From a5ab4882348d26addc9830a44e053238dfa2cb58 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Thu, 6 May 2021 10:08:30 +1000 Subject: remove built-in support for md5crypt() Users of MD5-hashed password should arrange for ./configure to link against libxcrypt or similar. Though it would be better to avoid use of MD5 password hashing entirely, it's arguably worse than DEScrypt. feedback and ok dtucker@ --- contrib/redhat/openssh.spec | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'contrib') diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec index 2905db0e..f86b035d 100644 --- a/contrib/redhat/openssh.spec +++ b/contrib/redhat/openssh.spec @@ -66,7 +66,7 @@ # rpm -ba|--rebuild --define "smartcard 1" %{?smartcard:%global scard 1} -# Is this a build for the rescue CD (without PAM, with MD5)? (1=yes 0=no) +# Is this a build for the rescue CD (without PAM)? (1=yes 0=no) %global rescue 0 %{?build_rescue:%global rescue 1} @@ -211,7 +211,6 @@ CFLAGS="$RPM_OPT_FLAGS -Os"; export CFLAGS --with-default-path=/usr/local/bin:/bin:/usr/bin \ --with-superuser-path=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin \ --with-privsep-path=%{_var}/empty/sshd \ - --with-md5-passwords \ --mandir=%{_mandir} \ --with-mantype=man \ --disable-strip \ @@ -424,7 +423,10 @@ fi %endif %changelog -* Mon Jul 20 2020 Damien Miller +* Thu Oct 28 2021 Damien Miller +- Remove remaining traces of --with-md5-passwords + +* Mon Jul 20 2020 Damien Miller - Add ssh-sk-helper and corresponding manual page. * Sat Feb 10 2018 Darren Tucker -- cgit v1.2.3