projects / people / ms / ipfire-3.x.git / blame
| Commit | Line | Data |
|---|---|---|
| 9d8fd3ad SS |
1 | diff -up openssh-5.9p0/ssh_config.redhat openssh-5.9p0/ssh_config |
| 2 | --- openssh-5.9p0/ssh_config.redhat 2010-01-12 09:40:27.000000000 +0100 | |
| 3 | +++ openssh-5.9p0/ssh_config 2011-09-05 14:48:16.386439023 +0200 | |
| 4 | @@ -45,3 +45,14 @@ | |
| 5 | # PermitLocalCommand no | |
| 6 | # VisualHostKey no | |
| 7 | # ProxyCommand ssh -q -W %h:%p gateway.example.com | |
| 8 | +Host * | |
| 9 | + GSSAPIAuthentication yes | |
| 10 | +# If this option is set to yes then remote X11 clients will have full access | |
| 11 | +# to the original X11 display. As virtually no X11 client supports the untrusted | |
| 12 | +# mode correctly we set this to yes. | |
| 13 | + ForwardX11Trusted yes | |
| 14 | +# Send locale-related environment variables | |
| 15 | + SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
| 16 | + SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
| 17 | + SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE | |
| 18 | + SendEnv XMODIFIERS | |
| 19 | diff -up openssh-5.9p0/sshd_config.0.redhat openssh-5.9p0/sshd_config.0 | |
| 20 | --- openssh-5.9p0/sshd_config.0.redhat 2011-09-05 14:48:08.522441255 +0200 | |
| 21 | +++ openssh-5.9p0/sshd_config.0 2011-09-05 14:48:16.477443868 +0200 | |
| 22 | @@ -581,9 +581,9 @@ DESCRIPTION | |
| 23 | ||
| 24 | SyslogFacility | |
| 25 | Gives the facility code that is used when logging messages from | |
| 26 | - sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0, | |
| 27 | - LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The | |
| 28 | - default is AUTH. | |
| 29 | + sshd(8). The possible values are: DAEMON, USER, AUTH, AUTHPRIV, | |
| 30 | + LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. | |
| 31 | + The default is AUTH. | |
| 32 | ||
| 33 | TCPKeepAlive | |
| 34 | Specifies whether the system should send TCP keepalive messages | |
| 35 | diff -up openssh-5.9p0/sshd_config.5.redhat openssh-5.9p0/sshd_config.5 | |
| 36 | --- openssh-5.9p0/sshd_config.5.redhat 2011-09-05 14:48:08.657564688 +0200 | |
| 37 | +++ openssh-5.9p0/sshd_config.5 2011-09-05 14:48:16.589501736 +0200 | |
| 38 | @@ -1029,7 +1029,7 @@ Note that this option applies to protoco | |
| 39 | .It Cm SyslogFacility | |
| 40 | Gives the facility code that is used when logging messages from | |
| 41 | .Xr sshd 8 . | |
| 42 | -The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, | |
| 43 | +The possible values are: DAEMON, USER, AUTH, AUTHPRIV, LOCAL0, LOCAL1, LOCAL2, | |
| 44 | LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. | |
| 45 | The default is AUTH. | |
| 46 | .It Cm TCPKeepAlive | |
| 47 | diff -up openssh-5.9p0/sshd_config.redhat openssh-5.9p0/sshd_config | |
| 48 | --- openssh-5.9p0/sshd_config.redhat 2011-09-05 14:48:16.250626793 +0200 | |
| 49 | +++ openssh-5.9p0/sshd_config 2011-09-05 15:06:01.513443553 +0200 | |
| 50 | @@ -32,6 +32,7 @@ | |
| 51 | # Logging | |
| 52 | # obsoletes QuietMode and FascistLogging | |
| 53 | #SyslogFacility AUTH | |
| 54 | +SyslogFacility AUTHPRIV | |
| 55 | #LogLevel INFO | |
| 56 | ||
| 57 | # Authentication: | |
| 58 | @@ -65,9 +66,11 @@ AuthorizedKeysFile .ssh/authorized_keys | |
| 59 | # To disable tunneled clear text passwords, change to no here! | |
| 60 | #PasswordAuthentication yes | |
| 61 | #PermitEmptyPasswords no | |
| 62 | +PasswordAuthentication yes | |
| 63 | ||
| 64 | # Change to no to disable s/key passwords | |
| 65 | #ChallengeResponseAuthentication yes | |
| 66 | +ChallengeResponseAuthentication no | |
| 67 | ||
| 68 | # Kerberos options | |
| 69 | #KerberosAuthentication no | |
| 70 | @@ -77,7 +80,9 @@ AuthorizedKeysFile .ssh/authorized_keys | |
| 71 | ||
| 72 | # GSSAPI options | |
| 73 | #GSSAPIAuthentication no | |
| 74 | +GSSAPIAuthentication yes | |
| 75 | #GSSAPICleanupCredentials yes | |
| 76 | +GSSAPICleanupCredentials yes | |
| 77 | ||
| 78 | # Set this to 'yes' to enable PAM authentication, account processing, | |
| 79 | # and session processing. If this is enabled, PAM authentication will | |
| 80 | @@ -89,6 +94,7 @@ AuthorizedKeysFile .ssh/authorized_keys | |
| 81 | # PAM authentication, then enable this but set PasswordAuthentication | |
| 82 | # and ChallengeResponseAuthentication to 'no'. | |
| 83 | #UsePAM no | |
| 84 | +UsePAM yes | |
| 85 | ||
| 86 | #TwoFactorAuthentication no | |
| 87 | #SecondPubkeyAuthentication yes | |
| 88 | @@ -101,6 +107,7 @@ AuthorizedKeysFile .ssh/authorized_keys | |
| 89 | #AllowTcpForwarding yes | |
| 90 | #GatewayPorts no | |
| 91 | #X11Forwarding no | |
| 92 | +X11Forwarding yes | |
| 93 | #X11DisplayOffset 10 | |
| 94 | #X11UseLocalhost yes | |
| 95 | #PrintMotd yes | |
| 96 | @@ -121,6 +128,12 @@ AuthorizedKeysFile .ssh/authorized_keys | |
| 97 | # no default banner path | |
| 98 | #Banner none | |
| 99 | ||
| 100 | +# Accept locale-related environment variables | |
| 101 | +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
| 102 | +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
| 103 | +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE | |
| 104 | +AcceptEnv XMODIFIERS | |
| 105 | + | |
| 106 | # override default of no subsystems | |
| 107 | Subsystem sftp /usr/libexec/sftp-server | |
| 108 |