diff options
author | des <des@FreeBSD.org> | 2008-08-01 02:48:36 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2008-08-01 02:48:36 +0000 |
commit | b7aa600c416b507a21191efa2689c0a03031d58e (patch) | |
tree | ed813bdf7d8dbee35f19092d185e1a2793885204 /crypto/openssh/FREEBSD-upgrade | |
parent | a2326b0bec3be2ec01f66d386cfe43139cbc579c (diff) | |
parent | 8f6f5baf400f08937451cf9c8ecc220e9efd2f63 (diff) | |
download | FreeBSD-src-b7aa600c416b507a21191efa2689c0a03031d58e.zip FreeBSD-src-b7aa600c416b507a21191efa2689c0a03031d58e.tar.gz |
Upgrade to OpenSSH 5.1p1.
I have worked hard to reduce diffs against the vendor branch. One
notable change in that respect is that we no longer prefer DSA over
RSA - the reasons for doing so went away years ago. This may cause
some surprises, as ssh will warn about unknown host keys even for
hosts whose keys haven't changed.
MFC after: 6 weeks
Diffstat (limited to 'crypto/openssh/FREEBSD-upgrade')
-rw-r--r-- | crypto/openssh/FREEBSD-upgrade | 10 |
1 files changed, 2 insertions, 8 deletions
diff --git a/crypto/openssh/FREEBSD-upgrade b/crypto/openssh/FREEBSD-upgrade index 86913ff..03b7dbf 100644 --- a/crypto/openssh/FREEBSD-upgrade +++ b/crypto/openssh/FREEBSD-upgrade @@ -3,6 +3,7 @@ FreeBSD maintainer's guide to OpenSSH-portable ============================================== +[needs rewriting for svn] 0) Make sure your mail spool has plenty of free space. It'll fill up pretty fast once you're done with this checklist. @@ -86,11 +87,7 @@ B) Re-commit everything on repoman (you *did* use a test repo for We've modified some configuration defaults in sshd: - - PasswordAuthentication defaults to "no" when PAM is enabled. - - - For protocol version 2, we don't load RSA host keys by - default. If both RSA and DSA keys are present, we prefer DSA - to RSA. + - PasswordAuthentication defaults to "no". - LoginGraceTime defaults to 120 seconds instead of 600. @@ -103,9 +100,6 @@ B) Re-commit everything on repoman (you *did* use a test repo for We've modified some configuration defaults in ssh: - - For protocol version 2, if both RSA and DSA keys are present, - we prefer DSA to RSA. - - CheckHostIP defaults to "no". 3) Canonic host names |