Commit Graph

841 Commits

Author SHA1 Message Date
Dmitry Belyavskiy
b615362fd0 Restore upstream default host key permissions (rhbz#2141272) 2023-01-23 16:01:47 +01:00
Fedora Release Engineering
cc56e874e8 Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2023-01-19 22:57:59 +00:00
Dmitry Belyavskiy
c9904c7c8a Fix build against updated OpenSSL
Resolves: rhbz#2158966
2023-01-09 12:48:20 +01:00
Norbert Pocs
ebc2a70dee Add additional audit loggin
Additional information audited about the SSH key used to log in

Resolves: rhbz#2049947

Signed-off-by: Norbert Pocs <npocs@redhat.com>
2022-10-24 19:22:09 +02:00
Dmitry Belyavskiy
f79c122b0b Check IP opts length
Resolves: rhbz#1960015
2022-10-21 17:53:00 +02:00
Anthony Rabbito
09b309fe0e
bump release after rebase
Signed-off-by: Anthony Rabbito <hello@anthonyrabbito.com>
2022-10-05 20:01:41 -04:00
Anthony Rabbito
499c2eb7ec
fix: source order
Signed-off-by: Anthony Rabbito <hello@anthonyrabbito.com>
2022-10-05 19:58:14 -04:00
Anthony Rabbito
9417892cb7
openssh-clients: create a user socket unit for ssh-agent (rhbz#2125576)
Signed-off-by: Anthony Rabbito <hello@anthonyrabbito.com>
2022-10-05 19:58:11 -04:00
Dmitry Belyavskiy
aa843e85ee RSAMinSize => RequiredRSASize 2022-09-29 15:42:34 +02:00
Luca BRUNO
26c275d66e openssh: move users/groups creation logic to sysusers.d fragments
See https://docs.fedoraproject.org/en-US/packaging-guidelines/UsersAndGroups/#_dynamic_allocation
2022-09-02 14:47:11 +00:00
Alexander Sosedkin
42b22d9ad2 Mark HostbasedAcceptedAlgorithms as governed by crypto-policies 2022-08-24 13:11:22 +02:00
Dmitry Belyavskiy
483723014e Port patches from CentOS - RSAMinSize
Related: rhbz#2117264
2022-08-17 10:06:13 +02:00
Dmitry Belyavskiy
03150f6281 OpenSSH Rebase to 9.0p1
Related: rhbz#2057466
2022-08-15 09:28:25 +02:00
Dmitry Belyavskiy
9fd6981674 Add patches from CentOS/RHEL9.1
Related: rhbz#2117264
2022-08-10 19:58:47 +02:00
Luca BRUNO
14d7b86a50 openssh: use allocated static GID for 'ssh_keys' group (rhbz#2104595)
This uses the static GID 101 allocated for group `ssh_keys`.
See FPC ticket for discussion/approval.

Ref: https://pagure.io/packaging-committee/issue/1188
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2104595
2022-08-01 15:15:08 +00:00
Fedora Release Engineering
5b072577e1 Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-07-22 02:14:56 +00:00
Dmitry Belyavskiy
ae82569b18 Disable locale forwarding in OpenSSH
Resolves: rhbz#2002739
2022-04-29 11:43:53 +02:00
Cedric Staniewski
95d45cee50 Build gnome-ssh-askpass against gtk3 2022-03-02 21:59:26 +01:00
Jay W
bffeef3c12 Update openssh.spec to allow flatpak builds 2022-02-09 16:10:10 +00:00
Fedora Release Engineering
6c5dd84a55 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2022-01-20 22:29:14 +00:00
Dmitry Belyavskiy
7b76af5292 OpenSSH 8.8p1 rebase
Related: rhbz#2007967
2021-11-29 14:37:28 +01:00
Dmitry Belyavskiy
c5e4c28ae1 Upstream fix for CVE-2021-41617
Resolves: rhbz#2008292
2021-09-29 13:39:26 +02:00
Dmitry Belyavskiy
640f2450c4 fixup! OpenSSH 8.7p1 patches rebase 2021-09-16 16:04:36 +02:00
Sahana Prasad
4d585ee5a4 Rebuilt with OpenSSL 3.0.0 2021-09-14 19:10:22 +02:00
Dmitry Belyavskiy
b8319d7f17 spec and sources updated 2021-09-01 16:35:39 +02:00
Fedora Release Engineering
bdde8987e3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-07-22 17:20:35 +00:00
Dmitry Belyavskiy
d761d9a626 restore the blocking mode on standard output - upstream
Resolves: rhbz#1942901
2021-06-21 13:12:47 +02:00
Timm Bäder
2f2c30932e Use %set_build_flags to set build flags
The previous version fo the spec file was trying to append flags to e.g.
LDFLAGS, but those are empty without doing a %set_build_flags first.
Use %set_build_flags to populate all build flags.
2021-05-25 08:10:41 +02:00
Dmitry Belyavskiy
5e2b7dfb9e Missing version bump
Resolves: rhbz#1963059
2021-05-21 18:09:44 +02:00
Dmitry Belyavskiy
fddba54ba2 Hostbased ssh authentication fails if session ID contains a '/'
Resolves: rhbz#1963059
2021-05-21 17:57:13 +02:00
Dmitry Belyavskiy
4d4feb650d restore the blocking mode on standard output
Resolves rhbz#1942901
2021-05-10 11:30:58 +02:00
Dmitry Belyavskiy
ac2648baae pam_auth version bump 2021-04-30 17:06:28 +02:00
Dmitry Belyavskiy
f0f3114095 pam_auth version bump 2021-04-30 16:57:20 +02:00
Dmitry Belyavskiy
df26987d52 Fixes from RHEL 8.5.0 2021-04-29 16:37:35 +02:00
Dmitry Belyavskiy
f32b842272 OpenSSH release update
Resolves: rhbz#1950819
8.5p1 => 8.6p1
2021-04-29 16:37:35 +02:00
Rex Dieter
44aae310bd create userunit dir before installing to it
*shrug*, for posterity, consider using
install -D ...
2021-03-09 09:33:17 -06:00
Rex Dieter
9979ff5307 ssh-agent.serivce is user unit (#1761817#27) 2021-03-09 09:19:14 -06:00
Rex Dieter
5f230a4999 -clients: provide ssh-agent.service (#1761817) 2021-03-04 15:10:26 +01:00
Jakub Jelen
25c16c68f5 openssh-8.5p1-1 + 0.10.4-2 2021-03-03 11:08:52 +01:00
Zbigniew Jędrzejewski-Szmek
6e1851c5ba Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.
2021-03-02 16:13:10 +01:00
Fedora Release Engineering
7347a74385 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
2021-01-26 22:36:09 +00:00
Jakub Jelen
ab05c4fa21 8.4p1-5 + 0.10.4-1 (forgotten version bump) 2021-01-22 17:35:02 +01:00
Jakub Jelen
106b283ba5 8.4p1-5 + 0.10.4-1 2021-01-22 12:58:02 +01:00
Timothée Ravier
a886069993 Use /usr/share/empty.ssh instead of /var/empty/sshd
This has the following advantages:
  * Removes a dependency on a directory stored in /var
  * /usr is mounted read only on ostree based systems (CoreOS, Silverblue)

This also removes the tmpfiles config.

Edit Jakub Jelen: Removed the version bump from PR

https://src.fedoraproject.org/rpms/openssh/pull-request/14
2021-01-22 12:57:36 +01:00
Jakub Jelen
1a45c5da8d Remove openssh-cavs subpackage as it is no longer needed and broken anyway
The CAVS drivers were used for FIPS certification when OpenSSH used to
be a FIPS module. This is no longer the case and these leftovers
were left in place until they work. This is no longer the case either
so lets get rid of 1000 lines of patches.
2021-01-22 12:50:51 +01:00
Jakub Jelen
258db094bd 8.4p1-4 + 0.10.4-1 2020-12-01 09:54:21 +01:00
Jakub Jelen
d8a80c8be6 Fix Obsoletes for openssh-ldap (#1902084) 2020-12-01 09:53:40 +01:00
Jakub Jelen
b6df6b3e29 List updated RFC 2020-11-26 11:48:54 +01:00
Jakub Jelen
126d278fec 8.4p1-3 + 0.10.4-1 2020-11-19 15:08:05 +01:00
Jakub Jelen
6a07699454 Compatibility with Debian's openssh-7.4p1 (#1881301)
This only version does incorrectly reports server_sig_algorithms
extension and in Fedora 33 with disabled SHA1, clients are unable
to connect to Debian servers
2020-11-19 15:08:05 +01:00