]>
Commit | Line | Data |
---|---|---|
852f4e06 SS |
1 | diff -up openssh-5.6p1/ssh_config.redhat openssh-5.6p1/ssh_config |
2 | --- openssh-5.6p1/ssh_config.redhat 2010-01-12 09:40:27.000000000 +0100 | |
3 | +++ openssh-5.6p1/ssh_config 2010-09-03 15:21:17.000000000 +0200 | |
9d8fd3ad | 4 | @@ -45,3 +45,16 @@ |
852f4e06 SS |
5 | # PermitLocalCommand no |
6 | # VisualHostKey no | |
7 | # ProxyCommand ssh -q -W %h:%p gateway.example.com | |
8 | +Host * | |
9 | + GSSAPIAuthentication yes | |
10 | +# If this option is set to yes then remote X11 clients will have full access | |
11 | +# to the original X11 display. As virtually no X11 client supports the untrusted | |
12 | +# mode correctly we set this to yes. | |
13 | + ForwardX11Trusted yes | |
9d8fd3ad SS |
14 | +# Look up the host key SSHFP records |
15 | + VerifyHostKeyDNS ask | |
852f4e06 SS |
16 | +# Send locale-related environment variables |
17 | + SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
18 | + SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
19 | + SendEnv LC_IDENTIFICATION LC_ALL LANGUAGE | |
20 | + SendEnv XMODIFIERS | |
21 | diff -up openssh-5.6p1/sshd_config.0.redhat openssh-5.6p1/sshd_config.0 | |
22 | --- openssh-5.6p1/sshd_config.0.redhat 2010-08-23 05:24:16.000000000 +0200 | |
23 | +++ openssh-5.6p1/sshd_config.0 2010-09-03 15:23:20.000000000 +0200 | |
24 | @@ -537,9 +537,9 @@ DESCRIPTION | |
25 | ||
26 | SyslogFacility | |
27 | Gives the facility code that is used when logging messages from | |
28 | - sshd(8). The possible values are: DAEMON, USER, AUTH, LOCAL0, | |
29 | - LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. The | |
30 | - default is AUTH. | |
31 | + sshd(8). The possible values are: DAEMON, USER, AUTH, AUTHPRIV, | |
32 | + LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. | |
33 | + The default is AUTH. | |
34 | ||
35 | TCPKeepAlive | |
36 | Specifies whether the system should send TCP keepalive messages | |
37 | diff -up openssh-5.6p1/sshd_config.5.redhat openssh-5.6p1/sshd_config.5 | |
38 | --- openssh-5.6p1/sshd_config.5.redhat 2010-07-02 05:37:17.000000000 +0200 | |
39 | +++ openssh-5.6p1/sshd_config.5 2010-09-03 15:21:17.000000000 +0200 | |
40 | @@ -919,7 +919,7 @@ Note that this option applies to protoco | |
41 | .It Cm SyslogFacility | |
42 | Gives the facility code that is used when logging messages from | |
43 | .Xr sshd 8 . | |
44 | -The possible values are: DAEMON, USER, AUTH, LOCAL0, LOCAL1, LOCAL2, | |
45 | +The possible values are: DAEMON, USER, AUTH, AUTHPRIV, LOCAL0, LOCAL1, LOCAL2, | |
46 | LOCAL3, LOCAL4, LOCAL5, LOCAL6, LOCAL7. | |
47 | The default is AUTH. | |
48 | .It Cm TCPKeepAlive | |
49 | diff -up openssh-5.6p1/sshd_config.redhat openssh-5.6p1/sshd_config | |
50 | --- openssh-5.6p1/sshd_config.redhat 2009-10-11 12:51:09.000000000 +0200 | |
51 | +++ openssh-5.6p1/sshd_config 2010-09-03 15:21:17.000000000 +0200 | |
52 | @@ -31,6 +31,7 @@ | |
53 | # Logging | |
54 | # obsoletes QuietMode and FascistLogging | |
55 | #SyslogFacility AUTH | |
56 | +SyslogFacility AUTHPRIV | |
57 | #LogLevel INFO | |
58 | ||
59 | # Authentication: | |
60 | @@ -58,9 +59,11 @@ | |
61 | # To disable tunneled clear text passwords, change to no here! | |
62 | #PasswordAuthentication yes | |
63 | #PermitEmptyPasswords no | |
64 | +PasswordAuthentication yes | |
65 | ||
66 | # Change to no to disable s/key passwords | |
67 | #ChallengeResponseAuthentication yes | |
68 | +ChallengeResponseAuthentication no | |
69 | ||
70 | # Kerberos options | |
71 | #KerberosAuthentication no | |
72 | @@ -70,7 +73,9 @@ | |
73 | ||
74 | # GSSAPI options | |
75 | #GSSAPIAuthentication no | |
76 | +GSSAPIAuthentication yes | |
77 | #GSSAPICleanupCredentials yes | |
78 | +GSSAPICleanupCredentials yes | |
79 | ||
80 | # Set this to 'yes' to enable PAM authentication, account processing, | |
81 | # and session processing. If this is enabled, PAM authentication will | |
82 | @@ -82,11 +87,19 @@ | |
83 | # PAM authentication, then enable this but set PasswordAuthentication | |
84 | # and ChallengeResponseAuthentication to 'no'. | |
85 | #UsePAM no | |
86 | +UsePAM yes | |
87 | + | |
88 | +# Accept locale-related environment variables | |
89 | +AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | |
90 | +AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | |
91 | +AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE | |
92 | +AcceptEnv XMODIFIERS | |
93 | ||
94 | #AllowAgentForwarding yes | |
95 | #AllowTcpForwarding yes | |
96 | #GatewayPorts no | |
97 | #X11Forwarding no | |
98 | +X11Forwarding yes | |
99 | #X11DisplayOffset 10 | |
100 | #X11UseLocalhost yes | |
101 | #PrintMotd yes |