diff options
-rw-r--r-- | Makefile | 80 | ||||
-rw-r--r-- | Makefile.in | 3 | ||||
-rw-r--r-- | includes.h | 12 | ||||
-rw-r--r-- | openscp.1 (renamed from scp.1) | 2 | ||||
-rw-r--r-- | openssh-add.1 (renamed from ssh-add.1) | 2 | ||||
-rw-r--r-- | openssh-agent.1 (renamed from ssh-agent.1) | 2 | ||||
-rw-r--r-- | openssh-keygen.1 (renamed from ssh-keygen.1) | 2 | ||||
-rw-r--r-- | openssh.1 (renamed from ssh.1) | 28 | ||||
-rw-r--r-- | openssh.spec | 98 | ||||
-rw-r--r-- | opensshd.8 (renamed from sshd.8) | 38 | ||||
-rwxr-xr-x | opensshd.init (renamed from sshd.init) | 24 | ||||
-rw-r--r-- | opensshd.pam (renamed from ssh.pam) | 0 | ||||
-rw-r--r-- | sshd.c | 42 | ||||
-rw-r--r-- | sshd_config | 4 |
14 files changed, 200 insertions, 137 deletions
@@ -1,13 +1,75 @@ | |||
1 | # $OpenBSD: Makefile,v 1.5 1999/10/25 20:27:26 markus Exp $ | 1 | # Generated automatically from Makefile.in by configure. |
2 | prefix=/usr/local | ||
3 | exec_prefix=${prefix} | ||
4 | bindir=${exec_prefix}/bin | ||
5 | sbindir=${exec_prefix}/sbin | ||
6 | libdir=${exec_prefix}/lib | ||
2 | 7 | ||
3 | .include <bsd.own.mk> | 8 | CC=gcc |
9 | OPT_FLAGS=-g | ||
10 | CFLAGS=$(OPT_FLAGS) -Wall -DETCDIR=\"${prefix}/etc\" -DHAVE_CONFIG_H | ||
11 | TARGETS=bin/libopenssh.a bin/openssh bin/opensshd bin/openssh-add bin/openssh-keygen bin/openssh-agent bin/openscp | ||
12 | LFLAGS=-L./bin | ||
13 | LIBS=-lopenssh -lpam -ldl -lpwdb -lz -lutil -lcrypto | ||
14 | AR=ar | ||
15 | RANLIB=ranlib | ||
4 | 16 | ||
5 | SUBDIR= lib ssh sshd ssh-add ssh-keygen ssh-agent scp | 17 | OBJS= authfd.o authfile.o auth-passwd.o auth-rhosts.o auth-rh-rsa.o \ |
18 | auth-rsa.o bufaux.o buffer.o canohost.o channels.o cipher.o \ | ||
19 | clientloop.o compress.o crc32.o deattack.o helper.o hostfile.o \ | ||
20 | log-client.o login.o log-server.o match.o mpaux.o packet.o pty.o \ | ||
21 | readconf.o readpass.o rsa.o servconf.o serverloop.o \ | ||
22 | sshconnect.o tildexpand.o ttymodes.o uidswap.o xmalloc.o \ | ||
23 | helper.o mktemp.o strlcpy.o rc4.o | ||
6 | 24 | ||
7 | distribution: | 25 | all: $(OBJS) $(TARGETS) |
8 | install -C -o root -g wheel -m 0644 ${.CURDIR}/ssh_config \ | ||
9 | ${DESTDIR}/etc/ssh_config | ||
10 | install -C -o root -g wheel -m 0644 ${.CURDIR}/sshd_config \ | ||
11 | ${DESTDIR}/etc/sshd_config | ||
12 | 26 | ||
13 | .include <bsd.subdir.mk> | 27 | bin/libopenssh.a: authfd.o authfile.o bufaux.o buffer.o canohost.o channels.o cipher.o compat.o compress.o crc32.o deattack.o hostfile.o match.o mpaux.o nchan.o packet.o readpass.o rsa.o tildexpand.o ttymodes.o uidswap.o xmalloc.o helper.o rc4.o mktemp.o strlcpy.o |
28 | [ -d bin ] || mkdir bin | ||
29 | $(AR) rv $@ $^ | ||
30 | $(RANLIB) $@ | ||
31 | |||
32 | bin/openssh: ssh.o sshconnect.o log-client.o readconf.o clientloop.o | ||
33 | [ -d bin ] || mkdir bin | ||
34 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) | ||
35 | |||
36 | bin/opensshd: sshd.o auth-rhosts.o auth-passwd.o auth-rsa.o auth-rh-rsa.o pty.o log-server.o login.o servconf.o serverloop.o | ||
37 | [ -d bin ] || mkdir bin | ||
38 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) | ||
39 | |||
40 | bin/openscp: scp.o | ||
41 | [ -d bin ] || mkdir bin | ||
42 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) | ||
43 | |||
44 | bin/openssh-add: ssh-add.o log-client.o | ||
45 | [ -d bin ] || mkdir bin | ||
46 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) | ||
47 | |||
48 | bin/openssh-agent: ssh-agent.o log-client.o | ||
49 | [ -d bin ] || mkdir bin | ||
50 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) | ||
51 | |||
52 | bin/openssh-keygen: ssh-keygen.o log-client.o | ||
53 | [ -d bin ] || mkdir bin | ||
54 | $(CC) -o $@ $^ $(LFLAGS) $(LIBS) | ||
55 | |||
56 | clean: | ||
57 | rm -f *.o core bin/* config.status config.cache config.log | ||
58 | |||
59 | install: | ||
60 | install -d $(bindir) | ||
61 | install -d $(sbindir) | ||
62 | install -d $(libdir) | ||
63 | install -c bin/openssh $(bindir)/openssh | ||
64 | install -c bin/openscp $(bindir)/openscp | ||
65 | install -c bin/openssh-add $(bindir)/openssh-add | ||
66 | install -c bin/openssh-agent $(bindir)/openssh-agent | ||
67 | install -c bin/openssh-keygen $(bindir)/openssh-keygen | ||
68 | install -c bin/opensshd $(sbindir)/opensshd | ||
69 | install -c bin/libopenssh.a $(libdir)/libopenssh.a | ||
70 | |||
71 | distclean: clean | ||
72 | rm -f Makefile config.h *~ | ||
73 | rm -rf bin | ||
74 | |||
75 | mrproper: distclean | ||
diff --git a/Makefile.in b/Makefile.in index 8e1d2f1a1..2601404ce 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -5,7 +5,8 @@ sbindir=@sbindir@ | |||
5 | libdir=@libdir@ | 5 | libdir=@libdir@ |
6 | 6 | ||
7 | CC=@CC@ | 7 | CC=@CC@ |
8 | CFLAGS=-g -Wall -DETCDIR=\"/etc/ssh\" @DEFS@ | 8 | OPT_FLAGS=-g |
9 | CFLAGS=$(OPT_FLAGS) -Wall -DETCDIR=\"@sysconfdir@\" @DEFS@ | ||
9 | TARGETS=bin/libopenssh.a bin/openssh bin/opensshd bin/openssh-add bin/openssh-keygen bin/openssh-agent bin/openscp | 10 | TARGETS=bin/libopenssh.a bin/openssh bin/opensshd bin/openssh-add bin/openssh-keygen bin/openssh-agent bin/openscp |
10 | LFLAGS=-L./bin | 11 | LFLAGS=-L./bin |
11 | LIBS=-lopenssh @LIBS@ | 12 | LIBS=-lopenssh @LIBS@ |
diff --git a/includes.h b/includes.h index b2e8c1e78..609dd49b8 100644 --- a/includes.h +++ b/includes.h | |||
@@ -57,15 +57,17 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } | |||
57 | 57 | ||
58 | #include "version.h" | 58 | #include "version.h" |
59 | 59 | ||
60 | #include "config.h" | ||
61 | |||
60 | #include "helper.h" | 62 | #include "helper.h" |
61 | #include "mktemp.h" | 63 | #include "mktemp.h" |
62 | #include "strlcpy.h" | 64 | #include "strlcpy.h" |
63 | 65 | ||
64 | #ifdef HAVE_PAM | 66 | #ifdef HAVE_LIBPAM |
65 | #include <security/pam_appl.h> | 67 | #include <security/pam_appl.h> |
66 | #endif /* HAVE_PAM */ | 68 | #endif /* HAVE_PAM */ |
67 | 69 | ||
68 | #ifdef HAVE_PWDB | 70 | #ifdef HAVE_LIBPWDB |
69 | #include <pwdb/pwdb_map.h> | 71 | #include <pwdb/pwdb_map.h> |
70 | #endif /* HAVE_PWDB */ | 72 | #endif /* HAVE_PWDB */ |
71 | 73 | ||
@@ -83,10 +85,4 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } | |||
83 | client program. Socketpairs do not seem to work on all systems. */ | 85 | client program. Socketpairs do not seem to work on all systems. */ |
84 | #define USE_PIPES 1 | 86 | #define USE_PIPES 1 |
85 | 87 | ||
86 | #ifndef SHUT_RD | ||
87 | #define SHUT_RD 0 | ||
88 | #define SHUT_WR 1 | ||
89 | #define SHUT_RDWR 2 | ||
90 | #endif /* SHUT_RD */ | ||
91 | |||
92 | #endif /* INCLUDES_H */ | 88 | #endif /* INCLUDES_H */ |
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sun May 7 00:14:37 1995 ylo | 10 | .\" Created: Sun May 7 00:14:37 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $Id: scp.1,v 1.1 1999/10/27 03:42:44 damien Exp $ | 12 | .\" $Id: openscp.1,v 1.1 1999/10/28 04:03:14 damien Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SCP 1 | 15 | .Dt SCP 1 |
diff --git a/ssh-add.1 b/openssh-add.1 index 4c64ab2b3..fd0861fe0 100644 --- a/ssh-add.1 +++ b/openssh-add.1 | |||
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sat Apr 22 23:55:14 1995 ylo | 10 | .\" Created: Sat Apr 22 23:55:14 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $Id: ssh-add.1,v 1.1 1999/10/27 03:42:45 damien Exp $ | 12 | .\" $Id: openssh-add.1,v 1.1 1999/10/28 04:03:14 damien Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SSH-ADD 1 | 15 | .Dt SSH-ADD 1 |
diff --git a/ssh-agent.1 b/openssh-agent.1 index 01c43cdee..df061df82 100644 --- a/ssh-agent.1 +++ b/openssh-agent.1 | |||
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sat Apr 23 20:10:43 1995 ylo | 10 | .\" Created: Sat Apr 23 20:10:43 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $Id: ssh-agent.1,v 1.1 1999/10/27 03:42:45 damien Exp $ | 12 | .\" $Id: openssh-agent.1,v 1.1 1999/10/28 04:03:14 damien Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SSH-AGENT 1 | 15 | .Dt SSH-AGENT 1 |
diff --git a/ssh-keygen.1 b/openssh-keygen.1 index 67fbfd2c7..c135be441 100644 --- a/ssh-keygen.1 +++ b/openssh-keygen.1 | |||
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sat Apr 22 23:55:14 1995 ylo | 10 | .\" Created: Sat Apr 22 23:55:14 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $Id: ssh-keygen.1,v 1.1 1999/10/27 03:42:45 damien Exp $ | 12 | .\" $Id: openssh-keygen.1,v 1.1 1999/10/28 04:03:14 damien Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SSH-KEYGEN 1 | 15 | .Dt SSH-KEYGEN 1 |
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo | 10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $Id: ssh.1,v 1.1 1999/10/27 03:42:45 damien Exp $ | 12 | .\" $Id: openssh.1,v 1.1 1999/10/28 04:03:14 damien Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SSH 1 | 15 | .Dt SSH 1 |
@@ -66,7 +66,7 @@ his/her identity to the remote machine using one of several methods. | |||
66 | First, if the machine the user logs in from is listed in | 66 | First, if the machine the user logs in from is listed in |
67 | .Pa /etc/hosts.equiv | 67 | .Pa /etc/hosts.equiv |
68 | or | 68 | or |
69 | .Pa /etc/shosts.equiv | 69 | .Pa /etc/openssh/shosts.equiv |
70 | on the remote machine, and the user names are | 70 | on the remote machine, and the user names are |
71 | the same on both sides, the user is immediately permitted to log in. | 71 | the same on both sides, the user is immediately permitted to log in. |
72 | Second, if | 72 | Second, if |
@@ -89,10 +89,10 @@ means that if the login would be permitted by | |||
89 | .Pa \&.shosts , | 89 | .Pa \&.shosts , |
90 | .Pa /etc/hosts.equiv , | 90 | .Pa /etc/hosts.equiv , |
91 | or | 91 | or |
92 | .Pa /etc/shosts.equiv , | 92 | .Pa /etc/openssh/shosts.equiv , |
93 | and if additionally the server can verify the client's | 93 | and if additionally the server can verify the client's |
94 | host key (see | 94 | host key (see |
95 | .Pa /etc/ssh_known_hosts | 95 | .Pa /etc/openssh/ssh_known_hosts |
96 | in the | 96 | in the |
97 | .Sx FILES | 97 | .Sx FILES |
98 | section), only then login is | 98 | section), only then login is |
@@ -248,7 +248,7 @@ identifications for all hosts it has ever been used with. The | |||
248 | database is stored in | 248 | database is stored in |
249 | .Pa \&.ssh/known_hosts | 249 | .Pa \&.ssh/known_hosts |
250 | in the user's home directory. Additionally, the file | 250 | in the user's home directory. Additionally, the file |
251 | .Pa /etc/ssh_known_hosts | 251 | .Pa /etc/openssh/ssh_known_hosts |
252 | is automatically checked for known hosts. Any new hosts are | 252 | is automatically checked for known hosts. Any new hosts are |
253 | automatically added to the user's file. If a host's identification | 253 | automatically added to the user's file. If a host's identification |
254 | ever changes, | 254 | ever changes, |
@@ -416,7 +416,7 @@ obtains configuration data from the following sources (in this order): | |||
416 | command line options, user's configuration file | 416 | command line options, user's configuration file |
417 | .Pq Pa $HOME/.ssh/config , | 417 | .Pq Pa $HOME/.ssh/config , |
418 | and system-wide configuration file | 418 | and system-wide configuration file |
419 | .Pq Pa /etc/ssh_config . | 419 | .Pq Pa /etc/openssh/ssh_config . |
420 | For each parameter, the first obtained value | 420 | For each parameter, the first obtained value |
421 | will be used. The configuration files contain sections bracketed by | 421 | will be used. The configuration files contain sections bracketed by |
422 | "Host" specifications, and that section is only applied for hosts that | 422 | "Host" specifications, and that section is only applied for hosts that |
@@ -540,7 +540,7 @@ The default is | |||
540 | .Dq no . | 540 | .Dq no . |
541 | .It Cm GlobalKnownHostsFile | 541 | .It Cm GlobalKnownHostsFile |
542 | Specifies a file to use instead of | 542 | Specifies a file to use instead of |
543 | .Pa /etc/ssh_known_hosts . | 543 | .Pa /etc/openssh/ssh_known_hosts . |
544 | .It Cm HostName | 544 | .It Cm HostName |
545 | Specifies the real host name to log into. This can be used to specify | 545 | Specifies the real host name to log into. This can be used to specify |
546 | nicnames or abbreviations for hosts. Default is the name given on the | 546 | nicnames or abbreviations for hosts. Default is the name given on the |
@@ -672,7 +672,7 @@ ssh will never automatically add host keys to the | |||
672 | file, and refuses to connect hosts whose host key has changed. This | 672 | file, and refuses to connect hosts whose host key has changed. This |
673 | provides maximum protection against trojan horse attacks. However, it | 673 | provides maximum protection against trojan horse attacks. However, it |
674 | can be somewhat annoying if you don't have good | 674 | can be somewhat annoying if you don't have good |
675 | .Pa /etc/ssh_known_hosts | 675 | .Pa /etc/openssh/ssh_known_hosts |
676 | files installed and frequently | 676 | files installed and frequently |
677 | connect new hosts. Basically this option forces the user to manually | 677 | connect new hosts. Basically this option forces the user to manually |
678 | add any new hosts. Normally this option is disabled, and new hosts | 678 | add any new hosts. Normally this option is disabled, and new hosts |
@@ -779,7 +779,7 @@ to the environment. | |||
779 | .It Pa $HOME/.ssh/known_hosts | 779 | .It Pa $HOME/.ssh/known_hosts |
780 | Records host keys for all hosts the user has logged into (that are not | 780 | Records host keys for all hosts the user has logged into (that are not |
781 | in | 781 | in |
782 | .Pa /etc/ssh_known_hosts ) . | 782 | .Pa /etc/openssh/ssh_known_hosts ) . |
783 | See | 783 | See |
784 | .Xr sshd 8 . | 784 | .Xr sshd 8 . |
785 | .It Pa $HOME/.ssh/random_seed | 785 | .It Pa $HOME/.ssh/random_seed |
@@ -824,7 +824,7 @@ identity files (that is, each line contains the number of bits in | |||
824 | modulus, public exponent, modulus, and comment fields, separated by | 824 | modulus, public exponent, modulus, and comment fields, separated by |
825 | spaces). This file is not highly sensitive, but the recommended | 825 | spaces). This file is not highly sensitive, but the recommended |
826 | permissions are read/write for the user, and not accessible by others. | 826 | permissions are read/write for the user, and not accessible by others. |
827 | .It Pa /etc/ssh_known_hosts | 827 | .It Pa /etc/openssh/ssh_known_hosts |
828 | Systemwide list of known host keys. This file should be prepared by the | 828 | Systemwide list of known host keys. This file should be prepared by the |
829 | system administrator to contain the public host keys of all machines in the | 829 | system administrator to contain the public host keys of all machines in the |
830 | organization. This file should be world-readable. This file contains | 830 | organization. This file should be world-readable. This file contains |
@@ -843,7 +843,7 @@ to verify the client host when logging in; other names are needed because | |||
843 | does not convert the user-supplied name to a canonical name before | 843 | does not convert the user-supplied name to a canonical name before |
844 | checking the key, because someone with access to the name servers | 844 | checking the key, because someone with access to the name servers |
845 | would then be able to fool host authentication. | 845 | would then be able to fool host authentication. |
846 | .It Pa /etc/ssh_config | 846 | .It Pa /etc/openssh/ssh_config |
847 | Systemwide configuration file. This file provides defaults for those | 847 | Systemwide configuration file. This file provides defaults for those |
848 | values that are not specified in the user's configuration file, and | 848 | values that are not specified in the user's configuration file, and |
849 | for those users who do not have a configuration file. This file must | 849 | for those users who do not have a configuration file. This file must |
@@ -870,7 +870,7 @@ Note that by default | |||
870 | will be installed so that it requires successful RSA host | 870 | will be installed so that it requires successful RSA host |
871 | authentication before permitting \s+2.\s0rhosts authentication. If your | 871 | authentication before permitting \s+2.\s0rhosts authentication. If your |
872 | server machine does not have the client's host key in | 872 | server machine does not have the client's host key in |
873 | .Pa /etc/ssh_known_hosts , | 873 | .Pa /etc/openssh/ssh_known_hosts , |
874 | you can store it in | 874 | you can store it in |
875 | .Pa $HOME/.ssh/known_hosts . | 875 | .Pa $HOME/.ssh/known_hosts . |
876 | The easiest way to do this is to | 876 | The easiest way to do this is to |
@@ -897,13 +897,13 @@ manual page). If the client host is found in this file, login is | |||
897 | automatically permitted provided client and server user names are the | 897 | automatically permitted provided client and server user names are the |
898 | same. Additionally, successful RSA host authentication is normally | 898 | same. Additionally, successful RSA host authentication is normally |
899 | required. This file should only be writable by root. | 899 | required. This file should only be writable by root. |
900 | .It Pa /etc/shosts.equiv | 900 | .It Pa /etc/openssh/shosts.equiv |
901 | This file is processed exactly as | 901 | This file is processed exactly as |
902 | .Pa /etc/hosts.equiv . | 902 | .Pa /etc/hosts.equiv . |
903 | This file may be useful to permit logins using | 903 | This file may be useful to permit logins using |
904 | .Nm | 904 | .Nm |
905 | but not using rsh/rlogin. | 905 | but not using rsh/rlogin. |
906 | .It Pa /etc/sshrc | 906 | .It Pa /etc/openssh/sshrc |
907 | Commands in this file are executed by | 907 | Commands in this file are executed by |
908 | .Nm | 908 | .Nm |
909 | when the user logs in just before the user's shell (or command) is started. | 909 | when the user logs in just before the user's shell (or command) is started. |
diff --git a/openssh.spec b/openssh.spec index 7ce58849f..817c0534e 100644 --- a/openssh.spec +++ b/openssh.spec | |||
@@ -1,6 +1,6 @@ | |||
1 | Summary: OpenSSH free Secure Shell (SSH) implementation | 1 | Summary: OpenSSH free Secure Shell (SSH) implementation |
2 | Name: openssh | 2 | Name: openssh |
3 | Version: 1.2pre3 | 3 | Version: 1.2pre4 |
4 | Release: 1 | 4 | Release: 1 |
5 | Packager: Damien Miller <djm@ibs.com.au> | 5 | Packager: Damien Miller <djm@ibs.com.au> |
6 | Source0: openssh-%{version}-linux.tar.gz | 6 | Source0: openssh-%{version}-linux.tar.gz |
@@ -20,6 +20,9 @@ up to date in terms of security and features, as well as removing all | |||
20 | patented algorithms to seperate libraries (OpenSSL). | 20 | patented algorithms to seperate libraries (OpenSSL). |
21 | 21 | ||
22 | %changelog | 22 | %changelog |
23 | * Thu Oct 28 1999 Damien Miller <djm@ibs.com.au> | ||
24 | - Use autoconf | ||
25 | - New binary names | ||
23 | * Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> | 26 | * Wed Oct 27 1999 Damien Miller <djm@ibs.com.au> |
24 | - Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. | 27 | - Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec. |
25 | 28 | ||
@@ -29,7 +32,8 @@ patented algorithms to seperate libraries (OpenSSL). | |||
29 | 32 | ||
30 | %build | 33 | %build |
31 | 34 | ||
32 | make -f Makefile.GNU OPT_FLAGS="$RPM_OPT_FLAGS" | 35 | ./configure --prefix=/usr --sysconfdir=/etc/openssh |
36 | make OPT_FLAGS="$RPM_OPT_FLAGS" | ||
33 | 37 | ||
34 | %install | 38 | %install |
35 | rm -rf $RPM_BUILD_ROOT | 39 | rm -rf $RPM_BUILD_ROOT |
@@ -37,69 +41,69 @@ mkdir -p $RPM_BUILD_ROOT/usr/bin | |||
37 | mkdir -p $RPM_BUILD_ROOT/usr/sbin | 41 | mkdir -p $RPM_BUILD_ROOT/usr/sbin |
38 | mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d | 42 | mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d |
39 | mkdir -p $RPM_BUILD_ROOT/etc/pam.d | 43 | mkdir -p $RPM_BUILD_ROOT/etc/pam.d |
40 | mkdir -p $RPM_BUILD_ROOT/etc/ssh | 44 | mkdir -p $RPM_BUILD_ROOT/etc/openssh |
41 | mkdir -p $RPM_BUILD_ROOT/usr/man/man1 | 45 | mkdir -p $RPM_BUILD_ROOT/usr/man/man1 |
42 | mkdir -p $RPM_BUILD_ROOT/usr/man/man8 | 46 | mkdir -p $RPM_BUILD_ROOT/usr/man/man8 |
43 | 47 | ||
44 | install -m644 ssh.pam $RPM_BUILD_ROOT/etc/pam.d/ssh | 48 | install -m644 opensshd.pam $RPM_BUILD_ROOT/etc/pam.d/opensshd |
45 | install -m755 sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd | 49 | install -m755 opensshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/opensshd |
46 | install -m600 ssh_config $RPM_BUILD_ROOT/etc/ssh/ssh_config | 50 | install -m600 ssh_config $RPM_BUILD_ROOT/etc/openssh/ssh_config |
47 | install -m600 sshd_config $RPM_BUILD_ROOT/etc/ssh/sshd_config | 51 | install -m600 sshd_config $RPM_BUILD_ROOT/etc/openssh/sshd_config |
48 | 52 | ||
49 | install -s -m755 bin/sshd $RPM_BUILD_ROOT/usr/sbin | 53 | install -s -m755 bin/opensshd $RPM_BUILD_ROOT/usr/sbin |
50 | install -s -m755 bin/ssh $RPM_BUILD_ROOT/usr/bin | 54 | install -s -m755 bin/openssh $RPM_BUILD_ROOT/usr/bin |
51 | install -s -m755 bin/scp $RPM_BUILD_ROOT/usr/bin | 55 | install -s -m755 bin/openscp $RPM_BUILD_ROOT/usr/bin |
52 | install -s -m755 bin/ssh-agent $RPM_BUILD_ROOT/usr/bin | 56 | install -s -m755 bin/openssh-agent $RPM_BUILD_ROOT/usr/bin |
53 | install -s -m755 bin/ssh-add $RPM_BUILD_ROOT/usr/bin | 57 | install -s -m755 bin/openssh-add $RPM_BUILD_ROOT/usr/bin |
54 | install -s -m755 bin/ssh-keygen $RPM_BUILD_ROOT/usr/bin | 58 | install -s -m755 bin/openssh-keygen $RPM_BUILD_ROOT/usr/bin |
55 | 59 | ||
56 | install -m644 sshd.8 $RPM_BUILD_ROOT/usr/man/man8 | 60 | install -m644 opensshd.8 $RPM_BUILD_ROOT/usr/man/man8 |
57 | install -m644 ssh.1 $RPM_BUILD_ROOT/usr/man/man1 | 61 | install -m644 openssh.1 $RPM_BUILD_ROOT/usr/man/man1 |
58 | install -m644 scp.1 $RPM_BUILD_ROOT/usr/man/man1 | 62 | install -m644 openscp.1 $RPM_BUILD_ROOT/usr/man/man1 |
59 | install -m644 ssh-agent.1 $RPM_BUILD_ROOT/usr/man/man1 | 63 | install -m644 openssh-agent.1 $RPM_BUILD_ROOT/usr/man/man1 |
60 | install -m644 ssh-add.1 $RPM_BUILD_ROOT/usr/man/man1 | 64 | install -m644 openssh-add.1 $RPM_BUILD_ROOT/usr/man/man1 |
61 | install -m644 ssh-keygen.1 $RPM_BUILD_ROOT/usr/man/man1 | 65 | install -m644 openssh-keygen.1 $RPM_BUILD_ROOT/usr/man/man1 |
62 | 66 | ||
63 | %clean | 67 | %clean |
64 | rm -rf $RPM_BUILD_ROOT | 68 | rm -rf $RPM_BUILD_ROOT |
65 | 69 | ||
66 | %post | 70 | %post |
67 | /sbin/chkconfig --add sshd | 71 | /sbin/chkconfig --add opensshd |
68 | if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then | 72 | if [ ! -f /etc/openssh/ssh_host_key -o ! -s /etc/openssh/ssh_host_key ]; then |
69 | /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2 | 73 | /usr/bin/openssh-keygen -b 1024 -f /etc/openssh/ssh_host_key -N '' >&2 |
70 | fi | 74 | fi |
71 | if test -r /var/run/sshd.pid | 75 | if test -r /var/run/opensshd.pid |
72 | then | 76 | then |
73 | /etc/rc.d/init.d/sshd restart >&2 | 77 | /etc/rc.d/init.d/opensshd restart >&2 |
74 | fi | 78 | fi |
75 | 79 | ||
76 | %preun | 80 | %preun |
77 | if [ "$1" = 0 ] | 81 | if [ "$1" = 0 ] |
78 | then | 82 | then |
79 | /etc/rc.d/init.d/sshd stop >&2 | 83 | /etc/rc.d/init.d/opensshd stop >&2 |
80 | /sbin/chkconfig --del sshd | 84 | /sbin/chkconfig --del opensshd |
81 | fi | 85 | fi |
82 | 86 | ||
83 | %files | 87 | %files |
84 | %defattr(-,root,root) | 88 | %defattr(-,root,root) |
85 | %doc COPYING.Ylonen ChangeLog ChangeLog.linux OVERVIEW | 89 | %doc COPYING.Ylonen ChangeLog ChangeLog.Ylonen OVERVIEW |
86 | %doc README README.openssh | 90 | %doc README README.openssh |
87 | %attr(0755,root,root) /usr/sbin/sshd | 91 | %attr(0755,root,root) /usr/sbin/opensshd |
88 | %attr(0755,root,root) /usr/bin/ssh | 92 | %attr(0755,root,root) /usr/bin/openssh |
89 | %attr(0755,root,root) /usr/bin/ssh-agent | 93 | %attr(0755,root,root) /usr/bin/openssh-agent |
90 | %attr(0755,root,root) /usr/bin/ssh-keygen | 94 | %attr(0755,root,root) /usr/bin/openssh-keygen |
91 | %attr(0755,root,root) /usr/bin/ssh-add | 95 | %attr(0755,root,root) /usr/bin/openssh-add |
92 | %attr(0755,root,root) /usr/bin/scp | 96 | %attr(0755,root,root) /usr/bin/openscp |
93 | 97 | ||
94 | %attr(0755,root,root) /usr/man/man8/sshd.8 | 98 | %attr(0755,root,root) /usr/man/man8/opensshd.8 |
95 | %attr(0755,root,root) /usr/man/man1/ssh.1 | 99 | %attr(0755,root,root) /usr/man/man1/openssh.1 |
96 | %attr(0755,root,root) /usr/man/man1/ssh-agent.1 | 100 | %attr(0755,root,root) /usr/man/man1/openssh-agent.1 |
97 | %attr(0755,root,root) /usr/man/man1/ssh-keygen.1 | 101 | %attr(0755,root,root) /usr/man/man1/openssh-keygen.1 |
98 | %attr(0755,root,root) /usr/man/man1/ssh-add.1 | 102 | %attr(0755,root,root) /usr/man/man1/openssh-add.1 |
99 | %attr(0755,root,root) /usr/man/man1/scp.1 | 103 | %attr(0755,root,root) /usr/man/man1/openscp.1 |
100 | 104 | ||
101 | %attr(0600,root,root) %config /etc/ssh/sshd_config | 105 | %attr(0600,root,root) %config /etc/openssh/sshd_config |
102 | %attr(0600,root,root) %config /etc/pam.d/ssh | 106 | %attr(0600,root,root) %config /etc/pam.d/opensshd |
103 | %attr(0755,root,root) %config /etc/rc.d/init.d/sshd | 107 | %attr(0755,root,root) %config /etc/rc.d/init.d/opensshd |
104 | %attr(0644,root,root) %config /etc/ssh/ssh_config | 108 | %attr(0644,root,root) %config /etc/openssh/ssh_config |
105 | 109 | ||
@@ -9,7 +9,7 @@ | |||
9 | .\" | 9 | .\" |
10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo | 10 | .\" Created: Sat Apr 22 21:55:14 1995 ylo |
11 | .\" | 11 | .\" |
12 | .\" $Id: sshd.8,v 1.1 1999/10/27 03:42:46 damien Exp $ | 12 | .\" $Id: opensshd.8,v 1.1 1999/10/28 04:03:14 damien Exp $ |
13 | .\" | 13 | .\" |
14 | .Dd September 25, 1999 | 14 | .Dd September 25, 1999 |
15 | .Dt SSHD 8 | 15 | .Dt SSHD 8 |
@@ -118,7 +118,7 @@ not fork and will only process one connection. This option is only | |||
118 | intended for debugging for the server. | 118 | intended for debugging for the server. |
119 | .It Fl f Ar configuration_file | 119 | .It Fl f Ar configuration_file |
120 | Specifies the name of the configuration file. The default is | 120 | Specifies the name of the configuration file. The default is |
121 | .Pa /etc/sshd_config . | 121 | .Pa /etc/openssh/sshd_config . |
122 | .Nm | 122 | .Nm |
123 | refuses to start if there is no configuration file. | 123 | refuses to start if there is no configuration file. |
124 | .It Fl g Ar login_grace_time | 124 | .It Fl g Ar login_grace_time |
@@ -128,7 +128,7 @@ this many seconds, the server disconnects and exits. A value of zero | |||
128 | indicates no limit. | 128 | indicates no limit. |
129 | .It Fl h Ar host_key_file | 129 | .It Fl h Ar host_key_file |
130 | Specifies the file from which the host key is read (default | 130 | Specifies the file from which the host key is read (default |
131 | .Pa /etc/ssh_host_key ) . | 131 | .Pa /etc/openssh/ssh_host_key ) . |
132 | This option must be given if | 132 | This option must be given if |
133 | .Nm | 133 | .Nm |
134 | is not run as root (as the normal | 134 | is not run as root (as the normal |
@@ -165,7 +165,7 @@ Do not print an error message if RSA support is missing. | |||
165 | .Sh CONFIGURATION FILE | 165 | .Sh CONFIGURATION FILE |
166 | .Nm | 166 | .Nm |
167 | reads configuration data from | 167 | reads configuration data from |
168 | .Pa /etc/sshd_config | 168 | .Pa /etc/openssh/sshd_config |
169 | (or the file specified with | 169 | (or the file specified with |
170 | .Fl f | 170 | .Fl f |
171 | on the command line). The file | 171 | on the command line). The file |
@@ -242,7 +242,7 @@ The default is | |||
242 | .Dq no . | 242 | .Dq no . |
243 | .It Cm HostKey | 243 | .It Cm HostKey |
244 | Specifies the file containing the private host key (default | 244 | Specifies the file containing the private host key (default |
245 | .Pa /etc/ssh_host_key ) . | 245 | .Pa /etc/openssh/ssh_host_key ) . |
246 | Note that | 246 | Note that |
247 | .Nm | 247 | .Nm |
248 | does not start if this file is group/world-accessible. | 248 | does not start if this file is group/world-accessible. |
@@ -251,7 +251,7 @@ Specifies that rhosts and shosts files will not be used in | |||
251 | authentication. | 251 | authentication. |
252 | .Pa /etc/hosts.equiv | 252 | .Pa /etc/hosts.equiv |
253 | and | 253 | and |
254 | .Pa /etc/shosts.equiv | 254 | .Pa /etc/openssh/shosts.equiv |
255 | are still used. The default is | 255 | are still used. The default is |
256 | .Dq no . | 256 | .Dq no . |
257 | .It Cm KeepAlive | 257 | .It Cm KeepAlive |
@@ -455,7 +455,7 @@ Changes to user's home directory. | |||
455 | If | 455 | If |
456 | .Pa $HOME/.ssh/rc | 456 | .Pa $HOME/.ssh/rc |
457 | exists, runs it; else if | 457 | exists, runs it; else if |
458 | .Pa /etc/sshrc | 458 | .Pa /etc/openssh/sshrc |
459 | exists, runs | 459 | exists, runs |
460 | it; otherwise runs xauth. The | 460 | it; otherwise runs xauth. The |
461 | .Dq rc | 461 | .Dq rc |
@@ -541,7 +541,7 @@ from="*.niksula.hut.fi,!pc.niksula.hut.fi" 1024 35 23.\|.\|.\|2334 ylo@niksula | |||
541 | command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi | 541 | command="dump /home",no-pty,no-port-forwarding 1024 33 23.\|.\|.\|2323 backup.hut.fi |
542 | .Sh SSH_KNOWN_HOSTS FILE FORMAT | 542 | .Sh SSH_KNOWN_HOSTS FILE FORMAT |
543 | The | 543 | The |
544 | .Pa /etc/ssh_known_hosts | 544 | .Pa /etc/openssh/ssh_known_hosts |
545 | and | 545 | and |
546 | .Pa $HOME/.ssh/known_hosts | 546 | .Pa $HOME/.ssh/known_hosts |
547 | files contain host public keys for all known hosts. The global file should | 547 | files contain host public keys for all known hosts. The global file should |
@@ -564,7 +564,7 @@ pattern on the line. | |||
564 | .Pp | 564 | .Pp |
565 | Bits, exponent, and modulus are taken directly from the host key; they | 565 | Bits, exponent, and modulus are taken directly from the host key; they |
566 | can be obtained, e.g., from | 566 | can be obtained, e.g., from |
567 | .Pa /etc/ssh_host_key.pub . | 567 | .Pa /etc/openssh/ssh_host_key.pub . |
568 | The optional comment field continues to the end of the line, and is not used. | 568 | The optional comment field continues to the end of the line, and is not used. |
569 | .Pp | 569 | .Pp |
570 | Lines starting with | 570 | Lines starting with |
@@ -583,25 +583,25 @@ Note that the lines in these files are typically hundreds of characters | |||
583 | long, and you definitely don't want to type in the host keys by hand. | 583 | long, and you definitely don't want to type in the host keys by hand. |
584 | Rather, generate them by a script | 584 | Rather, generate them by a script |
585 | or by taking | 585 | or by taking |
586 | .Pa /etc/ssh_host_key.pub | 586 | .Pa /etc/openssh/ssh_host_key.pub |
587 | and adding the host names at the front. | 587 | and adding the host names at the front. |
588 | .Ss Examples | 588 | .Ss Examples |
589 | closenet,closenet.hut.fi,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi | 589 | closenet,closenet.hut.fi,.\|.\|.\|,130.233.208.41 1024 37 159.\|.\|.93 closenet.hut.fi |
590 | .Sh FILES | 590 | .Sh FILES |
591 | .Bl -tag -width Ds | 591 | .Bl -tag -width Ds |
592 | .It Pa /etc/sshd_config | 592 | .It Pa /etc/openssh/sshd_config |
593 | Contains configuration data for | 593 | Contains configuration data for |
594 | .Nm sshd . | 594 | .Nm sshd . |
595 | This file should be writable by root only, but it is recommended | 595 | This file should be writable by root only, but it is recommended |
596 | (though not necessary) that it be world-readable. | 596 | (though not necessary) that it be world-readable. |
597 | .It Pa /etc/ssh_host_key | 597 | .It Pa /etc/openssh/ssh_host_key |
598 | Contains the private part of the host key. | 598 | Contains the private part of the host key. |
599 | This file should only be owned by root, readable only by root, and not | 599 | This file should only be owned by root, readable only by root, and not |
600 | accessible to others. | 600 | accessible to others. |
601 | Note that | 601 | Note that |
602 | .Nm | 602 | .Nm |
603 | does not start if this file is group/world-accessible. | 603 | does not start if this file is group/world-accessible. |
604 | .It Pa /etc/ssh_host_key.pub | 604 | .It Pa /etc/openssh/ssh_host_key.pub |
605 | Contains the public part of the host key. | 605 | Contains the public part of the host key. |
606 | This file should be world-readable but writable only by | 606 | This file should be world-readable but writable only by |
607 | root. Its contents should match the private part. This file is not | 607 | root. Its contents should match the private part. This file is not |
@@ -622,17 +622,17 @@ This file must be readable by root (which may on some machines imply | |||
622 | it being world-readable if the user's home directory resides on an NFS | 622 | it being world-readable if the user's home directory resides on an NFS |
623 | volume). It is recommended that it not be accessible by others. The | 623 | volume). It is recommended that it not be accessible by others. The |
624 | format of this file is described above. | 624 | format of this file is described above. |
625 | .It Pa /etc/ssh_known_hosts | 625 | .It Pa /etc/openssh/ssh_known_hosts |
626 | This file is consulted when using rhosts with RSA host | 626 | This file is consulted when using rhosts with RSA host |
627 | authentication to check the public key of the host. The key must be | 627 | authentication to check the public key of the host. The key must be |
628 | listed in this file to be accepted. | 628 | listed in this file to be accepted. |
629 | .It Pa $HOME/.ssh/known_hosts | 629 | .It Pa $HOME/.ssh/known_hosts |
630 | The client uses this file | 630 | The client uses this file |
631 | and | 631 | and |
632 | .Pa /etc/ssh_known_hosts | 632 | .Pa /etc/openssh/ssh_known_hosts |
633 | to verify that the remote host is the one we intended to | 633 | to verify that the remote host is the one we intended to |
634 | connect. These files should be writable only by root/the owner. | 634 | connect. These files should be writable only by root/the owner. |
635 | .Pa /etc/ssh_known_hosts | 635 | .Pa /etc/openssh/ssh_known_hosts |
636 | should be world-readable, and | 636 | should be world-readable, and |
637 | .Pa $HOME/.ssh/known_hosts | 637 | .Pa $HOME/.ssh/known_hosts |
638 | can but need not be world-readable. | 638 | can but need not be world-readable. |
@@ -694,7 +694,7 @@ user root access. The only valid use for user names that I can think | |||
694 | of is in negative entries. | 694 | of is in negative entries. |
695 | .Pp | 695 | .Pp |
696 | Note that this warning also applies to rsh/rlogin. | 696 | Note that this warning also applies to rsh/rlogin. |
697 | .It Pa /etc/shosts.equiv | 697 | .It Pa /etc/openssh/shosts.equiv |
698 | This is processed exactly as | 698 | This is processed exactly as |
699 | .Pa /etc/hosts.equiv . | 699 | .Pa /etc/hosts.equiv . |
700 | However, this file may be useful in environments that want to run both | 700 | However, this file may be useful in environments that want to run both |
@@ -724,13 +724,13 @@ something similar to: "if read proto cookie; then echo add $DISPLAY | |||
724 | $proto $cookie | xauth -q -; fi". | 724 | $proto $cookie | xauth -q -; fi". |
725 | .Pp | 725 | .Pp |
726 | If this file does not exist, | 726 | If this file does not exist, |
727 | .Pa /etc/sshrc | 727 | .Pa /etc/openssh/sshrc |
728 | is run, and if that | 728 | is run, and if that |
729 | does not exist either, xauth is used to store the cookie. | 729 | does not exist either, xauth is used to store the cookie. |
730 | .Pp | 730 | .Pp |
731 | This file should be writable only by the user, and need not be | 731 | This file should be writable only by the user, and need not be |
732 | readable by anyone else. | 732 | readable by anyone else. |
733 | .It Pa /etc/sshrc | 733 | .It Pa /etc/openssh/sshrc |
734 | Like | 734 | Like |
735 | .Pa $HOME/.ssh/rc . | 735 | .Pa $HOME/.ssh/rc . |
736 | This can be used to specify | 736 | This can be used to specify |
diff --git a/sshd.init b/opensshd.init index b36b57aa6..4c9c806d0 100755 --- a/sshd.init +++ b/opensshd.init | |||
@@ -1,16 +1,16 @@ | |||
1 | #!/bin/bash | 1 | #!/bin/bash |
2 | 2 | ||
3 | # Init file for OpenSSH sshd | 3 | # Init file for OpenSSH server daemon |
4 | # | 4 | # |
5 | # chkconfig: 2345 55 25 | 5 | # chkconfig: 2345 55 25 |
6 | # description: OpenSSH server daemon | 6 | # description: OpenSSH server daemon |
7 | # | 7 | # |
8 | # processname: sshd | 8 | # processname: opensshd |
9 | # config: /etc/ssh/ssh_host_key | 9 | # config: /etc/openssh/ssh_host_key |
10 | # config: /etc/ssh/ssh_host_key.pub | 10 | # config: /etc/openssh/ssh_host_key.pub |
11 | # config: /etc/ssh/ssh_random_seed | 11 | # config: /etc/openssh/ssh_random_seed |
12 | # config: /etc/ssh/sshd_config | 12 | # config: /etc/openssh/sshd_config |
13 | # pidfile: /var/run/sshd.pid | 13 | # pidfile: /var/run/opensshd.pid |
14 | 14 | ||
15 | # source function library | 15 | # source function library |
16 | . /etc/rc.d/init.d/functions | 16 | . /etc/rc.d/init.d/functions |
@@ -19,14 +19,14 @@ RETVAL=0 | |||
19 | 19 | ||
20 | case "$1" in | 20 | case "$1" in |
21 | start) | 21 | start) |
22 | echo -n "Starting sshd: " | 22 | echo -n "Starting opensshd: " |
23 | daemon /usr/sbin/sshd | 23 | daemon /usr/sbin/opensshd |
24 | RETVAL=$? | 24 | RETVAL=$? |
25 | [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd | 25 | [ $RETVAL -eq 0 ] && touch /var/lock/subsys/sshd |
26 | echo | 26 | echo |
27 | ;; | 27 | ;; |
28 | stop) | 28 | stop) |
29 | echo -n "Shutting down sshd: " | 29 | echo -n "Shutting down opensshd: " |
30 | killproc sshd | 30 | killproc sshd |
31 | RETVAL=$? | 31 | RETVAL=$? |
32 | [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd | 32 | [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/sshd |
@@ -38,11 +38,11 @@ case "$1" in | |||
38 | RETVAL=$? | 38 | RETVAL=$? |
39 | ;; | 39 | ;; |
40 | status) | 40 | status) |
41 | status sshd | 41 | status opensshd |
42 | RETVAL=$? | 42 | RETVAL=$? |
43 | ;; | 43 | ;; |
44 | *) | 44 | *) |
45 | echo "Usage: sshd {start|stop|restart|status}" | 45 | echo "Usage: opensshd {start|stop|restart|status}" |
46 | exit 1 | 46 | exit 1 |
47 | esac | 47 | esac |
48 | 48 | ||
@@ -18,7 +18,7 @@ agent connections. | |||
18 | */ | 18 | */ |
19 | 19 | ||
20 | #include "includes.h" | 20 | #include "includes.h" |
21 | RCSID("$Id: sshd.c,v 1.3 1999/10/28 03:20:30 damien Exp $"); | 21 | RCSID("$Id: sshd.c,v 1.4 1999/10/28 04:03:14 damien Exp $"); |
22 | 22 | ||
23 | #include "xmalloc.h" | 23 | #include "xmalloc.h" |
24 | #include "rsa.h" | 24 | #include "rsa.h" |
@@ -129,7 +129,7 @@ void do_exec_no_pty(const char *command, struct passwd *pw, | |||
129 | void do_child(const char *command, struct passwd *pw, const char *term, | 129 | void do_child(const char *command, struct passwd *pw, const char *term, |
130 | const char *display, const char *auth_proto, | 130 | const char *display, const char *auth_proto, |
131 | const char *auth_data, const char *ttyname); | 131 | const char *auth_data, const char *ttyname); |
132 | #ifdef HAVE_PAM | 132 | #ifdef HAVE_LIBPAM |
133 | static int pamconv(int num_msg, const struct pam_message **msg, | 133 | static int pamconv(int num_msg, const struct pam_message **msg, |
134 | struct pam_response **resp, void *appdata_ptr); | 134 | struct pam_response **resp, void *appdata_ptr); |
135 | void do_pam_account_and_session(const char *username, const char *password, | 135 | void do_pam_account_and_session(const char *username, const char *password, |
@@ -225,7 +225,7 @@ void do_pam_account_and_session(const char *username, const char *password, cons | |||
225 | eat_packets_and_disconnect(username); | 225 | eat_packets_and_disconnect(username); |
226 | } | 226 | } |
227 | } | 227 | } |
228 | #endif /* HAVE_PAM */ | 228 | #endif /* HAVE_LIBPAM */ |
229 | 229 | ||
230 | /* Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP; | 230 | /* Signal handler for SIGHUP. Sshd execs itself when it receives SIGHUP; |
231 | the effect is to reread the configuration file (and to regenerate | 231 | the effect is to reread the configuration file (and to regenerate |
@@ -809,7 +809,7 @@ main(int ac, char **av) | |||
809 | /* The connection has been terminated. */ | 809 | /* The connection has been terminated. */ |
810 | log("Closing connection to %.100s", inet_ntoa(sin.sin_addr)); | 810 | log("Closing connection to %.100s", inet_ntoa(sin.sin_addr)); |
811 | 811 | ||
812 | #ifdef HAVE_PAM | 812 | #ifdef HAVE_LIBPAM |
813 | { | 813 | { |
814 | int retval; | 814 | int retval; |
815 | 815 | ||
@@ -823,7 +823,7 @@ main(int ac, char **av) | |||
823 | fatal_remove_cleanup(&pam_cleanup_proc, NULL); | 823 | fatal_remove_cleanup(&pam_cleanup_proc, NULL); |
824 | } | 824 | } |
825 | } | 825 | } |
826 | #endif /* HAVE_PAM */ | 826 | #endif /* HAVE_LIBPAM */ |
827 | 827 | ||
828 | packet_close(); | 828 | packet_close(); |
829 | 829 | ||
@@ -1135,17 +1135,17 @@ do_authentication(char *user, int privileged_port) | |||
1135 | pwcopy.pw_shell = xstrdup(pw->pw_shell); | 1135 | pwcopy.pw_shell = xstrdup(pw->pw_shell); |
1136 | pw = &pwcopy; | 1136 | pw = &pwcopy; |
1137 | 1137 | ||
1138 | #ifdef HAVE_PAM | 1138 | #ifdef HAVE_LIBPAM |
1139 | if (PAM_SUCCESS != pam_start("ssh", pw->pw_name, &conv, (pam_handle_t**)&pamh)) | 1139 | if (PAM_SUCCESS != pam_start("opensshd", pw->pw_name, &conv, (pam_handle_t**)&pamh)) |
1140 | { | 1140 | { |
1141 | packet_start(SSH_SMSG_FAILURE); | 1141 | packet_start(SSH_SMSG_FAILURE); |
1142 | packet_send(); | 1142 | packet_send(); |
1143 | packet_write_wait(); | 1143 | packet_write_wait(); |
1144 | packet_disconnect("PAM initialisation failed."); | 1144 | packet_disconnect("PAM initialisation failed."); |
1145 | } | 1145 | } |
1146 | #endif | ||
1147 | 1146 | ||
1148 | fatal_add_cleanup(&pam_cleanup_proc, NULL); | 1147 | fatal_add_cleanup(&pam_cleanup_proc, NULL); |
1148 | #endif | ||
1149 | 1149 | ||
1150 | /* If we are not running as root, the user must have the same uid as the | 1150 | /* If we are not running as root, the user must have the same uid as the |
1151 | server. */ | 1151 | server. */ |
@@ -1289,16 +1289,16 @@ do_authentication(char *user, int privileged_port) | |||
1289 | log("Rhosts authentication accepted for %.100s, remote %.100s on %.700s.", | 1289 | log("Rhosts authentication accepted for %.100s, remote %.100s on %.700s.", |
1290 | user, client_user, get_canonical_hostname()); | 1290 | user, client_user, get_canonical_hostname()); |
1291 | authenticated = 1; | 1291 | authenticated = 1; |
1292 | #ifndef HAVE_PAM | 1292 | #ifndef HAVE_LIBPAM |
1293 | xfree(client_user); | 1293 | xfree(client_user); |
1294 | #endif /* HAVE_PAM */ | 1294 | #endif /* HAVE_LIBPAM */ |
1295 | break; | 1295 | break; |
1296 | } | 1296 | } |
1297 | log("Rhosts authentication failed for %.100s, remote %.100s.", | 1297 | log("Rhosts authentication failed for %.100s, remote %.100s.", |
1298 | user, client_user); | 1298 | user, client_user); |
1299 | #ifndef HAVE_PAM | 1299 | #ifndef HAVE_LIBPAM |
1300 | xfree(client_user); | 1300 | xfree(client_user); |
1301 | #endif /* HAVE_PAM */ | 1301 | #endif /* HAVE_LIBPAM */ |
1302 | break; | 1302 | break; |
1303 | 1303 | ||
1304 | case SSH_CMSG_AUTH_RHOSTS_RSA: | 1304 | case SSH_CMSG_AUTH_RHOSTS_RSA: |
@@ -1341,18 +1341,18 @@ do_authentication(char *user, int privileged_port) | |||
1341 | { | 1341 | { |
1342 | /* Authentication accepted. */ | 1342 | /* Authentication accepted. */ |
1343 | authenticated = 1; | 1343 | authenticated = 1; |
1344 | #ifndef HAVE_PAM | 1344 | #ifndef HAVE_LIBPAM |
1345 | xfree(client_user); | 1345 | xfree(client_user); |
1346 | #endif /* HAVE_PAM */ | 1346 | #endif /* HAVE_LIBPAM */ |
1347 | BN_clear_free(client_host_key_e); | 1347 | BN_clear_free(client_host_key_e); |
1348 | BN_clear_free(client_host_key_n); | 1348 | BN_clear_free(client_host_key_n); |
1349 | break; | 1349 | break; |
1350 | } | 1350 | } |
1351 | log("Rhosts authentication failed for %.100s, remote %.100s.", | 1351 | log("Rhosts authentication failed for %.100s, remote %.100s.", |
1352 | user, client_user); | 1352 | user, client_user); |
1353 | #ifndef HAVE_PAM | 1353 | #ifndef HAVE_LIBPAM |
1354 | xfree(client_user); | 1354 | xfree(client_user); |
1355 | #endif /* HAVE_PAM */ | 1355 | #endif /* HAVE_LIBPAM */ |
1356 | BN_clear_free(client_host_key_e); | 1356 | BN_clear_free(client_host_key_e); |
1357 | BN_clear_free(client_host_key_n); | 1357 | BN_clear_free(client_host_key_n); |
1358 | break; | 1358 | break; |
@@ -1403,7 +1403,7 @@ do_authentication(char *user, int privileged_port) | |||
1403 | packet_integrity_check(plen, 4 + passw_len, type); | 1403 | packet_integrity_check(plen, 4 + passw_len, type); |
1404 | } | 1404 | } |
1405 | 1405 | ||
1406 | #ifdef HAVE_PAM | 1406 | #ifdef HAVE_LIBPAM |
1407 | pampasswd = password; | 1407 | pampasswd = password; |
1408 | 1408 | ||
1409 | if (PAM_SUCCESS == pam_authenticate((pam_handle_t *)pamh, 0)) | 1409 | if (PAM_SUCCESS == pam_authenticate((pam_handle_t *)pamh, 0)) |
@@ -1416,7 +1416,7 @@ do_authentication(char *user, int privileged_port) | |||
1416 | log("PAM Password authentication for %.100s failed.", user); | 1416 | log("PAM Password authentication for %.100s failed.", user); |
1417 | break; | 1417 | break; |
1418 | } | 1418 | } |
1419 | #else /* HAVE_PAM */ | 1419 | #else /* HAVE_LIBPAM */ |
1420 | /* Try authentication with the password. */ | 1420 | /* Try authentication with the password. */ |
1421 | if (auth_password(pw, password)) | 1421 | if (auth_password(pw, password)) |
1422 | { | 1422 | { |
@@ -1432,7 +1432,7 @@ do_authentication(char *user, int privileged_port) | |||
1432 | memset(password, 0, strlen(password)); | 1432 | memset(password, 0, strlen(password)); |
1433 | xfree(password); | 1433 | xfree(password); |
1434 | break; | 1434 | break; |
1435 | #endif /* HAVE_PAM */ | 1435 | #endif /* HAVE_LIBPAM */ |
1436 | 1436 | ||
1437 | case SSH_CMSG_AUTH_TIS: | 1437 | case SSH_CMSG_AUTH_TIS: |
1438 | /* TIS Authentication is unsupported */ | 1438 | /* TIS Authentication is unsupported */ |
@@ -1470,7 +1470,7 @@ do_authentication(char *user, int privileged_port) | |||
1470 | get_canonical_hostname()); | 1470 | get_canonical_hostname()); |
1471 | } | 1471 | } |
1472 | 1472 | ||
1473 | #ifdef HAVE_PAM | 1473 | #ifdef HAVE_LIBPAM |
1474 | do_pam_account_and_session(pw->pw_name, password, client_user, get_canonical_hostname()); | 1474 | do_pam_account_and_session(pw->pw_name, password, client_user, get_canonical_hostname()); |
1475 | 1475 | ||
1476 | /* Clean up */ | 1476 | /* Clean up */ |
@@ -1482,7 +1482,7 @@ do_authentication(char *user, int privileged_port) | |||
1482 | memset(password, 0, strlen(password)); | 1482 | memset(password, 0, strlen(password)); |
1483 | xfree(password); | 1483 | xfree(password); |
1484 | } | 1484 | } |
1485 | #endif /* HAVE_PAM */ | 1485 | #endif /* HAVE_LIBPAM */ |
1486 | 1486 | ||
1487 | /* The user has been authenticated and accepted. */ | 1487 | /* The user has been authenticated and accepted. */ |
1488 | packet_start(SSH_SMSG_SUCCESS); | 1488 | packet_start(SSH_SMSG_SUCCESS); |
diff --git a/sshd_config b/sshd_config index 97f6f8e1c..63a559901 100644 --- a/sshd_config +++ b/sshd_config | |||
@@ -2,7 +2,7 @@ | |||
2 | 2 | ||
3 | Port 22 | 3 | Port 22 |
4 | ListenAddress 0.0.0.0 | 4 | ListenAddress 0.0.0.0 |
5 | HostKey /etc/ssh/ssh_host_key | 5 | HostKey /etc/openssh/ssh_host_key |
6 | ServerKeyBits 768 | 6 | ServerKeyBits 768 |
7 | LoginGraceTime 600 | 7 | LoginGraceTime 600 |
8 | KeyRegenerationInterval 3600 | 8 | KeyRegenerationInterval 3600 |
@@ -20,7 +20,7 @@ KeepAlive yes | |||
20 | SyslogFacility AUTH | 20 | SyslogFacility AUTH |
21 | RhostsAuthentication no | 21 | RhostsAuthentication no |
22 | # | 22 | # |
23 | # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts | 23 | # For this to work you will also need host keys in /etc/openssh/ssh_known_hosts |
24 | RhostsRSAAuthentication no | 24 | RhostsRSAAuthentication no |
25 | # | 25 | # |
26 | RSAAuthentication yes | 26 | RSAAuthentication yes |