diff options
Diffstat (limited to 'debian/openssh-server.templates.master')
-rw-r--r-- | debian/openssh-server.templates.master | 48 |
1 files changed, 29 insertions, 19 deletions
diff --git a/debian/openssh-server.templates.master b/debian/openssh-server.templates.master index d6432646d..4e892edff 100644 --- a/debian/openssh-server.templates.master +++ b/debian/openssh-server.templates.master | |||
@@ -1,47 +1,57 @@ | |||
1 | # These templates have been reviewed by the debian-l10n-english | ||
2 | # team | ||
3 | # | ||
4 | # If modifications/additions/rewording are needed, please ask | ||
5 | # for an advice to debian-l10n-english@lists.debian.org | ||
6 | # | ||
7 | # Even minor modifications require translation updates and such | ||
8 | # changes should be coordinated with translators and reviewers. | ||
9 | |||
1 | Template: ssh/new_config | 10 | Template: ssh/new_config |
2 | Type: boolean | 11 | Type: boolean |
3 | Default: true | 12 | Default: true |
4 | _Description: Generate new configuration file? | 13 | _Description: Generate a new configuration file for OpenSSH? |
5 | This version of OpenSSH has a considerably changed configuration file from | 14 | This version of OpenSSH has a considerably changed configuration file from |
6 | the version shipped in Debian 'Potato', which you appear to be upgrading | 15 | the version shipped in Debian 'Potato', which you appear to be upgrading |
7 | from. This package can now generate a new configuration file | 16 | from. This package can now generate a new configuration file |
8 | (/etc/ssh/sshd.config), which will work with the new server version, but | 17 | (/etc/ssh/sshd.config), which will work with the new server version, but |
9 | will not contain any customisations you made with the old version. | 18 | will not contain any customizations you made with the old version. |
10 | . | 19 | . |
11 | Please note that this new configuration file will set the value of | 20 | Please note that this new configuration file will set the value of |
12 | 'PermitRootLogin' to yes (meaning that anyone knowing the root password | 21 | 'PermitRootLogin' to 'yes' (meaning that anyone knowing the root password |
13 | can ssh directly in as root). It is the opinion of the maintainer that | 22 | can ssh directly in as root). Please read the README.Debian files for |
14 | this is the correct default (see README.Debian for more details), but you | 23 | more details about this design choice. |
15 | can always edit sshd_config and set it to no if you wish. | ||
16 | . | 24 | . |
17 | It is strongly recommended that you let this package generate a new | 25 | It is strongly recommended that choose to generate a new |
18 | configuration file now. | 26 | configuration file now. |
19 | 27 | ||
20 | Template: ssh/use_old_init_script | 28 | Template: ssh/use_old_init_script |
21 | Type: boolean | 29 | Type: boolean |
22 | Default: false | 30 | Default: false |
23 | _Description: Do you want to continue (and risk killing active ssh sessions)? | 31 | _Description: Do you want to risk killing active SSH sessions? |
24 | The version of /etc/init.d/ssh that you have installed, is likely to kill | 32 | The currently installed version of /etc/init.d/ssh is likely to kill |
25 | all running sshd instances. If you are doing this upgrade via an ssh | 33 | all running sshd instances. If you are doing this upgrade via an SSH |
26 | session, that would be a Bad Thing(tm). | 34 | session, you're likely to be disconnected and leave the upgrade |
35 | procedure unfinished. | ||
27 | . | 36 | . |
28 | You can fix this by adding "--pidfile /var/run/sshd.pid" to the | 37 | This can be fixed by manually adding "--pidfile /var/run/sshd.pid" to |
29 | start-stop-daemon line in the stop section of the file. | 38 | the start-stop-daemon line in the stop section of the file. |
30 | 39 | ||
31 | Template: ssh/encrypted_host_key_but_no_keygen | 40 | Template: ssh/encrypted_host_key_but_no_keygen |
32 | Type: note | 41 | Type: note |
33 | _Description: Warning: you must create a new host key | 42 | _Description: New host key mandatory |
34 | There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH | 43 | The current host key, in /etc/ssh/ssh_host_key, is encrypted with the |
35 | can not handle this host key file, and the ssh-keygen utility from the old | 44 | IDEA algorithm. OpenSSH can not handle this host key file, and the |
36 | (non-free) SSH installation does not appear to be available. | 45 | ssh-keygen utility from the old (non-free) SSH installation does not |
46 | appear to be available. | ||
37 | . | 47 | . |
38 | You will need to generate a new host key. | 48 | You need to manually generate a new host key. |
39 | 49 | ||
40 | Template: ssh/disable_cr_auth | 50 | Template: ssh/disable_cr_auth |
41 | Type: boolean | 51 | Type: boolean |
42 | Default: false | 52 | Default: false |
43 | _Description: Disable challenge-response authentication? | 53 | _Description: Disable challenge-response authentication? |
44 | Password authentication appears to be disabled in your current OpenSSH | 54 | Password authentication appears to be disabled in the current OpenSSH |
45 | server configuration. In order to prevent users from logging in using | 55 | server configuration. In order to prevent users from logging in using |
46 | passwords (perhaps using only public key authentication instead) with | 56 | passwords (perhaps using only public key authentication instead) with |
47 | recent versions of OpenSSH, you must disable challenge-response | 57 | recent versions of OpenSSH, you must disable challenge-response |