Date: Thursday, February 2, 2023 @ 17:41:06
Author: anthraxx
Revision: 468124
archrelease: copy trunk to testing-x86_64
Added:
openssh/repos/testing-x86_64/
openssh/repos/testing-x86_64/PKGBUILD
(from rev 468123, openssh/trunk/PKGBUILD)
openssh/repos/testing-x86_64/keys/
openssh/repos/testing-x86_64/openssh-9.0p1-sshd_config.patch
(from rev 468123, openssh/trunk/openssh-9.0p1-sshd_config.patch)
openssh/repos/testing-x86_64/sshd.conf
(from rev 468123, openssh/trunk/sshd.conf)
openssh/repos/testing-x86_64/sshd.pam
(from rev 468123, openssh/trunk/sshd.pam)
openssh/repos/testing-x86_64/sshd.service
(from rev 468123, openssh/trunk/sshd.service)
openssh/repos/testing-x86_64/sshdgenkeys.service
(from rev 468123, openssh/trunk/sshdgenkeys.service)
---------------------------------+
PKGBUILD | 111 ++++++++++++++++++++++++++++++++++++++
openssh-9.0p1-sshd_config.patch | 30 ++++++++++
sshd.conf | 1
sshd.pam | 6 ++
sshd.service | 14 ++++
sshdgenkeys.service | 13 ++++
6 files changed, 175 insertions(+)
Copied: openssh/repos/testing-x86_64/PKGBUILD (from rev 468123,
openssh/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD (rev 0)
+++ testing-x86_64/PKGBUILD 2023-02-02 17:41:06 UTC (rev 468124)
@@ -0,0 +1,111 @@
+# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
+# Maintainer: Giancarlo Razzolini <[email protected]>
+# Contributor: Gaetan Bisson <[email protected]>
+# Contributor: Aaron Griffin <[email protected]>
+# Contributor: judd <[email protected]>
+
+pkgname=openssh
+pkgver=9.2p1
+pkgrel=1
+pkgdesc="SSH protocol implementation for remote login, command execution and
file transfer"
+arch=('x86_64')
+url='https://www.openssh.com/portable.html'
+license=('custom:BSD')
+depends=(
+ 'glibc'
+ 'krb5' 'libkrb5.so' 'libgssapi_krb5.so'
+ 'ldns'
+ 'libedit'
+ 'libxcrypt' 'libcrypt.so'
+ 'openssl'
+ 'pam' 'libpam.so'
+ 'zlib'
+)
+makedepends=('libfido2' 'linux-headers')
+optdepends=(
+ 'libfido2: FIDO/U2F support'
+ 'x11-ssh-askpass: input passphrase in X'
+ 'xorg-xauth: X11 forwarding'
+)
+backup=(
+ 'etc/pam.d/sshd'
+ 'etc/ssh/ssh_config'
+ 'etc/ssh/sshd_config'
+)
+source=(
+
"https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname}-${pkgver}.tar.gz"{,.asc}
+ "$pkgname-9.0p1-sshd_config.patch"
+ 'sshdgenkeys.service'
+ 'sshd.service'
+ 'sshd.conf'
+ 'sshd.pam'
+)
+sha256sums=('3f66dbf1655fb45f50e1c56da62ab01218c228807b21338d634ebcdf9d71cf46'
+ 'SKIP'
+ '27e43dfd1506c8a821ec8186bae65f2dc43ca038616d6de59f322bd14aa9d07f'
+ 'e5305767b2d317183ad1c5022a5f6705bd9014a8b22495a000fd482713738611'
+ 'e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7'
+ '4effac1186cc62617f44385415103021f72f674f8b8e26447fc1139c670090f6'
+ '64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846')
+b2sums=('8d0b5e43cb42cba105a1fe303c447a2b85151cb33ec7ed47747d75c5a61d0f07f0ee4b1020b79c13eb8de4b451c5a844a8afc7ebbbea7ffeceafc3bf59cb8d21'
+ 'SKIP'
+
'29e1a1c2744e0234830c6f93a46338ea8dc943370e20a24883d207d611025e54643da678f2826050c073a36be48dfdc7329d4cfb144c2ff90607a5f10f73dc59'
+
'09fad3648f48f13ee80195b90913feeba21240d121b1178e0ce62f4a17b1f7e58e8edc22c04403e377ab300f5022a804c848f5be132765d5ca26a38aab262e50'
+
'07ad5c7fb557411a6646ff6830bc9d564c07cbddc4ce819641d31c05dbdf677bfd8a99907cf529a7ee383b8c250936a6423f4b4b97ba0f1c14f627bbd629bd4e'
+
'27571f728c3c10834a81652f3917188436474b588f8b047462e44b6c7a424f60d06ce8cb74839b691870177d7261592207d7f35d4ae6c79af87d6a7ea156d395'
+
'557d015bca7008ce824111f235da67b7e0051a693aaab666e97b78e753ed7928b72274af03d7fde12033986b733d5f996faf2a4feb6ecf53f39accae31334930')
+validpgpkeys=('7168B983815A5EEF59A4ADFD2A3F414E736060BA') # Damien Miller
<[email protected]>
+
+prepare() {
+ patch -Np1 -d "$pkgname-$pkgver" -i ../$pkgname-9.0p1-sshd_config.patch
+}
+
+build() {
+ cd "${pkgname}-${pkgver}"
+
+ ./configure \
+ --prefix=/usr \
+ --sbindir=/usr/bin \
+ --libexecdir=/usr/lib/ssh \
+ --sysconfdir=/etc/ssh \
+ --disable-strip \
+ --with-ldns \
+ --with-libedit \
+ --with-security-key-builtin \
+ --with-ssl-engine \
+ --with-pam \
+ --with-privsep-user=nobody \
+ --with-kerberos5=/usr \
+ --with-xauth=/usr/bin/xauth \
+ --with-pid-dir=/run \
+ --with-default-path='/usr/local/sbin:/usr/local/bin:/usr/bin' \
+
+ make
+}
+
+check() {
+ cd "${pkgname}-${pkgver}"
+
+ # NOTE: make t-exec does not work in our build environment
+ make file-tests interop-tests unit
+}
+
+package() {
+ cd "${pkgname}-${pkgver}"
+
+ make DESTDIR="${pkgdir}" install
+
+ ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz
+ install -Dm644 LICENCE -t "${pkgdir}/usr/share/licenses/${pkgname}/"
+
+ install -Dm644 ../sshdgenkeys.service -t "${pkgdir}"/usr/lib/systemd/system/
+ install -Dm644 ../sshd.service -t "${pkgdir}"/usr/lib/systemd/system/
+ install -Dm644 ../sshd.conf -t "${pkgdir}"/usr/lib/tmpfiles.d/
+ install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd
+
+ install -Dm755 contrib/findssl.sh -t "${pkgdir}"/usr/bin/
+ install -Dm755 contrib/ssh-copy-id -t "${pkgdir}"/usr/bin/
+ install -Dm644 contrib/ssh-copy-id.1 -t "${pkgdir}"/usr/share/man/man1/
+}
+
+# vim: ts=2 sw=2 et:
Copied: openssh/repos/testing-x86_64/openssh-9.0p1-sshd_config.patch (from rev
468123, openssh/trunk/openssh-9.0p1-sshd_config.patch)
===================================================================
--- testing-x86_64/openssh-9.0p1-sshd_config.patch
(rev 0)
+++ testing-x86_64/openssh-9.0p1-sshd_config.patch 2023-02-02 17:41:06 UTC
(rev 468124)
@@ -0,0 +1,30 @@
+diff -ruN a/sshd_config b/sshd_config
+--- a/sshd_config 2022-04-06 02:47:48.000000000 +0200
++++ b/sshd_config 2022-10-10 19:55:58.961117951 +0200
+@@ -58,7 +58,7 @@
+ #PermitEmptyPasswords no
+
+ # Change to no to disable s/key passwords
+-#KbdInteractiveAuthentication yes
++KbdInteractiveAuthentication no
+
+ # Kerberos options
+ #KerberosAuthentication no
+@@ -79,7 +79,7 @@
+ # If you just want the PAM account and session checks to run without
+ # PAM authentication, then enable this but set PasswordAuthentication
+ # and KbdInteractiveAuthentication to 'no'.
+-#UsePAM no
++UsePAM yes
+
+ #AllowAgentForwarding yes
+ #AllowTcpForwarding yes
+@@ -88,7 +88,7 @@
+ #X11DisplayOffset 10
+ #X11UseLocalhost yes
+ #PermitTTY yes
+-#PrintMotd yes
++PrintMotd no
+ #PrintLastLog yes
+ #TCPKeepAlive yes
+ #PermitUserEnvironment no
Copied: openssh/repos/testing-x86_64/sshd.conf (from rev 468123,
openssh/trunk/sshd.conf)
===================================================================
--- testing-x86_64/sshd.conf (rev 0)
+++ testing-x86_64/sshd.conf 2023-02-02 17:41:06 UTC (rev 468124)
@@ -0,0 +1 @@
+d /var/empty 0755 root root
Copied: openssh/repos/testing-x86_64/sshd.pam (from rev 468123,
openssh/trunk/sshd.pam)
===================================================================
--- testing-x86_64/sshd.pam (rev 0)
+++ testing-x86_64/sshd.pam 2023-02-02 17:41:06 UTC (rev 468124)
@@ -0,0 +1,6 @@
+#%PAM-1.0
+#auth required pam_securetty.so #disable remote root
+auth include system-remote-login
+account include system-remote-login
+password include system-remote-login
+session include system-remote-login
Copied: openssh/repos/testing-x86_64/sshd.service (from rev 468123,
openssh/trunk/sshd.service)
===================================================================
--- testing-x86_64/sshd.service (rev 0)
+++ testing-x86_64/sshd.service 2023-02-02 17:41:06 UTC (rev 468124)
@@ -0,0 +1,14 @@
+[Unit]
+Description=OpenSSH Daemon
+Wants=sshdgenkeys.service
+After=sshdgenkeys.service
+After=network.target
+
+[Service]
+ExecStart=/usr/bin/sshd -D
+ExecReload=/bin/kill -HUP $MAINPID
+KillMode=process
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
Copied: openssh/repos/testing-x86_64/sshdgenkeys.service (from rev 468123,
openssh/trunk/sshdgenkeys.service)
===================================================================
--- testing-x86_64/sshdgenkeys.service (rev 0)
+++ testing-x86_64/sshdgenkeys.service 2023-02-02 17:41:06 UTC (rev 468124)
@@ -0,0 +1,13 @@
+[Unit]
+Description=SSH Key Generation
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
+ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
+ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub
+
+[Service]
+ExecStart=/usr/bin/ssh-keygen -A
+Type=oneshot
+RemainAfterExit=yes
