Last change
on this file since 1803 was
1739,
checked in by mitchb, 14 years ago
|
Eliminate spurious opsnssh error messages related to public keys
If the following conditions apply:
o Someone attempt to authenticate to an account with an ssh key
o The account has an authorized_keys file
o Entries in authorized_keys have restrictions (i.e. "from=" clauses)
o The attempted key matches the type (RSA/DSA) of the restricted key(s)
o The attempted key is not actually one of the authorized keys
You will get a spurious error message that claims:
"Authentication tried for _____ with correct key but not from a
permitted host (host=______, ip=________)."
even though there is no correct key involved.
This is OpenSSH bug 1765 (https://bugzilla.mindrot.org/show_bug.cgi?id=1765)
and the patch is backported from the one committed in that ticket
(https://bugzilla.mindrot.org/attachment.cgi?id=1848).
|
File size:
1.4 KB
|
Rev | Line | |
---|
[1693] | 1 | --- openssh.spec.orig 2010-05-31 06:20:02.000000000 -0400 |
---|
| 2 | +++ openssh.spec 2010-09-06 21:53:21.000000000 -0400 |
---|
| 3 | @@ -74,7 +74,7 @@ |
---|
[1259] | 4 | Summary: An open source implementation of SSH protocol versions 1 and 2 |
---|
[926] | 5 | Name: openssh |
---|
[1693] | 6 | Version: 5.4p1 |
---|
| 7 | -Release: %{openssh_rel}%{?dist}%{?rescue_rel} |
---|
| 8 | +Release: %{openssh_rel}%{?dist}%{?rescue_rel}.scripts.%{scriptsversion} |
---|
[926] | 9 | URL: http://www.openssh.com/portable.html |
---|
[1693] | 10 | #URL1: http://pamsshagentauth.sourceforge.net |
---|
[926] | 11 | #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz |
---|
[1739] | 12 | @@ -88,6 +88,8 @@ |
---|
[760] | 13 | Source3: sshd.init |
---|
[1693] | 14 | Source4: http://prdownloads.sourceforge.net/pamsshagentauth/pam_ssh_agent_auth/pam_ssh_agent_auth-%{pam_ssh_agent_ver}.tar.bz2 |
---|
| 15 | Source5: pam_ssh_agent-rmheaders |
---|
[1259] | 16 | +Patch1001: openssh-4.7p1-gssapi-name-in-env.patch |
---|
[1739] | 17 | +Patch1002: openssh-no-spurious-correct-key-incorrect-host-messages.patch |
---|
[1693] | 18 | Patch0: openssh-5.4p1-redhat.patch |
---|
| 19 | Patch2: openssh-5.3p1-skip-initial.patch |
---|
| 20 | Patch4: openssh-5.2p1-vendor.patch |
---|
[1739] | 21 | @@ -175,6 +178,7 @@ |
---|
[925] | 22 | Requires(post): chkconfig >= 0.9, /sbin/service |
---|
| 23 | Requires(pre): /usr/sbin/useradd |
---|
| 24 | Requires: pam >= 1.0.1-3 |
---|
| 25 | +Provides: scripts-openssh-server |
---|
[760] | 26 | |
---|
[925] | 27 | %package askpass |
---|
| 28 | Summary: A passphrase dialog for OpenSSH and X |
---|
[1739] | 29 | @@ -267,6 +271,9 @@ |
---|
[1693] | 30 | %patch75 -p1 -b .dso |
---|
| 31 | %patch76 -p1 -b .bz595935 |
---|
[925] | 32 | |
---|
[1259] | 33 | +%patch1001 -p1 -b .gssapi-env |
---|
[1739] | 34 | +%patch1002 -p1 -b .no-spurious-correct-key-incorrect-host-messages |
---|
[760] | 35 | + |
---|
[437] | 36 | autoreconf |
---|
| 37 | |
---|
[760] | 38 | %build |
---|
Note: See
TracBrowser
for help on using the repository browser.