On Wed, 2005-06-08 at 11:38 +0100, Joe Doran wrote: > Hi, > > > I have been using the fedora legacy mirrors for redhat 9.0 recently. > I have noticed that openssh package (openssh-server-3.5p1-11) does not > honour the strictmodes setting in sshd_config files. > After spending some time chasing this down I have narrowed the fault > down to auth2-pubkey.c line 199 which should be strict_modes not > strictmodes. > > 199c199 > < if (options.strictmodes && > --- > > if (options.strict_modes && > > > I have download the original source from the legacy mirror and checked > that I am not running a hacked up version. The sources on openbsd sites > do not seem to display this fault as far as I can tell. However I am not > very experienced in CVS and am not sure whether I am looking at the > right branch. Openssh for redhat 9.0 from: http://download.fedoralegacy.org/redhat/9/updates/SRPMS/ shows the correct "strict_modes" line. Where did you get your altered openssh package from? Is it signed? Could you post a "rpm -q -i -p openssh..." please? Marc.
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list