From 54057c2b9be4270b20db004c76851b04cf299620 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 9 May 2000 15:03:37 +1000 Subject: [PATCH] - Doc updates --- ChangeLog | 1 + INSTALL | 15 +++++---------- README | 25 ++++++++++--------------- 3 files changed, 16 insertions(+), 25 deletions(-) diff --git a/ChangeLog b/ChangeLog index eb94cf17d..bacd91f5e 100644 --- a/ChangeLog +++ b/ChangeLog @@ -22,6 +22,7 @@ [version.h] - OpenSSH-2.1 - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a + - Doc updates 20000508 - Makefile and RPM spec fixes diff --git a/INSTALL b/INSTALL index 76b85d6d8..bf7bc1386 100644 --- a/INSTALL +++ b/INSTALL @@ -29,12 +29,8 @@ passphrase requester. This is maintained separately at: http://www.ntrnet.net/~jmknoble/software/x11-ssh-askpass/index.html -If you are planning to use OpenSSH on a Unix which lacks a Kernel random -number generator (/dev/urandom), you may want to install the Entropy -Gathering Daemon (or similar). You will also need to specify the ---with-egd-pool option to ./configure. OpenSSH 2.0 includes some -peliminary built-in randomness collection, but it is not as well -tested as EGD. +The Entropy Gathering Daemon (EGD) is supported if you have a system which +lacks /dev/random and don't want to use OpenSSH's internal entropy collection. EGD: http://www.lothar.com/tech/crypto/ @@ -98,10 +94,9 @@ random numbers (the default is /dev/urandom). Unless you are absolutly sure of what you are doing, it is best to leave this alone. --with-egd-pool=/some/file allows you to enable Entropy Gathering -Daemon support and to specify a EGD pool socket. You may want to -use this if your Unix does not support the /dev/urandom device (or -similar). The file argument refers to the EGD pool file, not the -EGD program itself. Please refer to the EGD documentation. +Daemon support and to specify a EGD pool socket. Use this if your +Unix lacks /dev/random and you don't want to use OpenSSH's builtin +entropy collection support. --with-lastlog=FILE will specify the location of the lastlog file. ./configure searches a few locations for lastlog, but may not find diff --git a/README b/README index eaacfc542..16fc3651e 100644 --- a/README +++ b/README @@ -3,11 +3,11 @@ [ Thanks to HARUYAMA Seigo ******* IMPORTANT -* On systmes which lack a /dev/random driver, this port of -* OpenSSH-1.2.2 was not correctly seeding OpenSSL's random number +* On systmes which lack a /dev/random driver, version of this port +* prior to 1.2.2 were not correctly seeding OpenSSL's random number * pool. This resulted in lower quality RSA keys being generated. If -* you generated host or user keys with v1.2.2, please generate new -* ones using a more recent version. +* you generated host or user keys with v1.2.2 or previous versions, +* please generate new ones using a more recent version. This is the port of OpenBSD's excellent OpenSSH to Linux and other Unices. @@ -21,20 +21,17 @@ Markus Friedl, Niels Provos, Theo de Raadt, and Dug Song. It has a homepage at http://www.openssh.com/ This port consists of the re-introduction of autoconf support, PAM -support (for Linux and Solaris), EGD[1] support, SOCKS support (using -the Dante [6] libraries and replacements for OpenBSD library functions -that are (regrettably) absent from other unices. This port has been -best tested on Linux, Solaris, HPUX, NetBSD and Irix. Support for AIX, -SCO, NeXT and other Unices is underway. This version actively tracks -changes in the OpenBSD CVS repository. +support (for Linux and Solaris), EGD[1] support and replacements for +OpenBSD library functions that are (regrettably) absent from other +unices. This port has been best tested on Linux, Solaris, HPUX, NetBSD +and Irix. Support for AIX, SCO, NeXT and other Unices is underway. +This version actively tracks changes in the OpenBSD CVS repository. The PAM support is now more functional than the popular packages of commercial ssh-1.2.x. It checks "account" and "session" modules for all logins, not just when using password authentication. -OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4] and -Dante[6]. To build the GNOME[5] pass-phrase requester -(--with-gnome-askpass), you will need the GNOME libraries installed. +OpenSSH depends on Zlib[2], OpenSSL[3] and optionally PAM[4]. There is now several mailing lists for this port of OpenSSH. Please refer to http://violet.ibs.com.au/openssh/list.html for details on how @@ -63,6 +60,4 @@ References - [2] http://www.cdrom.com/pub/infozip/zlib/ [3] http://www.openssl.org/ [4] http://www.kernel.org/pub/linux/libs/pam/ (PAM is standard on Solaris) -[5] http://www.gnome.org/ -[6] http://www.inet.no/dante