This now matches the PermitRootLogin configuration of OpenSSH in
the base system. Please be aware of this when upgrading your
OpenSSH port, and if truly necessary, re-enable remote root login
by readjusting this option in your sshd_config.
Users are encouraged to create single-purpose users with ssh keys
and very narrowly defined sudo privileges instead of using root
for automated tasks.
ChallengeResponseAuthentication no
UseLogin no
SSH_PRIVSEP_USER=sshd, distributioin patch set it to nobodyh. (Jan Srzednicki)
#undef USE_PIPES, problems with ppp over ssh. (Kugimoto Takeshi)
fix missing includes for "canohost.h"
Options for both:
USE_OPENSSL_BASE=yes
uses an older opensssl in the base system.
Options for portable:
OPENSSH_OVERWRITE_BASE=yes
includes USE_OPENSSL_BASE=yes
installls in the paths of the base system
Fix build with SKEY=yes, pr# 36119
Cleanup pw_expire handling.
Add missing includes
Changes defaults to: PermitRootLogin=no, UsePrivilegeSeparation=no
Use $PREFIX/etc/ssh for config, updating manpages too.
- New program ssh-keysign
- New manpages for ssh_config and sshd_config
- Merge Pathes to new files
- Fix GCC problem with unsupported __func__ in older Releases
- patch openssh-3.1-adv.token.patch is now obsolete.
- remerged PAM changes form previous port
- declare CMSG_* macros.
- fixed bad type in function input_userauth_passwd_changereq
Update to OpenSSH-portable-3.2.3p1
- patch openssh-3.1p1-adv.token.patch is now obsolete
- keep previously declared CONFIGURE_ARGS
- remove openssh-mit-krb5-20020326.diff (should be in the distribution now)
- patch patch-readpassphrase.c is now in teh distribution
- merged previous patches.
- extend CONFIGURE_ARGS so it find OPENSSL again.
- new patches for GSSAPI, not fully tested.
If you have the patch applied:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/36080
Builds with openssl-0.9.6d under:
2.2.8-RELEASE
3.2-RELEASE
4.2-RELEASE
4.6-RC
- some configure scripts check the version of the lib
so we need to update SHLIBVER
- bump PORTREVISION
openssh:
- build ports with local openssl, if it exists
make sure that package install and deinstall
don't temper existing configuration files.
install sshd.sh now as sample.
Package changed, but no need to update
if you have PORTREVISION=2
