[openssh] the private keys may be 640 root:ssh_keys ssh_keysign is sgid
Jan F. Chadima
jfch2222 at fedoraproject.org
Fri Apr 22 09:43:22 UTC 2011
commit 0e46f275c6845734bdb6eb5149dd6a96adc6f458
Author: Jan F <jfch at cauvin.jagda.eu>
Date: Fri Apr 22 11:43:01 2011 +0200
the private keys may be 640 root:ssh_keys ssh_keysign is sgid
openssh-5.8p1-localdomain.patch | 14 ++++++++++++++
openssh.spec | 4 ++++
2 files changed, 18 insertions(+), 0 deletions(-)
---
diff --git a/openssh-5.8p1-localdomain.patch b/openssh-5.8p1-localdomain.patch
new file mode 100644
index 0000000..2f21658
--- /dev/null
+++ b/openssh-5.8p1-localdomain.patch
@@ -0,0 +1,14 @@
+diff -up openssh-5.8p1/sshd_config.localdomain openssh-5.8p1/sshd_config
+--- openssh-5.8p1/sshd_config.localdomain 2011-04-22 11:37:49.273648812 +0200
++++ openssh-5.8p1/sshd_config 2011-04-22 11:39:31.758648401 +0200
+@@ -130,6 +130,10 @@ X11Forwarding yes
+ # override default of no subsystems
+ Subsystem sftp /usr/libexec/sftp-server
+
++# Uncomment this if you want to use .local domain
++#Host *.local
++# CheckHostIP no
++
+ # Example of overriding settings on a per-user basis
+ #Match User anoncvs
+ # X11Forwarding no
diff --git a/openssh.spec b/openssh.spec
index b158e3d..88a98e4 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -170,6 +170,8 @@ Patch58: openssh-5.8p1-keycat.patch
Patch60: openssh-5.8p1-gsskex.patch
#?
Patch61: openssh-5.8p1-gssapi-canohost.patch
+#?
+Patch62: openssh-5.8p1-localdomain.patch
#---
#https://bugzilla.mindrot.org/show_bug.cgi?id=1604
# sctp
@@ -370,6 +372,7 @@ popd
%patch58 -p1 -b .keycat
%patch60 -p1 -b .gsskex
%patch61 -p1 -b .canohost
+%patch62 -p1 -b .localdomain
autoreconf
pushd pam_ssh_agent_auth-%{pam_ssh_agent_ver}
@@ -670,6 +673,7 @@ fi
%changelog
* Fri Apr 22 2011 Jan F. Chadima <jchadima at redhat.com> - 5.8p1-28 + 0.9.2-30
- improving sshd -> passwd transation
+- add template for .local domain to sshd_config
* Thu Apr 21 2011 Jan F. Chadima <jchadima at redhat.com> - 5.8p1-27 + 0.9.2-30
- the private keys may be 640 root:ssh_keys ssh_keysign is sgid
More information about the scm-commits
mailing list