From 9238867d60dd8f7da598ef3ebdb127cfc5562a91 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sun, 9 Feb 2014 16:10:18 +0000 Subject: Various Debian-specific configuration changes ssh: Enable ForwardX11Trusted, returning to earlier semantics which cause fewer problems with existing setups (http://bugs.debian.org/237021). ssh: Set 'SendEnv LANG LC_*' by default (http://bugs.debian.org/264024). ssh: Enable HashKnownHosts by default to try to limit the spread of ssh worms. ssh: Enable GSSAPIAuthentication and disable GSSAPIDelegateCredentials by default. Document all of this, along with several sshd defaults set in debian/openssh-server.postinst. Author: Russ Allbery Forwarded: not-needed Last-Update: 2015-12-07 Patch-Name: debian-config.patch --- readconf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'readconf.c') diff --git a/readconf.c b/readconf.c index c0ba5a72c..e4e1cbae3 100644 --- a/readconf.c +++ b/readconf.c @@ -1749,7 +1749,7 @@ fill_default_options(Options * options) if (options->forward_x11 == -1) options->forward_x11 = 0; if (options->forward_x11_trusted == -1) - options->forward_x11_trusted = 0; + options->forward_x11_trusted = 1; if (options->forward_x11_timeout == -1) options->forward_x11_timeout = 1200; if (options->exit_on_forward_failure == -1) -- cgit v1.2.3