diff options
-rw-r--r-- | ChangeLog | 1 | ||||
-rw-r--r-- | INSTALL | 15 | ||||
-rw-r--r-- | README | 25 |
3 files changed, 16 insertions, 25 deletions
@@ -22,6 +22,7 @@ | |||
22 | [version.h] | 22 | [version.h] |
23 | - OpenSSH-2.1 | 23 | - OpenSSH-2.1 |
24 | - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a | 24 | - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a |
25 | - Doc updates | ||
25 | 26 | ||
26 | 20000508 | 27 | 20000508 |
27 | - Makefile and RPM spec fixes | 28 | - Makefile and RPM spec fixes |
@@ -29,12 +29,8 @@ passphrase requester. This is maintained separately at: | |||
29 | 29 | ||
30 | http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/index.html | 30 | http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/index.html |
31 | 31 | ||
32 | If you are planning to use OpenSSH on a Unix which lacks a Kernel random | 32 | The Entropy Gathering Daemon (EGD) is supported if you have a system which |
33 | number generator (/dev/urandom), you may want to install the Entropy | 33 | lacks /dev/random and don't want to use OpenSSH's internal entropy collection. |
34 | Gathering Daemon (or similar). You will also need to specify the | ||
35 | --with-egd-pool option to ./configure. OpenSSH 2.0 includes some | ||
36 | peliminary built-in randomness collection, but it is not as well | ||
37 | tested as EGD. | ||
38 | 34 | ||
39 | EGD: | 35 | EGD: |
40 | http://www.lothar.com/tech/crypto/ | 36 | http://www.lothar.com/tech/crypto/ |
@@ -98,10 +94,9 @@ random numbers (the default is /dev/urandom). Unless you are absolutly | |||
98 | sure of what you are doing, it is best to leave this alone. | 94 | sure of what you are doing, it is best to leave this alone. |
99 | 95 | ||
100 | --with-egd-pool=/some/file allows you to enable Entropy Gathering | 96 | --with-egd-pool=/some/file allows you to enable Entropy Gathering |
101 | Daemon support and to specify a EGD pool socket. You may want to | 97 | Daemon support and to specify a EGD pool socket. Use this if your |
102 | use this if your Unix does not support the /dev/urandom device (or | 98 | Unix lacks /dev/random and you don't want to use OpenSSH's builtin |
103 | similar). The file argument refers to the EGD pool file, not the | 99 | entropy collection support. |
104 | EGD program itself. Please refer to the EGD documentation. | ||
105 | 100 | ||
106 | --with-lastlog=FILE will specify the location of the lastlog file. | 101 | --with-lastlog=FILE will specify the location of the lastlog file. |
107 | ./configure searches a few locations for lastlog, but may not find | 102 | ./configure searches a few locations for lastlog, but may not find |
@@ -3,11 +3,11 @@ | |||
3 | [ Thanks to HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> | 3 | [ Thanks to HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
4 | 4 | ||
5 | ******* IMPORTANT | 5 | ******* IMPORTANT |
6 | * On systmes which lack a /dev/random driver, this port of | 6 | * On systmes which lack a /dev/random driver, version of this port |
7 | * OpenSSH-1.2.2 was not correctly seeding OpenSSL's random number | 7 | * prior to 1.2.2 were not correctly seeding OpenSSL's random number |
8 | * pool. This resulted in lower quality RSA keys being generated. If | 8 | * pool. This resulted in lower quality RSA keys being generated. If |
9 | * you generated host or user keys with v1.2.2, please generate new | 9 | * you generated host or user keys with v1.2.2 or previous versions, |
10 | * ones using a more recent version. | 10 | * please generate new ones using a more recent version. |
11 | 11 | ||
12 | This is the port of OpenBSD's excellent OpenSSH to Linux and other | 12 | This is the port of OpenBSD's excellent OpenSSH to Linux and other |
13 | Unices. | 13 | Unices. |
@@ -21,20 +21,17 @@ Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a | |||
21 | homepage at http://www.openssh.com/ | 21 | homepage at http://www.openssh.com/ |
22 | 22 | ||
23 | This port consists of the re-introduction of autoconf support, PAM | 23 | This port consists of the re-introduction of autoconf support, PAM |
24 | support (for Linux and Solaris), EGD[1] support, SOCKS support (using | 24 | support (for Linux and Solaris), EGD[1] support and replacements for |
25 | the Dante [6] libraries and replacements for OpenBSD library functions | 25 | OpenBSD library functions that are (regrettably) absent from other |
26 | that are (regrettably) absent from other unices. This port has been | 26 | unices. This port has been best tested on Linux, Solaris, HPUX, NetBSD |
27 | best tested on Linux, Solaris, HPUX, NetBSD and Irix. Support for AIX, | 27 | and Irix. Support for AIX, SCO, NeXT and other Unices is underway. |
28 | SCO, NeXT and other Unices is underway. This version actively tracks | 28 | This version actively tracks changes in the OpenBSD CVS repository. |
29 | changes in the OpenBSD CVS repository. | ||
30 | 29 | ||
31 | The PAM support is now more functional than the popular packages of | 30 | The PAM support is now more functional than the popular packages of |
32 | commercial ssh-1.2.x. It checks "account" and "session" modules for | 31 | commercial ssh-1.2.x. It checks "account" and "session" modules for |
33 | all logins, not just when using password authentication. | 32 | all logins, not just when using password authentication. |
34 | 33 | ||
35 | OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4] and | 34 | OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4]. |
36 | Dante[6]. To build the GNOME[5] pass-phrase requester | ||
37 | (--with-gnome-askpass), you will need the GNOME libraries installed. | ||
38 | 35 | ||
39 | There is now several mailing lists for this port of OpenSSH. Please | 36 | There is now several mailing lists for this port of OpenSSH. Please |
40 | refer to http://violet.ibs.com.au/openssh/list.html for details on how | 37 | refer to http://violet.ibs.com.au/openssh/list.html for details on how |
@@ -63,6 +60,4 @@ References - | |||
63 | [2] http://www.cdrom.com/pub/infozip/zlib/ | 60 | [2] http://www.cdrom.com/pub/infozip/zlib/ |
64 | [3] http://www.openssl.org/ | 61 | [3] http://www.openssl.org/ |
65 | [4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris) | 62 | [4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris) |
66 | [5] http://www.gnome.org/ | ||
67 | [6] http://www.inet.no/dante | ||
68 | 63 | ||