diff options
author | Jan Luebbe <jlu@pengutronix.de> | 2022-08-18 13:17:02 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-08-21 22:51:38 +0100 |
commit | 3a66dd6e05a65446a43cba2bf6972e78b2b13c31 (patch) | |
tree | 49564295f8c4db950d53931da8849582a23f71d5 /meta/recipes-connectivity | |
parent | 41869d81347f43aa0e4d625aec88c551321dcded (diff) | |
download | openembedded-core-3a66dd6e05a65446a43cba2bf6972e78b2b13c31.tar.gz |
openssh: sync local ssh_config + sshd_config files with upstream 8.7p1
Changes are caused by the removal of deprecated options.
ChallengeResponseAuthentication was replaced by
KbdInteractiveAuthentication in the SSHv2 protocol, see
https://www.openssh.com/txt/release-8.7
Signed-off-by: Jan Luebbe <jlu@pengutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity')
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh/ssh_config | 4 | ||||
-rw-r--r-- | meta/recipes-connectivity/openssh/openssh/sshd_config | 15 |
2 files changed, 9 insertions, 10 deletions
diff --git a/meta/recipes-connectivity/openssh/openssh/ssh_config b/meta/recipes-connectivity/openssh/openssh/ssh_config index e0d023803e..05eecb465f 100644 --- a/meta/recipes-connectivity/openssh/openssh/ssh_config +++ b/meta/recipes-connectivity/openssh/openssh/ssh_config @@ -1,4 +1,4 @@ -# $OpenBSD: ssh_config,v 1.33 2017/05/07 23:12:57 djm Exp $ +# $OpenBSD: ssh_config,v 1.35 2020/07/17 03:43:42 dtucker Exp $ # This is the ssh client system-wide configuration file. See # ssh_config(5) for more information. This file provides defaults for @@ -36,7 +36,6 @@ Host * # IdentityFile ~/.ssh/id_ecdsa # IdentityFile ~/.ssh/id_ed25519 # Port 22 -# Protocol 2 # Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc # MACs hmac-md5,hmac-sha1,umac-64@openssh.com # EscapeChar ~ @@ -46,3 +45,4 @@ Host * # VisualHostKey no # ProxyCommand ssh -q -W %h:%p gateway.example.com # RekeyLimit 1G 1h +# UserKnownHostsFile ~/.ssh/known_hosts.d/%k diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config index 15f061b570..9c53805890 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.102 2018/02/16 02:32:40 djm Exp $ +# $OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -57,9 +57,9 @@ AuthorizedKeysFile .ssh/authorized_keys #PasswordAuthentication yes #PermitEmptyPasswords no -# Change to yes to enable challenge-response passwords (beware issues with -# some PAM modules and threads) -ChallengeResponseAuthentication no +# Change to yes to enable keyboard-interactive authentication (beware issues +# with some PAM modules and threads) +KbdInteractiveAuthentication no # Kerberos options #KerberosAuthentication no @@ -73,13 +73,13 @@ ChallengeResponseAuthentication no # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will -# be allowed through the ChallengeResponseAuthentication and +# be allowed through the KbdInteractiveAuthentication and # PasswordAuthentication. Depending on your PAM configuration, -# PAM authentication via ChallengeResponseAuthentication may bypass +# PAM authentication via KbdInteractiveAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication -# and ChallengeResponseAuthentication to 'no'. +# and KbdInteractiveAuthentication to 'no'. #UsePAM no #AllowAgentForwarding yes @@ -92,7 +92,6 @@ ChallengeResponseAuthentication no #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes -#UseLogin no #PermitUserEnvironment no Compression no ClientAliveInterval 15 |