packages/security-tool
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!93 在sshd的默认配置项中删除已弃用的选项RSAAuthentication和RhostsRSAAuthentication选项

Browse Source 
From: @renmingshuai 
Reviewed-by: @zhengxiaoxiaoGitee, @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee
This commit is contained in:
openeuler-ci-bot 2023-01-10 06:59:04 +00:00 committed by Gitee
commit 790afadd94
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 33 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
security-tool.spec
View File

@ -2,7 +2,7 @@
Summary: openEuler Security Tool
Name : security-tool
Version: 2.0
Release: 1.86
Release: 1.87
Source0: https://gitee.com/openeuler/security-tool/repository/archive/v2.0.tar.gz
License: MulanPSL-2.0
URL: https://gitee.com/openeuler/security-tool
@ -20,6 +20,7 @@ Patch2: remove-sha1-in-sshd-config.patch
Patch3: fix-function-allow-rpm-q.patch
Patch4: add-secure-hostKey-algorithms.patch
Patch5: Do-not-hard-code-vendor-name-in-source-code.patch
Patch6: sshd-delete-deprecated-option-RSAAuthentication-and-Rhost.patch
%description
%{vendor} Security Tool
@ -125,6 +126,9 @@ fi
%attr(0500,root,root) %{_sbindir}/security-tool.sh
%changelog
* Tue Jan 10 2023 renmingshuai <renmingshuai@huawei.com> - 2.0-1.87
- delete deprecated option RSAAuthentication and RhostsRSAAuthentication
* Fri Jan 6 2023 Chenxi Mao <chenxi.mao@suse.com> - 2.0-1.86
- Do not hard code vendor name in source code

28
sshd-delete-deprecated-option-RSAAuthentication-and-Rhost.patch Normal file
View File

@ -0,0 +1,28 @@
From b72601eb4904923100e3254f490def46633db322 Mon Sep 17 00:00:00 2001
From: "renmingshuai@huawei.com" <renmingshuai@huawei.com>
Date: Tue, 10 Jan 2023 11:10:33 +0800
Subject: [PATCH] delete deprecated option RSAAuthentication and
RhostsRSAAuthentication
---
security.conf | 2 --
1 file changed, 2 deletions(-)
diff --git a/security.conf b/security.conf
index f52a19d..70674b9 100644
--- a/security.conf
+++ b/security.conf
@@ -53,10 +53,8 @@
103@m@/etc/ssh/sshd_config@X11Forwarding @no
105@m@/etc/ssh/sshd_config@PubkeyAuthentication @yes
-105@m@/etc/ssh/sshd_config@RSAAuthentication @yes
# Don't read the user's ~/.rhosts and ~/.shosts files
105@m@/etc/ssh/sshd_config@IgnoreRhosts @yes
-105@m@/etc/ssh/sshd_config@RhostsRSAAuthentication @no
# To disable host authentication
106@m@/etc/ssh/sshd_config@HostbasedAuthentication @no
--
2.23.0