summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2005-01-04Merge 3.9p1 to the trunk.Colin Watson
2005-01-04Import OpenSSH 3.9p1.Colin Watson
2005-01-04Merge from branch-V_3_8_1_P1-4-client-server-split:Colin Watson
cvs up -jV_3_8_1_P1-8 -jbranch-V_3_8_1_P1-4-client-server-split branch-V_3_8_1_P1-4-client-server-split is now closed. For further development for sarge (Debian version 3.8.1p1-8.sarge.4, CVS tag V_3_8_1_P1-8_sarge_4), use branch-V_3_8_1_P1-8_sarge_4-sarge.
2004-12-01Build ssh in binary-indep, not binary-arch (thanks, LaMont Jones).Colin Watson
2004-11-28Finish 1:3.8.1p1-14.Colin Watson
2004-11-28Merge from HEAD:Colin Watson
Make sure that there's a delay in PAM keyboard-interactive authentication when PermitRootLogin is not set to yes and the correct root password is entered (closes: #248747).
2004-11-28Merge from HEAD:Colin Watson
Fix timing information leak allowing discovery of invalid usernames in PAM keyboard-interactive authentication (backported from a patch by Darren Tucker; closes: #281595).
2004-11-28We use DH_COMPAT=2, so build-depend on debhelper (>= 2).Colin Watson
2004-11-28Finish 1:3.8.1p1-8.sarge.4.Colin Watson
2004-11-28Make sure that there's a delay in PAM keyboard-interactive authenticationColin Watson
when PermitRootLogin is not set to yes and the correct root password is entered (closes: #248747).
2004-11-28Fix timing information leak allowing discovery of invalid usernames in PAMColin Watson
keyboard-interactive authentication (backported from a patch by Darren Tucker; closes: #281595).
2004-11-12Finish 1:3.8.1p1-13.Colin Watson
2004-11-12debconf-updatepoColin Watson
2004-11-12Merge from HEAD:Colin Watson
Correct README.Debian's ForwardX11Trusted description (closes: #280190).
2004-11-12Merge from HEAD:Colin Watson
Enable threading for PAM, on Sam Hartman's advice (closes: #278394).
2004-11-12Finish 1:3.8.1p1-8.sarge.3.Colin Watson
2004-11-08Correct README.Debian's ForwardX11Trusted description (closes: #280190).Colin Watson
2004-11-01Enable threading for PAM, on Sam Hartman's advice (closes: #278394).Colin Watson
2004-11-01Update Dutch debconf template translation (thanks, cobaco; closes:Colin Watson
#278715).
2004-11-01Update Dutch debconf template translation (thanks, cobaco; closes:Colin Watson
#278715).
2004-10-24Forward-port from HEAD:Colin Watson
* Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754). * Shorten the version string from the form "OpenSSH_3.8.1p1 Debian 1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH implementations apparently have problems with the long version string. This is of course a bug in those implementations, but since the extent of the problem is unknown it's best to play safe (closes: #275731). * debconf template translations: - Add Finnish (thanks, Matti Pöllä; closes: #265339). - Update Danish (thanks, Morten Brix Pedersen; closes: #275895). - Update French (thanks, Denis Barbier; closes: #276703). - Update Japanese (thanks, Kenshi Muto; closes: #277438).
2004-10-24Finish 1:3.8.1p1-8.sarge.2.Colin Watson
2004-10-24Add another missing chown/chmod --reference.Colin Watson
2004-10-24debconf-updatepoColin Watson
2004-10-24Shorten the version string from the form "OpenSSH_3.8.1p1 DebianColin Watson
1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH implementations apparently have problems with the long version string. This is of course a bug in those implementations, but since the extent of the problem is unknown it's best to play safe (closes: #275731).
2004-10-24Update Japanese debconf template translation (thanks, Kenshi Muto; closes:Colin Watson
#277438).
2004-10-24Update French debconf template translation (thanks, Denis Barbier; closes:Colin Watson
#276703).
2004-10-24Update Danish debconf template translation (thanks, Morten Brix Pedersen;Colin Watson
closes: #275895).
2004-10-24Add Finnish debconf template translation (thanks, Matti Pöllä; closes:Colin Watson
#265339).
2004-10-24Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754).Colin Watson
2004-10-06Finish 1:3.8.1p1-11.Colin Watson
2004-10-06Finish 1:3.8.1p1-8.sarge.1.Colin Watson
2004-10-06Forward-port from HEAD:Colin Watson
* If PasswordAuthentication is disabled, then offer to disable ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369). * This will ask a question of anyone who installed fresh with 1:3.8p1-2 or later and then upgraded. Sorry about that ... for this reason, the default answer is to leave ChallengeResponseAuthentication enabled.
2004-10-06Leave ChallengeResponseAuthentication enabled by default, sinceColin Watson
PasswordAuthentication has been turned off for new installs since 1:3.8p1-2.
2004-10-06Don't ask ssh/disable_cr_auth unless /etc/ssh/sshd_config exists.Colin Watson
2004-10-06get_config_option checks for existence of /etc/ssh/sshd_config.Colin Watson
2004-10-05If PasswordAuthentication is disabled, then offer to disableColin Watson
ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369).
2004-08-31Move sshd_config(5) to openssh-server, where it belongs.Colin Watson
2004-08-25Don't install the ssh-askpass-gnome .desktop file by default; I've had tooColin Watson
many GNOME people tell me it's the wrong thing to be doing. I've left it in /usr/share/doc/ssh-askpass-gnome/examples/ for now.
2004-08-17 - (djm) Release 3.9p1Damien Miller
2004-08-17 - (djm) Crank RPM spec version numbersDamien Miller
2004-08-17 - (djm) OpenBSD CVS SyncDamien Miller
- markus@cvs.openbsd.org 2004/08/16 08:17:01 [version.h] 3.9
2004-08-17 - (dtucker) [regress/README.regress] Note compatibility issues with GNU head.Darren Tucker
2004-08-16 - (dtucker) [acconfig.h auth-pam.c configure.ac] Set real uid to non-rootDarren Tucker
to convince Solaris PAM to honour password complexity rules. ok djm@
2004-08-15 - (dtucker) [Makefile.in] Fix typo.Darren Tucker
2004-08-15 - (djm) [loginrec.c] Check that seek succeeded here too; ok dtuckerDamien Miller
2004-08-15 - (djm) [acconfig.h configure.ac openbsd-compat/Makefile.inDamien Miller
openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h openbsd-compat/openbsd-compat.h] Use smarter closefrom() replacement from sudo; ok dtucker@
2004-08-15 - (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() sinceDarren Tucker
it does the right thing on all platforms. ok djm@
2004-08-15 - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]Darren Tucker
Plug AIX login recording into login_write so logins will be recorded for all auth types.
2004-08-15 - (dtucker) [includes.h] Undef _INCLUDE__STDC__ on HP-UX, otherwiseDarren Tucker
prot.h and shadow.h provide conflicting declarations of getspnam. ok djm@