summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2018-07-17 19:23:29 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2018-07-17 19:55:08 +0000
commitccd7dadfb79d8eb04f50c44ed522086320ae5b97 (patch)
tree501d9905f176a8d023b26e8dd2fbcded4afbd195
parentCreating empty ED25519 host certificate if necessary. (diff)
downloadopenssh-ccd7dadfb79d8eb04f50c44ed522086320ae5b97.zip
openssh-ccd7dadfb79d8eb04f50c44ed522086320ae5b97.tar.xz
Releasing progress-linux version 1:7.4p1-10+deb9u3dschinn2.progress-linux/1%7.4p1-10+deb9u3dschinn2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r--debian/changelog92
1 files changed, 92 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 2f41508..080eea7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,95 @@
+openssh (1:7.4p1-10+deb9u3dschinn2) dschinn; urgency=medium
+
+ * Uploading to dschinn, remaining changes:
+ - Updating maintainer field.
+ - Updating uploaders field.
+ - Updating bugs field.
+ - Updating vcs fields.
+ - Updating source local-options.
+ - Enabling pam_access.so for openssh-server by default.
+ - Disabling pam_motd.so for openssh-server by default.
+ - Setting default size of RSA user keys in ssh-keygen to 4096 bits.
+ - Setting default size of ECDSA user keys in ssh-keygen to 521 bits.
+ - Removing obsolete protocol 1 specific settings in /etc/ssh/ssh_config.
+ - Deduplicate options in /etc/ssh/ssh_config.
+ - Removing example for potentially weak DSA user keys in
+ /etc/ssh/ssh_config.
+ - Removing example for potentially weak ECDSA user keys in
+ /etc/ssh/ssh_config.
+ - Enabling RSA user keys explicitly in /etc/ssh/ssh_config.
+ - Setting PubkeyAcceptedKeyTypes to ssh-rsa-cert-v01@openssh.com,ssh-rsa
+ in /etc/ssh/sshd_config.
+ - Setting HostKeyAlgorithms to ssh-rsa-cert-v01@openssh.com,ssh-rsa in
+ /etc/ssh/ssh_config.
+ - Setting Ciphers to
+ aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr in
+ /etc/ssh/ssh_config.
+ - Setting KexAlgorithms to diffie-hellman-group-exchange-sha256 in
+ /etc/ssh/ssh_config.
+ - Setting MACs to hmac-sha2-512-etm@openssh.com,hmac-
+ sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256 in
+ /etc/ssh/ssh_config.
+ - Setting default VerifyHostKeyDNS to ask in /etc/ssh/ssh_config.
+ - Disabling to generate potentially weak DSA host keys.
+ - Disabling to generate potentially weak ECDSA host keys.
+ - Creating empty RSA host certificate if necessary.
+ - Removing CVS header in /etc/ssh/sshd_config.
+ - Removing example for potentially weak ECDSA host keys in
+ /etc/ssh/sshd_config.
+ - Enabling RSA host key explicitly in /etc/ssh/sshd_config.
+ - Setting HostCertificate to /etc/ssh/ssh_host_rsa_key-cert.pub in
+ /etc/ssh/sshd_config.
+ - Setting HostKeyAlgorithms to ssh-rsa-cert-v01@openssh.com,ssh-rsa in
+ /etc/ssh/sshd_config.
+ - Setting Ciphers to
+ aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes128-ctr in
+ /etc/ssh/sshd_config.
+ - Setting KexAlgorithms to diffie-hellman-group-exchange-sha256 in
+ /etc/ssh/sshd_config.
+ - Setting MACs to hmac-sha2-512-etm@openssh.com,hmac-
+ sha2-256-etm@openssh.com,hmac-sha2-512,hmac-sha2-256 in
+ /etc/ssh/sshd_config.
+ - Setting PermitRootLogin to no in /etc/ssh/sshd_config.
+ - Setting PubkeyAcceptedKeyTypes to ssh-rsa-cert-v01@openssh.com,ssh-rsa
+ in /etc/ssh/sshd_config.
+ - Setting AuthorizedKeysFile to /etc/ssh/authorized_keys/%u and
+ .ssh/authorized_keys in /etc/ssh/sshd_config.
+ - Setting PasswordAuthentication to no in /etc/ssh/sshd_config.
+ - Setting UseDNS to yes in /etc/ssh/sshd_config.
+ - Setting DebianBanner to no in /etc/ssh/sshd_config.
+ - Adding sftp-only group configuration in /etc/ssh/sshd_config.
+ * Removing ssh-config-remove-ed25519-identity.patch to include ED25519.
+ * Refreshing ssh-config-enable-rsa-identity.patch.
+ * Enabling ED25519 user keys explicitly in /etc/ssh/ssh_config.
+ * Updating ssh-config-pubkeyacceptedkeytypes.patch to include ED25519.
+ * Updating ssh-config-hostkeyalgorithms.patch to include ED25519.
+ * Refreshing ssh-config-ciphers.patch.
+ * Updating ssh-config-kexalgorithms.patch to include ED25519.
+ * Refreshing ssh-config-macs.patch.
+ * Refreshing ssh-config-verifyhostkeydns.patch.
+ * Removing sshd-config-remove-ed25519-hostkey.patch to include ED25519.
+ * Refreshing sshd-config-enable-rsa-hostkey.patch.
+ * Enabling ED25519 host key explicitly in /etc/ssh/sshd_config.
+ * Refreshing sshd-config-hostcertificate.patch.
+ * Renaming sshd-config-hostcertificate.patch to sshd-config-
+ hostcertificate-rsa.patch for consistency reasons.
+ * Enabling ED25519 host certificate in /etc/ssh/sshd_config.
+ * Updating sshd-config-hostkeyalgorithms.patch to include ED25519.
+ * Refreshing sshd-config-ciphers.patch.
+ * Updating sshd-config-kexalgorithms.patch to include ED25519.
+ * Refreshing sshd-config-macs.patch.
+ * Refreshing sshd-config-permitrootlogin.patch.
+ * Updating sshd-config-pubkeyacceptedkeytypes.patch to include ED25519.
+ * Refreshing sshd-config-authorizedkeysfile.patch.
+ * Refreshing sshd-config-usedns.patch.
+ * Refreshing sshd-config-debianbanner.patch.
+ * Refreshing sshd-config-sftp-only.patch.
+ * Renumbering patches.
+ * Re-enabling to generate ED25519 host keys.
+ * Creating empty ED25519 host certificate if necessary.
+
+ -- Daniel Baumann <daniel.baumann@progress-linux.org> Tue, 17 Jul 2018 21:22:48 +0200
+
openssh (1:7.4p1-10+deb9u3dschinn1) dschinn; urgency=medium
* Uploading to dschinn, remaining changes: