security/openssh

2025-08-02 17:28:19 -04:00 · 2014-04-17 12:02:48 +02:00 · 2014-04-17 12:02:48 +02:00 · 71ca3fb53c
commit 71ca3fb53c
parent 9401ebe09f
4 changed files with 34 additions and 0 deletions
--- a/security/openssh/Makefile
+++ b/security/openssh/Makefile
@ -112,6 +112,10 @@ CONFIGURE_ARGS+=	--disable-libutil
 # prior version don't have it.  So, disable use of strnvis(3) now.
 #
 CONFIGURE_ENV+=		ac_cv_func_strnvis=no
+
+.  if ${OS_VARIANT} == "Minix"
+LIBS+=			-lcrypt
+.  endif
 .endif

 .if (${OPSYS} == "SunOS") && (${OS_VERSION} == "5.8" || ${OS_VERSION} == "5.9")
--- a/security/openssh/distinfo
+++ b/security/openssh/distinfo
@ -27,5 +27,6 @@ SHA1 (patch-session.c) = 55e84175c7294816107c970f002401d1766f7095
 SHA1 (patch-sftp-common.c) = 5b36300c6a83ceef2340c2cee3be211eaf39ecdd
 SHA1 (patch-ssh.c) = 8965e0458aabc137fa3b5e53c6573c0f0fba8280
 SHA1 (patch-sshd.c) = 43b3e4383142303a5d1158f08baee4a27f2f7b13
+SHA1 (patch-sshd__config) = fb0b798db80ae4c652f0b56ac8ea4920388df48d
 SHA1 (patch-sshpty.c) = 9f08f899919d05567998087a060b90800c2c7b11
 SHA1 (patch-uidswap.c) = 0b76322d47b9e14bb2828bc143645d38028bdafd
--- a/security/openssh/files/sshd.sh
+++ b/security/openssh/files/sshd.sh
@ -50,6 +50,12 @@ sshd_keygen()
 		${keygen_command} -t ecdsa -f @PKG_SYSCONFDIR@/ssh_host_ecdsa_key -N ''
 	fi
 /* HAVE_ECDSA_STOP */
+	if [ -f @PKG_SYSCONFDIR@/ssh_host_ed25519_key ]; then
+		@ECHO@ "You already have a ED25519 host key in @PKG_SYSCONFDIR@/ssh_host_ed25519_key"
+		@ECHO@ "Skipping protocol version 2 ED25519 Key Generation"
+	else
+		${keygen_command} -t ed25519 -f @PKG_SYSCONFDIR@/ssh_host_ed25519_key -N ''
+	fi
 	)
 }

--- a/security/openssh/patches/patch-sshd__config
+++ b/security/openssh/patches/patch-sshd__config
@ -0,0 +1,23 @@
+--- sshd_config.orig	Sun Jan 12 08:20:47 2014
+++ sshd_config	Thu Apr 17 23:51:34 2014
+@@ -102,12 +102,19 @@ AuthorizedKeysFile	.ssh/authorized_keys
+ #X11Forwarding no
+ #X11DisplayOffset 10
+ #X11UseLocalhost yes
+
+# LSC: Uncomment if you wish to use X11 forwarding. To actually
+#      activate X11 forwarding, you also need to set X11Forwarding yes.
+#XAuthLocation /usr/X11R7/bin/xauth # LSC: Use Native xauth
+#X11UseLocalhost no # LSC: Workaround SSHD bug
+
+ #PermitTTY yes
+ #PrintMotd yes
+ #PrintLastLog yes
+ #TCPKeepAlive yes
+ #UseLogin no
+-UsePrivilegeSeparation sandbox		# Default for new installations.
+#UsePrivilegeSeparation sandbox		# Default for new installations.
+UsePrivilegeSeparation no # LSC: for Minix, this is not supported ATM.
+ #PermitUserEnvironment no
+ #Compression delayed
+ #ClientAliveInterval 0