summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2004-11-28Merge from HEAD:Colin Watson
Make sure that there's a delay in PAM keyboard-interactive authentication when PermitRootLogin is not set to yes and the correct root password is entered (closes: #248747).
2004-11-28Merge from HEAD:Colin Watson
Fix timing information leak allowing discovery of invalid usernames in PAM keyboard-interactive authentication (backported from a patch by Darren Tucker; closes: #281595).
2004-11-28We use DH_COMPAT=2, so build-depend on debhelper (>= 2).Colin Watson
2004-11-12Finish 1:3.8.1p1-13.Colin Watson
2004-11-12debconf-updatepoColin Watson
2004-11-12Merge from HEAD:Colin Watson
Correct README.Debian's ForwardX11Trusted description (closes: #280190).
2004-11-12Merge from HEAD:Colin Watson
Enable threading for PAM, on Sam Hartman's advice (closes: #278394).
2004-11-01Update Dutch debconf template translation (thanks, cobaco; closes:Colin Watson
#278715).
2004-10-24Forward-port from HEAD:Colin Watson
* Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754). * Shorten the version string from the form "OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH implementations apparently have problems with the long version string. This is of course a bug in those implementations, but since the extent of the problem is unknown it's best to play safe (closes: #275731). * debconf template translations: - Add Finnish (thanks, Matti Pöllä; closes: #265339). - Update Danish (thanks, Morten Brix Pedersen; closes: #275895). - Update French (thanks, Denis Barbier; closes: #276703). - Update Japanese (thanks, Kenshi Muto; closes: #277438).
2004-10-24debconf-updatepoColin Watson
2004-10-24Shorten the version string from the form "OpenSSH_3.8.1p1 DebianColin Watson
1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH implementations apparently have problems with the long version string. This is of course a bug in those implementations, but since the extent of the problem is unknown it's best to play safe (closes: #275731).
2004-10-24Update Japanese debconf template translation (thanks, Kenshi Muto; closes:Colin Watson
#277438).
2004-10-24Update French debconf template translation (thanks, Denis Barbier; closes:Colin Watson
#276703).
2004-10-24Update Danish debconf template translation (thanks, Morten Brix Pedersen;Colin Watson
closes: #275895).
2004-10-24Add Finnish debconf template translation (thanks, Matti Pöllä; closes:Colin Watson
#265339).
2004-10-24Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754).Colin Watson
2004-10-06Finish 1:3.8.1p1-11.Colin Watson
2004-10-06Finish 1:3.8.1p1-8.sarge.1.Colin Watson
2004-10-06Forward-port from HEAD:Colin Watson
* If PasswordAuthentication is disabled, then offer to disable ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369). * This will ask a question of anyone who installed fresh with 1:3.8p1-2 or later and then upgraded. Sorry about that ... for this reason, the default answer is to leave ChallengeResponseAuthentication enabled.
2004-10-06Leave ChallengeResponseAuthentication enabled by default, sinceColin Watson
PasswordAuthentication has been turned off for new installs since 1:3.8p1-2.
2004-10-06Don't ask ssh/disable_cr_auth unless /etc/ssh/sshd_config exists.Colin Watson
2004-10-06get_config_option checks for existence of /etc/ssh/sshd_config.Colin Watson
2004-10-05If PasswordAuthentication is disabled, then offer to disableColin Watson
ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369).
2004-08-31Move sshd_config(5) to openssh-server, where it belongs.Colin Watson
2004-08-25Don't install the ssh-askpass-gnome .desktop file by default; I've had tooColin Watson
many GNOME people tell me it's the wrong thing to be doing. I've left it in /usr/share/doc/ssh-askpass-gnome/examples/ for now.
2004-08-02Finish openssh 1:3.8.1p1-9.Colin Watson
2004-08-02Drop priorities of openssh-server and ssh to optional.Colin Watson
2004-08-02Remove /etc/ssh/sshd_not_to_be_run on purge of openssh-server. For nowColin Watson
(until sarge+2) it's still honoured to avoid breaking existing configurations, but the right approach is now to remove the openssh-server package if you don't want to run the server. Add a NEWS item to that effect.
2004-08-02According to Matt Zimmerman, there should only be one NEWS file per sourceColin Watson
package.
2004-08-02Add a heuristic to try to make sure the sshd_config upgrade to >= 3.7Colin Watson
happens even though we don't know what version we're upgrading from.
2004-08-02Add copyright file to transitional ssh package.Colin Watson
2004-07-31* Split the ssh binary package into openssh-client and openssh-serverColin Watson
(closes: #39741). openssh-server depends on openssh-client for some common functionality; it didn't seem worth creating yet another package for this. * New transitional ssh package, depending on openssh-client and openssh-server. May be removed once nothing depends on it. * When upgrading from ssh to openssh-{client,server}, it's very difficult for the maintainer scripts to find out what version we're upgrading from without dodgy dpkg hackery. I've therefore taken the opportunity to move a couple of debconf notes into NEWS files, namely ssh/ssh2_keys_merged and ssh/user_environment_tell. * In general, upgrading to this version directly from woody without first upgrading to the version in sarge is not currently guaranteed to work very smoothly due to the aforementioned version discovery problems.
2004-07-30Merge from MAIN:Colin Watson
cvs up -jV_3_8_1_P1-4 -jV_3_8_1_P1-8
2004-07-29Changelog Matthew's copyright file change. Finish 1:3.8.1p1-8.Colin Watson
2004-07-28update copyright file to allow distribution of the debian patchMatthew Vernon
2004-07-22Re-enable shadow password support in openssh-server-udeb, at BastianColin Watson
Blank's request (closes: #260800).
2004-07-21Finish 1:3.8.1p1-6.Colin Watson
2004-07-21Generate host keys in postinst only if the relevant HostKey directives areColin Watson
found in sshd_config (closes: #87946).
2004-07-21Make isinstallable executable.Colin Watson
2004-07-19Implement hack in http://lists.debian.org/debian-boot/2004/07/msg01207.htmlColin Watson
to get openssh-client-udeb to show up as a retrievable debian-installer component.
2004-07-10Finish 1:3.8.1p1-5. Set urgency to medium due to the orphaned [pam] processColin Watson
fix.
2004-07-10Apply upstream bits of the patch for #258517.Colin Watson
2004-07-10Add scp and sftp to openssh-client-udeb. It might not be very 'u' any more;Colin Watson
oh well.
2004-07-10Apply patch from Darren Tucker to make the PAM authentication SIGCHLDColin Watson
handler kill the PAM thread if its waitpid() call returns 0, as well as the previous check for -1 (closes: #252676).
2004-07-10They aren't all bashisms ...Colin Watson
2004-07-10Fix bashisms in maintainer scripts (thanks, David Weinehall; partial fixColin Watson
for #258517).
2004-06-22debconf-updatepoColin Watson
2004-06-22Disable shadow password support in openssh-server-udeb.Colin Watson
2004-06-14Remove Suggests: dnsutils, as it was only needed for make-ssh-known-hostsColin Watson
(#93265), which has been replaced by ssh-keyscan.
2004-06-02Update German debconf template translation (thanks, Helge Kreutzmann;Colin Watson
closes: #252226).