Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-07-28 | releasing version 1:5.8p1-6 | Colin Watson | |
2011-07-28 | * Merge from Ubuntu (Dustin Kirkland): | Colin Watson | |
- openssh-server Recommends: ssh-import-id (no-op in Debian since that package doesn't exist there, but this reduces the Ubuntu delta). | |||
2011-07-28 | Quieten logs when multiple from= restrictions are used in different | Colin Watson | |
authorized_keys lines for the same key; it's still not ideal, but at least you'll only get one log entry per key (closes: #630606). | |||
2011-07-28 | openssh-client and openssh-server Suggests: monkeysphere. | Colin Watson | |
2011-07-24 | releasing version 1:5.8p1-5 | Colin Watson | |
2011-07-17 | * Backport from upstream: | Colin Watson | |
- Make hostbased auth with ECDSA keys work correctly (closes: #633368). | |||
2011-05-30 | update README.source too | Colin Watson | |
2011-05-30 | Update Vcs-* fields for Alioth changes. | Colin Watson | |
2011-04-13 | Drop openssh-server's dependency on openssh-blacklist to a | Colin Watson | |
recommendation (closes: #622604). | |||
2011-04-04 | releasing version 1:5.8p1-4 | Colin Watson | |
2011-04-04 | Remove unreachable code from openssh-server.postinst. | Colin Watson | |
2011-04-04 | Drop hardcoded dependencies on libssl0.9.8 and libcrypto0.9.8-udeb, | Colin Watson | |
since the required minimum versions are rather old now anyway and openssl has bumped its SONAME (thanks, Julien Cristau; closes: #620828). | |||
2011-03-18 | releasing version 1:5.8p1-3 | Colin Watson | |
2011-03-18 | Allow ssh-add to read from FIFOs (thanks, Daniel Kahn Gillmor; closes: | Colin Watson | |
#614897). | |||
2011-02-09 | Correct ssh-keygen instruction in the changelog for 1:5.7p1-1 (thanks, | Colin Watson | |
Joel Stanley). -q -f /etc/ssh/ssh_host_ecdsa_key -N "" -t ecdsa'. | |||
2011-02-08 | releasing version 1:5.8p1-2 | Colin Watson | |
2011-02-08 | Upload to unstable. | Colin Watson | |
2011-02-05 | releasing version 1:5.8p1-1 | Colin Watson | |
2011-02-05 | * New upstream release (http://www.openssh.org/txt/release-5.8): | Colin Watson | |
- Fix stack information leak in legacy certificate signing (http://www.openssh.com/txt/legacy-cert.adv). | |||
2011-01-27 | releasing version 1:5.7p1-2 | Colin Watson | |
2011-01-27 | Fix crash in ssh_selinux_setfscreatecon when SELinux is disabled | Colin Watson | |
(LP: #708571). | |||
2011-01-27 | releasing version 1:5.7p1-1 | Colin Watson | |
2011-01-26 | adjust ECDSA commentary in changelog - we aren't generating ECDSA host keys ↵ | Colin Watson | |
on upgrades | |||
2011-01-26 | changelog for GSSAPI update | Colin Watson | |
2011-01-26 | merge gssapi branch | Colin Watson | |
2011-01-25 | Rearrange selinux-role.patch so that it links properly given this | Colin Watson | |
SELinux build fix. | |||
2011-01-25 | Backport SELinux build fix from CVS. | Colin Watson | |
2011-01-24 | Build-depend on libssl-dev (>= 0.9.8g) to ensure sufficient ECC support. | Colin Watson | |
2011-01-24 | Generate ECDSA host keys. These will only be used on fresh | Colin Watson | |
installations or if you manually add 'HostKey /etc/ssh/ssh_host_ecdsa_key' to /etc/ssh/sshd_config. | |||
2011-01-24 | * New upstream release (http://www.openssh.org/txt/release-5.7): | Colin Watson | |
- Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer better performance than plain DH and DSA at the same equivalent symmetric key length, as well as much shorter keys. - sftp(1)/sftp-server(8): add a protocol extension to support a hard link operation. It is available through the "ln" command in the client. The old "ln" behaviour of creating a symlink is available using its "-s" option or through the preexisting "symlink" command. - scp(1): Add a new -3 option to scp: Copies between two remote hosts are transferred through the local host (closes: #508613). - ssh(1): "atomically" create the listening mux socket by binding it on a temporary name and then linking it into position after listen() has succeeded. This allows the mux clients to determine that the server socket is either ready or stale without races (closes: #454784). Stale server sockets are now automatically removed (closes: #523250). - ssh(1): install a SIGCHLD handler to reap expired child process (closes: #594687). - ssh(1)/ssh-agent(1): honour $TMPDIR for client xauth and ssh-agent temporary directories (closes: #357469, although only if you arrange for ssh-agent to actually see $TMPDIR since the setgid bit will cause it to be stripped off). | |||
2010-12-30 | releasing version 1:5.6p1-3 | Colin Watson | |
2010-12-30 | * Merge 1:5.5p1-6. | Colin Watson | |
2010-12-27 | releasing version 1:5.5p1-6 | Colin Watson | |
2010-12-26 | Touch /var/run/sshd/.placeholder in the preinst so that /var/run/sshd, | Colin Watson | |
which is intentionally no longer shipped in the openssh-server package due to /var/run often being a temporary directory, is not removed on upgrade (closes: #575582). | |||
2010-11-02 | Drop override for desktop-file-but-no-dh_desktop-call, which Lintian no | Colin Watson | |
longer issues. | |||
2010-10-26 | releasing version 1:5.6p1-2 | Colin Watson | |
2010-10-26 | Backport upstream patch to install a SIGCHLD handler to reap expired ssh | Colin Watson | |
child processes, preventing lots of zombies when using ControlPersist (closes: #594687). | |||
2010-08-24 | releasing version 1:5.6p1-1 | Colin Watson | |
2010-08-24 | staticify most functions in ssh-vulnkey.c | Colin Watson | |
2010-08-24 | unconstify key argument to describe_key and do_key | Colin Watson | |
2010-08-24 | unconstify key argument to blacklisted_key_in_file and blacklisted_key | Colin Watson | |
2010-08-23 | * New upstream release (http://www.openssh.com/txt/release-5.6): | Colin Watson | |
- Added a ControlPersist option to ssh_config(5) that automatically starts a background ssh(1) multiplex master when connecting. This connection can stay alive indefinitely, or can be set to automatically close after a user-specified duration of inactivity (closes: #335697, #350898, #454787, #500573, #550262). - Support AuthorizedKeysFile, AuthorizedPrincipalsFile, HostbasedUsesNameFromPacketOnly, and PermitTunnel in sshd_config(5) Match blocks (closes: #549858). - sftp(1): fix ls in working directories that contain globbing characters in their pathnames (LP: #530714). | |||
2010-08-23 | releasing version 1:5.5p1-5 | Colin Watson | |
2010-08-13 | * debconf template translations: | Colin Watson | |
- Update Danish (thanks, Joe Hansen; closes: #592800). | |||
2010-08-05 | Use an architecture wildcard for libselinux1-dev (closes: #591740). | Colin Watson | |
2010-05-22 | releasing version 1:5.5p1-4 | Colin Watson | |
2010-05-22 | Check primary group memberships as well as supplementary group | Colin Watson | |
memberships, and only allow group-writability by groups with exactly one member, as zero-member groups are typically used by setgid binaries rather than being user-private groups (closes: #581697). | |||
2010-05-22 | Allow ~/.ssh/authorized_keys and other secure files to be | Colin Watson | |
group-writable, provided that the group in question contains only the file's owner; this extends a patch previously applied to ~/.ssh/config (closes: #581919). | |||
2010-05-04 | Add powerpcspe to architecture list for libselinux1-dev build-dependency | Sebastian Andrzej Siewior | |
(closes: #579843). | |||
2010-04-28 | releasing version 1:5.5p1-3 | Colin Watson | |