diff --git a/openssh.spec b/openssh.spec index 098f7ddc15f1e6043f672a7e15a923172105d590..07070fd3806206d57426a6519142e9b241424515 100644 --- a/openssh.spec +++ b/openssh.spec @@ -6,7 +6,7 @@ %{?no_gtk2:%global gtk2 0} %global sshd_uid 74 -%global openssh_release 19 +%global openssh_release 20 Name: openssh Version: 8.2p1 @@ -365,7 +365,6 @@ install -d $RPM_BUILD_ROOT%{_libdir}/fipscheck install -m644 %{SOURCE2} $RPM_BUILD_ROOT/etc/pam.d/sshd install -m644 %{SOURCE6} $RPM_BUILD_ROOT/etc/pam.d/ssh-keycat install -m644 %{SOURCE7} $RPM_BUILD_ROOT/etc/sysconfig/sshd -install -m644 ssh_config_redhat $RPM_BUILD_ROOT/etc/ssh/ssh_config.d/05-redhat.conf install -d -m755 $RPM_BUILD_ROOT/%{_unitdir} install -m644 %{SOURCE9} $RPM_BUILD_ROOT/%{_unitdir}/sshd@.service install -m644 %{SOURCE10} $RPM_BUILD_ROOT/%{_unitdir}/sshd.socket @@ -423,7 +422,6 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_libdir}/fipscheck/ssh.hmac %attr(0755,root,root) %{_bindir}/scp %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config -%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config.d/05-redhat.conf %attr(0755,root,root) %{_bindir}/ssh-agent %attr(0755,root,root) %{_bindir}/ssh-add %attr(0755,root,root) %{_bindir}/ssh-keyscan @@ -483,6 +481,12 @@ getent passwd sshd >/dev/null || \ %attr(0644,root,root) %{_mandir}/man8/sftp-server.8* %changelog +* Wed Jun 17 2022 renmingshuai - 8.2P1-20 +- Type:bugfix +- CVE: +- SUG:NA +- DESC:set ssh_config + * Mon Sep 5 2022 renmingshuai - 8.2P1-19 - Type:bugfix - CVE: diff --git a/set-ssh-config.patch b/set-ssh-config.patch new file mode 100644 index 0000000000000000000000000000000000000000..8da9e7ee135cd3f73ae45f9477104ebcd76ab8da --- /dev/null +++ b/set-ssh-config.patch @@ -0,0 +1,30 @@ +From 8b8319aac379d9d6f75577507e87a97a8aa8aadc Mon Sep 17 00:00:00 2001 +From: renmingshuai +Date: Mon, 5 Sep 2022 10:33:02 +0800 +Subject: [PATCH] set-ssh-config + +--- + ssh_config | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/ssh_config b/ssh_config +index df22e2f..46b0987 100644 +--- a/ssh_config ++++ b/ssh_config +@@ -48,4 +48,13 @@ + # + # To modify the system-wide ssh configuration, create a *.conf file under + # /etc/ssh/ssh_config.d/ which will be automatically included below ++Match final all ++ Include /etc/crypto-policies/back-ends/openssh.config ++ GSSAPIAuthentication yes ++ ForwardX11Trusted yes ++ SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES ++ SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT ++ SendEnv LC_IDENTIFIACTION LC_ALL_LANGUAGE ++ SendEnv XMODIFIERS ++ + Include /etc/ssh/ssh_config.d/*.conf +-- +1.8.3.1 +