| .. |
|
fsl.openssh
|
2ff596cbd0
fix FSL matching
|
пре 24 година |
|
openssh.spec
|
daef0340fb
backout incorrect downgrade changes
|
пре 23 година |
|
rc.openssh
|
41d5de1a8b
Switch to l_{s,m,r,n}{usr,grp}.
|
пре 24 година |
|
ssh-askpass
|
8d9f4340cc
support x11-ssh-askpass, too
|
пре 24 година |
|
ssh-keyman
|
b569ce4f38
overhaul ssh-keyman by addressing recently popped up issues
|
пре 24 година |
|
ssh-keyman.1
|
ab6dc2a846
include my ssh-keyman utility
|
пре 24 година |
|
ssh-keyman.pod
|
ab6dc2a846
include my ssh-keyman utility
|
пре 24 година |
|
ssh_config
|
9752b1edbe
- create SSHv2 RSA in addition to SSHv1 RSA server key - generate server keys with 2048 bits instead of 1024 - create ~/.ssh/agent file with mode 600 instead of mode 700 - cleanup ssh_config and sshd_config files - default to "Protocol 2,1" in server and "Protocol 1,2" in client
|
пре 24 година |
|
sshd_config
|
5a5f47a9d7
After longer thinking and comparing what FreeBSD and NetBSD did, finally revert to the old state by kicking out the UsePrivilegeSeparation and Compression default value guessing because: 1. we are predestined to fail in general because we cannot do it correctly by just looking at the platform id. 2. UsePrivilegeSeparation is nice from a paranoid security point of view but OTOH really is too brand-new and internally limits or even breaks the OpenSSH functionality too dramatically. People who are paranoid enough and can live with this can feel free to change the "no" to a "yes" in their sshd_config easily. 3. it is nasty to have a package "openssh" shipping with totally different default configuration (using "UsePrivilegeSeparation yes" makes a large difference under run-time!) on different platforms. This is nasty and we really want a single default config independent of a platform. So, unless "UsePrivilegeSeparation yes" works equally on all our plaforms and without such dramatical restrictions (Compression, PAM, etc) and internal brokeness we will stay with the _default_ config of "UsePrivilegeSeparation no". Once Privilege Separation is really ready for a global deployment, we are happy to enable it by default again.
|
пре 24 година |
Ralf S. Engelschall
daef0340fb
backout incorrect downgrade changes