Clive Menzies wrote:
On (15/04/05 17:51), FICOS wrote:Is this still the case? Would I need to use the SSH server from unstable to get password aging to work? If I understand the Debian branches right, though, unstable isn't covered by the security team, which doesn't sound like something I want to live with. The other option would seem to be just installing OpenSSH from source and keep an eye out for patches, but the reason I went to Debian for this box was to get away from this server's previous incarnation, which was an unmanageable mix of RPMs from several different distribs and compiled-from-source apps.You have two (amongst many choices): Upgrade to sarge (which will be the next stable) - not recommended for servers exposed to the internet but on a LAN, are very solid. Obtain a backport of a later version of ssh: http://backports.org/
Be very careful about this. Especially, since SSH provides essentially unrestricted access to your machince (depending on the rest of your setup). I am not saying that Norbert doesn't do a good job of keeping up with the security advisories, simply that you want to be judicios about what software you change on your Debian Stable machine. Otherwise, why bother with unstable? -Roberto -- Roberto C. Sanchez http://familiasanchez.net/~sanchezr
Attachment:
signature.asc
Description: OpenPGP digital signature