Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-03-27 | Change to "PermitRootLogin without-password" for new installations | Colin Watson | |
Also ask a debconf question when upgrading systems with "PermitRootLogin yes" from previous versions. Closes: #298138 | |||
2014-03-27 | Re-enable btmp logging, as its permissions were fixed a long time ago in ↵ | Colin Watson | |
response to #370050 (closes: #341883). | |||
2014-03-26 | merge patched into master | Matthew Vernon | |
2014-03-25 | [ Colin Watson ] | Matthew Vernon | |
[ Matthew Vernon ] Fix failure to check SSHFP records if server presents a certificate (bug reported by me, patch largely by Mark Wooding) (Closes: #742513) | |||
2014-03-25 | merge patched into master | Matthew Vernon | |
2014-03-21 | Mention CVE-2014-2532 in changelog. | Colin Watson | |
2014-03-20 | Merge 6.6p1. | Colin Watson | |
* New upstream release (http://www.openssh.com/txt/release-6.6). | |||
2014-03-20 | record new upstream branch created by importing openssh_6.6p1.orig.tar.gz | Colin Watson | |
2014-03-19 | Apply various warning-suppression and regression-test fixes to gssapi.patch ↵ | Colin Watson | |
from Damien Miller. | |||
2014-03-06 | releasing package openssh version 1:6.5p1-6 | Colin Watson | |
2014-03-06 | Fix Breaks/Replaces versions of openssh-sftp-server on openssh-server ↵ | Colin Watson | |
(thanks, Axel Beckert). | |||
2014-03-06 | releasing package openssh version 1:6.5p1-5 | Colin Watson | |
2014-03-05 | Link openssh-sftp-server's documentation directory to openssh-client's. | Colin Watson | |
2014-03-05 | Add Before=ssh.service to systemd ssh.socket file, since otherwise nothing ↵ | Colin Watson | |
guarantees that ssh.service has stopped before ssh.socket starts (thanks, Uoti Urpala). | |||
2014-02-21 | Split sftp-server into its own package | Axel Beckert | |
This allows it to also be used by other SSH server implementations like dropbear (closes: #504290). | |||
2014-02-21 | Add Alias=sshd.service to systemd ssh.service file, to match "Provides: ↵ | Colin Watson | |
sshd" in the sysvinit script (thanks, Michael Biebl). | |||
2014-02-15 | releasing package openssh version 1:6.5p1-4 | Colin Watson | |
2014-02-15 | Fix getsockname errors when using "ssh -W" (closes: #738693). | Colin Watson | |
2014-02-13 | Remove code related to non-dependency-based sysv-rc ordering, since that is ↵ | Colin Watson | |
no longer supported. | |||
2014-02-13 | Fix "Running sshd from inittab" instructions for dependency-based sysv-rc | Colin Watson | |
Amend "Running sshd from inittab" instructions in README.Debian to recommend 'update-rc.d ssh disable', rather than manual removal of rc*.d symlinks that won't work with dependency-based sysv-rc. | |||
2014-02-13 | Configure --without-hardening on hppa, to work around ↵ | Colin Watson | |
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=60155 (closes: #738798). | |||
2014-02-12 | releasing package openssh version 1:6.5p1-3 | Colin Watson | |
2014-02-12 | Tweak dh_systemd_enable invocations to avoid lots of error noise. | Colin Watson | |
2014-02-12 | Drop unnecessary -1 in zlib1g Build-Depends version. | Colin Watson | |
2014-02-12 | Policy version 3.9.5. | Colin Watson | |
2014-02-12 | Drop some very old Conflicts and Replaces | Colin Watson | |
Drop some very old Conflicts and Replaces (ssh (<< 1:3.8.1p1-9), rsh-client (<< 0.16.1-1), ssh-krb5 (<< 1:4.3p2-7), ssh-nonfree (<< 2), and openssh-client (<< 1:3.8.1p1-11)). These all relate to pre-etch versions, for which we no longer have maintainer script code, and per policy they would have to become Breaks nowadays anyway. | |||
2014-02-12 | Refer to /usr/share/common-licenses/GPL-2 in debian/copyright (for the ↵ | Colin Watson | |
Debian patch) rather than plain GPL. | |||
2014-02-12 | Remove unnecessary /dev/null tests | Colin Watson | |
Remove tests for whether /dev/null is a character device from the Upstart job and the systemd service files; it's there to avoid a confusing failure mode in daemon(), but with modern init systems we use the -D option to suppress daemonisation anyway. | |||
2014-02-12 | Reorder transition code by guard version. | Colin Watson | |
2014-02-12 | Bump guard version for sysvinit->systemd transition to 1:6.5p1-3; we may ↵ | Colin Watson | |
have got it wrong before, and it's fairly harmless to repeat it. | |||
2014-02-12 | Fix sysvinit->systemd transition code | Colin Watson | |
We need to cope with still-running sysvinit jobs being considered active by systemd (thanks, Uoti Urpala and Michael Biebl). | |||
2014-02-12 | Avoid stdout noise from which(1) on purge of openssh-client. | Colin Watson | |
2014-02-12 | Stop claiming that "Protocol 2" is a Debian-specific default | Colin Watson | |
This has been upstream's default since 5.4p1. | |||
2014-02-12 | Adjust section title too. | Colin Watson | |
2014-02-11 | Clarify socket activation mode in README.Debian, as suggested by Uoti Urpala. | Colin Watson | |
2014-02-11 | releasing package openssh version 1:6.5p1-2 | Colin Watson | |
2014-02-11 | Backport upstream patch to unbreak case-sensitive matching of ssh_config ↵ | Colin Watson | |
(closes: #738619). | |||
2014-02-11 | Only enable ssh.service for systemd, not both ssh.service and ssh.socket. ↵ | Colin Watson | |
Thanks to Michael Biebl for spotting this. | |||
2014-02-10 | releasing package openssh version 1:6.5p1-1 | Colin Watson | |
2014-02-10 | Drop After=syslog.target; this is obsolete according to Lintian. | Colin Watson | |
2014-02-10 | Add systemd support (thanks, Sven Joachim; closes: #676830). | Colin Watson | |
2014-02-10 | Stop manually creating /usr/share/lintian/overrides; dh_lintian handles this. | Colin Watson | |
2014-02-10 | Drop long-obsolete "SSH now uses protocol 2 by default" section from ↵ | Colin Watson | |
README.Debian. | |||
2014-02-10 | Generate ED25519 host keys on fresh installations. | Colin Watson | |
Upgraders who wish to add such host keys should manually add 'HostKey /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run 'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'. | |||
2014-02-10 | Close some bugs related to ssh-vulnkey. | Colin Watson | |
2014-02-10 | Incorporate default path changes from shadow 1:4.0.18.1-8, removing ↵ | Colin Watson | |
/usr/bin/X11 (closes: #644521). | |||
2014-02-10 | Add the pam_keyinit session module, to create a new session keyring on login ↵ | Colin Watson | |
(closes: #734816). | |||
2014-02-10 | Merge 6.5p1. | Colin Watson | |
* New upstream release (http://www.openssh.com/txt/release-6.5, LP: #1275068): - ssh(1): Add support for client-side hostname canonicalisation using a set of DNS suffixes and rules in ssh_config(5). This allows unqualified names to be canonicalised to fully-qualified domain names to eliminate ambiguity when looking up keys in known_hosts or checking host certificate names (closes: #115286). | |||
2014-02-10 | record new upstream branch created by importing openssh_6.5p1.orig.tar.gz | Colin Watson | |
2014-02-10 | Add OpenPGP signature checking configuration to watch file (thanks, Daniel ↵ | Colin Watson | |
Kahn Gillmor; closes: #732441). |