kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
freebsd-ports/security/openssh-portable/pkg-plist
Bryan Drewery 9a7dab4b5a - Update to 6.3p1 
Changelog: http://www.openssh.org/txt/release-6.3
- Use options helpers where possible
- Use upstream patch mirror for x509 and HPN
- Update HPN patch to v14 and use upstream version
- Add option NONECIPHER to allow disabling NONE in HPN patch
- Update x509 patch from 7.4.1 to 7.6
- Add support for LDNS and enable by it and VerifyHostKeyDNS/SSHFP by default.
  See http://lists.freebsd.org/pipermail/freebsd-security/2013-September/007180.html
  which describes this change, but is supported on releases before 10 as well
  with LDNS option.
- Update SCTP to patchlevel 2329
- Update recommendation on secure usage of SSH
- Add pkg-message warning about ECDSA key possibly being incorrect due to
  previously being written as DSA by the rc script and fixed in r299902 in
  2012
2013-10-13 02:20:07 +00:00

44 lines
2.1 KiB
Text
Raw Blame History

@comment slogin must be deleted first
bin/slogin
bin/scp
bin/sftp
bin/ssh
bin/ssh-add
bin/ssh-agent
bin/ssh-keygen
bin/ssh-keyscan
%%NOTBASE%%etc/ssh/moduli
%%NOTBASE%%@exec if [ -f %D/etc/ssh_config -a ! -f %D/etc/ssh/ssh_config ]; then ln %D/etc/ssh_config %D/etc/ssh/ssh_config ; fi
%%NOTBASE%%@exec if [ -f %D/etc/sshd_config -a ! -f %D/etc/ssh/sshd_config ]; then ln %D/etc/sshd_config %D/etc/ssh/sshd_config ; fi
%%NOTBASE%%@unexec if cmp -s %D/etc/ssh/ssh_config %D/etc/ssh/ssh_config-dist; then rm -f %D/etc/ssh/ssh_config; fi
%%NOTBASE%%@unexec if cmp -s %D/etc/ssh/sshd_config %D/etc/ssh/sshd_config-dist; then rm -f %D/etc/ssh/sshd_config; fi
%%OVERWRITE_BASE%%@cwd /
etc/ssh/ssh_config-dist
etc/ssh/sshd_config-dist
%%OVERWRITE_BASE%%@cwd %%BASEPREFIX%%
%%NOTBASE%%@exec if [ ! -f %D/etc/ssh/ssh_config ]; then cp -p %D/etc/ssh/ssh_config-dist %D/etc/ssh/ssh_config ; fi
%%NOTBASE%%@exec if [ ! -f %D/etc/ssh/sshd_config ]; then cp -p %D/etc/ssh/sshd_config-dist %D/etc/ssh/sshd_config ; fi
%%NOTBASE%%%%X509%%@dirrmtry etc/ssh/ca
%%NOTBASE%%@dirrmtry etc/ssh
@exec if [ -f %D/etc/ssh_host_ecdsa_key ] && grep -q DSA %D/etc/ssh_host_ecdsa_key; then echo; echo "\!/ Warning \!/"; echo; echo "Your %D/etc/ssh_host_ecdsa_key is not a valid ECDSA key. It is incorrectly"; echo "a DSA key due to a bug fixed in 2012 in the security/openssh-portable port."; echo; echo "Regenerate a proper one with: rm -f %D/etc/ssh_host_ecdsa_key*; service openssh restart"; echo; echo "Clients should not see any key change warning since the ECDSA was not valid and was not actually"; echo "used by the server."; echo; echo "\!/ Warning \!/"; fi
sbin/sshd
libexec/sftp-server
libexec/ssh-keysign
libexec/ssh-pkcs11-helper
@cwd %%MANPREFIX%%
man/man1/sftp.1.gz
man/man1/ssh-add.1.gz
man/man1/ssh-agent.1.gz
man/man1/ssh-keygen.1.gz
man/man1/ssh-keyscan.1.gz
man/man1/scp.1.gz
man/man1/ssh.1.gz
man/man1/slogin.1.gz
man/man5/moduli.5.gz
man/man5/ssh_config.5.gz
man/man5/sshd_config.5.gz
%%X509%%man/man5/ssh_engine.5.gz
man/man8/sftp-server.8.gz
man/man8/sshd.8.gz
man/man8/ssh-keysign.8.gz
man/man8/ssh-pkcs11-helper.8.gz
Reference in a new issue View git blame Copy permalink