From b462854c1c060f74797b3d6ccef151f65d9cb38f Mon Sep 17 00:00:00 2001 From: piernov Date: Sun, 5 Aug 2012 23:39:28 +0200 Subject: openssh-server 6.0p1-2 support PAM --- openssh-server/.footprint.i686 | 2 ++ openssh-server/.footprint.x86_64 | 2 ++ openssh-server/.md5sum.i686 | 1 + openssh-server/.md5sum.x86_64 | 1 + openssh-server/Pkgfile | 14 ++++++++++---- openssh-server/sshd.pam | 13 +++++++++++++ 6 files changed, 29 insertions(+), 4 deletions(-) create mode 100644 openssh-server/sshd.pam (limited to 'openssh-server') diff --git a/openssh-server/.footprint.i686 b/openssh-server/.footprint.i686 index 1d385f15e..089007027 100644 --- a/openssh-server/.footprint.i686 +++ b/openssh-server/.footprint.i686 @@ -1,4 +1,6 @@ drwxr-xr-x root/root etc/ +drwxr-xr-x root/root etc/pam.d/ +-rw-r--r-- root/root etc/pam.d/sshd drwxr-xr-x root/root etc/rc.d/ drwxr-xr-x root/root etc/rc.d/init.d/ -rwxr-xr-- root/root etc/rc.d/init.d/sshd diff --git a/openssh-server/.footprint.x86_64 b/openssh-server/.footprint.x86_64 index 1d385f15e..089007027 100644 --- a/openssh-server/.footprint.x86_64 +++ b/openssh-server/.footprint.x86_64 @@ -1,4 +1,6 @@ drwxr-xr-x root/root etc/ +drwxr-xr-x root/root etc/pam.d/ +-rw-r--r-- root/root etc/pam.d/sshd drwxr-xr-x root/root etc/rc.d/ drwxr-xr-x root/root etc/rc.d/init.d/ -rwxr-xr-- root/root etc/rc.d/init.d/sshd diff --git a/openssh-server/.md5sum.i686 b/openssh-server/.md5sum.i686 index cb160acf8..72ebd72e7 100644 --- a/openssh-server/.md5sum.i686 +++ b/openssh-server/.md5sum.i686 @@ -1,2 +1,3 @@ 3c9347aa67862881c5da3f3b1c08da7b openssh-6.0p1.tar.gz dbda0db2a43bce33d6921aa2801609ee service-sekong-01.patch +2fd20d311d2afbfc6e576883224d8c97 sshd.pam diff --git a/openssh-server/.md5sum.x86_64 b/openssh-server/.md5sum.x86_64 index cb160acf8..72ebd72e7 100644 --- a/openssh-server/.md5sum.x86_64 +++ b/openssh-server/.md5sum.x86_64 @@ -1,2 +1,3 @@ 3c9347aa67862881c5da3f3b1c08da7b openssh-6.0p1.tar.gz dbda0db2a43bce33d6921aa2801609ee service-sekong-01.patch +2fd20d311d2afbfc6e576883224d8c97 sshd.pam diff --git a/openssh-server/Pkgfile b/openssh-server/Pkgfile index 5b1f0fc9a..9010b4559 100755 --- a/openssh-server/Pkgfile +++ b/openssh-server/Pkgfile @@ -2,14 +2,15 @@ # URL: http://www.openssh.org/ # Maintainer: NuTyX coreteam # Packager: thierryn1 at hispeed dot ch -# Depends on: openssh -# Run on: openssh +# Depends on: openssh, linux-pam, pambase +# Run on: openssh,linux-pam,pambase name=openssh-server version=6.0p1 -release=1 +release=2 source=(http://ftp2.fr.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-$version.tar.gz - http://nutyx.meticul.eu/files/patchs/$name/service-sekong-01.patch) + http://nutyx.meticul.eu/files/patchs/$name/service-sekong-01.patch + sshd.pam) build() { unset MAKEFLAGS @@ -28,16 +29,21 @@ build() { --libexecdir=/usr/lib/openssh \ --with-tcp-wrappers \ --with-md5-passwords \ + --with-pam \ --with-privsep-path=/var/lib/sshd \ --mandir=/usr/share/man \ --infodir=/usr/share/info make DESTDIR=$PKG install + install -Dm644 ../sshd.pam $PKG/etc/pam.d/sshd + cd ../$scripts-$scriptsversion patch -Np1 -i ../service-sekong-01.patch make DESTDIR=$PKG install-sshd echo "PermitRootLogin no" >> $PKG/etc/ssh/sshd_config + echo "ChallengeResponseAuthentication no" >> $PKG/etc/ssh/sshd_config + echo "UsePAM yes" >> $PKG/etc/ssh/sshd_config # Suppression du client et ses man rm $PKG/etc/ssh/{ssh_config,moduli} diff --git a/openssh-server/sshd.pam b/openssh-server/sshd.pam new file mode 100644 index 000000000..aeef8be27 --- /dev/null +++ b/openssh-server/sshd.pam @@ -0,0 +1,13 @@ +#%PAM-1.0 +#auth required pam_securetty.so #Disable remote root +auth required pam_unix.so +auth required pam_env.so +account required pam_nologin.so +account required pam_unix.so +account required pam_time.so +password required pam_unix.so +session required pam_unix_session.so +session required pam_limits.so +session optional pam_loginuid.so +-session optional pam_ck_connector.so nox11 +-session optional pam_systemd.so -- cgit v1.2.3-54-g00ecf