head	1.9;
access;
symbols
	RELEASE_7_0_0:1.8
	RELEASE_6_3_0:1.8
	PRE_XORG_7:1.8
	RELEASE_4_EOL:1.8
	RELEASE_6_2_0:1.8
	RELEASE_6_1_0:1.8
	RELEASE_5_5_0:1.8
	RELEASE_6_0_0:1.8
	RELEASE_5_4_0:1.8
	RELEASE_4_11_0:1.8
	RELEASE_5_3_0:1.8
	RELEASE_4_10_0:1.8
	RELEASE_5_2_1:1.8
	RELEASE_5_2_0:1.8
	RELEASE_4_9_0:1.8
	RELEASE_5_1_0:1.8
	RELEASE_4_8_0:1.8
	RELEASE_5_0_0:1.8
	RELEASE_4_7_0:1.7
	RELEASE_4_6_2:1.1
	RELEASE_4_6_1:1.1
	RELEASE_4_6_0:1.1
	RELEASE_5_0_DP1:1.1;
locks; strict;
comment	@# @;


1.9
date	2008.03.05.04.25.42;	author tmclaugh;	state dead;
branches;
next	1.8;

1.8
date	2002.10.17.04.15.13;	author dinoex;	state Exp;
branches;
next	1.7;

1.7
date	2002.07.04.18.27.59;	author dinoex;	state Exp;
branches;
next	1.6;

1.6
date	2002.06.28.04.50.31;	author dinoex;	state Exp;
branches;
next	1.5;

1.5
date	2002.06.24.22.57.13;	author dinoex;	state Exp;
branches;
next	1.4;

1.4
date	2002.06.24.21.13.06;	author dinoex;	state Exp;
branches;
next	1.3;

1.3
date	2002.06.22.12.31.18;	author dinoex;	state Exp;
branches;
next	1.2;

1.2
date	2002.05.31.07.28.46;	author dinoex;	state Exp;
branches;
next	1.1;

1.1
date	2002.03.12.17.54.07;	author dinoex;	state Exp;
branches;
next	;


desc
@@


1.9
log
@- expire port: Long out of date with multiple security issues.
  (Don't worry, openssh-portable is still there.)
@
text
@--- sshd_config.orig	Thu Oct 17 06:02:17 2002
+++ sshd_config	Thu Oct 17 06:02:17 2002
@@@@ -32,6 +32,7 @@@@
 
 #LoginGraceTime 120
 #PermitRootLogin yes
+PermitRootLogin no
 #StrictModes yes
 
 #RSAAuthentication yes
@@@@ -56,6 +57,7 @@@@
 
 # Change to no to disable s/key passwords
 #ChallengeResponseAuthentication yes
+ChallengeResponseAuthentication no
 
 # Kerberos options
 #KerberosAuthentication no
@


1.8
log
@Update to 3.5
@
text
@@


1.7
log
@'PermitRootLogin no' is the new default for the OpenSSH port.
This now matches the PermitRootLogin configuration of OpenSSH in
the base system.  Please be aware of this when upgrading your
OpenSSH port, and if truly necessary, re-enable remote root login
by readjusting this option in your sshd_config.

Users are encouraged to create single-purpose users with ssh keys
and very narrowly defined sudo privileges instead of using root
for automated tasks.
@
text
@d1 2
a2 2
--- sshd_config.orig	Sun Jun 30 21:25:40 2002
+++ sshd_config	Wed Jul  3 06:22:22 2002
d5 1
a5 1
 #LoginGraceTime 600
a18 8
@@@@ -75,6 +77,7 @@@@
 #KeepAlive yes
 #UseLogin no
 #UsePrivilegeSeparation yes
+UsePrivilegeSeparation yes
 #Compression yes
 
 #MaxStartups 10
@


1.6
log
@Defaults changed: (Gregory Sutter)
 ChallengeResponseAuthentication no
 UseLogin no

SSH_PRIVSEP_USER=sshd, distributioin patch set it to nobodyh. (Jan Srzednicki)

#undef USE_PIPES, problems with ppp over ssh. (Kugimoto Takeshi)

fix missing includes for "canohost.h"
@
text
@d1 11
a11 3
--- sshd_config.orig	Thu Jun 27 22:07:41 2002
+++ sshd_config	Fri Jun 28 06:00:05 2002
@@@@ -56,6 +56,7 @@@@
d19 1
a19 1
@@@@ -75,6 +76,7 @@@@
@


1.5
log
@Enable privilege separation as default,
create user and home if it not exists.
@
text
@d1 11
a11 4
--- sshd_config 	Mon Jun 24 20:56:50 2002
+++ sshd_config.orig	Sat Jun 22 12:40:35 2002
@@@@ -74,7 +76,9 @@@@
 #PrintLastLog yes
a13 1
+UseLogin yes
@


1.4
log
@Merge PAM-changes from openssh currrent
Fix build with SKEY=yes, pr# 36119
Cleanup pw_expire handling.
Add missing includes
Changes defaults to: PermitRootLogin=no, UsePrivilegeSeparation=no
Use $PREFIX/etc/ssh for config, updating manpages too.
@
text
@d9 1
a9 1
+UsePrivilegeSeparation no
@


1.3
log
@Update to openssh-3.3
- New program ssh-keysign
- New manpages for ssh_config and sshd_config
- Merge Pathes to new files
- Fix GCC problem with unsupported __func__ in older Releases
@
text
@d1 3
a3 16
--- sshd_config.orig	Fri Jun 21 23:07:45 2002
+++ sshd_config	Fri Jun 21 23:08:26 2002
@@@@ -30,8 +30,10 @@@@
 
 # Authentication:
 
-#LoginGraceTime 600
-#PermitRootLogin yes
+#LoginGraceTime 300
+LoginGraceTime 600
+#PermitRootLogin no
+PermitRootLogin yes
 #StrictModes yes
 
 #RSAAuthentication yes
@@@@ -74,6 +76,7 @@@@
d9 1
d12 1
@


1.2
log
@Update to OpenSSH 3.2.3

- patch openssh-3.1-adv.token.patch is now obsolete.
- remerged PAM changes form previous port
- declare CMSG_* macros.
- fixed bad type in function input_userauth_passwd_changereq

Update to OpenSSH-portable-3.2.3p1

- patch openssh-3.1p1-adv.token.patch is now obsolete
- keep previously declared CONFIGURE_ARGS
- remove openssh-mit-krb5-20020326.diff (should be in the distribution now)
- patch patch-readpassphrase.c is now in teh distribution
- merged previous patches.
- extend CONFIGURE_ARGS so it find OPENSSL again.
- new patches for GSSAPI, not fully tested.

If you have the patch applied:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/36080

Builds with openssl-0.9.6d under:
2.2.8-RELEASE
3.2-RELEASE
4.2-RELEASE
4.6-RC
@
text
@d1 2
a2 2
--- sshd_config.orig	Thu May 23 13:37:04 2002
+++ sshd_config	Thu May 23 13:38:05 2002
d21 2
a22 1
 #UsePrivilegeSeparation no
a23 1
 #MaxStartups 10
@


1.1
log
@Rename Patches to make navigation much more easier.
@
text
@d1 2
a2 2
--- sshd_config.orig	Fri Mar  8 06:01:02 2002
+++ sshd_config	Fri Mar  8 06:03:06 2002
d16 1
a16 1
@@@@ -76,6 +78,7 @@@@
d21 1
a23 1
 # no default banner path
@

