RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (dtucker) [INSTALL] Group the parts describing random options and PAM 

implementations together which is hopefully more coherent.
This commit is contained in:
Darren Tucker 2007-08-17 22:03:09 +10:00
parent 637cc404c6
commit 1a32953e48
2 changed files with 28 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -2,6 +2,8 @@
- (dtucker) [sshd.8] Many Linux variants use a single "!" to denote locked - (dtucker) [sshd.8] Many Linux variants use a single "!" to denote locked
accounts and that's what the code looks for, so make man page and code accounts and that's what the code looks for, so make man page and code
agree. Pointed out by Roumen Petrov. agree. Pointed out by Roumen Petrov.
- (dtucker) [INSTALL] Group the parts describing random options and PAM
implementations together which is hopefully more coherent.
20070816 20070816
- (dtucker) [session.c] Call PAM cleanup functions for unauthenticated - (dtucker) [session.c] Call PAM cleanup functions for unauthenticated
@ -3178,4 +3180,4 @@
OpenServer 6 and add osr5bigcrypt support so when someone migrates OpenServer 6 and add osr5bigcrypt support so when someone migrates
passwords between UnixWare and OpenServer they will still work. OK dtucker@ passwords between UnixWare and OpenServer they will still work. OK dtucker@
$Id: ChangeLog,v 1.4732 2007/08/16 23:42:32 dtucker Exp $ $Id: ChangeLog,v 1.4733 2007/08/17 12:03:09 dtucker Exp $

49
INSTALL
View File

@ -14,31 +14,11 @@ Blowfish) do not work correctly.)
The remaining items are optional. The remaining items are optional.
OpenSSH can utilise Pluggable Authentication Modules (PAM) if your
system supports it. PAM is standard most Linux distributions, Solaris,
HP-UX 11 and AIX >= 5.2.
NB. If you operating system supports /dev/random, you should configure NB. If you operating system supports /dev/random, you should configure
OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of OpenSSL to use it. OpenSSH relies on OpenSSL's direct support of
/dev/random. If you don't you will have to rely on ssh-rand-helper, which /dev/random, or failing that, either prngd or egd. If you don't have
is inferior to a good kernel-based solution. any of these you will have to rely on ssh-rand-helper, which is inferior
to a good kernel-based solution or prngd.
Linux PAM:
http://www.kernel.org/pub/linux/libs/pam/
OpenPAM:
http://www.openpam.org/
If you wish to build the GNOME passphrase requester, you will need the GNOME
libraries and headers.
GNOME:
http://www.gnome.org/
Alternatively, Jim Knoble <jmknoble@pobox.com> has written an excellent X11
passphrase requester. This is maintained separately at:
http://www.jmknoble.net/software/x11-ssh-askpass/
PRNGD: PRNGD:
@ -54,6 +34,27 @@ lacks /dev/random and don't want to use OpenSSH's internal entropy collection.
http://www.lothar.com/tech/crypto/ http://www.lothar.com/tech/crypto/
OpenSSH can utilise Pluggable Authentication Modules (PAM) if your
system supports it. PAM is standard most Linux distributions, Solaris,
HP-UX 11, AIX >= 5.2, FreeBSD and NetBSD.
Information about the various PAM implementations are available:
Solaris PAM: http://www.sun.com/software/solaris/pam/
Linux PAM: http://www.kernel.org/pub/linux/libs/pam/
OpenPAM: http://www.openpam.org/
If you wish to build the GNOME passphrase requester, you will need the GNOME
libraries and headers.
GNOME:
http://www.gnome.org/
Alternatively, Jim Knoble <jmknoble@pobox.com> has written an excellent X11
passphrase requester. This is maintained separately at:
http://www.jmknoble.net/software/x11-ssh-askpass/
S/Key Libraries: S/Key Libraries:
If you wish to use --with-skey then you will need the library below If you wish to use --with-skey then you will need the library below
@ -254,4 +255,4 @@ Please refer to the "reporting bugs" section of the webpage at
http://www.openssh.com/ http://www.openssh.com/
$Id: INSTALL,v 1.80 2007/08/17 11:40:22 dtucker Exp $ $Id: INSTALL,v 1.81 2007/08/17 12:03:10 dtucker Exp $