1 diff -up openssh-5.9p0/ssh_config.redhat openssh-5.9p0/ssh_config
2 --- openssh-5.9p0/ssh_config.redhat 2010-01-12 09:40:27.000000000 +0100
3 +++ openssh-5.9p0/ssh_config 2011-09-05 14:48:16.386439023 +0200
5 # PermitLocalCommand no
7 # ProxyCommand ssh -q -W %h:%p gateway.example.com
9 + GSSAPIAuthentication yes
10 +# If this option is set to yes then remote X11 clients will have full access
11 +# to the original X11 display. As virtually no X11 client supports the untrusted
12 +# mode correctly we set this to yes.
13 + ForwardX11Trusted yes
14 +# Send locale-related environment variables
15 + SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
16 + SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
17 + SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE
19 diff -up openssh-5.9p0/sshd_config.0.redhat openssh-5.9p0/sshd_config.0
20 --- openssh-5.9p0/sshd_config.0.redhat 2011-09-05 14:48:08.522441255 +0200
21 +++ openssh-5.9p0/sshd_config.0 2011-09-05 14:48:16.477443868 +0200
22 @@ -581,9 +581,9 @@ DESCRIPTION
25 Gives the facility code that is used when logging messages from
26 - sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0,
27 - LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The
29 + sshd(8). The possible values are: DAEMON, USER, AUTH, AUTHPRIV,
30 + LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
31 + The default is AUTH.
34 Specifies whether the system should send TCP keepalive messages
35 diff -up openssh-5.9p0/sshd_config.5.redhat openssh-5.9p0/sshd_config.5
36 --- openssh-5.9p0/sshd_config.5.redhat 2011-09-05 14:48:08.657564688 +0200
37 +++ openssh-5.9p0/sshd_config.5 2011-09-05 14:48:16.589501736 +0200
38 @@ -1029,7 +1029,7 @@ Note that this option applies to protoco
40 Gives the facility code that is used when logging messages from
42 -The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2,
43 +The possible values are: DAEMON, USER, AUTH, AUTHPRIV, LOCAL0, LOCAL1, LOCAL2,
44 LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7.
47 diff -up openssh-5.9p0/sshd_config.redhat openssh-5.9p0/sshd_config
48 --- openssh-5.9p0/sshd_config.redhat 2011-09-05 14:48:16.250626793 +0200
49 +++ openssh-5.9p0/sshd_config 2011-09-05 15:06:01.513443553 +0200
52 # obsoletes QuietMode and FascistLogging
54 +SyslogFacility AUTHPRIV
58 @@ -65,9 +66,11 @@ AuthorizedKeysFile .ssh/authorized_keys
59 # To disable tunneled clear text passwords, change to no here!
60 #PasswordAuthentication yes
61 #PermitEmptyPasswords no
62 +PasswordAuthentication yes
64 # Change to no to disable s/key passwords
65 #ChallengeResponseAuthentication yes
66 +ChallengeResponseAuthentication no
69 #KerberosAuthentication no
70 @@ -77,7 +80,9 @@ AuthorizedKeysFile .ssh/authorized_keys
73 #GSSAPIAuthentication no
74 +GSSAPIAuthentication yes
75 #GSSAPICleanupCredentials yes
76 +GSSAPICleanupCredentials yes
78 # Set this to 'yes' to enable PAM authentication, account processing,
79 # and session processing. If this is enabled, PAM authentication will
80 @@ -89,6 +94,7 @@ AuthorizedKeysFile .ssh/authorized_keys
81 # PAM authentication, then enable this but set PasswordAuthentication
82 # and ChallengeResponseAuthentication to 'no'.
86 #TwoFactorAuthentication no
87 #SecondPubkeyAuthentication yes
88 @@ -101,6 +107,7 @@ AuthorizedKeysFile .ssh/authorized_keys
89 #AllowTcpForwarding yes
96 @@ -121,6 +128,12 @@ AuthorizedKeysFile .ssh/authorized_keys
97 # no default banner path
100 +# Accept locale-related environment variables
101 +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
102 +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
103 +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
104 +AcceptEnv XMODIFIERS
106 # override default of no subsystems
107 Subsystem sftp /usr/libexec/sftp-server