summaryrefslogtreecommitdiff
path: root/data/openssh
diff options
context:
space:
mode:
authorJay Freeman <saurik@saurik.com>2008-01-02 08:12:33 +0000
committerJay Freeman <saurik@saurik.com>2008-01-02 08:12:33 +0000
commitd226560b85a70759b17943113f54eaf230717156 (patch)
tree48a36e95218fa788f1e285f68a8f66158cbe4cad /data/openssh
parent7fe4faa796d3393f6a806c3ebb56c0a2792c1144 (diff)
Fixed a bunch of massively broken dependencies and got OpenSSH working.
git-svn-id: http://svn.telesphoreo.org/trunk@9 514c082c-b64e-11dc-b46d-3d985efe055d
Diffstat (limited to 'data/openssh')
-rw-r--r--data/openssh/com.openssh.sshd.plist46
-rw-r--r--data/openssh/make.sh8
-rw-r--r--data/openssh/ssh_config47
-rwxr-xr-xdata/openssh/sshd-keygen-wrapper7
-rw-r--r--data/openssh/sshd_config116
5 files changed, 222 insertions, 2 deletions
diff --git a/data/openssh/com.openssh.sshd.plist b/data/openssh/com.openssh.sshd.plist
new file mode 100644
index 000000000..6866f3804
--- /dev/null
+++ b/data/openssh/com.openssh.sshd.plist
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+
+<dict>
+ <key>Label</key>
+ <string>com.openssh.sshd</string>
+
+ <key>Program</key>
+ <string>/usr/libexec/sshd-keygen-wrapper</string>
+
+ <key>ProgramArguments</key>
+ <array>
+ <string>/usr/sbin/sshd</string>
+ <string>-i</string>
+ </array>
+
+ <key>SessionCreate</key>
+ <true/>
+
+ <key>Sockets</key>
+ <dict>
+ <key>Listeners</key>
+ <dict>
+ <key>Bonjour</key>
+ <array>
+ <string>ssh</string>
+ <string>sftp-ssh</string>
+ </array>
+
+ <key>SockServiceName</key>
+ <string>ssh</string>
+ </dict>
+ </dict>
+
+ <key>StandardErrorPath</key>
+ <string>/dev/null</string>
+
+ <key>inetdCompatibility</key>
+ <dict>
+ <key>Wait</key>
+ <false/>
+ </dict>
+</dict>
+
+</plist>
diff --git a/data/openssh/make.sh b/data/openssh/make.sh
index dda4b2823..6b93f1a83 100644
--- a/data/openssh/make.sh
+++ b/data/openssh/make.sh
@@ -1,5 +1,9 @@
pkg:extract
cd *
-pkg:configure --disable-strip --sysconfdir=/etc
+pkg:configure --disable-strip --sysconfdir=/etc/ssh
make
-pkg:install
+pkg:install INSTALL_SSH_RAND_HELPER=yes
+pkg: cp -a %/sshd-keygen-wrapper /usr/libexec
+pkg: mkdir -p /Library/LaunchDaemons
+pkg: cp -a %/com.openssh.sshd.plist /Library/LaunchDaemons
+pkg: cp -af %/ssh{d,}_config /etc/ssh
diff --git a/data/openssh/ssh_config b/data/openssh/ssh_config
new file mode 100644
index 000000000..984cb76cc
--- /dev/null
+++ b/data/openssh/ssh_config
@@ -0,0 +1,47 @@
+# $OpenBSD: ssh_config,v 1.23 2007/06/08 04:40:40 pvalchev Exp $
+
+# This is the ssh client system-wide configuration file. See
+# ssh_config(5) for more information. This file provides defaults for
+# users, and the values can be changed in per-user configuration files
+# or on the command line.
+
+# Configuration data is parsed as follows:
+# 1. command line options
+# 2. user-specific file
+# 3. system-wide file
+# Any configuration value is only changed the first time it is set.
+# Thus, host-specific definitions should be at the beginning of the
+# configuration file, and defaults at the end.
+
+# Site-wide defaults for some commonly used options. For a comprehensive
+# list of available options, their meanings and defaults, please see the
+# ssh_config(5) man page.
+
+Host *
+# ForwardAgent no
+# ForwardX11 no
+# RhostsRSAAuthentication no
+# RSAAuthentication yes
+# PasswordAuthentication yes
+# HostbasedAuthentication no
+# GSSAPIAuthentication no
+# GSSAPIDelegateCredentials no
+# BatchMode no
+# CheckHostIP yes
+# AddressFamily any
+# ConnectTimeout 0
+# StrictHostKeyChecking ask
+# IdentityFile ~/.ssh/identity
+# IdentityFile ~/.ssh/id_rsa
+# IdentityFile ~/.ssh/id_dsa
+# Port 22
+# Protocol 2,1
+# Cipher 3des
+# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
+# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
+# EscapeChar ~
+# Tunnel no
+# TunnelDevice any:any
+# PermitLocalCommand no
+ SendEnv LANG LC_*
+ HashKnownHosts yes
diff --git a/data/openssh/sshd-keygen-wrapper b/data/openssh/sshd-keygen-wrapper
new file mode 100755
index 000000000..07f2631e3
--- /dev/null
+++ b/data/openssh/sshd-keygen-wrapper
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+[ ! -f /etc/ssh/ssh_host_key ] && ssh-keygen -q -t rsa1 -f /etc/ssh/ssh_host_key -N "" -C "" < /dev/null > /dev/null 2> /dev/null
+[ ! -f /etc/ssh/ssh_host_rsa_key ] && ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -N "" -C "" < /dev/null > /dev/null 2> /dev/null
+[ ! -f /etc/ssh/ssh_host_dsa_key ] && ssh-keygen -q -t dsa -f /etc/ssh/ssh_host_dsa_key -N "" -C "" < /dev/null > /dev/null 2> /dev/null
+
+exec /usr/sbin/sshd $@
diff --git a/data/openssh/sshd_config b/data/openssh/sshd_config
new file mode 100644
index 000000000..1da855090
--- /dev/null
+++ b/data/openssh/sshd_config
@@ -0,0 +1,116 @@
+# $OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $
+
+# This is the sshd server system-wide configuration file. See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented. Uncommented options change a
+# default value.
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+# Disable legacy (protocol version 1) support in the server for new
+# installations. In future the default will change to require explicit
+# activation of protocol 1
+Protocol 2
+
+# HostKey for protocol version 1
+HostKey /etc/ssh/ssh_host_key
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+
+# Lifetime and size of ephemeral version 1 server key
+#KeyRegenerationInterval 1h
+#ServerKeyBits 768
+
+# Logging
+# obsoletes QuietMode and FascistLogging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+#PermitRootLogin yes
+#StrictModes yes
+#MaxAuthTries 6
+
+#RSAAuthentication yes
+#PubkeyAuthentication yes
+#AuthorizedKeysFile .ssh/authorized_keys
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#RhostsRSAAuthentication no
+# similar for protocol version 2
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# RhostsRSAAuthentication and HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+#PasswordAuthentication yes
+#PermitEmptyPasswords no
+
+# Change to no to disable s/key passwords
+#ChallengeResponseAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication. Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+#UsePAM no
+
+#AllowTcpForwarding yes
+#GatewayPorts no
+#X11Forwarding no
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PrintMotd yes
+#PrintLastLog yes
+#TCPKeepAlive yes
+#UseLogin no
+UsePrivilegeSeparation no
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+UseDNS no
+#PidFile /var/run/sshd.pid
+#MaxStartups 10
+#PermitTunnel no
+
+# no default banner path
+#Banner /some/path
+
+# override default of no subsystems
+Subsystem sftp /usr/libexec/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+# X11Forwarding no
+# AllowTcpForwarding no
+# ForceCommand cvs server