untrusted comment: signature from openbsd 5.8 base secret key
RWQNNZXtC/MqPxdggXvy2USZPzpUKVF3XEtBuJJpIt0wlGSonQ9TkMLXmji9WIlWgS2w13WvH/HiMDwssPj+lb00xg0xBzeVDgA=

OpenBSD 5.8 errata 1, Aug 30, 2015:

Inverted logic made "PermitRootLogin prohibit-password" unsafe.
Use "no", or apply the following patch.

Apply by doing:
   signify -Vep /etc/signify/openbsd-58-base.pub -x 001_sshd.patch.sig \
       -m - | (cd /usr/src && patch -p0)

And then rebuild and install sshd:
   cd /usr/src/usr.bin/ssh
   make obj
   make depend
   make
   make install

Index: usr.bin/ssh/auth.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/auth.c,v
retrieving revision 1.112
diff -u -p -r1.112 auth.c
--- usr.bin/ssh/auth.c  6 Aug 2015 14:53:21 -0000       1.112
+++ usr.bin/ssh/auth.c  26 Aug 2015 15:10:30 -0000
@@ -263,7 +263,7 @@ auth_root_allowed(const char *method)
       case PERMIT_NO_PASSWD:
               if (strcmp(method, "publickey") == 0 ||
                   strcmp(method, "hostbased") == 0 ||
-                   strcmp(method, "gssapi-with-mic"))
+                   strcmp(method, "gssapi-with-mic") == 0)
                       return 1;
               break;
       case PERMIT_FORCED_ONLY:

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.