[27738] in Source-Commits
ssh-client-config commit: Revert GlobalKnownHostsFile change on Lucid and older
daemon@ATHENA.MIT.EDU (Jonathan D Reed)
Wed Feb 26 12:56:33 2014
Date: Wed, 26 Feb 2014 12:56:25 -0500
From: Jonathan D Reed <jdreed@MIT.EDU>
Message-Id: <201402261756.s1QHuP3J018370@drugstore.mit.edu>
To: source-commits@MIT.EDU
https://github.com/mit-athena/ssh-client-config/commit/ab6f6d3701780bbf90de81e485955009f5158060
commit ab6f6d3701780bbf90de81e485955009f5158060
Author: Jonathan Reed <jdreed@mit.edu>
Date: Thu Feb 20 14:05:06 2014 -0500
Revert GlobalKnownHostsFile change on Lucid and older
Per Trac #1435, the fix in 1.7 does not work on sufficiently ancient
ssh clients. The transform script now only includes it if we're
building on something with OpenSSH 5.9 or later
debian/changelog | 9 +++++++++
debian/transform_ssh_config.debathena | 3 +++
2 files changed, 12 insertions(+), 0 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index e3b76eb..85aedfa 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+debathena-ssh-client-config (1.8) unstable; urgency=medium
+
+ * The GlobalKnownHostsFile fix we added in 1.7 does not work on ancient
+ ssh clients. Only include it when the target ssh client supports it
+ (Trac: #1435)
+ * This version should be a no-op for people running Precise+ and Wheezy+
+
+ -- Jonathan Reed <jdreed@mit.edu> Thu, 20 Feb 2014 14:04:07 -0500
+
debathena-ssh-client-config (1.7) unstable; urgency=medium
* Disable GSSAPIKeyExchange. Unfortunately, it seems to have security
diff --git a/debian/transform_ssh_config.debathena b/debian/transform_ssh_config.debathena
index 927f89a..c897f91 100755
--- a/debian/transform_ssh_config.debathena
+++ b/debian/transform_ssh_config.debathena
@@ -1,4 +1,7 @@
#!/usr/bin/perl -0p
s/^\s*#?\s*GSSAPIAuthentication.*\n//mg;
s/$/\n GSSAPIAuthentication yes/ or die;
+my $openssh_ver = qx'dpkg-query -W -f \${Version} openssh-client';
+if (system('dpkg', '--compare-versions', $openssh_ver, 'ge', '1:5.9p1') == 0) {
s/$/\n GlobalKnownHostsFile \/etc\/ssh\/ssh_known_hosts \/etc\/ssh\/ssh_known_hosts2 \/etc\/ssh\/ssh_known_hosts.debathena/ or die;
+}
