The FreeBSD Ports Archive

Freebsd | Contact
Welcome to FreeBSD Software


FreeBSD security : ssh2

Secure shell client and server for V.2 SSH protocol

 SSH Protocols and Secure Shell

  Secure Shell is the secure login program that revolutionized remote
management of networks hosts over the Internet.  It is a powerful,
very easy-to-use program that uses strong cryptography for protecting
all transmitted confidential data, including passwords, binary files,
and administrative commands.

The benefits of SSH include:

o Automatic authentication of users, no passwords sent in cleartext to
  prevent the stealing of passwords.
o Multiple strong authentication methods that prevent such security
  threats as spoofing identity.
o Authentication of both ends of connection, the server and the client
  are authenticated to prevent identity spoofing, trojan horses, etc. 
o Automatic authentication using agents to enable strong
  authentication to multiple systems with a single-sign-on.
o Encryption and compression of data for security and speed.
o Secure file transfer.
o Tunneling and encryption of arbitrary connections. 

http://www.ssh.com/



ssh2 history


v. 1.127
date: 2007/05/19 20:22:53;  author: flz;  state: Exp;  lines: +1 -1
- Welcome X.org 7.2 \o/.
- Set X11BASE to ${LOCALBASE} for recent ${OSVERSION}.
- Bump PORTREVISION for ports intalling files in ${X11BASE}.

v. 1.126 date: 2006/08/28 00:03:21; author: marius; state: Exp; lines: +7 -3 - Cast the arguments of ssh_conn_send_channel_data_type() and ssh_encode_{array_alloc,buffer}() calls as appropriate in order to fix argument size problems on 64-bit platforms and that manifest themselves on amd64 and ia64. [1] - Allow the tcsetattr(3) calls in ssh_rl_{restore,set}_tty_modes_for_fd() to be interrupted by signal. This fixes occasional problems when connecting to a host for the first time. - Use the base zlib instead of the one shipping with SSH; although the latter has an enhancement allowing a minor SSH-specific optimization, using the base one has the benefit of not needing to track security vulnerabilities of zlib in this port (SSH 3.2.9.1 ships with zlib 1.1.4 which is not know to be vulnerable though). - Try to make the description of the WITHOUT_X11 option of the port Makefile to be more sentence-like. PR: 98016 [1] Approved by: netchild Obtained from: NetBSD [1]
v. 1.125 date: 2006/03/04 17:36:07; author: marius; state: Exp; lines: +1 -1 Add a patch which fixes a format string vulnerability in the SFTP server. Submitted by: Jarkko Santala Approved by: portmgr (erwin) Security: http://vuxml.freebsd.org/594ad3c5-a39b-11da-926c-0800209adf0e.html
v. 1.124 date: 2006/02/19 22:56:34; author: marius; state: Exp; lines: +7 -15 - Switch to a rc.d startup script. - Move the generation of the host key (if not present) from the package/ port installation to the startup script in order to be in line with what the base OpenSSH and the OpenSSH-portable port do. - Flush stdout when updating the transfer progress bar of sftp2 and scp2 so the info displayed is up to date. [1] - Remove obsolete USE_REINPLACE, remove trailing white space in Makefile. PR: 91262 [1] Approved by: netchild
v. 1.123 date: 2005/10/06 22:59:24; author: linimon; state: Exp; lines: +0 -6 Remove obsolete mastersites. Source: distfile survey Approved by: maintainer
v. 1.122 date: 2004/07/23 19:10:16; author: anholt; state: Exp; lines: +2 -4 - Add the X_WINDOW_SYSTEM={xorg,xfree86-4,xfree86-3} variable to bsd.port.mk, and make XFREE86_VERSION map to it. XFREE86_VERSION is now deprecated. - Make xorg the default X_WINDOW_SYSTEM on -current. - Add several new X_*_PORT variables which point to various pieces of X11 based on the setting of X_WINDOW_SYSTEM, and make ports use them. - Add information to CHANGES about how to handle the transition. PR: ports/68763 Approved by: portmgr (marcus) Approved by: re (scottl)
v. 1.121 date: 2004/04/22 20:56:26; author: netchild; state: Exp; lines: +8 -1 - Register dependency on x11/XFree86-4-clients for xauth(1). - Make configure explicitly look in X11BASE/bin for xauth(1) in order to also catch non-standard locations. Submitted by: maintainer (marius) Approved by: portmgr (marcus)
v. 1.120 date: 2004/04/20 13:49:29; author: netchild; state: Exp; lines: +1 -1 Use the @FreeBSD.org address of the maintainer. Approved by: marius
v. 1.119 date: 2004/04/20 12:53:42; author: netchild; state: Exp; lines: +34 -4 - Display the available build knobs via a pre-everything target. - Remove the autodetection for X11 support and the WITH_X11 knob, instead always build with X11 support and add a WITHOUT_X11 knob. Together with an additional ssh2-nox11 slave port this allows easier handling of these two variants and to have pre-compiled packages for both (ssh2 with X11 support depends on X11 libraries). Submitted by: maintainer (marius)
v. 1.118 date: 2004/01/25 09:58:39; author: netchild; state: Exp; lines: +6 -2 ---snip--- Improve Kerberos support in ssh2: - Change the WITH_KERBEROS knob into a WITHOUT_KERBEROS knob so kerberized ssh2 automatically is built when MIT Kerberos is installed, unless the WITHOUT_KERBEROS knob is defined. - Check for a library unique to MIT Kerberos to make sure it's not Heimdal that KRB5_HOME accidentally points to. - Add dependency on security/krb5 when built with Kerberos support. - When compiled with Kerberos support also turn it on by default in client and server config files and set "PermitRootLogin" to "nopwd" to only allow those with root tickets declared in ~root/.k5login" to login as root. [1] Ssh2 now should work out of the box in an environment using MIT Kerberos. Submitted by: Peter Losher [1] (kerberos-patch-*) Tested by: Peter Losher ---snip--- Submitted by: maintainer Strange commit log formatting to prevent ambiguous "Submitted by" lines by: committer
v. 1.117 date: 2004/01/04 14:03:52; author: netchild; state: Exp; lines: +88 -54 HEADS-UP: Traditionally this port automatically installs a start-up script for sshd2 unless it detects an entry for ssh in /etc/inetd.conf. As there are three ways to automatically start sshd2 and /etc/rc.conf is the simplest one (at least on FreeBSD 4, with rcNG once /etc/rc.d/sshd is fixed to not be tailored to the base sshd) this version of the port is the last one to do so. Beginning with next version it will only install a sample start-up script. To prevent foot shooting when updating to the next version this port won't remove an existing start-up scripting on deinstall. Please see also the pkg-message that gets displayed on installation. - Update to 3.2.9.1. This is _not_ a security update. For the non-commercial version the only change worth mentioning since 3.2.5 is the addition of the config option "DisableVersionFallback", see sshd2_config(5) for further details. - Use sites from the official list of mirrors for MASTER_SITES. - Adjust COMMENT to justify why this port is security/ssh2, not security/ssh3. - Revise list of installed documentation. No longer install MANIFEST (list of source files) and INSTALL, install RFCs referenced in sshd2_config(5) and HOWTO.anonymous.sftp (patched to better fit FreeBSD). - Remove WITH_STATIC_SFTP knob. Using the internal sftp-server instead of the external (static) one is much simpler to set up and maintain (using the external one requires to install a copy of it in the home directory of the anonymous sftp user which has to be manually updated when installing a newer version of the port). - Remove WITHOUT_TCPWRAP knob, libwarp is part of FreeBSD since 3.2. - Install examples scripts for the ExternalAuthorizationProgram and AuthKbdInt.Plugin config options in EXAMPLESDIR. See sshd2_config(5) for further information. - Replace references to /etc/ssh2/* in config files with PREFIX/etc/ssh2/*. - Add a pkg-message displaying the different methods to automatically start sshd2. - Switch to the start-up script for Solaris which is part of the tarball, it handles the name of the pidfile better. - Fix detection of X11 headers, this enables compilation with support for X11 SECURITY extension. See TrustX11Applications in ssh2_config(5) for further information. - Add a test target to the Makefile of the port, the tests seem a bit outdated and buggy but it's enough to e.g. do a bit of speed comparison when building with different compilers. - Minor changes and clean-up (sort pkg-plist, don't add /usr/local/lib to the library search path when compiling, etc.). Revive some local modifications lost with the update to 3.1.0: - Use login_cap(3)/login_class(3) facilities to set environment variables, prority and shell, get motd, copyright, hushlogin and nologin, respect ignorenologin and requirehome. This changes are roughly based on former patch-ah and patch-ai and patches of security/openssh. - Don't print "No mail.", it's not FreeBSD login style. Submitted by: maintainer
v. 1.116 date: 2003/11/07 09:28:13; author: marcus; state: Exp; lines: +2 -2 Rename PORTDOCS to MYPORTDOCS to avoid a conflict with the recently added bsd.port.mk macro. Submitted by: Oliver Eikemeier
v. 1.115 date: 2003/10/14 15:47:27; author: dinoex; state: Exp; lines: +1 -0 - add CONFLICTS Submitted by: eikemeier@fillmore-labs.com Approved by: kris
v. 1.114 date: 2003/07/07 14:19:06; author: netchild; state: Exp; lines: +34 -30 Update to 3.2.5: * Fixed a critical security bug with RSA signature verification. Mitigating factors: DSA is used by default (not vulnerable). Also, the attack requires that attacker has the public key and the attacker needs to precompute the signature data so, that it looks like a valid PKCS#1 signature. This is a non-trivial task to perform without the private key. Nonetheless, all users should update their servers and clients as soon as convenient. Workarounds are to not use RSA keys as host keys (though connecting to existing hosts with RSA hostkeys poses a serious risk with a vulnerable client), and disabling publickey authentication. Update your clients and servers. Update MASTER_SITES, remove sites that are down or no langer carry ssh2 and add some new. - Turn Kerberos and group writeability support into knobs so one hasn't to edit the Makefile. - Remove dependency on security/tcp_wrapper for tcp-wrapper support on systems < FreeBSD 4.0, that port is no longer persistent. - Fix pkg-plist for WITH_STATIC_SFTP case. - Replace referneces to /etc/ssh2/* in man pages with references to PREFIX/etc/ssh2/* in order to better fit for FreeBSD. - Replace "$(ETCDIR)" in ssh_dummy_shell.out with PREFIX/etc. - Remove duplicated mechanism for generating the host key if an old one isn't found in the post-install target in the Makefile of the port, this is already done by the generate-host-key target in WRKSRC/apps/ssh/Makefile. - Fix differences between the install action done when installing the package versus installing the port. I.e. make the package create the host key with what ever bits ssh-keygen2 defaults to (currently 2048) instead of 1024 bits, copy over the configuration files for ssh2 and sshd2 from the examples if not already existent and create the directories for the global host keys and known hosts files. - Add some foo to pkg-plist to remove as much as possible from PREFIX/etc/ssh2, i.e. configuration files that don't differ from the corresponding examples and empty directories. Inform the user to remove what's left over if any. - Use _PATH_STDPATH instead of _PATH_DEFPATH so that the default PATH gets set to "/usr/bin:/bin:/usr/sbin:/sbin:PREFIX/bin" instead of "/usr/bin:/bin:PREFIX/bin". Using _PATH_STDPATH is consistent with OpenSSH and seems more usefull. One might want to patch ssh2 to also use login_cap(3) so that e.g. PATH gets picked up from whatever is defined in /etc/login.conf. - Change MAINTAINER. - Replace "share/doc/ssh2" with %%DATADIR%% in pkg-plist. Submitted by: Marius Strobl Approved by: maintainer
v. 1.113 date: 2003/02/23 22:39:05; author: edwin; state: Exp; lines: +5 -13 Update port: security/ssh2 3.2.2 -> 3.2.3 PR: ports/48542 Submitted by: Lars Eggert
v. 1.112 date: 2003/02/21 13:26:56; author: knu; state: Exp; lines: +1 -0 De-pkg-comment.
v. 1.111 date: 2003/01/02 19:35:26; author: ijliao; state: Exp; lines: +7 -1 1.) If WITH_STATIC_SFTP is defined, ssh-chrootmgr works. 2.) If libX11.a exists and xauth not, the build of ssh2 fails. This patch fix this. 3.) ssh2/files/sshd.sh looks for the wrong pid file in /var/run. This patch fix this and adds 2> /dev/null to the sshd2 startup PR: 46012 Submitted by: maintainer
v. 1.110 date: 2003/01/02 18:30:21; author: ijliao; state: Exp; lines: +1 -1 upgrade to 3.2.2 PR: 45876 Submitted by: maintainer
v. 1.109 date: 2002/06/18 23:45:19; author: pat; state: Exp; lines: +2 -4 Update to 3.2.0 PR: 39491 Submitted by: maintainer
v. 1.108 date: 2002/05/28 21:28:12; author: petef; state: Exp; lines: +1 -2 Update to 3.1.2 which fixes a recent security problem described at: http://www.ssh.com/products/ssh/advisories/authentication.cfm PR: 38592 Submitted by: maintainer
v. 1.107 date: 2002/05/17 09:33:13; author: sada; state: Exp; lines: +2 -2 Oops, ".include " line must be placed here.
v. 1.106 date: 2002/05/17 09:20:47; author: sada; state: Exp; lines: +42 -16 Install default config files as *.sample instead of overwriting existing ones. Note: The PR includes diffs to cope with WITHOUT_X11 env, but this was already committed by knu-san. So I just added CONFIGURE_ARGS line, please verify it. PR: ports/35385 Submitted by: maintainer
v. 1.105 date: 2002/04/02 04:49:20; author: knu; state: Exp; lines: +8 -0 ssh_askpass2 is built only when X11 is installed. Support {WITH,WITHOUT}_X11 and detect ${X11BASE}/lib/libX11.a. Reported by: bento Obtained from: security/ssh (partly)
v. 1.104 date: 2002/02/22 02:52:25; author: knu; state: Exp; lines: +25 -18 - Update to 3.1.0. PR: ports/34740 Submitted by: larse@ISI.EDU - Add %%PORTDOCS%% to pkg-plist. - Assign MAINTAINER to the submitter. Requested by: issei (previous MAINTAINER)
v. 1.103 date: 2002/02/16 05:32:07; author: issei; state: Exp; lines: +2 -2 Remove myself from MAINTAINER
v. 1.102 date: 2001/02/17 01:40:35; author: obrien; state: Exp; lines: +2 -2 Unrestrict to match the ssh port.
v. 1.101 date: 2000/10/30 12:57:16; author: steve; state: Exp; lines: +4 -2 Don't install etc/rc.d/sshd.sh if sshd is being started from inetd.conf. PR: 15691 Submitted by: Roger Marquis Reviewed by: maintainer
v. 1.100 date: 2000/09/02 03:56:56; author: kris; state: Exp; lines: +13 -55 Upgrade to ssh-2.3.0. PR: ports/20869 Submitted by: Issei Suzuki (Maintainer)
v. 1.99 date: 2000/06/02 03:18:54; author: will; state: Exp; lines: +2 -2 Remove redundant/inappropriate CATEGORIES. People need to start reading the Porter's Handbook. :-)
v. 1.98 date: 2000/05/29 03:16:37; author: steve; state: Exp; lines: +16 -16 Update to version 2.1.0pl2. PR: 18620 Submitted by: maintainer
v. 1.97 date: 2000/04/21 08:19:04; author: mharo; state: Exp; lines: +4 -4 Correct whitespace introduced during PORTNAME conversion and portlint
v. 1.96 date: 2000/04/17 00:18:43; author: reg; state: Exp; lines: +15 -17 Standardize all user defined options to the booleans WITH_FOO and WITHOUT_FOO. Begin the process of reserving these prefixes for user defined options. No comment by: ports
v. 1.95 date: 2000/04/14 15:04:29; author: will; state: Exp; lines: +2 -2 Sorry to everyone, the commits previously broke installing for these ports. Thanks to those who reported this. PRs: 17927, 17937 Submitted by: Keith Davey maintainer (ssh2)
v. 1.94 date: 2000/04/09 18:30:33; author: cpiazza; state: Exp; lines: +4 -4 Update with the new PORTNAME/PORTVERSION variables
v. 1.93 date: 2000/04/05 22:21:42; author: will; state: Exp; lines: +3 -3 Add better sshd startup scripts; specifically, allow restarting and stopping the server. Martti's submission did not include -h, which I added because if I had added the scripts the way he submitted them, the server wouldn't be started on startup. PR: 10196 Submitted by: Martti Kuparinen Reviewed by: kris (partially) No response: maintainers (PR opened February 22, 1999)
v. 1.92 date: 2000/03/11 12:58:43; author: obrien; state: Exp; lines: +11 -3 Support OpenSSH in the base system as the ssh1 component.
v. 1.91 date: 2000/01/28 19:39:20; author: obrien; state: Exp; lines: +4 -3 Make pkgname match the directory the port lives in, and to reduce collsion with the ssh1 port. Asked for by: several on the ports list over time [the maintainer has not responded to multiple emails asking about this change]
v. 1.90 date: 1999/12/24 18:39:44; author: mharo; state: Exp; lines: +2 -2 remove --prefix=${PREFIX} when GNU_CONFIGURE=yes and other minor cleanups PR: 14759 Submitted by: Jeremy Lea
v. 1.89 date: 1999/11/25 21:26:38; author: cpiazza; state: Exp; lines: +2 -1 Forgot a line
v. 1.88 date: 1999/11/25 21:26:03; author: cpiazza; state: Exp; lines: +4 -1 Patches are now available from www.ssh.org/patches Submitted by: Issei Suzuki
v. 1.87 date: 1999/11/24 21:45:32; author: sada; state: Exp; lines: +1 -5 Removed an obsoleted patch. PR: 15059 Submitted by: Maintainer
v. 1.86 date: 1999/09/02 17:08:35; author: cpiazza; state: Exp; lines: +5 -1 Path for problem with tty ownership with chflags and chown in BSD 4.4 variants. Fixes a security bug in tty allocation. PR: 13515 PR: 13536 Submitted by: Issei Suzuki (ssh2 maintainer)
v. 1.85 date: 1999/08/31 06:50:25; author: mharo; state: Exp; lines: +2 -2 FreeBSD.ORG -> FreeBSD.org Prompted by PR: 13476, 13477 Submitted by: KATO Tsuguru
v. 1.84 date: 1999/08/31 01:51:48; author: peter; state: Exp; lines: +1 -1 $Id$ -> $FreeBSD$
v. 1.83 date: 1999/08/22 18:59:56; author: mharo; state: Exp; lines: +10 -16 chmod -> ${CHMOD} chown -> ${CHOWN}
v. 1.82 date: 1999/06/24 19:29:50; author: obrien; state: Exp; lines: +2 -2 Add comment that USE_TCPWRAP ==> YES if /usr/include/tcpd.h exists.
v. 1.81 date: 1999/06/18 20:02:11; author: ache; state: Exp; lines: +2 -2 upgrade to 2.0.13 XXXtgetent from original PR fixed PR: 12279 Submitted by: Issei Suzuki
v. 1.80 date: 1999/04/03 03:42:01; author: ache; state: Exp; lines: +5 -1 detect/use -current libwrap
v. 1.79 date: 1999/03/15 01:18:49; author: steve; state: Exp; lines: +11 -10 Re-order definition of a couple of variables so the ssh1 dependency is picked up correctly. PR: 10577 Submitted by: maintainer
v. 1.78 date: 1999/02/06 01:40:28; author: ache; state: Exp; lines: +2 -2 Use setusercontext() now to set all sort of login things including env. variables and priority! Enable light debugging for compatibility with -v option Don't print "No mail." - not in BSD login style.
v. 1.77 date: 1999/02/05 20:45:16; author: ache; state: Exp; lines: +1 -4 remove lines which do chmod -x on recently installed rc.d/sshd.sh
v. 1.76 date: 1999/02/05 06:11:31; author: ache; state: Exp; lines: +3 -3 upgrade to 2.0.12
v. 1.75 date: 1998/12/01 11:10:33; author: obrien; state: Exp; lines: +4 -9 1. Update base ssh2 version from 2.0.9 to 2.0.11 Ssh 2.0.9 has bugs abount updating utmp/wtmp file. 2. Now you can compile ssh2 to support TCP_Wrapper (security/tcp_wrapper) when you define USE_TCPWRAP=YES 3. Fix typo in MASTER_SITES (Thanks to Chris Piazza ) 4. Use /usr/lib/libz.so.* instead of libz in ssh2 source file. 5. Delete some obsolute pathes. PR: ports/8916 Submitted by: issei@jp.FreeBSD.ORG
v. 1.74 date: 1998/12/01 09:33:58; author: obrien; state: Exp; lines: +2 -2 fix typo in a URL
v. 1.73 date: 1998/11/23 05:15:16; author: kuriyama; state: Exp; lines: +73 -125 Secure shell client and server (remote login program). PR: ports/8204 Submitted by: Issei Suzuki
v. 1.72 date: 1998/11/22 21:53:31; author: asami; state: Exp; lines: +3 -1 Mark this broken as it awaits upgrade after repository copy.
v. 1.71 date: 1998/10/30 06:15:18; author: obrien; state: Exp; lines: +5 -1 configure with "--without-x" if X11BASE/bin/xauth is missing. Requested by: Studded@gorean.org
v. 1.70 date: 1998/10/08 13:11:52; author: asami; state: Exp; lines: +2 -2 Um, be careful when you copy stuff around -- change the second CONFIGURE_ARGS defintion to use "+=" so it won't override the first. While I'm here, GNU_CONFIGURE implies --prefix=${PREFIX} so take it out.
v. 1.69 date: 1998/10/08 06:17:56; author: jkh; state: Exp; lines: +3 -2 Better depends. Also Suggested by: asami
v. 1.68 date: 1998/10/08 06:16:18; author: jkh; state: Exp; lines: +5 -7 Clean this file up a bit. Suggested by: asami
v. 1.67 date: 1998/10/08 03:42:23; author: jkh; state: Exp; lines: +2 -2 Properly reference the rsaref sources, which are required during the build of ssh now. If anyone knows of a way of making the build dependency here less gross, I'm listening! :)
v. 1.66 date: 1998/10/07 23:03:44; author: jkh; state: Exp; lines: +3 -8 Depend on ports collection rsaref, since we have it now already available "broken out."
v. 1.65 date: 1998/09/26 04:42:09; author: dima; state: Exp; lines: +2 -1 Make RSA stuff work on alpha (or on any other 64bit architecture)
v. 1.64 date: 1998/09/17 10:53:31; author: asami; state: Exp; lines: +2 -2 tcp_wrapper is now converted to ELF. While I'm here, fix smail Makefile: libwrap is a shared library so it should be LIB_DEPENDS, and delete some spaces and tab-only lines.
v. 1.63 date: 1998/09/15 21:31:53; author: asami; state: Exp; lines: +3 -4 Use ${PERL5} wherever appropriate. Largely untested; hope my eyeball checks haven't missed anything. Submitted by: dima
v. 1.62 date: 1998/08/19 19:51:10; author: hoek; state: Exp; lines: +3 -1 The pkg_create(1) handles symlinks correctly. Delist manpages.
v. 1.61 date: 1998/08/17 12:12:34; author: vanilla; state: Exp; lines: +4 -4 Use ${PERL_VERSION} on perl version. Reminded by: asami
v. 1.60 date: 1998/08/17 10:42:38; author: vanilla; state: Exp; lines: +4 -4 Change perl version to 5.00502.
v. 1.59 date: 1998/08/01 22:24:55; author: dima; state: Exp; lines: +5 -1 If KRB5_HOME is defined, compile ssh with krb5 support.
v. 1.58 date: 1998/07/25 19:46:37; author: asami; state: Exp; lines: +3 -1 Fix up slogin1.1 -> ssh1.1 symlink too.
v. 1.57 date: 1998/07/11 23:10:50; author: imp; state: Exp; lines: +2 -2 upgrade to 1.2.26 for security improvements
v. 1.56 date: 1998/06/12 11:39:32; author: ache; state: Exp; lines: +1 -3 Do not install slogin1.1 manpage, no such program
v. 1.55 date: 1998/06/12 07:55:06; author: dima; state: Exp; lines: +20 -10 1.2.22 -> 1.2.25 Somebody needs to go through patch-af to check it, since I'm not sure about some of the stuff. This version fixes a security flaw in previous version.
v. 1.54 date: 1998/05/23 08:53:38; author: obrien; state: Exp; lines: +2 -2 Two "/usr/local" --> ${PREFIX}
v. 1.53 date: 1998/05/22 06:05:43; author: mph; state: Exp; lines: +10 -1 Allow use of Phil Karn's patchkit that implements DES/DES3 in fast assembly code. Patchfile must be manually placed in DISTDIR, as described in the Makefile. PR: 6446 Submitted by: Jonathan Hanna
v. 1.52 date: 1998/03/10 13:58:16; author: jkh; state: Exp; lines: +4 -4 Further adjustments to english.
v. 1.51 date: 1998/03/10 13:56:14; author: jkh; state: Exp; lines: +6 -6 Clean up and clarify some english user prompts in the Makefile which have been bugging me for many months. :)
v. 1.50 date: 1998/01/20 23:50:03; author: imp; state: Exp; lines: +3 -3 Upgrade to ssh 1.2.22. Please send problems with the upgrade to me. 1.2.22 fixes a security hole with ssh-agent, so users are encouraged to upgrade. OK'd by: Torsten Blum (torstenb@freebsd.org)
v. 1.49 date: 1997/12/24 18:46:11; author: imp; state: Exp; lines: +2 -2 Make the SOCKS support from USE_SOCKS play nicely with the socks5 port.
v. 1.48 date: 1997/11/21 15:31:33; author: markm; state: Exp; lines: +4 -4 Change to use perl5.004_04
v. 1.47 date: 1997/11/10 22:04:42; author: dima; state: Exp; lines: +2 -2 ftp.dsi.unimi.it -> idea.sec.dsi.unimi.it
v. 1.46 date: 1997/10/10 14:29:12; author: rse; state: Exp; lines: +2 -2 fixed little typo.
v. 1.45 date: 1997/09/16 00:13:23; author: torstenb; state: Exp; lines: +3 -3 Upgrade to 1.2.21
v. 1.44 date: 1997/09/11 18:31:52; author: max; state: Exp; lines: +2 -2 mv -> ${MV}.
v. 1.43 date: 1997/07/18 05:04:17; author: asami; state: Exp; lines: +4 -4 Update name of perl executable in dependencies to "perl5.00401". Use USE_PERL5 when appropriate (i.e., defined in both BUILD_DEPENDS and RUN_DEPENDS).
v. 1.42 date: 1997/07/01 02:39:26; author: adam; state: Exp; lines: +2 -2 typo in comment
v. 1.41 date: 1997/05/24 13:17:14; author: jfitz; state: Exp; lines: +4 -4 Upgrade all ports requiring perl5.003 to perl5.004 Remove p5-CGI.pm and p5-ExtUtils-Embed; they are now part of the perl5.004 distribution.
v. 1.40 date: 1997/04/25 05:01:02; author: peter; state: Exp; lines: +13 -4 Update from ssh-1.2.19 to ssh-1.2.20. All patches applied still, I just regenerated them to fix the line numbers. Also, I added two commented out options in Makefile, one to tell sshd that a group writeable homedir is OK because all users are in their own group, and the other is to allow an unencrypted connection (which is dangerous since it can lead to compromise of keys), but on a secure network it's damn useful for backups etc.
v. 1.39 date: 1997/04/20 13:53:01; author: wosch; state: Exp; lines: +2 -2 Add virtual category 'perl5'.
v. 1.38 date: 1997/04/16 19:48:09; author: ache; state: Exp; lines: +3 -3 Upgrade to 1.2.19
v. 1.37 date: 1997/03/28 23:30:12; author: ache; state: Exp; lines: +3 -3 Upgrade to 1.2.18
v. 1.36 date: 1996/11/20 12:45:41; author: adam; state: Exp; lines: +5 -5 1.2.16 --> 1.2.17 (new agent forwarding protocol that is said to work this time)
v. 1.35 date: 1996/11/18 11:39:31; author: asami; state: Exp; lines: +6 -5 Use MAN? macros. CATEGORIES+= -> CATEGORIES.
v. 1.34 date: 1996/10/16 04:55:58; author: ache; state: Exp; lines: +3 -3 Upgrade to official 1.2.16 Fix PLIST
v. 1.33 date: 1996/08/19 10:31:04; author: asami; state: Exp; lines: +1 -2 Remove LIB_DEPENDS on libz, it's in /usr/src now.
v. 1.32 date: 1996/08/08 13:56:52; author: peter; state: Exp; lines: +13 -4 Several fixes/improvements :- - protect the secret RSA etc/ssh_host_key. It is now generated on install (either by pkg_add or make install) if not already present and is not ever added to a package since it's your host's credentials. It should not be removed on pkg_delete, since you are in big trouble if you did this (for example) pkg_delete ssh-1.2.14; pkg_add ssh-1.2.15.tgz. - fix the broken manpage symlink when compressing man pages (slogin.1 has been causing /etc/weekly to generate cron messages) - zlib 1.0.4 is now "blessed" again, the ssh working sources now use this instead of v0.95. The decompression problem was fixed in either 1.0.3 or 1.0.4. Also, the current version of cvs uses zlib 1.0.4 as well.. - perl5.002 -> perl5.003 Reviewed by: torstenb
v. 1.31 date: 1996/07/22 23:06:08; author: pst; state: Exp; lines: +5 -7 If using socks, make sure you find socks library
v. 1.30 date: 1996/07/18 11:33:37; author: torstenb; state: Exp; lines: +10 -17 Back out andrews change - 1.2.14.1 is not an official ssh release.
v. 1.29 date: 1996/07/17 19:19:10; author: ache; state: Exp; lines: +2 -3 Use += for USA_RESIDENT MASTER_SITES
v. 1.28 date: 1996/07/16 00:33:10; author: ache; state: Exp; lines: +16 -8 Upgrade to 1.2.14.1 Misc bugfixes
v. 1.27 date: 1996/06/20 14:11:17; author: ache; state: Exp; lines: +1 -5 Remove reminder about host key generation, it autogenerated on install
v. 1.26 date: 1996/06/15 17:50:17; author: jkh; state: Exp; lines: +7 -1 Install an sshd.sh startup file.
v. 1.25 date: 1996/06/15 07:03:11; author: torstenb; state: Exp; lines: +2 -2 Path on master site has changed
v. 1.24 date: 1996/06/08 20:50:42; author: ache; state: Exp; lines: +1 -2 Return back to distributed libz 0.95 All libzs 0.99-1.0.2 produce deflate error on certain files (with ssh) I don't know, is it ssh error or libz error
v. 1.23 date: 1996/06/07 04:33:19; author: peter; state: Exp; lines: +11 -23 Update ssh-1.2.13 -> ssh-1.2.14 ssh-askpass no longer uses wish, so chop the make rules that attempt to locate it. Go further to try and protect the ssh_host_key, since it's critical to the operation and security of the machine.
v. 1.22 date: 1996/05/24 19:13:04; author: peter; state: Exp; lines: +7 -3 Update the hack for locating wish/wish4.0 to also look for wish4.1 now that we have that one too.
v. 1.21 date: 1996/04/17 01:07:04; author: asami; state: Exp; lines: +2 -2 Change NO_PACKAGE to RESTRICTED.
v. 1.20 date: 1996/03/24 23:04:17; author: ache; state: Exp; lines: +7 -3 Auto-sense installed perl & wish
v. 1.19 date: 1996/03/23 23:36:32; author: ache; state: Exp; lines: +12 -2 Move perl depends under USE_PERL
v. 1.18 date: 1996/03/21 14:44:48; author: ache; state: Exp; lines: +2 -2 Check USE_WISH for YES value as other parts of Makefile does
v. 1.17 date: 1996/03/21 14:41:19; author: ache; state: Exp; lines: +2 -2 Use wish only if USE_WISH defined.
v. 1.16 date: 1996/03/16 17:23:01; author: markm; state: Exp; lines: +2 -2 Update for perl5.002
v. 1.15 date: 1996/02/19 21:37:13; author: ache; state: Exp; lines: +2 -2 Use libz 1.0
v. 1.14 date: 1996/02/17 15:13:34; author: ache; state: Exp; lines: +3 -3 Upgrade to 1.2.13
v. 1.13 date: 1996/02/06 02:56:57; author: pst; state: Exp; lines: +2 -2 Upgrade to snapshot of ssh. 1.1.12a was recalled due to even worse security problems. Also re-do the method we use for disconnecting ourselves from the supplied gmp and z libraries so that this can be maintained in the future (sigh!).
v. 1.12 date: 1996/01/25 04:17:28; author: ache; state: Exp; lines: +3 -2 Understands shared libwrap now
v. 1.11 date: 1996/01/25 02:08:25; author: ache; state: Exp; lines: +23 -9 Autopick any wish present even wish4.0 Autopick libwrap.a
v. 1.10 date: 1996/01/22 18:41:57; author: markm; state: Exp; lines: +2 -1 Damn. Forgot to include the makefile diffs in the last lot. Make the Makefile aware of libz dependancies.
v. 1.9 date: 1996/01/21 00:49:39; author: ache; state: Exp; lines: +1 -2 Remove ftp.funet.fi from master list, it not contains rsaref and not contains ssh in this directory. Another directory there have obsoleted ssh version.
v. 1.8 date: 1996/01/21 00:44:07; author: ache; state: Exp; lines: +3 -1 Add BUILD_DEPENDS of wish and perl5, both checked exactly in build process
v. 1.7 date: 1996/01/21 00:32:30; author: ache; state: Exp; lines: +5 -6 Upgrade to 1.2.12a (security bugfix) Fix installation bug too (scripts not installed) Fix PLIST (missing files)
v. 1.6 date: 1995/11/23 17:19:00; author: peter; state: Exp; lines: +2 -2 Update ssh from 1.2.10 to 1.2.12.. This is for two reasons: 1) It eliminated the need for my horrible kludge patch-ad 2) 1.2.12 has data stream compression (like gzip). (I'm talking with the author about the remining three patches)
v. 1.5 date: 1995/11/22 13:20:15; author: asami; state: Exp; lines: +2 -2 Change category "networking" to "net".
v. 1.4 date: 1995/11/09 05:58:00; author: asami; state: Exp; lines: +3 -1 Add torstenb as maintainer.
v. 1.3 date: 1995/10/10 17:02:24; author: ache; state: Exp; lines: +5 -4 Fix tcp_wrapper support
v. 1.2 date: 1995/10/07 13:08:35; author: torstenb; state: Exp; lines: +2 -2 add "networking" to the categories list
v. 1.1 date: 1995/10/07 01:19:27; author: torstenb; state: Exp; branches: 1.1.1; Initial revision
v. 1.1.1.1 date: 1995/10/07 01:19:27; author: torstenb; state: Exp; lines: +0 -0 Ssh is a secure rlogin/rsh/rcp replacement with strong authentication (.rhosts together with RSA based host authentication, and pure RSA authentication) and improved privacy (all communications are automatically and transparently encrypted). ============================================================================= v. 1.127 date: 2007/05/19 20:22:53; author: flz; state: Exp; lines: +1 -1 - Welcome X.org 7.2 \o/. - Set X11BASE to ${LOCALBASE} for recent ${OSVERSION}. - Bump PORTREVISION for ports intalling files in ${X11BASE}.
v. 1.126 date: 2006/08/28 00:03:21; author: marius; state: Exp; lines: +7 -3 - Cast the arguments of ssh_conn_send_channel_data_type() and ssh_encode_{array_alloc,buffer}() calls as appropriate in order to fix argument size problems on 64-bit platforms and that manifest themselves on amd64 and ia64. [1] - Allow the tcsetattr(3) calls in ssh_rl_{restore,set}_tty_modes_for_fd() to be interrupted by signal. This fixes occasional problems when connecting to a host for the first time. - Use the base zlib instead of the one shipping with SSH; although the latter has an enhancement allowing a minor SSH-specific optimization, using the base one has the benefit of not needing to track security vulnerabilities of zlib in this port (SSH 3.2.9.1 ships with zlib 1.1.4 which is not know to be vulnerable though). - Try to make the description of the WITHOUT_X11 option of the port Makefile to be more sentence-like. PR: 98016 [1] Approved by: netchild Obtained from: NetBSD [1]
v. 1.125 date: 2006/03/04 17:36:07; author: marius; state: Exp; lines: +1 -1 Add a patch which fixes a format string vulnerability in the SFTP server. Submitted by: Jarkko Santala Approved by: portmgr (erwin) Security: http://vuxml.freebsd.org/594ad3c5-a39b-11da-926c-0800209adf0e.html
v. 1.124 date: 2006/02/19 22:56:34; author: marius; state: Exp; lines: +7 -15 - Switch to a rc.d startup script. - Move the generation of the host key (if not present) from the package/ port installation to the startup script in order to be in line with what the base OpenSSH and the OpenSSH-portable port do. - Flush stdout when updating the transfer progress bar of sftp2 and scp2 so the info displayed is up to date. [1] - Remove obsolete USE_REINPLACE, remove trailing white space in Makefile. PR: 91262 [1] Approved by: netchild
v. 1.123 date: 2005/10/06 22:59:24; author: linimon; state: Exp; lines: +0 -6 Remove obsolete mastersites. Source: distfile survey Approved by: maintainer
v. 1.122 date: 2004/07/23 19:10:16; author: anholt; state: Exp; lines: +2 -4 - Add the X_WINDOW_SYSTEM={xorg,xfree86-4,xfree86-3} variable to bsd.port.mk, and make XFREE86_VERSION map to it. XFREE86_VERSION is now deprecated. - Make xorg the default X_WINDOW_SYSTEM on -current. - Add several new X_*_PORT variables which point to various pieces of X11 based on the setting of X_WINDOW_SYSTEM, and make ports use them. - Add information to CHANGES about how to handle the transition. PR: ports/68763 Approved by: portmgr (marcus) Approved by: re (scottl)
v. 1.121 date: 2004/04/22 20:56:26; author: netchild; state: Exp; lines: +8 -1 - Register dependency on x11/XFree86-4-clients for xauth(1). - Make configure explicitly look in X11BASE/bin for xauth(1) in order to also catch non-standard locations. Submitted by: maintainer (marius) Approved by: portmgr (marcus)
v. 1.120 date: 2004/04/20 13:49:29; author: netchild; state: Exp; lines: +1 -1 Use the @FreeBSD.org address of the maintainer. Approved by: marius
v. 1.119 date: 2004/04/20 12:53:42; author: netchild; state: Exp; lines: +34 -4 - Display the available build knobs via a pre-everything target. - Remove the autodetection for X11 support and the WITH_X11 knob, instead always build with X11 support and add a WITHOUT_X11 knob. Together with an additional ssh2-nox11 slave port this allows easier handling of these two variants and to have pre-compiled packages for both (ssh2 with X11 support depends on X11 libraries). Submitted by: maintainer (marius)
v. 1.118 date: 2004/01/25 09:58:39; author: netchild; state: Exp; lines: +6 -2 ---snip--- Improve Kerberos support in ssh2: - Change the WITH_KERBEROS knob into a WITHOUT_KERBEROS knob so kerberized ssh2 automatically is built when MIT Kerberos is installed, unless the WITHOUT_KERBEROS knob is defined. - Check for a library unique to MIT Kerberos to make sure it's not Heimdal that KRB5_HOME accidentally points to. - Add dependency on security/krb5 when built with Kerberos support. - When compiled with Kerberos support also turn it on by default in client and server config files and set "PermitRootLogin" to "nopwd" to only allow those with root tickets declared in ~root/.k5login" to login as root. [1] Ssh2 now should work out of the box in an environment using MIT Kerberos. Submitted by: Peter Losher [1] (kerberos-patch-*) Tested by: Peter Losher ---snip--- Submitted by: maintainer Strange commit log formatting to prevent ambiguous "Submitted by" lines by: committer
v. 1.117 date: 2004/01/04 14:03:52; author: netchild; state: Exp; lines: +88 -54 HEADS-UP: Traditionally this port automatically installs a start-up script for sshd2 unless it detects an entry for ssh in /etc/inetd.conf. As there are three ways to automatically start sshd2 and /etc/rc.conf is the simplest one (at least on FreeBSD 4, with rcNG once /etc/rc.d/sshd is fixed to not be tailored to the base sshd) this version of the port is the last one to do so. Beginning with next version it will only install a sample start-up script. To prevent foot shooting when updating to the next version this port won't remove an existing start-up scripting on deinstall. Please see also the pkg-message that gets displayed on installation. - Update to 3.2.9.1. This is _not_ a security update. For the non-commercial version the only change worth mentioning since 3.2.5 is the addition of the config option "DisableVersionFallback", see sshd2_config(5) for further details. - Use sites from the official list of mirrors for MASTER_SITES. - Adjust COMMENT to justify why this port is security/ssh2, not security/ssh3. - Revise list of installed documentation. No longer install MANIFEST (list of source files) and INSTALL, install RFCs referenced in sshd2_config(5) and HOWTO.anonymous.sftp (patched to better fit FreeBSD). - Remove WITH_STATIC_SFTP knob. Using the internal sftp-server instead of the external (static) one is much simpler to set up and maintain (using the external one requires to install a copy of it in the home directory of the anonymous sftp user which has to be manually updated when installing a newer version of the port). - Remove WITHOUT_TCPWRAP knob, libwarp is part of FreeBSD since 3.2. - Install examples scripts for the ExternalAuthorizationProgram and AuthKbdInt.Plugin config options in EXAMPLESDIR. See sshd2_config(5) for further information. - Replace references to /etc/ssh2/* in config files with PREFIX/etc/ssh2/*. - Add a pkg-message displaying the different methods to automatically start sshd2. - Switch to the start-up script for Solaris which is part of the tarball, it handles the name of the pidfile better. - Fix detection of X11 headers, this enables compilation with support for X11 SECURITY extension. See TrustX11Applications in ssh2_config(5) for further information. - Add a test target to the Makefile of the port, the tests seem a bit outdated and buggy but it's enough to e.g. do a bit of speed comparison when building with different compilers. - Minor changes and clean-up (sort pkg-plist, don't add /usr/local/lib to the library search path when compiling, etc.). Revive some local modifications lost with the update to 3.1.0: - Use login_cap(3)/login_class(3) facilities to set environment variables, prority and shell, get motd, copyright, hushlogin and nologin, respect ignorenologin and requirehome. This changes are roughly based on former patch-ah and patch-ai and patches of security/openssh. - Don't print "No mail.", it's not FreeBSD login style. Submitted by: maintainer
v. 1.116 date: 2003/11/07 09:28:13; author: marcus; state: Exp; lines: +2 -2 Rename PORTDOCS to MYPORTDOCS to avoid a conflict with the recently added bsd.port.mk macro. Submitted by: Oliver Eikemeier
v. 1.115 date: 2003/10/14 15:47:27; author: dinoex; state: Exp; lines: +1 -0 - add CONFLICTS Submitted by: eikemeier@fillmore-labs.com Approved by: kris
v. 1.114 date: 2003/07/07 14:19:06; author: netchild; state: Exp; lines: +34 -30 Update to 3.2.5: * Fixed a critical security bug with RSA signature verification. Mitigating factors: DSA is used by default (not vulnerable). Also, the attack requires that attacker has the public key and the attacker needs to precompute the signature data so, that it looks like a valid PKCS#1 signature. This is a non-trivial task to perform without the private key. Nonetheless, all users should update their servers and clients as soon as convenient. Workarounds are to not use RSA keys as host keys (though connecting to existing hosts with RSA hostkeys poses a serious risk with a vulnerable client), and disabling publickey authentication. Update your clients and servers. Update MASTER_SITES, remove sites that are down or no langer carry ssh2 and add some new. - Turn Kerberos and group writeability support into knobs so one hasn't to edit the Makefile. - Remove dependency on security/tcp_wrapper for tcp-wrapper support on systems < FreeBSD 4.0, that port is no longer persistent. - Fix pkg-plist for WITH_STATIC_SFTP case. - Replace referneces to /etc/ssh2/* in man pages with references to PREFIX/etc/ssh2/* in order to better fit for FreeBSD. - Replace "$(ETCDIR)" in ssh_dummy_shell.out with PREFIX/etc. - Remove duplicated mechanism for generating the host key if an old one isn't found in the post-install target in the Makefile of the port, this is already done by the generate-host-key target in WRKSRC/apps/ssh/Makefile. - Fix differences between the install action done when installing the package versus installing the port. I.e. make the package create the host key with what ever bits ssh-keygen2 defaults to (currently 2048) instead of 1024 bits, copy over the configuration files for ssh2 and sshd2 from the examples if not already existent and create the directories for the global host keys and known hosts files. - Add some foo to pkg-plist to remove as much as possible from PREFIX/etc/ssh2, i.e. configuration files that don't differ from the corresponding examples and empty directories. Inform the user to remove what's left over if any. - Use _PATH_STDPATH instead of _PATH_DEFPATH so that the default PATH gets set to "/usr/bin:/bin:/usr/sbin:/sbin:PREFIX/bin" instead of "/usr/bin:/bin:PREFIX/bin". Using _PATH_STDPATH is consistent with OpenSSH and seems more usefull. One might want to patch ssh2 to also use login_cap(3) so that e.g. PATH gets picked up from whatever is defined in /etc/login.conf. - Change MAINTAINER. - Replace "share/doc/ssh2" with %%DATADIR%% in pkg-plist. Submitted by: Marius Strobl Approved by: maintainer
v. 1.113 date: 2003/02/23 22:39:05; author: edwin; state: Exp; lines: +5 -13 Update port: security/ssh2 3.2.2 -> 3.2.3 PR: ports/48542 Submitted by: Lars Eggert
v. 1.112 date: 2003/02/21 13:26:56; author: knu; state: Exp; lines: +1 -0 De-pkg-comment.
v. 1.111 date: 2003/01/02 19:35:26; author: ijliao; state: Exp; lines: +7 -1 1.) If WITH_STATIC_SFTP is defined, ssh-chrootmgr works. 2.) If libX11.a exists and xauth not, the build of ssh2 fails. This patch fix this. 3.) ssh2/files/sshd.sh looks for the wrong pid file in /var/run. This patch fix this and adds 2> /dev/null to the sshd2 startup PR: 46012 Submitted by: maintainer
v. 1.110 date: 2003/01/02 18:30:21; author: ijliao; state: Exp; lines: +1 -1 upgrade to 3.2.2 PR: 45876 Submitted by: maintainer
v. 1.109 date: 2002/06/18 23:45:19; author: pat; state: Exp; lines: +2 -4 Update to 3.2.0 PR: 39491 Submitted by: maintainer
v. 1.108 date: 2002/05/28 21:28:12; author: petef; state: Exp; lines: +1 -2 Update to 3.1.2 which fixes a recent security problem described at: http://www.ssh.com/products/ssh/advisories/authentication.cfm PR: 38592 Submitted by: maintainer
v. 1.107 date: 2002/05/17 09:33:13; author: sada; state: Exp; lines: +2 -2 Oops, ".include " line must be placed here.
v. 1.106 date: 2002/05/17 09:20:47; author: sada; state: Exp; lines: +42 -16 Install default config files as *.sample instead of overwriting existing ones. Note: The PR includes diffs to cope with WITHOUT_X11 env, but this was already committed by knu-san. So I just added CONFIGURE_ARGS line, please verify it. PR: ports/35385 Submitted by: maintainer
v. 1.105 date: 2002/04/02 04:49:20; author: knu; state: Exp; lines: +8 -0 ssh_askpass2 is built only when X11 is installed. Support {WITH,WITHOUT}_X11 and detect ${X11BASE}/lib/libX11.a. Reported by: bento Obtained from: security/ssh (partly)
v. 1.104 date: 2002/02/22 02:52:25; author: knu; state: Exp; lines: +25 -18 - Update to 3.1.0. PR: ports/34740 Submitted by: larse@ISI.EDU - Add %%PORTDOCS%% to pkg-plist. - Assign MAINTAINER to the submitter. Requested by: issei (previous MAINTAINER)
v. 1.103 date: 2002/02/16 05:32:07; author: issei; state: Exp; lines: +2 -2 Remove myself from MAINTAINER
v. 1.102 date: 2001/02/17 01:40:35; author: obrien; state: Exp; lines: +2 -2 Unrestrict to match the ssh port.
v. 1.101 date: 2000/10/30 12:57:16; author: steve; state: Exp; lines: +4 -2 Don't install etc/rc.d/sshd.sh if sshd is being started from inetd.conf. PR: 15691 Submitted by: Roger Marquis Reviewed by: maintainer
v. 1.100 date: 2000/09/02 03:56:56; author: kris; state: Exp; lines: +13 -55 Upgrade to ssh-2.3.0. PR: ports/20869 Submitted by: Issei Suzuki (Maintainer)
v. 1.99 date: 2000/06/02 03:18:54; author: will; state: Exp; lines: +2 -2 Remove redundant/inappropriate CATEGORIES. People need to start reading the Porter's Handbook. :-)
v. 1.98 date: 2000/05/29 03:16:37; author: steve; state: Exp; lines: +16 -16 Update to version 2.1.0pl2. PR: 18620 Submitted by: maintainer
v. 1.97 date: 2000/04/21 08:19:04; author: mharo; state: Exp; lines: +4 -4 Correct whitespace introduced during PORTNAME conversion and portlint
v. 1.96 date: 2000/04/17 00:18:43; author: reg; state: Exp; lines: +15 -17 Standardize all user defined options to the booleans WITH_FOO and WITHOUT_FOO. Begin the process of reserving these prefixes for user defined options. No comment by: ports
v. 1.95 date: 2000/04/14 15:04:29; author: will; state: Exp; lines: +2 -2 Sorry to everyone, the commits previously broke installing for these ports. Thanks to those who reported this. PRs: 17927, 17937 Submitted by: Keith Davey maintainer (ssh2)
v. 1.94 date: 2000/04/09 18:30:33; author: cpiazza; state: Exp; lines: +4 -4 Update with the new PORTNAME/PORTVERSION variables
v. 1.93 date: 2000/04/05 22:21:42; author: will; state: Exp; lines: +3 -3 Add better sshd startup scripts; specifically, allow restarting and stopping the server. Martti's submission did not include -h, which I added because if I had added the scripts the way he submitted them, the server wouldn't be started on startup. PR: 10196 Submitted by: Martti Kuparinen Reviewed by: kris (partially) No response: maintainers (PR opened February 22, 1999)
v. 1.92 date: 2000/03/11 12:58:43; author: obrien; state: Exp; lines: +11 -3 Support OpenSSH in the base system as the ssh1 component.
v. 1.91 date: 2000/01/28 19:39:20; author: obrien; state: Exp; lines: +4 -3 Make pkgname match the directory the port lives in, and to reduce collsion with the ssh1 port. Asked for by: several on the ports list over time [the maintainer has not responded to multiple emails asking about this change]
v. 1.90 date: 1999/12/24 18:39:44; author: mharo; state: Exp; lines: +2 -2 remove --prefix=${PREFIX} when GNU_CONFIGURE=yes and other minor cleanups PR: 14759 Submitted by: Jeremy Lea
v. 1.89 date: 1999/11/25 21:26:38; author: cpiazza; state: Exp; lines: +2 -1 Forgot a line
v. 1.88 date: 1999/11/25 21:26:03; author: cpiazza; state: Exp; lines: +4 -1 Patches are now available from www.ssh.org/patches Submitted by: Issei Suzuki
v. 1.87 date: 1999/11/24 21:45:32; author: sada; state: Exp; lines: +1 -5 Removed an obsoleted patch. PR: 15059 Submitted by: Maintainer
v. 1.86 date: 1999/09/02 17:08:35; author: cpiazza; state: Exp; lines: +5 -1 Path for problem with tty ownership with chflags and chown in BSD 4.4 variants. Fixes a security bug in tty allocation. PR: 13515 PR: 13536 Submitted by: Issei Suzuki (ssh2 maintainer)
v. 1.85 date: 1999/08/31 06:50:25; author: mharo; state: Exp; lines: +2 -2 FreeBSD.ORG -> FreeBSD.org Prompted by PR: 13476, 13477 Submitted by: KATO Tsuguru
v. 1.84 date: 1999/08/31 01:51:48; author: peter; state: Exp; lines: +1 -1 $Id$ -> $FreeBSD$
v. 1.83 date: 1999/08/22 18:59:56; author: mharo; state: Exp; lines: +10 -16 chmod -> ${CHMOD} chown -> ${CHOWN}
v. 1.82 date: 1999/06/24 19:29:50; author: obrien; state: Exp; lines: +2 -2 Add comment that USE_TCPWRAP ==> YES if /usr/include/tcpd.h exists.
v. 1.81 date: 1999/06/18 20:02:11; author: ache; state: Exp; lines: +2 -2 upgrade to 2.0.13 XXXtgetent from original PR fixed PR: 12279 Submitted by: Issei Suzuki
v. 1.80 date: 1999/04/03 03:42:01; author: ache; state: Exp; lines: +5 -1 detect/use -current libwrap
v. 1.79 date: 1999/03/15 01:18:49; author: steve; state: Exp; lines: +11 -10 Re-order definition of a couple of variables so the ssh1 dependency is picked up correctly. PR: 10577 Submitted by: maintainer
v. 1.78 date: 1999/02/06 01:40:28; author: ache; state: Exp; lines: +2 -2 Use setusercontext() now to set all sort of login things including env. variables and priority! Enable light debugging for compatibility with -v option Don't print "No mail." - not in BSD login style.
v. 1.77 date: 1999/02/05 20:45:16; author: ache; state: Exp; lines: +1 -4 remove lines which do chmod -x on recently installed rc.d/sshd.sh
v. 1.76 date: 1999/02/05 06:11:31; author: ache; state: Exp; lines: +3 -3 upgrade to 2.0.12
v. 1.75 date: 1998/12/01 11:10:33; author: obrien; state: Exp; lines: +4 -9 1. Update base ssh2 version from 2.0.9 to 2.0.11 Ssh 2.0.9 has bugs abount updating utmp/wtmp file. 2. Now you can compile ssh2 to support TCP_Wrapper (security/tcp_wrapper) when you define USE_TCPWRAP=YES 3. Fix typo in MASTER_SITES (Thanks to Chris Piazza ) 4. Use /usr/lib/libz.so.* instead of libz in ssh2 source file. 5. Delete some obsolute pathes. PR: ports/8916 Submitted by: issei@jp.FreeBSD.ORG
v. 1.74 date: 1998/12/01 09:33:58; author: obrien; state: Exp; lines: +2 -2 fix typo in a URL
v. 1.73 date: 1998/11/23 05:15:16; author: kuriyama; state: Exp; lines: +73 -125 Secure shell client and server (remote login program). PR: ports/8204 Submitted by: Issei Suzuki
v. 1.72 date: 1998/11/22 21:53:31; author: asami; state: Exp; lines: +3 -1 Mark this broken as it awaits upgrade after repository copy.
v. 1.71 date: 1998/10/30 06:15:18; author: obrien; state: Exp; lines: +5 -1 configure with "--without-x" if X11BASE/bin/xauth is missing. Requested by: Studded@gorean.org
v. 1.70 date: 1998/10/08 13:11:52; author: asami; state: Exp; lines: +2 -2 Um, be careful when you copy stuff around -- change the second CONFIGURE_ARGS defintion to use "+=" so it won't override the first. While I'm here, GNU_CONFIGURE implies --prefix=${PREFIX} so take it out.
v. 1.69 date: 1998/10/08 06:17:56; author: jkh; state: Exp; lines: +3 -2 Better depends. Also Suggested by: asami
v. 1.68 date: 1998/10/08 06:16:18; author: jkh; state: Exp; lines: +5 -7 Clean this file up a bit. Suggested by: asami
v. 1.67 date: 1998/10/08 03:42:23; author: jkh; state: Exp; lines: +2 -2 Properly reference the rsaref sources, which are required during the build of ssh now. If anyone knows of a way of making the build dependency here less gross, I'm listening! :)
v. 1.66 date: 1998/10/07 23:03:44; author: jkh; state: Exp; lines: +3 -8 Depend on ports collection rsaref, since we have it now already available "broken out."
v. 1.65 date: 1998/09/26 04:42:09; author: dima; state: Exp; lines: +2 -1 Make RSA stuff work on alpha (or on any other 64bit architecture)
v. 1.64 date: 1998/09/17 10:53:31; author: asami; state: Exp; lines: +2 -2 tcp_wrapper is now converted to ELF. While I'm here, fix smail Makefile: libwrap is a shared library so it should be LIB_DEPENDS, and delete some spaces and tab-only lines.
v. 1.63 date: 1998/09/15 21:31:53; author: asami; state: Exp; lines: +3 -4 Use ${PERL5} wherever appropriate. Largely untested; hope my eyeball checks haven't missed anything. Submitted by: dima
v. 1.62 date: 1998/08/19 19:51:10; author: hoek; state: Exp; lines: +3 -1 The pkg_create(1) handles symlinks correctly. Delist manpages.
v. 1.61 date: 1998/08/17 12:12:34; author: vanilla; state: Exp; lines: +4 -4 Use ${PERL_VERSION} on perl version. Reminded by: asami
v. 1.60 date: 1998/08/17 10:42:38; author: vanilla; state: Exp; lines: +4 -4 Change perl version to 5.00502.
v. 1.59 date: 1998/08/01 22:24:55; author: dima; state: Exp; lines: +5 -1 If KRB5_HOME is defined, compile ssh with krb5 support.
v. 1.58 date: 1998/07/25 19:46:37; author: asami; state: Exp; lines: +3 -1 Fix up slogin1.1 -> ssh1.1 symlink too.
v. 1.57 date: 1998/07/11 23:10:50; author: imp; state: Exp; lines: +2 -2 upgrade to 1.2.26 for security improvements
v. 1.56 date: 1998/06/12 11:39:32; author: ache; state: Exp; lines: +1 -3 Do not install slogin1.1 manpage, no such program
v. 1.55 date: 1998/06/12 07:55:06; author: dima; state: Exp; lines: +20 -10 1.2.22 -> 1.2.25 Somebody needs to go through patch-af to check it, since I'm not sure about some of the stuff. This version fixes a security flaw in previous version.
v. 1.54 date: 1998/05/23 08:53:38; author: obrien; state: Exp; lines: +2 -2 Two "/usr/local" --> ${PREFIX}
v. 1.53 date: 1998/05/22 06:05:43; author: mph; state: Exp; lines: +10 -1 Allow use of Phil Karn's patchkit that implements DES/DES3 in fast assembly code. Patchfile must be manually placed in DISTDIR, as described in the Makefile. PR: 6446 Submitted by: Jonathan Hanna
v. 1.52 date: 1998/03/10 13:58:16; author: jkh; state: Exp; lines: +4 -4 Further adjustments to english.
v. 1.51 date: 1998/03/10 13:56:14; author: jkh; state: Exp; lines: +6 -6 Clean up and clarify some english user prompts in the Makefile which have been bugging me for many months. :)
v. 1.50 date: 1998/01/20 23:50:03; author: imp; state: Exp; lines: +3 -3 Upgrade to ssh 1.2.22. Please send problems with the upgrade to me. 1.2.22 fixes a security hole with ssh-agent, so users are encouraged to upgrade. OK'd by: Torsten Blum (torstenb@freebsd.org)
v. 1.49 date: 1997/12/24 18:46:11; author: imp; state: Exp; lines: +2 -2 Make the SOCKS support from USE_SOCKS play nicely with the socks5 port.
v. 1.48 date: 1997/11/21 15:31:33; author: markm; state: Exp; lines: +4 -4 Change to use perl5.004_04
v. 1.47 date: 1997/11/10 22:04:42; author: dima; state: Exp; lines: +2 -2 ftp.dsi.unimi.it -> idea.sec.dsi.unimi.it
v. 1.46 date: 1997/10/10 14:29:12; author: rse; state: Exp; lines: +2 -2 fixed little typo.
v. 1.45 date: 1997/09/16 00:13:23; author: torstenb; state: Exp; lines: +3 -3 Upgrade to 1.2.21
v. 1.44 date: 1997/09/11 18:31:52; author: max; state: Exp; lines: +2 -2 mv -> ${MV}.



Main menu

FreeBSD

Program categories

Freebsd accessibility
Freebsd archivers
Freebsd astro
Freebsd audio
Freebsd benchmarks
Freebsd biology
Freebsd cad
Freebsd chinese
Freebsd comms
Freebsd converters
Freebsd databases
Freebsd deskutils
Freebsd devel
Freebsd dns
Freebsd editors
Freebsd emulators
Freebsd finance
Freebsd french
Freebsd ftp
Freebsd games
Freebsd german
Freebsd graphics
Freebsd hebrew
Freebsd hungarian
Freebsd irc
Freebsd japanese
Freebsd java
Freebsd korean
Freebsd lang
Freebsd mail
Freebsd math
Freebsd mbone
Freebsd misc
Freebsd multimedia
Freebsd net
Freebsd net-im
Freebsd net-mgmt
Freebsd net-p2p
Freebsd news
Freebsd palm
Freebsd polish
Freebsd ports-mgmt
Freebsd portuguese
Freebsd print
Freebsd russian
Freebsd science
Freebsd security
Freebsd shells
Freebsd sysutils
Freebsd textproc
Freebsd ukrainian
Freebsd vietnamese
Freebsd www
Freebsd x11
Freebsd x11-clocks
Freebsd x11-drivers
Freebsd x11-fm
Freebsd x11-fonts
Freebsd x11-servers
Freebsd x11-themes
Freebsd x11-toolkits
Freebsd x11-wm