Pull up following revision(s) (requested by drochner in ticket #1384): crypto/external/bsd/openssh/dist/ssh_config.5: revision 1.3 via patch crypto/external/bsd/openssh/dist/sshd_config.5: revision 1.4 via patch crypto/external/bsd/openssh/dist/ssh_config: revision 1.3 via patch Don't mention "umac-64@openssh.com" MAC algorithm which is not enabled in our SSH client and daemon as it causes crashes on architectures which strict aligment requirements (e.g. NetBSD/sparc64). This fixes PR bin/43221 by myself.diff -r1.14 -r1.14.6.1 src/crypto/dist/ssh/ssh_config
(snj)
--- src/crypto/dist/ssh/Attic/ssh_config 2008/04/25 15:01:45 1.14
+++ src/crypto/dist/ssh/Attic/ssh_config 2010/05/20 05:25:30 1.14.6.1
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | # $NetBSD: ssh_config,v 1.14 2008/04/25 15:01:45 jmmv Exp $ | 1 | # $NetBSD: ssh_config,v 1.14.6.1 2010/05/20 05:25:30 snj Exp $ | |
| 2 | # $OpenBSD: ssh_config,v 1.23 2007/06/08 04:40:40 pvalchev Exp $ | 2 | # $OpenBSD: ssh_config,v 1.23 2007/06/08 04:40:40 pvalchev Exp $ | |
| 3 | 3 | |||
| 4 | # This is the ssh client system-wide configuration file. See | 4 | # This is the ssh client system-wide configuration file. See | |
| 5 | # ssh_config(5) for more information. This file provides defaults for | 5 | # ssh_config(5) for more information. This file provides defaults for | |
| 6 | # users, and the values can be changed in per-user configuration files | 6 | # users, and the values can be changed in per-user configuration files | |
| 7 | # or on the command line. | 7 | # or on the command line. | |
| 8 | 8 | |||
| 9 | # Configuration data is parsed as follows: | 9 | # Configuration data is parsed as follows: | |
| 10 | # 1. command line options | 10 | # 1. command line options | |
| 11 | # 2. user-specific file | 11 | # 2. user-specific file | |
| 12 | # 3. system-wide file | 12 | # 3. system-wide file | |
| 13 | # Any configuration value is only changed the first time it is set. | 13 | # Any configuration value is only changed the first time it is set. | |
| 14 | # Thus, host-specific definitions should be at the beginning of the | 14 | # Thus, host-specific definitions should be at the beginning of the | |
| @@ -29,20 +29,20 @@ | @@ -29,20 +29,20 @@ | |||
| 29 | # GSSAPIDelegateCredentials no | 29 | # GSSAPIDelegateCredentials no | |
| 30 | # BatchMode no | 30 | # BatchMode no | |
| 31 | # CheckHostIP yes | 31 | # CheckHostIP yes | |
| 32 | # AddressFamily any | 32 | # AddressFamily any | |
| 33 | # ConnectTimeout 0 | 33 | # ConnectTimeout 0 | |
| 34 | # StrictHostKeyChecking ask | 34 | # StrictHostKeyChecking ask | |
| 35 | # IdentityFile ~/.ssh/identity | 35 | # IdentityFile ~/.ssh/identity | |
| 36 | # IdentityFile ~/.ssh/id_rsa | 36 | # IdentityFile ~/.ssh/id_rsa | |
| 37 | # IdentityFile ~/.ssh/id_dsa | 37 | # IdentityFile ~/.ssh/id_dsa | |
| 38 | # Port 22 | 38 | # Port 22 | |
| 39 | # Protocol 2,1 | 39 | # Protocol 2,1 | |
| 40 | # Cipher 3des | 40 | # Cipher 3des | |
| 41 | # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc | 41 | # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc | |
| 42 | # MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160 | 42 | # MACs hmac-md5,hmac-sha1,hmac-ripemd160 | |
| 43 | # EscapeChar ~ | 43 | # EscapeChar ~ | |
| 44 | # Tunnel no | 44 | # Tunnel no | |
| 45 | # TunnelDevice any:any | 45 | # TunnelDevice any:any | |
| 46 | # PermitLocalCommand no | 46 | # PermitLocalCommand no | |
| 47 | # If you use xorg from pkgsrc then uncomment the following line. | 47 | # If you use xorg from pkgsrc then uncomment the following line. | |
| 48 | # XAuthLocation /usr/pkg/bin/xauth | 48 | # XAuthLocation /usr/pkg/bin/xauth |
--- src/crypto/dist/ssh/Attic/ssh_config.5 2008/04/06 23:38:20 1.16
+++ src/crypto/dist/ssh/Attic/ssh_config.5 2010/05/20 05:25:30 1.16.8.1
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | .\" $NetBSD: ssh_config.5,v 1.16 2008/04/06 23:38:20 christos Exp $ | 1 | .\" $NetBSD: ssh_config.5,v 1.16.8.1 2010/05/20 05:25:30 snj Exp $ | |
| 2 | .\" -*- nroff -*- | 2 | .\" -*- nroff -*- | |
| 3 | .\" | 3 | .\" | |
| 4 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | |
| 5 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 5 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | |
| 6 | .\" All rights reserved | 6 | .\" All rights reserved | |
| 7 | .\" | 7 | .\" | |
| 8 | .\" As far as I am concerned, the code I have written for this software | 8 | .\" As far as I am concerned, the code I have written for this software | |
| 9 | .\" can be used freely for any purpose. Any derived versions of this | 9 | .\" can be used freely for any purpose. Any derived versions of this | |
| 10 | .\" software must be clearly marked as such, and if the derived work is | 10 | .\" software must be clearly marked as such, and if the derived work is | |
| 11 | .\" incompatible with the protocol description in the RFC file, it must be | 11 | .\" incompatible with the protocol description in the RFC file, it must be | |
| 12 | .\" called by a name other than "ssh" or "Secure Shell". | 12 | .\" called by a name other than "ssh" or "Secure Shell". | |
| 13 | .\" | 13 | .\" | |
| 14 | .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. | 14 | .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. | |
| @@ -641,27 +641,27 @@ Gives the verbosity level that is used w | @@ -641,27 +641,27 @@ Gives the verbosity level that is used w | |||
| 641 | The possible values are: | 641 | The possible values are: | |
| 642 | QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. | 642 | QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. | |
| 643 | The default is INFO. | 643 | The default is INFO. | |
| 644 | DEBUG and DEBUG1 are equivalent. | 644 | DEBUG and DEBUG1 are equivalent. | |
| 645 | DEBUG2 and DEBUG3 each specify higher levels of verbose output. | 645 | DEBUG2 and DEBUG3 each specify higher levels of verbose output. | |
| 646 | .It Cm MACs | 646 | .It Cm MACs | |
| 647 | Specifies the MAC (message authentication code) algorithms | 647 | Specifies the MAC (message authentication code) algorithms | |
| 648 | in order of preference. | 648 | in order of preference. | |
| 649 | The MAC algorithm is used in protocol version 2 | 649 | The MAC algorithm is used in protocol version 2 | |
| 650 | for data integrity protection. | 650 | for data integrity protection. | |
| 651 | Multiple algorithms must be comma-separated. | 651 | Multiple algorithms must be comma-separated. | |
| 652 | The default is: | 652 | The default is: | |
| 653 | .Bd -literal -offset indent | 653 | .Bd -literal -offset indent | |
| 654 | hmac-md5,hmac-sha1,umac-64@openssh.com, | 654 | hmac-md5,hmac-sha1, | |
| 655 | hmac-ripemd160,hmac-sha1-96,hmac-md5-96 | 655 | hmac-ripemd160,hmac-sha1-96,hmac-md5-96 | |
| 656 | .Ed | 656 | .Ed | |
| 657 | .It Cm NoHostAuthenticationForLocalhost | 657 | .It Cm NoHostAuthenticationForLocalhost | |
| 658 | This option can be used if the home directory is shared across machines. | 658 | This option can be used if the home directory is shared across machines. | |
| 659 | In this case localhost will refer to a different machine on each of | 659 | In this case localhost will refer to a different machine on each of | |
| 660 | the machines and the user will get many warnings about changed host keys. | 660 | the machines and the user will get many warnings about changed host keys. | |
| 661 | However, this option disables host authentication for localhost. | 661 | However, this option disables host authentication for localhost. | |
| 662 | The argument to this keyword must be | 662 | The argument to this keyword must be | |
| 663 | .Dq yes | 663 | .Dq yes | |
| 664 | or | 664 | or | |
| 665 | .Dq no . | 665 | .Dq no . | |
| 666 | The default is to check the host key for localhost. | 666 | The default is to check the host key for localhost. | |
| 667 | .It Cm NumberOfPasswordPrompts | 667 | .It Cm NumberOfPasswordPrompts |
--- src/crypto/dist/ssh/Attic/sshd_config.5 2008/04/06 23:38:20 1.15
+++ src/crypto/dist/ssh/Attic/sshd_config.5 2010/05/20 05:25:30 1.15.8.1
| @@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
| 1 | .\" $NetBSD: sshd_config.5,v 1.15 2008/04/06 23:38:20 christos Exp $ | 1 | .\" $NetBSD: sshd_config.5,v 1.15.8.1 2010/05/20 05:25:30 snj Exp $ | |
| 2 | .\" -*- nroff -*- | 2 | .\" -*- nroff -*- | |
| 3 | .\" | 3 | .\" | |
| 4 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | |
| 5 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 5 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | |
| 6 | .\" All rights reserved | 6 | .\" All rights reserved | |
| 7 | .\" | 7 | .\" | |
| 8 | .\" As far as I am concerned, the code I have written for this software | 8 | .\" As far as I am concerned, the code I have written for this software | |
| 9 | .\" can be used freely for any purpose. Any derived versions of this | 9 | .\" can be used freely for any purpose. Any derived versions of this | |
| 10 | .\" software must be clearly marked as such, and if the derived work is | 10 | .\" software must be clearly marked as such, and if the derived work is | |
| 11 | .\" incompatible with the protocol description in the RFC file, it must be | 11 | .\" incompatible with the protocol description in the RFC file, it must be | |
| 12 | .\" called by a name other than "ssh" or "Secure Shell". | 12 | .\" called by a name other than "ssh" or "Secure Shell". | |
| 13 | .\" | 13 | .\" | |
| 14 | .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. | 14 | .\" Copyright (c) 1999,2000 Markus Friedl. All rights reserved. | |
| @@ -528,27 +528,27 @@ Gives the verbosity level that is used w | @@ -528,27 +528,27 @@ Gives the verbosity level that is used w | |||
| 528 | The possible values are: | 528 | The possible values are: | |
| 529 | QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. | 529 | QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3. | |
| 530 | The default is INFO. | 530 | The default is INFO. | |
| 531 | DEBUG and DEBUG1 are equivalent. | 531 | DEBUG and DEBUG1 are equivalent. | |
| 532 | DEBUG2 and DEBUG3 each specify higher levels of debugging output. | 532 | DEBUG2 and DEBUG3 each specify higher levels of debugging output. | |
| 533 | Logging with a DEBUG level violates the privacy of users and is not recommended. | 533 | Logging with a DEBUG level violates the privacy of users and is not recommended. | |
| 534 | .It Cm MACs | 534 | .It Cm MACs | |
| 535 | Specifies the available MAC (message authentication code) algorithms. | 535 | Specifies the available MAC (message authentication code) algorithms. | |
| 536 | The MAC algorithm is used in protocol version 2 | 536 | The MAC algorithm is used in protocol version 2 | |
| 537 | for data integrity protection. | 537 | for data integrity protection. | |
| 538 | Multiple algorithms must be comma-separated. | 538 | Multiple algorithms must be comma-separated. | |
| 539 | The default is: | 539 | The default is: | |
| 540 | .Bd -literal -offset indent | 540 | .Bd -literal -offset indent | |
| 541 | hmac-md5,hmac-sha1,umac-64@openssh.com, | 541 | hmac-md5,hmac-sha1, | |
| 542 | hmac-ripemd160,hmac-sha1-96,hmac-md5-96 | 542 | hmac-ripemd160,hmac-sha1-96,hmac-md5-96 | |
| 543 | .Ed | 543 | .Ed | |
| 544 | .It Cm Match | 544 | .It Cm Match | |
| 545 | Introduces a conditional block. | 545 | Introduces a conditional block. | |
| 546 | If all of the criteria on the | 546 | If all of the criteria on the | |
| 547 | .Cm Match | 547 | .Cm Match | |
| 548 | line are satisfied, the keywords on the following lines override those | 548 | line are satisfied, the keywords on the following lines override those | |
| 549 | set in the global section of the config file, until either another | 549 | set in the global section of the config file, until either another | |
| 550 | .Cm Match | 550 | .Cm Match | |
| 551 | line or the end of the file. | 551 | line or the end of the file. | |
| 552 | The arguments to | 552 | The arguments to | |
| 553 | .Cm Match | 553 | .Cm Match | |
| 554 | are one or more criteria-pattern pairs. | 554 | are one or more criteria-pattern pairs. |