[gsi-openssh/f19] Based on openssh-6.2p2-7.fc19

Mattias Ellert ellert at fedoraproject.org
Thu Dec 12 02:28:53 UTC 2013


commit 509f103f2d6e94c68b00a62d5119e998a9825530
Author: Mattias Ellert <mattias.ellert at fysast.uu.se>
Date:   Thu Dec 12 03:15:00 2013 +0100

    Based on openssh-6.2p2-7.fc19

 gsi-openssh.spec           |    5 ++++-
 gsisshd-keygen             |    2 +-
 openssh-6.2p1-keycat.patch |    2 +-
 3 files changed, 6 insertions(+), 3 deletions(-)
---
diff --git a/gsi-openssh.spec b/gsi-openssh.spec
index edfda19..f5f1ff1 100644
--- a/gsi-openssh.spec
+++ b/gsi-openssh.spec
@@ -29,7 +29,7 @@
 %global ldap 1
 
 %global openssh_ver 6.2p2
-%global openssh_rel 3
+%global openssh_rel 4
 
 Summary: An implementation of the SSH protocol with GSI authentication
 Name: gsi-openssh
@@ -500,6 +500,9 @@ getent passwd sshd >/dev/null || \
 %attr(0644,root,root) %{_unitdir}/gsisshd-keygen.service
 
 %changelog
+* Thu Dec 12 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 6.2p2-4
+- Based on openssh-6.2p2-7.fc19
+
 * Tue Nov 26 2013 Mattias Ellert <mattias.ellert at fysast.uu.se> - 6.2p2-3
 - Based on openssh-6.2p2-6.fc19
 
diff --git a/gsisshd-keygen b/gsisshd-keygen
index 6062362..30f6fbf 100644
--- a/gsisshd-keygen
+++ b/gsisshd-keygen
@@ -95,7 +95,7 @@ do_ecdsa_keygen() {
 		rm -f $ECDSA_KEY
 		if test ! -f $ECDSA_KEY && $KEYGEN -q -t ecdsa -f $ECDSA_KEY -C '' -N '' >&/dev/null; then
 			chgrp ssh_keys $ECDSA_KEY
-			chmod 600 $ECDSA_KEY
+			chmod 640 $ECDSA_KEY
 			chmod 644 $ECDSA_KEY.pub
 			if [ -x /sbin/restorecon ]; then
 			    /sbin/restorecon $ECDSA_KEY.pub
diff --git a/openssh-6.2p1-keycat.patch b/openssh-6.2p1-keycat.patch
index 41770b3..7ad81a1 100644
--- a/openssh-6.2p1-keycat.patch
+++ b/openssh-6.2p1-keycat.patch
@@ -26,7 +26,7 @@ diff -up openssh-6.2p1/HOWTO.ssh-keycat.keycat openssh-6.2p1/HOWTO.ssh-keycat
 +
 +To use ssh-keycat, set these options in /etc/ssh/sshd_config file:
 +        AuthorizedKeysCommand /usr/libexec/openssh/ssh-keycat
-+        AuthorizedKeysCommandRunAs root
++        AuthorizedKeysCommandUser root
 +
 +Do not forget to enable public key authentication:
 +        PubkeyAuthentication yes


More information about the scm-commits mailing list