1 ###############################################################################
2 # IPFire.org - An Open Source Firewall Solution #
3 # Copyright (C) - IPFire Development Team <info@ipfire.org> #
4 ###############################################################################
10 groups = Application/Internet
11 url = http://www.openssh.com/portable.html
13 summary = An open source implementation of SSH protocol versions 1 and 2.
16 SSH (Secure SHell) is a program for logging into and executing
17 commands on a remote machine. SSH is intended to replace rlogin and
18 rsh, and to provide secure encrypted communications between two
19 untrusted hosts over an insecure network.
22 source_dl = http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/
31 openssl-devel>=1.0.0d-2
36 # Apply patches in a special order
38 openssh-5.9p1-coverity.patch
39 openssh-5.8p1-fingerprint.patch
40 openssh-5.8p1-getaddrinfo.patch
41 openssh-5.8p1-packet.patch
42 openssh-5.9p1-2auth.patch
43 openssh-5.9p1-role.patch
44 openssh-5.9p1-mls.patch
45 openssh-5.9p1-sftp-chroot.patch
46 openssh-5.9p1-akc.patch
47 openssh-5.9p1-keygen.patch
48 openssh-5.2p1-allow-ip-opts.patch
49 openssh-5.9p1-randclean.patch
50 openssh-5.8p1-keyperm.patch
51 openssh-5.8p2-remove-stale-control-socket.patch
52 openssh-5.9p1-ipv6man.patch
53 openssh-5.8p2-sigpipe.patch
54 openssh-5.8p2-askpass-ld.patch
55 openssh-5.5p1-x11.patch
56 openssh-5.6p1-exit-deadlock.patch
57 openssh-5.1p1-askpass-progress.patch
58 openssh-4.3p2-askpass-grab-info.patch
59 openssh-5.9p1-edns.patch
60 openssh-5.1p1-scp-manpage.patch
61 openssh-5.8p1-localdomain.patch
62 openssh-5.9p1-ipfire.patch
63 openssh-5.9p1-entropy.patch
64 openssh-5.9p1-vendor.patch
65 openssh-5.8p2-force_krb.patch
66 openssh-5.9p1-kuserok.patch
69 configure_options += \
70 --sysconfdir=/etc/ssh \
71 --datadir=/usr/share/sshd \
72 --libexecdir=/usr/lib/openssh \
73 --with-md5-passwords \
74 --with-privsep-path=/var/lib/sshd \
84 # Disable GSS API authentication because KRB5 is required for that.
85 sed -e "s/^.*GSSAPIAuthentication/#&/" -i %{BUILDROOT}/etc/ssh/ssh_config
87 # Install scriptfile for key generation
88 install -m 754 %{DIR_SOURCE}/ssh-keygen %{BUILDROOT}/usr/lib/openssh/
95 openssh-clients=%{thisver}
96 openssh-server=%{thisver}
100 package openssh-clients
101 summary = OpenSSH client applications.
102 description = %{summary}
113 /usr/lib/openssh/ssh-pkcs11-helper
114 /usr/share/man/cat1/scp.1
115 /usr/share/man/cat1/sftp.1
116 /usr/share/man/cat1/slogin.1
117 /usr/share/man/cat1/ssh-add.1
118 /usr/share/man/cat1/ssh-agent.1
119 /usr/share/man/cat1/ssh-keyscan.1
120 /usr/share/man/cat1/ssh.1
121 /usr/share/man/cat5/ssh_config.5
122 /usr/share/man/cat8/ssh-pkcs11-helper.8
130 package openssh-server
131 summary = OpenSSH server applications.
132 description = %{summary}
134 # /usr/bin/ssh-keygen is needed to generate keys for the ssh server.
135 requires = /usr/bin/ssh-keygen
141 /lib/systemd/system/openssh.service
142 /usr/lib/openssh/sftp-server
143 /usr/lib/openssh/ssh-keygen
145 /usr/share/man/cat5/sshd_config.5*
146 /usr/share/man/cat5/moduli.5*
147 /usr/share/man/cat8/sshd.8*
148 /usr/share/man/cat8/sftp-server.8*
156 prerequires = shadow-utils systemd-units
159 # Create unprivileged user and group.
160 getent group sshd || groupadd -r sshd
161 getent passwd sshd || useradd -r -g sshd \
162 -d /var/lib/sshd -s /sbin/nologin sshd
166 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
170 /bin/systemctl --no-reload disable openssh.service >/dev/null 2>&1 || :
171 /bin/systemctl stop openssh.service >/dev/null 2>&1 || :
175 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
179 /bin/systemctl daemon-reload >/dev/null 2>&1 || :
183 package %{name}-debuginfo