diff options
author | Marcel Ziswiler <marcel.ziswiler@toradex.com> | 2017-04-06 17:33:24 +0200 |
---|---|---|
committer | Marcel Ziswiler <marcel.ziswiler@toradex.com> | 2017-04-06 17:35:39 +0200 |
commit | ea1e478c85f6b991aa9031c8ebea5dc5d725200b (patch) | |
tree | f5c54ce33e8fb4ff8a650fa495748a5baec4ea22 /recipes-connectivity/openssh/openssh/sshdgenkeys.service | |
parent | 708ca9c597269eff78941558228fa596378548b7 (diff) |
openssh: update 6.7p1 -> 7.4p1V2.5-next
This is basically a back port of the following commits from the
openembedded-core master branch:
openssh: upgrade to 7.4p1
openssh: fix CVE-2016-8858
openssh: fix potential signed overflow to enable compilation with -ftrapv
openssh: Upgrade 7.2p2 -> 7.3p1
openssh: add ed25519 host key location to read-only sshd config
openssh: conditional compile DES code.
openssh: fix init script restart with read-only-rootfs
openssh: update homepage and summary
openssh: Backport fix for CVE-2015-8325
openssh: Upgrade 7.1p2 -> 7.2p2
openssh: change URI to http:
openssh: Security Fix CVE-2016-3115
openssh: Properly skip ptrace test if tools are missing
openssh: Fix regex that sets sftp-server path for tests
openssh: CVE-2016-1907
openssh: update to 7.1p2
openssh: redesign ssh-agent.sh regression test case
openssh: enable X11Forwarding if distro feature x11 is set
openssh: fix file permission for /etc/pam.d/sshd
openssh: fix sshd key generation when systemd is in use and rootfs is readonly
openssh: Upgrade 7.0p1 -> 7.1p1
openssh: build regression test binaries
openssh: Upgrade 6.9p1 -> 7.0p1
openssh: Upgrade 6.8p1 -> 6.9p1
openssh: fix login fails for ssh -o Batchmode=yes with empty passwords
openssh: Upgrade 6.7 - > 6.8
Revert "openssh: CVE-2015-6563 CVE-2015-6564 CVE-2015-6565"
Signed-off-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Diffstat (limited to 'recipes-connectivity/openssh/openssh/sshdgenkeys.service')
-rw-r--r-- | recipes-connectivity/openssh/openssh/sshdgenkeys.service | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/recipes-connectivity/openssh/openssh/sshdgenkeys.service b/recipes-connectivity/openssh/openssh/sshdgenkeys.service index d65086f..148e6ad 100644 --- a/recipes-connectivity/openssh/openssh/sshdgenkeys.service +++ b/recipes-connectivity/openssh/openssh/sshdgenkeys.service @@ -1,11 +1,22 @@ [Unit] Description=OpenSSH Key Generation -ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key -ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key -ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key -ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key +RequiresMountsFor=/var /run +ConditionPathExists=!/var/run/ssh/ssh_host_rsa_key +ConditionPathExists=!/var/run/ssh/ssh_host_dsa_key +ConditionPathExists=!/var/run/ssh/ssh_host_ecdsa_key +ConditionPathExists=!/var/run/ssh/ssh_host_ed25519_key +ConditionPathExists=!/etc/ssh/ssh_host_rsa_key +ConditionPathExists=!/etc/ssh/ssh_host_dsa_key +ConditionPathExists=!/etc/ssh/ssh_host_ecdsa_key +ConditionPathExists=!/etc/ssh/ssh_host_ed25519_key [Service] -ExecStart=@BINDIR@/ssh-keygen -A +Environment="SYSCONFDIR=/etc/ssh" +EnvironmentFile=-/etc/default/ssh +ExecStart=@BASE_BINDIR@/mkdir -p $SYSCONFDIR +ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_rsa_key -N '' -t rsa +ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_dsa_key -N '' -t dsa +ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_ecdsa_key -N '' -t ecdsa +ExecStart=@BINDIR@/ssh-keygen -q -f ${SYSCONFDIR}/ssh_host_ed25519_key -N '' -t ed25519 Type=oneshot RemainAfterExit=yes |