rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity
1,170 Commits 9 Branches 61 Tags 11 MiB
b129d6336e
Commit Graph

857 Commits

Author SHA1 Message Date
Dmitry Belyavskiy
f32b842272 OpenSSH release update 
Resolves: rhbz#1950819
8.5p1 => 8.6p1
 2021-04-29 16:37:35 +02:00
Rex Dieter
44aae310bd create userunit dir before installing to it 
*shrug*, for posterity, consider using
install -D ...
 2021-03-09 09:33:17 -06:00
Rex Dieter
9979ff5307 ssh-agent.serivce is user unit (#1761817#27) 2021-03-09 09:19:14 -06:00
Rex Dieter
5f230a4999 -clients: provide ssh-agent.service (#1761817) 2021-03-04 15:10:26 +01:00
Jakub Jelen
25c16c68f5 openssh-8.5p1-1 + 0.10.4-2 2021-03-03 11:08:52 +01:00
Zbigniew Jędrzejewski-Szmek
6e1851c5ba Rebuilt for updated systemd-rpm-macros 
See https://pagure.io/fesco/issue/2583.
 2021-03-02 16:13:10 +01:00
Fedora Release Engineering
7347a74385 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2021-01-26 22:36:09 +00:00
Jakub Jelen
ab05c4fa21 8.4p1-5 + 0.10.4-1 (forgotten version bump) 2021-01-22 17:35:02 +01:00
Jakub Jelen
106b283ba5 8.4p1-5 + 0.10.4-1 2021-01-22 12:58:02 +01:00
Timothée Ravier
a886069993 Use /usr/share/empty.ssh instead of /var/empty/sshd 
This has the following advantages:
  * Removes a dependency on a directory stored in /var
  * /usr is mounted read only on ostree based systems (CoreOS, Silverblue)

This also removes the tmpfiles config.

Edit Jakub Jelen: Removed the version bump from PR

https://src.fedoraproject.org/rpms/openssh/pull-request/14
 2021-01-22 12:57:36 +01:00
Jakub Jelen
1a45c5da8d Remove openssh-cavs subpackage as it is no longer needed and broken anyway 
The CAVS drivers were used for FIPS certification when OpenSSH used to
be a FIPS module. This is no longer the case and these leftovers
were left in place until they work. This is no longer the case either
so lets get rid of 1000 lines of patches.
 2021-01-22 12:50:51 +01:00
Jakub Jelen
258db094bd 8.4p1-4 + 0.10.4-1 2020-12-01 09:54:21 +01:00
Jakub Jelen
d8a80c8be6 Fix Obsoletes for openssh-ldap (#1902084) 2020-12-01 09:53:40 +01:00
Jakub Jelen
b6df6b3e29 List updated RFC 2020-11-26 11:48:54 +01:00
Jakub Jelen
126d278fec 8.4p1-3 + 0.10.4-1 2020-11-19 15:08:05 +01:00
Jakub Jelen
6a07699454 Compatibility with Debian's openssh-7.4p1 (#1881301) 
This only version does incorrectly reports server_sig_algorithms
extension and in Fedora 33 with disabled SHA1, clients are unable
to connect to Debian servers
 2020-11-19 15:08:05 +01:00
Jakub Jelen
bbe3c2e156 Fix missing syscall in sandbox on arm (#1897712) 2020-11-19 15:08:02 +01:00
Jakub Jelen
a048fcc3d0 8.4p1-2 + 0.10.4-1 2020-10-06 10:01:41 +02:00
Jakub Jelen
dc5e3131ec Unbreak ssh-copy-id (#1884231) 2020-10-06 10:01:23 +02:00
Jakub Jelen
7b064ea363 Add missing changelog 2020-09-29 16:10:09 +02:00
Jakub Jelen
bd35168662 8.4p1-1 + 0.10.4-1 2020-09-29 14:53:14 +02:00
Jakub Jelen
3783a5da43 Rebase pam_ssh_agent_auth to 0.10.4 2020-09-29 14:53:14 +02:00
Jakub Jelen
7e9d046986 Remove support for building rescue CD 
This is not used for close to 20 years and is broken at least from Fedora 31
 2020-09-07 09:37:58 +02:00
Jakub Jelen
10cdecf4f1 8.3p1-4 + 0.10.3-10 2020-08-28 20:14:42 +02:00
Jakub Jelen
44157573e5 Remove openssh-ldap subpackage 2020-08-21 09:40:42 +02:00
Jakub Jelen
68460c09bb Use make macros 
Based on https://src.fedoraproject.org/rpms/openssh/pull-request/11

https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
 2020-07-31 15:33:21 +02:00
Jakub Jelen
dfeecfb1e8 Drop loading of anaconda configuration from sysconfig including scriptlet to migrate to include drop-in directory 2020-07-31 15:26:55 +02:00
Fedora Release Engineering
fccd87eb18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-07-28 12:48:46 +00:00
Jakub Jelen
996e25f2f9 8.3p1-3 + 0.10.3-10 2020-06-10 14:36:49 +02:00
Jakub Jelen
868439f73a Stop loading crypto policy for command line in service files 2020-06-10 14:35:23 +02:00
Jakub Jelen
8b7ddfb28b Move included configuration files in order to allow applications to include their defaults 
See more discussin in

https://src.fedoraproject.org/rpms/openssh/pull-request/9#

https://github.com/coreos/fedora-coreos-docs/pull/80#discussion_r434961161
 2020-06-08 21:52:42 +02:00
Jakub Jelen
3bd5ced9ee 8.3p1-2 + 0.10.3-10 2020-06-01 13:51:43 +02:00
Jakub Jelen
5cd9552fc4 8.3p1-1 + 0.10.3-10 2020-05-27 09:57:29 +02:00
Jakub Jelen
efd1b7e5c8 Unbreak corner cases of sshd_config include 2020-05-27 09:53:38 +02:00
Jakub Jelen
4e3553bf2a openssh-8.2p1-3 + 0.10.3-9 2020-04-08 10:27:07 +02:00
Jakub Jelen
eb546ec1a7 Drop fipscheck dependency and non-standard fips checks 2020-03-30 16:38:36 +02:00
Jakub Jelen
02af5cfa17 Do not break X11 forwarding without IPv6 2020-03-30 16:38:36 +02:00
Jakub Jelen
b2417553a2 openssh-8.2p1-2 + 0.10.3-9 2020-02-20 10:34:01 +01:00
Jakub Jelen
82f9421fb4 Build properly with integrated u2f support (#1803948) 2020-02-20 10:32:48 +01:00
Jakub Jelen
51f5c1c99f openssh-8.2p1-1 + 0.10.3-9 2020-02-17 14:34:41 +01:00
Jakub Jelen
a2cffc6e9b openssh-8.1p1-4 + 0.10.3-8 2020-02-03 00:51:53 +01:00
Fedora Release Engineering
657d132847 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2020-01-29 20:24:49 +00:00
Jakub Jelen
62361a761c openssh-8.1p1-3 + 0.10.3-8 2019-11-27 11:16:26 +01:00
Jakub Jelen
c28decf412 Unbreak the seccomp filter also on ARM (#1777054) 2019-11-27 11:15:00 +01:00
Jakub Jelen
d26b44fe7f openssh-8.1p1-2 + 0.10.3-8 2019-11-14 09:24:36 +01:00
Jakub Jelen
6a2fce44b5 Unbreak seccomp filter with latest glibc (#1771946) 2019-11-14 09:18:41 +01:00
Jakub Jelen
36fef5669a openssh-8.1p1-1 + 0.10.3-8 2019-10-09 10:24:21 +02:00
Fedora Release Engineering
0ca1614ae2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-07-25 23:35:32 +00:00
Jakub Jelen
73b069e926 openssh-8.0p1-8 + 0.10.3-7 2019-07-23 09:50:20 +02:00
Jakub Jelen
30922f629c openssh-8.0p1-7 + 0.10.3-7 2019-07-12 23:23:09 +02:00
Jakub Jelen
e9bd9a2128 openssh-8.0p1-6 + 0.10.3-7 2019-07-03 16:52:53 +02:00
Jakub Jelen
36a44721c5 openssh-8.0p1-5 + 0.10.3-7 2019-06-26 14:06:48 +02:00
Jakub Jelen
58ee5c17a8 Drop INSTALL file from docs as recommended by rpmlint checks 2019-06-26 14:06:48 +02:00
Jakub Jelen
eda4c070da Drop unused unversioned Obsoletes and Provides, which are 5 or 10 years old now 2019-06-26 14:06:48 +02:00
Jakub Jelen
4bd6cfb874 Disable root password logins (#1722928) 2019-06-26 14:06:37 +02:00
Jakub Jelen
dad744a32b openssh-8.0p1-4 + 0.10.3-7 2019-06-17 12:49:59 +02:00
Jakub Jelen
50e2b60d3f Provide correct signature type for SHA2 certificates in agent 2019-06-17 12:40:12 +02:00
Jakub Jelen
56fdfa2a52 Use the new OpenSSL API to export PEM files to avoid dependency on MD5 2019-05-30 11:29:43 +02:00
Jakub Jelen
7f1ad371a4 openssh-8.0p1-3 + 0.10.3-7 2019-05-27 10:23:08 +02:00
Jakub Jelen
7a14283cba Drop the problematic patch for updating pw structure after authentication 2019-05-23 15:34:17 +02:00
Jakub Jelen
53c9085316 openssh-8.0p1-2 + 0.10.3-7 2019-05-14 13:45:08 +02:00
Jakub Jelen
f726e51d86 Use OpenSSL KDF 
Resolves: rhbz#1631761
 2019-05-14 13:35:14 +02:00
Jakub Jelen
751cd9acc7 Use OpenSSL high-level API to produce and verify signatures 
Resolves: rhbz#1707485
 2019-05-14 13:32:04 +02:00
Jakub Jelen
6caa973459 Mention crypto-policies in the manual pages instead of the hardcoded defaults 
Resolves: rhbz#1668325
 2019-05-13 14:22:21 +02:00
Jakub Jelen
4feb6a973f Verify SCP vulnerabilities are fixed in the package testsuite 2019-05-10 14:34:35 +02:00
Jakub Jelen
b33caef080 Drop unused patch 2019-05-07 13:45:34 +02:00
Jakub Jelen
def1debf2e openssh-8.0p1-1 + 0.10.3-7 
Resolves rhbz#1701072
 2019-04-29 14:12:13 +02:00
Jakub Jelen
f51d092120 Remove unused parts of spec file 2019-03-27 13:20:32 +01:00
Jakub Jelen
91aa3d4921 openssh-7.9p1-5 + 0.10.3.6 2019-03-12 15:16:35 +01:00
Jakub Jelen
1341391c78 Update cached passwd structure after PAM authentication 2019-03-11 17:17:49 +01:00
Jakub Jelen
7295e97cd1 openssh-7.9p1-4 + 0.10.3.6 2019-02-06 17:19:52 +01:00
Jakub Jelen
d711f557f7 Log when a client requests an interactive session and only sftp is allowed 2019-02-06 17:18:30 +01:00
Jakub Jelen
e8524ac3f4 ssh-copy-id: Minor issues found by shellcheck 2019-02-06 17:18:30 +01:00
Jakub Jelen
8622e384ef ssh-copy-id: Do not fail in case remote system is out of space 2019-02-06 17:18:30 +01:00
Fedora Release Engineering
4e5f61c2a0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2019-02-01 17:32:05 +00:00
Igor Gnatenko
7c726e0a13 Remove obsolete Group tag 
References: https://fedoraproject.org/wiki/Changes/Remove_Group_Tag
 2019-01-28 20:24:24 +01:00
Björn Esser
018ac8d1d9
Rebuilt for libcrypt.so.2 (#1666033) 2019-01-14 19:11:16 +01:00
Jakub Jelen
311908c042 openssh-7.9p1-3 + 0.10.3-6 2019-01-14 15:39:08 +01:00
Jakub Jelen
40d2a04909 CVE-2018-20685 (#1665786) 2019-01-14 11:05:35 +01:00
Jakub Jelen
322896958a Backport several fixes from 7_9 branch (#1665611) 2019-01-14 11:05:35 +01:00
Jakub Jelen
d6cc5f4740 Backport Match final so the crypto-policies do not break canonicalization (#1630166) 2018-11-26 10:16:35 +01:00
Jakub Jelen
a4c0a26cd4 openssh-7.9p1-2 + 0.10.3-6 2018-11-14 09:57:17 +01:00
Jakub Jelen
57e280d1f4 Allow to disable RSA signatures with SHA-1 2018-11-14 09:54:54 +01:00
Jakub Jelen
9f2c8b948c openssh-7.9p1-1 + 0.10.3-6 2018-10-19 11:46:02 +02:00
Jakub Jelen
6666c19414 Do not break gssapi-kex authentication method 2018-10-19 11:41:34 +02:00
Jakub Jelen
eaa7af2e41 rebase patches to openssh-7.9p1 2018-10-19 11:41:07 +02:00
Jakub Jelen
6c9d993869 Follow the system-wide PATH settings 
https://fedoraproject.org/wiki/Features/SbinSanity
 2018-10-03 11:00:12 +02:00
Jakub Jelen
97ee52c0a3 openssh-7.8p1-3 + 0.10.3-5 2018-09-24 15:25:57 +02:00
Jakub Jelen
8ebb9915a3 Cleanup specfile comments 2018-09-24 15:25:40 +02:00
Jakub Jelen
84d3ff9306 Do not let OpenSSH control our hardening flags 2018-09-21 17:22:35 +02:00
Jakub Jelen
8b9448c5ba openssh-7.8p1-2 + 0.10.3-5 2018-08-31 13:32:02 +02:00
Jakub Jelen
9409715f65 Unbreak scp between two IPv6 hosts (#1620333) 2018-08-31 13:26:44 +02:00
Jakub Jelen
afaf23f6c3 Drop unused patch 2018-08-28 10:51:37 +02:00
Jakub Jelen
bbf61daf97 openssh-7.8p1-1 + 0.10.3-5 
New upstream release including:
 * Dropping entropy patch
 * Remove default support for MD5 fingerprints
 * Porting all the downstream patches and pam_ssh_agent_auth
   to new sshbuf and sshkey API
 * pam_ssh_agent_auth is no longer using MD5 fingerprints
 2018-08-24 23:16:24 +02:00
Jakub Jelen
01ba761e18 7.7p1-6 + 0.10.3-4 2018-08-09 14:14:18 +02:00
Jakub Jelen
44e2032a0a fips: Show real list of kex algoritms in FIPS 2018-08-08 10:18:27 +02:00
Fedora Release Engineering
600d4011b5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild 
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
 2018-07-13 15:11:56 +00:00
Jakub Jelen
e1d855438b 7.7p1-5 + 0.10.3-4 2018-07-03 11:27:15 +02:00
Jakub Jelen
6c68d655b2 Disable manual reading of MOTD by default 2018-07-03 11:26:01 +02:00
Jakub Jelen
62f1736470 7.7p1-4 + 0.10.3-4 2018-06-27 14:09:27 +02:00