openssh.git -

Age	Commit message (Collapse)	Author
2016-12-26	Stop openssh-server.config exiting non-zero on fresh installations.	Colin Watson

2016-12-26	Start handling /etc/ssh/sshd_config using ucf.	Colin Watson
	* Start handling /etc/ssh/sshd_config using ucf. The immediate motivation for this is to deal with deprecations of options related to protocol 1, but something like this has been needed for a long time (closes: #419574, #848089): - sshd_config is now a slightly-patched version of upstream's, and only contains non-default settings (closes: #147201). - I've included as many historical md5sums of default versions of sshd_config as I could reconstruct from version control, but I'm sure I've missed some. - Explicitly synchronise the debconf database with the current configuration file state in openssh-server.config, to ensure that the PermitRootLogin setting is properly preserved. - UsePrivilegeSeparation now defaults to the stronger "sandbox" rather than "yes", per upstream.
2014-06-28	Make get_config_option more robust against trailing whitespace (thanks, ↵	Colin Watson
	LaMont Jones).
2014-03-31	If no root password is set, then switch to "PermitRootLogin ↵	Colin Watson
	without-password" without asking (LP: #1300127).
2014-03-27	Change to "PermitRootLogin without-password" for new installations	Colin Watson
	Also ask a debconf question when upgrading systems with "PermitRootLogin yes" from previous versions. Closes: #298138
2013-05-22	Remove lots of maintainer script support for upgrades from pre-etch	Colin Watson
	(three releases before current stable).
2013-05-21	Remove support for upgrading from ssh-nonfree.	Colin Watson

2013-05-21	Remove ssh/use_old_init_script, which was a workaround for a very old	Colin Watson
	bug in /etc/init.d/ssh. If anyone has ignored this for >10 years then they aren't going to be convinced now.
2010-01-02	Remove ssh/new_config, only needed for direct upgrades from potato which	Colin Watson
	are no longer particularly feasible anyway (closes: #420682).
2008-03-22	* Use printf rather than echo -en (a bashism) in openssh-server.config and	Colin Watson
	openssh-server.preinst.
2006-10-04	* Remove ssh/insecure_telnetd check altogether (closes: #391081).	Colin Watson

2005-05-31	Drop debconf support for allowing SSH protocol 1, which is discouraged and	Colin Watson
	has not been the default since openssh 1:3.0.1p1-1. Users who need this should edit sshd_config instead (closes: #147212).
2005-03-15	Remove obsolete and unnecessary ssh/forward_warning debconf note.	Colin Watson

2004-10-06	Forward-port from HEAD:	Colin Watson
	* If PasswordAuthentication is disabled, then offer to disable ChallengeResponseAuthentication too. The current PAM code will attempt password-style authentication if ChallengeResponseAuthentication is enabled (closes: #250369). * This will ask a question of anyone who installed fresh with 1:3.8p1-2 or later and then upgraded. Sorry about that ... for this reason, the default answer is to leave ChallengeResponseAuthentication enabled.
2004-07-31	* Split the ssh binary package into openssh-client and openssh-server	Colin Watson
	(closes: #39741). openssh-server depends on openssh-client for some common functionality; it didn't seem worth creating yet another package for this. * New transitional ssh package, depending on openssh-client and openssh-server. May be removed once nothing depends on it. * When upgrading from ssh to openssh-{client,server}, it's very difficult for the maintainer scripts to find out what version we're upgrading from without dodgy dpkg hackery. I've therefore taken the opportunity to move a couple of debconf notes into NEWS files, namely ssh/ssh2_keys_merged and ssh/user_environment_tell. * In general, upgrading to this version directly from woody without first upgrading to the version in sarge is not currently guaranteed to work very smoothly due to the aforementioned version discovery problems.