From 11896aa047311514e8baf0d01cd1f3ba5fb55fc3 Mon Sep 17 00:00:00 2001 From: Jan F Date: Tue, 29 Mar 2011 23:25:53 +0200 Subject: [PATCH] add /etc/sysconfig/sshd --- openssh-5.8p1-entropy.patch | 5 ++--- openssh.spec | 9 ++++++++- sshd.sysconfig | 16 ++++++++++++++++ 3 files changed, 26 insertions(+), 4 deletions(-) create mode 100644 sshd.sysconfig diff --git a/openssh-5.8p1-entropy.patch b/openssh-5.8p1-entropy.patch index a3698f9..4d83b3b 100644 --- a/openssh-5.8p1-entropy.patch +++ b/openssh-5.8p1-entropy.patch @@ -26,12 +26,11 @@ diff -up openssh-5.8p1/openbsd-compat/Makefile.in.entropy openssh-5.8p1/openbsd- diff -up openssh-5.8p1/openbsd-compat/port-linux-prng.c.entropy openssh-5.8p1/openbsd-compat/port-linux-prng.c --- openssh-5.8p1/openbsd-compat/port-linux-prng.c.entropy 2011-03-28 16:22:37.508648739 +0200 +++ openssh-5.8p1/openbsd-compat/port-linux-prng.c 2011-03-28 16:22:37.520650578 +0200 -@@ -0,0 +1,56 @@ +@@ -0,0 +1,55 @@ +/* $Id: port-linux.c,v 1.11.4.2 2011/02/04 00:43:08 djm Exp $ */ + +/* -+ * Copyright (c) 2005 Daniel Walsh -+ * Copyright (c) 2006 Damien Miller ++ * Copyright (c) 2011 Jan F. Chadima + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above diff --git a/openssh.spec b/openssh.spec index 3b44fde..fb905bb 100644 --- a/openssh.spec +++ b/openssh.spec @@ -71,7 +71,7 @@ # Do not forget to bump pam_ssh_agent_auth release if you rewind the main package release to 1 %define openssh_ver 5.8p1 -%define openssh_rel 22 +%define openssh_rel 23 %define pam_ssh_agent_ver 0.9.2 %define pam_ssh_agent_rel 30 @@ -93,6 +93,7 @@ Source3: sshd.init Source4: http://prdownloads.sourceforge.net/pamsshagentauth/pam_ssh_agent_auth/pam_ssh_agent_auth-%{pam_ssh_agent_ver}.tar.bz2 Source5: pam_ssh_agent-rmheaders Source6: ssh-keycat.pam +Source7: sshd.sysconfig Patch99: openssh-5.8p1-wIm.patch #https://bugzilla.mindrot.org/show_bug.cgi?id=1635 (WONTFIX) @@ -508,12 +509,14 @@ make install DESTDIR=$RPM_BUILD_ROOT rm -f $RPM_BUILD_ROOT%{_sysconfdir}/ssh/ldap.conf install -d $RPM_BUILD_ROOT/etc/pam.d/ +install -d $RPM_BUILD_ROOT/etc/sysconfig/ install -d $RPM_BUILD_ROOT/etc/rc.d/init.d install -d $RPM_BUILD_ROOT%{_libexecdir}/openssh install -d $RPM_BUILD_ROOT%{_libdir}/fipscheck install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd install -m644 %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/ssh-keycat install -m755 %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd +install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/sshd install -m755 contrib/ssh-copy-id $RPM_BUILD_ROOT%{_bindir}/ install contrib/ssh-copy-id.1 $RPM_BUILD_ROOT%{_mandir}/man1/ @@ -632,6 +635,7 @@ fi %attr(0644,root,root) %{_mandir}/man8/sftp-server.8* %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config %attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd +%attr(0640,root,root) %config(noreplace) /etc/sysconfig/sshd %attr(0755,root,root) /etc/rc.d/init.d/sshd %endif @@ -668,6 +672,9 @@ fi %endif %changelog +* Tue Mar 29 2011 Jan F. Chadima - 5.8p1-23 + 0.9.2-30 +- add /etc/sysconfig/sshd + * Mon Mar 28 2011 Jan F. Chadima - 5.8p1-22 + 0.9.2-30 - improve reseeding and seed source (documentation) diff --git a/sshd.sysconfig b/sshd.sysconfig new file mode 100644 index 0000000..cdc3d39 --- /dev/null +++ b/sshd.sysconfig @@ -0,0 +1,16 @@ +# Configuration file for the sshd service. + +# The server keys are automatically generated if they ommited +# to change the automatic creation uncomment the approprite +# line. + +# AUTOCREATE_SERVER_KEYS=RSAONLY +# AUTOCREATE_SERVER_KEYS=NO +AUTOCREATE_SERVER_KEYS=YES + +# Do not change this option unless you have hardware random +# generator and you REALLY know what you are doing/ + +export SSH_USE_STRONG_RNG=0 +# export SSH_USE_STRONG_RNG=1 +