diff options
Diffstat (limited to 'debian/patches/restore-authorized_keys2.patch')
| -rw-r--r-- | debian/patches/restore-authorized_keys2.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/debian/patches/restore-authorized_keys2.patch b/debian/patches/restore-authorized_keys2.patch new file mode 100644 index 0000000..918da0f --- /dev/null +++ b/debian/patches/restore-authorized_keys2.patch @@ -0,0 +1,35 @@ +From b2cc972d55fcc3c3df709a340ce3019fec9880c4 Mon Sep 17 00:00:00 2001 +From: Colin Watson <cjwatson@debian.org> +Date: Sun, 5 Mar 2017 02:02:11 +0000 +Subject: Restore reading authorized_keys2 by default + +Upstream seems to intend to gradually phase this out, so don't assume +that this will remain the default forever. However, we were late in +adopting the upstream sshd_config changes, so it makes sense to extend +the grace period. + +Bug-Debian: https://bugs.debian.org/852320 +Forwarded: not-needed +Last-Update: 2017-03-05 + +Patch-Name: restore-authorized_keys2.patch +--- + sshd_config | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/sshd_config b/sshd_config +index 677f97d5d..d500d18cd 100644 +--- a/sshd_config ++++ b/sshd_config +@@ -38,9 +38,8 @@ Include /etc/ssh/sshd_config.d/*.conf + + #PubkeyAuthentication yes + +-# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +-# but this is overridden so installations will only check .ssh/authorized_keys +-AuthorizedKeysFile .ssh/authorized_keys ++# Expect .ssh/authorized_keys2 to be disregarded by default in future. ++#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 + + #AuthorizedPrincipalsFile none + |