- openssl-1.0.2o rebuild

[packages/openssh.git] / openssh-config.patch

diff --git a/openssh-config.patch b/openssh-config.patch
index e48b3f250bbe517d3c70d622527d42ab8f4e3077..915d1d76d7b0a04e481446edb7380db2a3ca7597 100644 (file)
--- a/openssh-config.patch
+++ b/openssh-config.patch
@@ -15,7 +15,7 @@
  #PermitEmptyPasswords no
 +
 +# Allow DSA keys
-+PubkeyAcceptedKeyTypes +ssh-dss
++## PubkeyAcceptedKeyTypes +ssh-dss
  
  # Change to no to disable s/key passwords
  #ChallengeResponseAuthentication yes
@@ -65,13 +65,11 @@
  #     X11Forwarding no
 --- openssh-4.6p1/ssh_config~  2006-06-13 05:01:10.000000000 +0200
 +++ openssh-4.6p1/ssh_config   2007-10-13 02:00:16.000000000 +0200
-@@ -20,12 +20,15 @@
+@@ -20,10 +20,13 @@
  # Host *
  #   ForwardAgent no
  #   ForwardX11 no
-+#   ForwardX11Trusted yes
- #   RhostsRSAAuthentication no
- #   RSAAuthentication yes
++#   ForwardX11Trusted no
  #   PasswordAuthentication yes
  #   HostbasedAuthentication no
  #   GSSAPIAuthentication no
@@ -81,21 +79,17 @@
  #   BatchMode no
  #   CheckHostIP yes
  #   AddressFamily any
-@@ -42,3 +45,22 @@
+@@ -42,3 +45,18 @@
  #   VisualHostKey no
  #   ProxyCommand ssh -q -W %h:%p gateway.example.com
  #   RekeyLimit 1G 1h
 +
 +Host *
 +      GSSAPIAuthentication yes
-+      GSSAPIDelegateCredentials no
-+      ForwardAgent no
-+      ForwardX11 no
 +# If this option is set to yes then remote X11 clients will have full access
-+# to the original X11 display. As virtually no X11 client supports the untrusted
-+# mode correctly we set this to yes.
-+      ForwardX11Trusted yes
-+      StrictHostKeyChecking no
++# to the original X11 server. As some X11 clients don't support the untrusted
++# mode correctly, you might consider changing this to 'yes' or using '-Y'.
++#     ForwardX11Trusted no
 +      ServerAliveInterval 60
 +      ServerAliveCountMax 10
 +      TCPKeepAlive no