summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
Diffstat (limited to 'debian')
-rw-r--r--debian/changelog1
-rw-r--r--debian/patches/mention-ssh-keygen-on-keychange.patch33
-rw-r--r--debian/patches/series1
3 files changed, 35 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index b3f7fc49a..a35c39b94 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,7 @@ openssh (1:6.1p1-2) UNRELEASED; urgency=low
8 been long enough since the relevant vulnerability that we shouldn't 8 been long enough since the relevant vulnerability that we shouldn't
9 need these installed by default nowadays. 9 need these installed by default nowadays.
10 - Add an Upstart job (not currently used by default in Debian). 10 - Add an Upstart job (not currently used by default in Debian).
11 - Add mention of ssh-keygen in ssh connect warning (Scott Moser).
11 * Only build with -j if DEB_BUILD_OPTIONS=parallel=* is used (closes: 12 * Only build with -j if DEB_BUILD_OPTIONS=parallel=* is used (closes:
12 #694282). 13 #694282).
13 14
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
new file mode 100644
index 000000000..42b32638c
--- /dev/null
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -0,0 +1,33 @@
1Description: Mention ssh-keygen in ssh fingerprint changed warning
2Author: Scott Moser <smoser@ubuntu.com>
3Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1843
4Bug-Ubuntu: https://bugs.launchpad.net/bugs/686607
5Last-Update: 2010-12-14
6
7Index: b/sshconnect.c
8===================================================================
9--- a/sshconnect.c
10+++ b/sshconnect.c
11@@ -956,9 +956,12 @@
12 error("%s. This could either mean that", key_msg);
13 error("DNS SPOOFING is happening or the IP address for the host");
14 error("and its host key have changed at the same time.");
15- if (ip_status != HOST_NEW)
16+ if (ip_status != HOST_NEW) {
17 error("Offending key for IP in %s:%lu",
18 ip_found->file, ip_found->line);
19+ error(" remove with: ssh-keygen -f \"%s\" -R %s",
20+ ip_found->file, ip);
21+ }
22 }
23 /* The host key has changed. */
24 warn_changed_key(host_key);
25@@ -966,6 +969,8 @@
26 user_hostfiles[0]);
27 error("Offending %s key in %s:%lu", key_type(host_found->key),
28 host_found->file, host_found->line);
29+ error(" remove with: ssh-keygen -f \"%s\" -R %s",
30+ host_found->file, host);
31
32 /*
33 * If strict host key checking is in use, the user will have
diff --git a/debian/patches/series b/debian/patches/series
index c940d8384..cb6be9a28 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -26,6 +26,7 @@ scp-quoting.patch
26shell-path.patch 26shell-path.patch
27dnssec-sshfp.patch 27dnssec-sshfp.patch
28auth-log-verbosity.patch 28auth-log-verbosity.patch
29mention-ssh-keygen-on-keychange.patch
29 30
30# Versioning 31# Versioning
31package-versioning.patch 32package-versioning.patch