Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: pam_ssh | Distribution: SUSE Linux Enterprise 15 |
Version: 2.1 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 2.27 | Build date: Sat May 26 03:36:37 2018 |
Group: Productivity/Networking/SSH | Build host: s390lp8 |
Size: 355625 | Source RPM: pam_ssh-2.1-2.27.src.rpm |
Packager: https://www.suse.com/ | |
Url: http://sourceforge.net/projects/pam-ssh/ | |
Summary: PAM Module for SSH Authentication |
This module provides single sign-on behavior. The user types a passphrase when logging in and is allowed in if it decrypts the user s SSH private key. An ssh-agent is started and keys are added. For the entire session, the user types no more passwords.
BSD-3-Clause
* Fri Dec 01 2017 dimstar@opensuse.org - Explicitly call autoreconf: an implicit call requires the same version automake/autoconf to be present that was used to originally bootstrap the tarball (version 1.13). * Thu Nov 30 2017 vcizek@suse.com - Add support for building with OpenSSL 1.1 (bsc#1066988) * partly based on https://github.com/openssh/openssh-portable/pull/48 * add pam_ssh-openssl11.patch * Fri Jun 05 2015 mpluskal@suse.com - Update to 2.1 * session/login/default keys lexical sort order * add ED25519 key support * updated openssh embedded code to 6.7p1 - Cleanup spec file with spec-cleaner * Sun Mar 08 2015 p.drouand@gmail.com - Update to version 2.01 * pam_ssh.1: updated man page to reflect the current implementation - Remove gpg-offline require and verification; OBS handles it - Use download Url as source * Mon Nov 18 2013 wr@rosenauer.org - update to 2.0 * added support for ECDSA keys * ssh-agent is now spawned in a different improved way * ssh-agent is not started anymore for users without keys * support try_first_password PAM option * still ask for passphrase even if user does not exist * expect keys used for login in ~/.ssh/login-keys.d directory (see README; this behaviour will cause old setups to fail since the default keys are not used anymore for auth) * "keyfiles" option has been removed and all found keys which can be opened using the provided passphrase will be added to the agent * alternative keys not used for login purposes and not named like the default keys will be decrypted and saved for the agent when placed in ~/.ssh/session-keys.d directory * when there is no controlling tty now use the PID to create the session file * return PAM_SESSION_ERR from within the session part instead of PAM_AUTH_ERR * honour TMPDIR for ssh-agent * start ssh-agent with GID of the group given at compile time to the new configure option - -with-ssh-agent-group - switched archive to XZ - verify detached signature * Thu Jun 06 2013 vcizek@suse.com - restore credentials before exitting from pam_sm_open_session * fixes bnc#823484 * added James Carter's pam_ssh-1.97-no_tty_stay_as_user.patch * Mon Apr 29 2013 wr@rosenauer.org - update to 1.98 * bugfix update obsoleting - pam_ssh-1.97-empty_passphrase_segfault.patch - pam_ssh-1.97-setgid.patch - pam_ssh-1.97-sigmask.patch - pam_ssh-double-free.patch * Sat Jan 12 2013 coolo@suse.com - remove suse_update_config * Thu Jan 12 2012 vcizek@suse.com - added patch that prevents segfault when empty passphrase is supplied (bnc#741541) * Mon Nov 28 2011 jengelh@medozas.de - Remove redundant/unwanted tags/section (cf. specfile guidelines) - Use %_smp_mflags for parallel building * Sun Nov 27 2011 coolo@suse.com - add libtool as buildrequire to avoid implicit dependency * Sun Oct 30 2011 mkubecek@suse.cz - pam_ssh-1.97-sigmask.patch: Clear signal mask before executing ssh-agent as pam_ssh code can be called from kdm with blocked TERM signal which would be inherited by ssh-agent (bnc#727246). * Wed May 11 2011 vcizek@novell.com - set gid/groups before executing ssh-agent (bnc#665061) * Mon Apr 18 2011 vcizek@novell.com - fix for bnc#688120 (pam_ssh double free) * Mon Feb 01 2010 jengelh@medozas.de - package baselibs.conf * Wed Jun 24 2009 sbrabec@suse.cz - Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164). * Wed Jun 24 2009 sbrabec@suse.cz - Supplement pam-32bit/pam-64bit in baselibs.conf (bnc#354164). * Tue Apr 14 2009 anicka@suse.cz - update to 1.97 * pam_get_pass.c: CVE-2009-1273 pam_ssh used a certain prompt if a user found to exist to ask for the SSH passphrase explicitely depending on whether the username was valid or invalid, which made it easier for remote attackers to enumerate usernames. - remove last patch * Fri Apr 10 2009 anicka@suse.cz - add fix for CVE-2009-1273 (bnc#492764) taken from Red Hat bugzilla (#492153)
/lib64/security/pam_ssh.so /usr/share/doc/packages/pam_ssh /usr/share/doc/packages/pam_ssh/NEWS /usr/share/doc/packages/pam_ssh/README /usr/share/doc/packages/pam_ssh/TODO /usr/share/man/man8/pam_ssh.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 18:25:27 2024