diff options
-rw-r--r-- | .SRCINFO | 20 | ||||
-rw-r--r-- | PKGBUILD | 62 | ||||
-rw-r--r-- | openssh-9.0p1-sshd_config.patch | 30 | ||||
-rw-r--r-- | sshdgenkeys.service | 2 |
4 files changed, 63 insertions, 51 deletions
@@ -1,6 +1,6 @@ pkgbase = openssh-dotconfig pkgdesc = Premier connectivity tool for remote login with the SSH protocol - but moved $HOME/.ssh to $HOME/.config/ssh - pkgver = 9.0p1 + pkgver = 9.1p1 pkgrel = 1 url = https://www.openssh.com/portable.html arch = x86_64 @@ -25,23 +25,21 @@ pkgbase = openssh-dotconfig backup = etc/ssh/ssh_config backup = etc/ssh/sshd_config backup = etc/pam.d/sshd - source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.0p1.tar.gz + source = https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.1p1.tar.gz + source = openssh-9.0p1-sshd_config.patch source = sshdgenkeys.service source = sshd.service source = sshd.conf source = sshd.pam - sha1sums = 06dd658874dcd22d66311cf5999bd56c614de509 - sha1sums = caaa801da59a5d14c0c29c43e9de5fef281ea03e - sha1sums = 8640ac6593602e74a863263223e92ab5c4711588 - sha1sums = c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f - sha1sums = d93dca5ebda4610ff7647187f8928a3de28703f3 - sha256sums = 03974302161e9ecce32153cfa10012f1e65c8f3750f573a73ab1befd5972a28a - sha256sums = 4031577db6416fcbaacf8a26a024ecd3939e5c10fe6a86ee3f0eea5093d533b7 + sha256sums = 19f85009c7e3e23787f0236fbb1578392ab4d4bf9f8ec5fe6bc1cd7e8bfdd288 + sha256sums = 27e43dfd1506c8a821ec8186bae65f2dc43ca038616d6de59f322bd14aa9d07f + sha256sums = e5305767b2d317183ad1c5022a5f6705bd9014a8b22495a000fd482713738611 sha256sums = e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7 sha256sums = 4effac1186cc62617f44385415103021f72f674f8b8e26447fc1139c670090f6 sha256sums = 64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846 - b2sums = 49724a400951964d659d136908657940f79e150056728cc4dadf8ff8652a832f7fd46eebb47b15085e57fca4b00c77d1ec4dd1b056ea2bbcee89f54a121ed5e2 - b2sums = 62f89107d3648a359b0307497a9f105d7ff1dddddb38a64afe3261000b5db494a5530e4b60a9aa1d7be4413599e54b72e2f53f0de8c1ff263a46a70bc5695c29 + b2sums = 287b6b1cc4858b27af88f4a4674670afff1fb5b99461892083393c53ef3747c5a0fcd90cba95d2c27465a919e00f7f42732c93af4f306665ba0393bbb7a534f5 + b2sums = 29e1a1c2744e0234830c6f93a46338ea8dc943370e20a24883d207d611025e54643da678f2826050c073a36be48dfdc7329d4cfb144c2ff90607a5f10f73dc59 + b2sums = 09fad3648f48f13ee80195b90913feeba21240d121b1178e0ce62f4a17b1f7e58e8edc22c04403e377ab300f5022a804c848f5be132765d5ca26a38aab262e50 b2sums = 07ad5c7fb557411a6646ff6830bc9d564c07cbddc4ce819641d31c05dbdf677bfd8a99907cf529a7ee383b8c250936a6423f4b4b97ba0f1c14f627bbd629bd4e b2sums = 27571f728c3c10834a81652f3917188436474b588f8b047462e44b6c7a424f60d06ce8cb74839b691870177d7261592207d7f35d4ae6c79af87d6a7ea156d395 b2sums = 557d015bca7008ce824111f235da67b7e0051a693aaab666e97b78e753ed7928b72274af03d7fde12033986b733d5f996faf2a4feb6ecf53f39accae31334930 @@ -6,7 +6,7 @@ # Contributor: judd <jvinet@zeroflux.org> pkgname=openssh-dotconfig -pkgver=9.0p1 +pkgver=9.1p1 pkgrel=1 pkgdesc='Premier connectivity tool for remote login with the SSH protocol - but moved $HOME/.ssh to $HOME/.config/ssh' url='https://www.openssh.com/portable.html' @@ -20,22 +20,20 @@ optdepends=('xorg-xauth: X11 forwarding' options=('debug') #source=("git://anongit.mindrot.org/openssh.git?signed#tag=V_8_2_P1" source=("https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/${pkgname%-*}-${pkgver}.tar.gz" + "${pkgname%-*}-9.0p1-sshd_config.patch" 'sshdgenkeys.service' 'sshd.service' 'sshd.conf' 'sshd.pam') -sha1sums=('06dd658874dcd22d66311cf5999bd56c614de509' - 'caaa801da59a5d14c0c29c43e9de5fef281ea03e' - '8640ac6593602e74a863263223e92ab5c4711588' - 'c9b2e4ce259cd62ddb00364d3ee6f00a8bf2d05f' - 'd93dca5ebda4610ff7647187f8928a3de28703f3') -sha256sums=('03974302161e9ecce32153cfa10012f1e65c8f3750f573a73ab1befd5972a28a' - '4031577db6416fcbaacf8a26a024ecd3939e5c10fe6a86ee3f0eea5093d533b7' +sha256sums=('19f85009c7e3e23787f0236fbb1578392ab4d4bf9f8ec5fe6bc1cd7e8bfdd288' + '27e43dfd1506c8a821ec8186bae65f2dc43ca038616d6de59f322bd14aa9d07f' + 'e5305767b2d317183ad1c5022a5f6705bd9014a8b22495a000fd482713738611' 'e40f8b7c8e5e2ecf3084b3511a6c36d5b5c9f9e61f2bb13e3726c71dc7d4fbc7' '4effac1186cc62617f44385415103021f72f674f8b8e26447fc1139c670090f6' '64576021515c0a98b0aaf0a0ae02e0f5ebe8ee525b1e647ab68f369f81ecd846') -b2sums=('49724a400951964d659d136908657940f79e150056728cc4dadf8ff8652a832f7fd46eebb47b15085e57fca4b00c77d1ec4dd1b056ea2bbcee89f54a121ed5e2' - '62f89107d3648a359b0307497a9f105d7ff1dddddb38a64afe3261000b5db494a5530e4b60a9aa1d7be4413599e54b72e2f53f0de8c1ff263a46a70bc5695c29' +b2sums=('287b6b1cc4858b27af88f4a4674670afff1fb5b99461892083393c53ef3747c5a0fcd90cba95d2c27465a919e00f7f42732c93af4f306665ba0393bbb7a534f5' + '29e1a1c2744e0234830c6f93a46338ea8dc943370e20a24883d207d611025e54643da678f2826050c073a36be48dfdc7329d4cfb144c2ff90607a5f10f73dc59' + '09fad3648f48f13ee80195b90913feeba21240d121b1178e0ce62f4a17b1f7e58e8edc22c04403e377ab300f5022a804c848f5be132765d5ca26a38aab262e50' '07ad5c7fb557411a6646ff6830bc9d564c07cbddc4ce819641d31c05dbdf677bfd8a99907cf529a7ee383b8c250936a6423f4b4b97ba0f1c14f627bbd629bd4e' '27571f728c3c10834a81652f3917188436474b588f8b047462e44b6c7a424f60d06ce8cb74839b691870177d7261592207d7f35d4ae6c79af87d6a7ea156d395' '557d015bca7008ce824111f235da67b7e0051a693aaab666e97b78e753ed7928b72274af03d7fde12033986b733d5f996faf2a4feb6ecf53f39accae31334930') @@ -44,15 +42,15 @@ provides=('openssh') conflicts=('openssh') prepare() { - cd "${srcdir}/${pkgname%-*}-${pkgver}" + patch -Np1 -d "${pkgname%-*}-$pkgver" -i ../"${pkgname%-*}"-9.0p1-sshd_config.patch + cd "$srcdir/${pkgname%-*}-$pkgver" grep -rl "\.ssh" * | xargs sed -i 's/\.ssh/.config\/ssh/g' - autoreconf } build() { - cd "${srcdir}/${pkgname%-*}-${pkgver}" + cd "$srcdir/${pkgname%-*}-$pkgver" ./configure \ --prefix=/usr \ @@ -68,24 +66,18 @@ build() { --with-privsep-user=nobody \ --with-kerberos5=/usr \ --with-xauth=/usr/bin/xauth \ - --with-md5-passwords \ --with-pid-dir=/run \ --with-default-path='/usr/local/sbin:/usr/local/bin:/usr/bin' \ make } -#check() { - #cd "${srcdir}/${pkgname%-*}-${pkgver}" -# - ## Tests require openssh to be already installed system-wide, - ## also connectivity tests will fail under makechrootpkg since - ## it runs as nobody which has /bin/false as login shell. -# - #if [[ -e /usr/bin/scp && ! -e /.arch-chroot ]]; then - #make tests - #fi -#} +check() { + cd "${pkgname%-*}-${pkgver}" + + # NOTE: make t-exec does not work in our build environment + make file-tests interop-tests unit +} package() { cd "${srcdir}/${pkgname%-*}-${pkgver}" @@ -93,20 +85,14 @@ package() { make DESTDIR="${pkgdir}" install ln -sf ssh.1.gz "${pkgdir}"/usr/share/man/man1/slogin.1.gz - install -Dm644 LICENCE "${pkgdir}/usr/share/licenses/${pkgname%-*}/LICENCE" + install -Dm644 LICENCE -t "${pkgdir}/usr/share/licenses/${pkgname%-*}/" - install -Dm644 ../sshdgenkeys.service "${pkgdir}"/usr/lib/systemd/system/sshdgenkeys.service - install -Dm644 ../sshd.service "${pkgdir}"/usr/lib/systemd/system/sshd.service - install -Dm644 ../sshd.conf "${pkgdir}"/usr/lib/tmpfiles.d/sshd.conf + install -Dm644 ../sshdgenkeys.service -t "${pkgdir}"/usr/lib/systemd/system/ + install -Dm644 ../sshd.service -t "${pkgdir}"/usr/lib/systemd/system/ + install -Dm644 ../sshd.conf -t "${pkgdir}"/usr/lib/tmpfiles.d/ install -Dm644 ../sshd.pam "${pkgdir}"/etc/pam.d/sshd - install -Dm755 contrib/findssl.sh "${pkgdir}"/usr/bin/findssl.sh - install -Dm755 contrib/ssh-copy-id "${pkgdir}"/usr/bin/ssh-copy-id - install -Dm644 contrib/ssh-copy-id.1 "${pkgdir}"/usr/share/man/man1/ssh-copy-id.1 - - sed \ - -e '/^#KbdInteractiveAuthentication yes$/c KbdInteractiveAuthentication no' \ - -e '/^#PrintMotd yes$/c PrintMotd no # pam does that' \ - -e '/^#UsePAM no$/c UsePAM yes' \ - -i "${pkgdir}"/etc/ssh/sshd_config + install -Dm755 contrib/findssl.sh -t "${pkgdir}"/usr/bin/ + install -Dm755 contrib/ssh-copy-id -t "${pkgdir}"/usr/bin/ + install -Dm644 contrib/ssh-copy-id.1 -t "${pkgdir}"/usr/share/man/man1/ } diff --git a/openssh-9.0p1-sshd_config.patch b/openssh-9.0p1-sshd_config.patch new file mode 100644 index 000000000000..910014922bad --- /dev/null +++ b/openssh-9.0p1-sshd_config.patch @@ -0,0 +1,30 @@ +diff -ruN a/sshd_config b/sshd_config +--- a/sshd_config 2022-04-06 02:47:48.000000000 +0200 ++++ b/sshd_config 2022-10-10 19:55:58.961117951 +0200 +@@ -58,7 +58,7 @@ + #PermitEmptyPasswords no + + # Change to no to disable s/key passwords +-#KbdInteractiveAuthentication yes ++KbdInteractiveAuthentication no + + # Kerberos options + #KerberosAuthentication no +@@ -79,7 +79,7 @@ + # If you just want the PAM account and session checks to run without + # PAM authentication, then enable this but set PasswordAuthentication + # and KbdInteractiveAuthentication to 'no'. +-#UsePAM no ++UsePAM yes + + #AllowAgentForwarding yes + #AllowTcpForwarding yes +@@ -88,7 +88,7 @@ + #X11DisplayOffset 10 + #X11UseLocalhost yes + #PermitTTY yes +-#PrintMotd yes ++PrintMotd no + #PrintLastLog yes + #TCPKeepAlive yes + #PermitUserEnvironment no diff --git a/sshdgenkeys.service b/sshdgenkeys.service index cfb9f6aa17f1..83230084f5dd 100644 --- a/sshdgenkeys.service +++ b/sshdgenkeys.service @@ -1,7 +1,5 @@ [Unit] Description=SSH Key Generation -ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key -ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key.pub ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key |