Bug#420107: openssh: [debconf_rewrite] Debconf templates review
Package: openssh
Version: N/A
Severity: normal
Tags: patch
Dear Debian maintainer,
On Sunday, April 08, 2007, I notified you of the beginning of a review process
concerning debconf templates for openssh.
The debian-l10n-english contributors have now reviewed these templates,
and the proposed changes are attached to this bug report.
Please review the suggested changes are suggested, and if you have any
objections, let me know in the next 3 days.
Please try to avoid uploading openssh with these changes right now.
The second phase of this process will begin on Monday, April 23, 2007, when I will
coordinate updates to translations of debconf templates.
The existing translators will be notified of the changes: they will
receive an updated PO file for their language.
Simultaneously, a general call for new translations will be sent to
the debian-i18n mailing list.
Both these calls for translations will request updates to be sent as
individual bug reports. That will probably trigger a lot of bug
reports against your package, but these should be easier to deal with.
The call for translation updates and new translations will run until
Saturday, May 05, 2007. Please avoid uploading a package with fixed or changed
debconf templates and/or translation updates in the meantime. Of
course, other changes are safe.
On Sunday, May 06, 2007, I will contact you again and will send a final patch
summarizing all the updates (changes to debconf templates,
updates to debconf translations and new debconf translations).
Again, thanks for your attention and cooperation.
-- System Information:
Debian Release: lenny/sid
Architecture: i386 (i686)
Kernel: Linux 2.6.18-4-486
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
--- /home/bubulle/travail/debian/rewrite/LCFC/openssh/openssh.old/debian/openssh-server.templates.master 2007-03-29 06:13:05.523673024 +0200
+++ /home/bubulle/travail/debian/rewrite/LCFC/openssh/openssh/debian/openssh-server.templates.master 2007-04-20 07:24:06.887940643 +0200
@@ -1,47 +1,57 @@
+# These templates have been reviewed by the debian-l10n-english
+# team
+#
+# If modifications/additions/rewording are needed, please ask
+# for an advice to debian-l10n-english@lists.debian.org
+#
+# Even minor modifications require translation updates and such
+# changes should be coordinated with translators and reviewers.
+
Template: ssh/new_config
Type: boolean
Default: true
-_Description: Generate new configuration file?
+_Description: Generate a new configuration file for OpenSSH?
This version of OpenSSH has a considerably changed configuration file from
the version shipped in Debian 'Potato', which you appear to be upgrading
from. This package can now generate a new configuration file
(/etc/ssh/sshd.config), which will work with the new server version, but
- will not contain any customisations you made with the old version.
+ will not contain any customizations you made with the old version.
.
Please note that this new configuration file will set the value of
- 'PermitRootLogin' to yes (meaning that anyone knowing the root password
- can ssh directly in as root). It is the opinion of the maintainer that
- this is the correct default (see README.Debian for more details), but you
- can always edit sshd_config and set it to no if you wish.
+ 'PermitRootLogin' to 'yes' (meaning that anyone knowing the root password
+ can ssh directly in as root). Please read the README.Debian files for
+ more details about this design choice.
.
- It is strongly recommended that you let this package generate a new
+ It is strongly recommended that choose to generate a new
configuration file now.
Template: ssh/use_old_init_script
Type: boolean
Default: false
-_Description: Do you want to continue (and risk killing active ssh sessions)?
- The version of /etc/init.d/ssh that you have installed, is likely to kill
- all running sshd instances. If you are doing this upgrade via an ssh
- session, that would be a Bad Thing(tm).
+_Description: Do you want to risk killing active SSH sessions?
+ The currently installed version of /etc/init.d/ssh is likely to kill
+ all running sshd instances. If you are doing this upgrade via an SSH
+ session, you're likely to be disconnected and leave the upgrade
+ procedure unfinished.
.
- You can fix this by adding "--pidfile /var/run/sshd.pid" to the
- start-stop-daemon line in the stop section of the file.
+ This can be fixed by manually adding "--pidfile /var/run/sshd.pid" to
+ the start-stop-daemon line in the stop section of the file.
Template: ssh/encrypted_host_key_but_no_keygen
Type: note
-_Description: Warning: you must create a new host key
- There is an old /etc/ssh/ssh_host_key, which is IDEA encrypted. OpenSSH
- can not handle this host key file, and the ssh-keygen utility from the old
- (non-free) SSH installation does not appear to be available.
+_Description: New host key mandatory
+ The current host key, in /etc/ssh/ssh_host_key, is encrypted with the
+ IDEA algorithm. OpenSSH can not handle this host key file, and the
+ ssh-keygen utility from the old (non-free) SSH installation does not
+ appear to be available.
.
- You will need to generate a new host key.
+ You need to manually generate a new host key.
Template: ssh/disable_cr_auth
Type: boolean
Default: false
_Description: Disable challenge-response authentication?
- Password authentication appears to be disabled in your current OpenSSH
+ Password authentication appears to be disabled in the current OpenSSH
server configuration. In order to prevent users from logging in using
passwords (perhaps using only public key authentication instead) with
recent versions of OpenSSH, you must disable challenge-response
--- /home/bubulle/travail/debian/rewrite/LCFC/openssh/openssh.old/debian/control 2007-03-29 06:13:05.315671355 +0200
+++ /home/bubulle/travail/debian/rewrite/LCFC/openssh/openssh/debian/control 2007-04-08 09:25:20.126113743 +0200
@@ -13,7 +13,7 @@
Replaces: ssh, ssh-krb5
Suggests: ssh-askpass, xbase-clients
Provides: rsh-client, ssh-client
-Description: Secure shell client, an rlogin/rsh/rcp replacement
+Description: secure shell client, an rlogin/rsh/rcp replacement
This is the portable version of OpenSSH, a free implementation of
the Secure Shell protocol as specified by the IETF secsh working
group.
@@ -21,7 +21,7 @@
Ssh (Secure Shell) is a program for logging into a remote machine
and for executing commands on a remote machine.
It provides secure encrypted communications between two untrusted
- hosts over an insecure network. X11 connections and arbitrary TCP/IP
+ hosts over an insecure network. X11 connections and arbitrary TCP/IP
ports can also be forwarded over the secure channel.
It is intended as a replacement for rlogin, rsh and rcp, and can be
used to provide applications with a secure communication channel.
@@ -30,8 +30,6 @@
and ssh-add programs to make public key authentication more convenient,
and the ssh-keygen, ssh-keyscan, ssh-copy-id and ssh-argv0 utilities.
.
- --------------------------------------------------------------------
- .
In some countries it may be illegal to use any encryption at all
without a special permit.
@@ -43,7 +41,7 @@
Replaces: ssh, openssh-client (<< 1:3.8.1p1-11), ssh-krb5
Suggests: ssh-askpass, xbase-clients, rssh, molly-guard
Provides: ssh-server
-Description: Secure shell server, an rshd replacement
+Description: secure shell server, an rshd replacement
This is the portable version of OpenSSH, a free implementation of
the Secure Shell protocol as specified by the IETF secsh working
group.
@@ -51,15 +49,13 @@
Ssh (Secure Shell) is a program for logging into a remote machine
and for executing commands on a remote machine.
It provides secure encrypted communications between two untrusted
- hosts over an insecure network. X11 connections and arbitrary TCP/IP
+ hosts over an insecure network. X11 connections and arbitrary TCP/IP
ports can also be forwarded over the secure channel.
It is intended as a replacement for rlogin, rsh and rcp, and can be
used to provide applications with a secure communication channel.
.
This package provides the sshd server.
.
- --------------------------------------------------------------------
- .
In some countries it may be illegal to use any encryption at all
without a special permit.
@@ -67,7 +63,7 @@
Priority: extra
Architecture: all
Depends: openssh-client, openssh-server
-Description: Secure shell client and server (transitional package)
+Description: secure shell client and server (transitional package)
This is a transitional package depending on both the OpenSSH client and
the OpenSSH server, which are now in separate packages. You may remove
it once the upgrade is complete and nothing depends on it.
@@ -76,10 +72,10 @@
Priority: extra
Architecture: all
Depends: openssh-client, openssh-server
-Description: Secure shell client and server (transitional package)
+Description: secure shell client and server (transitional package)
This is a transitional package depending on the regular Debian OpenSSH
- client and server, which now support GSSAPI natively. It will add the
- necessary GSSAPI options to the server configuration file. You can
+ client and server, which now support GSSAPI natively. It will add the
+ necessary GSSAPI options to the server configuration file. You can
remove it once the upgrade is complete and nothing depends on it.
Package: ssh-askpass-gnome
@@ -89,7 +85,7 @@
Depends: ${shlibs:Depends}, openssh-client | ssh (>= 1:1.2pre7-4) | ssh-krb5
Replaces: ssh (<< 1:3.5p1-3)
Provides: ssh-askpass
-Description: under X, asks user for a passphrase for ssh-add
+Description: interactive X program to prompt users for a passphrase for ssh-add
This has been split out of the main ssh package, so that the ssh will
not need to depend upon the Gnome libraries.
.
@@ -103,7 +99,7 @@
Architecture: any
Depends: ${shlibs:Depends}, libnss-files-udeb
XB-Installer-Menu-Item: 999
-Description: Secure shell client for the Debian installer
+Description: secure shell client for the Debian installer
This is the portable version of OpenSSH, a free implementation of
the Secure Shell protocol as specified by the IETF secsh working
group.
@@ -116,7 +112,7 @@
Priority: optional
Architecture: any
Depends: ${shlibs:Depends}, libnss-files-udeb
-Description: Secure shell server for the Debian installer
+Description: secure shell server for the Debian installer
This is the portable version of OpenSSH, a free implementation of
the Secure Shell protocol as specified by the IETF secsh working
group.
Reply to: