Date: 02 Jul 2002 01:59:47 +0200 From: Dag-Erling Smorgrav <des@ofug.org> To: audit@freebsd.org Subject: Full OpenSSH patch for -STABLE Message-ID: <xzp8z4vdmoc.fsf@flood.ping.uio.no>
next in thread | raw e-mail | index | archive | help
I won't post this one, it's 2.5 MB. You can get it online at:
http://people.freebsd.org/~des/software/openssh-20020701.diff
Notes:
- Privilege separation is disabled as it breaks Kerberos ticket
passing and possibly other features upon which at least some
-STABLE users depend. I will enable privsep once the Kerberos
issue (and any other issues that may crop up) have been resolved,
which probably means "some time after the next OpenSSH release".
- The patch updates some PAM modules, and changes pam_std_option() in
a way that breaks the PAM library / module interface, though only
FreeBSD's own modules are affected since pam_std_option() is a
FreeBSD hack. This should make PAM much more useful in -STABLE,
particularly as applies to OpenSSH, without going all the way and
converting the entire userland to PAM like I've done in -CURRENT.
- The patch is not 100% complete; there are still a few nits like
what value to pick for VersionAddendum (since this version will not
be entirely identical to the one in -CURRENT) and I'm not entirely
done fixing pam_ssh(8).
DES
--
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp8z4vdmoc.fsf>