rpms/openssh
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Commit Graph

  • 57666dc3be fix gsskex patch to correctly handle MONITOR_REQ_GSSSIGN request (#1118005) Petr Lautrbach 2014-11-12 17:02:36 +0100
  • a1e1ac2bfc 6.6.1p1-7 + 0.9.3-3 Petr Lautrbach 2014-11-07 12:53:03 +0100
  • 65a6cd2d8c correct the calculation of bytes for authctxt->krb5_ccname <ams@corefiling.com> (#1161073) Petr Lautrbach 2014-11-07 12:52:06 +0100
  • 3b7c8620a1 6.6.1p1-6 + 0.9.3-3 Petr Lautrbach 2014-11-04 19:09:42 +0100
  • 5296a797aa privsep_preauth: use SELinux context from selinux-policy (#1008580) Petr Lautrbach 2014-10-14 13:10:45 +0200
  • 414bfae1bc change audit trail - do not use (invalid user) - change acct for an unknown user "(unknown)" - don't send login audit event in getpwnamallow() Petr Lautrbach 2014-11-03 16:30:07 +0100
  • 30c06a07fb fix kuserok patch which checked for the existence of .k5login unconditionally and hence prevented other mechanisms to be used properly Petr Lautrbach 2014-10-24 20:10:20 +0200
  • 1ba984dcf2 revert the default of KerberosUseKuserok back to yes (#1153076) Petr Lautrbach 2014-10-24 19:59:55 +0200
  • 0f0e055d6a Ignore SIGXFSZ in postauth monitor https://bugzilla.mindrot.org/show_bug.cgi?id=2263 Petr Lautrbach 2014-09-29 08:37:05 +0200
  • 4b24967a9c fix parsing of empty arguments in sshd_conf https://bugzilla.mindrot.org/show_bug.cgi?id=2281 Petr Lautrbach 2014-09-25 11:45:47 +0200
  • c8fc193f3d sshd-keygen - don't generate DSA and ED25519 host keys in FIPS mode Stanislav Zidek 2014-09-23 10:59:03 +0200
  • afde9f8153 6.6.1p1-5 + 0.9.3-3 Petr Lautrbach 2014-09-08 10:35:57 +0200
  • ce2d80b4e7 don't consider a partial success as a failure Petr Lautrbach 2014-09-04 16:33:25 +0200
  • 163064841f apply RFC3454 stringprep to banners when possible https://bugzilla.mindrot.org/show_bug.cgi?id=2058 Petr Lautrbach 2014-09-03 15:44:40 +0200
  • c16b7033ca change the rsa key generation error message due to FIPS restrictions in openssl Petr Lautrbach 2014-09-02 15:41:49 +0200
  • 0a3f4e122d set a client's address right after a connection is set http://bugzilla.mindrot.org/show_bug.cgi?id=2257 Petr Lautrbach 2014-09-01 17:35:01 +0200
  • 662c5a05b3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild Peter Robinson 2014-08-17 14:08:07 +0000
  • e336e33a32 fix license handling Tom Callaway 2014-07-18 19:28:30 -0400
  • 8ff21c966a 6.6.1p1-3 + 0.9.3-2 Petr Lautrbach 2014-07-18 08:38:51 +0200
  • 817071dc4d standardise on NI_MAXHOST for gethostname() string lengths (#1051490) Petr Lautrbach 2014-07-17 14:26:49 +0200
  • cef0d582b6 6.6.1p1-2 + 0.9.3-2 Petr Lautrbach 2014-07-14 12:35:16 +0200
  • d8b90ac6f8 minor spec file cleanup Petr Lautrbach 2014-07-09 21:40:06 +0200
  • 8028159313 fix and rebase fips patch to 6.6.1p1 Petr Lautrbach 2014-07-09 21:16:53 +0200
  • 9f526c6f31 cleanup and remove FIPS code from audit patch Petr Lautrbach 2014-07-09 21:08:53 +0200
  • 5160c9c8f3 rebase audit patch for 6.6.1p1 Petr Lautrbach 2014-07-08 15:52:24 +0200
  • 26621fa3b8 Add pam_reauthorize.so to sshd.pam (#1115977) Stef Walter 2014-07-03 13:58:57 +0200
  • 86f29c353e bring back openssh-5.5p1-x11.patch Petr Lautrbach 2014-07-03 16:42:56 +0200
  • 5fcfcac428 drop openssh-5.8p2-remove-stale-control-socket.patch Petr Lautrbach 2014-07-03 16:23:00 +0200
  • 8b5feef2c8 bring back the openssh-5.8p2-sigpipe.patch Petr Lautrbach 2014-07-03 16:14:38 +0200
  • d1b0938acc - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild Dennis Gilmore 2014-06-07 12:01:42 -0500
  • 7463b66c25 add missing patches and remove unused patches Petr Lautrbach 2014-06-04 10:26:18 +0200
  • 3e1dd6c5fd add forgotten openssh-6.6p1-gsskex.patch Petr Lautrbach 2014-06-04 10:17:31 +0200
  • 5cde9cd3f2 6.6.1p1-1 + 0.9.3-2 Petr Lautrbach 2014-06-03 17:52:36 +0200
  • d1c2eb285e slightly change systemd units logic - use sshd-keygen.service (#1066615) Petr Lautrbach 2014-06-03 17:47:56 +0200
  • fb6f390a78 drop openssh-server-sysvinit subpackage Petr Lautrbach 2014-05-08 11:13:15 +0200
  • 4253bf87ac add support for ED25519 keys to sshd-keygen and sshd.sysconfig Petr Lautrbach 2014-04-09 13:37:47 +0200
  • 44fb3c6aeb OpenSSH 6.5 and 6.6 sometimes encode a value used in the curve25519 key exchange incorrectly, causing connection failures about 0.2% of the time when this method is used against a peer that implements the method properly. Petr Lautrbach 2014-06-03 17:18:36 +0200
  • 94c6f8ddcc rebase to openssh-6.6p1 Petr Lautrbach 2014-06-03 16:51:07 +0200
  • d75575229f 6.4p1-4 + 0.9.3-1 Petr Lautrbach 2014-05-15 10:37:16 +0200
  • 8f8619e1e6 ignore environment variables with embedded '=' or '\0' characters (#1077843) CVE-2014-2532 Petr Lautrbach 2014-05-15 09:55:25 +0200
  • d271e02296 prevent a server from skipping SSHFP lookup (#1081338) CVE-2014-2653 Petr Lautrbach 2014-05-14 18:04:10 +0200
  • 9a031d2641 try CLOCK_BOOTTIME with fallback (#1091992) Petr Lautrbach 2014-05-14 17:27:32 +0200
  • f3b39bb6cb don't clean up gssapi credentials by default (#1055016) Petr Lautrbach 2014-02-26 17:08:07 +0100
  • f9f83a00b5 make /etc/ssh/moduli file public (#1043661) Petr Lautrbach 2014-02-26 15:53:34 +0100
  • c3c35d5f25 fix ssh-copy-id (#1058792) Petr Lautrbach 2014-01-28 17:14:30 +0100
  • e2813b36f4 log fipscheck verification message into syslog authpriv Petr Lautrbach 2014-01-27 20:07:26 +0100
  • 9060bbe156 sshd-keygen.service - don't check dsa key, use ecdsa instead Petr Lautrbach 2014-02-19 13:58:34 +0100
  • 96df3b5ecb use tty allocation for a remote scp Petr Lautrbach 2014-01-20 19:41:27 +0100
  • b898cbf5e1 Run ssh-copy-id in the legacy mode when SSH_COPY_ID_LEGACY variable is set Petr Lautrbach 2014-01-20 16:41:00 +0100
  • 084bc6fca5 FIPS mode - adjust the key echange DH groups and ssh-keygen according to SP800-131A Petr Lautrbach 2014-01-20 15:24:47 +0100
  • 222dd2e358 6.4p1-3 + 0.9.3-1 Petr Lautrbach 2013-12-11 14:32:11 +0100
  • 2b2955a332 use only rsa and ecdsa host keys by default Petr Lautrbach 2013-12-09 17:30:18 +0100
  • 545aa0d026 sshd-keygen - create an ecdsa host key with 640 permissions (#1023945) Petr Lautrbach 2013-12-09 11:14:59 +0100
  • 89d920b074 6.4p1-2 + 0.9.3-1 Petr Lautrbach 2013-11-26 15:28:39 +0100
  • 82d2beb4d4 fix fatal() cleanup in the audit patch (#1029074) Petr Lautrbach 2013-11-26 13:22:08 +0100
  • 36a09e37e8 fix parsing logic of ldap.conf file (#1033662) Petr Lautrbach 2013-11-26 11:10:04 +0100
  • 8f439b3006 minor change in HOWTO.ssh-keycat - s/AuthorizedKeysCommandRunAs/AuthorizedKeysCommandUser/ Petr Lautrbach 2013-11-25 15:40:42 +0100
  • 09e9ef3d7c 6.4p1-1 + 0.9.3-1 Petr Lautrbach 2013-11-08 13:38:07 +0100
  • 27189b85ef rebase audit patch for openssh-6.4p1 Petr Lautrbach 2013-11-08 13:33:51 +0100
  • 3ed6191f56 6.3p1-5 + 0.9.3-7 Petr Lautrbach 2013-11-01 17:07:27 +0100
  • 5795323a53 don't use xfree in pam_ssh_agent_auth sources <geertj@gmail.com> (#1024965) Petr Lautrbach 2013-11-01 17:04:34 +0100
  • 3834483295 adjust gss kex mechanism to the upstream changes (#1024004) Petr Lautrbach 2013-10-31 11:30:12 +0100
  • 7feb965804 6.3p1-4 + 0.9.3-6 Petr Lautrbach 2013-10-25 15:46:49 +0200
  • 2add7a8ff5 rebuild with openssl-1.0.1e-29.fc20 to enable ECC support Petr Lautrbach 2013-10-25 15:19:26 +0200
  • f0aa6e5f51 rebuild with openssl-1.0.1e-29.fc20 to enable ECC support Petr Lautrbach 2013-10-25 14:46:48 +0200
  • a5e23f2861 6.3p1-3 + 0.9.3-6 Petr Lautrbach 2013-10-24 16:38:21 +0200
  • 265df55bb8 don't use SSH_FP_MD5 for fingerprints in FIPS mode Petr Lautrbach 2013-10-24 15:57:11 +0200
  • ff7a26b109 6.3p1-2 + 0.9.3-6 Petr Lautrbach 2013-10-23 23:14:38 +0200
  • 1462de5deb sshd-keygen to generate ECDSA keys <i.grok@comcast.net> (#1019222) Petr Lautrbach 2013-10-23 22:51:32 +0200
  • 1f36406833 Increase the size of the Diffie-Hellman groups requested for a each symmetric key size. New values from NIST Special Publication 800-57 with the upper limit specified by RFC4419. Pointed out by Peter Backes, ok djm@. (#1010607) Petr Lautrbach 2013-10-23 22:41:53 +0200
  • d088f94bd9 use default_ccache_name from /etc/krb5.conf for a kerberos cache (#991186) Petr Lautrbach 2013-10-23 22:08:19 +0200
  • 99076b0f8b cleanup GSSAPI code Petr Lautrbach 2013-10-23 21:56:25 +0200
  • e40d5d19d9 added Obsoletes: *fips Petr Lautrbach 2013-10-15 17:53:42 +0200
  • 9723b77ff6 bring pam_ssh_agent_auth-0.9.3.tar.bz2 back to sources Petr Lautrbach 2013-10-14 17:46:04 +0200
  • bf9d268c1b upload openssh-6.3p1.tar.gz to cache Petr Lautrbach 2013-10-14 17:38:33 +0200
  • c67d841973 upload openssh-6.3p1.tar.gz to cache Petr Lautrbach 2013-10-14 17:34:32 +0200
  • a92e916970 6.3p1-1 + 0.9.3-6 Petr Lautrbach 2013-10-14 15:55:03 +0200
  • 84822b5dec rebase for openssh-6.3p1, remove unused patches (#1007769) Petr Lautrbach 2013-10-14 15:54:41 +0200
  • c33ef551ca 6.2p2-9 + 0.9.3-5 Petr Lautrbach 2013-10-08 17:28:16 +0200
  • f12afd6496 use dracut-fips file /etc/system-fips to determine if a FIPS module is installed Petr Lautrbach 2013-10-08 17:24:54 +0200
  • 2ae5f9ff89 Revert "add -fips subpackages that contains the FIPS module files" Petr Lautrbach 2013-10-08 17:13:39 +0200
  • d4d8299c30 Revert "add missing Requires: openssl-fips in -fips subpackages" Petr Lautrbach 2013-10-08 17:06:14 +0200
  • b61d9c10d3 Revert "use hmac_suffix for ssh{,d} hmac checksums" Petr Lautrbach 2013-10-08 17:04:53 +0200
  • 47b1c9e6a4 Revert "adjust openssh-6.2p1-vendor.patch after previous commit" Petr Lautrbach 2013-10-08 17:04:51 +0200
  • 0cc0054215 Revert "use {?dist} tag in suffixes for hmac checksum files" Petr Lautrbach 2013-10-08 17:04:40 +0200
  • f344f8490c 6.2p2-8 + 0.9.3-5 Petr Lautrbach 2013-09-25 14:13:01 +0200
  • 65d16ffe59 sshd-keygen: generate only RSA keys by default (#1010092) Petr Lautrbach 2013-09-20 17:25:17 +0200
  • 15244ec178 use {?dist} tag in suffixes for hmac checksum files Petr Lautrbach 2013-09-20 17:11:49 +0200
  • eba55f9c1b 6.2p2-7 + 0.9.3-5 Petr Lautrbach 2013-09-11 16:54:14 +0200
  • 0463fbae2f automatically restart sshd.service on-failure with 42s interval Petr Lautrbach 2013-09-11 16:38:22 +0200
  • 4936e20991 adjust openssh-6.2p1-vendor.patch after previous commit Petr Lautrbach 2013-09-11 16:07:19 +0200
  • c6724c72f4 use hmac_suffix for ssh{,d} hmac checksums Petr Lautrbach 2013-09-11 16:05:58 +0200
  • 9acec07a0f bump the minimum value of SSH_USE_STRONG_RNG to 14 according to SP800-131A Petr Lautrbach 2013-09-10 09:50:09 +0200
  • a19397fdd2 add missing Requires: openssl-fips in -fips subpackages 6.2p2-6.1 + 0.9.3-5 Petr Lautrbach 2013-08-28 21:57:17 +0200
  • f4e927b62d 6.2p2-6 + 0.9.3-5 Petr Lautrbach 2013-08-28 21:28:04 +0200
  • 227f4f7628 add -fips subpackages that contains the FIPS module files Petr Lautrbach 2013-08-28 19:37:08 +0200
  • 631ffb2c5b 6.2p2-5 + 0.9.3-5 Petr Lautrbach 2013-08-01 09:50:41 +0200
  • b20efed7e1 gssapi credentials need to be stored before a pam session opened (#987792) Petr Lautrbach 2013-07-31 13:40:20 +0200
  • 115aad3f92 6.2p2-4 + 0.9.3-5 Petr Lautrbach 2013-07-23 16:01:17 +0200
  • 17df27c668 don't show Success for EAI_SYSTEM (#985964) Petr Lautrbach 2013-07-23 12:07:49 +0200