OpenSSH supports Kerberos v5 authentication, but this is not
enabled in the portable version. A patch is available to
correct this deficiency for those wishing to use this port
with Kerberos. In addition, a patch is also available from
Simon Wilkinson to implement the GSS-API key-exchange
mechanism for SSHv2, which is currently being standardized.
Use of this mechanism with Kerberos v5 obviates the need for
manual management of host keys, a considerable improvement for
large Kerberos sites.
PR: 34363
Submitted by: wollman@hergotha.lcs.mit.edu
- Give maintainership back to ports@ (foxfair has not logged into freefall
for over a year and email is bouncing)
PR: 34862
Reviewed by: Alex George <ageorge@nts.umd.edu>
Noticed by: MAINTAINER
Use the re-rolled distfile from there, which appears to have been
prepared with "automake -i" and therefore no longer requires GNU
make.
RNG inputs, rather than just one, and can generate numerous output
files, rather than just two. It now requires GNU make.
Add a patch to use mkstemp() rather than tempnam() so temporary
files are created with safe permissions. With the unpatched version,
local users can read sensitive information if pad is run in a
world-readable directory (the bug is not present in 0.x versions).
Turn over maintainership to submitter.
Submitted by: Jason Harris <jharris@widomaker.com>
PR: 27323 and 32810
Install the man page.
Fix spelling of "omitted" in pad.1 and pad.c. Clarify warning
message about inputs with unequal sizes.
Generate the packing list just before installation.
I put the distfile on MASTER_SITE_LOCAL because the home site is
offline. The checksum on my copy differs from the one in PR 27323.
- Add support for handling different usernames
- Add file-format support for different ports. There is so far no way to
specify a different port, but the "database" for safesh will not need to
change to accomodate it.
Note that this is NOT compatible with the naming conventions used in 1.0;
as 1.0 was available for 55 minutes yesterday before being marked as
BROKEN, I hope nobody was too much inconvenienced.
keys and starting ssh-agents, it makes it (fairly) convenient to use one key
for each host pair (authenticator and authenticatee), it avoids
authentication theft by the hosts you connect to with SSH.
the ECHO macro is set to "echo" by default, but it is set to "true" if
make(1) is invoked with the -s option while ECHO_CMD is always set to
the echo command.
Someone in the OpenSSH world doesn't understand the difference
between application and implementation namespaces. This causes
conflicts with <readpassphrase.h>.
PR: 34362
Submitted by: wollman@hergotha.lcs.mit.edu
