4 files changed, 380 insertions, 0 deletions
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
new file mode 100644
index 0000000..e533ed5
--- /dev/null
+++ b/contrib/suse/openssh.spec
@@ -0,0 +1,245 @@
+# Default values for additional components
+%define build_x11_askpass	1
+
+# Define the UID/GID to use for privilege separation
+%define sshd_gid	65
+%define sshd_uid	71
+
+# The version of x11-ssh-askpass to use
+%define xversion	1.2.4.1
+
+# Allow the ability to override defaults with -D skip_xxx=1
+%{?skip_x11_askpass:%define build_x11_askpass 0}
+
+Summary:	OpenSSH, a free Secure Shell (SSH) protocol implementation
+Name:		openssh
+Version:	9.2p1
+URL:		https://www.openssh.com/
+Release:	1
+Source0:	openssh-%{version}.tar.gz
+Source1:	x11-ssh-askpass-%{xversion}.tar.gz
+License:	BSD
+Group:		Productivity/Networking/SSH
+BuildRoot:	%{_tmppath}/openssh-%{version}-buildroot
+PreReq:		openssl
+Obsoletes:	ssh
+Provides:	ssh
+#
+# (Build[ing] Prereq[uisites] only work for RPM 2.95 and newer.)
+# building prerequisites -- stuff for
+#   OpenSSL (openssl-devel),
+#   and Gnome (glibdev, gtkdev, and gnlibsd)
+#
+BuildPrereq:	openssl
+BuildPrereq:	zlib-devel
+#BuildPrereq:	glibdev
+#BuildPrereq:	gtkdev
+#BuildPrereq:	gnlibsd
+
+%package	askpass
+Summary:	A passphrase dialog for OpenSSH and the X window System.
+Group:		Productivity/Networking/SSH
+Requires:	openssh = %{version}
+Obsoletes:	ssh-extras
+Provides:	openssh:${_libdir}/ssh/ssh-askpass
+
+%if %{build_x11_askpass}
+BuildPrereq:	XFree86-devel
+%endif
+
+%description
+Ssh (Secure Shell) is a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all
+patented algorithms to separate libraries (OpenSSL).
+
+This package includes all files necessary for both the OpenSSH
+client and server.
+
+%description askpass
+Ssh (Secure Shell) is a program for logging into a remote machine and for
+executing commands in a remote machine.  It is intended to replace
+rlogin and rsh, and provide secure encrypted communications between
+two untrusted hosts over an insecure network.  X11 connections and
+arbitrary TCP/IP ports can also be forwarded over the secure channel.
+
+OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it
+up to date in terms of security and features, as well as removing all
+patented algorithms to separate libraries (OpenSSL).
+
+This package contains an X Window System passphrase dialog for OpenSSH.
+
+%changelog
+* Mon Jul 20 2020 Damien Miller <djm@mindrto.org>
+- Add ssh-sk-helper and corresponding manual page.
+* Wed Oct 26 2005 Iain Morgan <imorgan@nas.nasa.gov>
+- Removed accidental inclusion of --without-zlib-version-check
+* Tue Oct 25 2005 Iain Morgan <imorgan@nas.nasa.gov>
+- Overhaul to deal with newer versions of SuSE and OpenSSH
+* Mon Jun 12 2000 Damien Miller <djm@mindrot.org>
+- Glob manpages to catch compressed files
+* Wed Mar 15 2000 Damien Miller <djm@ibs.com.au>
+- Updated for new location
+- Updated for new gnome-ssh-askpass build
+* Sun Dec 26 1999 Chris Saia <csaia@wtower.com>
+- Made symlink to gnome-ssh-askpass called ssh-askpass
+* Wed Nov 24 1999 Chris Saia <csaia@wtower.com>
+- Removed patches that included /etc/pam.d/sshd, /sbin/init.d/rc.sshd, and
+  /var/adm/fillup-templates/rc.config.sshd, since Damien merged these into
+  his released tarfile
+- Changed permissions on ssh_config in the install procedure to 644 from 600
+  even though it was correct in the %files section and thus right in the RPMs
+- Postinstall script for the server now only prints "Generating SSH host
+  key..." if we need to actually do this, in order to eliminate a confusing
+  message if an SSH host key is already in place
+- Marked all manual pages as %doc(umentation)
+* Mon Nov 22 1999 Chris Saia <csaia@wtower.com>
+- Added flag to configure daemon with TCP Wrappers support
+- Added building prerequisites (works in RPM 3.0 and newer)
+* Thu Nov 18 1999 Chris Saia <csaia@wtower.com>
+- Made this package correct for SuSE.
+- Changed instances of pam_pwdb.so to pam_unix.so, since it works more properly
+  with SuSE, and lib_pwdb.so isn't installed by default.
+* Mon Nov 15 1999 Damien Miller <djm@mindrot.org>
+- Split subpackages further based on patch from jim knoble <jmknoble@pobox.com>
+* Sat Nov 13 1999 Damien Miller <djm@mindrot.org>
+- Added 'Obsoletes' directives
+* Tue Nov 09 1999 Damien Miller <djm@ibs.com.au>
+- Use make install
+- Subpackages
+* Mon Nov 08 1999 Damien Miller <djm@ibs.com.au>
+- Added links for slogin
+- Fixed perms on manpages
+* Sat Oct 30 1999 Damien Miller <djm@ibs.com.au>
+- Renamed init script
+* Fri Oct 29 1999 Damien Miller <djm@ibs.com.au>
+- Back to old binary names
+* Thu Oct 28 1999 Damien Miller <djm@ibs.com.au>
+- Use autoconf
+- New binary names
+* Wed Oct 27 1999 Damien Miller <djm@ibs.com.au>
+- Initial RPMification, based on Jan "Yenya" Kasprzak's <kas@fi.muni.cz> spec.
+
+%prep
+
+%if %{build_x11_askpass}
+%setup -q -a 1
+%else
+%setup -q
+%endif
+
+%build
+CFLAGS="$RPM_OPT_FLAGS" \
+%configure	--prefix=/usr \
+		--sysconfdir=%{_sysconfdir}/ssh \
+		--mandir=%{_mandir} \
+		--with-privsep-path=/var/lib/empty \
+		--with-pam \
+		--libexecdir=%{_libdir}/ssh
+make
+
+%if %{build_x11_askpass}
+cd x11-ssh-askpass-%{xversion}
+%configure	--mandir=/usr/X11R6/man \
+		--libexecdir=%{_libdir}/ssh
+xmkmf -a
+make
+cd ..
+%endif
+
+%install
+rm -rf $RPM_BUILD_ROOT
+make install DESTDIR=$RPM_BUILD_ROOT/
+install -d $RPM_BUILD_ROOT/etc/pam.d/
+install -d $RPM_BUILD_ROOT/etc/init.d/
+install -d $RPM_BUILD_ROOT/var/adm/fillup-templates
+install -m644 contrib/sshd.pam.generic $RPM_BUILD_ROOT/etc/pam.d/sshd
+install -m744 contrib/suse/rc.sshd $RPM_BUILD_ROOT/etc/init.d/sshd
+install -m744 contrib/suse/sysconfig.ssh \
+   $RPM_BUILD_ROOT/var/adm/fillup-templates
+
+%if %{build_x11_askpass}
+cd x11-ssh-askpass-%{xversion}
+make install install.man BINDIR=%{_libdir}/ssh DESTDIR=$RPM_BUILD_ROOT/
+rm -f $RPM_BUILD_ROOT/usr/share/Ssh.bin
+%endif
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%pre
+/usr/sbin/groupadd -g %{sshd_gid} -o -r sshd 2> /dev/null || :
+/usr/sbin/useradd -r -o -g sshd -u %{sshd_uid} -s /bin/false -c "SSH Privilege Separation User" -d /var/lib/sshd sshd 2> /dev/null || :
+
+%post
+/usr/bin/ssh-keygen -A
+%{fillup_and_insserv -n -y ssh sshd}
+%run_permissions
+
+%verifyscript
+%verify_permissions -e /etc/ssh/sshd_config -e /etc/ssh/ssh_config -e /usr/bin/ssh
+
+%preun
+%stop_on_removal sshd
+
+%postun
+%restart_on_update sshd
+%{insserv_cleanup}
+
+%files
+%defattr(-,root,root)
+%doc ChangeLog OVERVIEW README* PROTOCOL*
+%doc TODO CREDITS LICENCE
+%attr(0755,root,root) %dir %{_sysconfdir}/ssh
+%attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ssh/ssh_config
+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/sshd_config
+%attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ssh/moduli
+%attr(0644,root,root) %config(noreplace) /etc/pam.d/sshd
+%attr(0755,root,root) %config /etc/init.d/sshd
+%attr(0755,root,root) %{_bindir}/ssh-keygen
+%attr(0755,root,root) %{_bindir}/scp
+%attr(0755,root,root) %{_bindir}/ssh
+%attr(0755,root,root) %{_bindir}/ssh-agent
+%attr(0755,root,root) %{_bindir}/ssh-add
+%attr(0755,root,root) %{_bindir}/ssh-keyscan
+%attr(0755,root,root) %{_bindir}/sftp
+%attr(0755,root,root) %{_sbindir}/sshd
+%attr(0755,root,root) %dir %{_libdir}/ssh
+%attr(0755,root,root) %{_libdir}/ssh/sftp-server
+%attr(4711,root,root) %{_libdir}/ssh/ssh-keysign
+%attr(0755,root,root) %{_libdir}/ssh/ssh-pkcs11-helper
+%attr(0755,root,root) %{_libdir}/ssh/ssh-sk-helper
+%attr(0644,root,root) %doc %{_mandir}/man1/scp.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/sftp.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh-add.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh-agent.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keygen.1*
+%attr(0644,root,root) %doc %{_mandir}/man1/ssh-keyscan.1*
+%attr(0644,root,root) %doc %{_mandir}/man5/moduli.5*
+%attr(0644,root,root) %doc %{_mandir}/man5/ssh_config.5*
+%attr(0644,root,root) %doc %{_mandir}/man5/sshd_config.5*
+%attr(0644,root,root) %doc %{_mandir}/man8/sftp-server.8*
+%attr(0644,root,root) %doc %{_mandir}/man8/ssh-keysign.8*
+%attr(0644,root,root) %doc %{_mandir}/man8/ssh-pkcs11-helper.8*
+%attr(0644,root,root) %doc %{_mandir}/man8/ssh-sk-helper.8*
+%attr(0644,root,root) %doc %{_mandir}/man8/sshd.8*
+%attr(0644,root,root) /var/adm/fillup-templates/sysconfig.ssh
+
+%if %{build_x11_askpass}
+%files askpass
+%defattr(-,root,root)
+%doc x11-ssh-askpass-%{xversion}/README
+%doc x11-ssh-askpass-%{xversion}/ChangeLog
+%doc x11-ssh-askpass-%{xversion}/SshAskpass*.ad
+%attr(0755,root,root) %{_libdir}/ssh/ssh-askpass
+%attr(0755,root,root) %{_libdir}/ssh/x11-ssh-askpass
+%attr(0644,root,root) %doc /usr/X11R6/man/man1/ssh-askpass.1x*
+%attr(0644,root,root) %doc /usr/X11R6/man/man1/x11-ssh-askpass.1x*
+%attr(0644,root,root) %config /usr/X11R6/lib/X11/app-defaults/SshAskpass
+%endif
diff --git a/contrib/suse/rc.config.sshd b/contrib/suse/rc.config.sshd
new file mode 100644
index 0000000..baaa7a5
--- /dev/null
+++ b/contrib/suse/rc.config.sshd
@@ -0,0 +1,5 @@
+#
+# Start the Secure Shell (SSH) Daemon?
+#
+START_SSHD="yes"
+
diff --git a/contrib/suse/rc.sshd b/contrib/suse/rc.sshd
new file mode 100644
index 0000000..28f28e4
--- /dev/null
+++ b/contrib/suse/rc.sshd
@@ -0,0 +1,121 @@
+#! /bin/sh
+# Copyright (c) 1995-2000 SuSE GmbH Nuernberg, Germany.
+#
+# Author: Jiri Smid <feedback@suse.de>
+#
+# /etc/init.d/sshd
+#
+#   and symbolic its link
+#
+# /usr/sbin/rcsshd
+#
+### BEGIN INIT INFO
+# Provides: sshd
+# Required-Start: $network $remote_fs
+# Required-Stop: $network $remote_fs
+# Default-Start: 3 5
+# Default-Stop: 0 1 2 6
+# Description: Start the sshd daemon
+### END INIT INFO
+
+SSHD_BIN=/usr/sbin/sshd
+test -x $SSHD_BIN || exit 5
+
+SSHD_SYSCONFIG=/etc/sysconfig/ssh
+test -r $SSHD_SYSCONFIG || exit 6
+. $SSHD_SYSCONFIG
+
+SSHD_PIDFILE=/var/run/sshd.init.pid
+
+. /etc/rc.status
+
+# Shell functions sourced from /etc/rc.status:
+#      rc_check         check and set local and overall rc status
+#      rc_status        check and set local and overall rc status
+#      rc_status -v     ditto but be verbose in local rc status
+#      rc_status -v -r  ditto and clear the local rc status
+#      rc_failed        set local and overall rc status to failed
+#      rc_reset         clear local rc status (overall remains)
+#      rc_exit          exit appropriate to overall rc status
+
+# First reset status of this service
+rc_reset
+
+case "$1" in
+    start)
+	# Generate any missing host keys
+	ssh-keygen -A
+	echo -n "Starting SSH daemon"
+	## Start daemon with startproc(8). If this fails
+	## the echo return value is set appropriate.
+
+	startproc -f -p $SSHD_PIDFILE $SSHD_BIN $SSHD_OPTS -o "PidFile=$SSHD_PIDFILE" 
+
+	# Remember status and be verbose
+	rc_status -v
+	;;
+    stop)
+	echo -n "Shutting down SSH daemon"
+	## Stop daemon with killproc(8) and if this fails
+	## set echo the echo return value.
+
+	killproc -p $SSHD_PIDFILE -TERM $SSHD_BIN
+
+	# Remember status and be verbose
+	rc_status -v
+	;;
+    try-restart)
+        ## Stop the service and if this succeeds (i.e. the 
+        ## service was running before), start it again.
+        $0 status >/dev/null &&  $0 restart
+
+        # Remember status and be quiet
+        rc_status
+        ;;
+    restart)
+        ## Stop the service and regardless of whether it was
+        ## running or not, start it again.
+        $0 stop
+        $0 start
+
+        # Remember status and be quiet
+        rc_status
+        ;;
+    force-reload|reload)
+	## Signal the daemon to reload its config. Most daemons
+	## do this on signal 1 (SIGHUP).
+
+	echo -n "Reload service sshd"
+
+	killproc -p $SSHD_PIDFILE -HUP $SSHD_BIN
+
+        rc_status -v
+
+        ;;
+    status)
+	echo -n "Checking for service sshd "
+        ## Check status with checkproc(8), if process is running
+        ## checkproc will return with exit status 0.
+
+        # Status has a slightly different for the status command:
+        # 0 - service running
+        # 1 - service dead, but /var/run/  pid  file exists
+        # 2 - service dead, but /var/lock/ lock file exists
+        # 3 - service not running
+
+	checkproc -p $SSHD_PIDFILE $SSHD_BIN
+
+	rc_status -v
+	;;
+    probe)
+	## Optional: Probe for the necessity of a reload,
+	## give out the argument which is required for a reload.
+
+        test /etc/ssh/sshd_config -nt $SSHD_PIDFILE && echo reload
+	;;
+    *)
+	echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload|probe}"
+	exit 1
+	;;
+esac
+rc_exit
diff --git a/contrib/suse/sysconfig.ssh b/contrib/suse/sysconfig.ssh
new file mode 100644
index 0000000..c6a37e5
--- /dev/null
+++ b/contrib/suse/sysconfig.ssh
@@ -0,0 +1,9 @@
+## Path:	Network/Remote access/SSH
+## Description:	SSH server settings
+## Type:	string
+## Default:	""
+## ServiceRestart: sshd
+#
+# Options for sshd
+#
+SSHD_OPTS=""