summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog5
-rw-r--r--servconf.c6
-rw-r--r--sshd.84
-rw-r--r--sshd_config4
4 files changed, 11 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index 4b01424eb..a298756b6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -32,6 +32,9 @@
32 [kex.c monitor.c monitor_wrap.c sshd.c] 32 [kex.c monitor.c monitor_wrap.c sshd.c]
33 'monitor' variable clashes with at least one lame platform (NeXT). i 33 'monitor' variable clashes with at least one lame platform (NeXT). i
34 Renamed to 'pmonitor'. provos@ 34 Renamed to 'pmonitor'. provos@
35 - deraadt@cvs.openbsd.org 2002/05/04 02:39:35
36 [servconf.c sshd.8 sshd_config]
37 enable privsep by default; provos ok
35 - (bal) Fixed up PAM case. I think. 38 - (bal) Fixed up PAM case. I think.
36 - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy 39 - (bal) Clarified openbsd-compat/*-cray.* Licence provided by Wendy
37 40
@@ -638,4 +641,4 @@
638 - (stevesk) entropy.c: typo in debug message 641 - (stevesk) entropy.c: typo in debug message
639 - (djm) ssh-keygen -i needs seeded RNG; report from markus@ 642 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
640 643
641$Id: ChangeLog,v 1.2130 2002/05/15 16:39:51 mouring Exp $ 644$Id: ChangeLog,v 1.2131 2002/05/15 21:35:43 mouring Exp $
diff --git a/servconf.c b/servconf.c
index 4b5b406a7..5b894f744 100644
--- a/servconf.c
+++ b/servconf.c
@@ -10,7 +10,7 @@
10 */ 10 */
11 11
12#include "includes.h" 12#include "includes.h"
13RCSID("$OpenBSD: servconf.c,v 1.107 2002/04/22 16:16:53 markus Exp $"); 13RCSID("$OpenBSD: servconf.c,v 1.108 2002/05/04 02:39:35 deraadt Exp $");
14 14
15#if defined(KRB4) 15#if defined(KRB4)
16#include <krb.h> 16#include <krb.h>
@@ -250,9 +250,9 @@ fill_default_server_options(ServerOptions *options)
250 if (options->authorized_keys_file == NULL) 250 if (options->authorized_keys_file == NULL)
251 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS; 251 options->authorized_keys_file = _PATH_SSH_USER_PERMITTED_KEYS;
252 252
253 /* Turn privilege separation _off_ by default */ 253 /* Turn privilege separation on by default */
254 if (use_privsep == -1) 254 if (use_privsep == -1)
255 use_privsep = 0; 255 use_privsep = 1;
256} 256}
257 257
258/* Keyword tokens. */ 258/* Keyword tokens. */
diff --git a/sshd.8 b/sshd.8
index 04596d6a1..243dbf130 100644
--- a/sshd.8
+++ b/sshd.8
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: sshd.8,v 1.178 2002/04/22 16:16:53 markus Exp $ 37.\" $OpenBSD: sshd.8,v 1.179 2002/05/04 02:39:35 deraadt Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSHD 8 39.Dt SSHD 8
40.Os 40.Os
@@ -852,7 +852,7 @@ another process will be created that has the privilege of the authenticated
852user. The goal of privilege separation is to prevent privilege 852user. The goal of privilege separation is to prevent privilege
853escalation by containing any corruption within the unprivileged processes. 853escalation by containing any corruption within the unprivileged processes.
854The default is 854The default is
855.Dq no . 855.Dq yes .
856.It Cm VerifyReverseMapping 856.It Cm VerifyReverseMapping
857Specifies whether 857Specifies whether
858.Nm 858.Nm
diff --git a/sshd_config b/sshd_config
index d55a9e68c..dc940d922 100644
--- a/sshd_config
+++ b/sshd_config
@@ -1,4 +1,4 @@
1# $OpenBSD: sshd_config,v 1.51 2002/04/22 16:16:53 markus Exp $ 1# $OpenBSD: sshd_config,v 1.52 2002/05/04 02:39:35 deraadt Exp $
2 2
3# This is the sshd server system-wide configuration file. See sshd(8) 3# This is the sshd server system-wide configuration file. See sshd(8)
4# for more information. 4# for more information.
@@ -80,7 +80,7 @@
80#PrintLastLog yes 80#PrintLastLog yes
81#KeepAlive yes 81#KeepAlive yes
82#UseLogin no 82#UseLogin no
83#UsePrivilegeSeparation no 83#UsePrivilegeSeparation yes
84 84
85#MaxStartups 10 85#MaxStartups 10
86# no default banner path 86# no default banner path