From 4f755cdc05f5c6dee7cb1894f8d3bcaee33443d0 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Mon, 19 May 2008 14:57:41 +1000 Subject: - pyr@cvs.openbsd.org 2008/05/07 05:49:37 [servconf.c servconf.h session.c sshd_config.5] Enable the AllowAgentForwarding option in sshd_config (global and match context), to specify if agents should be permitted on the server. As the man page states: ``Note that disabling Agent forwarding does not improve security unless users are also denied shell access, as they can always install their own forwarders.'' ok djm@, ok and a mild frown markus@ --- ChangeLog | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'ChangeLog') diff --git a/ChangeLog b/ChangeLog index b7e6098e5..8ee0b0e55 100644 --- a/ChangeLog +++ b/ChangeLog @@ -43,6 +43,15 @@ [ssh-keyscan.1 ssh-keyscan.c] default to rsa (protocol 2) keys, instead of rsa1 keys; spotted by larsnooden AT openoffice.org + - pyr@cvs.openbsd.org 2008/05/07 05:49:37 + [servconf.c servconf.h session.c sshd_config.5] + Enable the AllowAgentForwarding option in sshd_config (global and match + context), to specify if agents should be permitted on the server. + As the man page states: + ``Note that disabling Agent forwarding does not improve security + unless users are also denied shell access, as they can always install + their own forwarders.'' + ok djm@, ok and a mild frown markus@ 20080403 - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile- @@ -3903,4 +3912,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4915 2008/05/19 04:56:33 djm Exp $ +$Id: ChangeLog,v 1.4916 2008/05/19 04:57:41 djm Exp $ -- cgit v1.2.3