LinuxSir.cn,穿越时空的Linuxsir!

 找回密码
 注册
搜索
热搜: shell linux mysql
查看: 3678|回复: 0

HEADS UP: OpenSSH 3.8p1, OpenBSD pf, routed(8) on FreeBSD

[复制链接]
发表于 2004-3-11 14:51:08 | 显示全部楼层 |阅读模式
Here are some recent changes to FreeBSD current:

Dag-Erling Smorgrav has updated OpenSSH 3.8p1 to change some configuration defaults: the server no longer accepts protocol version 1 nor password authentication by default.

Max Laier has started importing OpenBSD's packet filter (pf) from it's port (security/pf). The kernel parts are done, though not linked to any automatic build. If you want to build it already, you can build from the corresponding module directories: sys/modules/{pf, pflog, pfsync}. Be sure to install new and modified headers.

Bruce M Simpson has just merged version 2.27 of rhyolite.com's routed into the tree.

[Read more]
-------------------------------------

To: current@freebsd.org
From: des@des.no (Dag-Erling Smorgrav)
Date: Thu, 26 Feb 2004 12:30:03 +0100
cc: security@freebsd.org
Subject: HEADS UP: OpenSSH 3.8p1

Take the usual precautions when upgrading.

Also note that I have changed some configuration defaults: the server
no longer accepts protocol version 1 nor password authentication by
default. If your ssh client does not support ssh protocol version 2
or keyboard-interactive authentication, the recommended measures are:

1) get a better client
2) get a better client (I mean it)
3) get a better client (for real this time!)

and as a last resort

4) enable procol version 1 and password authentication in sshd_config

DES
--
Dag-Erling Smorgrav - des@des.no

===

Date: Thu, 26 Feb 2004 05:34:18 +0100
From: Max Laier <max@love2party.net>
To: current@freebsd.org
cc: hackers@freebsd.org
cc: net@freebsd.org
Subject: HEADS UP: pf import

Hi,

we started importing OpenBSD's packet filter (pf) from it's port
(security/pf). The kernel parts are done, though not linked to any
automatic build. If you want to build it already, you can build from the
corresponding module directories:
sys/modules/{pf, pflog, pfsync}

Make sure to install new and modified headers.

User of the port should hold off until this is done. The port will no
longer build with the new headers installed! There is no userland in the
tree, yet!

This brings pf from OpenBSD 3.4 with the complete OpenBSD 3.4 function
set. It was tested from the port for a long time now and brings some
features that were not available to FreeBSD before. We have reports from
people successfully running the port (and a preliminarily version of the
changes committed now) on production-use firewalls and servers.

To get an idea of pf's power I suggest reading the OpenBSD FAQ about it:
http://www.openbsd.org/faq/pf/index.html
or if you prefer a summarize, check out the port status report:
http://www.freebsd.org/news/status/...Porting-OpenBSD's-pf

--
Best regards, | max@love2party.net
Max Laier | ICQ #67774661
http://pf4freebsd.love2party.net/ | mlaier@EFnet

===

Date: Wed, 25 Feb 2004 23:58:18 +0000
From: Bruce M Simpson <bms@spc.org>
To: freebsd-current@freebsd.org, freebsd-net@freebsd.org
Subject: HEADS UP: routed(8) source update

Hi,

I've just merged version 2.27 of rhyolite.com's routed into the tree.

If you track -CURRENT and use the MD5 authentication feature, note that
it is no longer compatible with previous versions of FreeBSD; however it
is now compatible with the Sun Solaris and Cisco implementations.

I have added a note about this to src/UPDATING.

Thanks,
BMS
您需要登录后才可以回帖 登录 | 注册

本版积分规则

快速回复 返回顶部 返回列表