| FREEBSD-upgrade (538354481ef7dbcd76ebc7334512a9d60994b84e) | FREEBSD-upgrade (9ded33068ebc84932a4e78ecb1d5516698fa7144) |
|---|---|
| 1 FreeBSD maintainer's guide to OpenSSH-portable 2 ============================================== 3 400) Make sure your mail spool has plenty of free space. It'll fill up 5 pretty fast once you're done with this checklist. 6 701) Download the latest OpenSSH-portable tarball and signature from 8 OpenBSD (ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/). --- 128 unchanged lines hidden (view full) --- 137 Our setusercontext(3) can set environment variables, which we must 138 take care to transfer to the child's environment. 139 1405) TCP wrappers 141 142 Support for TCP wrappers was removed in upstream 6.7p1. We've 143 added it back by porting the 6.6p1 code forward. 144 | 1 FreeBSD maintainer's guide to OpenSSH-portable 2 ============================================== 3 400) Make sure your mail spool has plenty of free space. It'll fill up 5 pretty fast once you're done with this checklist. 6 701) Download the latest OpenSSH-portable tarball and signature from 8 OpenBSD (ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/). --- 128 unchanged lines hidden (view full) --- 137 Our setusercontext(3) can set environment variables, which we must 138 take care to transfer to the child's environment. 139 1405) TCP wrappers 141 142 Support for TCP wrappers was removed in upstream 6.7p1. We've 143 added it back by porting the 6.6p1 code forward. 144 |
| 1456) DSA keys | 1456) Agent client reference counting |
| 146 | 146 |
| 147 DSA keys were disabled by default in upstream 6.9p1. We've added 148 them back. 149 1507) Agent client reference counting 151 | |
| 152 We've added code to ssh-agent.c to implement client reference 153 counting; the agent will automatically exit when the last client 154 disconnects. 155 | 147 We've added code to ssh-agent.c to implement client reference 148 counting; the agent will automatically exit when the last client 149 disconnects. 150 |
| 1568) Class-based login restrictions | 1517) Class-based login restrictions |
| 157 158 We've added code to auth2.c to enforce the host.allow, host.deny, 159 times.allow and times.deny login class capabilities. 160 | 152 153 We've added code to auth2.c to enforce the host.allow, host.deny, 154 times.allow and times.deny login class capabilities. 155 |
| 1619) HPN | 1568) HPN |
| 162 163 We no longer have the HPN patches (adaptive buffer size for 164 increased throughput on high-BxD links), but we recognize and 165 ignore HPN-related configuration options to avoid breaking existing 166 configurations. 167 | 157 158 We no longer have the HPN patches (adaptive buffer size for 159 increased throughput on high-BxD links), but we recognize and 160 ignore HPN-related configuration options to avoid breaking existing 161 configurations. 162 |
| 168A) AES-CBC | 1639) AES-CBC |
| 169 170 The AES-CBC ciphers were removed from the server-side proposal list 171 in 6.7p1 due to theoretical weaknesses and the availability of 172 superior ciphers (including AES-CTR and AES-GCM). We have re-added 173 them for compatibility with third-party clients. 174 175 176 177This port was brought to you by (in no particular order) DARPA, NAI 178Labs, ThinkSec, Nescafé, the Aberlour Glenlivet Distillery Co., 179Suzanne Vega, and a Sanford's #69 Deluxe Marker. 180 181 -- des@FreeBSD.org 182 183$FreeBSD$ | 164 165 The AES-CBC ciphers were removed from the server-side proposal list 166 in 6.7p1 due to theoretical weaknesses and the availability of 167 superior ciphers (including AES-CTR and AES-GCM). We have re-added 168 them for compatibility with third-party clients. 169 170 171 172This port was brought to you by (in no particular order) DARPA, NAI 173Labs, ThinkSec, Nescafé, the Aberlour Glenlivet Distillery Co., 174Suzanne Vega, and a Sanford's #69 Deluxe Marker. 175 176 -- des@FreeBSD.org 177 178$FreeBSD$ |