Age | Commit message (Collapse) | Author |
|
"PermitRootLogin prohibit-password" in sshd_config, and update documentation to reflect the new upstream default.
|
|
Also ask a debconf question when upgrading systems with "PermitRootLogin
yes" from previous versions.
Closes: #298138
|
|
years ago, and everyone should have upgraded through a version that
applied these checks by now. The ssh-vulnkey tool and the blacklisting
support in sshd are still here, at least for the moment.
* This removes the last of our uses of debconf (closes: #221531).
|
|
(three releases before current stable).
|
|
|
|
bug in /etc/init.d/ssh. If anyone has ignored this for >10 years then
they aren't going to be convinced now.
|
|
are no longer particularly feasible anyway (closes: #420682).
|
|
|
|
|
|
|
|
|
|
- Add key blacklisting support. Keys listed in
/etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by
sshd, unless "PermitBlacklistedKeys yes" is set in
/etc/ssh/sshd_config.
- Add a new program, ssh-vulnkey, which can be used to check keys
against these blacklists.
- Depend on openssh-blacklist.
- Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least
0.9.8g-9.
- Automatically regenerate known-compromised host keys, with a
critical-priority debconf note. (I regret that there was no time to
gather translations.)
|
|
- Remove support for building with GNOME 1. This allows simplification
of our GNOME build-dependencies (see #460136).
- Remove hacks to support the old PAM configuration scheme.
- Remove compatibility for building without po-debconf.
* Build-depend on libgtk2.0-dev rather than libgnomeui-dev. As far as I
can see, the GTK2 version of ssh-askpass-gnome has never required
libgnomeui-dev.
|