summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--contrib/caldera/openssh.spec365
-rwxr-xr-xcontrib/caldera/ssh-host-keygen36
-rwxr-xr-xcontrib/caldera/sshd.init125
-rw-r--r--contrib/caldera/sshd.pam8
4 files changed, 0 insertions, 534 deletions
diff --git a/contrib/caldera/openssh.spec b/contrib/caldera/openssh.spec
deleted file mode 100644
index 0011b4dea..000000000
--- a/contrib/caldera/openssh.spec
+++ /dev/null
@@ -1,365 +0,0 @@
1
2# Some of this will need re-evaluation post-LSB. The SVIdir is there
3# because the link appeared broken. The rest is for easy compilation,
4# the tradeoff open to discussion. (LC957)
5
6%define SVIdir /etc/rc.d/init.d
7%{!?_defaultdocdir:%define _defaultdocdir %{_prefix}/share/doc/packages}
8%{!?SVIcdir:%define SVIcdir /etc/sysconfig/daemons}
9
10%define _mandir %{_prefix}/share/man/en
11%define _sysconfdir /etc/ssh
12%define _libexecdir %{_libdir}/ssh
13
14# Do we want to disable root_login? (1=yes 0=no)
15%define no_root_login 0
16
17#old cvs stuff. please update before use. may be deprecated.
18%define use_stable 1
19%define version 6.7p1
20%if %{use_stable}
21 %define cvs %{nil}
22 %define release 1
23%else
24 %define cvs cvs20050315
25 %define release 0r1
26%endif
27%define xsa x11-ssh-askpass
28%define askpass %{xsa}-1.2.4.1
29
30# OpenSSH privilege separation requires a user & group ID
31%define sshd_uid 67
32%define sshd_gid 67
33
34Name : openssh
35Version : %{version}%{cvs}
36Release : %{release}
37Group : System/Network
38
39Summary : OpenSSH free Secure Shell (SSH) implementation.
40Summary(de) : OpenSSH - freie Implementation der Secure Shell (SSH).
41Summary(es) : OpenSSH implementación libre de Secure Shell (SSH).
42Summary(fr) : Implémentation libre du shell sécurisé OpenSSH (SSH).
43Summary(it) : Implementazione gratuita OpenSSH della Secure Shell.
44Summary(pt) : Implementação livre OpenSSH do protocolo 'Secure Shell' (SSH).
45Summary(pt_BR) : Implementação livre OpenSSH do protocolo Secure Shell (SSH).
46
47Copyright : BSD
48Packager : Raymund Will <ray@caldera.de>
49URL : http://www.openssh.com/
50
51Obsoletes : ssh, ssh-clients, openssh-clients
52
53BuildRoot : /tmp/%{name}-%{version}
54BuildRequires : XFree86-imake
55
56# %{use_stable}==1: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable
57# %{use_stable}==0: :pserver:cvs@bass.directhit.com:/cvs/openssh_cvs
58Source0: see-above:/.../openssh-%{version}.tar.gz
59%if %{use_stable}
60Source1: see-above:/.../openssh-%{version}.tar.gz.asc
61%endif
62Source2: http://www.jmknoble.net/software/%{xsa}/%{askpass}.tar.gz
63Source3: http://www.openssh.com/faq.html
64
65%Package server
66Group : System/Network
67Requires : openssh = %{version}
68Obsoletes : ssh-server
69
70Summary : OpenSSH Secure Shell protocol server (sshd).
71Summary(de) : OpenSSH Secure Shell Protocol-Server (sshd).
72Summary(es) : Servidor del protocolo OpenSSH Secure Shell (sshd).
73Summary(fr) : Serveur de protocole du shell sécurisé OpenSSH (sshd).
74Summary(it) : Server OpenSSH per il protocollo Secure Shell (sshd).
75Summary(pt) : Servidor do protocolo 'Secure Shell' OpenSSH (sshd).
76Summary(pt_BR) : Servidor do protocolo Secure Shell OpenSSH (sshd).
77
78
79%Package askpass
80Group : System/Network
81Requires : openssh = %{version}
82URL : http://www.jmknoble.net/software/x11-ssh-askpass/
83Obsoletes : ssh-extras
84
85Summary : OpenSSH X11 pass-phrase dialog.
86Summary(de) : OpenSSH X11 Passwort-Dialog.
87Summary(es) : Aplicación de petición de frase clave OpenSSH X11.
88Summary(fr) : Dialogue pass-phrase X11 d'OpenSSH.
89Summary(it) : Finestra di dialogo X11 per la frase segreta di OpenSSH.
90Summary(pt) : Diálogo de pedido de senha para X11 do OpenSSH.
91Summary(pt_BR) : Diálogo de pedido de senha para X11 do OpenSSH.
92
93
94%Description
95OpenSSH (Secure Shell) provides access to a remote system. It replaces
96telnet, rlogin, rexec, and rsh, and provides secure encrypted
97communications between two untrusted hosts over an insecure network.
98X11 connections and arbitrary TCP/IP ports can also be forwarded over
99the secure channel.
100
101%Description -l de
102OpenSSH (Secure Shell) stellt den Zugang zu anderen Rechnern her. Es ersetzt
103telnet, rlogin, rexec und rsh und stellt eine sichere, verschlüsselte
104Verbindung zwischen zwei nicht vertrauenswürdigen Hosts über eine unsicheres
105Netzwerk her. X11 Verbindungen und beliebige andere TCP/IP Ports können ebenso
106über den sicheren Channel weitergeleitet werden.
107
108%Description -l es
109OpenSSH (Secure Shell) proporciona acceso a sistemas remotos. Reemplaza a
110telnet, rlogin, rexec, y rsh, y proporciona comunicaciones seguras encriptadas
111entre dos equipos entre los que no se ha establecido confianza a través de una
112red insegura. Las conexiones X11 y puertos TCP/IP arbitrarios también pueden
113ser canalizadas sobre el canal seguro.
114
115%Description -l fr
116OpenSSH (Secure Shell) fournit un accès à un système distant. Il remplace
117telnet, rlogin, rexec et rsh, tout en assurant des communications cryptées
118securisées entre deux hôtes non fiabilisés sur un réseau non sécurisé. Des
119connexions X11 et des ports TCP/IP arbitraires peuvent également être
120transmis sur le canal sécurisé.
121
122%Description -l it
123OpenSSH (Secure Shell) fornisce l'accesso ad un sistema remoto.
124Sostituisce telnet, rlogin, rexec, e rsh, e fornisce comunicazioni sicure
125e crittate tra due host non fidati su una rete non sicura. Le connessioni
126X11 ad una porta TCP/IP arbitraria possono essere inoltrate attraverso
127un canale sicuro.
128
129%Description -l pt
130OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
131telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e cifradas
132entre duas máquinas sem confiança mútua sobre uma rede insegura.
133Ligações X11 e portos TCP/IP arbitrários também poder ser reenviados
134pelo canal seguro.
135
136%Description -l pt_BR
137O OpenSSH (Secure Shell) fornece acesso a um sistema remoto. Substitui o
138telnet, rlogin, rexec, e o rsh e fornece comunicações seguras e criptografadas
139entre duas máquinas sem confiança mútua sobre uma rede insegura.
140Ligações X11 e portas TCP/IP arbitrárias também podem ser reenviadas
141pelo canal seguro.
142
143%Description server
144This package installs the sshd, the server portion of OpenSSH.
145
146%Description -l de server
147Dieses Paket installiert den sshd, den Server-Teil der OpenSSH.
148
149%Description -l es server
150Este paquete instala sshd, la parte servidor de OpenSSH.
151
152%Description -l fr server
153Ce paquetage installe le 'sshd', partie serveur de OpenSSH.
154
155%Description -l it server
156Questo pacchetto installa sshd, il server di OpenSSH.
157
158%Description -l pt server
159Este pacote intala o sshd, o servidor do OpenSSH.
160
161%Description -l pt_BR server
162Este pacote intala o sshd, o servidor do OpenSSH.
163
164%Description askpass
165This package contains an X11-based pass-phrase dialog used per
166default by ssh-add(1). It is based on %{askpass}
167by Jim Knoble <jmknoble@pobox.com>.
168
169
170%Prep
171%setup %([ -z "%{cvs}" ] || echo "-n %{name}_cvs") -a2
172%if ! %{use_stable}
173 autoreconf
174%endif
175
176
177%Build
178CFLAGS="$RPM_OPT_FLAGS" \
179%configure \
180 --with-pam \
181 --with-privsep-path=%{_var}/empty/sshd \
182 #leave this line for easy edits.
183
184%__make
185
186cd %{askpass}
187%configure \
188 #leave this line for easy edits.
189
190xmkmf
191%__make includes
192%__make
193
194
195%Install
196[ %{buildroot} != "/" ] && rm -rf %{buildroot}
197
198make install DESTDIR=%{buildroot}
199%makeinstall -C %{askpass} \
200 BINDIR=%{_libexecdir} \
201 MANPATH=%{_mandir} \
202 DESTDIR=%{buildroot}
203
204# OpenLinux specific configuration
205mkdir -p %{buildroot}{/etc/pam.d,%{SVIcdir},%{SVIdir}}
206mkdir -p %{buildroot}%{_var}/empty/sshd
207
208# enabling X11 forwarding on the server is convenient and okay,
209# on the client side it's a potential security risk!
210%__perl -pi -e 's:#X11Forwarding no:X11Forwarding yes:g' \
211 %{buildroot}%{_sysconfdir}/sshd_config
212
213%if %{no_root_login}
214%__perl -pi -e 's:#PermitRootLogin yes:PermitRootLogin no:g' \
215 %{buildroot}%{_sysconfdir}/sshd_config
216%endif
217
218install -m644 contrib/caldera/sshd.pam %{buildroot}/etc/pam.d/sshd
219# FIXME: disabled, find out why this doesn't work with nis
220%__perl -pi -e 's:(.*pam_limits.*):#$1:' \
221 %{buildroot}/etc/pam.d/sshd
222
223install -m 0755 contrib/caldera/sshd.init %{buildroot}%{SVIdir}/sshd
224
225# the last one is needless, but more future-proof
226find %{buildroot}%{SVIdir} -type f -exec \
227 %__perl -pi -e 's:\@SVIdir\@:%{SVIdir}:g;\
228 s:\@sysconfdir\@:%{_sysconfdir}:g; \
229 s:/usr/sbin:%{_sbindir}:g'\
230 \{\} \;
231
232cat <<-EoD > %{buildroot}%{SVIcdir}/sshd
233 IDENT=sshd
234 DESCRIPTIVE="OpenSSH secure shell daemon"
235 # This service will be marked as 'skipped' on boot if there
236 # is no host key. Use ssh-host-keygen to generate one
237 ONBOOT="yes"
238 OPTIONS=""
239EoD
240
241SKG=%{buildroot}%{_sbindir}/ssh-host-keygen
242install -m 0755 contrib/caldera/ssh-host-keygen $SKG
243# Fix up some path names in the keygen toy^Hol
244 %__perl -pi -e 's:\@sysconfdir\@:%{_sysconfdir}:g; \
245 s:\@sshkeygen\@:%{_bindir}/ssh-keygen:g' \
246 %{buildroot}%{_sbindir}/ssh-host-keygen
247
248# This looks terrible. Expect it to change.
249# install remaining docs
250DocD="%{buildroot}%{_defaultdocdir}/%{name}-%{version}"
251mkdir -p $DocD/%{askpass}
252cp -a CREDITS ChangeLog LICENCE OVERVIEW README* TODO PROTOCOL* $DocD
253install -p -m 0444 %{SOURCE3} $DocD/faq.html
254cp -a %{askpass}/{README,ChangeLog,TODO,SshAskpass*.ad} $DocD/%{askpass}
255%if %{use_stable}
256 cp -p %{askpass}/%{xsa}.man $DocD/%{askpass}/%{xsa}.1
257%else
258 cp -p %{askpass}/%{xsa}.man %{buildroot}%{_mandir}man1/%{xsa}.1
259 ln -s %{xsa}.1 %{buildroot}%{_mandir}man1/ssh-askpass.1
260%endif
261
262find %{buildroot}%{_mandir} -type f -not -name '*.gz' -print0 | xargs -0r %__gzip -9nf
263rm %{buildroot}%{_mandir}/man1/slogin.1 && \
264 ln -s %{_mandir}/man1/ssh.1.gz \
265 %{buildroot}%{_mandir}/man1/slogin.1.gz
266
267
268%Clean
269#%{rmDESTDIR}
270[ %{buildroot} != "/" ] && rm -rf %{buildroot}
271
272%Post
273# Generate host key when none is present to get up and running,
274# both client and server require this for host-based auth!
275# ssh-host-keygen checks for existing keys.
276/usr/sbin/ssh-host-keygen
277: # to protect the rpm database
278
279%pre server
280%{_sbindir}/groupadd -g %{sshd_gid} sshd 2>/dev/null || :
281%{_sbindir}/useradd -d /var/empty/sshd -s /bin/false -u %{sshd_uid} \
282 -c "SSH Daemon virtual user" -g sshd sshd 2>/dev/null || :
283: # to protect the rpm database
284
285%Post server
286if [ -x %{LSBinit}-install ]; then
287 %{LSBinit}-install sshd
288else
289 lisa --SysV-init install sshd S55 2:3:4:5 K45 0:1:6
290fi
291
292! %{SVIdir}/sshd status || %{SVIdir}/sshd restart
293: # to protect the rpm database
294
295
296%PreUn server
297[ "$1" = 0 ] || exit 0
298! %{SVIdir}/sshd status || %{SVIdir}/sshd stop
299if [ -x %{LSBinit}-remove ]; then
300 %{LSBinit}-remove sshd
301else
302 lisa --SysV-init remove sshd $1
303fi
304: # to protect the rpm database
305
306%Files
307%defattr(-,root,root)
308%dir %{_sysconfdir}
309%config %{_sysconfdir}/ssh_config
310%{_bindir}/scp
311%{_bindir}/sftp
312%{_bindir}/ssh
313%{_bindir}/slogin
314%{_bindir}/ssh-add
315%attr(2755,root,nobody) %{_bindir}/ssh-agent
316%{_bindir}/ssh-keygen
317%{_bindir}/ssh-keyscan
318%dir %{_libexecdir}
319%attr(4711,root,root) %{_libexecdir}/ssh-keysign
320%{_libexecdir}/ssh-pkcs11-helper
321%{_sbindir}/ssh-host-keygen
322%dir %{_defaultdocdir}/%{name}-%{version}
323%{_defaultdocdir}/%{name}-%{version}/CREDITS
324%{_defaultdocdir}/%{name}-%{version}/ChangeLog
325%{_defaultdocdir}/%{name}-%{version}/LICENCE
326%{_defaultdocdir}/%{name}-%{version}/OVERVIEW
327%{_defaultdocdir}/%{name}-%{version}/README*
328%{_defaultdocdir}/%{name}-%{version}/TODO
329%{_defaultdocdir}/%{name}-%{version}/faq.html
330%{_mandir}/man1/*
331%{_mandir}/man8/ssh-keysign.8.gz
332%{_mandir}/man8/ssh-pkcs11-helper.8.gz
333%{_mandir}/man5/ssh_config.5.gz
334
335%Files server
336%defattr(-,root,root)
337%dir %{_var}/empty/sshd
338%config %{SVIdir}/sshd
339%config /etc/pam.d/sshd
340%config %{_sysconfdir}/moduli
341%config %{_sysconfdir}/sshd_config
342%config %{SVIcdir}/sshd
343%{_libexecdir}/sftp-server
344%{_sbindir}/sshd
345%{_mandir}/man5/moduli.5.gz
346%{_mandir}/man5/sshd_config.5.gz
347%{_mandir}/man8/sftp-server.8.gz
348%{_mandir}/man8/sshd.8.gz
349
350%Files askpass
351%defattr(-,root,root)
352%{_libexecdir}/ssh-askpass
353%{_libexecdir}/x11-ssh-askpass
354%{_defaultdocdir}/%{name}-%{version}/%{askpass}
355
356
357%ChangeLog
358* Tue Jan 18 2011 Tim Rice <tim@multitalents.net>
359- Use CFLAGS from Makefile instead of RPM so build completes.
360- Signatures were changed to .asc since 4.1p1.
361
362* Mon Jan 01 1998 ...
363Template Version: 1.31
364
365$Id: openssh.spec,v 1.85 2014/08/19 01:36:08 djm Exp $
diff --git a/contrib/caldera/ssh-host-keygen b/contrib/caldera/ssh-host-keygen
deleted file mode 100755
index 86382ddfb..000000000
--- a/contrib/caldera/ssh-host-keygen
+++ /dev/null
@@ -1,36 +0,0 @@
1#! /bin/sh
2#
3# $Id: ssh-host-keygen,v 1.3 2008/11/03 09:16:01 djm Exp $
4#
5# This script is normally run only *once* for a given host
6# (in a given period of time) -- on updates/upgrades/recovery
7# the ssh_host_key* files _should_ be retained! Otherwise false
8# "man-in-the-middle-attack" alerts will frighten unsuspecting
9# clients...
10
11keydir=@sysconfdir@
12keygen=@sshkeygen@
13
14if [ -f $keydir/ssh_host_key -o \
15 -f $keydir/ssh_host_key.pub ]; then
16 echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key."
17else
18 echo "Generating SSH1 RSA host key."
19 $keygen -t rsa1 -f $keydir/ssh_host_key -C '' -N ''
20fi
21
22if [ -f $keydir/ssh_host_rsa_key -o \
23 -f $keydir/ssh_host_rsa_key.pub ]; then
24 echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key."
25else
26 echo "Generating SSH2 RSA host key."
27 $keygen -t rsa -f $keydir/ssh_host_rsa_key -C '' -N ''
28fi
29
30if [ -f $keydir/ssh_host_dsa_key -o \
31 -f $keydir/ssh_host_dsa_key.pub ]; then
32 echo "You already have an SSH2 DSA host key in $keydir/ssh_host_dsa_key."
33else
34 echo "Generating SSH2 DSA host key."
35 $keygen -t dsa -f $keydir/ssh_host_dsa_key -C '' -N ''
36fi
diff --git a/contrib/caldera/sshd.init b/contrib/caldera/sshd.init
deleted file mode 100755
index 983146f4f..000000000
--- a/contrib/caldera/sshd.init
+++ /dev/null
@@ -1,125 +0,0 @@
1#! /bin/bash
2#
3# $Id: sshd.init,v 1.4 2003/11/21 12:48:57 djm Exp $
4#
5### BEGIN INIT INFO
6# Provides:
7# Required-Start: $network
8# Required-Stop:
9# Default-Start: 3 4 5
10# Default-Stop: 0 1 2 6
11# Description: sshd
12# Bring up/down the OpenSSH secure shell daemon.
13### END INIT INFO
14#
15# Written by Miquel van Smoorenburg <miquels@drinkel.ow.org>.
16# Modified for Debian GNU/Linux by Ian Murdock <imurdock@gnu.ai.mit.edu>.
17# Modified for OpenLinux by Raymund Will <ray@caldera.de>
18
19NAME=sshd
20DAEMON=/usr/sbin/$NAME
21# Hack-Alert(TM)! This is necessary to get around the 'reload'-problem
22# created by recent OpenSSH daemon/ssd combinations. See Caldera internal
23# PR [linux/8278] for details...
24PIDF=/var/run/$NAME.pid
25NAME=$DAEMON
26
27_status() {
28 [ -z "$1" ] || local pidf="$1"
29 local ret=-1
30 local pid
31 if [ -n "$pidf" ] && [ -r "$pidf" ]; then
32 pid=$(head -1 $pidf)
33 else
34 pid=$(pidof $NAME)
35 fi
36
37 if [ ! -e $SVIlock ]; then
38 # no lock-file => not started == stopped?
39 ret=3
40 elif [ -n "$pidf" -a ! -f "$pidf" ] || [ -z "$pid" ]; then
41 # pid-file given but not present or no pid => died, but was not stopped
42 ret=2
43 elif [ -r /proc/$pid/cmdline ] &&
44 echo -ne $NAME'\000' | cmp -s - /proc/$pid/cmdline; then
45 # pid-file given and present or pid found => check process...
46 # but don't compare exe, as this will fail after an update!
47 # compares OK => all's well, that ends well...
48 ret=0
49 else
50 # no such process or exe does not match => stale pid-file or process died
51 # just recently...
52 ret=1
53 fi
54 return $ret
55}
56
57# Source function library (and set vital variables).
58. @SVIdir@/functions
59
60case "$1" in
61 start)
62 [ ! -e $SVIlock ] || exit 0
63 [ -x $DAEMON ] || exit 5
64 SVIemptyConfig @sysconfdir@/sshd_config && exit 6
65
66 if [ ! \( -f @sysconfdir@/ssh_host_key -a \
67 -f @sysconfdir@/ssh_host_key.pub \) -a \
68 ! \( -f @sysconfdir@/ssh_host_rsa_key -a \
69 -f @sysconfdir@/ssh_host_rsa_key.pub \) -a \
70 ! \( -f @sysconfdir@/ssh_host_dsa_key -a \
71 -f @sysconfdir@/ssh_host_dsa_key.pub \) ]; then
72
73 echo "$SVIsubsys: host key not initialized: skipped!"
74 echo "$SVIsubsys: use ssh-host-keygen to generate one!"
75 exit 6
76 fi
77
78 echo -n "Starting $SVIsubsys services: "
79 ssd -S -x $DAEMON -n $NAME -- $OPTIONS
80 ret=$?
81
82 echo "."
83 touch $SVIlock
84 ;;
85
86 stop)
87 [ -e $SVIlock ] || exit 0
88
89 echo -n "Stopping $SVIsubsys services: "
90 ssd -K -p $PIDF -n $NAME
91 ret=$?
92
93 echo "."
94 rm -f $SVIlock
95 ;;
96
97 force-reload|reload)
98 [ -e $SVIlock ] || exit 0
99
100 echo "Reloading $SVIsubsys configuration files: "
101 ssd -K --signal 1 -q -p $PIDF -n $NAME
102 ret=$?
103 echo "done."
104 ;;
105
106 restart)
107 $0 stop
108 $0 start
109 ret=$?
110 ;;
111
112 status)
113 _status $PIDF
114 ret=$?
115 ;;
116
117 *)
118 echo "Usage: $SVIscript {[re]start|stop|[force-]reload|status}"
119 ret=2
120 ;;
121
122esac
123
124exit $ret
125
diff --git a/contrib/caldera/sshd.pam b/contrib/caldera/sshd.pam
deleted file mode 100644
index f050a9aee..000000000
--- a/contrib/caldera/sshd.pam
+++ /dev/null
@@ -1,8 +0,0 @@
1#%PAM-1.0
2auth required /lib/security/pam_pwdb.so shadow nodelay
3account required /lib/security/pam_nologin.so
4account required /lib/security/pam_pwdb.so
5password required /lib/security/pam_cracklib.so
6password required /lib/security/pam_pwdb.so shadow nullok use_authtok
7session required /lib/security/pam_pwdb.so
8session required /lib/security/pam_limits.so