Your message dated Mon, 06 Jun 2005 18:17:18 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#301852: fixed in openssh 1:4.1p1-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 28 Mar 2005 19:37:02 +0000
>From [EMAIL PROTECTED] Mon Mar 28 11:37:02 2005
Return-path: <[EMAIL PROTECTED]>
Received: from boy.univ.kiev.ua (mail.univ.kiev.ua) [193.125.78.122]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DG02n-0001ID-00; Mon, 28 Mar 2005 11:37:01 -0800
Received: from intel4.icc.univ.kiev.ua ([10.25.0.243])
by mail.univ.kiev.ua with esmtp (Exim 4.43)
id 1DG03Q-00002g-2H; Mon, 28 Mar 2005 22:37:43 +0300
Received: from eugen by intel4.icc.univ.kiev.ua with local (Exim 4.50)
id 1DG02i-0001sx-Hp; Mon, 28 Mar 2005 22:36:56 +0300
Content-Type: multipart/mixed; boundary="===============1425669092=="
MIME-Version: 1.0
From: Eugeniy Meshcheryakov <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: ssh: [INTL:uk] Ukrainian debconf templates translation
X-Mailer: reportbug 3.9
Date: Mon, 28 Mar 2005 22:36:56 +0300
Message-Id: <[EMAIL PROTECTED]>
X-Spam-Score: 0.0
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
This is a multi-part MIME message sent by reportbug.
--===============1425669092==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Package: ssh
Version: 1:3.8.1p1-8.sarge.4
Severity: wishlist
Tags: patch l10n
Please add Ukrainian debconf templates translation (attached). Attached
file should be renamed to debian/po/uk.po
Thanks
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (990, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11
Locale: LANG=uk_UA.UTF-8, LC_CTYPE=uk_UA.UTF-8 (charmap=UTF-8)
Versions of packages ssh depends on:
ii adduser 3.63 Add and remove users and groups
ii debconf 1.4.46 Debian configuration management sy
ii dpkg 1.10.27 Package maintenance system for Deb
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libpam-modules 0.76-22 Pluggable Authentication Modules f
ii libpam-runtime 0.76-22 Runtime support for the PAM librar
ii libpam0g 0.76-22 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
ii zlib1g 1:1.2.2-4 compression library - runtime
-- debconf information excluded
--===============1425669092==
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="utf-8"
Content-Disposition: attachment; filename="openssh-uk.po"
# translation of openssh to Ukrainian
#
# Translators, if you are not familiar with the PO format, gettext
# documentation is worth reading, especially sections dedicated to
# this format, e.g. by running:
# info -n '(gettext)PO Files'
# info -n '(gettext)Header Entry'
# Some information specific to po-debconf are available at
# /usr/share/doc/po-debconf/README-trans
# or http://www.debian.org/intl/l10n/po-debconf/README-trans#
# Developers do not need to manually edit POT or PO files.
# Eugeniy Meshcheryakov <[EMAIL PROTECTED]>, 2005.
#
msgid ""
msgstr ""
"Project-Id-Version: openssh-uk\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2004-10-06 13:54+0100\n"
"PO-Revision-Date: 2005-03-28 22:28+0300\n"
"Last-Translator: Eugeniy Meshcheryakov <[EMAIL PROTECTED]>\n"
"Language-Team: Ukrainian\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: KBabel 1.9.1\n"
"Plural-Forms: nplurals=3; plural=(n%10==1 && n%100!=11 ? 0 : n%10>=2 &&
n%10<=4 && (n%100<10 || n%100>=20) ? 1 : 2);\n"
#. Type: boolean
#. Description
#: ../templates.master:4
msgid "Generate new configuration file"
msgstr "Створити новий файл налаштувань"
#. Type: boolean
#. Description
#: ../templates.master:4
msgid ""
"This version of OpenSSH has a considerably changed configuration file from "
"the version shipped in Debian 'Potato', which you appear to be upgrading "
"from. I can now generate you a new configuration file (/etc/ssh/sshd."
"config), which will work with the new server version, but will not contain "
"any customisations you made with the old version."
msgstr "В цій версії OpenSSH значно змінений файл
налаштувань, в порівнянні з версією, що
входила в Debian 'Potato', і яку ви, схоже,
оновлюєте. Зараз можна створити новий файл
налаштувань (/etc/ssh/sshd.config), що буде працювати
з новою версією сервера, але не буде
містити будь-які зміни, які ви внесли у
стару версію."
#. Type: boolean
#. Description
#: ../templates.master:4
msgid ""
"Please note that this new configuration file will set the value of "
"'PermitRootLogin' to yes (meaning that anyone knowing the root password can "
"ssh directly in as root). It is the opinion of the maintainer that this is "
"the correct default (see README.Debian for more details), but you can always "
"edit sshd_config and set it to no if you wish."
msgstr "Зауважте, що в новій версії файла
налаштувань змінна 'PermitRootLogin' буде мати
значення yes (що означає, що будь-яка людина,
котра знає пароль користувача root, зможе
увійти в систему через ssh). На думку
супроводжуючого пакунку - це вірне
значення за замовчанням (дивіться також
README.Debian), але ви завжди можете змінити
значення цього параметра у файлі sshd_config."
#. Type: boolean
#. Description
#: ../templates.master:4
msgid ""
"It is strongly recommended that you let me generate a new configuration file "
"for you."
msgstr "Рекомендується дозволити створити
новий файл налаштувань."
#. Type: boolean
#. Description
#: ../templates.master:23
msgid "Allow SSH protocol 2 only"
msgstr "Дозволити тільки SSH-протокол версії 2"
#. Type: boolean
#. Description
#: ../templates.master:23
msgid ""
"This version of OpenSSH supports version 2 of the ssh protocol, which is "
"much more secure. Disabling ssh 1 is encouraged, however this will slow "
"things down on low end machines and might prevent older clients from "
"connecting (the ssh client shipped with \"potato\" is affected)."
msgstr "Ця версія OpenSSH підтримує версію 2
протоколу SSH, яка є більш безпечною.
Рекомендується заборонити версію 1, однак
це може уповільнити роботу на слабких
системах та зробити неможливим з'єднання з
використанням старих клієнтів (включно з
клієнтом ssh з \"potato\")."
#. Type: boolean
#. Description
#: ../templates.master:23
msgid ""
"Also please note that keys used for protocol 1 are different so you will not "
"be able to use them if you only allow protocol 2 connections."
msgstr "Також зверніть увагу, що ключі для
версії 1 відрізняються від ключів для
версії 2, тому ви не зможете
використовувати їх, якщо дозволите
з'єднання тільки по протоколу версії 2."
#. Type: boolean
#. Description
#: ../templates.master:23
msgid ""
"If you later change your mind about this setting, README.Debian has "
"instructions on what to do to your sshd_config file."
msgstr "Якщо ви пізніше передумаєте щодо цього
параметра, файл README.Debian містить інструкції
щодо внесення змін до файла sshd_config."
#. Type: note
#. Description
#: ../templates.master:37
msgid "ssh2 keys merged in configuration files"
msgstr "ssh2-ключі злиті у файлах налаштувань"
#. Type: note
#. Description
#: ../templates.master:37
msgid ""
"As of version 3 OpenSSH no longer uses separate files for ssh1 and ssh2 "
"keys. This means the authorized_keys2 and known_hosts2 files are no longer "
"needed. They will still be read in order to maintain backwards compatibility"
msgstr "У версії 3 OpenSSH більше не використовує
окремі файли для ключів ssh1 та ssh2. Це
означає, що файли authorized_keys2 та known_hosts2 більше
непотрібні. Вони будуть читатися з метою
забезпечення зворотної сумісності."
#. Type: boolean
#. Description
#: ../templates.master:46
msgid "Do you want to continue (and risk killing active ssh sessions)?"
msgstr "Чи бажаєте ви продовжувати (та
ризикувати втратити активні сеанси ssh)?"
#. Type: boolean
#. Description
#: ../templates.master:46
msgid ""
"The version of /etc/init.d/ssh that you have installed, is likely to kill "
"all running sshd instances. If you are doing this upgrade via an ssh "
"session, that would be a Bad Thing(tm)."
msgstr "Версія /etc/init.d/ssh, яку ви встановили,
імовірно зупинить всі запущені процеси sshd.
Якщо ви оновлюєтеся через ssh, це буде Погана
річ (tm)."
#. Type: boolean
#. Description
#: ../templates.master:46
msgid ""
"You can fix this by adding \"--pidfile /var/run/sshd.pid\" to the start-stop-"
"daemon line in the stop section of the file."
msgstr "Ви можете виправити це, додавши \"--pidfile
/var/run/sshd.pid\" до рядка з викликом start-stop-daemon в
частині зупинки цього файла."
#. Type: note
#. Description
#: ../templates.master:56
msgid "NOTE: Forwarding of X11 and Authorization disabled by default."
msgstr "ЗАУВАЖЕННЯ: Форвардинг X11 та Authorization
заборонені за замовчанням."
#. Type: note
#. Description
#: ../templates.master:56
msgid ""
"For security reasons, the Debian version of ssh has ForwardX11 and "
"ForwardAgent set to ``off'' by default."
msgstr "З міркувань безпеки в Debian-версії ssh
параметри ForwardX11 та ForwardAgent за замовчанням
мають значення \"off\"."
#. Type: note
#. Description
#: ../templates.master:56
msgid ""
"You can enable it for servers you trust, either in one of the configuration "
"files, or with the -X command line option."
msgstr "Ви можете дозволити їх для серверів,
яким довіряєте, або у одному з файлів
налаштувань, або за допомогою параметра
командного рядка -X."
#. Type: note
#. Description
#: ../templates.master:56
msgid "More details can be found in /usr/share/doc/ssh/README.Debian"
msgstr "Подробиці можна прочитати у файлі
/usr/share/doc/ssh/README.Debian"
#. Type: note
#. Description
#: ../templates.master:67
msgid "Warning: rsh-server is installed --- probably not a good idea"
msgstr "Попередження: rsh-server встановлений - це
погана ідея"
#. Type: note
#. Description
#: ../templates.master:67
msgid ""
"having rsh-server installed undermines the security that you were probably "
"wanting to obtain by installing ssh. I'd advise you to remove that package."
msgstr "Встановлений rsh-server знижує рівень
безпеки, який ви, можливо, хотіли отримати
встановивши ssh. Рекомендується видалити
цей пакунок."
#. Type: note
#. Description
#: ../templates.master:74
msgid "Warning: telnetd is installed --- probably not a good idea"
msgstr "Попередження: telnetd встановлений - це
погана ідея"
#. Type: note
#. Description
#: ../templates.master:74
msgid ""
"I'd advise you to either remove the telnetd package (if you don't actually "
"need to offer telnet access) or install telnetd-ssl so that there is at "
"least some chance that telnet sessions will not be sending unencrypted login/"
"password and session information over the network."
msgstr "Рекомендується або видалити пакунок
telnetd (якщо вам не потрібно надавати доступ
через telnet), або встановити telnetd-ssl, щоб мати
можливість не передавати незашифровані
логін/пароль та іншу інформацію через
мережу."
#. Type: note
#. Description
#: ../templates.master:82
msgid "Warning: you must create a new host key"
msgstr "Попередження: ви повинні створити
новий ключ вузла"
#. Type: note
#. Description
#: ../templates.master:82
msgid ""
"There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH can "
"not handle this host key file, and I can't find the ssh-keygen utility from "
"the old (non-free) SSH installation."
msgstr "Старий ключ в /etc/ssh/ssh_host_key зашифрований
за допомогою IDEA. OpenSSH не може обробляти
такий файл ключа вузла, також неможливо
знайти програму ssh-keygen зі старої (невільної)
версії SSH."
#. Type: note
#. Description
#: ../templates.master:82
msgid "You will need to generate a new host key."
msgstr "Вам потрібно створити новий ключ
вузла."
#. Type: boolean
#. Description
#: ../templates.master:92
msgid "Do you want /usr/lib/ssh-keysign to be installed SUID root?"
msgstr "Чи бажаєте ви, щоб /usr/lib/ssh-keysign мав
встановлений біт SUID?"
#. Type: boolean
#. Description
#: ../templates.master:92
msgid ""
"You have the option of installing the ssh-keysign helper with the SUID bit "
"set."
msgstr "Ви маєте можливість встановити біт SUID
для програми ssh-keysign."
#. Type: boolean
#. Description
#: ../templates.master:92
msgid ""
"If you make ssh-keysign SUID, you will be able to use SSH's Protocol 2 host-"
"based authentication."
msgstr "Якщо ви встановите біт SUID для ssh-keysign, ви
зможете використовувати вузлову
автентифікацію протоколу SSH версії 2."
#. Type: boolean
#. Description
#: ../templates.master:92
msgid ""
"If in doubt, I suggest you install it with SUID. If it causes problems you "
"can change your mind later by running: dpkg-reconfigure ssh"
msgstr "Якщо сумніваєтесь, то рекомендується
дозволити встановити біт SUID. Якщо це
викликатиме проблеми, ви зможете все
змінити запустивши dpkg-reconfigure ssh"
#. Type: boolean
#. Description
#: ../templates.master:105
msgid "Do you want to run the sshd server?"
msgstr "Чи бажаєте ви запустити сервер sshd?"
#. Type: boolean
#. Description
#: ../templates.master:105
msgid "This package contains both the ssh client, and the sshd server."
msgstr "Цей пакунок містить як клієнт ssh, так і
сервер sshd."
#. Type: boolean
#. Description
#: ../templates.master:105
msgid ""
"Normally the sshd Secure Shell Server will be run to allow remote logins via "
"ssh."
msgstr "Звичайно sshd (Secure Shell Server) запускається
щоб зробити можливим віддалену реєстрацію
в системі за допомогою ssh."
#. Type: boolean
#. Description
#: ../templates.master:105
msgid ""
"If you are only interested in using the ssh client for outbound connections "
"on this machine, and don't want to log into it at all using ssh, then you "
"can disable sshd here."
msgstr "Якщо вас цікавить використання тільки
клієнта ssh на цій машині і ви не бажаєте
реєструватися на ній використовуючи ssh,
тоді ви можете заборонити sshd."
#. Type: note
#. Description
#: ../templates.master:117
msgid "Environment options on keys have been deprecated"
msgstr "Опції оточення для ключів не повинні
використовуватися"
#. Type: note
#. Description
#: ../templates.master:117
msgid ""
"This version of OpenSSH disables the environment option for public keys by "
"default, in order to avoid certain attacks (for example, LD_PRELOAD). If you "
"are using this option in an authorized_keys file, beware that the keys in "
"question will no longer work until the option is removed."
msgstr "В цій версії OpenSSH, з метою уникнення
деяких атак (наприклад LD_PRELOAD), за
замовчанням заборонені опції оточення для
відкритих ключів. Якщо ви використовуєте
цю опцію у файлі authorized_keys, майте на увазі, що
ключі з такими опціями не будуть працювати,
доки опція не буде видалена."
#. Type: note
#. Description
#: ../templates.master:117
msgid ""
"To re-enable this option, set \"PermitUserEnvironment yes\" in /etc/ssh/"
"sshd_config after the upgrade is complete, taking note of the warning in the "
"sshd_config(5) manual page."
msgstr "Щоб дозволити цю опцію, встановіть
\"PermitUserEnvironment yes\" в /etc/ssh/sshd_config після
завершення оновлення; зверніть увагу на
попередження на сторінці підручника
sshd_config(5)."
#. Type: boolean
#. Description
#: ../templates.master:130
msgid "Disable challenge-response authentication?"
msgstr "Заборонити автентифікацію
запит-відповідь?"
#. Type: boolean
#. Description
#: ../templates.master:130
msgid ""
"Password authentication appears to be disabled in your current OpenSSH "
"server configuration. In order to prevent users from logging in using "
"passwords (perhaps using only public key authentication instead) with recent "
"versions of OpenSSH, you must disable challenge-response authentication, or "
"else ensure that your PAM configuration does not allow Unix password file "
"authentication."
msgstr "Схоже, що автентифікація з
використанням паролів заборонена у
поточній конфігурації сервера OpenSSH. Щоб
перешкодити користувачам реєструватися з
використанням паролів (можливо, для
автентифікації тільки за допомогою
відкритих ключів) з останніми версіями
OpenSSH, необхідно заборонити автентифікацію
виклик-відгук або впевнитися, що
налаштування PAM не дозволяють
автентифікацію за допомогою файла паролів
Unix."
#. Type: boolean
#. Description
#: ../templates.master:130
msgid ""
"If you disable challenge-response authentication, then users will not be "
"able to log in using passwords. If you leave it enabled (the default "
"answer), then the 'PasswordAuthentication no' option will have no useful "
"effect unless you also adjust your PAM configuration in /etc/pam.d/ssh."
msgstr "Якщо ви забороните автентифікацію
виклик-відгук, то ваші користувачі не
зможуть реєструватися використовуючи
паролі. Якщо ви залишите її дозволеною
(відповідь за замовчанням), то опція
'PasswordAuthentication no' не буде мати корисного
ефекту доки ви не пристосуєте також
налаштування PAM в /etc/pam.d/ssh."
--===============1425669092==--
---------------------------------------
Received: (at 301852-close) by bugs.debian.org; 6 Jun 2005 22:21:35 +0000
>From [EMAIL PROTECTED] Mon Jun 06 15:21:35 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DfPyR-0006Eu-00; Mon, 06 Jun 2005 15:21:35 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DfPuI-00064x-00; Mon, 06 Jun 2005 18:17:18 -0400
From: Colin Watson <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#301852: fixed in openssh 1:4.1p1-3
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Mon, 06 Jun 2005 18:17:18 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 3
Source: openssh
Source-Version: 1:4.1p1-3
We believe that the bug you reported is fixed in the latest version of
openssh, which is due to be installed in the Debian FTP archive:
openssh-client-udeb_4.1p1-3_powerpc.udeb
to pool/main/o/openssh/openssh-client-udeb_4.1p1-3_powerpc.udeb
openssh-client_4.1p1-3_powerpc.deb
to pool/main/o/openssh/openssh-client_4.1p1-3_powerpc.deb
openssh-server-udeb_4.1p1-3_powerpc.udeb
to pool/main/o/openssh/openssh-server-udeb_4.1p1-3_powerpc.udeb
openssh-server_4.1p1-3_powerpc.deb
to pool/main/o/openssh/openssh-server_4.1p1-3_powerpc.deb
openssh_4.1p1-3.diff.gz
to pool/main/o/openssh/openssh_4.1p1-3.diff.gz
openssh_4.1p1-3.dsc
to pool/main/o/openssh/openssh_4.1p1-3.dsc
ssh-askpass-gnome_4.1p1-3_powerpc.deb
to pool/main/o/openssh/ssh-askpass-gnome_4.1p1-3_powerpc.deb
ssh_4.1p1-3_all.deb
to pool/main/o/openssh/ssh_4.1p1-3_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Colin Watson <[EMAIL PROTECTED]> (supplier of updated openssh package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 6 Jun 2005 22:28:33 +0100
Source: openssh
Binary: ssh-askpass-gnome openssh-client-udeb ssh openssh-server openssh-client
openssh-server-udeb
Architecture: source powerpc all
Version: 1:4.1p1-3
Distribution: unstable
Urgency: high
Maintainer: Matthew Vernon <[EMAIL PROTECTED]>
Changed-By: Colin Watson <[EMAIL PROTECTED]>
Description:
openssh-client - Secure shell client, an rlogin/rsh/rcp replacement
openssh-client-udeb - Secure shell client for the Debian installer (udeb)
openssh-server - Secure shell server, an rshd replacement
openssh-server-udeb - Secure shell server for the Debian installer (udeb)
ssh - Secure shell client and server (transitional package)
ssh-askpass-gnome - under X, asks user for a passphrase for ssh-add
Closes: 39741 87253 87900 141979 147212 147360 151321 162996 163933 192206
192234 220726 228828 233012 238699 242119 242462 247521 248747 250369 257130
264024 265339 265627 273831 275731 275895 276703 276754 277438 278394 278715
280190 281595 287013 289573 295757 296487 298536 298744 301852 303452 303787
307069 308868
Changes:
openssh (1:4.1p1-3) unstable; urgency=low
.
* Upload to unstable.
.
openssh (1:4.1p1-2) experimental; urgency=low
.
* Drop debconf support for allowing SSH protocol 1, which is discouraged
and has not been the default since openssh 1:3.0.1p1-1. Users who need
this should edit sshd_config instead (closes: #147212).
* Since ssh-keysign isn't used by default (you need to set
EnableSSHKeysign to "yes" in /etc/ssh/ssh_config), having a debconf
question to ask whether it should be setuid is overkill, and the
question text had got out of date anyway. Remove this question, ship
ssh-keysign setuid in openssh-client.deb, and set a statoverride if the
debconf question was previously set to false.
* Add lintian overrides for the above (setuid-binary,
no-debconf-templates).
* Fix picky lintian errors about slogin symlinks.
* Fix DEB_HOST_ARCH_OS/DEB_HOST_GNU_SYSTEM compatibility handling.
* Apply Linux 2.2 workaround (see #239999) only on Linux.
.
openssh (1:4.1p1-1) experimental; urgency=low
.
* New upstream release.
- Normalise socket addresses returned by get_remote_hostname(), fixing
4-in-6 mapping issues with AllowUsers et al (closes: #192234).
* Take upstream's hint and disable the unsupported USE_POSIX_THREADS
(closes: #295757, #308868, and possibly others; may open other bugs).
Use PAM password authentication to avoid #278394. In future I may
provide two sets of binaries built with and without this option, since
it seems I can't win.
* Disable ChallengeResponseAuthentication in new installations, returning
to PasswordAuthentication by default, since it now supports PAM and
apparently works better with a non-threaded sshd (closes: #247521).
* openssh-server Suggests: rssh (closes: #233012).
* Change libexecdir to /usr/lib/openssh, and fix up various alternatives
and configuration files to match (closes: #87900, #151321).
* Fix up very old sshd_config files that refer to /usr/libexec/sftp-server
(closes: #141979).
.
openssh (1:4.0p1-1) experimental; urgency=low
.
* New upstream release.
- Port-forwarding specifications now take optional bind addresses, and
the server allows client-specified bind addresses for remote port
forwardings when configured with "GatewayPorts clientspecified"
(closes: #87253, #192206).
- ssh and ssh-keyscan now support hashing of known_hosts files for
improved privacy. ssh-keygen has new options for managing known_hosts
files, which understand hashing.
- sftp supports command history and editing support using libedit
(closes: #287013).
- Have scp and sftp wait for the spawned ssh to exit before they exit
themselves, allowing ssh to restore terminal modes (closes: #257130).
- Improved the handling of bad data in authorized_keys files,
eliminating fatal errors on corrupt or very large keys; e.g. linefeeds
in keys only produce errors in auth.log now (closes: #220726).
- Add "command mode" to ssh connection multiplexing (closes: #303452).
- Mention $HOME/.hushlogin in sshd(8) FILES section (closes: #163933).
* Make gnome-ssh-askpass stay above other windows (thanks, Liyang HU;
closes: #296487).
* Remove obsolete and unnecessary ssh/forward_warning debconf note.
* Hurd build fixes (although sshd still doesn't work):
- Restore X forwarding fix from #102991, lost somewhere along the way.
- Link with -lcrypt.
- Link with -lpthread rather than -pthread.
- Don't build ssh-askpass-gnome on the Hurd, until GNOME is available to
satisfy build-dependencies.
* Drop workaround for #242462 on amd64; it's been fixed properly upstream.
* Enable HashKnownHosts by default. This only affects new entries; use
'ssh-keygen -H' to convert an entire known_hosts file to hashed format.
* Note in ssh_config(5) that the SetupTimeOut option is Debian-specific
(closes: #307069).
* debconf template translations:
- Update Czech (thanks, Miroslav Kure; closes: #298744).
- Update Finnish (thanks, Matti Pöllä; closes: #303787).
- Synchronise Spanish with sarge branch (thanks, Javier
Fernández-Sanguino Peña; closes: #298536).
- Add Ukrainian (thanks, Eugeniy Meshcheryakov; closes: #301852).
.
openssh (1:3.9p1-3) experimental; urgency=low
.
* Explain how to run sshd from inittab in README.Debian (closes: #147360).
* Add debian/watch file.
.
openssh (1:3.9p1-2) experimental; urgency=low
.
* Remove pam_nologin from /etc/pam.d/ssh, as sshd's built-in support
appears to be sufficient and more useful (closes: #162996).
* Depend on debconf | debconf-2.0.
* Drop LoginGraceTime back to the upstream default of two minutes on new
installs (closes: #289573).
* debconf template translations from Ubuntu bug #1232:
- Update Greek (thanks, Logiotatidis George).
- Update Spanish (thanks, Santiago Erquicia).
.
openssh (1:3.9p1-1) experimental; urgency=low
.
* New upstream release.
- PAM password authentication implemented again (closes: #238699,
#242119).
- Implemented the ability to pass selected environment variables between
the client and the server.
- Fix ssh-keyscan breakage when remote server doesn't speak SSH protocol
(closes: #228828).
- Fix res_query detection (closes: #242462).
- 'ssh -c' documentation improved (closes: #265627).
* Pass LANG and LC_* environment variables from the client by default, and
accept them to the server by default in new installs, although not on
upgrade (closes: #264024).
* Build ssh in binary-indep, not binary-arch (thanks, LaMont Jones).
* Expand on openssh-client package description (closes: #273831).
.
openssh (1:3.8.1p1-14) experimental; urgency=low
.
* We use DH_COMPAT=2, so build-depend on debhelper (>= 2).
* Fix timing information leak allowing discovery of invalid usernames in
PAM keyboard-interactive authentication (backported from a patch by
Darren Tucker; closes: #281595).
* Make sure that there's a delay in PAM keyboard-interactive
authentication when PermitRootLogin is not set to yes and the correct
root password is entered (closes: #248747).
.
openssh (1:3.8.1p1-13) experimental; urgency=low
.
* Enable threading for PAM, on Sam Hartman's advice (closes: #278394).
* debconf template translations:
- Update Dutch (thanks, cobaco; closes: #278715).
* Correct README.Debian's ForwardX11Trusted description (closes: #280190).
.
openssh (1:3.8.1p1-12) experimental; urgency=low
.
* Preserve /etc/ssh/sshd_config ownership/permissions (closes: #276754).
* Shorten the version string from the form "OpenSSH_3.8.1p1 Debian
1:3.8.1p1-8.sarge.1" to "OpenSSH_3.8.1p1 Debian-8.sarge.1", as some SSH
implementations apparently have problems with the long version string.
This is of course a bug in those implementations, but since the extent
of the problem is unknown it's best to play safe (closes: #275731).
* debconf template translations:
- Add Finnish (thanks, Matti Pöllä; closes: #265339).
- Update Danish (thanks, Morten Brix Pedersen; closes: #275895).
- Update French (thanks, Denis Barbier; closes: #276703).
- Update Japanese (thanks, Kenshi Muto; closes: #277438).
.
openssh (1:3.8.1p1-11) experimental; urgency=high
.
* Move sshd_config(5) to openssh-server, where it belongs.
* If PasswordAuthentication is disabled, then offer to disable
ChallengeResponseAuthentication too. The current PAM code will attempt
password-style authentication if ChallengeResponseAuthentication is
enabled (closes: #250369).
* This will ask a question of anyone who installed fresh with 1:3.8p1-2 or
later and then upgraded. Sorry about that ... for this reason, the
default answer is to leave ChallengeResponseAuthentication enabled.
.
openssh (1:3.8.1p1-10) experimental; urgency=low
.
* Don't install the ssh-askpass-gnome .desktop file by default; I've had
too many GNOME people tell me it's the wrong thing to be doing. I've
left it in /usr/share/doc/ssh-askpass-gnome/examples/ for now.
.
openssh (1:3.8.1p1-9) experimental; urgency=low
.
* Split the ssh binary package into openssh-client and openssh-server
(closes: #39741). openssh-server depends on openssh-client for some
common functionality; it didn't seem worth creating yet another package
for this. openssh-client is priority standard, openssh-server optional.
* New transitional ssh package, priority optional, depending on
openssh-client and openssh-server. May be removed once nothing depends
on it.
* When upgrading from ssh to openssh-{client,server}, it's very difficult
for the maintainer scripts to find out what version we're upgrading from
without dodgy dpkg hackery. I've therefore taken the opportunity to move
a couple of debconf notes into NEWS files, namely ssh/ssh2_keys_merged
and ssh/user_environment_tell.
* Add a heuristic to try to make sure the sshd_config upgrade to >= 3.7
happens even though we don't know what version we're upgrading from.
* Remove /etc/ssh/sshd_not_to_be_run on purge of openssh-server. For now
(until sarge+2) it's still honoured to avoid breaking existing
configurations, but the right approach is now to remove the
openssh-server package if you don't want to run the server. Add a NEWS
item to that effect.
Files:
84f2dff9c56e901f345d56fc61df0d0b 900 net standard openssh_4.1p1-3.dsc
7ab61ab3f06d6f82054c1abe06c07d06 138002 net standard openssh_4.1p1-3.diff.gz
02c181ac3c4d6a0548d111c59e74db82 31940 net optional ssh_4.1p1-3_all.deb
fded10b71291844267bf4582d67e1f49 570468 net standard
openssh-client_4.1p1-3_powerpc.deb
b5d53eb227d444b63861dc93266b06d3 284250 net optional
openssh-server_4.1p1-3_powerpc.deb
712214657225f22add427e6e8af78d8e 76508 gnome optional
ssh-askpass-gnome_4.1p1-3_powerpc.deb
8a08610010a9b18697df9dcaad793d47 163160 debian-installer optional
openssh-client-udeb_4.1p1-3_powerpc.udeb
c3e34795848cfa1ddf1be4365c9450cd 171832 debian-installer optional
openssh-server-udeb_4.1p1-3_powerpc.udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCpMU09t0zAhD6TNERAkGpAKCDpLdoo2ILdb02EPN28FV4HuSsgQCcD7K2
QlEr7wrH8P5uw4bssmCGNzU=
=mvqt
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
