[gsi-openssh/f18] Based on openssh-6.1p1-11.fc18

Mattias Ellert ellert at fedoraproject.org
Thu Dec 12 02:28:48 UTC 2013 

commit 52febf6fa822d57374379c90b6bef675ed40823e
Author: Mattias Ellert <mattias.ellert at fysast.uu.se>
Date:   Thu Dec 12 03:25:14 2013 +0100

    Based on openssh-6.1p1-11.fc18

 gsi-openssh.spec           |    5 ++++-
 gsisshd-keygen             |    2 +-
 openssh-5.9p1-keycat.patch |    2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)
---
diff --git a/gsi-openssh.spec b/gsi-openssh.spec
index f4516ee..0dc525e 100644
--- a/gsi-openssh.spec
+++ b/gsi-openssh.spec
@@ -32,7 +32,7 @@
 %global nologin 1
 
 %global openssh_ver 6.1p1
-%global openssh_rel 8
+%global openssh_rel 9
 
 Summary: An implementation of the SSH protocol with GSI authentication
 Name: gsi-openssh
@@ -538,6 +538,9 @@ getent passwd sshd >/dev/null || \
 %attr(0644,root,root) %{_unitdir}/gsisshd.service
 
 %changelog
+* Thu Dec 12 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 6.1p1-9
+- Based on openssh-6.1p1-11.fc18
+
 * Tue Nov 26 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 6.1p1-8
 - Based on openssh-6.1p1-10.fc18
 
diff --git a/gsisshd-keygen b/gsisshd-keygen
index 6062362..30f6fbf 100644
--- a/gsisshd-keygen
+++ b/gsisshd-keygen
@@ -95,7 +95,7 @@ do_ecdsa_keygen() {
 		rm -f $ECDSA_KEY
 		if test ! -f $ECDSA_KEY && $KEYGEN -q -t ecdsa -f $ECDSA_KEY -C '' -N '' >&/dev/null; then
 			chgrp ssh_keys $ECDSA_KEY
-			chmod 600 $ECDSA_KEY
+			chmod 640 $ECDSA_KEY
 			chmod 644 $ECDSA_KEY.pub
 			if [ -x /sbin/restorecon ]; then
 			    /sbin/restorecon $ECDSA_KEY.pub
diff --git a/openssh-5.9p1-keycat.patch b/openssh-5.9p1-keycat.patch
index 1630c39..d517757 100644
--- a/openssh-5.9p1-keycat.patch
+++ b/openssh-5.9p1-keycat.patch
@@ -26,7 +26,7 @@ diff -up openssh-6.1p1/HOWTO.ssh-keycat.keycat openssh-6.1p1/HOWTO.ssh-keycat
 +
 +To use ssh-keycat, set these options in /etc/ssh/sshd_config file:
 +        AuthorizedKeysCommand /usr/libexec/openssh/ssh-keycat
-+        AuthorizedKeysCommandRunAs root
++        AuthorizedKeysCommandUser root
 +
 +Do not forget to enable public key authentication:
 +        PubkeyAuthentication yes

More information about the scm-commits mailing list