1 files changed, 0 insertions, 32 deletions
diff --git a/debian/templates.master b/debian/templates.master
index 4d60e95da..07f62b178 100644
--- a/debian/templates.master
+++ b/debian/templates.master
@@ -1,35 +1,3 @@
-Template: ssh/privsep_tell
-Type: note
-_Description: Privilege separation
- This version of OpenSSH contains the new privilege separation option. This
- significantly reduces the quantity of code that runs as root, and
- therefore reduces the impact of security holes in sshd.
- .
- Unfortunately, privilege separation interacts badly with PAM. Any PAM
- session modules that need to run as root (pam_mkhomedir, for example) will
- fail, and PAM keyboard-interactive authentication won't work.
- .
- Privilege separation is turned on by default, so if you decide you want it
- turned off, you need to add "UsePrivilegeSeparation no" to
- /etc/ssh/sshd_config.
-Template: ssh/privsep_ask
-Type: boolean
-Default: true
-_Description: Enable Privilege separation
- This version of OpenSSH contains the new privilege separation option. This
- significantly reduces the quantity of code that runs as root, and
- therefore reduces the impact of security holes in sshd.
- .
- Unfortunately, privilege separation interacts badly with PAM. Any PAM
- session modules that need to run as root (pam_mkhomedir, for example) will
- fail, and PAM keyboard-interactive authentication won't work.
- .
- Since you've opted to have me generate an sshd_config file for you, you
- can choose whether or not to have privilege separation turned on or not.
- Unless you know you need to use PAM features that won't work with this
- option, you should enable it.
 Template: ssh/new_config
 Type: boolean
 Default: true

diff --git a/debian/templates.master b/debian/templates.master index 4d60e95da..07f62b178 100644 --- a/debian/templates.master +++ b/debian/templates.master
@@ -1,35 +1,3 @@
1	Template: ssh/privsep_tell
2	Type: note
3	_Description: Privilege separation
4	This version of OpenSSH contains the new privilege separation option. This
5	significantly reduces the quantity of code that runs as root, and
6	therefore reduces the impact of security holes in sshd.
7	.
8	Unfortunately, privilege separation interacts badly with PAM. Any PAM
9	session modules that need to run as root (pam_mkhomedir, for example) will
10	fail, and PAM keyboard-interactive authentication won't work.
11	.
12	Privilege separation is turned on by default, so if you decide you want it
13	turned off, you need to add "UsePrivilegeSeparation no" to
14	/etc/ssh/sshd_config.
15
16	Template: ssh/privsep_ask
17	Type: boolean
18	Default: true
19	_Description: Enable Privilege separation
20	This version of OpenSSH contains the new privilege separation option. This
21	significantly reduces the quantity of code that runs as root, and
22	therefore reduces the impact of security holes in sshd.
23	.
24	Unfortunately, privilege separation interacts badly with PAM. Any PAM
25	session modules that need to run as root (pam_mkhomedir, for example) will
26	fail, and PAM keyboard-interactive authentication won't work.
27	.
28	Since you've opted to have me generate an sshd_config file for you, you
29	can choose whether or not to have privilege separation turned on or not.
30	Unless you know you need to use PAM features that won't work with this
31	option, you should enable it.
32
33	Template: ssh/new_config	1	Template: ssh/new_config
34	Type: boolean	2	Type: boolean
35	Default: true	3	Default: true