Age | Commit message (Collapse) | Author | |
---|---|---|---|
2008-05-21 | Recommend openssh-blacklist-extra from openssh-client and | Colin Watson | |
openssh-server. | |||
2008-05-21 | Recommend openssh-blacklist from openssh-client. | Colin Watson | |
2008-05-12 | * Mitigate OpenSSL security vulnerability: | Colin Watson | |
- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.) | |||
2008-02-27 | * Recommends: xauth rather than Suggests: xbase-clients. | Colin Watson | |
2008-01-12 | * Improve grammar of ssh-askpass-gnome description. | Colin Watson | |
2008-01-11 | * Drop source-compatibility with Debian 3.0: | Colin Watson | |
- Remove support for building with GNOME 1. This allows simplification of our GNOME build-dependencies (see #460136). - Remove hacks to support the old PAM configuration scheme. - Remove compatibility for building without po-debconf. * Build-depend on libgtk2.0-dev rather than libgnomeui-dev. As far as I can see, the GTK2 version of ssh-askpass-gnome has never required libgnomeui-dev. | |||
2008-01-10 | * Add armel to architecture list for libselinux1-dev build-dependency | Colin Watson | |
(closes: #460136). | |||
2008-01-10 | * Pass --with-mantype=doc to configure rather than build-depending on | Colin Watson | |
groff (closes: #460121). | |||
2007-12-24 | * Policy version 3.7.3: no changes required. | Colin Watson | |
2007-07-30 | * openssh-client Suggests: keychain. | Colin Watson | |
2007-07-28 | * Build-depend on libselinux1-dev on lpia. | Colin Watson | |
2007-07-07 | * Identify ssh as a metapackage rather than a transitional package. It's | Colin Watson | |
still useful as a quick way to install both the client and the server. | |||
2007-06-12 | * Use ${binary:Version} rather than ${Source-Version} in openssh-server -> | Colin Watson | |
openssh-client dependency. | |||
2007-06-12 | * Belatedly build-depend on zlib1g-dev (>= 1:1.2.3-1) (closes: #333447). | Colin Watson | |
2007-06-12 | * Use LSB functions in init scripts, and add an LSB-style header (thanks, | Colin Watson | |
Christian Perrier; closes: #389038). | |||
2007-06-06 | * openssh-client Suggests: libpam-ssh (closes: #427840). | Colin Watson | |
2007-04-29 | * It's been four and a half years now since I took over as "temporary" | Colin Watson | |
maintainer, so the Maintainer field is getting a bit inaccurate. Set Maintainer to debian-ssh@lists.debian.org and leave Matthew and myself as Uploaders. | |||
2007-04-24 | * Apply results of debconf templates and package descriptions review by | Colin Watson | |
debian-l10n-english (closes: #420107). | |||
2007-04-10 | * Multiply openssh-client-udeb's Installer-Menu-Item by 100. | Colin Watson | |
2006-12-13 | * Drop versioning on ssh/ssh-krb5 Replaces, as otherwise it isn't | Colin Watson | |
sufficient to replace conffiles (closes: #402804). | |||
2006-12-06 | * Create transitional ssh-krb5 package which enables GSSAPI configuration | Colin Watson | |
in sshd_config. * Default client to attempting GSSAPI authentication. * Remove obsolete GSSAPINoMICAuthentication from sshd_config if it's found. | |||
2006-10-27 | * openssh-server Suggests: molly-guard (closes: #395473). | Colin Watson | |
2006-07-14 | * Change sshd user's shell to /usr/sbin/nologin (closes: #366541). | Colin Watson | |
Introduces dependency on passwd for usermod. | |||
2006-05-12 | * Policy version 3.7.2: no changes required. | Colin Watson | |
2006-03-31 | * Use udeb support introduced in debhelper 4.2.0 (available in sarge) | Colin Watson | |
rather than constructing udebs by steam. * Require debhelper 5.0.22, which generates correct shared library dependencies for udebs. This build-dependency can be ignored if building on sarge. | |||
2005-10-07 | * Build-depend on libssl-dev (>= 0.9.8-1) to cope with surprise OpenSSL | Colin Watson | |
transition, since otherwise who knows what the buildds will do. If you're building openssh yourself, you can safely ignore this and use an older libssl-dev. | |||
2005-10-06 | * Build-depend on libselinux1-dev on armeb. | Colin Watson | |
2005-09-14 | - openssh-client and openssh-server replace ssh-krb5. | Colin Watson | |
2005-09-14 | - Build-depend on libkrb5-dev and configure --with-kerberos5=/usr. | Colin Watson | |
2005-09-14 | * openssh-client and openssh-server conflict with pre-split ssh to avoid | Colin Watson | |
problems when ssh is left un-upgraded (closes: #324695). | |||
2005-09-02 | * Policy version 3.6.2: no changes required. | Colin Watson | |
2005-06-30 | Drop priority of ssh to extra to match the override file. | Colin Watson | |
2005-06-17 | Build-depend on libselinux1-dev on ppc64 too (closes: #314625). | Colin Watson | |
2005-06-17 | Switch to debhelper compat level 3, since 2 is deprecated. | Colin Watson | |
2005-06-17 | Re-enable ssh-askpass-gnome on the Hurd, now that its build-dependencies | Colin Watson | |
are available. | |||
2005-06-17 | Manoj Srivastava: | Colin Watson | |
- Added SELinux capability, and turned it on be default. Added restorecon calls in preinst and postinst (should not matter if the machine is not SELinux aware). By and large, the changes made should have no effect unless the rules file calls --with-selinux; and even then there should be no performance hit for machines not actively running SELinux. - Modified the preinst and postinst to call restorecon to set the security context for the generated public key files. - Added a comment to /etc/pam.d/ssh to indicate that an SELinux system may want to also include pam_selinux.so. | |||
2005-06-08 | openssh-client and openssh-server conflict with ssh-krb5, as ssh-krb5 only | Colin Watson | |
conflicts with ssh (closes: #312475). | |||
2005-05-26 | openssh-server Suggests: rssh (closes: #233012). | Colin Watson | |
2005-05-25 | Don't build ssh-askpass-gnome on the Hurd, until GNOME is available to | Colin Watson | |
satisfy build-dependencies. | |||
2005-05-25 | Enable libedit support in sftp; build-depend on libedit-dev. | Colin Watson | |
2005-01-04 | Expand on openssh-client package description (closes: #273831). | Colin Watson | |
2004-11-28 | We use DH_COMPAT=2, so build-depend on debhelper (>= 2). | Colin Watson | |
2004-08-31 | Move sshd_config(5) to openssh-server, where it belongs. | Colin Watson | |
2004-08-02 | Drop priorities of openssh-server and ssh to optional. | Colin Watson | |
2004-07-31 | * Split the ssh binary package into openssh-client and openssh-server | Colin Watson | |
(closes: #39741). openssh-server depends on openssh-client for some common functionality; it didn't seem worth creating yet another package for this. * New transitional ssh package, depending on openssh-client and openssh-server. May be removed once nothing depends on it. * When upgrading from ssh to openssh-{client,server}, it's very difficult for the maintainer scripts to find out what version we're upgrading from without dodgy dpkg hackery. I've therefore taken the opportunity to move a couple of debconf notes into NEWS files, namely ssh/ssh2_keys_merged and ssh/user_environment_tell. * In general, upgrading to this version directly from woody without first upgrading to the version in sarge is not currently guaranteed to work very smoothly due to the aforementioned version discovery problems. | |||
2004-07-19 | Implement hack in http://lists.debian.org/debian-boot/2004/07/msg01207.html | Colin Watson | |
to get openssh-client-udeb to show up as a retrievable debian-installer component. | |||
2004-06-14 | Remove Suggests: dnsutils, as it was only needed for make-ssh-known-hosts | Colin Watson | |
(#93265), which has been replaced by ssh-keyscan. | |||
2004-05-14 | openssh-client-udeb and openssh-server-udeb depend on libnss-files-udeb | Colin Watson | |
(not yet uploaded). | |||
2004-05-11 | Add openssh-client-udeb and openssh-server-udeb binary packages for use in | Colin Watson | |
debian-installer. They still need libnss_files to be supplied in udeb form by glibc. | |||
2003-11-15 | Depend on dpkg (>= 1.9.0) for start-stop-daemon's --retry option. | Colin Watson | |