From 8daf4b45eab80b2fa4e06f26d09f834bd2e5bb93 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Mon, 22 Sep 2003 12:32:00 +1000 Subject: [PATCH] - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config] Update ssh-host-config to match current defaults, bump README version. Patch from vinschen at redhat.com. --- ChangeLog | 5 ++++- contrib/cygwin/README | 2 +- contrib/cygwin/ssh-host-config | 23 ++++++++++++++--------- 3 files changed, 19 insertions(+), 11 deletions(-) diff --git a/ChangeLog b/ChangeLog index 78a258ffe..9058dfc7a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -13,6 +13,9 @@ openbsd-compat/fake-rfc2553.h] Bug #659: Test for and handle systems with where gai_strerror is defined as "const char *". Part of patch supplied by bugzilla-openssh at thewrittenword.com + - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config] Update + ssh-host-config to match current defaults, bump README version. Patch from + vinschen at redhat.com. 20030919 - (djm) Bug #683: Remove reference to --with-ipv4-default from INSTALL; @@ -1149,4 +1152,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.3016 2003/09/22 02:08:23 dtucker Exp $ +$Id: ChangeLog,v 1.3017 2003/09/22 02:32:00 dtucker Exp $ diff --git a/contrib/cygwin/README b/contrib/cygwin/README index 71ea3455f..ec58964c9 100644 --- a/contrib/cygwin/README +++ b/contrib/cygwin/README @@ -1,4 +1,4 @@ -This package is the actual port of OpenSSH to Cygwin 1.3. +This package is the actual port of OpenSSH to Cygwin 1.5. =========================================================================== Important change since 3.4p1-2: diff --git a/contrib/cygwin/ssh-host-config b/contrib/cygwin/ssh-host-config index 2c6db51e5..e9c56aea9 100644 --- a/contrib/cygwin/ssh-host-config +++ b/contrib/cygwin/ssh-host-config @@ -279,12 +279,14 @@ then # Host * # ForwardAgent no # ForwardX11 no -# RhostsAuthentication no # RhostsRSAAuthentication no # RSAAuthentication yes # PasswordAuthentication yes +# HostbasedAuthentication no # BatchMode no # CheckHostIP yes +# AddressFamily any +# ConnectTimeout 0 # StrictHostKeyChecking ask # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_dsa @@ -397,7 +399,7 @@ Port $port_number #HostKey ${SYSCONFDIR}/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key -#KeyRegenerationInterval 3600 +#KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging @@ -407,7 +409,7 @@ Port $port_number # Authentication: -#LoginGraceTime 120 +#LoginGraceTime 2m #PermitRootLogin yes # The following setting overrides permission checks on host key files # and directories. For security reasons set this to "yes" when running @@ -418,10 +420,6 @@ StrictModes no #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys -# rhosts authentication should not be used -#RhostsAuthentication no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes # For this to work you will also need host keys in ${SYSCONFDIR}/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 @@ -429,6 +427,8 @@ StrictModes no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes @@ -437,6 +437,8 @@ StrictModes no # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes +#AllowTcpForwarding yes +#GatewayPorts no #X11Forwarding no #X11DisplayOffset 10 #X11UseLocalhost yes @@ -447,11 +449,14 @@ StrictModes no UsePrivilegeSeparation $privsep_used #PermitUserEnvironment no #Compression yes - +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS yes +#PidFile /var/run/sshd.pid #MaxStartups 10 + # no default banner path #Banner /some/path -#VerifyReverseMapping no # override default of no subsystems Subsystem sftp /usr/sbin/sftp-server