| Last change
                  on this file since 1858 was
                  1739,
                  checked in by mitchb, 15 years ago | 
        
          | Eliminate spurious opsnssh error messages related to public keys
If the following conditions apply:
  o Someone attempt to authenticate to an account with an ssh key
  o The account has an authorized_keys file
  o Entries in authorized_keys have restrictions (i.e. "from=" clauses)
  o The attempted key matches the type (RSA/DSA) of the restricted key(s)
  o The attempted key is not actually one of the authorized keys
You will get a spurious error message that claims:
  "Authentication tried for _____ with correct key but not from a
   permitted host (host=______, ip=________)."
even though there is no correct key involved.
This is OpenSSH bug 1765 (https://bugzilla.mindrot.org/show_bug.cgi?id=1765)
and the patch is backported from the one committed in that ticket
(https://bugzilla.mindrot.org/attachment.cgi?id=1848). | 
        | File size:
            1.4 KB | 
      
      
        
  | Rev | Line |  | 
|---|
| [1693] | 1 | --- openssh.spec.orig   2010-05-31 06:20:02.000000000 -0400 | 
|---|
|  | 2 | +++ openssh.spec        2010-09-06 21:53:21.000000000 -0400 | 
|---|
|  | 3 | @@ -74,7 +74,7 @@ | 
|---|
| [1259] | 4 | Summary: An open source implementation of SSH protocol versions 1 and 2 | 
|---|
| [926] | 5 | Name: openssh | 
|---|
| [1693] | 6 | Version: 5.4p1 | 
|---|
|  | 7 | -Release: %{openssh_rel}%{?dist}%{?rescue_rel} | 
|---|
|  | 8 | +Release: %{openssh_rel}%{?dist}%{?rescue_rel}.scripts.%{scriptsversion} | 
|---|
| [926] | 9 | URL: http://www.openssh.com/portable.html | 
|---|
| [1693] | 10 | #URL1: http://pamsshagentauth.sourceforge.net | 
|---|
| [926] | 11 | #Source0: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-%{version}.tar.gz | 
|---|
| [1739] | 12 | @@ -88,6 +88,8 @@ | 
|---|
| [760] | 13 | Source3: sshd.init | 
|---|
| [1693] | 14 | Source4: http://prdownloads.sourceforge.net/pamsshagentauth/pam_ssh_agent_auth/pam_ssh_agent_auth-%{pam_ssh_agent_ver}.tar.bz2 | 
|---|
|  | 15 | Source5: pam_ssh_agent-rmheaders | 
|---|
| [1259] | 16 | +Patch1001: openssh-4.7p1-gssapi-name-in-env.patch | 
|---|
| [1739] | 17 | +Patch1002: openssh-no-spurious-correct-key-incorrect-host-messages.patch | 
|---|
| [1693] | 18 | Patch0: openssh-5.4p1-redhat.patch | 
|---|
|  | 19 | Patch2: openssh-5.3p1-skip-initial.patch | 
|---|
|  | 20 | Patch4: openssh-5.2p1-vendor.patch | 
|---|
| [1739] | 21 | @@ -175,6 +178,7 @@ | 
|---|
| [925] | 22 | Requires(post): chkconfig >= 0.9, /sbin/service | 
|---|
|  | 23 | Requires(pre): /usr/sbin/useradd | 
|---|
|  | 24 | Requires: pam >= 1.0.1-3 | 
|---|
|  | 25 | +Provides: scripts-openssh-server | 
|---|
| [760] | 26 |  | 
|---|
| [925] | 27 | %package askpass | 
|---|
|  | 28 | Summary: A passphrase dialog for OpenSSH and X | 
|---|
| [1739] | 29 | @@ -267,6 +271,9 @@ | 
|---|
| [1693] | 30 | %patch75 -p1 -b .dso | 
|---|
|  | 31 | %patch76 -p1 -b .bz595935 | 
|---|
| [925] | 32 |  | 
|---|
| [1259] | 33 | +%patch1001 -p1 -b .gssapi-env | 
|---|
| [1739] | 34 | +%patch1002 -p1 -b .no-spurious-correct-key-incorrect-host-messages | 
|---|
| [760] | 35 | + | 
|---|
| [437] | 36 | autoreconf | 
|---|
|  | 37 |  | 
|---|
| [760] | 38 | %build | 
|---|
       
      
      Note: See 
TracBrowser
        for help on using the repository browser.