Debian patch 2.3+ds-3
Jerome Benoit
2 years ago
0 | libpam-ssh (2.2+ds-1) unstable; urgency=medium | |
1 | ||
2 | Support for SSH1 and RSA1 protocols were dropped upstream. | |
3 | ||
4 | -- Jerome Benoit <calculus@rezozer.net> Sat, 12 Jan 2019 11:44:00 +0000 | |
5 | ||
6 | libpam-ssh (2.01+ds-1) experimental; urgency=medium | |
7 | ||
8 | The PAM SSH session management component now passes the SSH keys to | |
9 | the SSH agent according to an explicit order as described in the | |
10 | refreshed manpage pam_ssh(8); the effective order can be listed with | |
11 | ssh-add(1) (options -L and -l). | |
12 | ||
13 | -- Jerome Benoit <calculus@rezozer.net> Sun, 08 Mar 2015 13:23:00 +0000 | |
14 | ||
15 | libpam-ssh (1.98-2) unstable; urgency=low | |
16 | ||
17 | The PAM configuration file, meant to be used by pam-add-update(8), | |
18 | has been renamed from silent-ssh-single-sign-on to ssh wrt to the | |
19 | emerging custom. The prerm script removes the profile associated | |
20 | to the obsoleted PAM configuration file silent-ssh-single-sign-on. | |
21 | On the other hand, the postinst script will add the same profile | |
22 | but under its new name, ssh. The content itself of the involved PAM | |
23 | configuration file has not been modified. | |
24 | The superuser may want to update the pam-auth-update(8) setup by | |
25 | invoking it; depending on its priority on questions, debconf may | |
26 | or may not arise during configuration. | |
27 | Meanwhile, a bug report has been submitted to the libpam-tmpdir | |
28 | team (#711100) to permit a better interaction with this package | |
29 | via the pam-add-update(8) machinery. | |
30 | ||
31 | -- Jerome Benoit <calculus@rezozer.net> Sun, 14 Jul 2013 13:35:44 +0000 | |
32 | ||
33 | libpam-ssh (1.92-1) unstable; urgency=low | |
34 | ||
35 | The PAM module configuration line must now be directly inserted into | |
36 | the relevant PAM configuration files instead of being included. See | |
37 | the README.Debian for configuration examples. | |
38 | ||
39 | The 'keyfiles' option is now obsolete, and the concept of "login keys" | |
40 | has been introduced: the authentication module will locate and decrypt | |
41 | all SSH keys in the directory $HOME/.ssh/login-keys.d and use these | |
42 | keys (and only these) for authentication. | |
43 | ||
44 | The traditional SSH keys 'identity', 'id_dsa' and 'id_rsa' in | |
45 | $HOME/.ssh will also be decrypted and passed to the SSH agent, but | |
46 | these keys will not be used for authentication. | |
47 | ||
48 | The 'try_first_pass' now works as advertised, namely by asking for an | |
49 | SSH passphrase if the password from the previous PAM module fails to | |
50 | decrypt any of the user's SSH keys. | |
51 | ||
52 | The 'debug' option now works as advertised, and the output goes into | |
53 | /var/log/auth.log . | |
54 | ||
55 | -- Jens Peter Secher <jps@debian.org> Sat, 21 Dec 2008 15:41:52 +0100 |
0 | libpam-ssh (2.2+ds-1) unstable; urgency=medium | |
1 | ||
2 | Support for SSH1 and RSA1 protocols were dropped upstream. | |
3 | ||
4 | -- Jerome Benoit <calculus@rezozer.net> Sat, 12 Jan 2019 11:44:00 +0000 | |
5 | ||
6 | libpam-ssh (2.01+ds-1) experimental; urgency=medium | |
7 | ||
8 | The PAM SSH session management component now passes the SSH keys to | |
9 | the SSH agent according to an explicit order as described in the | |
10 | refreshed manpage pam_ssh(8); the effective order can be listed with | |
11 | ssh-add(1) (options -L and -l). | |
12 | ||
13 | -- Jerome Benoit <calculus@rezozer.net> Sun, 08 Mar 2015 13:23:00 +0000 | |
14 | ||
15 | libpam-ssh (1.98-2) unstable; urgency=low | |
16 | ||
17 | The PAM configuration file, meant to be used by pam-add-update(8), | |
18 | has been renamed from silent-ssh-single-sign-on to ssh wrt to the | |
19 | emerging custom. The prerm script removes the profile associated | |
20 | to the obsoleted PAM configuration file silent-ssh-single-sign-on. | |
21 | On the other hand, the postinst script will add the same profile | |
22 | but under its new name, ssh. The content itself of the involved PAM | |
23 | configuration file has not been modified. | |
24 | The superuser may want to update the pam-auth-update(8) setup by | |
25 | invoking it; depending on its priority on questions, debconf may | |
26 | or may not arise during configuration. | |
27 | Meanwhile, a bug report has been submitted to the libpam-tmpdir | |
28 | team (#711100) to permit a better interaction with this package | |
29 | via the pam-add-update(8) machinery. | |
30 | ||
31 | -- Jerome Benoit <calculus@rezozer.net> Sun, 14 Jul 2013 13:35:44 +0000 | |
32 | ||
33 | libpam-ssh (1.92-1) unstable; urgency=low | |
34 | ||
35 | The PAM module configuration line must now be directly inserted into | |
36 | the relevant PAM configuration files instead of being included. See | |
37 | the README.Debian for configuration examples. | |
38 | ||
39 | The 'keyfiles' option is now obsolete, and the concept of "login keys" | |
40 | has been introduced: the authentication module will locate and decrypt | |
41 | all SSH keys in the directory $HOME/.ssh/login-keys.d and use these | |
42 | keys (and only these) for authentication. | |
43 | ||
44 | The traditional SSH keys 'identity', 'id_dsa' and 'id_rsa' in | |
45 | $HOME/.ssh will also be decrypted and passed to the SSH agent, but | |
46 | these keys will not be used for authentication. | |
47 | ||
48 | The 'try_first_pass' now works as advertised, namely by asking for an | |
49 | SSH passphrase if the password from the previous PAM module fails to | |
50 | decrypt any of the user's SSH keys. | |
51 | ||
52 | The 'debug' option now works as advertised, and the output goes into | |
53 | /var/log/auth.log . | |
54 | ||
55 | -- Jens Peter Secher <jps@debian.org> Sat, 21 Dec 2008 15:41:52 +0100 |
0 | libpam-ssh (2.3+ds-3) unstable; urgency=medium | |
1 | ||
2 | * Debianization: | |
3 | - d/control: | |
4 | - Standard version, bump to 4.6.0 (no change); | |
5 | - d/copyright: | |
6 | - duplicate-globbing-patterns linitian emits, fix; | |
7 | - d/libpam-ssh.manpages, correct; | |
8 | - d/NEWS.Debian, renamed d/NEWS; | |
9 | - d/docs, renamed libpam-ssh.docs; | |
10 | - d/libpam-ssh.{lintian-overrides,manpages}, refresh. | |
11 | ||
12 | -- Jerome Benoit <calculus@rezozer.net> Sun, 19 Dec 2021 12:59:17 +0000 | |
13 | ||
0 | 14 | libpam-ssh (2.3+ds-2) unstable; urgency=medium |
1 | 15 | |
2 | 16 | * FTBFS fix version, gcc10 migration (Closes: #957464). |
3 | 3 | Maintainer: Jerome Benoit <calculus@rezozer.net> |
4 | 4 | Rules-Requires-Root: no |
5 | 5 | Build-Depends: |
6 | debhelper-compat (= 12), libtool, | |
6 | debhelper-compat (= 13), libtool, | |
7 | 7 | libssl-dev (>= 1.1.1), |
8 | 8 | libpam0g-dev, |
9 | 9 | openssh-client | ssh-client |
10 | Standards-Version: 4.5.0 | |
10 | Standards-Version: 4.6.0 | |
11 | 11 | Homepage: http://pam-ssh.sourceforge.net |
12 | 12 | Vcs-Git: https://salsa.debian.org/debian/libpam-ssh.git |
13 | 13 | Vcs-Browser: https://salsa.debian.org/debian/libpam-ssh |
22 | 22 | |
23 | 23 | Files: * |
24 | 24 | Copyright: |
25 | 2006-2020 Wolfgang Rosenauer <wolfgang@rosenauer.org> | |
25 | 2006-2021 Wolfgang Rosenauer <wolfgang@rosenauer.org> | |
26 | 26 | 1999, 2000, 2001, 2002, 2004 Andrew J. Korty <ajk@iu.edu> |
27 | 27 | License: BSD-3-clause |
28 | 28 | |
29 | 29 | Files: |
30 | authfd.c | |
31 | 30 | authfd.h |
32 | authfile.c | |
33 | authfile.h | |
34 | bufaux.c | |
35 | bufbn.c | |
36 | buffer.c | |
37 | buffer.h | |
38 | cipher.c | |
39 | cipher.h | |
40 | 31 | includes.h |
41 | key.c | |
42 | log.c | |
43 | 32 | log.h |
44 | 33 | misc.h |
45 | rsa.c | |
46 | 34 | rsa.h |
47 | 35 | ssh.h |
48 | 36 | xmalloc.c |
49 | 37 | xmalloc.h |
50 | 38 | Copyright: |
51 | 39 | 1995 Tatu Ylonen <ylo@cs.hut.fi> |
52 | License: AdHoc-0 | |
53 | As far as I am concerned, the code I have written for this software | |
54 | can be used freely for any purpose. Any derived versions of this | |
55 | software must be clearly marked as such, and if the derived work is | |
56 | incompatible with the protocol description in the RFC file, it must be | |
57 | called by a name other than "ssh" or "Secure Shell". | |
40 | License: AdHoc-TatuYlonen-0 | |
41 | Comment: | |
42 | Embedded OpenSSH code | |
43 | ||
44 | Files: | |
45 | cleanup.c | |
46 | fatal.c | |
47 | kex.h | |
48 | key.h | |
49 | ssh2.h | |
50 | ssh-dss.c | |
51 | sshkey.h | |
52 | Copyright: | |
53 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
54 | License: BSD-2-clause | |
58 | 55 | Comment: |
59 | 56 | Embedded OpenSSH code |
60 | 57 | |
62 | 59 | authfd.c |
63 | 60 | authfile.c |
64 | 61 | authfile.h |
62 | cipher.h | |
63 | log.c | |
64 | Copyright: | |
65 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
66 | 1995 Tatu Ylonen <ylo@cs.hut.fi> | |
67 | License: AdHoc-TatuYlonen-0 and BSD-2-clause | |
68 | Comment: | |
69 | Embedded OpenSSH code | |
70 | ||
71 | Files: | |
65 | 72 | bufaux.c |
66 | 73 | bufbn.c |
67 | cipher-aesctr.h | |
68 | cipher.c | |
69 | cipher.h | |
70 | cleanup.c | |
71 | crypto_api.h | |
72 | fatal.c | |
73 | kex.h | |
74 | key.c | |
75 | key.h | |
76 | log.c | |
77 | misc.c | |
78 | ssh2.h | |
79 | ssh-dss.c | |
80 | ssh-ecdsa.c | |
81 | ssh-ed25519.c | |
82 | sshkey.c | |
83 | sshkey.h | |
84 | Copyright: | |
85 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
86 | License: BSD-2-clause | |
87 | Comment: | |
88 | Embedded OpenSSH code | |
89 | ||
90 | Files: | |
91 | cipher-aesctr.h | |
74 | Copyright: | |
75 | 2010, 2011, 2012, 2013 Damien Miller <djm@mindrot.org> | |
76 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
77 | 1995 Tatu Ylonen <ylo@cs.hut.fi> | |
78 | License: AdHoc-TatuYlonen-0 and BSD-2-clause and ISC | |
79 | Comment: | |
80 | Embedded OpenSSH code | |
81 | ||
82 | Files: | |
92 | 83 | cipher-ctr.c |
93 | 84 | ssh-ed25519.c |
94 | 85 | ssh-rsa.c |
95 | 86 | Copyright: |
96 | 87 | 2003, 2014 Markus Friedl <markus@openbsd.org> |
88 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
89 | License: BSD-2-clause and ISC | |
90 | Comment: | |
91 | Embedded OpenSSH code | |
92 | ||
93 | Files: | |
94 | cipher-aesctr.h | |
95 | Copyright: | |
96 | 2003, 2014 Markus Friedl <markus@openbsd.org> | |
97 | 97 | License: ISC |
98 | 98 | Comment: |
99 | 99 | Embedded OpenSSH code |
101 | 101 | Files: |
102 | 102 | crypto_api.h |
103 | 103 | Copyright: |
104 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
104 | 105 | Markus Friedl <markus@openbsd.org> |
105 | License: public-domain-0 | |
106 | License: public-domain-0 and BSD-2-clause | |
106 | 107 | Comment: |
107 | 108 | Embedded OpenSSH code |
108 | 109 | |
126 | 127 | Embedded OpenSSH code |
127 | 128 | |
128 | 129 | Files: |
129 | bufec.c | |
130 | 130 | defines.h |
131 | Copyright: | |
132 | 1999-2003, 2005, 2006, 2010 Damien Miller <djm@mindrot.org> | |
133 | License: BSD-2-clause | |
134 | Comment: | |
135 | Embedded OpenSSH code | |
136 | ||
137 | Files: | |
131 | 138 | misc.c |
132 | 139 | ssh-ecdsa.c |
133 | sshkey.c | |
134 | Copyright: | |
140 | Copyright: | |
141 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
135 | 142 | 1999-2003, 2005, 2006, 2010 Damien Miller <djm@mindrot.org> |
136 | 143 | License: BSD-2-clause |
137 | 144 | Comment: |
138 | 145 | Embedded OpenSSH code |
139 | 146 | |
140 | 147 | Files: |
141 | bufaux.c | |
142 | bufbn.c | |
143 | bufec.c | |
144 | buffer.c | |
145 | buffer.h | |
146 | 148 | cipher-chachapoly.c |
147 | 149 | cipher-chachapoly.h |
148 | 150 | digest.h |
162 | 164 | Embedded OpenSSH code |
163 | 165 | |
164 | 166 | Files: |
167 | bufec.c | |
168 | Copyright: | |
169 | 2010, 2011, 2012, 2013 Damien Miller <djm@mindrot.org> | |
170 | 1999-2003, 2005, 2006, 2010 Damien Miller <djm@mindrot.org> | |
171 | License: ISC and BSD-2-clause | |
172 | Comment: | |
173 | Embedded OpenSSH code | |
174 | ||
175 | Files: | |
176 | buffer.c | |
177 | buffer.h | |
178 | Copyright: | |
179 | 2010, 2011, 2012, 2013 Damien Miller <djm@mindrot.org> | |
180 | 1995 Tatu Ylonen <ylo@cs.hut.fi> | |
181 | License: AdHoc-TatuYlonen-0 and ISC | |
182 | Comment: | |
183 | Embedded OpenSSH code | |
184 | ||
185 | Files: | |
165 | 186 | blowfish.c |
166 | 187 | blf.h |
167 | 188 | Copyright: |
171 | 192 | Embedded OpenSSH code |
172 | 193 | |
173 | 194 | Files: |
195 | rsa.c | |
196 | Copyright: | |
197 | 1999 Niels Provos <provos@physnet.uni-hamburg.de> | |
198 | 1995 Tatu Ylonen <ylo@cs.hut.fi> | |
199 | License: AdHoc-TatuYlonen-0 and BSD-2-clause | |
200 | Comment: | |
201 | Embedded OpenSSH code | |
202 | ||
203 | Files: | |
174 | 204 | cipher.c |
175 | rsa.c | |
176 | Copyright: | |
205 | Copyright: | |
206 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
177 | 207 | 1999 Niels Provos <provos@physnet.uni-hamburg.de> |
178 | License: BSD-2-clause | |
179 | Comment: | |
180 | Embedded OpenSSH code | |
181 | ||
182 | Files: | |
183 | key.c | |
208 | 1995 Tatu Ylonen <ylo@cs.hut.fi> | |
209 | License: AdHoc-TatuYlonen-0 and BSD-2-clause | |
210 | Comment: | |
211 | Embedded OpenSSH code | |
212 | ||
213 | Files: | |
184 | 214 | sshkey.c |
185 | 215 | Copyright: |
186 | 216 | 2008 Alexander von Gernler |
217 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
218 | 1999-2003, 2005, 2006, 2010 Damien Miller <djm@mindrot.org> | |
187 | 219 | License: BSD-2-clause |
188 | 220 | Comment: |
189 | 221 | Embedded OpenSSH code |
261 | 293 | Files: |
262 | 294 | key.c |
263 | 295 | Copyright: |
296 | 1999, 2000, 2001, 2003, 2013, 2014 Markus Friedl <markus@openbsd.org> | |
297 | 2008 Alexander von Gernler | |
298 | 1995 Tatu Ylonen <ylo@cs.hut.fi> | |
264 | 299 | Darren Tucker <dtucker@zip.com.au> |
265 | License: public-domain-0 | |
300 | License: AdHoc-TatuYlonen-0 and public-domain-0 and BSD-2-clause | |
266 | 301 | Comment: |
267 | 302 | Embedded OpenSSH code |
268 | 303 | |
305 | 340 | |
306 | 341 | Files: debian/* |
307 | 342 | Copyright: |
308 | 2012-2020 Jerome Benoit <calculus@rezozer.net> | |
343 | 2012-2021 Jerome Benoit <calculus@rezozer.net> | |
309 | 344 | 2008-2010 Jens Peter Secher <jps@debian.org> |
310 | 345 | 2004-2005 Aurelien Labrosse <aurelien.labrosse@free.fr> |
311 | 346 | License: GPL-3+ |
445 | 480 | |
446 | 481 | License: public-domain-0 |
447 | 482 | Placed in the public domain. |
448 | ||
483 | ||
449 | 484 | License: public-domain-1 |
450 | 485 | This code is hereby placed in the public domain. |
451 | 486 | . |
461 | 496 | OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, |
462 | 497 | EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
463 | 498 | |
499 | License: AdHoc-TatuYlonen-0 | |
500 | As far as I am concerned, the code I have written for this software | |
501 | can be used freely for any purpose. Any derived versions of this | |
502 | software must be clearly marked as such, and if the derived work is | |
503 | incompatible with the protocol description in the RFC file, it must be | |
504 | called by a name other than "ssh" or "Secure Shell". |
0 | NEWS |
0 | # the manual documents the shipped service module for PAM | |
1 | libpam-ssh binary: spare-manual-page | |
2 | ||
0 | 3 | # GNU GPL covers only the Debian packaging |
1 | 4 | libpam-ssh binary: possible-gpl-code-linked-with-openssl |