aboutsummaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorDirk Meyer <dinoex@FreeBSD.org>2002-07-05 03:59:51 +0000
committerDirk Meyer <dinoex@FreeBSD.org>2002-07-05 03:59:51 +0000
commitc3792b9e3c6542dfcc9c8eb143bbdea4b4cbbebd (patch)
tree2c7c7af1bae5cbcb3683a65157369dfc7b2366ed /security
parenta3d0c77d8d8bcfcbb640af2283d1b2a2d590263e (diff)
downloadports-c3792b9e3c6542dfcc9c8eb143bbdea4b4cbbebd.tar.gz
ports-c3792b9e3c6542dfcc9c8eb143bbdea4b4cbbebd.zip
Notes
Diffstat (limited to 'security')
-rw-r--r--security/hpn-ssh/pkg-message17
-rw-r--r--security/openssh-portable/pkg-message17
-rw-r--r--security/openssh/pkg-message17
3 files changed, 41 insertions, 10 deletions
diff --git a/security/hpn-ssh/pkg-message b/security/hpn-ssh/pkg-message
index 47f0f600972d..b0908ddd4486 100644
--- a/security/hpn-ssh/pkg-message
+++ b/security/hpn-ssh/pkg-message
@@ -1,10 +1,17 @@
To enable this port, please add sshd_program=/usr/local/sbin/sshd and make
-sure
-sshd_enable is set to YES in your /etc/rc.conf
+sure sshd_enable is set to YES in your /etc/rc.conf
You may also want to put NO_OPENSSH= true in your /etc/make.conf
and make sure your path is setup to /usr/local/bin before /usr/bin so that
-you
-are running the port version of openssh and not the version that comes with
-FreeBSD
+you are running the port version of openssh and not the version that comes
+with FreeBSD
+'PermitRootLogin no' is the new default for the OpenSSH port.
+This now matches the PermitRootLogin configuration of OpenSSH in
+the base system. Please be aware of this when upgrading your
+OpenSSH port, and if truly necessary, re-enable remote root login
+by readjusting this option in your sshd_config.
+
+Users are encouraged to create single-purpose users with ssh keys
+and very narrowly defined sudo privileges instead of using root
+for automated tasks.
diff --git a/security/openssh-portable/pkg-message b/security/openssh-portable/pkg-message
index 47f0f600972d..b0908ddd4486 100644
--- a/security/openssh-portable/pkg-message
+++ b/security/openssh-portable/pkg-message
@@ -1,10 +1,17 @@
To enable this port, please add sshd_program=/usr/local/sbin/sshd and make
-sure
-sshd_enable is set to YES in your /etc/rc.conf
+sure sshd_enable is set to YES in your /etc/rc.conf
You may also want to put NO_OPENSSH= true in your /etc/make.conf
and make sure your path is setup to /usr/local/bin before /usr/bin so that
-you
-are running the port version of openssh and not the version that comes with
-FreeBSD
+you are running the port version of openssh and not the version that comes
+with FreeBSD
+'PermitRootLogin no' is the new default for the OpenSSH port.
+This now matches the PermitRootLogin configuration of OpenSSH in
+the base system. Please be aware of this when upgrading your
+OpenSSH port, and if truly necessary, re-enable remote root login
+by readjusting this option in your sshd_config.
+
+Users are encouraged to create single-purpose users with ssh keys
+and very narrowly defined sudo privileges instead of using root
+for automated tasks.
diff --git a/security/openssh/pkg-message b/security/openssh/pkg-message
new file mode 100644
index 000000000000..b0908ddd4486
--- /dev/null
+++ b/security/openssh/pkg-message
@@ -0,0 +1,17 @@
+To enable this port, please add sshd_program=/usr/local/sbin/sshd and make
+sure sshd_enable is set to YES in your /etc/rc.conf
+
+You may also want to put NO_OPENSSH= true in your /etc/make.conf
+and make sure your path is setup to /usr/local/bin before /usr/bin so that
+you are running the port version of openssh and not the version that comes
+with FreeBSD
+
+'PermitRootLogin no' is the new default for the OpenSSH port.
+This now matches the PermitRootLogin configuration of OpenSSH in
+the base system. Please be aware of this when upgrading your
+OpenSSH port, and if truly necessary, re-enable remote root login
+by readjusting this option in your sshd_config.
+
+Users are encouraged to create single-purpose users with ssh keys
+and very narrowly defined sudo privileges instead of using root
+for automated tasks.