set default ssh_config
This commit is contained in:
zhang-hao-jon
renmingshuai
parent
2abde599e0
commit
5befb32e2f
12
openssh.spec
12
openssh.spec
@ -6,7 +6,7 @@
|
|||||||
%{?no_gtk2:%global gtk2 0}
|
%{?no_gtk2:%global gtk2 0}
|
||||||
|
|
||||||
%global sshd_uid 74
|
%global sshd_uid 74
|
||||||
%global openssh_release 18
|
%global openssh_release 19
|
||||||
|
|
||||||
Name: openssh
|
Name: openssh
|
||||||
Version: 8.2p1
|
Version: 8.2p1
|
||||||
@ -98,6 +98,7 @@ Patch65: backport-CVE-2021-28041.patch
|
|||||||
Patch66: backport-change-convtime-form-returning-long-to-returning-int.patch
|
Patch66: backport-change-convtime-form-returning-long-to-returning-int.patch
|
||||||
Patch67: backport-change-types-in-convtime-unit-test-to-int-to-match.patch
|
Patch67: backport-change-types-in-convtime-unit-test-to-int-to-match.patch
|
||||||
Patch68: backport-fix-possible-NULL-deref-when-built-without-FIDO.patch
|
Patch68: backport-fix-possible-NULL-deref-when-built-without-FIDO.patch
|
||||||
|
Patch69: set-ssh-config.patch
|
||||||
|
|
||||||
Requires: /sbin/nologin
|
Requires: /sbin/nologin
|
||||||
Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8
|
Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8
|
||||||
@ -268,6 +269,7 @@ popd
|
|||||||
%patch66 -p1
|
%patch66 -p1
|
||||||
%patch67 -p1
|
%patch67 -p1
|
||||||
%patch68 -p1
|
%patch68 -p1
|
||||||
|
%patch69 -p1
|
||||||
|
|
||||||
autoreconf
|
autoreconf
|
||||||
pushd pam_ssh_agent_auth-0.10.3
|
pushd pam_ssh_agent_auth-0.10.3
|
||||||
@ -360,7 +362,6 @@ install -d $RPM_BUILD_ROOT%{_libdir}/fipscheck
|
|||||||
install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd
|
install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd
|
||||||
install -m644 %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/ssh-keycat
|
install -m644 %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/ssh-keycat
|
||||||
install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/sshd
|
install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/sshd
|
||||||
install -m644 ssh_config_redhat $RPM_BUILD_ROOT/etc/ssh/ssh_config.d/05-redhat.conf
|
|
||||||
install -d -m755 $RPM_BUILD_ROOT/%{_unitdir}
|
install -d -m755 $RPM_BUILD_ROOT/%{_unitdir}
|
||||||
install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/sshd@.service
|
install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/sshd@.service
|
||||||
install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/sshd.socket
|
install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/sshd.socket
|
||||||
@ -416,7 +417,6 @@ getent passwd sshd >/dev/null || \
|
|||||||
%attr(0644,root,root) %{_libdir}/fipscheck/ssh.hmac
|
%attr(0644,root,root) %{_libdir}/fipscheck/ssh.hmac
|
||||||
%attr(0755,root,root) %{_bindir}/scp
|
%attr(0755,root,root) %{_bindir}/scp
|
||||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
|
||||||
%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config.d/05-redhat.conf
|
|
||||||
%attr(0755,root,root) %{_bindir}/ssh-agent
|
%attr(0755,root,root) %{_bindir}/ssh-agent
|
||||||
%attr(0755,root,root) %{_bindir}/ssh-add
|
%attr(0755,root,root) %{_bindir}/ssh-add
|
||||||
%attr(0755,root,root) %{_bindir}/ssh-keyscan
|
%attr(0755,root,root) %{_bindir}/ssh-keyscan
|
||||||
@ -476,6 +476,12 @@ getent passwd sshd >/dev/null || \
|
|||||||
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
|
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Feb 28 2023 renmingshuai<renmingshuai@huawei.cn> - 8.2p1-19
|
||||||
|
- Type:bugfix
|
||||||
|
- CVE:NA
|
||||||
|
- SUG:NA
|
||||||
|
- DESC:set default ssh_config
|
||||||
|
|
||||||
* Mon Jan 09 2023 renmingshuai<renmingshuai@huawei.cn> - 8.2p1-18
|
* Mon Jan 09 2023 renmingshuai<renmingshuai@huawei.cn> - 8.2p1-18
|
||||||
- Type:bugfix
|
- Type:bugfix
|
||||||
- CVE:
|
- CVE:
|
||||||
|
|||||||
30
set-ssh-config.patch
Normal file
30
set-ssh-config.patch
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
From 8b8319aac379d9d6f75577507e87a97a8aa8aadc Mon Sep 17 00:00:00 2001
|
||||||
|
From: renmingshuai <renmingshuai@huawei.com>
|
||||||
|
Date: Mon, 5 Sep 2022 10:33:02 +0800
|
||||||
|
Subject: [PATCH] set-ssh-config
|
||||||
|
|
||||||
|
---
|
||||||
|
ssh_config | 9 +++++++++
|
||||||
|
1 file changed, 9 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/ssh_config b/ssh_config
|
||||||
|
index df22e2f..46b0987 100644
|
||||||
|
--- a/ssh_config
|
||||||
|
+++ b/ssh_config
|
||||||
|
@@ -48,4 +48,13 @@
|
||||||
|
#
|
||||||
|
# To modify the system-wide ssh configuration, create a *.conf file under
|
||||||
|
# /etc/ssh/ssh_config.d/ which will be automatically included below
|
||||||
|
+Match final all
|
||||||
|
+ Include /etc/crypto-policies/back-ends/openssh.config
|
||||||
|
+ GSSAPIAuthentication yes
|
||||||
|
+ ForwardX11Trusted yes
|
||||||
|
+ SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
|
||||||
|
+ SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
|
||||||
|
+ SendEnv LC_IDENTIFIACTION LC_ALL_LANGUAGE
|
||||||
|
+ SendEnv XMODIFIERS
|
||||||
|
+
|
||||||
|
Include /etc/ssh/ssh_config.d/*.conf
|
||||||
|
--
|
||||||
|
1.8.3.1
|
||||||
|
|
||||||
Loading…
x
Reference in New Issue
Block a user