summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--debian/README.Debian3
-rw-r--r--debian/changelog17
-rw-r--r--debian/control9
-rw-r--r--debian/copyright.head2
-rwxr-xr-xdebian/rules9
-rw-r--r--ssh-keysign.c2
-rw-r--r--ssh_config.56
7 files changed, 31 insertions, 17 deletions
diff --git a/debian/README.Debian b/debian/README.Debian
index fd969d7c9..614dd08f6 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -114,6 +114,9 @@ root, before enabling X11. I strongly recommend that you do this on a
114machine-by-machine basis, rather than just enabling it in the default 114machine-by-machine basis, rather than just enabling it in the default
115host settings. 115host settings.
116 116
117In order for X11 forwarding to work, you need to install xauth on the
118server. In Debian this is in the xbase-clients package.
119
117Authorization Forwarding: 120Authorization Forwarding:
118------------------------- 121-------------------------
119Similarly, root on a remote server could make use of your ssh-agent 122Similarly, root on a remote server could make use of your ssh-agent
diff --git a/debian/changelog b/debian/changelog
index 71a950772..e5651eb28 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,20 @@
1openssh (1:3.4p1-4) unstable; urgency=low
2
3 * Allow ssh-krb5 in ssh-askpass-gnome's dependencies (closes: #129532).
4 * Restore Russia to list of countries where encryption is problematic (see
5 #148951 and http://www.average.org/freecrypto/).
6 * Drop ssh-askpass-gnome's priority to optional, per the override file.
7 * Drop the PAM special case for hurd-i386 (closes: #99157).
8 * s/dile/idle/ in ssh_config(5) (closes: #118331).
9 * Note in README.Debian that you need xauth from xbase-clients on the
10 server for X11 forwarding (closes: #140269).
11 * Use correct path to upstream README in copyright file (closes: #146037).
12 * Document the units for ProtocolKeepAlives (closes: #159479).
13 * Backport upstream patch to fix hostbased auth (closes: #117114).
14 * Add -g to CFLAGS.
15
16 -- Colin Watson <cjwatson@debian.org> Sun, 13 Oct 2002 18:58:53 +0100
17
1openssh (1:3.4p1-3) unstable; urgency=low 18openssh (1:3.4p1-3) unstable; urgency=low
2 19
3 * Add myself to Uploaders: and begin acting as temporary maintainer, at 20 * Add myself to Uploaders: and begin acting as temporary maintainer, at
diff --git a/debian/control b/debian/control
index acda7997a..2fe062623 100644
--- a/debian/control
+++ b/debian/control
@@ -8,7 +8,7 @@ Uploaders: Colin Watson <cjwatson@debian.org>
8 8
9Package: ssh 9Package: ssh
10Architecture: any 10Architecture: any
11Depends: ${shlibs:Depends}, ${pam-depend}, debconf, adduser 11Depends: ${shlibs:Depends}, libpam-modules (>= 0.72-9), debconf, adduser
12Conflicts: ssh-nonfree (<<2), ssh-socks, ssh2, debconf (<<0.2.17), debconf-tiny (<<0.2.17), sftp, rsh-client (<<0.16.1-1) 12Conflicts: ssh-nonfree (<<2), ssh-socks, ssh2, debconf (<<0.2.17), debconf-tiny (<<0.2.17), sftp, rsh-client (<<0.16.1-1)
13Suggests: ssh-askpass, xbase-clients, dpkg (>=1.8.3.1), dnsutils 13Suggests: ssh-askpass, xbase-clients, dpkg (>=1.8.3.1), dnsutils
14Provides: rsh-client 14Provides: rsh-client
@@ -27,13 +27,14 @@ Description: Secure rlogin/rsh/rcp replacement (OpenSSH)
27 . 27 .
28 -------------------------------------------------------------------- 28 --------------------------------------------------------------------
29 . 29 .
30 In some countries, particularly Iraq, and Pakistan, it may be illegal 30 In some countries, particularly Russia, Iraq, and Pakistan, it may
31 to use any encryption at all without a special permit. 31 be illegal to use any encryption at all without a special permit.
32 32
33Package: ssh-askpass-gnome 33Package: ssh-askpass-gnome
34Section: x11 34Section: x11
35Priority: optional
35Architecture: any 36Architecture: any
36Depends: ${shlibs:Depends}, ssh (>=1:1.2pre7-4) 37Depends: ${shlibs:Depends}, ssh (>=1:1.2pre7-4) | ssh-krb5
37Provides: ssh-askpass 38Provides: ssh-askpass
38Description: under X, asks user for a passphrase for ssh-add 39Description: under X, asks user for a passphrase for ssh-add
39 This has been split out of the main ssh package, so that the ssh will 40 This has been split out of the main ssh package, so that the ssh will
diff --git a/debian/copyright.head b/debian/copyright.head
index cd4d45b24..1e1282f98 100644
--- a/debian/copyright.head
+++ b/debian/copyright.head
@@ -17,7 +17,7 @@ branch that is being maintained by the OpenBSD team (starting from
17the last version of SSH that was distributed under a free license), 17the last version of SSH that was distributed under a free license),
18and porting work by Damien Miller <damien@ibs.com.au> to get it 18and porting work by Damien Miller <damien@ibs.com.au> to get it
19working on Linux. Other people also contributed to this, and are 19working on Linux. Other people also contributed to this, and are
20credited in README.openssh. 20credited in /usr/share/doc/ssh/README.
21 21
22Copyright: 22Copyright:
23 23
diff --git a/debian/rules b/debian/rules
index 365872d3d..7615c8708 100755
--- a/debian/rules
+++ b/debian/rules
@@ -11,8 +11,6 @@ export DH_OPTIONS
11 11
12#PKG_VER = $(shell perl -e 'print <> =~ /\((.*)\)/' debian/changelog) 12#PKG_VER = $(shell perl -e 'print <> =~ /\((.*)\)/' debian/changelog)
13 13
14DEB_HOST_ARCH = $(shell dpkg-architecture -qDEB_HOST_ARCH)
15
16build: build-stamp 14build: build-stamp
17build-stamp: 15build-stamp:
18 dh_testdir 16 dh_testdir
@@ -23,7 +21,7 @@ build-stamp:
23 fi 21 fi
24 ./configure --prefix=/usr --sysconfdir=/etc/ssh --libexecdir=/usr/lib --mandir=/usr/share/man --with-tcp-wrappers --with-xauth=/usr/bin/X11/xauth --with-default-path=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin --with-pam --with-4in6 --with-ipv4-default \ 22 ./configure --prefix=/usr --sysconfdir=/etc/ssh --libexecdir=/usr/lib --mandir=/usr/share/man --with-tcp-wrappers --with-xauth=/usr/bin/X11/xauth --with-default-path=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin --with-pam --with-4in6 --with-ipv4-default \
25 --with-privsep-path=/var/run/sshd --without-rand-helper 23 --with-privsep-path=/var/run/sshd --without-rand-helper
26 $(MAKE) -j 2 ASKPASS_PROGRAM='/usr/bin/ssh-askpass' CFLAGS='-O2 -Wall -DLOGIN_PROGRAM=\"/bin/login\" -DSSHD_PAM_SERVICE=\"ssh\" -D__FILE_OFFSET_BITS=64 -DHAVE_MMAP_ANON_SHARED' \ 24 $(MAKE) -j 2 ASKPASS_PROGRAM='/usr/bin/ssh-askpass' CFLAGS='-O2 -g -Wall -DLOGIN_PROGRAM=\"/bin/login\" -DSSHD_PAM_SERVICE=\"ssh\" -D__FILE_OFFSET_BITS=64 -DHAVE_MMAP_ANON_SHARED' \
27 SSH_KEYSIGN='/usr/lib/ssh-keysign' 25 SSH_KEYSIGN='/usr/lib/ssh-keysign'
28 gcc -O2 `gnome-config --cflags gnome gnomeui` \ 26 gcc -O2 `gnome-config --cflags gnome gnomeui` \
29 contrib/gnome-ssh-askpass.c -o contrib/gnome-ssh-askpass \ 27 contrib/gnome-ssh-askpass.c -o contrib/gnome-ssh-askpass \
@@ -93,11 +91,6 @@ binary-arch: build install
93 test ! -e debian/tmp/etc/ssh/ssh_prng_cmds \ 91 test ! -e debian/tmp/etc/ssh/ssh_prng_cmds \
94 || echo "/etc/ssh/ssh_prng_cmds" >> debian/tmp/DEBIAN/conffiles 92 || echo "/etc/ssh/ssh_prng_cmds" >> debian/tmp/DEBIAN/conffiles
95 dh_shlibdeps 93 dh_shlibdeps
96ifeq ($(DEB_HOST_ARCH),hurd-i386)
97 echo "pam-depend=" >> debian/substvars
98else
99 echo "pam-depend=libpam-modules (>= 0.72-9), " >> debian/substvars
100endif
101 dh_gencontrol 94 dh_gencontrol
102 dh_md5sums 95 dh_md5sums
103 dh_builddeb 96 dh_builddeb
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 7f1d25d8c..fffa7bbdc 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -192,7 +192,6 @@ main(int argc, char **argv)
192 data = buffer_get_string(&b, &dlen); 192 data = buffer_get_string(&b, &dlen);
193 if (valid_request(pw, host, &key, data, dlen) < 0) 193 if (valid_request(pw, host, &key, data, dlen) < 0)
194 fatal("not a valid request"); 194 fatal("not a valid request");
195 xfree(data);
196 xfree(host); 195 xfree(host);
197 196
198 found = 0; 197 found = 0;
@@ -208,6 +207,7 @@ main(int argc, char **argv)
208 207
209 if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) 208 if (key_sign(keys[i], &signature, &slen, data, dlen) != 0)
210 fatal("key_sign failed"); 209 fatal("key_sign failed");
210 xfree(data);
211 211
212 /* send reply */ 212 /* send reply */
213 buffer_clear(&b); 213 buffer_clear(&b);
diff --git a/ssh_config.5 b/ssh_config.5
index 801a7e88a..6d94220b0 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -448,8 +448,8 @@ This means that
448tries version 2 and falls back to version 1 448tries version 2 and falls back to version 1
449if version 2 is not available. 449if version 2 is not available.
450.It Cm ProtocolKeepAlives 450.It Cm ProtocolKeepAlives
451Specifies the interval at which IGNORE packets will be sent to 451Specifies the interval in seconds at which IGNORE packets will be sent to
452the server during dile periods. Use this option in scripts to detect 452the server during idle periods. Use this option in scripts to detect
453when the network fails. The argument must be an integer. The default 453when the network fails. The argument must be an integer. The default
454is 0 (disabled), or 300 if the 454is 0 (disabled), or 300 if the
455.Cm BatchMode 455.Cm BatchMode
@@ -540,7 +540,7 @@ Note that this option applies to protocol version 1 only.
540.It Cm SetupTimeOut 540.It Cm SetupTimeOut
541Normally, 541Normally,
542.Nm ssh 542.Nm ssh
543blocks indefinitly whilst waiting to receive the ssh banner and other 543blocks indefinitely whilst waiting to receive the ssh banner and other
544setup protocol from the server, during the session setup. This can cause 544setup protocol from the server, during the session setup. This can cause
545.Nm ssh 545.Nm ssh
546to hang under certain circumstances. If this option is set, 546to hang under certain circumstances. If this option is set,
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 01:26:41 +0000