@ -59,8 +54,6 @@ Clean up configure/makefiles: | |||
59 | information in wtmpx or utmpx or any of that stuff if it's not detected | 54 | information in wtmpx or utmpx or any of that stuff if it's not detected |
60 | from the start | 55 | from the start |
61 | 56 | ||
62 | - Fails to compile when cross compile. (vinschen@redhat.com) | ||
63 | |||
64 | - Replace the whole u_intXX_t evilness in acconfig.h with something better??? | 57 | - Replace the whole u_intXX_t evilness in acconfig.h with something better??? |
65 | - Do it in configure.ac | 58 | - Do it in configure.ac |
66 | 59 | ||
@@ -72,10 +65,6 @@ Clean up configure/makefiles: | |||
72 | entropy related stuff into another. | 65 | entropy related stuff into another. |
73 | 66 | ||
74 | Packaging: | 67 | Packaging: |
75 | - Solaris: Update packaging scripts and build new sysv startup scripts | ||
76 | Ideally the package metadata should be generated by autoconf. | ||
77 | (gilbert.r.loomis@saic.com) | ||
78 | |||
79 | - HP-UX: Provide DEPOT package scripts. | 68 | - HP-UX: Provide DEPOT package scripts. |
80 | (gilbert.r.loomis@saic.com) | 69 | (gilbert.r.loomis@saic.com) |
81 | 70 | ||
@@ -94,4 +83,4 @@ PrivSep Issues: | |||
94 | - Cygwin | 83 | - Cygwin |
95 | + Privsep for Pre-auth only (no fd passing) | 84 | + Privsep for Pre-auth only (no fd passing) |
96 | 85 | ||
97 | $Id: TODO,v 1.57 2004/02/11 09:44:13 dtucker Exp $ | 86 | $Id: TODO,v 1.58 2004/12/06 11:40:11 dtucker Exp $ |
diff --git a/WARNING.RNG b/WARNING.RNG index 5d4ea8753..687891a73 100644 --- a/WARNING.RNG +++ b/WARNING.RNG | |||
@@ -55,11 +55,10 @@ Executing each program in the list can take a large amount of time, | |||
55 | especially on slower machines. Additionally some program can take a | 55 | especially on slower machines. Additionally some program can take a |
56 | disproportionate time to execute. | 56 | disproportionate time to execute. |
57 | 57 | ||
58 | Tuning the default entropy collection code is difficult at this point. | 58 | Tuning the random helper can be done by running ./ssh-random-helper in |
59 | It requires doing 'times ./ssh-rand-helper' and modifying the | 59 | very verbose mode ("-vvv") and identifying the commands that are taking |
60 | ($etcdir)/ssh_prng_cmds until you have found the issue. In the next | 60 | accessive amounts of time or hanging altogher. Any problem commands can |
61 | release we will be looking at support '-v' for verbose output to allow | 61 | be modified or removed from ssh_prng_cmds. |
62 | easier debugging. | ||
63 | 62 | ||
64 | The default entropy collector will timeout programs which take too long | 63 | The default entropy collector will timeout programs which take too long |
65 | to execute, the actual timeout used can be adjusted with the | 64 | to execute, the actual timeout used can be adjusted with the |
@@ -93,4 +92,4 @@ If you are forced to use ssh-rand-helper consider still downloading | |||
93 | prngd/egd and configure OpenSSH using --with-prngd-port=xx or | 92 | prngd/egd and configure OpenSSH using --with-prngd-port=xx or |
94 | --with-prngd-socket=xx (refer to INSTALL for more information). | 93 | --with-prngd-socket=xx (refer to INSTALL for more information). |
95 | 94 | ||
96 | $Id: WARNING.RNG,v 1.6 2003/11/21 12:48:55 djm Exp $ | 95 | $Id: WARNING.RNG,v 1.7 2004/12/06 11:40:11 dtucker Exp $ |