Summary: OpenSSH free Secure Shell (SSH) implementation
+Summary(pl): ,,wolna'' implementacja bezpiecznego shella (SSH)
Name: openssh
-Version: 1.2pre17
-Release: 1
-Source0: http://violet.ibs.com.au/openssh/files/%{name}-%{version}.tar.gz
+Version: 2.1.0
+Release: 2
+License: BSD
+Group: Applications/Networking
+Group(pl): Aplikacje/Sieciowe
+URL: http://www.openssh.com/
+Source0: ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/%{name}-%{version}.tar.gz
Source1: opensshd.conf
Source2: openssh.conf
Source3: opensshd.init
Source4: opensshd.pamd
Source5: openssh.sysconfig
Source6: passwd.pamd
-Patch0: openssh-ssl.patch
-Patch1: openssh-DESTDIR.patch
-Patch2: openssh-PAM_NEW_AUTHTOK.patch
-Patch3: http://www.misiek.eu.org/ipv6/openssh-1.2pre17-ipv6-untested-12121999.patch.gz
-License: BSD
-Group: Applications/Networking
-Group(pl): Aplikacje/Sieciowe
-BuildRequires: openssl-devel
+Patch0: openssh-PAM_NEW_AUTHTOK.patch
+Patch1: openssh-libwrap.patch
+Patch2: openssh-known-hosts.patch
+Patch3: openssh-login.patch
+BuildRequires: openssl-devel >= 0.9.5a
+BuildRequires: rpm >= 3.0.4
BuildRequires: zlib-devel
BuildRequires: pam-devel
BuildRequires: XFree86-devel
BuildRequires: gnome-libs-devel
-BuildRoot: /tmp/%{name}-%{version}-root
-Obsoletes: ssh
+BuildRequires: gtk+-devel
+BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
+Prereq: openssl >= 0.9.5a
+Obsoletes: ssh < %{version}, ssh > %{version}
%define _sysconfdir /etc/ssh
%description
Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
+executing commands in a remote machine. It is intended to replace rlogin
+and rsh, and provide secure encrypted communications between two untrusted
+hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
+can also be forwarded over the secure channel.
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to seperate libraries (OpenSSL).
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
+to date in terms of security and features, as well as removing all patented
+algorithms to seperate libraries (OpenSSL).
-This package includes the core files necessary for both the OpenSSH
-client and server. To make this package useful, you should also
-install openssh-clients, openssh-server, or both.
+This package includes the core files necessary for both the OpenSSH client
+and server. To make this package useful, you should also install
+openssh-clients, openssh-server, or both.
+
+%description -l pl
+Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i
+uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin,
+rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie pomiedzy dwoma hostami.
%package clients
Summary: OpenSSH Secure Shell protocol clients
+Summary(pl): Klienci protoko³u Secure Shell
Requires: openssh
Group: Applications/Networking
Group(pl): Aplikacje/Sieciowe
-Obsoletes: ssh-clients
+Obsoletes: ssh-clients < %{version}, ssh-clients > %{version}
Requires: %{name} = %{version}
%description clients
Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
+executing commands in a remote machine. It is intended to replace rlogin
+and rsh, and provide secure encrypted communications between two untrusted
+hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
+can also be forwarded over the secure channel.
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to seperate libraries (OpenSSL).
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
+to date in terms of security and features, as well as removing all patented
+algorithms to seperate libraries (OpenSSL).
This package includes the clients necessary to make encrypted connections
to SSH servers.
+%description -l pl clients
+Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i
+uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin,
+rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie pomiedzy dwoma hostami.
+
+Ten pakiet zawiera klientów s³u¿±cych do ³±czenia siê z serwerami SSH.
+
%package server
Summary: OpenSSH Secure Shell protocol server (sshd)
+Summary(pl): Serwer protoko³u Secure Shell (sshd)
Requires: openssh chkconfig >= 0.9
Group: Networking/Daemons
Group(pl): Sieciowe/Serwery
-Obsoletes: ssh-server
+Obsoletes: ssh-server < %{version}, ssh-server > %{version}
Requires: rc-scripts
+Requires: /bin/login
+Requires: util-linux
Prereq: %{name} = %{version}
%description server
Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
+executing commands in a remote machine. It is intended to replace rlogin
+and rsh, and provide secure encrypted communications between two untrusted
+hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
+can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
+to date in terms of security and features, as well as removing all patented
+algorithms to seperate libraries (OpenSSL).
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to seperate libraries (OpenSSL).
+This package contains the secure shell daemon. The sshd is the server part
+of the secure shell protocol and allows ssh clients to connect to your
+host.
-This package contains the secure shell daemon. The sshd is the server
-part of the secure shell protocol and allows ssh clients to connect to
-your host.
+%description -l pl server
+Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i
+uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin,
+rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie pomiedzy dwoma hostami.
-%package askpass
+Ten pakiet zawiera serwer sshd (do którego mog± ³±czyæ siê klienci ssh).
+
+%package gnome-askpass
Summary: OpenSSH GNOME passphrase dialog
+Summary(pl): Odpytywacz has³a OpenSSH dla GNOME
Group: Applications/Networking
Group(pl): Aplikacje/Sieciowe
Requires: %{name} = %{version}
-Obsoletes: ssh-extras
-Obsoletes: ssh-askpass
+Obsoletes: ssh-extras < %{version}, ssh-extras > %{version}
+Obsoletes: ssh-askpass < %{version}, ssh-askpass > %{version}
+Obsoletes: openssh-askpass < %{version}, openssh-askpass > %{version}
-%description askpass
+%description gnome-askpass
Ssh (Secure Shell) a program for logging into a remote machine and for
-executing commands in a remote machine. It is intended to replace
-rlogin and rsh, and provide secure encrypted communications between
-two untrusted hosts over an insecure network. X11 connections and
-arbitrary TCP/IP ports can also be forwarded over the secure channel.
+executing commands in a remote machine. It is intended to replace rlogin
+and rsh, and provide secure encrypted communications between two untrusted
+hosts over an insecure network. X11 connections and arbitrary TCP/IP ports
+can also be forwarded over the secure channel.
-OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
-up to date in terms of security and features, as well as removing all
-patented algorithms to seperate libraries (OpenSSL).
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up
+to date in terms of security and features, as well as removing all patented
+algorithms to seperate libraries (OpenSSL).
This package contains the GNOME passphrase dialog.
+%description -l pl gnome-askpass
+Ssh (Secure Shell) to program s³u¿±cy do logowania siê na zdaln± maszynê i
+uruchamiania na niej aplikacji. W zamierzeniu openssh ma zast±piæ rlogin,
+rsh i dostarczyæ bezpieczne, szyfrowane po³±czenie pomiedzy dwoma hostami.
+
+Ten pakiet zawiera ,,odpytywacz has³a'' dla GNOME.
%prep
%setup -q
%patch0 -p1
-%patch1 -p1
+%patch1 -p1
%patch2 -p1
%patch3 -p1
--with-gnome-askpass \
--with-tcp-wrappers \
--with-md5-passwords \
+ --with-ipaddr-display \
--enable-ipv6 \
+ --with-4in6 \
--enable-log-auth
-
-# --without-kerberos4 \
-# --without-afs \
-# --without-skey
echo '#define LOGIN_PROGRAM "/bin/login"' >>config.h
make
+cd contrib && gcc $RPM_OPT_FLAGS `gnome-config --cflags gnome gnomeui` \
+ gnome-ssh-askpass.c -o gnome-ssh-askpass \
+ `gnome-config --libs gnome gnomeui`
%install
rm -rf $RPM_BUILD_ROOT
-install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig}}
+install -d $RPM_BUILD_ROOT{%{_sysconfdir},/etc/{pam.d,rc.d/init.d,sysconfig,security}}
-make install \
- DESTDIR="$RPM_BUILD_ROOT"
+make install DESTDIR="$RPM_BUILD_ROOT"
install %{SOURCE4} $RPM_BUILD_ROOT/etc/pam.d/sshd
install %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/passwdssh
install %{SOURCE3} $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
install %{SOURCE2} $RPM_BUILD_ROOT%{_sysconfdir}/ssh_config
install %{SOURCE1} $RPM_BUILD_ROOT%{_sysconfdir}/sshd_config
+install -d $RPM_BUILD_ROOT%{_libexecdir}/ssh
+install -s contrib/gnome-ssh-askpass \
+ $RPM_BUILD_ROOT%{_libexecdir}/ssh/ssh-askpass
-gzip -9fn ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen UPGRADING \
+gzip -9nf ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen UPGRADING \
$RPM_BUILD_ROOT/%{_mandir}/man*/*
+
+touch $RPM_BUILD_ROOT/etc/security/blacklist.sshd
%clean
rm -rf $RPM_BUILD_ROOT
%post server
/sbin/chkconfig --add sshd
-if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
- /usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2
+if [ ! -f %{_sysconfdir}/ssh_host_key -o ! -s %{_sysconfdir}/ssh_host_key ]; then
+ %{_bindir}/ssh-keygen -b 1024 -f %{_sysconfdir}/ssh_host_key -N '' 1>&2
+fi
+if [ ! -f %{_sysconfdir}/ssh_host_dsa_key -o ! -s %{_sysconfdir}/ssh_host_dsa_key ]; then
+ %{_bindir}/ssh-keygen -d -f %{_sysconfdir}/ssh_host_dsa_key -N '' 1>&2
fi
-if test -r /var/run/sshd.pid
-then
- /etc/rc.d/init.d/sshd restart >&2
+if [ -f /var/lock/subsys/sshd ]; then
+ /etc/rc.d/init.d/sshd restart 1>&2
+else
+ echo "Run \"/etc/rc.d/init.d/sshd start\" to start openssh daemon."
fi
if ! grep ssh /etc/security/passwd.conf >/dev/null 2>&1 ; then
echo "ssh" >> /etc/security/passwd.conf
fi
%preun server
-if [ "$1" = 0 ]
-then
- /etc/rc.d/init.d/sshd stop >&2
+if [ "$1" = 0 ]; then
+ if [ -f /var/lock/subsys/sshd ]; then
+ /etc/rc.d/init.d/sshd stop 1>&2
+ fi
/sbin/chkconfig --del sshd
fi
%files clients
%defattr(644,root,root,755)
-# suid root ?
-#%attr(4755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/ssh
%attr(0755,root,root) %{_bindir}/ssh-agent
%attr(0755,root,root) %{_bindir}/ssh-add
-#%attr(0755,root,root) %{_bindir}/slogin
%attr(755,root,root) %{_bindir}/scp
%{_mandir}/man1/scp.1*
%{_mandir}/man1/ssh.1*
%{_mandir}/man1/ssh-agent.1*
%{_mandir}/man1/ssh-add.1*
-#%{_mandir}/man1/slogin.1
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/ssh_config
%files server
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/pam.d/sshd
%attr(754,root,root) /etc/rc.d/init.d/sshd
%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/sysconfig/sshd
+%attr(640,root,root) %config(noreplace) %verify(not md5 size mtime) /etc/security/blacklist.sshd
-%files askpass
+%files gnome-askpass
%defattr(644,root,root,755)
%dir %{_libexecdir}/ssh
%attr(755,root,root) %{_libexecdir}/ssh/ssh-askpass