]>
Commit | Line | Data |
---|---|---|
9d8fd3ad SS |
1 | diff -up openssh-5.9p0/ssh_config.redhat openssh-5.9p0/ssh_config |
2 | --- openssh-5.9p0/ssh_config.redhat 2010-01-12 09:40:27.000000000 +0100 | |
3 | +++ openssh-5.9p0/ssh_config 2011-09-05 14:48:16.386439023 +0200 | |
4 | @@ -45,3 +45,14 @@ | |
5 | # PermitLocalCommand no | |
6 | # VisualHostKey no | |
7 | # ProxyCommand ssh -q -W %h:%p gateway.example.com | |
8 | +Host * | |
9 | + GSSAPIAuthentication yes | |
10 | +# If this option is set to yes then remote X11 clients will have full access | |
11 | +# to the original X11 display. As virtually no X11 client supports the untrusted | |
12 | +# mode correctly we set this to yes. | |
13 | + ForwardX11Trusted yes | |
14 | +# Send locale-related environment variables | |
15 | + SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
16 | + SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
17 | + SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE | |
18 | + SendEnv XMODIFIERS | |
19 | diff -up openssh-5.9p0/sshd_config.0.redhat openssh-5.9p0/sshd_config.0 | |
20 | --- openssh-5.9p0/sshd_config.0.redhat 2011-09-05 14:48:08.522441255 +0200 | |
21 | +++ openssh-5.9p0/sshd_config.0 2011-09-05 14:48:16.477443868 +0200 | |
22 | @@ -581,9 +581,9 @@ DESCRIPTION | |
23 | ||
24 | SyslogFacility | |
25 | Gives the facility code that is used when logging messages from | |
26 | - sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0, | |
27 | - LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The | |
28 | - default is AUTH. | |
29 | + sshd(8). The possible values are: DAEMON, USER, AUTH, AUTHPRIV, | |
30 | + LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. | |
31 | + The default is AUTH. | |
32 | ||
33 | TCPKeepAlive | |
34 | Specifies whether the system should send TCP keepalive messages | |
35 | diff -up openssh-5.9p0/sshd_config.5.redhat openssh-5.9p0/sshd_config.5 | |
36 | --- openssh-5.9p0/sshd_config.5.redhat 2011-09-05 14:48:08.657564688 +0200 | |
37 | +++ openssh-5.9p0/sshd_config.5 2011-09-05 14:48:16.589501736 +0200 | |
38 | @@ -1029,7 +1029,7 @@ Note that this option applies to protoco | |
39 | .It Cm SyslogFacility | |
40 | Gives the facility code that is used when logging messages from | |
41 | .Xr sshd 8 . | |
42 | -The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, | |
43 | +The possible values are: DAEMON, USER, AUTH, AUTHPRIV, LOCAL0, LOCAL1, LOCAL2, | |
44 | LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. | |
45 | The default is AUTH. | |
46 | .It Cm TCPKeepAlive | |
47 | diff -up openssh-5.9p0/sshd_config.redhat openssh-5.9p0/sshd_config | |
48 | --- openssh-5.9p0/sshd_config.redhat 2011-09-05 14:48:16.250626793 +0200 | |
49 | +++ openssh-5.9p0/sshd_config 2011-09-05 15:06:01.513443553 +0200 | |
50 | @@ -32,6 +32,7 @@ | |
51 | # Logging | |
52 | # obsoletes QuietMode and FascistLogging | |
53 | #SyslogFacility AUTH | |
54 | +SyslogFacility AUTHPRIV | |
55 | #LogLevel INFO | |
56 | ||
57 | # Authentication: | |
58 | @@ -65,9 +66,11 @@ AuthorizedKeysFile .ssh/authorized_keys | |
59 | # To disable tunneled clear text passwords, change to no here! | |
60 | #PasswordAuthentication yes | |
61 | #PermitEmptyPasswords no | |
62 | +PasswordAuthentication yes | |
63 | ||
64 | # Change to no to disable s/key passwords | |
65 | #ChallengeResponseAuthentication yes | |
66 | +ChallengeResponseAuthentication no | |
67 | ||
68 | # Kerberos options | |
69 | #KerberosAuthentication no | |
70 | @@ -77,7 +80,9 @@ AuthorizedKeysFile .ssh/authorized_keys | |
71 | ||
72 | # GSSAPI options | |
73 | #GSSAPIAuthentication no | |
74 | +GSSAPIAuthentication yes | |
75 | #GSSAPICleanupCredentials yes | |
76 | +GSSAPICleanupCredentials yes | |
77 | ||
78 | # Set this to 'yes' to enable PAM authentication, account processing, | |
79 | # and session processing. If this is enabled, PAM authentication will | |
80 | @@ -89,6 +94,7 @@ AuthorizedKeysFile .ssh/authorized_keys | |
81 | # PAM authentication, then enable this but set PasswordAuthentication | |
82 | # and ChallengeResponseAuthentication to 'no'. | |
83 | #UsePAM no | |
84 | +UsePAM yes | |
85 | ||
86 | #TwoFactorAuthentication no | |
87 | #SecondPubkeyAuthentication yes | |
88 | @@ -101,6 +107,7 @@ AuthorizedKeysFile .ssh/authorized_keys | |
89 | #AllowTcpForwarding yes | |
90 | #GatewayPorts no | |
91 | #X11Forwarding no | |
92 | +X11Forwarding yes | |
93 | #X11DisplayOffset 10 | |
94 | #X11UseLocalhost yes | |
95 | #PrintMotd yes | |
96 | @@ -121,6 +128,12 @@ AuthorizedKeysFile .ssh/authorized_keys | |
97 | # no default banner path | |
98 | #Banner none | |
99 | ||
100 | +# Accept locale-related environment variables | |
101 | +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
102 | +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
103 | +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE | |
104 | +AcceptEnv XMODIFIERS | |
105 | + | |
106 | # override default of no subsystems | |
107 | Subsystem sftp /usr/libexec/sftp-server | |
108 |