From bb5616c94d6d6b97890e90dd01a7ad07c663dc0b Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Sun, 9 Feb 2014 16:10:18 +0000
Subject: Various Debian-specific configuration changes

ssh: Enable ForwardX11Trusted, returning to earlier semantics which cause
fewer problems with existing setups (http://bugs.debian.org/237021).

ssh: Set 'SendEnv LANG LC_*' by default (http://bugs.debian.org/264024).

ssh: Enable HashKnownHosts by default to try to limit the spread of ssh
worms.

ssh: Enable GSSAPIAuthentication and disable GSSAPIDelegateCredentials by
default.

sshd: Refer to /usr/share/doc/openssh-server/README.Debian.gz alongside
PermitRootLogin default.

Document all of this, along with several sshd defaults set in
debian/openssh-server.postinst.

Author: Russ Allbery <rra@debian.org>
Forwarded: not-needed
Last-Update: 2013-09-14

Patch-Name: debian-config.patch
---
 readconf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'readconf.c')

diff --git a/readconf.c b/readconf.c
index 389de7d60..2778176c6 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1298,7 +1298,7 @@ fill_default_options(Options * options)
 	if (options->forward_x11 == -1)
 		options->forward_x11 = 0;
 	if (options->forward_x11_trusted == -1)
-		options->forward_x11_trusted = 0;
+		options->forward_x11_trusted = 1;
 	if (options->forward_x11_timeout == -1)
 		options->forward_x11_timeout = 1200;
 	if (options->exit_on_forward_failure == -1)
-- 
cgit v1.2.3