forked from rpms/openssh
bbf61daf97
New upstream release including: * Dropping entropy patch * Remove default support for MD5 fingerprints * Porting all the downstream patches and pam_ssh_agent_auth to new sshbuf and sshkey API * pam_ssh_agent_auth is no longer using MD5 fingerprints
27 lines
888 B
Diff
27 lines
888 B
Diff
diff --git a/sshd.c b/sshd.c
|
|
--- a/sshd.c
|
|
+++ b/sshd.c
|
|
@@ -1701,6 +1701,10 @@ main(int ac, char **av)
|
|
parse_server_config(&options, rexeced_flag ? "rexec" : config_file_name,
|
|
cfg, NULL);
|
|
|
|
+ /* 'UsePAM no' is not supported in Fedora */
|
|
+ if (! options.use_pam)
|
|
+ logit("WARNING: 'UsePAM no' is not supported in Fedora and may cause several problems.");
|
|
+
|
|
seed_rng();
|
|
|
|
/* Fill in default values for those options not explicitly set. */
|
|
diff --git a/sshd_config b/sshd_config
|
|
--- a/sshd_config
|
|
+++ b/sshd_config
|
|
@@ -101,6 +101,8 @@ GSSAPICleanupCredentials no
|
|
# If you just want the PAM account and session checks to run without
|
|
# PAM authentication, then enable this but set PasswordAuthentication
|
|
# and ChallengeResponseAuthentication to 'no'.
|
|
+# WARNING: 'UsePAM no' is not supported in Fedora and may cause several
|
|
+# problems.
|
|
UsePAM yes
|
|
|
|
#AllowAgentForwarding yes
|