File openssh-4.5p1.diff of Package openssh

diff -uNr openssh-3.8.1p1.orig/PATCH/pam.d-sshd openssh-3.8.1p1/PATCH/pam.d-sshd
--- openssh-3.8.1p1.orig/PATCH/pam.d-sshd	Thu Jan  1 01:00:00 1970
+++ openssh-3.8.1p1/PATCH/pam.d-sshd	Thu May  1 04:14:13 2003
@@ -0,0 +1,9 @@
+#%PAM-1.0
+auth     required       pam_unix.so	# set_secrpc
+auth     required       pam_nologin.so
+auth     required       pam_env.so
+account  required       pam_unix.so
+password required       pam_pwcheck.so use_cracklib
+password required       pam_unix.so       use_first_pass use_authtok
+session  required       pam_unix.so	none # trace or debug
+session  required       pam_limits.so
diff -uNr openssh-3.8.1p1.orig/PATCH/rc openssh-3.8.1p1/PATCH/rc
--- openssh-3.8.1p1.orig/PATCH/rc	Thu Jan  1 01:00:00 1970
+++ openssh-3.8.1p1/PATCH/rc	Thu May  1 04:14:13 2003
@@ -0,0 +1,156 @@
+#! /bin/sh
+# Copyright (c) 1995-2000 SuSE GmbH Nuernberg, Germany.
+#
+# Author: Jiri Smid <feedback@suse.de>
+#
+# /etc/init.d/sshd
+#
+#   and symbolic its link
+#
+# /usr/sbin/rcsshd
+#
+### BEGIN INIT INFO
+# Provides: sshd
+# Required-Start: $network
+# Required-Stop: $network
+# Default-Start: 3 5
+# Default-Stop: 0 1 2 6
+# Description: Start the sshd daemon
+### END INIT INFO
+
+. /etc/rc.status
+. /etc/rc.config
+
+# Determine the base and follow a runlevel link name.
+base=${0##*/}
+link=${base#*[SK][0-9][0-9]}
+
+# Force execution if not called by a runlevel directory.
+test $link = $base && START_SSHD=yes
+test "$START_SSHD" = yes || exit 0
+
+# Shell functions sourced from /etc/rc.status:
+#      rc_check         check and set local and overall rc status
+#      rc_status        check and set local and overall rc status
+#      rc_status -v     ditto but be verbose in local rc status
+#      rc_status -v -r  ditto and clear the local rc status
+#      rc_failed        set local and overall rc status to failed
+#      rc_reset         clear local rc status (overall remains)
+#      rc_exit          exit appropriate to overall rc status
+
+# First reset status of this service
+rc_reset
+case "$1" in
+    start)
+        if ! test -f /etc/ssh/ssh_host_key ; then
+	    echo Generating /etc/ssh/ssh_host_key.
+	    ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N ''
+        fi
+        if ! test -f /etc/ssh/ssh_host_dsa_key ; then
+	    echo Generating /etc/ssh/ssh_host_dsa_key.
+	    
+	    ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ''
+        fi
+        if ! test -f /etc/ssh/ssh_host_rsa_key ; then
+	    echo Generating /etc/ssh/ssh_host_rsa_key.
+	    
+	    ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N ''
+        fi
+	echo -n "Starting SSH daemon"
+	## Start daemon with startproc(8). If this fails
+	## the echo return value is set appropriate.
+
+        if [ ! -f /var/run/sshd.pid ]; then
+           # /var/run/sshd.pid does not exist => no listening sshd
+           startproc -f /usr/sbin/sshd $SSHD_OPTS
+        elif ! ps -h --pid `cat /var/run/sshd.pid` | grep "/usr/sbin/sshd" 2>&1 >/dev/null; then
+           # /var/run/sshd.pid exists but named pid not
+           rm -f /var/run/sshd.pid
+           startproc -f /usr/sbin/sshd $SSHD_OPTS
+        else
+           # just to have "failed" message
+           startproc /usr/sbin/sshd $SSHD_OPTS
+        fi
+
+	# Remember status and be verbose
+	rc_status -v
+	;;
+    stop)
+	echo -n "Shutting down SSH daemon:"
+	## Stop daemon with killproc(8) and if this fails
+	## set echo the echo return value.
+
+	killproc -p /var/run/sshd.pid -TERM /usr/sbin/sshd
+
+	# Remember status and be verbose
+	rc_status -v
+	;;
+    try-restart)
+        ## Stop the service and if this succeeds (i.e. the 
+        ## service was running before), start it again.
+        $0 status >/dev/null &&  $0 restart
+
+        # Remember status and be quiet
+        rc_status
+        ;;
+    restart)
+        ## Stop the service and regardless of whether it was
+        ## running or not, start it again.
+        $0 stop
+        $0 start
+
+        # Remember status and be quiet
+        rc_status
+        ;;
+    force-reload)
+        ## Signal the daemon to reload its config. Most daemons
+        ## do this on signal 1 (SIGHUP).
+        ## If it does not support it, restart.
+
+        echo -n "Reload service sshd"
+        ## if it supports it:
+        killproc -p /var/run/sshd.pid -HUP /usr/sbin/sshd
+        #touch /var/run/ssh.pid
+        rc_status -v
+
+        ;;
+    reload)
+        ## Like force-reload, but if daemon does not support
+        ## signalling, do nothing (!)
+
+        # If it supports signalling:
+        echo -n "Reload service sshd"
+        killproc -p /var/run/sshd.pid -HUP /usr/sbin/sshd
+        #touch /var/run/sshd.pid
+        rc_status -v
+        
+        # If it does not support reload:
+        #exit 3
+        ;;
+    status)
+	echo -n "Checking for service sshd: "
+        ## Check status with checkproc(8), if process is running
+        ## checkproc will return with exit status 0.
+
+        # Status has a slightly different for the status command:
+        # 0 - service running
+        # 1 - service dead, but /var/run/  pid  file exists
+        # 2 - service dead, but /var/lock/ lock file exists
+        # 3 - service not running
+
+        # NOTE: checkproc returns LSB compliant status values.
+        checkproc /usr/sbin/sshd
+        rc_status -v
+	;;
+    probe)
+	## Optional: Probe for the necessity of a reload,
+	## give out the argument which is required for a reload.
+
+        test /etc/ssh/sshd_config -nt /var/run/sshd.pid && echo reload
+	;;
+    *)
+	echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
+	exit 1
+	;;
+esac
+rc_exit
diff -uNr openssh-3.8.1p1.orig/PATCH/rc.config.ssh openssh-3.8.1p1/PATCH/rc.config.ssh
--- openssh-3.8.1p1.orig/PATCH/rc.config.ssh	Thu Jan  1 01:00:00 1970
+++ openssh-3.8.1p1/PATCH/rc.config.ssh	Thu May  1 04:14:13 2003
@@ -0,0 +1,8 @@
+#
+# Start the ssh daemon ? (yes/no)
+#
+START_SSHD=yes
+#
+# Options for sshd
+#
+SSHD_OPTS=""
diff -uNr openssh-3.8.1p1.orig/PATCH/sshd_config openssh-3.8.1p1/PATCH/sshd_config
--- openssh-3.8.1p1.orig/PATCH/sshd_config	Thu Jan  1 01:00:00 1970
+++ openssh-3.8.1p1/PATCH/sshd_config	Thu May  1 04:14:13 2003
@@ -0,0 +1,93 @@
+#	$OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options change a
+# default value.
+
+Port 22
+Protocol 2
+ListenAddress 0.0.0.0
+#ListenAddress ::
+
+# HostKey for protocol version 1
+#HostKey /etc/ssh/ssh_host_key
+# HostKeys for protocol version 2
+#HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+
+# Lifetime and size of ephemeral version 1 server key
+KeyRegenerationInterval 3600
+ServerKeyBits 768
+
+# Logging
+#obsoletes QuietMode and FascistLogging
+SyslogFacility AUTH
+LogLevel INFO
+
+# Authentication:
+
+LoginGraceTime 600
+PermitRootLogin yes
+StrictModes yes
+
+RSAAuthentication no
+DSAAuthentication yes
+PubkeyAuthentication yes
+AuthorizedKeysFile	.ssh/authorized_keys
+
+# rhosts authentication should not be used
+#RhostsAuthentication no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+IgnoreRhosts yes
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+RhostsRSAAuthentication no
+# similar for protocol version 2
+HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# RhostsRSAAuthentication and HostbasedAuthentication
+IgnoreUserKnownHosts no
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication yes
+PermitEmptyPasswords no
+
+# Change to no to disable s/key passwords
+ChallengeResponseAuthentication no
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd no
+#KerberosTicketCleanup no
+
+#AFSTokenPassing no
+
+# Kerberos TGT Passing only works with the AFS kaserver
+#KerberosTgtPassing no
+
+# Set this to 'yes' to enable PAM keyboard-interactive authentication 
+# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
+#PAMAuthenticationViaKbdInt no
+
+X11Forwarding no
+X11DisplayOffset 10
+X11UseLocalhost no
+#PrintMotd yes
+#PrintLastLog yes
+KeepAlive yes
+UseLogin no
+UsePrivilegeSeparation yes
+Compression yes
+
+MaxStartups 10
+# no default banner path
+#Banner /some/path
+#VerifyReverseMapping yes
+
+# override default of no subsystems
+Subsystem	sftp	/usr/lib/ssh/sftp-server