reporting bug which happens if the remote end uses tcp_wrappers to control
sshd access (it says something like "read: no such file or directory" or
"read: permission denied" instead of "connection closed"). I already sent it
in to the ssh mailing list.
Submitted by: fenner
all the COMMENTs! No package names, no version numbers, no "this is
absolutix-3.1.2" type comments that have zero information contents.
Now, without any bad examples to follow, nobody has an excuse to import
a port with those kind of comments. :)
Phew! 238 ports modified!
TIS has recently instituted a registration policy for access to the freely
available toolkit. We have added this additional step to ensure that you
are aware that, while this software is freely available, it is licensed and
copyrighted software.
so add a dummy fetch: target to tell people to read their licence and
obtain the source manually, and what to do with it when you have it.
meaning it will silently fail if you (say) install as "bin". This makes
the packaging break. (Will the package tools install the setuid-root
binary anyway?)
They were not particularly useful anyway, they are mainly diagnostic tools
to parse the output of 'netstat' to see which users have what local
connections open.
Requested by: asami
- protect the secret RSA etc/ssh_host_key. It is now generated on install
(either by pkg_add or make install) if not already present and is not
ever added to a package since it's your host's credentials. It should
not be removed on pkg_delete, since you are in big trouble if you did
this (for example) pkg_delete ssh-1.2.14; pkg_add ssh-1.2.15.tgz.
- fix the broken manpage symlink when compressing man pages (slogin.1
has been causing /etc/weekly to generate cron messages)
- zlib 1.0.4 is now "blessed" again, the ssh working sources now use this
instead of v0.95. The decompression problem was fixed in either 1.0.3
or 1.0.4. Also, the current version of cvs uses zlib 1.0.4 as well..
- perl5.002 -> perl5.003
Reviewed by: torstenb
ssh for transport. FreeBSD does not have the implementation bugs that some
other systems appear to have, this option only hurts us.
Reviewed by: torstenb
want to touch it.
While I'm here, change MASTER_SITES to URL form (ftp://) and add
markm as the maintainer (he's the only one who touched this
Makefile since the beginning of history)....
This implementation has been built with Our ((actually its own but in our
source tree) DES library and our MD{45}. You will need to link your SSL
code with -ldes and -lmd.
Are you happy now, Torsten? ;-)
People, if you do a "make makesum" on a non-US machine, don't forget
to add this line back before commiting it:
MD5 (rsaref2.tar.gz) = 0b474c97bf1f1c0d27e5a95f1239c08d
ssh-askpass no longer uses wish, so chop the make rules that attempt to
locate it.
Go further to try and protect the ssh_host_key, since it's critical to
the operation and security of the machine.
security problems.
Also re-do the method we use for disconnecting ourselves from the supplied
gmp and z libraries so that this can be maintained in the future (sigh!).
1) It eliminated the need for my horrible kludge patch-ad
2) 1.2.12 has data stream compression (like gzip).
(I'm talking with the author about the remining three patches)
patch-ac: call setsid() before setlogin() in the child (when emulating rsh)
otherwise the setlogin() will fail when/if the proposed setlogin() changes
go in. Otherwise it silently fails and may leave the login name of the user
session as "root" (depending on how sshd was started). Without the proposed
kernel change, it harmlessly sets the login name of the user's session.
patch-ad: patch the #ifdef botch that stopped a ssh login from using and
updating the lastlog file. This is because we have struct lastlog defined
inside utmp.h rather than a lastlog.h include file like it was expecting.