Domů Procházet Nápověda
Přihlásit se
openpkg
/
openpkg-packages
Sledovat 2
Oblíbit 0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0
Strom: 06f940320b
Větve Značky
openpkg-pack...
/
openssh
Ralf S. Engelschall bd832a4bd0 add quaterly brain-dead chroot support (dedicated to Thomas Rohde) před 24 roky
..
fakesyslog.tar.gz 53519f2c84 enhance fakesyslog for Tru64 compatibility před 24 roky
openssh.spec bd832a4bd0 add quaterly brain-dead chroot support (dedicated to Thomas Rohde) před 24 roky
rc.openssh 41d5de1a8b Switch to l_{s,m,r,n}{usr,grp}. před 24 roky
ssh-askpass 8d9f4340cc support x11-ssh-askpass, too před 24 roky
ssh-keyman b569ce4f38 overhaul ssh-keyman by addressing recently popped up issues před 24 roky
ssh-keyman.1 ab6dc2a846 include my ssh-keyman utility před 24 roky
ssh-keyman.pod ab6dc2a846 include my ssh-keyman utility před 24 roky
ssh_config 9752b1edbe - create SSHv2 RSA in addition to SSHv1 RSA server key - generate server keys with 2048 bits instead of 1024 - create ~/.ssh/agent file with mode 600 instead of mode 700 - cleanup ssh_config and sshd_config files - default to "Protocol 2,1" in server and "Protocol 1,2" in client před 24 roky
sshd_config 5a5f47a9d7 After longer thinking and comparing what FreeBSD and NetBSD did, finally revert to the old state by kicking out the UsePrivilegeSeparation and Compression default value guessing because: 1. we are predestined to fail in general because we cannot do it correctly by just looking at the platform id. 2. UsePrivilegeSeparation is nice from a paranoid security point of view but OTOH really is too brand-new and internally limits or even breaks the OpenSSH functionality too dramatically. People who are paranoid enough and can live with this can feel free to change the "no" to a "yes" in their sshd_config easily. 3. it is nasty to have a package "openssh" shipping with totally different default configuration (using "UsePrivilegeSeparation yes" makes a large difference under run-time!) on different platforms. This is nasty and we really want a single default config independent of a platform. So, unless "UsePrivilegeSeparation yes" works equally on all our plaforms and without such dramatical restrictions (Compression, PAM, etc) and internal brokeness we will stay with the _default_ config of "UsePrivilegeSeparation no". Once Privilege Separation is really ready for a global deployment, we are happy to enable it by default again. před 24 roky