- Added SuSE package files from Chris Saia <csaia@wtower.com>

 - Restructured package-related files under packages/
 - Added generic PAM config

6 files changed, 554 insertions, 0 deletions

diff --git a/packages/redhat/openssh.spec b/packages/redhat/openssh.spec
new file mode 100644
index 00000000..870ffd8a
--- /dev/null
+++ b/packages/redhat/openssh.spec
@@ -0,0 +1,185 @@
+Summary: OpenSSH free Secure Shell (SSH) implementation
+Name: openssh
+Version: 1.2pre14
+Release: 1
+Packager: Damien Miller <djm@ibs.com.au>
+Source0: openssh-%{version}.tar.gz
+Copyright: BSD
+Group: Applications/Internet
+BuildRoot: /tmp/openssh-%{version}-buildroot
+Obsoletes: ssh
+
+%package clients
+Summary: OpenSSH Secure Shell protocol clients
+Requires: openssh
+Group: System Environment/Daemons
+Obsoletes: ssh-clients
+
+%package server
+Summary: OpenSSH Secure Shell protocol server (sshd)
+Requires: openssh chkconfig >= 0.9
+Group: System Environment/Daemons
+Obsoletes: ssh-server
+
+%package askpass
+Summary: OpenSSH GNOME passphrase dialog
+Group: Applications/Internet
+Requires: openssh
+Obsoletes: ssh-extras
+Obsoletes: ssh-askpass
+
+%description
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all 
+patented algorithms to seperate libraries (OpenSSL).
+
+This package includes the core files necessary for both the OpenSSH
+client and server.  To make this package useful, you should also
+install openssh-clients, openssh-server, or both.
+
+%description clients
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all 
+patented algorithms to seperate libraries (OpenSSL).
+
+This package includes the clients necessary to make encrypted connections
+to SSH servers.
+
+%description server
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all 
+patented algorithms to seperate libraries (OpenSSL).
+
+This package contains the secure shell daemon. The sshd is the server 
+part of the secure shell protocol and allows ssh clients to connect to 
+your host.
+
+%description askpass
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all 
+patented algorithms to seperate libraries (OpenSSL).
+
+This package contains the GNOME passphrase dialog.
+
+%changelog
+* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
+- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
+* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
+- Added 'Obsoletes' directives
+* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
+- Use make install
+- Subpackages
+* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
+- Added links for slogin
+- Fixed perms on manpages
+* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
+- Renamed init script
+* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
+- Back to old binary names
+* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
+- Use autoconf
+- New binary names
+* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
+- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
+
+%prep
+
+%setup
+
+%build
+
+CFLAGS="$RPM_OPT_FLAGS" \
+	./configure --prefix=/usr --sysconfdir=/etc/ssh --with-gnome-askpass
+
+make
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make install prefix="$RPM_BUILD_ROOT/usr"
+
+install -d $RPM_BUILD_ROOT/etc/ssh
+install -d $RPM_BUILD_ROOT/etc/pam.d/
+install -d $RPM_BUILD_ROOT/etc/rc.d/init.d
+install -m644 packages/redhat/sshd.pam $RPM_BUILD_ROOT/etc/pam.d/sshd
+install -m755 packages/redhat/sshd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/sshd
+install -m600 ssh_config $RPM_BUILD_ROOT/etc/ssh/ssh_config
+install -m600 sshd_config $RPM_BUILD_ROOT/etc/ssh/sshd_config
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post server
+/sbin/chkconfig --add sshd
+if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
+	/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2
+fi
+if test -r /var/run/sshd.pid
+then
+	/etc/rc.d/init.d/sshd restart >&2
+fi
+
+%preun server
+if [ "$1" = 0 ]
+then
+	/etc/rc.d/init.d/sshd stop >&2
+	/sbin/chkconfig --del sshd
+fi
+
+%files
+%defattr(-,root,root)
+%doc ChangeLog OVERVIEW COPYING.Ylonen README README.Ylonen INSTALL UPGRADING
+%attr(0755,root,root) /usr/bin/ssh-keygen
+%attr(0755,root,root) /usr/bin/scp
+%attr(0644,root,root) /usr/man/man1/ssh-keygen.1
+%attr(0644,root,root) /usr/man/man1/scp.1
+%attr(0755,root,root) %dir /etc/ssh
+
+%files clients
+%defattr(-,root,root)
+%attr(4755,root,root) /usr/bin/ssh
+%attr(0755,root,root) /usr/bin/ssh-agent
+%attr(0755,root,root) /usr/bin/ssh-add
+%attr(0644,root,root) /usr/man/man1/ssh.1
+%attr(0644,root,root) /usr/man/man1/ssh-agent.1
+%attr(0644,root,root) /usr/man/man1/ssh-add.1
+%attr(0644,root,root) %config(noreplace) /etc/ssh/ssh_config
+%attr(-,root,root) /usr/bin/slogin
+%attr(-,root,root) /usr/man/man1/slogin.1
+
+%files server
+%defattr(-,root,root)
+%attr(0755,root,root) /usr/sbin/sshd
+%attr(0644,root,root) /usr/man/man8/sshd.8
+%attr(0600,root,root) %config(noreplace) /etc/ssh/sshd_config
+%attr(0600,root,root) %config(noreplace) /etc/pam.d/sshd
+%attr(0755,root,root) %config /etc/rc.d/init.d/sshd
+
+%files askpass
+%defattr(-,root,root)
+%attr(0755,root,root) /usr/libexec/ssh/ssh-askpass
+%attr(0755,root,root) %dir /usr/libexec/ssh
+
diff --git a/packages/redhat/sshd.init b/packages/redhat/sshd.init
new file mode 100755
index 00000000..5e919489
--- /dev/null
+++ b/packages/redhat/sshd.init
@@ -0,0 +1,50 @@
+#!/bin/bash
+
+# Init file for OpenSSH server daemon
+#
+# chkconfig: 2345 55 25
+# description: OpenSSH server daemon
+#
+# processname: sshd
+# config: /etc/ssh/ssh_host_key
+# config: /etc/ssh/ssh_host_key.pub
+# config: /etc/ssh/ssh_random_seed
+# config: /etc/ssh/sshd_config
+# pidfile: /var/run/sshd.pid
+
+# source function library
+. /etc/rc.d/init.d/functions
+
+RETVAL=0
+
+case "$1" in
+  start)
+	echo -n "Starting sshd: "
+	if [ ! -f /var/run/sshd.pid ] ; then
+   	/usr/sbin/sshd && success "sshd startup" || failure "sshd startup"
+		RETVAL=$?
+	fi
+	echo
+	;;
+  stop)
+	echo -n "Shutting down sshd: "
+	if [ -f /var/run/sshd.pid ] ; then
+		killproc sshd
+	fi
+	echo
+	;;
+  restart)
+        $0 stop
+        $0 start
+	RETVAL=$?
+        ;;
+  status)
+        status sshd
+	RETVAL=$?
+        ;;
+  *)
+	echo "Usage: sshd {start|stop|restart|status}"
+	exit 1
+esac
+
+exit $RETVAL
diff --git a/packages/redhat/sshd.pam b/packages/redhat/sshd.pam
new file mode 100644
index 00000000..2a7d1fbd
--- /dev/null
+++ b/packages/redhat/sshd.pam
@@ -0,0 +1,7 @@
+#%PAM-1.0
+auth       required     /lib/security/pam_pwdb.so shadow
+auth       required     /lib/security/pam_nologin.so
+account    required     /lib/security/pam_pwdb.so
+password   required     /lib/security/pam_cracklib.so
+password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
+session    required     /lib/security/pam_pwdb.so
diff --git a/packages/suse/openssh.spec b/packages/suse/openssh.spec
new file mode 100644
index 00000000..9bdde3b2
--- /dev/null
+++ b/packages/suse/openssh.spec
@@ -0,0 +1,227 @@
+Summary: OpenSSH, a free Secure Shell (SSH) implementation
+Name: openssh
+Version: 1.2pre14
+Release: 2RSAref
+Source0: openssh-%{version}.tar.gz
+Copyright: BSD
+Group: Applications/Internet
+BuildRoot: /tmp/openssh-%{version}-buildroot
+Obsoletes: ssh
+#
+# building prerequisites -- stuff for TCP Wrappers and Gnome
+# (This only works for RPM 2.95 and newer.)
+#
+BuildPrereq: nkitb
+BuildPrereq: glibdev
+BuildPrereq: gtkdev
+BuildPrereq: gnlibsd
+
+%package clients
+Summary: OpenSSH Secure Shell protocol clients
+Requires: openssh
+Group: Applications/Internet
+Obsoletes: ssh-clients
+
+%package server
+Summary: OpenSSH Secure Shell protocol server (sshd)
+Requires: openssh
+Group: System Environment/Daemons
+Obsoletes: ssh-server
+
+%package askpass
+Summary: OpenSSH GNOME passphrase dialog
+Group: Applications/Internet
+Requires: openssh
+Obsoletes: ssh-extras
+Obsoletes: ssh-askpass
+
+%description
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all 
+patented algorithms to seperate libraries (OpenSSL).
+
+This package includes the core files necessary for both the OpenSSH
+client and server.  To make this package useful, you should also
+install openssh-clients, openssh-server, or both.
+
+%description clients
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all 
+patented algorithms to seperate libraries (OpenSSL).
+
+This package includes the clients necessary to make encrypted connections
+to SSH servers.
+
+%description server
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all 
+patented algorithms to seperate libraries (OpenSSL).
+
+This package contains the secure shell daemon. The sshd is the server 
+part of the secure shell protocol and allows ssh clients to connect to 
+your host.
+
+%description askpass
+Ssh (Secure Shell) a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all 
+patented algorithms to seperate libraries (OpenSSL).
+
+This package contains the GNOME passphrase dialog.
+
+%changelog
+* Mon Nov 22 1999 Chris Saia <csaia@wtower.com>
+- Added flag to configure daemon with TCP Wrappers support
+- Added building prerequisites (works in RPM 3.0 and newer)
+* Thu Nov 18 1999 Chris Saia <csaia@wtower.com>
+- Made this package correct for SuSE.
+- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly
+  with SuSE, and lib_pwdb.so isn't installed by default.
+* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
+- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
+* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
+- Added 'Obsoletes' directives
+* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
+- Use make install
+- Subpackages
+* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
+- Added links for slogin
+- Fixed perms on manpages
+* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
+- Renamed init script
+* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
+- Back to old binary names
+* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
+- Use autoconf
+- New binary names
+* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
+- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
+
+%prep
+
+%setup
+
+%build
+
+CFLAGS="$RPM_OPT_FLAGS" \
+	./configure --prefix=/usr --sysconfdir=/etc/ssh --with-gnome-askpass --with-tcp-wrappers
+
+make
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make install prefix="$RPM_BUILD_ROOT/usr"
+
+install -d $RPM_BUILD_ROOT/etc/ssh/
+install -d $RPM_BUILD_ROOT/etc/pam.d/
+install -d $RPM_BUILD_ROOT/sbin/init.d/
+install -d $RPM_BUILD_ROOT/sbin/init.d/rc2.d/
+install -d $RPM_BUILD_ROOT/sbin/init.d/rc3.d/
+install -m644 sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
+install -m744 packages/suse/rc.sshd $RPM_BUILD_ROOT/sbin/init.d/sshd
+install -m600 ssh_config $RPM_BUILD_ROOT/etc/ssh/ssh_config
+install -m600 sshd_config $RPM_BUILD_ROOT/etc/ssh/sshd_config
+ln -s ../../sbin/init.d/sshd $RPM_BUILD_ROOT/usr/sbin/rcsshd
+install -d $RPM_BUILD_ROOT/var/adm/fillup-templates
+cp packages/suse/rc.config.sshd $RPM_BUILD_ROOT/var/adm/fillup-templates
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%post server
+if [ "$1" = 0 ]; then
+  echo "Creating SSH stop/start scripts in rc directories..."
+  ln -s ../sshd /sbin/init.d/rc2.d/K20sshd
+  ln -s ../sshd /sbin/init.d/rc2.d/S20sshd
+  ln -s ../sshd /sbin/init.d/rc3.d/K20sshd
+  ln -s ../sshd /sbin/init.d/rc3.d/S20sshd
+fi
+echo "Updating /etc/rc.config..."
+if [ -x /bin/fillup ] ; then
+  /bin/fillup -q -d = etc/rc.config var/adm/fillup-templates/rc.config.sshd
+else
+  echo "ERROR: fillup not found.  This should NOT happen in SuSE Linux."
+  echo "Update /etc/rc.config by hand from the following template file:"
+  echo "  /var/adm/fillup-templates/rc.config.sshd"
+fi
+echo "Generating SSH host key..."
+if [ ! -f /etc/ssh/ssh_host_key -o ! -s /etc/ssh/ssh_host_key ]; then
+	/usr/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N '' >&2
+fi
+if test -r /var/run/sshd.pid
+then
+	/usr/sbin/rcsshd restart >&2
+fi
+
+%preun server
+if [ "$1" = 0 ]
+then
+        echo "Stopping SSH..."
+	/usr/sbin/rcsshd stop >&2
+	echo "Removing SSH stop/start scripts from rc directories..."
+        rm /sbin/init.d/rc2.d/K20sshd
+        rm /sbin/init.d/rc2.d/S20sshd
+        rm /sbin/init.d/rc3.d/K20sshd
+        rm /sbin/init.d/rc3.d/S20sshd
+fi
+
+%files
+%defattr(-,root,root)
+%doc COPYING.Ylonen ChangeLog OVERVIEW README README.Ylonen 
+%doc RFC.nroff TODO UPGRADING
+%attr(0755,root,root) /usr/bin/ssh-keygen
+%attr(0755,root,root) /usr/bin/scp
+%attr(0644,root,root) /usr/man/man1/ssh-keygen.1
+%attr(0644,root,root) /usr/man/man1/scp.1
+%attr(0755,root,root) %dir /etc/ssh
+
+%files clients
+%defattr(-,root,root)
+%attr(4755,root,root) /usr/bin/ssh
+%attr(0755,root,root) /usr/bin/ssh-agent
+%attr(0755,root,root) /usr/bin/ssh-add
+%attr(0644,root,root) /usr/man/man1/ssh.1
+%attr(0644,root,root) /usr/man/man1/ssh-agent.1
+%attr(0644,root,root) /usr/man/man1/ssh-add.1
+%attr(0644,root,root) %config(noreplace) /etc/ssh/ssh_config
+%attr(-,root,root) /usr/bin/slogin
+%attr(-,root,root) /usr/man/man1/slogin.1
+
+%files server
+%defattr(-,root,root)
+%attr(0755,root,root) /usr/sbin/sshd
+%attr(0644,root,root) /usr/man/man8/sshd.8
+%attr(0600,root,root) %config(noreplace) /etc/ssh/sshd_config
+%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
+%attr(0755,root,root) %config /sbin/init.d/sshd
+%attr(-,root,root) /usr/sbin/rcsshd
+%attr(0644,root,root) /var/adm/fillup-templates/rc.config.sshd
+
+%files askpass
+%defattr(-,root,root)
+%attr(0755,root,root) %dir /usr/libexec/ssh
+%attr(0755,root,root) /usr/libexec/ssh/ssh-askpass
+
diff --git a/packages/suse/rc.config.sshd b/packages/suse/rc.config.sshd
new file mode 100644
index 00000000..baaa7a5a
--- /dev/null
+++ b/packages/suse/rc.config.sshd
@@ -0,0 +1,5 @@
+#
+# Start the Secure Shell (SSH) Daemon?
+#
+START_SSHD="yes"
+
diff --git a/packages/suse/rc.sshd b/packages/suse/rc.sshd
new file mode 100644
index 00000000..f7d431eb
--- /dev/null
+++ b/packages/suse/rc.sshd
@@ -0,0 +1,80 @@
+#! /bin/sh
+# Copyright (c) 1995-1998 SuSE GmbH Nuernberg, Germany.
+#
+# Author: Chris Saia <csaia@wtower.com>
+#
+# /sbin/init.d/sshd
+#
+#   and symbolic its link
+#
+# /sbin/rcsshd
+#
+
+. /etc/rc.config
+
+# Determine the base and follow a runlevel link name.
+base=${0##*/}
+link=${base#*[SK][0-9][0-9]}
+
+# Force execution if not called by a runlevel directory.
+test $link = $base && START_SSHD=yes
+test "$START_SSHD" = yes || exit 0
+
+# The echo return value for success (defined in /etc/rc.config).
+return=$rc_done
+case "$1" in
+    start)
+	echo -n "Starting service sshd"
+	## Start daemon with startproc(8). If this fails
+	## the echo return value is set appropriate.
+
+	startproc /usr/sbin/sshd || return=$rc_failed
+
+	echo -e "$return"
+	;;
+    stop)
+	echo -n "Stopping service sshd"
+	## Stop daemon with killproc(8) and if this fails
+	## set echo the echo return value.
+
+	killproc -TERM /usr/sbin/sshd || return=$rc_failed
+
+	echo -e "$return"
+	;;
+    restart)
+	## If first returns OK call the second, if first or
+	## second command fails, set echo return value.
+	$0 stop  &&  $0 start  ||  return=$rc_failed
+	;;
+    reload)
+	## Choose ONE of the following two cases:
+
+	## First possibility: A few services accepts a signal
+	## to reread the (changed) configuration.
+
+	echo -n "Reload service sshd"
+	killproc -HUP /usr/sbin/sshd || return=$rc_failed
+	echo -e "$return"
+	;;
+    status)
+	echo -n "Checking for service sshd"
+	## Check status with checkproc(8), if process is running
+	## checkproc will return with exit status 0.
+
+	checkproc /usr/sbin/sshd && echo OK || echo No process
+	;;
+    probe)
+	## Optional: Probe for the necessity of a reload,
+	## give out the argument which is required for a reload.
+
+	test /etc/ssh/sshd_config -nt /var/run/sshd.pid && echo reload
+	;;
+    *)
+	echo "Usage: $0 {start|stop|status|restart|reload[|probe]}"
+	exit 1
+	;;
+esac
+
+# Inform the caller not only verbosely and set an exit status.
+test "$return" = "$rc_done" || exit 1
+exit 0