Petr Lautrbach
265df55bb8
don't use SSH_FP_MD5 for fingerprints in FIPS mode
2013-10-24 16:41:18 +02:00
Petr Lautrbach
ff7a26b109
6.3p1-2 + 0.9.3-6
2013-10-23 23:14:38 +02:00
Petr Lautrbach
1462de5deb
sshd-keygen to generate ECDSA keys <i.grok@comcast.net> ( #1019222 )
2013-10-23 22:51:32 +02:00
Petr Lautrbach
1f36406833
Increase the size of the Diffie-Hellman groups requested for a each
...
symmetric key size. New values from NIST Special Publication 800-57 with
the upper limit specified by RFC4419. Pointed out by Peter Backes, ok
djm@. (#1010607 )
2013-10-23 22:41:53 +02:00
Petr Lautrbach
d088f94bd9
use default_ccache_name from /etc/krb5.conf for a kerberos cache ( #991186 )
2013-10-23 22:08:19 +02:00
Petr Lautrbach
99076b0f8b
cleanup GSSAPI code
2013-10-23 21:56:25 +02:00
Petr Lautrbach
e40d5d19d9
added Obsoletes: *fips
2013-10-15 17:55:40 +02:00
Petr Lautrbach
9723b77ff6
bring pam_ssh_agent_auth-0.9.3.tar.bz2 back to sources
2013-10-14 17:46:04 +02:00
Petr Lautrbach
bf9d268c1b
upload openssh-6.3p1.tar.gz to cache
2013-10-14 17:38:33 +02:00
Petr Lautrbach
c67d841973
upload openssh-6.3p1.tar.gz to cache
2013-10-14 17:34:32 +02:00
Petr Lautrbach
a92e916970
6.3p1-1 + 0.9.3-6
2013-10-14 15:55:03 +02:00
Petr Lautrbach
84822b5dec
rebase for openssh-6.3p1, remove unused patches ( #1007769 )
2013-10-14 15:54:41 +02:00
Petr Lautrbach
c33ef551ca
6.2p2-9 + 0.9.3-5
2013-10-08 17:28:16 +02:00
Petr Lautrbach
f12afd6496
use dracut-fips file /etc/system-fips to determine if a FIPS module is installed
2013-10-08 17:24:54 +02:00
Petr Lautrbach
2ae5f9ff89
Revert "add -fips subpackages that contains the FIPS module files"
...
This reverts commit 227f4f7628
.
2013-10-08 17:13:39 +02:00
Petr Lautrbach
d4d8299c30
Revert "add missing Requires: openssl-fips in -fips subpackages"
...
This reverts commit a19397fdd2
.
Conflicts:
openssh.spec
2013-10-08 17:06:14 +02:00
Petr Lautrbach
b61d9c10d3
Revert "use hmac_suffix for ssh{,d} hmac checksums"
...
This reverts commit c6724c72f4
.
2013-10-08 17:04:53 +02:00
Petr Lautrbach
47b1c9e6a4
Revert "adjust openssh-6.2p1-vendor.patch after previous commit"
...
This reverts commit 4936e20991
.
2013-10-08 17:04:51 +02:00
Petr Lautrbach
0cc0054215
Revert "use {?dist} tag in suffixes for hmac checksum files"
...
This reverts commit 15244ec178
.
2013-10-08 17:04:40 +02:00
Petr Lautrbach
f344f8490c
6.2p2-8 + 0.9.3-5
2013-09-25 14:13:01 +02:00
Petr Lautrbach
65d16ffe59
sshd-keygen: generate only RSA keys by default ( #1010092 )
2013-09-20 17:25:17 +02:00
Petr Lautrbach
15244ec178
use {?dist} tag in suffixes for hmac checksum files
2013-09-20 17:11:49 +02:00
Petr Lautrbach
eba55f9c1b
6.2p2-7 + 0.9.3-5
2013-09-11 16:54:14 +02:00
Petr Lautrbach
0463fbae2f
automatically restart sshd.service on-failure with 42s interval
2013-09-11 16:52:21 +02:00
Petr Lautrbach
4936e20991
adjust openssh-6.2p1-vendor.patch after previous commit
2013-09-11 16:07:19 +02:00
Petr Lautrbach
c6724c72f4
use hmac_suffix for ssh{,d} hmac checksums
2013-09-11 16:05:58 +02:00
Petr Lautrbach
9acec07a0f
bump the minimum value of SSH_USE_STRONG_RNG to 14 according to SP800-131A
2013-09-10 09:50:09 +02:00
Petr Lautrbach
a19397fdd2
add missing Requires: openssl-fips in -fips subpackages
...
6.2p2-6.1 + 0.9.3-5
2013-08-29 09:32:04 +02:00
Petr Lautrbach
f4e927b62d
6.2p2-6 + 0.9.3-5
2013-08-28 21:28:04 +02:00
Petr Lautrbach
227f4f7628
add -fips subpackages that contains the FIPS module files
2013-08-28 19:37:08 +02:00
Petr Lautrbach
631ffb2c5b
6.2p2-5 + 0.9.3-5
2013-08-01 09:50:41 +02:00
Petr Lautrbach
b20efed7e1
gssapi credentials need to be stored before a pam session opened ( #987792 )
2013-08-01 09:35:58 +02:00
Petr Lautrbach
115aad3f92
6.2p2-4 + 0.9.3-5
2013-07-23 16:01:17 +02:00
Petr Lautrbach
17df27c668
don't show Success for EAI_SYSTEM ( #985964 )
2013-07-23 12:07:49 +02:00
Petr Lautrbach
2ee6810919
make sftp's libedit interface marginally multibyte aware ( #841771 )
2013-06-19 17:10:49 +02:00
Petr Lautrbach
66608a1ded
6.2p2-3 + 0.9.3-5
2013-06-17 17:30:04 +02:00
Petr Lautrbach
aacd017a6d
move kerberos cache to /run/user/<uid>/ by default ( #848228 )
...
fix kerberos cache handling to allow sucessful ticket forwarding
2013-06-17 17:29:55 +02:00
Petr Lautrbach
e6dbb83190
make an object class filter configurable <charles@dyfis.net> ( #963281 )
2013-06-07 15:12:40 +02:00
Petr Lautrbach
e99c4840f1
6.2p2-2 + 0.9.3-5
2013-05-21 18:38:15 +02:00
Petr Lautrbach
678b8081f1
add socket activated sshd units to the package ( #963268 )
2013-05-21 18:37:18 +02:00
Petr Lautrbach
f5022aa5ae
fix the example in the HOWTO.ldap-keys
2013-05-20 15:03:49 +02:00
Petr Lautrbach
f29f755295
remove unused openssh-6.2p1-track-IdentifyFile.patch
2013-05-20 10:25:32 +02:00
Petr Lautrbach
21acbc4795
6.2p2-1 + 0.9.3-5
2013-05-20 09:31:57 +02:00
Petr Lautrbach
d48f1a7bde
always use /sbin/nologin as privsep user's shell
2013-04-24 18:08:00 +02:00
Petr Lautrbach
a92d7445da
6.2p1-4 + 0.9.3-4
2013-04-17 17:12:32 +02:00
Petr Lautrbach
1a246a3ad0
don't use export in sysconfig file ( #953111 )
2013-04-17 16:46:47 +02:00
Petr Lautrbach
df630eaccf
don't use GPLv3 versions of config.{sub,guess}
2013-04-17 16:29:14 +02:00
Petr Lautrbach
1d76d11f64
cleanup spec file and patches
2013-04-16 18:30:43 +02:00
Petr Lautrbach
c276d31b49
6.2p1-3 + 0.9.3-4
2013-04-16 18:15:20 +02:00
Petr Lautrbach
894ab5eaaf
add latest config.{sub,guess} to support aarch64 ( #926284 )
2013-04-16 18:12:15 +02:00