forked from rpms/openssh
Merged update from upstream sources
This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/openssh.git#557f728956f7a568a02eb8669b5d9d23def4ec7f
This commit is contained in:
parent
314f21a968
commit
f2cb8fc74b
@ -86,7 +86,7 @@ diff -up openssh/sshd_config.redhat openssh/sshd_config
|
||||
diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat
|
||||
--- openssh/sshd_config_redhat.redhat 2020-02-13 18:14:02.268006439 +0100
|
||||
+++ openssh/sshd_config_redhat 2020-02-13 18:19:20.765035947 +0100
|
||||
@@ -0,0 +1,29 @@
|
||||
@@ -0,0 +1,28 @@
|
||||
+# This system is following system-wide crypto policy. The changes to
|
||||
+# crypto properties (Ciphers, MACs, ...) will not have any effect in
|
||||
+# this or following included files. To override some configuration option,
|
||||
@ -96,7 +96,6 @@ diff -up openssh/sshd_config_redhat.redhat openssh/sshd_config_redhat
|
||||
+
|
||||
+SyslogFacility AUTHPRIV
|
||||
+
|
||||
+PasswordAuthentication yes
|
||||
+ChallengeResponseAuthentication no
|
||||
+
|
||||
+GSSAPIAuthentication yes
|
||||
|
11
openssh.spec
11
openssh.spec
@ -51,7 +51,7 @@
|
||||
|
||||
# Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1
|
||||
%global openssh_ver 8.4p1
|
||||
%global openssh_rel 3
|
||||
%global openssh_rel 4
|
||||
%global pam_ssh_agent_ver 0.10.4
|
||||
%global pam_ssh_agent_rel 1
|
||||
|
||||
@ -138,7 +138,7 @@ Patch713: openssh-6.6p1-ctr-cavstest.patch
|
||||
# add SSH KDF CAVS test driver
|
||||
Patch714: openssh-6.7p1-kdf-cavs.patch
|
||||
|
||||
# GSSAPI Key Exchange (RFC 4462 + draft-ietf-curdle-gss-keyex-sha2-08)
|
||||
# GSSAPI Key Exchange (RFC 4462 + RFC 8732)
|
||||
# from https://github.com/openssh-gsskex/openssh-gsskex/tree/fedora/master
|
||||
Patch800: openssh-8.0p1-gssapi-keyex.patch
|
||||
#http://www.mail-archive.com/kerberos@mit.edu/msg17591.html
|
||||
@ -225,7 +225,7 @@ BuildRequires: gcc make
|
||||
BuildRequires: p11-kit-devel
|
||||
BuildRequires: libfido2-devel
|
||||
Recommends: p11-kit
|
||||
Obsoletes: openssh-ldap <= 8.3p1-3
|
||||
Obsoletes: openssh-ldap < 8.3p1-4
|
||||
|
||||
%if %{kerberos5}
|
||||
BuildRequires: krb5-devel
|
||||
@ -669,6 +669,11 @@ test -f %{sysconfig_anaconda} && \
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Dec 01 2020 Jakub Jelen <jjelen@redhat.com> - 8.4p1-4 + 0.10.4-1
|
||||
- Remove "PasswordAuthentication yes" from vendor configuration as it is
|
||||
already default and it might be hard to override.
|
||||
- Fix broken obsoletes for openssh-ldap (#1902084)
|
||||
|
||||
* Thu Nov 19 2020 Jakub Jelen <jjelen@redhat.com> - 8.4p1-3 + 0.10.4-1
|
||||
- Unbreak seccomp filter on arm (#1897712)
|
||||
- Add a workaround for Debian's broken OpenSSH (#1881301)
|
||||
|
Loading…
Reference in New Issue
Block a user